debian-ubuntu
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseDebian-Ubuntu: Debian and Debian-Based Distro Administration
Debian-Ubuntu:Debian及Debian系发行版管理
Administer Debian, Ubuntu, Linux Mint, Pop!_OS, Devuan, and other Debian-derived systems,
with partial coverage for Kali when the question is about base OS administration rather than
security-distro workflow. Focus on Debian stable and Ubuntu LTS first, then layer in
derivative-specific behavior, PPA workflows, snap confinement, Ubuntu HWE, and explicit checks
for derivatives that diverge on init, packaging defaults, or intended use.
Versions worth pinning (verified April 2026):
Only pin versions here when they materially affect compatibility or troubleshooting shape. For
ordinary Debian and Ubuntu package work, prefer the live distro lane and package policy over a
stale package-version table.
| Component | Version | Why it matters |
|---|---|---|
| Debian stable | 13 (trixie) | current stable baseline and repo behavior |
| Ubuntu LTS | 26.04 (Resolute Raccoon) | current LTS baseline for most Ubuntu guidance |
| Ubuntu interim lane | verify live | interim releases move fast; check the active upgrade path instead of memorizing one short-lived codename |
| Ubuntu HWE lane | verify live | kernel metapackage and hardware-enablement behavior matter more than one exact kernel number |
| NVIDIA driver branch | verify live | proprietary branch choice affects Wayland, gaming, and DKMS behavior |
| Mesa stack | verify live | AMD and Intel graphics behavior tracks the shipped Mesa lane |
管理Debian、Ubuntu、Linux Mint、Pop!_OS、Devuan及其他Debian衍生系统,当问题涉及基础操作系统管理而非安全发行版工作流时,部分覆盖Kali系统。优先聚焦Debian稳定版和Ubuntu LTS版本,再逐步加入衍生版特定行为、PPA工作流、snap沙箱限制、Ubuntu HWE,以及针对在初始化、包管理默认设置或预期用途上存在差异的衍生版的明确检查。
值得固定的版本(2026年4月验证):
仅当版本对兼容性或故障排查产生实质性影响时,才在此处固定版本。对于普通Debian和Ubuntu包管理工作,优先使用当前发行版渠道和包策略,而非过时的包版本表。
| 组件 | 版本 | 重要性说明 |
|---|---|---|
| Debian稳定版 | 13 (trixie) | 当前稳定基线及仓库行为 |
| Ubuntu LTS | 26.04 (Resolute Raccoon) | 大多数Ubuntu指导的当前LTS基线 |
| Ubuntu临时版本渠道 | 实时验证 | 临时版本迭代快;请检查当前升级路径,而非记忆某个短命版本代号 |
| Ubuntu HWE渠道 | 实时验证 | 内核元包和硬件支持行为比具体内核版本号更重要 |
| NVIDIA驱动分支 | 实时验证 | 专有分支选择会影响Wayland、游戏和DKMS行为 |
| Mesa栈 | 实时验证 | AMD和Intel显卡行为随预装Mesa渠道变化 |
When to use
适用场景
- Package management with ,
apt,apt-get,dpkg, pinning, or holdsapt-cache - PPA management on Ubuntu, Mint, or Pop!_OS (, key handling)
add-apt-repository - Snap and Flatpak workflow, confinement issues, and alternatives
- systemd service, timer, boot, and journal troubleshooting on Debian-style systems
- GRUB, initramfs, EFI, kernel, and recovery work on Debian or Ubuntu
- Release maintenance: dist-upgrades, HWE transitions, release upgrades ()
do-release-upgrade - Desktop stack: Wayland vs X11, GNOME, KDE, Cinnamon, COSMIC, portals, PipeWire, Bluetooth
- Session startup and laptop work: GDM, SDDM, LightDM, suspend/resume, power profiles, hybrid graphics
- GPU and gaming: NVIDIA proprietary vs nouveau, AMD Mesa, Intel, Vulkan, Steam, Proton, Gamescope
- Capture and communication: OBS, WebRTC screen sharing, Discord/Teams, portals, virtual cameras
- Storage: ext4, Btrfs, LUKS, LVM, TRIM, hibernation
- Firmware and hardware enablement: ,
fwupd, HWE stacks, backportsubuntu-drivers - Security: AppArmor profiles, unattended-upgrades, needrestart, debian-security updates
- Remote gaming and input: Moonlight, Sunshine, Steam Remote Play, controllers
- Base Linux ops on Debian-style systems: ,
journalctl,dmesg,lsblkupdate-alternatives
- 使用、
apt、apt-get、dpkg、版本固定或包保留进行包管理apt-cache - 在Ubuntu、Mint或Pop!_OS上管理PPA(、密钥处理)
add-apt-repository - Snap和Flatpak工作流、沙箱限制问题及替代方案
- Debian风格系统上的systemd服务、定时器、启动和日志故障排查
- Debian或Ubuntu上的GRUB、initramfs、EFI、内核和恢复操作
- 版本维护:发行版升级、HWE过渡、版本更新()
do-release-upgrade - 桌面栈:Wayland与X11、GNOME、KDE、Cinnamon、COSMIC、门户、PipeWire、蓝牙
- 会话启动与笔记本操作:GDM、SDDM、LightDM、休眠/唤醒、电源配置、混合显卡
- GPU与游戏:NVIDIA专有驱动与nouveau开源驱动、AMD Mesa、Intel、Vulkan、Steam、Proton、Gamescope
- 捕获与通信:OBS、WebRTC屏幕共享、Discord/Teams、门户、虚拟摄像头
- 存储:ext4、Btrfs、LUKS、LVM、TRIM、休眠
- 固件与硬件支持:、
fwupd、HWE栈、回溯包ubuntu-drivers - 安全:AppArmor配置文件、无人值守更新、needrestart、debian-security更新
- 远程游戏与输入:Moonlight、Sunshine、Steam Remote Play、控制器
- Debian风格系统上的基础Linux操作:、
journalctl、dmesg、lsblkupdate-alternatives
When NOT to use
不适用场景
- Shell syntax, quoting, or script portability - use command-prompt
- Network architecture, DNS, VPNs, reverse proxies, or firewall design - use networking
- Docker, Podman, image builds, or container runtime - use docker
- Kubernetes cluster or manifest work - use kubernetes
- Fleet-wide Linux configuration via playbooks - use ansible
- Security review, vulnerability triage, or offensive testing - use security-audit or lockpick
- RPM-family distros and tooling - use rhel-fedora. That includes RHEL, Fedora, Rocky, AlmaLinux, Oracle Linux, and Amazon Linux.
