How to remove a broken Linux kernel not installed with apt? https://askubuntu.com/questions/1566560/how-to-remove-a-broken-linux-kernel-not-installed-with-apt

When I boot up, the default kernel is 6.17.0-14-generic. This kernel doesn't have any modules associated with it and can't unlock my disk. I have to manually switch to 6.8.0-111-generic via GRUB, but if the system skips the GRUB menu, I have to unplug the computer to stop it from acting up.

All the sources I've seen on removing a kernel say to simply remove it with apt, but this kernel version isn't installed with apt. If I try to apt list 'linux-*' --installed, I get all the valid kernels, but not the broken one. How do I remove it?

What, if anything, is needed to fix "Dirty Frag" on Ubuntu? https://askubuntu.com/questions/1566558/what-if-anything-is-needed-to-fix-dirty-frag-on-ubuntu

I saw Dirty Frag: Universal Linux LPE, which claims to give a root shell (!) on 24.04.

What do I need to do to ensure my system is safe? How do I patch my system?

Recommended Ubuntu version and virtualization tool for Apple A18 Pro chips https://askubuntu.com/questions/1566556/recommended-ubuntu-version-and-virtualization-tool-for-apple-a18-pro-chips

i am trying to download the correct Ubuntu Server image for a device running the Apple A18 Pro chip.I want to confirm which release is the standard choice or if there are specific builds required for Apple's latest silicon. I plan to run this via Virtual Machine. Thank you

Ubuntu Server 26.04 fails to detect other distro on disk https://askubuntu.com/questions/1566555/ubuntu-server-26-04-fails-to-detect-other-distro-on-disk

I have Zorin OS 17.1 Pro installed. I want to install Ubuntu Server 26.04 in multi-boot configuration. However, Ubuntu fails to detect the existing Zorin installation.

Dell Optiplex 7010 <br>
Architecture:                x86_64 
  CPU op-mode(s):            32-bit, 64-bit
  Address sizes:             36 bits physical, 48 bits virtual
  Byte Order:                Little Endian
CPU(s):                      4
  On-line CPU(s) list:       0-3
Vendor ID:                   GenuineIntel
  Model name:                Intel(R) Core(TM) i5-3470S CPU @ 2.90GHz

NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS
sda      8:0    0 476.9G  0 disk 
├─sda1   8:1    0     1M  0 part 
├─sda2   8:2    0   513M  0 part /boot/efi
└─sda3   8:3    0 476.4G  0 part /
sr0     11:0    1  1024M  0 rom  

Any help is appreciated.

Unmet dependencies in Nvidia driver packages Ubuntu 24.04 LTS https://askubuntu.com/questions/1566551/unmet-dependencies-in-nvidia-driver-packages-ubuntu-24-04-lts

This week my OS updated a few packages and after the update my nvidia drivers stopped working. I was using nvidia-driver-580-open and tried switching to nvidia-driver-590. The computer still felt laggy so I tried switching back to the 580 drivers but I ran into the following issue

    Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 linux-modules-nvidia-580-open-generic-hwe-24.04 : Depends: linux-modules-nvidia-580-open-6.17.0-23-generic (= 6.17.0-23.23~24.04.1+1) but it is not going to be installed
                                                   Depends: nvidia-kernel-common-580 (>= 580.142) but 580.126.09-0ubuntu0.24.04.2 is to be installed
E: Unable to correct problems, you have held broken packages.

I also tried using

ubuntu-drivers autoinstall

as well as purging, updating and re-installing the drivers.

I am using Ubuntu 24.04 LTS and have a 3060 RTX Mobile

Currently I've tried the 570 and they showed the same issue as the 590, laggy, without smooth transitions in the desktop and couldn't run games. And I've also tried the 535 drivers that led me to have to log in with tty4 to purge them.

When I try to manually install the packages manually

sudo aptitude -f install nvidia-kernel-common-580 
The following NEW packages will be installed:
  nvidia-firmware-580-580.126.09{a} nvidia-kernel-common-580 

I tried looking online and I couldn't find nvidia-kernel-common-580.142 available anywhere

After trying many solutions from Unable to correct problems, you have held broken packages, none of them worked as when I perform the install I do not have any nvidia related packages on my computer.

Currently the only drivers that somehow work are the Xorg drivers and that's what I'm trying to switch from into nvidia drivers.

It seems to me like the packages are still not available but I cannot confirm the issue is on my side

Thunderbird automatically deletes my mails https://askubuntu.com/questions/1566548/thunderbird-automatically-deletes-my-mails

This happens since the update to 26.04. I have tried two different repositories(standard and the Mozilla launchpad), but without difference. The Thunderbird version is 140.10.1esr and I use the default settings (no change since install).

Problem:
I use Thunderbird as always, but for some reason, at some occasion, it starts to delete my mail folders! Luckily only locally, but after that, they have to be downloaded again from the mailserver via IMAP, which is slow. I DID NOT allot this task, it just happens since 26.04 or the latest Thunderbird version. I have lost some messages finally due to this misbehavior. Thunderbird help pages suggested, that a virus scanner may automatically delete the files due to suspicious signatures in the database files. But I don't have one installed. I recently just installed the vanilla Kubuntu 26.04 version and since that, the problem appears and persists. It doesn't affect only new or old messages, but rather all of them.

The behavior is that after downloading all files from a folder, e.g. "Inbox", some time later there comes a message in the status bar

Deleted 897 messages from folder.

and the folder is empty again :-O

Questions:

  • Has anyone experienced a similar problem?
  • Is the problem related to Kubuntu or Thunderbird?
  • How can this be fixed?
What does the number in a circle indicator mean that is associated with the Files icon? https://askubuntu.com/questions/1566546/what-does-the-number-in-a-circle-indicator-mean-that-is-associated-with-the-file

as the title suggest...What does the number in a circle indicator mean that is associated with the Files icon?

Kubuntu 24.04, move file to Ext.-USB-device (ntfs), get all ways an error indication /home/dir../file not found https://askubuntu.com/questions/1566545/kubuntu-24-04-move-file-to-ext-usb-device-ntfs-get-all-ways-an-error-indica

My system :

Operating System: Kubuntu 24.04
KDE Plasma Version: 5.27.12
KDE Frameworks Version: 5.115.0
Qt Version: 5.15.13
Kernel Version: 6.8.0-111-generic (64-bit)
Graphics Platform: Wayland
Processors: 8 × AMD Ryzen 5 3500U with Radeon Vega Mobile Gfx
Memory: 13.6 GiB of RAM
Graphics Processor: AMD Radeon Vega 8 Graphics
Manufacturer: ASUSTeK COMPUTER INC.
Product Name: VivoBook_ASUSLaptop X515DA_M515DA
System Version: 1.0

New installed as second Desktop (alongside MATE).

EXT-Usb mounted via fstab :

UUID=948A8A348A8A1342    /media/mnt/WD_3T_Ext      ntfs-3g         defaults,nls=utf8,umask=0000,nofail,windows_names  0       0

Did for minidlna :

chmod 755 /home/user
chmod 755 /home/user/Videos
chmod 755 /home/user/Musik

Behaviour : A file will be selected via Dolphin -> context Menu move -> context Menu Insert file (the respective directory of the USB-HDD) :

After the file has been copied, I receive an error message : "File does not exist", it does mean the former file in home.

But the moved file does exist in the USB-Device, and it is also deleted in home, but visible in home and via F5 not visible any more. The move operation itself is correct, except F5 must be pressed.

USB to USB same problem as above

Vice versa (USB to home) no problem

home to SD-Card no problem

No problems I had with move operations + caja (Mate).

Any Idea to solve this problem, to remove the "wrong error indication" ?

Ubuntu Dell machine does not really wake up from suspension https://askubuntu.com/questions/1566544/ubuntu-dell-machine-does-not-really-wake-up-from-suspension

My Ubuntu 24.04.4 LTS is installed on a dual-boot Dell Inc. Precision 5490 machine.

Every time I close my laptop's lid and the machine goes in suspension mode, when I get the lid up again the machine shows the screen with date and time but does not awake when I press enter or any other keys. The only thing I have been able to do at that point is to brute force power down by holding the power button pressed. This happens randomly, not all the times. I would prefer not doing this as forcing the machine to turn off this way might compromise the disk. What can I do?

Problem with NVIDIA drivers (maybe) https://askubuntu.com/questions/1566543/problem-with-nvidia-drivers-maybe

Ive had a fairly smooth experience on Kubuntu, only switched from Windows some time around X-Mas so I'm fairly new to linux. But a bit ago i had to mess around a little with the NVIDIA drivers. Don't remember why or what i did exactly and nothing seems to work badly ATM. But every time i log into the OS now i get this message:

32-bit NVIDIA driver files were not found on your host system. It is recommended that you install them for the best experience. To install:

sudo dpkg --add-architecture i386
sudo apt update
sudo apt install libnvidia-gl-595:i386

Entering the first line makes me type in my password and then does nothing anyway.

3rd line gives me this:

Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package libnvidia-gl-595:i386 is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package 'libnvidia-gl-595:i386' has no installation candidate

I did go to the GitHub link that came with the message for more info, but it did not help. I also asked the AI to find me some solution to this, but it did not help. So the question is how do I get this installed? And if there for some reason is no way around this does it even matter? I don't want to ignore this and have it cause problems in the future because like I said things seem to work fine despite this message.

Why does GNOME Shell 49 on Ubuntu 25.10 ignore every new .desktop file I add, even after reinstalling gnome-shell and creating a brand new user? https://askubuntu.com/questions/1566542/why-does-gnome-shell-49-on-ubuntu-25-10-ignore-every-new-desktop-file-i-add-ev

I'm hitting a wall with what seems to be a deep GNOME indexing issue and would really appreciate any insight from people who have seen something similar. I've been at this for many hours with no luck, and I've ruled out pretty much every standard hypothesis. The problem

Any .desktop file I add to ~/.local/share/applications/ does not appear in the GNOME application overview when I press the Super key. Same thing happens for .desktop files added with sudo to /usr/share/applications/. Only applications that were already indexed before this issue started, plus Snap and Flatpak apps, are visible. New ones are completely ignored, regardless of where I put them. This is not a "they appear with wrong icon" or "they're hidden in a folder" situation. They're simply not in the index at all. gtk-launch Nmap returns "no such application", gio launch ~/.local/share/applications/Nmap.desktop returns "Unable to load application information". My setup

Ubuntu 25.10 (Questing) GNOME Shell 49.0 Kernel 6.17.0-23 Wayland session Indexer is localsearch (Ubuntu 25.10 replaced tracker3 with this) Hardware: Ryzen 9 9950X, RTX 5080, ASUS ROG STRIX B650E-E

Example .desktop file

This passes desktop-file-validate cleanly (only an informational hint about the Security category, no errors):

[Desktop Entry]
Version=1.0
Type=Application
Name=Nmap
GenericName=Network Scanner
Comment=Network exploration tool and security scanner
Exec=gnome-terminal -- bash -c "/usr/bin/nmap -h; exec bash"
Icon=/home/stronk/Imagens/Icones/nmap.jpeg
Terminal=false
Categories=Network;Security;
Keywords=network;scanner;security;
StartupNotify=false

file says it's pure ASCII with LF line endings, no BOM. xdg-mime query filetype correctly identifies it as application/x-desktop. gio info confirms metadata::trusted: true. Permission is -rwxr-xr-x.

Things I have already tried (none made any difference)

File-level:

Validated syntax with desktop-file-validate (clean). Checked encoding/line-endings (LF, ASCII, no BOM). Set chmod +x. Set GIO metadata::trusted true. Pasta with 755 permission. Added every optional Desktop Entry field I could think of (Version, GenericName, Comment, Keywords, StartupNotify).

Environment:

XDG_DATA_HOME was empty in the session. Added XDG_DATA_HOME=/home/stronk/.local/share to /etc/environment. Verified that gnome-shell itself now has the variable set, by reading /proc/$(pidof gnome-shell)/environ. No effect. ~/.config/mimeapps.list had application/x-desktop=org.gnome.TextEditor.desktop (which made .desktop files open in the text editor when double-clicked). Removed it. No effect on the indexing issue.

Caches and resets:

update-desktop-database runs successfully both on user and system folders. mimeinfo.cache updates with the right timestamp. Full reboot: no change. TimeShift restoration to three different snapshots from earlier in the day: no change. Renamed ~/.local/share/gnome-shell/ to force regeneration: no change. Cleared ~/.cache/gnome-shell/: no change. Disabled all GNOME extensions (tilingshell, blur-my-shell, just-perfection-desktop, ding, snapd-prompting, tiling-assistant, ubuntu-appindicators, ubuntu-dock): no change. dconf reset -f /org/gnome/desktop/app-folders/: no change. Removed an empty ~/.config/menus/applications-merged/xdg-desktop-menu-dummy.menu (oddly owned by docker group, probably side effect of installing BloodHound via Docker): no change. sudo apt install --reinstall gnome-shell gnome-shell-common: no change.

Cross-user verification (this is what makes me think it's a system bug):

Created a brand new user via sudo adduser teste and logged into their fresh session through GDM. Same exact issue. The new user also can't see the system-wide .desktop files I added to /usr/share/applications/. This rules out anything in /home/stronk/.

Suspicious things I see in logs When I press Super and type a query, journalctl --user -f shows the shell activating various search providers via DBus:

Activating service name='org.gnome.Settings.SearchProvider' Activating service name='org.gnome.Nautilus' Activating service name='org.gnome.Calculator.SearchProvider' Activating service name='org.gnome.Characters' Activating service name='org.gnome.clocks' Activating service name='org.gnome.seahorse.Application' [11+ recurrent calls in a tight loop]

There is nothing about AppSystem or AppDisplay in the logs when I search. The shell seems to query only registered search providers via DBus, never consulting the local app index for new entries. There's also a recurrent warning that I find odd:

gnome-shell: Ignoring search provider /usr/share/gnome-shell/search-providers/seahorse-search-provider.ini: missing DesktopId This warning is wrong. The .ini file does have DesktopId=org.gnome.seahorse.Application.desktop, the seahorse package is installed (47.0.1-2), and the corresponding .desktop file exists in /usr/share/applications/. Even after disabling that search provider entirely (by renaming the .ini to .disabled), the application indexing issue did not change. Another anomaly: every login, three of my extensions get silently disabled by the shell — tilingshell, blur-my-shell, just-perfection-desktop. They show up disabled in gnome-extensions list --enabled even though I enabled them in the previous session. This suggests the extension subsystem is unstable, but the indexing issue persists even with all extensions disabled.

My current hypothesis

The AppSystem/AppDisplay subsystem of GNOME Shell 49 on Ubuntu 25.10 is broken in some way that:

Survives reboot. Survives TimeShift restoration (TimeShift excludes /home by default, so user state isn't reverted, but system files are — and the issue persisted). Survives gnome-shell package reinstall. Affects a freshly created user account on the same machine.

