Install OneDrive client for Linux on Debian 11 Bullseye

The OneDrive Client for Linux supports one-way as well as two-way synchronisation and securely connects to Microsoft OneDrive services. Install the OneDrive Client with the following commmand:

sudo -- bash -c 'apt update && apt install onedrive'

Connect the client to your OneDrive account with the following command:

onedrive --synchronize

You will be presented with a message similar to the following:

Configuring Global Azure AD endpoints
Authorize this app visiting:

https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id&scope=Files.ReadWrite%20Files.ReadWrite.all%20Sites.Read.All%Sites.ReadWrite.All%20offline_accessresponse_type=code&redirect_uri=https://login.microsoftonline.com/common/oauth2/nativeclient

Enter the response uri:

Use the link to sign into your Microsoft account with a web browser. On successful login, you will be redirected to the response URI displaying a blank page. Copy the URI and paste it into the terminal. On successful authorisation, the client will connect to your Microsoft account and begin to download your data.

Initializing the Synchronization Engine …
Syncing changes from OneDrive …
Creating local directory:
Downloading file … done.
Uploading differences of ~/OneDrive
Uploading new items of ~/OneDrive

After downloading your data to ~/OneDrive, validate the configuration of the client with the following command:

onedrive --display-config

Enable OneDrive Client for the local user bullseye:

sudo -- bash -c 'systemctl enable onedrive@bullseye.service && systemctl start onedrive@bullseye.service && systemctl status onedrive@bullseye.service'

10 things to do after installing Debian 11

Are you unable to get a list of updates?

Using the Software application, you may run into the following error message when checking for updates:

Unable to get list of updates:
Failed to update metadata for lvfs: checksum failure: failed to verify data, expected yJcztsgVmmvtkn9na5YyQVdyqFNIXlzYUgrACKX

Run the following command to fix the issue:

$ fwupdmgr --force refresh

Enable Network Manager to manage all interfaces

Network manager detects and configures network interfaces to automatically connect your system to available networks. By default, however, it will only recognise network interfaces not declared in /etc/network/interfaces.

Use the following command to open /etc/network/interfaces and delete or comment out any configuration details for the primary network interface.

$ sudo nano /etc/network/interfaces

Use the following command to open /etc/NetworkManager/NetworkManager.conf and set managed=true.

$ sudo nano /etc/NetworkManager/NetworkManager.conf

Restart NetworkManager with the following command:

$ sudo service NetworkManager restart

Re-enable network interfaces now managed by NetworkManager.

Settings > Network

Install TLP

If you have installed Debian 11 on a laptop, consider installing TLP to further optimise battery life.

$ sudo apt-get install --yes tlp && sudo tlp start

Use the following command to check that TLP is enabled and active:

tlp-stat -s

Enable unattended upgrades

If you would like to enable the unattended installation of important upgrades, run the follwoing command:

$ sudo dpkg-reconfigure unattended-upgrades
Configuring unattended-upgrades

Automatically download and install stable updates? Yes

Install neofetch

Neofetch is a command-line tool that displays information about your system next to an operating system logo.

$ sudo apt-get install --yes neofetch

If you would like neofetch to display every time you open a new terminal, open .bashrc with the following command:

$ nano ~/.bashrc

Append the following text:

# use Neofetch to display information about the system
if [ -f /usr/bin/neofetch ]; then
    clear && neofetch;
fi

Apply the changes with the following command:

$ source ~/.bashrc

Enable Plymouth to display a splash screen during boot

Plymouth can be used to replace the text output with a graphical splash screen during system boot. Install Plymouth with the following command:

$ sudo apt-get install -yes plymouth plymouth-themes

Edit the file /etc/default/grub with the following command:

$ sudo nano /etc/default/grub

Set the value for GRUB_TIMEOUT to the number of seconds the grub menu is displayed before booting the default entry.

GRUB_TIMEOUT=2

Add the splash option to GRUB_CMDLINE_LINUX_DEFAULT:

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"

Set the resolution for the graphical terminal. If supported, you can set it to match the resolution of your monitor.

