Goodix Fingerprint Reader on Fedora Linux

Written by

My Dell XPS 9500 has a built in Goodix fingerprint reader, there are drivers for this in Windows but originally the Linux driver didn’t exist.

A driver for Ubuntu has now arrive but there is no Fedora support. The driver is a libfrpint-2-tod driver. Someone has ported the finger print driver into the Arch User Repo as libfprint-2-tod1-xps9300-bin and it reported to work. My work below is derived from both these sources.

The following is my attempt within Fedora Linux 32:

# Install default systemfprintd and libfrint
yum install fprintd fprintd-pam

# Build libfprint and libfprint-tod
git clone
yum install -y gcc gcc-c++ glib glib-devel glibc glibc-devel glib2 glib2-devel libusb libusb-devel nss-devel pixman pixman-devel libX11 libX11-devel libXv libXv-devel gtk-doc libgusb libgusb-devel gobject-introspection gobject-introspection-devel
cd libfprint
git switch tod
meson builddir && cd builddir
meson compile
meson install

# Over write the system libfprint with our version
cp libfprint/ /usr/lib64/
cp libfprint/tod/ /usr/lib64/
cp libfprint/tod/ /usr/lib64/

# Get the Goodix libfprint driver/udev rules
tar -xvf libfprint-2-tod1-goodix_0.0.4-0ubuntu1somerville1.tar.gz

# Move the libfprint driver to where we think it should go
mkdir -p /usr/lib/libfprint-2/tod-1/
cp libfprint-2-tod1-goodix/usr/lib/x86_64-linux-gnu/libfprint-2/tod-1/ /usr/lib/libfprint-2/tod-1/
sudo chmod 755 /usr/lib/libfprint-2/tod-1/
cp libfprint-2-tod1-goodix/lib/udev/rules.d/60-libfprint-2-tod1-goodix.rules /lib/udev/rules.d/

# Add some things into the module alias file
cat debian/modaliases >> /lib/modules/uname -r/modules.alias

If anyone knows where I’ve gone wrong, give me an email.

Shared Fail2Ban Puppet

Written by

I’ve written a very simple Puppet module for the Shared Fail2Ban system we use at work.

I’ve sanitised and uploaded the module to github under the name Shared Fail2Ban Puppet.

The module is fairly simple and depends on the puppet labs mysql module on puppet forge. It may clash with other peoples fail2ban modules.

The shared installation will install ssh iptables with shared iptables on the clients with an option of mysql or api on the shared fail2ban server. You can however change the files it pushes for your own jails.

re3-nx Linux Audio Fix

Written by

GTA3 build for the Nintendo Switch was recently released but there is an audio issue with the WAV files on some releases, the developers provided a Windows batch script and not a Linux script.

It requires ffpmeg which is typically in your favourite distros package manager.


function check_bin() {
  which $1 1>/dev/null 2>&1
  if [[ $? -ne 0 ]]; then
    echo "$1 cannot be found. Please install it or add it to your path. Exiting."
    exit 1

check_bin ffmpeg
check_bin grep

mkdir audio
for file in $(ls | grep wav); do
  ffmpeg -i $file audio/$file

Just copy and paste the code above, save it in the same directory as your GTA audio files and execute it (chmod +x && ./

List NFS Clients on Server

Written by

I was looking for a simple and easy way to view the NFS Clients connected to my NFS Server, there’s many guides on how to view the mounts available and people say to run various client side commands but that doesn’t help for the opposite way.

This is a little Linux bash script to show the currently connected NFS clients to your server; it uses a dig lookup to get the hostname, which may not work if you dont have rDNS for internal addressing.

# A little bash script to show currently connected NFS clients.
# Adam Boutcher - Jul 2020
# IPPP, Durham University

# Function to check that a binary exists
function check_bin() {
  which $1 1>/dev/null 2>&1
  if [[ $? -ne 0 ]]; then
    echo "$1 cannot be found. Please install it or add it to the path. Exiting."
    exit 1

check_bin which
check_bin netstat
check_bin grep
check_bin awk
check_bin echo
check_bin dig

NCLIENTS=$(netstat -plna | grep 2049 | awk '{print $5}' | grep -v "*" | awk -F ":" '{print $1}')
echo ""
echo "NFS clients currently connected:"
for CLIENT in ${NCLIENTS}; do
  CNAME=$(dig +short -x $CLIENT);
  echo - $CLIENT ($CNAME)
echo ""
exit 0;

There are other tools available like nfstat to help show other NFS information, specifically for servers use:

nfsatst -s

Fedora Linux LUKS Encryption with TPM Unlock

Written by

Windows has BitLocker, Linux has LUKS as Full Disk Encryption, but by default LUKS doesn’t unlock via the TPM and requires a password.

There are many guides out there that show a very complex setup but for the basic encrypt the root partition and unlock it with a TPM, its actually fairly simple.

The following commands will setup your Fedora Linux (Tested with Fedora 32) LUKS boot volume to unlock automatically with the TPM.

dnf install clevis clevis-dracut clevis-luks
clevis luks bind -d /dev/sda3 tpm2 '{"pcr_ids":"7"}'
dracut -f

This was tested with non-Secure booting EFI.

These guides were very helpful: