About

Welcome to ScatteredCognition's Biblioteca.

"May the content you find be equal in value to time you spend here."

QR code that leads to this site.

You can navigate this site by using the ☰Sidebar and 🔍Search buttons and change the theme by using the 🖌️Themes button present in the ↖Top-Left corner of the screen.

About Myself

Hi, I am Faeiz Mahrus (21yo/Male/Bangladesh), although I usually go by the alias ScatteredCognition.
I can speak, read and write in Bangla and English, although I have also recently started learning Hindi and Russian.

Education

I am currently pursuing a B.Sc in Computer Science and Engineering (CSE) from BRAC University (BRACu).

I also previously attended two semesters in the University of Chittagong (CU), pursuing a BBA in Accounting, but I later came to BRACu as I decided that I wanted to pursue a different major.

Hobbies and Interests

You can find a list of the things mentioned below by going to the Hobbylist section.

I like doing the usual stuff all other people like to do.
Watching Anime, Movies and TV Shows, playing Videogames, interacting with their fandoms, binging on YouTube Documentries, doomscrolling on social media and online blogs.
You get the idea.

On the more niche side, my areas of interests involve Psychology, Ancient and Contemporary History, Politics, and anything that has to do with Computers and Technology.

Contact Information

You can contact me by sending me an email at any of the following email addresses:

I also have the following IM and Social Media accounts, although I may not always be available.

@faeizmahrus2025:matrix.org - [Matrix]
@faeizmahrus:fedora.im - [Matrix (Fedora Project)]
@faeizmahrus:mastodon.social - [Mastodon]

I would like to keep the rest of my contact information reserved.

DISCLAIMER:

All of the literary, written content in this site ^{*except code} has been written 100% by a real human being.

The site author has not put any ads or trackers in this site, if you encounter any ads or trackers, they were most likely injected by GitHub or other third-parties.

Anime

Although I stopped watching anime around 2020, I still vaguely remember some of their names.
Here are some of the good ones of the bunch.
I will try to write a review of them if/when I get the time.
Note that this section will remain perpetually incomplete. I will periodically update this section as I slowly remember the stuff I watched.

Naruto
Naruto Shippuden
Tokyo Ghoul
Darling in The Franxx
Kiss x Sis
ToraDora
Clannad
Highschool of The Dead
Assassination Classroom
Rising of The Shield Hero
Overlord
Highschool DxD
No Game No Life
Monogatari Series
ReLife

Currently watching

Monogatari series
WataMote (No Matter How I Look at It, It’s You Guys’ Fault I’m Not Popular!)

Movies & Series

Note that this section will remain perpetually incomplete. I will periodically update this section as I slowly remember the stuff I watched.

Movies

Bollywood/Indian

3 Idiots
Ae Dil Hai Mushkil
Bajrangi Bhaijaan
Housefull Anthology
Dilwale Dulhania Le Jayenge
Yeh Jawaani Hai Deewani
হীরক রাজার দেশে

Hollywood

Inception
Interstellar
Avatar (2009)
Charlie Chaplin movies
The 3 Stooges

Die Hard Anthology

Live Free or Die Hard

Kingsman Anthology

Kingsman: The Secret Service
Kingsman: The Golden Circle

The Fast and The Furious Anthology

The Fast and The Furious: Tokyo Drift
Fast & Furious (2009)
Fast Five
Fast & Furious 6
Furious 7

Shows & Series

Breaking Bad
Better Call Saul
Altered Carbon
Mindhunter
Narcos
The Boys
Danny Phantom
Avatar The Airbender

Videogames

I have played a plethora of videogames from most genres.
As usual, a list has been given below.

Indie/One-offs

The Coffin of Andy and Leyley
Fear & Hunger Series
Mortal Sin
Celeste

Pokemon Anthology

Pokemon Ruby/Sapphire/Emerald (GBA)
Pokemon Flora Sky (GBA)
Pokemon Dark Rising (GBA)
Pokemon Diamond/Pearl (NDS)
Pokemon Ranger series (NDS)

Assassin’s Creed Anthology

Assassin’s Creed 1 (Good)
Assassin’s Creed - Bloodlines (Good) (PSP)
Assassin’s Creed 2/Brotherhood/Revelations (Ezio Trilogy was bad, sorry)
Assassin’s Creed 3 (+Remaster) (GOAT)
Assassin’s Creed - Liberation (Horrific)
Assassin’s Creed - Rogue (Mid)
Assassin’s Creed 4 - Black Flag (Mid)
Assassin’s Creed - Origins (Good)

Metal Gear Solid Anthology

Metal Gear Solid 1 (+Twin Snakes) (PS1/GC)
Metal Gear Solid 2 (PS3)
Metal Gear Solid 3 (PS3)

GTA Anthology

GTA - Vice City
GTA - Vice City Stories (PSP)
GTA 4

Underrated Gems

Madagascar - Operation Penguin (GBA)
Beyblade - G Revolution (GBA)
DemiKids - Dark/Light Version (GBA)
Danny Phantom - The Ultimate Enemy (GBA)
Danny Phantom - Urban Jungle (GBA)
Fast And The Furious 3 - Tokyo Drift (PSP)
Learn to Fly Anthology (Flash)
Looney Toons - There Goes The Neighbourhood (Flash)
Fallout Anthology
The Elder Scrolls Anthology
Rimworld

Multiplayer

Counter Strike - Global Offensive (CSGO)
Valorant
Xonotic
Warface (R.I.P.)
Paladins
Blood Strike

Books & Resources

History & Politics

Most of my knowledge regarding history and politics comes from books, debates, YouTube Documentries and online sources like Wikipedia,
I have listed as many of them I can recall down below.

