Slow Boot

When I started out with Fedora, after installing a Window Manager, the bootup became much slower. After some research, I found that I should disable extra services to speed up the boot time and performance.

For more information on this topic, read the RHEL KB in the Referances sectin. The following commands are from this KB.

sudo systemd-analyze sudo systemd-analyze blame sudo systemd-analyze critical-chain sudo systemctl list-unit-files --state=enabled

In an effort to speed things up, I disabled the following services.

sudo systemctl disable bluetooth.service sudo systemctl disable cockpit.socket sudo systemctl disable iscsi* sudo systemctl disable ModemManager.service sudo systemctl disable multipathd.service sudo systemctl disable raid-check.timer sudo systemctl disable vboxservice.service sudo systemctl disable vmtoolsd.service

DNF

If you did Rocky 8 and the minimal install, you will need the following packages.

"file-roller" adds the extract option to the Xfce Thunar File Manager.

sudo dnf -y install cifs-utils nfs-utils rsync tar file-roller Rocky Bits This is a list of apps in EPEL repos (versions 8 and 9). Application Name Description emacs Text Editor firefox Web browser gimp Image editor git Download tool gnome-calculator Basic calculator (From Gnome; does not install the entire DE) gthumb Image viewer (From Gnome; does not install the entire DE) inkscape Image editor links Web browser - text based meld Doc/Dir merge tool; similar to a Winmerge qpdfview-qt5 PDF Viewer remmina RDP, SSH, VNC client thunderbird Email Client vlc Media Player wget Download tool Rocky Bits for Laptops This is a list of apps in EPEL repos (versions 8 and 9). Most of these apps are for CLI battery management. Application Name Description acpi App to check the battery power terminus-fonts-console System Fonts (For Lenovo Tablet) upower App to check the battery power Fedora Only Bits This is a list of apps that were from a Fedora build. They are not avaiable in the EPEL repos. They were left for postarity. Application Name Description evolution-ews Email Client with Exchange EWS integration keepassxc Password manager (port of keepass; BETTER) lpf-spotify-client Media Player neofetch Utility to show system specs nomacs Image editor onedrive OneDrive Client openvpn VPN Client plex-media-player Media Player rhythmbox Media Player variety Wallpaper changer

RPMs

The following RPM packages can be downloaded from the the respective author's sites.

Rocky Bits This is a list of apps in EPEL repos (versions 8 and 9). Application Name Description Brave Web browser catfish Serach tool for Xfce (Thunar does not have search) Draw.io * Visio Alternative (Visio import only) Mfcl2750dwpdrv Brother Printer Drivers Slack Chat Client Sublime Text Editor Zoom_x86_64 ** Web Conferancing

* Draw.io has a sloppy install. When building RPMs, there are options on where the debug logs are saved. draw.io's debug path/files conflict with several other packages. I found various thread that talked about using: sudo rpm -i --excludepath=/usr/lib/.build-id/ pkgName. This did not seem to work. In a different thread, I found that --force would work. As an example, use:

sudo rpm -i --force drawio-x86_64-21.1.2.rpm

** Circa 2022, if you want to run KDE with Zoom and share your screen, you have to run KDE in X11 mode, NOT Wayland. I have not validated if this is still a issue as I am running Xfce (which runs on X11).

Fedora Only Bits This is a list of apps that were from a Fedora build. They are not avaiable in the EPEL repos. They were left for postarity. Application Name Description ESET NOD32 Anti-Virus Software Flash-plugin ONLY install if required Google Chrome Web browser Icedtea-web Provides viewer for Dell DRAC Console Lucid Charts Visio Alternative (Visio import/export) Rclone OneDrive Client Scrt Secure CRT (SSH Client) Synergy Software based KVM Virtual Box Virtualization tool Yed Graph Editor Visio Alternative (Visio import only)

There is a Notepad++ clone, but it is not very good. It only has a fraction of the Windows functionality. An RPM named notepadqq can be found in the OpenSuSe's repo.

Package Managers

As our Minnesota friends say, uff da... This is a loaded topic.

There are a bunch of package managers these days. Here is a crash course. Another good comparison chart can be found in the Referances.

AppImage

AppImage is a great way to try out new apps without installing them on your machine. The concept behind AppImage is fairly simple: one file per app. This way, developers can ensure the portability of their apps, and users get to try out new packages without installation. A major advantage of AppImages is that they don't require sudo permissions in Linux.

