Dedetok: My Experience Notes: debian

Showing posts with label debian. Show all posts

Thursday, October 23, 2025

Debian 13: increase nvme life time, and how to check its health with additional ssd sata

We move some mount point to cheaper device sata ssd (sata ssd is cheaper then nvme)

/home
/var
/tmp

for small ram consider to move swap disk into sata ssd. for big ram (equal or more then 16GB), you may keep it on nvme, in case the os require to use swap, it will use nvme for best performance. It is for Debian or other linux distribution, not for windows.

nvme

install nvme-cli to check nvme lifetime

# apt-get install nvme-cli

To list nvme device

# nvme list

To view nmve information

# nvme smart-log -v /dev/nvme0n1 Smart Log for NVME device:nvme0n1 namespace-id:ffffffff critical_warning : 0 temperature : 93 °F (307 K) available_spare : 100% available_spare_threshold : 5% percentage_used : 3% endurance group critical warning summary: 0 Data Units Read : 13440652 (6.88 TB) Data Units Written : 11259034 (5.76 TB) host_read_commands : 204366865 host_write_commands : 182401866 controller_busy_time : 3981 power_cycles : 1399 power_on_hours : 1106 unsafe_shutdowns : 32 media_errors : 0 num_err_log_entries : 0 Warning Temperature Time : 0 Critical Composite Temperature Time : 0 Temperature Sensor 1 : 93 °F (307 K) Thermal Management T1 Trans Count : 0 Thermal Management T2 Trans Count : 0 Thermal Management T1 Total Time : 0 Thermal Management T2 Total Time : 0

To view nmve error information

# nvme error-log -v /dev/nvme0n1

You can copy paste the result to AI for analyzing. Gemini said:

"Low Usage. This is the total amount of data written to the drive. For a modern consumer or enterprise SSD, 5.76 TB is a very low amount of lifetime writes."

ssd sata

install smartmontools to check ssd sata

# apt-get install smartmontools

To find ssd

# smartctl --scan /dev/sda -d scsi # /dev/sda, SCSI device

To check /dev/sda health

# smartctl -H /dev/sda smartctl 7.4 2023-08-01 r5530 [x86_64-linux-6.12.48+deb13-amd64] (local build) Copyright (C) 2002-23, Bruce Allen, Christian Franke, www.smartmontools.org === START OF READ SMART DATA SECTION === SMART overall-health self-assessment test result: PASSED

To view information from /dev/sda

# smartctl -a /dev/sda

To show all information in /dev/sda with filter Error

# smartctl -x /dev/sda | grep Error Error logging capability: (0x01) Error logging supported. 1 Raw_Read_Error_Rate -O--CK 100 100 050 - 0 199 UDMA_CRC_Error_Count -O--CK 100 100 050 - 0 0x10 GPL,SL R/O 1 NCQ Command Error log SMART Extended Comprehensive Error Log Version: 1 (1 sectors) Device Error Count: 6 (device log contains only the most recent 4 errors) ER = Error register Error 6 [1] occurred at disk power-on lifetime: 1 hours (0 days + 1 hours) Error 5 [0] occurred at disk power-on lifetime: 1 hours (0 days + 1 hours) Error 4 [3] occurred at disk power-on lifetime: 1 hours (0 days + 1 hours) Error 3 [2] occurred at disk power-on lifetime: 0 hours (0 days + 0 hours)

to test ssd on /dev/sda

# smartctl -t long /dev/sda smartctl 7.4 2023-08-01 r5530 [x86_64-linux-6.12.48+deb13-amd64] (local build) Copyright (C) 2002-23, Bruce Allen, Christian Franke, www.smartmontools.org === START OF OFFLINE IMMEDIATE AND SELF-TEST SECTION === Sending command: "Execute SMART Extended self-test routine immediately in off-line mode". Drive command "Execute SMART Extended self-test routine immediately in off-line mode" successful. Testing has begun. Please wait 4 minutes for test to complete. Test will complete after Thu Oct 23 15:35:03 2025 WIB Use smartctl -X to abort test.

You can use option -t short. After 4 minutes run this command to see the result.

