Category Archives: Linux

Debian 12 on a 2-drive NUC

Posted by on 2023/07/14 No comments

After my relative success with Debian 12 on my Hades Canyon I decided to install Debian 12 on an older NUC as well, the NUC D54250WYKH with an i5-4250U. The nice thing with this NUC is that it both has an mSATA slot and room for a good old 2.5-inch drive. So I have:

  • 1 TB 5400 rpm HDD
  • 240 GB SSD

The annoying thing is that the BIOS/UEFI only wants to boot from the SATA drive, and the SATA drive shows up first in Linux. The easy way for me to install this computer would be

  • 240 GB SSD: /, /boot, /swap, /home
  • 1000 GB HDD: /home/sync (for syncthing data)

I could do a simple guided-encrypted-lvm-all-drive on the 240 GB, and a single encrypted partition on 1TB. But Debian 12 installation fails when it comes to installing GRUB, and the installed system does not boot.

Using LVM to make a logical volume spanning a small fast SSD and a large slow HDD makes no sense.

Partitioning in Debian

There is a guided option and a manual option to do Partitioning in Debian. I feel neither is good for me.

  • Guided: fails to lay out things easily on the two drives in a way that works
  • Manual: honestly, too complicated, particularly:
    • LVM and encryption hide few details, requires many steps, and hard to undo half-way
    • I understood that LILO needed to go the beginning of the drive BIOS was set to boot, and that LILO needed to see /boot (whether its own partition or root). However, with GRUB and UEFI, there are two separate extra partitions (/boot and some FAT-partition I think) and I am not allowed to control where the GRUB code goes (if anywhere). So I do not dare to set up this manually.

To make things worse (admittedly, I used the minimal.iso Debian installer which pulls things over the network to make things slower), when restarting the computer/installer there are quite many steps until my drives are detected and I can even erase partition tables and start over.

What I did

After two failed installation attempts, and several more restarts of the installer, I found a working solution.

I first erased all traces of partitions and boot code on both drives to be on the safe side. /dev/sda is the installation media.

  1. # dd if=/dev/zero of=/dev/sdb bs=1024 count=10240
  2. # dd if=/dev/zero of=/dev/sdc bs=1024 count=10240
  3. Guided non encrypted setup of 1000 TB drive, with separate /home
  4. I didn’t even install X/Gnome this time to save time

This gave me working computer that makes no use of my SSD. As root on the console I did:

  1. Backup the home directory of my non-root-user (just in case) to /root
  2. Remove /home from fstab
  3. Restart
  4. install cryptsetup and cryptsetup-run
  5. encrypt /dev/sda4 using cryptsetup (900GB+ HDD partition)
  6. encrypt /dev/sdb1 using cryptsetup (240GB SSD only partition)
  7. add entries to /etc/crypttab:
    sda4enc /dev/sda4
    sdb1enc /dev/sdb1
  8. Restart
  9. Give master encryption password (just once since I used the same)
  10. mkfs.ext4 /dev/mapper/sda4enc
  11. mkfs.ext4 /dev/mapper/sdb1enc
  12. add entries to /etc/fstab
    /dev/sdb1enc /home +options
    /dev/sda4enc /home/sync +options
  13. Restart

The result is almost 100% good. A few comments:

  • swap ended up on slow 1TB HDD, which I am fine with since I have 16GB RAM
  • root filesystem (with /usr, /root, /var, /etc and more) is not encrypted now, but I can live with having only my data (/home, /home/sync) encrypted
  • using cryptsetup/luks directly on partitions, not bothering with LVM, is much more simple
  • with /etc/crypttab and cryptsetup-run, encryption is really simple and understandable

As long as I do not run into something strange with X/Wayland/Gnome and drivers for this old NUC, I think I am good now.

What I would have wanted

I hear people have been fearing the Debian installer, up to Debian 12. I have not feared it in the past, but now I kind of do (after having issues installing two different NUCs the same week).

This is the partitioning experience I would have liked. My input/selections as [ ].

You have three drives with multiple partitions. Select all you want to keep, use as is, or delete:

/dev/sda (Debian installation media)
[KEEP] /dev/sda1 ...
[KEEP] /dev/sda2 ...
[KEEP] /dev/sda3 ...

