Are Big Sacrifice

66 replies [Last post]
alimiracle
Offline
Joined: 01/18/2014

" It has been said throughout the ages, that there can be no victory, without sacrifice."
Just like all Free GNU/Linux Distros, we should give a big sacrifices to gain our liberty.

As you know the new processors has a big vulnerabilitys founded in the last days cause a big problems in user privacy, and the linux kernel developers found a temporary fixes, but to use this fixes we most give a big sacrifice, the sacrifice is make your processor work under less speed, so to apply this fixes in your Uruk GNU/Linux system you should do the folllowing steps:
1- Update your system repos :
sudo apt-get update
2- After that make a full upgrade to your system:
sudo apt-get full-upgrade
3- Restart your system and now your system will become clear again.
have fun and be free
ali miracle

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

Instead of 'sudo apt-get full-upgrade', you mean 'sudo apt full-upgrade' or 'sudo apt-get dist-upgrade', don't you?

alimiracle
Offline
Joined: 01/18/2014

yes its sudo apt full-upgrade

akito
Offline
Joined: 05/10/2017

it appears that full-upgrade exists: $ man apt
but I do not really use it.

full-upgrade (apt-get(8))
full-upgrade performs the function of upgrade but will remove
currently installed packages if this is needed to upgrade the
system as a whole.

gd_scania
Offline
Joined: 09/13/2017

dist-upgrade also removes some packages but mostly just aging ones, where full-upgrade may even conflict your essentials, so full-upgrade is very risky and never a good idea.

gd_scania
Offline
Joined: 09/13/2017

Big sacrifice? Unclear what you’re saying, but I just sacrifice little which the iwlwifi card is my only nonfree hardware, and I just don’t need any nonfree apps for my daily practice.

alimiracle
Offline
Joined: 01/18/2014

Processor Speed is so important for me

ao
ao
Offline
Joined: 07/20/2017

Is
$ sudo apt-get upgrade
a good idea?

GrevenGull
Offline
Joined: 12/18/2017

Where/how do I actually find out if this issue affects the processor in my MacBook Pro 9.1, and will this method of yours work universally?

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

Basically: all Intel processors in use are affected. Yours included.

GrevenGull
Offline
Joined: 12/18/2017

And this process described by alimiracle will fix that problem (but limiting power)?

MD. SHAHIDUL ISLAM
Offline
Joined: 10/15/2015

The following NEW packages will be installed:
freesh-keyring linux-headers-4.14.12-gnu linux-image-4.14.12-gnu
linux-libre-lts
The following packages will be upgraded:
libplank-common libplank1 plank uruk-base
4 upgraded, 4 newly installed, 0 to remove and 0 not upgraded.
Need to get 86.3 MB/86.7 MB of archives.
After this operation, 336 MB of additional disk space will be used.
Do you want to continue? [Y/n]
But What is the benefit of Kernel 4.14.12?

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

Mainly the KPTI patch, against Meltdown: https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)

That patch has been present in the branch 4.9.* since 4.9.75, in the branch 4.14.* since 4.14.11. It will be in the soon-to-be-released version 4.15 too.

MD. SHAHIDUL ISLAM
Offline
Joined: 10/15/2015

After install linux-image 4.14.12 if I remove linux-image 4.9.66, any problem?
if not,
I could install 4.14.12 and remove 4.9.66.

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

You only run one kernel at a time. The command 'uname -r', executed in a terminal, prints the version you are currently running. In its default configuration, the bootloader (GRUB) always boots the latest version of the kernel. So, you need to reboot the system after installing a new version of the kernel, if you want to use this newer version.

It is safer to keep an older version that you used long enough to know it perfectly drives your hardware. Usually the version before the one you are currently using. Keeping more is only a waste of disk space: use the package manager to remove older kernels.

ariellab
Offline
Joined: 02/19/2015

My Trisquel installation on my Minifree computer says it's at 3.13.0-137-lowlatency, with no updates available. Do I have to force it up to 4.1x to get meltdown/spectre issues patched/hardened?

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

The patches will be backported at some point, I hope. But, yes, for the moment, you can use jxself's Linux-libre repository to be on the safe side (you will get version 4.9.75 or version 4.14.12, depending on the package you install): https://jxself.org/linux-libre/

ariellab
Offline
Joined: 02/19/2015

Thanks! I'll look into it.

ariellab
Offline
Joined: 02/19/2015

I followed all the steps on that page to install linux-libre-lts, in hopes of getting version 4.9 as listed, but after I did every step and rebooted, uname -r still says 3.13. Not sure what to do next.

