Applications



Any time you hear of an application you'd like to try, first go to Start menu and see if it's already installed in your system. If not, go to Software Manager / Store and see if it's available there. [But check to see if the version you get is seriously old.] If not, do "apt list | grep NAME" and see if it's in the repo. Also "snap search NAME" and "flatpak search NAME". If not, go to web site for the application and get it from there.

Make sure you have all repos enabled.

Applications that work well and I use have a green check-mark next to them. Your needs and opinions may differ from mine.



Browser:

+/-
Important: After you install a browser, disconnect from the internet, launch the browser for the first time, turn off telemetry and other features you don't want, quit, connect to internet again, launch the browser again.

  • green check-mark  Firefox:
    +/-
    Arnab Satapathi's "Speed up firefox with RAM cache and tmpfs in Linux"
    Firefox Support
    Firefox "about" special pages
    Bugzilla
    rafaelmardojai / firefox-gnome-theme

    Idea: I'd like to see a feature for displaying and controlling the extension hierarchy/stack:
    +/-
    I'd like to see in what order my extensions and the cache and page Javascript get to see requests and responses as they go from user to network and back.

    For example, a request might go in this order:
    1. user
    2. Facebook Container extension
    3. Privacy Badger extension
    4. uBlock Origin extension
    5. cache
    6. network stack (including VPN)
    This would be useful to understand the "priority" of each extension, which gets first shot at each request/response, where a request was blocked or satisfied. That also might be important if one of the extensions was an encryption extension: which other extensions are seeing my traffic in plaintext, and thus have to be trusted ?

    Once we had the hierarchy, maybe then we could start to analyze and control it. "Tell me which layer blocked or satisfied this request." "Don't use this extension for this domain."

    It would be great if the hierarchy shown extended down into the network stack, to show if a VPN was active, for example.

    We might need a parallel hierarchy for DNS requests. A DNS request could be processed/modified in the browser (DOH), in a proxy or VPN browser extension, in a VPN layer in the network stack, in the OS DNS mechanism(s).

    9/2020: I changed from deb package of Firefox to snap version, on Ubuntu GNOME 20.04:
    +/-
    There also is a flatpak available. All three packages were almost identical version numbers.

    Backed up old ~/.mozilla tree.
    "sudo apt remove firefox".
    "snap install firefox".

    Firefox no longer appears in the icons on the left side of the desktop; have to search for it in search bar to launch it.

    To copy profile across, in new browser I went to "about:profile", created a new profile NAME, set it to be default profile, quit browser, then copied contents from inside OLDPROFILE dir into new random.NAME directory, replacing/merging as it copied. Deb package keeps profiles under ~/.mozilla/firefox, snap package keeps profiles under ~/snap/firefox/common/.mozilla/firefox.

    In Preferences, you will see "Your browser is being managed by your organization", which I assume means "updates will be done by something outside the application (snap updater)". https://hg.mozilla.org/mozilla-central/file/tip/taskcluster/docker/firefox-snap/policies.json

    Bug: In Downloads list, clicking on folder icon to "open containing folder" does nothing. Filed https://bugzilla.mozilla.org/show_bug.cgi?id=1664824

    Bug: In "Save Link As" dialog, download directory is strange, not remembered, and deleting a file does strange things. Filed https://bugzilla.mozilla.org/show_bug.cgi?id=1665090

    Bug: "Save Page As" always results in download-failed.

    Bug: strange characters appear in buttons or text fields sometimes.

    Apparently FF snap uses a temp folder for downloads: ~/Dowwnloads/firefox.tmp

    9/2020: I changed from snap version of Firefox to Flatpak version, on Ubuntu MATE 20.04:
    +/-
    There were two choices of image in the middle of the install: a "BaseApp" and another. I chose the other. What's the difference ?

    In Flatseal, added some local directories I want FF to be able to use. Add one directory per line; the help-example is a bit misleading. And you can add ":ro" after a directory name to make it read-only.

    When FF starts, it's not the default browser, and nothing I do will make that Preferences / "Make default browser" button work. On CLI, did "xdg-settings set default-web-browser org.mozilla.firefox.desktop" and that worked to make FF the default browser. But in Preferences FF still thinks it's not the default browser.

    Bad design: I have permissions set to deny access to ~/Documents, yet I can save files into there. See Disappointed with Flatpak security model section of my VMs page.

    Bug: in download manager, click on "Open in enclosing folder" which should be ~/Documents, file manager opens in pathname "/run/...".

    And now clicking on a link in VSCode (which is a snap) results in launching a new instance of FF (which is a Flatpak), instead of opening a new tab in the existing instance of FF.

    To write less to disk/SSD: in about:config, set browser.cache.disk.enable = false, browser.cache.memory.capacity = 409600 (KB), browser.cache.memory.enable = true.

    To see a list of config values you've changed, go to "about:support" and scroll down to "Important Modified Preferences" section.

    To see a list of all categories of "about" commands, go to "about:about".


  • Chrome:

    Raj's "How To Install Google Chrome on Linux Mint 19 'Tara'"
    Profiles stored in ~/.config/google-chrome directory.
    Cache stored in ??? For Flatpaks, under ~/.var/app/*/cache
    Use "--disk-cache-dir" option to store cache on ramdisk ?
    Type Shift+Esc to open Chrome's task manager.
    Go to "chrome://about/" to see all special URLS.


  • Chromium:

    Profiles stored in ~/.config/chromium directory.


  • ungoogled-chromium:
    +/-
    ungoogled-chromium
    Repology's "Versions for ungoogled-chromium"
    Have to uninstall Chromium first, if it's installed.

    After installing from deb, it appears in app menus as "Chromium Web Browser" and on CLI as "chromium" (same names as normal Chromium browser), which I find confusing. Have to do "apt show ungoogled-chromium" to verify that right thing is installed. Also "chromium --help" mentions "ungoogled-chromium" about 8 lines down from the top.

    If you install from Flatpak, appears as "ungoogled-chromium" ?
    "flatpak run com.github.Eloston.UngoogledChromium --version"

    Profiles stored in ~/.config/chromium directory.

    Uninstalling and installing the two browsers (Chromium and ungoogled-chromium), I ended up in some "your profile is newer than this browser supports" situation. Tried to re-install and ended up in hang situations in Software Manager. Tried "sudo apt install ungoogled-chromium" and got "Package 'ungoogled-chromium' has no installation candidate".

    Went to Ubuntu Downloads page clicked on "18.04 (bionic) amd64", clicked top/newest version, clicked last deb link (one that didn't have some particular tag such as common, shell, driver, etc), downloaded it. Tried to install it, found you have to download and install the "common" package first.

    Has moved to common and main

    After installed, the only way to distinguish it from full Chromium is to do "apt list | grep ungoog".

    Upgrading to new version: download DEB files, then
    
    sudo apt remove ungoogled-chromium
    sudo apt remove ungoogled-chromium-common
    sudo dpkg -i ungoogled-chromium-common*.deb
    sudo dpkg -i ungoogled-chromium_*.deb
    rm ungoo*.deb
    

    Can't install extensions from Chrome Web Store directly:
    1. In ungoogled-chromium, go to three-dots / More Tools / Extensions and turn on Developer Mode.

    2. Go to Victor-Bonnelle / extension-downloader follow instructions to download extension-downloader.crx file.

    3. Drag-and-drop that file onto the Extensions page in ungoogled-chromium. The extension should be installed.

    4. Go to to Chrome Web Store and find extension you want. Or click on some other site's link to the extension you want, to get to the right page in the store.

    5. Click on blue download-icon in browser's address bar (icon for extension-downloader extension). The extension you want should be installed.


    To see status of GPU settings, go to "chrome://gpu".



  • Edge:

    Based on chromium engine. Can use Chrome extensions.
    I haven't heard that it has any particular features I want.
    One interesting feature: a link between Edge's Developer Mode and VSCode, so you can hop between the rendered page element and the editor holding the code. MS article


  • Iridium:

    Based on chromium engine; open-source; privacy enhancements.
    Iridium Browser
    bug tracker
    Seems to be a bit out of date; maybe few users.


  • Brave:
    +/- Based on chromium engine; open-source; privacy enhancements.
    Emphasis on blocking trackers.
    Optional "Brave Rewards" to earn frequent flier-like tokens for viewing privacy-respecting ads.
    Maybe use the beta version to get security updates more promptly.
    Brave Browser
    Brave Browser bug tracker
    On Ubuntu 20.04, not available in repos or snap store or flathub.
    On Kubuntu 20.10, available in snap store or flathub, but snap has directory-permission issues.

    Installing native: Installing Brave on Linux
    "brave-browser-beta --version"
    "man brave-browser-beta"

    In Settings/Appearance, I enabled "Hide Brave Rewards button", "Always show full URLs".
    In Settings/NewTabPage, I disabled "Sponsored images", "Brave Stats", "Brave Rewards", "Binance", "Gemini".
    In Settings/SocialMediaBlocking, I disabled everything.
    In Settings/Extensions, I disabled "Hangouts", "WebTorrent", "Widevine".
    In Settings/Advanced/PrivacyAndSecurity, I disabled "Send analytics to Brave", "Google Safe Browsing", "Allow sites to check for payment methods", went into "Clear browsing data" and set most to clear on exit, went into "Site and Shields Settings" and "Payment Handlers" and set to "do not allow".
    In Settings/Advanced/Autofill, I disabled everything.
    In Settings/HelpTips, I disabled "Show Wayback Machine prompt on 404 pages".
    In Settings/System, I disabled "Continue running background apps when Brave is closed".


    Check the settings again after updates; sometimes new sponsored sites are added, and enabled by default.

    Like most chromium browsers (I think), it shows downloads in a big bar at the bottom of the page which can't be suppressed. Very annoying. Install the extension "Download Shelf Autohide" and un-check "open enclosing folder when downloads finish".

    To see status of GPU settings, go to "brave://gpu".


  • Looking for a very minimal GUI browser:
    +/-
    • GNOME Web (Epiphany):

      This one does have printing, history, bookmarking, homepage setting, downloader, search engines, incognito mode, ad-blocking, popup-blocking, dangerous-site-blocking, password storage, Firefox sync, spell-checker. Most of this can be turned off.

      Able to play mp4's, do Javascript, cookies, HTTPS, tabs. Has view-source and devtools.

      No add-on mechanism (so can't do tab containers, VideoDownloadHelper, form history control, To Google Translate).
      No support for digital certificates.
      No support for nework configuration / proxy.
      No "clear all cookies when quit".
      New tab always starts with "most visited pages" icons, which I don't like. No way to clear that list, I think.
      Click on a link and new tab is created, but focus doesn't move to it.

      "sudo apt install epiphany-browser"
      "snap install epiphany"
      "flatpak install org.gnome.Epiphany"
      Project site
      Bug-reporting
      Mailing list

      Used deb version for a while, then it crashed, and every time I launch it again, it opens the same state and instantly crashes again. Fixed with "rm ~/.local/share/epiphany/session_state*"

      But it continues to have fairly frequent problems: crashes, and unpredictable long delays in opening save-file dialog for one site (confirmed that it fetches image again when you do save-as).

      It does have devtools: ctrl+shift+I. Not shown in the menus.

      It has some undocumented key-shortcuts. Rightclick-T on a link to open it in a new tab. Rightclick-S on an image to do "Save image as".

      9/2020: installed Flatpak version.

    • Falkon (formerly QupZilla):

      Installed deb 3.1.0-0ubuntu2 on Ubuntu GNOME 20.04.

      Has incognito mode, bookmarks, ad-blocker, homepage setting, history, printing, download manager, devtools, search engines, "clear cache/storage/cookies when quit", extensions. Also "Sessions", profiles, password manager.

      No pop-up blocker. No support for digital certificates.

      Uses KDE-style Save dialog, not Ubuntu GNOME native style.

      If you expand size of SaveAs dialog, new size is not remembered for next time you do SaveAs.

    • Min:

      Have to download from https://minbrowser.org/

      Installed deb 1.14.1 on Ubuntu GNOME 20.04.

      Has bookmarks, ad-blocker, history, printing, devtools, search engines, password manager.

      No incognito mode, pop-up blocker, download manager, homepage setting, "clear cache/storage/cookies when quit", extensions. No support for digital certificates.

      Always (?) launches showing last-displayed page, no way to turn that off.
      Shows downloaded files in bottom status bar, no way to turn that off.
      When create new tab, doesn't switch to it immediately.

    • Cliqz:

      Installed snap 1.8.1 on Ubuntu GNOME 20.04.

      Has bookmarks, ad-blocker, tracking-blocker, pop-up blocker, anti-phishing, history, printing, extensions, incognito (forget) mode but it's selective (for adult sites only ?) not universal, devtools, homepage setting, search engines, digital certificates, (optional) integration with LastPass password manager.

      Unable to save images to a VeraCrypt volume, probably because of snap permissions. Tried "snap connect cliqz:removable-media :removable-media" and "snap connect cliqz:system-files :system-files" but neither worked.

      I'm told "Cliqz doesn't seem to be developed any longer. ... The Snap is a beta from 2017."

    • Dillo:

      Installed deb 3.0.5-6build1 on Ubuntu GNOME 20.04.
      Last updated in 2015.

      No Preferences dialog; use ~/.dillo/dillorc file.

      No support for frames or Javascript, which will break some pages.

      Save dialog doesn't scroll through sub-dirs as you type chars, and as soon as you change directory it forgets original filename.

      Has bookmarks, history, homepage setting, ad-blocker (use ~/.dillo/domainrc file), search engines (can disable), cookies (use ~/.dillo/cookiesrc file; disabled by default).

      No printing, devtools, digital certificates.

      Runs two server processes, dillo/dpi/file/file.dpi and dillo/dpi/bookmarks/bookmarks.dpi, and they stay running after you quit the browser.

    • Midori:

      Installed snap v8.0-31-gf6b3b1e on Ubuntu GNOME 20.04.

      Setting home page to a local file doesn't work ? Opens "Speed Dial" (bookmarks) tab instead. Every new tab starts with that title too.

      Save File always saves only to default Downloads directory.

      This one does have bookmarking, history, homepage setting, (very bad) ad-blocking, spell-checker, extensions. Most of this can be turned off.

      No incognito mode, popup-blocking, support for digital certificates.
      No "clear all cookies when quit".


    • Netsurf:

      Installed deb 3.6-3.2 on Ubuntu GNOME 20.04.

      Has bookmarks, pop-up blocker, ad-blocker, homepage setting, history.

      No incognito mode, support for digital certificates.
      No "clear all cookies when quit".

      Used View menu to hide menu bar, then couldn't find a way to get it back ! No way to get to any of the menus. But quitting and launching again made it re-appear.

      Did a simple Google search, clicked on a link, and the browser crashed. Can do it again and again, crashes every time.

      Even though preference "switch to new tab immediately" is set, it doesn't do it.

      No right-click-save-image; you can view an image alone in a tab and then ctrl-S to save it.

      Saving an image didn't work ! It always either creates a directory of that name, or fails silently.

      Tried to subscribe to their Users mailing list, to report bugs, and got a "their IP is blacklisted" failure from some German email daemon.

    • Grab source of ungoogled-chromium, remove features, and build it:

      ungoogled-chromium


    • Servo:

      Not released yet.
      Servo, the Parallel Browser Engine Project

      Apparently can't be run unless
      
      glxinfo | grep 'compat profile'
      
      says at least 3.1; mine says 2.1.

    kweb: last updated in 2014. Not in Ubuntu repos.

    uzbl: last updated in 2016. Not in Ubuntu repos. https://www.uzbl.org/

    arora: last updated in 2017. Have to build from source.

    luakit: just a blank window, I guess it requires some UI app.

    Conkeror: last updated in 2019 ? Not in Ubuntu repos.

    links2: "sudo apt install links2". Saves files only to file dir specified by "download_dir" in ~/.links2/links.cfg (default: home directory) unless you type more path manually. Can't copy/paste URLs, but you could edit ~/.links2/bookmarks.html file. http://links.twibright.com/ No longer being developed.

    surf: Last updated in early 2019. "sudo apt install surf". Can't copy/paste URLs into GUI, but you can launch from CLI via "surf URL". Save fails with "execvp x-terminal-emulator failed: Permission denied". Various other errors in terminal window. http://surf.suckless.org/


One quirk: when saving files to a VeraCrypt volume, Firefox will forget the proper setting of "last directory saved to". GNOME Web (Epiphany) doesn't have that problem.

It seems that when you're browsing/reading text pages, you want "open link in new tab" to automatically switch focus to the new tab. But if you're going to download a bunch of photos from a photo-gallery page, you don't want that, you want focus to stay on the original page.

Test your browser:
HTML5test (different score when using HTTP: HTML5test ?)
badssl (click on various links)
badssl dashboard
Kephyr's "Pop-up killer test"
Martin Brinkmann's "The ultimate Online Privacy Test Resource List"

Email Client:

+/-
  • Getting Linux local CLI mail working:
    +/- This will use the standard CLI "mail" command, and the postfix MTA.
    Other possible CLI commands include sendmail, mutt, maildir-utils / mu, mailx.
    Other possible MTA's include sendmail/proofpoint, qmail, exim, dma.
    
    # https://help.ubuntu.com/lts/serverguide/postfix.html
    
    # see if postfix is installed
    apt list | grep ^postfix/
    apt show postfix
    cat /etc/postfix/main.cf
    sudo dpkg-reconfigure postfix
    # if not installed:
    sudo apt install postfix
    
    sudo apt install mailutils
    
    # see if postfix is running
    sudo service postfix status
    # if not
    sudo service postfix restart
    cat /var/log/mail.log
    
    # forward all mail to root account to user1 account
    sudo cat /etc/aliases
    # sudo edit /etc/aliases to:
    postmaster:    root
    root:   user1
    # then
    sudo newaliases
    # then
    sudo touch /root/.forward
    # and sudo edit /root/.forward to contain
    user1@localhost
    # then
    sudo adduser user1 mail
    sudo service postfix restart
    # log out and back in
    
    # test when logged in as user1
    # note: mailbox won't exist until you send first message to it
    mail -s "subject1" root </etc/group
    mail -s "subject2" user1 <<< 'body of the message'
    mail
    


  • green check-mark  Thunderbird:

    See "Thunderbird" section of my Secure Communication page



Password Manager:

+/- See "Password Manager" section of my "Authentication" page.

VPN:

+/-
  • green check-mark  Windscribe:
    +/- Installed Windscribe VPN client (beta) by going to https://windscribe.com/guides/linux#how-to and choosing Ubuntu and doing the commands. It worked, doileak.com finds no leaks. CLI only, no GUI app.

