Search Results for 'ppa'

[Member anilkagi]

Skidoo, thanks for coming.

Anonymous wrote:

Did you intentionally install AppArmor?

No, neither have I installed AppArmor intentionally, nor is it installed on the system. I checked in the Synaptic and saw that the following packages are not installed.

apparmor
apparmor-utils

However, the following AppArmor libraries are installed, when I installed Firejail. May be they are dependencies.

changehat AppArmor library
AppArmor Python3 utility library
AppArmor library Python3 bindings

I tried the web search for the error even earlier. There are a few links, one related to even MX itself, but they didn’t help or may be I couldn’t be helped by them.

Anonymous wrote:

The manpage mentions a “fix” option.

I tried that and got the below result but there is no mention of Clipit in it.

$ firecfg --fix

Fixing desktop files in /home/ak/.local/share/applications
   chromium.desktop created
   firefox-esr.desktop created
   io.github.celluloid_player.Celluloid.desktop created
   masterpdfeditor4.desktop created
   org.xfce.Catfish.desktop created
   vlc.desktop created

Anonymous wrote:

Is the firejail UI “drag-n-drop” enabled?

I have not installed Firejail GUI and have not done any drag and drop exercise. All I did after installing Firejail was issuing the ‘firecfg’ command.

• This reply was modified 2 years, 8 months ago by anilkagi.
• This reply was modified 2 years, 8 months ago by anilkagi.

[Anonymous]

Startpar: Services returned failure … apparmor failed

Did you intentionally install AppArmor?
Try a websearch for that exact error message.

Strangely the ‘firejail’ kick started.

$ man firecfg
The manpage mentions a “fix” option.

Is the firejail UI “drag-n-drop” enabled? I can’t recall.
If it is, then conceivably… instead of dragging one .desktop item onto the UI to “add” it to the list of applications, a _directory_ icon got dropped onto the UI and all the .desktop items wound up being added to the list of firejail -managed applications. From reading your posts, I wonder if all the items in your “startup” directory wound up being added.

[Member anilkagi]

Xecure,

I checked.

The ~/.icewm/startup, is empty except for this line;

#!/bin/bash

The ~/.desktop-session/startup has one entry;

# Uncomment to use clipboard manager
clipit &

However, the ~/.desktop-session/log has some error reports.

Before that I would like to inform something strange I noticed earlier. I forgot to tell this before. I was trying to find the command that kick starts ‘Clipt’, to see if the command that I am using is appropriate or not. So I typed just simple ‘clipit’ in the terminal and nothing else. Strangely the ‘firejail’ kick started. Even now I checked by repeating it. I have not entered the command as ‘firejail clipit’. The plain ‘clipit’ command attempts to start Clipit in firejail and fails. I never intended to start ‘Clipit’ in fairejail. I have no intention to do so. Moreover, it reports an error. Here below is the error details.

$ clipit
Reading profile /etc/firejail/clipit.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Parent pid 7801, child pid 7802
Warning: Cannot confine the application using AppArmor.
Maybe firejail-default AppArmor profile is not loaded into the kernel.
As root, run "aa-enforce firejail-default" to load it.
Child process initialized in 149.54 ms

(clipit:7): dbind-WARNING **: 05:43:42.632: Couldn't connect to accessibility bus: Failed to connect to socket /tmp/dbus-XwWVqrrDRA: Connection refused

** (clipit:7): WARNING **: 05:43:42.633: Binding '<Ctrl><Alt>H' failed!

(clipit:7): libayatana-appindicator-WARNING **: 05:43:42.728: Unable to get the session bus: Error spawning command line “dbus-launch --autolaunch=4c37a23d53419b397267358169905d53 --binary-syntax --close-stderr”: Child process exited with code 1

(clipit:7): LIBDBUSMENU-GLIB-WARNING **: 05:43:42.729: Unable to get session bus: Error spawning command line “dbus-launch --autolaunch=4c37a23d53419b397267358169905d53 --binary-syntax --close-stderr”: Child process exited with code 1

(clipit:7): Gdk-ERROR **: 05:43:42.947: The program 'clipit' received an X Window System error.
This probably reflects a bug in the program.
The error was 'BadAccess (attempt to access private resource denied)'.
  (Details: serial 334 error_code 10 request_code 130 (MIT-SHM) minor_code 1)
  (Note to programmers: normally, X errors are reported asynchronously;
   that is, you will receive the error a while after causing it.
   To debug your program, run it with the GDK_SYNCHRONIZE environment
   variable to change this behavior. You can then get a meaningful
   backtrace from your debugger if you break on the gdk_x_error() function.)

