<atom:link href="http://people.skolelinux.org/pere/blog/index.rss" rel="self" type="application/rss+xml" />
<item>
- <title>Recipe to test the Freedombox project on amd64 or Raspberry Pi</title>
- <link>http://people.skolelinux.org/pere/blog/Recipe_to_test_the_Freedombox_project_on_amd64_or_Raspberry_Pi.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Recipe_to_test_the_Freedombox_project_on_amd64_or_Raspberry_Pi.html</guid>
- <pubDate>Tue, 10 Sep 2013 14:20:00 +0200</pubDate>
- <description><p>I was introduced to the
-<a href="http://www.freedomboxfoundation.org/">Freedombox project</a>
-in 2010, when Eben Moglen presented his vision about serving the need
-of non-technical people to keep their personal information private and
-within the legal protection of their own homes. The idea is to give
-people back the power over their network and machines, and return
-Internet back to its intended peer-to-peer architecture. Instead of
-depending on a central service, the Freedombox will give everyone
-control over their own basic infrastructure.</p>
-
-<p>I've intended to join the effort since then, but other tasks have
-taken priority. But this summers nasty news about the misuse of trust
-and privilege exercised by the "western" intelligence gathering
-communities increased my eagerness to contribute to a point where I
-actually started working on the project a while back.</p>
-
-<p>The <a href="https://alioth.debian.org/projects/freedombox/">initial
-Debian initiative</a> based on the vision from Eben Moglen, is to
-create a simple and cheap Debian based appliance that anyone can hook
-up in their home and get access to secure and private services and
-communication. The initial deployment platform have been the
-<a href="http://www.globalscaletechnologies.com/t-dreamplugdetails.aspx">Dreamplug</a>,
-which is a piece of hardware I do not own. So to be able to test what
-the current Freedombox setup, I had to come up with a way to install
-it on some hardware I do got access to. I have rewritten the
-<a href="https://github.com/NickDaly/freedom-maker">freedom-maker</a>
-image build framework to use .deb packages instead of only copying
-setup into the boot images, and thanks to this rewrite I am able to
-set up any machine supported by Debian Wheezy as a Freedombox, using
-the previously mentioned deb (and a few support debs for packages
-missing in Debian).</p>
-
-<p>The current Freedombox setup consist of a set of bootstrapping
-scripts
-(<a href="https://github.com/petterreinholdtsen/freedombox-setup">freedombox-setup</a>),
-and a administrative web interface
-(<a href="https://github.com/NickDaly/Plinth">plinth</a> + exmachina +
-withsqlite), as well as a privacy enhancing proxy based on
-<a href="http://packages.qa.debian.org/privoxy">privoxy</a>
-(freedombox-privoxy). There is also a web/javascript based XMPP
-client (<a href="http://packages.qa.debian.org/jwchat">jwchat</a>)
-trying (unsuccessfully so far) to talk to the XMPP server
-(<a href="http://packages.qa.debian.org/ejabberd">ejabberd</a>). The
-web interface is pluggable, and the goal is to use it to enable OpenID
-services, mesh network connectivity, use of TOR, etc, etc. Not much of
-this is really working yet, see
-<a href="https://github.com/NickDaly/freedombox-todos/blob/master/TODO">the
-project TODO</a> for links to GIT repositories. Most of the code is
-on github at the moment. The HTTP proxy is operational out of the
-box, and the admin web interface can be used to add/remove plinth
-users. I've not been able to do anything else with it so far, but
-know there are several branches spread around github and other places
-with lots of half baked features.</p>
-
-<p>Anyway, if you want to have a look at the current stat, the
-following recipes should work to give you a test machine to poke
-at.</p>
-
-<p><strong>Debian Wheezy amd64</strong></p>
-
-<ol>
-
-<li>Fetch normal Debian Wheezy installation ISO.</li>
-<li>Boot from it, either as CD or USB stick.</li>
-<li><p>Press [tab] on the boot prompt and add this as a boot argument
-to the Debian installer:<p>
-<pre>url=<a href="http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat">http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat</a></pre></li>
-
-<li>Answer the few language/region/password questions and pick disk to
-install on.</li>
-
-<li>When the installation is finished and the machine have rebooted a
-few times, your Freedombox is ready for testing.</li>
-
-</ol>
-
-<p><strong>Raspberry Pi Raspbian</strong></p>
-
-<ol>
-
-<li>Fetch a Raspbian SD card image, create SD card.</li>
-<li>Boot from SD card, extend file system to fill the card completely.</li>
-<li><p>Log in and add this to /etc/sources.list:</p>
+ <title>Freedombox on Dreamplug, Raspberry Pi and virtual x86 machine</title>
+ <link>http://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html</guid>
+ <pubDate>Fri, 14 Mar 2014 11:00:00 +0100</pubDate>
+ <description><p>The <a href="https://wiki.debian.org/FreedomBox">Freedombox
+project</a> is working on providing the software and hardware for
+making it easy for non-technical people to host their data and
+communication at home, and being able to communicate with their
+friends and family encrypted and away from prying eyes. It has been
+going on for a while, and is slowly progressing towards a new test
+release (0.2).</p>
+
+<p>And what day could be better than the Pi day to announce that the
+new version will provide "hard drive" / SD card / USB stick images for
+Dreamplug, Raspberry Pi and VirtualBox (or any other virtualization
+system), and can also be installed using a Debian installer preseed
+file. The Debian based Freedombox is now based on Debian Jessie,
+where most of the needed packages used are already present. Only one,
+the freedombox-setup package, is missing. To try to build your own
+boot image to test the current status, fetch the freedom-maker scripts
+and build using
+<a href="http://packages.qa.debian.org/vmdebootstrap">vmdebootstrap</a>
+with a user with sudo access to become root:
+
<pre>
-deb <a href="http://www.reinholdtsen.name/freedombox/">http://www.reinholdtsen.name/freedombox</a> wheezy main
-</pre></li>
-<li><p>Run this as root:</p>
+git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \
+ freedom-maker
+sudo apt-get install git vmdebootstrap mercurial python-docutils \
+ mktorrent extlinux virtualbox qemu-user-static binfmt-support \
+ u-boot-tools
+make -C freedom-maker dreamplug-image raspberry-image virtualbox-image
+</pre>
+
+<p>Root access is needed to run debootstrap and mount loopback
+devices. See the README for more details on the build. If you do not
+want all three images, trim the make line. But note that thanks to <a
+href="https://bugs.debian.org/741407">a race condition in
+vmdebootstrap</a>, the build might fail without the patch to the
+kpartx call.</p>
+
+<p>If you instead want to install using a Debian CD and the preseed
+method, boot a Debian Wheezy ISO and use this boot argument to load
+the preseed values:</p>
+
<pre>
-wget -O - http://www.reinholdtsen.name/freedombox/BE1A583D.asc | \
- apt-key add -
-apt-get update
-apt-get install freedombox-setup
-/usr/lib/freedombox/setup
-</pre></li>
-<li>Reboot into your freshly created Freedombox.</li>
-
-</ol>
-
-<p>You can test it on other architectures too, but because the
-freedombox-privoxy package is binary, it will only work as intended on
-the architectures where I have had time to build the binary and put it
-in my APT repository. But do not let this stop you. It is only a
-short "<tt>apt-get source -b freedombox-privoxy</tt>" away. :)</p>
-
-<p>Note that by default Freedombox is a DHCP server on the
-192.168.1.0/24 subnet, so if this is your subnet be careful and turn
-off the DHCP server by running "<tt>update-rc.d isc-dhcp-server
-disable</tt>" as root.</p>
-
-<p>Please let me know if this work for you, or if you have any
-problems. We gather on the IRC channel
-<a href="irc://irc.debian.org:6667/%23freedombox">#freedombox</a> on
-irc.debian.org and the
-<a href="http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss">project
-mailing list</a>.</p>
-
-<p>Once you get your freedombox operational, you can visit
-<tt>http://your-host-name:8001/</tt> to see the state of the plint
-welcome screen (dead end - do not be surprised if you are unable to
-get past it), and next visit <tt>http://your-host-name:8001/help/</tt>
-to look at the rest of plinth. The default user is 'admin' and the
-default password is 'secret'.</p>
+url=<a href="http://www.reinholdtsen.name/freedombox/preseed-jessie.dat">http://www.reinholdtsen.name/freedombox/preseed-jessie.dat</a>
+</pre>
+
+<p>But note that due to <a href="https://bugs.debian.org/740673">a
+recently introduced bug in apt in Jessie</a>, the installer will
+currently hang while setting up APT sources. Killing the
+'<tt>apt-cdrom ident</tt>' process when it hang a few times during the
+installation will get the installation going. This affect all
+installations in Jessie, and I expect it will be fixed soon.</p>
+
+Give it a go and let us know how it goes on the mailing list, and help
+us get the new release published. :) Please join us on
+<a href="irc://irc.debian.org:6667/%23freedombox">IRC (#freedombox on
+irc.debian.org)</a> and
+<a href="http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss">the
+mailing list</a> if you want to help make this vision come true.</p>
</description>
</item>
<item>
- <title>Datalagringsdirektivet gjør at Oslo Høyre og Arbeiderparti ikke får min stemme i år</title>
- <link>http://people.skolelinux.org/pere/blog/Datalagringsdirektivet_gj_r_at_Oslo_H_yre_og_Arbeiderparti_ikke_f_r_min_stemme_i__r.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Datalagringsdirektivet_gj_r_at_Oslo_H_yre_og_Arbeiderparti_ikke_f_r_min_stemme_i__r.html</guid>
- <pubDate>Sun, 8 Sep 2013 20:40:00 +0200</pubDate>
- <description><p>I 2011 raderte et stortingsflertall bestående av Høyre og
-Arbeiderpartiet vekk en betydelig del av privatsfæren til det norske
-folk. Det ble vedtatt at det skulle registreres og lagres i et halvt
-år hvor alle som bærer på en mobiltelefon befinner seg, hvem de
-snakker med og hvor lenge de snakket sammen. Det skal også
-registreres hvem de sendte SMS-meldinger til, hvem en har sendt epost
-til, og hvilke nett-tjenere en besøkte. Saken er kjent som
-<a href="http://beta.holderdeord.no/issues/innfore-datalagringsdirektivet">Datalagringsdirektivet
-(DLD)</a>, og innebærer at alle innbyggerne og andre innenfor Norges
-grenser overvåkes døgnet rundt. Det ble i praksis innført brev og
-besøkskontroll av hele befolkningen. Rapporter fra de landene som
-allerede har innført slik total lagring av borgernes
-kommunikasjonsmønstre forteller at det ikke hjelper i
-kriminalitetsbekjempelsen. Den norske prislappen blir mange hundre
-millioner, uten at det ser ut til å bidra positivt til politiets
-arbeide. Jeg synes flere hundre millioner i stedet burde vært brukt
-på noe som kan dokumenteres å ha effekt i kriminalitetsbekjempelsen.
-Se mer på
-<a href="http://no.wikipedia.org/wiki/Datalagringsdirektivet">Wikipedia</a>
-og <a href="http://www.uhuru.biz/?cat=84">Jon Wessel-Aas</a>.</p>
-
-<p>Hva er problemet, tenkter du kanskje? Et åpenbart problem er at
-medienes kildevern i praksis blir radert ut. Den innsamlede
-informasjonen gjør det mulig å finne ut hvem som har snakket med
-journalister på telefon, SMS og epost, og hvem som har vært i nærheten
-av journalister så sant begge bar med seg en telefon. Et annet er at
-advokatvernet blir sterkt redusert, der politiet kan finne ut hvem
-som har snakket med en advokat når, eller vært i møter en med advokat.
-Et tredje er at svært personlig informasjon kan avledes fra hvilke
-nettsteder en har besøkt. Har en besøkt hivnorge.no,
-swingersnorge.com eller andre sider som kan brukes til avlede
-interesser som hører til privatsfæren, vil denne informasjonen være
-tilgjengelig takket være datalagringsdirektivet.</p>
-
-<p>De fleste partiene var mot, kun to partier stemte for. Høyre og
-Arbeiderpartiet. Og både Høyre og Arbeiderpartiet i Oslo har
-DLD-forkjempere på toppen av sine lister (har ikke sjekket de andre
-fylkene). Det er dermed helt uaktuelt for meg å stemme på disse
-partiene. Her er oversikten over partienes valglister i Oslo, med
-informasjon om hvem som stemte hva i første DLD-votering i Stortinget,
-basert på informasjon fra mine venner i
-<a href="http://beta.holderdeord.no/votes/1301946411e">Holder de
-Ord</a> samt <a href="http://data.stortinget.no/">data.stortinget.no</a>.
-Først ut er stortingslista fra Høyre for Oslo:</p>
-
-<style type="text/css">
-.for {background-color:#F5A9A9;}
-.mot {background-color:#A9F5BC;}
-.ukjent { }
-</style>
-
-<table>
-<tr><th>#</th><th>Navn, fødselsår og valgkrets</th><th>Stemme/kommentar</th></tr>
-
-<tr class="for"><td>1.</td>
-<td>Ine Marie Eriksen Søreide (1976), Gamle Oslo</td>
-<td>Stemte for DLD</td></tr>
-
-<tr class="mot"><td>2.</td>
-<td>Nikolai Astrup (1978), Frogner</td>
-<td>Stemte mot DLD</td></tr>
-
-<tr class="mot"><td>3.</td>
-<td>Michael Tetzschner (1954), Vestre Aker</td>
-<td>Stemte mot DLD</td>
-
-<tr class="ukjent"><td>4.</td>
-<td>Kristin Vinje (1963), Nordre Aker</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>5.</td>
-<td>Mudassar Hussain Kapur (1976), Nordstrand</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>6.</td>
-<td>Stefan Magnus B. Heggelund (1984), Grünerløkka</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>7.</td>
-<td>Heidi Nordby Lunde (1973), Grünerløkka</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>8.</td>
-<td>Frode Helgerud (1950), Frogner</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>9.</td>
-<td>Afshan Rafiq (1975), Stovner</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>10.</td>
-<td>Astrid Nøklebye Heiberg (1936), Frogner</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>11.</td>
-<td>Camilla Strandskog (1984) St.Hanshaugen</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>12.</td>
-<td>John Christian Elden (1967), Ullern</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>13.</td>
-<td>Berit Solli (1972), Alna</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>14.</td>
-<td>Ola Kvisgaard (1963), Frogner</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>15.</td>
-<td>James Stove Lorentzen (1957), Vestre Aker</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>16.</td>
-<td>Gülsüm Koc (1987), Stovner</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>17.</td>
-<td>Jon Ole Whist (1976), Grünerløkka</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>18.</td>
-<td>Maren Eline Malthe-Sørenssen (1971), Vestre Aker</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>19.</td>
-<td>Ståle Hagen (1968), Søndre Nordstrand</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>20.</td>
-<td>Kjell Omdal Erichsen (1978), Sagene</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>21.</td>
-<td>Saida R. Begum (1987), Grünerløkka</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>22.</td>
-<td>Torkel Brekke (1970), Nordre Aker</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>23.</td>
-<td>Sverre K. Seeberg (1950), Vestre Aker</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>24.</td>
-<td>Julie Margrethe Brodtkorb (1974), Ullern</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td>25.</td>
-<td>Fabian Stang (1955), Frogner</td>
-<td>Ikke til stede</td></tr>
-
-</table>
-
-<p>Deretter har vi stortingslista fra Arbeiderpartiet for Oslo:</p>
-
-<table>
-
-<tr><th>#</th><th>Navn, fødselsår og valgkrets</th><th>Stemme/kommentar</th></tr>
-
-<tr class="for"><td>1.</td>
-<td>Jens Stoltenberg (1959), Frogner</td>
-<td>Ikke til stede i Stortinget, leder av regjeringen som fremmet forslaget</td></tr>
-
-<tr class="for"><td>2.</td>
-<td>Hadia Tajik (1983), Grünerløkka</td>
-<td>Stemte for DLD</td></tr>
-
-<tr class="for"><td> 3.</td>
-<td>Jonas Gahr Støre (1960), Vestre Aker</td>
-<td>Ikke til stede i Stortinget, medlem av regjeringen som fremmet forslaget</td></tr>
-
-<tr class="for"><td> 4.</td>
-<td>Marianne Marthinsen (1980), Grünerløkka</td>
-<td>Stemte for DLD</td></tr>
-
-<tr class="for"><td> 5.</td>
-<td>Jan Bøhler (1952), Alna</td>
-<td>Stemte for DLD</td></tr>
-
-<tr class="for"><td> 6.</td>
-<td>Marit Nybakk (1947), Frogner</td>
-<td>Stemte for DLD</td></tr>
-
-<tr class="for"><td> 7.</td>
-<td>Truls Wickholm (1978), Sagene</td>
-<td>Stemte for DLD</td></tr>
-
-<tr class="ukjent"><td> 8.</td>
-<td>Prableen Kaur (1993), Grorud</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td> 9.</td>
-<td>Vegard Grøslie Wennesland (1983), St.Hanshaugen</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td> 10.</td>
-<td>Inger Helene Vaaten (1975), Grorud</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td> 11.</td>
-<td>Ivar Leveraas (1939), Alna</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td> 12.</td>
-<td>Grete Haugdal (1971), Gamle Oslo</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td> 13.</td>
-<td>Olav Tønsberg (1948), Alna</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td> 14.</td>
-<td>Khamshajiny Gunaratnam (1988), Grorud</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td> 15.</td>
-<td>Fredrik Mellem (1969), Sagene</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td> 16.</td>
-<td>Brit Axelsen (1945), Stovner</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td> 17.</td>
-<td>Dag Bayegan-Harlem (1977), Ullern</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td> 18.</td>
-<td>Kristin Sandaker (1963), Østeinsjø</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td> 19.</td>
-<td>Bashe Musse (1965), Grünerløkka</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td> 20.</td>
-<td>Torunn Kanutte Husvik (1983), St. Hanshaugen</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td> 21.</td>
-<td>Steinar Andersen (1947), Nordstrand</td>
-<td>Ikke til stede</td></tr>
-
-<tr class="ukjent"><td> 22.</td>
-<td>Anne Cathrine Berger (1972), Sagene</td>
-<td>Ikke til stede</td></tr>
+ <title>How to add extra storage servers in Debian Edu / Skolelinux</title>
+ <link>http://people.skolelinux.org/pere/blog/How_to_add_extra_storage_servers_in_Debian_Edu___Skolelinux.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/How_to_add_extra_storage_servers_in_Debian_Edu___Skolelinux.html</guid>
+ <pubDate>Wed, 12 Mar 2014 12:50:00 +0100</pubDate>
+ <description><p>On larger sites, it is useful to use a dedicated storage server for
+storing user home directories and data. The design for handling this
+in <a href="http://www.skolelinux.org/">Debian Edu / Skolelinux</a>, is
+to update the automount rules in LDAP and let the automount daemon on
+the clients take care of the rest. I was reminded about the need to
+document this better when one of the customers of
+<a href="http://www.slxdrift.no/">Skolelinux Drift AS</a>, where I am
+on the board of directors, asked about how to do this. The steps to
+get this working are the following:</p>
+
+<p><ol>
+
