Debian 13: upgrading bios

Is it possible to upgrade bios from Debian, since the most manufacture only provide bios upgrade under windows environment? In the past it is impossible. But today, it can for some systems. Here is the way to check and upgrade bios from bios. you need root or sudo, i use root user.

Install software

# apt install fwupd

Check your bios

# dmidecode 3.6
Getting SMBIOS data from sysfs.
SMBIOS 3.4.0 present.

Handle 0x0000, DMI type 0, 26 bytes
BIOS Information
    Vendor: LENOVO
    Version: JNCN52WW(V2.12)
    Release Date: 10/04/2024 <- your release date
    Address: 0xE0000
    Runtime Size: 128 kB
    ROM Size: 32 MB
    Characteristics:
        PCI is supported
        BIOS is upgradeable
        BIOS shadowing is allowed
        Boot from CD is supported
        Selectable boot is supported
        EDD is supported
        Japanese floppy for NEC 9800 1.2 MB is supported (int 13h)
        Japanese floppy for Toshiba 1.2 MB is supported (int 13h)
        5.25"/360 kB floppy services are supported (int 13h)
        5.25"/1.2 MB floppy services are supported (int 13h)
        3.5"/720 kB floppy services are supported (int 13h)
        3.5"/2.88 MB floppy services are supported (int 13h)
        8042 keyboard services are supported (int 9h)
        CGA/mono video services are supported (int 10h)
        ACPI is supported
        USB legacy is supported
        BIOS boot specification is supported
        Targeted content distribution is supported
        UEFI is supported
    BIOS Revision: 1.52
    Firmware Revision: 1.52

Handle 0x001C, DMI type 13, 22 bytes
BIOS Language Information
    Language Description Format: Long
    Installable Languages: 4
        en|US|iso8859-1
        fr|FR|iso8859-1
        ja|JP|unicode
        zh|TW|unicode
    Currently Installed Language: en|US|iso8859-1

To show product name and version

# cat /sys/class/dmi/id/product_name
82SB
# cat /sys/class/dmi/id/product_version
IdeaPad Gaming 3 15ARH7

Check device  

# fwupdmgr get-devices
LENOVO 82SB
│
├─AMD Ryzen 5 7535HS with Radeon Graphics:
│ │   Device ID:          4bde70ba4e39b28f9eab1628f9dd6e6244c03027
│ │   Vendor:             Advanced Micro Devices, Inc.
│ │   GUIDs:              52f8f9af-1ca9-5352-bef4-ceb232c888a5 ← CPUID\PRO_0&FAM_19&MOD_44
│ │                       e94372a3-3ffb-5d1c-a579-c415b7313e52 ← CPUID\PRO_0&FAM_19&MOD_44&STP_1
│ │   Device Flags:       • Internal device
│ │ 
│ ├─Secure Processor:
│ │     Device ID:        c54ab0237d7a8db8c717b68e0be78e4374a2a079
│ │     Current version:  00.28.00.71
│ │     Bootloader Version: 00.28.00.71
│ │     Vendor:           Advanced Micro Devices, Inc. (PCI:0x1022)
│ │     GUID:             9844da3e-1df2-52fe-9413-d4378af6221e ← PCI\VEN_1022&DEV_1649
│ │     Device Flags:     • Internal device
│ │                       • Can tag for emulation
│ │   
│ └─System Management Unit (SMU):
│       Device ID:        db0330716216c629bb2c07256e5d018f499eb6ce
│       Summary:          Microcontroller used within CPU/APU program 4
│       Current version:  69.63.0
│       Vendor:           Advanced Micro Devices, Inc.
│       GUID:             79307ae6-a2ea-52e1-bf56-6abbaf3547ad ← /sys/devices/platform/AMDI0007:00
│       Device Flags:     • Internal device
│                         • Can tag for emulation
│     
├─GA107 [GeForce RTX 2050]:
│     Device ID:          ce4c74a5188d5b9cdb1e72ed32dad2d313c1c999
│     Current version:    a1
│     Vendor:             NVIDIA Corporation (PCI:0x10DE)
│     GUID:               68e82ae9-e3f2-5996-ba6b-9054136e6d65 ← PCI\VEN_10DE&DEV_25AD
│     Device Flags:       • Internal device
│                         • Cryptographic hash verification is available
│                         • Can tag for emulation
│   
├─Micron MTFDKCD512QFM-1BD1AABLA:
│     Device ID:          04e17fcf7d3de91da49a163ffe4907855c3648be
│     Summary:            NVM Express solid state drive
│     Current version:    1002V3LN
│     Vendor:             Micron Technology Inc (PCI:0x1344)
│     Serial Number:      22453C44BE0D
│     Problems:           • Device requires AC power to be connected
│     GUIDs:              84b40af9-5392-5d04-ab7a-92c6ecd85f9f ← NVME\VEN_1344&DEV_5413
│                         518236e8-44dc-5c54-86bf-8ab9c098cd5e ← NVME\VEN_1344&DEV_5413&SUBSYS_13441100
│                         2f40d3c1-c50e-5e7f-aa6c-9cbef7c3679f ← Micron MTFDKCD512QFM-1BD1AABLA
│     Device Flags:       • Internal device
│                         • System requires external power source
│                         • Needs a reboot after installation
│                         • Device is usable for the duration of the update
│                         • Updatable
│                         • Can tag for emulation
│   
├─System Firmware:
│ │   Device ID:          c74868c50fe146f6d80a0978b8140db47f89c95a
│ │   Summary:            UEFI System Resource Table device (updated via NVRAM)
│ │   Current version:    1879441490
│ │   Minimum Version:    1380122624
│ │   Vendor:             LENOVO (DMI:LENOVO)
│ │   Update State:       Success
│ │   Problems:           • Device requires AC power to be connected
│ │   GUID:               b287b6c8-7a87-48d7-9316-da7a121e91c6
│ │   Device Flags:       • Internal device
│ │                       • System requires external power source
│ │                       • Needs a reboot after installation
│ │                       • Cryptographic hash verification is available
│ │                       • Device is usable for the duration of the update
│ │                       • Updatable
│ │   Device Requests:    • Message
│ │ 
│ ├─Ideapad Products:
│ │     Device ID:        6924110cde4fa051bfdc600a60620dc7aa9d3c6a
│ │     Summary:          UEFI Platform Key
│ │     Current version:  0
│ │     Vendor:           Unknown
│ │     GUID:             a5ace873-b5ff-5d82-9051-52a46d71b6a4 ← UEFI\CRT_D1FA4BAE5073E699B7D04455F4F1126530BD69A4
│ │     Device Flags:     • Internal device
│ │                       • Cryptographic hash verification is available
│ │                       • Can tag for emulation
│ │   
│ ├─UEFI Signature Database:
│ │ │   Device ID:        0352a8acc949c7df21fec16e566ba9a74e797a97
│ │ │   Device Flags:     • Internal device
│ │ │ 
│ │ └─Windows Production PCA:
│ │       Device ID:      ea9d4960094c43d107b919fe44941f2c774f84df
│ │       Current version: 2011
│ │       Vendor:         Microsoft (UEFI:Microsoft)
│ │       GUIDs:          675d2184-6c9a-59f1-a6f1-3c229b5dbb79 ← UEFI\VENDOR_Microsoft&NAME_Microsoft-Windows-Production-PCA
│ │                       1a84097f-714e-51b7-b293-9a803c98bb1d ← UEFI\CRT_CBBBF4B136DB90D11FD37A4A9B2106973AECC095
│ │       Device Flags:   • Internal device
│ │                       • Updatable
│ │                       • Signed Payload
│ │                       • Can tag for emulation
│ │     
│ └─UEFI dbx:
│       Device ID:        362301da643102b9f38477387e2193e57abaa590
│       Summary:          UEFI revocation database
│       Current version:  20230301
│       Minimum Version:  20230301
│       Vendor:           UEFI:Microsoft
│       Install Duration: 1 second
│       GUID:             f8ba2887-9411-5c36-9cee-88995bb39731 ← UEFI\CRT_A1117F516A32CEFCBA3F2D1ACE10A87972FD6BBE8FE0D0B996E09E65D802A503&ARCH_X64
│       Device Flags:     • Internal device
│                         • Updatable
│                         • Needs a reboot after installation
│                         • Cryptographic hash verification is available
│                         • Device is usable for the duration of the update
│                         • Only version upgrades are allowed
│                         • Signed Payload
│                         • Can tag for emulation
│     
├─TPM:
│     Device ID:          1d8d50a4dbc65618f5c399c2ae827b632b3ccc11
│     Current version:    6.20.0.6
│     Vendor:             Advanced Micro Devices, Inc. (TPM:AMD)
│     GUIDs:              9305de1c-1e12-5665-81c4-37f8e51219b8 ← TPM\VEN_AMD&DEV_0001
│                         78a291ae-b499-5b0f-8f1d-74e1fefd0b1c ← TPM\VEN_AMD&MOD_AMD
│                         65a3fced-b423-563f-8098-bf5c329fc063 ← TPM\VEN_AMD&DEV_0001&VER_2.0
│                         5e704f0d-83cb-5364-8384-f46d725a23b8 ← TPM\VEN_AMD&MOD_AMD&VER_2.0
│     Device Flags:       • Internal device
│                         • System requires external power source
│                         • Needs a reboot after installation
│                         • Device can recover flash failures
│                         • Full disk encryption secrets may be invalidated when updating
│                         • Signed Payload
│                         • Can tag for emulation
│   
├─UEFI Device Firmware:
│     Device ID:          e78fe7874aa72b14bc3138165829a0f046b925e4
│     Summary:            UEFI System Resource Table device (updated via NVRAM)
│     Current version:    0
│     Minimum Version:    1
│     Vendor:             DMI:LENOVO
│     Update State:       Success
│     Problems:           • Device requires AC power to be connected
│     GUID:               a9898afa-ef58-48fe-b09a-f476afce467c
│     Device Flags:       • Internal device
│                         • System requires external power source
│                         • Needs a reboot after installation
│                         • Device is usable for the duration of the update
│                         • Updatable
│     Device Requests:    • Message
│   
└─UEFI Device Firmware:
      Device ID:          cb1be209f9d53fed715391d7dcb894ba4d874719
      Summary:            UEFI System Resource Table device (updated via NVRAM)
      Current version:    3378443
      Vendor:             DMI:LENOVO
      Update State:       Success
      Problems:           • Device requires AC power to be connected
      GUID:               e18d48f3-8ed4-484e-8e01-cc33572399ff
      Device Flags:       • Internal device
                          • System requires external power source
                          • Needs a reboot after installation
                          • Device is usable for the duration of the update
                          • Updatable
      Device Requests:    • Message

