Fedora 20

Shortly after Mavericks came out, I installed it on this MacBook Pro of mine. But for some reason FileVault could not be activated and a reinstall was due. So what, I thought - if I have to reinstall anyway, why not try Fedora again?

Installation of the latest Fedora 20 beta release went just fine and I'm now writing this in front of an XFCE desktop and all in all it works better than expected. That is, I've only had one annoying SELinux alert (caused by the Flash plugin anyway) so far and even sound seems to work out of the box - it looks like we've finally arrived in the 21 century, hm? :-)

A few kinks remain though:

• While sound is working, it's sometimes kinda distorted. I noticed that it's happening in Skype (still at version 4.2.0.11) more often, but there's nothing to debug on and I don't know how to reproduce this reliably.


• Speaking of sound, the xfce4-mixer application has a weird feature: when I press the "mute" button on my Apple keyboard, three controls are muted in xfce-mixer: Master, Headphone and Speaker. When I rightclick on the mixer applet and select "Mute", the same happens. But when I click "Mute" again (to unmute), only the Master control is unmuted, both Headphone and Speaker stay muted and have to be unmuted manually. Or, I can press "mute" on the keyboard again to unmute both of them. Oh, someone already filed a bug for this.


• This builtin Nvidia chip is horrible and nouveau has a hard time coping with that shitty piece of crap. And it seems to get worse, I had two Xorg crashes today because of this. This is hardly acceptable and might be a reason to go back to MacOS.

A few other things had to be taken care of as well:

• Ecryptfs was pretty straighforward to set up, much unlike earlier releases. As a requirement, the user needs to be in the "ecryptfs" group:

  # usermod -a -G ecryptfs bobby
  # id bobby
  uid=1000(bobby) gid=1000(bobby) groups=1000(bobby),100(users),990(ecryptfs)
  $ ecryptfs-migrate-home -u bobby
  INFO:  Checking disk space, this may take a few moments.  Please be patient.
  INFO:  Checking for open files in /home/bobby
  Enter your login passphrase [bobby]: 
  [...]
  

  With that in place, ecryptfs should be enabled for this particular user on the next login:

  $ grep -r ecryptfs /etc/pam.d/
  /etc/pam.d/postlogin-ac:auth        optional      pam_ecryptfs.so unwrap
  /etc/pam.d/postlogin-ac:password    optional      pam_ecryptfs.so unwrap
  /etc/pam.d/postlogin-ac:session     optional      pam_ecryptfs.so unwrap
  



• Speaking of crypto, let's enable encrypted swap too:

  $ cat /proc/swaps 
  Filename                                Type            Size    Used    Priority
  /dev/sda5                               partition       8191996 0       -1
  $ sudo swapoff /dev/sda5
  
  $ grep swap /etc/crypttab /etc/fstab
  /etc/crypttab:swap /dev/sda5 /dev/urandom swap,cipher=twofish-xts-essiv:sha256,size=256,hash=sha512
  /etc/fstab:/dev/mapper/swap       swap  swap    defaults        0 0
  

  I couldn't get systemd to restart the appropriate service for this, but on the next reboot, encypted swap was enabled.


• Switching from MacOS to Linux also made the Apple key stop working. xev tells me that its keycode is 133 (Super_L) resp. 134 (Super_R), but I haven't found out yet how to map Super_L + Tab to "application switching" instead of "windows switching".


• I still want those non-free multimedia codecs, so we have to install 3rd party repositories. I'm using RPM Fusion and it contains all I need.


• What else? Oh, Picasa! Well, Google dropped Picasa for Linux last year, but its WINE "implementation" often needed quite a few tricks anyway to run on recent Linux distributions, so no surprise here. A good alternative (for my needs) is Shotwell. It creates an internal dabase in $HOME/.cache/shotwell but won't mess with the original image material, nice. I haven't imported the whole 20k pictures yet so I can't really tell how its performance will be.


• AirFoil is not working, as they don't offer a Linux client, but this whole story warrants for a another blog post.


• Yum is still soooo slow:

  # time apt-get update
  real    0m17.721s
  user    0m8.880s
  sys     0m1.760s
  
  # apt-cache dumpavail  | grep -c ^Package
  35895
  
  vs.
  
  # yes N | /usr/bin/time -p yum update
  real 58.66
  user 3.21
  sys 0.50
  
  # yum list available | wc -l
  39536
  

  Note: the apt-get command was run on a 750MHz PowerPC machine while yum was run on a 2.53GHz Intel Core2 Duo system - go figure. Also, the available packages list of the Fedora machine has sometimes two versions for a single package: a i686 version and a x86_64 version, so it's really only about 33000 packages in total. And it's way too verbose - who cares about ~50 "repomd.xml does not match metalink" errors if there are still mirrors available? -- fixed with yum-3.4.3-120.fc20

I haven't missed any other application yet and so far it's working OK. It's not all that smooth like a well polished MacOS X, but it's good enough to get some work done and I don't have to put up with these Apple shenanigans any more - now I have to deal with Linux fuckups ;-)