Issac Asimov’s books

The Egyptians
The Roman Republic
The Roman Empire
The Greeks - A Great Adventure
The Dark Ages

Other books on History

প্রাচীন ভারত - শ্রীযোগীন্দ্রনাথ সমাদ্দার
The Clash of Civilizations and the Remaking of World Order - Samuel P. Huntington
Ages of Discord: A Structural-Demographic Analysis of American History - Peter Turchin (Need to read)

Online resources

OverSimplified - Good videos for quick recaps of various historical events, useful for people who are interested in the field and want a starting point.
Kings and Generals - Tons of great documentries on various historical eras and events.
Eyes Wide Open - Fantastic documentries on (mostly) US clandestine organizations and operations.
UsefulCharts - Fantastic channel if you want visualizations of various historical events, religious sects and more.
Whatifalthist - Primarily focused on alt. history (what if xyz happened instead of abc) and geopolitical analysis.
Dr. Roy Casagranda - Good lectures on modern middle-eastern history.
Vinay Lal - Good lectures on ancient and modern-day Indian history.

Psychology

I am still a novice in this field.
Alot of my knowledge comes from Prof. Sam Vaknin’s videos.

Games People Play - Eric Berne
The Social Animal - Elliot & Joshua Aronson
Diagnostic and Statistical Manual for Mental Health Disorders. (DSM) (5th ed.)

Literature

Most literature I have read (incl. comics)

Bangla

As most Bangla literature I have read were ether in compilations created by various publishers, I will list the names of the authors whose works I have read instead where applicable.

The works of সুকুমার রায়
The works of সত্যজিৎ রায়
The works of শরৎচন্দ্র চট্টোপাধ্যায়
চাঁদের পাহার - বিভূতিভূষণ বন্দ্যোপাধ্যায়
হীরা মাণিক জ্বলে - বিভূতিভূষণ বন্দ্যোপাধ্যায়
Other works of বিভূতিভূষণ বন্দ্যোপাধ্যায়
কাকাবাবু সমগ্র - সুনীল গঙ্গোপাধ্যায়
বাঙ্গালীর হাঁসির গল্প - জসীমউদ্দিন

English

The Adventures of Tom Sawyer - Mark Twain
The Adventures of Huckleberry Finn - Mark Twain
The Adventures of Tintin
Asterix and Obelix

Basics of Linux

This section contains various resources that provides a general overview of various UNIX or Linux concepts and systems, aimed mostly at people who might have experience with other systems such as Windows, but are new to linux and want an general understanding of their systems.

Demystifying the Jargons

terminal is an application you execute commands from.
directory is a synonym for a folder.
shell is the program that actually executes your commands. Think of cmd.exe or PowerShell on Windows.
On most linux distros, bash is usually the default shell, but I recommend using fish as your default shell and bash for writing shell scripts.
Refer to the General Resources > Changing Shells section for a guide to list and change your shell.
arguments are the extra options you use with a command.
Example: grep -i bash /etc/shells
Here, -i bash /etc/shells are arguments for grep
path can either refer to the location of a directory or file, or a special environment variable $PATH that contains the locations from where you can launch and execute commands.
environment variable is a shell variable that works and functions mostly like variables in any programming language.

CLI Basics

Navigating your files and folders

Use the pwd command to list the directory you’re currently in.
Use the ls -la command to list the files and directories in the current directory.
Use the tree command to recursively list all files and subdirectories in the current directory.
Use the cd <directory> command to change your directory.

Viewing and editing text

Use the cat <filename> command to display the text in a file.
Use the nano <filename> command to edit text in a file.
Example: nano /etc/dnf/dnf.conf

To save a file, press Ctrl + S
To exit nano after saving a file, press Ctrl + X
To append some text to the end of a file, use ( >> )
Example: echo "Hello World" >> file.txt
To create/overwrite a file and write a line to it, use ( > )
Example: echo "The old file is gone" > file.txt
You can use the awk and sed utilities to make edits to files matching a certain pattern.
Useful for scripting, ask AI how to use them.

Filesystem Layout

A basic overview of the modern linux filesystem is given below.

System-specific hierarchy

/boot or /efi is where the bootloader is stored.
/home/<username>/ (aliased to ~) is your user’s home directory. (equivalent to C:\Users\<username>\)
/etc is where the system-wide configuration files are stored.
/usr is where most of the OS files are stored. (equivalent to C:\Windows\)
Note: Everything here (except /usr/local/) is managed by your package manager.
- /usr/bin/ - Contains executable files or symlinks to executables.
- /usr/sbin/ - Usually either symlinked to /usr/bin/ or contains extra executables.
- /usr/lib*/ - Contains library files .so (equivalent to .dll)
- /usr/share/ - Contains non-executable resources for apps (pictures, config files etc)
  - /usr/share/applications/ - Contains .desktop desktop entry files for applications installed using your package manager.
  - /usr/share/icons/ - Contains icons for applications to use.
- /usr/local/ - A directory for users to install their own apps not managed by the package manager. (system-wide)
On modern distros, /bin, /sbin, and /lib* directories are usually symlinks which point to their equivalents inside /usr, this is called the /usr merge.
/opt is where third-party apps like Google Chrome, Brave Software or DaVinci Resolve usually install their files.

User-specific hierarchy

A basic overview of some crucial files and directories inside an user’s home directory.

~/.local/ is where apps store their user-specific data.
~/.config/ is where apps store their config files.
~/.cache/ is where apps store their cache files.
~/.var/app/ is where Flatpak apps store their user-specific data.

NOTE: Most information in this section only applied to applications abiding by the XDG Base Directory Specification.
Some applications, like bash, zsh, Visual Studio Code, Google Chrome and DaVinci Resolve either don’t fully abide by the specification or don’t follow the specification at all.

System Overview

UNFINISHED

General Resources

This section contains various miscellaneous guides and resources regarding UNIX and Linux.

Changing Shells

To list available shells in your system, type the following in a terminal:

cat /etc/shells

Note that you can usually install additional shells from your package manager. To change your default shell, type the following in a terminal:

sudo usermod -s <path_to_shell> $USER

Example: sudo usermod -s /usr/bin/fish $USER

Configure Syncthing

If you’re on a traditional distro, install syncthing from your distro’s package repo.
Afterwards, enable the syncthing systemd service.

systemctl enable --user --now syncthing.service

If you’re on an immutable distro like Fedora Silverblue, install SyncThingy from Flathub.

Using Podman Quadlets

Sources used: podman docs

Intro

Podman Quadlet is a Podman/systemd feature that allows you to easily create and start containers on boot.
A very basic Quadlet for Syncthing has been given below, as example is the best way to understand anything.

Creating a Quadlet file

Where to put stuff

For a rootless Quadlet (recommended), create a file under…

/etc/containers/systemd/users/ (All users)
~/.config/containers/systemd/ (Your user)

with any of the following filename extensions…

.container
.volume
.network
.build
.pod
.kube
.artifact

e.g. for our purposes, we will create the file as follows: ~/.config/containers/systemd/syncthing.container

Basic Syntax

For our newly created syncthing.container file, we will put the following:

# syncthing.container
[Unit]
Description=Syncthing Quadlet (User)

[Container]
Image=docker.io/syncthing/syncthing

# Equivalent to: --network host
Network=host

# Equivalent to: --security-opt label=disable
SecurityLabelDisable=yes

# Environment variables
Environment=PUID=0
Environment=PGID=0
Environment=STHOMEDIR=/var/syncthing/.local/state/syncthing

# Volumes
Volume=./%h/:/var/syncthing

[Install]
WantedBy=default.target

This is a Quadlet file that roughly corresponds to the following podman command:

podman create docker.io/syncthing/syncthing \
        --network host \
        --security-opt label=disable \
        -e PUID=0 -e PGID=0 \
        -e STHOMEDIR="/var/syncthing/.local/state/syncthing" \
        -v "$HOME:/var/syncthing"

After this, we must run systemctl daemon-reload --user so that the podman quadlet systemd generator can generate the necessary systemd .service file.

Listing Quadlets

You can list your current Quadlets by running the following:

❯ podman quadlet list
NAME                 UNIT NAME          PATH ON DISK                                                          STATUS         APPLICATION
syncthing.container  syncthing.service  /var/home/faeizmahrus/.config/containers/systemd/syncthing.container  inactive/dead

Fixing errors

IF the STATUS field shows Not loaded, it means the podman quadlet systemd generator couldn’t generate a systemd .service file, most likely due to an issue with the Quadlet file’s syntax, given everything else is configured correctly.
To find out the error, run the following:

## To list errors and the generated .service file for all Quadlets
/usr/lib/systemd/system-generators/podman-system-generator --user --dryrun

## To list only the errors for a single Quadlet
systemd-analyze verify --user --generators=true syncthing.service

Starting the Quadlet

To enable the Quadlet, simply enable the generated systemd .service file.

systemctl enable --user --now syncthing.service

Optionally, enable linger for your user so the container stays running even when your user is logged out.

loginctl enable-linger $USER

Manage Environment Variables

Drop files like ~/.config/environment.d/xx-<name>.conf
To add ~/.local/bin to $PATH, add PATH=~/.local/bin:$PATH

Configure LUKS auto-unlocking with TPM2

Guide for setting up auto-unlocking LUKS2 volumes on boot with a TPM2 chip

Resources used : jdoss’s guide - uapi-group - ArchWiki - FreeDesktop - AskUbuntu - tpm2-tools readthedocs

IF YOU HAVE MULTIPLE TPM DEVICES, SPECIFY THE TPM TO BE USED BY ENTERING THE FULL PATH TO THE TPM DEVICE (/dev/<TPM2_DEVICE>) IN --tpm2-device= DURING ENROLL

UNPLUG ANY BOOTABLE EXTERNAL STORAGE DEVICES OR INSTALL MEDIA AND REBOOT BEFORE ENROLLING TPM AUTOUNLOCK

NEED TO BE RE-ENROLLED AFTER SECUREBOOT DBX AND UEFI FIRMWARE UPDATES

Check if everything is setup correctly

See which volume(s) are LUKS encrypted

sudo blkid -t TYPE=crypto_LUKS

See whether secureboot is enabled

sudo mokutil --sb-state

See available TPM devices

sudo systemd-cryptenroll --tpm2-device=list

Clear the TPM chip

Either use PPI Reset via UEFI firmware options.
Or run the following commands to initiate a PPI reset through linux. (Recommended)

sudo sh
echo 5 > /sys/class/tpm/tpm0/ppi/request

Reboot to finish the PPI reset

systemctl reboot

Enroll TPM2 to LUKS

Enroll the LUKS volumes

sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=1+5+7 <LUKS_Volume>

Enroll a recovery key (QR Code)

sudo systemd-cryptenroll --recovery-key <LUKS_Volume>

Reboot to see whether it worked

systemctl reboot

Remove TPM2 from LUKS

Disable TPM autounlock

sudo systemd-cryptenroll --wipe-slot=tpm2 <LUKS_Volume>

Description of the TPM PCRs (in linux)

