Mullvad doesn’t support it, but it does work.
I managed to get Mullvad VPN to work on openSUSE and about the only caveat seems to be that the RPM package that supports Fedora 37+ expects that dbus-libs will be named that when it lists its dependencies, otherwise it works fine. I looked around and Mullvad’s only comment is it’s not a priority for them that they have customers who want to pay them and use openSUSE. *sigh*
Do I detect just a hint of Fedora fanboy-ism?
I did sudo zypper install <name of Mullvad RPM package> and it complained about that, so I chose option 2. Break Mullvad by ignoring the “dbus-libs” dependency.
Then it installed it and the other dependencies and everything seems to work and no broken system. (yay!) I set the Lockdown Mode (to make sure nothing can access the internet until the VPN is working) and launch on startup and auto-connect.
It doesn’t appear that anything fails to work properly. I went ahead and did an “Extended DNS Leak Test” and it wasn’t leaking. I checked my IP address and the site showed my Mullvad-assigned VPN ipv4 and no ipv6. (As it should be.)
Then I used TorGuard’s “What is my Torrent IP” page to check and sure enough Transmission leaked the real IPv6.
Then I remembered I had to go into the WiFi settings in NetworkManager in Fedora and set IPv6 to disabled and reconnect to the WiFi and that solved the problem here too.
I did run into one little hair in the soup with SeaMonkey though.
openSUSE didn’t build it with ChatZilla. I’m not really sure how or why, but I suppose I could dump the tarball into /opt.
I downloaded an unpacked the SeaMonkey 2.53.17 tarball into my home directory for now and it seems to work okay there, except somehow (both with my backed up and unpacked profile from Fedora and a blank one) I can no longer get WordPress.com to log in. They must have read about my success and put in more “Diarrhea Code” for GULAG CRASH. ðŸËâº
Also, Leap doesn’t have the latest SeaMonkey (they have 2.53.14 as of this writing) which is alarming because... Web browser and security patches.
Also, while SeaMonkey doesn’t get along famously with all of this “Diarrhea Code” on some sites, they do backport some Web platform code from later Gecko releases and it does make a large difference.
At one point, Element (the Web App version of a Matrix client) wasn’t working at all in SeaMonkey, but now it does, at least the one hosted on nerdsin.space.
As far as KDE, it appears that YaST automatically logs you in if you’re the only user or something.
(There’s a switch to turn this behavior off in the user creation screen in the installer.)
Other than that wtf (in the trial run on my old laptop, then searching how to fix it), the system seems to run okay. I enabled zram with zstd and put an active swap on it (no SWAP partition during setup) and edited /etc/fstab to use BtrFS Compress level 1 with zstd and then defragmented the file system with the compress option to make existing files compressed.
I’m not really amused by the attitude of some of these VPN companies where they don’t think making distribution-specific packages for distributions that have significant users is important. I detect a hint of Fedora fanboyism at Mullvad.
Oh well.
Fedora has been getting a lot more lulzy lately.
Yesterday I had my first HARD (hold the power button down) crash in a long LONG time.
This made it seem more urgent to get away from Fedora considering their OS bugs that are already causing audio glitches. I blogged previously about the bad Fedora updates making my sound card do weird stuff. My spouse was complaining because it makes a high pitched “warbling” screeching sound and sometimes the only way to make it stop is to reboot.
I know what I’m doing with Fedora systems and I always clean up the mess that’s left after a dnf upgrade.
—Obligatory Joke Time—
I’m not like “Security Expert” Matthew J. Garrett who had to go 10 Fed versions at once and couldn’t figure out RPM and Mr. Bean’d the solution because he didn’t know RPM has a switch to ignore signatures.
(Just shoot the light bulb with a pellet gun and replace the bulb every morning. So much easier than learning the light switch.)
—/Obligatory Joke Time—
—Security—
We had more sockpuppets in TechRights this morning. “He Who Would Never Commit a Cybercrime” appears to have spewed some CTCP crap in our IRC channel that was vaguely meant to look like some sort of l33t h4x0ring or something….I don’t know why. (Roy says he got some too.) Just some jerk that was trying to see if I thought something was actually happening. So that was a minor distraction for about a few seconds I guess.
