Things I Do After Installing Fedora 28

Updated 2018-08-10

Although Fedora is a wonderful Linux distro and easily ready to perform most tasks after installation, there a few tweaks and additions I like to do after setup to make it even better. The changes that I make in this tutorial are what suit me best, so you don’t feel this is all you can do with Fedora.

  1. Update Fedora with the latest updates.
 sudo dnf update -y
sudo dnf group install kde-desktop-environment
  1. Give your system a permanent name.  The example below will set your hostname to “spock.”
 hostnamectl set-hostname spock
  1. After updates and installing KDE, add the RPM Fusion free and non-free  repositories to get additional software and support:
sudo dnf install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
  1. Install some useful sofware packages.  I typically use the CLI to do my install but you can just as easily use the GUI.  The packages I typically install are:
    • Guvcview – Great program to adjust settings of your webcam, such as my Logitech C920.
    • Chromium browser – The open source version of the Chrome browser and a great alternative to Firefox. Also helpful if you have problems with Firefox.
    • Rhythmbox – My favorite music player.
    • Kdenlive – The best open source non-linear video editor in my opinion. It also has the most features.
    • Gimp – The best image editor for Linux. It can be too advanced for some, but is certainly feature rich.
    • tlp – A very good power saving utility while on battery.  Highly recommended.
    • VLC – My preferred video player for Linux.
    • VirtualBox – A great program for creating virtual machines.  I like it because it’s cross-platform and easy to move VMs from one OS to another.
    • Audacity – A wonderful audio recorder and advanced editor.
    • OBS-Studio – A must have tool for any YouTuber or video producer.
    • Handbrake – This tool is great for converting video formats if necessary.
    • ntfs-3g – This package is for Windows NTFS partition support.
    • fuse-exfat – Used to support a popular format for USB thumb drives.
sudo dnf install -y guvcview chromium rhythmbox kdenlive gimp tlp vlc VirtualBox audacity obs-studio handbrake ntfs-3g fuse-exfat
  1. Now it’s time to start and enable tlp:

 

sudo tlp start; sudo systemctl enable tlp
  1. If you play games on Steam, you can easily install Steam using DNF:
sudo dnf install steam
  1. Although RPMFusion is a great place to get software, Flathub offers some programs and versions that are nwer than the traditional Fedora and RPMFusion repositories.  Flatpak support is buit in.  To get access, simply install the repo file from Flathub:
https://flathub.org/repo/flathub.flatpakrepo
  1. Open the file and install. to see packages faster that are available from Flathub, run this command, then restart the Software app:
gnome-software --quit
  1. I used Flathub to install the latest version of Kdenlive to bypass a bug in the older version available on the RPMFusion repository.
  2. I install several gstreamer codecs to play various video files including .mov from Apple products.  If you edit using Kdenlive, you’ll need to install these to support various video file types and containers.
sudo dnf install gstreamer1-plugin-openh264 gstreamer1-plugins-bad-free gstreamer1-plugins-bad-freeworld gstreamer1-plugins-bad-nonfree gstreamer1-plugins-base gstreamer1-plugins-good gstreamer1-plugins-good-gtk gstreamer1-plugins-ugly gstreamer1-plugins-ugly-free
  1. Make GUI changes as desired. Some of the setting changes I make in KDE desktop are to set the mouse for two clicks (the default is one) change the minimize, maximize and close widgets, change the default screen lockout time, change power save settings, and change the desktop image.
  2. Watch for added steps here!

GPL vs. McHardy: How One Developer can Damage the Concept of Free Software and the GPL

Today we’re going to talk about an issue that has raised concern in the Linux community in general and also companies that use open source software (also known as FOSS) in their products. Many now fear that a recent legal battle between a company using Linux in their products and a single developer could greatly impair the adoption and development of Linux.

Linux developer Patrick McHardy brought China based company Geniatech to court in Germany due to an alleged violation of the GNU Public License version 2 known as GPLv2. Geniatech uses Linux for some of its satellite TV receivers sold in Europe by Geniatech Euorope. Allegedly, Geniatech provided only a binary of their modified version of Linux. The GPLv2 license requires that any modifications of the Linux source code be made available to the public.