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

Let us see whether GRUB detects the 4.9.75 kernel. What is the output of the following command?
$ sudo update-grub

ariellab
Offline
Joined: 02/19/2015

ariella@/boot/grub $ sudo update-grub
[sudo] password for ariella:
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-4.14.12-gnu
Found initrd image: /boot/initrd.img-4.14.12-gnu
Found linux image: /boot/vmlinuz-3.13.0-137-lowlatency
Found initrd image: /boot/initrd.img-3.13.0-137-lowlatency
Found linux image: /boot/vmlinuz-3.13.0-133-lowlatency
Found initrd image: /boot/initrd.img-3.13.0-133-lowlatency
Found linux image: /boot/vmlinuz-3.13.0-129-lowlatency
Found initrd image: /boot/initrd.img-3.13.0-129-lowlatency
Found linux image: /boot/vmlinuz-3.13.0-128-lowlatency
Found initrd image: /boot/initrd.img-3.13.0-128-lowlatency
Found linux image: /boot/vmlinuz-3.13.0-125-lowlatency
Found initrd image: /boot/initrd.img-3.13.0-125-lowlatency
Found linux image: /boot/vmlinuz-3.13.0-123-lowlatency
Found initrd image: /boot/initrd.img-3.13.0-123-lowlatency
Found linux image: /boot/vmlinuz-3.13.0-121-lowlatency
Found initrd image: /boot/initrd.img-3.13.0-121-lowlatency
Found linux image: /boot/vmlinuz-3.13.0-119-lowlatency
Found initrd image: /boot/initrd.img-3.13.0-119-lowlatency
No volume groups found
done

Weird to see a 4.14 in there. I installed the LTS version which the documentation says should be 4.9? Look here:

ariella@/boot/grub $ sudo apt install linux-libre-lts
Reading package lists... Done
Building dependency tree
Reading state information... Done
linux-libre-lts is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 85 not upgraded.

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

GRUB does detect /boot/vmlinuz-4.14.12-gnu. Let us see /etc/default/grub. In particular, is GRUB_DEFAULT 0?

You have many kernels installed. That is quite a waste of disk space. You can remove packages relating to older versions of the kernel (new versions of the kernel do not substitute older versions, unlike any other package) such as "linux-image-*", "linux-headers-*", ... with a version number that is not the largest (in the dictionary order: the leftmost dot-separated numbers are the most significant) or the second largest (for safety: if the latest kernel does not boot or is defective, you can boot the older one that raises no issue).

ariellab
Offline
Joined: 02/19/2015

I'm supposed to delete previous kernels after software update installs new ones? Why doesn't it prune this itself?

---
Here's the contents of /etc/default/grub:

ariella@/boot/grub $ more /etc/default/grub
# If you change this file, run 'update-grub' afterwards to update
# /boot/grub/grub.cfg.
# For full documentation of the options in this file, see:
# info -f grub -n 'Simple configuration'

GRUB_DEFAULT=0
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"
GRUB_CMDLINE_LINUX=""

# Uncomment to enable BadRAM filtering, modify to suit your needs
# This works with Linux-Libre (no patch required) and with any kernel that obtains
# the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...)
#GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef"

# Uncomment to disable graphical terminal (grub-pc only)
#GRUB_TERMINAL=console

# The resolution used on graphical terminal
# note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command `vbeinfo'
#GRUB_GFXMODE=640x480

# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux
#GRUB_DISABLE_LINUX_UUID=true

# Uncomment to disable generation of recovery mode menu entries
#GRUB_DISABLE_RECOVERY="true"

# Uncomment to get a beep at grub start
#GRUB_INIT_TUNE="480 440 1"

# Trisquel comes without kernel recovery entries to improve security.
GRUB_DISABLE_RECOVERY=true

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

With that GRUB configuration, the latest kernel should boot by default. I can take a look at your /boot/grub/grub.cfg if you attach it to a post but I do not promise anything. It may be that libreboot's things interfere.

Older kernels do not substitute newer kernels because if, for some reason, the newer kernel does not boot (or just does not drive some of your hardware as well as the older kernel), you are happy to have another kernel to select in GRUB's menu.

Talking about the GRUB menu, have you tried to boot the newer kernel from "Advanced options for Trisquel" (or something like that). You know about the useless GRUB password and how to learn it or, better, get rid of it, don't you?

ariellab
Offline
Joined: 02/19/2015

I can't attach my grub.cfg. I get "validation error."

ariellab
Offline
Joined: 02/19/2015

I don't know anything about grub boot menus beyond pressing enter to make it boot faster than the auto timer. I'll have to do some learning.

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

The GRUB_TIMEOUT variable, in /etc/default/grub, defines the number of seconds before booting the default (unless a key is pressed)... except that, in your case, the GRUB configuration you edit does not apparently have any influence!

If you find where to configure the GRUB you actually use, see https://www.gnu.org/software/grub/manual/grub/html_node/Simple-configuration.html#Simple-configuration for other useful simple settings you can can define.

ariellab
Offline
Joined: 02/19/2015

TEST: Grub.cfg after copying it to ~/ first and chmod to 777, and then gzipping because of the forum's extension restrictions.

AttachmentSize
grub.cfg_.gz 1.89 KB
ariellab
Offline
Joined: 02/19/2015

My boot menu does not offer any "advanced options". Is there a hotkey to press? See attached.

2018-01-12 22.12.06_sm.jpg
Magic Banana

I am a member!

Offline
Joined: 07/24/2010

It looks like "Trisquel's GRUB" is not used on your system. Indeed, that is not the menu your grub.cfg defines (and that should boot the latest kernel). There must be another GRUB somewhere. Probably something specific to Libreboot.

ariellab
Offline
Joined: 02/19/2015

Thank you MB and Heather. That would explain it. I might have to reach out to Minifree then. :)

Thanks for the help.

ariellab
Offline
Joined: 02/19/2015

The fail hilarity continues.

I did: sudo apt-get upgrade, and many packages got upgraded.

Next time I ran the Trisquel Software Update, it offered to update linux-libre kernel to 4.14 lol. (Hasn't done this before, not even when I installed the linux-libre-lts myself at the command line.) I let it do that via Software Update, in hopes that maybe this would do something interesting!

No change. System still boots to 3.13 haha.

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

It is just that jxself has recently put version 4.14.13 in his repository.

jxself
Offline
Joined: 09/13/2010

A way to prune old kernel versions: sudo apt-get autoremove

The package manager keeps the current kernel version and the previous version just in case so two will always be there.

ariellab
Offline
Joined: 02/19/2015

Autoremove has not been removing them. Tried that many times. :) Watch:

ariella@/boot $ ls
abi-3.13.0-137-lowlatency grub System.map-3.13.0-137-lowlatency vmlinuz-4.14.12-gnu
config-3.13.0-137-lowlatency initrd.img-3.13.0-137-lowlatency System.map-4.14.12-gnu vmlinuz-4.14.13-gnu
config-4.14.12-gnu initrd.img-4.14.12-gnu System.map-4.14.13-gnu
config-4.14.13-gnu initrd.img-4.14.13-gnu vmlinuz-3.13.0-137-lowlatency

ariella@/boot $ sudo apt-get autoremove
[sudo] password for ariella:
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

ariella@/boot $ ls
abi-3.13.0-137-lowlatency grub System.map-3.13.0-137-lowlatency vmlinuz-4.14.12-gnu
config-3.13.0-137-lowlatency initrd.img-3.13.0-137-lowlatency System.map-4.14.12-gnu vmlinuz-4.14.13-gnu
config-4.14.12-gnu initrd.img-4.14.12-gnu System.map-4.14.13-gnu
config-4.14.13-gnu initrd.img-4.14.13-gnu vmlinuz-3.13.0-137-lowlatency
ariella@/boot $

jxself
Offline
Joined: 09/13/2010

Yes, from my repository I see that you have 4.14.13 and 4.14.12. Once 4.14.14 comes out (and you update to it) then 4.14.12 should be removable with the autoremove thing. That goes back to what I'd said earlier that it keeps the current one and one of the previous ones.

ariellab
Offline
Joined: 02/19/2015

I doubt that. What you haven't seen is the other 6 or so other 3.x versions I had accumulated via Software Updater, that autoremove wouldn't touch. I did a cleanup using apt purge commands.

jxself
Offline
Joined: 09/13/2010

Then something is wrong because that is exactly what it is supposed to be doing, and I can verify that it does indeed happen for me. If you doubt it check out your own package manager. The script that's used to figure out what to keep is at /etc/kernel/postinst.d/apt-auto-removal. It has some comments in the beginning, which I've pasted here. The versions it excludes end up in /etc/apt/apt.conf.d/01autoremove-kernels.