PCR 1 - Hardware configuration was changed (Changing/Adding/Removing RAM/CPU/GPU etc)
PCR 5 - GPT Partition Table was changed (Creating/Deleting/Modifying partitions)
PCR 7 - Changes to UEFI Secureboot State

These values require systemd-boot and/or UKIs:

PCR 14 - Changes to Secureboot “MOK” certificates and keys (Enrolling new Secureboot keys)
PCR 15 - Changes to machine-id, UUIDs of various mountpoints, other systemd measurements (Mitigation for this ???)

Ignore the section below, it’s a scratchpad

(TODO, EXPERIMENTAL) Recalculate PCR values after modification/update

IF THE SYSTEM ASKS FOR A PASSWORD AFTER AN UPDATE, YOU NEED TO UPDATE THE PCR PREDICTIONS
SCRATCH THAT, THIS WONT WORK WITUOUT SD-BOOT AND UKIS
Recalculate the PCRs manually.

sudo systemd-pcrlock predict
sudo systemd-pcrlock make-policy

Enable a service that does thiws automatically on every shutdown/boot.

systemctl enable systemd-pcrlock-make-policy.service

(UNSURE WHAT TO DO WITH THIS) Take Ownership and lock the TPM2 chip

Set Owner, Endorsement and Lockout passwords to ensure they can’t be changed by unauthorized parties. (You need to remove the locks everytime you need to re-enroll the TPM)

tpm2_changeauth -c owner newpass
tpm2_changeauth -c endorsement newpass
tpm2_changeauth -c lockout newpass

Fixes for Electron and Chromium apps

Launch arguments and flags for Electron apps

Various launch arguments and flags for Electron apps.

Launch arguments

You need to copy the app’s .desktop file to ~/.local/share/applications/ and append it after Exec= in all entry fields.
NOTE: Arch-based distros usually have .conf files to easily handle commandline args

--ozone-platform-hint=auto
Runs the app with Wayland support.
--enable-wayland-ime
Enables iBus/Fcitx support.
--enable-features=TouchpadOverscrollHistoryNavigation
(Use for browsers. e.g. Brave) Enables navigation via touchpad gestures.

Flags (set with `chrome://flags`) (mainly for browsers)

#ozone-platform-hint - Auto
Enables Wayland support.
#wayland-ui-scaling - Enabled
Enables Fractional Scaling support under Wayland.
#wayland-per-window-scaling - Enabled
Enables per-window scaling support.
#wayland-text-input-v3 - Enabled
Used to enable proper ibus support on older GNOME versions without text-input-v1 support.
#middle-button-autoscroll - Enabled
Enables middle-click autoscroll.
#web-app-universal-install - Enabled
Enables installation of normal websites as webapps.

Guide on setting up any Chromium browser inside a (Fedora) distrobox

Setup the Distrobox

distrobox create -n appbox-fedora --init --additional-packages "systemd" --pre-init-hooks ""
distrobox enter appbox-fedora -- sh -c db-fedora-essential.sh
echo “max_parallel_downloads = 20” >> /etc/dnf/dnf.conf
sudo dnf update
sudo dnf install https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
sudo dnf config-manager setopt fedora-cisco-openh264.enabled=1
sudo dnf install rpmfusion-{free,nonfree}-release-tainted
sudo dnf swap ffmpeg-free ffmpeg –allowerasing 9, sudo dnf install libdvdcss intel-media-driver libva-intel-driver gnome-keyring libsecret pipewire xdg-desktop-portal-{gtk,gnome} flatpak, xdg-user-dirs{,-gtk} xdg-utils

Chromium commands (as of Nov 13 2025)

vivaldi --enable-features=AcceleratedVideoDecodeLinuxGL,AcceleratedVideoDecodeLinuxZeroCopyGL,AcceleratedVideoEncoder,TouchpadOverscrollHistoryNavigation,WaylandPerSurfaceScale,WaylandUiScale,MiddleClickAutoscroll --gtk-version=4

Fedora Setup Guide

Generic tweaks and configuration for Fedora Linux after fresh install

dnf is too slow

Open dnf.conf : nano /etc/dnf/dnf.conf
(replace nano with kwrite/gedit etc if you want to)
Add/Change the following values.

# Download 20 packages simultaneously
max_parallel_downloads = 20

# Mirror must maintain download speed of atleast 256*1024 bytes (256KiB/s) for the duration of `timeout` value in seconds
minrate = 262144

# Mirror must maintain `minrate` amount of download speed in bytes for `timeout` value in seconds
timeout = 5

Install Noto fonts and Bangla language pack

Install all the Noto fonts and the langpacks-bn language pack.

sudo dnf install -y google-noto-fonts-all langpacks-bn

Configure flatpak remotes

Remove the Fedora flatpak remotes and add the Flathub flatpak remote.

# Delete fedora remotes
flatpak remote-delete fedora
flatpak remote-delete fedora-testing

# Add flathub remote as user (remove --user flag to install as system)
flatpak remote-add --user --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo

Configure RPMFusion

Configure RPMFusion and install restricted extras.

