MiHoYo - Honkai: Star Rail
3030 字
15 分钟
openSUSE 的一些随便的解
为什么要换 openSUSE
因为前一阵子的 AUR 被攻击事件导致的,选择了一个避难的系统,原本用的是 Fedora KDE Plasma Desktop Edition
结果因为一些奇奇怪怪问题(如达芬奇因大蟒蛇无法使用,Chromium 类软件会偶发性卡顿)以及当时 Plasma 6.5 推送的时候导致桌面崩溃还历历在目,笔记本上,性能默认调度也不行
所以换成了一个 KDE Friendly,同为德国信创一份子的 openSUSE
但是 SUSE 有些地方不太行,所以需要靠这个随机的解
首先来点祖传的 fastfetch
╭────── User : ne0w0r1d@Ne0-Cyrene⠀⠀⠀⠀⠀⠀⠀⠀⠀⣰⠂⠀⢠⠀⢀⡞⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ │ System Information⠀⠀⠀⢰⢀⠀⠀⠀⣰⡇⠀⡆⡄⢠⡏⠀⠀⠀⠀⠀⠀⠀⠀⠀⡆⠀⠀⠀⠀⠀ │ OS openSUSE Tumbleweed x86_64⠀⠀⠀⢸⢸⡆⠀⢴⢷⡧⣼⣇⣀⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣧⠀⠀⠀⠀⠀ │ Kernel Linux 6.17.9-1-default⠀⠀⠀⢸⣿⣇⠀⢹⠀⢧⠀⣧⢸⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⢹⠀⠀⠀⠀⠀ │ Uptime 6 hours, 50 mins⠀⠀⠀⢸⠉⢻⣦⣾⣶⣾⣌⠛⣌⢸⠀⠀⠀⠀⡐⠀⠀⠀⣠⢿⢸⠀⠀⠀⠀⠀ │ Packages 4463 (rpm), 32 (flatpak), 5 (linglong)⡀⠀⠀⢸⢰⡿⢻⣼⣿⣦⢱⠁⠉⠸⠀⡀⢠⡞⠁⠀⢀⡜⠉⣾⣾⢀⣴⠀⠀⠀ │⠀⠉⠉⢸⡀⠇⡟⣿⣿⢏⠏⠃⢰⠷⢻⠗⠋⢀⡠⡲⢟⡚⠲⠻⢑⢟⣿⠀⡄⠀ │ Desktop Environment⠀⠀⠀⠘⠁⠀⠸⠦⠄⠊⠀⠀⠀⠈⠉⠛⠋⠉⣷⣟⣿⣛⢻⢫⣁⣾⢇⣼⠃⠀ │ DE KDE Plasma 6.5.3⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢱⢿⣿⣿⢠⠡⡟⠵⡏⡘⠀⠀ │ WM KWin (Wayland)⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⠀⠀⠀⠸⡘⢛⡡⠃⣠⢧⡾⠐⠕⡱⡠ │ Theme Breeze⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠂⠀⠀⠀⠈⠈⠀⠀⢈⡴⣩⣴⡤⡞⡻⠓ │ Shell bash 5.3.3⠀⠀⠀⢠⠀⠀⠀⠀⢀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⡠⠋⡝⠀⡧⠁⠀ │⠀⠀⠀⢸⣧⡀⠀⠀⠀⠩⣐⠂⠤⢀⠀⠀⠀⠀⠀⠀⠀⢀⠔⠁⢀⠧⠚⠁⠀⠀ │ Hardware Information⠀⠀⠀⣸⣿⡷⣄⠀⠀⠀⠈⠉⠁⠀⠀⠀⠀⠀⠀⢀⢴⢃⠠⠊⢹⠀⢠⡆⠀⠀ │ CPU 12th Gen In el(R) Core(TM) i7-12700H (20) @ 4.70 GHz⠀⡠⠊⢸⣿⡇⠈⢢⡀⠀⠀⠀⠀⣀⡀⡤⠔⡖⠈⠁⡸⡘⠀⠀⡄⠀⢸⠁⠀⠀ │ GPU NVIDIA GeForce RTX 3060 Mobile / Max-Q [Discrete]⠁⠀⠀⢸⣿⡇⠀⠀⠹⠶⠿⠟⠋⢁⠜⠣⡀⡇⠀⠀⣿⠁⠀⢠⠀⠀⠿⠀⠀⠀ │ GPU Intel Alder Lake-P Integrated Graphics Controller @ 1.40 GHz [Integrated]⠀⠀⠀⢸⣿⡇⠀⠀⠀⠀⠀⠀⢠⠎⠀⠀⠈⠲⡀⠀⡟⠀⠀⡌⠀⠀⡆⠀⠀⠀ │ GPU Driver nvidia (open source) 580.105.08⠀⠀⠀⢸⣿⣷⠀⠀⠀⠀⣀⡴⠃⠀⠀⠀⠀⠀⠙⣾⡇⠀⠀⠁⠀⢸⠁⠀⠀⡀ │ GPU Driver xe │ Memory 5.46 GiB / 7.47 GiB (73%) │ Disk (/) 80.67 GiB / 134.10 GiB (60%) - btrfs │ │ ● ● ● ● ● ● ● ● ╰───────────────────────────────╯NOTEbash 的 ## 为注释、# 为超级用户模式
NVIDIA
首先先更新
NOTEopenSUSE 有的 NOVIDEO 最友好的体验,由 SUSE 负责打包,NVIDIA 负责仓库 四舍五入相当于官方仓库
# zypper dup ## 对于 openSUSE 滚动版(风滚草系列)用户# zypper up ## 对于 openSUSE Leap 16 用户仓库
- 可以安装 openSUSE 提供的老黄仓库
# zypper in openSUSE-repos-<分支名,首字大写>-NVIDIAWARNING这种方式加的仓库是基于 openSUSE 的 RIS 服务,会重新打开 openSUSE 官方仓库,虽然 openSUSE 官方仓库有 Metalink 和 MirrorCache 这俩技术,但是只是加速下载而不会加速刷新,建议安装的时候自行关闭仓库
- 也可以自己手动添加老黄的仓库
# zypper ar -fcg 'https://download.nvidia.com/opensuse/tumbleweed' NVIDIA ## 对于openSUSE 滚动版用户# zypper ar -fcg 'https://download.nvidia.com/opensuse/leap/$releasever' NVIDIA ## 对于 LTS 版本 Leap 用户开始安装
根据 openSUSE Wiki,选择合适的显卡驱动,可根据如下提示(本人已补充 G06 和 G07 新信息)
NOTE注意:特定显卡映射到下面列出的命名约定。当你准备通过命令行安装驱动时,你将需要此信息。
G03 = driver v340 = GT8xxx/9xxx 设备的旧版驱动程序(通过社区用户,见下文)
G04 = driver v390 = GTX4xx/5xx Fermi 设备的旧版驱动程序
G05 = driver v470 = GeForce 600 系列驱动程序
G06 = driver v580 = GeForce 700 系列(Kepler)及更高版本(Maxwell、Pascal……)的驱动程序
G07 = GeForce RTX 20 系列(Turning)及更高版本的驱动程序(新驱动,版本号从 590 起跳,但是目前还没有用户层)
然后,如果是 G06 请根据 英伟达开发者技术博客:NVIDIA 全面转向开源 GPU 内核模块 选择合适自己的显卡模块,闭源内核模块请安装nvidia-driver-G06-kmp-meta或者,开源内核模块请安装nvidia-open-driver-G06-signed-kmp-meta,而 G07 则只有开源内核模块,G02 - G05 只有闭源内核模块
这里以开源内核模块为例子
# zypper in nvidia-open-driver-G06-signed-kmp-meta其他显卡可以根据上面引用,使用zypper se nvidia进行搜索
结果可能如下
$ zypper se nvidia正在加载软件源数据...正在读取已安装的软件包...