This points to corruption either in the GNOME 49 packages shipped with Ubuntu 25.10, in some shared system state (/var/, mutter caches, glib state), or in a dependency of gnome-shell beyond gnome-shell-common.

Questions for the community

Has anyone seen this on Ubuntu 25.10 (Questing) or any GNOME 49 setup? Is there a known regression?

Is there a known location, beyond ~/.local/share/gnome-shell/ and ~/.cache/gnome-shell/, where shell-level app cache could persist? Are there other packages I should reinstall along with gnome-shell and gnome-shell-common? I was thinking mutter, gnome-session, ubuntu-session, gnome-shell-extension-prefs, but wanted to ask before pulling the trigger.

Is there a way to ask the running gnome-shell to fully drop and rebuild its app index without a full system rebuild? Could this be related to the new localsearch (replacing tracker3 in Ubuntu 25.10)? Has it changed anything in how the shell discovers apps?

Any pointer is welcome. I'd rather not reinstall the OS, but I'm running out of ideas. Thanks in advance.

Install ROCm 7.2 instead of 7.1 on Ubuntu 26.04 LTS – or update coming? https://askubuntu.com/questions/1566539/install-rocm-7-2-instead-of-7-1-on-ubuntu-26-04-lts-or-update-coming

I've been eagerly waiting for Ubuntu 26.04 LTS because I knew ROCm would be installed automatically with it. Now I'm disappointed to see it's only ROCm 7.1.0 / 7.1.1 which does not work well with newer AMD Strix Halo designs like AMD RYZEN AI MAX+ 395 with Radeon 8060S (gfx1151).

To get the full potential of this GPU and NPU, I have to use ROCm 7.2 and later. First question is:

  • Should I install ROCm 7.2 myself despite there is not even an installation guide for Ubuntu 26.04 in the official documentation yet, or
  • eagerly wait for a ROCm update to come to Ubuntu 26.04 via system updates?

I would happily wait 1 or 2 months, but if this update is not to be expected in the near future then I most likely would have to do it myself. How to start?

No USB audio after waking from sleep on Ubuntu Studio 26.04 https://askubuntu.com/questions/1566537/no-usb-audio-after-waking-from-sleep-on-ubuntu-studio-26-04

I just installed Ubuntu Studio 26.04

I went into Pulse Audio Volume Control and selected the 'Pro Audio' option for my Focusrite Scarlett 3rd Gen USB interface. I do this for the best results.

In 24.04 this caused no problems. But now there is no USB audio when I wake the laptop from sleep. If I change the Pulse Audio Volume Control to default then the problem goes away but I want it on the Pro Audio option for lower latency.

Any advice appreciated

Best

Matt

Reset KDE-Plasma in RED OS [closed] https://askubuntu.com/questions/1566536/reset-kde-plasma-in-red-os

I am very new in Linux system. I messed up with icons and themes settings and do not know how to change it back. I installed Color Folder (or something like this) which enable changing color of a folder from context menu, but then I removed it too. I installed different icons themes (like Candy Icons), but I also removed them. Some of the standard themes work well, but when I set up Breeze all the icons look different.

breeze theme icons

(it is Dolphin manager).

And look at "data" folder. on the left panel. It has a completely different appearance.

left side menu

It is not just different. It has blue color, but Color Folders was removed. It is same folder and there is no .desktop folder inside. AI helped me to remove it, but now I think that AI probably did many things wrongly, so I would like to reset all my graphical interface, all user settings to very default. If possible, I want to keep files and apps settings. I guess it possible in Linux to reset only a part of system, right? I believe the Linux is the place where the possible and the impossible meet to become the poss-imp-ible. If not, I am ready to reset whole system I think, but I really want to find another way. I guess Linux keeps the history of the appearance changes which I made up.

System info:

RED OS 8.0.2
KDE-Plasma 5.27.11
KDE Frameworks 5.115.0
Qt 5.15.14
core 6.12.69-1.red80.x86_64
Graphics platform: X11

Why pkg-config udev is empty on Ubuntu 26.04 https://askubuntu.com/questions/1566534/why-pkg-config-udev-is-empty-on-ubuntu-26-04

Why pkg-config --variable=udevdir udev provides nothing on Ubuntu 26.04? Full code

sudo apt-get update 
sudo apt-get install libudev-dev
pkg-config --variable=udevdir udev
Hide Ubuntu desktop icons (Ubuntu 22.04.5 LTS) https://askubuntu.com/questions/1566533/hide-ubuntu-desktop-icons-ubuntu-22-04-5-lts

I have been running Ubuntu with an Ubuntu desktop for years. I had a sidebar with about 8 icons I chose, but no icons cluttering up the desktop itself; I launch everything else from the command line. However, a few days ago after a spontaneous installation of new software, the Ubuntu desktop has a icon for every file in my home area.
All the answers I have seen, either they do not work or I do not understand them (e.g.select from Menu - what menu?). Please can anyone explain how to hide all the desktop icons, starting from the terminal with all commands I need, or some setting I have missed in Settings? Thanks.

