Currently unusable

Hi, I’m new to Kicksecure and to Debian and I found my way here through the opsec bible that said they aim to suggest solutions that are “doable for the 90% of average joes out there”, however, it seems I’m in the 10% as I’m now at the point where I can’t even get past the login screen and it just keeps looping and asking me to log in so I don’t even know where to start with requesting support.

It seems I’m now forced to do another fresh install but tbh, that’s just one of many things that has been extremely difficult to even get working.

I’ve looked up LQXt docs, lawbc configs and they don’t seem to change anything. Settings sometimes change things, sometimes persist, then don’t persist when I reset.

There’s errors right from the get go before I even get to entering my encryption password.

All I’ve done is manage to get in, install NVIDIA drivers because the display was crashing and installed a few basic apps. Obsidian, Brave, Bitwarden, setup Virtmanager.

Is it normally this hard? Being that I think now it’s completely bricked due to not being able to get past login and I have to reinstall, I just basically would like to know if it’s worth it or if it’s completely unstable right now.

Thanks

Kicksecure 18 is stable, and should be generally usable for individuals who have a working knowledge of Linux. There are some aspects (like editing labwc configuration) that are harder than other distributions, but otherwise it should work well and does work in practice for many.

It’s difficult to know why things aren’t working correctly with the description you’ve given of the issues you’ve faced. The best way to get help for an issue is to describe the steps you took to cause an issue, in as much detail as possible, including what you expected to see happen at each step of the process, and what actually happened if that differs from what you expected. More details are here:

It may also be worth reading:

yes I understand that, but after trying to resolve things myself I now can’t access anything really because it just loops at the log in screen so not much I can describe.

This happened after it started not shutting down properly. I would type ‘reboot’ after adjusting the labwc configure to see if that would see any of the changes take effect and it wouldn’t even shut down properly forcing me to hard power off.

But the problems have been plentiful.

tridad issue to begin where it wasn’t loading in the kernel - which I thought I solved by signing some MOK utils thing because the error went away upon systemcheck. Although I’m unsure.
the same happened with nvidia drivers after installing them. nvidia persistenced won’t load in the kernel but this seemed like an issue that didn’t break things as I could start via systemd.
There was another error popping up from initial install that was showing just before the encryption password request. I hadn’t even got around to that as it was allowing me to get in but it was on the list.

the keybinding in labwc weren’t working as stated. Couldn’t turn volume up or using the super key as it was set so something was clashing there. Brightness adjustments not persisting. There were key conflicts there somewhere.

On my brave browser, when I clicked the menu and tried to click say ‘bookmarks’ in the drop down, nothing happened so there was more issues there.

the main issue is I want to type my username and password and login rather than have it go back to the same screen over and over again

I thought I had a working knowledge of Linux but tbh, I don’t even know what that statement means anymore as I feel like it may mean 5+ years experience because I can barely get anything to work after using it for 1-2 years

anyway, it’s fine. I understand this isn’t really productive and rarely do I meet the standards in linux communities to get effective support so it is what it is. Not sure.

The more I try my best to learn the more it seems I’m wasting my time with linux at all.

it’s been two days and I can’t get it to a usable state to the point that it’s now looping at the login screen like I just don’t understand how this is just me all the time. Everyone keeps implying all of these things work but they just never do for me it’s wild

you know what. just forget about it.

every single time I ask ANYONE in ANYTHING to do with linux for help, the response is always the same.

’sorry, you didn’t ask in the right way’

seriously, I shouldn’t have expected anything more. It’s like everyone forgets that new things are hard and confusing and doesn’t care. Well so be it.

thanks anyway, all the best with it

Can you please tell me how to delete this forum account. I should not have sought assistance. I will go back to doing everything on my own as per usual and stop bothering people, just like I do every other time something doesn’t work when people say it does.

Linux is a literal disaster for people actually caring about other people’s freedom yet it preaches it more than anyone.

Everyone is left on their own and it doesn’t cater for people who are new and don’t have 37 years sysadmin and self hosting experience

So I will never ask anyone anything again.

I don’t expect anyone to help at all at this point because they very rarely do around Linux. But here’s a full list of the process I went through and the known bugs/errors after a fresh install in the hopes that other people can not have to experience what I have.

This doesn’t resolve the graphics failures from last time or the login loop I ended up in that I have no way to reproduce until it happens again. But it’s pretty self explanatory what was happening.

fresh install & reboot

before encryption password request error flashes every time, then multiple errors

error:

EFI Stub [WARNING] failed to measure data for event 1 (some numbers) 0.000000001 ?? ## error flashes too fast to catch

[    2.121230] ACPI BIOS Error(bug): Could not resolve symbol [\_SB.PC10.GPP2.W
WAN], AE_NOT_FOUND (20240827/dswload2-162)
[    2.121239] ACPI Error: AE_NOT_FOUND, During name lookup/catalog (20240827/ps
object-220)
[    4.099783] amd_gpio AMDI0030:00: Failed to request GPIO for pin 0x0003, err
-16
[    4.729029] systemd[1]: Failed to start systemd-modules-load.service - Load Kernel Modules.
[FAILED] Failed to start systemd-modules-load.service - Load Kernel Modules.

enter encryption password

go to sysmaint
manage pwd >> set user password
enroll secure boot MOK

systemcheck

failed
UNIT                         LOAD   ACTIVE SUB    DESCRIPTION  
systemd-modules-load.service loaded failed failed Load Kernel Modules

To check manually:
1. Open a terminal. (Start Menu -> System -> Terminal)
2. Run:
leaprun read-systemctl-logs-failed-units-pretty