/dev/sdb (1000 GB HITACHI)
[DELETE] /dev/sdb1  200 GB NTFS
[DELETE] /dev/sdb2  750 GB ext4
[/mnt/backup] /dev/sdb3 50 GB (just an example of something to keep

/dev/sdc (240 GB SAMSUNG)
[DELETE] /dev/sdc1  500MB FAT
[DELETE] /dev/sdc2  400MB ext2
[DELETE] /dev/sdc3  239GB ext4

With that out of the way, I would like Debian to ask me:

What device should contain 2 small partitions for boot purposes?
[X] /dev/sdb  -- 950 GB free
[ ] /dev/sdc  -- 240 GB free

Where do you want swap partitions, and what size?
[      ] /dev/sdb -- 950 GB free
[ 16GB ] /dev/sdc -- 240 GB free

Where do you want /, and what size
[      ] /dev/sdb -- 950 GB free
[ 30GB ] /dev/scd -- 224 GB free

Do you want a separate /home, and what size
[       ] /dev/sdb -- 950 GB free
[ 194GB ] /dev/scd -- 194 GB free

Do you want a separate /var, and what size
[       ] /dev/sdb -- 950 GB free
[       ] /dev/scd --   0 GB free

Do you want to set up extra non-standard mounts?
[ 950GB ] [ /home/sync ] /dev/sdb -- 950 GB free

Now it is time to choose encryption and format options:

UEFI-BOOT    500MB   [ FAT ]
/boot        500MB   [ ext2 ]
/             30GB   [ ext4 + encrypt ]
/home        194GB   [ ext4 + encrypt ]
/home/sync   950GB   [ ext4 + encrypt ]
/mnt/backup   50GB   [ KEEP ]

Finally, choose encryption password (the same, or separate).

This would have been a much better experience for me. I understand there can be more cases:

  • Computers with multiple disks may want to use LVM for to make logical volumes spanning several physical volumes. That would probably be a question between (1) and (2) above.
  • Multiple filesystems could live on a common encrypted volume, with a common encryption key, making use of LVM. That could be a question in the end:
    /usr and /var are on the same disk, do you want them to share encryption key on a common volume

Summary

I would guess that the use cases are:

  • 80% Simple 1-drive computers (Guided, automatic, defaults)
  • 10% Multi-disk servers with specific requirements (Manual, expert mode)
  • 10% 2-3 drive computers (not well supported today with Debian 12)

I am just making 80/10/10 up, of course. The unsupported 10% can be made up of:

  • Laptops or desktops that come with a small SSD and a large HDD (it happens)
  • Desktop computers with extra drives installed
  • Simple servers

Perhaps in Debian 13!

Debian 12 on Hades Canyon NUC

Posted by on 2023/07/09 1 comment

I have a Hades Canyon NUC (NUC8i7HVK) that I have been running Ubuntu and later Fedora on. Ubuntu has been fine for years but I didn’t want Snap (especially not for Firefox) so I tried out Fedora and that was also fine.

I realize that I did not leave Ubuntu because I did not want to have Snap, I left it because I want 100% apt. So in the long run I feel a bit alienated with Fedora and with Debian 12 out and getting good reviews I thought about giving it a try.

This desktop computer is a bit like your typical laptop when it comes to Linux, not sure everything works out of the box. I used to struggle a bit with Bluetooth and Audio, but I don’t do those things on this machine anymore. Ubuntu and Fedora are kind of already configured with proprietary non-free drivers for this NUC, but Debian is not.

TLDR

I am running Debian 12 now, installed from the “minimal.iso” debian image, and with a number of extra packages installed. The InstallingDebianOn-page for this machine is ok. All I actually did was to add non-free and contrib to sources.list and install the extra packages recommended:

I have done no extra configuration or tweaking on Debian 12, but I am not using Audio-IN, Bluetooth or Wifi so I have not tested.

Broken Live Image

I didn’t throw Fedora 38 out without doing some testing first, so I downloaded the Live image for Debian 12 and successfully tried it. Then I installed Debian 12 from the Live image (choosing install immediately at the Grub menu), which was 99% successful. But it left some Raspberry-Pi packages and some stuff in /boot, resulting in that apt could not finish rebuilding the ramdisk. Computer started, but error remained. I searched on forums, it is a known problem with the Live image, there are solutions and when I tried I just got more errors. So I ended up reinstalling Debian 12 from scratch.

minimal.iso

I downloaded the minimal.iso, convenient so I did not have to use a large USB-key, and installed from it. What a nice text/curses based installation! Then I got a non booting system!

I had to disable “Intel IGD” (I think that was how it was called) in “BIOS” (it is not BIOS anymore), becuase this machine has an Intel GPU that is not connected to any output, and with this rudimentary Debian install, somehow the system would not start.

When that was done, and I started Debian and logged in, Gnome (and neofetch I presume) reported GPU=Software. I could watch Youtube with high CPU load. That was when I installed the extra packages listed above, and since then I have been happy.