GRUB_GFXMODE=1920x1080

Apply the changes with the following command:

$ sudo update-grub2

During boot, you can press the [Esc] key to view the messages.

Hide the snap directory

The snap directory in your home folder is not supposed to be accessed manually. Use the following command to hide it from view:

$ echo snap >> ~/.hidden

Hide the Desktop directory

The Desktop feature was disabled in GNOME 3.28. While this decision was not universally popular, developers pointed to the fact that, as an unmaintained feature, it stood in the way of other improvements. Use the following command to hide the associated Desktop folder from view:

$ echo Desktop >> ~/.hidden

Install Syncthing for continuous file synchronisation

Syncthing reliably synchronises files between two or more computers. Its usefulness cannot be overstated. Add the release key with the following command:

$ sudo curl -s -o /usr/share/keyrings/syncthing-archive-keyring.gpg https://syncthing.net/release-key.gpg

Add the syncthing repository with the following command:

$ sudo echo "deb [signed-by=/usr/share/keyrings/syncthing-archive-keyring.gpg] https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list

Install syncthing on your system with the following command:

$ sudo -- bash -c 'apt update && apt install --yes syncthing'

Enable syncthing for the local user bullseye:

$ sudo -- bash -c 'systemctl enable syncthing@bullseye.service && systemctl start syncthing@bullseye.service && systemctl status syncthing@bullseye.service'

Access the Syncthing configuration page by using your browser to navigate to the following address:

https://localhost:8384

Use the following command to enable port forwarding on your local machine:

$ sudo ufw limit syncthing

Install Virtual Machine Manager

If you would like run virtual machines from your desktop, start with the following command:

$ grep -E --color 'svm|vmx' /proc/cpuinfo

If the output shows svm or vmx in red, then virtualisation extensions are enabled and you are good to go. If not, then you need to enable virtualisation extensions before moving on the the next step.

Enable Debian Backports with the following command:

$ sudo -- bash -c 'echo deb http://deb.debian.org/debian bullseye-backports main >> /etc/apt/sources.list.d/backports.list && apt-get update'

Proceed to install virt-manager with the following command:

$ sudo apt-get install --yes virt-manager libguestfs-tools swtpm-tools python3-guestfs

With only members of the group libvirt allowed to run virt-manager, add the local user bullseye to the group:

$ sudo adduser bullseye libvirt

If you would like to obtain near native performance, there are important considerations to be aware of when configuring a virtual machine.

Install Google Chrome

An official build of Google Chrome is available neither as a snap nor flatpak. This ties in with what Martin Wimpress had to say in a recent episode of the LINUX Unplugged podcast.

If, after listening to Martin, you would still like to use Google Chrome, download the official Google Chrome for Linux installer with the following command:

$ wget -P ~/Downloads --show-progress https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

Install Google Chrome with the following command:

$ sudo dpkg -i ~/Downloads/google-chrome-stable_current_amd64.deb

When you launch Google Chrome for the first time, it will ask you to:

[ ] make Google Chrome the default browser
[ ] Automatically send usage statistics and crash reports to Google

OK

Disable both these options. If required, you can always re-enable them later.

With thanks to Joey Sneddon and OMG!Ubuntu!

How to install Debian 11 Bullseye with a GNOME desktop

Debian GNU/Linux was first released way back in 1993 and has been under active developement ever since. Today, the Debian Project unites thousands of contributors from across the globe with the aim of producing “an operating system distribution that is composed entirely of free software”.
www.debian.org

These instructions offer a straightforward path to the GNOME 3.38 desktop running on amd64 hardware. You need a reasonably fast connection to the Internet, an Ethernet connection to your router and a bootable Debian CD image.

It is probably easiest to write such an image to a USB storage device and use that for installation. If the only computer you have access to is running Windows, I would suggest you use Rufus as a means to create a bootable USB flash drive. Depending on your acutal requirements, there are many different Debian images to choose from. If you are following these instructions to install on x86-64 hardware, use the unofficial firmware-11.6.0-amd64-netinst.iso, which supports Intel as well as AMD processors and “includes non-free firmware for extra support for some awkward hardware”.