Refresh firmware meta-data

# fwupdmgr refresh --force
Updating lvfs
Downloading…             [************************************** ]

Successfully downloaded new metadata: Updates have been published for 0 of 5 local devices

Perform upgrade

# fwupdmgr get-updates
Devices with no available firmware updates: 
 • Micron MTFDKCD512QFM-1BD1AABLA
 • System Firmware
 • UEFI Device Firmware
 • UEFI Device Firmware
 • KEK CA
 • OK Certificate
 • UEFI CA
 • UEFI dbx
 • Windows Production PCA
No updatable devices

 

Debian 13: debsecan to check vunerablities

This is MUST know for server admin.

Debin profide debsecan to analyzes the list of installed packages on the current host and reports vulnerabilities found on the system.

It runs locally and downloads vulnerability information over the Internet. It can send mail to interested parties when new vulnerabilities are discovered or when security updates become available. 

Installing debsecan

# apt install debsecan
Installing:                     
  debsecan

Using debsecan for linux-image (kernel)

# debsecan --suite trixie --only-fixed | grep -i linux-image 

If empty, don't have to upgrade linux-image 

e.g for 

CVE-2024-XXXXX linux-image-6.12.57+deb13-amd64 (high urgency)
CVE-2024-YYYYY linux-image-6.12.57+deb13-amd64 (medium urgency)

you MUST upgrade your linux-image, and plan for reboot system for kernel upgrade! 

 to list vulnerable software 

# debsecan --suite trixie --only-fixed --format packages
libavcodec59
libavfilter8
libavformat59
libavutil57
libpoppler126
libpostproc56
libssh-gcrypt-4
libswresample4
libswscale6
libvpx7
linux-headers-6.12.31-amd64
linux-headers-6.12.31-common
linux-headers-6.12.57+deb13-amd64
linux-headers-6.12.57+deb13-common
linux-kbuild-6.12.31
linux-kbuild-6.12.57+deb13

Note: they don't pose a runtime security risk to your system, but they are "out of date." . Consider to upgrade package.

Debian 13: removing kernel left over after kernel upgrade

wifi and some device require compile in debian depend on kernel version. this documentation is intended as a small guide to tidy up your system.

list of ii and rc status of package

# uname -r
6.12.63+deb13-amd64
# dpkg -l | grep linux-image
rc  linux-image-6.1.0-33-amd64                         6.1.133-1                            amd64        Linux 6.1 for 64-bit PCs (signed)
rc  linux-image-6.1.0-34-amd64                         6.1.135-1                            amd64        Linux 6.1 for 64-bit PCs (signed)
rc  linux-image-6.1.0-37-amd64                         6.1.140-1                            amd64        Linux 6.1 for 64-bit PCs (signed)
rc  linux-image-6.1.0-9-amd64                          6.1.27-1                             amd64        Linux 6.1 for 64-bit PCs (signed)
rc  linux-image-6.12.38+deb13-amd64                    6.12.38-1                            amd64        Linux 6.12 for 64-bit PCs (signed)
rc  linux-image-6.12.38+deb13-amd64-unsigned           6.12.38-1                            amd64        Linux 6.12 for 64-bit PCs
rc  linux-image-6.12.41+deb13-amd64                    6.12.41-1                            amd64        Linux 6.12 for 64-bit PCs (signed)
rc  linux-image-6.12.41+deb13-amd64-unsigned           6.12.41-1                            amd64        Linux 6.12 for 64-bit PCs
rc  linux-image-6.12.43+deb13-amd64                    6.12.43-1                            amd64        Linux 6.12 for 64-bit PCs (signed)
rc  linux-image-6.12.43+deb13-amd64-unsigned           6.12.43-1                            amd64        Linux 6.12 for 64-bit PCs
rc  linux-image-6.12.48+deb13-amd64                    6.12.48-1                            amd64        Linux 6.12 for 64-bit PCs (signed)
rc  linux-image-6.12.48+deb13-amd64-unsigned           6.12.48-1                            amd64        Linux 6.12 for 64-bit PCs
rc  linux-image-6.12.57+deb13-amd64                    6.12.57-1                            amd64        Linux 6.12 for 64-bit PCs (signed)
ii  linux-image-6.12.57+deb13-amd64-unsigned           6.12.57-1                            amd64        Linux 6.12 for 64-bit PCs
ii  linux-image-6.12.63+deb13-amd64                    6.12.63-1                            amd64        Linux 6.12 for 64-bit PCs (signed)
ii  linux-image-amd64                                  6.12.63-1                            amd64        Linux for 64-bit PCs (meta-package)

Note about rc and ii 

• rc = package removed, but config files remain
• ii = desired state install and current state installed 

we can conclude these packages are not used anymore but still exist in our system:

1. rc linux-image-6.1.0-*
2. rc linux-image-6.12.38*
3. rc linux-image-6.12.41*
4. rc linux-image-6.12.43*
5. rc linux-image-6.12.48*

We can remove those packages which is kernel left over, using this command:

# dpkg -l | awk '/^rc  linux-image/ {print $2}' | xargs dpkg --purge
(Reading database ... 180811 files and directories currently installed.)
Purging configuration files for linux-image-6.1.0-33-amd64 (6.1.133-1) ...
Purging configuration files for linux-image-6.1.0-34-amd64 (6.1.135-1) ...
Purging configuration files for linux-image-6.1.0-37-amd64 (6.1.140-1) ...
Purging configuration files for linux-image-6.1.0-9-amd64 (6.1.27-1) ...
dpkg: warning: while removing linux-image-6.1.0-9-amd64, directory '/lib/modules' not empty so not removed
Purging configuration files for linux-image-6.12.38+deb13-amd64 (6.12.38-1) ...
Purging configuration files for linux-image-6.12.38+deb13-amd64-unsigned (6.12.38-1) ...
rmdir: failed to remove '/lib/modules/6.12.38+deb13-amd64': No such file or directory
Purging configuration files for linux-image-6.12.41+deb13-amd64 (6.12.41-1) ...
Purging configuration files for linux-image-6.12.41+deb13-amd64-unsigned (6.12.41-1) ...
rmdir: failed to remove '/lib/modules/6.12.41+deb13-amd64': No such file or directory
Purging configuration files for linux-image-6.12.43+deb13-amd64 (6.12.43-1) ...
Purging configuration files for linux-image-6.12.43+deb13-amd64-unsigned (6.12.43-1) ...
rmdir: failed to remove '/lib/modules/6.12.43+deb13-amd64': No such file or directory
Purging configuration files for linux-image-6.12.48+deb13-amd64 (6.12.48-1) ...
Purging configuration files for linux-image-6.12.48+deb13-amd64-unsigned (6.12.48-1) ...
rmdir: failed to remove '/lib/modules/6.12.48+deb13-amd64': No such file or directory
Purging configuration files for linux-image-6.12.57+deb13-amd64 (6.12.57-1) ...
I: /vmlinuz is now a symlink to boot/vmlinuz-6.12.63+deb13-amd64
I: /initrd.img is now a symlink to boot/initrd.img-6.12.63+deb13-amd64
rmdir: failed to remove '/lib/modules/6.12.57+deb13-amd64': Directory not empty

 

 

Debian 13: using unbound as DNS over https resolver in conjuction with NetworkManager and Systemd Resolved

Assume:

• NetworkManager and Systemd-Resolved already work 

Install unbound

# apt-get install unbound

Edit /etc/systemd/resolved.conf and set:

[Resolve]
DNS=127.0.0.1:5335
Domains=~.

