A Fedora 33 Virus?

Several weeks ago Google started popping up their “we’ve noticed suspicious activity” screen and making me respond to a Captcha any time I used them to search something. I try to use Google as little as possible because nobody should be allowed to collect that much information about anyone. Sometimes, when all my other search engines fail I have to go there.

This finally became too annoying. The Google screen also said it through one or more machines on my network were infected. I ran full Norton scans on the Windows machines. Not just a quick scan, full disk scans. I ran whatever flavor of ClamAV each distro had in their repos on all of the Linux machines.

Found on Fedora 33

KlamAV was unable to quarantine. Most likely because I ran as a mere mortal. I opened a terminal, changed to the directory and nuked those two files then rebooted. Google has stopped complaining.

The Weird Part of Fedora Machine Virus

BOINC rack

What’s weird is that machine has been sitting over in the BOINC rack for quite a while. I will use it to look up a part if we are working on something for the shop. I did use it to create the RPM package for my fork of Diamond. That’s kind of it though. I even did most of the editing for the scripts and stuff on my main computer and just walked over to this one to test after pulling from Git again.

Why? Because I have to either stand or sit on a bar stool the entire time. I’m not twenty-something anymore so that bothers my back after a while. When I was jumping through the hoops to write this and most of my other Fedora posts they were mostly stand-up tasks.

My Fedora box was the only machine Clam squawked about. After I deleted those files from the command line and rebooted, Google stopped bitching.

Update: 2021-02-28

It’s now been more than two days. I went from every machine on the network getting a captcha request from Google for every Google search no matter what OS, browser, and adblocker they were using to every machine able to do a Google search.

The Fedora community has been both unfriendly and unhelpful. The mere mention of their beloved OS possibly having a virus has them racing to flag all posts as “unacceptable.” Even went so far as to mark the problem solved while making jokes about wearing masks and washing hands. The problem isn’t “solved.”

I’ve worked with some real assholes in my life. The joking about computer viruses and wearing masks was the last straw. The entire Fedora community sounds just like Donald Trump. Deny, deny, deny, deny.

See no Evil, hear no evil, speak no evil

Linux is not immune to viruses. It is less prone. Yes, I lump most forms of malware, including “bots” into “virus” when speaking. Code you didn’t want or knowingly install doing evil things on/with your computer. Bots get used for all sorts of activities, the most publicly known of which is probably DDoS attacks. Thousands or millions of infected machines all hitting the same Web site or IP address repeatedly at the same time.

These attitudes are really shocking. The Unix/Linux world has a looooong history of being penetrated. For decades I heard/read hackers chanting the mantra “If it has a Guest account I’m God!” The Unix/Linux community went into Donald Trump mode.

Fedora Community Response to Viruses

Guess what? The world was finally told one of the ways they did it. Shellshock was a Bash shell bug they were exploiting for over 25 years.

Assholes Joking About Masks and Washing Hands

A good friend and former co-worker has buried two brothers, two sisters, and an aunt. They were all grown adults living in their own places, most in different states. I buried my own father in October after being locked out of the nursing home due to justifiable pandemic restrictions for most of the last year of his life.

You’re just a (&)(*&()*ing asshole when you won’t wear a mask or wash your hands.

The English language doesn’t have a word to describe joking about it in a support forum.

Given the Fedora Community Response

Given the Fedora community response, I will never trust a RedHat based distro. I will also never professionally recommend a RedHat based distro. Linux is not immune, it does get targeted.

https://www.imperva.com/learn/ddos/botnet-ddos/

BillGates malware

Y’all need to be installing and running antivirus.

March 10, 2021 update

Since nuking those files I’ve re-installed Mozilla Firefox on all machines, set privacy/security to highest settings, and installed a different adblocker on Firefox. A great many were trying to point the finger at Firefox blocking all tracking information as to the reason Google was spitting up those screens.

I’m still writing, still looking things up, and still not getting those Google “suspicious activity” screens. Yes, Firefox is my default browser again.

I wiped that machine and installed MX Linux on it. If I need to build more RPMs with Fedora it will be from a VM that lives only long enough to create the package then gets deleted. Simply can’t trust the distro given the community response.

Linux Distros That Suck at Multiple Hard Drives

Some Linux distros really suck at dealing with multiple hard drives. Too many “maintainers” only have a laptop.

