Sunday, March 31, 2024

Virt-manager && Deploying KVM Guests in UEFI mode on AlmaLinux 9.3

The main purpose of this post is to demonstrate that the cockpit.service is not required for deploying KVM guests in UEFI mode on AlmaLinux 9.3, which has binary-compatibility with RHEL. Linux bridge for VMs has been installed via nmcli to avoid any involvement of cockpit.service. See for detailis  http://lxer.com/module/newswire/view/338368/index.html  Everything works on AlmaLinux 9.3 as on openSUSE Tumbleweed. KVM Setup on AlmaLinux 9.(X) follows standard guide lines.





















































When installing virt-manager, the presence of the Cockpit web console becomes optional. It's a good idea to have Cockpit Web Console installed, but it's not required. The presence of edk2-ovmf is required. We have the same situation with Tumbleweed, Ubuntu 22.04, Debian12.(X), Manjaro Linux 23.1.3

Thursday, March 28, 2024

Virt-manager vs Cockpit Web Console on Fedoras 40 Beta,39,38 and other Linux Flavors

 Having virt-manager installed makes presence of Cockpit Web Console optional .  It's nice to have Cockpit Console installed, however it is not required.  Presence edk2-ovmf is a must. Situation is the same on Tumbleweed, Ubuntu 22.04, Debian 12.(X), Manjaro Linux 23.1.3 

























Install Cockpit Flatpak Client on Fedora 40 KDE (NIghtly build 03/27/24)

CONNECT VIA SSH TO SERVERS WITH COCKPIT

Cockpit Client provides a graphical interface to your servers, containers, and virtual machines. Connections are made over SSH, using the SSH configuration of the local user (including aliases, known hosts, key files, hardware tokens, etc).

The server needs to have Cockpit installed, but the Cockpit webserver doesn't need to be enabled, and no extra ports need to be opened. The primary process in a Cockpit Linux session is called cockpit-bridge. It translates operating system interfaces to a JSON stream protocol, which is used by Cockpit browser pages.


boris@fedora:~$ neofetch
            .',;::::;,'.                boris@fedora  
        .';:cccccccccccc:;,.            ------------  
     .;cccccccccccccccccccccc;.         OS: Fedora Linux 40 (Forty Prerelease) x86_64  
   .:cccccccccccccccccccccccccc:.       Host: KVM/QEMU (Standard PC (Q35 + ICH9, 2009) pc-q35-8.1)  
 .;ccccccccccccc;.:dddl:.;ccccccc;.     Kernel: 6.8.2-300.fc40.x86_64  
.:ccccccccccccc;OWMKOOXMWd;ccccccc:.    Uptime: 26 mins  
.:ccccccccccccc;KMMc;cc;xMMc:ccccccc:.   Packages: 2213 (rpm), 5 (flatpak)  
,cccccccccccccc;MMM.;cc;;WW::cccccccc,   Shell: bash 5.2.26  
:cccccccccccccc;MMM.;cccccccccccccccc:   Resolution: 1280x944  
:ccccccc;oxOOOo;MMM0OOk.;cccccccccccc:   DE: Plasma 6.0.2  
cccccc:0MMKxdd:;MMMkddc.;cccccccccccc;   WM: kwin  
ccccc:XM0';cccc;MMM.;cccccccccccccccc'   Icons: breeze [GTK2/3]  
ccccc;MMo;ccccc;MMW.;ccccccccccccccc;    Terminal: konsole  
ccccc;0MNc.ccc.xMMd:ccccccccccccccc;     CPU: AMD Ryzen 7 3700X (8) @ 3.600GHz  
cccccc;dNMWXXXWM0::cccccccccccccc:,      GPU: 00:01.0 Red Hat, Inc. Virtio 1.0 GPU  
cccccccc;.:odl:.;cccccccccccccc:,.       Memory: 3260MiB / 15590MiB  
:cccccccccccccccccccccccccccc:'.
.:cccccccccccccccccccccc:;,..                                     
 '::cccccccccccccc::;,.                                         


boris@fedora:~$ flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo

boris@fedora:~$ sudo flatpak install flathub  org.cockpit_project.CockpitClient

Looking for matches…

Required runtime for org.cockpit_project.CockpitClient/x86_64/stable (runtime/org.gnome.Platform/x86_64/

