I am behind a Fortinet SSL-inspecting network and need to trust the Fortinet root CA.

What works:

• Certificate exists in /usr/local/share/ca-certificates/Fortinet_CA_SSL.crt

• Certificate is valid PEM

• CA:TRUE

• update-ca-certificates --fresh succeeds and shows:

Replacing debian:Fortinet_CA_SSL.pem

• Symlink exists:

/etc/ssl/certs/Fortinet_CA_SSL.pem
47d00205.0 -> Fortinet_CA_SSL.pem

• OpenSSL trusts it:

openssl verify \
-CAfile /etc/ssl/certs/ca-certificates.crt \
/usr/local/share/ca-certificates/Fortinet_CA_SSL.crt

OK

• trust list works normally and shows system roots.

Problem:

• Almost all applications fail TLS/HTTPS as if the Fortinet CA is not trusted.

• Chrome only works in profiles where I manually imported the certificate.

• System-wide trust does not propagate to applications.

Things already checked:

• p11-kit-trust.so exists and trust module loads.

• trust list shows normal root certificates.

• Cert permissions are correct (0644 root:root).

• Cert contains exactly one PEM certificate.

• Reinstalled p11-kit, p11-kit-modules, and ca-certificates.

Environment:

• Ubuntu 26.04

• Fortinet appliance SSL inspection certificate

• Certificate subject:

CN=FG200FT925904109
OU=Certificate Authority
O=Fortinet

Question:
What trust path are desktop apps/Electron/Chrome actually using on Ubuntu 26.04, and why would the OS trust store (ca-certificates) verify the cert while apps still reject HTTPS unless manually imported?

I am developing a Qt app, and considering whether to use PySide6 and PyQt6.

Is there any difference between them in terms of:

• performance?

• resource consumption (RAM/internal storage)?

• compatibility with native look and feel in GNOME?

I installed Ubuntu 26.04 LTS Desktop on my Galaxy Book2 Pro 5G. It only has one SSD, and I created a shared partition named "shared" (D:). When using Strawberry Music Player, I always get an error message; I need to access the shared partition before I can play music files. So I was wondering if automatically mounting the shared partition would solve the problem. I occasionally mount it to /home/ku/shared, but Strawberry Music Player can't see the music files in the shared partition. I think I might be doing something wrong. I've attached some screenshots; I hope someone can help me. Thank you!

enter image description here

This seems wrong.

enter image description here

enter image description here

The network has a very old Active Directory controller running Windows 2008 (not R2). Is it possible to configure authentication through it on an Ubuntu 26.04 server (Samba 4.23)?

I added support for the outdated encryption algorithm to krb5.conf.

default_tgs_enctypes = arcfour-hmac-md5
default_tkt_enctypes = arcfour-hmac-md5

Kerberos creates a ticket. But the "net ads join" command returns an error:

libnet_join_ok: failed to open schannel session on netlogon pipe to server srv1.company.local for domain COMPANY. Error was NT_STATUS_ACCESS_DENIED
Failed to join domain: failed to verify domain membership after joining: {Access Denied} A process has requested access to an object but has not been granted those access rights.

Samba isn't joined to the domain. Changing "client/server min protocol" and "ntlm auth" in smb.conf didn't help.

The "mount.cifs" command can mount a shared folder with the "vers=1.0" or "vers=2.0" option.

Any ideas, or should I just upgrade from Windows 2008 to something modern?

I have updated my Ubuntu from 25.10 version to 26.04, I received some error dusring the installation about the kernel.

At the first start I had a kernel panic error, I solved it starting my PC with the previous kernel version then I provided the following commands:

 sudo update-initramfs -u -k version

Now I can boot with any problem my PC with the latest kernel available 7.0.0-15.

But I think there is a problem, if I try to update my system via terminal this is what I have:

kaotik@kaotik:~$ sudo apt update && sudo apt upgrade
[sudo: authenticate] Password:       
Trovato:1 http://security.ubuntu.com/ubuntu resolute-security InRelease
Trovato:2 http://archive.ubuntu.com/ubuntu resolute InRelease                                       
Trovato:3 https://dl.google.com/linux/chrome-stable/deb stable InRelease                         
Trovato:4 http://archive.ubuntu.com/ubuntu resolute-updates InRelease   
Trovato:5 https://esm.ubuntu.com/apps/ubuntu resolute-apps-security InRelease
Trovato:6 http://archive.ubuntu.com/ubuntu resolute-backports InRelease
Trovato:7 https://esm.ubuntu.com/apps/ubuntu resolute-apps-updates InRelease
Trovato:8 http://archive.ubuntu.com/ubuntu resolute-proposed InRelease
Trovato:9 https://esm.ubuntu.com/infra/ubuntu resolute-infra-security InRelease
Trovato:10 https://esm.ubuntu.com/infra/ubuntu resolute-infra-updates InRelease
3 pacchetti possono essere aggiornati: eseguire "apt list --upgradable" per vederli.
Non ancora aggiornati per via dello scaglionamento:
  gnome-session-bin  gnome-session-common  ubuntu-session

Riepilogo:
  Aggiornamento: 0, Installazione: 0, Rimozione: 0, Non aggiornati: 3
  1 non completamente installati o rimossi.
  Spazio richiesto: 0 B / 413 GB disponibile

Continuare? [S/n] s
Configurazione di linux-image-7.0.0-15-generic (7.0.0-15.15)...
Elaborazione dei trigger per linux-image-7.0.0-15-generic (7.0.0-15.15)...
/etc/kernel/postinst.d/dracut:
dracut: Generating /boot/initrd.img-7.0.0-15-generic
dracut[W]: If you need to use bluetooth, please include it explicitly.
dracut[W]: If you need to use bluetooth, please include it explicitly.
/etc/kernel/postinst.d/kdump-tools:
kdump-tools: Generating /var/lib/kdump/initrd.img-7.0.0-15-generic
E: /usr/share/initramfs-tools/hooks/dhcpcd failed with return 1.
update-initramfs: failed for /var/lib/kdump/initrd.img-7.0.0-15-generic with 1.
run-parts: /etc/kernel/postinst.d/kdump-tools exited with return code 1
dpkg: errore nell'elaborare il pacchetto linux-image-7.0.0-15-generic (--configure):
 old linux-image-7.0.0-15-generic package postinst maintainer script subprocess failed with exit status 1
Si sono verificati degli errori nell'elaborazione:
 linux-image-7.0.0-15-generic
Errore: Sub-process /usr/bin/dpkg returned an error code (1)

I have tried to fix the installation using the forllowing commands:

kaotik@kaotik:~$ sudo dpkg --configure -a
Configurazione di linux-image-7.0.0-15-generic (7.0.0-15.15)...
Elaborazione dei trigger per linux-image-7.0.0-15-generic (7.0.0-15.15)...
/etc/kernel/postinst.d/dracut:
dracut: Generating /boot/initrd.img-7.0.0-15-generic
dracut[W]: If you need to use bluetooth, please include it explicitly.
dracut[W]: If you need to use bluetooth, please include it explicitly.
/etc/kernel/postinst.d/kdump-tools:
kdump-tools: Generating /var/lib/kdump/initrd.img-7.0.0-15-generic
E: /usr/share/initramfs-tools/hooks/dhcpcd failed with return 1.
update-initramfs: failed for /var/lib/kdump/initrd.img-7.0.0-15-generic with 1.
run-parts: /etc/kernel/postinst.d/kdump-tools exited with return code 1
dpkg: errore nell'elaborare il pacchetto linux-image-7.0.0-15-generic (--configure):
 old linux-image-7.0.0-15-generic package postinst maintainer script subprocess failed with exit status 1
Si sono verificati degli errori nell'elaborazione:
 linux-image-7.0.0-15-generic
kaotik@kaotik:~$ sudo apt-get install -f
Lettura elenco dei pacchetti... Fatto
Generazione albero delle dipendenze... Fatto
Lettura informazioni sullo stato... Fatto   
Risoluzione dipendenze... Fatto
0 aggiornati, 0 installati, 0 da rimuovere e 3 non aggiornati.
1 non completamente installati o rimossi.
Dopo quest'operazione, verranno occupati 0 B di spazio su disco in più.
Configurazione di linux-image-7.0.0-15-generic (7.0.0-15.15)...
Elaborazione dei trigger per linux-image-7.0.0-15-generic (7.0.0-15.15)...
/etc/kernel/postinst.d/dracut:
dracut: Generating /boot/initrd.img-7.0.0-15-generic
dracut[W]: If you need to use bluetooth, please include it explicitly.
dracut[W]: If you need to use bluetooth, please include it explicitly.
/etc/kernel/postinst.d/kdump-tools:
kdump-tools: Generating /var/lib/kdump/initrd.img-7.0.0-15-generic
E: /usr/share/initramfs-tools/hooks/dhcpcd failed with return 1.
update-initramfs: failed for /var/lib/kdump/initrd.img-7.0.0-15-generic with 1.
run-parts: /etc/kernel/postinst.d/kdump-tools exited with return code 1
dpkg: errore nell'elaborare il pacchetto linux-image-7.0.0-15-generic (--configure):
 old linux-image-7.0.0-15-generic package postinst maintainer script subprocess failed with exit status 1
Si sono verificati degli errori nell'elaborazione:
 linux-image-7.0.0-15-generic
E: Sub-process /usr/bin/dpkg returned an error code (1)

I have tried to reinstall the kernel too:

kaotik@kaotik:~$ sudo apt install --reinstall linux-image-$(uname -r) linux-modules-$(uname -r)
[sudo: authenticate] Password:       
Riepilogo:                                 
  Aggiornamento: 0, Installazione: 0, Reinstallazione: 2Rimozione: 0, Non aggiornati: 6
  1 non completamente installati o rimossi.
  Dimensione scaricamento: 169 MB
  Spazio richiesto: 0 B / 414 GB disponibile

Scaricamento di:1 http://archive.ubuntu.com/ubuntu resolute-updates/main amd64 linux-modules-7.0.0-15-generic amd64 7.0.0-15.15 [169 MB]
Recuperati 169 MB in 8s (22,5 MB/s)                                                                                                                                                         
Errore: Internal Error, No file name for linux-image-7.0.0-15-generic:amd64

But I have always that error message.

Could you please help me to fix it?

Thank you

is it normal for practically all the window navigation shortcuts to be broken because the dock shortcuts take precedence and launch applications from the dock?

For example, right now I’m trying to move Firefox to workspace number 4, but the Dock opens the application in slot number 4 even though I used different keybindings (Ctrl+Super+4) to move the windows to the workspace 4, whereas for the Dock it should only be (Super+4).

This is an extension of this question. I asked some clarification there in the comments, but I received no answer.

I have a number of mp4 files, and their metadata title displays some undesirable text. I would be perfectly satisfied to replace that text with the file name, but without the file path and without the file extension.

If I use ... -metadata title="{}" ..., the title contains both the file path and the file extension.

If I use ... -metadata title="${basename}" ..., the title still contains the file extension.

So how should I modify the command to remove the file extension too?

