Taking screenshots in Ubuntu with Flameshot

I’m spoiled by Greeshot in Windows and I find the gnome-screenshot that came with Cinnamon lacking.

With Greenshot, Print Screen key by default selects an area (which should be the most versatile and productive mode which should be prioritized with least complicated keys) and prompts you on whether you want to copy to clipboard or save a file.

Gnome-screenshot went with the most traditional behavior where Print Screen keys captures the entire screen AND it saves to a default file in ~/Pictures folder with timestamped file names, which I don’t want (I prefer copying to the clipboard).

So natively in gnome, Ctrl is the modifier for copying to clipboard. Shift is the modifier for selecting a section of the screen. So the most common operation I want to do became a bit of finger gymnastics Ctrl+Shift+Print and there are no immediate access to image editor like Greenshot (don’t even bother with GIMP, it’s slow to load and convoluted).

I discovered a much neater app called Flameshot. It has a much quicker design that you can select a section of a screen and do the most common screenshot edits on the fly and copy to the clipboard or save to files, even faster than Greenshot, which opens the captured image into a separate editor and you have to click file->copy-to-clipboard after edits!

Turns out that Flameshot does not use the native gnome’s print screen categories,

so establishing the shortcut has to be done as just a simple shortcut for running the command:

/usr/bin/flameshot gui

and I chose to use Win/Super+Print for Flameshot

Again, the command is /usr/bin/flameshot gui (or where flameshot is located if it’s not under /usr/bin)

 32 total views

Ubuntu cannot ping Windows hostnames out of the box (resolving NETBIOS announcements)

Out of the box, Ubuntu cannot resolve hostnames announced by Windows out of the box.

The internet had many solutions from ditching NETBIOS (winbind, wins) but it involves replacing systemd-resolved with the old NetworkManager (systemd-resolved was an extra level of indirection to break VPN ties), which I illustrated in this now deprecated blog post.

Having router assign host names you specify often included a local domain name (must not choose one that conflicts with the internet) such as local or lan. So the computers are accessed in the format of myPC.local or myPC.lan depending on the local domain name you picked. However, it doesn’t take advantage of the hostname announced by Windows computers.

I decided to give the NETBIOS service a second research today and found the missing link to the common solution of installing winbind and adding wins entry to host search order in /etc/nsswitch.conf (you can put it at the end or earlier if you want). I put it at the end as I wanted it to be the last resort

hosts:          files {a bunch of things depending on your system} wins 

Of course having a wins entry in the hosts search order involves installing winbind make sure the winbind service is running

sudo apt install winbind

The missing piece is editing /etc/samba/smb.conf to inject a name resolve order list after installing samba and winbind:

name resolve order = wins lmhosts bcast

You will need to install samba package first if you haven’t already installed it (for sharing folders with Windows)

sudo apt install samba

The post said the name resolve order section was commented out, but in newer version of samba, the line is simply non-existent. You’ll have to add it somewhere in /etc/samba/smb.conf, I chose to put it right at the beginning of [global] section.

Restart the services after editing to reflect the changes and you can start pinging!

sudo systemctl restart nmbd smbd winbind

So in the process above (installing samba and winbind and editing nsswitch.conf), you’ve also enabled linux to announce its hostname to Windows, which I’ve discussed in this blog post.

So to summarize the concepts,

  1. You need to install winbind to add wins to host search list in nsswitch.conf, but it doesn’t do you anything yet!
  2. Once you installed samba, your linux computer start announcing its hostname to Windows computers
  3. To be able to use the hostnames announced by Windows, i.e. the other direction, you’ll need to add the name resolve order line to smb.conf (samba config file) and restart samba and winbind.

 37 total views

NTlite – Slipstream Windows 10 with Administrator Account only

Windows 10 setup, if not slipstreamed (or automated), will try to trick you into establishing a Microsoft account. If you dodged it (by disconnecting from internet and have it try to set up a local account), you are still required to set up an account OTHER than “Administrator” (built-in account) itself and the built-in administrator account is disabled out of the box. Microsoft consider administrator account (in Linux world, root) bad practices so they are eager to make it difficult for you to do it the old fashioned way (like in Windows 2000, NT 4 and before).

I was able to fight this with NTlite, but even NTlite does not account for all scenarios, and I’ve devised a little scripting to have it do exactly what I wanted (use built-in admin account and ask user to establish the password for it) out of the box.

