Author: Ben

New FOSS Releases for April 2025

 

FOSS NEWS — April 2025

Figured I’d try something new and cover a few topics at once in a sort of, monthly roundup! We’re midway through April, so this will go over what’s happening this month and shortly thereafter. Naturally, focusing on the projects I am personally most interested in.

Fedora 42 – Releasing April 15th (Tuesday!)

42? The answer to life, the universe and more?? Its not even out yet, at the 42 refrences are already wearing a little thin for me, hah. None the less, Fedora 42 comes out this coming Monday. Some points of interest:

New Anaconda Web UI Installer provides an enhanced, intuitive interface.
Python 3.8 Retirement – Python 3.8 has reached EOL status
KDE Plasma – Now a full-fledged desktop option, not just a “spin” flavor. The KDE special interest group has been working on integrating the latest Plasma applications and testing them for ensured stability.

 

Debian 13 Trixie – Freeze Timeline

I’ve been running Trixie on my desktop for a few months now, and because it is so close to freeze I have recently decided to put it on my X1 Carbon as well. So far, everything has been fantastic.

Transition and Toolchain Freeze – March 15th (Done)
Soft Freeze – April 15th (This coming Monday)
Hard Freeze – May 15th

The final release date for Debian Trixie is yet to be announced, but it is expected to be around June or August of this year.

Major changes in Debian 13:
Trixie will use the 6.12 LTS kernel
KDE Plasma 6
Addition of official RISC-V 64-bit support
Dropping support for the mipsel architecture
Removal of i386 & armel installers

Ubuntu 25.04 Plucky Puffin

The 25.04 (non-LTS) release of Ubuntu will release on April 17th, with 9 months of standard support.

Plucky Puffin will feature:
Gnome 48 – Improved responsiveness and a new “wellbeing feature”
Wayland continues as default display server
Compiler optimization level changed from -02 to -03 – Aiming to boost execution speeds and performance
Linux Kernel 6.14
ZFS and BTRFS Optimizations – Atomic updates and rollbacks inspired by NixOS are now supported
New Security Center dashboard – Centralized firewall, update and vulnerability management.
Chrony updated for encrypted time sync
Netplan Enhancments now supporting WPA-PSK-SHA256 wifi

The release candidate came out two days ago, and we’ll see the final release on Thursday the 17th.

FreeBSD 14.3 – Releasing in June

I’m definitely looking forward to this release, and we should be seeing BETA releases next month. Final release is scheduled for June 3rd.

14.3 will introduce support for 32-bit UEFI systems; benefiting users with older 32 bit EFI systems which have 64 bit CPUs. Updates to storage controller and network interface drivers are also in the works.

WiFi Improvements
Intel WiFi driver enhancements have been a goal; improving the iwlwifi(4) driver, addressing bugs and adding hardware crypto support.
Work has been done on porting the iwx driver over from OpenBSD to enable 802.11ac and 802.11ax functionality. This driver supports the Intel AX200, AX210 and AX201/AX211 adapters.

The 14.x series has been nothing shy of Impressive when it comes to performance, and I have no doubts that 14.3 will continue to deliver on that front.

VMware Workstation Continues to Impress

Yesterday I was quite surprised just how painlessly I was able to get a snappy, usable XP VM up and running in VMware Workstation.

To be clear, running XP in a VM is nothing special nor is it hard to do. But having decent graphics acceleration and device drivers is another story! I’m a true believer in the FOSS philosophy, but so long as there aren’t ads or nag screens I don’t mind using proprietary software so long as it works well.

Just for fun, I thought I’d see how VMware Workstation handles Windows 98 SE. I was surprised indeed.

Display properties, with high resolutions and color depths available

Unreal Tournament Demo v348 seemed a good test, at only 49MB. VMware set this machine up with the venerable AMD PCNET card, so 98SE found it during setup and I didn’t have to do anything — it just worked. I did need to install an old version of the guest tools; I found that on archive.org and have uploaded it to my own server aswell. Will link below.

UTDemo
UT99 drawing > 200 FPS with the software renderer

The game didn’t find a 3D accelerator, or offer DirectX / OpenGL but you could probably get that working. Nearly 250 FPS with software rendering isn’t too bad though!

I’m not interested in the VMware solution for games though, but rather old desktop applications that don’t run stably under wine. For those curious, Unreal Tournament runs PERFECTLY under wine! So that’s definitely how I’d recommend playing it. I just wanted to see how well VMware Workstation worked for something a little more demanding than MS Office. And yeah, its solid!

VMware Tools ISO for 9x / NT/ 2k / XP:
https://archive.org/details/winPreVista

EDIT 04/13/25: I didn’t realize this initially, but the tools did not install an audio driver. VMWare emulates Ensoniq AudioPCI hardware for the 9x guest; amazingly creative still hosts the driver on their site.

Creative/Ensoniq Audio Driver:
https://support.creative.com/downloads/download.aspx?nDownloadId=259

Running Windows XP in a VM (April 2025)

I run Linux obviously… and sometimes Wine blows my mind with how good it is. I have several cases lately however, where my mind isn’t exactly… blown…

This was going to be a guide on running VirtualBox 6.0.24 on Debian testing. TLDR; VMWare Workstation is Free for Linux, and is probably a much better idea anyway. Still though, wanted to document the journey.

So… XP as a guest has not been supported by any of the major virtualization solutions for years at this point. Now sure, you can install and run XP just fine on any of them… but 3D acceleration for smooth desktop operation is another story. Today, I’m going to see just how much of a pain in the ass that is – getting a 2019 VirtualBox packaged for Debian Buster… running on Debian Trixie (testing) in 2025.

SPOILER: This didn’t work; if you’re determined though, I’m sure you could get it working. This will get you Vbox installed, and the application runs, but you can’t actually run a VM… in my case anyway. I have a mismatch of Sid/Trixie/Bookworm though, and generally that is bad practice 🙂 See the alternate solution… just scroll down a bit.

If you try and just go for it, you’ll be met in the very least with a message informing you that you system lacks these dependencies:

dpkg: dependency problems prevent configuration of virtualbox-6.0:
virtualbox-6.0 depends on libssl1.1 (>= 1.1.1); however:
Package libssl1.1 is not installed.
virtualbox-6.0 depends on libvpx5 (>= 1.6.0); however:
Package libvpx5 is not installed.
virtualbox-6.0 depends on python (<< 2.8); however:
Package python is not installed.
virtualbox-6.0 depends on python (>= 2.7); however:
Package python is not installed.
virtualbox-6.0 depends on python:any (>= 2.6.6-7~).

You’ll need an older libssl package. libssl1.1_1.1.1n-0+deb10u6_amd64.deb is easily found on Debian’s site, there will be a link at the end of the article too. For me, a simple dpkg -i installed this with 0 problems… So far, so good!

For libvpx5:
wget http://ftp.debian.org/debian/pool/main/libv/libvpx/libvpx5_1.7.0-3+deb10u1_amd64.deb

sudo dpkg -i libvpx5_1.7.0-3+deb10u1_amd64.deb

Now, Python… obviously Python 2 is dead. I first tried this with the python-is-python3 package; I wish this would have worked. The backup plan is installing Python 2.7 from Bullseye, which I’d have liked to avoid.

Steps for Python 2.7…

Download http://ftp.debian.org/debian/pool/main/libf/libffi/libffi7_3.3-6_amd64.deb
dpkg -i libffi7_3.3-6_amd64.deb

If you’re running as root, you can save time with a single command for the download / install. Here is the next thing we’ll need:

wget http://ftp.debian.org/debian/pool/main/p/python2.7/libpython2.7-minimal_2.7.18-8+deb11u1_amd64.deb && dpkg -i libpython2.7-minimal_2.7.18-8+deb11u1_amd64.deb

For the next two, I had to tell it to ignore a dependency. “mime-support” is no longer a package, and I have the new version installed, so this should be OK.

Wget http://ftp.debian.org/debian/pool/main/p/python2.7/libpython2.7-stdlib_2.7.18-8+deb11u1_amd64.deb && sudo dpkg -i –force-depends libpython2.7-stdlib_2.7.18-8+deb11u1_amd64.deb

Again, we have to do that for the actual Python 2.7 package

wget http://ftp.debian.org/debian/pool/main/p/python2.7/python2.7_2.7.18-8+deb11u1_amd64.deb && dpkg -i –force-depends python2.7_2.7.18-8+deb11u1_amd64.deb

At this point, I removed python-is-python3, since we don’t want to be trying to run python2 code on python3 when we have 2.7 installed; so apt remove –purge python-is-python3

VirtualBox will still complain about missing python. Oh well. Use the Force!

sudo dpkg -i –force-depends virtualbox-6.0_6.0.24-139119~Debian~buster_amd64.deb

At this point, Virtualbox was indeed installed however there were problems finishing the setup. Something to do with the kernel modules, maybe the vbox networking, stuff like that. EVERY TIME I used apt, I had to –fix-broken install which REMOVED virtualbox. Then I had to reinstall it, telling it to ignore the python situation. The problem looked related to kernel modules \ lack of kernel headers installed so I made sure I had those installed. Anyway, big f’n mess.

I figured I’d share because for someone determined enough, you’ll probably get it working. At this point, VirtualBox does indeed start, you can start to configure a VM, etc. Just when you try to actually launch a VM, it will complain and fail.

Alternate Solution:

But guess what…. There is a major VM solution that supposedly still supports accelerated graphics on XP. VMWare Workstation – which at the time of writing this – is completely free. You just need to sign up with your email, but no credit card or any BS like that.

You’ll need an older version of the VMWare Guest Tools:
https://packages.vmware.com/tools/releases/10.0.12/windows/

Just download the ISO, and after you install XP you can mount it and the installer should start right up. Reboot and you should be good.

IE Downloading

Man… Been a while since I’ve seen THAT dialog box! Mainly because I used XP for years with FireFox.

 

Throwback Thursday: My Water-cooled Desktop circa 2008

If I remember correctly this was:
SuperMicro Full Tower
Gigabyte EP45-UD3P Motherboard
E8400 Overclocked to 4 GHz
2x 2GB Corsair XMS 800 MHz DDR2
Radeon X300SE

Apogee GT waterblock
MCP 655 pump
77 Bonneville heatercore
Homemade PVC reservoir tank

No fans are directly on the heatercore, but all case fans are blowing out (exhaust) to create negative pressure. The side vents, and empty drive bays were closed off, thus, forcing all intake through the radiator.

A minimalist video player, controlled over ssh

MPV Player

I quite often find that when I’m setting up something that I’m going to use myself, the extra layers are just annoying. Kodi/XBMC is great, but if you don’t care to set it up right it can feel clunky… to me anyway. That said, I do want some comforts in my solution.

No manually typing out long file names!
No cryptic, long commands

I give you btv, a wrapper I wrote for MPV. It is meant to be used over SSH.

 

Log in via SSH, change directory to the file(s) you want to play and type btv, it will list out the available video formats in that dir. Hit the corresponding number, press enter and it will start playing. It does so with nohup, so you can exit the ssh session or whatever — it’ll keep playing. If you run it again, while something is playing, it will pause for you. If you run it while something is open and paused, it resumes.

You can also manually set args with:
–stop
–pause
–resume
–play (filename)
–status

You’ll have to configure the correct audio/video outputs for your own setup. This is mine, on a pi5. If you have no audio, pulse/pipewire is probably the reason. Just stop the service(s).

Source available along with some of my other projects:

https://ben.lostgeek.net/code

Completing the Move…

Error Fetching
PiClock couldn’t fetch weather data

Finally, 146 uninterrupted days of solid uptime, I’ve switched the site from the Pi 5 over to a Lenovo Tiny PC. Upcoming post about my new setup, involving NGINX and Alpine. I’ve been an Apache HTTPD user since 2005, but the times they are-a changing… and I think I’ve got some interesting goodies to share. Stay tuned.