Make sure this line in /etc/unbound/unbound.conf

...
include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"
...

Create and edit /etc/unbound/unbound.conf.d/google-doh.conf

server:
    # Port 5335 is safer for laptops than 5353 (mDNS)
    port: 5335
    interface: 127.0.0.1
    access-control: 127.0.0.0/8 allow
    
    # Required for TLS verification
    tls-cert-bundle: "/etc/ssl/certs/ca-certificates.crt"
forward-zone:
name: "."
    # Using DoT (Port 853) instead of DoH (Port 443)
    forward-tls-upstream: yes
    forward-addr: 8.8.8.8@853#dns.google
    forward-addr: 8.8.4.4@853#dns.google

Enable unbound and restart all services

# systemctl enable unbound
# systemctl start unbound
# systemctl restart systemd-resolved
# systemctl restart NetworkManager

Test

# resolvectl query google.com
google.com: 172.253.118.138
            172.253.118.102
            172.253.118.101
            172.253.118.113
            172.253.118.139
            172.253.118.100
            2404:6800:4003:c11::8a
            2404:6800:4003:c11::71
            2404:6800:4003:c11::64
            2404:6800:4003:c11::8b


# resolvectl query duckduckgo.com
duckduckgo.com: 20.43.161.105

-- Information acquired via protocol DNS in 54.3ms.
-- Data is authenticated: no; Data was acquired via local or encrypted transport: no
-- Data from: network

Debian 13: using systemd timesync to update ntp client time

Since Debain Jessie, Debian use systemd to synchronize ntp clinet

To list timezone:

# timedatectl list-timezones | grep Jakarta
Asia/Jakarta

To set timezone:

# timedatectl set-timezone Asia/Jakarta

To show

# timedatectl 
               Local time: Mon 2026-01-12 12:44:27 WIB
           Universal time: Mon 2026-01-12 05:44:27 UTC
                 RTC time: Mon 2026-01-12 05:44:27
                Time zone: Asia/Jakarta (WIB, +0700)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no

Edit /etc/systemd/timesyncd.conf

...
[Time]
#NTP=
NTP=0.id.pool.ntp.org 1.id.pool.ntp.org 2.id.pool.ntp.org 2.id.pool.ntp.org 3.id.pool.ntp.org
#FallbackNTP=0.debian.pool.ntp.org 1.debian.pool.ntp.org 2.debian.pool.ntp.org 3.debian.pool.ntp.org
...

To restart service

# systemctl restart systemd-timesyncd

you can use old way using ntp client, but you need to remove this package

# timedatectl set-ntp false

Now you can install ntp and edit configuration /etc/ntp.conf.

 

 

Java: using build tool gradle wrapper to setup project and run

 

• java application openjdk 17
• gradle 8.7

install gradle 

# apt-get install gradle 


create folder project example

$ mkdir example
$ cd example

create init project

wrap gradle version for your project 

$ gradle wrapper --gradle-version 8.7
openjdk version "17.0.16" 2025-07-15
OpenJDK Runtime Environment (build 17.0.16+8-Debian-1deb12u1)
OpenJDK 64-Bit Server VM (build 17.0.16+8-Debian-1deb12u1, mixed mode, sharing)

init using gradle 8.7  debian 13 uses old 4.4 

$ ./gradlew init \
  --type java-application \
  --dsl groovy \
  --test-framework junit-jupiter \
  --package com.dedetok \
  --project-name example
openjdk version "17.0.16" 2025-07-15
OpenJDK Runtime Environment (build 17.0.16+8-Debian-1deb12u1)
OpenJDK 64-Bit Server VM (build 17.0.16+8-Debian-1deb12u1, mixed mode, sharing)
Downloading https://services.gradle.org/distributions/gradle-8.7-bin.zip
...............................................................................................................................
Unzipping ~/.gradle/wrapper/dists/gradle-8.7-bin/bhs2wmbdwecv87pi65oeuq5iu/gradle-8.7-bin.zip to ~/.gradle/wrapper/dists/gradle-8.7-bin/bhs2wmbdwecv87pi65oeuq5iu
Set executable permissions for: ~/.gradle/wrapper/dists/gradle-8.7-bin/bhs2wmbdwecv87pi65oeuq5iu/gradle-8.7/bin/gradle

Welcome to Gradle 8.7!

Here are the highlights of this release:
 - Compiling and testing with Java 22
 - Cacheable Groovy script compilation
 - New methods in lazy collection properties

For more details see https://docs.gradle.org/8.7/release-notes.html

Starting a Gradle Daemon, 1 incompatible Daemon could not be reused, use --status for details

Enter target Java version (min: 7, default: 21): 17

Select application structure:
  1: Single application project
  2: Application and library project
Enter selection (default: Single application project) [1..2] 1

Generate build using new APIs and behavior (some features may change in the next minor release)? (default: no) [yes, no] no


> Task :init
To learn more about Gradle by exploring our Samples at https://docs.gradle.org/8.7/samples/sample_building_java_applications_multi_project.html

BUILD SUCCESSFUL in 5m 12s
1 actionable task: 1 executed

./settings.gradle

plugins {
    // Apply the foojay-resolver plugin to allow automatic download of JDKs
    id 'org.gradle.toolchains.foojay-resolver-convention' version '0.8.0'
}

rootProject.name = 'example'
include('app')

./app/build.gradle

plugins {
    // Apply the application plugin to add support for building a CLI application in Java.
    id 'application'
}

repositories {
    // Use Maven Central for resolving dependencies.
    mavenCentral()
}

dependencies {
    // Use JUnit Jupiter for testing.
    testImplementation libs.junit.jupiter

    testRuntimeOnly 'org.junit.platform:junit-platform-launcher'

    // This dependency is used by the application.
    implementation libs.guava
}

// Apply a specific Java toolchain to ease working on different environments.
java {
    toolchain {
        languageVersion = JavaLanguageVersion.of(17)
    }
}

application {
    // Define the main class for the application.
    mainClass = 'com.dedetok.App'
}

tasks.named('test') {
    // Use JUnit Platform for unit tests.
    useJUnitPlatform()
}

./gradle/libs.versions.toml

[versions]
guava = "32.1.3-jre"
junit-jupiter = "5.10.1"

[libraries]
guava = { module = "com.google.guava:guava", version.ref = "guava" }
junit-jupiter = { module = "org.junit.jupiter:junit-jupiter", version.ref = "junit-jupiter" }

To show current gradle version

$ ./gradlew --version

------------------------------------------------------------
Gradle 8.7
------------------------------------------------------------

Build time:   2024-03-22 15:52:46 UTC
Revision:     650af14d7653aa949fce5e886e685efc9cf97c10

Kotlin:       1.9.22
Groovy:       3.0.17
Ant:          Apache Ant(TM) version 1.10.13 compiled on January 4 2023
JVM:          17.0.16 (Debian 17.0.16+8-Debian-1deb12u1)
OS:           Linux 6.12.57+deb13-amd64 amd64

Test run

$ ./gradlew run
Path for java installation '/usr/lib/jvm/openjdk-17' (Common Linux Locations) does not contain a java executable

> Task :app:run
Hello World!

BUILD SUCCESSFUL in 473ms
2 actionable tasks: 1 executed, 1 up-to-date

or you can run using style $ ./gradlew :app:run

Now add maridb jcoonect into project, using Traditional Groovy Approach. edit ./app/build.gradle

...
dependencies {
    // Use JUnit Jupiter for testing.
    testImplementation libs.junit.jupiter

    testRuntimeOnly 'org.junit.platform:junit-platform-launcher'

    // This dependency is used by the application.
    implementation libs.guava

    // mariadb jconnector (single file no need change libs.versions.toml
    implementation 'org.mariadb.jdbc:mariadb-java-client:3.3.3'

    // using libs.versions.toml must editing this file 
    //implementation libs.mariadb.client

}
...

If you wish to useing Version Catalog Approach, use 2nd option for ./app/build.gradle and edit libs.version.toml

[versions]
guava = "32.1.3-jre"
junit-jupiter = "5.10.1"
mariadb = "3.3.3"

[libraries]
guava = { module = "com.google.guava:guava", version.ref = "guava" }
junit-jupiter = { module = "org.junit.jupiter:junit-jupiter", version.ref = "junit-jupiter" }
mariadb-client = { group = "org.mariadb.jdbc", name = "mariadb-java-client", version.ref = "mariadb" }


use Version Catalog Approach for complex project and involving multiple developers.

Edit ./app/src/main/java/com/dedetok/App.java

/*
 * This source file was generated by the Gradle 'init' task
 */
package com.dedetok;

import java.sql.*;

public class App {
    public String getGreeting() {
        return "Hello World!";
    }

    public static void main(String[] args) throws SQLException {
        System.out.println(new App().getGreeting());
        
        String dbUrl = "jdbc:mariadb://localhost:3306/mydatabase";
        String dbUName = "myuname";
        String dbPass = "mypass";
        
        Connection conn = DriverManager.getConnection(dbUrl, dbUName, dbPass);

    }
}

To generate single file jar for your project, edit  ./app/build.gradle

...
jar {
    duplicatesStrategy = DuplicatesStrategy.EXCLUDE

    // change with yours
    manifest {
        attributes "Main-Class": "com.dedetok.App"
    }

    from {
        configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) }
    }
}
...

You can run directly using java command

$ ./gradlew build
...
$ java -jar ./app/build/libs/app.jar
Hello World!

Your jar file location is ./app/build/libs/

Now you can edit  ./app/src/main/java/com/dedetok/App.java finish your project. Use any text editor if you wish.

Debian 13: bash to clean up unused gradle in folder $HOME/.gradle

stop any gradle daemon (better run this after you start your Debian)

copy paste this bash and change permission to execute

#!/bin/bash

# Set the cutoff date yyyy-mm-dd
CUTOFF_DATE="2025-08-01"

# Gradle folder
GRADLE_DIR="$HOME/.gradle"

# List of folders to clean
FOLDERS=("android" "build-scan-data" "caches" "daemon" "kotilin-profile" "native" "notifications" "undefined-build" "wrapper" ".tmp")

# 1. Stop Gradle Daemons first so files aren't locked
if [ -f "$GRADLE_DIR/daemon" ]; then
    echo "Stopping Gradle daemons..."
    gradle --stop 2>/dev/null || ./gradlew --stop 2>/dev/null
fi

echo "Cleaning Gradle folders in $GRADLE_DIR modified before $CUTOFF_DATE..."

for folder in "${FOLDERS[@]}"; do
    TARGET="$GRADLE_DIR/$folder"
    if [ -d "$TARGET" ]; then
        echo "Processing $TARGET..."
        # Find and delete files modified before the cutoff date
        find "$TARGET" -type f ! -newermt "$CUTOFF_DATE" -print -delete
        # Remove empty directories
        find "$TARGET" -type d -empty -print -delete
    else
        echo "Folder $TARGET does not exist, skipping."
    fi
done

echo "Cleanup complete."

Note:

• change CUTOFF_DATE for any desire date
• add or remove FOLDERS depends on your folder structure 

Debian 13: rebuilding nvidia driver after kernel upgrade from linux-image-6.12.31-amd64 to linux-image-6.12.57+deb13-amd64

After you upgrade kernel, in my case linux-image-6.12.31-amd64 to linux-image-6.12.57+deb13-amd64, you need to rebuild nvidia driver. During boot, Debian will show some error loading nvidia module

To check which module fail during boot 

# journalctl -b -u systemd-modules-load.service 
Dec 10 09:48:02 mylocalpc systemd-modules-load[781]: modprobe: ERROR: Error running install command 'modprobe n> 
Dec 10 09:48:02 mylocalpc systemd-modules-load[781]: modprobe: ERROR: could not insert 'nvidia_modeset': Invali> 
Dec 10 09:48:02 mylocalpc systemd-modules-load[789]: modprobe: FATAL: Module nvidia-current-drm not found in di> 
Dec 10 09:48:02 mylocalpc systemd-modules-load[767]: Error running install command 'modprobe nvidia-modeset ; m> 
Dec 10 09:48:02 mylocalpc systemd-modules-load[767]: Failed to insert module 'nvidia_drm': Invalid argument 
Dec 10 09:48:02 mylocalpc systemd[1]: systemd-modules-load.service: Main process exited, code=exited, status=1/> 
Dec 10 09:48:02 mylocalpc systemd[1]: systemd-modules-load.service: Failed with result 'exit-code'. 
Dec 10 09:48:02 mylocalpc systemd[1]: Failed to start systemd-modules-load.service - Load 

To install dkms

root@mylocalpc:~# apt install dkms
dkms is already the newest version (3.2.2-1~deb13u1).
dkms set to manually installed.
Summary:
  Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 1

To show dkms status

root@mylocalpc:~# dkms status
nvidia-current/550.163.01, 6.12.31-amd64, x86_64: installed 

To rebuild nvidia driver, it will build any kernel installed.

root@mylocalpc:~# dkms install nvidia-current/550.163.01
Sign command: /lib/modules/6.12.57+deb13-amd64/build/scripts/sign-file
Signing key: /var/lib/dkms/mok.key
Public certificate (MOK): /var/lib/dkms/mok.pub

Building module(s)................ done.
Signing module /var/lib/dkms/nvidia-current/550.163.01/build/nvidia.ko
Signing module /var/lib/dkms/nvidia-current/550.163.01/build/nvidia-modeset.ko
Signing module /var/lib/dkms/nvidia-current/550.163.01/build/nvidia-drm.ko
Signing module /var/lib/dkms/nvidia-current/550.163.01/build/nvidia-uvm.ko
Signing module /var/lib/dkms/nvidia-current/550.163.01/build/nvidia-peermem.ko
Installing /lib/modules/6.12.57+deb13-amd64/updates/dkms/nvidia-current.ko.xz
Installing /lib/modules/6.12.57+deb13-amd64/updates/dkms/nvidia-current-modeset.ko.xz
Installing /lib/modules/6.12.57+deb13-amd64/updates/dkms/nvidia-current-drm.ko.xz
Installing /lib/modules/6.12.57+deb13-amd64/updates/dkms/nvidia-current-uvm.ko.xz
Installing /lib/modules/6.12.57+deb13-amd64/updates/dkms/nvidia-current-peermem.ko.xz
Running depmod.... done.

to check status of nvidia modul

root@mylocalpc:~# dkms status
nvidia-current/550.163.01, 6.12.31-amd64, x86_64: installed
nvidia-current/550.163.01, 6.12.57+deb13-amd64, x86_64: installed

restart your debian. 

