Ryzen PC Backup

I finally decided to perform a backup of my new Ryzen PC running Fedora 26. Normally I wouldn’t leave it too long between backups especially if I have made significant changes. My new PC presented me with a little bit of an issue, I couldn’t run my backup software.

I tend to use Clonezilla to take/restore system images. I’ve used it for years and it has been working well for me. That was until I tried to boot it on my Ryzen system. It was hanging with tpm_tis and tpm_crb errors.

The arch wiki states that “Support for TPM 2.0 is still incomplete (both on the kernel and in userspace), and no known work flow for TPM2 exists at the moment.”

It would appear that I had enabled the TPM option in the bios and I have TPM 2.0 hardware.

The Workaround
Clonezilla 2.5.2-20 (Debian – Kernel 4.11.11-1+b1)

  1. Disable TPM in the bios.
  2. Boot from a CD (non-uefi) and run Clonezilla in graphics safe mode.
  3. Having successfully booted Clonezilla, perform backup as normal.
  4. On completion of the backup re-enable the TPM hardware in the bios.

Fedora 25

This evening I arrived home from work and began to update my machines to the latest version of Fedora. I am pleased to say the update has gone smoothly. This has been the easiest update I think I have had in recent years.

Now the bad. Wayland has become the default display server replacing X11. It works, by which I mean I have a usable display. The bad is that it has broken my workflow. I have a few simple scripts that tweak my environment. These have always loaded when the display server starts. Ok, how do I do this with Wayland? I did some reading. The issue has been known about for 2 years, Bug 736660. The workaround for the moment is to logout and then log in with an X11 session. Logging into the X11 session everything works again and I can continue. Hopefully issues like this will get resolved quickly.

Fedora 24

This week I have been updating my machines to run Fedora 24. Two out of 3 updated without any issues and continue to run normally. One machine however has decided to cause me some issues.

My old Toshiba X200 laptop had followed the upgrade instructions to the point where it needed to reboot. So I rebooted the machine and left it to do its work. Returning some time later expecting it to have completed I was disappointed to see it stuck doing nothing. After some investigation it appeared I was getting an error to do with an Invalid PCI ROM Header, the value didn't match what was expected. I couldn't boot the machine without this occurring and left me scratching my head for a bit. There doesn't appear to be an obvious solution online. Others have reported similar issues but apart from seeing the error their machines have fully booted.

I decided to try adding a few flags to my kernel boot parameters. Finally I go one to work. Adding "pci=norom" seems to have done the trick and allowed the machine to continue to update. I won't know until the upgrade is complete if I will need to add this option back in permanently. But hopefully it won't be anything more than that.

The Big SSD Research Post



This article was written at the end of 2014. Most of the content will remain relevant in the future but there may be aspects which become outdated as hardware and usage practices evolve.

I have purchased an Intel 730 Series 480GB SSD with the intention of using it in my Fedora desktop machine. There are many articles online that discus how to configure an SSD, what to put on it, which partition structure to use, which mount options etc. I wanted to set the drive up to get the best out of it and my system as a whole. What follows are the results of my research and the decisions I have made based upon it. The writing style is based on my own note taking and primarily for my own reference. It is my hope that it posting it here that it may be of use to others.

What do I put on my SSD?

There are many posts/articles online asking this question and the answers to them vary. What became apparent immediately was the age of some of the discussions. Information from 3-4 years ago based the decisions on drive size (32-128GB).

An SSD with a limited amount of capacity is often set-up along side a traditional HDD.

A typical partition layout for a smaller SSD & HDD:


/boot & / are the main operating system and program partitions/directory structure. SSD's are sometimes referred to as 'boot drives' as by having the OS and applications on it would allow the system to boot and respond faster.

Swap wouldn't be placed on the SSD as if you were frequently using the swap space you would be putting additional wear onto the SSD.

/var contains log files from the syslog daemon. Frequently wrting small amounts of log data increases SSD wear. /tmp in much the same way has small temporary data that increases wear. /home is occasionaly placed on the SSD depending on the space required by the user. The HDD would be used for music, photos, large files and other user generated data.

SSD's have been increasing in size over time and the space limitation isn't such an important factor. What does remain in the considerations of the amount of data being written to an SSD.
Continue reading "The Big SSD Research Post"

SSD Research

I had a spot of luck this week when I purchased an early Black Friday deal on Thursday evening. I wasn't intending to buy anything but I knew when the deals were starting and decided to have a look. I am currently awaiting delivery of an Intel 730 Series 480GB SSD. I had seen this earlier in the year (around March) and it looked a nice drive but too expensive. A 50% price reduction can change my mind.

SSD's are fragile little things, they only have a limited number of write cycles and need to be looked after. I am planning on using the drive in my main Fedora Linux desktop (which is good as this particular drive runs too hot for a laptop). I decided to research the usage of SSD's as I want it to be reliable and I want to get the most out of it in terms of performance. What I hadn't factored in was the amount of decisions that can be made.

