Today I learned about IMA, EVM and TPM on Linux and I feel like Alice tumbling down the rabbit hole.
[ 0.784022] ima: No TPM chip found, activating TPM-bypass!
dmesg | grep TPM
Last time I read about this is ~15 years ago and I simply disabled TPM so far since I only remember the concerns from back then about privacy and the impact it may have on free software related to DRM. TrueCrypt also fuelled this believe.
Turns out that TPM is completely passive and can do a lot for me, especially in combination with UEFI and IMA (Integrity Measurement Architecture) or, in fact, with securing personal credentials and even TOTP.
I played the visual novel game Ken Follett's The Pillars of the Earth. I admit I didn’t even look up the details before when I got all three parts dead cheap as a bundle. I’ve a very faint memory of reading the book/s but that’s all. It looked like a decent point-and-click adventure available for #Linux and the idea was to play it via Steam Link in the living room with the kids around. Hint: Don’t do that.
The story is an emotional roller-coaster not shy of splattering blood all over the scene. There are dramatic moments where decisions have to be made [in time] but also peaceful chapters and fun moments. Some have to be spotted and can be missed. The story builds up slowly based on character development and decisions made. Or so it feels. All strings come together in the end and some scenes may change in detail but the overall outcome is probably the same. I’d have to read up on this or do another play-through to be sure though.
It’s not a difficult game. There are no riddles (minigames) to be solved. The only minigame included is some sort of timing game (“quick action”) where one has to click at the right moment. That was mostly annoying but mercifully simply reset the scene when it really mattered so one could try again.
Depiction of a town in 12th century England
The character style may be an issue for some. Animations are not very smooth and there seems to be no lip sync. Sometimes the animations don’t fire at all. The audio however is very good and makes up for this. Music and scenery are awesome. A lot of research went into this, unlike most #mediaeval games, and the depiction of 12th century England looks adequate [to me]. Since this is a hobby of mine I’m really thrown off if this does not match up in games [or movies]. I also catched the vibe of architectural love for cathedrals that I can relate to. While it’s timberframed buildings for me I can certainly understand the fascination. I visited Guédelon some years ago after all 😉
So if you like #mediaeval stories for your #linuxgaming do yourself a favour and get this game. It’s worth every penny.
Slow boot of #linux? Mayhap don’t just blame #systemd. Try systemd-analyze blame instead. Or make a nice chart with systemd-analyze plot > foo.svg for your next presentation 🙂
I checked some old #backup disks of mine and found to my utmost joy a copy of my former #ut2003 installation. Well, #linuxgaming is hard because who can support 500 distributions, right? How comes this just works in 2020 on #Fedora 31? 😀
Paradox Interactive and Colossal Order are celebrating Cities: Skylines, as it's coming up for the five year mark since it took the city-building world by storm.
What a storm it was too, not much can really come close to just how fun Cities: Skylines actually is. Frankly, it's become the definitive ...
Cities Skylines is a very special game. I sunk way too many hours into this and still enjoy it on occasion.
There’s a nifty plugin that allows to overlay a png image with transparency so one could hobble together a map with imported heights data from e.g. NASA and overlay it with streets, rivers and train tracks from e.g. Google Maps.
This results in recreation of real cities within the engine bringing the hardware to it’s limits.
There are also hundreds of downloadable assets in the workshop.
2019 was a fantastic year for Linux gamers. At the end of the decade we had almost two thirds of the top one thousand steam games rated gold and above in terms of Linux compatibility.
Today I had to access my computer via VNC. There are several manuals how to enable VNC on a typical Linux desktop nowadays. It usually involves some sort of clicking on Sharing => Enable Screenshare and you’re done. It’s really that easy.
How would I do this however remote when I can not access my already running desktop computer via VNC? SSH is enabled on my machines since most of my work involves jumping and tunneling my way through various networks to get stuff done. Just forwarding X was not enough today.
Turns out this is really easy as well. The screensharing feature on my distribution is done with Vino. That’s an integrated #VNC server for #gnome and this is exactly what the user starts by enabling the screenshare feature. Since #Vino is part of gnome it can be configured using gsettings.
So after enabling the screenshare for testing on my laptop I tested for all existing keys by running this listing:
gsettings list-recursively | grep Vino
It’s really short and basically all settings are no-brainers. Only the password had me wondering but it turned out this is just base64 encoded (and also optional). All that is left is running the vino-server binary in the end. This needs the correct environment variable $DISPLAY set since our target is a running X session. This one we can determine by executing the command w and looking for the TTY in use. Hint: It’s :1 in this case.
beko ~ w
20:35:15 up 5:12, 1 user, load average: 1,92, 2,33, 2,37
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
beko :1 15:24 ?xdm? 2:02m 0.00s /usr/libexec/gdm-x-session --run-script /usr/bin/gnome-session
Oh and you should also not connect with the X11 forward option -X because running the vino-server with this will result in some really funny endless picture in picture mode that I did totally not try out by mistake 😉
Now that I had all the information I needed I hacked together this little script that does this more or less automatically so I can forget about this again [and look it up two years later in my own blog]. It’s really crude and your mileage may vary. It does not account for multiple users or multiple running X Sessions:
export DISPLAY=$(w -oush | grep -Eo ' :[0-9]+' | uniq | cut -d \ -f 2)
echo "Display is $DISPLAY"
gsettings set org.gnome.Vino require-encryption true
gsettings set org.gnome.Vino use-alternative-port false
gsettings set org.gnome.Vino disable-background false
gsettings set org.gnome.Vino alternative-port 5900
gsettings set org.gnome.Vino icon-visibility 'client'
gsettings set org.gnome.Vino disable-xdamage false
gsettings set org.gnome.Vino authentication-methods "['vnc']"
gsettings set org.gnome.Vino prompt-enabled false
gsettings set org.gnome.Vino require-encryption true
#pw is just base64 so basically just echo -n 'awesomeness'| base64
gsettings set org.gnome.Vino vnc-password "YXdlc29tZW5lc3M="
gsettings set org.gnome.Vino view-only false
/usr/libexec/vino-server &
export VINOPID=$!
echo "Try vnc://$HOSTNAME:5900/"
echo "vino-server pid may be $VINOPID"
Liam Dawe
Marc Di Luzio