45) found in remote flathub

Do you want to install it? [Y/n]: Y

org.cockpit_project.CockpitClient permissions:
   ipc                  fallback-x11      wayland      x11      dri
   dbus access [1]

   [1] org.freedesktop.Flatpak


       ID                                      Branch          Op     Remote     Download
1. [] org.freedesktop.Platform.GL.default     23.08           i      flathub    164.4 MB / 164.6 MB
2. [] org.freedesktop.Platform.GL.default     23.08-extra     i      flathub     18.5 MB / 164.6 MB
3. [] org.freedesktop.Platform.openh264       2.2.0           i      flathub    886.7 kB / 944.3 kB
4. [] org.gnome.Platform.Locale               45              i      flathub     18.1 kB / 369.6 MB
5. [] org.gnome.Platform                      45              i      flathub    316.4 MB / 378.2 MB
6. [] org.cockpit_project.CockpitClient       stable          i      flathub     10.7 MB / 11.4 MB

Installation complete.

Initializing a connection with a remote virtual machine (via two Linux bridges)
boris@fedora:~$ flatpak run  org.cockpit_project.CockpitClient






























boris@fedora:~$ uname -a

Linux fedora 6.8.2-300.fc40.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Mar 27 00:16:08 UTC 2024 x86_64 GNU/Linux

boris@fedora:~$ rpm -qa | grep plasma | grep discover

plasma-discover-libs-6.0.2-2.fc40.x86_64

plasma-discover-flatpak-6.0.2-2.fc40.x86_64

plasma-discover-offline-updates-6.0.2-2.fc40.x86_64

plasma-discover-6.0.2-2.fc40.x86_64

plasma-discover-packagekit-6.0.2-2.fc40.x86_64

plasma-discover-notifier-6.0.2-2.fc40.x86_64


Wednesday, March 27, 2024

Just one question regarding old post RDO Liberty / Mitaka Set up for three Nodes (Controller+Network+Compute) ML2&OVS&VXLAN on CentOS 7.2

 As of now number of reads is equal 8274 . Since 2015 nine years have passed and I cannot unsterstand why people are still reading it . I mean this post  https://dbaxps.blogspot.com/2015/10/rdo-liberty-set-up-for-three-nodes.html

How could packstack be interesting in meantime, unless RH brought it back  to life ?  I am not aware of Packstack's status this days.

Saturday, March 23, 2024

Fedora 40 KDE ( server-netinst-20240322.n.0) vs KDE Plasma 6.0.2 port to Manjaro 23.1

UPDATE as of 03/27/2024

The most radical means of solving all problems would be to switch to Fedora 40 Beta either openSUSE Tumbleweed

END UPDATE

UPDATE as of 03/25/2024 

KDE Plasma 6.0.2 may be ported to Manjaro 23.1 by commands

$ sudo pacman-mirrors --api --set-branch testing

$ sudo pacman -Scc

$ sudo pacman-mirrors --fasttrack 5 && sudo pacman -Syu

If you are getting error :

error: failed to prepare transaction (could not satisfy dependencies)
:: installing pacman (6.1.0-4) breaks dependency 'libalpm.so=13-64' required by libpamac

Switch back to sudo pacman -Syyu . This error turns from random to regular for me. At the time of writing you are supposed to get message - Total (0/673) regarding number of packages ready to be installed .

Per advise of oioi@https://forum.manjaro.org/t/i-tested-kde-6-oh-my-oh-my-you-will-be-sorry-here-come-some-discoveries/158436/24  I issued  `sudo pacman -S qt6-imageformats`  :- 

  • webp : qt5-imageformatsqt6-imageformats
  • gimp : kimageformats5kimageformats

What actually is going on when this install happens on CachyOS 2024.3

$ sudo pacman -S qt6-imageformats
[sudo] password for boris:  
resolving dependencies...
looking for conflicting packages...

Package (2)                        New Version  Net Change  Download Size

cachyos-extra-v3/libmng            2.0.3-3.1      0.75 MiB       0.21 MiB
cachyos-extra-v3/qt6-imageformats  6.6.2-1.1      0.30 MiB       0.06 MiB

Total Download Size:   0.27 MiB
Total Installed Size:  1.05 MiB


:: Proceed with installation? [Y/n] Y

It fixes the problem on Manjaro testing all the way around . VENV screenshot  first

I also believe that explanation provided at https://unix.stackexchange.com/questions/762064/what-is-the-different-between-pacman-syu-syyu-and-syuu is correct 

Brief extract from link above :-

   As for -yy, it is generally not recommended. Use it only if you're having problems with your mirror. Unless your mirror is acting up and you want to switch mirrors, there is no reason to re-download every package DB file in its entirety every time you want to do an upgrade. You might want to use it when switching mirrors so that all your package DB files are consistent.

Bare metal Manjaro Testing instance












END UPDATE

Porting KDE Plasma 6.0.2 to Manjaro 23.1 was performed by commands

$ sudo pacman-mirrors --api --set-branch testing

$ sudo pacman -Scc

$ sudo pacman-mirrors --fasttrack 5 && sudo pacman -Syyu

I may confirm the issue mentioned in https://forum.manjaro.org/t/i-tested-kde-6-oh-my-oh-my-you-will-be-sorry-here-come-some-discoveries/158436

Quoting the post on forum.mangaro.org above:

<<So after update (pacman -Syyu) you have no webp thumbnails in Dolphin and Gwenview cannot display those photos (webp). What will a typical user do? >> 

I've also tested with no problems opening *.webp files via Dolphin on the most recent fedora 40 KDE nightly build. See snapshot :-
















Attempt to open *.webp file via Dolphin KDE Plasma 6.0.2 port to Manjaro 23.1 
















Same test on openSUSE Tumbleweed













Same test on CachyOS 2024.3 (Arch Linux clone) and failure again. Clean KVM Guest was deployed , no user's porting 













Neon KDE as of 03/21 performs just fine














Sunday, March 17, 2024

KDE Plasma 6.0.2 on Manjaro Testing branch

UPDATE as of 04/06/2024

KVM guest deployed via manjaro-kde-23.1.4-240406-linux66.iso and upgraded to Manjaro Testing
is still affected by CVE-2024-3094.
See also the threads :-
https://www.reddit.com/r/archlinux/comments/1bqx81e/arch_lin...

https://forum.manjaro.org/t/xz-package-contains-a-vulnerabil...

Running https://github.com/cyclone-github/scripts/blob/main/xz_cve-2... on Manjaro Testing :-


$ hostnamectl  ✔ Static hostname: boris-kde0406
Icon name: computer-vm
Chassis: vm 🖴
Machine ID: 7cc6ab841db44eb8a8cc9b95bff724fc
Boot ID: 44d7407b6a124ea2aa59909ac0c32d1e
Virtualization: kvm
Operating System: Manjaro Linux Kernel: Linux 6.8.4-1-MANJARO
Architecture: x86-64
Hardware Vendor: QEMU
Hardware Model: Standard PC _Q35 + ICH9, 2009_
Firmware Version: 1.16.3-1.fc39
Firmware Date: Tue 2014-04-01
Firmware Age: 10y 6d   

$ ~/test01.sh  ✔ Checking system for CVE-2024-3094 Vulnerability... https://nvd.nist.gov/vuln/detail/CVE-2024-3094
Checking for function signature in liblzma... Function signature in liblzma: OK


Checking xz version using pacman package manager...
Note: Arch Linux detected


(1) CVE-2024-3094 does not target Arch Linux sshd service
(2) Manually check your installed xz version and make sure it is not vulnerable
(3) Detected xz version: 5.4.6-1
(4) Check for most recent xz release: https://archlinux.org/packages/core/x86_64/xz/