Parent is shutting down, bye...

And then there is this issue of AppArmor. Whenever I shutdown the system, I get this error, which I haven’t had the time to attend to by reporting on the forum. I tried to resolve it with some suggestions from the web, but it didn’t help. The following is the error line that appears on the screen while shutting down.

Startpar: Services returned failure ... apparmor failed

Now coming to the ~/.desktop-session/log, here it is below. It also contains the firejail error that I mentioned above.

desktop-session: started Fri 04 Sep 2020 05:24:58 AM IST start_time: 50.00
desktop-session: pid: 3791
desktop-session: logging to: /home/username/.desktop-session/log
desktop-session: launch  @ 5008
desktop-session: icewm
desktop-session: display_alt_desktop_window=false
desktop-session: look up executable for icewm
desktop-session: save desktop code: rox-icewm
desktop-session: Exporting desktop Variables:
desktop-session: DESKTOP_SESSION_CODE=rox-icewm
desktop-session: DESKTOP_SESSION_WM=icewm
desktop-session: DESKTOP_SESSION_IM=rox
desktop-session: run: /usr/local/lib/desktop-session/ds-config-check
desktop-session: run: /usr/bin/icewm-session
desktop-session: Checking for running window manager @ 5030
icewm-session: Warning: icewmbg: No such file or directory
desktop-session: Window manager running or setup forced, setting up desktop @ 5081
desktop-session: Delaying session startup by 3 seconds
desktop-session: run: rox --pinboard=antiX-icewm &
desktop-session: run: desktop-session-wallpaper
/usr/local/bin/desktop-session: line 192: /etc/desktop-session/file_compare: No such file or directory
desktop-session: run: /home/username/.desktop-session/startup &
desktop-session: run: conky
automount is :TRUE
FM_USB is : TRUE
FM_OPTICAL is: TRUE
VP_DVD is : FALSE
DVD_COMMAND is :
MP_AUDIO is : FALSE
AUDIO_COMMAND is :
OPTION_USB is --exec-on-drive 'desktop-defaults-run -fm "%d"'
OPTION_OPTICAL is --exec-on-disc 'desktop-defaults-run -fm "%d"'
only one keyboard
Reading profile /etc/firejail/conky.profile
Reading profile /etc/firejail/clipit.profile
Reading profile /etc/firejail/feh.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/disable-xdg.inc
Warning: networking feature is disabled in Firejail configuration file
Parent pid 3866, child pid 3936
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Parent pid 3897, child pid 3939
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Parent pid 3871, child pid 3940
Warning: Cannot confine the application using AppArmor.
Maybe firejail-default AppArmor profile is not loaded into the kernel.
As root, run "aa-enforce firejail-default" to load it.
]0;firejail /usr/bin/clipit Child process initialized in 466.17 ms
Warning: skipping feh for private /etc
Private /etc installed in 385.84 ms
]0;firejail /usr/bin/conky Child process initialized in 488.23 ms
1 program installed in 29.27 ms
libGL error: failed to open drm device: No such file or directory
libGL error: failed to load driver: i965
]0;firejail /usr/bin/feh --bg-scale /usr/share/wallpaper/LinuxTakeControl.jpg Child process initialized in 596.81 ms
Conky: forked to background, pid is 6

Conky: desktop window (8000a2) is subwindow of root window (d3)
Conky: window type - desktop
Conky: drawing to created window (0x1800001)
Conky: drawing to double buffer

Parent is shutting down, bye...