# smartctl -x /dev/sda smartctl 7.4 2023-08-01 r5530 [x86_64-linux-6.12.48+deb13-amd64] (local build) Copyright (C) 2002-23, Bruce Allen, Christian Franke, www.smartmontools.org === START OF INFORMATION SECTION === Device Model: RX7 2.5 240GB Serial Number: AA000000000000002178 LU WWN Device Id: 0 000000 000000000 Firmware Version: FW201105 User Capacity: 240,057,409,536 bytes [240 GB] Sector Size: 512 bytes logical/physical Rotation Rate: Solid State Device Form Factor: 2.5 inches TRIM Command: Available Device is: Not in smartctl database 7.3/5528 ATA Version is: ACS-2 T13/2015-D revision 3 SATA Version is: SATA 3.2, 6.0 Gb/s (current: 6.0 Gb/s) Local Time is: Thu Oct 30 22:15:22 2025 WIB SMART support is: Available - device has SMART capability. SMART support is: Enabled AAM feature is: Unavailable APM feature is: Unavailable Rd look-ahead is: Enabled Write cache is: Enabled DSN feature is: Unavailable ATA Security is: Disabled, frozen [SEC2] Wt Cache Reorder: Unavailable === START OF READ SMART DATA SECTION === SMART overall-health self-assessment test result: PASSED General SMART Values: Offline data collection status: (0x00) Offline data collection activity was never started. Auto Offline Data Collection: Disabled. Self-test execution status: ( 0) The previous self-test routine completed without error or no self-test has ever been run. Total time to complete Offline data collection: ( 120) seconds. Offline data collection capabilities: (0x5d) SMART execute Offline immediate. No Auto Offline data collection support. Abort Offline collection upon new command. Offline surface scan supported. Self-test supported. No Conveyance Self-test supported. Selective Self-test supported. SMART capabilities: (0x0002) Does not save SMART data before entering power-saving mode. Supports SMART auto save timer. Error logging capability: (0x01) Error logging supported. General Purpose Logging supported. Short self-test routine recommended polling time: ( 2) minutes. Extended self-test routine recommended polling time: ( 4) minutes. SMART Attributes Data Structure revision number: 1 Vendor Specific SMART Attributes with Thresholds: ID# ATTRIBUTE_NAME FLAGS VALUE WORST THRESH FAIL RAW_VALUE 1 Raw_Read_Error_Rate -O--CK 100 100 050 - 0 5 Reallocated_Sector_Ct -O--CK 100 100 050 - 0 9 Power_On_Hours -O--CK 100 100 050 - 643 12 Power_Cycle_Count -O--CK 100 100 050 - 476 160 Unknown_Attribute -O--CK 100 100 050 - 0 161 Unknown_Attribute -O--CK 100 100 050 - 0 163 Unknown_Attribute -O--CK 100 100 050 - 880 164 Unknown_Attribute -O--CK 100 100 050 - 85 165 Unknown_Attribute -O--CK 100 100 050 - 118 166 Unknown_Attribute -O--CK 100 100 050 - 50 167 Unknown_Attribute -O--CK 100 100 050 - 81 168 Unknown_Attribute -O--CK 100 100 050 - 0 169 Unknown_Attribute -O--CK 100 100 050 - 100 175 Program_Fail_Count_Chip -O--CK 100 100 050 - 184549376 176 Erase_Fail_Count_Chip -O--CK 100 100 050 - 355223 177 Wear_Leveling_Count -O--CK 100 100 050 - 2488567 178 Used_Rsvd_Blk_Cnt_Chip -O--CK 100 100 050 - 0 181 Program_Fail_Cnt_Total -O--CK 100 100 050 - 0 182 Erase_Fail_Count_Total -O--CK 100 100 050 - 0 192 Power-Off_Retract_Count -O--CK 100 100 050 - 15 194 Temperature_Celsius -O--CK 100 100 050 - 30 195 Hardware_ECC_Recovered -O--CK 100 100 050 - 21 196 Reallocated_Event_Count -O--CK 100 100 050 - 0 197 Current_Pending_Sector -O--CK 100 100 050 - 0 198 Offline_Uncorrectable -O--CK 100 100 050 - 0 199 UDMA_CRC_Error_Count -O--CK 100 100 050 - 0 232 Available_Reservd_Space -O--CK 100 100 050 - 0 241 Total_LBAs_Written -O--CK 100 100 050 - 82732 242 Total_LBAs_Read -O--CK 100 100 050 - 76686 249 Unknown_Attribute -O--CK 100 100 050 - 105586 ||||||_ K auto-keep |||||__ C event count ||||___ R error rate |||____ S speed/performance ||_____ O updated online |______ P prefailure warning General Purpose Log Directory Version 1 SMART Log Directory Version 1 [multi-sector log support] Address Access R/W Size Description 0x00 GPL,SL R/O 1 Log Directory 0x01 GPL,SL R/O 1 Summary SMART error log 0x02 GPL,SL R/O 1 Comprehensive SMART error log 0x03 GPL,SL R/O 1 Ext. Comprehensive SMART error log 0x04 GPL,SL R/O 8 Device Statistics log 0x06 GPL,SL R/O 1 SMART self-test log 0x07 GPL,SL R/O 1 Extended self-test log 0x09 GPL,SL R/W 1 Selective self-test log 0x10 GPL,SL R/O 1 NCQ Command Error log 0x11 GPL,SL R/O 1 SATA Phy Event Counters log 0x30 GPL,SL R/O 9 IDENTIFY DEVICE data log 0x80-0x9f GPL,SL R/W 16 Host vendor specific log 0xa0 GPL,SL VS 16 Device vendor specific log 0xe0 GPL,SL R/W 1 SCT Command/Status 0xe1 GPL,SL R/W 1 SCT Data Transfer SMART Extended Comprehensive Error Log Version: 1 (1 sectors) Device Error Count: 6 (device log contains only the most recent 4 errors) CR = Command Register FEATR = Features Register COUNT = Count (was: Sector Count) Register LBA_48 = Upper bytes of LBA High/Mid/Low Registers ] ATA-8 LH = LBA High (was: Cylinder High) Register ] LBA LM = LBA Mid (was: Cylinder Low) Register ] Register LL = LBA Low (was: Sector Number) Register ] DV = Device (was: Device/Head) Register DC = Device Control Register ER = Error register ST = Status register Powered_Up_Time is measured from power on, and printed as DDd+hh:mm:SS.sss where DD=days, hh=hours, mm=minutes, SS=sec, and sss=millisec. It "wraps" after 49.710 days. Error 6 [1] occurred at disk power-on lifetime: 1 hours (0 days + 1 hours) When the command that caused the error occurred, the device was in an unknown state. After command completion occurred, registers were: ER -- ST COUNT LBA_48 LH LM LL DV DC -- -- -- == -- == == == -- -- -- -- -- 04 -- a0 00 01 00 00 4f 00 c2 c0 51 00 Device Fault Commands leading to the command that caused the error were: CR FEATR COUNT LBA_48 LH LM LL DV DC Powered_Up_Time Command/Feature_Name -- == -- == -- == == == -- -- -- -- -- --------------- -------------------- b0 00 d5 00 01 00 00 4f 00 c2 c0 a0 00 00:00:00.430 SMART READ LOG ec 00 00 00 00 00 00 00 00 00 00 a0 00 00:00:00.430 IDENTIFY DEVICE 67 b6 c2 97 32 21 61 7b 60 cf ba 1f ff 00:00:00.360 [RESERVED FOR SERIAL ATA] Error 5 [0] occurred at disk power-on lifetime: 1 hours (0 days + 1 hours) When the command that caused the error occurred, the device was in an unknown state. After command completion occurred, registers were: ER -- ST COUNT LBA_48 LH LM LL DV DC -- -- -- == -- == == == -- -- -- -- -- 04 -- a0 00 01 00 00 4f 00 c2 c0 51 00 Device Fault Commands leading to the command that caused the error were: CR FEATR COUNT LBA_48 LH LM LL DV DC Powered_Up_Time Command/Feature_Name -- == -- == -- == == == -- -- -- -- -- --------------- -------------------- b0 00 d5 00 01 00 00 4f 00 c2 c0 a0 00 00:00:00.430 SMART READ LOG ec 00 00 00 00 00 00 00 00 00 00 a0 00 00:00:00.430 IDENTIFY DEVICE 67 b6 82 97 32 21 69 79 60 cf ba 3f ff 00:00:00.360 [RESERVED FOR SERIAL ATA] Error 4 [3] occurred at disk power-on lifetime: 1 hours (0 days + 1 hours) When the command that caused the error occurred, the device was in an unknown state. After command completion occurred, registers were: ER -- ST COUNT LBA_48 LH LM LL DV DC -- -- -- == -- == == == -- -- -- -- -- 04 -- a0 00 01 00 00 4f 00 c2 c0 51 00 Device Fault Commands leading to the command that caused the error were: CR FEATR COUNT LBA_48 LH LM LL DV DC Powered_Up_Time Command/Feature_Name -- == -- == -- == == == -- -- -- -- -- --------------- -------------------- b0 00 d5 00 01 00 00 4f 00 c2 c0 a0 00 00:00:00.410 SMART READ LOG ec 00 00 00 00 00 00 00 00 00 00 a0 00 00:00:00.410 IDENTIFY DEVICE 67 b6 8a 97 b2 21 6b 7b 60 cf ba 3e ff 00:00:00.360 [RESERVED FOR SERIAL ATA] Error 3 [2] occurred at disk power-on lifetime: 0 hours (0 days + 0 hours) When the command that caused the error occurred, the device was in an unknown state. After command completion occurred, registers were: ER -- ST COUNT LBA_48 LH LM LL DV DC -- -- -- == -- == == == -- -- -- -- -- 04 -- a0 00 01 00 00 4f 00 c2 c0 51 00 Device Fault Commands leading to the command that caused the error were: CR FEATR COUNT LBA_48 LH LM LL DV DC Powered_Up_Time Command/Feature_Name -- == -- == -- == == == -- -- -- -- -- --------------- -------------------- b0 00 d5 00 01 00 00 4f 00 c2 c0 a0 00 00:00:00.410 SMART READ LOG ec 00 00 00 00 00 00 00 00 00 00 a0 00 00:00:00.410 IDENTIFY DEVICE 67 b6 c2 97 32 21 69 79 60 cf ba 1e ff 00:00:00.360 [RESERVED FOR SERIAL ATA] SMART Extended Self-test Log Version: 1 (1 sectors) Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error # 1 Offline Completed without error 00% 641 - # 2 Offline Self-test routine in progress 10% 641 - # 3 Offline Self-test routine in progress 10% 641 - # 4 Offline Self-test routine in progress 10% 641 - # 5 Offline Self-test routine in progress 10% 641 - # 6 Offline Self-test routine in progress 10% 641 - # 7 Offline Self-test routine in progress 10% 641 - # 8 Offline Self-test routine in progress 10% 641 - # 9 Offline Self-test routine in progress 10% 641 - #10 Offline Self-test routine in progress 10% 641 - #11 Offline Self-test routine in progress 10% 641 - #12 Offline Self-test routine in progress 10% 641 - #13 Offline Self-test routine in progress 10% 641 - #14 Offline Self-test routine in progress 10% 641 - #15 Offline Self-test routine in progress 10% 641 - #16 Offline Self-test routine in progress 10% 641 - #17 Offline Self-test routine in progress 10% 641 - #18 Offline Self-test routine in progress 10% 641 - #19 Offline Self-test routine in progress 10% 641 - SMART Selective self-test log data structure revision number 0 Note: revision number not 1 implies that no selective self-test has ever been run SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS 1 0 0 Not_testing 2 0 0 Not_testing 3 0 0 Not_testing 4 0 0 Not_testing 5 0 0 Not_testing Selective self-test flags (0x0): After scanning selected spans, do NOT read-scan remainder of disk. If Selective self-test is pending on power-up, resume after 0 minute delay. SCT Commands not supported Device Statistics (GP Log 0x04) Page Offset Size Value Flags Description 0x01 ===== = = === == General Statistics (rev 1) == 0x01 0x008 4 476 --- Lifetime Power-On Resets 0x01 0x010 4 643 --- Power-on Hours 0x01 0x018 6 5421924352 --- Logical Sectors Written 0x01 0x020 6 85241306 --- Number of Write Commands 0x01 0x028 6 5025693696 --- Logical Sectors Read 0x01 0x030 6 74355305 --- Number of Read Commands 0x01 ===== = = === == General Statistics (rev 1) == 0x01 0x008 4 476 --- Lifetime Power-On Resets 0x01 0x010 4 643 --- Power-on Hours 0x01 0x018 6 5421924352 --- Logical Sectors Written 0x01 0x020 6 85241306 --- Number of Write Commands 0x01 0x028 6 5025693696 --- Logical Sectors Read 0x01 0x030 6 74355305 --- Number of Read Commands 0x01 ===== = = === == General Statistics (rev 1) == 0x01 0x008 4 476 --- Lifetime Power-On Resets 0x01 0x010 4 643 --- Power-on Hours 0x01 0x018 6 5421924352 --- Logical Sectors Written 0x01 0x020 6 85241306 --- Number of Write Commands 0x01 0x028 6 5025693696 --- Logical Sectors Read 0x01 0x030 6 74355305 --- Number of Read Commands 0x01 ===== = = === == General Statistics (rev 1) == 0x01 0x008 4 476 --- Lifetime Power-On Resets 0x01 0x010 4 643 --- Power-on Hours 0x01 0x018 6 5421924352 --- Logical Sectors Written 0x01 0x020 6 85241306 --- Number of Write Commands 0x01 0x028 6 5025693696 --- Logical Sectors Read 0x01 0x030 6 74355305 --- Number of Read Commands 0x01 ===== = = === == General Statistics (rev 1) == 0x01 0x008 4 476 --- Lifetime Power-On Resets 0x01 0x010 4 643 --- Power-on Hours 0x01 0x018 6 5421924352 --- Logical Sectors Written 0x01 0x020 6 85241306 --- Number of Write Commands 0x01 0x028 6 5025693696 --- Logical Sectors Read 0x01 0x030 6 74355305 --- Number of Read Commands 0x01 ===== = = === == General Statistics (rev 1) == 0x01 0x008 4 476 --- Lifetime Power-On Resets 0x01 0x010 4 643 --- Power-on Hours 0x01 0x018 6 5421924352 --- Logical Sectors Written 0x01 0x020 6 85241306 --- Number of Write Commands 0x01 0x028 6 5025693696 --- Logical Sectors Read 0x01 0x030 6 74355305 --- Number of Read Commands 0x01 ===== = = === == General Statistics (rev 1) == 0x01 0x008 4 476 --- Lifetime Power-On Resets 0x01 0x010 4 643 --- Power-on Hours 0x01 0x018 6 5421924352 --- Logical Sectors Written 0x01 0x020 6 85241306 --- Number of Write Commands 0x01 0x028 6 5025693696 --- Logical Sectors Read 0x01 0x030 6 74355305 --- Number of Read Commands 0x01 ===== = = === == General Statistics (rev 1) == 0x01 0x008 4 476 --- Lifetime Power-On Resets 0x01 0x010 4 643 --- Power-on Hours 0x01 0x018 6 5421924352 --- Logical Sectors Written 0x01 0x020 6 85241306 --- Number of Write Commands 0x01 0x028 6 5025693696 --- Logical Sectors Read 0x01 0x030 6 74355305 --- Number of Read Commands |||_ C monitored condition met ||__ D supports DSN |___ N normalized value Pending Defects log (GP Log 0x0c) not supported SATA Phy Event Counters (GP Log 0x11) ID Size Value Description 0x0001 4 0 Command failed due to ICRC error 0x0009 4 764 Transition from drive PhyRdy to drive PhyNRdy 0x000a 4 221 Device-to-host register FISes sent due to a COMRESET 0x000b 4 0 CRC errors within host-to-device FIS 0x000d 4 0 Non-CRC errors within host-to-device FIS

Sample Device Model: RX7 2.5 240GB

The result required knowledge to interpret it. Copy paste this to AI and what are they suggesting.

Gemini recommendation for "smartctl -x /dev/sda | grep Error" (copy paste only error messages), may misleading recommendation:

"Recommendation: Since the error occurred so early, it's highly likely to be a dead-on-arrival (DOA) or early life failure. The drive should be considered unreliable and immediately replaced under warranty. Do not store critical data on this device."

Gemini recommendation for "smartctl -x /dev/sda" (copy paste all output):

"The drive's SMART overall-health self-assessment test result: PASSED and the zero count on critical wear-related attributes (like Reallocated Sector Count) suggest the media is physically healthy and not currently failing due to wear.

However, the high number of "Device Fault" errors that occurred early in the drive's life, combined with the anomalous self-test log, indicates a potential instability issue."

Chatgpt.com commenting for the output:

"Verdict: Your RX7 240 GB SSD is fully healthy and nowhere near worn out.

Your RX7 240 GB SSD is healthy, low-wear (~2.8 TBW), and has ~95 % lifespan remaining."

Chatgpt.com explanation about the errors:

"What those “Errors” really are

These are entries in the SMART Extended Error Log, not current hardware problems.
Your log shows 6 errors, all at power-on lifetime: 0–1 hours.
That means: they happened right when the drive was brand new or initializing — years ago.
Since then (643+ hours of runtime), no new errors have been logged."

Tuesday, October 21, 2025

Debian 13: upgrading hp ink tank 315 configuration

chatgpt "when you upgraded from Debian 12 → 13, your printing stack also got a major bump (Debian 13 uses CUPS 2.5+ and newer ipp-usb / cups-filters packages). These prefer driverless (IPP Everywhere) printing — and your HP 415 does support that mode."

These steps are generated by chatgpt, but I follow it step by step.

