Category: System Administration

What is zero padding?

Zero padding or random padding is the practice of secure wiping of removable storage devices, such as USB sticks, SD cards and external SSDs, so they can be safely re-used within an organization. Zero padding or random padding fills the storage device with zeroes or random bytes. This over-writes existing documents and files on the storage device.

$ dd if=/dev/zero bs=1 count=16 status=none | hexdump -C
00000000  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
$ dd if=/dev/urandom bs=1 count=16 status=none | hexdump -C
00000000  24 e0 e2 a0 69 90 e4 8a  9a d4 7d b9 95 d3 60 c4  |$...i.....}...`.|

If the storage devices was just quickly re-formatted, then documents and files would be recoverable by forensic software or basic operating system utilities, because modern storage devices distribute data to new places on the storage device to ensure optimal life time.

# dd if=/dev/da0 bs=1 skip=1048576 count=512 status=none | hexdump -C
00000000  4e 1e 40 db 85 ab 9f 63  48 9d 51 e2 8f ef 6f a8  |.Pass.is.Pencil.|

Modern SSDs and larger storage devices might require specialized commands or vendor utilities. In such cases, or when the storage device was used to store highly classified documents, consider physically schredding or destroying the storage device instead.

Identifying storage device to be zero padded.

Identify the storage device. In this example, an external 32 GB USB 3.0 stick was attached and identified as da0.

$ dmesg
da0: <Generic Flash Disk 8.13> Removable Direct Access SPC-4 SCSI device
da0: Serial Number 42011337510013
da0: 40.000MB/s transfers
da0: 29600MB (60620800 512 byte sectors)
da0: quirks=0x2<NO_6_BYTE>

Unmounting file systems on storage device.

Make sure, that none of its file systems are mounted.

# umount /dev/da0*

Zero padding a storage device.

Zero padding will fill the entire storage device with zeroes and thereby defeat any attempts of casual recovery of documents of files on it. If you require an even more secure erasure, you can use random padding instead.

# dd if=/dev/zero of=/dev/da0 bs=1M status=progress
dd: /dev/da0: end of device 29 GiB) transferred 2207.307s, 14 MB/s  
29601+0 records in
29600+0 records out

In this example, the zero padding of a 32 GB USB 3.0 stick took 37 min. Low write speeds are not uncommon for lower quality USB sticks, despite labeled as USB 3.0.

Random padding a storage device.

Random padding will fill the entire storage device with random data and thereby not only defeat any attempts of casual recovery of documents of files on it, but also provide stronger protection by preventing pattern detection from hardware residue. Random padding takes slightly longer time to complete.

# dd if=/dev/urandom of=/dev/da0 bs=1M status=progress
dd: /dev/da0: end of device 29 GiB) transferred 2450.009s, 13 MB/s  bytes (25 GB, 24 GiB) transferred 2008.177s, 13 MB/s  
29601+0 records in
29600+0 records out
31037849600 bytes transferred in 2450.640376 secs (12665200 bytes/sec)

In this example, the random padding of a 32 GB USB 3.0 stick took 41 min. This is only 4 min longer than zero padding.

If the storage medium is of magnetic type or you require an even more secure erase, you can perform the random padding several times. However, multiple passes on modern storage media has dimishing returns. In this example, the storage device is random padded 3 times. This is, however, not necessary on modern drivess.

# for i in 1 2 3; do dd if=/dev/urandom of=/dev/da0 bs=1M status=progress; done

Formatting an USB stick with EXFAT.

The storage device has now been safely erased and it can be formatted with a new file system, so it can be used again. In this example, the USB stick is formatted with the well-supported EXFAT file system. The EXFAT file system willl not have a partition scheme. This ensures compatibility.

# mkexfatfs /dev/da0
mkexfatfs 1.4.0
Creating... done.
Flushing... done.
File system created successfully.

Confirm, that it works.

# kldload fusefs
# mount.exfat /dev/da0 /mnt
FUSE exfat 1.4.0 (libfuse2)
# umount /mnt

References.

• Creating exFAT on USB drive with FreeBSD.
• How to mount exFAT formatted SD memory card on FreeBSD.
• DD.