# Mark as not-for-autoremoval those kernel packages that are:
# - the currently booted version
# - the kernel version we've been called for
# - the latest kernel version (determined using rules copied from the grub
# package for deciding which kernel to boot)
# - the second-latest kernel version, if the booted kernel version is
# already the latest and this script is called for that same version,
# to ensure a fallback remains available in the event the newly-installed
# kernel at this ABI fails to boot
# In the common case, this results in exactly two kernels saved, but it can
# result in three kernels being saved. It's better to err on the side of
# saving too many kernels than saving too few.

ADFENO
Offline
Joined: 12/31/2012

I'm not an advanced user, nor a Libreboot user, nor I like to deal with
boot configurations (because I'm a disaster doing so), but here follows
an interesting suggestion:

I suspect this is the step which is remaining (search for "Libreboot"):
https://jxself.org/linux-libre/ .

2018-01-13T01:24:39+0100 name at domain wrote:
> With that GRUB configuration, the latest kernel should boot by
> default. I can take a look at your /boot/grub/grub.cfg if you attach
> it to a post but I do not promise anything. It may be that
> libreboot's things interfere.
>
> Older kernels do not substitute newer kernels because if, for some
> reason, the newer kernel does not boot (or just does not drive some of
> your hardware as well as the older kernel), you are happy to have
> another kernel to select in GRUB's menu.
>
> Talking about the GRUB menu, have you tried to boot the newer kernel
> from "Advanced options for Trisquel" (or something like that). You
> know about the useless GRUB password and how to learn it or, better,
> get rid of it, don't you?

--
- https://libreplanet.org/wiki/User:Adfeno
- Palestrante e consultor sobre /software/ livre (não confundir com
gratis).
- "WhatsApp"? Ele não é livre. Por favor, veja formas de se comunicar
instantaneamente comigo no endereço abaixo.
- Contato: https://libreplanet.org/wiki/User:Adfeno#vCard
- Arquivos comuns aceitos (apenas sem DRM): Corel Draw, Microsoft
Office, MP3, MP4, WMA, WMV.
- Arquivos comuns aceitos e enviados: CSV, GNU Dia, GNU Emacs Org, GNU
GIMP, Inkscape SVG, JPG, LibreOffice (padrão ODF), OGG, OPUS, PDF
(apenas sem DRM), PNG, TXT, WEBM.

ariellab
Offline
Joined: 02/19/2015

Linux-libre is what I'm attempting to use, and if you read all my posts you'll see that I have already followed all the steps in the documentation including the aliasing of grub.cfg to libreboot_grub.cfg for libreboot.

ariellab
Offline
Joined: 02/19/2015

I'm using 64-bit. :)

ariellab
Offline
Joined: 02/19/2015

Something else I tried with hints from https://statusq.org/archives/2012/10/24/4584/ :

In /etc/default/grub I set:
GRUB_DEFAULT=saved

Then at command line:
sudo grub-set-default "gnulinux-3.13.0-137-lowlatency-advanced-6044c6f9-a3c0-45d3-829d-53324cc485d8"
sudo grub-reboot "gnulinux-4.14.12-gnu-advanced-6044c6f9-a3c0-45d3-829d-53324cc485d8"
sudo update-grub

Didn't work on my next reboot, the system still loaded 3.13, so I reverted back to GRUB_DEFAULT=0 until my next thing to try.