(clipit:7): dbind-WARNING **: 05:25:07.671: Couldn't connect to accessibility bus: Failed to connect to socket /tmp/dbus-XwWVqrrDRA: Connection refused

** (clipit:7): WARNING **: 05:25:07.672: Binding '<Ctrl><Alt>H' failed!

(clipit:7): libayatana-appindicator-WARNING **: 05:25:07.762: Unable to get the session bus: Error spawning command line “dbus-launch --autolaunch=63d7ab821e4c4e6a2a43b4b060fb5e68 --binary-syntax --close-stderr”: Child process exited with code 1

(clipit:7): LIBDBUSMENU-GLIB-WARNING **: 05:25:07.762: Unable to get session bus: Error spawning command line “dbus-launch --autolaunch=63d7ab821e4c4e6a2a43b4b060fb5e68 --binary-syntax --close-stderr”: Child process exited with code 1

(clipit:7): Gdk-ERROR **: 05:25:07.994: The program 'clipit' received an X Window System error.
This probably reflects a bug in the program.
The error was 'BadAccess (attempt to access private resource denied)'.
  (Details: serial 358 error_code 10 request_code 130 (MIT-SHM) minor_code 1)
  (Note to programmers: normally, X errors are reported asynchronously;
   that is, you will receive the error a while after causing it.
   To debug your program, run it with the GDK_SYNCHRONIZE environment
   variable to change this behavior. You can then get a meaningful
   backtrace from your debugger if you break on the gdk_x_error() function.)

Parent is shutting down, bye...
/usr/local/lib/antiX/antiX-common.sh: line 946: cryptsetup: command not found
SIOCGIFADDR: Cannot assign requested address
Reading profile /etc/firejail/firefox.profile
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/firefox-common.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: networking feature is disabled in Firejail configuration file
Parent pid 4583, child pid 4585
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Post-exec seccomp protector enabled
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
Warning: Cannot confine the application using AppArmor.
Maybe firejail-default AppArmor profile is not loaded into the kernel.
As root, run "aa-enforce firejail-default" to load it.
]0;firejail /usr/bin/firefox Child process initialized in 126.32 ms
Warning: an existing sandbox was detected. /usr/bin/firefox-esr will run without any additional sandboxing features
Reading profile /etc/firejail/geany.profile
Reading profile /etc/firejail/allow-common-devel.inc
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Warning: networking feature is disabled in Firejail configuration file
Parent pid 5212, child pid 5213
Child process initialized in 59.10 ms

Parent is shutting down, bye...
Reading profile /etc/firejail/leafpad.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: networking feature is disabled in Firejail configuration file
Parent pid 5326, child pid 5327
1 program installed in 31.16 ms
Standard C library installed in 71.56 ms
Program libraries installed in 147.34 ms
GdkPixbuf installed in 456.41 ms
GTK2 installed in 133.65 ms
Pango installed in 0.06 ms
GIO installed in 10.90 ms
Installed 104 libraries and 6 directories
Child process initialized in 933.93 ms

Parent is shutting down, bye...
Reading profile /etc/firejail/leafpad.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: networking feature is disabled in Firejail configuration file
Parent pid 6690, child pid 6691
1 program installed in 1.70 ms
Standard C library installed in 52.32 ms
Program libraries installed in 140.09 ms
GdkPixbuf installed in 131.98 ms
GTK2 installed in 85.14 ms
Pango installed in 0.01 ms
GIO installed in 8.00 ms
Installed 104 libraries and 6 directories
Child process initialized in 507.34 ms
Reading profile /etc/firejail/leafpad.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: networking feature is disabled in Firejail configuration file
Parent pid 7157, child pid 7158
1 program installed in 2.15 ms
Standard C library installed in 46.60 ms
Program libraries installed in 134.30 ms
GdkPixbuf installed in 136.22 ms
GTK2 installed in 87.35 ms
Pango installed in 0.01 ms
GIO installed in 7.41 ms
Installed 104 libraries and 6 directories
Child process initialized in 488.44 ms

Parent is shutting down, bye...

** (roxterm:7776): WARNING **: 05:43:36.695: Failed to connect to session manager: SESSION_MANAGER environment variable not defined

[Member Xecure]

flyntstone wrote:

I managed to break my root-persistence apparently by installing Xfce and then modifying /etc/slim_conf as per
https://wiki.debian.org/Xfce

The above page did not mention permissions, so I did this (during a live root-persistence session):

sudo vi /etc/slim_conf using
and made the following change:
#login_cmd setsid /usr/local/bin/desktop-session %session
login_cmd exec ck-launch-session /bin/bash -login /etc/X11/Xsession %session

I believe you don’t need to modify the slim.conf file. antiX created a script that is hooked to apt. After every desktop installation it will execute and automatically update slim.

Please test it again without modifying slim.
If you are still trying to save the live USB device with persistence, log in from tty1, edit and restore the slim.conf file to how it was before, then persist-save and reboot.

antiX Live system enthusiast.
General Live Boot Parameters for antiX.

Hello there,

I tried to install Tor browser with synaptic. There are two packages on the synaptic, Tor Browser & Tor browser launcher settings.

I installed both. The Tor Browser in the synaptic is not the actual browser but it is the installer. I have successfully installed and used Tor browser by that method before, but of late it is giving the error: “signature verification failed error”.

I then changed the Tor browser launcher settings; I checked the ‘Download over system Tor’ box > Install Tor Browser. That too did not succeed.

I checked the web for solutions and found a few solutions there.

One solution was;

This is due to an outdated key for verifying the torbrowser-launcher download. Try: gpg --homedir "$HOME/.local/share/torbrowser/gnupg_homedir/" --refresh-keys --keyserver pgp.mit.edu

The other solution was;

It's fixed in the latest version of torbrowser-launcher. Add the author's PPA to get the update: sudo add-apt-repository ppa:micahflee/ppa

Another was;

gpg --homedir "$HOME/.local/share/torbrowser/gnupg_homedir" --refresh-keys --keyserver keyserver.ubuntu.com

Another was;

Completely purge tor and install the tor browser bundle from torproject.org.

Another was;

curl -s https://openpgpkey.torproject.org/.well-known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg --import -

I was skeptical about these solutions because I do not know if it is the proper method to adopt on antiX.

The torproject.org site gives the following solution;

The Tor Browser team signs Tor Browser releases. Import the Tor Browser Developers signing key (0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290):

gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org

If ./tor.keyring doesn't exist after running this command, something has gone wrong and you cannot continue until you've figured out why this didn't work.

That was exactly what happened to me. The ./tor.keyring doesn’t exist after running the above command. Next, the site gives a workaround.

Workaround (using a public key)

If you encounter errors you cannot fix, feel free to download and use this public key instead. Alternatively, you may use the following command:

curl -s https://openpgpkey.torproject.org/.well-known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg --import -

Then there is another solution given on that site.

To use source lines with https:// in /etc/apt/sources.list the apt-transport-https package is required. I installed it on synaptic.

Then add this line to your /etc/apt/sources.list file:

    deb     https://deb.torproject.org/torproject.org buster main

sudo apt-get update
sudo apt-get upgrade

Install signing key together with tor:

# apt install tor deb.torproject.org-keyring

All these solutions were not at all necessary if the signature verification did not fail in the regular method of installing with installer, installed with synaptic. It was easy and nice method. I have installed Tor by that method successfully before.

What is the way out?

• This topic was modified 2 years, 8 months ago by anilkagi.

[Member anti-ewaste]

Thanks, it looks like the data on the USB drive was corrupt and repair didn’t work so it had to be reinstalled (has to write over Plop after all) but works great now. I should add there is apparently a way for Plop to co-exist with GRUB but it has to be done manually.

• This reply was modified 2 years, 8 months ago by anti-ewaste.

I managed to break my root-persistence apparently by installing Xfce and then modifying /etc/slim_conf as per
https://wiki.debian.org/Xfce

The above page did not mention permissions, so I did this (during a live root-persistence session):

sudo vi /etc/slim_conf using
and made the following change:
#login_cmd setsid /usr/local/bin/desktop-session %session
login_cmd exec ck-launch-session /bin/bash -login /etc/X11/Xsession %session

The boot works, but the login fails even after ctrl-f1-ing into a Desktop Environment first (as per https://mynixworld.info/2011/11/25/slim-failed-to-execute-login-command/
). I went ahead and remade the key with LiveUSB-maker. It worked for a very little while. Then I ended up cancelling persistence when logging out in an unrelated action. After that I still had the same problem! So now I use the key without persistence. Any suggestions? BTW, I noticed that the key seems to gain a UEFI partition for each remaking. I have stayed away from using UEFI… the screen to choose a boot device gives me the option.

[Member olsztyn]

Brian Masinick wrote:

Ceni is a menu command interface. It’s advantage is the low resources used.

I’ve used network manager with distributions that offer it and it works fine but I don’t use it with antiX.

– In my thinking I do not mind if Ceni is using 1 or 2 M of memory less. What is important however it seems rock solid and fast connecting. Unfortunately it is not flexible enough for today’s environments so I think it was the right decision anti made to replace with Connman…
– Network Manager appears most developed feature wise and it works fine 90+ % of time. It is just sometimes moody for no apparent reason, which I cannot attribute to router or network strength… So as a backup I have Connman installed too as a secondary, should I experience more stubborn behavior of Network Manager.

• This reply was modified 2 years, 8 months ago by olsztyn.

Live antiX Boot Options (Previously posted by Xecure):
https://antixlinuxfan.miraheze.org/wiki/Table_of_antiX_Boot_Parameters

[Moderator Brian Masinick]

@Seaken64:

Just keep in mind all resources count.
Badwolf, for example, is terrific with conservative memory usage but it’s currently limited by some basic services missing, bookmarks, modifying the fonts is not easily done and CPU usage is the apparent consequence of low memory use.

My point is that the best tools are both usable and efficient. Badwolf may get there but it’s not quite at that point quite yet.

Bravo and Vivaldi are good examples that are worth more examination.

• This reply was modified 2 years, 8 months ago by Brian Masinick.

--
Brian Masinick

[Member seaken64]

Okay, I found an article on https://hacktivis.me/git/badwolf.mdoc/, which is apparently the manual. A little sketchy, but I figured out how to enlarge the pages. It says “webview Ctrl-Scroll Zooms the webpage in/out.”. At first I was confused, thinking it was the “Scroll” key on the keyboard (I recalled a Sroll Lock key) and my Logitech wireless keyboard did not have such a key. Then I realized it was saying to hold the Ctrl key and then scroll the mouse. Not sure how I would do this without a middle scroll wheel or a touchpad with two finger scroll. But maybe there is a way. Anyway, I tried it and it works. Now I can see the text!

But no bookmarks? or saved passwords? That will make it harder for me to use. I think I will stick with SeaMonkey.

Seaken64

[Member olsztyn]

christophe wrote:

It is still “sticky” — under “tips & tricks” 🙂

Thank you Christophe! I missed it apparently…

I want to stress that syslinux/Extlinux way is simple and really good. Thanks for posting this process.
Just to mention: I use slightly different process using syslinux instead of Extlinux but it seems to arrive at the same result.
Namely, having booted antiX Live:
– Copied /boot/syslinux folder from antiX Live to sda1. For simplicity I actually copied the entire /boot folder, including Grub.
– Copied antiX folder from antiX Live to sda1.
– Edited syslinux.cfg file for appropriate boot labels and their syntax. So I am using syslinux.cfg instead of extlinux.conf.

Result seems to work the same as Extlinux process you published and I am not clear yet if there is any difference. I have read somewhere that syslinux and Extlinux have merged into one at some point but I have not spent lots of time on confirming this.
Can someone in this forum please shed some light on this?
Thanks again and regards.

Live antiX Boot Options (Previously posted by Xecure):
https://antixlinuxfan.miraheze.org/wiki/Table_of_antiX_Boot_Parameters

[Member seaken64]

anticapitalista wrote:

So anyone using a very old 32 bit box that is non sse2, their only option is to use that old (modern) Palemoon browser.

They can also use SeaMonkey 2.49.4 or Netsurf. How is SeaMonkey installed? Can we install version 2.49.4 from the Package Installer?

Seaken64

And, apparently Firefox ESR also works on nonSSE2 machines. Yet all I have read is that FF ESR stopped supporting SSE2 after version 52. But I just ran version 68 Quantum on my antiX-19 install on this P-III. It works. Not as good as SeaMonkey and it uses more memory. But I installed NoScript on it and it works. Strange.

• This reply was modified 2 years, 9 months ago by seaken64.

[Member olsztyn]

ModdIt wrote:

Hi olsztyn, Maybe worth playing with these two settings in icewm preferences.

Thank you Moddlt.
I did previously play with the second setting and just now with both. None seems to make any difference. I tried also some other settings but none made any difference as well.
In addition:
– Tried two wireless mice with different sensitivity and one wired mouse on several laptops. IceWM behavior is consistently the same.
– As for comparison used the same mice on Fluxbox and Gnome on the same laptop. No such issue on Fluxbox or Gnome. On Fluxbox menu pops up immediately on the right click while on Gnome menu pops up when right mouse button is released. On IceWM no menu pops up if the mouse moves even slightly.