    I created file Windscribe.sh in my home directory, put "windscribe login" and "windscribe connect" in it, made a launcher on desktop that runs "bash /home/USERNAME/Windscribe.sh", works.

    There is no icon in the system tray, or any other indication that Windscribe is running. Have to run "windscribe status" in CLI to find out. Also "systemctl status windscribe.service".

    Windscribe modifies: iptables, ip6tables, /etc/hosts, kernel IP routing table (netstat -r), network devices list (ip -c addr), DNS list (systemd-resolve --status or journalctl -u systemd-resolved -f or resolvectl status).

    I didn't try strongSwan and IKEv2 to Windscribe:
    https://pay.reddit.com/r/Windscribe/comments/6zzn0h/guide_using_ikev2_on_linux/



  • ProtonVPN:

    Installed CLI and UDP and OpenVPN version, had to create OpenVPN/IKEv2 credentials on their site.

    Doesn't modify iptables like Windscribe does; I don't see any new rule with "tun0" or "tun+" in it.

    https://protonvpn.com/support/linux-vpn-tool/
    sudo protonvpn-cli -connect

    I didn't try strongSwan and IKEv2 to ProtonVPN:
    https://protonvpn.com/support/linux-ikev2-protonvpn/


  • WireGuard protocol:

    WireGuard
    It's not in the Linux kernel yet, as of 5.3, I think. And even when it is available (in 5.6 ?), it won't be the full stack you need for a commercial individual-to-public-internet VPN. It will be what you need for "all traffic on LAN1 gets tunnelled to LAN2", I think.


  • VPN Look-Out Applet:

    Cinnamon-only and ProtonVPN-only, I think, as of 12/2018.

    VPN Look-Out Applet



GUI Text Editor:

+/-
  • Xed:

    Default editor on Mint.

  • Kate:

    Default editor on Kubuntu.
    Multiple languages, extensions.
    Refuses to run as root/sudo.

  • Gedit:

    Default editor on Ubuntu GNOME.
    IMO the "find" functionality is very bad, I don't like it.
    Doesn't have "sort all lines".
    Does have spell-checker.


  • green check-mark  Mousepad:

    Default editor on XFCE, I think.
    Doesn't have "sort all lines".


  • FeatherPad:



  • green check-mark  Pluma:

    Default editor on Ubuntu MATE.
    Doesn't have "sort all lines".
    Does have spell-checker.


To make some CLI commands launch your favorite editor instead of nano or something, set e.g. "export VISUAL=/usr/bin/xed" in your .profile.

CLI Text Editor:

+/-

Source Code Editor:

+/-
  • green check-mark  Visual Studio Code (VSCode):
    +/-
    VSCode is a source code editor, not a full IDE like other Visual Studio editions.

    Tried snap version of VSCode, eventually gave up 11/2020. It mostly worked, but had some odd interactions with other apps. Re-installed deb using instructions in article.

    Settings
    +/-
    Easiest way to go to Settings is ctrl+comma.

    Stay in "User" tab unless you have a good reason to set a workspace-specific setting.

    Disable "minimap".
    Change Emmet to exclude it from working on HTML. Or disable Emmet completely via View / Extensions.
    Disable "hover", or set time to large.
    Disable "quick suggestions" (editor.quickSuggestions = false).
    Disable Editor: Selection Highlight.
    HTML: Format: Wrap Line Length set to 0.
    Editor: Match Brackets: off. Files: hotExit: off.

    By default, opening a file via single-click is just a "preview", and will be replaced by next file opened. To turn off this behavior, go to File / Preferences / Settings and uncheck "Workbench > Editor : Enable Preview".

    Possible: add "files.exclude":{ "**/*.jpg": true, "**/*.gif": true }

    Extensions
    +/-
    Not sure what this thing called "Emmet" does; found "Emmet is a markup language for expanding CSS rules into HTML" in devhints.io's "Emmet cheatsheet"
    Chris Coyier's "Editing HTML Like A Boss In VS Code"

    "HTMLHint" by Mike Kaufman.
    "CSS Peek" by Pranay Prakash (adds Peek sub-menu when right-click on CSS in HTML file).

    Can't find an HTML link-checker extension for VSC. Ended up building my own: "HTML / XML / RSS link checker" by Bill Dietrich

    Candidates:
    Code Spell Checker by Street Side Software (got annoying, left it installed but disabled)
    Web Accessibility by Max van der Schee.
    VS Code Printing Free by PD Consulting.

    Once you have a lot of files open, Ctrl+p to get a drop-down that makes it easy to bring a file to the front.

    VSCode seems to be auto-saving to temp files in the background, which has saved me a number of times when my system froze due to hardware problems.

    Workspaces
    +/-
    Was struggling to get VSCode to remember and re-open files when quitting/relaunching and hopping between projects. Found the solution: do not do ANYTHING with Workspaces, just use "Open Folder" and "Save All" and "Close Folder". It remembers open editors on a folder basis, and opening/creating a workspace destroys that somehow. Don't use Workspaces at all.

    From /u/digicow on reddit 4/2020:
    +/-
    In the simplest sense, a workspace is a domain of VSCode settings. The VSCode settings domains are hierarchical, starting with User, then Remote (if you're connected to a remote server using VSCode Remote Development extensions) per-server, then Workspace, then Folder.

    So at any level, you can override a VSCode setting from a higher level, with a more-specific one. This allows you to have settings that just apply to a folder, or across an entire server, etc.

    While the other layers are "natural" (they exist, regardless -- every file is in a Folder, so you can set Settings for that folder), Workspaces are "intentional". By creating a specific workspace, you now have the ability to set Settings for it separate from those other layers.

    Normally when you use VSCode, you open it up with a particular directory (e.g., a project). If you make Folder-specific settings in that directory, they'll be stored in a .vscode sub-directory.

    But with Workspaces, you can have multiple directories, which might be in completely unrelated places in your filesystem, as "multiple roots" of the VSCode window. Perhaps 2 different, but related projects, or an application project and a related library project. The associated settings for this are stored in a workspace file, which you can save anywhere.

    From someone else on reddit:
    +/-
    > What is a vscode workspace?

    A workspace is an open folder, or a bunch of them, all in your VS Code window.

    For example, you open a folder from your terminal with the code command. That folder is now in the root of your workspace. Then you open another folder with the menu: File / Add Folder to Workspace... Now you have two folders open that are nowhere near each other on your hard drive, but they exist in the same workspace.

    If you're going to need those folders open pretty often, you can do: File / Save Workspace As... and give it a name. You can also set configuration options just for that workspace, and do things like save code snippets just for that workspace, and set debugging workflows just for that workspace.


    Bug reports: use Help / Report Issue menu item in VSCode app.
    reddit's /r/vscode/
    VSC extensions
    VSC "Native Crash Issues" (how to report VSC crashes)
    Burke Holland and Sarah Drasner's "VS Code can do that ?"
    Pandiyan Murugan's "VS Code useful Tips and Tricks"
    Espen's "Productivity in Visual Studio Code"
    VSC's "Emmet in Visual Studio Code"
    Matthew MacDonald's "Setting up JavaScript Debugging in Visual Studio Code"
    Matthew MacDonald's "Basic Debugging in Visual Studio Code"
    Sebastian Andil's "Tips to use VSCode more efficiently"
    Hariprasath's "10 Tricks Every Developer Should Know in Visual Studio Code"
    Saurabh Palatkar's "VS Code Extensions For Near IDE Experience"
    viatsko/awesome-vscode
    VSCodium (binaries minus MS telemetry; maybe can't get extensions from Marketplace)
    codeSTACKr's "Learn Git in 30 Minutes" (video) (git and VSCode)

    See the Building a VSCode Extension section of my Develop an Application page.

    Use git from inside VSCode:
    +/-
    I have a project on disk with git already set up and working to connect to GitHub, using CLI commands. To connect to it through VSCode:
    1. Close current folder/project in VSCode (ctrl+k f).
    2. In the left-side panel, click icon to open the Source Control tab.
    3. Click "Open Folder".
    4. Open the project folder.
    5. See files in the folder. Those NOT included in the repo will have "U" (Untracked) next to the name.
    6. Edit a file.
    7. ???
    https://www.digitalocean.com/community/tutorials/how-to-use-git-integration-in-visual-studio-code




  • Eclipse Theia:
    +/-
    Open-source equivalent to VSCode, but split into front and back ends, and back end can run in the cloud.
    Theia
    Theia 1.0 release announcement
    Supports use of VS Code extensions.



  • Atom:
    +/-
    Install HtmlHint, and once it gets running, any file that has an error will have its name underlined in red in the project pane. Try putting "<<" in a file to test it.

    But Atom is a pain. Slow to launch. No easy way to open just HTML files in a folder. No easy way to move from one tab/pane to another. Always opens Project window that shows all files in folder, not just open files. Flatpak version doesn't support commands such as "atom" in CLI. Ended up uninstalling that version, and installing directly from atom.io site. Now "atom" command at CLI works.

    Flatpak version, with supporting framework, takes almost 6 GB of disk space !

    Later, I read "Open Atom, then open command palette (Ctrl+Shift+p). Type "shell" and select "Window: Install Shell Commands" from the drop-down suggestions."

    reddit's /r/Atom/
    Atom Packages

    Building a new package for Atom:
    +/-
    Nick Tikhonov's "Building your first Atom plugin"
    Jeremy Heleine's "How To Develop a Package for GitHub's Atom Code Editor"
    Atom's "Hacking Atom"
    Vincent Composieux's "Create your first Atom package"
    Atom's "atom-ide-ui (A collection of Atom UIs to support language services)"
    Atom IDE
    Atom's "bottom-dock package"
    Package to copy ? lettertwo / atom-narrow-provider-diagnostics

    Getting started:
    1. Install the non-Flatpak version of Atom, from the atom.io web site.
    2. On CLI, do "apm -v" to verify that apm is okay.
    3. On CLI, do "atom -v" to verify that atom CLI app is okay.
    4. In Atom, Ctrl+Shift+P to open Command Palette, then find "Package Generator: Generate Package" and run it.
    5. Type name/path of new package. It will be created and a new instance of Atom opened on it.
    6. For any Node.js packages you need, go to project directory in CLI and do "npm install --save PACKAGENAME" and "apm install". Package should appear in an entry in package.json. And node_modules directory tree will be created and/or populated.
    7. To build a package that uses IDE/language features, do "apm install atom-ide-ui".

    While developing:
    1. Change code.
    2. Open the Command Palette (Ctrl+Shift+P) and run the "Window: Reload" command.
    3. Navigate to Packages > YOURPACKAGENAME and do whatever commands it implements.
    4. Repeat.

    I tried to port my HTML link-checker extension from VSCode to Atom, and gave up. Couldn't understand basics, and there's no standard Diagnostics pane in Atom, and Facebook is dropping support of some key stuff they developed for Atom.




  • KDevelop:

    KDevelop
    Wikipedia's "KDevelop"
    Runs on Linux, Mac, Windows.
    Looks like plug-ins are written in C++.


  • IntelliJ:

    Wikipedia's "IntelliJ IDEA"

    HTML support only in Ultimate edition.

  • Micro:

    micro


  • Brackets:

    Brackets
    Multiple languages, extensions.


  • Notepadqq:

  • Geany:

    Geany


  • Sublime Text:

    Costs $80.
    Sublime Text


  • Vim:
    +/-
    Been using vim for 2 years now, mostly because can't figure out how to exit
    vim-tiny (the compact edition) may be installed by default. You probably want to remove it and install full vim (which includes vimtutor). I also installed Vim-addon-manager.

    Type "vi" on CLI to run it.
    Run "vimtutor" to get a tutorial.
    Run "vim-addons" to manage addons (scripts).

    Vim
    devhints.io's "Vim scripting cheatsheet"
    reddit's /r/vim

    Vim has same UI as the old Unix "vi", as far as I can tell. To get out, ":q" or ":wq".


GitHub:
Alistair Ross's "Howto: What is Git and Github? How do I use it and why should I care?"
See Using Git and GitHub section of my "Develop an Application" page

Markdown editors:
+/-
Add Markdown AllInOne + Markdown Preview Enhanced extensions to VSCode. Or:
Boostnote
Remarkable
voldyman / MarkMyWords

Microsoft's "Docs Markdown reference"
adam-p's "Markdown Cheatsheet"


PDF Viewer and Editor:

+/-
Adobe no longer supports Linux for PDF viewing and editing.

I think "annotating" a PDF is not the same as "doing form-filling". Neither is same as "editing". And there are two types of form-filling: "XFA" and "AcroForms". Then there is "signing".

Some PDF's contain an internal loader or something: they show "wait for file contents to load, if it doesn't load you need new PDF software", and then the real contents should appear. Mostly that kind of PDF doesn't work on Linux, in my experience.

  • Evince (AKA Mint's "Document Viewer" AKA xreader):

    "sudo apt install evince"
    Snap image fails to launch, throws error.
    Works fine for simple PDF files, but does not work for form-filling (XFA or AcroForms ?) documents (many tax forms).

  • Foxit Reader:

    Didn't work on my tax PDF; I think doesn't support form-filling.
    Foxit Reader


  • Master PDF Editor:

    "flatpak install net.codeindustry.MasterPDFEditor"
    Supports form-filling in free version, but very bad support, at least on the file I tried in 1/2021. In PDF file, check-box field values aren't saved, pull-down menus don't work, help buttons don't work, more. Free version adds a watermark to saved file ? CAN display much of XFA form file correctly, so not totally useless.
    Master PDF Editor


  • PDF Studio Viewer:

    PDF Studio Viewer


  • Okular:

    Opened a PDF that has XFA form fields, and Okular (1.11.2, 1/2021) said "XFA forms are unsupported".


  • Scribus:

    "sudo apt install scribus"
    Can export to several image formats.


  • Acrobat Reader DC:

    "snap install acrordrdc"
    Installs a snap of a deprecated version of WINE (!), gives scary warnings, I stopped the install.

  • green check-mark  Ampare PDF To Image:

    "snap install amparepdftoimage"
    Very plain GUI app to view PDF and save page to PNG format. Works.


  • pdftk:

    CLI only.
    "snap install pdftk" or "sudo apt install pdftk".
    Doesn't convert to other formats.

    From someone on reddit:
    I was not looking forward to today because I was under the impression that I was going to have to set up a cracked version of Windows on a VM so that I could use a free trial of Acrobat Pro to do a simple (but time-sensitive) PDF edit on my xubuntu machine.

    That was before I stumbled upon pdftk.

    The process was quite simple:
    
    sudo apt install pdftk
    pdftk PDF_File.pdf burst #This command strips out all of the pages and creates individual .pdf files
    
    #Sign the signature page with GIMP
    #Create a new page to add new text with LibreOffice 
    #Paste signature into new page and export as PDF
    
    ls *.pdf >> pdf-filenames.txt #Create a file of individual page names
    value=$(<pdf-filenames2.txt) #Assign pagenames to bash variable
    pdftk $value cat output Merged_Document.pdf #Merge the files back into one
    
    [There is also Python package to do stuff like this, PyPDF2.]


I ended up having to go to a Windows machine to do my PDF tax forms.

Edit PDF in LibreOffice Draw then export to PDF
poppler-utils (and "man pdfinfo") ? PDF Chain / pdfchain ?
quickfill add-on for Chromium ?
Xournal (does annotation, writing over top of a PDF that is used as the background image).

Useful online service: Pdf2Jpg.net
https://www.pdfescape.com/open/ (doesn't display XFA forms)
https://pdfbob.com/editor/ (doesn't display XFA forms)

qpdfview ?

Diagram And Flowchart Editors:


Genealogy (family tree):

+/-
  • Gramps:

    Gramps
    Create a person, then click on Relationships tab, and add related people.
    Easier than adding all the people, then trying to link them together.


  • GeneoTree:

    GeneoTree


  • GeneWeb:

    GeneWeb


  • GenealogyJ:

    GenealogyJ


Steve Emms' "8 Best Free Linux Family History Software"

Web Site Tools:

+/-
  • Sitemap generator:
    +/- I need to generate an HTML site-map for my web site.

    It's a hand-crafted site, so I can't just use a Wordpress plug-in or something. The directory structure is not the same as the hierarchy you get from following links, so I can't just use output from "ls" or "find".

    Did internet searches for products/projects. Found several that were dead links. Several that wanted to run as PHP on my web server (don't want to do that).

    xmlsitemapgenerator.org won't handle a page bigger than 80KB (many of my pages).

    Gave up on generating HTML directly, will settle for XML. xml-sitemaps.com gave lousy output, no hierarchy, listed links to all kinds of non-HTML files. Same with npmjs.com/package/sitemap-generator-cli. patrickmn.com/projects/osg gives some kind of HTTPS protocol version mismatch.

    Decided to reorganize my web site so the directory structure matches the logical organization, at least at the top level, and then I can use a "find" command to generate most of the site-map. Then changed my mind, decided to go the opposite direction, flatten the directory structure and hand-craft the site-map.



  • Link-checker:
    +/- Looked at wget, Klinkstatus, LinkLint.

    Found LinkChecker. Installed Linkchecker-gui; won't check external links by default, you have to uncomment "#checkextern=1" in config file. Works okay. But often it reports the same bad link in a file 2 or 10 times.

    Ended up building my own VSCode extension to do link-checking: linkcheckerhtml

    Page not found



  • HTMLHint:

    HTML syntax-checker used by Atom, VSCode, other editors.

    Official site
    Project home
    HTMLHint can be called from CLI and Javascript and maybe other languages.

    Connector from HTMLHint to VSCode: Microsoft / vscode-htmlhint

  • Open-source tool to generate static HTML site: Hugo

    I tried using Hugo, and it was a fiasco. See "Tried Hugo" section of my "Your Personal Web Site" web page.

Alistair Ross's "How to password protect web sites via .htaccess"
Alistair Ross's "Quick and dirty hacks: one line HTTP Server"

Downloading Videos and Images:

+/-
VLC has a "Record" function that's supposed to let you save any video VLC is playing, but Record totally sucks, don't use it.

For downloading videos, use browser add-on "Video DownloadHelper" by mig, and install the companion app that it uses.