I have two text files, one with a list of sample names like this:

51234_SampleName  
52345_SampleName  
53456_SampleName  
54567_SampleName  

And the other with the same names but truncated and in a different order, like this:

52345_SampleN  
54567_SampleN   
53456_SampleN  
51234_SampleN

What I want to do is sort the entries in the first file so that they're in the same order as the second file based on the matching segments, but I'm very new to Linux and given that it's not just numerical and the entries don't match pefectly I'm struggling to figure out how I can do this. I tried using sort:

sort -t_ -n -k1 -o full_names.txt truncated_names.txt

But unfortunately that just seemed to sort numerically.

I've looked around and can't find a solution for these specific requirements. Can anyone suggest anything?
Thanks

i want to generate my own WhatsApp application that works in ubuntu linux
So i want help with the steps and codes

After upgrading to Ubuntu 26.04, my Xfce session always starts in Wayland even when selecting the normal Xfce session.

Commands output:

echo $XDG_SESSION_DESKTOP
xfce

echo $XDG_SESSION_TYPE
wayland

Installed sessions:

ls /usr/share/xsessions
lightdm-xsession.desktop
xfce.desktop

ls /usr/share/wayland-sessions
gnome.desktop
ubuntu.desktop
xfce-wayland.desktop

I am using GDM3:

cat /etc/X11/default-display-manager
/usr/sbin/gdm3

I also already disabled Wayland in GDM:

/etc/gdm3/custom.conf

[daemon]
WaylandEnable=false

But after reboot, Xfce still starts in Wayland.

The main issue is that Worksnaps screenshots are black under Wayland, and many of my old Xfce/X11 customizations stopped working after the upgrade.

X11 packages are installed correctly:

dpkg -l | grep xorg

shows the full Xorg stack installed.

Questions:

1. How can I force Xfce to start in true X11 mode on Ubuntu 26.04?

2. Is Ubuntu 26.04 automatically redirecting Xfce sessions to Wayland?

3. Is there a recommended way to keep GDM3 while using Xfce on X11?

As the link https://packages.ubuntu.com/search?keywords=boomaga&searchon=names&suite=all&section=all suggests, the Boomaga software is no longer available in Ubuntu 26.04.

I know that I can add the appropriate PPA and still use the old version (taking any risks).

However, my question is this:

What is the best way to easily preview printouts, rearrange pages, combine printouts, make booklets, or print multiple pages on a single sheet (all in one software) in Ubuntu 26.04?

Would you have some advice on a straightforward way to type in an inverted question mark using English (Us, alt. intl.) keyboard in Ubuntu 22.04?

I have tried many of the options as available from the community but none seems to work (at least for my simple installation of Ubuntu 22.04).

I have used ansible to install firefox with the following block:

- name: Add Firefox repository
  apt_repository:
    repo: 'ppa:mozillateam/ppa'
    state: present
    update_cache: no
  become: yes

This has always worked but stopped working after switching to Ubuntu 26.04, giving the following error:

TASK [Add Firefox repository] **************************************************
[ERROR]: Task failed: Module failed: Unable to get required signing key
Origin: /home/user/ansible/task-desnap.yml:80:3

78     create: true
79
80 - name: Add Firefox repository
     ^ column 3

fatal: [localhost]: FAILED! => {"changed": false, "command": ["/usr/bin/gpg", "--no-tty", "--keyserver", "hkp://keyserver.ubuntu.com:80", "--export", "738BEB9321D1AAEC13EA9391AEBDF4819BE21867"], "msg": "Unable to get required signing key", "rc": 0, "stderr": "gpg: WARNING: nothing exported\n", "stderr_lines": ["gpg: WARNING: nothing exported"]}

I read that apt_repository is being deprecated in Ubuntu 26.04. But I am not sure whether it is the cause here.

Can someone help explain how I can fix the ansible block to install from the PPA?

This is with:

$ ansible --version
ansible [core 2.20.1]
  config file = None
  configured module search path = ['/home/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /home/user/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.14.4 (main, Apr  8 2026, 04:02:31) [GCC 15.2.0] (/usr/bin/python3)
  jinja version = 3.1.6
  pyyaml version = 6.0.3 (with libyaml v0.2.5)

i use laptop Lenovo ipad15 8ram 500gb hdd Ub 24
as of May 2nd Snap is showing dashboard.snapcraft.io (production services)
snap downloads (production services) is down

can somebody pls assist me how to fix this in terminal ?? never had this problem and use Ub 12 till Ub 24 thnks fr yr advice and help Guido (odigo)

My Ubuntu 24.04.4 LTS laptop has two external displays connected via an USB dock with HDMI cables:

           27" monitor      27" monitor
              |                 |
             HDMI              HDMI
              |                 |
laptop ==> USB dock ------------+

When I use the laptop as the primary display, a video fullscreen covers the screen and the status icons on the top left show fine. When I try to use the 27" displays as primary display, the status icons disappear off screen. When I try to use fullscreen on a video, one side and bottom of video is off screen.

xrandr --listmonitors list the maximum sizes of the displays correctly, so the error must be in a higher layer somewhere? What do I do to debug this?

• XDG_SESSION_TYPE is wayland.
• gnome-shell --version is 46.0.
• Following suggestions in https://docs.fedoraproject.org/en-US/quick-docs/troubleshooting-wayland-problems/
  • jouurnalctl -f

Last week I went on vacation. When I returned this week I noticed all the devices on my home network are blocked from the below sites including phone, Mac and Ubuntu server:

• ubuntu.com
• changelogs.ubuntu.com
• launchpad.net

I have a PC running Ubuntu 24.04 server. In motd it is showing:

Failed to connect to https://changelogs.ubuntu.com/meta-release-lts.
Check your Internet connection or proxy settings

I am able to connect to the above sites in phone with wifi disabled and on other networks outside my home.

I'm guessing that my IP or ISP has gotten blocked by Ubuntu during large outages over the last 2 weeks. My ISP is Metronet in Twin Cities, Minnesota. I never had issues before now.

Do you have any advice about how to fix this? I would like to upgrade my home server to 26.04, but I'm unable to do so as I am blocked.

nslookup works. ping shows 100% of packets dropped.

nslookup

nslookup ubuntu.com
Server:         127.0.0.53
Address:        127.0.0.53#53

Non-authoritative answer:
Name:   ubuntu.com
Address: 185.125.190.20
Name:   ubuntu.com
Address: 185.125.190.29
Name:   ubuntu.com
Address: 185.125.190.21

ping

 ping 185.125.190.20
PING 185.125.190.20 (185.125.190.20) 56(84) bytes of data.
^C
--- 185.125.190.20 ping statistics ---
8 packets transmitted, 0 received, 100% packet loss, time 7198ms

ping 185.125.190.29
PING 185.125.190.29 (185.125.190.29) 56(84) bytes of data.
^C
--- 185.125.190.29 ping statistics ---
6 packets transmitted, 0 received, 100% packet loss, time 5156ms

ping 185.125.190.21
PING 185.125.190.21 (185.125.190.21) 56(84) bytes of data.
^C
--- 185.125.190.21 ping statistics ---
8 packets transmitted, 0 received, 100% packet loss, time 7156ms

ping 185.125.189.223
PING 185.125.189.223 (185.125.189.223) 56(84) bytes of data.
^C
--- 185.125.189.223 ping statistics ---
16 packets transmitted, 0 received, 100% packet loss, time 15364ms

I am trying to use a Qualcomm QCN9274 (Compex WLE7002E25) Wi-Fi card on my x86 machine, but it's not working with the ath12k driver.

I am using the official board-2.bin from the upstream repository here.

[  954.894565] ath12k_pci 0000:01:00.0: BAR 0 [mem 0x80400000-0x805fffff 64bit]: assigned
[  954.894706] ath12k_pci 0000:01:00.0: MSI vectors: 16
[  954.894709] ath12k_pci 0000:01:00.0: Hardware name: qcn9274 hw2.0
[  955.593136] ath12k_pci 0000:01:00.0: qmi dma allocation failed (29360128 B type 1), will try later with small size
[  955.606921] ath12k_pci 0000:01:00.0: memory type 10 not supported
[  955.612535] ath12k_pci 0000:01:00.0: chip_id 0x0 chip_family 0xb board_id 0x101a soc_id 0x401a2200
[  955.612548] ath12k_pci 0000:01:00.0: fw_version 0x141580c7 fw_build_timestamp 2024-11-11 11:03 fw_build_id QC_IMAGE_VERSION_STRING=WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1
[  955.635702] ath12k_pci 0000:01:00.0: failed to fetch board data for bus=pci,qmi-chip-id=0,qmi-board-id=4122 from ath12k/QCN9274/hw2.0/board-2.bin
[  955.635707] ath12k_pci 0000:01:00.0: failed to fetch board data for bus=pci,qmi-chip-id=0,qmi-board-id=255 from ath12k/QCN9274/hw2.0/board-2.bin
[  955.635709] ath12k_pci 0000:01:00.0: failed to fetch board.bin from QCN9274/hw2.0
[  955.635711] ath12k_pci 0000:01:00.0: qmi failed to load bdf:
[  955.635712] ath12k_pci 0000:01:00.0: qmi failed to load board data file:-2

jack@jack-pc:~$ uname -a
Linux jack-pc 6.8.0-111-generic #111~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Tue Apr 14 17:13:45 UTC  x86_64 x86_64 x86_64 GNU/Linux

Does anyone know what the problem is?

I've been encountering plenty of problems in Kubuntu 26.04 that won't let me use my PC normally:

1. Translucently and wobble window effects get reapplied after each reboot without my consent.

2. Chrome on xorg with using the built-in classic option from appearance aka colors, the title bar buttons disappear when I try to type on the address bar.

3. Plymouth animation appears during transition from sddm to desktop (I have selected None as a transition).

4. The locale on the time widget in taskbar rejects any effort to be changed and still uses the Greek time format ΠΜ, ΜΜ, When I clearly set it to American am pm. I use Greek only for the keyboard.

I have to note that I also use klassy. I seriously need to find a solution because the name implies LTS and I am disappointed.

I am using plasma 6.6.4. just upgraded.

I see still 1 package ready for upgrade :

Erweiterte Sicherheitswartung (ESM) für Applications ist aktiviert.

1 Aktualisierung kann sofort angewendet werden.

entering the expected command results in :

 sudo apt  upgrade
Paketlisten werden gelesen… Fertig
Abhängigkeitsbaum wird aufgebaut… Fertig
Statusinformationen werden eingelesen… Fertig
Paketaktualisierung (Upgrade) wird berechnet… Fertig
Die folgenden Pakete werden aktualisiert (Upgrade):
  ubuntu-pro-client
1 aktualisiert, 0 neu installiert, 0 zu entfernen und 0 nicht aktualisiert.
7 nicht vollständig installiert oder entfernt.
Es müssen noch 0 B von 259 kB an Archiven heruntergeladen werden.
Nach dieser Operation werden 1.024 B Plattenplatz zusätzlich benutzt.
Möchten Sie fortfahren? [J/n] j
(Lese Datenbank ... 150166 Dateien und Verzeichnisse sind derzeit installiert.)
Vorbereitung zum Entpacken von .../ubuntu-pro-client_37.2ubuntu~24.04_amd64.deb ...
Entpacken von ubuntu-pro-client (37.2ubuntu~24.04) über (37.1ubuntu0~24.04) ...
dpkg: Fehler beim Bearbeiten des Archivs /var/cache/apt/archives/ubuntu-pro-client_37.2ubuntu~24.04_amd64.deb (--unpack):
 Versuch, »/etc/apt/apt.conf.d/20apt-esm-hook.conf« zu überschreiben, welches die umgeleitete Version von »/etc/apt/apt.conf.d/20apt-esm-hook« ist
dpkg-deb: Fehler: »einfügen«-Unterprozess wurde durch Signal (Datenübergabe unterbrochen (broken pipe)) getötet
Fehler traten auf beim Bearbeiten von:
 /var/cache/apt/archives/ubuntu-pro-client_37.2ubuntu~24.04_amd64.deb
needrestart is being skipped since dpkg has failed
E: Sub-process /usr/bin/dpkg returned an error code (1)

I've already tried :

 sudo dpkg --remove --force-remove-reinstreq ubuntu-pro-client

sudo dpkg --configure -a
sudo apt-get install ubuntu-pro-client

without any success

Any idea how to get dpgk back in sync ?

I now finally could fix this issue. The main problem, as mentioned above, had been this errormessage :

trying to overwrite '/etc/apt/apt.conf.d/20apt-esm-hook.conf', which is also the redirected version of '/etc/apt/apt.conf.d/20apt-esm-hook'

I can remember, that I played around this area during the initial installation of this system, to get rid of the advertisment messages, but it did not succeed. So I tried to reverse all my modifications, which also included to delete the file "20apt-esm-hook", which I used to save the original configuration. Now,as there had been ubuntu-pro-client was in queue to be updated itself, dpkg was complaining about this modification and was missing this file. I copied again the original "20apt-esm-hook.conf" into "20apt-esm-hook" and started sudo dpkg-divert --remove /etc/apt/apt.conf.d/20apt-esm-hook, which now finished successfully. Subsequent apt-get upgrade, including the ubuntu-pro-client, succeedeed also.

Background: I am trying to revive a neglected 22.04.4 Ubuntu (Lubuntu, actually) machine that lost its network connectivity, presumably due to an upgrade effecting its Realtek PCIe Gbe network card. That's a common problem, lots of traffic on it. The solution is to downgrade the kernel, or, in my case, probably to upgrade it (most of the solutions written about it were written before there was a widely available patch). The only prior kernel patch I had available (I forget the number) failed to resolve the problem.

I am running apt-offline 1.8.5 on both the online and offline machines.

My problem isn't about the offline machine, but someone is bound to ask. The offline machine a dual boot machine. The network card works fine in Windows, and it also works fine when I boot off a live USB running 24.04, although that may be a generic driver. I'm assuming the problem's been fixed in the past two years.

The best solution seems to be apt-offline. The offline machine generates an update sig just fine, the online machine reads the update sig without issue, downloads a bunch of files and generates the desired update data. The offline machine reads the update data just fine and throws an appropriate number of green messages to the screen saying it has synced various sources. Producing the upgrade sig also looks like it proceeds normally.

The trouble comes when I try to get the data requested by the upgrade sig using the online machine. It cannot access a single file. Every one of them fails with a 403 Forbidden. The machine is connected. I am using it to write this message. It can get to the repos, because I have gone through the cycle s a few times with different options, and it can always get the upDATE information, just never the upGRADE information.

I took a look in in the upgrade sig file, copied all the source URLs into an HTML doc, and used a browser to download all of them (I was tired enough to give up on thinking but not tired enough to give up, so I just right clicked on all 320 odd links and downloaded them). Not a single one failed. It really doesn't look like a permissions issue. The URLs are reachable from the online machine and active. The file sizes are all correct.

I tried setting the cache to the folder I dumped the files to, but some of them (about 60) had names that were different from the downloaded basename and failed. The other 260 or so were zipped up into the target file successfully. I parsed the signature file and renamed all those files with basenames different from their handles in the sig file, but that had no effect (I suspect when the two names in the sig file are different, it uses some combination of the two, but includes only the basename in the verbose error messages, not what is is looking for in the cache).

The simplest thing is to figure out what's going on with the apt-offline download of the upgrade files, instead of trying to hack around it.

The command I used is:
sudo apt-offline get upgrade.sig --threads 5 --bundle upgrade.zip --verbose

A snippet (every single file looks like this) of the verbose output is (I reran it with --threads 1 to stop interleaved messages):

ERROR: Failed to download libatomic1                                                                                        
VERBOSE: Item before split is: 'http://security.ubuntu.com/ubuntu/pool/main/g/gcc-12/libquadmath0_12.3.0-1ubuntu1%7e22.04.3_amd64.deb' libquadmath0_12.3.0-1ubuntu1~22.04.3_amd64.deb 153976 MD5Sum:81479a10a57088dc284c55cbe3a96515                    
                                                                                                                            
VERBOSE: Item after split is: 'http://security.ubuntu.com/ubuntu/pool/main/g/gcc-12/libquadmath0_12.3.0-1ubuntu1%7e22.04.3_amd64.deb' libquadmath0_12.3.0-1ubuntu1~22.04.3_amd64.deb 153976 MD5Sum:81479a10a57088dc284c55cbe3a96515                     
                                                                                                                            