To try out an AppImage, all you need to do is download the package, make it executable, and run it. It's similar to how .exe files work in Windows.

AppImageHub is the central repository for AppImage packages and contains many popular apps. You can also download AppImages from vendor websites if provided. But stay away from AppImages downloaded from an untrusted sources.

AppImages are usually faster than snaps or flatpaks and need less storage space. They are also easy to remove as you can delete AppImage files anytime you want without interrupting other system processes.

Flatpak

Flatpak is another distro agnostic packaging system that ships apps with required dependencies. Users can find and install flatpaks from the distribution store of popular Linux systems or via the CLI.

Flatpak is a decentralized system, meaning you can obtain packages from several repos or remotes (in Flatpak terms). Flathub is the most popular remote and has thousands of apps.

Flatpak apps run in a sandbox by default, an application environment separate from the host system's runtime. This sandbox includes everything needed to run the software. The isolated nature of Flatpak packages makes them inherently secure, and system changes can only occur if the user provides explicit permission.

Flatpak packages usually take up more space than Snaps or AppImages. They are also slower compared to AppImages but faster than Snap packages. Flatpak is installed by default on modern Linux distros.

LPF

Builds and installs non-redistributable rpms by downloading binaries, building and installing a local rpm.

lpf handles lpf packages named like lpf-spotify-client and target packages which is spotify-client in this case. The lpf package is basically just a thin recipe how to build the target package which is the useful one. Target packages are by definition non-redistributable.

The basic usage is "lpf update" which will build and install any not yet installed target packages corresponding to installed lpf packages. This also works to update target packages to match updated lpf packages.

lpf packages are visible as an icon in the GUI. Clicking this icon is the same as running 'lpf update' on the corresponding package.

Snap

Canonical and has significant corporate backing. It includes all the libraries and dependencies required to run that app. This saves app maintainers the time needed to roll out different builds for different systems.

You can install snaps from the Snap Store directly or via the command line. Many popular Linux distros have adopted Snap, including Ubuntu and RHEL. Another key benefit of Snap apps is that they also run on IoT and Cloud systems without modifications.

Snaps allows users to have multiple versions of the same app. The self-updating nature of snaps makes sure users don't have to worry about manual updates. However, since snap packages contain all the necessary dependencies, they are bulkier than vanilla .deb or .rpm packages. Plus, the snap version of many apps runs slower than AppImages or Flatpaks.

Flatpak Packages

Try to avoid Flatpaks. They are really bloaded and often times install Gnome or KDE in the background.

Install Flatpak

sudo dnf -y install flatpak sudo reboot

Add the Flat Hub repo.

sudo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo

How to use flatpak

sudo flatpak -y install flathub packageName

How update flatpak

sudo flatpak update Flatpak Packages This is a list of Flatpaks that I could not find any RPMs for. This is more like a required type of list. Application Name Description com.spotify.Client Spotify Client org.signal.Signal Signal Encrypted Messaging Flatpak Packages (OPTIONAL) Again, I prefer RPMs straight up. If you want to run Flatpaks, this a list of other apps that I find helpful. Application Name Description com.bitwarden.desktop Bitwarden Password Manager com.makemkv.MakeMKV Make MKV DVD/BRD Ripper org.nomacs.ImageLounge Image editor

Snap Packages

Try to avoid Snap as it is more of a Ubuntu "feature."

Install snap.

sudo dnf -y install snapd sudo dnf systemctl enable snapd.socket

How to use snap.

sudo snap -y install packageName Snap Packages (OPTIONAL) Again, I prefer RPMs straight up. If you want to run Snap Packages, this a list of other apps that I find helpful. Application Name Description bitwarden Bitwarden Password Manager makemkv Make MKV DVD/BRD Ripper signal-desktop Signal Encrypted Messaging spotify Spotify Client tusk Evernote Alternative

Libre Office

Libre Office may have been installed while KDE was installing. To verify if it is already installed, open a terminal session or at your console, type:

libreoffice

At one point, I tried to only install Writer and Calc, but it was more work figuring it out than just intalling the entire suite. A downside here, if you downloaded the tar ball from Libre, everytime you want to update... you have to download the whole package and install it from scratch type of thing. Good times...

Install Libre Office from tar ball.