Recording Desktop Activity:

+/-
  • green check-mark  gnome-screenshot (screenshot):

    Printscreen key: screenshot of the entire screen.
    Shift+Printscreen: screenshot of a region selected by mouse.
    Alt+Printscreen: screenshot of current window.
    CLI: gnome-screenshot --help


  • In Firefox (screenshot):

    Ctrl+shift+s


  • Flameshot (screenshot):

    Flameshot
    flameshot-org / flameshot


    UI confusing at first. Launch Flameshot, icon appears in system tray, click on it to start a screenshot. Get purple dialog that says "use mouse to select an area, or Enter for whole screen". But Enter copies whole screen to clipboard; instead use Ctrl+S to copy whole screen to file. If you use mouse to select an area, you can then do things, including Ctrl+S to save to file. Only saves in PNG format.

  • green check-mark  SimpleScreenRecorder (video):

    SimpleScreenRecorder
    Produces video (with optional audio) but not stills; I guess you could grab frames out of the video if you want to make a slide-show.

  • Byzanz (video):

    CLI utility.
    FOSS Linux's "How to capture screenshot GIF, and Video with Audio, from command line"


  • Gnome screencast recorder (video):

    Ctrl+Shift+Alt+R to start, see red meatball in lower-right corner, creates "cinnamon-XXXXXXXXX.webm file in home directory. Supposed to stop automatically after 30 seconds, but on Mint it seems to go forever, no way to stop it except another Ctrl+Shift+Alt+R, which causes Cinnamon to crash, and you can choose to restart it.
    Tips on Ubuntu's "How to Record Your Gnome Desktop Instantly in Ubuntu 18.04"


VokoscreenNG

Recording CLI Activity:

+/-

Image Viewing and Editing:

+/-
  • green check-mark  Pix:

    Installed by default in Linux Mint. It's a fork of gThumb.
    Editing features include flip/rotate, crop, resize, more.
    Has plug-ins.
    Has file-rename (F2).
    Can't get it to start in full-screen mode; have to hit F11.
    Open-With context menu item so you can open image in a more-complex editing app.
    linuxmint / pix
    Some improvements I'd like to see: setting to open straight into full-screen mode, setting for Delete key mapped to Delete or Move to Trash menu item or nothing, Edit / Preferences / Extensions / "More Extensions..." just takes you to GitHub page for the whole app, turning off "General - Ask confirmation before delete" setting doesn't work (or requires restart ?).
    If in View mode files seem to be presented in a strange order, go to View / Sort By and change order.
    To prevent opening multiple instances of the app, go to Edit / Preferences / General and check "Reuse the active window to open files".
    To prevent extra step in every Save As, in lower-left corner of Save As dialog un-check "Show Format Options".

    You can add a script, by going to Hamburger icon pull-down and selecting Personalize. Filename in command is represented by "%F". Numeric key-pad shortcut-keys work only if NumLk is on.

    Install in systems other than Mint*:
    auroralinux's "The Guides to Install Linux Mint's X-Apps on Ubuntu"
    Go to http://packages.linuxmint.com/list.php?release=Ulyana and download and install in this order: xapps-common, pix-data, pix.
    You'll have to update them manually, every few months maybe.

    Settings for Pix are stored in gsettings; use dconf-editor to see org.x.pix tree; also "gsettings list-recursively org.x.pix".

  • Gwenview:

    Default in KDE.
    No way to do single-instance-only.
    Sort-order of files doesn't match that in Dolphin ?


  • Xviewer:

    Installed by default in Linux Mint.
    The only editing features are flip/rotate.

  • XnViewMP:

    It lives in /opt/xnview.
    Its mostly a slide-show app; editing features are flip/rotate, crop. No resize.

  • IrfanView:

    No native version for Linux; have to use a Windows emulator such as WINE.

  • gThumb:

    Slide-show plus; editing features are flip/rotate, crop, resize, draw, color/focus.
    Has plug-ins.
    For me, it failed the most basic UI test of a viewer: arrow-keys don't work to move to previous/next image.
    Pix was developed by starting with the gThumb codebase.

  • nomacs:



  • Krita:



  • green check-mark  Pinta:

    Image editor and drawing.
    Seems to do everything I was using GIMP to do.
    But the text-tool is very weak.
    And trying to install add-ons fails; version mismatch problem.


  • Showfoto:

    Medium-level image editor.
    Didn't see any good way to view previous/next image in folder.

  • Nemo-image-converter extension to Nemo:



  • GIMP:

    Heavy-duty image editor. It "saves" to its native format xcf, and "exports" to something else such as jpg.

    The only features I use/need:
    - expand canvas size (add more blank area around image without changing size of image)
    - edit image that has a transparent background layer
    - select all pixels of a certain color, change to another color

    From someone on reddit:
    "In the main menu under 'Window' there is an option for 'single window mode'. That will help make GIMP more like Photoshop. Move and place the panes where you like them. I also use GIMP Paint Studio which is an addon with more brushes, palettes, patterns, gradients, tool presets and menus. There are many addon and plugins for GIMP."

  • Drawing:

    New default app in Mint 19.3, supposedly replaces GIMP.

CLI image manipulation:
  • ImageMagick:

    "sudo apt install imagemagick" "man ImageMagick"

    Useful commands:
    
    # this uses the Debian-style rename command; apparently the Red Hat version is different
    rename 's/ //g' *
    rename 's/.mp4.png/.png/' *.png
    for i in *.png ; do j=`basename "$i" .png` ; echo "$j" ; convert "$i" -quality 92 "$j".jpg ; done
    rename 's/png.jpg/.jpg/' *.jpg
    
    identify -verbose FILENAME
    


  • exiftool:
    
    sudo apt install libimage-exiftool-perl
    
    # display EXIF data using very short tag-names
    exiftool -veryShort FILENAME
    
    # remove all EXIF data from files
    exiftool -all= -progress FILENAMES
    rm *original
    # or
    exiftool -all= -progress FILENAMES | grep Error
    rm *original
    # or
    for i in *.jpg; do echo "Processing $i"; exiftool -all= "$i"; done
    
    # remove geotag EXIF data from files
    exiftool -geotag= -progress FILENAMES
    # maybe
    exiftool -gps:all= -progress FILENAMES
    


  • imgp:

    FOSS Linux's "How to Resize Images by Command line in Ubuntu"


KolourPaint, phatch, Inkscape, Photoscope
Very simple viewer: feh

Online tool to change background color of a PNG to transparent: LunaPic

Kendra D. Mitchell's "How to Make GIF Background Transparent and Change Color" (OIE worked for me)
EraseBG (I haven't tried it)

Online tool to add a border around an image: Super Tool

Serious online editor: Photopea

Video Player:

+/-
  • green check-mark  Celluloid:

    Installed by default in Linux Mint. Formerly GNOME MPV.

    Editing features include:
    "s" to take a screenshot from the video (best, I think),
    "ctrl+s" to take a screenshot of what appears in the window,
    "p" to pause,
    left/right arrow to go back/forward 5 seconds,
    shift+left/right arrow to go back/forward 1 second,
    ","/"." to go back/forward 1 frame.


  • VLC:

Linux Uprising's "How To Enable Hardware Accelerated Video Decode In Browsers"

Video Editor:

+/-
For serious recording and streaming, the gold standard seems to be OBS.

Tried Kdenlive and Openshot-qt video editors, but way too complicated for me, all I want to do is cut segments out of existing videos.

For just cutting:
+/-
  • ffmpeg:
    
    ffmpeg -i INPUT.mp4 -c copy -ss [starting time in hh:mm:ss] -to [finish, in hh:mm:ss] OUTPUT.mp4
    


  • Installed VidCutter. Unfortunately a couple of GB of stuff came with it; it uses KDE stuff and flatpak. But the app does what I want, without too much hassle. I think it's using ffmpeg on the back-end.

  • LosslessCut


Openshot
Olive
Kdenlive.
Shotcut.
Flowblade.
I've heard: avoid Davinci Resolve; installation and distro support are horrible, and it's NVIDIA-oriented (crashes a bit on AMD ?).
Pitivi.
Lightworks.

FOSS Linux's "How to capture screenshot GIF, and Video with Audio, from command line"
Alistair Ross's "Screencast recording with Green Recorder"
Rotating videos with FFmpeg
SK's "20+ FFmpeg Commands For Beginners"

Audio:

+/-
The gold standard for audio handling/editing is Audacity. But every operation rewrites the audio to disk, so be careful when editing, and expect heavy load on disk.

Check MP3 file:

sudo apt install libimage-exiftool-perl
exiftool -veryShort FILENAME
exiftool -veryShort -x IngredientsFilePath -x IngredientsToPart -x IngredientsFromPart -x IngredientsDocumentID -x IngredientsMaskMarkers -x IngredientsInstanceID -x Lyrics -x Lyrics-eng -x Comment -x Comment-eng -x Composer -x Album -x Artist -x Band -x Subtitle -x HistoryAction -x HistoryInstanceID -x HistoryWhen -x HistorySoftwareAgent FILENAME

# part of ffmpeg package
ffprobe FILENAME

# http://www.ibiblio.org/mp3info/
sudo apt install mp3info
mp3info -x -f -F FILENAME

# https://sourceforge.net/projects/mp3diags/
# http://mp3diags.sourceforge.net/
sudo apt install mp3diags
mp3diags

SoX Sound Exchange: Klaatu's "Convert audio files with this versatile Linux command"

Encryption etc:

+/-
Encryption of data at rest: see "Encryption of data at rest" section of my "Linux Storage" page

Encryption of data in motion:
+/-
  • green check-mark  Tor Browser:

    Installed Tor Browser by downloading an archive and extracting from it. But trying to put it in a location shared by all users (/usr/local/bin) caused a permission nightmare and it wouldn't run. Put it in my home directory and it works, but I don't see it in the GUI menu of applications.

    See Tor Browser section of my Connection Security page



See the "Messaging" section of My "Secure Communication" page.

See the "Linux Software" section of my "Backups" page.

Anti-Virus and Malware Scanners:

+/-
Two "modes" of anti-virus:
  • Real-time / constant scanning. Hooks into the OS and scans files as they are created or written. May also hook into browsers and email apps to scan attachments or screen links before they are opened.

  • Manual / on-demand scanning. User chooses to do a system scan every week or two.

For a moderately careful user, I think manual scanning is best. Real-time scanning imposes a performance penalty, may destabilize the system, can introduce vulnerabilities, and requires that you trust your AV software greatly.

For every product, you can find detractors. It slows down the system, increases the attack surface, runs at too high a privilege level, has a history of exploits, gives too many false positives, etc. Most of the criticisms apply more to the real-time mode rather than the manual mode.

Some say AV is not needed on Linux:
Some people say there is no risk of malware on Linux, but this is less true every year. Now that most of the world's web servers and most of the IoT devices are running some form of Unix/Linux, attacks and malware are becoming more and more common. Now that home users spend 90% of their time in a browser, browser and browser add-on exploits are a big risk. Attack surfaces such as code/macro engines inside "smart" documents such as MS Office and PDF documents, or inside email clients, are similar on Linux to those in any other OS. Java, Javascript, Python, Electron, Docker, etc, everything is trying to become cross-platform. A browser exploit probably doesn't care what underlying OS you're running.

From someone on reddit 3/2019:
Cybersecurity blue team here, in the wild we probably see more Linux payloads than we do Windows due to the high number of servers that run enterprise Linux. That being said, botnet attacks and scripted exploits normally drop and try to execute both Windows and Linux versions of the same payload which is super scary to see. Linux doesn't protect you from viruses at all. In fact, thinking you're more secure just for running Linux is deluded, new privilege escalations are released almost daily. If you stay on top of it, you could own someone's laptop pretty trivially with some help from exploit-db.

From /u/longm0de on reddit 2/2020:
+/-
I have an experimental Win10 laptop that I keep up to date with Defender disabled through WinRE with no other anti-malware, and I haven't had a single malware enter my system in years, I've even purposefully downloaded malware. I've even run it knowing its limitations by limiting it to a single user and without administrator privileges without my system ever being screwed. Linux users will claim similar things such as not having malware ever since switching over. The commonality here? Both of our points are anecdotal as there is always the right tool for a job, and anti-malware software works great for protecting users.

...

Linux is multi-user so it is more secure ? Windows is multi-user as well. Win 1x,2x,3x,95/98/ME are from a different lineage of Windows. Windows NT was launched in 1993 and used the kernel which Windows still uses (of course, upgraded) today, which is rooted in OpenVMS and inherits a lot of the stability, robustness, multi-user features, and security that it had. It's not built from DOS in any way shape or form. Windows is a secure multi-user operating system. Many "consumer friendly" distributions such as Ubuntu give you access to read/write to other user directories without root access. This will NEVER happen by default on "Windoze".

Easy Linux tips project's "Security in Linux Mint: an explanation and some tips" strongly advises NOT installing anti-virus software, and gives reasons.

Also see:
Wikipedia's "Linux malware"
Catalin Cimpanu's "ESET discovers 21 new Linux malware families"
Paolo Rovelli's "Don't believe these four myths about Linux security"

Moe Long's "The 7 Best Free Linux Anti-Virus Programs"
Tecmint's "The 8 Best Free Anti-Virus Programs for Linux"
Wikipedia's "Linux malware"


  • Sophos:
    +/- Sophos
    Installing the standalone version of SAV for Linux/UNIX
    FOSS Linux's "How to install Sophos Antivirus for Linux in Ubuntu"
    Gets slightly-better-than-average ratings in some AV comparisons.
    reddit's /r/sophos
    Support is on Twitter "@SophosHome", but I don't know if that includes Linux support.

    9/2020: Support says "the Free Sophos Antivirus for Linux has been deprecated". No more free version.

    Have to download from the Sophos web site, or Docker does have images "jc19930401/sophos", "maxpowa/sophos-av", "sschmiedleitner/sophos-av", "neilai/sophos". It's unclear which is best to use. To see DockerHub page for an image, go to "https://hub.docker.com/r/IMAGENAME".

    I downloaded from the Sophos web site and installed ("sudo sh ./install.sh") with "on-access scanning" turned off. Chose "s" for "update from Sophos". Chose "free edition" and "no proxy".

    Sophos is CLI-only.
    Do "/opt/sophos-av/bin/savdstatus" to see on-access scanning status.
    Do "/opt/sophos-av/bin/savdctl enable" and "/etc/init.d/sav-protect start" to enable on-access scanning.
    Do "sudo savscan /" to do an on-demand scan.

    "/opt/sophos-av/bin/savdstatus" says "Sophos Anti-Virus is active" even though I chose "don't do on-access scanning".
    Do "ps -fax | grep sav" to look for Sophos processes.
    Did "sudo /etc/init.d/sav-protect stop".
    Also "sudo /opt/sophos-av/bin/savconfig set EnableOnStart false".
    "sudo /opt/sophos-av/bin/savdctl disable" fails.
    http://docs.sophos.com/esg/SAV-Linux/help/en-us/PDF/sav_linux_cg.pdf
    systemctl status sav-protect
    cat /etc/systemd/system/multi-user.target.wants/sav-protect.service
    systemctl cat sav-protect

    "man savscan" gives lots of info, but doesn't say what the default settings are. Also see "man savd".

    I found Sophos to be much faster than clamtk. Sophos caught all the viruses I had deliberately saved, and reported EICAR signature in .com files. Reported one Javascript file that turned out to be a known recently-discovered trojan, in flatmap-stream. About 285K files scanned in about 90 minutes, on my slow but mostly-idle laptop.

    2/2020 found they have a version 9 instead of the 5.63 I was running.
    https://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-linux.aspx
    Downloaded it (sav-linux-free-9.tgz)
    tar -xzvf sav-linux-free-9.tgz

    # get rid of old version
    sudo rm /usr/bin/savscan
    sudo rm /usr/local/bin/savscan
    sudo rm -fr /opt/sophos-av
    sudo rm -fr /usr/local/etc/sav
    sudo deluser --remove-home sophosav
    sudo delgroup --only-if-empty sophosav

    sudo ./sophos-av/install.sh
    # get message "Warning: There is another installation of Sophos Anti-Virus on this computer."
    # and installation aborts. Refers to KBA133542.
    # Apparently Mint 19.3 is based on a non-LTS version of Ubuntu,
    # and at the moment Sophos only supports LTS versions ?
    # But I think the real problem was that something installed by Sophos 5 was still present.

    When prompted for the type of auto-update you want, select Sophos.
    When prompted for the version you want, select Free.

    By default, it updates virus definitions every 60 minutes.
    To update Sophos Anti-Virus immediately: sudo /opt/sophos-av/bin/savupdate

    By default, Sophos Live Protection is turned on.
    To stop on-access scanning: sudo /opt/sophos-av/bin/savdctl disable

    To scan the computer: sudo savscan /
    Better: sudo savscan -s --skip-special -ndi -all -rec -nremove --backtrack-protection /
    (that took 2+ hours to scan 680K files on my machine)
    To scan a filesystem, specify its name. For example, type: sudo savscan /home
    To scan the boot sector of all logical drives: sudo savscan -bs
    To scan the master boot record of all fixed physical drives: sudo savscan -mbr




  • ClamTk / Clamav:
    +/- Someone said this is more intended for servers, to scan mail going through email server, etc.

    ClamTk is a Linux-only front-end for Clamav.
    dave_m / clamtk
    Aviva Zacks' "ClamAV vs ClamWin vs ClamTK"

    ClamAV
    Cisco-Talos / clamav-devel
    Bug reports etc: ClamavNet Mailing Lists
    Gets very bad ratings (low detection rate) in some AV comparisons.
    "sudo apt install clamav"

    To see update activity, "sudo journalctl | grep [Cc]lam".


    I want to do manual scans only. Do "sudo freshclam -c 1" to update database, and limit update checks to 1/day (default is 24/day !). There is a constantly-running process "/usr/bin/freshclam -d --foreground=true" which is launched by /etc/init.d/clamav-freshclam.

    In my home dir, did "sudo clamscan --infected --recursive ." It ran for over 6 hours (250K files), and threw some internal errors, maybe on big RAR files. But it finished, and found the malware test files I had.

    Did "sudo clamscan --infected --recursive --exclude=/home --exclude=/dev --exclude=/sys --exclude=/timeshift /" It ran for over 2 hours (300K files) and found the EICAR test files I had.

    9/2020: Did "flatpak install ClamTk". GUI app only, no CLI or man page. Start by updating signatures. Ran a scan, it found my test viruses, but also some false positives on other files. UI is a bit awkward: dialogs are small and can't be resized. Tried to use it again later and it didn't work. Removed flatpak and installed deb, which worked. Found lots of false-positives: it considers any JavaScript in a PDF and any LibreOffice macro to be "potentially unwanted".



  • chkrootkit:
    +/- chkrootkit Run "sudo chkrootkit".

    It probably will say some system command is infected, but I think if all checks for specific rootkits come up negative, the system is fine. Also, someone said any time you have an executable file in /tmp it will report possible "Linux/Xor.DDoS" infection.

    Run "sudo chkrootkit -r DIRNAME" to have it run as if DIRNAME is /, for testing purposes. But it only looks at specific places for specific rootkits, so you'd have to place each test rootkit in the appropriate place in that tree.



  • rkhunter:
    +/- Edit /etc/rkhunter.conf to change value of WEB_CMD from "/bin/false" (with quotes) to "curl" (without quotes).
    Also set "UPDATE_MIRRORS=1" and "MIRRORS_MODE=0".
    Delete the default mirrors file, /var/lib/rkhunter/db/mirrors.dat.
    Run "sudo rkhunter -C" to re-read config file.
    Run "sudo rkhunter --update". It should fetch a new copy of mirrors.dat.
    If problems, look in /var/log/rkhunter.log.
    If can't fetch update files, see if browser can get http://rkhunter.sourceforge.net/1.4/programs_bad.dat.

    To do a check, run "sudo rkhunter -c". It probably will say some system commands are infected, and warn about other things, but I think if all checks for specific rootkits come up negative, the system is fine.

    No way to check for rootkits in a particular directory tree; it only looks at specific places for specific rootkits. So it's hard to download a rootkit and test that rkhunter detects it. You'd have to create a simulated filesystem, copy rkhunter and some support apps and test rootkits to it in appropriate places, chroot to it, and run.

    rkhunter



  • checksecurity:
    +/-
    
    sudo apt install checksecurity
    # It installed the "logcheck" package, and created a new user "logcheck".
    # Installed cron jobs to check for new setuid files, listeners, etc.
    egrep 'logcheck|checksecurity' /etc/crontab /etc/cron.*/* /etc/anacrontab /var/spool/cron/crontabs/*
    
    sudo edit /etc/checksecurity.conf
    sudo less /etc/logcheck/logcheck.conf
    
    # I think the first time you run it, it reports everything.
    # On following runs, it only reports changes from previous state.
    time sudo checksecurity
    
    
    # Soon getting flooded with lots of email.  Change
    # /etc/checksecurity.conf to check only passwords daily, rest weekly.
    
    # But that didn't work, email is coming from logcheck.
    sudo bash
    sudo edit /etc/cron.d/logcheck
    # commented out reboot line
    # changed "2 *" to "0 11"; run once a day instead of once an hour
    
    # Lots of UFW audit stuff being reported by logcheck.
    # Ran "Firewall Configuration" and changed logging from medium to low.
    



  • Comodo:
    +/- Comodo

    Downloaded .deb file from web site and opened it. Got an error that dependency on libssl0.9.8 (>= 0.9.8m-1) is not satisfiable. Tried "sudo apt install libssl1.0.0" and got "libssl1.0.0 is already the newest version (1.0.2n-1ubuntu5.2)". Searching, I see lots of people have had this error or other errors over the years.

    Downloaded a file from Ubuntu universe and installed it.

    Went to /opt/COMODO and ran "sudo ./post_setup.sh". When it tried to build and install a new kernel module for real-time protection, it failed horribly (fine with me, I don't want that), then the script ended with "success".

    In /opt/COMODO, did "sudo ./cav", got GUI app. Updated database, but progress went to 89% and then whole OS froze. Rebooted, went to Comodo, it didn't want to run. Finally did post_setup.sh again, that seemed to fix it. Updated database and did a scan. GUI app opened a progress dialog that stayed on top of all other windows; annoying. Eventually I noticed a check-box right in the dialog to make that stop. It scanned 803K "objects" in 2 hours, then I stopped it. It found all the viruses and the EICAR files.

    Later deleted it, but there's no uninstaller ? Services left running. Did:
    
    sudo systemctl disable --now cmdavd.service
    sudo systemctl disable --now cmdmgd.service
    

    Tried it again 3/2020:
    https://www.comodo.com/home/internet-security/antivirus-for-linux.php#bottom_free_download
    They list Mint as a specific choice, but in small print mention "Mint 13" !
    Got a deb file. Double-clicked, and it says "same version is already installed, reinstall package", maybe it sees remnants of old install ? It says "after install, run /opt/COMODO/post_setup.sh". But installation failed with apt-daemon error. I saw some other install fail that way, maybe there's a problem in my system.



  • F-PROT: End-of-lifed 8/2020.

  • LMD (Linux Malware Detection):
    +/- rfxn / linux-malware-detect
    Jahid Onik's "How to Install and Configure Linux Malware Detect (LMD)"

    Installed by downloading it from GitHub, then "sudo ./install.sh". Then "sudo maldet --update-ver" and then "sudo maldet --update", both of which failed because "rfxn.com" is down. Then "sudo maldet -a /", which failed because apparently there is no signature file at all. A week later, "rfxn.com" still down. But then I found out it isn't down, somehow it's been mapped to localhost on my system, when Windscribe VPN is on. Turned off the VPN and was able to update. Found out that Windscribe VPN is blocking that domain; when it blocks something, it does it by mapping to localhost. Filed a Support ticket asking for it to be whitelisted.

    Ran it on root, and it took 40 minutes just to make a file list of 310K files. Said it was going to use ClamAV's engine. I killed it and uninstalled it.



  • ESET NOD32 ($40/year, but search online for discount deals):
    +/- ESET's "Antivirus for Linux desktop"
    Gets near-top ratings in some AV comparisons.



  • Bitdefender ($80/year):
    +/- I think to do Linux, you have to do "Bitdefender GravityZone Business Security".



  • Microsoft Defender ATP:
    +/- An enterprise product that collects lots of behavioral data on a real-time basis from many apps, and looks for threats and threat patterns. Paid subscription.
    article



  • Microsoft Project Freta:
    +/- Upload a VM image, or a snapshot of your system in RAM, to a web site for analysis for rootkits and malware etc. Free.
    Robert Jefferson's "Microsoft has launched a Free Memory Forensics and Rootkit Detection Service for Linux"



See the "Testing your defenses" section of my "Computer Security and Privacy" page.

File Integrity Checkers:
+/-
Scan system files and report any changes, which might be due to malware.

  • AIDE:
    +/- AIDE
    Takes a snapshot of your files and directories at a supposedly "good" state and then checks for any later changes.

    Software Manager lists a "static" version and a "dynamic" version. No explanation of the difference. I installed the "dynamic" version. Nothing happened, no app called "aide" visible anywhere. Thought of installing the "static" version, and it says it will uninstall the "dynamic" version. Finally found it under "man aide".

    Did "sudo aide --init", got "Couldn't open file /var/lib/aide/please-dont-call-aide-without-parameters/aide.db.new for writing". "sudo aide --config-check" gives nothing. "aide --version" says 'CONFIG_FILE = "/dev/null"'.

    Read some threads online, tried "sudo apt install aide aide-common". It said it's removing aide-dynamic. Was asked to select email type; chose "no configuration". Then it configured a LOT of stuff. Ended and I'm not sure what to do. Tried "aide --check" and "aide --init", got same error message as before.

    Tried "sudo aide.wrapper --init" per a thread, got various configuration-file errors.

    Also saw in a thread "The explanation can be found in /usr/share/doc/aide-common/README.Debian.gz" which seems unpromising. Looked in there, it says aide is intended to be run as a daily cron job, so if you run from CLI you have to supply your own config file, it wants to send email to root, etc. Gave up on it at this point. Did "sudo apt remove aide-common aide" to get rid of it.



  • Open Source Tripwire:
    +/- tripwire-open-source
    Michael Kwaku Aboagye's "Securing the Linux filesystem with Tripwire"
    Takes a snapshot of your files and directories at a supposedly "good" state and then checks for any later changes.

    Installed it through Software Manager. Let it create passphrases etc. Ran "sudo tripwire --init --verbose", and it asks for my "local passphrase", which I don't know. Eventually hit on "nothing" (Enter), and that worked. It started checking lots of files, but ended up in the "/proc" territory and died with "Software interrupt forced exit: Segmentation Fault [1] 6004 segmentation fault". Went into Software Manager and removed it.



  • Samhain:
    +/- Samhain
    Takes a snapshot of your files and directories at a supposedly "good" state and then checks for any later changes. Also log file monitoring and analysis, rootkit detection, port monitoring, more.

    Installed it through Software Manager. But installation failed with
    "Job for samhain.service failed because a timeout was exceeded.
    See "systemctl status samhain.service" and "journalctl -xe" for details.
    invoke-rc.d: initscript samhain, action "start" failed."

    Then tried "sudo apt samhain" and that threw an error.
    Did "sudo samhain -t update" and that threw errors.

    But then my disk was pegged, 100% usage, and stayed that way for 2+ hours, with no sign of stopping. Rebooted, it continued. Uninstalled samhain, and it stopped.



  • Incron:


  • Monit:


  • Afick:


  • debsums:
    +/- Checks the md5-sums of your system-files against the hashes in the respective repos.
    sudo apt install debsums
    sudo debsums -ac



  • green check-mark  SysConfCollect (SCC):
    +/- Checks for changes in files and config settings and much more.

    System Configuration Collector
    SCC Home

    Linux desktop README and modules I created: BillDietrich / SCC-Additions-for-Desktop-Linux

    Later updated SCC by downloading a .src.tar.gz from https://sourceforge.net/projects/sysconfcollect/files/scc/current/ Extract files from it, cd into it, read the README, do "sudo ./scc-install"

    Added to .profile:
    
    export MANPATH="/opt/scc/man:$MANPATH"
    




For info about iptables, firewalls, Firejail, Apparmor, SELinux, and more, see my Linux Network and Security Controls page.

CLI Shell:

+/- There are lots of other alternatives: dash, ksh, oksh, csh, tcsh, loksh, mksh, yash, etc.

Correcting mis-typed commands: nvbn / thef*ck

See "Linux Shell Script" section of my "Develop an Application" page.

Office:

+/-

  • LibreOffice:
    +/-
    Easy Linux tips project's "LibreOffice: configure it right"
    See item "Libre Office: improving Macro Security" in Easy Linux tips project's "Security in Linux Mint: an explanation and some tips"
    Easy Linux tips project's "Problems with Libre Office? Install a newer Libre Office"
    Dedoimedo's "LibreOffice 7.0"
    Dedoimedo's "LibreOffice 7.1"
    Supports newer XML-formats: .docx, .xlsx, etc.

    My installation got stuck in some loop where, upon launch, it would say "recovering file" or something, then fail and say it again, forever. Uninstalled all of LO. Had to do it one component at a time; just uninstalling the meta-package didn't do it. And there were about 15 components. Rebooted, and installed just Libreoffice-writer and Libreoffice-impress.

    From someone on reddit 7/2019:
    [For small-business use:]
    Libreoffice is a great piece of software if you will be delivering PDFs as the final output, but if you will be sending a Word or Excel document back and forth, you should use WPS Office, Microsoft Office 365 Web Apps, or Google Docs.

    From someone on reddit 9/2020:
    LibreOffice can save some documents that are CLOSE to Office format. Macros, scripts, templates all get fracked up. Many Uni's OUTRIGHT say it's MS Office or you don't get credit for ANY submitted work. Check with your Uni.

    From someone on reddit 9/2020:
    Libreoffice is trash for anyone who needs to do a lot of work in spreadsheets.

    One very easy example is eliminating duplicates. In Excel, you click the column letter, and then click "remove duplicates", and you're done. This is very common in spreadsheet work.

    In Calc, you do a special search, and then you have to select the entire range you want to search (so if I have 1500 rows with some blanks, I have to click A1, then CTRL+downarrow a bunch of times), then you select something to HIDE duplicates, then you copy the visible rows to a new sheet or to some area that is not filtered, and then you delete the old data. That's f*cking absurd for a function that's done ALL the f*cking time in spreadsheets.

    MS Office understands why people use these applications, and it puts all the most commonly used things right there on the Home tab. LibreOffice vs O365 is like me vs Usain Bolt in a 100M sprint. It's so bad that I've considered going back to Windows for my workstation, but I'm generally not responsible for creating or maintaining spreadsheets right now, so Excel online is workable.

    Install "mscorefonts".
    "LibreOffice macros and MS macros are partially compatible".

    Business-model: Some problems


  • Microsoft Office 365:

    But then you're sharing your documents with Microsoft.
    Microsoft Office 365
    Excel macros not supported ?


  • OnlyOffice:

    OnlyOffice
    Doesn't support newer XML-formats: .docx, .xlsx, etc.


  • WPS Office:

    WPS Office for Linux
    I'm told the UI is a fairly straight copy of MS Office's UI, so a user would be comfortable moving between the two.

  • FreeOffice:

    FreeOffice


  • Abiword:



  • Google's "Office Editing for Docs, Sheets & Slides":

    Extension for Chrome browser.
    Installed it into Chromium browser, it installed okay but didn't work.


Word Online: can be used for free by anyone with an Outlook.com or Hotmail account.

Office 365 is a home and business subscription service. Some subscription plans offer desktop Office but others don't. Some plans include web services like business email and Azure AD but others don't.

From someone on reddit 7/2019:
[For small-business use:]
Honestly, Linux Desktop isn't really business-ready at the moment. It's getting close but it's not there.

For office work you need Microsoft Office, be it Word, Powerpoint, Visio, or Excel.

Some will say you can use LibreOffice, or other open-source. But the main problems are the same tasks are not always possible (try setting sequential formulas in an excel sheet with the Ctrl + Enter on Libre), and when you create documents in these alternatives, they don't look the same when opened with Microsoft Office (i.e. vendors or clients you deal with will see this as unprofessional).

From someone on reddit 8/2020:
I have hundreds of existing PPTs which I use at work, and unfortunately these don't show well on Mint or any other Linux distro I've tried, whether on Libre, or any other Office replacement. The layout is all wrong, elements spill out of the slides, so much so that the slides are unusable without spending hours rearranging everything, so I stick to Win10 for work.

The same issue happens on Office online, with the additional problem that it doesn't have all the features of the desktop apps.

If you need to create new files, Libre etc. are a good alternative, but if you need to use existing files, unfortunately MS is still the way to go.

An issue I see, as a home user, is that the printer drivers don't properly shrink an oversize document. Maybe it's a bug in my distro (Mint 19) or apps or the driver for my printer (HP 363x series), or because I'm in Europe using A4 paper and an A4-sized printer. But a document with content right up to the edges, and slight bigger than the paper size, has the edges cut off instead of being shrunk to fit. Happens with xed and xreader at least. And there're no margin settings in their print dialogs. [Edit: not a problem with same printer with Ubuntu 20.04 and gedit app.]

Mohammed Abubakar's "Microsoft Office On Linux Is Now A Thing, Thanks To WinApps"

Robert Zak's "How to Open a docx File without Microsoft Office"
Convert Word documents to Clean HTML

For info about Docker, flatpak, appimage, and more, see my VMs and Containers/Bundles page.

Database:


Remote Access (Remote Desktop) to Linux machine:

+/-
Recommended: X2Go (uses SSH, so secure from the start)
TeamViewer (installs a version of Wine, daemon runs as root, not a lot of features).
AnyDesk
VNC ? (have to add a VPN to get security)
noVNC ?
Remmina ?
Mehedi Hasan's "Fast and Secure Remote Desktop Clients for Linux"

Remote Access (SSH) to another Linux machine:

+/-
[ALL OF THIS COULD BE WRONG]

Single-session SSH clients:
+/-
OpenSSH, PuTTY, Butterfly, kitty, more.

You could run one of these multiplexing session managers, then run a single-session SSH client in one of their sessions:
+/-
tmux (I think this runs on the client machine only; lots of ways to tile panes; can close a window/pane without closing the network connection it was using).
ArcoLinux's "Tmux - Servers and Sessions"
tmux(1) - Linux man page

screen (I think this runs on the remote machine only; if network connection drops, remote process isn't killed, you can reconnect to it).
screen(1) - Linux man page

OpenSSH client info is in /etc/ssh/ssh_config file.
OpenSSH server info is under /etc/ssh/ssh_config.d directory.
Any time you change server config, do "sudo systemctl restart sshd.service"
Create a new SSH key-pair (and password for it) for this user, on client: "ssh-keygen -t rsa"
Copy public key for this user to login as USERNAME to server: "ssh-copy-id USERNAME@SERVERADDR"
To login as USERNAME to server: "ssh USERNAME@SERVERADDR", get asked for password of key-pair on client.

Games:

+/-
Ankush Das's "Top 31 Best Linux Games You Can Play for FREE"
Nick Congleton's "The 10 Best Free Linux Games"
Steve Emms' "42 of the Best Free Linux Games"
System76's "The System76 Guide to Gaming on Pop!_OS"


Dota 2:
Install Steam first, from Software Manager.
VPN not allowed while installing.
Dota 2 installs 24 GB under ~/.steam
Try to run game, get "Unable to start game - Failed to create an OpenGL context - Your graphics card must support at least OpenGL v3.1".
I'm using Mint 19.3, kernel 5.3.0-46-generic, Intel integrated i915, X.Org 1.19.6, "OpenGL: renderer: Mesa DRI Intel Ironlake Mobile v: 2.1 Mesa 19.2.8".
Set Dota 2 launch options in Steam to include "LIBGL_ALWAYS_SOFTWARE=1": Launch Steam, right-click on Dota 2, click on Properties, click on Set Launch Options, set field to "LIBGL_ALWAYS_SOFTWARE=1 %command%".
ArchWiki's "Steam"
While running, Steam and Dota 2 together will take more than 1.5 GB of RAM.
Performance is atrocious, unplayable on my slow laptop with no special GPU.



Finding apps:
AlternativeTo
ArchWiki's "List of applications"
AppImageHub
One Thing Well blog
103cuong / awesome-linux-apps



Some applications are written to work only in a specific GUI framework, such as KDE or Gnome. Others are written to work inside a cross-platform framework, such as Electron or Node.js or Ruby Rails, that then has versions which run inside various lower frameworks, such as KDE or Gnome.

There are some application-deployment frameworks, such as Docker and Ansible (article).



Note: CLI tools "apt" and "apt-get / apt-clone / apt-config" give identical functionality but differ in emphasis:
"apt" is intended for interactive use, and may change slightly over time.
The others are intended for scripting / back-end use, and try to stay constant over time.
Someone said the two groups use separate caches.