# Run elevated to avoid password prompt spam
sudo bash

# Install rpmfusion repos
dnf install -y https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm

# Initial setup stuff
dnf config-manager setopt fedora-cisco-openh264.enabled=1
dnf update -y @core @multimedia

# Install rpmfusion tainted repos
dnf install -y rpmfusion-free-release-tainted rpmfusion-nonfree-release-tainted

# Install unrestricted ffmpeg
dnf swap -y ffmpeg-free ffmpeg --allowerasing

# Install intel drivers
dnf install -y intel-media-driver libva-intel-driver

# Install unrestricted amd drivers
dnf swap -y mesa-va-drivers mesa-va-drivers-freeworld
dnf swap -y mesa-vdpau-drivers mesa-vdpau-drivers-freeworld

# Install 32bit unrestricted amd drivers (avoid)
#dnf swap -y mesa-va-drivers.i686 mesa-va-drivers-freeworld.i686
#dnf swap -y mesa-vdpau-drivers.i686 mesa-vdpau-drivers-freeworld.i686

# Install unrestricted nvidia drivers
dnf install -y libva-nvidia-driver

# Install 32bit unrestricted nvidia drivers (avoid)
#dnf install -y libva-nvidia-driver.{i686,x86_64}

# Install dvd ripping library
dnf install libdvdcss

# Install tainted firmware
dnf --repo=rpmfusion-nonfree-tainted install "*-firmware"

Fedora Silverblue

Fedora Silverblue is what happens when you look at a Docker container one day and think “Hmm… I wonder if we can build an entire OS out of this if we included a kernel and a bootloader…”.

It is an Atomic, Immutable^(mostly) linux distro built on the foundations of Fedora Linux, using it’s own package manager, rpm-ostree.

You can install packages like you would on normal Fedora Linux (“Layering” as it is called), but don’t layer too many packages. Fedora Silverblue ships with the GNOME Desktop Environment, although different spins exist like Fedora Kinoite (ships KDE Plasma), Fedora Cosmic Atomic and the like. But Fedora Silverblue remains, by far, the best experience amongst all the Atomic spins.

Flatpak is a new packaging format for linux that puts an emphasis on containerization and sadboxing apps. Basically, think of it as Docker but for desktop linux apps.
Being centered around the ideas of containerization, immutability and atomicity, Fedora Silverblue prefers apps to be shipped as Flatpaks.

This section contains guides and information mostly specific to Fedora Silverblue.
I recommend reading the content at linux/others section for guides and information that is applicable to most linux distros.
Also read the linux/basics section for a brief overview of how to use and navigate the CLI.

Silverblue Setup

Commands and documentation

You should read the Fedora Silverblue docs first.

Some basic commands for administering your system have been given below.
For more advanced commands, see ../ostree-commands

Commands	Explanation
`rpm-ostree status`	See the status of all`rpm-ostree` deployments
`rpm-ostree update`	Update your system
`rpm-ostree search/install/remove <package>`	Search/Install/Remove packages on your base image. (Layering)
`rpm -qa <package>`	Check whether a package is currently installed in the system
`rpm-ostree reset`	Removes all overlayed packages
`rpm-ostree override remove/replace/reset <package>`	Remove/Replace a preinstalled package or Reset overrides
`rpm-ostree cleanup -rpmb`	Remove Rollback(`-r`)/Pending(`-p`) deployments and Clean Metadata(`-m`)/Cache(`-c`) files

Packages to layer

Although it comes down to personal preference and needs, I prefer overlaying the following packages on a fresh install of Fedora Silverblue:

zsh/nu/fish (Your preferred shell)
adw-gtk3-theme (Themes GTK3 and some Qt apps to look like libadwaita apps)
distrobox (More flexible than toolbox)
android-tools (For using ADB and fastboot)
langpacks-bn (For Bangla language pack support, replace bn with your language code)
podman-compose (For VSCode/DevPod Devcontainers)
OpenBangla Keyboard (For Bangla typing) [Download]

Oneliner:

rpm-ostree install zsh nu fish adw-gtk3-theme distrobox android-tools langpacks-bn podman-compose https://github.com/OpenBangla/OpenBangla-Keyboard/releases/download/2.0.0/OpenBangla-Keyboard_2.0.0-fedora42.rpm

Flatpak Setup

Out of the box, Fedora Silverblue ships and configures Fedora’s own Flatpak repository, which has a limited selection of apps that sometimes have issues.
As such, I generally like to disable the default Fedora Flatpaks repository and enable the Flathub repository.
You can do so by opening the GNOME Software app and enabling Third-Party Repositories.

For a list of Flatpak apps to install and cleaning out the preinstalled Fedora flatpaks, see ../flatpak-setup

Fixing /etc/fstab issues in Fedora Silverblue

Starting from Fedora Silverblue 41 and onwards, / (root) is mounted using ComposeFS.
As such, / is mounted using kargs in Fedora Silverblue instead of systemd or by arguments sourced from /etc/fstab.

This will result in…

Options specified in /etc/fstab (notably btrfs compression options) not applying for / (root).
Errors related to systemd-remount-fs.service.
fstrim.service not trimming / (root).