Conclusion

Debian 12 is fine on Hades Canyon NUC8i7HVK. The InstallingDebianOn-page linked above tells you more than you need. It was written from Debian 10.7.

On RHEL and downstream clones

Posted by on 2023/07/01 No comments

I have been using Linux, being fascinated with Linux, since 1997. It makes me sad to see the current situation with RHEL, Alma and Rocky.

I have since long been a user of Debian and different versions of Ubuntu. Recently I have switched to Fedora on my workstations because I don’t appreciate Snap in Ubuntu.

I think Linux, how it is delivered, compared to Windows, has two advantages (apart from price):

  • Everyone can use the same version of Linux (I don’t have arbitrary limitations on my Home computer compared to my Professional computer, or my Server computer)
  • Anyone can make their own flavour (with KDE, for Gaming, for sound engineers, for servers, without systemd, for network routers and firewalls)

To me, this is about economy. Not purchase price, but about not doing the same work over and over again, on different computers, in different projects, or in different organisations. This is about maximising synergy, and minimising waste.

RHEL

RHEL is, from my perspective, about

  • Not everyone can use the same version of Linux (because RHEL is dominant but not for everyone)
  • Since last weeks, nobody should make their own flavours of RHEL

I understand it makes sense from a corporate perspective, but it makes less sense from a holistic Linux perspective. But this was kind of true for RHEL even before last weeks shutting off patches downstream.

To me, RHEL is less free, in lack of a better word. I can have it for 0 USD, I can get the source under GPL, but it still comes with strings attached that I rather don’t have.

Alma and Rocky

I have occasionally logged in to a RHEL computer but I have never done anything with Alma or Rocky. I understand if you technically want RHEL but you do not want a relationship with Red Hat, Alma or Rocky solves that. And perhaps RHEL (or Alma or Rocky) is more fit-for-purpose for you than any alternative (like Debian or Ubuntu).

I always refused to use pirated Windows because I argued that even if I pay Microsoft nothing, I am still supporting their entire ecosystem, not helping things to get better. To me, Alma and Rocky are not pirated versions of RHEL (of course not). But to me, they also do not contribute to making RHEL or any other Linux system better. And they do not make the REAL alternatives to RHEL any more viable, while supporting the RHEL ecosystem. They are just community effort to duplicate work, and from my perspective that effort could have been used for something better (like Debian – if you want free Linux).

Fedora -> CentOS Stream -> RHEL -> Clones

I kind of agree with the Red Hat position, that supporting Fedora and CentOS Stream, upstream, is their best way of serving the community. And that the clones themselves add nothing.

To me Fedora and CentOS Stream makes more sense and have more appeal, than Alma and Rocky. But I don’t need to run some enterprise applications so perhaps I do not understand.

Red Hat business model

As I understand it (and I just run Debian on my servers, so I may not know) Canonical has free download available for all versions of Ubuntu (also enterprise server versions that compete with RHEL). But you can pay for support if you want.

If Red Hat did the same, Alma and Rocky would disappear. Or they would turn into niche variants/remixes of RHEL. I have seen other places in the open source world where you need to pay for extended support, which seems to be what RHEL and the cost of RHEL is much about.

I read that Red Hat realised that customers had 1 paid RHEL computer, and 999 CentOS computers, and the support was always for the RHEL computer. That was why Red Hat moved CentOS upstream. Perhaps that was the wrong move to increase customer RHEL support loyalty, and perhaps this late move of Red Hat is also the wrong move for the same old problem.

Conclusion

Alma and Rocky exist only because Red Hat and RHEL comes with strings attached that many people do not want in the Linux world. However, there were still strings, and now Red Hat pulls them.

There are only two good solutions:

  1. Red Hat understands the real need for no strings attached
  2. People understand to move away from RHEL entirely, and truly support the real alternatives

I hope for any of these. Not for a RHEL-Alma-Rocky conflict situation.

Oracle Free Compute Instance: Incoming TCP

Posted by on 2023/06/18 No comments

I learnt that Oracle is offering a few free virtual machines to individuals. There are few strings attached and the machines available are quite potent. Search for Oracle always free compute instance.

The very basics are:

  • 1 CPU AMD or 1-4 CPU ARM
  • 1 GB RAM (AMD) or up to 6 GB RAM (ARM)
  • 47 GB of Storage
  • 10 TB of network traffic per month
  • Choice of Linux distribution (Fedora, Alma, Ubuntu, Oracle, not Debian) with custom image options.

Setting up a virtual machine is quite straight forward (although there are many options). At one point you download ssh-keys to connect. You save them in .ssh and connect like (username is different for non-ubuntu distributions):

$ ls ./ssh
my-free-oracle.key my-free-oracle.key.pub

$ ssh -i ./ssh/my-free-oracle.key ubuntu@<IP ADDRESS>

That was all very good and easy, but then I wanted to open up for incoming traffic…

Incoming traffic is very easy!

The Oracle cloud platform is rather complex. There are many different things you can configure that are related to traffic. What you need to configure is:

  • Virtual Cloud Network -> Security List -> Add Ingress Rule
  • Configure linux firewall
    On ubuntu for proof of concept: $ sudo iptables -F INPUT

If you set up apache and add an ingress rule for port 80 as above, you shall have a working web server.

What I did

In my defence, when something does not work and you see a number of possible problems, it is hard to locate which problem you have. In the end, there could have been a checkbox in my Oracle Profile to agreeing on some terms to allow incoming traffic, and all other configuration would have been in vain. That was how it felt. What, in the end, is not needed to create or configure, are:

  • Load Balancer
  • Network Load Balancer
  • Custom route tables
  • Network security group
  • Service Gateways

The Oracle Cloud infrastructure GUI is both complex and slow, and at some point I started wondering if I should wait a few minutes for a setting to take effect (no – it is quite instant).

I made the mistake of starting with Oracle Linux, which I have never used before, so the number of possible faults in my head was even higher. I have not been playing with linux firewalls for a few years, I started looking at UFW for Ubuntu, got all confused and it wasn’t until I started looking into iptables directly things worked.

I think, my machine is in what Oracle calls a virtual network with only my own machines, and Oracle provides firewall rules (Security List, mentioned above), so I quite don’t see the need for having restrictive iptables settings on the virtual machine itself.

Improving performance with mitigations=off

Posted by on 2023/02/05 No comments

I became aware that Spectre and Meltdown kernel mitigations could be turned off in Linux. I decided to give it a try.

DISCLAIMER & WARNING
You are making your system vulnerable to known types of attacks for marginal performance gains. I do not suggest or recommend it.

I am not explaining what the vulnerabilities are, and in what cases it would make sense to leave them open. My CPU is (selected lines from lscpu):

$ lscpu             GenuineIntel
  Model name:            Intel(R) Core(TM) i7-8809G CPU @ 3.10GHz

Vulnerabilities:         
  Itlb multihit:         KVM: Mitigation: VMX disabled
  L1tf:                  Mitigation; PTE Inversion; VMX conditional cache flushe
                         s, SMT vulnerable
  Mds:                   Mitigation; Clear CPU buffers; SMT vulnerable
  Meltdown:              Mitigation; PTI
  Mmio stale data:       Mitigation; Clear CPU buffers; SMT vulnerable
  Retbleed:              Mitigation; IBRS
  Spec store bypass:     Mitigation; Speculative Store Bypass disabled via prctl
  Spectre v1:            Mitigation; usercopy/swapgs barriers and __user pointer
                          sanitization
  Spectre v2:            Mitigation; IBRS, IBPB conditional, RSB filling, PBRSB-
                         eIBRS Not affected
  Srbds:                 Mitigation; Microcode
  Tsx async abort:       Not affected

Deactivate Mitigations

This computer is running Fedora 37, booting using EFI and Grub2. I used to know LILO. Updating Grub was very easy when I knew how to do it. Obviously a restart is required.

# == To disable mitigations, making system vulnerable ==
# grubby --update-kernel=ALL --args="mitigations=off"
# grubby --info=ALL
# grub2-mkconfig -o /boot/grub2/grub.cfg

# == To enable mitigations, making system safe ==
# grubby --update-kernel=ALL --remove-args="mitigations=off"
# grubby --info=ALL
# grub2-mkconfig -o /boot/grub2/grub.cfg

After turning mitigations off, this is the pretty output from lscpu:

Vulnerability Itlb multihit:     KVM: Mitigation: VMX disabled
Vulnerability L1tf:              Mitigation; PTE Inversion; VMX vulnerable
Vulnerability Mds:               Vulnerable; SMT vulnerable
Vulnerability Meltdown:          Vulnerable
Vulnerability Mmio stale data:   Vulnerable
Vulnerability Retbleed:          Vulnerable
Vulnerability Spec store bypass: Vulnerable
Vulnerability Spectre v1:        Vulnerable: __user pointer sanitization and usercopy barriers only; no swapgs barriers
Vulnerability Spectre v2:        Vulnerable, IBPB: disabled, STIBP: disabled, PBRSB-eIBRS: Not affected
Vulnerability Srbds:             Vulnerable
Vulnerability Tsx async abort:   Not affected

