Can't connect to the network via USB hub with ethernet until xhci_pci mod is reloaded. Keeps happening every ~1 hour

Hey folks,

I have powered USB hub with ethernet port. This thing is plugged into my screen and then the screen is plugged into my laptop via usb-c cable (tunderbolt + PD). However after like an hour the ethernet is somehow disconnected and cannot connect again until I reload xhci\_pci kernel module like:

```
sudo rmmod xhci\_pci ; sudo modprobe xhci\_pci; sudo service network-manager restart;
```

When I keep my laptop on over night it works in the morning which is weird because it should be disconnected. But after ~1h of use I get disconnected. Like someone is counting my packets :)

When disconnected network manager tries to connect but even after several attemts no success until I reload the kernel module.

Syslog:

```Feb 14 10:49:13 box NetworkManager[107379]: <info> [1581673753.1521] dhcp4 (wlp58s0): state changed bound -> bound
Feb 14 10:49:13 box dbus-daemon[592]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.670' (uid=0 pid=107379 comm="/usr/sbin/NetworkManager --no-daemon ")
Feb 14 10:49:13 box systemd[1]: Starting Network Manager Script Dispatcher Service...
Feb 14 10:49:13 box dbus-daemon[592]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Feb 14 10:49:13 box systemd[1]: Started Network Manager Script Dispatcher Service.
Feb 14 10:49:16 box NetworkManager[107379]: <warn> [1581673756.7653] dhcp4 (enx000ec6a47796): request timed out
Feb 14 10:49:16 box NetworkManager[107379]: <info> [1581673756.7654] dhcp4 (enx000ec6a47796): state changed unknown -> timeout
Feb 14 10:49:16 box NetworkManager[107379]: <info> [1581673756.7835] dhcp4 (enx000ec6a47796): canceled DHCP transaction
Feb 14 10:49:16 box NetworkManager[107379]: <info> [1581673756.7836] dhcp4 (enx000ec6a47796): state changed timeout -> done
Feb 14 10:49:16 box NetworkManager[107379]: <info> [1581673756.7839] device (enx000ec6a47796): state change: ip-config -> failed (reason 'ip-config-unavailable', sys-iface-state: 'managed')
Feb 14 10:49:16 box NetworkManager[107379]: <warn> [1581673756.7855] device (enx000ec6a47796): Activation: failed for connection 'Ifupdown (enx000ec6a47796)'
Feb 14 10:49:16 box NetworkManager[107379]: <info> [1581673756.7859] device (enx000ec6a47796): state change: failed -> disconnected (reason 'none', sys-iface-state: 'managed')
Feb 14 10:49:16 box avahi-daemon[587]: Withdrawing address record for fe80::3faa:8aca:837:2395 on enx000ec6a47796.
Feb 14 10:49:16 box avahi-daemon[587]: Leaving mDNS multicast group on interface enx000ec6a47796.IPv6 with address fe80::3faa:8aca:837:2395.
Feb 14 10:49:16 box avahi-daemon[587]: Interface enx000ec6a47796.IPv6 no longer relevant for mDNS.
Feb 14 10:49:16 box NetworkManager[107379]: <info> [1581673756.7906] policy: auto-activating connection 'Ifupdown (enx000ec6a47796)' (bab55de5-79f6-ae3c-e677-f281d37e28d7)
Feb 14 10:49:16 box NetworkManager[107379]: <info> [1581673756.7916] device (enx000ec6a47796): Activation: starting connection 'Ifupdown (enx000ec6a47796)' (bab55de5-79f6-ae3c-e677-f281d37e28d7)
Feb 14 10:49:16 box NetworkManager[107379]: <info> [1581673756.7917] device (enx000ec6a47796): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed')
Feb 14 10:49:16 box NetworkManager[107379]: <info> [1581673756.7924] device (enx000ec6a47796): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
Feb 14 10:49:16 box NetworkManager[107379]: <info> [1581673756.7930] device (enx000ec6a47796): state change: config -> ip-config (reason 'none', sys-iface-state: 'managed')
Feb 14 10:49:16 box NetworkManager[107379]: <info> [1581673756.7934] dhcp4 (enx000ec6a47796): activation: beginning transaction (timeout in 45 seconds)
Feb 14 10:49:16 box avahi-daemon[587]: Joining mDNS multicast group on interface enx000ec6a47796.IPv6 with address fe80::3faa:8aca:837:2395.
Feb 14 10:49:16 box avahi-daemon[587]: Ne

w relevant interface enx000ec6a47796.IPv6 for mDNS.
Feb 14 10:49:16 box avahi-daemon[587]: Registering new address record for fe80::3faa:8aca:837:2395 on enx000ec6a47796.*.
Feb 14 10:49:16 box slim[2204]: "No such interface “org.freedesktop.DBus.Properties” on object at path /org/freedesktop/NetworkManager/ActiveConnection/24"
Feb 14 10:49:23 box systemd[1]: NetworkManager-dispatcher.service: Succeeded.