- Ubuntu Core and snap-only transactional workflows - outside this skill; do not treat them like ordinary apt-managed Ubuntu hosts
- NixOS or declarative system management - outside this skill; route to a dedicated NixOS skill when one exists
- Kali offensive tooling, pentest workflow, or training-image specifics - use kali-linux
- OPNsense or pfSense appliance work - use firewall-appliance
- Shell语法、引用或脚本可移植性 - 使用command-prompt技能
- 网络架构、DNS、VPN、反向代理或防火墙设计 - 使用networking技能
- Docker、Podman、镜像构建或容器运行时 - 使用docker技能
- Kubernetes集群或清单操作 - 使用kubernetes技能
- 通过剧本进行跨主机Linux配置 - 使用ansible技能
- 安全审查、漏洞分类或攻击性测试 - 使用security-audit或lockpick技能
- RPM系发行版及工具 - 使用rhel-fedora技能。包括RHEL、Fedora、Rocky、AlmaLinux、Oracle Linux和Amazon Linux。
- Ubuntu Core及纯snap事务性工作流 - 超出本技能范围;请勿将其视为普通apt管理的Ubuntu主机
- NixOS或声明式系统管理 - 超出本技能范围;如有专用NixOS技能,请转至该技能
- Kali攻击性工具、渗透测试工作流或训练镜像细节 - 使用kali-linux技能
- OPNsense或pfSense设备操作 - 使用firewall-appliance技能
AI Self-Check
AI自检
Before returning Debian or Ubuntu commands, verify:
- Distro and release identified: Debian stable/testing/unstable, Ubuntu LTS/interim, Mint, Pop!_OS, Devuan, Kali, or another derivative. Advice diverges quickly.
- Init system identified: do not assume systemd on Devuan or other Debian derivatives without checking PID 1, service manager, and boot tooling first.
- Release model respected: do not suggest when
apt upgradeorapt full-upgradeis required for package transitions. Do not suggestapt dist-upgradecasually on Ubuntu without context.apt dist-upgrade - Ubuntu 24.04 -> 26.04 delta accounted for: Ubuntu 24.04 LTS upgraders inherit 24.10, 25.04, 25.10, and 26.04 changes. Do not treat 26.04 as a small point refresh of 24.04.
- Repository state clean: no broken apt lists, missing GPG keys, or mixed releases without pinning.
- Boot stack identified: GRUB vs other loader, EFI vs BIOS, initramfs generator, and kernel metapackage before changing boot files.
- Fallback path exists: do not remove the only known-good kernel or break the only boot entry on a remote system.
- PPA trust boundary respected: review PPA source, key, and maintenance status before adding.
- systemd scope is correct: distinguish system units from user units and use only when appropriate.
systemctl --user - Wayland stack is coherent: compositor, portal backend, Xwayland compatibility, and user-session services line up.
- Session startup path identified: display manager, greeter, or TTY launch path known before debugging env propagation.
- Audio stack is coherent: PipeWire, , and WirePlumber are not fighting a leftover PulseAudio setup.
pipewire-pulse - Bluetooth path is complete: alone is not enough if audio routing, trust, pairing, or profile selection is broken.
bluetooth.service - GPU stack matches hardware: proprietary NVIDIA vs nouveau vs Mesa. Verify actual driver in use before debugging graphics issues.
- Gaming stack includes 32-bit userspace when needed: Steam and Proton failures often come from missing graphics libraries.
i386 - Capture stack is coherent: portal backend, PipeWire, WebRTC or Electron client path, and any virtual camera module choice line up.
- Suspend and hibernation claims are real: hibernation advice matches actual swap layout, initramfs resume hook, and Secure Boot state.
- AppArmor state is considered: on Ubuntu, AppArmor denials can silently break services, snaps, or custom binaries.
- Snap confinement is not ignored: when a snap misbehaves, check interfaces and confinement level before reinstalling.
- Ubuntu desktop session assumptions are current: on Ubuntu 26.04 Desktop, do not assume a stock Xorg session or the old GUI are present by default.