Benchmark

Rather than using some synthetic test I decided to use my most common heavy workload, a “precommit”-script that i run in my software project before committing code to git. All going well, it looks like this:

$ /usr/bin/time ./tools/precommit.sh
PRE COMMIT (5x: integrationtests, tests, htmllint, eslint, pkgjson)...
         pkgjson ---- Bad:0 Void:0 Skipped:0 Good:111 (111)
            html ---- Bad:0 Void:0 Skipped:0 Good:257 (257)
              es ---- Bad:0 Void:0 Skipped:0 Good:2 (2)
 integrationtest ---- Bad:0 Void:0 Skipped:7 Good:1487 (1494)
            test ---- Bad:0 Void:0 Skipped:0 Good:2622 (2622)
41.08user 4.37system 0:22.63elapsed 200%CPU (0avgtext+0avgdata 196640maxresident)k

This is a mix of different types of loads. Mostly it is Node.js running JavaScript code. In the beginning the five test categories run in parallel, but as the first checks complete less things are running. Also the tests contains some I/O, some waiting for I/O, some actual requests to services on the internet and things like that. So there is a lower limit to how fast it can run, regardless of CPU performance.

I ran several times to make sure everthing is cached and below are approximate avarages (this benchmark is not entirely stable from time to time):

Elapsed timeUser timeSystem time% CPU
i7-8809G25s41s4.3s190%
i7-8809G mitigations=off22s38s3.5s190%
i7-8809G hyperthreading off (BIOS)29s32s3.9s120%
i5-4250U34s89s9s290%
i5-4250U mitigations=off33s89s8s290%
Apple M1 Pro (10 Cores)23s18s3.6sn/a

Turning mitigations off gives about 10% performance on elapsed time for this real world problem. That is something (I have seen other people seeing more like 1% difference in gaming).

I found it interesting that my M1 Pro had the same performance, despite having more cores (10 vs 4/8) and lower total user time (kind of half time). I draw the conclusion that not so many cores are used in parallel and thought it was interesting to turn off hyperthreading (on a safe configuration) but that was quite bad for performance.

I also tested on an older NUC, finding basically no improvement at all with mitigations=off.

I will leave my computers safe.

Auto-start user service in screen on Debian 11

Posted by on 2022/08/07 No comments

I have a QNAP with container station. It allows me to essentially have a number of single-purpose simple linux servers running on a single small nice headless computer.

It is annoying to start everything up on each container whenever the QNAP is restarted. It is quite easy to start things automatically, but as usual, a few steps of configuration can take a while to get 100% correct before it works properly.

In my case I have:

  • Debian 11 container
  • A user named zo0ok
  • zo0ok shall run screen, and in screen run the service (in this case sonarqube)

This is what I needed to do (assuming screen and sonarqube are already in place):

Create /etc/rc.local

This is my /etc/rc.local file (it does not exist before):

#!/bin/bash
sudo -u zo0ok screen -d -m /home/zo0ok/screen-startup.sh

This will run the screen-startup.sh script as zo0ok (not root) when the Debian starts.

Enable rc-local

Lets not complain about systemd and systemctl, but this shit has go be added to a new file

/etc/systemd/system/rc-local.service
----------------------------------------------------

[Unit]
 Description=/etc/rc.local Compatibility
 ConditionPathExists=/etc/rc.local

[Service]
 Type=forking
 ExecStart=/etc/rc.local start
 TimeoutSec=0
 StandardOutput=tty
 RemainAfterExit=yes
 SysVStartPriority=99

[Install]
 WantedBy=multi-user.target

And the service needs to be enabled:

# systemctl enable rc-local.service

Create screen-startup.sh

Finally, as your non privilaged user, create the file (with your content, of course):

screen-startup.sh 
----------------------------------------------------------

#!/bin/bash
cd /home/zo0ok/opt/sonarqube-9.4.0.54424/bin/linux-x86-64
./sonar.sh console

Conclusion and final words

This is obvioulsly more convenient than logging in and running screen manually, and obviously if you need any kind of error handling or restart-management that is a different story.

An alternative to systemd/systemctl is to use cron.

It looks very easy, but I had minor errors in all steps above that were a bit tricky to find, before it all worked.

Linux on Hades Canyon

Posted by on 2020/02/18 1 comment

About a year ago I got a Hades Canyon NUC for Windows and Gaming. I have been happy enough with it to buy another one for running Linux, Xubuntu.

Basically Xubuntu 19.10 works perfectly on the Hades Canyon NUC. It was all smooth, except:

  • HDMI audio is low quality – for me it is acceptable to use the 3.5mm plug instead, but if you want HDMI audio this is bad for you

I think with NUCs Intel has managed to produce computers that are very good, and I don’t really see myself buying any other desktop computers. Why are there no AMD computers in this segment?

