Linux on MacBook Air with NVIDIA drivers

In order to use the proprietary NVIDIA driver on a MacBook Air 3,1 (11-inch, late 2010) with the NVIDIA GeForce 320M chipset booting openSUSE Leap 42.1 in EFI mode, create the file /etc/grub.d/01_enable_vga.conf with the following content:

set -e

# Initialize the PCI-E registers of MBA 3,1 for the nvidia driver

cat << EOF
btrfs-mount-subvol /dev/sda3 /boot/grub2/x86_64-efi /@/boot/grub2/x86_64-efi
insmod setpci
setpci -s "00:17.0" 3e.b=8
setpci -s "02:00.0" 04.b=7

and run grub2-mkconfig -o /boot/grub2/grub.cfg to update the bootloader configuration. Be aware that you might need to determine the PCI bus ids for your machine first by running lshw -businfo -class bridge -class display as described in this post on askubuntu. (Please note that using only the setpci command as suggested in that post for Ubuntu systems does not suffice on openSUSE systems, because on this system the setpci functionality is provided as a separate GRUB module and must be loaded explicitly with the insmod command; since the GRUB modules are not installed on the boot partition, their location has to be mounted first using the btrfs-mount-subvol command.)

Reboot and verify that the settings have actually been applied by running the setpci command on the command line as root without the part after the equal sign (e.g. setpci -s "00:17.0" 3e.b). This should return the values assigned before, i.e. 8 or 7 respectively.

Then proceed installing the nvidia driver by choosing the appropriate package on the openSUSE Community website. In my case (NVIDIA GeForce 320M), that means choosing the „Geforce 8 series and later“ option.


My i3 dual screen workflow

Using the i3 tiling window manager on two screens („outputs“) can be challenging. The number of workspaces grows twice as fast than with a single screen setup and it is easy to lose track of the numbers and contents of workspaces. For me personally it is more intuitive to remember a certain sequence of workspaces on each screen, which seemingly extends above and below the workspace presently displayed. (It may be that this intuition has been coined by using the GNOME Shell over extended periods.)

In order to achieve a comparable user experience within i3, I use the following Python script with the keybindings presented below. The script is inspired by an article on the i3 homepage by user captnfab. It has one dependency: ziberna/i3-py, which can be installed with pip3 install i3-py. As is apparent from the keybindings, Ctrl+Alt+Up/Down are used to switch the present workspace on the focused output. With the same keys together with +Shift you can take the focused window with you.

# by Fabian Stanke
# Sequentially switch workspaces on present output

import i3
import argparse

parser = argparse.ArgumentParser(
    description='i3 workspace switcher.')

    '--move', action='store_true',
    help='take the focused container with you when moving.')
    'direction', choices=['next', 'prev'],
    help='defines in which direction to switch.')

args = parser.parse_args()

workspaces = i3.get_workspaces()

# Determine focused workspace (and thus the focused output)
focused_ws = next((w for w in workspaces if w['focused']))

# Collect all workspaces of the focused output
ws_names = list(w['name'] 
                for w in workspaces 
                if w['output'] == focused_ws['output'])

# Determine position of focused worspace in that collection
idx = ws_names.index(focused_ws['name'])
target = focused_ws['name']

if args.direction == 'next':
	# Determine next workspace	

	if (idx + 1 < len(ws_names)):
		target = ws_names[idx + 1]
		# Determine last number used on this output
		maxidx = 1
		# Determine unused numbers 
		used = {}
		for w in workspaces:
				widx = int(w['name'])
				used[widx] = True
				if w['output'] == focused_ws['output']:
					maxidx = max(widx, maxidx)
		# Increment to create new name
		while used.get(maxidx, False):
			maxidx += 1
		target = str(maxidx)

elif args.direction == 'prev':
	# Determine previous workspace

	if (idx - 1 >= 0):
		target = ws_names[idx - 1]
	#else remain at first workspace

if args.move:
	# Move the focused container to the target workspace first
	i3.command('move', 'container to workspace ' + target)