McHardy’s suit had some validity, because he contributed some of the source code in Geniatech’s products. Specifically, he was a part of the netfilter and iptables core team, a firewall component built in to the version of Linux used by Geniatech2. The software used by Geniatech was of course, protected by the GPLv2 license.

The Gnu Public License version 2 is often referred to as a “copyleft” license, a play on words of the “copyright” license. The general concept is that the software designed under GPLv2 gives anyone the right to freely distribute copies and modified versions, provided the source code of any modification is made available. The idea is to allow Linux or any GPLed software to grow and become better by contributions made by many disparate developers.

As you can imagine, a legal issue arises when a company uses GPLed source code, modifies it, but does not offer their modifications and improvements to the general developer community. Typically when a company is found to be in violation of the GPL license, these violations are reported to the Free Software Foundation (FSF) or the Software Freedom Conservancy (SFC)1. The idea here is to use these organizations to gently move a company or individual in violation of the GPL towards a non-litigious resolution.

But why would the FSF and SFC not immediately use the courts to address GPL violations? To find the answer, we have to look at the reason Linux and other GPLed software is available in the first place. The idea is to provide quality software at a price anyone can afford. It would stand to reason that developers and users of GPLed software wish to see it grow and become more useful. In order for GNU Software and Linux to continue to expand, more developers and more users are a necessity.

Much of the time, it is companies that provide further development and innovation for GPLed software. The fear is companies will abandon use of GPL licensed software on the grounds that any one developer can sue for monetary damages if the GPL license if violated. But that’s a good thing, one might think. If a company is fearful of being sued, the GPL license is doing its job. But is it? If companies choose not to use GPL software, who will? Would GNU and Linux be left to enthusiasts and shrink to a tiny user base smaller than it already is?

That is why the FSF and SFC were surprised by McHardy’s actions. Initially, McHardy was interested in working with the FSF and SFC to address the alleged GPL infringement by Geniatech. Eventually, he stopped answering his phone or responding to emails from either the FSF and SFC or the Netfilter Core team2. Eventually the Netfilter team received credible information that McHardy was using GPL copyright to sue several companies for compensatory damages relating to his source code contributions to Netfilter. As a result, he was suspended from the Netfilter team until he addressed the allegations against him4.

In July of 2017, McHardy made a “test purchase” of a product sold by Geniatech, and found modified source code in binary form on the device. Geniatech had not offered the source code to the public as required by the GPL license; as a result, McHardy filed for an injunction against Geniatech Europe on the grounds that their use of the software was in violation3.

The Court of Cologne (OLG) made it clear they did understand the concept of GNU, Linux, the GPL license, and that the concept of co-authorship of Linux alleged by McHardy3. McHardy overstepped his bounds as a member of the netfilter development team, a small but important component of the overall GNU Linux operating system. By alleging he was a co-author of Linux, McHardy attempted to put himself in the position of a major rights holder of the entire GNU Linux OS used by Geniatech.

The court dismissed this claim, as well as the concept of co-authorship. “The Linux kernel development model does not support the claim of Patrick McHardy having co-authored Linux. In so far, he is only an editing author…and not a co-author. Nevertheless, even an editing author has the right to ask for cease and desist, but only on those portions that he authored/edited, and not on the entire Linux kernel.3” The court goes on to say: “The plaintiff being a member of the netfilter core team or even the head of the core team still doesn’t support the claim of being a co-author, as netfilter substantially existed since 1999, three years before Patrick’s first contribution to netfilter, and five years before joining the core team in 2004.3

Additionally, the court maintained that just being a member of a core team (or a maintainer) does not immediately grant one a copyright over source code. According to the court, McHardy also did not “substantiate what copyrightable contributions he has made outside of Netfilter/iptables. His mere listing as general networking subsystem maintainer does not clarify what his copyrightable contributions were2,3.” In other words, there was no verifiable proof that McHardy had any legal claim to the greater Linux code beyond his contributions to Netfilter.