Acer Chromebook R13: 3. As a Linux development workstation

Posted by on 2018/03/10 No comments

Update 20190904: Everything finally works now!

Update 20190730: Crostini seems to work now, this post is mostly about using Acer R13 with Crouton (which you probably dont want if you can use Crostini instead).
Update 20190409: My experiments with Crostini are not giving good results, and I am back with Crouton. So This post is still the most relevant I have written if you want to do development on your Acer R13.
Update 20190216: This post describes how to run Linux on a Chromebook the old way: Crouton. There is a new more supported way: Crostini, which officially is now in the stable channel for the Acer R13. However my experience so far is very bad.

I have got an Acer Chromebook R13 and I will write about it from my perspective.

1. Background
2. As a casual computer
3. As a Linux development workstation (this post)

As a Linux development workstation
I switched my Chromebook to Development mode and everything that follows depends on that.

In ChromeOS you can hit CTRL-ALT-T to get a crosh shell. If in Development mode you can run shell to get a regular “unix” shell. You now have access to all of ChromeOS. It looks like this:

crosh> shell
chronos@localhost / $ ls /
bin     dev  home  lost+found  mnt  postinst  root  sbin  tmp  var
debugd  etc  lib   media       opt  proc      run   sys   usr
chronos@localhost / $ ls ~
'Affiliation Database'          login-times
'Affiliation Database-journal'  logout-times
Bookmarks                       'Media Cache'
Cache                           'Network Action Predictor'
Cookies                         'Network Action Predictor-journal'
Cookies-journal                 'Network Persistent State'
'Current Session'               'Origin Bound Certs'
'Current Tabs'                  'Origin Bound Certs-journal'
databases                       'Platform Notifications'
data_reduction_proxy_leveldb    Preferences
DownloadMetadata                previews_opt_out.db
Downloads                       previews_opt_out.db-journal
'Download Service'              QuotaManager
'Extension Rules'               QuotaManager-journal
Extensions                      README
'Extension State'               'RLZ Data'
Favicons                        'RLZ Data.lock'
Favicons-journal                'Service Worker'
'File System'                   'Session Storage'
GCache                          Shortcuts
'GCM Store'                     Shortcuts-journal
GPUCache                        Storage
History                         'Sync App Settings'
History-journal                 'Sync Data'
'History Provider Cache'        'Sync Extension Settings'
IndexedDB                       'Sync FileSystem'
'Last Session'                  Thumbnails
'Last Tabs'                     'Top Sites'
local                           'Top Sites-journal'
'Local App Settings'            'Translate Ranker Model'
'Local Extension Settings'      TransportSecurity
'Local Storage'                 'Visited Links'
log                             'Web Data'
'Login Data'                    'Web Data-journal'
'Login Data-journal'
chronos@localhost / $ uname -a
Linux localhost 3.18.0-16387-g09d1f8eebf5f-dirty #1 SMP PREEMPT Sat Feb 24 13:27:17 PST 2018 aarch64 ARMv8 Processor rev 2 (v8l) GNU/Linux
chronos@localhost / $ df -h
Filesystem               Size  Used Avail Use% Mounted on
/dev/root                1.6G  1.4G  248M  85% /
devtmpfs                 2.0G     0  2.0G   0% /dev
tmp                      2.0G  248K  2.0G   1% /tmp
run                      2.0G  456K  2.0G   1% /run
shmfs                    2.0G   24M  1.9G   2% /dev/shm
/dev/mmcblk0p1            53G  1.3G   49G   3% /mnt/stateful_partition
/dev/mmcblk0p8            12M   28K   12M   1% /usr/share/oem
/dev/mapper/encstateful   16G   48M   16G   1% /mnt/stateful_partition/encrypted
media                    2.0G     0  2.0G   0% /media
none                     2.0G     0  2.0G   0% /sys/fs/cgroup
tmpfs                    128K   12K  116K  10% /run/crw

This is quite good! But we all know that starting to install things and modifying such a system can cause trouble.

Now, there is a tool called Crouton that allows us to install a Linux system (Debian or Ubuntu) into a chroot. We can even run X if we want. So, I would say that for doing development work on your Chromebook you have (at least) 5 options:

  1. Install things directly in ChromeOS
  2. Crouton: command line tools only
  3. Crouton: xiwi – run X and (for example) XFCE inside a ChromeOS window
  4. Crouton: X – run X side by side with ChromeOS
  5. Get rid of ChromeOS and install (for example) Arch instead

I will explore some of the options.