In NTlite, to enable the built-in administrator account, you’ll have to click the “Add local account” button at the ribbon (menu) bar:

then check “Enable built-in Administrator using this account”. Here’s where I run into a bunch of dilemma because of the unspoken rules (implied behavior in NTLite by doing this):

  • If you enter a password for the account, NTLite will record it in your .xml file for the Presets which is littered in NTLite’s program folder. You don’t really want your administrator in plain text anywhere! This will also make the installation image non-generic that other people cannot benefit from it.
  • If you do not enter a password, it’ll be treated as a blank password, which in Windows 10, if you have an account with a blank password, the system will log you on automatically! It’s also dangerous to have a blank password for administrator by default, forget that you need to change the password and walk away with it!
  • If you do not ‘create’ the ‘Administrator’ account with the password, whether it’s blank of user-defined (which is weird because the built-in administrator account is already there, just disabled) with NTLite (and just activate it with net user administrator /active:yes in post-setup commands), Windows setup will force you to make a user account because you will have no active accounts available until AFTER setup (if you choose to enable the built-in admin account afterwards). This design choice makes sense because I’ve screwed up before without activating the built-in admin account at the end as a script and got locked out and had to use a recovery disk to enable the built-in admin account, but painful to those who know what they are doing!
  • Technically you can choose to suppress any prompts and risk screwing up the output image like I did locking myself out by having no active accounts in the slipstreamed configuration. This is done by enabling “SkipMachineOOBE”, however I choose to set it to false because I want automatic Windows update at the end:

With a blank built-in administrator password established above by NTLite, Windows will boot automatically into Administrator account without prompts for passwords. I’ve looked up many methods to force Windows to ask the user to establish the password during or right after installation, and here’s a few paths I explored that didn’t work

  • account password expiration: the number of days to expire is shared across all accounts
  • “User must change password at next login” do not have simple commands to change the property either with “net user” or “wmic”. Nearly every property can be controlled with “net user” or “wmic” except this one, which has to go through Powershell to access ‘PasswordExpired’ property (wmic and net user have things like whether the password CAN expire, not whether they expired already)

I also tried to put this password change command at the post-setup script

net user administrator *

(the * at the end means asking the user for input instead of exposing the password as part of the command), but it seems like Windows setup get stuck quietly waiting for the user interaction which did not pop up.

The final idea I came up with is to ask for the user to change the password on first login (which the system will automatically do with a blank password). I thought of using ‘RunOnce’ in registry but the problem is that when ‘RunOnce’ executes is not predictable.

So I chose to inject a cmd/batch script in the user Startup folder which self-destructs after the first run. But this is not as easy as one might think because NTlite do not allow you to inject arbitrary files. You can give scripts for NTlite to run, but not tell NTlite to inject a file to certain folders.

What I came up with is a CMD script that spits out another text file at the said startup folder, call it makeSelfDestructScript_promptChangeAdminPW.cmd and have put it in the post-setup queue in NTLite:

Here’s the script:

@echo off
SET outputBatchFile="%systemdrive%\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\promptChangeAdminPW.cmd"
echo @echo off > %outputBatchFile%
echo echo PLEASE CHANGE ADMINISTRATOR PASSWORD! >> %outputBatchFile%
echo net user administrator * >> %outputBatchFile%
echo echo PRESS ANY KEY AND THE THE FILE WILL SELF DESTRUCT >> %outputBatchFile%
echo pause >> %outputBatchFile%
echo del "%%~f0" >> %outputBatchFile%

A few concepts/techniques is involved to come up with the script above

  • %appdata% is not used because I don’t know if Windows PE is mounted to Administrator account already at this point. Since NTLite does not have the option to relocate the User or AppData folder, I always know that the folder is always at: %systemdrive%\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\promptChangeAdminPW.cmd
    I took care to use %systemdrive% instead of C:\ because people could choose other drive letter to install Windows that coexists with other OS and the installed partition might not be always take the first drive letter.
  • There are techniques to have echo command interpret newlines, but so far it’s very messy and it makes the code unreadable. Instead I do one echo at a time except I use ‘append output redirection >>’ in subsequent lines.
  • I added a pause so that if you mistyped during confirm-password (which the change will fail), at least you get a chance to see the text response, which you can choose to abort the script and avoid the self-destruct or just let it self-destruct and press CTRL-ALT-DEL and change password later on your own without the CMD script.
  • %~f0 is the variable for the filename of the script itself, I have to escape the % character by %%.
  • Avoid misinterpreting spaces in filenames as delimiters with double quotes

The generated script promptChangeAdminPW.cmd at startup folder will look like this:

@echo off 
echo PLEASE CHANGE ADMINISTRATOR PASSWORD! 
net user administrator * 
echo PRESS ANY KEY AND THE THE FILE WILL SELF DESTRUCT 
pause 
del "%~f0" 

 34 total views

Getting Remote Desktop Server to work on Cinnamon Desktop

xrdp+xorg is a huge pain in the butt as it does not account for variations in systems properly (or automatically) so often it breaks out of the box.

