Citrix Receiver – use all available external monitors

When working on a remote server over Citrix, it is sometimes useful not having ICAClient to span over all monitors in fullscreen mode. It is possible to tell wfica to only span certain monitors with the -span parameter.

Change /opt/Citrix/ICAClient/ to:

export ICAROOT

array_join() {
    local IFS="$1"
    echo "$*"

number_of_monitors="$(xrandr --query | grep -c " connected ")"

if (( number_of_monitors > 1 )); then
    for monitor in $(seq 2 "${number_of_monitors}"); do

    param="${param} $(array_join ',' "${monitors[@]}")"

$ICAROOT/wfica ${param} -file $1

This will use all monitors, except for the first one in fullscreen mode (unless you only have one monitor of course).

To get this to work automagically, Firefox has to be told to open *.ica files with this script. Go to Edit, Preferences, Applications, type ica in the search, select Use other... as action and browse to /opt/Citrix/ICAClient/

Disable iPhone USB devices when charging via computer

I usually charge my iPhone by connecting it to my Ubuntu laptop. It is quite annoying that it tries to mount it as a USB-storage and adds it as an ethernet interface.

To the rescue: udev blacklisting:

sudo tee /etc/udev/rules.d/90-disable-iphone.rules <<EOF
# Disable iPhone ethernet device
SUBSYSTEM=="usb", DRIVER=="usb", ATTR{idProduct}=="12a8", ATTR{idVendor}=="05ac", ATTR{authorized}="0"

ATTR{idVendor} and ATTR{idProduct} might differ between different iPhone models. Examine with udevadm info -a -p /sys/class/net/<ethernet interface> and find any information, as close to the top as possible, that can be used to blacklist the device.

Download a sites certificates with openssl

The following snippet can be used to download all the CA certificates from a site, into seperate .crt files. The file name will be the last CN part from the issued information.

openssl s_client -connect $SITE:443 -showcerts \
        </dev/null 2>/dev/null | \
	awk '/^ [0-9] s:/,/^[-]+END CERTIFICATE/' | \
	csplit -q -z -f cert - '/^ [0-9] s:/' '{*}'
for file in cert*; do \
	name="$(awk -F= '/^ [0-9] s:/ {gsub(/[^A-Za-z0-9.]/, "", $NF); print $NF".crt"}' "${file}")"; \
	awk '/^[-]+BEGIN CERTIFICATE/,/^[-]+END CERTIFICATE/' "${file}" > "${name}"; \
	rm "${file}"; \

Example, if running the above with

↳ openssl s_client -connect $SITE:443 -showcerts         </dev/null 2>/dev/null | awk '/^ [0-9] s:/'
 0 s:/
 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3

Two certificate files will be created:

↳ ls *.crt  LetsEncryptAuthorityX3.crt

Run production WordPress site in docker for development

I have a couple of WordPress sites that I wanted to create local development environments in docker for, here are some tips on how to get it to work.

I use the official MySQL and WordPress docker images. The directory structure is as follows:

production_dump.sql is a MySQL dump of the production database, add a “use wordpress-site;” statement in the beginning so that the backup is imported into the correct database.

Installing Ubuntu on Dell XPS 13

Today I got my new Dell XPS 13. Being an Macbook user for the past 5-6 years, this was quite exciting for me; I finally got to run Linux on the desktop again!

So, I created the USB installation stick in Windows and booted to the Live system.

First “bump” was the Dell Wireless network interface that the laptop came with. It’s a Broadcom BCM4352 chip which has a properitary driver.

root@ubuntu:~# lspci -v | grep -i bcm
02:00.0 Network controller: Broadcom Corporation BCM4352 802.11ac Wireless Network Adapter (rev 03)

The required packages is included on the USB installation stick, so it’s just a matter of installing them (this would have to be repeated once booting into the freshly installed system):

sudo dpkg -i /cdrom/pool/main/d/dkms/dkms_2.2.0.3-2ubuntu3_all.deb
sudo dpkg -i /cdrom/pool/restricted/b/bcmwl/bcmwl-kernel-source_6.30.223.248+bdcom-0ubuntu2_amd64.deb

After the installation and restarting the laptop it couldn’t find any bootable devices(!). Reading the release notes, this is a known problem. The bug 1499323 has a workaround.

To enable palm detection, which should have a similar effect as above:

sudo apt-get install xserver-xorg-input-libinput

Then create /etc/X11/xorg.conf.d/99-libinput.conf:

Section "InputClass"
    Identifier "libinput"
    Driver "libinput"
    MatchDevicePath "/dev/input/event*"
    MatchIsTouchpad "true"
    Option "Tapping" "true"
    Option "TappingDragLock" "true"
    Option "ClickMethod" "none"
    Option "NaturalScrolling" "false"

The above settings should make the touchpad behave “similar” to an Apple touchpad.

To improve battery life you can install TLP:

TLP brings you the benefits of advanced power management for Linux without the need to understand every technical detail. TLP comes with a default configuration already optimized for battery life, so you may just install and forget it. Nevertheless TLP is highly customizable to fulfil your specific requirements.

As of 15.10, tlp is part of the official repositories, if you’re running an earlier release:

sudo add-apt-repository ppa:linrunner/tlp

It is easy as:

sudo apt-get update
sudo apt-get install tlp tlp-rdw gsmartcontrol smart-notifier

Bluetooth does not work out-of-the box. To get it working, we need a firmware file from the Windows driver. Good guy hg8 has it available on for us.

sudo mv BCM20702A0-0a5c-216f.hcd /lib/firmware/brcm/
sudo ln -s /lib/firmware/brcm/BCM20702A0-0a5c-216f.hcd /lib/firmware/brcm/BCM20702A1-0a5c-216f.hcd

Change the bluetooth device name with:

sudo -i
echo "PRETTY_HOSTNAME=$HOSTNAME" > /etc/machine-name
systemctl restart bluetooth.service

Additional resources: