Category Archives: Linux

Firewalld breaks libvirt networking on Ubuntu 18.10

After upgrading to Kubuntu 18.10, my virtual machine was no longer able to connect to the Internet. It turned out that this problem had already been reported on Fedora:

Once I changed the firewalld configuration (etc/firewalld/firewalld.conf) to use the iptables backend as suggested in that bug report, the virtual machine could connect to the Internet again.

Power Button on Debian Wheezy with Gnome

I upgraded a desktop machine from Debian Squeeze to Debian Wheezy. After the upgrade, the power button was mapped to a suspend action, instead of a shutdown as in Debian Squeeze.

In order to map the power button to a shutdown action, I had to do the following;
1) Set org.gnome.settings-daemon.plugins.power to 'nothing' by means of dconf (for all users)
2) Add a new section [org.gnome.settings-daemon.plugins.power] with the line button-power='nothing' to /etc/gdm3/greeter.gsettings

Intermittend loss of Wireless on Crunchbang Waldorf

I’ve installed Crunchbang Waldorf on two old laptops; none of them support PAE, and the Crunchbang distribution offered a kernel that didn’t require PAE.

However, both lost the wireless connection every now and then. I noticed a timeout related to IPv6 configuration in syslog (“IP6 addrconf timed out or failed”) and therefore proceeded to disabled IPv6 for the wireless connection in the NetworkManager settings (GUI).

This solved the problem on one of the laptops, but the other laptop was still loosing the wireless connection every now and then (although a lot less frequently).

The syslog showed that the rt2500pci driver had problems transitioning to a requested state (“phy0 -> rt2500pci_set_device_state: Error – Device failed to enter state 1 (-16)”) and subsequently had no more tx buffer space (“phy0 -> rt2x00queue_write_txt_frame: Error – Dropping frame due to full tx queue 0”). I google’d this a bit and found that my hardware was having problems with power management.

The resolution was to disable power management on the wireless interface by means of a NetworkManager script /etc/NetworkManager/dispatcher.d/02-wlan-powersave-off as proposed at

Sandboxed browser on Kubuntu 13.10

I consider it good practice to make your Internet browser run in a sandbox and do whatever possible to make the fences around the sandbox as tight as possible.

Here is an example on how to do this on Kubuntu 13.10. In this example, the Firefox browser will be made to run in sandbox consisting of a virtual machine and AppArmor (based on QEMU/KVM):


sudo aptitude install qemu-kvm libvirt-bin bridge-utils virt-manager spice-client


  1. Download an ISO image of a Linux Distribution (say, Peppermint OS, for example).
  2. Start virt-manager to configure your VM (let’s call it sandboxedbrowser) and install the just downloaded image.
    • Make sure to use spice as display, QXL as video card, kvm64 or kvm32 as CPU model, and AC97 as sound card.
  3. Once installed, run (assuming a Ubuntu derived distribution)
    sudo aptitude install spice-vdagent
    on the guest.
  4. Add /usr/share/X11/xorg.conf.d/09-qxl.conf (assuming an Ubuntu derived guest OS) with the following contents:
    Section "Device"
    Identifier "QXL video"
    Driver "qxl"
    Option "EnableSurfaces" "0"
  5. Shutdown the guest
  6. On the host, modify the bottom of /etc/init/libvert-bin.conf to contain the line “export QEMU_AUDIO_DRV=spice” right before the libvirtd is started. That is, something like the following:
    [ -r /etc/default/libvirt-bin ] && . /etc/default/libvirt-bin
    export QEMU_AUDIO_DRV=spice
    exec /usr/sbin/libvirtd $libvirtd_opts
    end script
  7. Quit virt-manager
  8. restart libvirt:
    sudo /etc/init.d/libvirt-bin restart
  9. Restart the guest OS and use spicec to get access to display, sound, and clipboard of the guest:
    virsh start sandboxedbrowser
    spicec -h -h 5900

The QXL driver seems to be having resource management problems. If you don’t manually modify the Xorg configuration, you’ll eventually have Xorg.0.log filled up with “Out of surface” statements, and the desktop of the guest OS will become very slow and sometimes unresponsive. Step 4 above fixes this.

Step 3 ensures clipboard integration between guest and host. It also improves mouse integration and ensures that the X-session resolution automatically adjusts to the client display resolution. If you’re very paraniod (perhaps worried about accidental leakage of your host clipboard contents), you may want to disable the spice-vdagent (either don’t install it or stop it after booting up the guest).