First of all, if you are using cinnamon (including Ubuntu Cinnamon Remix, I suspect it is the same for Linux Mint too), you will run into this shit after successfully logging in:

login - "oh no something has gone wrong" after clean install of 19.10 LVM  and making changes - Ask Ubuntu

This is a GNOME session crash. The information on the web points to some other modes of failure in ArchLinux and the like. That’s not the reason. By going through my own notes on xrdp, I noticed the gut of /etc/xrdp/startwm.sh is to call the executable script /etc/X11/Xsession:

test -x /etc/X11/Xsession && exec /etc/X11/Xsession
exec /bin/sh /etc/X11/Xsession

However /etc/X11/Xsession in term look plough through a bunch of scripts in /etc/X11/Xsession.d folder and one step was to look for the executable script ~/.xsession, which is not established by default! For some reason the Xsession scripts can figure out the local desktop environment but not when it’s launched through xrdp!

So the solution is to make an executable script ~/.xsession with just one call to cinnamon-session and that’s it!

I initially thought the call was just ‘cinnamon’ because the most popular answer in the Stack Exchange page suggested writing to ~/.Xclients but this redirection was now obsolete and they use ~/.xsession instead:

but when I did that, the desktop loads but there are no icon and the theme colors are way off. The answer was buried here in a comment in one of the answers:

If you want this behavior to be universal across all user (don’t have to establish the ~/.xsession for each user), and is ok with hard-coding to stick to Cinnamon desktop for everybody including local users (i.e. no redirection script to figure out based on context and conditional config files), you can just replace the last two lines of /etc/xrdp/startwm.sh, which calls /etc/X11/Xsession, with simply cinnamon-session.

Geeze! Why does every basic feature in Windows has to turn into a freaking research project in Linux. I’ve wasted so many hours compiling XRDP from scratch from the author’s webpage thinking it’d solve the problem because he had many tutorials for a lot of cases that xrdp breaks out of the box. Turns out they didn’t matter: it’s just that xrdp couldn’t figure out the right desktop environment so it crashed after loggint in through xorg!

 31 total views

Linux WTF – KDE on Ubuntu and how to get rid of it.

I had quite a bit of trouble getting Cinnamon to work with xrdp (Remote Desktop Protocol for Linux) to work and was misguided to try out other Desktop environments such as KDE. I couldn’t be more displeased about how unfinished and poorly integrated KDE is.

Linux, no matter how good the programmers are with the core code with multiple people’s scrutiny, never had a proper QA team to take care of integration. Linux in 2022 is still like assembling a PC in the 1990s: I’d be super lucky if everything worked out at the first try after very careful planning and knowing every step of the way. There’s always something that just breaks out of the box for the most obvious use cases.

First I installed the ‘kde-full’ package, chose sddm, and rebooted to find out my 4k screen was covered by a giant freaking on screen keyboard:

Fedora 29 graphical login screen (sddm) displays only virtual keyboard -  Unix & Linux Stack Exchange

What the fuck? It’s trying to be smart-ass accommodating handheld devices yet it’s not smart enough to figure that it’s a desktop computer with a keyboard, so it ended up with shitty out of the box behavior that nobody wants under any circumstances!

After I clicked the bottom down keyboard icon to close to the damn on screen keyboard, it keeps popping up as I set the focus to the edit box to type my password so I have to close it again. Aargh!

Once I get into the plasma desktop, the window designed looked like BeOS so I think I cannot accept anything less than Cinnamon for now, so I wanted out. I thought just removing the same ‘kde-full’ package will put me back to where I was, but hell no! I’m still stuck with that ugly and confusing welcome screen and my software menu was cluttered with a boatload of KDE default apps that I do not want!