Identify both printer URIs

# lpstat -v device for HP-Ink-Tank-Wireless-415: socket://x.x.x.x:9100 device for HP_Ink_Tank_Wireless_410_series_1BAF5D: implicitclass://HP_Ink_Tank_Wireless_410_series_1BAF5D/ device for PDF: cups-pdf:/

"The implicitclass:// scheme comes from cups-browsed, which discovers and manages driverless IPP printers automatically.
In your case, that printer (HP_Ink_Tank_Wireless_410_series_1BAF5D) is a modern, IPP Everywhere version of your HP Ink Tank 415.
It’s the correct, future-proof configuration — and it’s why your test print worked even without the old socket:// driver."

Remove the legacy driver and clean up your setup

# lpadmin -x HP-Ink-Tank-Wireless-415

Optional to make your new driver as default printer

# lpadmin -d HP_Ink_Tank_Wireless_410_series_1BAF5D

Note: option -d to choose default printer

Check your scanner

# scanimage -L device `v4l:/dev/video0' is a Noname Integrated Camera: Integrated C virtual device device `escl:https://x.x.x.x:443' is a HP Ink Tank Wireless 410 series [1BAF5D] platen scanner device `hpaio:/net/ink_tank_wireless_410_series?ip=x.x.x.x&queue=false' is a Hewlett-Packard ink_tank_wireless_410_series all-in-one device `airscan:e0:HP Ink Tank Wireless 410 series [1BAF5D]' is a eSCL HP Ink Tank Wireless 410 series [1BAF5D] ip=x.x.x.x, xx:xx:xx:xx::1

This is upgrade from previous post Debian Buster: install all in one hp ink tank 315

Friday, October 10, 2025

Debian 13: Configure NVidia in dual gpu - hybrid mode and how to utilize it in Android Studio

List your VGA:

# lspci | grep -E "VGA|3D" 01:00.0 VGA compatible controller: NVIDIA Corporation GA107 [GeForce RTX 2050] (rev a1) 05:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Rembrandt [Radeon 680M] (rev 0b)

Installation

# apt-get install firmware-nvidia-graphics nvidia-detect nvidia-driver linux-headers-$(uname -r) vulkan-tools

Warning "Conflicting nouveau kernel module loaded" may appear.

Check your nvidia

# nvidia-detect Detected NVIDIA GPUs: 01:00.0 VGA compatible controller [0300]: NVIDIA Corporation GA107 [GeForce RTX 2050] [10de:25ad] (rev a1) Checking card: NVIDIA Corporation GA107 [GeForce RTX 2050] (rev a1) Your card is supported by all driver versions. Your card is also supported by the Tesla 535 drivers series. It is recommended to install the nvidia-driver

Chek your nvidia software

Note: run glxinfo in "xfce terminal", not "terminal emulator"

GLX information

$ glxinfo | grep "OpenGL renderer" OpenGL renderer string: AMD Radeon 660M (radeonsi, rembrandt, LLVM 19.1.7, DRM 3.61, 6.12.31-amd64)

The desktop will utilize AMD GPU, we want to run Android Studio and utilize GeForce RTX 2050. Create a bash script to run Android Studio using NVidia Geforce RTX2050 instead build in AMD gpu, e.q

#!/bin/bash # Launch Android Studio using the NVIDIA GPU (Prime Render Offload) APP_PATH="$HOME/AndroidStudio/android-studio/bin/studio.sh" if [ ! -f "$APP_PATH" ]; then echo "Error: Android Studio not found at $APP_PATH" exit 1 fi # Run Android Studio with NVIDIA GPU offload __NV_PRIME_RENDER_OFFLOAD=1 __GLX_VENDOR_LIBRARY_NAME=nvidia "$APP_PATH" &

Usefull command if any systemd error during boot

# journalctl -b -u systemd-modules-load.service

Thursday, October 9, 2025

Debian 13: part 2 configure privoxy and torrc as lan https gateway to anonymity Tor Network

Prerequisite Debian 13: part 1 install Tor-Project without error.

General network configuration

Internet — router —- lan —- proxy(tor)

All client has direct connection to internet via router. Client's browser can be configure to use proxy tor for anonymity.

The browser's connection becomes: [Client PC] --> [Debian Server - Tor & Privoxy] --> (WAN/Router) --> Internet (via Tor)

Privoxy is your https proxy. privoxy will connect to tor software, and tor software will find the way to reach destination using tor anonymity network.

Debian proxy

Install privoxy

# apt-get install privoxy

Edit or add your /etc/privoxy/config :

# listening port for your lan listen-address 0.0.0.0:8118 # connection to tor software, privoxy and torrc run on the same server/pc forward-socks5t / 127.0.0.1:9050

Edit or add your /etc/tor/torrc :

# Change "myNiceRelay" to something you like Nickname myNiceRelay # Write your e-mail and be aware it will be published ContactInfo your@e-mail # for relay, 0 disable ORPort 0 # for exit relay, 0 disable ExitRelay 0 # use 127.0.0.1 to make torrc only accessible by localhost / privoxy # comment these if you allow lan accessing torrc SocksPort 9050 SocksListenAddress 127.0.0.1 # uncomment these to allow lan accessing torrc #SocksBindAddress 192.168.1.1:9050 #SocksPolicy accept 192.168.1.0/24 #SocksPolicy reject *

Enable your privoxy and tor service

# systemctl enable tor # systemctl enable privoxy # systemctl restart tor # systemctl restart privoxy

Client Browser

Open your browser setting, find proxy. Fill with

HTTP Proxy: 192.168.1.10
Port: 8118

Note: change 192.168.1.10 to your debian lan ip server.

Now your client can browsing using anonymity tor network

Debian 13: part 1 install Tor-Project

Tor Project's repository only support amd64, arm64, or i386 architectures.

# dpkg --print-architecture amd64

Install apt-transport-https

# apt install apt-transport-https gnupg

Add Tor Project repository into debian machince

Create a new file in /etc/apt/sources.list.d/ named tor.list
Filled /etc/apt/sources.list.d/tor.list with:
deb [signed-by=/usr/share/keyrings/deb.torproject.org-keyring.gpg] https://deb.torproject.org/torproject.org trixiemain
deb-src [signed-by=/usr/share/keyrings/deb.torproject.org-keyring.gpg] https://deb.torproject.org/torproject.org trixie main

Currently, Tor repository only support bookworm, bullseye and trixie.

Add gpg key for Tor Project's repository

# wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor | tee /usr/share/keyrings/deb.torproject.org-keyring.gpg >/dev/null

If asc file does not exist, use your browser to open https://deb.torproject.org/torproject.org/. It will open directory of /torproject.org. Find file's name with asc, copy the file name and replace A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc with the new one.