1. Download the latest bits from Libre Office's website.
2. mkdir -p ~/Downloads/Libre_RPMs
3. tar -xzvf ~/Downloads/Libre*.tar.gz -C ~/Downloads/Libre_RPMs
4. cd ~/Downloads/Libre_RPMs/LibreOffice_*/RPMS/
5. sudo dnf -y install *.rpm

Browsers

With a lot of the content in this section, comes the privacy vs secruity. In my humble opinion, you can have some of both, but will never have a great mix. Privacy being keeping your information and internet travels to yourself and those who YOU choose to share the information with. By security, I think of keeping tcp/udp ports closed, watching out for different virus/malware attacks, prventing man in the middle attacks, etc. I think priorties change and more often than not, it boils down to wish bit you last.

Brave

In an effort to get off of Google more and more, I have tried Firefox. It is cool but I still really like the Chromium engine. So a cool group of privacy minded people took Chromium under more active development. In comes Brave. I have been using it for the last few years and love it. I normally use it as my primary browser. To the naked eye, it looks just like Chrome but with better privacy.

Firefox

The browser battle continues. Firefox acually seems quiate a bit snappyer/faster in Fedora than Windows. In my testing, I used a very out of the box version.

To set StartPage.com as Firefox's default search engine:

1. Open Firefox
2. In the address bar, go to the serach engine site.
3. Right click on the address bar address, click Add.
4. Go into settings and select your new search engine.

Search Engines

Again, trying to get off Google/big tech... I have been using the startpage.com search engine for the last year plus. I have found it to be fantastic! I have tried other browsers for tech content and they were very lacking or hit/miss results.

Email Clients

Office365 with Evolution-EWS

Evolution does not have the extra software to be able to connect to Office365. The EWS version is REQUIRED. DO NOT use auto-discovery. This version does everything except use Outlook catagories for calander and contacts.

Go to: Settings.

Server Type: Exchange Web Services Username: [email protected] Host URL: https://outlook.office365.com/EWS/Exchange.asmx Click the Fetch URL: You will prompted for a login.
Use your full email address for the username.

Office365 with Thunderbird

Thunderbird does not support Exchange Nativly. Plugins are required for mail, contacts, contact groups, and calander syncing.

Required Plugins Integraion Application Name Description Calendar Lightning (Made by Mozilla) Contacts Provider for Exchange ActiveSync && TbSync (John Bieling) Categories CategoryManager (John Bieling) Mail Owl for Exchange (Beonex; Pain plugin)

Calander and Contacts Setup:

1. Open Thunderbird
2. Go to: Tools > Add-on Preferances > TbSync.
3. Use the pulldown to select "Add New Account"
4. Select: Exchange ActiveSync
5. Use the following settings:

Account Information: Office365 Account Name: domain.local User name: [email protected] Server address: outlook.office365.com. ActiveSync Version: Best Avaialable

Contact Category Setup:

Some of this is due to German privacy laws.

Go to: Tools > Add-on Preferances > CategoryManger.

Text Field: [email protected]

Mail Setup.

Requires Account to set this up.

Go to: Add-ons > Owl > "Settings" button (next to Owl) > Create Account.

Proton Mail

Install the Proton Mail Bridge per Proton Mail provided instructions. Proton Mail uses IMAP. The differance is that you connect to the Bridge rather than directly to their servers. Bridge is the intermeidary between the email client and Proton Mail's servers.

DO NOT use sudo for any of the commands having to do with generateing a key OR running/configuring protonmail. These commands must be used under the account that Protonmail was installed under.

Download the public key:

wget https://proton.me/download/bridge_pubkey.gpg /home/thammond/Downloads/

Import the key.

sudo rpm --import bridge_pubkey.gpg

Validate the rpm package.

rpm --checksig protonmail-bridge-*.x86_64.rpm

The expected output is:

protonmail-bridge-3.2.0-1.x86_64.rpm: digests signatures OK

Install the bloody thing.

sudo dnf -y install protonmail-bridge-*.x86_64.rpm

Use the following command to create a key in a single line with all of the appropriate switches. ProtonMail Bridge will not work without a password protected GPG key. This is by design as it is a serious securityrisk, so come to your own opinion on this. Research the implications. Some documenation stated that generateing a key would take a long time. It did not.

gpg --batch --passphrase '' --quick-gen-key 'ProtonMail Bridge' default default never

While still logged in as the protonmail user, use the following command to show a list of all previously generated keys that have been created on the system.

gpg --list-keys

The following command will require the pass package. Use the key name (in quotes) from the quick-gen-key command to add it to the systems key chain (pass).

sudo dnf -y install pass pass init "ProtonMail Bridge"

Managing Contacts

Predicament

I uses Google Voice as my primary phone number. This creates challenges.