To fix this, run the following commands:

# Add btrfs compression option to kargs
rpm-ostree kargs --delete=rootflags=subvol=root --append=rootflags=subvol=root,compress=zstd:1

# Comment out the line for the root (/) mount in /etc/fstab
sudo sed -i.bak '/^UUID=.*[[:space:]]\/[[:space:]]/ s/^/#/' /etc/fstab

# Manually run fstrim on /sysroot periodically
sudo fstrim /sysroot

Performance tuning

Disabling mitigations

If you’re a casual/home user with a threat model that doesn’t involve nation-state actors, you can disable some CPU/GPU vulnerability mitigations for a beefy performance boost. (esp. on Intel systems)

# For all CPUs
rpm-ostree kargs --append-if-missing=mitigations=off

# If using an Intel iGPU with the i915 driver
rpm-ostree kargs --append-if-missing=i915.mitigations=off

Enabling Intel Wifi powersaving

IF your system has an Intel Wifi/Bluetooth card like the AX210, you can enable powersaving and save 2~5W of power.

rpm-ostree kargs --append-if-missing=iwlwifi.power_save=Y
rpm-ostree kargs --append-if-missing=iwlwifi.power_level=5

OSTree Commands for Fedora Silverblue

I have provided some commands which will hopefully make your Fedora Silverblue journey better.

Basics

Commands	Explanation
`sudo ostree admin pin (-u) <index>`	Pin a deployment (use `-u` to unpin a deployment)
`sudo ostree admin fsck`	Verify the integrity of yourFedora Silverblue installation
`rpm-ostree kargs --editor`	Edit your kernel arguments (kargs)

Deploying a previous commit

Commands	Explanation
`ostree remote refs fedora`	Find all available refs forFedora Atomic spins you can use
`sudo ostree pull --commit-metadata-only --depth=10 fedora:<ref>`	Pull the last 10 commits for your selected ref
`ostree log fedora:<ref>`	List all the commits for your selected ref
`rpm-ostree deploy <ref_version>`	Deploy that specific commit version (removes overlayed packages)

Rebase onto a different image

Commands	Explanation
`ostree remote refs fedora`	Find all available refs forFedora Atomic spins you can use
`rpm-ostree rebase fedora:<ref>`	Rebase onto a different image/spin likeKinoite or Cosmic Atomic

Flatpak Setup for Fedora Silverblue

Removing preinstalled Fedora Flatpaks

To remove all the preinstalled Fedora Flatpak apps instead of uninstalling them one-by-one, run the following:

flatpak remove --all

Flatpak apps I use

Here is a list of the Flatpak apps I use on my Fedora Silverblue install.

GNOME Apps

GNOME Core Stuff

App Name	App ID	Description
Audio Player	org.gnome.Decibels	A very simple audio player, gets the job done. Install RhythmBox if you want something more powerful.
Video Player	org.gnome.Showtime	A very simple video player, gets the job done. Install VLC if you want something more powerful.
Image Viewer	org.gnome.Loupe	A basic image viewer with limited image editing capabilities.
Document Viewer	org.gnome.Papers	A basic PDF viewer. Also has a presentation function.
Sound Recorder	org.gnome.SoundRecorder	A very simple sound recorder app.
Text Editor	org.gnome.TextEditor	A basic text editor. Has support for tabs and some basic customization options.
Calculator	org.gnome.Calculator	A relatively powerful calculator app.
Calendar	org.gnome.Calendar	A basic calendar app with support for account syncing.
Clocks	org.gnome.clocks	A basic clock app.
Camera	org.gnome.Snapshot	A basic camera app.
Contacts	org.gnome.Contacts	A basic contacts app with support for account syncing.
Maps	org.gnome.Maps	A very simple maps application, has issues determining your location sometimes.
Weather	org.gnome.Weather	A very simple weather application.
Web	org.gnome.Epiphany	A very simple web browser. lacks extension support and has very weak adblocking.
Connections	org.gnome.Connections	Simple remote desktop client application supporting the RDP, VNC and SPICE protocols.
Firmware	org.gnome.Firmware	A very simple application for displaying and updating the firmware of your devices.
Fonts	org.gnome.font-viewer	A very simple font viewer application. Can install fonts.
Document Scanner	org.gnome.SimpleScan	A very simple document scanner application. Install NAPS2 if you want something more powerful.
Disk Usage Analyzer	org.gnome.baobab	A very simple disk usage analyzer tool. Can only analyze your home folder.
Logs	org.gnome.Logs	A very handy log viewer application to find out issues with your system.
Passwords and Keys	org.gnome.seahorse.Application	A basic key management application for creating and managing your GPG, SSH and gnome-keyring/libsecret keys.

GNOME Extra Stuff

App Name	App ID	Description
Refine	page.tesk.Refine	A successor to the GNOME Tweaks application. Lets you tweak and configure various aspects of the GNOME DE.
Extension Manager	com.mattjakeman.ExtensionManager	An GNOME Shell extension manager application. Lets you directly install and manage your GNOME extensions and check whether they are compatible with your current GNOME version.
Flatseal	com.github.tchx84.Flatseal	A very powerful application for configuring the permissions and other aspects of your Flatpak apps
Ignition	io.github.flattool.Ignition	A basic startup application manager.
Resources	net.nokyan.Resources	A beautiful, stunning and powerful system monitor utility.
Gear Lever	it.mijorus.gearlever	An application for integrating appimages into your system.
Pika Backup	org.gnome.World.PikaBackup	A very powerful and flexible backup utility.
Foliate	com.github.johnfactotum.Foliate	A beautiful ebook reader.
Fractal	org.gnome.Fractal	A Matrix client. Supports multi-account.
DistroShelf	com.ranfdev.DistroShelf	An application for managing distrobox containers, should you need one.
Keypunch	dev.bragefuglseth.Keypunch	A simple, minimal typing practice app with support for a wide variety of languages.
Bottles	com.usebottles.bottles	An extremely feature-rich wine and wine-prefix manager app. I prefer it over Lutris and all other wine managers.
Authenticator	com.belmoussaoui.Authenticator	A basic but really useful app for managing your 2FA codes. Supports Aegis and tons of other 2FA OTP providers.