PS I am currently using the Gnome desktop option but it does not have a sidebar I can add a few icons to and it is less convenient for switching or moving terminals etc. between desktops.

Gnome search misses many files in windows drive https://askubuntu.com/questions/1566532/gnome-search-misses-many-files-in-windows-drive

I have a windows drive mounted using dislocker. I added one of its folders to the search providers in Gnome preferences and checked Files (nautilus). Some files inside that folder can be found using Gnome search, others cannot, and I am unable to spot any difference between those. It looks like Gnome indexes that drive only partially.

I tried the localsearch command. It finds all files very well, but I am not sure this is what nautilus uses internally.

Is this a known issue?

How to install libjavascriptcoregtk-4.0.so.18? https://askubuntu.com/questions/1566530/how-to-install-libjavascriptcoregtk-4-0-so-18

I'm running UBUNTU 26.04 LTS. To install the code VESTA (molecular viewer) system it informs me that it needs libjavascriptcoregtk-4.0.so.18. How I can proceed?

Latest update broke private key loading stack on 26.04... only me? https://askubuntu.com/questions/1566526/latest-update-broke-private-key-loading-stack-on-26-04-only-me

The latest upgrade few days ago broke my desktop private key loading stack, in the sense that I have a passphrase protected private key, and I am used to SSH login to other sites with that key. The "normal behaviour" is that after any reboot Gnome ask your host password and somehow with that password it can open the private key and the SSH works normally. Now, I still have the pop-up asking my user/host password (not the passphrase), but the SSH login attempt just do nothing. I need to manually add the key with ssh-add ~/.ssh/id_rsa, and then it works.

Am I the only one with this strange behaviour ? Any workaround to get it back that the login "open automatically" the private key ?

My HP notebook only boots with nomodeset https://askubuntu.com/questions/1566525/my-hp-notebook-only-boots-with-nomodeset

Without nomodeset it boots to a black screen. I have an HP laptop with an AMD Ryzen 5 5500U with Radeon Graphics. I tried with amdgpu.dc =0, I checked the amdgpu drivers, and I reinstalled the firmware, but none of them solved the problem.

Edit:
I'm using Ubuntu Desktop 26.04LTS. From the very beginning since I installed the system I have needed nomodeset

With journalctl -k -b-1 I found:

ACPI BIOS Error (bug): Could not resolve symbol [\_SB.PCI0.SBRG.EC0.Z009], AE_NOT_FOUND (20251212/psargs-332)    
x86/amd: Previous system reset reason [0x08000800]: an uncorrected error caused a data fabric sync flood event    
ACPI BIOS Error (bug): Could not resolve symbol [\_SB.PCI0.SBRG.EC0.Z009], AE_NOT_FOUND (20251212/psargs-332)
why the + after nfs mounted files when there is no additional attributes https://askubuntu.com/questions/1566517/why-the-after-nfs-mounted-files-when-there-is-no-additional-attributes

Up through release 24.04, when I look at a list of files on an NFS mount using the ls -l command, I see the permissions then the number of hard links, then owner . . .

On 26.04 When I look at a similar list of files on an NFS mount using the ls -l command, I see a plus (+) sign after the permissions.

I found some discussion of the plus sign at the spot meaning there were additional attributes which could be viewed with the getfacl command. On both 24.04 where there isn't a plus to the right of permissions as well as on 26.04, where I do see the + to the right of the permissions, in both cases getfacl shows no additional information, just

# file:
# owner:
# group:
user::rw-
group::rw-
other::r--

So why does 24.04 show -rw-rw-r-- yet 26.04 shows -rw-rw-r--+

Interesting, in 26.04 (as per a comment here) gnuls -l gives the same result as ls -l in 24.04. gnuls is not found in my Xbuntu 24.04 system.

Perhaps this is a change to the ls command as of 26.04?

Secure Boot Certificate in QEMU Ubuntu 24.04 for Windows Guest https://askubuntu.com/questions/1566505/secure-boot-certificate-in-qemu-ubuntu-24-04-for-windows-guest

I have a computer running Ubuntu 24.04 LTS desktop where I have QEMU/KVM running. One of the guest OS is Windows 11. This VM has secure-boot on as required by Windows. The secure boot certificates originally issued in 2011 will expire next month. The new certificates were issued in 2023.

It looks like my VM is not using the new certificates. When I check the secure boot status from within Windows guest, it says:

Secure boot is on, but your device is using an older boot trust configuration that should be updated. There is not yet enough data to classify your device for automatic update.

The XML tab of the Overview section of the Virtual Machine Manager shows in part:

    <loader readonly="yes" secure="yes" type="pflash">/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader>
    <nvram template="/usr/share/OVMF/OVMF_VARS_4M.ms.fd">/var/lib/libvirt/qemu/nvram/win11_VARS.fd</nvram>

The files OVMF_CODE_4M.ms.fd and OVMF_VARS_4M.ms.fd have the modified date of December 10, 2025. The file OVMF_CODE_4M.ms.fd is linked to OVMF_CODE_4M.secboot.fd in the folder /usr/share/OVMF/.

I looked at the OMVF UEFI configuration menu and couldn’t find anything regarding the secure boot certificates or anyway to add new ones.

My searches have led to some solutions for Red Hat, and Proxmox, but nothing specific to Ubuntu.

Here is the Windows 11 System log:

Log Name:      System
Source:        Microsoft-Windows-TPM-WMI
Date:          5/6/2026 2:37:16 PM
Event ID:      1801
Task Category: None
Level:         Error
Keywords:      
User:          SYSTEM
Computer:      Dev1-Win11
Description:
Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. 
Review the published guidance to complete the update and maintain full protection. 
This device signature information is included here.
DeviceAttributes: 
BaseBoardManufacturer:;
FirmwareManufacturer:Ubuntu distribution of EDK II;
FirmwareVersion:2024.02-2ubuntu0.8;
OEMModelNumber:Ubuntu 24.04 PC (Q35 + ICH9, 2009);OEMModelBaseBoard:;
OEMModelSystemFamily:;OEMManufacturerName:QEMU;OEMModelSKU:;OSArchitecture:amd64;
BucketId: 2a0656131aa2862c533c820200125d8c3c845a85144dde851c754bc22261465a
BucketConfidenceLevel: No Data Observed - Action Required
UpdateType: 
For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018

Q: How do I make sure that the OMVF is using the secure boot certificates from 2023?


Update:

Thanks to Andrei's post in Stack Exchange I booted the VM from the Ubuntu 24.04 ISO in the Try Ubuntu mode and used the following commands:

mokutil --db > before
grep Subject: before
mokutil --kek | grep Subject:
sudo apt update
sudo apt install curl efivar
curl -LO https://github.com/microsoft/secureboot_objects/raw/refs/heads/main/PostSignedObjects/Optional/DB/amd64/DBUpdate2024.bin
sudo efivar -n d719b2cb-3d3a-4596-a3bc-dad00e67656f-db -f ./DBUpdate2024.bin -a -A 0x27
mokutil --db > after
grep Subject: after

Output

Subject: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Production PCA 2011
Subject: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Corporation UEFI CA 2011
Subject: C=US, O=Microsoft Corporation, CN=Windows UEFI CA 2023

On booting back to Windows, I asked for the Bitlocker recovery passphrase.

Now in Windows powershell commands I get one "True" and two "False":

([System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI kek).bytes) -match ‘Microsoft Corporation KEK 2K CA 2023’)
False
([System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI db).bytes) -match ‘Windows UEFI CA 2023’)
True
([System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI db).bytes) -match ‘Microsoft option rom UEFI CA 2023’)
False

New Question

Do I need to update these remaining two certificates? If so how?

Thanks

openssh-server post-installation script error (exit status 10) and SSH not working https://askubuntu.com/questions/1566463/openssh-server-post-installation-script-error-exit-status-10-and-ssh-not-worki

I’m encountering an issue where openssh-server fails during configuration, and SSH is currently not working on my system.

This error appears during package operations, even when I’m not explicitly trying to install openssh-server.

What happens

During apt/dpkg operations, I see:

Setting up openssh-server (1:9.6p1-3ubuntu13.16) ...
dpkg: error processing package openssh-server (--configure):
 installed openssh-server package post-installation script subprocess returned error exit status 10
Errors were encountered while processing:
 openssh-server

What I’ve tried

  1. Re-running configuration:
sudo dpkg --configure -a

Same error persists.


  1. Running the post-install script manually with debugging:
sudo bash -x /var/lib/dpkg/info/openssh-server.postinst configure

This didn’t produce any obvious error output, and the last line is `exec /usr/share/debconf/frontend /var/lib/dpkg/info/openssh-server.postinst configure which tells me that something to do with package configuration is failing.


  1. Regenerating SSH host keys:
sudo rm -f /etc/ssh/ssh_host_*
sudo ssh-keygen -A

Keys were generated successfully, but the issue remains.

  1. Restore ssh config:
sudo cp /usr/share/openssh/sshd_config /etc/ssh/sshd_config

Observations

  • SSH into this machine is not functioning.

  • The openssh-server package is broken.

  • The post-installation script consistently exits with status 10.


Research

I found that post-installation script failures can be caused by misconfiguration or missing files, but most solutions suggest reinstalling or purging the package. I haven’t found a clear explanation for exit status 10 specifically or how to resolve it without risking further issues.

Previously, I have used this sequence of commands to fix similar errors:

rm -rf /var/lib/dpkg/info/<packagename>* (in this case openssh*)

dpkg --configure -a

Fix package post-installation script subprocess returned error exit status 10 for libpaper1:amd64

Error reinstalling isc-dhcp-server "post installation script returned error exit status 255"

Like in the above posts, which has fixed the error temporarily, but probably messed up the dpkg package lists or something.

The issue keeps coming back, it's a different package or packages every time so it seems like an issue with dpkg or a corrupt filesystem.

Any ideas what is causing this issue, and how I can resolve it without reinstalling the system?