END UPDATE

UPDATE as of 04/04/24


Manjaro KDE Testing moved to KDE Plasma 6.0.3
Regarding CVE-2024-3094 , after downgrade to 5.4.3 xz, lib32-xz , which doesn't look as problem solving,
I am experiensing following issue :-
$ sudo pacman -S xz lib32-xz ✔ 

[sudo] password for boris:
:: xz is in IgnorePkg/IgnoreGroup. Install anyway? [Y/n] Y
:: lib32-xz is in IgnorePkg/IgnoreGroup. Install anyway? [Y/n] Y
resolving dependencies... looking for conflicting packages...


Packages (2) lib32-xz-5.6.1-3 xz-5.6.1-3 (?)
Total Download Size: 0.74 MiB
Total Installed Size: 2.69 MiB
Net Upgrade Size: 0.16 MiB


:: Proceed with installation? [Y/n] n

END UPDATE

UPDATE as of 03/25/2024 

KDE Plasma 6.0.2 may be ported to Manjaro 23.1 by commands

sudo pacman-mirrors --api --set-branch testing

sudo pacman -Scc

sudo pacman-mirrors --fasttrack 5 && sudo pacman -Syu

Per advise of oioi@https://forum.manjaro.org/t/i-tested-kde-6-oh-my-oh-my-you-will-be-sorry-here-come-some-discoveries/158436/24  I issued  `sudo pacman -S qt6-imageformats`  :- 

  • webp : qt5-imageformats → qt6-imageformats
  • gimp : kimageformats5 → kimageformats

What actually is going on when this install happens on CachyOS 2024.3

$ sudo pacman -S qt6-imageformats
[sudo] password for boris:  
resolving dependencies...
looking for conflicting packages...

Package (2)                        New Version  Net Change  Download Size

cachyos-extra-v3/libmng            2.0.3-3.1      0.75 MiB       0.21 MiB
cachyos-extra-v3/qt6-imageformats  6.6.2-1.1      0.30 MiB       0.06 MiB

Total Download Size:   0.27 MiB
Total Installed Size:  1.05 MiB

:: Proceed with installation? [Y/n] Y

It fixes the problem on Manjaro testing all the way around 

END UPDATE

UPDATE as of 03/23/24

I may confirm the issue mentioned in https://forum.manjaro.org/t/i-tested-kde-6-oh-my-oh-my-you-will-be-sorry-here-come-some-discoveries/158436

<<So after update (pacman -Syyu) you have no webp thumbnails in Dolphin and Gwenview cannot display those photos (webp). What will a typical user do? >> 

     I also tested OK opening *.webp files via Dolphin on the most recent fedora 40 KDE nightly build






UPDATE as of 03/21/24

I was able to find workaround and keep manjaro's testing repos to install KDE Plasma 6.0.2 after switching to libvirt's default network for particular KVM guest. Placing VM on linux bridge ( Linux bridging vs NAT ) seems to be the core issue for myself either it is/was just a matter of luck.

Just several hours later I noticed that my local mirror was removed from testing list, then I issued and succeeded

$ sudo pacman-mirrors --api --set-branch testing

$ sudo pacman-mirrors --fasttrack 5 && sudo pacman -Syyu

per  What is the different between pacman -Syu, -Syyu and -Syuu?

Brief extract from link above :-
   As for -yy, it is generally not recommended. Use it only if you're having problems with your mirror. Unless your mirror is acting up and you want to switch mirrors, there is no reason to re-download every package DB file in its entirety every time you want to do an upgrade. You might want to use it when switching mirrors so that all your package DB files are consistent.
   From my standpoint the last `sudo pacman -Syyu` provides direct access to Arch Stable Repos and Manjaro devs have nothing to do with that.

END UPDATE

As of now `sudo pacman -Syu` installs KDE Plasma 6.0.2 on Manjaro Testing branch


























Final report on bare metal Manjaro KDE (testing branch)

KVM Guest status