Pyhton3: playwright to get audio url stream

There are many tool to find url audio stream from radio station's page, here are a few list:

1. playwright
2. Selenium
3. Puppeteer

To use Wget to find url audo on statik and simple web  

$ wget --spider -r -l 5 -nv -w 1 --no-clobber -A .mp3,.m3u8 "https://www.example.com/audio/stations" 2>&1 | grep -E '\.(mp3|m3u8)$' | awk '{print $3}' | sort -u > out_audio_urls.txt

Install playwright on debian with virtual environment:

myuser@mypc:~$ mkdir spider_playwright
myuser@mypc:~$ cd spider_playwright/
myuser@mypc:~/spider_playwright$ python3 -m venv venv
myuser@mypc:~/spider_playwright$ source venv/bin/activate
(venv) myuser@mypc:~/spider_playwright$ pip install playwright
Collecting playwright
  Downloading playwright-1.56.0-py3-none-manylinux1_x86_64.whl.metadata (3.5 kB)
Collecting pyee<14,>=13 (from playwright)
  Downloading pyee-13.0.0-py3-none-any.whl.metadata (2.9 kB)
Collecting greenlet<4.0.0,>=3.1.1 (from playwright)
  Using cached greenlet-3.2.4-cp313-cp313-manylinux_2_24_x86_64.manylinux_2_28_x86_64.whl.metadata (4.1 kB)
Collecting typing-extensions (from pyee<14,>=13->playwright)
  Using cached typing_extensions-4.15.0-py3-none-any.whl.metadata (3.3 kB)
Downloading playwright-1.56.0-py3-none-manylinux1_x86_64.whl (46.3 MB)
   ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 46.3/46.3 MB 2.5 MB/s eta 0:00:00
Using cached greenlet-3.2.4-cp313-cp313-manylinux_2_24_x86_64.manylinux_2_28_x86_64.whl (610 kB)
Downloading pyee-13.0.0-py3-none-any.whl (15 kB)
Using cached typing_extensions-4.15.0-py3-none-any.whl (44 kB)
Installing collected packages: typing-extensions, greenlet, pyee, playwright
Successfully installed greenlet-3.2.4 playwright-1.56.0 pyee-13.0.0 typing-extensions-4.15.0
(venv) myuser@mypc:~/spider_playwright$ playwright install
Downloading Chromium 141.0.7390.37 (playwright build v1194) from https://cdn.playwright.dev/dbazure/download/playwright/builds/chromium/1194/chromium-linux.zip
173.9 MiB [====================] 100% 0.0s
Chromium 141.0.7390.37 (playwright build v1194) downloaded to /home/myuser/.cache/ms-playwright/chromium-1194
Downloading Chromium Headless Shell 141.0.7390.37 (playwright build v1194) from https://cdn.playwright.dev/dbazure/download/playwright/builds/chromium/1194/chromium-headless-shell-linux.zip
104.3 MiB [====================] 100% 0.0s
Chromium Headless Shell 141.0.7390.37 (playwright build v1194) downloaded to /home/myuser/.cache/ms-playwright/chromium_headless_shell-1194
Downloading Firefox 142.0.1 (playwright build v1495) from https://cdn.playwright.dev/dbazure/download/playwright/builds/firefox/1495/firefox-debian-13.zip
96.7 MiB [====================] 100% 0.0s
Firefox 142.0.1 (playwright build v1495) downloaded to /home/myuser/.cache/ms-playwright/firefox-1495
Downloading Webkit 26.0 (playwright build v2215) from https://cdn.playwright.dev/dbazure/download/playwright/builds/webkit/2215/webkit-debian-13.zip
88.1 MiB [====================] 100% 0.0s
Webkit 26.0 (playwright build v2215) downloaded to /home/myuser/.cache/ms-playwright/webkit-2215
Downloading FFMPEG playwright build v1011 from https://cdn.playwright.dev/dbazure/download/playwright/builds/ffmpeg/1011/ffmpeg-linux.zip
2.3 MiB [====================] 100% 0.0s
FFMPEG playwright build v1011 downloaded to /home/myuser/.cache/ms-playwright/ffmpeg-1011

create file myspider.py and customize to your requirements, make it executable

(venv) myuser@mypc:~/spider_playwright$ chmod u+x myspider.py 

source code myspider.py modify it to meet your requirements 

import asyncio
from playwright.async_api import async_playwright

# generated and adjust by chatgpt.com

AUDIO_HINTS = [
    ".mp3", ".aac", ".m3u8", ".ogg", ".opus", ".wav",
    "stream", "/proxy/", "/live", "radio"
]

async def scan_audio_stream(url: str, listen_seconds: int = 15):
    async with async_playwright() as p:
        browser = await p.chromium.launch(headless=False)
        page = await browser.new_page()

        # ----- Detect manual browser close -----
        browser_disconnected = asyncio.Event()

        def on_browser_disconnect():
            print("\n[BROWSER CLOSED] Exiting application.")
            browser_disconnected.set()

        browser.on("disconnected", on_browser_disconnect)
        # ---------------------------------------

        found = set()

        async def on_response(res):
            u = res.url.lower()
            ct = res.headers.get("content-type", "").lower()

            if "audio" in ct or any(k in u for k in AUDIO_HINTS):
                if u not in found:
                    print(f"[NEW AUDIO STREAM] {u}")
                    found.add(u)

        page.on("response", on_response)

        print("Opening page...")
        await page.goto(url, wait_until="domcontentloaded")
        await asyncio.sleep(2)

        # ---- Find audio player iframe ----
        candidate_frames = [
            f for f in page.frames
            if any(kw in f.url.lower() for kw in ["player", "radio", "embed"])
        ]
        if not candidate_frames:
            candidate_frames = page.frames  # fallback

        print("Attempting to click play...")
        for f in candidate_frames:
            try:
                for sel in ["button[aria-label='Play']", "button.play", ".jp-play", "button"]:
                    btn = await f.query_selector(sel)
                    if btn:
                        print(f"Clicked play in iframe → {f.url}")
                        await btn.click()
                        break
            except:
                pass

        print(f"\nListening for audio streams up to {listen_seconds} seconds...\n")

        # ----- Wait for 15 seconds OR browser close -----
        try:
            await asyncio.wait_for(browser_disconnected.wait(), timeout=listen_seconds)
        except asyncio.TimeoutError:
            print("\n[TIMEOUT] Done scanning.")
        # -------------------------------------------------

        await browser.close()
        return list(found)


if __name__ == "__main__":
    results = asyncio.run(scan_audio_stream(
        "https://www.example.com", # CHANGE HERE
        listen_seconds=15     # ← Fast scan
    ))

    print("\n===== ALL STREAMS FOUND =====")
    for s in results:
        print(s)

Code

from playwright.sync_api import sync_playwright

def main():
    with sync_playwright() as p:
        browser = p.chromium.launch(
            headless=False   # <-- You can manually interact
        )
        context = browser.new_context()
        page = context.new_page()

        print("🚀 Browser launched. Type the radio station URL manually.")
        print("👉 When you press Play, audio stream URLs will appear here.\n")

        # Capture outgoing requests
        def on_request(request):
            url = request.url

            if (
                ".mp3" in url or
                ".aac" in url or
                ".m3u8" in url or
                ".ogg" in url or
                "stream" in url.lower() or
                request.resource_type == "media"
            ):
                print("🎧 AUDIO STREAM REQUEST FOUND:")
                print(url, "\n")

        page.on("request", on_request)

        # Capture responses containing audio
        def on_response(response):
            url = response.url
            headers = response.headers
            content_type = headers.get("content-type", "")

            if any(fmt in content_type for fmt in ["audio", "mpeg", "aac", "ogg"]):
                print("🎧 AUDIO STREAM RESPONSE FOUND:")
                print(url, "\n")

        page.on("response", on_response)

        # Open a blank page — you will type the URL manually
        page.goto("about:blank")

        # Keep browser open
        browser.wait_for_event("disconnected")


if __name__ == "__main__":
    main()

Enjoy

Debian 13: bash script to show nvme/ssd healthy and cpu temperature

Requirement

1. smartmontools
2. lm-sensors
3. psensor 

Installation

# apt-get install smartmontools lm-sensors psensor

copy paste this script to show general temperature on nvme/ssd and cpu. It also give information about nvme/ssd healthy.

#!/bin/bash
# this code generated by chatgpt.com no sign in
# each step was interactive, output from pc will be feed to chatgpt to generate correct output

DRIVE=${1:-/dev/sda}

echo "=== SMART Drive Information ($DRIVE) ==="

sudo smartctl -H -A "$DRIVE" | awk '
/^SMART overall-health/      {print "Drive Health: " $NF}
/^194 Temperature_Celsius/   {print "Drive Temperature: " $10 "°C"}
/^190 Airflow_Temperature/   {print "Drive Temperature: " $10 "°C"}
'

echo
echo "=== CPU Temperature ==="
sensors | awk '
/k10temp/ {found=1}
/temp1:/ && found {print "CPU Temp:", $2; found=0}
'

echo
echo "=== GPU Temperature (AMDGPU) ==="
sensors | awk '
/amdgpu/ {found=1}
/edge:/ && found {print "GPU Temp:", $2; found=0}
'

echo
echo "=== ACPI Temperatures ==="
sensors | awk '
/acpitz/ {block=1}
/temp/ && block {print "ACPI " $1, $2}
/^\s*$/ {block=0}
'

Change permission

# chmod u+x ./checkme.sh

Run as sudo or root 

Windows 11: clean install preparation part 1

This is documentation when I need to reinstall windows 11, because of nvme damage (overheat). It is Axioo 5 hype X6 with Ryzen 6600h. It has windows 11 installed, and this laptop does have ethernet port. 