If you will be transferring a secret file from one file system to another, you might want to protect the file from theft or exposure during the transfer. This could be an encryption key file for decrypting a multi-challenge encrypted file system or similar secret file, that are to be transferred on an unencrypted storage medium, such as an USB stick with EXFAT, NTFS or MSDOS file system on it. If you will be using the GNU Privacy Guard (GPG) without GPG key pairs, then you can encrypt with a symmetric cipher by specifying a pass phrase.

Encrypting with symmetric cipher

If you will be using GPG without GPG key pairs, then you can encrypt with a symmetric cipher by specifying a pass phrase. In cryptography, this means, that the same pass phrase will be used to encrypt and decrypt. The user, who will encrypt the file, will choose a pass phrase, which will be used to write a new encrypted file, that contain the secret file. The pass phrase should be as long and non-dictionairy complex as possible. The default cipher is AES-128.

$ gpg --symmetric keyfile.bin

The encrypted file can now be transferred safely.

$ ls keyfile.bin.gpg

You can test, that the file can be decrypted and compare it to the original file.

$ gpg --yes --output keyfile.bin.decrypted --decrypt keyfile.bin.gpg
$ cmp -s keyfile.bin keyfile.bin.decrypted && echo "Pass" || echo "Fail"

The encrypted file can be decrypted on the target file system by anyone, who know the pass phrase, that was used to encrypt the file. It is not required, that the target user has a GPG key pair.

$ gpg --yes --output keyfile.bin --decrypt keyfile.bin.gpg

$ ls keyfile.bin

References

• https://man.freebsd.org/cgi/man.cgi?query=gpg2

This is the procedure for configuring localization (locale) for English language and Danish regional setting in FreeBSD. Tested on FreeBSD 14.2 with XFCE 4.20 on 2025-03-31.

Introduction.

I have tested the official FreeBSD handbook procedure. I have tested countless guides and advice from forums, discussions and website. They have all failed to meet my basic requirements: English language and Danish regional setting in system console, window manager and applications. See my test below. I wanted Danish ISO 8601 standard format for date, time and numbers. This is also known as YYYY-MM-DD HH:MM:SS. I did not want to see US imperial format for date, time and numbers. I suddently had an idea of hacking an existing English locale and simply linking to a Danish for regional setting. It turned out to work perfect.

What is a locale setting?

A locale setting is made up of the language, the regional setting and the character encoding standard. As an example, en_DK.UTF-8 locale would be for user, who prefer English language in a Danish regional setting with the UTF-8 character encoding standard.

Locale specific information can be proveded with the locale utility. It is important to know, that the utility respect the PATH_LOCALE environment variable. If this is set, then this is used instead of the default locale directory.

# locale -a | grep DK
da_DK.ISO8859-1
da_DK.ISO8859-15
da_DK.UTF-8

Create a new locale.

Create a new locale definition, that is based on English. This new locale definition will be English language with Danish regional setting and UTF-8 character encoding standard.

# cd /usr/share/locale/
# mkdir -p en_DK.UTF-8
# cp -r en_GB.UTF-8/* en_DK.UTF-8/

Link to Danish regional setting.

For time format, numeric format and monetary format, create symbolic links to the Danish locale definition.

# cd en_DK.UTF-8/
# ls
LC_COLLATE	LC_CTYPE	LC_MESSAGES	LC_MONETARY	LC_NUMERIC	LC_TIME
# ln -sf ../da_DK.UTF-8/LC_TIME .
# ln -sf ../da_DK.UTF-8/LC_NUMERIC .
# ln -sf ../da_DK.UTF-8/LC_MONETARY .

# locale -a | grep DK
da_DK.ISO8859-1
da_DK.ISO8859-15
da_DK.UTF-8
en_DK.UTF-8

# nano /etc/login.conf
default:\
        :passwd_format=sha512:\
        :copyright=/etc/COPYRIGHT:\
        :welcome=/var/run/motd:\
        :setenv=BLOCKSIZE=K:\
        :mail=/var/mail/$:\
        :path=/sbin /bin /usr/sbin /usr/bin /usr/local/sbin /usr/local/bin ~/bin:\
        :nologin=/var/run/nologin:\
        :cputime=unlimited:\
        :datasize=unlimited:\
        :stacksize=unlimited:\
        :memorylocked=64K:\
        :memoryuse=unlimited:\
        :filesize=unlimited:\
        :coredumpsize=unlimited:\
        :openfiles=unlimited:\
        :maxproc=unlimited:\
        :sbsize=unlimited:\
        :vmemoryuse=unlimited:\
        :swapuse=unlimited:\
        :pseudoterminals=unlimited:\
        :kqueues=unlimited:\
        :umtxp=unlimited:\
        :pipebuf=unlimited:\
        :priority=0:\
        :ignoretime@:\
        :umask=022:\
        :charset=UTF-8:\
        :lang=en_DK.UTF-8:

# cap_mkdb /etc/login.conf

Backup and restore the new locale.