Background

You need a wee bit of background before we jump in. Hopefully you can see the featured image. Recently picked up this Lenovo M93p ThinkCentre from eBay. I specifically bought an M93p instead of M83 because I wanted two hard drives. I had a 480 GB SSD I wanted to transfer the Windows 10 over to and I had a 6TB Western Digital Black I wanted to use for the other operating systems.

Why did I buy this particular M93p?

Lenovo M93p Ports

I actually added the PS/2 ports today. The little cable showed up to do that. It already had both serial ports, wifi, and the NVIDIA add-on video card. If your eyes are real good you will notice that on the other side of that Wifi antenna is a parallel port.

Software engineers need a lot of ports. If book sales start picking up I may even have to break down and buy another dot matrix printer to print shipping labels with. Yes, parallel port dot matrix printers are still made. You can buy them from newegg.com today. There are lots of legal requirements to print with impact printers on multi-part forms in various shipping and transport industries. They also do a more economic and reliable job on mailing labels . . . if you buy the right one . . . and you have the proper printer stand.

Printer stand back

The best ones from days of old have both a center feed slot and a rear feed slot to accommodate either type of printer. Long time readers of this blog will remember I started work on a Qt and USB series and then life got in the way. That was all USB serial ports talking to real serial ports. My Raspberry Qt series also involved quite a bit of serial port work. My How Far We’ve Come series also involved quite a bit of serial port stuff as well.

Putting it mildly, I still do a fair bit of serial port work from time to time. If I get done with RedDiamond and RedBug without life getting in the way I’m going to start a new post series using CopperSpice and serial ports. The makers of Qt have honked off their installed base with the new “subscription licensing” for Qt 6.x and beyond. Even more honkable, if that is possible, is the chatter that they are trying to license the OpenSource QtCreator as well. Yeah, people are making a hasty exit from the Qt world and many are headed to CopperSpice.

Sadly Needed Windows

Unlike every other machine in this office, I needed to have Windows on this machine. There is some stuff coming up that will require it. There is no way in Hell I was going to try writing my serial port code using Linux in a VM. I may edit it there, but testing is a completely different story.

You’ve never spent days trying to track down why some characters don’t get through. Worse yet, the serial port just “stops working.” After you do a bunch of digging you find that someone baked in some super secret control strings to do special things in the interface driver of the VM. Nothing nefarious. Usually to support “remoting in” via cable connection.

Boot Managers

In the days of DOS and GUI DOS that Microsoft insisted on calling Windows, this was no big deal. BootMagic and about a dozen other competitors existed to help Noobies and seasoned pros alike install multiple operating systems onto the same computer. Honestly, I can’t even remember all of the different products that had a brief life helping with this very task.

OS/2 had Boot Manager backed in. Those of us needing to develop for multiple operating systems usually ran OS/2 as our primary. It just made life so much easier.

Early floppy based Linux distributions came with Lilo. It was generally pretty good at realizing Linux wasn’t going to be on the primary disk. SCSI controllers could support six drives and distributions were different enough you had to boot and build on each.

Grub

Later many distros went with Grub. To this day Grub has issues. The biggest issue is that each Linux distro adopts new versions of Grub at their own pace and Grub has a bit of history when it comes to releasing incompatible versions.

Adding insult to injury is the fact many Linux distros like to hide files Grub needs in different places. When you run your distros version of “update-grub” (as it is called in Ubuntu) it has to be a real good guesser when it wants to add a Grub menu line for a different distro.

Your second fatal injury happens during updates. Say you have an RPM based distro but have Ubuntu as the primary Grub OS. When your RPM based distro updates and changes the boot options for its own Grub menu entry in its own little world it has no way of informing the Grub that is actually going to attempt booting. Sometimes an “update-grub” will fix it and sometimes it won’t. A bit heavier on won’t that will.

Drives got too big

That’s the real problem. During the SCSI days when 80MEG was a whopper we put each OS on its own disk and just changed the boot device. That was our “boot manager.” Every OS existed in its own little universe.

As drives got bigger various “boot manager” type products could play games with MBR based partitions. Only one partition could be “active” so a tiny little boot manager got stuff into the MBR and it changed the active partition to match the requested OS.

Cheap but effective trick as long as you didn’t need more than four partitions. Only a primary partition could be flagged for active booting. Lilo and the other Linux boot managers started allowing Linux distros to boot from Extended partitions.