Easy Linux tips project's "Firefox: optimize its settings"
Easy Linux tips project's "Google Chrome and Chromium: improve their settings"

Alistair Ross's "Review: Download Managers for Linux"

App Outlet

pkgs.org (finding and downloading newest versions of packages)
Repology

Lilite: A Linux Autoinstaller

Fonts:
ArchLinux's "Font configuration"
"apt-cache search ^fonts-" and "apt search ^fonts-"
Install fontconfig-infinality.
cryzed / fix-infinality.md

Linux4one's "How to Install Google Earth on Linux Mint 19"
But it's available through Software Manager too.
If all searches go to equator, edit /opt/google/earth/free/googleearth (or /opt/google/earth/pro/googleearth ?) to add a line "export LC_NUMERIC=en_US.UTF-8" before line that starts with "LD_LIBRARY_PATH".

cboxdoerfer / fsearch (fast file search utility)
Joey Sneddon's "Linux File Search Tool 'Catfish' Just Got Even Faster"

Check hash of a file you downloaded:
Alexandru Andrei's "How to Verify Authenticity of Linux Software with Digital Signatures"
drewblay / Compare-File-To-Hash



US taxes:
OpenTaxSolver



My "Develop a Desktop Application" page





Things To Do

Clippy want me to help you with Linux ?
Work your way through some basic tutorials:
Linux Journey
LinuxCommand.org
Linux Survival
Ubuntu's "Using The Terminal"
Linux command line for you and me
Ryans Tutorials' "Linux Tutorial"
Julia's Drawings

Chris Hoffman's "The Linux Directory Structure, Explained"
[At CLI do "man hier" (canonical hierarchy) and "man file-hierarchy" (extensions in systemd systems ?).]
Debian's "Device Names in Linux"

Far more in-depth:
Sven Vermeulen's "Linux Sea"
David A Rusling's "The Linux Kernel" (circa 1999)
The Linux Kernel documentation



For info about tightening and testing security and privacy, and more, see my Linux Network and Security Controls page.



Updating:

+/-
Terms:
  • Update: install new versions of packages as they come out, maybe daily.

  • Upgrade to new point-release: e.g. from 19.2 to 19.3. Usually happens same way as daily updates ? Usually works fine.

  • Upgrade to new major release: e.g. from 20 to 21. Usually some special mechanism ? More dangerous.

  • Fresh install (AKA "nuke and pave"): back up your data and custom changes, then completely wipe the disk and install new OS, install apps, then restore your data and settings of some major apps.

  • Fresh install of OS only: you can try this if you have / and /home in different partitions. Wipe and install OS and apps on /, hope that /home remains intact and works. I don't do it.


Updates:
On Mint, run Update Manager application. Application and kernel updates will appear automatically. If you want to change kernel "lines" (e.g. change from 4.15.x to 5.0.y), use View / Linux Kernels menu item.

On Ubuntu, to manually update kernel, use Ukuu (Ubuntu kernel update utility) or bkw777 / mainline. But the normal update app automatically will update kernel and remove old kernels. To see kernels, do "dpkg --list | grep linux-image". To purge several of the oldest images, do "sudo apt purge IMG1 IMG2 IMG3".

On Ubuntu, to see when snaps were last updated, do "ls -l /snap".

For Ubuntu, I asked about installing a LTS release and then later updating to a non-LTS release, and got this from people on reddit:
[From LTS to non-LTS,] You don't need to do a fresh install. Ubuntu will update with its software update tool. If your first install was an Ubuntu LTS, you will need to configure Ubuntu to allow non-LTS upgrades though. If you open "software sources" and go to the "Updates tab" configure "Notify me of a new Ubuntu version" from "Long term support" to "any new version". When the time comes you'll be prompted to update.

Word of advice: Avoid using third party software repositories (like PPAs) as they can cause situations where Ubuntu can't do an OS update. This is the number 1 cause for Ubuntu failing to upgrade. I personally don't have any as most of the stuff I use is available through Ubuntu's software library.

...

In major updates, the updater tool will disable your PPAs so that there are no conflicts.


Upgrades:
New point-release upgrades seem to go okay, usually.

Major release upgrades: I hear that Ubuntu and its derivatives usually do these okay. On other distros, maybe not so much.

Fresh install:
Instead of doing a major release upgrade, I do a fresh install. And a fresh install shows that your backups are complete, and of course is necessary when switching to a different distro.




Reporting Bugs:

+/-
On Mint, run System Reports application to see any crash reports.

Run "apt show PKGNAME" to get info about a package, including URLs for bug-reporting and source code.

For some apps, it's hard to even figure out what you're running. For example, in Ubuntu 20.04, the default app that plays mp4 video files has no app-name or About menu item anywhere in the UI of the app. From the file-association in file explorer, I found out it's called "Videos". But that name doesn't appear anywhere on disk or in packages or in running processes, that I can find. From the application store, I was able to find out its home web site: https://wiki.gnome.org/Apps/Videos From there, I was able to find that another name for it is "Totem". Then "apt show totem" gives useful info.

For a given problem, check the version number of the software you are running, and what the latest released version number is. Is it possible for you to upgrade and re-test ?

  • OS bugs:

    Check release notes or "known issues" to see if the problem is known:
    Ubuntu 18.04.2 LTS (Bionic Beaver) Release Notes
    Release Notes for Linux Mint 19.1 Cinnamon

    First, search for existing reports about the bug. If you find one, add your data to it.

    If no existing report is found, you'll have to open a new bug report. Tricky: you have to figure out if the problem is something Mint-specific, or if it is inherited from Ubuntu or Debian.

    Reporting an issue in Cinnamon or Linux Mint
    Linux Mint Troubleshooting Guide - Reporting Bugs - Where

    (For Linux Mint) Log in to GitHub. Report to one of these:
    • Cinnamon issues
    • Nemo issues
      (If you're having nemo problems, they want you to run nemo with debug symbols, "sudo apt install nemo-dbg" and then what ? But it turned out I was already running that, from the default installation of Mint.)
      (Also give list of nemo extensions: output from running "/usr/lib/*/nemo/nemo-extensions-list" on CLI. Extensions can be disabled using nemo menu item Edit/Plugins; then "nemo -q" and "nemo -n".)
    • Linux Mint Projects
    • linuxmint

    Include these files and output from these commands (as appropriate):
    • ~/.xsession-errors
    • ~/.xsession-errors.old
    • "sudo dmesg -T"
    • "inxi -Fmpxz"
    • /tmp/mintreport/crash.tar.gz
      Which contains many things, including output from:
      • Trace from System Reports app.
      • "inxi"
      As far as I can tell, there is no private data in it, but the coredump may contain private data.

    Canonical Ubuntu's "Bugs"
    Ubuntu mailing lists
    Ubuntu developer mailing list
    Ubuntu Community Discourse
    xubuntu's "Reporting"
    Shirish's "Complete Guide To Bug Reporting In Debian Linux"
    Debian bug tracking system"

    KernelNewbies: FoundBug
    The Linux Kernel's "Reporting bugs"


  • Application bugs:

    Check to see if you're running latest version of the app.

    Run it again from CLI, to see if any error or debug messages appear there.

    Run it again without add-ons or plug-ins, to see if the problem goes away.

    Run it again without VPN or firewall or any other relevant modules, to see if the problem goes away.

    Some apps have special logging or debugging options, usually on the CLI.
    Low-level GTK debug options (not very useful IMO): "man 7 gtk-options", GDK-Debug-Options, GTK-Debug-Options.

    In Ubuntu 20.04, if you know the package name, the best way to report is to do "ubuntu-bug PKGNAME" in terminal, which will collect some info from your system and then send you to Ubuntu One web site to log in and complete the bug report.

    Look in the application's Help menu or on developer's web site for how to report. Some apps have special bug-reporting menu items (KeePassXC has Help / Report a bug), or report crashes automatically (Thunderbird has Preferences / Privacy & Security / Crash Reporter).

    If it's a system application such as Nemo, look in the "OS bugs" section (above) to see where to report it.

    Some apps (Firefox) have a "feedback" (happy/sad) mechanism. Don't use it. You will have no way of tracking the report. Instead use the main bug-tracking system.

    Some apps have special crash-info features (Firefox has "about:crashes").

  • CLI command bugs:

    Look in the command's man page for bug-reporting info. If none, maybe:
    FSF's "Coreutils - GNU core utilities"
    "All GNU packages" section of FSF's "GNU Software"


  • If asked to provide a stack trace with debug symbols, not a core dump:

    GNOME Wiki's "Getting Stack Traces"
    Mint's "Software Sources" application has a switch to add PPA with debug symbol packages.
    
    apt install PACKAGENAME-dbgsym
    # or:
    apt install PACKAGENAME-dbg
    
    gdb NAMEOFAPP 2>&1 | tee ~/gdb-NAMEOFAPP.txt
    (gdb) run ARG1 ARG2 ARG3
    # get app to crash/fail
    (gdb) thread apply all bt
    (gdb) q
    


Rocket2DMn's "Improving Ubuntu: A Beginners Guide to Filing Bug Reports"
Brendan Hesse's "How to Submit a Bug Report to Apple, Google, Facebook, Twitter, Microsoft, and More"

My impression of what usually happens:
+/-
  • If you're reporting a clear crash or failure: expect friendly reaction.

  • If you're reporting something not useful or done wrong: expect acceptance and put on a list.

  • If you're asking for a new preference or feature: maybe acceptance, maybe "why don't you implement it yourself", maybe "go away".

  • If you're asking for a change to the way things work now: expect "go away" or something less polite.


A lot of bug-tracking and mailing lists, plus packages and PPAs, are hosted on Launchpad.





Networking:

+/-

Configuring Network Interfaces:

+/-
Network Manager.
"man nmcli"
"man nmtui"

networkd.

Netplan (only used at install time ?).
Egidio Docile's "Netplan network configuration tutorial for beginners"
Canonical's "Netplan reference"
From someone on reddit 2/2021:
+/- I don't think it's aimed at the non-skilled developer. Netplan is the kind of thing aimed for cloud, servers, rpi enthusiasts who want a permanent network configuration to set and forget. It has one advantage compared to the others, and that is that the configuration can exist in /boot. As such, it is possible to edit/adjust the network configuration if you need to adjust it from a separate machine.

For that purpose it does what it's intended to do, although I would argue it's superfluous considering systemd-netword meets the exact same need as set-forget network configuration that is actually sandboxed. I also think netplan's configuration.yaml is a lot nicer than systemd's units stuff.


Connecting Linux and Windows:

+/-
Separate Linux machine and Windows machine:
+/-
Could just format a USB drive as NTFS and move it back and forth.

Create file-share on Linux:
Mohd Sohail's "Share Folders On Local Network Between Ubuntu And Windows"
Jonathan Moeller's "Install & Configure Samba On Linux Mint 19"
Ubuntu Tutorials' "Install and Configure Samba"
Also Nemo-share extension to Nemo.

Create a file-share on Windows:
In Windows, create file-share, add permission in BOTH Sharing and Security. Then in browser on Linux, go to address "smb://IPADDRESS/SHARENAME", login with Windows account username and password.

Install WinSCP on the Windows machine.

Windows OpenSSH server on Windows, and use scp to copy back and forth.

Create simple read-only web-server on Linux:

ip addr | grep 192		# get LAN IP address of Linux machine
cd DIRTOSHARE
python -m SimpleHTTPServer
# go to Windows machine, and in browser go to:
http://LANIPADDRESS:8000

Various ways:
Seafile (very highly recommended by Noah Chelliah)
Sandra Henry-Stocker's "How to share files between Linux and Windows"
Sandra Henry-Stocker's "Moving files between Unix and Windows systems"
Kristen Waters' "How to Mount SMB or NFS Shares With Ubuntu"
In Linux Mint, Nemo file explorer has a "File / Connect to Server ..." menu item.
Unison

In a single-machine dual-booting situation:
+/-
Mount Linux filesystem while running Windows:
Mount the Windows main partition (NTFS filesystem) for read/write access under Linux:
+/-
Windows must be fully shut down, not hibernated, to allow Linux to have read/write access to the Windows partition. If all you want is read-only access in Linux, ignore the rest of this section.

In Windows 10, normally if you select "Start / Shutdown", it hibernates, doesn't fully shut down.

Ways to make Windows fully shut down:
  • Turn off "Fast Startup", and now "Start / Shutdown" will do a full shutdown.
  • Hold down Shift key while selecting "Start / Shutdown", and it will do a full shutdown.
I think it's best to leave "Fast Startup" turned off. But Windows will start up slower.

Chris Hoffman's "How to Mount Your Windows 10 (or 8) System Drive on Linux"
Unix & Linux Stack Exchange's "How to mount the 'D:\' disk of Windows in linux mint?"
community.linuxmint.com's "gnome-disk-utility"

But: Ubuntu 18 / Mint Tara automatically recognizes Windows OS partition in a dual-boot system and mounts it; no package installation or other steps needed. It was read-only in my live session, maybe because I didn't shut down Windows fully.





Connecting Two Linux Machines:

+/-
  • With just an Ethernet cable between them, no network, so no security issues:
    • rsync
    • NFS


  • Across a network, so security is important:
    • Create simple read-only web-server on source Linux machine:
      
      ip addr | grep 192		# get LAN IP address of source machine
      cd DIRTOSHARE
      python -m SimpleHTTPServer
      # go to destination Linux machine, and in browser go to:
      http://LANIPADDRESS:8000
      
    • SSH: sftp, rsync, scp, etc over ssh
      But I think scp is deprecated, has known security issues that won't be fixed.
      Dedoimedo's "How to connect and share data between two Linux systems"
      Swapnil Bhartiya's "How to Securely Transfer Files Between Servers with scp"
    • SyncThing
    • Seafile (very highly recommended by Noah Chelliah)
    • In Linux Mint, Nemo file explorer has a "File / Connect to Server ..." menu item.
    • In KDE, application "KDE Connect". Works with computers and smartphones that are running KDE Connect or compatible app. Android, Windows, Linux are supported; iPhone not supported because of licensing. On Linux GNOME or on Android phone, application "GSConnect" is compatible with KDE Connect ?

    Install openssh-server on the server machine, disable password-only login, set default protocol to ssh, enable compression. Generate ssh keys on the client machine; file id_rsa.pub is the public key and file id_rsa is the private key.

  • Single machine dual-booting or multi-booting:

    Just mount the filesystem from one partition to a mount point in the currently running system ?
Alexandru Andrei's "How to Use Netcat to Quickly Transfer Files Between Linux Computers"
Jonathan Moeller's "Install & Configure Samba On Linux Mint 19"

If you want to torrent plus do normal traffic, or have multiple people streaming on your LAN, set QOS using fireqos. Don't try to do it using "tc".



Special hardware:

+/-
  • WD My Passport encrypted external hard disk drive.

    How to install and use KenMacD's "wdpassport-utils":
    +/-
    1. sudo apt install git
      (might already be installed, by default)
    2. git clone https://github.com/KenMacD/wdpassport-utils ~/wdpassport-utils
    3. Now you have the files in ~/wdpassport-utils
    4. You could move the files to /usr/local/bin so they can be used all users. But this particular software is going to hard-code a password into a file, so best to leave it under your home.
    5. cd ~/wdpassport-utils

    6. Follow the "Non Gui Steps" from the README.md file in the repository:
        First time:
      1. sudo apt install sg3-utils

      2. Every time:
      3. Plug in external drive and wait a few seconds.
      4. sudo dmesg | grep sg | grep "type 13"
        This should return one line which gives drive's "sgN" (such as "/dev/sg1").
      5. ./cookpw.py YOURPASSWORD >password.bin
      6. Verify that size of password.bin is 40 bytes.
      7. sudo sg_raw -s 40 -i password.bin /dev/sgN c1 e1 00 00 00 00 00 00 28 00
        but replace "sgN" with appropriate number, "sg1" or whatever.
        See message saying something like "Good".
      8. Now drive should be unlocked.
      9. sudo partprobe
      10. Now drive should be mounted and available for use.
      11. Delete password.bin file so password is not saved ?

    7. Try the GUI method:
        First time:
      1. Instructions say do "sudo apt install gksu", but that package has been removed from Debian/Ubuntu18/etc.
      2. Edit gui.py to change all "gksudo" to "sudo".
      3. sudo apt install python-qt4
        May take 30 minutes or so in Live session.

      4. Every time:
      5. python gui.py
      6. See buttons for unlocking and mounting the drive.
      7. App automatically makes a desktop icon gui.py, called "WD Unlocker", which you can use next time.
      8. It creates a password.bin file each time. Delete that file after drive is accessible, or after unmounting disk ?

    8. To remove the drive from the system:
      1. In File Explorer, right-click on drive and click "Safely Remove Drive".
      2. Wait 5 seconds or so.
      3. In File Explorer, right-click on drive, see that now there is a "Mount" option (showing drive is unmounted), and click "Safely Remove Drive" again.
      4. In File Explorer, see that the drive no longer appears.
      5. In File Explorer, right-click on WD Unlocker drive, and click "Safely Remove Drive".
      6. Unplug the external drive.


    Western Digital's "How to physically connect, disconnect, and install a WD external / easystore drive on a Windows PC or Mac" says they don't support Linux, and they say nothing about how to mount an encrypted drive on Linux.

    Use WD-Decrypte with sg3-utils. See Vector's "Unlock WD Password Protected HDD in Linux" (video) which explains how to use WD-Decrypte, covering a couple of glitches not explained in Sifo Hamlaoui's "HOW TO DECRYPTE Western Digital DRIVE ON LINUX" (video).

    Or use 0-duke's "wdpassport-utils"

    Or use KenMacD's "wdpassport-utils"

    How to install KenMacD's "wdpassport-utils" (or other GitHub project), from someone on reddit 8/2018:
    1. sudo apt install git
      (might already be installed, by default)
    2. git clone https://github.com/KenMacD/wdpassport-utils ~/wdpassport-utils
    3. Now you have the files in ~/wdpassport-utils
    4. You could move the files to /usr/local/bin so they can be used all users. But this particular software is going to hard-code a password into a file, so best to leave it under your home.
    5. The rest of the steps are specific to this project.
    Installing a package using apt installs it system-wide by default (which is why you have to use "sudo").

    Testing a drive for problems using Data Lifeguard Diagnostics for Windows

    A better long-term solution:
    1. Mount the encrypted drive on a Windows machine (or Linux, if you have decryption working).
    2. Copy the files to a temp disk.
    3. Disable hardware encryption on the encrypted drive (must be on Windows to do this).
    4. Plug the encrypted drive into your Linux machine.
    5. Reformat it as a VeraCrypt volume with ext4 or NTFS or Btrfs filesystem inside.
    6. Copy all the files from temp disk to VeraCrypt drive.
    7. Close VeraCrypt drive, re-open, close, unmount disk, re-mount, test several times.
    8. Save backup copy of VeraCrypt volume header on some other device.
    9. Erase temp disk.






After using Linux for a while:

+/-
  • Updates:

    In Mint, I always use Update Manager, not the CLI. If a new kernel or systemd or Xorg comes out, maybe wait a day to let other people try it out first. Other than that, I always update.

  • Clean up space on disk:
    +/-
    To see used/free space:
    
    df -khT
    df -khT -x squashfs -x tmpfs		# don't show snap devices
    sudo du -h --summarize --exclude=/home --exclude=/sys --exclude=/proc --exclude=/run /
    sudo du -h --summarize -c --exclude=/home --exclude=/sys --exclude=/proc --exclude=/run /*
    sudo du -h --summarize -c /home/*
    

    • Check to see how many Timeshift snapshots have been saved.

      But apparently subsequent snapshots are incremental, so the 1st will be big (15-20 GB ?) and the rest will be small (2 GB ?).

    • Space occupied by system journal: "journalctl --disk-usage".

      You can delete old entries in the journal by doing "sudo journalctl --vacuum-time='2d'". Saves a surprising amount of space.

      Put a permanent cap on number of entries in journalctl: Sudo edit /etc/systemd/journald.conf to set "SystemMaxFiles=7" (saves info from last 7 boots).

    • Space occupied by system log files: "sudo du -sh /var/log".

      
      grep logrotate /etc/crontab /etc/cron.*/* /etc/anacrontab /var/spool/cron/crontabs/*
      cat /etc/logrotate.conf
      man logrotate
      
      # As a quick fix:
      sudo rm /var/log/*.gz
      


    • If you installed a lot of applications just to try them out, go back and remove the ones you don't use. If you installed something through Software Manager, remove it through Software Manager. Scroll through list of installed applications by opening Software Manager, clicking on "hamburger" icon in upper-right, check "Show installed applications".

    • Apps based on Flatpak take a lot of space. Run Software Manager and click on the Flatpak button in lower-right to see list of all Flatpak-based apps. But sometimes that doesn't show all of them, so: at CLI, do "flatpak list --app". Consider removing any that you have installed.

      Lots of Flatpak cache files can pile up in /var/tmp/flatpak-cache* directories. Do:
      
      sudo bash -c "! pgrep -x flatpak && rm -r /var/tmp/flatpak-cache-*"
      
      Lots (325K files, 5.8 GB) of Flatpak stuff under /var/lib/flatpak, but I don't know if any of it can be deleted.

      It's possible that an app is removed but its "runtime", or a "runtime" that it and others once depended on, remains behind ? Compare outputs of "flatpak list --app" and "flatpak list -d --app --runtime" ? Run "flatpak uninstall --unused" to remove them. On my machine, it reduced that 5.8 GB to 47 MB !

    • Apps based on Snap can take some space. At CLI, do "snap list". Consider removing any that you have installed. Do "apt search APPNAME" to see if a non-snap version is available.

      By default, last 3 versions of each snap image are cached. Change to minimum via "sudo snap set system refresh.retain=2".

    • See what Docker images are installed: "sudo docker images".

    • See what AppImage apps are installed:
      "sudo find / -name "*.AppImage" -type f -print | less"

    • Run Software Manager and search for "font". Remove any you don't need. But you'll probably save only 10 MB or so.

    • To see what directories are consuming space, use "baobab" or "ncdu" or "kDirStat" or "du -h".

    • See list of all installed packages, sorted by size:
      "dpkg-query -W --showformat='${Installed-Size} ${Package}\n' | sort -nr | less"

      Also: "du -sh /var/cache/apt/archives" and then if the number is large, "sudo apt clean".

    • Do you have a big swapfile ? "ls -l /swapfile"

    • Search for big files:
      "find / -type f -size +10240k"
      or
      "find / -size +20M -exec ls -lahg {} \;"

    • Clear caches in browsers and email client apps.

    • Caches etc under your home directory:
      "sudo du -sh ~/.cache/* ~/.local/share/* ~/.var/app/* >tmp.txt; less tmp.txt"
      There may be garbage left over from things you uninstalled.

    • Delete crash reports/dumps. See "System Reports" application, and Firefox's "about:crashes".

    • Install some things under your home directory instead of on /, if they are separate partitions and you are low on space on /. Flatpak option "--user" when installing a flatpak application.

    • Run something like BleachBit. But I would turn off all the apt-related options.
      SK's "How To Clean Up Junk Files In Ubuntu Using Ubuntu Cleaner"
      Also "apt clean" (clears local repository cache).

    • Removing old kernel images:
      In Mint, open Update Manager, do View / Linux Kernels.

      On Ubuntu, if using "mainline", do "mainline --clean-cache".

      Through CLI:
      
      # show current kernel
      uname -r
      
      # show all kernels except the one currently running
      sudo dpkg --list 'linux-image*'|awk '{ if ($1=="ii") print $2}'|grep -v `uname -r`
      
      # For each image you want to remove, do:
      sudo apt purge linux-image-NNNNNNNNNNNNN-generic
      
      sudo apt autoremove
      sudo update-grub
      
      ipbastola's "Safest way to clean up boot partition - Ubuntu 14.04LTS-x64"


    • I greatly distrust global cleanup operations such as "apt autoremove" (some people say it's okay, just don't use wildcards). Other global operations such as "sudo apt clean" just empty cache, much safer but soon much of the contents will come back.

    Easy Linux tips project's "How to clean Linux Mint 19 safely"


  • If you decide you got the partition sizes wrong, you want more/less for Windows and less/more for Linux, you can adjust them.

    To change the Linux partition sizes, boot from a Linux USB and run GParted.
    Ask Ubuntu's "Can I Adjust/Reduce My Partition Size for Ubuntu?"
    Danny Stieben's "Three Ways to Resize a Linux Partition Safely"

    To change the Windows partition sizes, boot Windows and run Disk Management.
    Microsoft's "Overview of Disk Management"

    Before doing these operations, make backups !

    If using a laptop, plug into AC power before starting these operations.

  • Linux Uprising's "How To Use A Swap File Instead Of A Swap Partition On Linux"
    FOSS Linux's "How to create or add a SWAP partition in Ubuntu and Linux Mint" (but "method 1" creates a swap file)


  • If you didn't encrypt the partitions, you may be able to encrypt them in-place later.

    Johannes Bauer's "LUKS In-Place Conversion Tool"
    Leo Notenboom's "How Do I Encrypt a Hard Drive Using VeraCrypt?"
    Andrew Douma's "Full Disk Encryption with VeraCrypt"
    "man ecryptfs-migrate-home"

    From LawrenceC on superuser's "How would I encrypt my whole Linux filesystem with VeraCrypt?":
    +/-
    Linux has supported boot/system volume encryption like VeraCrypt for a long time using its own separate integrated system called LUKS, which is not compatible with Truecrypt/VeraCrypt.

    VeraCrypt (if it's like Truecrypt) is implemented on Linux via FUSE. FUSE is a way to implement filesystems without writing a kernel driver, the cost of this is speed. LUKS is part of the kernel and is faster than VeraCrypt would be, so this is why LUKS is preferred if you are using Linux.

    LUKS is well supported by Debian and other distribution installers, it's fairly simple to encrypt your full system, or full Linux partition, except for a small boot partition containing the kernel and initial RAM disk. This is equivalent to everything being encrypted on Truecrypt/VeraCrypt except the bootloader, which has to be unencrypted so the BIOS/UEFI can read it.

    One thing to note is that I don't believe there is a tool that will encrypt/decrypt a currently running system like Truecrypt/VeraCrypt does.

    Before doing these operations, make backups !

    If using a laptop, plug into AC power before starting these operations.

  • If you want to move /home to a separate partition:

    Ubuntu's "Partitioning/Home/Moving"


  • More software or more updating:

    From Easy Linux tips project's "Avoid 10 fatal mistakes in Linux Mint":
    "Never use installation scripts like Ultamatix, Ubuntu Tweak, Ubuntu Sources List Generator, Ubuntuzilla and UKUU. Don't use Grub Customizer."

    Scripts or commands you find on random web pages: Even if you read them on the web page and understand them, don't copy/paste them straight onto the shell CLI. Instead copy/paste them into a text editor and see if they look the same. Then copy from there to shell CLI if you wish. [Or in Firefox set dom.event.clipboardevents.enabled = false.] See Brian Tracy's "Don't Copy Paste Into A Shell" and example.

  • Easy Linux tips project's "Speed up your Mint!"
    Easy Linux tips project's "Speed up your Ubuntu!"
    SK's "How To Improve Application Startup Time In Linux"



  • [Apparently, tweaking the UI of your system is called "ricing" it.
    /r/unixporn's Wiki "Ricing 101"
    /r/unixporn's "ricerous_info"
    InstallGentoo Wiki's "GNU/Linux ricing"
    ]


  • Adding more desktop wallpapers:

    Download images from:
    Awesome Wallpapers

    In Mint 19, click on the Start button and run "Backgrounds" application. You could add the new images in a new directory, or put them somewhere under /usr/share/backgrounds. But I think the slide-show in the Backgrounds apps only uses one folder, that you pick, not all the folders listed in the left-hand pane. At least JPG and PNG formats are supported, and any size (bigger is better).

    In Ubuntu 20, install Variety application. But soon my GNOME background was broken.

    https://github.com/LittleSimpleWallpaperChanger/lswc ?

  • Hack Terminal's background color: put at end of ~/.bashrc:
    
    # change terminal background color at random
    # adapted from /u/code33301
    q="\033]11;"
    w=("#3c3c76" "#527774" "#32573d" "#800080" "#800000" "#A05000")
    e="\007"
    r=$((RANDOM%7))
    if [ "$r" -ne "6" ]; then
    	echo -ne $q${w[$r]}$e
    fi
    # else use default system color
    


  • If you want to try other themes in your current Desktop Environment:

    Mint's "Themes" application.
    Alistair Ross's "How to theme your Linux Desktop"
    Cinnamon Spices' "Themes"
    Pling's "Cinnamon Themes"

    In Mint, it's easy to "install" a theme, but it doesn't get used until you change 5 individual settings in Themes: Window borders, Icons, Controls, Mouse Pointer, Desktop. Some of the themes don't show up as choices in some of those 5 settings. None of them change the desktop background, I think; that must be done elsewhere (right-click on desktop and select "Change Desktop Background"). Some of the themes have descriptions that include some additional work you have to do, beyond just the Themes app. Seems that a new theme makes KeePassXC change a lot, Firefox changes mainly in title bar and tabs and some menus, but VSCode has no changes ?

    I think the default Theme in Mint Cinnamon is Mint-Y.
    I changed to Mint-X-Blue and liked it.

  • Applets and Desklets and Extensions etc:

    Cinnamon Spices
    Pling's "/s/Cinnamon"


  • You could add a dock to your desktop:

    Mehedi Hasan's "Top 10+ Best Linux Docks To Make Your Desktop Beautiful"
    Many are available through Software Manager.


  • GNOME Shell extensions:

    In Mint, you can use the Extensions application to install from a limited list.

    More extensions: GNOME Shell extensions
    Martins D. Okoi's "How to Install Gnome Shell Extensions"

    To see what version of GNOME you're running: "cat /usr/share/gnome/gnome-version.xml".
    The web site Download may ask for "GNOME Shell version"; maybe: "apt list | grep gnome-desktop | grep installed".


  • If you want to try tiling window managers:

    Mehedi Hasan's "Best 20 Linux Window Managers"

    From someone on reddit:
    +/- [I'm running Ubuntu GNOME 20.04]
    1. Find a WM you like. (I'd recommend I3, but there's awesome, dwm, qtile, xmonad, bspwm, herbstlutwm, etc.)
    2. Install it through apt (or through a PPA, usually the instructions are on the GitHub repository README.md). ["sudo apt install i3" or "sudo apt install awesome"]
    3. Logout and in gdm after selecting the user, click the gear icon in the lower right corner and search for the window manager you just installed.
    4. Login and play with it a little bit.
    5. When you want to go back to GNOME just log out of the WM (usually there's a key-binding for that in the config file) and select GNOME in the gear icon.

    In i3 window manager:
    +/- Click on network icon in lower-right corner of screen to set networking.
    Command-d to select an application to launch.
    Command-enter to open a Terminal window.
    Command-f to go to full-screen mode.
    Command-shift-q to close current application.
    Command-shift-e to exit i3 and go back to login screen.



  • If you want to try display managers:

    In Ubuntu GNOME 20.04: install another window manager (see previous section), then logout. Click on a user name to log in, then click on gear icon in lower-right corner. A couple of the choices will be "Ubuntu" (which means X) and "Ubuntu Wayland" (which means Wayland). Pick one, then type password to log in.

    After system has logged you in, do "sudo ps -ax | grep gdm3" to see what display manager you're running.

    A few quirks with Wayland on Ubuntu GNOME 20.04: some kind of transparent desktop with one icon shows up in list of apps; in Firefox much of the tab bar doesn't work and locks the whole app until you alt-tab to another app.

  • If you want to try other Desktop Environments:

    community.linuxmint.com's "How to Install and Manage Multiple Desktop Environments Using GUI"
    How-To Geek's "How to Install and Use Another Desktop Environment on Linux"
    StackExchange's "Why does installing different desktop environments break things?"
    In Mint, open Software Manager app and search for "desktop". A bit confusing, but they're there.

    Or maybe create a USB Live drive for the new DE and try it there for a while, before messing with your system on disk.

    From someone on reddit:
    +/- > is it possible to just install a couple different desktop environments
    > and switch between them when I feel like it ?

    You can install most all of the *-desktop packages and select what desktop to use at the Login screen Its not that hard.

    The Login manager screen has some icon of menu of all the DE's and WMs installed on the system, the user just picks one before they click the Login button.

    HOWEVER ...

    The icons and applications are often not very separated, and the names can be confusing because they are all mixed together.

    Example, With the IDIOTIC naming scheme common these days of using 'common' terms for program names, you may have 4 'terminal' icons each called terminal, and each calling a different terminal program. KDE is a bit more clear in its menus, but some other DEs can be a real bother. it is possible to hide specific programs/icons in specific DEs but it can be annoying to tweak them all.

    So in short, you can:
    
    sudo apt install kubuntu-desktop xubuntu-desktop lubuntu-desktop budgie-desktop   
    
    then log out, (you may need to restart the login manager) (or be lazy and reboot)

    Select the correct desktop to try, log in, enjoy.

    Some things to watch out for: redundant programs, poorly named programs (gee 4 icons called 'settings' how nice), Login manager might get changed (easy to change back), disk space used up, default applications might get changed also. Been running this kind of Franken-Desktop setup for ages.

    I tend to go on a 'testing spree' of the other desktops, before i do a clean install, then when installing i pick what DE to try out for a while, until i get bored and do it all again.

    From people on reddit:
    +/- A loosely-structured hierarchy of components ultimately all work together to provide you with a graphical experience. From the "ground up" they are:

    • A display server protocol. (See: X11, Wayland)

    • A display server is a service that provides an interface for applications to present a simple graphical interface to the user. (There's basically only one display server left that implements the X11 protocol, the one from X.Org. There are several display servers that implement the Wayland protocol, e.g. Weston, Mutter, KWin, Sway. Also, on Wayland the tasks of display server, window manager, and compositor are often done by the same program.)

    • A window manager is a service that works with the display server to present applications via one or more windows. These come in several flavors:

      • A stacking window manager is the traditional concept, where one window is "on top" and all the others are layered behind. (See : Xfwm, Openbox)

      • A tiling window manager presents windows to the user in a way that they're never overlapping. (See: awesome, i3)

      • A compositing window manager (or compositor) is similar to a stacking window manager, except that it provides each application its own off-screen buffer first, and then composites those buffers together on screen. This provides additional features like alpha-blended windows, animations, desktop wall/cube, etc. (See: Compiz, Mutter)

    • A widget toolkit is an code library applications use to draw widgets (menus, buttons, etc.) onto the windows provided by the window manager. (See: Qt, GTK)

    • A graphical shell is an application that provides the basics concepts like login screen, task bar, system tray, etc. (See: GNOME shell, KDE Plasma)

    • A desktop environment is the coordination of all these layers, plus any number additional applications, into a single user experience. (See: GNOME, KDE)

    • A Linux distribution will package a desktop environment with more applications, plus an installer, software repository, etc. to form a complete operating system.







  • Buy a USB SSD drive for backup/offline-storage, encrypt it, and possibly move it between Linux and Windows:

    SSD vendors don't seem to support Linux in their "management" software.
    Format the drive as NTFS and encrypt it with VeraCrypt ? Or format as EXT4 ?
    Many tips about SSD apply to using it as boot/system drive, not external storage.
    Easy Linux tips project's "SSD: how to optimize your Solid State Drive for Linux Mint and Ubuntu"
    Jack Wallen's "How to check SSD health in Linux"


  • Mounting disks:

    From someone on reddit:
    To auto-mount disks at startup:

    sudo apt install gnome-disk-utility

    Run GNOME Disks application.

    Select your partition from the disk -> Advanced options -> Edit Mount options -> Turn automatic mount options off -> here you can set a variety of options including the name, disable the password prompt, and set the mount point (/mnt/123456 -> /mnt/Media).


  • Moving Linux from HDD to SSD:

    Abhishek Prakash's "Upgrading To Solid State Drive in Linux: The Easy Way and The Hard Way"
    Easy Linux tips project's "SSD: how to optimize your Solid State Drive for Linux Mint and Ubuntu"
    Danny Stieben's "How To Optimize Linux For SSDs"
    Jack Wallen's "How to check SSD health in Linux"

    In Firefox, set "browser.sessionstore.interval" to a much larger number, to reduce writes to SSD. If you have lots of RAM, maybe set "browser.cache.disk.enable" to 0.

    Might also want to change I/O scheduler, at least for SSD ? Use BFQ ? Article1 Article2

  • Can I change the location of my Home folder to an external drive with more room?

    Suggest leaving it where it is and mounting the external drive under your home directory. Mount the disk once and then do "sudo blkid" to get the UUID. Later you can mount it via "sudo mount UUID=nnnnnnnnnnnnnnnnnn /home/myuser/extdrive". And you can make it auto-mount by adding a line to /etc/fstab.