After a bit of digging around, I’m not the only one perplexed by this behavior. Turns out there’s a lot of clean up the uninstaller didn’t do! That’s why Windows has installer instead of package managers. One size does not fit it all. Installing something just to find out that uninstalling it immediately right after doesn’t put you back to where you were is deeply frustrating.

I adapted his tutorial uninstalling KDE with Ubuntu Cinnamon Remix:

# The desktop is still not removed even if you did "sudo apt remove kde-full"
sudo apt remove plasma-desktop --autoremove
# Default apps the came with KDE and plasma desktop are still there
sudo apt-get remove kde* --autoremove
sudo apt-get remove plasma* --autoremove
# This will give you a menu to pick the old splash screen (it's called plymouth)
sudo update-alternatives --config default.plymouth

# Reflect changes in early startup scripts (initramfas) and boot loader (grub)
sudo update-initramfs -u
sudo update-grub
# Stop and remove SDDM service to get back the old lockscreen
sudo systemctl disable sddm
# Note that you might be thrown out to text mode when you stop SDDM
# Switch to other virtual consoles (e.g. Ctrl+Alt+F2) and run startx to get to the GUI
sudo systemctl stop sddm
# Delete SDDM
sudo apt-get remove --auto-remove sddm
# Clean up SDDM
sudo apt-get purge --auto-remove sddm

# Message in SDDM removal suggests reconfiguring lightdm
# (lightdm is Cinnamon's default greeter)
# Don't need to systemctl enable/start, that's for GDM3
sudo dpkg-reconfigure lightdm

# Reboot
reboot

 32 total views

Qemu/KVM Command Line Notes

The executable kvm is an alias for (symbolic link to) qemu-system-x86_64

KVM is the type 1 hypervisor which can be used by QEMU for speed

-accel kvm is the newer way of saying –enable-kvm

CPU host pass-through for speed

-cpu host

Select boot device (c for HDD, d for cd-rom)

-boot d

Attach IDE optical drive (only one allowed, more needs to me mapped with -drive)

-cdrom {iso file or device file}

SPICE (rdp-like protocol to control virtual machine through IP) recommends qxl video driver

-vga qxl

-spice port={default is 3001},password={cannot start with numbers or it’ll be treated as boolean as it’d be interpreted as numeric}

Base HDD/SSD drive: discard=unmap means TRIM for SSD, can add it as a virtio device for speed ONLY AFTER the guest virtio drivers are installed:

-drive file={VHD or drive image file},discard=unmap[,if=virtio]

Speedup by skipping precision clock catchup (HPET)

-no-hpet

Use base=localtime to correct for Linux and Window’s difference in interpreting host RTC’s timezone (Linux assumes that hardware time is UTC+0 while Windows assumed it’s your local time)

-rtc base=localtime,clock=host

 33 total views

Ubuntu Cinnamon Remix notes

Fix annoying bash colors

Folders (di) color ($LS_COLOR) are dark blue by default which is hard to read on a default dark background (also default): edit ~/.bashrc and add this to the last line to change folder colors to change it to bold (1) light blue (94)

LS_COLORS=$LS_COLORS:'di=1;94:' ; export LS_COLORS

The default prompt ($PS1) also contains the directory (\w), which is also in dark blue (34) but bold (1) by default. Look for the line right below the $color_prompt flag section and change the color ([\033[<STYLE>;<COLOR>m]) modified before \w from bold dark blue (01;34) to bold light blue (01;94)

if [ "$color_prompt" = yes ]; then 
    PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;94m\]\w\[\033[00m\]\$ '

 33 total views

Cinnamon Desktop UI design WTFs (1)

Out of the box, Cinnamon decides to group the taskbar buttons like later Windows did. It’s often a huge annoyance to people who hates context switching in our head (I like huge workspaces that I can see everything at once so I don’t overlook clues from the relationship between things I’m working on. This is how I find difficult twists in research problems that other people give up solving).

In Windows, you right clock the taskbar, get to settings and there’s a pulldown menu for you to decide whether and how the buttons are grouped. Easy. But Cinnamon still have the Linux smell: organize things that are logical to programmers but not users (Tektronix, DD-WRT, etc. does that too), then surprise users with poorly thought out default behavior.

This time it’s a can of worms that requires some web searching to find people with the same exact specific problem (it’s a sign of poor UI design if the users cannot guess from the UI how to do what they want).