Install Tor Project key's

# apt install tor deb.torproject.org-keyring

Installing Tor

# apt install tor

Tuesday, October 7, 2025

Debian 13: general nftables with set for web server and router

This is general nftables for apache, ssh, dns ntp

#!/usr/sbin/nft -f flush ruleset table inet filter { # Set for common inbound web server ports set web_ports { type inet_service; flags interval; elements = { 80, 443 } } # Set for other essential services, like SSH, DNS, and NTP set services { type inet_service; elements = { 22, 53, 123 } } chain input { type filter hook input priority 0; policy drop; # Allow connections that are part of an existing or related session ct state established,related accept # Drop invalid packets ct state invalid drop # Allow traffic from the loopback interface iif "lo" accept # Allow incoming traffic for common web services tcp dport @web_ports accept # Allow incoming SSH, DNS, and NTP traffic tcp dport @services accept udp dport @services accept # Allow incoming ICMP (ping) packets for diagnostics icmp type echo-request accept # Log and drop any other incoming traffic meta protocol vmap { ip : log prefix "[NFT-DROP]: ", ip6 : log prefix "[NFT-DROP]: " } meta protocol vmap { ip : drop, ip6 : drop } } chain forward { type filter hook forward priority 0; policy drop; } chain output { type filter hook output priority 0; policy accept; } }

This is nftable for general router

eth0 to internet/router
eth1 to lan

Edit/create nano /etc/sysctl.conf

net.ipv4.ip_forward=1

nftables rules

#!/usr/sbin/nft -f # Clear all existing rules flush ruleset # --- Define variables for interfaces and networks --- define wan_if = eth0 define lan_if = eth1 define lan_net = 192.168.1.0/24 # === Table for IPv4/IPv6 filtering === table inet filter { # Set for essential services (SSH, DNS, NTP) set essential_services { type inet_service; elements = { 22, 53, 123 } } # Set for web server ports set web_ports { type inet_service; flags interval; elements = { 80, 443 } } # Set of trusted interfaces (LAN) set trusted_interfaces { type ifname; elements = { $lan_if } } # Set of untrusted interfaces (WAN) set untrusted_interfaces { type ifname; elements = { $wan_if } } # --- INPUT chain: Controls traffic destined for the router itself --- chain input { type filter hook input priority 0; policy drop; # Accept packets that are part of an established or related connection ct state established,related accept # Drop any packets with an invalid connection state ct state invalid drop # Allow traffic from the loopback interface iif "lo" accept # Allow all traffic from the trusted LAN interfaces iifname @trusted_interfaces accept # Allow incoming SSH, DNS, and NTP from the internet (rate limited) iifname @untrusted_interfaces tcp dport @essential_services limit rate 10/minute accept iifname @untrusted_interfaces udp dport @essential_services limit rate 10/minute accept # Allow incoming web traffic (Apache) from the internet iifname @untrusted_interfaces tcp dport @web_ports accept # Allow ICMP (ping) from the internet, but rate-limit it iifname @untrusted_interfaces icmp type echo-request limit rate 5/second accept # Log and drop everything else coming from untrusted interfaces iifname @untrusted_interfaces log prefix "NFT-INET-DROP: " iifname @untrusted_interfaces drop # Catch-all log and drop for other incoming traffic log prefix "NFT-INPUT-DROP: " drop } # --- FORWARD chain: Controls traffic passing *through* the router --- chain forward { type filter hook forward priority 0; policy drop; # Accept packets that are part of an established or related connection ct state established,related accept # Drop invalid packets ct state invalid drop # Allow outbound traffic from the LAN to the internet iifname @trusted_interfaces oifname @untrusted_interfaces accept # Log and drop any other forwarded traffic log prefix "NFT-FORWARD-DROP: " drop } # --- OUTPUT chain: Controls traffic originating from the server --- chain output { type filter hook output priority 0; policy accept; } } # === NAT table for IPv4 (needed for internet access from LAN) === table ip nat { # --- PREROUTING chain: Used for incoming traffic before routing --- chain prerouting { type nat hook prerouting priority 0; # Example: Port forward incoming web traffic from the internet to a specific LAN machine # iifname $wan_if tcp dport { 80, 443 } dnat to 192.168.1.100 } # --- POSTROUTING chain: Used for outgoing traffic after routing --- chain postrouting { type nat hook postrouting priority 100; # Masquerade traffic leaving the internet interface oifname $wan_if masquerade } }

Monday, October 6, 2025

Debian 13: How to save ai solution with mathematical formula into odt file

After you ask AI, and AI give you solution with mathematical formula. You can not directly to copy-paste the result into libreoffice writer nor microsoft word.

1. Ask your AI to show the result in latex format.

2. Copy paste the result into text file e.q. example.text.

3. Create empty odt file e.q. output.odt

4. Use pandoc application to convert it into odt.

$ pandoc -f latex -t odt -o output.odt example.text

if the input file is latin1 encoded, like my text files, the solution is (imo the best output):

$ iconv -f ISO-8859-1 example.text | pandoc -f latex -t odt -o tmp.odt

WARNING: this command will replace any content in tmp.odt and output.odt.

5. Now, you can open odt with mathematical formula.

To install pandoc and iconv (part of libc-bin)

# apt-get install pandoc libc-bin libreoffice-texmaths

Wednesday, October 1, 2025

Moving apache, mariadb and php project from a debian site to other debian site

I want to create a bash script to backup and restore the project (apache, mariadb and php) easily. I need to work at 2 debian machine with the same configuration in 2 different location. I ask to duck.ai to solve the problem. Here is the result.

Create a file myconfig.conf

# myconfig.conf
DB_NAME="your_database_name"
DB_USER="your_username"
DB_PASS="your_password"
PROJECT_ROOT="/path/to/your/php/project" # Add this line

Create bash script mybackup.sh

#!/bin/bash

# Load database configuration from myconfig.conf
source myconfig.conf

# Create a backup file name for the database
DB_BACKUP_FILE="${DB_NAME}_$(date +%Y-%m-%d).sql"
# Create a zip file name for the project
PROJECT_BACKUP_FILE="$(basename "$PROJECT_ROOT")_backup_$(date +%Y-%m-%d).zip"

# Function to backup the database
backup_database() {
echo "Backing up database: $DB_NAME"
mysqldump -u "$DB_USER" -p"$DB_PASS" "$DB_NAME" > "$DB_BACKUP_FILE"
if [ $? -eq 0 ]; then
echo "Database backup successful: $DB_BACKUP_FILE"
else
echo "Database backup failed!"
return 1
fi
}

# Function to zip the project files
zip_project() {
echo "Zipping project files from: $PROJECT_ROOT"
zip -r "$PROJECT_BACKUP_FILE" "$PROJECT_ROOT"
if [ $? -eq 0 ]; then
echo "Project backup successful: $PROJECT_BACKUP_FILE"
else
echo "Project backup failed!"
return 1
fi
}

# Function to restore the database
restore_database() {
echo "Restoring database: $DB_NAME from $1"
mysql -u "$DB_USER" -p"$DB_PASS" "$DB_NAME" < "$1"
if [ $? -eq 0 ]; then
echo "Database restore successful!"
else
echo "Database restore failed!"
fi
}

# Function to unzip the project files
unzip_project() {
echo "Unzipping project files to: $PROJECT_ROOT"
unzip -o "$1" -d "$PROJECT_ROOT"
if [ $? -eq 0 ]; then
echo "Project restore successful!"
else
echo "Project restore failed!"
fi
}

# Check command line arguments
if [ "$1" == "backup" ]; then
backup_database
zip_project
elif [ "$1" == "restore" ]; then
if [ -z "$2" ] || [ -z "$3" ]; then
echo "Please provide the SQL backup file and the project zip file to restore from."
exit 1
fi
SQL_BACKUP_FILE="$2"
PROJECT_BACKUP_FILE="$3"
restore_database "$SQL_BACKUP_FILE"
unzip_project "$PROJECT_BACKUP_FILE"
else
echo "Usage: $0 {backup|restore [sql_backup_file] [project_backup_file]}"
exit 1
fi

To backup

./mybackup.sh backup

It will create 2 files

zip for backup and restore web root project
sql for backup and restore mariadb database

To restore

./mybackup.sh restore your_database_backup.sql your_project_backup_file.zip

Tuesday, September 30, 2025

Debian 13: how to limit cpu frequency to preserve power or keep cpu cooler

Since Debian 13, cpufreq is being replaced by cpupower. Don't mix using power-profiles-daemon and linux-cpupower. I prefer to use linux-cpupower.