Although it does give me time to turn to a rather unfortunate default setting in openSUSE that sshd is on by default and the port is open, and if you aren’t observant in the installer, you might miss that. (What is this? Windows 98!? Come back, you forgot to include NetBIOS!)
Although I do need to give them points for letting you remove “shim” for “Secure Boot” since it’s off in my firmware and I won’t ever turn it on. There is no actual security advantage from leaving it on, it only puts Microsoft in control of what you can boot.
Even Spectre/Meltdown mitigations are configurable. If you have an old system that it slows down way too much (the old stuff where process context id is not a CPU feature, especially), you can risk it. Sadly, it’s mostly this “Clown Computing” and Modern Web shit that’s putting people at much risk from these chip bugs.
—/Security—
—Fedora and IBM Rant—
The situation in Fedora is not just IBM Red Hat’s hate speech trolls. Oh no, if it was only that they had losers on IRC flaming people and kicking them out of some dumb room, I could totally get past that. Hell, I know more about Fedora than most of the moderators (who use Edge on Windows and Safari on Mac in the case of fedora-kde).
It’s that the thing is falling down like a termite-infested house. I’m betting we get one, maybe two more releases before it’s either so awful you’d have to be out of your mind to consider installing it on something or IBM finally pulls the plug.
I had considered using a RHEL clone, then quickly decided against it when IBM Red Hat went further in hiding their source code. They are not a Free Software company.
Now, what I need to remember to do next time is tidy things up instead of littering the SSD with stuff from the director who brought you Untitled Document 1 and Untitled Document 2, the Untitled Document series spanning more than Taken.
—/Fedora and IBM Rant—
And how many times can they take Liam Neeson’s family hostage?
Aaaaand….
Before I got around to posting this, I managed to finish up my backups and get openSUSE Leap 15.5 on my main laptop.
Things I’ve learned so far (from breaking it on my other laptop a few times and finding issues with my Gen12 Intel Tiger Lake laptop):
KDE has gotten a lot better since the last time I tried it. It’s very fast and I have yet to run into any real problems. Just the usual post-install run around changing all the preferences.
The user interface of KDE reminds me how much I really disliked GNOME’s Human Interface. (Broken iPhone with One Button Meets Windows 8.)
You can get used to anything….
Anyway, quirks I ran into along the way that may be worth noting in case I run into them again:
openSUSE ships broken and gimpy Mesa and media codecs, like Fedora did, because of US patents. But like Fedora’s RPM Fusion, you have “Packman” for openSUSE. Fixing this problem involved visiting this official Wiki page and selecting the instructions from Option 1, the OBS Package Installer, to change to the codecs and Mesa from Packman.
When I was done with that, I still didn’t have Vulkan graphics API support for my Intel GPU, just OpenGL, or Video Acceleration API for GStreamer codecs.
No Problem, a trip to Yast Software now offered that, I think. It was just there being offered, so I hit apply and reboot and vulkaninfo showed that Vulkan was now working. I think that’s how I fixed it.
Sound didn’t work, turned out to be a missing sound firmware, but I installed it with sudo zypper install sof-firmware and then went to Yast and had it automatically configure my Tiger Lake Sound Chipset in the Sound applet.
I specifically chose everything on btrfs and to remove everything Fedora did to the SSD, and then I set up BtrFS with Compression and zram with a swap.
(Some of this appears to be outdated already. On my system, it only created one zram device of the size of my installed physical RAM, and put a swap device on it, which is what I wanted it to do.)
All around, I can say that openSUSE could use a lot of polishing if it wants to appeal to casual and novice users. I probably wouldn’t recommend it to people who can already barely poke around a Mac or something, but technically-inclined users should be able to get a productive desktop OS set up in fairly short order. (Though I would recommend tossing it around on a spare computer for a few days.)
I’d say that the technical underpinnings are what I’m looking for, and Leap is based on an enterprise Linux distribution, and one where everyone can actually look and see what’s in it.