Download ISO should I download

1. 25h2: shift+f10 keyboard input has been disabled (download from archive.org/)
2. 24h2: shift+f10 keyboard input has been disabled (download from archive.org/)

I did not try 23h2 version, it will take more time to install and laptop must be ready for studying.

During installation shift+f10 will bypass network configuration, you have to run

oobe\bypassnro

after terminal. it will restart installation.  

If you want to use 25h2 and 24h2, download the driver from laptop provider website. in my case download from driver.axiooworld.com, just network driver, others can be installed at the end of windows 11 installation. If you want to use only Windows skip step below, and go to part 2 installation windows.

This below instruction uses other pc/laptop to prepare nvme disk. 

Optional but recommended for dual OS, create EFI System partition (ESP) for new nvme, the minimum size is 500MB. this is step on debian using gparted.

Put a nvme, into nvme ssd/nvme external usb, and connect it your laptop.

Check your nvme

# dmesg
...
[  262.395926] scsi 0:0:0:0: Direct-Access     ADATA LE GEND 710         0213 PQ: 0 ANSI: 6
[  262.397870] sd 0:0:0:0: Attached scsi generic sg0 type 0
[  262.398189] sd 0:0:0:0: [sda] 500118192 512-byte logical blocks: (256 GB/238 GiB)
...
# lsblk
NAME        MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS
sda           8:0    0 238.5G  0 disk 
# fdisk -l
...
Disk /dev/sda: 238.47 GiB, 256060514304 bytes, 500118192 sectors
Disk model: GEND 710        
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes

this is mount point /dev/sda.

I use this schema

1. 500 MB ESP (FAT32 Flag boot and esp)
2. 120 GB Windows system (NTFS)
3. 30 GB Data Windows (NTFS
4. 80 GB Debian / (ext4)
5. 4 GB swap (swap)

 To use GParted to create partition on nvme (Be careful not select wrong disk)

1. Open GParted
2. Select Gparted -> devices -> /dev/sda, If it a new device (never use), you need to create parititon table, Device -> Create partition table, choose 'gpt'
3. select unallocated space, and create EFI System Partition (ESP) for boot loader
       File System: FAT32
       Size: At least 300 MiB (recommended 500 MiB for future needs)
       Label: Optional, but you can name it "EFI". 
4. Apply all operation 
5. Now you can manage flag for ESP, select partition EFI,right click -> Manage Flags -> check 'boot' and 'esp' 

Note: if you try to create new partition in brand new nvme (never used), it will reported No Partition table found, it is really a new device.

Just, to create the partition, the Adata legend 710 heat sink feel a bit warmer.

You can not download windows 11 multi iso from windows https://www.microsoft.com/en-us/software-download/windows11. You can continue with windows 11 installation, it will put boot loader in EFI system partition (ESP) and next you want to install Debian.

Debian 13: increase nvme life time, and how to check its health with additional ssd sata

We move some mount point to cheaper device sata ssd (sata ssd is cheaper then nvme)

1. /home
2. /var
3. /tmp 

for small ram consider to move swap disk into sata ssd. for big ram (equal or more then 16GB), you may keep it on nvme, in case the os require to use swap, it will use nvme for best performance. It is for Debian or other linux distribution, not for windows.

nvme

install nvme-cli to check nvme lifetime

# apt-get install nvme-cli

To list nvme device

# nvme list


To view nmve information

# nvme smart-log -v /dev/nvme0n1
Smart Log for NVME device:nvme0n1 namespace-id:ffffffff
critical_warning            : 0
temperature                : 93 °F (307 K)
available_spare                : 100%
available_spare_threshold        : 5%
percentage_used                : 3%
endurance group critical warning summary: 0
Data Units Read                : 13440652 (6.88 TB)
Data Units Written            : 11259034 (5.76 TB)
host_read_commands            : 204366865
host_write_commands            : 182401866
controller_busy_time            : 3981
power_cycles                : 1399
power_on_hours                : 1106
unsafe_shutdowns            : 32
media_errors                : 0
num_err_log_entries            : 0
Warning Temperature Time        : 0
Critical Composite Temperature Time    : 0
Temperature Sensor 1            : 93 °F (307 K)
Thermal Management T1 Trans Count    : 0
Thermal Management T2 Trans Count    : 0
Thermal Management T1 Total Time    : 0
Thermal Management T2 Total Time    : 0

To view nmve error information 

# nvme error-log -v /dev/nvme0n1

You can copy paste the result to AI for analyzing. Gemini said: 

"Low Usage. This is the total amount of data written to the drive. For a modern consumer or enterprise SSD, 5.76 TB is a very low amount of lifetime writes." 

ssd sata

install smartmontools to check ssd sata

# apt-get install smartmontools

To find ssd

# smartctl --scan
/dev/sda -d scsi # /dev/sda, SCSI device

To check /dev/sda health

# smartctl -H /dev/sda
smartctl 7.4 2023-08-01 r5530 [x86_64-linux-6.12.48+deb13-amd64] (local build)
Copyright (C) 2002-23, Bruce Allen, Christian Franke, www.smartmontools.org

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

To view information from /dev/sda

# smartctl -a /dev/sda

To show all information in /dev/sda with filter Error

# smartctl -x /dev/sda | grep Error
Error logging capability:        (0x01)    Error logging supported.
  1 Raw_Read_Error_Rate     -O--CK   100   100   050    -    0
199 UDMA_CRC_Error_Count    -O--CK   100   100   050    -    0
0x10       GPL,SL  R/O      1  NCQ Command Error log
SMART Extended Comprehensive Error Log Version: 1 (1 sectors)
Device Error Count: 6 (device log contains only the most recent 4 errors)
    ER     = Error register
Error 6 [1] occurred at disk power-on lifetime: 1 hours (0 days + 1 hours)
Error 5 [0] occurred at disk power-on lifetime: 1 hours (0 days + 1 hours)
Error 4 [3] occurred at disk power-on lifetime: 1 hours (0 days + 1 hours)
Error 3 [2] occurred at disk power-on lifetime: 0 hours (0 days + 0 hours)

to test ssd on /dev/sda 

# smartctl -t long /dev/sda
smartctl 7.4 2023-08-01 r5530 [x86_64-linux-6.12.48+deb13-amd64] (local build)
Copyright (C) 2002-23, Bruce Allen, Christian Franke, www.smartmontools.org

=== START OF OFFLINE IMMEDIATE AND SELF-TEST SECTION ===
Sending command: "Execute SMART Extended self-test routine immediately in off-line mode".
Drive command "Execute SMART Extended self-test routine immediately in off-line mode" successful.
Testing has begun.
Please wait 4 minutes for test to complete.
Test will complete after Thu Oct 23 15:35:03 2025 WIB
Use smartctl -X to abort test.

You can use option -t short. After 4 minutes run this command to see the result.

# smartctl -x /dev/sda
smartctl 7.4 2023-08-01 r5530 [x86_64-linux-6.12.48+deb13-amd64] (local build)
Copyright (C) 2002-23, Bruce Allen, Christian Franke, www.smartmontools.org

=== START OF INFORMATION SECTION ===
Device Model:     RX7 2.5 240GB
Serial Number:    AA000000000000002178
LU WWN Device Id: 0 000000 000000000
Firmware Version: FW201105
User Capacity:    240,057,409,536 bytes [240 GB]
Sector Size:      512 bytes logical/physical
Rotation Rate:    Solid State Device
Form Factor:      2.5 inches
TRIM Command:     Available
Device is:        Not in smartctl database 7.3/5528
ATA Version is:   ACS-2 T13/2015-D revision 3
SATA Version is:  SATA 3.2, 6.0 Gb/s (current: 6.0 Gb/s)
Local Time is:    Thu Oct 30 22:15:22 2025 WIB
SMART support is: Available - device has SMART capability.
SMART support is: Enabled
AAM feature is:   Unavailable
APM feature is:   Unavailable
Rd look-ahead is: Enabled
Write cache is:   Enabled
DSN feature is:   Unavailable
ATA Security is:  Disabled, frozen [SEC2]
Wt Cache Reorder: Unavailable

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

General SMART Values:
Offline data collection status:  (0x00)    Offline data collection activity
                    was never started.
                    Auto Offline Data Collection: Disabled.
Self-test execution status:      (   0)    The previous self-test routine completed
                    without error or no self-test has ever 
                    been run.
Total time to complete Offline 
data collection:         (  120) seconds.
Offline data collection
capabilities:              (0x5d) SMART execute Offline immediate.
                    No Auto Offline data collection support.
                    Abort Offline collection upon new
                    command.
                    Offline surface scan supported.
                    Self-test supported.
                    No Conveyance Self-test supported.
                    Selective Self-test supported.
SMART capabilities:            (0x0002)    Does not save SMART data before
                    entering power-saving mode.
                    Supports SMART auto save timer.
Error logging capability:        (0x01)    Error logging supported.
                    General Purpose Logging supported.
Short self-test routine 
recommended polling time:      (   2) minutes.
Extended self-test routine
recommended polling time:      (   4) minutes.