#2. Crouton command line tools only
For the time being, I don’t really need X and a Window Manager. I am fine (I think) with the ChromeOS UI and UX. After downloading crouton I ran:

sudo sh ./crouton -n deb-cli -r stretch -t cli-extra

This gave me a Debian Stretch system without X, named deb-cli (in case I want to have other chroots in the future). Installation took a few minutes.

To access Debian I now need to

  1. CTRL-ALT-T : to get a crosh shell
  2. crosh> shell : to get a ChromeOS unix shell
  3. $ sudo startcli : to get a shell in my Debian strech system

This is clearly a sub-optimal solution to get a shell tab (and closing the shell takes 3x exit). However, it works very well. I installed Node.js (for ARMv8) and in a few minutes I had cloned my git nodejs-project, installed npm packages, run everything and even pushed some code. I ran a web server on 127.0.0.1 and I could access it from the browser just as expected (so this is much more smooth than a virtual machine).

For my purposes I think this is good enough. I am not very tempted to get X up an running side-by-side with ChromeOS. However I obviously would like things like shortcuts and virtual desktops.

Actually, I think a chroot is quite good. It does not modify the base system the way package managers for OS X tend to do. I don’t need to mess with PATH and other variables. And I get a more complete Debian system compared to just the package manager. And it is actually the real Debian packages I install.

I installed Secure Shell and Crosh Window allowing me to change some defaults parameters of the terminal (by hitting CTRL-SHIFT-P), so at least I dont need to adjust the font size for every terminal.

#4. Crouton with XFCE
Well, this is going so good that I decided to try XFCE as well.

sudo sh ./crouton -n deb-xfce -r stretch -t xfce,extensions

It takes a while to install, but when done just run:

sudo startxfce4

The result is actually pretty nice. You switch between ChromeOS and XFCE with CTRL-ALT-SHIFT-BACK/FORWARD (the buttons next to ESC). The switching is a little slow, but it gives you a (quite needed) virtual desktop. Install crouton extensions in ChromeOS to allow copy-paste. A good thing is that I can run:

sudo enter-chroot -n deb-xfce

to enter my xfce-chroot without starting X and XFCE. So, for practical purposes I can have an X-chroot but I dont need to start X if I dont want to.

screen
After a while I have uninstalled XFCE and I only use crouton with cli. The terminal (part of the Chrome browser) is a bit sub-optimal. My idea is to learn to master screen, however:

$ screen
Cannot make directory '/run/screen': Permission denied

This is easily fixed though (link):

mkdir ~/.screen
chmod 700 ~/.screen

# add to .bashrc
export SCREENDIR=$HOME/.screen

# and a vim "alias" I found handy
svim () { screen -t $1 vim $1; }

I found that I get problems when I edit UTF-8 files in VIM in screen in crouton in a crosh shell. Without screen there are also issues, but slightly less so. It seems to be a good idea to add the following line to .vimrc:

set encoding=utf8

It improves the situation, but still a few glitches.

Now at least screen works. It remains to be seen if I can master it.

lighttpd
I installed lighttpd just the normal Debian way. It does not start automatically, but the normal way works:

$ $ sudo service lighttpd start

If you close your last crouton-session without stopping lighttpd you get:

$ exit
logout
Unmounting /mnt/stateful_partition/crouton/chroots/deb-cli...
Sending SIGTERM to processes under /mnt/stateful_partition/crouton/chroots/deb-cli...

That stopped lighttpd after a few seconds, but I guess a manual stop is preferred.

Performance
I have written about NUC vs RPi before and to be honest I was worried that my ARM Chromebook would more have the poor performance of the RPi than the decent performance of the NUC. I would say this is not a problem, the Acer R13 is generally fast enough.

After a few Nodejs tests, it seems the Acer Chromebook R13 is about 5-6 times faster than an RPi V2.

A C-program (some use of 64-bit double floats, little memory footprint) puts it side-by-side with my Celeron/NUC:

                s
RPi V1        142
RPi V2         74
Acer R13       12.5
Celeron J3455  13.0
i5-4250U        7.5

Benchmarks are always tricky, but I think this gives an indication.

Acer Chromebook R13: 2. As a casual computer

Posted by on 2018/03/08 1 comment

I have got an Acer Chromebook R13 and I will write about it from my perspective.

1. Background
2. As a casual computer (this post)
3. As a Linux development workstation

As a casual computer

My general impressions of the Acer Chromebook R13 are positive. The display is good (I am not used to Full HD on a laptop) and the build quality in general is more than acceptable.