S | Name | Summary | Type---+---------------------------------------------------+-----------------------------------------------------------------------------+------- | bumblebee-status-module-nvidia | Displays GPU name, temperature and memory usage | 软件包 | bumblebee-status-module-nvidia-optimus-manager | GPU selection for NVIDIA optimus using optimus-manager | 软件包 | bumblebee-status-module-nvidia-prime | GPU selection for NVIDIA optimus using bbswitch | 软件包 | gkrellm-nvidia | A plugin for GKrellM and Nvidia GPUs | 软件包i | kernel-firmware-nvidia | Kernel firmware files for Nvidia Tegra and graphics drivers | 软件包i+ | kernel-firmware-nvidia-gsp-G06 | Kernel firmware file for open NVIDIA kernel module driver G06 | 软件包 | kernel-firmware-nvidia-gspx-G06 | Kernel firmware file for open NVIDIA kernel module driver G06 | 软件包 | kernel-firmware-nvidia-gspx-G06-cuda | Kernel firmware file for open NVIDIA kernel module driver G06 | 软件包 | libnvidia-egl-gbm-devel | Development package for libnvidia-egl-gbm | 软件包i | libnvidia-egl-gbm1 | The GBM EGL external platform library | 软件包i | libnvidia-egl-gbm1-32bit | The GBM EGL external platform library | 软件包 | libnvidia-egl-wayland-devel | Development package for libnvidia-egl-wayland | 软件包i | libnvidia-egl-wayland1 | The EGLStream-based Wayland external platform | 软件包i | libnvidia-egl-wayland1-32bit | The EGLStream-based Wayland external platform | 软件包 | libnvidia-egl-x11-devel | Development package for libnvidia-egl-x11 | 软件包i | libnvidia-egl-x111 | NVIDIA XLib and XCB EGL Platform Library | 软件包i | libnvidia-egl-x111-32bit | NVIDIA XLib and XCB EGL Platform Library | 软件包i | libnvidia-gpucomp | NVIDIA library for shader compilation (nvgpucomp) | 软件包i | libnvidia-gpucomp-32bit | NVIDIA library for shader compilation (nvgpucomp) | 软件包i | nvidia-common-G06 | Common files for the NVIDIA driver packages | 软件包i | nvidia-compute-G06 | NVIDIA driver for computing with GPGPU | 软件包i | nvidia-compute-G06-32bit | 32bit NVIDIA driver for computing with GPGPU | 软件包i | nvidia-compute-utils-G06 | NVIDIA driver tools for computing with GPGPU | 软件包 | nvidia-computeG04 | NVIDIA driver for computing with GPGPU | 软件包 | nvidia-computeG04-32bit | 32bit NVIDIA driver for computing with GPGPU | 软件包 | nvidia-computeG05 | NVIDIA driver for computing with GPGPU | 软件包 | nvidia-computeG05-32bit | 32bit NVIDIA driver for computing with GPGPU | 软件包 | nvidia-driver-G06-kmp-default | NVIDIA graphics driver kernel module for GeForce 700 series and newer | 软件包 | nvidia-driver-G06-kmp-longterm | NVIDIA graphics driver kernel module for GeForce 700 series and newer | 软件包 | nvidia-driver-G06-kmp-meta | Meta package to select proprietary nvidia driver | 软件包 | nvidia-drivers-G06 | Meta package for full installations (X, GL, etc.) | 软件包 | nvidia-drivers-insync-latest | Meta package to select proprietary/open nvidia drivers in sync | 软件包 | nvidia-drivers-minimal-G06 | Meta package for compute only installations | 软件包 | nvidia-gfxG04-kmp-default | NVIDIA graphics driver kernel module for GeForce 400 series and newer | 软件包 | nvidia-gfxG04-kmp-pae | NVIDIA graphics driver kernel module for GeForce 400 series and newer | 软件包 | nvidia-gfxG05-kmp-default | NVIDIA graphics driver kernel module for GeForce 600 series and newer | 软件包 | nvidia-gfxG05-kmp-longterm | NVIDIA graphics driver kernel module for GeForce 600 series and newer | 软件包i | nvidia-gl-G06 | NVIDIA OpenGL