In case this is interesting, here are the menuentry options in the grub /boot config file:

===
ariella@~ $ sudo cat /boot/grub/grub.cfg | grep menuentry_id_option
menuentry_id_option="--id"
menuentry_id_option=""
export menuentry_id_option
menuentry 'Trisquel GNU/Linux' --class trisquel --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-simple-6044c6f9-a3c0-45d3-829d-53324cc485d8' {
submenu 'Advanced options for Trisquel GNU/Linux' $menuentry_id_option 'gnulinux-advanced-6044c6f9-a3c0-45d3-829d-53324cc485d8' {
menuentry 'Trisquel GNU/Linux, with Linux-Libre 4.14.12-gnu' --class trisquel --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-4.14.12-gnu-advanced-6044c6f9-a3c0-45d3-829d-53324cc485d8' {
menuentry 'Trisquel GNU/Linux, with Linux-Libre 3.13.0-137-lowlatency' --class trisquel --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.13.0-137-lowlatency-advanced-6044c6f9-a3c0-45d3-829d-53324cc485d8' {
menuentry 'Trisquel GNU/Linux, with Linux-Libre 3.13.0-133-lowlatency' --class trisquel --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.13.0-133-lowlatency-advanced-6044c6f9-a3c0-45d3-829d-53324cc485d8' {
menuentry 'Trisquel GNU/Linux, with Linux-Libre 3.13.0-129-lowlatency' --class trisquel --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.13.0-129-lowlatency-advanced-6044c6f9-a3c0-45d3-829d-53324cc485d8' {
menuentry 'Trisquel GNU/Linux, with Linux-Libre 3.13.0-128-lowlatency' --class trisquel --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.13.0-128-lowlatency-advanced-6044c6f9-a3c0-45d3-829d-53324cc485d8' {
menuentry 'Trisquel GNU/Linux, with Linux-Libre 3.13.0-125-lowlatency' --class trisquel --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.13.0-125-lowlatency-advanced-6044c6f9-a3c0-45d3-829d-53324cc485d8' {
menuentry 'Trisquel GNU/Linux, with Linux-Libre 3.13.0-123-lowlatency' --class trisquel --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.13.0-123-lowlatency-advanced-6044c6f9-a3c0-45d3-829d-53324cc485d8' {
menuentry 'Trisquel GNU/Linux, with Linux-Libre 3.13.0-121-lowlatency' --class trisquel --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.13.0-121-lowlatency-advanced-6044c6f9-a3c0-45d3-829d-53324cc485d8' {
menuentry 'Trisquel GNU/Linux, with Linux-Libre 3.13.0-119-lowlatency' --class trisquel --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.13.0-119-lowlatency-advanced-6044c6f9-a3c0-45d3-829d-53324cc485d8' {

ariellab
Offline
Joined: 02/19/2015

I've also done the grub.cfg symbolic linking for libreboot:

grub folder.png
ariellab
Offline
Joined: 02/19/2015
bobstechsite

I am a member!

Offline
Joined: 12/10/2017

Thanks for this tip! :)

I followed the instructions to add the repository and then installed the "linux-libre-lts" package. After that all I needed to do was reboot the machine and it was running the new kernel! (According to "uname -r" it's 4.14.12-gnu)

ariellab
Offline
Joined: 02/19/2015

Lucky! I installed that same package and mine hasn't switched to the 4.14. It's staying with 3.13 for some reason.

akito
Offline
Joined: 05/10/2017

you can try to remove your other kernels (3.13 one at a time), you should try to update grub. $ sudo update-grub
does the 4.14 kernel exists in the /boot directory?

ariellab
Offline
Joined: 02/19/2015

Thanks for hopping in to help! :)

Kernel removals:
How do I do them one at a time? They were installed via the Software Updater. Is there a history in there I can uninstall with, or do I have to do some sudo apt-get remove? If so, what do I type: sudo apt-get remove filename?

4.14 kernel in /boot:
Yup! It's there. Using grep I can see it referenced in grub.cfg as a "menuitem" as well. See my latest replies above.

sudo update-grub:
Tried it many times. See my latest replies above. No effect. The system continues to boot to 3.13.

ariellab
Offline
Joined: 02/19/2015

Figured out how to do removals:

sudo apt-get purge linux-image-3.13.0-xxx-lowlatency

bobstechsite

I am a member!

Offline
Joined: 12/10/2017

If it helps, the behaviour I observed was on an old Dell Optiplex 745 workstation (2.13GHz dual core Intel Core 2 Duo E6400) that solo-boots Trisquel GNU/Linux 7.
I also don't have LibreBoot installed on it as I don't have the necessary kit & I'm not sure if the motherboard is compatible.

MD. SHAHIDUL ISLAM
Offline
Joined: 10/15/2015

I am with Linux-image-4.14.12. No problem at this time.