Software & Updates - HWE kernel path is understood: Ubuntu HWE stacks transition kernel metapackages. Know whether the system tracks or
generic.hwe - Diagnostic errors are not silenced: do not mask failures with on commands whose error reason matters. Use
2>/dev/nullto surface errors without aborting.2>&1 || true - Firmware updates are not conflated with package updates: and vendor tools (e.g.,
fwupd) are separate fromsystem76-firmware.apt upgrade - Debian alternatives are checked: when a command behaves oddly, verify for that binary.
update-alternatives
返回Debian或Ubuntu命令前,请验证:
- 已识别发行版和版本:Debian稳定版/测试版/不稳定版、Ubuntu LTS/临时版、Mint、Pop!_OS、Devuan、Kali或其他衍生版。建议内容差异很大。
- 已识别初始化系统:在Devuan或其他Debian衍生版上,未检查PID 1、服务管理器和启动工具前,不要默认使用systemd。
- 遵循版本模型:当包过渡需要或
apt full-upgrade时,不要建议使用apt dist-upgrade。在Ubuntu上,若无上下文,不要随意建议apt upgrade。apt dist-upgrade - 考虑Ubuntu 24.04 -> 26.04的差异:Ubuntu 24.04 LTS升级会继承24.10、25.04、25.10和26.04的变更。不要将26.04视为24.04的小版本更新。
- 仓库状态干净:无损坏的apt列表、缺失的GPG密钥或未固定版本的混合发行版。
- 已识别启动栈:修改启动文件前,确认GRUB或其他加载器、EFI或BIOS、initramfs生成器和内核元包。
- 存在回退路径:不要在远程系统上移除唯一已知可用的内核或破坏唯一启动项。
- 遵循PPA信任边界:添加PPA前,审查其来源、密钥和维护状态。
- systemd范围正确:区分系统单元与用户单元,仅在合适时使用。
systemctl --user - Wayland栈一致: compositor、门户后端、Xwayland兼容性和用户会话服务匹配。
- 已识别会话启动路径:调试环境传播前,了解显示管理器、登录界面或TTY启动路径。
- 音频栈一致:PipeWire、和WirePlumber未与遗留PulseAudio设置冲突。
pipewire-pulse - 蓝牙路径完整:若音频路由、信任、配对或配置选择出现问题,仅不足以解决。
bluetooth.service - GPU栈匹配硬件:NVIDIA专有驱动、nouveau开源驱动或Mesa。调试显卡问题前,验证实际使用的驱动。
- 游戏栈包含必要的32位用户空间:Steam和Proton故障通常源于缺失图形库。
i386 - 捕获栈一致:门户后端、PipeWire、WebRTC或Electron客户端路径以及虚拟摄像头模块选择匹配。
- 休眠和唤醒声明真实:休眠建议与实际交换分区布局、initramfs唤醒钩子和Secure Boot状态匹配。
- 考虑AppArmor状态:在Ubuntu上,AppArmor拒绝可能会静默破坏服务、snaps或自定义二进制文件。
- 未忽略snap沙箱限制:当snap应用行为异常时,重新安装前先检查接口和沙箱级别。
- Ubuntu桌面会话假设符合当前情况:在Ubuntu 26.04桌面版上,不要默认全新安装会包含原生Xorg会话或旧版图形界面。
Software & Updates - 理解HWE内核路径:Ubuntu HWE栈会转换内核元包。了解系统跟踪的是还是
generic。hwe - 未掩盖诊断错误:对于错误原因重要的命令,不要用掩盖失败。使用
2>/dev/null显示错误而不终止执行。2>&1 || true - 未混淆固件更新与包更新:和厂商工具(如
fwupd)与system76-firmware是分开的。apt upgrade - 检查Debian替代方案:当命令行为异常时,验证该二进制文件的设置。
update-alternatives
Workflow
工作流
Step 1: Identify the distro lane first
步骤1:首先识别发行版渠道
| Distro | Default stance | What changes |
|---|---|---|
| Debian stable | Conservative, pin-oriented | |
| Debian testing | Rolling-ish, with freezes | Closer to Ubuntu but without Ubuntu-specific tooling. |
| Debian unstable (sid) | True rolling | No release, just |
| Ubuntu LTS | Default baseline | |
| Ubuntu interim | Short-lived | Common stepping stone into the current LTS. Quick to EOL. |
| Linux Mint | Ubuntu LTS derivative | Cinnamon/XFCE focus. Mint-specific repos and update manager. PPAs from Ubuntu often work. |
| Pop!_OS | Ubuntu derivative with extras | System76 firmware, COSMIC desktop, Pop repos, |
| Devuan | Debian derivative with a major service-model split | Do not assume systemd, |
| Kali | Debian-derived security distro | Fine for base apt, kernel, boot, or service administration, but use kali-linux for Kali-specific branches, images, metapackages, training-image workflow, and offensive-distro context. |
| Other Debian-based | Confirm repo model | Do not assume vanilla Debian or Ubuntu behavior. |
| 发行版 | 默认立场 | 变更点 |
|---|---|---|
| Debian稳定版 | 保守、版本固定导向 | 仅使用 |
| Debian测试版 | 类滚动更新,含冻结期 | 接近Ubuntu,但无Ubuntu特定工具。 |
| Debian不稳定版(sid) | 纯滚动更新 | 无版本号,仅 |
| Ubuntu LTS | 默认基线 | 使用 |
| Ubuntu临时版 | 生命周期短 | 通常是当前LTS的过渡版本。很快会终止支持。 |
| Linux Mint | Ubuntu LTS衍生版 | 聚焦Cinnamon/XFCE。Mint专属仓库和更新管理器。Ubuntu的PPA通常可用。 |
| Pop!_OS | 带附加功能的Ubuntu衍生版 | System76固件、COSMIC桌面、Pop仓库、 |
| Devuan | 服务模型大幅拆分的Debian衍生版 | 不要默认使用systemd、 |
| Kali | Debian衍生的安全发行版 | 适用于基础apt、内核、启动或服务管理,但针对Kali专属分支、镜像、元包、训练镜像工作流和攻击性发行版上下文,使用kali-linux技能。 |
| 其他Debian系发行版 | 确认仓库模型 | 不要默认其行为与原生Debian或Ubuntu一致。 |
Step 2: Gather current system state