+<li>Add new storage server in DNS. I use nas-server.intern as the
+example host here.</li>
+
+<li>Add automoun LDAP information about this server in LDAP, to allow
+all clients to automatically mount it on reqeust.</li>
+
+<li>Add the relevant entries in tjener.intern:/etc/fstab, because
+tjener.intern do not use automount to avoid mounting loops.</li>
+
+</ol></p>
+
+<p>DNS entries are added in GOsa², and not described here. Follow the
+<a href="https://wiki.debian.org/DebianEdu/Documentation/Wheezy/GettingStarted">instructions
+in the manual</a> (Machine Management with GOsa² in section Getting
+started).</p>
+
+<p>Ensure that the NFS export points on the server are exported to the
+relevant subnets or machines:</p>
+
+<p><blockquote><pre>
+root@tjener:~# showmount -e nas-server
+Export list for nas-server:
+/storage 10.0.0.0/8
+root@tjener:~#
+</pre></blockquote></p>
+
+<p>Here everything on the backbone network is granted access to the
+/storage export. With NFSv3 it is slightly better to limit it to
+netgroup membership or single IP addresses to have some limits on the
+NFS access.</p>
+
+<p>The next step is to update LDAP. This can not be done using GOsa²,
+because it lack a module for automount. Instead, use ldapvi and add
+the required LDAP objects using an editor.</p>
+
+<p><blockquote><pre>
+ldapvi --ldap-conf -ZD '(cn=admin)' -b ou=automount,dc=skole,dc=skolelinux,dc=no
+</pre></blockquote></p>
+
+<p>When the editor show up, add the following LDAP objects at the
+bottom of the document. The "/&" part in the last LDAP object is a
+wild card matching everything the nas-server exports, removing the
+need to list individual mount points in LDAP.</p>
+
+<p><blockquote><pre>
+add cn=nas-server,ou=auto.skole,ou=automount,dc=skole,dc=skolelinux,dc=no
+objectClass: automount
+cn: nas-server
+automountInformation: -fstype=autofs --timeout=60 ldap:ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+
+add ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+objectClass: top
+objectClass: automountMap
+ou: auto.nas-server
+
+add cn=/,ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+objectClass: automount
+cn: /
+automountInformation: -fstype=nfs,tcp,rsize=32768,wsize=32768,rw,intr,hard,nodev,nosuid,noatime nas-server.intern:/&
+</pre></blockquote></p>
+
+<p>The last step to remember is to mount the relevant mount points in
+tjener.intern by adding them to /etc/fstab, creating the mount
+directories using mkdir and running "mount -a" to mount them.</p>
+
+<p>When this is done, your users should be able to access the files on
+the storage server directly by just visiting the
+/tjener/nas-server/storage/ directory using any application on any
+workstation, LTSP client or LTSP server.</p>
+</description>
+ </item>
+
+ <item>
+ <title>Hvordan bør RFC 822-formattert epost lagres i en NOARK5-database?</title>
+ <link>http://people.skolelinux.org/pere/blog/Hvordan_b_r_RFC_822_formattert_epost_lagres_i_en_NOARK5_database_.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Hvordan_b_r_RFC_822_formattert_epost_lagres_i_en_NOARK5_database_.html</guid>
+ <pubDate>Fri, 7 Mar 2014 15:20:00 +0100</pubDate>
+ <description><p>For noen uker siden ble NXCs fri programvarelisenserte
+NOARK5-løsning
+<a href="http://www.nuug.no/aktiviteter/20140211-noark/">presentert hos
+NUUG</a> (video
+<a href="https://www.youtube.com/watch?v=JCb_dNS3MHQ">på youtube
+foreløbig</a>), og det fikk meg til å titte litt mer på NOARK5,
+standarden for arkivhåndtering i det offentlige Norge. Jeg lurer på
+om denne kjernen kan være nyttig i et par av mine prosjekter, og for ett
+av dem er det mest aktuelt å lagre epost. Jeg klarte ikke finne noen
+anbefaling om hvordan RFC 822-formattert epost (aka Internett-epost)
+burde lagres i NOARK5, selv om jeg vet at noen arkiver tar
+PDF-utskrift av eposten med sitt epostprogram og så arkiverer PDF-en
+(eller enda værre, tar papirutskrift og lagrer bildet av eposten som
+PDF i arkivet).</p>
+
+<p>Det er ikke så mange formater som er akseptert av riksarkivet til
+langtidsoppbevaring av offentlige arkiver, og PDF og XML er de mest
+aktuelle i så måte. Det slo meg at det måtte da finnes en eller annen
+egnet XML-representasjon og at det kanskje var enighet om hvilken som
+burde brukes, så jeg tok mot til meg og spurte
+<a href="http://samdok.com/">SAMDOK</a>, en gruppe tilknyttet
+arkivverket som ser ut til å jobbe med NOARK-samhandling, om de hadde
+noen anbefalinger:
+
+<p><blockquote>
+<p>Hei.</p>
+
+<p>Usikker på om dette er riktig forum å ta opp mitt spørsmål, men jeg
+lurer på om det er definert en anbefaling om hvordan RFC
+822-formatterte epost (aka vanlig Internet-epost) bør lages håndteres
+i NOARK5, slik at en bevarer all informasjon i eposten
+(f.eks. Received-linjer). Finnes det en anbefalt XML-mapping ala den
+som beskrives på
+&lt;URL: <a href="https://www.informit.com/articles/article.aspx?p=32074">https://www.informit.com/articles/article.aspx?p=32074</a> &gt;? Mitt
+mål er at det skal være mulig å lagre eposten i en NOARK5-kjerne og
+kunne få ut en identisk formattert kopi av opprinnelig epost ved
+behov.</p>
+</blockquote></p>
+
+<p>Postmottaker hos SAMDOK mente spørsmålet heller burde stilles
+direkte til riksarkivet, og jeg fikk i dag svar derfra formulert av
+seniorrådgiver Geir Ivar Tungesvik:</p>
+
+<p><blockquote>
+<p>Riksarkivet har ingen anbefalinger når det gjelder konvertering fra
+e-post til XML. Det står arkivskaper fritt å eventuelt definere/bruke
+eget format. Inklusive da - som det spørres om - et format der det er
+mulig å re-etablere e-post format ut fra XML-en. XML (e-post)
+dokumenter må være referert i arkivstrukturen, og det må vedlegges et
+gyldig XML skjema (.xsd) for XML-filene. Arkivskaper står altså fritt
+til å gjøre hva de vil, bare det dokumenteres og det kan dannes et
+utrekk ved avlevering til depot.</p>
+
+<p>De obligatoriske kravene i Noark 5 standarden må altså oppfylles -
+etter dialog med Riksarkivet i forbindelse med godkjenning. For
+offentlige arkiv er det særlig viktig med filene loependeJournal.xml
+og offentligJournal.xml. Private arkiv som vil forholde seg til Noark
+5 standarden er selvsagt frie til å bruke det som er relevant for dem
+av obligatoriske krav.</p>
+</blockquote></p>
+
+<p>Det ser dermed ut for meg som om det er et lite behov for å
+standardisere XML-lagring av RFC-822-formatterte meldinger. Noen som
+vet om god spesifikasjon i så måte? I tillegg til den omtalt over,
+har jeg kommet over flere aktuelle beskrivelser (søk på "rfc 822
+xml", så finner du aktuelle alternativer).</p>
-<tr class="ukjent"><td> 23.</td>
-<td>Khalid Mahmood (1959), Østensjø</td>
-<td>Ikke til stede</td></tr>
+<ul>
-<tr class="ukjent"><td> 24.</td>
-<td>Munir Jaber (1990), Alna</td>
-<td>Ikke til stede</td></tr>
+<li><a href="http://www.openhealth.org/xmtp/">XML MIME Transformation
+protocol (XMTP)</a> fra OpenHealth, sist oppdatert 2001.</li>
-<tr class="ukjent"><td> 25.</td>
-<td>Libe Solberg Rieber-Mohn (1965), Frogner</td>
-<td>Ikke til stede</td></tr>
+<li><a href="https://tools.ietf.org/html/draft-klyne-message-rfc822-xml-03">An
+XML format for mail and other messages</a> utkast fra IETF datert
+2001.</li>
-</table>
+<li><a href="http://www.informit.com/articles/article.aspx?p=32074">xMail:
+E-mail as XML</a> en artikkel fra 2003 som beskriver python-modulen
+rfc822 som gir ut XML-representasjon av en RFC 822-formattert epost.</li>
-<p>Hvilket parti får så min stemme i år. Jeg tror det blir
-<a href="http://piratpartiet.no/">Piratpartiet</a>. Hvis de kan bidra
-til at det kommer noen inn på Stortinget med teknisk peiling, så får
-kanskje ikke overvåkningsgalskapen like fritt spillerom som det har
-hatt så langt.</p>
+</ul>
+<p>Finnes det andre og bedre spesifikasjoner for slik lagring? Send
+meg en epost hvis du har innspill.</p>
</description>
</item>
<item>
- <title>Second beta release (beta 1) of Debian Edu/Skolelinux based on Debian Wheezy</title>