In case your laptop does not have the required Ethernet port, you might consider using the Plugable USB 3.0 Gigabit Ethernet Adapter as an alternative.

Debian GNU/Linux will be the only operating system installed on your computer. Ensure that all of your data is safely backed up elsewhere because formatting your storage device will lead to the loss of all data.

In the examples which are to follow, debian is used as the hostname and bullseye as the username. You may of course substitute any names that you prefer. Just be careful to also make the required changes before blindly executing any of the commands. Decide on an encryption passphrase to encrypt your storage device, a user password to secure your user account and a root password to secure the root account. In addition to Debian packages, Flatpaks and Snaps will be enabled as well.

Installing the base system

If your computer uses the Unified Extensible Firmware Interface (UEFI) and you are unsure about which settings to use, you may wish to disable the Secure Boot option for the initial setup.

Step 1

After booting the system from the USB stick that you have prepared, continue by selecting the text based installer. With Secure Boot enabled, the menu will look different. Options, however, will be the same.

Step 2

Keep English as the language for the installation.

[!!] Select a language

Language: English

Step 3

Select United States as the location for your system. This will also set United States as the default locale for the system environment. You will have an opportunity to set additional locales and adjust time zones at a later point during the installation.

[!!] Select your location

Country, territory or area: United States

Step 4

Use the keymap that is the correct one for your particular keyboard.

[!!] Configure the keyboard

Keymap to use: your keyboard

Step 5

If your system has multiple network interfaces, set your Ethernet interface as the primary interface to use during the installation.

[!!] Configure the network

Primary network interface: choose your Ethernet interface for installation

If your system has multiple Ethernet interfaces and you are presented with the following dialog, select Continue and Go Back to select a different Ethernet interface.

[!!] Configure the network

Network autoconfiguration failed
Your network is probably not using the DHCP protocol. Alternatively, the DHCP server may be slow or some network hardware is not working properly.

Continue

Step 6

Set the hostname for your system. In this example, we use debian as the hostname.

[!] Configure the network

Hostname: debian

Continue

Set the domain name for your system. If you are setting up on a home network, you should use home.arpa as the domain name.

[!] Configure the network

Domain name: home.arpa

Continue

Step 7

Leave the root password empty to ensure the standard user account will be configured with sudo privileges automatically.

[!!] Set up users and passwords

Root password: leave empty

Continue

Confirm the empty root password.

[!!] Set up users and passwords

Re-enter password to verify: leave empty

Continue

Create the standard user. In this example, we use Bullseye as the full name for the standard user.

[!!] Set up users and passwords

Full name for the new user: Bullseye

Continue

Your username should start with a lower-case letter. In this example, bullseye is a reasonable choice for the user with the full name Bullseye.

[!!] Set up users and passwords

Username for your account: bullseye

Continue

Set a password for the new user.

[!!] Set up users and passwords

Choose a password for the new user: your user password

Continue

Confirm the password for the new user.

[!!] Set up users and passwords

Re-enter password to verify: your user password

Continue

Keep Eastern as the time zone for now.

[!] Configure the clock

Select your time zone: Eastern

Step 8

Choose to partition your disk with LVM and protect your data with a 256 bit AES key.

[!!] Partition disks

Partitioning method: Guided - use entire disk and set up encrypted LVM

Be careful to select the correct target device for your system.

[!!] Partition disks

Select disk to partition: your target disk for installation

Choose to keep all files in one partition.

[!!] Partition disks

Partitioning scheme: All files in one partition (recommended for new users)

Now write the changes to disk.

[!!] Partition disks

Write the changes to disk and configure LVM?

Yes

You may skip the overwriting of the disk with random data by selecting Cancel. Please be aware, however, that skipping this step will cause a reduction to the quality of the encryption.

Step 9

Enter your encryption passphrase.

[!!] Partition disks

Encryption passphrase: your encryption passphrase

Continue

Confirm your encryption passphrase.

[!!] Partition disks

Re-enter passphrase to verify: your encryption passphrase

Continue

You probably want to use the maximum available space for partitioning the disk.

[!!] Partition disks

Amount of volume group to use for guided partitioning: max

Continue

Step 10

Write the changes to disk.

[!!] Partition disks

Finish partitioning and write changes to disk

Confirm writing the chages to disk.

[!!] Partition disks

Write the changes to disks?

Yes

Step 11

You may be asked to scan additional installation media.

[!] Configure the package manager

Scan extra installation media?

No

Select your archive mirror country from the list.

[!] Configure the package manager

Debian  archive mirror country: your country

Select the archive mirror from the list. For the fastest downloads, use the site that is closest to you.

[!] Configure the package manager

Debian archive mirror: mirror closest to you

You probably won’t need to configure an HTTP proxy:

[!] Configure the package manager

HTTP proxy information (blank for none): leave empty

Continue

Step 12

The Debian Popularity Contest attempts to map the overall usage of Debian packages with information from installed systems, such as yours.

[!] Configuring popularity-contest

Participate in the package usage survey?

Yes

Step 13

Choose standard system utilities from the list of predefined software collections and deselect all other entries.

[!] Software selection

Choose software to install:
[ ] Debian desktop environment
[ ] GNOME
[*] standard system utilities

Continue

Step 14

Install the GRUB boot loader to your primary drive.

[!] Install the GRUB boot loader

Install the GRUB boot loader to your primary drive?

Yes

Select your target device from Step 8 as the device for boot loader installation.

Step 15

Remove the installation media before booting into your new system.

[!!] Finish the installation

Installation complete

Continue

Installing the GNOME desktop

You have now successfully installed Debian GNU/Linux on your computer. As yet, there is no graphical user interface.

Step 16

Enter your encryption passphrase to boot into the system for the first time. In this example, the encrypted disk is labelled sda3_crypt.

Please unlock disk sda3_crypt: your encryption passphrase

Log into the system with your username and user password.

Debian 11 GNU/Linux 11 debian tty1

debian login: bullseye
Password: your user password

Step 17

Set a password for the root user by entering the following command. In a first step, you will be asked for your user password to gain sudo privileges:

$ sudo passwd root

Step 18

Install a minimal GNOME desktop by entering the following command:

$ sudo apt-get install --yes gnome-core

If you are installing into a virtual machine, use the following command to enable copy and paste between host and the guest:

$ sudo apt-get install --yes spice-vdagent

Step 19

Restart your system.

$ sudo reboot

Step 20

Enter your encryption passphrase to boot into the system.

Please unlock disk vda3_crypt: your encryption passphrase

Log into the GNOME desktop environment.

Step 21

From within the GNOME desktop, open Firefox ESR from the Activities menu and re-open these instructions at edafe.de/debian-howto.

Step 22

GNOME power options by default are unfavourable. Open the Settings application from Show Applications under the Activities menu and adjust the power options.

Power Saving

Settings > Power > Power Saving > Automatic Suspend

Suspend & Power Button

Settings > Power > Power Button Behaviour: Power Off

Step 23

Continue by setting the following keyboard shortcuts:

File manager

Settings > Keyboard Shortcuts > Home folder
Shortcut: [Super + f]

Web browser

Settings > Keyboard Shortcuts > Launch web browser
Shortcut: [Super + b]

Maximising windows vertically

Settings > Keyboard Shortcuts > Maximize window vertically
Shortcut: [Ctrl + Super + ↑]

Terminal application

Define a custom shortcut for launching the terminal by scrolling to the bottom of the list and clicking the + sign.

Settings > Keyboard Shortcuts > +
Name: Launch Terminal

Command: gnome-terminal

Shortcut: [Super + t]

Step 24

Open a terminal with [Super + t] and, where applicable, use copy and paste to enter the commands set out on this page. Be careful not to miss any punctuation.

Set the time zone for your area.

$ sudo dpkg-reconfigure tzdata
Configuring tzdata

Geographic area: your area

Ok

Configure locales for all the languages that your system is going to be used with. Use UTF-8 locales wherever possible.

