Definite's Extractor

My findings on Life, Linux, Open Source, and so on.

Category Archives: fedora

Do not do the math with expr

expr EXPERSSION returns 1 when the EXPERSSION is empty or 0.  Thus, you cannot really use it to do arithmetic.

For example, you may find your script doing  expr 1 - 1  returns as error.

To be fair, man page expr actually mentions this. However, instead of a dedicate section EXIT STATUSES, it is hidden in the second last paragraph of DESCRIPTION.

So do yourself a favour, use BASH arithmetic like $((var+1)).


KDE connect makes your mobile life easier

KDE Connect connects between your mobile and Linux, wirelessly.

You can copy photos, videos, or other files from mobile, or vise versa.

You can use your mobile as remote control of Linux media player, or even wireless mouse and keyboard. On the other hands, the clipboard of mobile and Linux are shared, so you can use your favorite desktop keyboard and input methods on mobile applications, like Clash-of-Clans and WeChat. The mobile and Linux should be at the same subnet, though.

Another interesting way to use KDE Connect is replacing Yubikey. I use the Yubikey almost everyday. Consequently, it become loose contact, so I need to wiggle it to get the contact. KDE Connect with Google authenticator or FreeOTP Authenticator might to the trick.

AirDroid is feature richer, however, you need to register to AirDroid to use Airdroid, but with KDE Connect you just need to pair it, and the connection is encrypted. Most importantly, AirDroid is not open source.

So far, KDE connect is available in Google play and most major Linux distribution, including Fedora. iOS version is not yet in app store though.

GPG: no default secret key gpg

In Fedora, you may have both gpg and gpg2. The secret keys are stored in different ways.


which gpg gpg2

You might get:


If you do have both, run:

gpg2 --list-secret
gpg --list-secret

Suppose your gpg2 --list-secret returns nothing. You can then export from gpg then import to gpg2 like so:

gpg --export-secret-keys -a > secret.asc
gpg2 --import secret.asc

Note that pass phrase is required to export.
Finally, verify the import with

gpg2 --list-secret

You may encounter the error message: Unknown IPC command. The quick fix is set the environment variable LC_ALL=C

Chewable Fedora Atomic

Fedora Atomic is an operating system targets to containers. However, the documentation, for me, is very hard to read. In this document, I will share my adventure with Fedora Atomic, starting with post installation.

I have installed Fedora Atomic, now what?

Let’s say you want to install the tree and docker-compose for better understanding the directory structure of your new host; you also need to ping a host every hour; and of course, you want your shiny new docker application to be deploy to this machine.

Package Install with rpm-ostree

Read more of this post

Startup Sequences of Shells

It is quite confusing if you need to work with multiple, so I make following tables.


From section STARTUP/SHUTDOWN FILES of man page zsh

Interactive Login Non-Interactive Login Interactive Non-Login Non-Interactive Non-Login


From section INVOCATION of man page bash


Interactive Login Non-Interactive Login Interactive Non-Login Non-Interactive Non-Login

Then the first one that is readable amongst:


bash as sh

Interactive Login Non-Interactive Login Interactive Non-Login Non-Interactive Non-Login


tcsh does not seem care the interactive mode when start up. if environment version has lf, then csh.login and ~/.login will run before csh.cshrc and ~/.tcshrc, respectively.
From section Startup and shutdown of man page tcsh

Login Non-Login
First one that is readable amongst:


^A is shown when typing Ctrl-A zsh

zsh has a nasty/convenient behaviour: it will set vi binding for you if one of environment VISUAL or EDITOR has the command start with vi.

If you don’t like this, run bindkey -e to use the emac mode instead. Put it in your zshrc.

Jenkins: No entry currently exists in the Known Hosts file for this host

I have encountered the following error message when I was trying to connect Jenkins slave after plugin update:

[SSH] WARNING: No entry currently exists in the Known Hosts file for this host. Connections will be denied until this new host and its associated key is added to the Known Hosts file.
 Key exchange was not finished, connection is closed. There was a problem while connecting to

I have tried to connect using ssh in console, it connected successfully, but Jenkins still refuse to connect.

Then I discovered that, if I provided the RSA Host key, Jenkins can now connected to slaves.

I guess the reason is ssh just use the known host key to determine whether it is known, and be able to fallback to RSA for actual authentication. On the other hand, Jenkins does not seem to have the fallback. You given RSA identity, then Jenkins expect RSA in known_hosts.

The issue is already filed as JENKINS-42959 Failed known_hosts verification for SSH agent. In the meantime you can use following workaround:

stdbuf -o0 -e0 ssh-keyscan -H <host> &>> ~/.ssh/known_hosts

The stdbuf here is for printing the stdout and stderr as the order of time they appear, just like what you would see in console. Otherwise the stderr will go first and then stdout.

Introducing Bus Factor


The Bus factor measures the degree of the knowledge sharing. High number means the knowledge is well shared. For example, bus factor 10 means 10 team members need to be “neutralized” to stop the project working.

This lead to the following issue: How to introduce it to your team members.
Even it is called *bus factor* does not mean you should introduce as such.

I still remember when one of my colleague explaining the idea:

Consider when you are hitting by a bus …

My real feeling on that time was:

Are you trying to curse me?

That’s right. It triggers all negative feeling and reaction. In other words, that will not help knowledge sharing.

A good way to get around this is terming it with holiday factor instead. Ah, holiday, this associate with more pleasant mood, thus make the concept much easier to be delivered and heard. And, hey, we do need to consider the impact of long holidays like Christmas and Chinese New Year.

Using holiday factor also deliver following message:

If you do not share, we may need to call you in the most inconvenient time …

So, using holiday factor is more acceptable, realistic and passive aggressive. 🙂

Yet, everything has it own limitation, and the “bus factory” is no exception. One of my respected colleague, Seth Vidal, was indeed killed in car accident, and his project, yum, is postponed. However, dnf takes its place and has been adopted by Fedora community since Fedora 22.

systemd: remember to keep the daemons alive

My sinopia daemon refused to start. After dig out the journal, I found that ExecStop run straight after ExecStart, what the…

After some research, I found that for daemons, or any other program that put themselves at the background, systemd thought they are stopped, thus stop the service for you. To prevent this, you need following in your systemd service file:


so your daemons can live happily ever after.


nodejs/npm yum repo for EL7

The nodejs and npm in EL7 is too old, so I borrowed the  to latest nodejs spec from  rawhide. Long story short, the result is at:

Please read the disclaimer and do follow the installation instruction if you choose to proceed. I don’t usually put the disclaimer like that but you need to know that:

  1. The build dependency of nodejs include openssl-1.0.2, but EL7 only shipped with 1.0.1, yet nodejs can run with openssl-1.0.1.
  2. openssl-libs is an important package, without it,  yum, curl and rpm URL install won’t work, so restore it is a bit tricky. The instruction is, however, written in the copr page.

Longer story:

To build this copr, following dependencies need to go in as well:

  1. libuv
  2. crypto-policies
  3. openssl-1.0.2

libuv is piece of cake. But crypto-policies and openssl bring the worst packager nightmare: circular dependency. After F23, crypto-policies require openssl-devel to build, yet openssl require crypto-policies to run.

I eventually dug out crypto-policies from F21 and built it, thus broke the circular dependency and finished the build.