Definite's Extractor

My findings on Life, Linux, Open Source, and so on.

Do not do the math with expr

expr EXPERSSION returns 1 when the EXPERSSION is empty or 0.  Thus, you cannot really use it to do arithmetic.

For example, you may find your script doing  expr 1 - 1  returns as error.

To be fair, man page expr actually mentions this. However, instead of a dedicate section EXIT STATUSES, it is hidden in the second last paragraph of DESCRIPTION.

So do yourself a favour, use BASH arithmetic like $((var+1)).


KDE connect makes your mobile life easier

KDE Connect connects between your mobile and Linux, wirelessly.

You can copy photos, videos, or other files from mobile, or vise versa.

You can use your mobile as remote control of Linux media player, or even wireless mouse and keyboard. On the other hands, the clipboard of mobile and Linux are shared, so you can use your favorite desktop keyboard and input methods on mobile applications, like Clash-of-Clans and WeChat. The mobile and Linux should be at the same subnet, though.

Another interesting way to use KDE Connect is replacing Yubikey. I use the Yubikey almost everyday. Consequently, it become loose contact, so I need to wiggle it to get the contact. KDE Connect with Google authenticator or FreeOTP Authenticator might to the trick.

AirDroid is feature richer, however, you need to register to AirDroid to use Airdroid, but with KDE Connect you just need to pair it, and the connection is encrypted. Most importantly, AirDroid is not open source.

So far, KDE connect is available in Google play and most major Linux distribution, including Fedora. iOS version is not yet in app store though.

GPG: no default secret key gpg

In Fedora, you may have both gpg and gpg2. The secret keys are stored in different ways.


which gpg gpg2

You might get:


If you do have both, run:

gpg2 --list-secret
gpg --list-secret

Suppose your gpg2 --list-secret returns nothing. You can then export from gpg then import to gpg2 like so:

gpg --export-secret-keys -a > secret.asc
gpg2 --import secret.asc

Note that pass phrase is required to export.
Finally, verify the import with

gpg2 --list-secret

You may encounter the error message: Unknown IPC command. The quick fix is set the environment variable LC_ALL=C

Chewable Fedora Atomic

Fedora Atomic is an operating system targets to containers. However, the documentation, for me, is very hard to read. In this document, I will share my adventure with Fedora Atomic, starting with post installation.

I have installed Fedora Atomic, now what?

Let’s say you want to install the tree and docker-compose for better understanding the directory structure of your new host; you also need to ping a host every hour; and of course, you want your shiny new docker application to be deploy to this machine.

Package Install with rpm-ostree

Read more of this post

Startup Sequences of Shells

It is quite confusing if you need to work with multiple, so I make following tables.


From section STARTUP/SHUTDOWN FILES of man page zsh

Interactive Login Non-Interactive Login Interactive Non-Login Non-Interactive Non-Login


From section INVOCATION of man page bash


Interactive Login Non-Interactive Login Interactive Non-Login Non-Interactive Non-Login

Then the first one that is readable amongst:


bash as sh

Interactive Login Non-Interactive Login Interactive Non-Login Non-Interactive Non-Login


tcsh does not seem care the interactive mode when start up. if environment version has lf, then csh.login and ~/.login will run before csh.cshrc and ~/.tcshrc, respectively.
From section Startup and shutdown of man page tcsh

Login Non-Login
First one that is readable amongst:


^A is shown when typing Ctrl-A zsh

zsh has a nasty/convenient behaviour: it will set vi binding for you if one of environment VISUAL or EDITOR has the command start with vi.

If you don’t like this, run bindkey -e to use the emac mode instead. Put it in your zshrc.

Install Google-Chrome in OpenStack RHEL 7 instances

We have automated tests that require runnable Google Chrome. Yet the Google Chrome kept crashing.

The first encountered is:

libGL error: failed to load driver: swrast
libGL error: Try again with LIBGL_DEBUG=verbose for more details.

This one is easy, install mesa-dri-drivers solved this.

Then cames:] : InitializeSandbox() called with multiple threads in process gpu-process

My initial guess was SELinux, but journalctl returns nothing about it. After a few hours, I thought, how about firefox? Maybe it helps to set the SELinux and install the missing dependencies? And… Tada, both Firefox and Google Chrome worked. Eventually, I dug out that Google Chrome requires fonts to works. Specifically, liberation-fonts-common and liberation-sans-fonts.

To sum up, following command worked for me:

sudo yum -y install mesa-dri-drivers liberation-fonts-common liberation-sans-fonts

Update for ChromeDriver user

If you are also use ChromeDriver. Be aware that ChromeDriver 2.31 and up requires, yet RHEL 7 only provide

Clamav: troubleshooting of clamdscan

clamdscan is much faster to run than clamscan, however, it requires clamd which is a bit harder to setup, so I have some tips for troubleshooting:

ERROR: Could not lookup : Servname not supported for ai_socktype

Usually you should check the permission, especially whether the current user is in group clamscan (the primary group of the clamd running user).

lstat() failed: Permission denied. ERROR

This is usually because clamd running does not have the permission to run the is run as non-root user.

So you will need to enlist User clamscan (the user that runs clamd). You need to logout and login to make that change effective.

If it is still failed with the same error messsage, it is still possible that you are fooled by ACL permission. Use getfact to check it. The reason? When you ls, you get:

drwxr-xr-x+ 2 testuser testuser 40 Jul 17 15:19 /tmp/test

But your actual ACL (getfacl /tmp/test)might look like:

getfacl: Removing leading '/' from absolute path names
# file: tmp/test
# owner: testuser
# group: testuer


The Clamav image is from

Google Trips V.S. TripIt

Google Trips does make you travel easier … if you make it’s life easier.

It automatically recognizes the email from big name booking websites (e.g., airbnb) as well as airline. But if you order is from independent providers like many caravan parks, you are out of luck. You cannot even add them even you want to type everything yourself.

Google Trips also cannot capture the booking or reservation change via phone. You cannot blame them to not having this feature, but practical product should be able to allow user to make change.

Google Trips does have its strength beside the auto trips creation.  It provides a easy way to add city (but not necessary add reservation) and downloads offline maps that include Google reviews on  “things to do” and “food and  drink”.

TripIt offers some kind of automation, but you have to mail to, which is an extra step from Google Trips. Airlines and big name booking sites also got good support there: the important fields like date, confirmation number are prefilled. You do have to enter the information for smaller providers, but at least you CAN enter them. Not to mention that you can enter the cost in each item to track the total cost.

My advice? Install both of them. Use TripIt for handling the accommodation, airticket, car hire. And use Google Trips for local food and attraction.



Jenkins SSH: Invalid PEM structure, ‘—–BEGIN…’ missing

Quick Solution

  1. Paste the RSA private key (e,g. content of ~/.ssh/id_rsa) to Jenkins, like this:jenkins credentials
  2. Ensure the ~/.ssh/known-hosts in Jenkins master has agent/slave host key. Like:
    stdbuf -o0 -e0 ssh-keyscan -H  &>> ~/.ssh/known_hosts
  3. Ensure the ~/.ssh/authorized_keys of Jenkins agent/slave has Jenkins master’s RSA key.
  4. (Optional) if you can access the terminal of Jenkins master, test the connection by using:


Because the issue Presence of ECDSA SSH keys breaks SSH credentials plugin seems to affect the Jenkins masters that have both ECDSA and RSA.