$ sudo dpkg-reconfigure locales

In this example, German and Japanese locales are generated in addition to the default locale for the system environment.

Configuring locales

Locales to be generated:

[*] de_DE.UTF-8 UTF-8
[*] en_US.UTF-8 UTF-8
[*] ja_JP.UTF-8 UTF-8

OK

Keep en_US.UTF-8 as the default locale for the system environment.

Configuring locales

Default locale for the system environment:

en_US.UTF-8

OK

Step 25

Add the non-free and contrib repositories to enable the selection of packages that do not meet the Debian Free Software Guidelines or otherwise depend on such packages for their operation.

$ sudo -- bash -c 'apt-add-repository non-free && apt-add-repository contrib && apt-get update'

Step 26

Install additonal Debian packages to provide you with a functional GNOME desktop.

$ sudo apt-get install --show-progress --yes aptitude cheese cups curl deja-dup file-roller firmware-iwlwifi firmware-linux gnome-clocks gnome-color-manager gnome-maps gnome-remote-desktop gnome-screenshot gnome-shell-extension-bluetooth-quick-connect gnome-shell-extension-dashtodock gnome-shell-extension-no-annoyance gnome-shell-extension-shortcuts gnome-software-plugin-flatpak gnome-software-plugin-snap gnome-sound-recorder gnome-tweaks gstreamer1.0-vaapi libavcodec-extra mpv printer-driver-cups-pdf rhythmbox-plugin-alternative-toolbar rsync seahorse shotwell synaptic transmission-gtk ttf-mscorefonts-installer ttf-ubuntu-font-family ufw yubioath-desktop

Step 27

Enable the firewall on your new Debian system.

$ sudo ufw enable

Step 28

Install applications from the Snap Store with the following command:

$ sudo snap install bitwarden chromium foliate keepassxc libreoffice

Step 29

Enable the installation of applications from Flathub with the following command:

$ sudo -- bash -c 'flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo'

Step 30

Add to the capabilities of the Network Manager by installing the components required for IPSec and OpenVPN protocols.

$ sudo -- bash -c 'apt-get install --yes --show-progress network-manager-vpnc-gnome network-manager-openvpn-gnome network-manager-config-connectivity-debian'

Step 31

After restarting the system and loggin back into the GNOME desktop, launch Firefox ESR to re-open these instructions at edafe.de/debian-howto.

$ sudo reboot

Step 32

Open a terminal with [Super + t] and install applications from Flathub.

$ sudo flatpak install --assumeyes flathub com.github.jeromerobert.pdfarranger com.system76.Popsicle org.cryptomator.Cryptomator nl.hjdskes.gcolor3 org.pulseaudio.pavucontrol org.gnome.gitlab.somas.Apostrophe

All done!

Prevent yourself from accidentally breaking Debian by reading about some of the most commonly made mistakes.

Executing Linux commands in the background using screen

The screen command allows you to detach a running process from a session and then reattach it at a later time. Its use is simple:

user@debian:~$ screen yourlinuxcommand

Now that yourlinuxcommand is executing, press Ctrl+A followed by D to detach the screen.
Obtain a list of all the running screen processes:

user@debian:~$ screen -ls
There is a screen on:
       18470.pts-0.server(02/03/14 10:03:43) (Detached)
1 Socket in /var/run/screen/S-user.

Note the screen id in the above output. Use the screen id to reattach the session at anytime:

user@debian:~$ $ screen -r 18470.pts-0.server

www.thegeekstuff.com, www.linuxjournal.com

The Debian Administrator’s Handbook

“We wanted the book to be freely available (that is under the terms of a license compatible with the Debian Free Software Guidelines of course). There was a condition though: a liberation fund had to be completed to ensure we had a decent compensation for the work that the book represents. This fund reached its target of €25K in April 2012.” Raphaël Hertzog and Roland Mas hope that you will enjoy the book.
debian-handbook.info

