Tag Archives: Linux

OpenWRT and PPTP VPN

Just a note on configuring OpenWRT and PPTP VPN.

Install:

kmod-nf-nathelper 
kmod-nf-nathelper-extra

NOTE: Those will be removed when you upgrade OpenWRT trough Sysupgrade image, so be sure to install them again after an upgrade.

If this does not fix the issue with PPTP VPN’s not connecting then ssh to the router and create a file: /etc/nftables.d/20-pptp-conntrack-helper.nft with the following content:

chain user_pre_output {
    type filter hook output priority -1; policy accept;
    tcp dport 1723 ct helper set "pptp"
}

and reboot the router.
https://github.com/openwrt/openwrt/issues/13009

Debian 13 Trixie Xfce4 desktop

Restore Xfce4 to default settings

I run Debian 13 (Trixie) with KDE (on Wayland) as my daily driver for Android development on a Lenovo ThinkPad P50, with Xfce4 alongside mainly for tinkering. As with everything you tinker with, things tend to break along the way.

Here is a script that will restore Xfce to it’s default desktop settings for the current user.

#!/bin/bash
pkill -KILL xfconfd xfce4-panel xfce4-session xfsettingsd xfdesktop 2>/dev/null || true
 
rm -rf ~/.config/xfce4
rm -rf ~/.cache/xfce4
rm -rf ~/.config/xfconf
rm -rf ~/.cache/sessions
rm -rf ~/.local/share/xfce4
rm -rf ~/.local/share/xfce4-panel

Save it as restore_xfce.sh, and make it executable:

chmod +x restore_xfce.sh

Log out of your Xfce session and switch to a virtual console using Ctrl + Alt + F3, log in with your username and password, and run:

./restore_xfce.sh

Switch back to GUI by pressing Alt + F2 or Alt + F1.

pulseaudio wasting CPU time because of speech-dispatcher

Disable speech-dispatcher on Debian 12

I’m running Debian 12 “Bookworm” on a HP ProBook x360 G1 EE. This “beast” is serving as a Jenkins node running an automated test suite on attached Android devices for GSM Signal Monitor. It also runs xRDP and XFCE as the desktop environment. I’m remoting into the machine from time to time for device management and configuration using scrcpy.

One thing I noticed when running htop and using Firefox to visit sites such as stackoverflow.com was the abnormal CPU utilization by PulseAudio.

After a bit of research, the issue was pinpointed to speech dispatcher auto spawning on demand when called by certain applications.

I don’t use speech synthesis or software synthesizers on this machine (or anywhere, to be fair) and would rather waste CPU cycles on something more useful—such as running complete regression test suites against GSM Signal Monitor when a build is merged into the dev branch, or pre-release testing on 24 devices attached to the little beast.

To prevent speech-dispatcher from auto-spawning on demand, open a terminal and run:

sudo nano /etc/speech-dispatcher/speechd.conf

Locate the “DisableAutoSpawn” option near the bottom of the file and uncomment it. Save the file and restart speech-dispatcher.

sudo systemctl restart speech-dispatcher

Optionally restart Firefox if it’s running.

Now speech-dispatcher should no longer spawn on demand by applications. You can verify that by navigating to a topic on Stack Overflow, for example.

speech-dispatcher disabled, firefox complaining

Firefox should complain that it can’t use speech synthesis.

Gentoo Linux: Ugly fonts in NetBeans and how to fix them

I recently installed Gentoo GNU/Linux + KDE 5 on my dev machine. One thing that was bugging me was the crappy font rendering in NetBeans.

To relolve the problem, locate your netbeans.conf file. Usually under /etc in your NetBeans installation folder, and append to netbeans_default_options the follwing:

-J-Dswing.aatext=true -J-Dawt.useSystemAAFontSettings=lcd --laf Metal

This will enable font smoothing in SWING and use default system settings for font smoothing. The last entry –laf Metal sets the preferred UI theme for the IDE, it should be Swing based theme such as Metal or Numbus.

Happy coding 🙂

ERROR: dev-python/cryptography-1.1.2::gentoo failed (compile phase)

Latest

emerge --sync
emerge --update --deep --newuse @world

broke “dev-python/cryptography” on my development “server”. By server I mean Intel Celeron at 400Mhz with 768Mb of RAM. Currently running MySQL, Apache, Apache Tomcat, Samba and Deluge.

i686-pc-linux-gnu-gcc -O2 -march=pentium2 -pipe -fomit-frame-pointer -fno-ident -fPIC -I/usr/include/python2.7 -c /var/tmp/portage/dev-python/cryptography-1.1.2/work/cryptography-1.1.2-python2_7/temp.linux-i686-2.7/_openssl.c -o /var/tmp/portage/dev-python/cryptography-1.1.2/work/cryptography-1.1.2-python2_7/temp.linux-i686-2.7/var/tmp/portage/dev-python/cryptography-1.1.2/work/cryptography-1.1.2-python2_7/temp.linux-i686-2.7/_openssl.o
/var/tmp/portage/dev-python/cryptography-1.1.2/work/cryptography-1.1.2-python2_7/temp.linux-i686-2.7/_openssl.c:2096:15: error: ‘SSLv2_method’ redeclared as different kind of symbol
 SSL_METHOD* (*SSLv2_method)(void) = NULL;

As the build error says dev-python/cryptography is looking for SSLv2. Doing

equery u openssl
[ Legend : U - final flag setting for installation]
[        : I - package is installed with flag     ]
[ Colors : set, unset                             ]
 * Found these USE flags for dev-libs/openssl-1.0.2h-r2:
 U I
 + + asm                : Support assembly hand optimized crypto functions (i.e. faster run time)
 + + bindist            : Disable EC algorithms (as they seem to be patented) -- note: changes the ABI
 - - cpu_flags_x86_sse2 : Use the SSE2 instruction set
 - - gmp                : Add support for dev-libs/gmp (GNU MP library)
 - - kerberos           : Add kerberos support
 - - rfc3779            : Enable support for RFC 3779 (X.509 Extensions for IP Addresses and AS Identifiers)
 - - sctp               : Support for Stream Control Transmission Protocol
 - - sslv2              : Support for the old/insecure SSLv2 protocol -- note: not required for TLS/https
 + + sslv3              : Support for the old/insecure SSLv3 protocol -- note: not required for TLS/https
 - - static-libs        : Build static versions of dynamic libraries as well
 - - test               : Workaround to pull in packages needed to run with FEATURES=test. Portage-2.1.2 handles this internally, so don't set it in
                          make.conf/package.use anymore
 + + tls-heartbeat      : Enable the Heartbeat Extension in TLS and DTLS
 - - vanilla            : Do not add extra patches which change default behaviour; DO NOT USE THIS ON A GLOBAL SCALE as the severity of the meaning changes
                          drastically
 + + zlib               : Add support for zlib (de)compression

Reveled that OpenSSL is build with ought SSLv2 suport. Adding sslv2 use flag for OpenSSL and rebuilding resolved the problem.

echo "dev-libs/openssl sslv2" > /etc/portage/package.use/openssl

According to me, this is a bug in “dev-python/cryptography“. The ebuild should do some kind of checking if sslv2 use flag is enabled, or it should introduce use flags controlling the version of ssl used.