步骤2:收集当前系统状态
bash
cat /etc/os-release
uname -r
ps -p 1 -o comm=
dpkg-query -W -f='${Package}\t${Version}\n' 'linux-image*' systemd grub-common grub-efi-amd64 2>&1 || true
dpkg -l | grep -E "^ii.*(systemd|grub|pipewire|nvidia|mesa)" | head -15
apt-cache policy
command -v systemctl >/dev/null 2>&1 && systemctl --failed
journalctl -b -p warning..alert 2>&1 || true
findmnt /boot
findmnt /boot/efi
command -v grub-install >/dev/null 2>&1 && grub-install --version
lsblk -f
echo "Session=$XDG_SESSION_TYPE Desktop=$XDG_CURRENT_DESKTOP"
loginctl list-sessions 2>&1 || true
command -v systemctl >/dev/null 2>&1 && systemctl status display-manager 2>&1 || true
command -v systemctl >/dev/null 2>&1 && systemctl --user --failed 2>&1 || true
command -v systemctl >/dev/null 2>&1 && systemctl --user status pipewire pipewire-pulse wireplumber 2>&1 || true
command -v systemctl >/dev/null 2>&1 && systemctl --user status xdg-desktop-portal 2>&1 || true
command -v systemctl >/dev/null 2>&1 && systemctl status apparmor 2>&1 || true
command -v aa-status >/dev/null 2>&1 && aa-status 2>&1 || true
command -v wpctl >/dev/null 2>&1 && wpctl status
command -v bluetoothctl >/dev/null 2>&1 && bluetoothctl show
command -v snap >/dev/null 2>&1 && snap list | head -10
command -v flatpak >/dev/null 2>&1 && flatpak list | head -10
lspci -k | grep -Ei 'vga|3d|display'
journalctl -b | grep -Ei 'nvrm|nvidia|amdgpu|i915|xe|drm' 2>&1 || true
journalctl --user -b | grep -Ei 'portal|pipewire|webrtc|obs' 2>&1 || true
lsmod | grep '^v4l2loopback'
command -v dkms >/dev/null 2>&1 && dkms status
findmnt -t btrfs
command -v systemctl >/dev/null 2>&1 && systemctl status fstrim.timer 2>&1 || true
apt list --upgradable 2>&1 | tail -n +2bash
cat /etc/os-release
uname -r
ps -p 1 -o comm=
dpkg-query -W -f='${Package}\t${Version}\n' 'linux-image*' systemd grub-common grub-efi-amd64 2>&1 || true
dpkg -l | grep -E "^ii.*(systemd|grub|pipewire|nvidia|mesa)" | head -15
apt-cache policy
command -v systemctl >/dev/null 2>&1 && systemctl --failed
journalctl -b -p warning..alert 2>&1 || true
findmnt /boot
findmnt /boot/efi
command -v grub-install >/dev/null 2>&1 && grub-install --version
lsblk -f
echo "Session=$XDG_SESSION_TYPE Desktop=$XDG_CURRENT_DESKTOP"
loginctl list-sessions 2>&1 || true
command -v systemctl >/dev/null 2>&1 && systemctl status display-manager 2>&1 || true
command -v systemctl >/dev/null 2>&1 && systemctl --user --failed 2>&1 || true
command -v systemctl >/dev/null 2>&1 && systemctl --user status pipewire pipewire-pulse wireplumber 2>&1 || true
command -v systemctl >/dev/null 2>&1 && systemctl --user status xdg-desktop-portal 2>&1 || true
command -v systemctl >/dev/null 2>&1 && systemctl status apparmor 2>&1 || true
command -v aa-status >/dev/null 2>&1 && aa-status 2>&1 || true
command -v wpctl >/dev/null 2>&1 && wpctl status
command -v bluetoothctl >/dev/null 2>&1 && bluetoothctl show
command -v snap >/dev/null 2>&1 && snap list | head -10
command -v flatpak >/dev/null 2>&1 && flatpak list | head -10
lspci -k | grep -Ei 'vga|3d|display'
journalctl -b | grep -Ei 'nvrm|nvidia|amdgpu|i915|xe|drm' 2>&1 || true
journalctl --user -b | grep -Ei 'portal|pipewire|webrtc|obs' 2>&1 || true
lsmod | grep '^v4l2loopback'
command -v dkms >/dev/null 2>&1 && dkms status
findmnt -t btrfs
command -v systemctl >/dev/null 2>&1 && systemctl status fstrim.timer 2>&1 || true
apt list --upgradable 2>&1 | tail -n +2Step 3: Load only the relevant reference
步骤3:仅加载相关参考文档
If the host is Ubuntu 24.04 LTS or the user is planning a 24.04 -> 26.04 move, load
early. That path bundles interim-release churn, desktop-session
changes, app swaps, and GUI-tool changes that do not show up if you treat 26.04 like a routine
point upgrade.
references/derivatives-and-hwe.md| Task type | Reference |
|---|---|
| |
| systemd units, timers, journal, overrides | |
| GRUB, kernel, initramfs, EFI, recovery | |
| Ubuntu HWE, release upgrades, Debian lanes, Mint/Pop/Devuan/Kali specifics | |
| Wayland, X11, GNOME, KDE, Cinnamon, COSMIC, PipeWire | |
| Display managers, session startup, suspend/resume, power, hybrid graphics | |
| GPU drivers, Vulkan, Steam, Proton, gaming | |
| OBS, WebRTC, screen sharing, virtual cameras | |
| ext4, Btrfs, LUKS, LVM, TRIM, hibernation | |
| AppArmor, unattended-upgrades, debian-security | |
| Remote gaming, controllers, input | |
| Core Linux ops commands and Debian tools | |
| Recurring Debian/Ubuntu failure patterns | |
Do not load every reference by default. Pick the one that matches the failure mode, then widen
only if the first layer is clean.
如果主机是Ubuntu 24.04 LTS,或者用户计划从24.04升级到26.04,请尽早加载。该文档包含临时版本变更、桌面会话变更、应用替换和图形工具变更,若将26.04视为常规小版本升级,这些内容不会显现。
references/derivatives-and-hwe.md| 任务类型 | 参考文档 |
|---|---|
| |
| systemd单元、定时器、日志、覆盖配置 | |
| GRUB、内核、initramfs、EFI、恢复 | |
| Ubuntu HWE、版本升级、Debian渠道差异、Mint/Pop/Devuan/Kali细节说明 | |
| Wayland、X11、GNOME、KDE、Cinnamon、COSMIC、PipeWire | |
| 显示管理器、会话启动、休眠/唤醒、电源、混合显卡 | |
| GPU驱动、Vulkan、Steam、Proton、游戏 | |
| OBS、WebRTC、屏幕共享、虚拟摄像头 | |
| ext4、Btrfs、LUKS、LVM、TRIM、休眠 | |
| AppArmor、无人值守更新、debian-security | |
| 远程游戏、控制器、输入 | |
| 核心Linux操作命令和Debian工具 | |
| Debian/Ubuntu常见故障模式 | |
不要默认加载所有参考文档。选择与故障模式匹配的文档,仅在第一层排查无问题时再扩大范围。
Step 4: Change one layer at a time
步骤4:一次修改一个层级
- Fix package state before debugging services that may be broken by stale libraries.
- Fix service configuration before declaring systemd broken.
- Fix mountpoints and loader state before rebuilding initramfs.
- On Ubuntu, separate "vanilla Debian behavior" from "Ubuntu snap/HWE/PPA behavior."
- On Pop!_OS, separate "Ubuntu behavior" from "System76 firmware and power behavior."
- Prefer reversible steps: package holds, backup kernels, , saved configs.
apt-mark
- 在调试可能因过期库损坏的服务前,先修复包状态。
- 在判定systemd损坏前,先修复服务配置。
- 在重建initramfs前,先修复挂载点和加载器状态。
- 在Ubuntu上,区分“原生Debian行为”与“Ubuntu snap/HWE/PPA行为”。
- 在Pop!_OS上,区分“Ubuntu行为”与“System76固件和电源行为”。
- 优先选择可逆步骤:包保留、备份内核、、保存配置。
apt-mark
Step 5: Validate before closing
步骤5:关闭前验证
bash
apt-cache policy package_name
systemctl status unit_name
journalctl -u unit_name -b
command -v update-grub >/dev/null 2>&1 && update-grub
command -v grub-install >/dev/null 2>&1 && grub-install --versionReboot only when the boot path is understood and at least one known-good entry remains.
bash
apt-cache policy package_name
systemctl status unit_name
journalctl -u unit_name -b
command -v update-grub >/dev/null 2>&1 && update-grub
command -v grub-install >/dev/null 2>&1 && grub-install --version仅在理解启动路径且至少保留一个已知可用启动项时,才重启系统。
Troubleshooting Pattern
故障排查模式
Keep triage cross-layer and boring:
- Confirm active distro, release, session type, kernel, and package lane.
- Identify failing layer: package state, system service, user service, boot path, desktop session, graphics, or app.
- Pull logs before changing config.
- Change one layer at a time and retest.
- Prefer known-good baseline over tweak stacking.