Redirecting mail for the local root user

postfix is Ubuntu’s default mail transfer agent (MTA) and can be configured to deliver mail using a relay host that requires SMTP authentication. Get the necessary packages with the following command:

user@ubuntu:~$ sudo apt-get install postfix bsd-mailx

Begin to configure your postfix installation by choosing satellite system as the general type of configuration. Enter the local machine name as the mail name (eg mycomputer.edafe.de) and the SMTP server address of your email service provider as the SMTP relay host (eg smtp.relayhost.com). Edit the file /etc/postfix/main.cf and add the following:

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous

Create the file /etc/postfix/sasl_passwd and make the following entries:

smtp.relayhost.com user:password

Substitute smtp.relayhost.com with the address of the SMTP relay host and user:password with your login details. Continue by executing the following three commands:

user@ubuntu:~$ sudo chown root.root /etc/postfix/sasl_passwd
user@ubuntu:~$ sudo chmod 600 /etc/postfix/sasl_passwd
user@ubuntu:~$ sudo postmap hash:/etc/postfix/sasl_passwd

Instruct postfix to reload its settings with the following command:

user@ubuntu:~$ sudo /etc/init.d/postfix reload

Making changes to the alias table

The aliases table provides a system-wide mechanism to redirect mail for local recipients. Edit the file /etc/aliases to contain the following entries:

postmaster: root
root: localuser
localuser: user@yourdomain.com

The localuser is the system administrator. Substitute user@yourdomain.com with the email address that you would like mail for the root user to be redirected to. Finally, update /etc/aliases.db using the following command:

user@ubuntu:~$ sudo newaliases

Mail for the local root user from now on will automatically be forwarded to user@yourdomain.com , using smtp.relayhost.com as the relay host.
www.postfix.org, help.ubuntu.com

Monitoring hard disks with smartmontools

SMART stands for Self-Monitoring, Analysis and Reporting Technology and is built into most modern hard disks. The smartd daemon is part of smartmontools and monitors a disk’s SMART data for any signs of hardware problems. SMART is available with Parallel and Serial ATA disks, drives appearing as either /dev/hd* or /dev/sd*, respectively. Use the following command to obtain relevant information for your system:

user@ubuntu:~$ df -hl

If required, start by configuring postfix to redirect mail for the local root user. Get the necessary packages with the following command:

user@ubuntu:~$ sudo apt-get install smartmontools bsd-mailx

Configuring smartd

Edit the file /etc/smartd.conf and comment out any lines beginning with DEVICESCAN. If you are using a netbook or a laptop, add the following line for the smartd daemon to monitor the device /dev/sda:

/dev/sda -a -d ata -n standby -o on -S on -m root -M daily -M test

If you are using a desktop or a server, add the following line for the smartd daemon to monitor the device /dev/hda:

/dev/hda -a -d ata -n never -o on -S on -s (L/../../7/04|S/../.././02) -m root -M daily -M test

See man smartd.conf for more information on how to tailor the operation of smartd to your needs.

Starting smartd

Edit the file /etc/default/smartmontools and uncomment the line containing start_smartd=yes. Restart the smartd daemon with the following command:

user@ubuntu:~$ sudo /etc/init.d/smartmontools restart

Verify that the local root user has received a test message from the smartd daemon. From now on, the smartd daemon will monitor the disk and, in the event of impending disk failure, alert the local root user by email.

Still sending naked email?

“In a world of repressive governments and a growing reliance on insecure networks, there’s no way anyone can be sure their most sensitive messages aren’t intercepted by the forces of darkness. But you can make it mathematically improbable that all but the most well-funded snoops could ever make heads or tales of your communications.” Use Dan Goodin’s step-by-step guide to email encryption and keep your communications private.
www.theregister.com

Editing configuration files with nano

There are many different tools that you can use to edit configuration files. Because of its simplicity, I personally like to use Nano:

user@ubuntu:~$ sudo nano /path/to/the/file

You can change the default settings for nano by editing its configuration file. For example, to stop nano from wrapping text simply make the following changes to /etc/nanorc:

## Don't wrap text at all.
set nowrap

www.nano-editor.org