Log files are small amounts of data that are frequently written to HDD/SSD. On my re-purposed chromebook I have disabled most of the logging as it isn't a critical system for me. I want logs for my desktop, so as I plan on having both an SSD and a HDD in the same system I can move the logs to the HDD. This was something I was expecting and reading up on. It was then I uncovered some notes about Firefox cache. Firefox (and other browsers) cache small files to disk in much the same fashion as log files. This opened up a whole new branch of ideas. Do I put the cache in RAM and lose in on reboots? Do I sync the RAM to disc with a script? Do I move the entire browser profile to RAM and sync that? Where is the cache in the first place? It appears that you can just as easily move that cache to a HDD as to RAM and it really depends on where your user profile is in the first place.

As I sit here writing this I probably know more about SSD's than I ever wanted to know. What I am finding is that I still need to know more. Some choices I have partially made, others not. I have a little more time until the drive arrives to make my mind up. I think I might wait until after Fedora 21 is released and do a clean install. Until then, more research.

Bash Exploit

Bash Code Injection Vulnerability via Specially Crafted Environment Variables (CVE-2014-6271, CVE-2014-7169)

Well I read this article whilst I was at work. Upon getting home I started up my Fedora machine and ran the following check to see if I was vulnerable.

To test if your version of Bash is vulnerable to this issue, run the following command:

$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If the output of the above command looks as follows:

this is a test

you are using a vulnerable version of Bash. The patch used to fix this issue ensures that no code is allowed after the end of a Bash function. Thus, if you run the above example with the patched version of Bash, you should get an output similar to:

$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test

I was vulnerable. But that is what I expected. Knowing that the fix might take a little time I added the suggested workaround to my firewall script.

Workaround: Using IPTables:

A note on using IPTables string matching:

iptables using -m string --hex-string '|28 29 20 7B|'

Is not a good option because the attacker can easily send one or two characters per packet and avoid this signature easily. However, it may provide an overview of automated attempts at exploiting this vulnerability.

In full knowledge that this vulnerability was/is going to get exploited I was monitoring my firewall logs. I had set the rules to log and drop the packets. Note that the work around says it can be bypassed. A couple of hours with the rule in place and nothing unusuall was being logged and I was carrying on as normal. All of a sudden 4-5 packets were caught by the rule. My system was shutdown seconds later. I susspect that this is some opportunistic scanning taking place, however I am not taking any chances until a patch is ready.

On the plus side it has given me the opportunity to boot and update my Windows machine.

Chromebook to Ultrabook

Over the weekend I spent some time removing ChromeOS from an Acer C720 and replacing it with Fedora 20. Although I still need to add a few more tweaks to the setup I have ended up with absolute bargain. I purchased the C720 as a refurbished model, this was to save a few pounds and to get a 32GB SSD rather than the 16GB version available from the Google Play store. The Fedora install and handful of applications I needed only take up around 5GB of space leaving plenty to work with. Battery life is excellent. General desktop usage easily manages 6-8 hours, streaming video/using the wifi would appear to reduce this somewhat. So for £165 inc delivery (plus a weekend of setup time) I can say I am very happy with my purchase.


This week whilst thinking about how to represent an idea as a GUI application I ran into the limits of GTK3. I had a look around at matplotlib and pygame as possible work arounds but neither suited what I had in mind. It was then that I discovered Kivy.

Kivy - Open source Python library for rapid development of applications
that make use of innovative user interfaces, such as multi-touch apps.

Having had a look at some of the demo interfaces that have been created it looks like a really powerful tool. The only limitation appears to be your imagination. In addition the multi-touch aspect is appealing in the longer term as touch interfaces become more prevalent. Once I can get it fully installed/working on Fedora I will be experimenting with it a little.

Fedora 19 – Initial Impressions

I have just upgraded both my laptop and desktop machines to Fedora 19. Having had a few issues with the past couple of releases this upgrade has been almost flawless. The only issue I have noticed so far is some missing fonts/images for the grub 2 bootloader but everything works otherwise.

The biggest improvement from my point of view is in graphics performance. I have an ATI card running the opensource radeon driver. I had noticed stuttering during video playback on Fedora 17 & 18. This release however it has vanished and smooth video has returned. So far so good.


/boot/grub2/themes/system/DejeVuSans-10.pf2 not found
/boot/grub2/themes/system/DejeVuSans-12.pf2 not found
/boot/grub2/themes/system/DejeVuSans-Bold-14pf2 not found

/boot/grub2/themes/system/theme.txt not found

The boot message about grub not finding the fonts or theme is due to the starfield theme nolonger being the default. Install grub2-starfield-theme and then it works as before. The default for new installs appears to be a plain console theme.