Other Utilities

App Name	App ID	Description
Firefox	org.mozilla.firefox	Has better integration for linux than most other browsers. Supports HW-Accelerated Video Transcoding OOTB for Intel and AMD GPUs.
Tor Browser Launcher	org.torproject.torbrowser-launcher	uhh
qBittorrent	org.qbittorrent.qBittorrent	Postmodern Marxist-Leninism.
Vesktop	dev.vencord.Vesktop	A better Discord client with support for proper, functional screen sharing on Wayland with audio.
Slack	com.slack.Slack	Discord for BBA grads.
Telegram Desktop	org.telegram.desktop	Atp having this installed is more questionable than having the Tor Browser installed.
OnlyOffice Desktop Editors	org.onlyoffice.desktopeditors	Best replacement for MS Office with good linux support.
Obsidian	md.obsidian.Obsidian	Best notetaking app in existence.
OBS Studio	com.obsproject.Studio	works ig
LocalSend	org.localsend.localsend_app	Fantastic app for quickly and easily sharing files between devices. A decent Airdrop/Quick Share/Shareit replacement.
RetroArch	org.libretro.RetroArch	Jack of emulating all retro games, master of none.
GIMP	org.gimp.GIMP	Image editor, I hate it.
Krita	org.kde.krita	Image editor, I love it.
Kdenlive	org.kde.kdenlive	Very basic video editor, I am neutral. Get DaVinci Resolve Studio + DavinciBox if you need something good.
Fedora Media Writer	org.fedoraproject.MediaWriter	Best ISO flasher utility for linux.
Virtual Machine Manager	org.virt_manager.virt-manager	A very powerful app for creating and managing VMs, also grab the QEMU addon.

Apps to add later

Syncthingy
Gradia
Desktop Plus (GIT UI)
gitg
Collision
Inspector
Pods
File Roller
Secrets
Polari
Pinta
Inkscape
Tuba

Toolbox Setup for Fedora Silverblue

toolbox (toolbx) is a utility shipped with Fedora Silverblue to easily create and use containers.
It’s usage primarily revolves around using CLI utilities not shipped by default on Fedora Silverblue.
It is stylized and branded as toolbx, although toolbox is the command name.

There are official toolbx images for Fedora Linux, RHEL, Ubuntu and Arch Linux.
Community-maintained toolbx images for other distros can be found at https://github.com/toolbx-images/images

Alpine Linux Container

Alpine Linux is a container-focused distribution that is extremely lightweight in terms of size.
As such, I recommend using Alpine Linux for your toolbx containers.

Create the toolbx container by using the Alpine Linux toolbx image from toolbx-images repo.

toolbox create --image quay.io/toolbx-images/alpine-toolbox:latest toolbox-alpine-cli

Enter the toolbx container you just created.
```
toolbox enter toolbox-alpine-cli
```

Some common commands for managing the Alpine Linux container are given below.

# Install programs
sudo apk add <program>
# Remove programs
sudo apk del <program>
### Notice
NOTE: Put your own CLI programs in /usr/local/bin

Fedora Linux Container

Fedora Linux is the default distro for the containers created by the toolbox tool.

Create a Fedora Linux toolbx container.

toolbox create -d fedora toolbox-fedora-cli

Enter the toolbx container you just created.
```
toolbox enter toolbox-fedora-cli
```

You can apply some optional tweaks to your Fedora Linux toolbx containers to make the default package manager dnf faster.

Open /etc/dnf/dnf.conf and add/change the following values:

# see `man dnf.conf` for defaults and possible options

[main]
# Download 20 packages simultaneously
max_parallel_downloads = 20

# Mirror must maintain download speed of atleast 256*1024 bytes (256KiB/s) for the duration of `timeout` value in seconds
minrate = 262144

# Mirror must maintain `minrate` amount of download speed in bytes for `timeout` value in seconds
timeout = 5

VSCode Setup for Fedora Silverblue

After flip-flopping between installing Visual Studio Code inside a distrobox container, layering it on my Fedora Silverblue install and just using nano + terminal for development, I have finally settled on using the following VSCode setup with Dev Containers.

Setting up VSCode + Dev Containers

Download the VSCode appimage from valicm’s GitHub repo and install it using Gear Lever.
Install podman-compose.

Enable the podman socket for your user.

systemctl enable --user --now podman.socket

Install the Dev Containers VSCode extension.
Goto the Dev Containers extension’s settings.
Set the following values for the fields below:
- Dev > Containers: Docker Compose Path -> podman-compose
- Dev > Containers: Docker Path -> podman
- Dev > Containers: Docker Socket Path ->
  (whatever socket path systemctl status --user podman.socket | grep Listen: shows)

Using Dev Containers for development

Dev Containers basically creates a Docker/OCI container for your project from the configuration located inside the .devcontainer folder in your project’s topmost directory.
VSCode then SSH’s into it so you can develop inside the container as-if it was your own system.
This is the same concept as toolbx. (discussed here)

You can find my devcontainer configs at https://github.com/ScatteredCognition/devcontainers/

Arch Linux/CachyOS

Arch Linux is a community-driven, rolling release distro that features a wide selection of packages in it’s repositories. It features a CLI installer for easy installation.
CachyOS is an Arch Linux derivative that provides their own optimizations on top of Arch Linux, making it blazingly fast.

