Ubuntu Tips and Tricks

Additional packages
Below is a list of packages that I normally install (or remove) on all my PCs.

Common
sudo apt install atril audacious bleachbit calibre chromium-browser \ chromium-codecs-ffmpeg-extra compizconfig-settings-manager cpufrequtils \ dos2unix dosbox ethtool faac filezilla gimp gnome-tweaks gnome-weather \ gparted gprename gsmartcontrol gufw hexchat httrack icc-profiles iftop \ indicator-multiload intel-microcode isomaster k3b kde-config-cddb keepassxc \ lame libavcodec-extra libk3b7-extracodecs linux-tools-common \ libreoffice-style-sifr lm-sensors mlocate normalize-audio numlockx \ openjdk-11-jre p7zip-full p7zip p7zip-rar pidgin pidgin-otr qbittorrent \ qpdfview qt5-style-kvantum qt5-style-plugins smem solaar \ sound-juicer soundconverter sox synaptic sysdig thermald ttf-xfree86-nonfree \ traceroute ubuntu-restricted-extras unace-nonfree unity-tweak-tool variety \ vcdimager vim vlc wallch xcalib

Gnome Shell
sudo apt install chrome-gnome-shell gnome-shell-extension-prefs gnome-shell-extension-system-monitor

Nvidia graphics card
sudo apt install libva-drm2 libva-glx2 libva-wayland2 libva-x11-2 mesa-vdpau-drivers libvdpau-va-gl1 vainfo vdpauinfo mesa-vulkan-drivers vulkan-tools

sudo nvidia-xconfig --xconfig=/etc/X11/xorg.conf --no-logo

Intel G45 & HD Graphics family graphics card
sudo apt install libva-drm2 libva-glx2 libva-wayland2 libva-x11-2 mesa-vdpau-drivers libvdpau-va-gl1 vainfo i965-va-driver mesa-vulkan-drivers vulkan-tools

Other type of graphics card
sudo apt install libva-drm2 libva-glx2 libva-wayland2 libva-x11-2 mesa-vdpau-drivers libvdpau-va-gl1 vainfo mesa-vulkan-drivers vulkan-tools

Wine
sudo apt install alsa-oss playonlinux wine winetricks

Iphone and Ipod
sudo apt install gtkpod ideviceinstaller ifuse ipheth-utils libgpod4 libimobiledevice-utils libplist-utils usbmuxd

Thunar File Manager
sudo apt --no-install-recommends install thunar thunar-archive-plugin

Nemo File Manager
sudo apt --no-install-recommends install nemo nemo-fileroller

Extra PPA
sudo apt install --reinstall libdvd-pkg

Proprietary Software

 * balenaEtcher
 * Steam

AppArmor
AppArmor is a security software that allows you to restrict the capabilities of a single program by associating a security profile. To install it: sudo apt install apparmor-easyprof apparmor-utils sudo aa-enforce /etc/apparmor.d/*

To check which actions have been blocked: sudo grep 'apparmor="DENIED"' /var/log/syslog

Disable IPv6
To completely disable IPv6, run the following commands: echo "# IPv6 net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.d/75-ipv6.conf sudo sysctl --system

To check the current status of IPv6, run the following command: cat /proc/sys/net/ipv6/conf/all/disable_ipv6

To force APT to use IPv4 only, run the following command: echo "Acquire::ForceIPv4 "true";" | sudo tee -a /etc/apt/apt.conf.d/99zzz

Disable Apport
To disable Apport, the Ubuntu program that warns us when an application crashes, run the following command: sudo sed -i 's/^enabled=1/enabled=0/g' /etc/default/apport

vimrc file
This is the configuration file I use for the Vim text editor: echo ' set nocompatible        " Use Vim defaults instead of 100% vi compatibility set background=dark      " Terminal with dark background set backspace=indent,eol,start " Make backspace work like most other apps set encoding=utf-8       " Sets the character encoding used inside Vim set expandtab           " Tabs expanded to spaces set fileencoding=utf-8   " Sets the character encoding for the file of this buffer set fileencodings=ucs-bom,utf-8,default,latin1 " List of character encodings considered when starting to edit an existing file set fileformats=unix     " Use Unix end-of-line format set history=50          " Keep 50 lines of command line history set hlsearch             " Highlighting of search matches set ignorecase          " Do case insensitive matching set laststatus=1         " Display the status bar only if there are at least two windows set modeline            " Enable the use of vim: istructions inside a file set modelines=1          " vim: istructions must be in the first or last line of the file set noautoindent        " Do not copy indent from current line when starting a new line set noautowrite          " Do not automatically write changes set nobackup            " Disable backup file set nolist               " Do not show unprintable characters set nonumber            " Do not show line number set nosmartindent        " Do not use smart autoindenting when starting a new line set ruler               " Show the cursor position all the time set shiftwidth=4         " Number of spaces to use for each step of (auto)indent set showcmd             " Show (partial) command in status line set showmatch            " Show matching brackets set showmode            " Show current mode set smartcase            " Do smart case matching set statusline=%<%F\ %h%m%r%=(%{&ff})\ %-14.(%l/%L,%c%)\ %P " Status bar format set tabstop=4            " Number of spaces that a Tab in the file counts for set termencoding=utf-8  " Specifies what character encoding the keyboard produces and the display will understand set ttyfast              " Fast terminal connection set visualbell t_vb=    " Disable beeping and visual bell set wildmenu             " Display command line tab complete options as a menu filetype on             " Detect the type of file syntax enable            " Enable syntax highlighting colorscheme torte       " Load specified color scheme " Source a local configuration file if available if filereadable("$HOME/vimrc.local") source $HOME/vimrc.local endif ' > $HOME/.vimrc

Firefox
For a list of useful Firefox Extensions, please refer to this page: https://addons.mozilla.org/en-US/firefox/collections/shadowmax/home/

Below are several Firefox settings, to be run from the about:config page, to change the behavior of the browser: browser.tabs.closeWindowWithLastTab            false    # il browser non si chiude quando viene chiuso l'ultimo tab browser.urlbar.trimURLs                        false    # il protocollo (es. https:// ) e' sempre visibile nella barra full-screen-api.allow-trusted-requests-only    false    # disabilita le limitazioni per sito di andare a pieno schermo full-screen-api.warning.timeout                0        # disabilita il messaggio "Press ESC to exit full screen mode"

Chromium / Google Chrome
Useful extensions for Chromium and Chrome:
 * DuckDuckGo Privacy Essentials
 * GNOME Shell integration
 * History Disabler
 * JustBlock Security
 * Minimal Bookmarks Tree
 * Speed Dial 2 New tab
 * uBlock Origin

Empty the Trash and delete the Thumbnails of the images
To automate trash emptying and image thumbnails deletion: sudo sed -i '/exit 0/i rm -rf /home/*/.thumbnails \ rm -rf /home/*/.cache/thumbnails/*/* \ rm -rf /home/*/.local/share/Trash \ ' /etc/rc.local

Resource limits
To avoid problems like this: Too many open files increase the limits of your user: sudo echo -e "$(whoami) soft nofile 8192\n$(whoami) hard nofile 8192" | sudo tee /etc/security/limits.d/$(whoami).conf

File system check
To make sure that the various file systems of our PC are only checked once every 6 months, just run this command on each of them (in the example /dev/sdb1): sudo tune2fs -c 0 -i 6m /dev/sdc3 tune2fs 1.44.6 (5-Mar-2019) Setting maximal mount count to -1 Setting interval between checks to 15552000 seconds To see the current setting: sudo tune2fs -l /dev/sdc3 | egrep "Maximum mount count|Check interval" Maximum mount count:     -1 Check interval:          15552000 (6 months)

Temperature sensors
With the command sensors you can see the temperature of various components of the PC. If the command returns: No sensors found! Make sure you loaded all the kernel drivers you need. Try sensors-detect to find out which these are. proceed with the command: sudo sensors-detect answering "yes" to all questions (even the last one).

Check the status of the Software RAID
If you have mirror disks or stripe software, you can check their status with this simple command: sudo /sbin/mdadm --detail /dev/md* | egrep "^/dev/md|State | Status " that returns an output similar to this: /dev/md0: State : clean /dev/md1: State : active, resyncing Resync Status : 10% complete If the state is clean or active, there's no problem.

LAMP (Linux, Apache HTTPD, MySQL, PHP)
Installation and configuration of the web server for local use: sudo apt install apache2 curl mysql-server php php-curl php-gd php-mbstring php-mysql php-json php-xml php-zip libapache2-mod-php sudo a2enmod php8.0 sudo a2enmod headers sudo a2enmod rewrite sudo a2enmod ssl

echo 'post_max_size = 33M'      | sudo tee -a /etc/php/8.0/apache2/conf.d/50-local.ini echo 'upload_tmp_dir = /tmp'    | sudo tee -a /etc/php/8.0/apache2/conf.d/50-local.ini echo 'upload_max_filesize = 32M' | sudo tee -a /etc/php/8.0/apache2/conf.d/50-local.ini echo 'output_buffering = Off'   | sudo tee -a /etc/php/8.0/apache2/conf.d/50-local.ini

sudo sed -i 's/^Listen 80$/Listen 127.0.0.1:80/g' /etc/apache2/ports.conf sudo sed -i 's/Listen 443$/Listen 127.0.0.1:443/g' /etc/apache2/ports.conf

sudo mkdir -p /var/www/mysite sudo chown -R max:www-data /var/www/mysite sudo chmod -R g+rw /var/www/mysite

echo '  ServerName localhost # Document Root DocumentRoot "/var/www/mysite" # Log #ErrorLog logs/localhost-error_log #CustomLog logs/localhost-access_log combined # Force the use of HTTPS RewriteEngine on    RewriteCond   %{HTTPS} !=on RewriteRule  ^(.*) https://%{SERVER_NAME} [L,R] # Security Headers Header always set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests;" Header always set X-Frame-Options "SAMEORIGIN" Header always set X-Xss-Protection "1; mode=block" Header always set X-Content-Type-Options "nosniff" Header always set Referrer-Policy "strict-origin-when-cross-origin" Header always set Set-Cookie "HttpOnly; SameSite=Strict"   ServerName localhost # Document Root DocumentRoot "/var/www/mysite" # Log #ErrorLog logs/localhost-error_log #CustomLog logs/localhost-access_log combined # SSL SSLEngine on    SSLCertificateFile      /etc/ssl/certs/ssl-cert-snakeoil.pem #SSLCertificateChainFile /etc/ssl/certs/server-ca.crt SSLCertificateKeyFile  /etc/ssl/private/ssl-cert-snakeoil.key #SSLCACertificateFile   /etc/ssl/certs/ca-bundle.crt # Security Headers Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" Header always set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests;" Header always set X-Frame-Options "SAMEORIGIN" Header always set X-Xss-Protection "1; mode=block" Header always set X-Content-Type-Options "nosniff" Header always set Referrer-Policy "strict-origin-when-cross-origin" Header always set Set-Cookie "HttpOnly; Secure; SameSite=Strict"  ' | sudo tee /etc/apache2/sites-available/mysite.conf

sudo a2dissite 000-default.conf sudo a2ensite mysite

sudo systemctl restart apache2.service

Post-Upgrade Actions
After upgrading Ubuntu to the new version, it is advisable to perform several actions to clean and optimize the new installation: sudo rm /etc/apt/sources.list.d/*.list.distUpgrade /etc/apt/*.list.distUpgrade sudo rm /etc/apt/sources.list.d/*.list.save /etc/apt/*.list.save sudo sed -i -e 's/^# deb /deb /g' -e 's/ # disabled on upgrade to .*$//g' /etc/apt/sources.list.d/*.list sudo sed -i -e 's/^# deb /deb /g' -e "s/ # disabilitato durante l'avanzamento a .*$//g" /etc/apt/sources.list.d/*.list sudo sed -i -e "s/old_release/$(lsb_release --short --codename)/g" /etc/apt/sources.list.d/*.list sudo apt -qq update sudo updatedb locate "*.dpkg-bak" locate "*.dpkg-old" locate "*.ucf-old" sudo apt clean sudo synaptic &
 * Restore third-party repositories disabled by the upgrade procedure:
 * Erase the old verion of the files we decided to overwrite:
 * Clear the APT cache to free up disk space:
 * Delete packages and configurations no longer needed:

Snap Applications
To remove old versions of installed applications distributed in snap format: sudo snap set system refresh.retain=2 snap list --all | while read snapname ver rev trk pub notes do    if  "$notes" = *disabled* ; then sudo snap remove "$snapname" --revision="$rev" fi done sudo find /var/lib/snapd/cache -type f -exec rm -f {} ';'

Qt High DPI Displays
To disable auto scaling, based on monitor pixel density, of applications written in Qt, such as Calibre and VLC: echo "QT_AUTO_SCREEN_SCALE_FACTOR=0 export QT_AUTO_SCREEN_SCALE_FACTOR QT_QPA_PLATFORMTHEME=kvantum export QT_QPA_PLATFORMTHEME QT_STYLE_OVERRIDE=kvantum export QT_STYLE_OVERRIDE" | sudo tee -a /etc/profile.d/qt-fixes.sh

Resume
If the system stops for 30 seconds before starting the boot sequence, disable the resume: echo "RESUME=none" | sudo tee /etc/initramfs-tools/conf.d/resume sudo update-initramfs -u -k all

PulseAudio
To list the available sinks: pactl list sinks | egrep "Name:|Port:"

To set the default sink and its volume: pactl set-default-sink alsa_output.pci-0000_01_00.1.hdmi-stereo pactl set-sink-volume alsa_output.pci-0000_01_00.1.hdmi-stereo   33% pactl set-sink-mute   alsa_output.pci-0000_01_00.1.hdmi-stereo   0