Create a backup of the new locale. This ensures, that it can be restored, if it should get deleted. It can also be used to install on another host.

# tar -cvpzf ~/en_DK.UTF-8.tar.gz -C /usr/share/locale en_DK.UTF-8
a en_DK.UTF-8
a en_DK.UTF-8/LC_COLLATE
a en_DK.UTF-8/LC_TIME
a en_DK.UTF-8/LC_CTYPE
a en_DK.UTF-8/LC_MONETARY
a en_DK.UTF-8/LC_NUMERIC
a en_DK.UTF-8/LC_MESSAGES

The content can be confirmed.

# tar -tvf ~/en_DK.UTF-8.tar.gz

The locale setting can be restored.

# tar -xvpzf ~/en_DK.UTF-8.tar.gz -C /usr/share/locale
x en_DK.UTF-8/
x en_DK.UTF-8/LC_COLLATE
x en_DK.UTF-8/LC_TIME
x en_DK.UTF-8/LC_CTYPE
x en_DK.UTF-8/LC_MONETARY
x en_DK.UTF-8/LC_NUMERIC
x en_DK.UTF-8/LC_MESSAGES

Issue: Port misc/locale-en_DK not working.

I tested the official port and package misc/locale-en_DK. This failed Danish special characters input in FreeBSD system console. I even spent extra time testing custom environment variables.

# pkg install locale-en_DK
Message from locale-en_DK-0.1.1:
In order to set the en_DK.UTF-8 locale for the login shell of an single
user add the following configuration to ~/.login_conf:
me:\
        :charset=UTF-8:\
        :lang=en_DK.UTF-8:\
        :setenv=PATH_LOCALE=/usr/local/share/locale:
More information about the process of configuring login class methods in
available in the handbook.
More information about the PATH_LOCALE environment variable is available in the
locale(1) manual page.

References.

• Chapter 25. Localization
• Date / Time / Currency / Other Stuff – Format
• Setting Locale – Accented Characters in Console
• LOCALE in FreeBSD Manual Pages

Blank screen and muted audio in XFCE.

The first issue, I noticed, when switching from GNOME to XFCE, was, how the HDMI output was cut-off after a few minutes in which there has been no user input, such as attending a video conference. Pressing a key would turn-on the screen, but the audio would never return again. The audio could not even be re-enabled with Pulse Audio controls.

Disabling power management from XFCE interface.

Using the settings dialog, I disabled any kind of power management. This includes any screen blank and suspend option. Despite of this, the video and audio is getting cut-off. I could not find any kind of screensaver, that should be causing this.

# ps aux | grep power
/usr/local/libexec/upowerd
xfce4-power-manager
# ps aux | grep saver
# ps aux | grep screen

Removing power manager from XFCE?

I assume, that this is related to power management, because a screen saver would probably not be so aggressive. Knowing, that I will not need power management, a simple approuch would be to remove it from the installation. However, XFCE went for a forced depedency on this one. What a piece of shit programming from XFCE. Power management should be optional – and not a plague!

Checking integrity... done (0 conflicting)
Deinstallation has been requested for the following 2 packages (of 0 packages in the universe):
Installed packages to be REMOVED:
xfce: 4.20
xfce4-power-manager: 4.20.0
Number of packages to be removed: 2
The operation will free 2 MiB.
Proceed with deinstalling packages? [y/N]: N

How does power managment in XFCE work?

A search for occurances indicates, that it could be started automatically as an unwanted service. It could even be started, if it was running in an earlier user session.

# find / -type f -name '*xfce4-power*'
/home/lightman/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-power-manager.xml
/usr/local/share/metainfo/xfce4-power-manager.appdata.xml
/usr/local/share/man/man1/xfce4-power-manager-settings.1.gz
/usr/local/share/man/man1/xfce4-power-manager.1.gz
/usr/local/share/applications/xfce4-power-manager-settings.desktop
/usr/local/etc/xdg/autostart/xfce4-power-manager.desktop
/usr/local/bin/xfce4-power-manager-settings
/usr/local/bin/xfce4-power-manager

Stopping power manager in XFCE.