Problem 01

While I was using Office 365 with Outlook, I used Outlook Contacts as the source of truth. The problem that with that was while texting, the contacts had to reside in both Office365 and Google contacts. Otherwise, if the contacts did not reside in Google Contacts, the names of who I am texting would not show up. Thus, I wouldn't know who was texting unless I memorized the phone number or the conversation. Ultimately, in this scenario, it was managing duplicate contacts between two separate services. While I was using Windows, my workaround for this problem was to use an application called gSyncIt. It replicated what I had in Outlook Contacts to Google Contacts.

Problem 02

Before I moved from Windows to Linux, I moved from Office365 to Proton Mail for several reasons. This was all good and fine, but in Linux, I could no longer use Outlook and or gSyncIt. The problem with Proton Mail is that you cannot use their contacts system without using their phone application. As a result, I could not have access to my contacts natively on my phone. This was done on purpose by their design. It is not lazy programming, it is the idea to keep everything in a self contained environment to keep things secure. To keep things simple, I stopped using Outlook and use Google Contacts as the source of truth. This way, my phone uses Google Contacts for contacts natively on the phone. On the desktop, I simply download email from Proton Mail and Google Contacts as a CardDAV. The desktop email client doesn't really care either way.

Problem 03

I have always struggle with which calendar to use as a source of truth (work, personal Office365/Proton Mail or my Gmail account. Proton Mail handles calendars just like contacts. You have to use their application to see the calendar. This is a security design decision for security. Again, this would not sync natively with my phone. Ultimately, I decided to use my work's Office365 calendar as the source of truth.

Problem 04

After much research, it comes as no surprise that Google created their own proprietary contacts management interface. They have been in the process of moving towards more open standards. Thunderbird had a ton of plugins to support this. They will be deprecated after some time. If you would like to use the previous method, check out the references section of this walk through to set that up. Fortunately, the open standard that Google is moving towards is CardDAV. Evolution and Thunderbird both support this naively.

Evolution-EWS

For the history of this, refearnce the "Managing Contacts" section.

1. Open Evolution.
2. Go to File > New > Address Book
3. Use the following settings:

Type: Google Name: Timothy B Hammond Birthday and Anni calande: Unchecked Default Address Book: Checked Autocomplete: Checked Username: [email protected] Address Book: Default User Address Book

4. You will be prompted to log into your Gmail account.

Thunderbird

For the history of this, refearnce the "Managing Contacts" section.

Add Google Contacts to Thunderbird

1. Open Thunderbird
2. Create a CardDAV Address Book (the menu moves so do one of the following)
1. Go to File > New > CardDAV address book...
2. Open the Address Book > Click on the down arrow next to "New Address Book" and select "Add CardDAV Address Book"
3. Use the following settings:
1. Username: [email protected]
2. Location: https://www.googleapis.com/CardDAV/v1/principals/[email protected]/lists/default/
4. You will be prompted to log into your Gmail account.

Add Proton Aliases to Thunderbird.

1. Open Thunderbird
2. Go to Menu > Account Settings.
3. Select the account, and click Manage Identities at the bottom.
4. Click Add to add your email alias.
5. Enter the necessary details, such as Name and Email Address, and click OK.

Remmina

Set Remmina preferences for the application itself.

Go to: Preferences.

General Tab Remmina data folder: ~/ Apperance Tab Tab grouping: By protocol Fullscreen toolbar: Hidden Always show tabs: Checked Fullscreen (same screen): Checked Prefer dark theme: Checked Terminal Tab Color theme: Terminal Basic colors

Setup the default Remote Conenction Profile

Go to: Create a new Connection and use the settings below.

When you have made the changes, don't forget to click Save as Default.

Basic Tab Username: syseng Domain: domain.local Color depth: Automatic Network con type: LAN Advanced Tab Quality: Best (slowest) Security protocol: TLS protocol security GW transport type: Auto TLS Security type: Default FreeRDP log level: INFO Audio output mode: Off

If you are using a mouse and want to copy text in a SSH session by highlighting, install: parcellite.

sudo dnf -y install parcellite-1.2.2-1.fc38.x86_64.rpm

Sublime

Text Color Settings

Create the path if it does not exist.

mkdir -p /home/thammond/.config/sublime-text/Packages/User/Themes/

The following sets text color themes.

sudo tee -a /home/thammond/.config/sublime-text/Packages/User/Themes/eirePunk.sublime-color-scheme >/dev/null <<EOF { "name": "eirePunk", "globals": { "background": "#3E4B51", "foreground": "#5CDD4C", "caret": "#FFFFFF" }, "rules": [ ] } EOF

Preferances

Clear the contents of the file.

rm -f /home/thammond/.config/sublime-text/Packages/User/Preferences.sublime-settings

Add the configuration to the preferences file.

sudo tee -a /home/thammond/.config/sublime-text/Packages/User/Preferences.sublime-settings >/dev/null <<EOF { // "font_face": "Ac437 IBM DOS ISO9", // "font_face": "Bm437 IBM DOS ISO9", // "font_face": "Mx437 IBM DOS ISO9", "font_face": "Px437 IBM DOS ISO9", // "font_face": "Source Code Pro", "font_size": 12, "margin": 5, "detect_indentation": false, "tab_size": 5, "translate_tabs_to_spaces": false, "word_wrap": "false", "theme": "Default Dark.sublime-theme", "color_scheme": "eirePunk.sublime-color-scheme", } EOF

Alternatively

1. Open Sublime
2. Go to: Preferences > Settings
3. Paste the following:

{ CONTENTS OF TEE ABOVE }

VMware Remote Console Install

Download the bits.

1. Open vCenter
2. Go to a VM's Summary page
3. Click the "LAUNCH REMOTE CONSLE"
4. Click the "Download Remote Consle"
5. This will take you to the current version
6. Make the bits executeable.

cd ~/Downloads sudo chmod +x VMware-Remote-*.x86_64.bundle

7. Install the bits.

sudo ./VMware-Remote-*.x86_64.bundle

VNC

Install Tiger VNC server.

sudo dnf -y install tigervnc-server

By default, Tiger VNC is installed with the assumption that only a single user is using the system. If this is the case, the following command could be used. This creates a sinlge service.

sudo cp /lib/systemd/system/[email protected] /etc/systemd/system/[email protected]

If you are going to have multiple users connecting to VNC, each user requires an account. Use the following command. This creates multiple services per user.

sudo cp /lib/systemd/system/[email protected] /etc/systemd/system/[email protected] sudo cp /lib/systemd/system/[email protected] /etc/systemd/system/[email protected]

Update the service config files with the approirate username.

sudo sed -i 's/ExecStartPre=/# ExecStartPre=/g' /etc/systemd/system/[email protected] sudo sed -i 's/ExecStartPre=/# ExecStartPre=/g' /etc/systemd/system/[email protected]

Verify the changes without comments.

sudo cat /etc/systemd/system/[email protected] | egrep -v "^\s*(#|$)" sudo cat /etc/systemd/system/[email protected] | egrep -v "^\s*(#|$)"

Add the users who are going to be able to use VNC to the allowed list.

sudo tee -a /etc/tigervnc/vncserver.users >/dev/null <<EOF :1=localadmin :2=thammond EOF

Verify the changes without comments.

sudo cat /etc/tigervnc/vncserver.users | egrep -v "^\s*(#|$)"

Set the default screeen resolution. Please note that, these seems to be set by the systems default resolution.

sudo tee -a /etc/tigervnc/vncserver-config-defaults >/dev/null <<EOF # geometry 800x600 # geometry 1024x768 # geometry 1152x864 # geometry 1280x720 # geometry 1280x1024 # geometry 1366x768 # geometry 1600x900 # geometry 1600x1200 # geometry 1680x1050 # geometry 1980x1080 EOF

Verify the changes without comments.

sudo cat /etc/tigervnc/vncserver-config-defaults | egrep -v "^\s*(#|$)"

Login as the respective user and set a vnc password. In our case, we are using the local admin account. If you had to create multiple accounts, login as the user then use the vncpasswd command to set a password.

su - localadmin sudo vncpasswd localadmin su - thammond sudo vncpasswd thammond

Enable the respective services per user. The reload command is required for the system to notice changes to the service.

sudo systemctl daemon-reload sudo systemctl start vncserver-localadmin@:1 sudo systemctl enable vncserver-localadmin@:1 sudo systemctl start vncserver-thammond@:2 sudo systemctl enable vncserver-thammond@:2

Allow remote VNC connections through firewall.

sudo firewall-cmd --permanent --add-service=vnc-server sudo firewall-cmd --reload sudo firewall-cmd --list-all