—Another IBM/Fedora Rant—
IBM Red Hat has been running around basically threatening people that if they show you what’s in the Linux kernel that RHEL uses, they’ll cancel your subscription, no refund.
Do they have a legal right to cancel a subscription when the GPL clearly says they can’t impose further terms on people? That’s obviously something that’s in a legal gray area.
All I know is that it’s ethically disgusting and flies in the face of the spirit of Free and Open Source Software.
Sadly, the march towards this behavior started long before IBM. Years before IBM even bought the company, Red Hat said they were no longer going to break out patches. They would just release the full source code.
This was meant to make it difficult to easily figure out what they had done, but it was certainly allowed by the GPL. I think that they’re just behaving like Canonical, Oracle, and Google now, and violating laws, norms, and customs and daring anyone to do anything about it because you’d be up against IBM even if you did.
I wasn’t going to switch operating systems from Fedora just over that, but it certainly wasn’t helping their case any.
I would never recommend someone standardize on what Nancy Pelosi might call, “Pass it so you can find out what’s in it.”.
I also didn’t want to plant myself on an enterprise distribution based on RHEL only to find out that they were going to threaten people if they divulged what was in userspace too. I mean, they could go there. They’ve done this. Why wouldn’t they go there?
At the moment, you could probably cobble together an OS that’s like 99.97% RHEL out of the userspace of RHEL (no longer provided as source RPMs, obviously to harass the rebuild process) and a kernel plucked from CentOS, and it would be very very close, but again, it wouldn’t be “exactly” RHEL.
This is where they are now, but as we’ve seen before, IBM is terrified of Oracle eating their lunch.
Obviously, Debian 12 just came out, and there’s Ubuntu Long Term Support, but honestly Canonical is at least as toxic as IBM and not even 20% as competent.
So that left me at Debian 12 or openSUSE Leap 15.x and it was a coin toss at that point and I just evaluated openSUSE first and determined that they did decent work and I could manage this.
The pain of switching operating systems after you’ve been on one for a few years is significant. It’s also fundamentally incompatible with “Don’t make me do things.”
So I did not make this decision lightly. To draw a comparison, this Fedora thing is like trying to settle on a substandard foundation where bad contractors are constantly working, never finished, day and night, and trying to make the best out of it.
That was okay when Fedora had a community that hadn’t disappeared, and before IBM Red Hat started mass layoffs. There’s a brain drain, a massive one, and you have people like “Khaytsus” staffing the chat rooms. Why in God’s name did I ever go in there?
Nobody in there knows as much as I already do about Fedora. 90% of the moderators use Windows and Macs. About all I got for my trouble was being k-lined from all Libera Chat (again), because I let one of their peckerhead idiot moderators goad me into talking back instead of just giving up on Fedora where I was at and realizing it was time to go.
Nobody at Fedora has taken any action on the Code of Conduct report I filed against Khaytsus. I would believe you if you told me that everyone it signed up for the issue isn’t even in the project anymore and nobody turned off the light.
I don’t encourage new users to install Fedora and get comfortable and lay the mounting problems aside and let them slowly get worse.
At this rate, I do wonder how long until IBM just taps out of it and declares that you can use CentOS Stream if you want to risk a broken operating system at any minute testing “candidate updates” (you’re the guinea pig) for RHEL.
They don’t actually need Fedora for any of IBM’s ambitions at this point and it shows.
Roy Schestowitz commented that Planet Fedora is a ghost town now.
—/Another IBM/Fedora Rant—
Finally, a humorous observation about openSUSE.
Some screen chatter went by earlier while I was using zypper up to fetch my security updates.
Something complained that the part of systemd that Red Hat figured would be just a super fantastic idea, which shits binary core dumps (crash dumps) into your system logs, is apparently not included with openSUSE.
I just thought it was interesting that it has systemd but they’re obviously not wild about at least some of it.
Then again, you know systemd is there because I got the infamous “A stop job is running on….” with the 1 minute 30 second timer before the OS declares “It’s dead, Jim.” and turns off the computer, presuming nothing else does it.
I must remember to do what I did on Fedora where it happened constantly and reduce the timer to 30 seconds. ⬆