Core log sweep:
bash
journalctl -b -p warning..alert
journalctl --user -b
dmesg --level=err,warn
journalctl -u unit_name -b
journalctl --user -u pipewire -u wireplumber -u xdg-desktop-portal -bBroad pattern sweeps when you need correlation, not first-pass precision:
bash
journalctl -b | grep -Ei 'nvrm|nvidia|amdgpu|i915|xe|drm' 2>&1 || true
journalctl --user -b | grep -Ei 'portal|pipewire|webrtc|obs' 2>&1 || trueWhen a bug looks desktop-only, compare one clean baseline:
- GNOME vs KDE vs Cinnamon vs COSMIC
- browser WebRTC vs packaged client
- plain game launch vs Gamescope or MangoHud
- stock kernel vs HWE kernel
保持跨层级分类且简洁:
- 确认当前发行版、版本、会话类型、内核和包渠道。
- 识别故障层级:包状态、系统服务、用户服务、启动路径、桌面会话、显卡或应用。
- 修改配置前先提取日志。
- 一次修改一个层级并重新测试。
- 优先选择已知可用的基线,而非叠加调整。
核心日志扫描:
bash
journalctl -b -p warning..alert
journalctl --user -b
dmesg --level=err,warn
journalctl -u unit_name -b
journalctl --user -u pipewire -u wireplumber -u xdg-desktop-portal -b需要关联而非初步排查时,进行广泛模式扫描:
bash
journalctl -b | grep -Ei 'nvrm|nvidia|amdgpu|i915|xe|drm' 2>&1 || true
journalctl --user -b | grep -Ei 'portal|pipewire|webrtc|obs' 2>&1 || true当故障仅出现在桌面环境时,对比一个干净基线:
- GNOME vs KDE vs Cinnamon vs COSMIC
- 浏览器WebRTC vs 打包客户端
- 普通游戏启动 vs Gamescope或MangoHud
- 原生内核 vs HWE内核
Default Decisions
默认决策
- Debian stable means conservative updates. Pin when mixing repos. Use backports selectively. Avoid or
testingpackages on stable without a transition plan.sid - Ubuntu LTS means predictable cadence. Ubuntu 26.04 is the current baseline, but 24.04 -> 26.04 upgrades bundle three interim releases plus the final LTS delta. Expect bigger desktop, app, and workflow changes than the version jump alone suggests.
- Ubuntu Desktop assumptions changed in 26.04. Stock Ubuntu Desktop is Wayland-only, and the old GUI is no longer installed by default on new installs. GUI-first troubleshooting advice from 24.04-era blog posts may be wrong on fresh 26.04 systems.
Software & Updates - Use systemd-native tools first. Reach for ,
systemctl,journalctl, andtimedatectlbefore distro wrappers.localectl - Treat PPAs as exceptions, not defaults. Review maintainer, signing key, freshness, and package origin before adding one. Remove dead PPAs promptly.
- Prefer distro packages before third-party repos. Use Debian backports, Ubuntu official repos, or vendor packages first; escalate to PPAs only when the distro lane is genuinely insufficient.
- Treat snaps as sandboxed first. Interface and confinement issues explain more snap failures than package bugs.
- GRUB and initramfs are one subsystem. Kernel metapackage, ,
update-initramfs, and EFI fallback all have to agree.update-grub - Desktop failures are often session failures. On Wayland, user units, portals, and session env matter as much as the package list.
- Gaming failures are often stack mismatches. Wrong driver branch, missing userspace, absent firmware, or broken Proton path is more common than "Linux gaming is bad."
i386 - Capture failures are portal/PipeWire failures. OBS, browser WebRTC, Discord, and Teams often fail at the screencast path.
- AppArmor is invisible until it is not. On Ubuntu, check and journal denials when a service or binary mysteriously fails.
aa-status - Firmware is separate from packages. and vendor tools update hardware firmware. Do not expect
fwupdto fix BIOS or SSD firmware.apt upgrade
- Debian稳定版意味着保守更新:混合仓库时固定版本。选择性使用回溯包。若无过渡计划,避免在稳定版上使用或
testing包。sid - Ubuntu LTS意味着可预测的节奏:Ubuntu 26.04是当前基线,但24.04 -> 26.04升级包含三个临时版本加上最终LTS差异。版本号跳跃背后,桌面、应用和工作流的变更比预期更大。
- Ubuntu 26.04改变了部分桌面默认设置:原生Ubuntu桌面仅支持Wayland,全新安装默认不再包含旧版图形界面。24.04时代博客中的图形化优先故障排查建议在全新26.04系统上可能失效。
Software & Updates - 优先使用systemd原生工具:优先使用、
systemctl、journalctl和timedatectl,而非发行版包装器。localectl - 将PPAs视为例外而非默认:添加PPA前,审查维护者、签名密钥、时效性和包来源。及时移除废弃PPA。
- 优先使用发行版包而非第三方仓库:优先使用Debian回溯包、Ubuntu官方仓库或厂商包;仅当发行版渠道确实无法满足需求时,再使用PPAs。
- 首先将snaps视为沙箱化应用:接口和沙箱限制解释的snap故障比包bug更多。
- GRUB和initramfs是一个子系统:内核元包、、
update-initramfs和EFI回退必须保持一致。update-grub - 桌面故障通常是会话故障:在Wayland上,用户单元、门户和会话环境与包列表同样重要。
- 游戏故障通常是栈不匹配:错误的驱动分支、缺失的用户空间、固件缺失或Proton路径损坏比“Linux游戏差”更常见。
i386 - 捕获故障通常是门户/PipeWire故障:OBS、浏览器WebRTC、Discord和Teams经常在屏幕捕获路径上失败。
- AppArmor平时不可见,出问题时才显现:在Ubuntu上,当服务或二进制文件莫名失败时,检查和日志中的拒绝记录。
aa-status - 固件与包是分开的:和厂商工具更新硬件固件。不要期望
fwupd修复BIOS或SSD固件。apt upgrade
Quick Triage Checklist
快速分类检查表
| Symptom | First checks |
|---|---|
| Package weirdness after install | |
| Service fails after update | Config merge needed? |
| Won't boot after kernel work | GRUB menu, fallback kernel, initramfs. From live media, mount root and the ESP, then bind-mount |
| PPA broke the system | |
| Snap app misbehaves | |
| Desktop weirdness after update | |
| Bluetooth audio issues | BlueZ pairing, PipeWire nodes, card profile |
| Game blackscreen/crash | GPU driver (proprietary vs Mesa), Vulkan, Steam |
| Screen share broken | Wayland vs X11, portal backend, PipeWire user units |