```

Any idea where can I start sniffing?

https://redd.it/f3q10k
@r_linux

PSA: phpList Authentication Bypass exploit in v3.5.0 due to type juggling with '==' auth condition (CVE-2020-8547). Here's a guide to securing phpList.
https://tech.michaelaltfield.net/2020/02/14/phplist-hardening-security/

https://redd.it/f3qsxt
@r_linux

Halo anniversary flight works on linux

I was accepted into the latest halo flight. the campaign goes from Truth and Reconciliation to 343 Guilty Spark but cuts off right before the last cut scene. The game seemed to be capped to 60 fps and there were some minor glitches such as the zoom button not working for the sniper and at times audio bugs. These glitches more than likely have nothing to do with linux/proton but instead are just due to the fact the game is still being developed. Otherwise the game ran just fine and I never experienced a single crash until I completed the last level.

So, if anyone was worried about running this game on linux you don't need to, the game runs great.

https://redd.it/f3nvk3
@r_linux

How many times did a rolling release distro actually messed up with your system?

So, I've been a linux user for over 10 years and have been using debian testing/unstable ever since. I'm definitely not the linux pro, just find it a great OS overall, that pretty much serve all my computing needs.

With that said, I don't think I've crossed any problem directly related to a botched update that wasn't of my own making. Last week I've decided to go for new flavours and switched to openSUSE tumbleweed. A little bit of googling gave me the impression that it's a *super unstable system and definitely not recommended for a lay home user.*

I felt dared. Specially because I'm a apt-holic and not even that made my sid go nuts in all those years.

While I can understand that sysadmins value over-the-top stability, it left me wondering how many of you actually experienced any issues with major rolling release distros in home user use cases.

https://redd.it/f3rlw9
@r_linux

My Linux and Vim notes
https://catonmat.net/linux-and-vim-notes

https://redd.it/f3slyc
@r_linux

Suspend shuts down laptop (Manjaro-i3)

\`sudo systemctl suspend\` shuts down my laptop, and it happens when I close my lid for some time too. How can I solve this? I'm using Manjaro-i3 and I have \`tlp\` installed if that's relevant, but it seems to happen when I disable tlp too..

https://redd.it/f3ssjy
@r_linux

Best Budget Laptop for Linux in 2020

Hey all,

I want to buy a laptop for linux. I know there re lots of topics for it but they are really outdated and we are in 2020.

What's a nice budget laptop for completely in a harmony with linux? It will be my first linux setup. My priority is long last battery life and being not heavy as I'm a student. Gaming is not important, I only play low demand strategy games. I just want long last battery( at least 6 hours).

I will mostly web surfing, watching youtube and movies, reading stuf and studies.

&#x200B;

Thanks a lot!

https://redd.it/f3tpol
@r_linux

Weekend Fluff / Linux in the Wild Thread - February 14, 2020

Welcome to the weekend! This stickied thread is for you to post pictures of your ubuntu 2006 install disk, slackware floppies, on-topic memes or more.

When it's not the weekend, be sure to check out r/WildLinuxAppears or r/linuxmemes!

https://redd.it/f3v6p3
@r_linux

Clear Linux* (secured by design as claimed) don't support secure boot yet.

I studied it for several days in thoughts about installing Clear Linux as robust+secure disto, but I saw [this](https://community.clearlinux.org/t/has-clearlinux-secureboot-validation-lockdown/3111):

[Secure by design they said](https://preview.redd.it/mjq6ztnbzvg41.png?width=824&format=png&auto=webp&s=43291e1c4193ff8031ecf36cde5bbdd633774712)

Can anyone explain what's going on? May be secure boot is overrated? But official team forced to keep calm. I regret the time spent, distro hopping continues for me.

https://redd.it/f3rvg4
@r_linux

Secure, Privacy Focused Firefox

These links were emailed to me by Yvan from SnowHaze when I asked if they had a desktop browser of their secure, privacy mobile browser. He gave these to sure up Firefox, enjoy:

https://blog.snowhaze.com/firefox-add-ons/

https://blog.snowhaze.com/boost-your-privacy-and-security-in-firefox-with-these-advanced-settings/

Thank you SnowHaze

https://redd.it/f3ugzz
@r_linux

It's all fun and games untill she gives you this screen
https://redd.it/f3y1qg
@r_linux

Dual boot

Is there a way to dual boot windows 10 and some sort of Linux be it Ubuntu or clear Linux, on the same hard drive? Any suggestions for specific Linux os's

https://redd.it/f3z1wf
@r_linux

BENCHMARK: Windows vs. Clear Linux Scaling Performance analysis From 16 To 128 Threads With AMD Ryzen Threadripper 3990X
https://www.phoronix.com/scan.php?page=article&item=3990x-windows-linux&num=1

https://redd.it/f3z3vj
@r_linux

Steam says they've dropped support for the steam browser on 32-bit Linux systems. Does this mean I'm unable to play the games I own through steam on my 32-bit Linux machine?