In the meanwhile, if some things don’t work or are partially missing, it is because changing servers is like pulling teeth… you kind of just need to yank and get it over with.

Feel free to report via the “Forum” with bugs… I had to botch up the server stats to get it working on Alpine/NGINX because several things were a bit different. It is half done… behold, the incredibly low memory footprint of the new setup! Just 70MB!

That picture is of the PiFrame, Pi Zero 2 powered clock… it uses scripts running on my webserver — which I’d forgotten to port over to the new VM!!

Anyways, coming soon is a write up about moving to NGINX/Alpine, and the new “Big Digits” code for the PiFrame, see the picture?

DnsMasq Network-Wide Blocking Part II. Dealing with Hostnames

NetworkAs stated last time; When you’re no longer serving DNS from the same machine as your DHCP server, local hostnames may become an issue.

If you’re like me, all the things you actually would be needing to access by name in that matter already have static addresses and /etc/hosts file entries. I had an idea that I thought should be shared though.

This is a little script I wrote. What it does, is takes the dhcp.leases file on an OpenWRT router and produces a correctly formatted hosts file. In the previous article, I offered my custom config, and you’ll see the option to have dnsmasq parse your /etc/hosts file — this is for that.

Weather you have 4 devices on your network, 40 or however many you’ve got, this is an easy way to get the local hostnames working on your new custom DNS setup.

Here is the code for Leases2Hosts, you can run it right on OpenWRT.

#!/bin/sh
# OpenWrt Leases2Hosts 0.01 -- BTA 03.13.2025 -- LostGeek.NET
# Transforms OpenWrt dhcp leases file into format suitable for external DNS server

LEASES_FILE="/tmp/dhcp.leases"
OUTPUT_FILE="/tmp/dhcp.hosts"

# Set domain suffix (leave blank to disable)
DOMAIN_SUFFIX=".lan"

# Ensure the leases file exists
[ -f "$LEASES_FILE" ] || { echo "Leases file not found!"; exit 1; }

# New hosts file header
echo "# Generated by Lease2Hosts" > "$OUTPUT_FILE"

# Process the leases file using BusyBox-compatible awk
awk -v suffix="$DOMAIN_SUFFIX" '
{
    ip = $3;
    hostname = $4;

    # Ignore entries where hostname is "*"
    if (hostname == "*") next;

    # Ensure hostname is not a MAC address (contains colons)
    if (index(hostname, ":") > 0) next;

    # Ensure hostname is only letters, numbers, dots, and dashes
    if (match(hostname, /^[a-zA-Z0-9.-]+$/)) {
        if (suffix != "") {
            print ip, hostname, hostname suffix;
        } else {
            print ip, hostname;
        }
    }
}' "$LEASES_FILE" >> "$OUTPUT_FILE"

echo "Hosts file:"
echo "-----"
cat $OUTPUT_FILE
echo "-----"
echo "Hosts file written: $OUTPUT_FILE"

You can run this once and be done, if you don’t always add and change devices. It can also be auto started via a cron job.

I think there is even a way to have an event-based trigger so perhaps it could run as soon as a new lease is given to a unique device. I’ll leave that up to the reader though!

For those who don’t know, what this does is reads the DHCP leases file; this has the IPs and hostnames of all DHCP clients on your network. It also has mac addresses though, and may contain nameless entries, both of which you obviously don’t want in your hosts file. I’d imagine this could be very useful if you’ve got a network full of machines, VMs, or IoT devices… heck, even a family with laptops, smartphones and tablets.

It produces output as follows: 10.0.0.1 workstation1 workstation1.local 10.0.0.2 laptop1 laptop1.local etc…

From the dhcp.leases file, which looks something like this: *1621306452 c8:3d:6b:55:f1:e5 10.0.0.22 Roku * 1772607384 2c:ab:67:3d:90:5d 10.0.0.29 piframe 01:2c:cf:67:3d:90:5d etc…*

Quite ugly — notice the double MAC?? Well, that happens, especially on modern cell phones which hide their mac as a privacy feature, and on cheap-o devices which don’t have the mac set in stone.

Originally MACs weren’t supposed to just be changed on a whim but rather burned into the device’s eprom. My script aims to sort out all of this non-sense. I have had excellent results using the script, however please review it before using the generated list. If you understand shell script basics and awk, you can gauge your own confidence in it being fairly safe, but I shall make no such guarantee.

Using cron and scp, you can automate putting this new hosts file on your DNS server. However, I’d recommend that you use it simply to save you time in formatting a hosts file from a large lease pool — and it seems to do so quite well.

FreeBSD 13.5 RELEASE Available Now

FreeBSD

Doesn’t say so according to their official schedule, but 14.5 RELEASE is up on the web.

Since 14.1 or 14.2 the 14 series no longer works on my T400. Unsure exactly why, but it only boots in safemode… So, fresh 13.5 it is! According to their release schedule, RELEASE announcement isn’t until March 11th.

There is indeed an image though, in my case: FreeBSD-13.5-RELEASE-amd64-memstick.img and I’m half way through installing it right now.

Official Schedule:
https://www.freebsd.org/releases/13.5R/schedule/

13.5 Images Download (AMD64)
https://download.freebsd.org/releases/amd64/amd64/ISO-IMAGES/13.5/

Upgrade-All Script for OpenWRT

OpenWRTIn my experience, neither opkg’s command line interface, nor Luci’s web interface will allow you perform all available upgrades, all in one go.

They make you do each one, one at a time. Maybe for safety reasons?

If you accept the risks involved and want to save some time like I did, make yourself a script:

#!/bin/sh

opkg update
upgradables=$(opkg list-upgradable | awk '{print $1}') || exit 0
[ -z "$upgradables" ] && echo "No packages to upgrade." && exit 0
echo "Upgrade: $upgradables"; read -p "Enter y/n: " r
[ "$r" = "y" ] && opkg upgrade $upgradables

This is genuinely quite useful, and it also is a very good bash scripting example that I wanted to share.

Save it, chmod +x, rock and roll.

Probably should keep a copy on your workstation too, because unless you put it somewhere on the router that’ll survive reboots it may get lost during one.

Network wide ad-blocking with dnsmasq

Mask and ShieldPiHole is a thing, so is AdGuard Home— these are both excellent, and work well. They’re easy. you don’t have to be a network administrator to get up and running.

I’ve been a satisfied PiHole user for about a year, but I wanted something a little cleaner. Here is what I don’t like about PiHole:

  1. It isn’t a “normal” package. Perhaps “conventional” would be a better word; You need to use their install script. This makes updating a pain, and personally I think it is a messy way of doing things.
  2. The web interface wants to install its own server, on port 80. You can change this, and I did. Things were working fine, then I updated and the web portion no longer worked because they’ve switched to Lua… so more configuration needed, or use the web server it comes with.
  3. It is essentially just a re-release of dnsmasq, with a web front end slapped on.

So, let’s talk about doing the exact same thing, with the normal dnsmasq package that your distro comes with

IMO, the special sauce of PiHole is Stephen Black’s hosts list. This is what PH uses out of the box, to block ads, trackers and other malicious sites. Available on github here: https://github.com/StevenBlack/hosts

This file is laid out like a normal hosts file (0.0.0.0 somename.com) and we need to change that to something dnsmasq will understand. Dnsmasq needs it written like this, address=/somename.com/0.0.0.0

We can do that with a simple script. In my case, I wrote one which will grab the list for me, format it for dnsmasq and then put it in the dnsmasq.d config directory. Note, this does mean you’ll need to run with sudo, or do this in a way that you’re putting it in with the correct permission to do so.