Overall, you will have a good time with either one of these distros.

This section contains guides and information mostly specific to Arch Linux/CachyOS.
I recommend reading the content at linux/others section for guides and information that is applicable to most linux distros.
Also read the linux/basics section for a brief overview of how to use and navigate the CLI.

Configure LUKS auto-unlocking with TPM2 in Arch Linux/CachyOS

To configure LUKS auto-unlocking with TPM2 in Arch Linux/CachyOS, do the following steps:

Make a copy of your /etc/crypttab for initramfs

sudo cp /etc/crypttab /etc/crypttab.initramfs

Make a backup of your /etc/mkinitcpio.conf

sudo cp /etc/mkinitcpio.conf /etc/mkinitcpio.conf.bak

Include the necessary systemd stuff in your initramfs by replacing the following in your /etc/mkinitcpio.conf file:

udev > systemd
keymap and consolefont > sd-vconsole
encrypt > sd-encrypt

Example:

Original:

HOOKS=(base udev plymouth autodetect microcode modconf kms block keyboard keymap consolefont  encrypt filesystems fsck)

Modified:

HOOKS=(base systemd plymouth autodetect microcode modconf kms block keyboard sd-vconsole sd-encrypt filesystems fsck)

Regenerate your initramfs
```
sudo mkinitcpio -P
```
Continue onwards with linux/others/Configure LUKS Auto-unlocking with TPM2

UNFINISHED Creating a VM using virt-manager on Arch Linux/CachyOS

Installing and configuring virt-manager

Installing `virt-manager`

Install virt-manager and other necessary packages.

 sudo pacman -Syu virt-manager qemu-full libguestfs guestfs-tools iptables-nft

Enable libvirtd.socket and virtlogd.socket

systemctl enable --now libvirtd.socket
systemctl enable --now virtlogd.socket

Ensure the variable isfirewall_backend=iptables in /etc/libvirt/network.conf for NAT to function.

Enable default NAT adapter

sudo virsh net-start default
sudo virsh net-autostart default

Configuring `virt-manager`

Open Virtual Machine Manager.
Goto Edit > Preferences from the tab bar on top.
- Under General
  - Enable Enable XML Editing
  - Enable Enable libguestfs VM Introspection
- Under New VM
  - Set x86 Firmware to UEFI
  - Set CPU Default to host-passthrough
  - Set Storage Format to QCOW2 (optional)
If QEMU/KVM doesn’t exist like the pic above, Goto File > Add Connection and configure as follows (Make sure you are using the system instance of qemu by ensuring the Generated URI field reads qemu:///system)
Double-click on QEMU/KVM if it shows Not Connected.
virt-manager is now ready for creating and running VMs.

Finally, click the shiny monitor icon near the top-right and create a new VM
While using the wizard, choose the installed OS manually by unticking the auto detect checkbox ENSURE OS TYPE IS THE SAME OS YOU ARE GOING TO INSTALL
On the last screen, select Customize configuration before install
(Windows Guests) Download the VirtIO guest tools iso for Windows so we can have disk and network drivers.
- Download VirtIO driver iso
(Windows Guests) Add an emulated CD-ROM drive with our VirtIO drivers from Add Hardware > Storage (In the sidebar) > Device Type: CDROM Device and select the VirtIO driver ISO file, then click Ok to close the dialog box
On default configurations, virt-manager will default to an emulated SATA disk as your storage drive. To enjoy better performance, select SATA Disk 1 from the sidebar and change Disk Bus: to VirtIO
Similarly, you can select NIC:(random characters) from the sidebar and change Device Model: to VirtIO
Finally, select Begin Installation on the top-left corner and begin installation
(Windows Guests) At the disk partitioning screen, the installer will complain about having no disks to install to. Click Load Drivers, then Browse and goto (VirtIO disk) > vioscsi > (windows version) > AMD64 and click Ok to let the installer find the driver. Afterwards, our main disk should be visible in the disk partitioning screen
Continue the installation as normal
You can customize the VM after installation by switching from the Graphical Console view to the Hardware Details view on the top-left

Installing Spice and VirtIO guest tools (Windows Guests)

After installation has finished, navigate to the emulated CDROM drive with the VirtIO drivers in Windows Explorer and install the guest tools
Afterwards, visit these two links inside the VM and install the Spice guest tools
- Spice Guest tools
- Spice Webdavd

Setting up RDP

Enable Remote Connections inside your Windows guest. Google how to.
While the VM is running, Goto Hardware Details view, click on the NIC:(random characters) device from the sidebar and take a note of the IP Address
Note that the user account you want to RDP to in the Windows guest must have a password set
Install a RDP client, krdc is a very nice and robust client.
Enter the IP Address in the address field and connect to it
On the login prompt, enter your Windows username and password to connect

Setting up GPU Passthrough

While the VM is powered off, Goto the Hardware Details view, then Add Hardware > PCI Host Device and select one of the vGPUs/GPU you want to passthrough to the VM.
(Intel iGPUs) To avoid the Code 43 error with the i915 sriov dkms drivers, follow this thread and add a <vendor_id> tag

Setting up USB Passthrough

While the VM is powered off, Goto the Hardware Details view, then Add Hardware > USB Host Device and select one of the USB Devices you want to passthrough to the VM.

Reflections on Life

Unfinished

A New Beginning

Unfinished

Keyboard shortcuts

ScatteredCognition's Biblioteca