Update: I got ssh server working again, but still seeing the error on install/configure. getting closer. these are the commands that fixed it and my logic behind them

sudo cp /usr/share/openssh/sshd_config /etc/ssh/sshd_config

-- there was no sshd config until i copied it from here

--- then uncommented the host keys in that file, and generated them. made sshd user

grep -n "HostKey" /etc/ssh/sshd_config

2140 ls -l /etc/ssh/sshd_config.d

2141 sshd -T | grep hostkey

2142 sudo nano /etc/ssh/sshd_config

2143 sshd -t

2145 ls -l /etc/ssh/ssh_host_*

2146 namei -l /etc/ssh/ssh_host_rsa_key

2147 sudo ssh-keygen -lf /etc/ssh/ssh_host_rsa_key

2148 sshd -T | head -50

2149 lsattr /etc/ssh/ssh_host_rsa_key

2150 mount | grep " / "

2151 sudo rm -f /etc/ssh/ssh_host_*

2152 sudo ssh-keygen -A

2153 sudo ls -l /etc/ssh/ssh_host_*

2154 sudo /usr/sbin/sshd -t -f /etc/ssh/sshd_config

2155 getent passwd sshd

2156 id sshd

--- no sshd user??

2157 sudo adduser --system --no-create-home --group sshd

2158 getent passwd sshd

2159 sudo sshd -t -f /etc/ssh/sshd_config

2161 sudo mkdir -p /run/sshd

2162 sudo chmod 755 /run/sshd

2163 sudo sshd -t -f /etc/ssh/sshd_config

2164 sudo systemctl restart ssh

2165 systemctl status ssh --no-pager

2166 sudo dpkg --configure -a

2167 sudo apt -f install

--- still seeing the error here but the server is up and i can connect from another machine

Boinc Manager (fresh install) is Unable to initialize GTK+ on Ubuntu 24.04.3 LTS https://askubuntu.com/questions/1563370/boinc-manager-fresh-install-is-unable-to-initialize-gtk-on-ubuntu-24-04-3-lts

I have a fresh install of Ubuntu Ubuntu 24.04.3 LTS with all updates also installed. I installed Boinc Manager from the first source that I found in App Center: Snap package, which is also more recent (8.2.8) than the Debian package (7.24.1).

But it won't start:

$ boinc.manager 
Gtk-Message: Not loading module "atk-bridge": The functionality is provided by GTK natively. Please try to not load it.
Error: Unable to initialize GTK+, is DISPLAY set properly?

$DISPLAY is ":0" and I also tried setting it to ":0.0" or ":1", doesn't work, but ":0" seems to be correct anyway.

Unsupported hypervisor https://askubuntu.com/questions/1518671/unsupported-hypervisor

When I tried to install Ubuntu 24.04 on virtual machine, an error message appeared (see attached photo). But I could bypass the message and installed Ubuntu 24.04 on virtual machine on my windows 10 laptop which is Dell Inspiron. The error messageThee problem here is Ubuntu window is taller than physical window, hence have to move the window up and down. I have installed Kali linux on the virtual machine without any issue.

Repair corrupt GPT partition table of OSX disk from Linux https://askubuntu.com/questions/1115944/repair-corrupt-gpt-partition-table-of-osx-disk-from-linux

My wife's OSX laptop won't boot. I've pulled the drive out and plugged it into a USB adapter and can see it from my Ubuntu laptop.

When I plug it and run gdisk I get the following output:

matthewh@drone:~$ sudo gdisk /dev/sdc
GPT fdisk (gdisk) version 1.0.3

Warning! Disk size is smaller than the main header indicates! Loading
secondary header from the last sector of the disk! You should use 'v' to
verify disk integrity, and perhaps options on the experts' menu to repair
the disk.
Caution: invalid backup GPT header, but valid main header; regenerating
backup header from main header.

Partition table scan:
  MBR: protective
  BSD: not present
  APM: not present
  GPT: damaged

****************************************************************************
Caution: Found protective or hybrid MBR and corrupt GPT. Using GPT, but disk
verification and recovery are STRONGLY recommended.
****************************************************************************

Command (? for help): p
Disk /dev/sdc: 976773167 sectors, 465.8 GiB
Model:  FA GOFlex Desk 
Sector size (logical/physical): 512/512 bytes
Disk identifier (GUID): F660E686-2651-434C-BC89-334BFB8D3282
Partition table holds up to 128 entries
Main partition table begins at sector 2 and ends at sector 33
First usable sector is 34, last usable sector is 976773134
Partitions will be aligned on 8-sector boundaries
Total free space is 13 sectors (6.5 KiB)

Number  Start (sector)    End (sector)  Size       Code  Name
   1              40          409639   200.0 MiB   EF00  EFI System Partition
   2          409640       975503591   465.0 GiB   AF00  Untitled 1
   3       975503592       976773127   619.9 MiB   AB00  Recovery HD

Command (? for help): v

Problem: The secondary header's self-pointer indicates that it doesn't reside
at the end of the disk. If you've added a disk to a RAID array, use the 'e'
option on the experts' menu to adjust the secondary header's and partition
table's locations.