libraries for OpenGL acceleration | 软件包i | nvidia-gl-G06-32bit | 32bit NVIDIA OpenGL libraries for OpenGL acceleration | 软件包 | nvidia-glG04 | NVIDIA OpenGL libraries for OpenGL acceleration | 软件包 | nvidia-glG04-32bit | 32bit NVIDIA OpenGL libraries for OpenGL acceleration | 软件包 | nvidia-glG05 | NVIDIA OpenGL libraries for OpenGL acceleration | 软件包 | nvidia-glG05-32bit | 32bit NVIDIA OpenGL libraries for OpenGL acceleration | 软件包 | nvidia-libXNVCtrl | Library providing the NV-CONTROL API | 软件包 | nvidia-libXNVCtrl-devel | Development files for libXNVCtrl | 软件包i | nvidia-modprobe | NVIDIA kernel module loader | 软件包 | nvidia-open-driver-G06-signed-check | Post-build RPM inspection | 软件包 | nvidia-open-driver-G06-signed-cuda-check | Post-build RPM inspection | 软件包 | nvidia-open-driver-G06-signed-cuda-default-devel | Devel Package to nvidia-open-driver-G06-signed-cuda | 软件包 | nvidia-open-driver-G06-signed-cuda-kmp-default | NVIDIA open kernel module driver for GeForce 16 series (GTX 16xx) and newer | 软件包 | nvidia-open-driver-G06-signed-cuda-kmp-longterm | NVIDIA open kernel module driver for GeForce 16 series (GTX 16xx) and newer | 软件包 | nvidia-open-driver-G06-signed-cuda-longterm-devel | Devel Package to nvidia-open-driver-G06-signed-cuda | 软件包 | nvidia-open-driver-G06-signed-default-devel | Devel Package to nvidia-open-driver-G06-signed | 软件包i | nvidia-open-driver-G06-signed-kmp-default | NVIDIA open kernel module driver for GeForce 16 series (GTX 16xx) and newer | 软件包 | nvidia-open-driver-G06-signed-kmp-longterm | NVIDIA open kernel module driver for GeForce 16 series (GTX 16xx) and newer | 软件包i+ | nvidia-open-driver-G06-signed-kmp-meta | Meta package to select open nvidia driver in sync | 软件包 | nvidia-open-driver-G06-signed-longterm-devel | Devel Package to nvidia-open-driver-G06-signed | 软件包i | nvidia-persistenced | A daemon to maintain persistent software state in the NVIDIA driver | 软件包 | nvidia-settings | Configure the NVIDIA graphics driver | 软件包 | nvidia-texture-tools | NVIDIA Texture Tools | 软件包i | nvidia-userspace-meta-G06 | Meta package to autoselect NVIDIA userspace packages | 软件包 | nvidia-utils-G06 | NVIDIA driver tools | 软件包i+ | nvidia-vaapi-driver | Nvidia Driver for Video Acceleration (VA) API for Linux | 软件包i | nvidia-video-G06 | NVIDIA graphics driver for GeForce 700 series and newer | 软件包i | nvidia-video-G06-32bit | 32bit NVIDIA graphics driver for GeForce 700 series and newer | 软件包 | nvidia-xconfig | NVIDIA X configuration file editor | 软件包 | openSUSE-repos-Leap-NVIDIA | openSUSE NVIDIA repository definitions | 软件包i | openSUSE-repos-MicroOS-NVIDIA | openSUSE NVIDIA repository definitions | 软件包 | openSUSE-repos-Slowroll-NVIDIA | openSUSE NVIDIA repository definitions | 软件包 | openSUSE-repos-Tumbleweed-NVIDIA | openSUSE NVIDIA repository definitions | 软件包 | pcp-pmda-nvidia-gpu | Performance Co-Pilot (PCP) metrics for the Nvidia GPU | 软件包 | x11-video-nvidiaG04 | NVIDIA graphics driver for GeForce 400 series and newer | 软件包 | x11-video-nvidiaG04-32bit | 32bit NVIDIA graphics driver for GeForce 400 series and newer | 软件包 | x11-video-nvidiaG05 | NVIDIA graphics driver for GeForce 600 series and newer | 软件包 | x11-video-nvidiaG05-32bit | 32bit NVIDIA graphics driver for GeForce 600 series and newer | 软件包安全启动
开源内核模块 SUSE 已经帮你签完了名,登一下就能加载(不过会很卡建议注销一下) 闭源内核模块需要自己签名(避免因为 bash 格式问题,故使用 plaintext)
G06 签名