Today we have GPT and UEFI

I’m not intimate with how these work. The Unified Extensible Firmware Interface (UEFI) created the spec for GUID Partition Table (GPT). {A GUID is a Globally Unique Identifier for those who don’t know. That’s really more than you need to know.}

Theoretically we can have an unlimited number of partitions but Microsoft and Windows have capped support at 128. The UEFI should be replacing Grub, Lilo, and all of these other “boot manager” type techniques.

We shouldn’t have all of these problems

As you install each OS it should obtain its partition GUID then find the boot device and locate the UEFI partition on it. Then it should look for a matching GUID to update and if not found, create an entry. There is a spec so every entry should be following the same rules.

(If you read up on the OS/2 boot manager you will see that from the 10,000 foot level UEFI and the OS/2 boot manager conceptually have a lot in common.)

When any computer boots from UEFI and there are multiple operating systems in the UEFI partition, UEFI should show the menu and let the user select. This should all be in hardware and firmware now. We shouldn’t have Microsoft trying to lock us into their buggy insecure OS and Linux distros shouldn’t be trying to ham-fist Grub into UEFI.

The Split

I wanted all Linux distros to boot from the 6TB drive. I wanted Windows and UEFI to stay on the tiny SSD. This isn’t unreasonable. As all of the background should tell you, I’ve been doing things like this for decades. I did not want to try and stuff everything on the 6TB.

Each Linux distro would get 500 GB – 800 GB depending on how much I thought I would be doing in them. This means I should be able to put up to 12 different distros on the drive.

That may sound like a lot, but it’s not. You’ve never written code that worked perfectly on a Ubuntu LTS and failed rather bad on some of the YABUs supposedly using that LTS as their base . . . I have. The only way to know things for certain is to have a bunch of test systems. When you are testing serial port (or other device stuff) you need to be running on hardware, not in a VM.

Manjaro was the first failure

Manjaro kernel 5.9.16-1 was actually a double failure. I have this distro running on a pair of machines, but it is the only OS on them. Rather like what they’ve done with the KDE desktop. I rather hate the fact PostgreSQL cannot access the /tmp directory bulk import to restore a database doesn’t work on that platform. There are a few other odd Manjaro bugs as well.

I wanted to do some pacman packaging and some testing of the future serial port code in CopperSpice on Manjaro so it was first on the list. It booted fast and seemed to install clean. Rebooted the computer and boom, Windows came up. Navigated to the Advanced Settings under Settings in Control panel and tried to switch the boot OS. Boom! Windows is the only entry.

(*&^)(*&)(*

Let’s Install Ubuntu!

I had real dread when I reached for Ubuntu. That installer has had a lot of assumptions baked into it over the years. I was pleasantly surprised and slightly disturbed.

Installation went smooth and when I rebooted I was greeted with a Grub menu. Both Windows and Manjaro were on the Grub menu, but, should we really be seeing Grub on a UEFI system with multiple operating systems? Shouldn’t there be a UEFI menu that just has an entry for Ubuntu and when you select Ubuntu shouldn’t that be when you see a Ubuntu Grub menu?

Let’s See if Manjaro Boots Now!

Once I verified Ubuntu could boot and apply updates I rebooted and selected Manjaro. That’s as far as you get. The Lenovo logo stays on the screen and nothing else happens. HP owners have the same problem according to Reddit.

Fedora 33 Was Next

The Fedora installer was the worst of the lot. If you chose the second drive via one of the manual methods, it looked for a UEFI partition on that drive. It wasn’t smart enough to determine what the boot device was and go look there. You couldn’t get out of the screen either. There was no back or cancel, you had to power down.

Summary

Manjaro at least tried to install. It failed to create anything in the UEFI partition of the boot disk and it failed to show any error with respect to UEFI creation failure. It refuses to boot from the entry Ubuntu created for it in Grub. Double failure. I suspect this is due to a combination of super secret stuff needed on the menu entry, Manjaro using a different version of Grub, and Manjaro potentially hiding the files in a place Ubuntu doesn’t know to look.

Fedora failed to get out of the starting blocks. That graphical installer needs a whole lot of work!

Ubuntu worked despite my expectations of abject failure.

Just because Ubuntu worked doesn’t mean every YABU will. Most tend to write their own installers. If the developer working on the installer only has a laptop, they are going to take unreasonable shortcuts.

