Extending LVM partition after disk expansion

  1. Boot GParted Live as this is best done offline.
  2. GParted may prompt to fix the GPT header due to metadata mismatch about the disk size, select “Fix”.
  3. Using GParted program, deactivate the LVM partition.
  4. Resize the LVM partition by dragging the right-arrow to the end.
  5. Click tick ✓ to apply. Resizing should take only a few seconds, if it’s not finished within a minute, reboot GParted Live and repeat; this may happen if Steps 2-3 are skipped.
  6. Launch Terminal,
sudo -s
vgs
lvs
  1. vgs may show non-zero VFree value meaning the volume group contains unallocated space. lvs lists the volume group and logical volume, the values are used in lvresize; Ubuntu defaults to ubuntu-vg/ubuntu-lv, the slash is not an OR, both values with a slash are required.
lvresize -l +100%FREE --resizefs VG-name/LV-name
vgs
  1. vgs should now show zero VFree value.
  2. In GParted program, activate the LVM partition.
  3. Reboot.

GnuPG 2.5 for Windows is now 64-bit only

After updating GnuPG to 2.5.16 using Chocolatey, I wasn’t able to sign commit in WSL with pinentry error. The “$HOME/.gnupg/gpg-agent.conf” was previously configured with pinentry-program "/mnt/c/Program Files (x86)/gnupg/bin/pinentry-basic.exe" which is now an invalid path. I updated it to:

pinentry-program "/mnt/c/Program Files/GnuPG/bin/pinentry-basic.exe"

Then run systemctl --user restart gpg-agent.service.

If Git and GnuPG are used in Windows, the gpg config in “$HOME\.gitconfig” should be updated to:

[gpg]
  program = C:\\Program Files\\GnuPG\\bin\\gpg.exe

GRUB 2.14rc1 supports LUKS2 + Argon2 disk encryption

I had always used grub-improved-luks2-git AUR package to boot up my LUKS2+Argon2-encrypted disk. Now that GRUB 2.14rc1 supports it, it’s time to switch to the default package.

$ sudo pacman -S grub

pacman detected it conflicts with grub-improved-luks2-git and prompted for removal which is expected. Then, this is the most important part, “/etc/default/grub” config has been restored to the default during installation, so I had to replace it with my config. Thankfully, pacman made a backup at “/etc/default/grub.pacsave”, so I just need to move it back.

$ sudo mv /etc/default/grub.pacsave /etc/default/grub

Reinstall and regenerate the GRUB configuration.

sudo grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id="Arch Linux" --recheck
sudo grub-mkconfig -o /boot/grub/grub.cfg

booloader-id value can be anything. The whole line of grub-mkconfig can be replaced with just update-grub (without any option) if the command is available.

Importing FreeTube subscriptions to NewPipe/Tubular

In FreeTube, navigate to Settings > Data > Export Subscriptions > Export YouTube (.csv).

Transfer the csv file to your mobile device.

In NewPipe/Tubular, navigate to Subscriptions > upper-left triple-dot > Import from > YouTube > Import File > choose the csv file.

The import will run in the background with notification. The app’s notification will clear once the import is complete.

Using vector tiles on Nextcloud Maps

Nextcloud Maps uses raster tiles by default, but it also supports vector tiles which looks nicer. Navigate to Nextcloud administration > Additional settings (<nextcloud-domain>/settings/admin/additional) > Maplibre settings. Set the style url as https://tiles.openfreemap.org/styles/liberty.

The style url can be set to other map providers. I use OpenFreeMap because it’s free and doesn’t need an API key. It’s available in 4 styles.

Maplibre uses WebGL to render the vector tiles, so if your browser block WebGL by default, your Nextcloud domain (not openfreemap.org) needs to be allowlisted for it.

Separate markdown headings into pages

Previously the Threat Hunting page contained all search queries in one page separated by headings. That approach was untidy especially when conducting a web search; where after being redirected to the threat hunting page, still had to navigate to the relevant heading to locate the relevant search query.

Each heading or search query is now in a separate page, so once those new pages are indexed by search engine, the search result will lead directly to a page that only contains the relevant search query, e.g. FileFix detection.

from os import chdir, path
from re import S, findall, sub

chdir(path.dirname(__file__))

template = """---
title: {title}
layout: page
date: 2025-07-27
---
{content}"""

with open("index.md") as f:
    s = f.read()
    # https://stackoverflow.com/a/66619938
    for title, content in findall(r"(?:^|\n)##\s([^\n]+)\n(.*?)(?=\n##?\s|$)", s, S):
        # https://stackoverflow.com/a/74260791
        fname = sub(r"\W+", "-", title).strip("-").lower()
        with open(fname + ".md", "w") as w:
            w.write(template.format(title=title, content=content))
        with open("index-new.md", "a") as a:
            a.write(f"- [{title}]({fname})\n")

linux-firmware meta package on Arch Linux

Arch Linux linux-firmware is now a meta package. Its derivative Manjaro renamed it to linux-firmware-meta. The default set covers a wide range of firmwares that may not be applicable to most devices and can be trimmed down.

  1. Remove the meta package, pacman -Rn linux-firmware
  2. Identify device manufacturer, lspci
  3. Remove irrelevant firmware, e.g. if Nvidia device is not installed, pacman -Rns linux-firmware-nvidia
  4. Mark the necessary firmware as explicitly installed, pacman -D --asexplicit $(pacman -Qs -q linux-firmware | sed -z 's|\n| |g')

CMC 3.37.0 switched to _cmc_summary index

Splunk Cloud Monitoring Console (CMC) app which auto-update itself separately from Splunk Cloud recently switched from “summary” to “_cmc_summary” index in 3.37.0 update released on 27 March 2025. The update broke my custom license monitoring dashboards and alert. Resolved the issue by including the new index.

Update: CMC 3.37.1 update reverts it back to “summary” index to allow for gradual transition.