Magic key-sequences:

+/-
  • Alt+F2 to get a small command window, if Xorg is still working. If you get the small window, type "xkill" and click on a window you want to kill.

  • Ctrl+Alt+F1 to get out of GUI and to console-login;
    then Ctrl+Alt+F7 to get back to GUI.

    May have to enable this via:
    
    grep 'ACTIVE_CONSOLES=' /etc/default/console-setup	# see "/dev/tty[1-6]" or similar
    sudo sed -i "s/#NAutoVTs=/NAutoVTs=/" /etc/systemd/logind.conf
    systemctl restart systemd-logind.service	# or may have to reboot
    

    While in console, "sudo service lightdm restart" will kill all GUI apps and restart the GUI system, Ctrl+Alt+Del will abruptly restart the system.

  • Alt+Shift+F12 might restart the window-compositor.
    (Works on Kubuntu 20.10)

  • Ctrl+Alt+Esc might kill current GUI and start a new one.
    (Works by default on Mint 19)

  • Ctrl+Alt+Backspace might kill current GUI and take you to login screen.
    (Not by default on Mint 19 or Ubuntu 20)

    To enable on Mint 19 or Ubuntu 20: run "sudo dpkg-reconfigure keyboard-configuration", press Enter 5 times to get through 5 screens with current settings, then see dialog about "Ctrl+Alt+Backspace terminate the X server", choose Yes.

  • Ctrl+Alt+Del might restart the system. Also, try typing it 4 times in rapid succession.

  • Alt+SysRq+ or Alt+PrntScr+ keys (on Mint 19 and Ubuntu 20, they work only in console):
    • H: Show help.
    • Space: Show available Alt+SysRq keys.
    • R: Switch the keyboard from raw mode to XLATE mode. (Disabled on Mint)
    • E: Send the SIGTERM signal to all processes except init. (Disabled on Mint)
    • I: Send the SIGKILL signal to all processes except init. (Disabled on Mint)
    • S: Sync all mounted filesystems.
    • U: Remount all mounted filesystems in read-only mode.
    • B: Immediately reboot the system, without unmounting partitions or syncing.
    • 0: Change the console loglevel to 0 to reduce error messages.
    • K: Kill all processes on the current virtual terminal.
    See /etc/sysctl.conf

Eric Simard's "Frozen Linux System? Here are 3 Ways to Deal With It"
superuser's "Does Linux have a Ctrl+Alt+Del equivalent?"
kember's "REISUB - the gentle Linux restart"
Wikipedia's "Magic SysRq key"
Fedora Wiki's "QA/Sysrq"



Problems and troubleshooting:

+/- Not Unix's job to stop you from shooting yourself in the foot
  • Have a rescue disk or flash drive:

    Either a live-session copy of your current distro, on USB, or:
    Rescatux & Super Grub2 Disk
    Boot-Repair-Disk
    Ubuntu's "Boot-Repair"
    GParted Live (login as "user" / "live")
    SystemRescueCd
    LinuxAndUbuntu's "Top 5 Linux System Rescue CDs"
    Martins D. Okoi's "12 Useful Rescue and Recovery Tools for Linux"
    Hard-core: CAINE (Computer Aided Investigative Environment)

    The time to make rescue disks is before you have a problem, not after. If your hard disk is encrypted, test how you would access (decrypt) the disk when you've booted from a live-session on USB stick. Also test booting from hard disk into GRUB recovery (next item).

  • If the system won't boot:

    While booting, hold down Shift key to get into GRUB, then choose Options - Recovery, or some older kernel.

    First, make sure the disk is not throwing hardware errors. Maybe use a SMART utility. article

    Maybe you have filesystem damage:
    Marin Todorov's "How to Use 'fsck' to Repair File System Errors in Linux"

    Maybe you have RAM problems; run memory test from GRUB menu:
    Karim Buzdar's "How to Run Memtest in Ubuntu 20.04"
    Or from OS: "sudo memtester 14G"

    Maybe the bootloader has been removed:
    Kiran Kumar's "'Boot Repair' for Ubuntu, Linux Mint, and elementary OS can fix Bootloader issues"
    Chris Hoffman's "How to Repair GRUB2 When Ubuntu Won't Boot"
    Boot Repair
    Chris Titus's "Grub Rescue | Repairing your Bootloader"
    Also see: Help section in GParted app.

    If you want to restore from a Timeshift backup:
    [NOT SURE OF THIS] Boot from USB stick into a live session, then:
    timeshift --help
    sudo timeshift --list

    If you did an update, writing initramfs failed, then you rebooted:
    Probably old kernels have filled up /boot and you're out of space. Boot from an old kernel, "df -h" to see space, "dpkg --list | grep linux-image" to see the images, "sudo apt purge IMG1 IMG2 IMG3" to purge several of the oldest images.

  • If dual-booting and some OS's won't boot:

    To see bootable partitions other than the current one: "sudo os-prober"
    To see kernels bootable from a partition: "sudo linux-boot-prober /dev/sdaN"
    Vivek's "How to Edit & Repair GRUB Boot Menu Using Commands"


  • If you can login but immediately get kicked out again ("login loop"):

    Could be due to GPU drivers, home partition full, bad configuration under home directory ?

    Nick Congleton's "How to Fix the Ubuntu Login Loop"
    Tiwo Satriatama's "3 Ways To Fix Ubuntu Gets Stuck in Login Screen Loop"


  • If the system boots into a non-working GUI:

    While booting, hold down Shift to get into GRUB, then choose Options - Recovery.
    If you want to restore from a Timeshift backup:
    timeshift --help
    sudo timeshift --list


  • If all of your files are read-only:

    This might mean that the OS detected errors it couldn't repair.

    Check the health of your drives.

    Maybe dismount filesystem and use "fsck".
    If it's the root filesystem, do "sudo touch /forcefsck" and then reboot.
    Or, hold down Shift key while booting, get into GRUB, select Advanced Mode / recovery / fsck.


  • If some application is locking up:

    Alt+F2. If you get a small window, type "xkill" and click on a window you want to kill.

    "sudo gnome-system-monitor" to see various processes ?

  • If the GUI is locking up:

    Right-click on a blank area of the System Tray, select Troubleshoot, then Looking Glass. Or on CLI, run cinnamon-looking-glass. It will launch Melange, the Cinnamon DE debugger. Select Actions/Quit to exit. Pressing Esc also exits, but not completely ?

    Or if it's the X Server that's freezing, do Ctrl+Alt+F3, get login prompt, login, do "sudo systemctl restart gdm3". Logout, Ctrl+Alt+F7 to get back to GUI.

    Instructions from someone on reddit:
    Do Ctrl+Alt+F6, get login prompt, login, do command "w", FROM column will show a display number such as ":0". Do "export DISPLAY=:0; cinnamon &". Logout, Ctrl+Alt+F7 to get back to GUI.

    See Magic key-sequences section.

  • If the system boots but then soon crashes:

    Make sure the disk is not throwing hardware errors. Maybe use a SMART utility. article

    Boot again, then do:
    sudo journalctl -b -1 | tee ~/lastboot.log
    and then examine contents of ~/lastboot.log (maybe take it to a working machine)


  • If the whole OS is freezing or crashing:

    Look for info in output of "sudo dmesg -T" or "sudo dmesg --level=err,warn -T" and "sudo journalctl --pager-end" or something like "sudo journalctl --since=today" or "sudo journalctl --since=2019-12-31".
    Look for crash dumps in System Reports application.
    If you want to get hardcore and analyze a crash dump yourself, there are utilities such as "crash" for that. Do a search for articles about "Linux analyze crash dump". Stephan Avenwedde's "Creating and debugging Linux dump files"

    Did you change anything recently ?
    Are you doing something like overclocking the system ? Don't.

    Check the health of your drives
    Run fewer apps, does crash still happen ?
    For UI freezes, try removing Synaptics touchpad driver.
    Remove anything that is optional: USB devices, for example.
    Run the System Monitor application and watch it for any strange behavior.
    Install something (maybe Psensor) to measure CPU and GPU temperatures.
    Run BIOS diagnostics for RAM and disk.

    Maybe you have RAM problems; run memory test from GRUB menu:
    Karim Buzdar's "How to Run Memtest in Ubuntu 20.04"

    From someone on reddit:
    When I have inexplicable hangs I ssh in from another box and run logs (sudo dmesg -w, tail -F -s 0.1 --retry /var/log/lots_of_log_files etc) and then replicate the problem. Often I can see some error reported before the box croaked.

    Nick Congleton's "4 Easy Ways to Get Out of a Ubuntu Crash"

    Are you running out of RAM and don't have swap, or don't have much swap ?
    Maybe see hakavlad / nohang


  • System testing utilities:

    Ubuntu: "sudo apt install checkbox-gui" (maybe deprecated ?)
    Ubuntu: CheckboxNG
    Phoronix Test Suite
    Hardware Probe


  • If you suspect a stuck key or bad touchpad or similar:

    Do "xev -event keyboard" or similar.


  • If you have no network access:

    Maybe you have duelling firewalls ? You can't run firewalld and ufw/gufw at the same time. firewalld and ufw both use iptables.
    "whereis -b -B /usr/bin /usr/sbin -f gufw ufw firewalld"

    Some VPN clients also use iptables. "sudo iptables -L -v"

    Check status of network interfaces. "ip addr"

  • If your Wi-Fi stops working:

    Does same Wi-Fi network still work on other machines in the house ?
    Have you turned off Wi-Fi with a switch on the outside of the laptop ?
    Have you turned off Wi-Fi in BIOS ?
    Have you turned off Wi-Fi in software ? "rfkill"
    Does the option to turn on Wi-Fi exist in the Settings ?
    Does a Wi-Fi device (probably named "wSOMETHING") exist in output of "ip addr" ?
    Does a Wi-Fi device (maybe "Network controller") exist in output of "lspci" ?
    Check Wi-Fi device and driver in output of "inxi -n".
    Run the "Drivers" GUI app for your distro. Maybe switch between "proprietary driver" and "don't use device". "Don't use device" may be a lie; try that option.


  • If you really screw up the system configuration somehow, before re-installing you could try using Resetter:

    FOSSMint's "Resetter - Reset Ubuntu and Linux Mint to Default Settings"
    Jack Wallen's "Set Ubuntu Derivatives Back to Default with Resetter"
    VITUX's "How to reset Ubuntu"


  • If you delete some system files somehow:

    nixCraft's "Accidentally overwrote a binary file on Linux? Here is how to restore it"


  • Do not delete any versions of Python:

    Much of the system GUI is written in Python, apparently.

    Other things to not delete: gcc, lightdm, boost, mysql-*, mariadb-server.

  • If you "sudo apt remove" a lot of critical system files but your system still is running:

    +/-
    1. Quickly "sudo apt install" what you removed.
    2. Close down running applications.
    3. Do backups of important files.
    4. Make sure you have an installer image on USB in case the system won't boot.
    5. Think: what will you do if the system won't boot at all, what will you do if it won't boot to GUI, what if you have to re-install, etc ? Do you have passwords, etc ? Take your time.
    6. Take a deep breath and shut down, then power on.


  • If you delete a few files under your home directory somehow:

    Martin Brinkmann's "How to use PhotoRec GUI to recover lost digital photos and files"
    Aaron Kili's "PhotoRec - Recover Deleted or Lost Files in Linux"
    Falko Timme's "Recover Deleted Files With foremost" (ancient ?)
    sleuthkit / scalpel
    Kali Linux's "Scalpel -- Recover Permanently Deleted Files"
    Recover onto a different drive than the files were deleted from.
    File names probably will be lost, but the contents may be recoverable.

    For low-level surgery on a damaged ext* filesystem: "man debugfs", "man ext4magic".

    On the CLI, it's safer to delete routinely using "trash-cli" or "gio" or "rm-protection" instead of "rm". But none of them are a same-name drop-in replacement for rm; you have to remember to use them, and they don't have the same options as rm.

  • If you rm -fr lots of important files under your home directory:

    From someone on reddit:
    1. Power off ASAP.
    2. Get an unused external drive. It must be larger than the partition you're trying to recover.
    3. Boot from a live USB image.
    4. Connect the backup drive to the system.
    5. Use dd to copy the entire partition to a file on the backup drive:
      "dd if=/dev/sda4 of=/mnt/usb/myhomepartition conv=fsync"
      or
      "dd if=/dev/mapper/VolGroup-home of=/mnt/usb/myhomepartition conv=fsync"
    6. Install testdisk within the live USB environment, and use that to try to recover your data:
      "testdisk /mnt/usb/myhomepartition"
    7. Repeat steps 5 and 6 if you damage the image of your partition.


    maketecheasier's "6 Linux Tools to Help Recover Data from Corrupted Drives"
    VITUX's "How to Recover deleted files in Ubuntu through TestDisk"
    CGSecurity's "TestDisk Step By Step"
    extundelete ?


  • Damaged VeraCrypt volume:

    Keep a backup copy of the volume header (made via VeraCrypt / Tools / Backup Volume Header).

    If you don't have such a header backup file, you could try VeraCrypt / Tools / Restore Volume Header and select "Embedded backup header".

  • If OS is destroyed and you need to copy files from an encrypted volume:

    If you have a home directory encrypted with eCryptfs ("df -khT | grep /home/" will show a /home/USERNAME/.Private partition with type "ecryptfs"): Linux_Lobo's "HOWTO: Recover files from encrypted home directory"

  • If the hard disk is damaged:

    MakeTechEasier's "7 of the Best Data Recovery Tools for Linux"
    Carla Schroder's "GNU ddrescue - The Best Damaged Drive Rescue"

    And some people say "Don't fool around with half-measures for a while, trying to copy off files using the file explorer or dd or such: every use of the disk risks more and worse damage. Go straight to ddrescue and copy the whole thing to a new drive.".

    After you get a copy onto a new drive, then you can try to recover files from the new drive using tools such as:
    PhotoRec
    foremost
    sleuthkit / scalpel

    If drive seems totally dead:
    
    sudo hdparm -i /dev/sda
    sudo hdparm -I /dev/sda
    


  • There are hidden sections of the hard disk:

    HPA (Host Protected Area) and DCO (Drive Configuration Overlay) are "hidden areas" used by some hard drives. It's possible that they could get wiped or get malware in them, maybe. Or maybe you just want to use every single byte of space.

    
    # show areas:
    sudo hdparm -N /dev/sda
    sudo hdparm --dco-identify /dev/sda
    
    # VERY dangerous:
    sudo hdparm -N pSSSSSSSSSSS /dev/sdx	# remove HPA, set visible area/max sectors to SSSSSSSSSSS
    sudo hdparm --dco-restore /dev/sdx		# attempt reverting the DCO back to factory defaults; may brick the drive
    # Also, GParted has a feature to remove HPA ?  But I don't see it.
    


  • If you forget the login password:

    Note: things differ between encrypted and not-encrypted situations.
    Ubuntu's "LostPassword"
    Mint Guide's "Reset the password for ROOT or any user in Linux Mint"
    Easy Linux tips project's "Forgotten password: how to recover from this in Linux Mint"


  • If your whole disk is LVM/LUKS-encrypted and something goes wrong:

    This really isn't "whole disk" encryption: partition table and boot partition are not encrypted.
    See LUKS encryption section of my Linux Storage page.


  • If you really screw up the system and need to re-install:

    Easy Linux tips project's "How to re-install Linux Mint easily"

    If you're going to re-install, maybe see if there's a BIOS update available from your PC's manufacturer, it's a good time to update. To see the current BIOS version, do "sudo dmidecode -s bios-version".

    There is a firmware service that some vendors use: Linux Vendor Firmware Service.
    Arch Wiki's "fwupd"
    fwupd / fwupd
    gnome-firmware
    "man fwupdmgr" and "fwupdmgr --show-all-devices get-devices" and "fwupdmgr refresh" and "fwupdmgr get-updates"

    Do "/usr/lib/fwupd/fwupdate --help". [Mint, not Ubuntu.] But it seems to be EFI-only, and most a test-tool. fwupdate.1 man page

  • If you forget the password for a ZIP or RAR archive:

    Use fcrackzip or RarCrack.

  • If something is keeping a file/directory open when you want to delete it:

    Use fuser, lsof, lslocks to find out what is keeping the file open.

  • If you're running out of disk space:

    See Clean up space on disk.

  • If you're running out of RAM:

    Run "System Monitor" application.
    Some applications have internal memory-monitor features (Firefox has "about:memory").

  • If your Wi-Fi cuts out every now and then:

    Check power-management settings; maybe something is turning off Wi-Fi when it's been idle for a while, or when battery is low.
    Maybe install TLP.
    Check if same thing happens with wired connection, or on a different LAN, or to other devices on same LAN.
    Turn off all other devices using Wi-Fi on same LAN.

Easy Linux tips project's "Solutions for 27 bugs in Linux Mint 19.1"
Easy Linux tips project's "System hacks for advanced Linux Mint users"

Star Trek Picard: have you tried reversing the polarity of something ?



Performance

+/-
If your performance is bad, or you want to make it better:
  • Run "System Monitor" application to see what is taking up most CPU or RAM.

  • Look in system logs to see if there are errors, or tons of logging by some app.

  • If you have extra RAM, maybe use no swap at all.

  • If you have extra RAM, maybe put temp filesystems in RAM. Check typical sizes with "watch sudo du -hs /var/tmp /tmp". Edit /etc/fstab to add:
    
    tmpfs  /tmp      tmpfs  noatime,nodiratime,nodev,nosuid,mode=1777,size=1G,defaults  0  0
    tmpfs  /var/crash  tmpfs  noatime,nodiratime,nodev,nosuid,mode=1777,size=1G,defaults  0  0
    
    Close all apps, use CLI to remove contents of those dirs, then reboot.

    Maybe do same for /home/USERNAME/.cache ? There's around 300 MB of stuff under there.

    Maybe do same for /var/log ? But after a system crash you'd have no logs to look at. I don't do it.

    "echo $TMPDIR" may show another place used for temp files.

  • Probably worth doing: set "noatime" on all mounted physical volumes.
    Jim Hall's "Improve Linux system performance with noatime"

  • Check: CPU governor.
    CPU section

  • Very minor tweak: "grep CRON /var/log/syslog /var/log/syslog.1" to see how often cron jobs are running, maybe dial some of them back. See Cron.

  • If system boot is slow:

    "sudo systemd-analyze"
    "sudo systemd-analyze blame"
    "sudo systemd-analyze critical-chain"
    [But see Thomas Stringer's "Understanding systemd Critical Chains"]
    "journalctl -xp 0..3 -b"
    Look in /etc/fstab for any volumes that don't exist any more.
    Failing login to VPN or connection to network shares ?