SMART Attributes Data Structure revision number: 1
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME          FLAGS    VALUE WORST THRESH FAIL RAW_VALUE
  1 Raw_Read_Error_Rate     -O--CK   100   100   050    -    0
  5 Reallocated_Sector_Ct   -O--CK   100   100   050    -    0
  9 Power_On_Hours          -O--CK   100   100   050    -    643
 12 Power_Cycle_Count       -O--CK   100   100   050    -    476
160 Unknown_Attribute       -O--CK   100   100   050    -    0
161 Unknown_Attribute       -O--CK   100   100   050    -    0
163 Unknown_Attribute       -O--CK   100   100   050    -    880
164 Unknown_Attribute       -O--CK   100   100   050    -    85
165 Unknown_Attribute       -O--CK   100   100   050    -    118
166 Unknown_Attribute       -O--CK   100   100   050    -    50
167 Unknown_Attribute       -O--CK   100   100   050    -    81
168 Unknown_Attribute       -O--CK   100   100   050    -    0
169 Unknown_Attribute       -O--CK   100   100   050    -    100
175 Program_Fail_Count_Chip -O--CK   100   100   050    -    184549376
176 Erase_Fail_Count_Chip   -O--CK   100   100   050    -    355223
177 Wear_Leveling_Count     -O--CK   100   100   050    -    2488567
178 Used_Rsvd_Blk_Cnt_Chip  -O--CK   100   100   050    -    0
181 Program_Fail_Cnt_Total  -O--CK   100   100   050    -    0
182 Erase_Fail_Count_Total  -O--CK   100   100   050    -    0
192 Power-Off_Retract_Count -O--CK   100   100   050    -    15
194 Temperature_Celsius     -O--CK   100   100   050    -    30
195 Hardware_ECC_Recovered  -O--CK   100   100   050    -    21
196 Reallocated_Event_Count -O--CK   100   100   050    -    0
197 Current_Pending_Sector  -O--CK   100   100   050    -    0
198 Offline_Uncorrectable   -O--CK   100   100   050    -    0
199 UDMA_CRC_Error_Count    -O--CK   100   100   050    -    0
232 Available_Reservd_Space -O--CK   100   100   050    -    0
241 Total_LBAs_Written      -O--CK   100   100   050    -    82732
242 Total_LBAs_Read         -O--CK   100   100   050    -    76686
249 Unknown_Attribute       -O--CK   100   100   050    -    105586
                            ||||||_ K auto-keep
                            |||||__ C event count
                            ||||___ R error rate
                            |||____ S speed/performance
                            ||_____ O updated online
                            |______ P prefailure warning

General Purpose Log Directory Version 1
SMART           Log Directory Version 1 [multi-sector log support]
Address    Access  R/W   Size  Description
0x00       GPL,SL  R/O      1  Log Directory
0x01       GPL,SL  R/O      1  Summary SMART error log
0x02       GPL,SL  R/O      1  Comprehensive SMART error log
0x03       GPL,SL  R/O      1  Ext. Comprehensive SMART error log
0x04       GPL,SL  R/O      8  Device Statistics log
0x06       GPL,SL  R/O      1  SMART self-test log
0x07       GPL,SL  R/O      1  Extended self-test log
0x09       GPL,SL  R/W      1  Selective self-test log
0x10       GPL,SL  R/O      1  NCQ Command Error log
0x11       GPL,SL  R/O      1  SATA Phy Event Counters log
0x30       GPL,SL  R/O      9  IDENTIFY DEVICE data log
0x80-0x9f  GPL,SL  R/W     16  Host vendor specific log
0xa0       GPL,SL  VS      16  Device vendor specific log
0xe0       GPL,SL  R/W      1  SCT Command/Status
0xe1       GPL,SL  R/W      1  SCT Data Transfer

SMART Extended Comprehensive Error Log Version: 1 (1 sectors)
Device Error Count: 6 (device log contains only the most recent 4 errors)
    CR     = Command Register
    FEATR  = Features Register
    COUNT  = Count (was: Sector Count) Register
    LBA_48 = Upper bytes of LBA High/Mid/Low Registers ]  ATA-8
    LH     = LBA High (was: Cylinder High) Register    ]   LBA
    LM     = LBA Mid (was: Cylinder Low) Register      ] Register
    LL     = LBA Low (was: Sector Number) Register     ]
    DV     = Device (was: Device/Head) Register
    DC     = Device Control Register
    ER     = Error register
    ST     = Status register
Powered_Up_Time is measured from power on, and printed as
DDd+hh:mm:SS.sss where DD=days, hh=hours, mm=minutes,
SS=sec, and sss=millisec. It "wraps" after 49.710 days.

Error 6 [1] occurred at disk power-on lifetime: 1 hours (0 days + 1 hours)
  When the command that caused the error occurred, the device was in an unknown state.

  After command completion occurred, registers were:
  ER -- ST COUNT  LBA_48  LH LM LL DV DC
  -- -- -- == -- == == == -- -- -- -- --
  04 -- a0 00 01 00 00 4f 00 c2 c0 51 00  Device Fault

  Commands leading to the command that caused the error were:
  CR FEATR COUNT  LBA_48  LH LM LL DV DC  Powered_Up_Time  Command/Feature_Name
  -- == -- == -- == == == -- -- -- -- --  ---------------  --------------------
  b0 00 d5 00 01 00 00 4f 00 c2 c0 a0 00     00:00:00.430  SMART READ LOG
  ec 00 00 00 00 00 00 00 00 00 00 a0 00     00:00:00.430  IDENTIFY DEVICE
  67 b6 c2 97 32 21 61 7b 60 cf ba 1f ff     00:00:00.360  [RESERVED FOR SERIAL ATA]

Error 5 [0] occurred at disk power-on lifetime: 1 hours (0 days + 1 hours)
  When the command that caused the error occurred, the device was in an unknown state.

  After command completion occurred, registers were:
  ER -- ST COUNT  LBA_48  LH LM LL DV DC
  -- -- -- == -- == == == -- -- -- -- --
  04 -- a0 00 01 00 00 4f 00 c2 c0 51 00  Device Fault

  Commands leading to the command that caused the error were:
  CR FEATR COUNT  LBA_48  LH LM LL DV DC  Powered_Up_Time  Command/Feature_Name
  -- == -- == -- == == == -- -- -- -- --  ---------------  --------------------
  b0 00 d5 00 01 00 00 4f 00 c2 c0 a0 00     00:00:00.430  SMART READ LOG
  ec 00 00 00 00 00 00 00 00 00 00 a0 00     00:00:00.430  IDENTIFY DEVICE
  67 b6 82 97 32 21 69 79 60 cf ba 3f ff     00:00:00.360  [RESERVED FOR SERIAL ATA]

Error 4 [3] occurred at disk power-on lifetime: 1 hours (0 days + 1 hours)
  When the command that caused the error occurred, the device was in an unknown state.

  After command completion occurred, registers were:
  ER -- ST COUNT  LBA_48  LH LM LL DV DC
  -- -- -- == -- == == == -- -- -- -- --
  04 -- a0 00 01 00 00 4f 00 c2 c0 51 00  Device Fault

  Commands leading to the command that caused the error were:
  CR FEATR COUNT  LBA_48  LH LM LL DV DC  Powered_Up_Time  Command/Feature_Name
  -- == -- == -- == == == -- -- -- -- --  ---------------  --------------------
  b0 00 d5 00 01 00 00 4f 00 c2 c0 a0 00     00:00:00.410  SMART READ LOG
  ec 00 00 00 00 00 00 00 00 00 00 a0 00     00:00:00.410  IDENTIFY DEVICE
  67 b6 8a 97 b2 21 6b 7b 60 cf ba 3e ff     00:00:00.360  [RESERVED FOR SERIAL ATA]

Error 3 [2] occurred at disk power-on lifetime: 0 hours (0 days + 0 hours)
  When the command that caused the error occurred, the device was in an unknown state.