#!/bin/bash

BLOCKLIST_URL="https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts"
BLOCKLIST_FILE="/tmp/stephenblack_hosts"
OUTPUT_FILE="/etc/dnsmasq.d/100_stephenblack.conf"

# Download, process, and create dnsmasq config
wget -q -O "$BLOCKLIST_FILE" "$BLOCKLIST_URL" && \
awk '!/^#/ && NF > 1 {print "address=/" $2 "/0.0.0.0"}' "$BLOCKLIST_FILE" > "$OUTPUT_FILE" && \
systemctl restart dnsmasq && \
echo "Blocklist update and dnsmasq configuration complete!" || \
{ echo "Error occurred."; exit 1; }

Now, to get this to work, you’ll have to edit /etc/dnsmasq.conf and comment or add conf-dir=/etc/dnsmasq.d This is a massive file, so use search in your editor. Because the file is so large, make yourself a different file in dnsmasq.d called 99_custom.conf and we can put DNS related stuff in there. Here is mine, it has most of what one might want to play with dns-wise.

# Custom Configuration file for dnsmasq.
# ---------------------------------------
# These are the most relevant, DNS related options.
# All DHCP related options are in /etc/dnsmasq.conf

# To set upstream servers here; in case resolv.conf changes
no-resolv
server=1.1.1.1
server=9.9.9.9

# If you don't want dnsmasq to poll /etc/resolv.conf for changes
#no-poll

# Never forward plain names (without a dot or domain part)
domain-needed
# Never forward addresses in the non-routed address spaces.
bogus-priv

# Uncomment these to enable DNSSEC validation and caching:
# (Requires dnsmasq to be built with DNSSEC option.)
#conf-file=%%PREFIX%%/share/dnsmasq/trust-anchors.conf
#dnssec

# Replies not DNSSEC signed may be legitimate. Because the domain
# is unsigned, or may be forgeries. Dnsmasq can check unsigned replies.
#dnssec-check-unsigned

# Change this line if you want dns to get its upstream servers from
# somewhere other that /etc/resolv.conf
#resolv-file=

# Use upstream DNS server in order, or any available.
#strict-order

# Add other name servers here, (if non-public domains).
#server=/localnet/192.168.0.1

# Add local-only domains here, queries in these domains are answered
# from /etc/hosts or DHCP only.
local=/lan/

# Add domains which you want to force to an IP address here.
# This is also how ad-blocking works. (point @ 0.0.0.0)
#address=/double-click.net/127.0.0.1

# Run dnsmasq as...
#user=
#group=

# Use specific network interface, bind to LAN (only) if doing NAT.
# You don't want to make your DNS avail to the public internet.
#bind-interfaces

# Set the cache size here. Default is 100, max is 10000
cache-size=10000

# If you want to disable negative caching (non-working names)
#no-negcache

# May serve potentially stale date, you can set a custom time-to-live
local-ttl=900

# For debugging purposes, log all queries (will use many MB in a day)
#log-queries

# Good idea if you're passing out this DNS server directly to clients
addn-hosts=/etc/hosts

# Option to disable ipv6, shouldn't need to enable
#no-ipv6

I’ve got no-resolv set here, because if you tell your router to hand out this machine for DNS then it’ll get only itself as a source and well, you won’t have working DNS. So either keep no-resolv and set your upstream servers in this custom file, or make sure you’re not using anything which is going to overwrite your resolv.conf entries.

For those interested, here’s how you could deal with that:

Adding dns-nameservers 1.1.1.1 9.9.9.9 to /etc/network/interfaces (if you’re using ifupdown)

Putting supersede domain-name-servers 1.1.1.1, 9.9.9.9; into your /etc/dhcp/dhclient.conf file, should you be using dhclient for a dynamically assigned address. Good idea to do this, if you use any NICs with DHCP unless you told dnsmasq to ignore resolv.conf.

And well, I think that’s about it. The last step is going into your router, setting the machine /w dnsmasq as the DNS server… and of course, adding any names you want/need to resolve on your LAN to the DNS server’s /etc/hosts file.

Enjoy!

© 2025 LostGeek.NET - All Rights Reserved. Powered by ClassicPress, NGINX, Debian GNU/Linux.