[WARNING] [systemcheck] tirdad - TCP ISN CPU Information Leak Protection: Disabled

- Reason: Kernel module 'tirdad' is NOT loaded

disabled autologin for user

reboot
complete MOK enroll process
reboot

EFI Stub [WARNING] failed to measure data for event 1 (some numbers) 0.000000001 ?? 

repeat of all previous errors

intall user-sysmaint-split
yes

auto rebooted

errors repeated
logged in

systemcheck
systemcheck timed out and gave up waiting

sudo apt update
sudo apt upgrade -y

systemcheck - time synchronization failure
restart sdwdate
systemcheck > no warnings or errors > tirdad enabled now
reboot

repeat of errors > systemd kernel module load error gone

EFI Stub [WARNING] failed to measure data for event 1 (some numbers) 0.000000001 ?? ## error flashes before other errors

[    2.121230] ACPI BIOS Error(bug): Could not resolve symbol [\_SB.PC10.GPP2.W
WAN], AE_NOT_FOUND (20240827/dswload2-162)
[    2.121239] ACPI Error: AE_NOT_FOUND, During name lookup/catalog (20240827/ps
object-220)
[    4.099783] amd_gpio AMDI0030:00: Failed to request GPIO for pin 0x0003, err
-16
Please enter passphrase for disk rootfs (luks.............):

Then it’s probably best to reinstall and try to go slower this time. When trying to work around a problem, be particularly careful following advice you don’t understand, especially if that advice comes from an AI chatbot.

Sometimes shutdown takes a while for one reason or another. Forcibly powering off is generally not a good idea unless you know what you’re doing and are willing to reinstall if things break thereafter.

You probably have Secure Boot enabled. It is possible to use Kicksecure with Secure Boot enabled, but to begin with you may want to simply turn it off, it will make some things a lot easier.

Also sounds Secure Boot related.

These sound like rough edges in our UX. Time synchronization sometimes times out or takes a very long time to work because it uses Tor, and Tor is unfortunately unreliable by nature. This produces occasional “errors” that can usually be ignored.

It’s not entirely clear how you ended up in the boot loop state, but what you might try is:

1. Disable Secure Boot in your system’s BIOS.
2. Reinstall.
3. On first boot, boot into PERSISTENT Mode | SYSMAINT Session, and click “Install Updates” in the system maintenance panel.
4. Once updates are installed, click “Manage GUI Autologin”, and disable autologin for account user.
5. Then click “Manage Passwords”, click “User Password”, and set a password for account user.
6. Reboot.

That should get you to where you want to be. labwc keybindings and Brave Browser will probably still be problems, but some of the other issues you encountered will hopefully go away if you follow the above steps.

Thank you for still taking the time to try to help and I’m really sorry I have acted like a complete dick.

I am stressed and frustrated at people making more and more rules that reduce my options in the world and it feels like I’m running out of time to implement things that allow me some sense of privacy and freedom. When seemingly simple installs and things don’t work this makes me feel like I have no options, but I shouldn’t have taken that out here and I’m sorry. The world’s issues are not your fault.

I reinstalled and I’m giving it another go. It is currently at a running state so I just have to hope the login loop doesn’t happen again.

I don’t really want to turn secure boot off because it’s a security mechanism.
Some things aren’t loading into the kernel prior to entering the encryption password, but they seem to be working after if I start them, like nvidia-persistenced, so I just have to hope that is enough and work it out as I go.

it seems there is an issue with shutting down. Nothing seemed out of the ordinary, it’s a fresh install and I’ve now waited ~45 minutes

so I have no choice but to forcibly shutdown using the power button, it’s just frozen on a blank screen this time. Last time, it was on terminal screen of some sort.

*Thankfully, this time it did not get stuck in the login loop upon restarting.

That’s strange. In PERSISTENT Mode | SYSMAINT Session, can you run sudo journalctl --no-pager --boot=-0 and share as much of the end of the output as you’re comfortable with? That might help identify what’s hanging up. (This is assuming your last boot was the one that hung; if you’ve rebooted since then you may need to replace --boot=-0 with --boot=-1, --boot=-2, or similar.)

Well… kind of. It’s theoretically able to be used as a security mechanism, but in practice the way it is implemented on most systems is very close to useless. It only ensures the bootloader and kernel are trusted, a separate piece of boot code called the initramfs isn’t verified by Secure Boot (and can’t be by nature), making it easy for an attacker to bypass most of the security advantages of Secure Boot by just messing with the initramfs on a victim system.

sorry for the delayed response.

I couldn’t remember which boot it was and when I put in that command, it was hard for me to identify anything out of the ordinary so I thought I would just try to repeat it. But I’ve rebooted a lot of times now and it’s not happened

I did reset secureboot back to factory default and turn it off to see if that would improve things. Perhaps it did, I don’t know. But I tested with both secureboot on and off and it’s shutting down fine now. Very weird.

If it happens again I will get some logs anyway. It seems like it would be related to the login loop that happened on the first install but i can’t be sure obviously.

I appreciate your help and will just keep an eye on it now. Thank you

[… 5 lines elided]

Linux is a literal disaster for people actually caring about other people’s freedom yet it preaches it more than anyone.

Everyone is left on their own and it doesn’t cater for people who are new and don’t have 37 years sysadmin and self hosting experience

So I will never ask anyone anything again.

[… 13 lines elided]

You get what you pay for.

You make a fair point and I should have found a better way to approach my frustrations and challenges that better respects open source developers that in actual fact, have provided me a lot of options that in actuality, I am grateful for.

Even though at times it is very hard to gain momentum and feels quite isolating at times, it’s part of the trade offs.

Thank you for highlighting that.

Related: