Ask Klaus

Controlling Brightness

On my laptop, the function key combinations that are supposed to change the display's brightness are not working with Linux. Is special software necessary in order to activate those function keys?

Most manufacturers of notebooks use a non-standard keyboard assignment for brightness, WiFi enable/disable, and so on – "non-standard" meaning that there really isn't much of a standard keycode available for the extra functionality. Proprietary operating systems use "drivers" to map extended keyboard events to certain actions, as is done similarly in most Linux distributions using the ACPI daemon with vendor-specific configuration files in /etc/acpi/events and /etc/acpi/actions provided by packages such as eeepc-acpi-scripts and acpi-support (which contain known mappings for different notebook brands). Finding the correct settings and writing your own scripts for handling events can be a very complex task, but in some cases, you have an easier way to solve this problem.

Boot options can change the default behavior in the Advanced Configuration and Power Interface (ACPI) firmware to handle requests for brightness internally, instead of passing the key event to the operating system. One example for Knoppix is:

knoppix64 acpi_osi=Linux acpi_backlight=vendor

The acpi_osi=Linux option chooses some Linux-friendly settings (also concerning power management), and acpi_backlight=vendor attempts to wire key presses of the "brightness" function keys directly with the backlight controller, which may or may not work better than the supplied acpi-support scripts.

If you can confirm that these boot command-line settings work as expected, you might want to add them to the APPEND or KERNEL boot options in your favorite bootloader.

Forensic Mode

What is "forensic mode" in Knoppix? Knoppix 7.1.1 has just been released, and I've read about a "forensic" mode that is only briefly described in the knoppix-cheatcodes.txt file:

knoppix forensic
Don't use swap and mount read-only

What does it really do?

Forensic mode was requested by experts that work in computer forensics (i.e., analysis and recovery of hard disk data – even previously deleted data – as part of rescuing lost data or for evidence in criminal prosecution). For this task, all changes to the stored data are absolutely unwanted. Knoppix does not normally write to hard disk, with two exceptions:

1. Configured Linux swap partitions that are not currently used as hibernation space will be reused.
2. Disk partitions containing filesystems that are mounted by user choice can be written to.

Adding the keyword forensic to Knoppix boot options will automatically disable the use of existing swap partitions and write-protect all detected partitions on the block layer using:

blockdev --setro <partition>

Therefore, in forensic mode, attempts to mount partitions read/write will not work unless the user "unprotects" the partitions first using

blockdev --setrw <partition>

(e.g., when saving rescued data to an external hard disk). If certain filesystem types require being set read/write in order to attempt a repair of the superblock, a copy can first be made safely by means of dd_rescue, so that the original data is never changed.

For normal usage scenarios (i.e., taking advantage of writable media for saving data transparently from the running system), forensic mode is rather impractical. ;-)

Broadcom WiFi Drivers

I can't help noticing that you changed the default driver for some Broadcom chipsets from the free, kernel-included drivers to the "non-free" broadcom-sta driver (wl) in Knoppix 7.7.1. What is the advantage or disadvantage over the free drivers?

Although the standard kernel drivers for Broadcom WiFi chipsets usually work well enough for daily use, some users have reported slow or unstable WiFi connections, even with the vendor-supplied firmware copied to /lib/firmware. The broadcom-sta-dkms driver package, which is provided in Debian as a self-building package, contains code and firmware provided by the Broadcom chip manufacturer with some license restrictions that might disqualify the driver in Debian main, in the sense of not being "open source," even though partial source code is provided.

On the one hand, I can well understand that following regulations and legal restrictions for WiFi in different countries encourages "unchangeable" drivers. On the other hand, the closed source parts of the driver make it difficult to check for security flaws or unwanted functions, and it is also disallowed to modify the driver for supporting chipsets from other vendors, making it "proprietary," which I'm somewhat reluctant to accept in Knoppix.

Nevertheless, test results from some of the Knoppix beta testers report an enhancement of throughput and bandwidth gain – a download speed factor of up to 2x – using the broadcom-sta driver as a replacement for the kernel internal driver. Also, network disruptions because of weak signals seem to occur much less often.

For these practical reasons, we gave the broadcom-sta driver another try, but with the option to switch back to the free driver by changing preferences in /etc/modprobe.d/broadcom-sta-common.conf.