I have an old computer which unfortunately is 32-bit afaik from doing lscpu with it telling me I only have the one opmode for 32-bit processing. When I installed steam on it, none of my games would display in my library and there was just one notification in the top left of the window telling me that the steam browser wasn't working correctly with a link as to why.

Following the link; it explained that Steam has dropped support for 32-bit linux systems.

Does this mean it's impossible for me to install/play my purchased games on my computer? Or is there a workaround? Most of my games are old games anyway.

https://redd.it/f40rzp
@r_linux

How and why is UEFI's Secure Boot useful?

There has been some discussions around SecureBoot recently, which a lot of it prompted by Intel's clearlinux team saying that they do not support Secure Boot. I wanted to clear several misconceptions on the matter.

>1) Secure Boot is a microsoft product.

No it's not. It's part of the UEFI (Unified Extensible Firmware Interface) standard that evolved out of Intel's EFI replacement for legacy IBM-PC bios.

UEFI is a defined interface that is presented by a motherboard's firmware to allow conforming operating systems to interact with the platform hardware. Secure Boot is nothing more than a standard for comparing cryptographic signatures on bootable executables and some OS code against a database of keys. [https://www.intel.com/content/www/us/en/support/articles/000006942/boards-and-kits/desktop-boards.html](https://www.intel.com/content/www/us/en/support/articles/000006942/boards-and-kits/desktop-boards.html) . In pretty much all x86 motherboards (by which I mean I can't find any exception,) the key database is entirely controllable by the end user. If you want to add your own key, you can. If you want to delete microsoft's key, you can. The only way that microsoft is involved is that 1) the majority of motherboards ship by default with MS's key, and 2) for a computer to be designated "Certified for Windows 8 or 10 or whatever" it has to ship with Secure Boot enabled by default and have Microsoft's key. It does not prevent user management of the keys.

Many distros have partnered with windows to piggy-back off their keys since they're distributed by default, but this is only relevant for REALLY new users who cannot manage their own key store. It's entirely possible to get the signing keys of your distro or to sign your own stuff without using MS's key at all.

&#x200B;

>2) Secure boot is meant for enforcing DRM

Secure boot isn't even capable of enforcing DRM by itself. Once the OS is loaded Secure Boot doesn't do anything, it is only capable of restricting execution of boot loaders and OS kernel / modules. Most people confuse the criticism of secure boot with the criticism of hardware TPMs (trusted platform module). A TPM is a hardware device that contains private cryptographic keys with a defined interface for decrypting data without exposing your private key. In theory a company can require a TPM that does not expose an interface for user management of the keys and use it to restrict what devices are authorized to use its software or view media. Essentially a dongle. For that to be effective you'd have to enable both a TPM and a bastardized version of secure-boot that only allows heavily restricted operating systems to boot so that someone could not just load the software, find the unencrypted version of the software / media in RAM, and dump a cracked version that bypasses the DRM. But there are no examples of this type of thing being done on consumer PCs since most don't come with a TPM, and most users are not computer savy enough to understand how to buy / install / use one.

>3) secure boot doesn't protect anything or isn't useful.

It is entirely possible that your specific use case and risk tolerance is such that it is not an overall benefit for you to use secure-boot, but there are real benefits to it. If you dual boot your computer with both Windows and Linux, and have encrypted your Linux main drive, you still have unencrypted files that are used to bootstrap your computer enough to unencrypted those files. Even without a filesystem driver in windows that can read a linux partition, there still exists a theoretical attack where someone could compromise your windows OS, modify your initramfs, and put in some code to sniff your decryption password, writing it back onto your windows system to be retrieved the next time you boot into your compromised windows. SecureBoot prevents this attack, and even if your windows system is compromised by someone without a private key matching your secure boot key database, your linux boot files cannot be modified. If you only run o

ne Linux distro, it's much less beneficial since a compromised Linux system that allows modifying boot files would mean access to anything else, but it would still prevent certain theoretical classes of attack.

&#x200B;

I'm certain I missed something, and am open to discussion or debate, but I wanted to clear up a lot of confusion and myths that seems to exist.

https://redd.it/f414vl
@r_linux

OpenSSH release (8.2) with FIDO/U2F support
http://www.openssh.com/txt/release-8.2

https://redd.it/f403vj
@r_linux

KDE is crap

Is it just me or is KDE the most buggy desktop environment out there. Everytime I try installing KDE plasma in a virtual machine. VMware Tools, Open VM Tools, VirtualBox Guest Additions and nothing else works.

KDE looks great but is disfunctional as hell.

That's not all. Plasma constantly crashes. Windows (graphically) sometimes glitch up (that one could be due to it running in a VM though)

https://redd.it/f3zbus
@r_linux

Best linux books for beginners?



https://redd.it/f43kg2
@r_linux

A funky smelling output
https://redd.it/f433xb
@r_linux