VERBOSE: Stripped item URL is: http://security.ubuntu.com/ubuntu/pool/main/g/gcc-12/libquadmath0_12.3.0-1ubuntu1%7e22.04.3_amd64.deb                                                                                                                    
VERBOSE: Stripped item FILE is: libquadmath0_12.3.0-1ubuntu1~22.04.3_amd64.deb                                              
VERBOSE: Stripped item SIZE is: 153976                                                                                      
VERBOSE: Stripped item CHECKSUM is: MD5Sum:81479a10a57088dc284c55cbe3a96515                                                 
VERBOSE: Thread is Thread-1 (run)                                                                                           
Downloading libquadmath0 - 150 KiB                                                                                          
VERBOSE: http://security.ubuntu.com/ubuntu/pool/main/g/gcc-12/libquadmath0_12.3.0-1ubuntu1%7e22.04.3_amd64.deb - 403 - Forbidden                                                                                                                        
VERBOSE: Will still try with other package uris                                                                             
ERROR: Failed to download libquadmath0               

The procedure I used seemed straightforward, taken straight from many examples. I might be missing something super simple. I do the update and upgrade in separate steps, specifically to avoid the desynchronization issue I've seen mentioned. Obviously, I am copying the files between computers on a USB after each step.

On offline machine: sudo apt-offline set update.sig --update
On online machine: sudo apt-offline get update.sig --threads 5 --bundle update.zip
On offline machine: sudo apt-offline install update.zip
On offline machine: sudo apt-offline set upgrade.sig --upgrade
On online machine: sudo apt-offline get upgrade.sig --thread5 --bundle upgrade.zip

That last line is where it fails, and fails on every single file. The file upgrade.zip is empty (size 0). When I use the manually downloaded results to build a cache, I'm pretty sure it has data, but I don't think a partial update is a great idea.

For my first time I installed Kubuntu with the encryption option using a live USB. It was automatically done creating a lvm partition and LUKS encrypted it, and it worked fine.

I had CPU load (Plasmashell process) problems on Kubuntu 25.10, and then tried to early upgrade to 26.04. It was not a good idea or I made mistakes. I really have to reinstall from a live USB (that works fine without CPU overload).

Before crypting my computer, I always had set up /home partitions. Last install, I accepted default config for crypting the computer. That gives a big luks volume, lvm inside, and just a big ext4 partition inside, with only / (no specific partition for /home).

It is the first time I have to reinstall without the protection for /home partition. (I had high cpu load with plasmashell process, before ans after upgrade, trying to correct made the things too complicate, so reinstall , using liveusb).

Inside the LUKS container, I worked on lvm to separate / and /home (yes, I made backups before), but in the installer I did not find any way to reinstall Kubuntu on / partition I made. It was going to take all the LUKS volume.

Do I have to understand that installing in LUKS partition does not let us the choices off partitions to use, or I did not find the way to do that?

Even if I lose everything this time, I would like to use a separate /home partition in the LUKS container for the next reinstallation in a few years. How is this possible?

I have a test system with two physical disks. I'm trying to recreate a setup I used to use years ago where I could span volumes across said physical disks. I never considered it a complicated setup but, I can't seem to duplicate it with ubiquity. When I did this last, the installer was still text based and that doesn't seem to be an option these days. I attempted the following within the Ubuntu 26.04 Live environment.

My two physical drives, in this example, are /dev/sda & /dev/sdb. I went looking for the equivalent commands and I think I got close. What I did is below:

1. I created partitions for the EFI boot stuff and LVM: sudo fdisk /dev/sda

   1. Made one primary partition, about 1GB

      1. Flagged it ef for EFI (/dev/sda1)

   2. Made a logical/extended partition for the rest of the drive

      1. Flagged it 8e for Linux LVM (/dev/sda2)

2. I created created one logical/extended on the second drive: sudo fdisk /dev/sdb

   1. Flagged it 8e for Linux LVM (/dev/sdb1).

3. I then used LUKS to encrypt the partitions that will be used for the system:

   1. sudo cryptsetup open /dev/sda2 crypt_drive1 && sudo cryptsetup open /dev/sdb1 crypt_drive2

4. I then opened those encrypted partitions:

   1. sudo cryptsetup open /dev/sda2 crypt_drive1 && sudo cryptsetup open /dev/sdb1 crypt_drive2

5. I then set up a volume group with some logical volumes:

   1. sudo pvcreate /dev/mapper/crypt_drive1 /dev/mapper/crypt_drive2

   2. sudo vgcreate vg_system /dev/mapper/crypt_drive1 /dev/mapper/crypt_drive2

   3. sudo lvcreate -L 8G -n lv_swap vg_system

   4. sudo lvcreate -l 100%FREE -n lv_root vg_system

At this point, I figured I was good to go so I fired up the installer wizard and tried to run through the installer. When I got to the partition setup, I selected the option for a manual setup and expected to see my logical volumes available but didn't. I was able to select /dev/sda as my boot device and it set dev/sda1 as the boot partition but, it's not showing the logical volume stuff. Below, is a screenshot of where I'm stuck. I'm sure I missed a step. Where did I go wrong?

No LTS by Ubuntu-Mate, no hesitation, please only indicate the current state. I would prefer it would be going on.

My current system configuration is as follows:

• CPU: AMD Ryzen 9 9950X3D
• Motherboard: MSI MAG X870E
• RAM: DDR5-6000
• PSU: PX-2200

I am currently experiencing issues on Ubuntu 24.04 where installing the NVIDIA graphics driver leads to an infinite boot logo loop and a black screen.

While investigating the issue, I came across reports suggesting possible compatibility problems between the RTX PRO 6000 Blackwell and certain MSI motherboards.

I would appreciate it if anyone who is successfully using the RTX PRO 6000 in an Ubuntu development environment could share their motherboard model and a stable hardware configuration.

In particular, I would also like to know whether this GPU has known issues with specific chipsets (e.g., X870E), or whether the problem is more likely related to BIOS settings or driver configuration.

