MISTEL_L Wappen Becker im Winter MISTEL_R

Linux Tips & Tricks on OpenSuse Leap 15 (.2 .3 .4)


On this page I summarize things I had to do some research for to make them work. That way others might find somthing handy to solve a similar problem without the need to do a horrendous research on their own.

Be advised that this is not a forum for discussing a problem - just a compendium of Tips & Tricks for your conveniance. What I put down here worked for me. That does not mean it will work for you. It's just another list of things you might want to try out. Use at own risk without any guarantees whatsoever - this is more a scrapbook to me I share with others.

To make these pages usable for a wide audience, it is completely in English.

Currently this all referes to an OpenSuse Leap 15.3 installation. However with Ubuntu and other distros some of these will also work or give a hint where to start.

Content:
1. Convert MBR to uEFI - OpenSuse Linux Leap 15.3
2. Sound Blaster Z SE (Sound Core3D [Sound Blaster Recon3D / Z-Series] (SB1570)
3. Stop auto updater (PackageKit) widget in KDE
4. Set time of HP printers via cron script
5. Re-Compile NVidia drivers for older kernel
6. 90s wait at shutdown/reboot because of scdaemon
7. Update Leap 15.3 -> 15.4: bind does not work anymore
8. Update Leap 15.3 -> 15.4: php-fpm and AppArmor
9. Update Leap 15.3 -> 15.4: Re-install certbot
10. Enable ClearView Fonts with WINE


Convert MBR to uEFI without data loss

Convert MBR to uEFI - OpenSuse Linux Leap 15.3

If you, like me, have had a computer for a very long time and could finally use EFI after upgrading, you have to change your installation from MBR boot to uEFI boot. This is possible by a new installation, or by migrating to uEFI without data loss.
Here is the instruction for download

CHECK FIRST

- Read kernel parameter line to restore it. You can do that with Yast.
- check if "Grub2 efi" and "mokutil" are installed - if not, install them via Yast beforehand
- Further: we need a live system (only for using KDEpart) and a rescue system (to do the magic)
- The mount point /boot/efi can be created already with mkdir /boot/efi

Definitions:

This tutorial assumes that the Linux disk is the second disk in the system (/dev/sdb), partition 1 is SWAP, partition 2 is the data partition.
- sdb1 remains untouched
- sdb2 is to be shrunk to create the efi partition as sdb3

Basic procedure:

- Make space for the EFI drive (500MiB would be standard, less is also possible, 200KiB should be at least)
- Format and
- extend fstab with the mount point
- let's yast do its magic

Tips:

Create two bootable USB sticks - one with the live OS and one with the rescue OS.
Put downloaded ISOs on USB-Stick with belenaEtcher - is available for linux and windows


STEP 1: Reboot with Live-CD to make space with KDEpart

Since the disk to be adjusted is the system disk, creating space is not so easy. We need a live system or any other system that can access our disk. With any live Linux plus KDE you can do this quickly and easy, because we can use a graphical tool. You can also do this in the rescue system but you will then have to use a command line tool.
--> Free 500MiB at end of partition /dev/sdb2 with KDEPart

STEP 2: Reboot with Rescue (already in EFI-Mode!!)

Then we need some commands to create the file system and change fstab for mounting it. Do NOT forget fstab or you will be doomed (na, just reboot with a rescue system...)

1: Create partition and change from MBR to GPT with gdisk (NOT fdisk!!!)

This will also convert your disk from MBR to GPT - which also means, that when writing the changes there is no way back!

gdisk /dev/sdb
n # new partition
type: EF00 (-> show with 'L') EFI System
c # give name, we can use that later
EFI-System
w # <-- now there is no turning back! MBR converted to GPT in this step!
q


2: read the partitions

partprobe /dev/sdb

3: create filesystem - if you do it with UUID or sdb3, you don't need the name

mkfs -t vfat -v /dev/disk/by-partlabel/EFI-System

4: mount system to mnt

mount /dev/sdb2 /mnt

5: create efi mountpoint in sdb2 (if not already done):

mkdir /mnt/boot/efi

6: and mount efi partition to it

mount /dev/sdb3 /mnt/boot/efi

7: now mount additional directories

mount --bind /dev /mnt/dev
mount --bind /sys /mnt/sys
mount --bind /proc /mnt/proc


8: start chroot environment - we are in our old system then:

chroot /mnt
mount -a # just in case


9: add EFI mountpoint in fstab - first line

ll /dev/disk/by-UUID # find out UUID of /dev/sdb3
mcedit /etc/fstab
UUID=A1B2-D3E4 /boot/efi vfat defaults 0 0


Do not forget to change the UUID to the correct value. Simply add this line at the top.

10: now change boot configuration in yast

yast
--> boot loader
tab bootcode
--> change to "GRUB2 for EFI"
--> X Secure Boot
--> X NVRam
--> protective MBR flag "no change"
Kernel parameters tab
--> resume=/dev/sdb1 nosplash noplymouth quiet # or whatever you need here!
--> graphics: choose resolution and theme


select "OK" and Yast does its magic.

11: finish up

exit yast
exit
shutdown -r now


STEP 3: Test after reboot:

Remember: in bios you should now have selected efi boot mode for sdb - other will not work anymore!
Now test your efi after reboot:

efibootmgr -v

You should be on efi now...



Sound Blaster Z SE (Sound Core3D [Sound Blaster Recon3D / Z-Series] (SB1570)

The Sound Blaster Z SE does not really want to work with Linux. This has several causes:
1. The output lines need to be changed to get redirected to the correct output jacks.
2. After reboot some speakers are not enabled by default.

To solve this we need to redirect the output first, so the right speakers receive the correct output. To then activate the speakers we simply need to set the volume. Use alsamixer to change the volume one down and up again. This writes the volume value to the card and activates the speakers.

This is all done with your local user, not with root!

Change speaker output lines (swap speakers):

This is done in a local user file called .asound.rc in the root of your home dir. We copy a configuration of 5.1 surround specification and add an entry ttable where we swap the channels 4/5 with 2/3. Do that like the following:


The whole file should then look like this:


Change volume at startup to activate speakers

The sound output is now directed to the right channels, however the sound card still will not do output to all speakers. You can "activate" the speakers by using alsamixer. Select your sound card with F6 and then adjust every volume one down and up again. This will activate all speakers.
But as we do not want to do that after every reboot, we can let an autostart script do the job for us.

So create a script somewhere, let's call it "~/bin/setSpeakers.sh", and fill it with the following:


and make it executable with chmod 755 ~/bin/setSpeaker.sh.

For auto start we create a link in autostart-scripts to make it run after login:
ln -s ~/bin/setSpeaker.sh ~/.config/autostart-scripts/setSpeaker.sh

This script now uses 80% and 100% - adjust these to the values you prefere.
Also adjust the index -c 1 used here. You can find out the index of your card by aplay -l.

Change / fix the index of your sound card

However, the index of the card can change. That is, if for instance a USB camera device is sometimes connected (like with me), sometimes not. It might get somewhere in between and so change the index.
If you want to fix the index of your soundcard you need to set that in a config file under /etc/modprobe.d. You can create a new one named e.g. sound.conf or you alter the 50-sound.conf which was created by yast.

BE ADVISED:
- this file is alterd by yast if you mess with audio there. Luckily a copy .YastSaved will be created.
- watch out for other settings somewhere else that might interfere. Do a cat * | grep snd or use mc to verify that your file is the only one messing with snd-hda-intel

What you need to add, are some or one options line for the intel driver, setting a certain index order. So first let's find out the IDs and current Index: cat /proc/asound/cards - you might also use aplay -l for that, but that will not necessarily list the camera. That info can be used to create the needed option lines. Consider the following output:


We would now need something like options snd_hda_intel index=3,0,1,2 to move the creative card to the top. But that does not work because of two things:
1. without the USB camera the creative would be at index 2, so the given index 3 would be empty
2. the camera does not use the snd-hda-intel but snd-usb-audio - so configuring in that way will not help
So what we do first is to define which driver should be loaded first and at which slot. This is done by options snd slots=snd-hda-intel,snd-hda-intel,snd-hda-intel - that way the intel driver is reserved for three slots making room for the onboard, the graphics and creative sound card output.

On the internet you will find the idea of using "ID=" like options snd_hda_intel id=Creative,PCH,NVidia index=2,0,1. This also does not do the trick. It simply sets the names of the index meaning whatever now lands on index 0 (card number 2) will be named "Creative", no matter what its generic name would be.

Additionally something might come in handy: if you have an onboard INTEL soundcard, you might want to blacklist snd_soc_skl and additionally stop power saving.

This all leads to my example of 50-sound.conf: (you now need root access to alter that file and do a reboot afterwards to make the changes take effect)

Change pulse audio mixing for LFE

We want PulseAudio to remix the output to add bass to LFE. Typically our Sound Blaster can do that itself, but this seems to be helpful.
So if you still experience any difficulties with sound being not directed to the SubWoofer (LFE), as root add the following to "/etc/pulse/daemon.conf"


Adopt this to your own preferences.