| Suspend/resume breaks desktop | Sleep state, GPU logs, lock-screen, display manager |
| NVIDIA/module vanished after kernel change | DKMS drift: |
| Nothing makes sense | Check gotchas reference - mixed repos, stale PPAs, DKMS drift, AppArmor denials, HWE metapackage mismatch |
| 症状 | 首次检查项 |
|---|---|
| 安装后包行为异常 | 先执行 |
| 更新后服务失败 | 需要合并配置?使用 |
| 内核操作后无法启动 | GRUB菜单、回退内核、initramfs。从 live 介质挂载根分区和ESP,然后绑定挂载 |
| PPA破坏系统 | 若可用则使用 |
| Snap应用行为异常 | |
| 更新后桌面行为异常 | |
| 蓝牙音频问题 | BlueZ配对、PipeWire节点、声卡配置文件 |
| 游戏黑屏/崩溃 | GPU驱动(专有 vs Mesa)、Vulkan、Steam |
| 屏幕共享失败 | Wayland vs X11、门户后端、PipeWire用户单元 |
| 休眠/唤醒后桌面损坏 | 睡眠状态、GPU日志、锁屏、显示管理器 |
| 内核变更后NVIDIA/模块消失 | DKMS漂移:执行 |
| 完全无法理解故障 | 检查陷阱参考文档 - 混合仓库、过时PPA、DKMS漂移、AppArmor拒绝、HWE元包不匹配 |
Reference Files
参考文件
- - apt workflow, dpkg, pinning, PPAs, snaps, flatpaks,
references/packages-and-repos.mdhandling.deb - - systemd service debugging, unit overrides, user units, journal triage
references/systemd-and-journal.md - - GRUB, kernel metapackages, initramfs, EFI, recovery, and live-ISO chroot
references/boot-kernel-and-recovery.md - - Ubuntu HWE, release upgrades, Debian lane differences, Mint, Pop!_OS, Devuan, and Kali scope notes
references/derivatives-and-hwe.md - - X11 vs Wayland, GNOME, KDE, Cinnamon, COSMIC, portals, PipeWire, Bluetooth
references/desktop-audio-and-bluetooth.md - - GDM, SDDM, LightDM, session env, suspend/resume, power profiles, hybrid graphics
references/session-display-and-mobile.md - - NVIDIA, AMD, Intel, Vulkan, Steam, Proton, Gamescope, MangoHud
references/graphics-and-gaming.md - - OBS, WebRTC screen sharing, Discord/Teams, hardware encoding, virtual cameras
references/capture-and-sharing.md - - ext4, Btrfs, LUKS, LVM, TRIM, hibernation, resume
references/storage-and-rollback.md - - AppArmor, unattended-upgrades, debian-security, needrestart
references/security-and-updates.md - - Moonlight, Sunshine, controllers, Steam Remote Play
references/remote-gaming-input-and-tooling.md - - core Linux inspection commands and Debian tools such as
references/base-linux-and-cli.mdupdate-alternatives - - recurring Debian/Ubuntu failure patterns and edge cases
references/gotchas-and-special-situations.md
- - apt工作流、dpkg、版本固定、PPAs、snaps、flatpaks、
references/packages-and-repos.md处理.deb - - systemd服务调试、单元覆盖配置、用户单元、日志分类
references/systemd-and-journal.md - - GRUB、内核元包、initramfs、EFI、恢复和live-ISO chroot
references/boot-kernel-and-recovery.md - - Ubuntu HWE、版本升级、Debian渠道差异、Mint、Pop!_OS、Devuan和Kali范围说明
references/derivatives-and-hwe.md - - X11 vs Wayland、GNOME、KDE、Cinnamon、COSMIC、门户、PipeWire、蓝牙
references/desktop-audio-and-bluetooth.md - - GDM、SDDM、LightDM、会话环境、休眠/唤醒、电源配置、混合显卡
references/session-display-and-mobile.md - - NVIDIA、AMD、Intel、Vulkan、Steam、Proton、Gamescope、MangoHud
references/graphics-and-gaming.md - - OBS、WebRTC屏幕共享、Discord/Teams、硬件编码、虚拟摄像头
references/capture-and-sharing.md - - ext4、Btrfs、LUKS、LVM、TRIM、休眠、唤醒
references/storage-and-rollback.md - - AppArmor、无人值守更新、debian-security、needrestart
references/security-and-updates.md - - Moonlight、Sunshine、控制器、Steam Remote Play
references/remote-gaming-input-and-tooling.md - - 核心Linux检查命令和Debian工具,如
references/base-linux-and-cli.mdupdate-alternatives - - Debian/Ubuntu常见故障模式和边缘情况
references/gotchas-and-special-situations.md
Related Skills
相关技能
- command-prompt - shell syntax, zsh or bash behavior, script portability
- networking - network services, DNS, VPNs, firewall design
- docker - container runtime and image concerns instead of host distro administration
- kubernetes - cluster and manifest work that sits above host OS administration
- ansible - codifying Linux changes across many machines
- security-audit - hardening and security review rather than normal package/service administration
- rhel-fedora - RPM-family distro administration rather than Debian-family behavior
- kali-linux - Kali-specific branch, image, and offensive-workflow concerns
- firewall-appliance - OPNsense and pfSense appliance work rather than Linux host administration
- arch-btw - Arch Linux and CachyOS administration (the upstream inspiration for this skill)
- update-docs - after substantial system administration changes that introduce new operational gotchas
- command-prompt - Shell语法、zsh或bash行为、脚本可移植性
- networking - 网络服务、DNS、VPN、防火墙设计
- docker - 容器运行时和镜像问题,而非主机发行版管理
- kubernetes - 集群和清单操作,位于主机OS管理之上
- ansible - 跨多台机器编码Linux变更
- security-audit - 加固和安全审查,而非常规包/服务管理
- rhel-fedora - RPM系发行版管理,而非Debian系行为
- kali-linux - Kali专属分支、镜像和攻击性工作流问题
- firewall-appliance - OPNsense和pfSense设备操作,而非Linux主机管理
- arch-btw - Arch Linux和CachyOS管理(本技能的上游灵感来源)
- update-docs - 在引入新操作陷阱的重大系统管理变更后使用
Rules
规则
- Identify the distro and release before prescribing commands. Debian stable, testing, sid, Ubuntu LTS or interim, Mint, Pop!_OS, Devuan, and Kali differ where it matters: repos, init systems, kernels, and recovery assumptions.
- No mixed-release advice without pinning context. Adding or
testingsources to Debian stable without apt pinning is usually wrong.sid - Keep PPAs in perspective. Prefer distro packages, Debian backports, or vendor-supported repos first. Use PPAs only when the distro lane is genuinely insufficient, and verify package origin before adding one.
- Know the boot chain before touching it. Confirm GRUB stage, ESP mount, kernel metapackage, initramfs hooks, and EFI fallback path first.
- Never remove the last known-good kernel path casually. Especially on remote or encrypted systems.
- Prefer systemd-native diagnostics. ,
systemctl, andjournalctlusually tell you more than distro wrappers or generic forum folklore.update-grub - Ubuntu 26.04 changed some desktop defaults in ways that affect support. Do not assume a stock Ubuntu Xorg session, the old GUI, or 24.04-era desktop app names are still present on fresh installs.
Software & Updates - Ubuntu HWE is opt-in complexity. Treat HWE kernels as additions that must be validated, not magic defaults.
- For Wayland issues, inspect the user session first. Portals, user units, and Xwayland compatibility usually matter more than package reinstall churn.
- For gaming issues, identify the GPU vendor and userspace first. Driver branch, Vulkan stack, multilib, and launch wrappers usually explain more than random tweak cargo cults.
i386 - For capture issues, debug portals and PipeWire before app folklore. OBS, browser WebRTC, Discord, and Teams often fail at the screencast path.
- AppArmor can silently break things. On Ubuntu, check and AppArmor denials when a service or binary mysteriously fails.
aa-status - Do not oversell hibernation or resume. These depend on exact swap layout, initramfs resume hook, and Secure Boot state.
- Reach for common Debian/Ubuntu failure patterns before exotic explanations. Mixed repos, stale PPAs, DKMS drift, AppArmor denials, HWE metapackage mismatch, and snap confinement explain a large share of the chaos.
- 在给出命令前先识别发行版和版本:Debian稳定版、测试版、sid、Ubuntu LTS或临时版、Mint、Pop!_OS、Devuan和Kali在重要方面存在差异:仓库、初始化系统、内核和恢复假设。
- 无版本固定上下文时,不要给出混合发行版建议:在Debian稳定版中添加或
testing源而不进行apt版本固定通常是错误的。sid - 正确看待PPAs:优先使用发行版包、Debian回溯包或厂商支持的仓库。仅当发行版渠道确实无法满足需求时使用PPAs,且添加前验证包来源。
- 修改启动链前先了解它:先确认GRUB阶段、ESP挂载、内核元包、initramfs钩子和EFI回退路径。
- 不要随意移除最后一个已知可用的内核路径:尤其是在远程或加密系统上。
- 优先使用systemd原生诊断工具:、
systemctl和journalctl通常比发行版包装器或通用论坛传说提供更多信息。update-grub - Ubuntu 26.04改变了部分桌面默认设置,影响支持工作:不要默认全新安装会包含原生Ubuntu Xorg会话、旧版图形界面或24.04时代的桌面应用名称。
Software & Updates - Ubuntu HWE是可选的复杂性:将HWE内核视为必须验证的附加项,而非神奇的默认设置。
- 对于Wayland问题,先检查用户会话:门户、用户单元和Xwayland兼容性通常比重新安装包更重要。
- 对于游戏问题,先识别GPU厂商和用户空间:驱动分支、Vulkan栈、多库和启动包装器通常比随机调整的迷信做法更能解释问题。
i386 - 对于捕获问题,先调试门户和PipeWire,而非应用传说:OBS、浏览器WebRTC、Discord和Teams经常在屏幕捕获路径上失败。
- AppArmor可能静默破坏功能:在Ubuntu上,当服务或二进制文件莫名失败时,检查和AppArmor拒绝记录。
aa-status - 不要过度承诺休眠或唤醒功能:这些功能依赖精确的交换分区布局、initramfs唤醒钩子和Secure Boot状态。
- 优先考虑Debian/Ubuntu常见故障模式,而非奇特解释:混合仓库、过时PPA、DKMS漂移、AppArmor拒绝、HWE元包不匹配和snap沙箱限制解释了大部分混乱情况。