Problem: Disk is too small to hold all the data!
(Disk size is 976773167 sectors, needs to be 976773168 sectors.)
The 'e' option on the experts' menu may fix this problem.

Identified 2 problems!

Command (? for help): q

What's the recommended course of action at this point?

And I should point out that the drive is a Samsung 840 Evo. I think I need to upgrade the firmware as I hear there was a bug. Could the corruption be related?

unattended-upgrades do not work properly https://askubuntu.com/questions/1063822/unattended-upgrades-do-not-work-properly

I have

Welcome to Ubuntu 16.04.5 LTS (GNU/Linux 4.15.0-24-generic x86_64)

15 packages can be updated.
7 updates are security updates.

I watched this several weeks and tried so many things to fix it, but I cant get it run. Unattended-upgrades do not upgrade my server.

I installed

# apt-get install unattended-upgrades
Reading package lists... Done
Building dependency tree
Reading state information... Done
unattended-upgrades is already the newest version (0.90ubuntu0.9).
0 upgraded, 0 newly installed, 0 to remove and 9 not upgraded.

# apt-get install apt-listchanges
Reading package lists... Done
Building dependency tree
Reading state information... Done
apt-listchanges is already the newest version (2.85.14ubuntu1).
0 upgraded, 0 newly installed, 0 to remove and 9 not upgraded.

This is my /etc/apt/apt.conf.d/10periodic

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";

This is my /etc/apt/apt.conf.d/50unattended-upgrades

Unattended-Upgrade::Allowed-Origins {
        "${distro_id}:${distro_codename}";
        "${distro_id}:${distro_codename}-security";
        "${distro_id}ESM:${distro_codename}";
        "${distro_id}:${distro_codename}-updates";
};

Unattended-Upgrade::Package-Blacklist {
        "open-vm-tools";
};

Unattended-Upgrade::AutoFixInterruptedDpkg "true";
Unattended-Upgrade::MinimalSteps "true";
Unattended-Upgrade::InstallOnShutdown "true";
Unattended-Upgrade::Mail "root";
Unattended-Upgrade::MailOnlyOnError "true";
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot-Time "07:00";
Acquire::http::Dl-Limit "0";

This is what I have in log-file /var/log/unattended-upgrades/unattended-upgrades.log

INFO Initial blacklisted packages: open-vm-tools
INFO Initial whitelisted packages:
INFO Starting unattended upgrades script
INFO Allowed origins are: ['o=Ubuntu,a=xenial', 'o=Ubuntu,a=xenial-security', 'o=UbuntuESM,a=xenial', 'o=Ubuntu,a=xenial-updates']
INFO Initial blacklisted packages: open-vm-tools
INFO Initial whitelisted packages:
INFO Starting unattended upgrades script
INFO Allowed origins are: ['o=Ubuntu,a=xenial', 'o=Ubuntu,a=xenial-security', 'o=UbuntuESM,a=xenial', 'o=Ubuntu,a=xenial-updates']

Does anyone have a clue what is wrong?

How to recover EFI boot? https://askubuntu.com/questions/828203/how-to-recover-efi-boot

I have a dell 15R notebook that used to work very well with windows 10 and ubuntu 16.04.

Today after an apparently normal update the ubuntu desktop became unresponsible than I have to turn it off using power button.

after that I tried to boot again and then I got a bad surprise. it failed. :(

Now the boot menu is not appearing anymore, it is booting directly into windows

could someone give me a help, please?


after trying Boot Repair tool the machine have boot into the Windows 10 directly.

The I turn it off and on pressing F12.

In the boot page I saw that Ubuntu and Windows are there and the mode if EFI Secure Off

Fortunately I was able to boot ubuntu selecting it in the menu. and did some backup :)

The strange is that grub menu that was presented is full of new entries some related to EFI.

The link for the Boot Repair report is http://paste2.org/MPhXHdbP (before) and http://paste2.org/n6v0XDZM

Any idea ?

Where is system settings in Lubuntu 14.04? https://askubuntu.com/questions/545576/where-is-system-settings-in-lubuntu-14-04

I need to get to the sound settings and change the output to HDMI.

From the menu, bottom left, I can choose System Tools or Preferences but neither contains a link to sound settings, which apparently is where I change it.

How do I list all options a file system is mounted with? https://askubuntu.com/questions/502089/how-do-i-list-all-options-a-file-system-is-mounted-with

Both mount and cat /proc/mounts do not give me all the options I specified in the 'options' field in /etc/fstab.

For example, this is in my /etc/fstab:

# <file system>                                 <mount point>   <type>  <options>                                       <dump>  <pass>
UUID=1afaad96-8aa3-4283-95a4-20510e5b3fbb      /               ext4    rw,async,exec,nouser,suid,errors=remount-ro     0       1

But the output of mount just gives me this (mount -v doesn't work either):

/dev/sda6 on / type ext4 (rw)

And `cat /proc/mounts:

rootfs / rootfs rw 0 0

How can I check with what options my file systems are mounted?