# mokutil --import /var/lib/nvidia-pubkeys/MOK-nvidia-driver-G0<X>-<driver_version>-<kernel_flavor>.der --root-pw其他显卡签名
# mokutil --import /var/lib/nvidia-pubkeys/MOK-nvidia-gfxG0<X>-<driver_version>-<kernel_flavor>.der --root-pw然后重启输入 root 密码
NOTE如果想自己设置签名的密码,请取消 —root-pw 这个 flag
Plymouth 低分辨率
这是因为驱动包没有为 initramfs 加入 NVIDIA 模块,可以在/etc/dracut.conf.d/新建一个文件,我这里叫做09-nvidia.conf
加入这一句话,加入 Xe 是因为我核显是 Xe 架构,可以使用测试版 XeDRM
force_drivers+="xe nvidia nvidia_modeset nvidia_uvm nvidia_drm"然后就
# dracut -fvNV-VAAPI 驱动
NOTE为了能够正常在 Chrome 编解码,推荐安装这个驱动
游戏可能打不开的情况
建议在游戏之前执行一次 nvidia-smi 看看,如果使用的 lutris,可以在 lutris 的高级设置里面加入预执行脚本 /usr/bin/nvidia-smi
NOTE也可以学我这样
在 ~/.config/systemd/user/novideo.service 加入如下的服务
[Unit]Description=WOL ServicesAfter=graphical-session.targetWants=graphical-session.target
[Service]Type=oneshootExecStart=/usr/bin/nvidia-smi
[Install]WantedBy=graphical-session.target然后 systemctl daemon-reload ; systemctl enable --now --user novideo.service
这样重启再登录就会自动执行
Zypper 设置
打开 MirrorCache GEOIP 重定向、未签名野包安装
openSUSE 的安全策略阻拦了用户使用 PackageKit 的方式安装 RPM 野包,默认也没开 GEOIP 跳转功能,可以按照以下方式
## 备份,可选择移动或者复制# cp/mv /etc/zypp/zypp.conf /etc/zypp/zypp.conf.backup## 选择自己喜欢的文本编辑器编辑# vim/nano/micro /etc/zypp/zypp.conf输入以下文本,复制备份的话你就不需要 [main] 这一行,但是下面的内容你需要复制到 [main] 之下
[main]repo.refresh.locales = cn, de # 设置仓库刷新地区download.use_geoip_mirror = true # 打开 GEO IP 跳转download.max_concurrent_connections = 5 # 设置最多并行量pkg_gpgcheck = off # 允许 RPM 未签名野包(不推荐,请自重),但无法允许签名有问题的野包multiversion = provides:multiversion(kernel) # 默认打开,如果你是直接编辑新文件的话需要加入这句话,允许多版本内核multiversion.kernels = latest,latest-1,running # 默认打开,如果你是直接编辑新文件的话需要加入这句话,允许保留的内核版本打开试验性的 Curl 2 + 并行下载
NOTE更新:1205 风滚草现在默认启用 如果没有用,可以设置如下环境变量
ZYPP_PCK_PRELOAD=1ZYPP_CURL2=1SELinux
允许用户栈上运行
# setsebool selinuxuser_execstack -P 1如果不这样设置,等着跑容器版的微信一级一些奇奇怪怪的被它拒绝吧 但是代价就是安全性会受到牺牲
NOTE哈吉米(Gemini)如是说:如果栈既能写又能执行(即开启了
execstack),就会非常危险。黑客可以利用**缓冲区溢出(Buffer Overflow)**漏洞,先把恶意代码(Shellcode)写进栈里,然后控制程序跳转到栈上去执行这段代码,从而攻破系统。
Howdy
在主目录(最好是在这),新建howdy.te文件
module howdy 1.0;
require { type lib_t; type xdm_t; type v4l_device_t; type sysctl_vm_t; class chr_file map; class file { create getattr open read write }; class dir add_name;}
#============= xdm_t ==============allow xdm_t lib_t:dir add_name;allow xdm_t lib_t:file { create write };allow xdm_t sysctl_vm_t:file { getattr open read };allow xdm_t v4l_device_t:chr_file map;然后
# checkmodule -M -m -o howdy.mod howdy.te# semodule_package -o howdy.pp -m howdy.mod# semodule -i howdy.pp(从 Howdy COPR 偷过来的)
编解码器
NOTE由于 SUSE 在美国有办事处,所以因专利授权和万恶的 Digital Millennium Copyright Act(DMCA)存在,我们要跟 Fedora 一样通过 RPMFusion 的方式来解决问题,只不过 SUSE 是叫做 PackMan
首先加入 PackMan 源
NOTE这里用中科大源做示例,大伙可以选择自己喜欢的镜像站
# zypper ar -fcg https://mirrors.ustc.edu.cn/packman/suse/openSUSE_Leap_\$releasever/ USTC:PACKMAN ## Leap 用户# zypper ar -fcg https://mirrors.ustc.edu.cn/packman/suse/openSUSE_Tumbleweed USTC:PACKMAN ## 风滚草用户# zypper ar -fcg https://mirrors.ustc.edu.cn/packman/suse/openSUSE_Slowroll USTC:PACKMAN ## 慢滚用户然后
# zypper dup --allow-vendor-change ## 慢滚和风滚草最好使用这个# zypper up --allow-vendor-change ## Leap 用户这样就可以了
HOWDY(Pam)
首先去 openSUSE 开放构建服务下载 Howdy Beta
然后照常设置 HOWDY
再在/usr/lib/pam.d/复制一些必要的 PAM 文件进 /etc/pam.d 做覆写,尤其是 common-auth
在文件顶部加入这两句话
auth sufficient pam_unix.so try_first_pass likeauth nullokauth sufficient pam_howdy.soPackageKit 安装 RPM 或更新时提示已按指示终止
这个一般是要么存在文件冲突,要么是没有签名
如果报错这个,请使用终端执行 sudo zypper in 看看情况
持续更新喵~
openSUSE 的一些随便的解
https://ne0w0r1d.top/posts/opensuse-issues/