- <link>http://people.skolelinux.org/pere/blog/Second_beta_release__beta_1__of_Debian_Edu_Skolelinux_based_on_Debian_Wheezy.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Second_beta_release__beta_1__of_Debian_Edu_Skolelinux_based_on_Debian_Wheezy.html</guid>
- <pubDate>Thu, 22 Aug 2013 09:30:00 +0200</pubDate>
- <description><p>The second wheezy based beta release of Debian Edu was wrapped up
-today, slightly delayed because of some bugs in the initial Windows
-integration fixes . This is the release announcement:</p>
-
-<p><strong>New features for Debian Edu 7.1+edu0~b1 released 2013-08-22</strong></p>
-
-<p>These are the release notes for Debian Edu / Skolelinux
-7.1+edu0~b1, based on Debian with codename "Wheezy".</p>
-
-<p><strong>About Debian Edu and Skolelinux</strong></p>
-
-<p><a href="http://www.skolelinux.org/">Debian Edu, also known as
-Skolelinux</a>, is a Linux distribution based on Debian providing an
-out-of-the box environment of a completely configured school
-network. Immediately after installation a school server running all
-services needed for a school network is set up just waiting for users
-and machines being added via GOsa², a comfortable Web-UI. A netbooting
-environment is prepared using PXE, so after initial installation of
-the main server from CD or USB stick all other machines can be
-installed via the network. The provided school server provides LDAP
-database and Kerberos authentication service, centralized home
-directories, DHCP server, web proxy and many other services. The
-desktop contains
-<a href="http://people.skolelinux.org/pere/blog/Educational_applications_included_in_Debian_Edu___Skolelinux__the_screenshot_collection____.html">more
-than 60 educational software packages</a> and more are available from
-the Debian archive, and schools can choose between KDE, Gnome, LXDE
-and Xfce desktop environment.</p>
-
-<p>This is the sixth test release based on Debian Wheezy. Basically this
-is an updated and slightly improved version compared to the Squeeze
-release.</p>
-
-<p>ALERT: Alpha based installations should reinstall or downgrade the
-versions of gosa and libpam-mklocaluser to the ones used in this beta
-release. Both alpha and beta0 based installations should reinstall or
-deal with gosa.conf manually; there are two options: (1) Keep
-gosa.conf and edit this file as outlined
-<a href="http://lists.debian.org/debian-edu/2013/08/msg00127.html">on
-the mailing list</a>. (2) Accept the new version of gosa.conf and
-replace both contained admin password placeholders with the password
-hashes found in the old one (backup copy!). In both cases every user
-need to change their their password to make sure a password is set for
-CIFS access to their home directory.</p>
-
-<p><strong>Software updates</strong></p>
+ <title>Lenker for 2014-02-28</title>
+ <link>http://people.skolelinux.org/pere/blog/Lenker_for_2014_02_28.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Lenker_for_2014_02_28.html</guid>
+ <pubDate>Fri, 28 Feb 2014 13:30:00 +0100</pubDate>
+ <description><p>Her er noen lenker til tekster jeg har satt pris på å lese de siste
+månedene. Det er mye om varsleren Edward Snowden, som burde få all
+hjelp, støtte og beskyttelse Norge kan stille opp med for å ha satt
+totalitær overvåkning på sakskartet, men også endel annet
+tankevekkende og interessant.</p>
<ul>
-<li>Added ssh askpass packages to default installation, to ensure ssh
- work also without a attached tty.</li>
-<li>Add the command-not-found package to the default installation to
- make it easier to figure out where to find missing command line
- tools. Please note, that the command 'update-command-not-found'
- has to be run as root to actually make it useful (internet access
- required).</li>
+<li>2013-12-21
+<a href="http://www.dagbladet.no/2013/12/21/nyheter/thomas_drake/nsa/overvakning/snowden/30925886/">-
+NSA tenker som Stasi</a> - Dagbladet.no</li>
-</ul>
+<li>2013-12-19 <a href="http://www.dagensit.no/article2732734.ece">-
+Staten har ikke rett til å vite alt om deg</a> - DN.no</li>
-<p><strong>Other changes</strong></p>
+<li>2013-12-21
+<a href="http://www.dagbladet.no/2013/12/21/nyheter/krig_og_konflikter/politikk/utenriks/30961126/">Nye
+mål for NSAs spionasje avslørt</a> - Dagbladet.no</li>
-<ul>
+<li>2013-12-19
+<a href="http://www.dagbladet.no/2013/12/19/nyheter/nsa/usa/politikk/barack_obama/30918684/">«NSA
+bør fjernes fra sin makt til å samle inn metadata fra amerikanske
+telefonsamtaler»</a> - Dagbladet.no</li>
-<li>Adjusted the USB stick ISO image build to include every tool
-needed for desktop=xfce installations.</li>
-<li>Adjust thin-client-server task to work when installing from USB
-stick ISO image.</li>
-<li>Made new grub artwork (changed png from indexed to RGB format).</li>
-<li>Minor cleanup in the CUPS setup.</li>
-<li>Make sure that bootstrapping of the Samba domain really happens
- during installation of the main server and adjust SID handling to
- cope with this.</li>
-<li>Make Samba passwords changeable (again) via GOsa².</li>
-<li>Fix generation of LM and NT password hashes via GOsa² to avoid
- empty password hashes.</li>
-<li>Adapted Samba machine domain joining to latest change in the
- smbldap-tools Perl package, fixing bugs blocking Windows machines
- from joining the Samba domain.</li>
+<li>2013-12-18
+<a href="http://www.dagbladet.no/2013/12/18/kultur/meninger/hovedkronikk/debatt/snowden/30901089/">Etterretning,
+overvåking, frihet og sikkerhet</a> - Dagbladet.no</li>
-</ul>
+<li>2013-12-17
+<a href="http://www.nrk.no/verden/snowden-vil-ha-asyl-i-brasil-1.11423444">Snowden
+angriper USA i åpent brev</a> - nrk.no</li>
-<p><strong>Known issues</strong></p>
+<li>2013-12-17
+<a href="http://www.digi.no/925820/rettslig-nederlag-for-etterretning">Rettslig
+nederlag for etterretning</a> - digi.no</li>
-<ul>
+<li>2013-12-21
+<a href="http://www.dagbladet.no/2013/12/21/kultur/meninger/hovedkommentar/kommentar/etterretning/30963284/">Truende
+nedkjøling</a> - dagbladet.no</li>
-<li>KDE fails to understand the wpad.dat file provided, causing it to
- not use the http proxy as it should.</li>
-<li>Chromium also fails to use the proxy when using the KDE desktop
- (using the KDE configuration).</li>
+<li>2013-12-20
+<a href="http://www.aftenposten.no/viten/Matematikk-og-forstaelse-7411849.html">Matematikk
+og forståelse</a> - aftenposten.no</li>
-</ul>
+<li>2013-10-20
+<a href="http://www.nrk.no/viten/ny-studie_sovn-reinser-hjernen-var-1.11306106">Vi
+søv for å reinse hjernen vår, ifølgje ny studie</a> - nrk.no</li>
-<p><strong>Where to get it</strong></p>
+<li>2013-12-11
+<a href="http://www.nrk.no/buskerud/julebaksten-i-vasken-1.11410033">Rotterace
+i kloakken</a> - nrk.no</li>
-<p>To download the multiarch netinstall CD release you can use</p>
+<li>2013-12-30
+<a href="http://www.aftenposten.no/viten/Apne-brev-og-frie-tanker-7413734.html">Åpne
+brev og frie tanker</a> - aftenposten.no</li>
-<ul>
+<li>2014-01-12
+<a href="http://www.aftenposten.no/viten/Stopp-kunnskapsapartheidet-7428229.html">Stopp dagens kunnskapsapartheid!</a> - aftenposten.no</li>
-<li><a href="ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-CD.iso">ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-CD.iso</a></li>
+<li>2014-01-09
+<a href="http://www.aftenposten.no/nyheter/uriks/EU-rapport-Britisk-og-amerikansk-overvaking-ser-ut-til-a-vare-ulovlig-7428933.html">EU-rapport:
+Britisk og amerikansk overvåking ser ut til å være ulovlig</a> -
+aftenposten.no</li>
-<li><a href="http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-CD.iso">http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-CD.iso</a></li>
+<li>2013-10-23 Professor Jan Arild Audestad
+<a href="http://www.digi.no/924008/advarer-mot-konspirasjonsteori">Advarer
+mot konspirasjonsteori</a> i digi.no og sier han ikke tror NSA kan
+avlytte mobiltelefoner, mens han noen måneder senere forteller:</li>
-<li>rsync -avzP ftp.skolelinux.org::skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-CD.iso .</li>
+<li>2014-01-09
+<a href="http://www.aftenposten.no/nyheter/iriks/--Vi-ble-presset-til-a-svekke-mobilsikkerheten-pa-80-tallet-7410467.html">-