Geniatech, in its own defense, showed substantial claims that Mr. McHardy was attempting to profit from the court proceedings, as was evidenced by 38 similar cases he has filed against companies in the past. Geniatech also showed that in one court case, McHardy requested a 2 million EUR penalty. This of course is contrary to the desires of the FSF and SFC, which hopes to bring a company into compliance without the use of courts, at least initially.

Given this evidence, the court then recommended “that it might be better to have regular main proceedings, in which expert witnesses can be called and real evidence has to be provided, as opposed to the constraints of the preliminary procedure that was applied currently.3” Given that McHardy was now faced with a significantly more expensive and time consuming litigation, he opted instead to withdraw his injunction. He will still have to pay all court costs including those by the the defendant, Geniatech.

The FSF, SFC, core teams and developers alike were relieved when McHardy decided to withdraw his injunction against Geniatech. Although Geniatech is in the wrong regarding their use of GPL software, they were willing to put up a protracted battle that McHardy did not have the stomach for. I for one agree with the outcome. If McHardy had been successful in pushing his claim through the courts, many companies would immediately rethink their strategy of using GPLed source code. As it is, just the possibility of costly litigation by a rogue developer has soured the advantage that free and open source software has. Any good company could and should reassess the risk of using GPLed source code in their products. If a company like Geniatech were to choose to use Windows embedded at a greater expense initially, at least they would know rogue programmers from Microsoft won’t be capable of suing individually.

We’ll leave with a quote from Linux developer Greg Kroah-Hartman: “The community is not out for financial gain when it comes to license issues – though we do care about the company coming into compliance.  All we want is the modifications to our code to be released back to the public, and for the developers who created that code to become part of our community so that we can continue to create the best software that works well for everyone.5

What are your thoughts on this topic? Does the attempt to sue Geniatech concern you? Drop me a comment and let me know what you think.

 

  1. The Principles of Community-Oriented GPL Enforcement. https://www.fsf.org/licensing/enforcement-principles
  2. Linux beats legal threat from one of its own developers. http://www.zdnet.com/article/linux-beats-internal-legal-threat/
  3. Report from the Geniatech vs. McHardy GPL violation court hearing. http://laforge.gnumonks.org/blog/20180307-mchardy-gpl/
  4. Suspending Patrick McHardy as a coreteam member. https://marc.info/?l=netfilter-devel&m=146887464512702#1
  5. Linux Kernel Community Enforcement Statement FAQ. http://kroah.com/log/blog/2017/10/16/linux-kernel-community-enforcement-statement-faq/
  6. The Importance of Following Community-Oriented Principles in GPL Enforcement. https://sfconservancy.org/blog/2016/jul/19/patrick-mchardy-gpl-enforcement/

 

 

Notes on Installing Fedora 27 on the Lenovo Yoga 920

I try to stay as close to a stock Fedora experience as possible, with a few minor changes. The reason for this is so I will not have much setup to do if I get a new system or experience a catastrophic failure. I choose my tools and environment carefully and as a result a complete install as listed below usually takes me under an hour.  A video of this install guide is available here: https://www.youtube.com/watch?v=73mfFSUtXJg