  After command completion occurred, registers were:
  ER -- ST COUNT  LBA_48  LH LM LL DV DC
  -- -- -- == -- == == == -- -- -- -- --
  04 -- a0 00 01 00 00 4f 00 c2 c0 51 00  Device Fault

  Commands leading to the command that caused the error were:
  CR FEATR COUNT  LBA_48  LH LM LL DV DC  Powered_Up_Time  Command/Feature_Name
  -- == -- == -- == == == -- -- -- -- --  ---------------  --------------------
  b0 00 d5 00 01 00 00 4f 00 c2 c0 a0 00     00:00:00.410  SMART READ LOG
  ec 00 00 00 00 00 00 00 00 00 00 a0 00     00:00:00.410  IDENTIFY DEVICE
  67 b6 c2 97 32 21 69 79 60 cf ba 1e ff     00:00:00.360  [RESERVED FOR SERIAL ATA]

SMART Extended Self-test Log Version: 1 (1 sectors)
Num  Test_Description    Status                  Remaining  LifeTime(hours)  LBA_of_first_error
# 1  Offline             Completed without error       00%       641         -
# 2  Offline             Self-test routine in progress 10%       641         -
# 3  Offline             Self-test routine in progress 10%       641         -
# 4  Offline             Self-test routine in progress 10%       641         -
# 5  Offline             Self-test routine in progress 10%       641         -
# 6  Offline             Self-test routine in progress 10%       641         -
# 7  Offline             Self-test routine in progress 10%       641         -
# 8  Offline             Self-test routine in progress 10%       641         -
# 9  Offline             Self-test routine in progress 10%       641         -
#10  Offline             Self-test routine in progress 10%       641         -
#11  Offline             Self-test routine in progress 10%       641         -
#12  Offline             Self-test routine in progress 10%       641         -
#13  Offline             Self-test routine in progress 10%       641         -
#14  Offline             Self-test routine in progress 10%       641         -
#15  Offline             Self-test routine in progress 10%       641         -
#16  Offline             Self-test routine in progress 10%       641         -
#17  Offline             Self-test routine in progress 10%       641         -
#18  Offline             Self-test routine in progress 10%       641         -
#19  Offline             Self-test routine in progress 10%       641         -

SMART Selective self-test log data structure revision number 0
Note: revision number not 1 implies that no selective self-test has ever been run
 SPAN  MIN_LBA  MAX_LBA  CURRENT_TEST_STATUS
    1        0        0  Not_testing
    2        0        0  Not_testing
    3        0        0  Not_testing
    4        0        0  Not_testing
    5        0        0  Not_testing
Selective self-test flags (0x0):
  After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.

SCT Commands not supported

Device Statistics (GP Log 0x04)
Page  Offset Size        Value Flags Description
0x01  =====  =               =  ===  == General Statistics (rev 1) ==
0x01  0x008  4             476  ---  Lifetime Power-On Resets
0x01  0x010  4             643  ---  Power-on Hours
0x01  0x018  6      5421924352  ---  Logical Sectors Written
0x01  0x020  6        85241306  ---  Number of Write Commands
0x01  0x028  6      5025693696  ---  Logical Sectors Read
0x01  0x030  6        74355305  ---  Number of Read Commands
0x01  =====  =               =  ===  == General Statistics (rev 1) ==
0x01  0x008  4             476  ---  Lifetime Power-On Resets
0x01  0x010  4             643  ---  Power-on Hours
0x01  0x018  6      5421924352  ---  Logical Sectors Written
0x01  0x020  6        85241306  ---  Number of Write Commands
0x01  0x028  6      5025693696  ---  Logical Sectors Read
0x01  0x030  6        74355305  ---  Number of Read Commands
0x01  =====  =               =  ===  == General Statistics (rev 1) ==
0x01  0x008  4             476  ---  Lifetime Power-On Resets
0x01  0x010  4             643  ---  Power-on Hours
0x01  0x018  6      5421924352  ---  Logical Sectors Written
0x01  0x020  6        85241306  ---  Number of Write Commands
0x01  0x028  6      5025693696  ---  Logical Sectors Read
0x01  0x030  6        74355305  ---  Number of Read Commands
0x01  =====  =               =  ===  == General Statistics (rev 1) ==
0x01  0x008  4             476  ---  Lifetime Power-On Resets
0x01  0x010  4             643  ---  Power-on Hours
0x01  0x018  6      5421924352  ---  Logical Sectors Written
0x01  0x020  6        85241306  ---  Number of Write Commands
0x01  0x028  6      5025693696  ---  Logical Sectors Read
0x01  0x030  6        74355305  ---  Number of Read Commands
0x01  =====  =               =  ===  == General Statistics (rev 1) ==
0x01  0x008  4             476  ---  Lifetime Power-On Resets
0x01  0x010  4             643  ---  Power-on Hours
0x01  0x018  6      5421924352  ---  Logical Sectors Written
0x01  0x020  6        85241306  ---  Number of Write Commands
0x01  0x028  6      5025693696  ---  Logical Sectors Read
0x01  0x030  6        74355305  ---  Number of Read Commands
0x01  =====  =               =  ===  == General Statistics (rev 1) ==
0x01  0x008  4             476  ---  Lifetime Power-On Resets
0x01  0x010  4             643  ---  Power-on Hours
0x01  0x018  6      5421924352  ---  Logical Sectors Written
0x01  0x020  6        85241306  ---  Number of Write Commands
0x01  0x028  6      5025693696  ---  Logical Sectors Read
0x01  0x030  6        74355305  ---  Number of Read Commands
0x01  =====  =               =  ===  == General Statistics (rev 1) ==
0x01  0x008  4             476  ---  Lifetime Power-On Resets
0x01  0x010  4             643  ---  Power-on Hours
0x01  0x018  6      5421924352  ---  Logical Sectors Written
0x01  0x020  6        85241306  ---  Number of Write Commands
0x01  0x028  6      5025693696  ---  Logical Sectors Read
0x01  0x030  6        74355305  ---  Number of Read Commands
0x01  =====  =               =  ===  == General Statistics (rev 1) ==
0x01  0x008  4             476  ---  Lifetime Power-On Resets
0x01  0x010  4             643  ---  Power-on Hours
0x01  0x018  6      5421924352  ---  Logical Sectors Written
0x01  0x020  6        85241306  ---  Number of Write Commands
0x01  0x028  6      5025693696  ---  Logical Sectors Read
0x01  0x030  6        74355305  ---  Number of Read Commands
                                |||_ C monitored condition met
                                ||__ D supports DSN
                                |___ N normalized value

Pending Defects log (GP Log 0x0c) not supported

SATA Phy Event Counters (GP Log 0x11)
ID      Size     Value  Description
0x0001  4            0  Command failed due to ICRC error
0x0009  4          764  Transition from drive PhyRdy to drive PhyNRdy
0x000a  4          221  Device-to-host register FISes sent due to a COMRESET
0x000b  4            0  CRC errors within host-to-device FIS
0x000d  4            0  Non-CRC errors within host-to-device FIS

Sample Device Model: RX7 2.5 240GB 

The result required knowledge to interpret it. Copy paste this to AI and what are they suggesting.

Gemini recommendation for "smartctl -x /dev/sda | grep Error" (copy paste only error messages), may misleading recommendation:

"Recommendation: Since the error occurred so early, it's highly likely to be a dead-on-arrival (DOA) or early life failure. The drive should be considered unreliable and immediately replaced under warranty. Do not store critical data on this device."

Gemini recommendation for "smartctl -x /dev/sda" (copy paste all output):

 "The drive's SMART overall-health self-assessment test result: PASSED and the zero count on critical wear-related attributes (like Reallocated Sector Count) suggest the media is physically healthy and not currently failing due to wear.

However, the high number of "Device Fault" errors that occurred early in the drive's life, combined with the anomalous self-test log, indicates a potential instability issue."

Chatgpt.com commenting for the output:

"Verdict: Your RX7 240 GB SSD is fully healthy and nowhere near worn out.

Your RX7 240 GB SSD is healthy, low-wear (~2.8 TBW), and has ~95 % lifespan remaining." 

 Chatgpt.com explanation about the errors:

"What those “Errors” really are

• These are entries in the SMART Extended Error Log, not current hardware problems.
• Your log shows 6 errors, all at power-on lifetime: 0–1 hours.
  That means: they happened right when the drive was brand new or initializing — years ago.
• Since then (643+ hours of runtime), no new errors have been logged."