On a Ubuntu derived guest OS, you may optionally want to enable the Firefox AppArmor profile on the guest (if you’re using Firefox as a browser). The default profile is not very restrictive, however, but it’s better than nothing. I’ve been thinking about writing a more restrictive AppArmor profile for Firefox, but have not been able to get this done, yet.

Sound Lost on Carbon X1 with Kubuntu 13.10

Something is changing the sound settings automatically and sound may all of a sudden no longer be audible. This seems to happen more frequently when a monitor is connected to HDMI/DisplayPort.

I’m still not sure how to reproduce this problem exactly, and I’m also not sure how to make a workaround that will fix the problem every time it occurs. So far, however, it seems that the following may resolve the problem (temporarily):

$ pulseaudio -k
$ rm -rf .config/pulse
$ rm .cache/event-sound-cache.tdb.*
$ pulseaudio --start --log-target=syslog

Then open “Audio and Video Settings – KDE Control Center” and check the settings to make sure you use the following Audio Hardware Setup:

  • Sound card: Built-in Audio
  • Profile: Analog Stereo Duplex
  • Sound Device: Playback (Built-in Audio Analog Stereo)
  • Connector: Speakers

Hopefully, “PulseAudio Server” is now listed under “Device Preference”. Test:

  • Use the test buttons in the KDE Control Center.
  • paplay /usr/share/sounds/alsa/Front_Center.wav

I will have to do a bit more investigation before I can make a bug report that describes a 100% reproducible problem.

Initial installation of Kubuntu 13.10 on Lenovo Carbon X1

Installation went smooth.

USB Ethernet Adapter (Lenovo Model U2L100P-Y1) works out of the box.
WebCam is working.
Buttons for screen brightness working.
Keyboard backlight working.
Media buttons (Speak mute, play/pause, volumen up/down, next, previous) working.

MIC Mute button is not working. This is because KDE 4.11.3 is built on top of Qt 4.8.3 and the XF86AudioMicMute key symbol is only handled in Qt 5.

The fingerprint reader works almost out of the box:
I installed fprintd libpam-fprintd fprint-demo and used fprint_demo to enroll fingerprints. Sadly, an old unresolved KDE bug report is still blocking the final integration with KDE:

After I connected a monitor via HDMI (1920×1080), the mouse cursor all of a sudden started to become very large on the laptop screen. I disabled resolution dependent cursor in System Settings, but then all fonts changed. The loss of default font configuration is a known problem in KDE, which has not been resolved, yet, unfortunately.

I installed firewalld and firewall-applet. I’ve been using ufw earlier on, but firewalld seems attractive due its concept of zones, which integrate well with the NetworkManger. However, as far as I can tell, firewalld doesn’t block unwanted outgoing traffic by default, but this is something I can probably add late by means of firewalld’s “rich rules”.

3G on Carbon X1 with Kubuntu 13.10

IP configuration on the wwan0 interface failed on my Lenovo Carbon X1 with Kubuntu 13.10 (3.11.0-15-generic). The problem seemed to be a due to a kernel change;

I followed the proposal made at the end of the bug report; add
options cdc_ncm prefer_mbim=N
and reboot.

That solved the problem!

And while I was at it, I also added

No reason to have avahi running on an interface towards the Internet.

Grub legacy issues with ext2 resolved

Back in 2006, I was playing around with buildroot on a small personal project I had. This month, I decided to return to that project again, but this time with the latest version of buildroot.

Buildroot has advanced quite a lot since 2006, but it only took little time to get the build environment running again. The only obstacle turned out to be the bootloader – Grub (Grub Legacy, that is). Grub Legacy is no longer under active development (Grub2 has taken its place), but patched versions of the latest release of Grub Legacy (0.97) are still in use; In Buildroot 2010.08 and Ubuntu 10.04, for example. Unfortunately, these versions suffer from two problems:

  1. The code relies on a manual parsing of C var_args in order not to link against the C standard library. This parsing is, however, incompatible with GCC 4.3.5. A segmentation fault therefore occurs.
  2. The code does not handle the ext2 file system correctly. A division by 0 may therefore occur.

I’ve therefore created a patch to buildroot 2010.08 and filed a bug report. The patch is attached to the bug report.