I would probably need to find somewhere detailed explanations of IceWM settings, which might be difficult to find as this multitude of settings apparently assume their meaning is well known…
Thanks again and Regards…

Live antiX Boot Options (Previously posted by Xecure):
https://antixlinuxfan.miraheze.org/wiki/Table_of_antiX_Boot_Parameters

[Member anilkagi]

Thank you Xecure, Sybok and Rockytnji for coming. I was calmly going through all the interesting discussions going on between you knowledgeable guys. Now I thought, I should perhaps post.

Xecure wrote:

stay away from fear and paranoia. Privacy is important, but obsession is worse

That’s a sound piece of advice. It made me relax too.

However actually, I am not paranoid or obsessed, but I am entering the danger zone I suppose, by trying to integrate my Android phone with my Computer. So I am venturing into learning to create secure environment to do such risky activities. This question popped up during that discussion and I started this thread.

I consider integrating an Android phone with my computer risky because, the Android phone that I paid for plus the data plan that I paid for, is used by Google and other Android apps, more than me, for their corporate goals, without me knowing it. Their opaque affairs, which I can’t see through, gives them immense power, to do what they choose to do with me and my data and lifestyle. (Do they own all that, just because they give me those free services?) We know the risks involved and we handle it accordingly. However integrating an Android phone with computer, opens up the computer too, to all that. I want to minimize if not annul the risks there.

I find that the suggestions offered by Seaken64, Dave, Moddit, Olsztyn, Sybok, Rockytnji and yourself are great. And Xecure, thanks for the link. I read further also.

And Sybok’s;

sybok wrote:

you can do a lot of the requirements by properly selecting groups to which the user belongs to (a current user can list the group they belong to using the command ‘groups’).
E.g. definitely remove the restricted-user from ‘sudo’.
READ-ONLY ROOT:
Also, it seems that Debian (and hence I guess that also antiX) allows to mount parts of the filesystem, e.g. root as read-only

Though I didn’t understand much of the link Sybok provided, Olsztyn’s reply…

olsztyn wrote:

So after the entire system is finalized in terms of installed applications and fully configured, there is no need for further changes to these vital parts of OS and these folders can be made read-only.

… gave an idea. That’s really interesting.

I didn’t understand most of Rockytnji’s post, what I could make out. if I am right, from it is, by editing the /etc/sudoers file we can restrict the abilities of users. It was apparent from the last line;

rokytnji wrote:

works fine. My wife can only shutdown and reboot.

Now I feel, I can get to where I want to, almost effectively. So finally I decided to come down to this; I will adopt the best of all the worlds.

For affairs like Banking, where significant security is necessary, I could adopt Olsztyn’s model of having a live USB, easily. And for my daily work I will do the following, with the guidance from you knowledgeable guys. I am afraid I would need a bit of hand-holding too. So I would require a lot of compassion from you guys too. I hope Rockytnji, won’t hate me for this.

First I will install Antix on the computer, which I already have done. After the system is totally ready, I will make the “vital parts of OS” read-only as suggested by Sybok. And then I will edit the /etc/sudoers file to restrict the abilities of all other users except me as suggested by Rockytnji.

Next, I will create an underprivileged user account. This underprivileged user account, is for doing all my work. Then, I will install VirtualBox on this same underprivileged account. I will also install firejail in this same user account. Next, I will create an Antix-core VM on the VirtualBox. And in that Antix-core VM, I will install GSconnect and connect it to the KDEconnect on my Android phone. I will start the VirtualBox / Antix-core VM in firejail.

Can this setup be created?

Would it not provide sufficient security for integrating my Android phone with my Computer, through KDEconnect & GSconnect?

If this is sufficient; to achieve this, to begin with, I will have to first create an underprivileged user account. I don’t find an option to create an underprivileged user account through the, Control center > Maintenance > User Manager. How do I do it?

By underprivileged user account, I mean, one where the user cannot install any software, does not have access to root, sudo, admin etc. I shall remove the privilege to install software after installing VB, Fire jail and Antix-core VM, GS-connect in the VM and any other necessary applications. How do I make this underprivileged user account?

I can’t find a solution to disable the touchpad, which is really necessary.

Have tried to install the touchpad-indicator which was a god tool for me long ago.
It is in the atareao repos , but when I do ‘sudo apt-get repository ppa:atareao/atareao’
I get the ‘invalid operation repository’ – ‘Ungülige Operation repository’ (German).

Any way to disable the touchpad is fine even total.
Thanks.

• This topic was modified 2 years, 9 months ago by rolfarius.