Install

# apt-get install linux-cpupower

Show available frequency

# cpupower frequency-info analyzing CPU 1: driver: acpi-cpufreq CPUs which run at the same hardware frequency: 1 CPUs which need to have their frequency coordinated by software: 1 maximum transition latency: 4.0 us hardware limits: 1000 MHz - 2.20 GHz available frequency steps: 2.20 GHz, 2.00 GHz, 1.80 GHz, 1.60 GHz, 1.30 GHz, 1000 MHz available cpufreq governors: performance schedutil current policy: frequency should be within 1000 MHz and 2.20 GHz. The governor "schedutil" may decide which speed to use within this range. current CPU frequency: 1.30 GHz (asserted by call to hardware) boost state support: Supported: yes Active: no Boost States: 2 Total States: 8 Pstate-Pb0: 2500MHz (boost state) Pstate-Pb1: 2400MHz (boost state) Pstate-P0: 2200MHz Pstate-P1: 2000MHz Pstate-P2: 1800MHz Pstate-P3: 1600MHz Pstate-P4: 1300MHz Pstate-P5: 1000MHz

Available frequency steps are: 2.20 GHz, 2.00 GHz, 1.80 GHz, 1.60 GHz, 1.30 GHz, 1000 MHz. Use frequency 1.8 GHz for all core:

# cpupower frequency-set -u 1.80 GHz Setting cpu: 0 Setting cpu: 1 Setting cpu: 2 Setting cpu: 3

After applying maximum frequency

# cpupower frequency-info analyzing CPU 2: driver: acpi-cpufreq CPUs which run at the same hardware frequency: 2 CPUs which need to have their frequency coordinated by software: 2 maximum transition latency: 4.0 us hardware limits: 1000 MHz - 2.20 GHz available frequency steps: 2.20 GHz, 2.00 GHz, 1.80 GHz, 1.60 GHz, 1.30 GHz, 1000 MHz available cpufreq governors: performance schedutil current policy: frequency should be within 1000 MHz and 1000 MHz. The governor "schedutil" may decide which speed to use within this range. current CPU frequency: 1000 MHz (asserted by call to hardware) boost state support: Supported: yes Active: no Boost States: 2 Total States: 8 Pstate-Pb0: 2500MHz (boost state) Pstate-Pb1: 2400MHz (boost state) Pstate-P0: 2200MHz Pstate-P1: 2000MHz Pstate-P2: 1800MHz Pstate-P3: 1600MHz Pstate-P4: 1300MHz Pstate-P5: 1000MHz

To make it persistent, create or edit /etc/systemd/system/cpu-limit.service

[Unit] Description=Set CPU power management settings# latest state runlevel 3 in SysVinit, let CPU run maximum frequency during starting system servicesAfter=multi-user.target# run after network ready
#After=network.target# network may not run
#After=sysinit.target [Service] Type=oneshot ExecStart=/usr/bin/cpupower frequency-set -u 2.00GHz #ExecStart=/usr/bin/cpupower frequency-set --max 2.00GHz #ExecStart=/usr/bin/cpupower frequency-set -g performance # You can customize the cpupower command here. # For example, to set to powersave: # ExecStart=/usr/bin/cpupower frequency-set -g powersave # Or to set a specific frequency: # ExecStart=/usr/bin/cpupower frequency-set -f 2.5GHz [Install] WantedBy=multi-user.target

Note: you can copy paste and adjust frequency for your laptop/PC.

Change file permission

# chmod 644 /etc/systemd/system/cpu-limit.service

Reload system daemon

# systemctl daemon-reload # systemctl enable cpu-limit.service Created symlink '/etc/systemd/system/multi-user.target.wants/cpu-limit.service' → '/etc/systemd/system/cpu-limit.service'.

Everytime your restart this daemon will run time to set maximum frequency.

Sunday, September 28, 2025

Debian 13: Fresh install dual boot Axioo Hype 5 AMD X6 using usb flash disk with ventoy boot manager installed

Spesification Axioo Hype 5 AMD X6:

Ryzen™ 5 6600H & grafis Radeon™ 660M
16GB DDR5 RAM & 512GB SSD Gen 3

Shrink your windows 11 partition. We need 84 GB free space. 80 GB for debian / ext4 and 4 GB for swap. We do need to reserve 500 MB for ESP (EFI System Partition), windows 11 already create it.

Use windows disk manager and shrink partition. Fill

Enter the amount of space in MB 84000 MB

It is good practice to separate partition for windows system and application, and user data partition.

To install Ventoy boot manager in flash disk follow this.

Insert your USB flash disk contain Debian 13 net installer and ventoy installed. Press and hold “Shift” and restart windows. Unpress shift after laptop restarted.

Select “Use Device” and choose USB flash disk to boot.

Ventoy boot manager will give you any iso file you stored on flash disk if any. Choose debian, select “Boot in normal mode”.

Debian installer started, follow the instruction. You need an internet connection to install the xfce desktop environment.

At the partition section, choose “Manual”. Create 80 GB type “ext4” mount / and 4 GB type “Swap”. Write change to disk.

Beware, there is a USB flash disk appear in the partition menu. It is shown as “SCSI1 (0.0.0) (sda)” on my laptop.

In package manager, I choose

Xfce
Standard system utility

For special purpose installation choose debian blend. Release of debian pure blend can be read on www.debian.org/blends/.

Finally, restart your laptop. Press F2 to enter bios. At boot menu, select debian boot manager first and then windows. Debian grub has the option to enter windows not vice versa.

If you wish, to select windows as default grub selection, edit /etc/default/grub

GRUB_DEFAULT=2

Save it and run

# update-grub

Friday, September 26, 2025

Debian 13: Using Ventoy to create bootable flash disk for multiple ISO

Download ventoy from www.ventoy.net, choose tar.gz. At this documentation wrote, it was ventoy-1.1.07-linux.tar.gz.

Extract it here, it will create directory ventoy-1.1.07. You can move directory from download to your home.

To avoid any typo or wrong device storage, it is recommended to use GUI. Insert you new or unused flash disk and open ventoy GUI, from terminal

$ cd ventoy-1.1.07/ $ ./VentoyGUI.x86_64&

It will ask root/sudo password. Click Install and you will get warning all data will be destroyed and flash disk will be formatted. Wait until finish.

Unmount your flash disk. Remove and reinsert your flash disk. You can add your iso file into your flash disk.

Note: Do not store your iso files too deep under subdirectory.

Sample Directory:

Ventoy -- debian -- debian-13.1.0-amd64-netinst.iso -- windows --

Note: size of debian-13.1.0-amd64-netinst.iso is more then 700MB which it is not fit into CD ROM anymore.

Use flash disk USB 3.0 or above. I use Adata flash disk USB 3.0.

It is hard to find CD or DVD in Indonesia. Almost software is distribute directly from cloud, no disk media anymore. Some provide flash disk installer in part of package.