  • If system is extremely slow after booting:

    RAM or disk full ?
    Some process taking 100% CPU ?
    Look in system logs for repeated errors.
    Disk: "sudo smartctl -a /dev/sda | less" or "sudo smartctl -a /dev/nvme0n1p2 | less"
    Some driver or hardware problem ? Remove any external or optional hardware.


Run performance tests

before and after big changes (new hardware, new distro):
+/- Phoronix test suite to check performance. Download and extract the test package.

sudo ./install-sh
sudo apt install php-cli php-xml pkg-config

phoronix-test-suite --help
# have to accept some license terms etc

# can run via cli or GUI
# GUI will give a CLI-type interface; type 'quit' to get out

# https://www.phoronix-test-suite.com/documentation/phoronix-test-suite.html

phoronix-test-suite list-available-suites
phoronix-test-suite list-available-tests | less

# I want: simple, few dependencies, run in a few minutes, test CPU RAM disk.

# Best to run tests after a fresh boot, no other apps running.
# Run each test 3 times and average them.

phoronix-test-suite benchmark pts/sysbench
# My 2011 Dell Inspiron N5010 with Kubuntu 20.10:
# (Intel Core i3 370M @ 2.39GHz, 8 GB RAM, 320 GB WD3200BEVT-7 with ext4/LUKS)
# gave CPU 2100, RAM 9.8 M
# My 2021 KDE Slimbook 15 with KDE Neon 5.20.5:
# (AMD Ryzen 7 4800H @ 2.9GHz, 16 GB RAM, 256 GB NVMe SSD with ext4)
# gave CPU 17600, RAM 13.6 M

phoronix-test-suite benchmark pts/leveldb
# My 2011 Dell Inspiron N5010 with Kubuntu 20.10:
# (Intel Core i3 370M @ 2.39GHz, 8 GB RAM, 320 GB WD3200BEVT-7 with ext4/LUKS)
# gave seq fill 12 MB/S, hot read 1.76 usec/op, random read 1.71 usec/op.
# My 2021 KDE Slimbook 15 with KDE Neon 5.20.5:
# (AMD Ryzen 7 4800H @ 2.9GHz, 16 GB RAM, 256 GB NVMe SSD with ext4)
# gave seq fill 23 MB/S, hot read 7 usec/op, random read 7 usec/op.

phoronix-test-suite benchmark pts/fio
# Choose sub-test 3 (sequential read), option 4 (Linux AIO), Buffered, Not Direct,
# 4 KB block size.
# My 2011 Dell Inspiron N5010 with Kubuntu 20.10:
# (Intel Core i3 370M @ 2.39GHz, 8 GB RAM, 320 GB WD3200BEVT-7 with ext4/LUKS)
# gave 48 MB/S.
# My 2021 KDE Slimbook 15 with KDE Neon 5.20.5:
# (AMD Ryzen 7 4800H @ 2.9GHz, 16 GB RAM, 256 GB NVMe SSD with ext4)
# gave 1132 MB/S.

Network test: Speedcheck
My 2011 Dell Inspiron N5010 and 100 mbps chip with Kubuntu 20.10:
Without VPN on 600 mbps service: ping 75 down 95 up 100.
With Windscribe VPN (OpenVPN) on 600 mbps service: ping 80-90 down 55-75 up 45-80.
Without VPN on 100 mbps service: ping 70-80 down 95 up 100.
With Windscribe VPN (OpenVPN) on 100 mbps service: ping 85-125 down 85-90 up 75-80.
My 2021 KDE Slimbook 15 and 1000 Mbps chip with KDE Neon 5.20.5:
Without VPN on 600 mbps service: ping 45-55 down 365-445 up 105-130.
With Windscribe VPN (OpenVPN) on 600 mbps service: ping 65 down 15-20 up 50 [fast.com = 65/120].

Apparently some games, and Steam, will display a "frames per second" as you play the game. You can use this to compare performance before and after changes.




/r/linuxmint
Easy Linux tips project's "Complete starters' guide for Linux Mint"
Linux Mint
community.linuxmint.com's "The Linux Mint User Guide"
community.linuxmint.com's "Tutorials"



Looking at Other Distros:

+/-
Jason Evangelho's "How To Test Drive 200+ Linux Distributions Without Ever Downloading Or Installing Them" (DistroTest.net; for me didn't work in Firefox, worked in ungoogled-chromium)

From someone on reddit 6/2020:
"OpenSUSE lets you try different DEs just by logging out. There's only one distro OpenSUSE and it comes with KDE, Gnome, Xfce, Enlightenment, Mate, LXDE, LXQT, and more."

If you just want a quick look at "tiling" in a DE, on top of GNOME you could try the gTile or zTile extensions, or Regolith.


(On Windows:) Making Live session USB:
+/-
Create a bootable USB with N different ISOs on it: Ventoy (Windows and Linux)
SK's "Create Persistent Bootable USB Using Ventoy In Linux"

(On Linux already:) Making Live session USB:
+/-
Create a bootable USB with N different ISOs on it: Ventoy
(attach USB stick, umount USB, sudo sh Ventoy2Disk.sh -i /dev/sdX, sync, remove USB, attach USB, copy ISO to USB, remove USB, boot from USB).
SK's "Create Persistent Bootable USB Using Ventoy In Linux"

Installed Usb-creator-gtk through Software Manager. Shows up as "USB Image Writer" in the Start menu.

"Startup Disk Creator" app does not support persistence. "Usb-creator-gtk" app is same as "Startup Disk Creator". "USB Image Writer" app works if writing a new ISO to a USB that already contains a bootable image, but no persistence.

I think Startup Disk Creator only accepts Ubuntu derivatives ?

Installed the "experimental CLI" version of Etcher. Ran "sudo ./etcher -d /dev/sdb1 ../debian-live-9.5.0-amd64-lxde.iso". But it says device not found. Read something about maybe using GParted to wipe out the partitions, but I'm not interested.

Installed UNetbootin, via "sudo add-apt-repository ppa:gezakovacs/ppa", "sudo apt update", "sudo apt install unetbootin". "sudo apt install extlinux". Ran "sudo QT_X11_NO_MITSHM=1 /usr/bin/unetbootin". But no matter what I do, my USB's device is not listed in the pull-down. The device is /dev/sdb1, but I either get blank or /dev/sdb2.

Run Disks application (or gnome-disk-utility ?). Select the flash drive, select the first (bootable) partition, click the "gear" icon, select "Restore Partition Image", select your ISO. Works. If the partition is too small for the image, you can delete the partition in Disks, or you might have to do it in GParted. [How to get persistence ?]

Burned Mint 19.1 to USB with persistence: Used 4 GB USB stick. GParted to create an MSDOS partition table, then a 4 GB ext4 primary partition. Use UNetbootin, selected Mint 19.1 ISO that I had downloaded, set "space to preserve information across reboots" to 1024 MB.

Later started using Ventoy, it's the best for installing or (non-persistent) live booting.

Pradeep Kumar's "How to Create Bootable USB Disk / DVD on Ubuntu / Linux Mint"
UNetbootin (supports persistence)
Etcher (no persistence ?)
Ubuntu Wiki's "LiveUsbPendrivePersistent"

Bases for choosing a distro:
  • Amount of support / popularity.
  • Performance / UI speed.
  • Look / UI beauty.
  • Stability.
  • Appropriate for your skill level and intended use.

My quick impressions of other distros, from USB stick or articles:
  • Linux Mint 19 Tara MATE: looks pretty much like Cinnamon does. Did same with the XFCE version, same result. There are some small changes in the Start menu and System Tray and such, but no big obvious differences.
  • Peppermint: Uses Nemo, is based on Ubuntu LTS. GUI looks "rougher" than Mint's GUI, and a little cartoony, but it seems faster, and I like it.
  • Xubuntu 18.10, and I like it, crisp and seems fast.
  • Lubuntu, but didn't like it so much, not as much as Xubuntu.
  • Puppy Xenial: Cute, but UI a little odd, not in the Windows and Mint mold. Distro is some kind of hybrid of Ubuntu and Slackware.
  • Debian LXDE. Acceptable. A lot of apps installed that I don't want. Boot and shutdown show a lot of text going by.
  • Ubuntu: UI not particularly fast and not exciting.
  • Fedora: UI a little clunky-looking, not particularly fast and not exciting.
    If you want the very latest GNOME, you will find it on Fedora.
  • Kubuntu 18.10: crisp; default text editor (Kate) is nice, polished.
  • KDE neon Plasma: ??? A rolling/developer distro.
    From people on reddit 5/2020:
    KDE neon is based on Ubuntu LTS and very similar to Kubuntu. The main difference is it gets KDE packages from KDE themselves. KDE will always be the latest and greatest.

    ...

    I prefer Kubuntu. I've installed KDE Neon twice but after 3-6 months dropped it for something else. Kept finding loads of random things stop working, like Wi-Fi would need me to disconnect and reconnect all the time, and X11 kept crashing. Unless you want to be on the bleeding edge of KDE, another distro might be best.
    KDE Neon is latest KDE on older kernel; Kubuntu is older KDE on newer but stable system.
  • OpenSUSE LXQT: couldn't get into a live session, ISO keeps booting into an installer no matter what I do.
  • I hear that Elementary OS is kind of locked-down, deliberately: it's hard to add packages.
  • I hear good things about Manjaro; I should try it. Fairly bleeding-edge; easier than Arch but less stable than Ubuntu. reddit thread

RenewablePCs' "Which Linux distros are the best?"
Gary Newell's "How To Choose The Best Linux Distro For Your Needs"
It's FOSS's "Explained: Which Ubuntu Version Should I Use?"
Adarsh Verma's "Top 10 Best Linux Distros For 2018 - Ultimate Distro Choosing Guide"
Adarsh Verma's "9 Most Beautiful Linux Distros You Need To Use"
RenewablePCs' "Desktop Environments for Linux"
Distro Chooser
DistroTest.net
Librehunt

Jason Evangelho's "Linux For Beginners: Understanding The Many Versions Of Ubuntu"
Gary Newell's "Ubuntu vs Xubuntu"
Canonical's "Ubuntu flavours"
Canonical's "Derivatives"
Ubuntu forums
Linux Mint Forums

Sense I'm getting from various places: Upgrading Ubuntu from one major release to another often breaks something; better to do a fresh install. But Mint doesn't have that problem, upgrades are smooth.


My experience:
+/-
I'm taking a slow tour of various distros.
Used Mint Cinnamon 19.0-19.3 for about 20 months.
Then Ubuntu GNOME 20.04 for 5 months.
Then Ubuntu MATE 20.04 for 2 months.
Now on Kubuntu 20.10.
Then maybe Red-Hat-family: Fedora GNOME, OpenMandriva Lx (KDE).
Then Arch family: Manjaro KDE, ArcoLinux XFCE, Arch.
Then MX Linux (xfce), OpenSUSE Tumbleweed KDE (Jurix-based), Slackware, Void Linux, Qubes OS, Gentoo, MocaccinoOS, maybe LFS+BLFS.
Then who knows ? Solus Budgie. UbuntuDDE Remix. Bodhi Linux. Debian testing. PCLinuxOS. Clear Linux OS.

[Some other things I could "tour": apps in each category, themes, docks, more.]


[Some people say: keep / and /home on separate partitions, so you can change OS without changing /home. I do differently: one / partition for everything, but back up settings for some key big apps: browsers, email, RSS feed reader, password manager, IDE. When I do a fresh install, I fresh-install the apps, then overwrite their configs with my saved config files.]

[Note: Just before wiping the system is a good time to try some risky new thing you're curious about (e.g. SELinux, resizing a partition, in-place encryption/decryption, new bootloader, reverting system back to some filesystem snapshot, filesystem rebalancing or scrubbing, damage filesystem and then try using a rescue disk). If it borks the system, no problem: you were about to wipe anyway.]


My quick summaries:
Note: I use the stock UI, with little customization. And I value stability and functionality far more than UI.
  • Mint Cinnamon 19: nice UI; sometimes bad handling of bug-reports.
  • Ubuntu GNOME 20.04: broken desktop; UI a bit clunky.
  • Ubuntu MATE 20.04: good.
  • Kubuntu 20.10: good, but Dolphin file-manager bad with smartphone, and there's a system-freeze bug.







Miscellaneous



Gary Newell's "Complete List of Linux Mint 18 Keyboard Shortcuts for Cinnamon"
OSTechNix's "3 Good Alternatives To Man Pages Every Linux User Should Know"
TLDR pages ("simplify the beloved man pages with practical examples")
ManKier ("a collection of man pages, translated ... to semantic HTML5")
"man": in output, /SEARCHTERM to find, n for next match, Shift+n for previous match.
"man -k KEYWORD": list all man pages that relate to KEYWORD.
"apropos KEYWORD": list all man pages that relate to KEYWORD.
"info" (mainly for GNU components).
A bit old, but interesting: Debian Reference's "Chapter 9. System tips"
GNU Project's "All GNU packages"
LeCoupa / bash-cheatsheet.sh
P. Lutus's "How to Use Secure Shell"
KernelNewbies
OverAPI
Debian Reference



Keyboard:

+/-
To change keyboard behavior/mappings, see man pages for setxkbmap and xkeyboard-config. Or on Mint, go to System Settings app, Hardware / Keyboard / Layouts, select a layout [probably English (US)], click Options, click on Caps Lock behavior.



Tweaking/fixing video:

+/-
Definitely back up the config files before you start messing with stuff, it's easy to go wrong.
Check which GPU and which video driver you're using.
Maybe switch between X and Wayland to see which works better.
Maybe try a different compositor (picom ?) on X.
"lspci -nnk | grep -iA2 vga"
"lsmod | grep nouveau"
"sudo dmesg | grep gpu"



Tweaking/fixing audio:

+/- The Well-Tempered Computer's "Linux Audio Architecture"
Venam's "Making Sense of The Audio Stack On Unix"


Definitely back up the config files before you start messing with stuff, it's easy to go wrong.
ArchWiki's "Advanced Linux Sound Architecture / Troubleshooting" Dedoimedo's "Linux audio"
PulseEffects
Gamunu Balagalla's "Enable High Quality Audio on Linux"
"sudo apt install pulseaudio-equalizer"
If speaker device disappears: do "pulseaudio -k"



Tweaking/fixing mouse/trackpad/scrolling/video latency/tearing:

+/-
Definitely back up the config files before you start messing with stuff, it's easy to go wrong.
Check what drivers you are using.
Compare behavior in various apps; maybe change a "smooth scrolling" setting in an app.
For KDE, maybe try kwin-lowlatency package.
Maybe try a different DE, distro, or GPU hardware.



Printing:

+/-
"apt install ink" and then "ink -p usb" to see ink levels in a USB-connected printer.

Apparently HP printers have had great support for Linux for a long time, and open-source drivers; strongly recommended.



Bluetooth:

+/-

# in BIOS, check to see that Bluetooth is available and enabled

sudo rfkill list
sudo rfkill unblock bluetooth
sudo rfkill unblock 1	# another form of the command
sudo rfkill unblock all

sudo service bluetooth status

sudo dmesg | grep -i blue

bluetoothctl	# then type help to see commands

inxi -N

Some of these are old, conflict with each other, may be dangerous:
Ayo Isaiah's "How to Set Up Bluetooth in Linux"
HowtoForge's "How to send sound through Bluetooth on Linux"
Bruce Byfield's "Adding a Bluetooth Speaker to Linux"
Arnab Satapathi's "Linux bluetooth setup with bluez and hcitool"
winterheart / broadcom-bt-firmware
ArchWiki's "Blueman and PulseAudio"

From someone on reddit:
"TLP and/or powertop --auto-tune may put the Bluetooth module into power-saving mode; stop that".

From someone on reddit:
If your built-in Bluetooth doesn't work, disable it and buy a usb receiver for $20 or so.



See what distro/kernel versions you are using:

+/-

cat /etc/lsb-release
cat /etc/upstream-release/lsb-release
cat /etc/debian_version
cat /proc/version



See what CLI commands you use most often:

history | awk '{print $2}' | sort | uniq -c | sort -nr | head -n 10



See if you are using any 32-bit software:

+/-

lsof | grep i386-linux-gnu && echo "Found 32-bit library in use" || echo "No 32-bit library in use"
dpkg -l | grep "^ii" | grep ":i386" && echo "Found 32-bit packages installed" || echo "No 32-bit packages installed"
Jesse Smith's "Checking for 32-bit applications on the operating system"



CPU stuff

+/-
See if your CPU has any vulnerabilities and if mitigations have been implemented:

tail -n +1 /sys/devices/system/cpu/vulnerabilities/*
lscpu
Wikipedia's "Processor Info and Feature Bits"

Test for AMD Ryzen RDRAND bug:

wget https://cdn.arstechnica.net/wp-content/uploads/2019/10/rdrand-test.zip
unzip rdrand-test.zip
./rdrand-test/amd-rdrand-bug

Performance

+/-
Phoronix says edit /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor to set to "performance", but my system doesn't have the lower part of that tree. I did:

sudo bash
sudo echo performance | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor
But it made no difference, and after a reboot they had all been changed to "ondemand".

Steve Scargall's "How To Set Linux CPU Scaling Governor to Max Performance"

Michael Larabel's "The Desktop CPU Security Mitigation Impact On Ubuntu 20.04" (10% perf loss on somewhat-older CPUs)
Leo Chavez's "Disabling Intel and AMD CPU Vulnerability Mitigations in Debian and Ubuntu"
I turned off CPU mitigations, and saw no difference in benchmarks.

Didn't do: "sudo apt-get install cpufrequtils" and "echo 'GOVERNOR="performance"' | sudo tee /etc/default/cpufrequtils"

Did "sudo systemctl disable ondemand" and rebooted. That got rid of Phoronix's "CPU governor is on" warning message, but no change in results. Enabled service again.

In BIOS change "performance profile" from "Silent" to "Balanced".




See if you are using any non-free software:

+/-

sudo apt install vrms
# note: installation creates a monthly cron job !
vrms



Using your Linux box to do penetration-testing of other devices:




Compiling stuff from source:

+/-
LinuxJourney
Chris Hoffman's "How To Compile and Install from Source on Ubuntu"

SK's "An Easy Way To Remove Programs Installed From Source In Linux"
Ubuntu's "CheckInstall"

I don't know how to register a compiled app under apt. But once you've done so, you can create a .deb file from it by using "dpkg-repack". Or:
Debian Packager