Stop auto updater (PackageKit) widget in KDE

To stop PackageKit from checking for updates, we need to set the periodic checks in its config file. We could do that with the widget itself, but there is a bug that prevents the changes do be written to the additional config for root, as the config file can only be changed by root and the widget is run by current user.
So we simply do it by hand as root:
Change all periodic scans to false

Just edit the main.xml and change daily, weekly and monthly to false to prevent PackageKit to ever come up again for root, only for your desktop user. The main.xml is in the directory /usr/share/plasma/plasmoids/org.kde.plasma.pkupdates/contents/config

sudo mcedit /usr/share/plasma/plasmoids/org.kde.plasma.pkupdates/contents/config/main.xml



Set time of HP printers via cron script

Shell-Script to set printer time of HP printer

The time in HP printers is not correctly using the timezone when sending mails. However it would be nice if the printer time would get synchronized with the time of your server.
To do so, we create a shell script /opt/setPrinterTime.sh containing the following:

You may want to remove the comment '#' at the end to get a syslog entry for debugging, but remember that when the script runs as a cron job you might revcieve a mail with that line every time the script runs. The crontab line presented here will redirect all and every output to /dev/null, so no output is send (also no error!)

Do not forget to make the script executable with chmod 755 /opt/setPrinterTime.sh

Now add this script to cron tab of root (can also be a user). Do this for instance like this:
sudo crontab -e
to change cron tab of root.
Add a line like this to run the script every 2 hours (adopt the path to your script):

0 0,2,4,6,8,10,12,14,16,18,20,22 * * * /opt/setPrinterTime.sh >/dev/null 2>&1



Re-Compile NVidia drivers for older kernel (Tumbleweed 5.16.8 / nvidia problem)

Before you start messing around with kernel versions you might want to read Installing multiple kernel versions from Suse DOCs

After installing kernel 5.16.8 with Tumbleweed problems occured with graphic cards. No console and no x-server. This is because SimpleDRM is now a content of the kernel but interferes with NVidia drivers. That way you will not see any console output and no graphical UI after boot.

As a temporary workaround you can add initcall_blacklist=simpledrm_platform_driver_init as kernel boot parameter to solve this. Additionally the 510.54 driver version was released - but that did not solve the problem completely. So it is a good idea to fall back to previous kernel 5.16.5 till 5.16.10 will be released, which will be the real fix to this.
All of this is documented in the bug tracking

But if you installed the nvidia drivers 510.54 as a fix, something weird happens: the driver files are deleted from all kernels installed, but it will only be re-compiled for current default kernel. You can verify this by looking into /lib/modules/5.16.*/updates.
BTW: your nvidia driver files are located at /usr/src/kernel-modules/ - you might want to clean this up and remove all unneeded drivers from time to time.

To do a re-compile of installed nvidia drivers for an older kernel, this can be achieved by re-installing that kernel modules. It's the easiest way.
Force re-compile for 5.16.5

First you need to temporarily change to a different repo. For that edit /etc/zypp/repos.d/repo-oss.repo and change baseurl to https://download.opensuse.org/history/20220210/tumbleweed/repo/oss/, so that it looks like this. It's best to work with comments here:


Now we force the re-install of the kernel of that repo:
root@server:~>zypper in -f kernel-default kernel-devel kernel-default-devel

Let zypper do it's magic, recompile of NVIDIA for this kernel will be initiated after install of kernel-devel.

Force re-compile for 5.16.8 to revert default kernel change

As all defaults are now pointing to 5.16.5, we should force install of current kernel 5.16.8 again to be in the state before forced installation. You !could! of course revert any changes by hand, but personally I would not recommend. Chances of missing something are far too high!
To do so first revert the change in repo-oss, than do zypper ref and again the zypper in -f
The repo-oss with reverted changes looks like this:

then:
root@server:~>zypper ref
root@server:~>zypper in -f kernel-default kernel-devel kernel-default-devel


That way you are back to where you started from. Now you can start 5.16.8 with kernel parameter or 5.16.5 and both work with graphical console and desktop.



90s wait at shutdown/reboot because of scdaemon

With one update of Tumbleweed suddenly the shutdown / reboot of your system will stop for 90s because of a service that cannot be stopped. In the System-Log you might find the culprit "scdaemon" that does not like to be stopped.

This will be installed, if you need for instance Kleopatra because of PGP-Keys you might use for E-Mails. However scdaemon is a daemon for security usb keys for 2FA, like Yubi-Keys.

You will not be able to de-install scdaemon, but you can disable it, especially if you do not need the service.
To do so, simply do the following:
Disable scdaemon

Edit ~/.gnupg/gpg-agent.conf in the users home directory and add the line disable-scdaemon. That's it.

After that the file might look like:


After a reboot scdaemon will not run and not block shutdowns or reboots.