Ubuntu TLS 24.04.3. Using df all of the filesystems except /usr show /dev/mapper/vg_root-lv..; /usr shows /dev/disk/by-id/dm-uuid-LVM-HpclzdbfvlleSS0aQI85ZzJQLBWB0kAUbKUaYbbzqfTcOcBp9evoFYRJuFz0Sqr0.

Partial output of df -h:

/dev/mapper/vg_root-lv_root                                                     
               15G  3.2G   11G  23% /                                           
/dev/disk/by-id/dm-uuid-LVM-HpclzdbfvlleSS0aQI85ZzJQLBWB0kAUbKUaYbbzqfTcOcBp9evo
FYRJuFz0Sqr0  4.9G  2.3G  2.4G  49% /usr 

Maybe not a big deal, but it makes the output of df difficult to read.

• Has anyone else run into this before?
• Is there a fix?

Thank you

Fresh Ubuntu install, get invalid partition Table at start. If I press enter, or F2, Ubuntu starts O K. Boot option list= Legacy,Advanced Boot Options= Enable Legacy Option ROMS, is enabled. Secure boot off. SSD is MBR. Any thoughts? Dell Latitude E6540

I've recently set up an ubuntu server on an old Dell Optiplex. I can remote in via ssh when on the same network. However, when I try to ssh in from a different network using the public IP, I get the following error:

kex_exchange_identification: Connection closed by remote host

I have searched this error on this forum as well as many others and have tried many different ways to fix this error, but nothing has worked so far. I have port forwarded to the server's static IP, I've allowed OpenSSH and opened port 22 on my server through UFW, and I've set up a VPN that connects my computer to my network. None of these have worked so far.

What am I doing wrong? If anyone has any other ideas that I could try, or anything that I should quadruple check that would be fantastic. Thanks so much.

My install had the /home folder inside /. I wanted to add a separate /home partition, so I created a small backup partition on a different drive, added it to /etc/fstab, and used rsync with -aXS to move my old /home folder to this new partition. I then did a fresh install with a /home partition. Now I would like to move my files back from the old /home folder into the new /home directory. What is the best way to do this?

What I tried: sudo rsync -aXS /home_backup/. /new_home_partition/. as per this guide

This copied the old /home folder itself into the /home partition (i.e. it created /home/home), which is not what I wanted. I figured I could run the same command, but on the subfolders within the backup folder rather than on the folder itself. Is this the best way to go about it?

I saw this similar question, but as I understand it, cp will not preserve information like permissions and links. I also saw this question, but I don't know how to work with tarballs (and I'm not positive the OP's situation is the same). Any help would be appreciated, as I'm by no means an expert!

P.S. What is the best command to remove all files from the fresh /home partition before copying the backup files into it?

Edit: Looks like I was able to resolve this, but I still don't know what happened (added a comment below).

I am trying to set up a Dual Boot Ubuntu 20.04 - preinstalled Windows 10 Pro on a Thinkpad X1 Carbon 7gen.

Problem:
I cannot find the bootable Ubuntu Live USB in the Boot Menu and therefore not setup a dual boot.

The setup:

• Lenovo Thinkpad X1 Carbon 7th
• BIOS MODE UEFI with BIOS Version LENOVO N2HET47W (1.30), 3/18/2020

What have I done:

• Created Ubuntu 20.04 Live USB using Rufus using Partition Scheme GPT, Target System UEFI(non CSM), File System FAT32
• Tried with disabled and not-disabled secure boot, disabled fast startup
• Confirmed the Ubuntu 20.04 Live USB works with a Lenovo Thinkpad E480 with UEFI and BIOS Version LENOVO R0PET63W (1.40), 03/01/2020

Help would be much appreciated ;)

This is the same issue as here: Getting openconnect vpn to work through gui , but my additions to it were deleted and I was asked to create a new question.

In fact, there are a number of folks asking similar questions here, all with 0 responses.

Software versions: Ubuntu 14.04, openconnect 5.02

Main issue: I'm trying to add a VPN connection into network-manager, using openconnect. when i supply my VPN username and password, it connects successfully, but i can't resolve DNS.

If I run openconnect in the terminal via sudo, DNS works.

sudo openconnect -u <username> https://<vpn concentrator name>

More details:

1a. When connecting via openconnect and network-manager even though I've explicitly added DNS and a search domain under the ipv4 tab, only the search domain ends up in /etc/resolv.conf. Even if I don't supply DNS and search domains, I can see in the logs that it's getting that information from the VPN concentrator. Again, the search domain is updated properly. [log below]

1b. When connecting via sudo in a terminal, resolv.conf is populated properly with DNS and search domains even though I haven't added that information in the command line or provided a path to a vpnc-script. It must be getting it from the VPN concentrator. [log also below]

2a. When connecting via openconnect and network-manager, a new interface 'vpn0' is created.

2b. When connecting via sudo and command line, a new interface 'tun0' is created.