Saturday, September 20, 2025

Debian 13: solving error ring 2 stalled on HP 15-AF109AX AMD A8-7410 APU Radeon R5

Laptop:

AMD A8-7410 APU Radeon R5 GCN 1.2 (Spectre)
HP 15-AF109AX

symptom: Screen flickering continuously at some interval time

Dmesg error:

[ 3806.507278] radeon 0000:00:01.0: ring 2 stalled for more than 29348msec [ 3806.507310] radeon 0000:00:01.0: GPU lockup (current fence id 0x000000000000038f last fence id 0x0000000000000390 on ring 2)

Which non free firmware? These are generation AMD Graphics Processor

Use radeon for older then GCN and RDNA

Use amdgpu for Graphic Core Next/GCN generation

GCN 1.0 Radion HD 7000
GCN 2.0 Radeon 200
GCN 3.0 Radeon 300
GCN 4.0 Radeon 400/500/600
GCN 5.0 Radeon RX Vega, Radeon VII

Use ROCm for RDNA

RDNA 1 Radeon RX 5000
RDNA 2 Radeon RX 6000
RDNA 3 Radeon RX 7000
RDNA 4 Radeon RX 8000

Install firmware, you need add non-free repository

# apt-get install firmware-amd-graphics

Check firmware loaded

# lspci -k | grep -A 3 VGA 00:01.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Mullins [Radeon R4/R5 Graphics] (rev 45) Subsystem: Hewlett-Packard Company Device 80cc Kernel driver in use: radeon Kernel modules: radeon, amdgpu

# lspci -nn | grep VGA

The Mullins Accelerated Processing Units (APUs), which include the Radeon R4/R5 Graphics, use the GCN 1.1 architecture. Googling for yours if necessary. Create/Edit /etc/X11/xorg.conf.d/20-radeon.conf

Section "Device" Identifier "AMD Graphics" Driver "amdgpu" Option "TearFree" "true" EndSection

If your card is GCN 1.0 and 1.2 ("Southern Islands" or "Sea Islands" cards) , for potentially better performance and Vulkan support, you need to add kernel parameter. Edit /etc/default/grub and add parameter

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash radeon.cik_support=0 amdgpu.cik_support=1"

update grub

# update-grub update-grub

Example old AMD Graphic

Wrestler [Radeon HD 6310]

google-chrome use gpu acceleration, this can also causing ring 2 stalled. Disabling google-chrome gpu accelerated.

$ google-chrome-stable --disable-gpu --disable-software-rasterizer

Create script to run start_chrome.sh

#!/bin/bash google-chrome-stable --disable-gpu --disable-software-rasterizer "$@" &

Make it runnable

$ chmod 764 ./start_chrome.sh

Friday, September 19, 2025

Debian 13: using systemd-resolved to replace old way to resolving dns

Install systemd-resolved

# apt-get install systemd-resolved

Enable it

# systemctl enable systemd-resolved

Old fashion /etc/resolv.conf

# Generated by NetworkManager nameserver 45.90.28.186 nameserver 8.8.8.8 nameserver 1.1.1.1

Change/Edit configuration file /etc/systemd/resolved.conf

DNS=45.90.28.186 8.8.8.8 1.1.1.1 DNSOverTLS=yes

Optional

DNS=45.90.28.186 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2006:4700:4700::1111#cloudflare-dns.com 2606:4700:4700:1001#cloudflare-dns.com DNSOverTLS=yes

Enable systemd-resolved in Network Manager, edit /etc/NetworkManager/NetworkManager.conf

[main] plugins=ifupdown,keyfile dns=systed-resovled

Restart Network Manager

# systemctl restart NetworkManager

Restart systemd-resolved

# systemctl restart systemd-resolved

Test it

# nslookup duckduckgo.com Server: 127.0.0.53 Address: 127.0.0.53#53 Non-authoritative answer: Name: duckduckgo.com Address: 20.43.161.105

Done. This configuration can be used to protect your dns resolved from dns query hijacking.

Handy diagnostics guide:

Dig

# dig duckduckgo.com @1.1.1.1 +short safe.duckduckgo.com. 202.169.44.80

Nslookup

# nslookup duckduckgo.com 8.8.8.8 Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: duckduckgo.com canonical name = safe.duckduckgo.com. Name: safe.duckduckgo.com Address: 202.169.44.80 Name: safe.duckduckgo.com Address: 2404:8000:11:2::2

Whois

# whois 202.168.44.80 % [whois.apnic.net] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html % Information related to '202.168.0.0 - 202.168.63.255' % Abuse contact for '202.168.0.0 - 202.168.63.255' is 'hostmaster@tpgtelecom.com.au' inetnum: 202.168.0.0 - 202.168.63.255 netname: TPG-AU descr: TPG Internet Pty Ltd. country: AU org: ORG-TIPL2-AP admin-c: TH178-AP tech-c: TH178-AP abuse-c: AT937-AP status: ALLOCATED PORTABLE remarks: Australian Internet Service Provider (ISP) remarks: http://www.tpg.com.au

Curl

# curl -I https://www.duckduckgo.com curl: (7) Failed to connect to www.duckduckgo.com port 443 after 4129 ms: Could not connect to server

Note: curl and whois showing duckduckgo.com directing to wrong address.

Tuesday, September 16, 2025

Debian 13: UEFI partition during installation process

Begin in 2011, computer manufacturers were moving to use UEFI and left BIOS. Today, it is mandatory for system with UEFI to have separate partition for EFI System Partition / ESP.

ESP contain boot loader to start operating system. One ESP may contain some boot loader for different operating system. Size of ESP for windows and Debian is 500MB to avoid problem when update occurred. It means for multi OS with different boot loader, ESP partition required bigger size.

During Debian installation, at step configure partition, create:

size: 500 MB or bigger
type: "EFI System Partition (ESP)", "EFI System Partition" or similar

All partitions required in Debian 13 system are:

ESP: 500MB or bigger, will marked boot sector 0xEE
Swap: 2 times physical memory. IMO, for physical memory more then 16GB, swap size equal to physical memory or less.
root partition for single point mount /, or custom partition.

There are 3 types boot process and its year period:

BIOS: old PC
BIOS + GPT PC 2000-2020
ESP + GPT PC > 2020

Wednesday, September 3, 2025

Debian 13: troubleshooting connecting to wifi using cmd nmcli

I prefer to use command line because mostly server does not installed window manager. I need to familiar to use command line in any situation.

To show wifi radio enable

# nmcli radio wifi enabled

To turn on radio wifi

# nmcli radio wifi on

To list available wifi

# nmcli device wifi list IN-USE BSSID SSID ...

To rescan available wifi

# nmcli dev wifi rescan

To connect to wifi access point

# nmcli device wifi connect "[your_SSID]" password "[your_password]" ...

To show connection

# nmcli connection show NAME UUID TYPE DEVICE ...

Note: parameter dev is short from device

Tuesday, September 2, 2025

Debian 13 icewm/openbox/fluxbox: using pavucontrol & pulseaudio

Install pavucontrol & pulseaudio

# apt-get install pavucontrol pulseaudio Reading package lists... Done Building dependency tree... Done Reading state information... Done ...

To run pavecontrol in terminal

$ pulseaudio&

Wednesday, August 27, 2025

Debian 13: install OpenBox, Fluxbox and IceWM with XFCE installed

Hardware:

HP 15-AF109AX
AMD A8-7410 APU
ASUS EEE PC 1215B
AMD E-350 Processor

Compare

Feature	Fluxbox	Openbox	IceWM
Ram idle	~60–100 MB	~80–120 MB	~80–150 MB
Panel	n/a	n/a	Yes
Toolbar	n/a	tint2	Yes, like Windows 95
Access menu	Right Click	Right Click	Toolbar like Windows 95
Application list	Manual only	Auto populate	Auto populate

To install fluxbox is straight forward.

# apt-get install fluxbox Reading package lists... Done Building dependency tree... Done Reading state information... Done

To install openbox is straight forward.