+Vi ble presset til å svekke mobilsikkerheten på 80-tallet</a> -
+aftenposten.no</li>
-</ul>
+<li>2014-02-12
+<a href="http://tv.nrk.no/program/koid20005814/et-moete-med-edward-snowden">Et
+møte med Edward Snowden</a> - intervju sendt av nrk, tilgjengelig til
+2015-01-31</li>
-<p>The MD5SUM of this image is: 1e357f80b55e703523f2254adde6d78b
-<br>The SHA1SUM of this image is: 7157f9be5fd27c7694d713c6ecfed61c3edda3b2</p>
+<li>2014-02-17
+<a href="http://politiken.dk/debat/profiler/jessteinpedersen/ECE2210356/litteraturredaktoeren-helle-thornings-tavshed-om-snowden-er-en-skandale/">Litteraturredaktøren:
+Helle Thornings tavshed om Snowden er en skandale</a> -
+politiken.dk</li>
-<p>To download the multiarch USB stick ISO release you can use</p>
+<li>2014-02-21
+<a href="http://www.aftenposten.no/meninger/kronikker/Bra-a-ha-en-Storebror-7476734.html">Bra å ha en «Storebror»</a> - aftenposten.no</li>
-<ul>
+<li>2014-02-28
+<a href="http://johnchristianelden.blogg.no/1393536806_narkotikasiktet_stort.html">"Narkotikasiktet
+Stortingsmann" - Spillet bak kulissene</a> - John Christian Eldens
+blogg</li>
-<li><a href="ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-USB.iso">ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-USB.iso</a></li>
-<li><a href="http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-USB.iso">http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-USB.iso</a></li>
-<li>rsync -avzP ftp.skolelinux.org::skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-USB.iso .</li>
+<li>2014-02-28
+<a href="http://www.aftenposten.no/meninger/Heksejakt-pa-hasjbrukere-7486283.html">Heksejakt
+på hasjbrukere</a> - aftenposten.no</li>
</ul>
-
-<p>The MD5SUM of this image is: 7a8408ead59cf7e3cef25afb6e91590b
-<br>The SHA1SUM of this image is: f1817c031f02790d5edb3bfa0dcf8451088ad119</p>
-
-
-<p><strong>How to report bugs</strong></p>
-
-<p><a href="http://wiki.debian.org/DebianEdu/HowTo/ReportBugs">http://wiki.debian.org/DebianEdu/HowTo/ReportBugs</a>
</description>
</item>
<item>
- <title>Intel 180 SSD disk with Lenovo firmware can not use Intel firmware</title>
- <link>http://people.skolelinux.org/pere/blog/Intel_180_SSD_disk_with_Lenovo_firmware_can_not_use_Intel_firmware.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Intel_180_SSD_disk_with_Lenovo_firmware_can_not_use_Intel_firmware.html</guid>
- <pubDate>Sun, 18 Aug 2013 14:00:00 +0200</pubDate>
- <description><p>Earlier, I reported about
-<a href="http://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html">my
-problems using an Intel SSD 520 Series 180 GB disk</a>. Friday I was
-told by IBM that the original disk should be thrown away. And as
-there no longer was a problem if I bricked the firmware, I decided
-today to try to install Intel firmware to replace the Lenovo firmware
-currently on the disk.</p>
-
-<p>I searched the Intel site for firmware, and found
-<a href="https://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&ProdId=3472&DwnldID=18363&ProductFamily=Solid-State+Drives+and+Caching&ProductLine=Intel%c2%ae+High+Performance+Solid-State+Drive&ProductProduct=Intel%c2%ae+SSD+520+Series+(180GB%2c+2.5in+SATA+6Gb%2fs%2c+25nm%2c+MLC)&lang=eng">issdfut_2.0.4.iso</a>
-(aka Intel SATA Solid-State Drive Firmware Update Tool) which
-according to the site should contain the latest firmware for SSD
-disks. I inserted the broken disk in one of my spare laptops and
-booted the ISO from a USB stick. The disk was recognized, but the
-program claimed the newest firmware already were installed and refused
-to insert any Intel firmware. So no change, and the disk is still
-unable to handle write load. :( I guess the only way to get them
-working would be if Lenovo releases new firmware. No idea how likely
-that is. Anyway, just blogging about this test for completeness. I
-got a working Samsung disk, and see no point in spending more time on
-the broken disks.</p>
+ <title>New home and release 1.0 for netgroup and innetgr (aka ng-utils)</title>
+ <link>http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html</guid>
+ <pubDate>Sat, 22 Feb 2014 21:45:00 +0100</pubDate>
+ <description><p>Many years ago, I wrote a GPL licensed version of the netgroup and
+innetgr tools, because I needed them in
+<a href="http://www.skolelinux.org/">Skolelinux</a>. I called the project
+ng-utils, and it has served me well. I placed the project under the
+<a href="http://www.hungry.com/">Hungry Programmer</a> umbrella, and it was maintained in our CVS
+repository. But many years ago, the CVS repository was dropped (lost,
+not migrated to new hardware, not sure), and the project have lacked a
+proper home since then.</p>
+
+<p>Last summer, I had a look at the package and made a new release
+fixing a irritating crash bug, but was unable to store the changes in
+a proper source control system. I applied for a project on
+<a href="https://alioth.debian.org/">Alioth</a>, but did not have time
+to follow up on it. Until today. :)</p>
+
+<p>After many hours of cleaning and migration, the ng-utils project
+now have a new home, and a git repository with the highlight of the
+history of the project. I published all release tarballs and imported
+them into the git repository. As the project is really stable and not
+expected to gain new features any time soon, I decided to make a new
+release and call it 1.0. Visit the new project home on
+<a href="https://alioth.debian.org/projects/ng-utils/">https://alioth.debian.org/projects/ng-utils/</a>
+if you want to check it out. The new version is also uploaded into
+<a href="http://packages.qa.debian.org/n/ng-utils.html">Debian Unstable</a>.</p>
</description>
</item>
<item>
- <title>90 percent done with the Norwegian draft translation of Free Culture</title>
- <link>http://people.skolelinux.org/pere/blog/90_percent_done_with_the_Norwegian_draft_translation_of_Free_Culture.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/90_percent_done_with_the_Norwegian_draft_translation_of_Free_Culture.html</guid>
- <pubDate>Fri, 2 Aug 2013 10:40:00 +0200</pubDate>
- <description><p>It has been a while since my last update. Since last summer, I
-have worked on a Norwegian
-<a href="http://www.docbook.org/">docbook</a> version of the 2004 book
-<a href="http://free-culture.cc/">Free Culture</a> by Lawrence Lessig,
-to get a Norwegian text explaining the problems with the copyright
-law. Yesterday, I finally broken the 90% mark, when counting the
-number of strings to translate. Due to real life constraints, I have
-not had time to work on it since March, but when the summer broke out,
-I found time to work on it again. Still lots of work left, but the
-first draft is nearing completion. I created a graph to show the
-progress of the translation:</p>
-
-<p><img width="80%" align="center" src="https://github.com/petterreinholdtsen/free-culture-lessig/raw/master/progress.png"></p>
-
-<p>When the first draft is done, the translated text need to be
-proof read, and the remaining formatting problems with images and SVG
-drawings need to be fixed. There are probably also some index entries
-missing that need to be added. This can be done by comparing the
-index entries listed in the SiSU version of the book, or comparing the
-English docbook version with the paper version. Last, the colophon
-page with ISBN numbers etc need to be wrapped up before the release is
-done. I should also figure out how to get correct Norwegian sorting
-of the index pages. All docbook tools I have tried so far (xmlto,
-docbook-xsl, dblatex) get the order of symbols and the special
-Norwegian letters ÆØÅ wrong.</p>
-
-<p>There is still need for translators and people with docbook
-knowledge, to be able to get a good looking book (I still struggle
-with dblatex, xmlto and docbook-xsl) as well as to do the draft
-translation and proof reading. And I would like the figures to be
-redrawn as SVGs to make it easy to translate them. Any SVG master
-around? There are also some legal terms that are unfamiliar to me.