Log when connecting via network-manager:

NetworkManager[784]: <info> Starting VPN service 'openconnect'...
NetworkManager[784]: <info> VPN service 'openconnect' started (org.freedesktop.NetworkManager.openconnect), PID 4513
NetworkManager[784]: <info> VPN service 'openconnect' appeared; activating connections
NetworkManager[784]: <info> VPN plugin state changed: init (1)

This is where it asks for my password

NetworkManager[784]: <info> VPN plugin state changed: starting (3)
NetworkManager[784]:    SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/vpn0, iface: vpn0)
NetworkManager[784]:    SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/vpn0, iface: vpn0): no ifupdown configuration found.
NetworkManager[784]: <warn> /sys/devices/virtual/net/vpn0: couldn't determine device driver; ignoring...
NetworkManager[784]: <info> VPN connection '<connection name>' (Connect) reply received.
openconnect[4544]: Attempting to connect to server <ip address>:443
openconnect[4544]: SSL negotiation with <correctly identified vpn server>
openconnect[4544]: Connected to HTTPS on <correctly identified vpn server>
openconnect[4544]: Got CONNECT response: HTTP/1.1 200 OK
openconnect[4544]: CSTP connected. DPD 30, Keepalive 20
NetworkManager[784]: <info> VPN connection '<connection name>' (IP Config Get) reply received.
NetworkManager[784]: <info> VPN connection '<connection name>' (IP4 Config Get) reply received.
NetworkManager[784]: <info> VPN connection '<connection name>' (IP6 Config Get) reply received.
NetworkManager[784]: <info> VPN Gateway: <ip address>
NetworkManager[784]: <info> Tunnel Device: vpn0
NetworkManager[784]: <info> IPv4 configuration:
NetworkManager[784]: <info>   Internal Address: 10.xxx.xxx.xxx
NetworkManager[784]: <info>   Internal Prefix: 19
NetworkManager[784]: <info>   Internal Point-to-Point Address: 10.xxx.xxx.xxx
NetworkManager[784]: <info>   Maximum Segment Size (MSS): 0
NetworkManager[784]: <info>   Forbid Default Route: no
NetworkManager[784]: <info>   Internal DNS: <ip address>
NetworkManager[784]: <info>   Internal DNS: <ip address>
NetworkManager[784]: <info>   DNS Domain: '(none)'
NetworkManager[784]: <info> IPv6 configuration:
NetworkManager[784]: <info>   Internal Address: <ipv6 ip>
NetworkManager[784]: <info>   Internal Prefix: 64
NetworkManager[784]: <info>   Internal Point-to-Point Address: <ipv6 ip>
NetworkManager[784]: <info>   Maximum Segment Size (MSS): 0
NetworkManager[784]: <info>   Forbid Default Route: no
NetworkManager[784]: <info>   DNS Domain: '(none)'
openconnect[4544]: Connected vpn0 as <ip address> + <ipv6 ip>, using SSL
openconnect[4544]: Established DTLS connection (using OpenSSL)
NetworkManager[784]: <info> VPN connection '<connection name>' (IP Config Get) complete.
NetworkManager[784]: <info> Policy set '<connection name>' (vpn0) as default for IPv4 routing and DNS.
NetworkManager[784]: <info> Policy set '<connection name>' (vpn0) as default for IPv6 routing and DNS.
NetworkManager[784]: <info> Writing DNS information to /sbin/resolvconf
dnsmasq[1027]: setting upstream servers from DBus
dnsmasq[1027]: using nameserver 127.0.0.1#53 for domain 10.in-addr.arpa
dnsmasq[1027]: using nameserver 127.0.0.1#53 for domain <home search domain>
dnsmasq[1027]: using nameserver 127.0.0.1#53 for domain <vpn search domain>
dnsmasq[1027]: using nameserver <ip address>#53 for domain 10.in-addr.arpa
dnsmasq[1027]: using nameserver <ip address>#53 for domain <home search domain>
dnsmasq[1027]: using nameserver <ip address>#53 for domain <vpn search domain>
dnsmasq[1027]: using nameserver <ip address>#53 for domain 10.in-addr.arpa
dnsmasq[1027]: using nameserver <ip address>#53 for domain <home search domain>
dnsmasq[1027]: using nameserver <ip address>#53 for domain <vpn search domain>
dbus[471]: [system] Activating service name='org.freedesktop.nm_dispatcher' (using servicehelper)
NetworkManager[784]: <info> VPN plugin state changed: started (4)
NetworkManager[784]:    keyfile: updating /etc/NetworkManager/system-connections/<connection name>-6a503043-13b0-4ce7-9749-29cd3054cae3
dbus[471]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'

Despite all the noise in the log about updating resolv.conf it removes the nameservers but doesn't replace them with the IP addresses in the log. It does update the search domain correctly, so it's likely not a permissions issue.

Log when connecting using sudo openconnect in a terminal:

NetworkManager[784]:    SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun0, iface: tun0)
NetworkManager[784]:    SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found.
NetworkManager[784]: <warn> /sys/devices/virtual/net/tun0: couldn't determine device driver; ignoring...
dbus[471]: [system] Activating service name='org.freedesktop.hostname1' (using servicehelper)
kernel: [ 3258.725774] systemd-hostnamed[4927]: Warning: nss-myhostname is not installed. Changing the local hostname might make it unresolveable. Please install nss-myhostname!
dbus[471]: [system] Successfully activated service 'org.freedesktop.hostname1'

Nothing about updating resolv.conf, and yet it properly updates the name servers and the search domain.

Update If I ignore all the warnings in resolv.conf and add the vpn concentrator nameservers to it, I'm instantly able to browse. Of course as soon as I disconnect, those changes are overwritten.

there was a bug on this, back in 2012, but it expired. The issue seems to be the vpnc script.

I tried manually updating my vpnc-scripts to the latest versions, but to no avail.

Some further research turns up that as of 12.04 resolv.conf is no longer where nameservers go for dns resolution when using network-manager. That's why it works when I use the command line, but not when using network-manager. Rather the nameserver 127.0.1.1 [dnsmasq] is added and that nameserver is told the IP addresses of the actual nameservers.

The big advantage is that if you connect to a VPN, instead of having all your DNS traffic be routed through the VPN like in the past, you’ll instead only send DNS queries related to the subnet and domains announced by that VPN.

Update Disabling dnsmasq as explained in link above solves the issue because /etc/resolv.conf is populated.

This is not a real solution though, it's a fallback.