# apt-get install openbox Reading package lists... Done Building dependency tree... Done Reading state information... Done The following additional packages will be installed: libid3tag0 libimlib2t64 libobrender32v5 libobt2v5 libspectre1 obconf scrot

To install icewm is straight forward.

# apt-get install icewm Reading package lists... Done Building dependency tree... Done Reading state information... Done

To switch your Desktop into OpenBox, Fluxbox or IceWM, logout and select tool on top-right icon to select openbox.

Right click to select application menu to launch. It is old fashion Unix Desktop terminal. If you ever used Solaris 8.0 workstation, it looks so closed. in Fluxbox, installed application needs to run by command in bash shell.

Do not remove XFCE (or existing Window Manager) if you are not familiar with OpenBox, Fluxbox or IceWM. You can switch to XFCE XFCE (or existing Window Manager) or openbox anytime you want.

NOTE: Do not expecting the performance likes a new PC, for office like libreoffice requires processor power to speed up.

Monday, August 25, 2025

Debian 13: pyhton3 setting virtual environment

Run once

Installing packages

As root

# sudo apt install python3 python3-pip python3-venv

As user for example user1

As user1

We create folder to store python3 packages for user1 folder name is mpyvenv

$ mkdir mypyenv $ cd mypyenv ~/mypyenv$ python3 -m venv venv ~/mypyenv$ ls venv

Every time entering virtual environment use this command

$ cd mypyenv ~/mypyenv$ source venv/bin/activate (venv) [user]@[host]:~/mypyenv$

To exit virtual environment

(venv) [user]@[host]:~/mypyenv$ deactivate ~/mypyenv$

Note:

put every python project under directory virtual environment, for this example I used mypyenv.
A user can have multiple virtual environment for each project. Each project must have a single entry point to root folder.

References: chatgpt.com gemini.google.com

Friday, August 15, 2025

Debian 13: upgrading ASUS Eee PC 1215B from Debian 11 to Debian 13

ASUS Eee PC 1215B Release April 2011
AMD E-350 dual-core 1.6 GHz
AMD Radeon HD 6310 graphics 1366x768
Ram DDR3

It is recommended to use shell, during upgrade, desktop environment may be restarting and causing screen lock.

To get into shell, after Desktop login menu appear, press Ctrl + Alt + F1. To turn back into Desktop press Ctrl + Alt + F7.

Edit /etc/apt/sources.list

#main # 11 to 12 deb https://deb.debian.org/debian bookworm main contrib non-free-firmware non-free # 12 to 13 #deb https://deb.debian.org/debian trixie main contrib non-free-firmware non-free #mirror auto # 11 to 12 deb http://mirror.unair.ac.id/debian bookworm main contrib # 12 to 13 #deb http://mirror.unair.ac.id/debian trixie main contrib #security # 11 to 12 deb https://security.debian.org/debian-security bookworm-security main contrib non-free-firmware non-free # 12 to 13 #deb https://security.debian.org/debian-security trixie-security main contrib non-free-firmware non-free #update # 11 to 12 deb https://deb.debian.org/debian bookworm-updates main contrib non-free-firmware non-free # 12 to 13 #deb https://deb.debian.org/debian trixie-updates main contrib non-free-firmware non-free #backport # 11 to 12 deb http://deb.debian.org/debian bookworm-backports main # 12 to 13 #deb http://deb.debian.org/debian trixie-backports main

As mention in Debian official website, you can not directly upgrade from Debian 11 to Debian 13. You need to upgrade it in sequence

Upgrade Debian 11 to Debian 12

Edit /etc/apt/sources.list, remove '#' any line containing bookworm and add '#' any line containing trixie.

Update Repository
# apt-get update
Take full upgrade
# apt full-upgrade
Restart and perform clean up
# apt-get autoclean && apt-get autoremove -y

This toke 2 hours and 30 minutes.

This error occurred when we just perform apt upgrade --without-new-pkgs, make restart and upgrade to Debian 13

Preparing to unpack .../base-files_13.8_amd64.deb ... ****************************************************************************** * * The base-files package cannot be installed because * /bin is a directory, but should be a symbolic link. * * Please install the usrmerge package to convert this system to merged-/usr. * * For more information please read https://wiki.debian.org/UsrMerge. * ****************************************************************************** dpkg: error processing archive /var/cache/apt/archives/base-files_13.8_amd64.deb (--unpack): new base-files package pre-installation script subprocess returned error exit s tatus 1 Errors were encountered while processing: /var/cache/apt/archives/base-files_13.8_amd64.deb E: Sub-process /usr/bin/dpkg returned an error code (1)

Upgrade Debian 12 to Debian 13

Edit /etc/apt/sources.list, add '#' any line containing bookworm and remove '#' any line containing trixie.

Update Repository
# apt-get update
Take full upgrade
# apt full-upgrade
Restart and perform clean up
# apt-get autoclean && apt-get autoremove -y

This toke 3 hours to upgrade 1.945 packages with size 1.388 MB.

Total hours are 5 hours and 30 minutes, with all applications upgraded to latest version.

Thursday, August 14, 2025

Debian 13: Ops, something is wrong during upgrading from Debian 12 to Debian 13

If something wrong during upgrade debian 12 to debian 13, so the installation did not finish, here is my share how to solved it.

In my case, screen got locked, so I need to manual power off and restart the Laptop.

Normal boot to linux won't work, if possible during selecting menu in grub, select "Advanced Option" and select "Recovery Mode". If you can not go into grub menu, you need to use Debian rescue CD/USB, I use minimal (net install CD),

If you use CD/USB, you will rescue your Debian using chroot.

To repair grub using CD/USB, you need to enter your drive.

To repair broken upgrade using CD/USB, you need to select your Debian partition and mounting /boot partition.

If you using CD/USB rescue, when repair has completed, type exit from chroot

Command to repair broken upgrade process:

# dpkg --configure -a .... # apt --fix-broken install .... # apt full-upgrade ...- # grub-update ... # grub-install /dev/sda ....

To manage boot efi using efibootmgr

# apt install efibootmgr # efibootmgr BootCurrent: 0002 Timeout: 5 seconds BootOrder: 0001,3001,0002,2001,2002,2003 Boot0001* Windows Boot Manager HD(2,GPT,41ed4da9-8f99-445d-b3dc-d37f4ad717da,0x109000,0x32000)/File(\EFI\Microsoft\Boot\bootmgfw.efi)57494e444f5753000100000088000000780000004200430044004f0042004a004500430054003d007b00390064006500610038003600320063002d0035006300640064002d0034006500370030002d0061006300630031002d006600330032006200330034003400640034003700390035007d00000061000100000010000000040000007fff0400 Boot0002* debian HD(2,GPT,41ed4da9-8f99-445d-b3dc-d37f4ad717da,0x109000,0x32000)/File(\EFI\debian\shimx64.efi) Boot2001* USB Drive (UEFI) RC Boot2002* Internal CD/DVD ROM Drive (UEFI) RC Boot3000* Internal Hard Disk or Solid State Disk RC Boot3001* Internal Hard Disk or Solid State Disk RC Boot3002* Internal Hard Disk or Solid State Disk RC # efibootmgr --bootorder Boot0002,Boot0001

Laptop HP Model 15-af109AX, Boot Manager is handled by Bios. This model may be not supported in Debian 13 (No problem in Debian 12), I can not change boot order using BIOS nor efibootmgr. To select boot loader, you need to press F9 button.