7. Update Leap 15.3 -> 15.4: bind does not work anymore

I updated Leap 15.3 to 15.4 with an existing and working bind. However, after the update bind will not start anymore and systemctl start named will result in the error Control process exited, code=exited, status=6/NOTCONFIGURED

This is because the script /usr/share/bind/createNamedConfInclude is not provided anymore and the present one from 15.3 will get deleted during install. This script is used to create /etc/named.conf.include which is then included in /etc/named.conf. The script is reffered in /etc/sysconfig/named with NAMED_INITIALIZE_SCRIPTS="createNamedConfInclude"

To fix this:
Step 1: In /etc/named.conf delete the statement include "/etc/named.conf.include"; or place a # comment in front
Step 2: delete the include file /etc/named.conf.include
Step 3: edit /etc/sysconfig/named and change NAMED_INITIALIZE_SCRIPTS="createNamedConfInclude" to NAMED_INITIALIZE_SCRIPTS=""

With these three steps, the problem should be solved.


8. Update Leap 15.3 -> 15.4: php-fpm and AppArmor

With OpenSUSE Leap 15.4 comes AppAmor which gets enabled by default. This leads to irritating "permission denied" errors, when this happens unnoticed and you did not have AppArmor active with 15.3.

I personally had problems with access to the socket file of php-fpm. It could not get created, but not because of wrong directory permissions but because of AppArmor.

One way to solve this is of course to deactivate AppArmor as root with


However this is not the best solution if you want to keep AppArmor as a security layer. In that case you can let AppArmor audit php-fpm. This might work for you:


This might also help when you get "Could not acquire a shared lock on the config file" with nextcloud.


9. Update Leap 15.3 -> 15.4: Re-install certbot

With OpenSUSE Leap 15.4 there is no repo that provides certbot. The repos at /home:/* that can be found did not do the trick for me.

The straight forward way to install certbot with OpenSUSE is described here

For your conveniance the steps are repeated:


Your previous config is not touched.

10. Enable ClearView Fonts with WINE

Besides what you read on the internet, WINE referes to Linux system settings to enable font smoothing, with Windows commonly known as ClearType. It is not using the FontSmoothing* registry entries to enable that. However these entries might still be usefull as Windows itself uses those to define the way ClearType is rendered.

Install Windows fonts for WINE or systemwide

The first thing you might want to do is to install Windows fonts. There are two ways to do so. Either by winetricks or by copying them from a Windows installation. The first option will provide the fonts only for WINE or Windows programs running with WINE respectively - the other way will provide those fonts also for all Linux applications like OpenOffice, which might be a good idea.

To install basic Windows fonts for WINE via winetricks use winetricks allfonts in a shell as normal user, not root! This will download and install core microsoft fonts to ~/.wine/dosdevices/c:/windows/Fonts/
These fonts will only be visable for WINE or Windows programs running under WINE.

The other way to install fonts system-wide or at least for your user is to copy fonts from a Windows installation. When doing so, skip "desktop.ini" or any other file that is not a font.

There might be copyright restrictions to take care of!

The target folders can be:
  • /usr/share/fonts
  • /usr/local/share/fonts
  • ~/.fonts - this is in your home directory and local to your user

After copying new fonts to your Linux system you should run sudo fc-cache -fv and/or fc-cache -fv (i.e. as root / as normal user) to recreate the font caches.

Activating font smoothing

If all fonts where installed system wide, font smoothing might already work. However when fonts were copied to ~/.fonts you might need to activate fontsmoothing for it. Do so by simply adding the file ~/.config/fontconfig/fonts.conf with at least the following content, if it's not existing:


These entries can also be changed by Linux font configuration. However if there were no fonts in ~/.fonts present when configuring it or the file ~/.config/fontconfig/fonts.conf does not exist, it has to be created by hand first.

At least it was not present on my installation, so WINE did no font smoothing for the user-installed fonts at all. After I created the file and restarted a Windows program with WINE, it worked out of the box.

Add registry entries

Althogh I am not sure if this is still necessary, I guess these registry entries still change the way the windows subsystem in WINE will perform the ClearType font smooting.

There are three ways to add those entries to your registry.

  • First you can do this by running winetricks fontsmooth-rgb in a shell.
  • Second, if you want to have full control over what is added to the registry, you can add the following entries manually:
  • Or as a third option you can download this shell script, make it executable with chmod +x winefontssmoothing_en.sh and run it by ./winefontssmoothing_en.sh.
    This will create the REG-File on the fly based on your choices.

The FontSmoothingGamma can have different values. The default used by winetricks or the shell script is dword:00000578 but I use dword:000004b0

This way I was able to add font smoothing to WINE.
2004 - 2022 by Daniel Becker

Valid HTML 4.01 Transitional Valid CSS!