To my surprice, XFCE did actually write a built-in help, which kindly lists a quit option. It also seemed to actually quit the unwanted service. However, this is probably just a shortlived pleasure. It might restart. Especially after a new session or a reboot.

$ xfce4-power-manager --help
Usage:
  xfce4-power-manager [OPTION?]
Help Options:
  -h, --help                      Show help options
  --help-all                      Show all help options
  --help-sm-client                Show session management options
Application Options:
  --daemon                        Daemonize
  --debug                         Enable debugging
  --dump                          Dump all information
  --restart                       Restart the running instance of Xfce power manager
  -c, --customize                 Show the configuration dialog
  -q, --quit                      Quit any running xfce power manager
  -V, --version                   Version information
$ xfce4-power-manager -q

Killing the XFCE power manager from cron as a work-around.

As it remains unclear, how the unwanted service is started, a work-around is to repeat killing it from cron, until I learn, how this service can be permanently disabled. This cron job kills it every minute, if running. I have tested this be working.

# pkg info -r xfce4-power-manager
xfce4-power-manager-4.20.0:
        xfce-4.20
# pkg info -r upower
upower-1.90.7:
        xfce4-settings-4.20.1
        xfce4-power-manager-4.20.0
        gnome-power-manager-3.32.0_3
        gnome-control-center-43.2_4
        mutter-42.4_3
        gnome-settings-daemon-42.2_8
# nano /etc/crontab
*  *  *  *  *  root  pkill xfce4-power-manager
*  *  *  *  *  root  pkill upowerd
# service cron restart

Tips appreciated!

I appreciate any tips about this issue.

Configuring PulseAudio on FreeBSD.

In this example, the PulseAudio is configured to output to HDMI by default. If USB headphones are attached, then audio output is automatically switched to these. I tested this to be working.

$ pactl list sinks
Sink #3
State: RUNNING
Name: oss_output.dsp3
Description: 3 - Intel (0x2818) (HDMI/DP 8ch)
Mute: no
# nano /usr/local/etc/pulse/default.pa
set-default-sink oss_output.dsp3
load-module module-switch-on-connect

Switching audio output with pactl on FreeBSD.

pactl is a control interface for a running PulseAudio sound server. In this example, the audio output is switched to a pair of USB headphones. The listings indicate, that the headphones are associated with sink 4 and name oss_output.dsp5. The output is switched to to this and it is un-muted. Warning: The volume is optionally set to 100%. The volume setting is the same as the one, that is set on the headphones themselves.

$ pactl list sinks
Sink #4
State: RUNNING
Name: oss_output.dsp5
Description: 5 - Corsair CORSAIR HS80 RGB Wireless Gaming Receiver
muted: yes
Sample Specification: s16le 2ch 44100Hz
$ pactl list sinks short
4 oss_output.dsp5 module-oss.c s16le 2ch 44100Hz RUNNING
$ pactl set-default-sink oss_output.dsp5
$ pactl set-sink-mute oss_output.dsp5 0
$ pactl set-sink-volume oss_output.dsp5 100%

References.

• Chapter 9. Multimedia in the FreeBSD handbook.
• PulseAudio on Freshports.

I noticed, that my Poudriere build machine failed to compile net-im/signal-desktop for FreeBSD 14 with latest ports branch, because it require devel/esbuild 0.25.0, while build environment has 0.24.0. Tested 2025-03-07 and 2025-03-10.

✘ [ERROR] Cannot start service: Host version "0.24.0" does not match binary version "0.25.0"
1 error
Error: The service was stopped: write EPIPE
    at /wrkdirs/usr/ports/net-im/signal-desktop/work/Signal-Desktop-7.44.0/node_modules/esbuild/lib/main.js:968:34
    at responseCallbacks.<computed> (/wrkdirs/usr/ports/net-im/signal-desktop/work/Signal-Desktop-7.44.0/node_modules/esbuild/lib/main.js:622:9)
    at afterClose (/wrkdirs/usr/ports/net-im/signal-desktop/work/Signal-Desktop-7.44.0/node_modules/esbuild/lib/main.js:613:28)
    at /wrkdirs/usr/ports/net-im/signal-desktop/work/Signal-Desktop-7.44.0/node_modules/esbuild/lib/main.js:1988:18
    at onwriteError (node:internal/streams/writable:605:3)
    at process.processTicksAndRejections (node:internal/process/task_queues:84:21)
ERROR: "build:esbuild" exited with 1.
*** Error code 1
Stop.
make: stopped in /usr/ports/net-im/signal-desktop
=>> Cleaning up wrkdir
===>  Cleaning for signal-desktop-7.44.0_1
build of net-im/signal-desktop | signal-desktop-7.44.0_1 ended at Mon Mar 10 05:13:34 CET 2025
build time: 00:00:47
!!! build failure encountered !!!