# Switch
#print("switch to " + target)

My preferred keybindings to actually use the above script are:

bindsym Ctrl+Mod1+Down exec next
bindsym Ctrl+Mod1+Up exec prev
bindsym Ctrl+Mod1+Shift+Down exec --move next
bindsym Ctrl+Mod1+Shift+Up exec --move prev

Rollback Debian Upgrade

A single Debian upgrade (apt-get upgrade) can be rolled back with the following command. The upgrade is identified by its date and time, which has to be looked up from /var/log/apt/history.log first.

grep -A 2 'Start-Date: 2016-06-26  17:38:49' /var/log/apt/history.log | tail -1 | sed -r -e "s/Upgrade: //" -e "s/([^:]+):amd64 \(([^,]+), [^,]+\),?/\1=\2/g" | xargs apt-get install

Interoperating Exim with Rspamd

Recently I have been implementing Rspamd for providing some automatic filtering for the emails hosted on my server, which are presently delivered by Exim to the Dovecot LDA.

For integrating Exim with Rspamd, I followed the Rspamd manual, but thing weren’t exactly working as expected.

I was frequently getting error messages such as:

Feb  7 11:10:44 stanke rspamd[2939]: (normal) <3a1c27>; task; accept_socket: accepted connection from port 51289
Feb  7 11:10:44 stanke rspamd[2939]: (normal) <3a1c27>; task; rspamd_worker_error_handler: abnormally closing connection from:, error: IO timeout

with Exim at the same time reporting

2016-02-07 11:10:44 1aSMIm-0005QH-3P spam acl condition: Broken pipe on spamd socket
2016-02-07 11:10:44 1aSMIm-0005QH-3P []:49767 Warning: ACL "warn" statement skipped: condition test deferred

In the majority of cases however the scan succeeded, so that a general misconfiguration could be ruled out. For some reason the socket connection between Exim and Rspamd seemed to break in some cases. I tried playing with the spamd_address options of exim, in particular with tmo and retry (see the Exim documentation on content scanning at ACL time), but to no avail.

What seems to have fixed the problem however was to define two entries for spam servers that Exim can connect to, despite the fact that they both refer to the same Rspamd instance. Exim seems to simply switch to the next (in fact same) server when seeing a „broken pipe“ and the reconnect seems to suffice to iron things out. Here is the relevant snippet to be inserted in /etc/exim4/conf.d/main/02_exim4-config_options:

spamd_address = 11333 tmo=1m retry=10s variant=rspamd : \
       11333 tmo=1m retry=10s variant=rspamd

fgallery on Mac OS X

fgallery is a generator for beautiful static web galleries, which I used e.g. for producing The instructions on it’s website for running on OS X however do not overlap with my preferences (i.e. are not based on Homebrew).

To get fgallery running on OS X using Homebrew, the following steps worked for me:

brew install imagemagick lcms2 jpeg jpegoptim pngcrush fbida
cpan -i JSON JSON::XS Image::ExifTool
export PERL5LIB=$BREWPATH/Cellar/exiftool/9.61/libexec/lib:$HOME/perl5/lib/perl5
./fgallery --help

Videos komprimieren

Da meine Canon S95 aufgenommene Filme als riesige MOV Dateien speichert, müssen sie komprimiert werden, um nicht die Festplatte schnell zu sprengen. Dafür eignet sich z.B. HandBrake, wobei hier einfach die Standardeinstellungen verwendet werden können, damit die Videos anschließend in Apple Aperture importierbar sind. Allerdings wird den Dateien bei der Umwandlung ein neuer Erstellungszeitpunkt zugewiesen. Mit dem folgenden Befehl können die Zeitstempel von den alten Dateien übernommen werden, so dass Aperture die Dateien richtig einsortiert:

for n in $( basename -s .MOV *.MOV ); do touch -t $(stat -f %SB -t %Y%m%d%H%M $n.MOV) $n.mp4; done