-If you want to help, please get in touch with me, and check out the
-project files currently available from
-<a href="https://github.com/petterreinholdtsen/free-culture-lessig">github</a>.</p>
-
-<p>If you are curious what the translated book currently look like,
-the updated
-<a href="https://github.com/petterreinholdtsen/free-culture-lessig/blob/master/archive/freeculture.nb.pdf?raw=true">PDF</a>
-and
-<a href="https://github.com/petterreinholdtsen/free-culture-lessig/blob/master/archive/freeculture.nb.epub?raw=true">EPUB</a>
-are published on github. The HTML version is published as well, but
-github hand it out with MIME type text/plain, confusing browsers, so I
-saw no point in linking to that version.</p>
+ <title>Testing sysvinit from experimental in Debian Hurd</title>
+ <link>http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html</guid>
+ <pubDate>Mon, 3 Feb 2014 13:40:00 +0100</pubDate>
+ <description><p>A few days ago I decided to try to help the Hurd people to get
+their changes into sysvinit, to allow them to use the normal sysvinit
+boot system instead of their old one. This follow up on the
+<a href="https://teythoon.cryptobitch.de//categories/gsoc.html">great
+Google Summer of Code work</a> done last summer by Justus Winter to
+get Debian on Hurd working more like Debian on Linux. To get started,
+I downloaded a prebuilt hard disk image from
+<a href="http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz">http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz</a>,
+and started it using virt-manager.</p>
+
+<p>The first think I had to do after logging in (root without any
+password) was to get the network operational. I followed
+<a href="https://www.debian.org/ports/hurd/hurd-install">the
+instructions on the Debian GNU/Hurd ports page</a> and ran these
+commands as root to get the machine to accept a IP address from the
+kvm internal DHCP server:</p>
+
+<p><blockquote><pre>
+settrans -fgap /dev/netdde /hurd/netdde
+kill $(ps -ef|awk '/[p]finet/ { print $2}')
+kill $(ps -ef|awk '/[d]evnode/ { print $2}')
+dhclient /dev/eth0
+</pre></blockquote></p>
+
+<p>After this, the machine had internet connectivity, and I could
+upgrade it and install the sysvinit packages from experimental and
+enable it as the default boot system in Hurd.</p>
+
+<p>But before I did that, I set a password on the root user, as ssh is
+running on the machine it for ssh login to work a password need to be
+set. Also, note that a bug somewhere in openssh on Hurd block
+compression from working. Remember to turn that off on the client
+side.</p>
+
+<p>Run these commands as root to upgrade and test the new sysvinit
+stuff:</p>
+
+<p><blockquote><pre>
+cat > /etc/apt/sources.list.d/experimental.list &lt;&lt;EOF
+deb http://http.debian.net/debian/ experimental main
+EOF
+apt-get update
+apt-get dist-upgrade
+apt-get install -t experimental initscripts sysv-rc sysvinit \
+ sysvinit-core sysvinit-utils
+update-alternatives --config runsystem
+</pre></blockquote></p>
+
+<p>To reboot after switching boot system, you have to use
+<tt>reboot-hurd</tt> instead of just <tt>reboot</tt>, as there is not
+yet a sysvinit process able to receive the signals from the normal
+'reboot' command. After switching to sysvinit as the boot system,
+upgrading every package and rebooting, the network come up with DHCP
+after boot as it should, and the settrans/pkill hack mentioned at the
+start is no longer needed. But for some strange reason, there are no
+longer any login prompt in the virtual console, so I logged in using
+ssh instead.
+
+<p>Note that there are some race conditions in Hurd making the boot
+fail some times. No idea what the cause is, but hope the Hurd porters
+figure it out. At least Justus said on IRC (#debian-hurd on
+irc.debian.org) that they are aware of the problem. A way to reduce
+the impact is to upgrade to the Hurd packages built by Justus by
+adding this repository to the machine:</p>
+
+<p><blockquote><pre>
+cat > /etc/apt/sources.list.d/hurd-ci.list &lt;&lt;EOF
+deb http://darnassus.sceen.net/~teythoon/hurd-ci/ sid main
+EOF
+</pre></blockquote></p>
+
+<p>At the moment the prebuilt virtual machine get some packages from
+http://ftp.debian-ports.org/debian, because some of the packages in
+unstable do not yet include the required patches that are lingering in
+BTS. This is the completely list of "unofficial" packages installed:</p>
+
+<p><blockquote><pre>
+# aptitude search '?narrow(?version(CURRENT),?origin(Debian Ports))'
+i emacs - GNU Emacs editor (metapackage)
+i gdb - GNU Debugger
+i hurd-recommended - Miscellaneous translators
+i isc-dhcp-client - ISC DHCP client
+i isc-dhcp-common - common files used by all the isc-dhcp* packages
+i libc-bin - Embedded GNU C Library: Binaries
+i libc-dev-bin - Embedded GNU C Library: Development binaries
+i libc0.3 - Embedded GNU C Library: Shared libraries
+i A libc0.3-dbg - Embedded GNU C Library: detached debugging symbols
+i libc0.3-dev - Embedded GNU C Library: Development Libraries and Hea
+i multiarch-support - Transitional package to ensure multiarch compatibilit
+i A x11-common - X Window System (X.Org) infrastructure
+i xorg - X.Org X Window System
+i A xserver-xorg - X.Org X server
+i A xserver-xorg-input-all - X.Org X server -- input driver metapackage
+#
+</pre></blockquote></p>
+
+<p>All in all, testing hurd has been an interesting experience. :)
+X.org did not work out of the box and I never took the time to follow
+the porters instructions to fix it. This time I was interested in the
+command line stuff.<p>
</description>
</item>
<item>
- <title>First beta release of Debian Edu/Skolelinux based on Debian Wheezy</title>
- <link>http://people.skolelinux.org/pere/blog/First_beta_release_of_Debian_Edu_Skolelinux_based_on_Debian_Wheezy.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/First_beta_release_of_Debian_Edu_Skolelinux_based_on_Debian_Wheezy.html</guid>
- <pubDate>Sat, 27 Jul 2013 20:30:00 +0200</pubDate>
- <description><p>The first wheezy based beta release of Debian Edu was wrapped up
-today. This is the release announcement:</p>
-
-<p><strong>New features for Debian Edu 7.1+edu0~b0 released
-2013-07-27</strong></p>
-
-<p>These are the release notes for for Debian Edu / Skolelinux
-7.1+edu0~b0, based on Debian with codename "Wheezy".</p>
-
-<p><strong>About Debian Edu and Skolelinux</strong></p>
-
-<p><a href="http://www.skolelinux.org/">Debian Edu, also known as
-Skolelinux</a>, is a Linux distribution based on Debian providing an
-out-of-the box environment of a completely configured school
-network. Immediately after installation a school server running all
-services needed for a school network is set up just waiting for users
-and machines being added via GOsa², a comfortable Web-UI. A netbooting
-environment is prepared using PXE, so after initial installation of
-the main server from CD, DVD or USB stick all other machines can be
-installed via the network. The provided school server provides LDAP
-database and Kerberos authentication service, centralized home
-directories, DHCP server, web proxy and many other services. The
-desktop contains
-<a href="http://people.skolelinux.org/pere/blog/Educational_applications_included_in_Debian_Edu___Skolelinux__the_screenshot_collection____.html">more
-than 60 educational software packages</a> and more are available from
-the Debian archive, and schools can choose between KDE, Gnome, LXDE
-and Xfce desktop environment.</p>