What works well, quite literally out of the box:

  1. English language with non-English keyboard
  2. Connect to 5GHz WiFi
  3. Editing Google Docs, Facebook, Youtube
  4. Google Play Store for Android Apps (required a restart for a system upgrade)
  5. Spotify App (in Mobile App format), streaming audio via Bluetooth to external speaker
  6. Netflix App (failed to mirror/play to external display)
  7. Netflix Web Page (could display video on TV over HDMI)
  8. Writing this blog post…
  9. Switch to tablet mode, use touch and type on virtual keyboard on display (well, it sucks compared to a real keyboard, but it works as could be expected)
  10. Printing to a local network printer: CUPS comes preinstalled (there are other options as well, but for me CUPS is perfect)
  11. Importing photos from a micro-sd-card taken with a camera. VERY rudimentary (crop/rotate/brightness) editing available.

The good
So far my impression is that the performance is very acceptable. I used some JavaScript-heavy web pages and it was surprisingly good.

The not so good
Compared to my MacBook Air the touchpad is not as nice. Scrolling web pages is more… jerky? I would have preferred if the keyboard was closer to the display and the touchpad more far away from me. At least the touchpad is nicely centered in the middle. To be fair, the touchpad is at least as good as on more expensive PC laptops.

Performance and Benchmarks
My own Web Worker Test indicates my MacBook Air (1.4GHz Intel i5) is about 2-3 times faster (both computers using Chrome browser). However, on OS X, Safari seems to be much faster than Chrome browser on some tests and outperforms the Chromebook up to 10x on some tests. This is quite pure JavaScript number crunching.

My own String Compare Test indicates the MacBook Air is about 50% faster (Chrome browser in both cases).

Things not quite there
I have been using my Chromebook more or less daily and there isn’t much I actually miss. But here is a short list (that may grow or shrink over time).

  • A graph plotter/calculator: Grapher in OS X is not amazing but better than what I found for Chrome OS. So far I have tried Plot and Graph Functions and Desmos Graphing Calculator

Developer mode
So far I have not touched the Developer mode. Everything is completely standard and I will leave it like that for a while.

Acer Chromebook R13: 1. Background

Posted by on 2018/03/07 1 comment

I have got an Acer Chromebook R13 and I will write about it from my perspective.

1. Background (this post)
2. As a casual computer
3. As a Linux development workstation

Background
The last 20 years I have used OS X since 10.0, Windows since NT4, and many Linux distributions. These systems all have their pros and cons. Last years Chromebooks running Chrome OS (which is Linux) have appeared. They are typically cheap and built for the cloud. However there are two things that make them particularly interesting:

  1. Chromebooks (modern ones) can run Android Apps
  2. Chromebooks are much used in schools, so children of today will start looking for jobs in a few years, knowing perhaps only Chromebooks

I am too curious not to want one (perhaps mostly to be disappointed).

A few years ago I thought about getting a Chromebook, but at the time I felt it was not going to satisfy me. I bought a MacBook Air 11 instead, which is a great laptop for my purposes. However I less and less agree with what Apple does and I would rather have a native Linux laptop, than a Mac.

There are several reasons why I bought an Acer Chromebook R13 as my first Chromebook

It has got good reviews (although it is not the latest Chromebook in the market).

I like the quality aluminium build (it almost reminds me of my Titanium PowerBook G4).

It has a touchscreen and can be used as a tablet or in tent mode.

It should run Android Apps very will with its ARM CPU.

I am enthusiastic and curious about the ARM CPU for several reasons. I like an underdog and after Spectre/Meltdown I think that we need all possible alternatives to Intel. I am also curious to see if the ARM performs decently enough for my needs (and I might get disappointed).

I hope to get decent quality and some new opportunities compared to MacBook Air.

As a standard user
Most of the time I am a very ordinary computer user. I browse the internet, pay my bills, send and receive emails, watch Youtube, write something using Google Docs and I do some basic photo editing. I kind of expect the Chromebook to do this just as well as my MacBook Air.

As a programmer
I am a programmer. I mostly code JavaScript for Node.js and the web, but I also code C, C++, Lisp, Python, Bash, or whatever I feel like (mostly for fun, sometimes for work). I don’t use very advanced tools (mostly Vim, actually) and I really feel comfortable with a Linux shell. Even Mac OS X with its many package managers feels foreign. Not to talk about how I am lost in Windows.

I understand Chrome OS is Linux. It comes with a terminal. It has a Developer mode. And I can install almost anything I want using crouton (or so I have read).

My hope is that my Chromebook, for most practical purposes, will work like Linux the way I expect (more so than OS X). My hope is also that the ARM CPU will have reasonaable JavaScript performance. I may end up disappointed.