  1. Shrink the Windows NTFS partition while in Windows. I have a 512 GB SSD, I shrunk the NTFS partition down to 200 GB to give me 300GB for my Fedora setup.
  2. Create the bootable USB with the Fedora install. I use the Fedora USB installer tool in Fedora to create the drive. You can also download the USB Media Install tool by clicking the “Workstation” download link at fedoraproject.org. The tool will step you through the creation of bootable Fedora USB media.
  3. Turn off Intel Secure boot. This may have an impact on the installation of Fedora.
  4. Follow the steps to install Fedora as usual. The installer hasn’t really changed in the last five or so versions. Installing Fedora Linux: https://youtu.be/eTYOrIFABhU?t=4m22s
  5. Once the install is completed, you will need to create a blacklist file in /etc/modprobe.d with blacklist ideapad_laptop in order to get the WiFi card working. For a quick fix that doesn’t require a reboot, issue this command: sudo modprobe -r ideapad_laptop  This has been a problem with Yoga laptops for a while. The problem will be fixed with step 6.
  6. dnf update -y don’t skip this step or number 7. Fedora 27 is not stable from the stock iso image unless you do the updates.
  7. Reboot.
  8. hostnamectl set-hostname fedoraiscool Use this command to set your hostname to whatever you want. The command as used would set your host to fedoraiscool.
  9. dnf group install kde-desktop-environment My preference is KDE Plasma for the desktop. You can also just download the KDE spin of Fedora, but this is how I choose to do it. At times I will use the default Gnome 3.x desktop.
  10. Enable rpmfusion: sudo dnf install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
  11. Install some software packages: sudo dnf install -y guvcview chromium rhythmbox kdenlive gimp tlp vlc VirtualBox audacity obs-studio handbrake  There are many more software packages to choose from, these are the ones I typically use in my daily workflow that are not already installed by default.
  12. Start the tlp battery saver service: sudo tlp start
  13. Enable tlp at startup: sudo systemctl enable tlp
  14. Disable Bitlocker so you can mount your Windows partition in Linux. Please note that my Yoga 920 was shipped with Bitlocker enabled on the C: drive. You may have to use Disk Management in Windows to turn off Bitlocker which can take a while.
  15. Mount your windows partition. Make a mount point for your windows partition: sudo mkdir /mnt/windows Then, sudo mount /dev/nvme0n1p3 /mnt/windows  It may vary as to which device it is. Use sudo fdisk -l to determine which partition you need to mount. Or lsblk or sudo fdisk -l | more to control output.
  16. Make GUI changes as desired. Some of the setting changes I make in KDE desktop are to set the mouse for two clicks (the default is one) change the minimize, maximize and close widgets, change the default screen lockout time, change power save settings, and change the desktop image.
  17. Optionally, install Steam if you would like access to your Linux based Steam games while in Fedora. In the CLI, simply type sudo install steam

Sources:

Setting up a Samba Server in Linux for Your Home Network

In this tutorial, we’ll setup a Samba share you can use to access files stored on a local system anywhere on the local network. We’ll also take it a step further by creating another share that is read only.

  1.  Using terminal, run: sudo dnf install -y samba samba-client
  2.  If you want Samba server to startup automatically at boot, run sudo systemctl smb nmb enable
  3. Add an entry into the firewall to allow access from other systems on the network: firewall-cmd –add-service=samba –permanent
  4. Reload the firewall service: firewall-cmd reload
  5. Allow home directory access for local users in SELinux: setsebool -P samba_enable_home_dirs on
  6. Create access for a user account already on your Linux system: pdbedit -a <user> where ‘user’ is the name of your local Linux user account you want to allow access to. Type in the password when prompted.
  7. Next restart the smb and nmb services to load changes made to Samba: sudo systemctl restart smb nmb
  8. Test access from another computer i.e.:  Windows – Launch Explorer, type \\  where ‘ip address’ is the IP of your Linux Samba server.

Adding a new share to Samba Server:

  • Edit smb.conf: vi /etc/samba/smb.conf  (You can also use Nano editor if it’s installed)
  • At the very bottom, insert a new section:

[new_share]

comment= New share on Fedora Server

path = /path/to/new/share/

read only = yes (no if you want to have write access)

guest only = no

guest ok = yes (no if you don’t want guests to have access)

share nodes = yes

  • We need to set another SELinux permission. This is very broad and not as secure as it should be. If you want to get more granular, put SELinux in permissive mode, access your new share, then read the SELinux error message that comes up*.
  • run sudo setsebool -P samba_export_all_ro 1
  • restart Samba: systemctl restart smb nmb

*For specific information on how to set a more granular SELinux entry for your specific share, check out this video on how to setup a Samba share on your home network.

Continue reading “Setting up a Samba Server in Linux for Your Home Network”