  1. Needing to change whether buttons are grouped is common. It should not take a lot of steps to change the behavior, preferably a right click context menu
  1. I would have thought it’s under Panel Settings, but hell no, things has to be organized the way the code was designed (sarcasm). It turns out that the windows button grouping is handled by an Applet called “Grouped Window List”
  1. Some user suggested removing the applet altogether (turns out it’s wrong and unnecessary as turning it off will disable the taskbar altogether and there’s an option to disable it within the applet’s setting: the applet itself is the windows list, not just the grouping feature), but fuck by default the applet was not activated the settings button is dead. I have to go to the bottom navigation bar in the window and hit the ‘+’ sign to get to the settings so now there’s a check mark next to it and the setting (gear) button is now activated.

    They also did not dim the settings button (two gears) when the ‘grouped window list’ is not activated (bug?), which made me think I can configure an Applet that’s not in use. Not to mention the previous settings got cleared (reset) if I disable the Applet and re-enable immediately afterwards (bug?)!
  1. Now I can finally get to turn this shit off
Chris Rock’s #HNTGYAKBTP Step #4 (1. OTL, 2. UCS, 3. SI, 4. TTSO, 5. BP, 6. STFU, 7. GAWF, 8. DRWAMW)
  1. This is where I think the UI design’s really fucked up. After you activate/deactivate the “Grouped windows list” applet, the buttons aligned right instead of left (default)! WTF!?! Do not do shit to surprise users! There’s absolutely no freaking logical reason why the taskbar button alignment should change the default (or the current state) for any reason!
  2. To fix this, you have to so something similar to unlocking the taskbar in Microsoft Windows to move the task button bar. It’s easy in MS Windows as you just right click context menu on the taskbar to unlock and just drag the starting separator (the || bar on the leftmost where the taskbar starts) to specific position you wanted. In Linux/Cinnamon, you have to enter the ‘Panel Edit Mode’ to unlock the taskbar so you can drag things around:
  1. I was confused while dragging the task button bar because there’s no clear position markers of where the task button starts and where it can ‘snap to grid’. It’s easy to drop it to the center to align center, but to align left, you have to watch for the buttons you want to insert before to move around to tell if it was a valid place to drop your new taskbar position What a pain in the butt!

This UI design suck, and I can totally understand why they would do something like this because of my programming background. It’s very logical for the programmer to modularize it as one applet, but first of all, generic suffixes like -let and -get does not help users get what the name means: it’s geeks’ way to name abstract concepts without getting the essence of the use case.

In MS Windows, the ‘Applets’ are organized roughly the same as ‘Toolbar’, except Windows is slightly more specialized that they have a ‘Toolbar’, ‘Start Menu’ and ‘Systray’ as distinct concepts instead of abstracting them into a higher level object as in ‘Applets’.

The biggest gripe I have about Cinnamon’s design choices is that detailed position adjustment needs to be easily accessible it’s likely that user preferences may vary a lot.

  • By not having a separate Toolbar concept, they forgot to add direct ‘unlock grouped windows list (aka tasklist toolbar in MS Windows)’ option (context menu item). You have to click through ‘Preference > Configure’ to get to get to configure the ‘Grouped window list’
  • Since the ‘Grouped window list’ is a (container) ‘bar’ within a bigger’ bar’ (Panel), the position of the window taskbar is logically organized under the platform (the bigger bar, hence the Panel), therefore the unlock window taskbar setting belongs to Panel, not Applet. This makes sense to programmers who knows that the feature is conceptually organized as container objects, but this is hell of confusing for users if they have to reason through this when they are trying to do one of the most common things!
  • Unlike MS Windows, you cannot use the task buttons while you are in Panel edit mode. Panel edit mode (you enter a special mode where you drag objects into positions you like, but cannot actually use them, then freeze it after you leave the mode) is the same concept used in Interactive Broker’s Trader Workstation (TWS), which is a pain in the ass but I understand the massive work saved for the people who designs the code/UI. Of course it comes at the expense of user frustration.
  • The solution article was written in 2018 and I’m surprised I still need that in 2022!

 34 total views

Extract installer package with secret command line switches

7-zip do not open the contents of every single self-extracting installer executable. Sometimes you’ll see garbage like this

Here’s a list of the ‘secret’ keys I know to get the core driver files out for slipstream

For a more generic way of capturing temporary files, redirect the temp folder to somewhere with a custom ACL permissions that do not allow deleting:

enter image description here

 33 total views