-
-<p>This is the fifth test release based on Debian Wheezy. Basically
-this is an updated and slightly improved version compared to the
-Squeeze release.</p>
-
-<p>ALERT: Alpha based installations should reinstall or downgrade the
-versions of gosa and libpam-mklocaluser to the ones used in this beta
-release.</p>
-
-<p><strong>Software updates</strong></p>
-
-<ul>
-
-<li>Switched roaming workstation profiles from wicd to network-manager
- for network configuration, as wicd didn't work any more.</li>
-<li>Changed version numbers of patched gosa and libpam-mklocaluser
- packages to make sure our locally patched versions will be replaced
- by the official packages when they are released from Debian. Those
- installing alpha version need to reinstall or manually downgrade gosa
- and libpam-mklocaluser.</li>
-<li>Added bluetooth tools to the default desktop (bluedevil, blueman).</li>
-<li>Added tools for sharing the desktop on KDE (krdc, krfb).</li>
-<li>Added valgrind to the default installation for easier debugging of
- crash bugs.</li>
-
-</ul>
-
-<p><strong>Other changes</strong></p>
-
-<ul>
-
-<li>Fixed artwork package to work with gnome, no longer break
- desktop=gnome installations.</li>
-<li>Adjusted installer to now work when forced to use a proxy with the
- netinst CD.</li>
-<li>Fixed code detecting and setting/loading hardware specific
- setup/firmware to work more robust out of the box.</li>
-<li>Adjusted Kerberos setup to detect realm and server settings at
- install time instead of dynamically at run time. This avoid a crash
- with krb5-auth-dialog on diskless workstations without a DNS name.</li>
-<li>Worked around misfeature in network-manager not calling the dhclient
- exit hooks, causing automatic proxy configuration and automatic host
- name setting at run time to work again.</li>
-<li>Fixed feature setting the default Iceweasel start page from URL
- fetched from LDAP, to allow schools to set the global default by
- updating the dc=skole,dc=skolelinux,dc=no LDAP object.</li>
-<li>Changed default host name on all networked machines to be unique
- (generated from MAC or reverse DNS) after boot.</li>
-<li>Adjusted partition sizes to make sure they are big enough.</li>
-
-</ul>
-
-<p><strong>Known issues</strong></p>
-
-<ul>
-
-<li>Grub is missing the new artwork.</li>
-<li>KDE fail to understand the wpad.dat file provided, causing it to
- not use the http proxy as it should.</li>
-<li>Chromium also fail to use the proxy.</li>
-
-</ul>
-
-<p><strong>Where to get it</strong></p>
-
-<p>To download the multiarch netinstall CD release you can use</p>
-
-<ul>
-
-<li><a href="ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-CD.iso">ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-CD.iso</a></li>
-
-<li><a href="http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-CD.iso">http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-CD.iso</a></li>
-
-<li>rsync -avzP ftp.skolelinux.org::skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-CD.iso .</li>
-
-</ul>
-
-<p>The MD5SUM of this image is: 55d5de9765b6dccd5d9ec33cf1a07109
-<br>The SHA1SUM of this image is: 996a1d9517740e4d627d100de2d12b23dd545a3f</p>
-
-<p>To download the multiarch USB stick ISO release you can use</p>
+ <title>A fist full of non-anonymous Bitcoins</title>
+ <link>http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html</guid>
+ <pubDate>Wed, 29 Jan 2014 14:10:00 +0100</pubDate>
+ <description><p>Bitcoin is a incredible use of peer to peer communication and
+encryption, allowing direct and immediate money transfer without any
+central control. It is sometimes claimed to be ideal for illegal
+activity, which I believe is quite a long way from the truth. At least
+I would not conduct illegal money transfers using a system where the
+details of every transaction are kept forever. This point is
+investigated in
+<a href="https://www.usenix.org/publications/login">USENIX ;login:</a>
+from December 2013, in the article
+"<a href="https://www.usenix.org/system/files/login/articles/03_meiklejohn-online.pdf">A
+Fistful of Bitcoins - Characterizing Payments Among Men with No
+Names</a>" by Sarah Meiklejohn, Marjori Pomarole,Grant Jordan, Kirill
+Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. They
+analyse the transaction log in the Bitcoin system, using it to find
+addresses belong to individuals and organisations and follow the flow
+of money from both Bitcoin theft and trades on Silk Road to where the
+money end up. This is how they wrap up their article:</p>
+
+<p><blockquote>
+<p>"To demonstrate the usefulness of this type of analysis, we turned
+our attention to criminal activity. In the Bitcoin economy, criminal
+activity can appear in a number of forms, such as dealing drugs on
+Silk Road or simply stealing someone else’s bitcoins. We followed the
+flow of bitcoins out of Silk Road (in particular, from one notorious
+address) and from a number of highly publicized thefts to see whether
+we could track the bitcoins to known services. Although some of the
+thieves attempted to use sophisticated mixing techniques (or possibly
+mix services) to obscure the flow of bitcoins, for the most part
+tracking the bitcoins was quite straightforward, and we ultimately saw
+large quantities of bitcoins flow to a variety of exchanges directly
+from the point of theft (or the withdrawal from Silk Road).</p>
+
+<p>As acknowledged above, following stolen bitcoins to the point at
+which they are deposited into an exchange does not in itself identify
+the thief; however, it does enable further de-anonymization in the
+case in which certain agencies can determine (through, for example,
+subpoena power) the real-world owner of the account into which the
+stolen bitcoins were deposited. Because such exchanges seem to serve
+as chokepoints into and out of the Bitcoin economy (i.e., there are
+few alternative ways to cash out), we conclude that using Bitcoin for
+money laundering or other illicit purposes does not (at least at
+present) seem to be particularly attractive."</p>
+</blockquote><p>
+
+<p>These researches are not the first to analyse the Bitcoin
+transaction log. The 2011 paper
+"<a href="http://arxiv.org/abs/1107.4524">An Analysis of Anonymity in
+the Bitcoin System</A>" by Fergal Reid and Martin Harrigan is
+summarized like this:</p>
+
+<p><blockquote>
+"Anonymity in Bitcoin, a peer-to-peer electronic currency system, is a
+complicated issue. Within the system, users are identified by
+public-keys only. An attacker wishing to de-anonymize its users will
+attempt to construct the one-to-many mapping between users and
+public-keys and associate information external to the system with the
+users. Bitcoin tries to prevent this attack by storing the mapping of
+a user to his or her public-keys on that user's node only and by
+allowing each user to generate as many public-keys as required. In
+this chapter we consider the topological structure of two networks
+derived from Bitcoin's public transaction history. We show that the
+two networks have a non-trivial topological structure, provide
+complementary views of the Bitcoin system and have implications for
+anonymity. We combine these structures with external information and
+techniques such as context discovery and flow analysis to investigate
+an alleged theft of Bitcoins, which, at the time of the theft, had a
+market value of approximately half a million U.S. dollars."