Related posts:

Fedora 33 Black Screen Again

How to Install PostgreSQL on Fedora 33

Fedora 32 – Black Screen After Login

Fedora 33 Black Screen Again

Fedora and Nvidia. We can one day hope Fedora actually tests with Nvidia at some point in the future. For RPM based distros I just don’t hold out hope.

Few things piss me off more than being notified I need to apply updates only to find a busted system on reboot. Fedora is notorious for this. RPM based distros in general have this “never test it” problem, especially when it comes to NVIDIA. They always try to point the finger at NVIDIA and it is always the distro’s fault.

I have multiple machines running Manjaro, an ARCH based distro that have no problems. ARCH is far more bleeding edge than RPM. The difference is these distros actually bother to test, at least from a compile and install standpoint.

This is almost as bad as the Fedora 32 problem. For the purposes of this article we will assume you had the Fedora 32 problem and now have your NVidia 450 driver in your Downloads directory.

First thing you have to is hit <Alt><Ctrl><F2>. This will change you to a terminal login screen where you can actually login. Yes child, the mouse is now an ornament.

You hope that even though you installed your NVIDIA driver via DKMS that was supposed to build it every upgrade somehow that step just got missed. You CD to Downloads and ./NVIDIA-Linux-x86_64-450.66.run (using whatever filename you actually have of course.) You answer a few questions and hope for the best.

NVIDIA build failure

This is something the much praised CI (continuous integration) development model should have caught. Pure and simple, this won’t compile.

Finding the Fedora and NVIDIA Solution

Keep in mind this is only a temporary solution. The Fedora team will break this again.

I will save you a lot of trouble. You can find the 460 driver here. Click on the “Supported Products” tab and make sure your card is on it, then download it.

Now, that statement assumes you will be downloading from another machine. You could be “old school” and install one of these terminal browsers. Really disappointed with that list. I have an upcoming book on Emacs for my geek book series and it covers the Emacs Web browser.

So, we will assume you are either fortunate enough to have a friend or smart enough to have another machine handy. You download the new driver, copy it to a thumb drive, then what? The GUI always handled that mounting thing for you.

Kingston Data Traveler

I’ve used that old silver stick enough to know that it is a Kingston Data Traveler. The GUI is not going to auto-mount though, so we have to do a bit of digging.

fdisk -l output
sudo fdisk -l

That is the letter lowercase l and not the digit one. Don’t get lured into a mistake with this output. The physical device is /dev/sdc. The partition we are going to mount is /dev/sdc1. Your device and partition may well be different.

Next we have to make a place to mount this device. Mount it. Then copy the file to our Downloads directory so we can run it and have it on the target machine.

sudo mkdir /media/usb_1
sudo mount /dev/sdc1 /media/usb_1
cd /media/usb_1
cp NVIDIA-Linux-x86_64-460.32.03.run ~/Downloads

Running it is much like running the previous 450 documented in this post. Once it builds and installs successfully you have one final command.

sudo reboot now

Fedora 33 will now work until the next untested update.

Related posts:

How to Install PostgreSQL on Fedora 33

Fedora 32 – Black Screen After Login

Linux Distros That Suck at Multiple Hard Drives

CopperSpice Experiments – Pt. 18 – The Pull Request

It has been a very long time coming, life kept getting in the way here, but my Diamond editor changes are ready for pull. For those who don’t give a rat’s behind about the pull request, here are the new packages. These are not official. I have tested these Diamond editor packages in bare installs of said operating systems. For Ubuntu installs you need to use the Software Installer, not dpkg from the command line because dpkg won’t install dependencies.

Note: I don’t remember if I fixed it or not. If you have an existing diamond config, sometimes the only theme you get is the one you had. Just rename your config file before installing. There aren’t that many settings.

Packages

45 Downloads

46 Downloads

64 Downloads

Package Creation

Yes, we now have both RPM and Debian creation.

shell scripts
Shell scripts

build-diamond-deb.sh checks for a Debian based distro then does everything necessary for a full build of source to create a Debian package. One of the things it does up front is run Artistic Style on the src directory.

artistic style control file
Artistic Style control file

When the shell scripts run they use this configuration file. The same configuration file is run when you choose to execute Astyle from within Diamond if you are editing in the src (or any sub-directory.) The Artistic Style command looks first in your local directory then in the project root and I forget where else.

If multiple developers will work in a code base a method of enforcing common style so things are readable is needed. Artistic Style works well in most of the shops I’m at.

The astyle-diamond.sh is really just a helper.

#!/bin/sh
#
astyle -n src/*.cpp src/*.h
#

build-diamond-rpm.sh does the same thing for RPM creation. It checks for a RedHat based distro and checks to ensure rpmdevtools has been installed.

Both packaging scripts dump the diamond tree into /opt/diamond. The .desktop file is copied to the appropriate location and a symbolic link is created in the appropriate directory so one can type diamond at the command line and have it run no matter what directory the user is in.

The third digit of a release really should no longer be allowed to be a zero. It has to do with RPM packaging viewing that as the “build number.” Most counting systems don’t start at zero.

Summary of changes

The summary at this post is still pretty accurate. Life has just been in the way and I have been focused on getting the packing done. Probably best to install one of the packages to kick the tires.

For “Why EDT?” Read this post.

For “Why Themes?” Read this post. If you don’t want to read the entire post I will include the ending paragraph here.

Do you know why Betty Crocker cake mix crushed the competition despite there being dozens of other brands on the shelf?

This was the days when women actually called themselves a “House Wife” and were proud of it. All of those other cake mixes were “instant.” You just added water and put them in the oven. With Betty Crocker you added an egg. Adding an egg crossed the psychological barrier and the conscientious house wife could honestly say “Yes, I baked it myself.” Adding an egg made it not instant and therefore okay. Instant is what the bad wives did and you would never find them featured in Good Housekeeping.

Putting in place the groundwork for community themes is the text editor equivalent of “adding an egg.” Allowing users to create plug-ins is the text editor equivalent of allowing too many cooks into the kitchen. That’s a condition Emacs suffers quite badly from now. Most of the plug-ins conflict horribly or cause random oddities in unrelated plug-ins. With every plug-in you install it is like tap dancing in a mine field.

Some of the other things off the top of my head:

  • Data needed by more than one class/object is now in a singleton named Overlord. Settings, options, themes, syntax highlighting, etc. are all in Overlord.
  • Default font is now Monospace. It will still do Courier if it cannot find Monospace. I forget the rest of the fallback patterns. Monospace is everywhere in a post-Java world. It also tends to be far more legible than Courier.
  • Can now preload syntax highlight files in Overlord. Editor instances no longer load themes directly. They reference them from overlord so the editor isn’t continually parsing JSON. On slow I/O machines that is significant overhead.
  • Lots of source code consolidation. One Class One Source File has been introduced into the code base so methods could be easily found.
  • Astyle on Save can now be turned on. One can also Astyle the document they are editing. All of this assumes you actually have Astyle installed on the machine.
  • Backup versions with a central backup directory like Emacs using Emacs style naming. Unlike Emacs we can also browse backup versions and open them in ReadOnly mode. Options allows you to enable backups and to set the maximum number for each file. Backups are created on each and every save. Older backup files purged off.
What backups look like in dialog
  • F12 can send Backspace just like a real VT terminal
  • One of the many benefits coming from EDT is that we can now append many cut/copy segments into the system clipboard. To be able to verify this I added a clipboard viewer as well.
  • All dictionaries are now deployed with package/install. Dictionary dialog as well as handling still needs a bit of re-architecting. It should just be keeping a reference to the primary language dictionary, not a copy of it. Because of the way it works now you still can’t “switch” dictionaries without manually copying them into the .config/diamond directory.

Developer documentation

A completely new directory tree within the project named dev_doc. It is a place to store RTF formatted developer documentation as well as hand holding tutorials for noobs and non-developers alike. Files “Getting-Started.rtf” and “Rules-and-Goals.rtf” are living documents that will evolve as the project evolves. “Getting-Started.rtf” includes many ways for noobs and non-developers to contribute in a very meaningful way right out of the gate. They don’t have to know a single thing about C++ or CopperSpice.

The OS_setup directory includes step-by-step instructions for setting up both development and test virtual machines under Oracle Virtualbox. This makes the project far more accessible to non-experts and an OpenSource editor should never be an expert-friendly project. There are far too many of those projects already.

Probably forgot hundreds of other little things. Now is the time to see if this was going to be rolled into the base Diamond project or if it would have to be forked into its own project. The instructions I have for snap creation were rather repository specific. Did not want to go down that rabbit hole if things were going to need a different project name.

No matter which way this goes, the next set of changes will make these look small. Need to have a solid baseline either as part of Diamond or a new project before doing them.

<Previous-part