I notified the FreeBSD maintainer. He kindly replied, that he has notified devel/esbuild and the issue will be fixed.

Earlier this year, I noticed, that a similar issue happened. The required version was 0.21, while build environment had 0.24. I notified the maintainer. It was fixed.

Prevent Signal from being removed during update.

# pkg lock signal-desktop
signal-desktop-7.42.0: lock this package? [y/N]:

It can later be unlocked.

# pkg unlock signal-desktop

Work-around for “Shared object “libFLAC.so.12″ not found”.

The update, while Signal being locked, resulted in a problem with a link to a FLAC library.

$ signal-desktop &
$ ld-elf.so.1: Shared object "libFLAC.so.12" not found, required by "signal-desktop"

I fixed this with a temporary link to the correct FLAC library. This should automatically be fixed, when Signal is fixed upstream.

# pkg info -l flac | grep libFLAC
/usr/local/lib/libFLAC++.a
/usr/local/lib/libFLAC++.so
/usr/local/lib/libFLAC++.so.11
/usr/local/lib/libFLAC++.so.11.0.0
/usr/local/lib/libFLAC.a
/usr/local/lib/libFLAC.so
/usr/local/lib/libFLAC.so.14
/usr/local/lib/libFLAC.so.14.0.0
/usr/local/share/aclocal/libFLAC++.m4
/usr/local/share/aclocal/libFLAC.m4
# pkg which /usr/local/lib/libFLAC.so.12
/usr/local/lib/libFLAC.so.12 was not found in the database
# ln -s /usr/local/lib/libFLAC.so.14 /usr/local/lib/libFLAC.so.12
# ldconfig -R
$ signal-desktop &

# rm /usr/local/lib/libFLAC.so.12
# ldconfig -R

Fixed.

The port compiled again 2025-03-21 and the package could be unlocked and the symbolic link removed.

References.

• net-im/signal-desktop on Freshports.
• devel/esbuild on Freshports.
• Bug 285291 – devel/esbuild: latest version break net-im/signal-desktop.
• c21980b417ebf0103cb183d416c1f80526866d46.

My Poudriere build machine suddently stopped at the following error, that seems to be caused by a problem with CMake or run-time dependency, which should be built automatically.

build started at Fri Mar  7 16:46:57 CET 2025
port directory: /usr/ports/graphics/evince
package name: evince-46.3.1
...
Poudriere version: poudriere-git-3.4.2
Host OSVERSION: 1402000
Jail OSVERSION: 1402000
...
Did not find CMake 'cmake'
Found CMake: NO
Run-time dependency gnome-desktop-3.0 found: NO (tried pkgconfig)
meson.build:237:20: ERROR: Dependency "gnome-desktop-3.0" not found, tried pkgconfig

Any tips for solutions are greatly appreciated.

References.

• Bugzilla 274017.

Tracker3 core dumps on FreeBSD with GNOME.

If you have a FreeBSD desktop computer with the GNOME desktop environment, or similar open source desktop computer, you might have noticed random Tracker3 core dumps on the file system.

$ find . -name '*.core'
./bin/tracker3.core
./projects/tracker3.core

You might also have noticed messages about Tracker3 error, exit and core dumps in system logs.

$ dmesg
pid 2416 (tracker3), jid 0, uid 1001: exited on signal 10 (no core dump - other error)
pid 2451 (tracker3), jid 0, uid 1001: exited on signal 10 (no core dump - other error)
pid 2848 (tracker3), jid 0, uid 1001: exited on signal 10 (core dumped)

What is Tracker3?

A first approach to learning, what Tracker3 is, would be to open its manual page. Unfortunately, as often seen with utilities like this, they do not include a manual by default.

$ man tracker3
No manual entry for "tracker3"

A search for “tracker3 official website” on search engines does not give a clean answer. The utility seems to not have a website nor a coding home listed on search engines. Again, a sign of poor coding and project management skills.

Thanks to Freshports, more about the utility can be learned. Here, it is described as a system utility, that index and harvest meta data for GNOME utilities, such as the file management utility Nautilus. A rather useless feature, in my oppinion. Its undocumented operation is a privacy concern. It might even scan files across datasets and partitions, which could be privacy concern.

Tracker is a powerful desktop-neutral first class object database, tag/metadata
database, search tool and indexer.

Tracker is also extremely fast and super efficient with your systems memory when
compared with some other competing frameworks and is by far the fastest and most
memory efficient Nautilus search and Deskbar backends currently availble.

It consists of a common object database that allows entities to have an almost
infinte number of properties, metadata (both embedded/harvested as well as user
definable), a comprehensive database of keywords/tags and links to other
entities.

Freshports does have a reference to a page, which seems to be about Tracker3 by GNOME, but aligned with their poor views on privacy and security, the site either does not work or blocks privacy VPNs.

<Code>AccessDenied</Code>

It does not come with a manual by default. However, according to FreeBSD Manual Pages, there are no known manual for it. I even tried compiling it with option for installing its manual pages. It was not installed.

===> The following configuration options are available for tracker3-3.5.3_3:
DOCS=on: Build and/or install documentation
MAN=off: Install manual pages

It is a dependency of Nautilus, which does not have an option for disabling this.

Removing Tracker3 from GNOME and FreeBSD.

If a system utility, that index and harvest the file system for filenames and metadata in the background, is not needed or unwanted, it might be a logic approach, that Tracker3 is removed with the package manager. However, as seen in the output, it does not seem, that GNOME wanted that to be an option.

# pkg remove tracker3
Checking integrity... done (0 conflicting)
Deinstallation has been requested for the following 7 packages (of 0 packages in the universe):
Installed packages to be REMOVED:
evince: 43.1_11
gnome-lite: 42_5
gnome-terminal: 3.44.2_3
gnome-tweaks: 40.10_4
nautilus: 42.2_3
sushi: 42.0_5
tracker3: 3.5.3_3
Number of packages to be removed: 7
The operation will free 38 MiB.
Proceed with deinstalling packages? [y/N]: 

Tracker3 in GNOME is a privacy concern.

Tracker3 is deeply embedded in GNOME. Tracker3 comes enabled without consent from the user. It is a forced installation, that comes with no clear information, warning nor documentation. It is difficult or impossible to disable or deinstall. It scans file systems, datasets and partitions. It stores metadata from files, that has been downloaded temporary. It stores metadata for files, that has been deleted. It stores metadata in internal database and hidden files. It does not have an interface to manage data. This is not a utility, that fits well with the UNIX philosophy. Tracker3 is a privacy concern.

Disabling Search and Tracker3 in GNOME.

Tracker3 can to some degree be disabled from within GNOME by going to the Settings menu and Search and then disabling Application Search. This also seems to reduce the amount of core dumps. However, I have been able to find any documentation about this.

Switching from GNOME to XFCE.

Switching desktop environment from GNOME to XFCE, or similar more simple, resource friendly and privacy focused desktop environment, could be a better over-all solution. The switch to XFCE should be fairly straight forward, because it is also based on X. Unfortunately, there is no guarantee, that XFCE will not implement the same or similar kind of file system metadata scanner at some point. A reason is, that some users and project contributors believe, that a desktop search feature is more important than privacy and security.

References.

• Tracker3 on Freshports.
• TSPARQL.
• TinySPARQL on GNOME.
• Desktop Search on Wikipedia.
• XFCE desktop environment.

Some text files has line breaks, that might look good on fixed width screens, but can not be used as paragraph in other editing software. The is cause by line breaks.

$ cat input.txt 
The computer was a powerful WOPR machine for game simulation.
You can play a nice game of chess or an exciting war game.

This one-liner will replace line breaks with space and then remove any double spaces. It will also make sure, that the file ends with a new line, so it meets the POSIX standard definition of a text file.

$ (tr '\n' ' ' < input.txt | sed 's/  */ /g'; echo) > output.txt

The result is one clean paragraph, that will scale to any screen width or be used in other editing software.

$ cat output.txt 
The computer was a powerful WOPR machine for game simulation. You can play a nice game of chess or an exciting war game.