+</blockquote></p>
+
+<p>I hope these references can help kill the urban myth that Bitcoin
+is anonymous. It isn't really a good fit for illegal activites. Use
+cash if you need to stay anonymous, at least until regular DNA
+sampling of notes and coins become the norm. :)</p>
+
+<p>As usual, if you use Bitcoin and want to show your support of my
+activities, please send Bitcoin donations to my address
+<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&label=PetterReinholdtsenBlog">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
+</description>
+ </item>
+
+ <item>
+ <title>New chrpath release 0.16</title>
+ <link>http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html</guid>
+ <pubDate>Tue, 14 Jan 2014 11:00:00 +0100</pubDate>
+ <description><p><a href="http://www.coverity.com/">Coverity</a> is a nice tool to
+find problems in C, C++ and Java code using static source code
+analysis. It can detect a lot of different problems, and is very
+useful to find memory and locking bugs in the error handling part of
+the source. The company behind it provide
+<a href="https://scan.coverity.com/">check of free software projects as
+a community service</a>, and many hundred free software projects are
+already checked. A few days ago I decided to have a closer look at
+the Coverity system, and discovered that the
+<a href="http://www.gnu.org/software/gnash/">gnash</a> and
+<a href="http://sourceforge.net/projects/ipmitool/">ipmitool</a>
+projects I am involved with was already registered. But these are
+fairly big, and I would also like to have a small and easy project to
+check, and decided to <a href="http://scan.coverity.com/projects/1179">request
+checking of the chrpath project</a>. It was
+added to the checker and discovered seven potential defects. Six of
+these were real, mostly resource "leak" when the program detected an
+error. Nothing serious, as the resources would be released a fraction
+of a second later when the program exited because of the error, but it
+is nice to do it right in case the source of the program some time in
+the future end up in a library. Having fixed all defects and added
+<a href="https://lists.alioth.debian.org/mailman/listinfo/chrpath-devel">a
+mailing list for the chrpath developers</a>, I decided it was time to
+publish a new release. These are the release notes:</p>
+
+<p>New in 0.16 released 2014-01-14:</p>
<ul>
-<li><a href="ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-USB.iso">ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-USB.iso</a></li>
-<li><a href="http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-USB.iso">http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-USB.iso</a></li>
-<li>rsync -avzP ftp.skolelinux.org::skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-USB.iso .</li>
+ <li>Fixed all minor bugs discovered by Coverity.</li>
+ <li>Updated config.sub and config.guess from the GNU project.</li>
+ <li>Mention new project mailing list in the documentation.</li>
</ul>
-<p>The MD5SUM of this image is: d8f0818c51a78d357de794066f289f69
-<br>The SHA1SUM of this image is: 49185ca354e8d0543240423746924f76a6cee733</p>
-
-
-<p><strong>How to report bugs</strong></p>
-
-<p><a href="http://wiki.debian.org/DebianEdu/HowTo/ReportBugs">http://wiki.debian.org/DebianEdu/HowTo/ReportBugs</a>
+<p>You can
+<a href="https://alioth.debian.org/frs/?group_id=31052">download the
+new version 0.16 from alioth</a>. Please let us know via the Alioth
+project if something is wrong with the new release. The test suite
+did not discover any old errors, so if you find a new one, please also
+include a test suite check.</p>
</description>
</item>
<item>
- <title>How to fix a Thinkpad X230 with a broken 180 GB SSD disk</title>
- <link>http://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html</guid>
- <pubDate>Wed, 17 Jul 2013 23:50:00 +0200</pubDate>
- <description><p>Today I switched to
-<a href="http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html">my
-new laptop</a>. I've previously written about the problems I had with
-my new Thinkpad X230, which was delivered with an
-<a href="http://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html">180
-GB Intel SSD disk with Lenovo firmware</a> that did not handle
-sustained writes. My hardware supplier have been very forthcoming in
-trying to find a solution, and after first trying with another
-identical 180 GB disks they decided to send me a 256 GB Samsung SSD
-disk instead to fix it once and for all. The Samsung disk survived
-the installation of Debian with encrypted disks (filling the disk with
-random data during installation killed the first two), and I thus
-decided to trust it with my data. I have installed it as a Debian Edu
-Wheezy roaming workstation hooked up with my Debian Edu Squeeze main
-server at home using Kerberos and LDAP, and will use it as my work
-station from now on.</p>
-
-<p>As this is a solid state disk with no moving parts, I believe the
-Debian Wheezy default installation need to be tuned a bit to increase
-performance and increase life time of the disk. The Linux kernel and
-user space applications do not yet adjust automatically to such
-environment. To make it easier for my self, I created a draft Debian
-package <tt>ssd-setup</tt> to handle this tuning. The
-<a href="http://anonscm.debian.org/gitweb/?p=collab-maint/ssd-setup.git">source
-for the ssd-setup package</a> is available from collab-maint, and it
-is set up to adjust the setup of the machine by just installing the
-package. If there is any non-SSD disk in the machine, the package
-will refuse to install, as I did not try to write any logic to sort
-file systems in SSD and non-SSD file systems.</p>
-
-<p>I consider the package a draft, as I am a bit unsure how to best
-set up Debian Wheezy with an SSD. It is adjusted to my use case,
-where I set up the machine with one large encrypted partition (in
-addition to /boot), put LVM on top of this and set up partitions on
-top of this again. See the README file in the package source for the
-references I used to pick the settings. At the moment these
-parameters are tuned:</p>
+ <title>Debian Edu interview: Dominik George</title>
+ <link>http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Dominik_George.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Dominik_George.html</guid>
+ <pubDate>Wed, 25 Dec 2013 13:40:00 +0100</pubDate>
+ <description><p>The <a href="http://www.skolelinux.org/">Debian Edu / Skolelinux
+project</a> consist of both newcomers and old timers, and this time I
+was able to get an interview with a newcomer in the project who showed
+up on the IRC channel a few weeks ago to let us know about his
+successful installation of Debian Edu Wheezy in his School. Say hello
+to <a href="https://www.ohloh.net/accounts/Natureshadow">Dominik
+George</a>.</p>
+
+<!-- http://www.dominik-george.de/images/foto.jpg -->
+
+<p><strong>Who are you, and how do you spend your days?</strong></p>
+
+<p>I am a 23 year-old student from Germany who has spent half of his
+life with open source. In "real life", I am, as already mentioned, a
+student in the fields of Computer Science, Electrical Engineering,
+Information Technologies and Anglistics. Due to my (only partially
+voluntary) huge engagement in the open source world, these things are
+a bit vacant right now however.</p>
+
+<p>I also have been working as a project teacher at a Gymasnium
+(public school) for various years now. I took up that work some time
+around 2005 when still attending that school myself and have continued
+it until today. I also had been running the (kind of very advanced)
+network of that school together with a team of very interested and
+talented students in the age of 11 to 15 years, who took the chance to
+learn a lot about open source and networking before I left the school
+to help building another school's informational education concept from
+scratch.</p>
+
+<p>That said, one might see me as a kind of "glue" between school kids
+and the elderly of teachers as well as between the open source
+ecosystem and the (even more complex) educational ecosystem.</p>
+
+<p>When I am not busy with open source or education, I like Geocaching
+and cycling.</p>
+
+<p><strong>How did you get in contact with the Skolelinux / Debian Edu
+project?</strong></p>
+
+<p>I think that happened some time around 2009 when I first attended
+<a href="http://www.froscon.org">FrOSCon</a> and visited the project
+booth. I think I wasn't too interested back then because I used to
+have an attitude of disliking software that does too much stuff on its
+own. Maybe I was too inexperienced to realise the upsides of an
+"out-of-the-box" solution ;).</p>
+
+<p>The first time I actively talked to Skolelinux people was at
+<a href="http://www.openrheinruhr.de">OpenRheinRuhr</a> 2011 when the
+BiscuIT project, a home-grewn software used by my school for various
+really cool things from timetables and class contact lists to lunch
+ordering, student ID card printing and project elections first got to
+a stage where it could have been published. I asked the Skolelinux
+guys running the booth if the project were interested in it and gave a
+small demonstration, but there wasn't any real feedback and the guys
+seemed rather uninterested.</p>
+
+<p>After I left the school where I developed the software, it got
+mostly lost, but I am now reimplementing it for my new school. I have
+reusability and compatibility in mind, and I hop there will be a new
+basis for contributing it to the Skolelinux project ;)!</p>
+
+<p><strong>What do you see as the advantages of Skolelinux / Debian
+Edu?</strong></p>
+
+<p>The most important advantage seems to be that it "just
+works". After overcoming some minor (but still very annoying) glitches
+in the installer, I got a fully functional, working school network,
+without the month-long hassle I experienced when setting all that up
+from scratch in earlier years. And above that, it rocked - I didn't
+have any real hardware at hand, because the school was just founded
+and has no money whatsoever, so I installed a combined server (main
+server, terminal services and workstation) in a VM on my personal
+notebook, bridging the LTSP network interface to the ethernet port,
+and then PXE-booted the Windows notebooks that were lying around from
+it. I could use 8 clients without any performance issues, by using a
+tiny little VM on a tiny little notebook. I think that's enough to say
+that it rocks!</p>
+
+<p>Secondly, there are marketing reasons. Life's bad, and so no
+politician will ever permit a setup described as "Debian, an universal
+operating system, with some really cool educational tools" while they
+will be jsut fine with "Skolelinux, a single-purpose solution for your
+school network", even if both turn out to be the very same thing (yes,
+this is unfair towards the Skolelinux project, and must not be taken
+too seriously - you get the idea, anyway).</p>
+
+<p><strong>What do you see as the disadvantages of Skolelinux / Debian
+Edu?</strong></p>
+
+<p>I have not been involved with Skolelinux long enough to really
+answer this question in a fair way. Thus, please allow me to put it in
+other words: "What do you expect from Skolelinux to keep liking it?" I
+can list a few points about that:</p>
<ul>
-<li>Set up cryptsetup to pass TRIM commands to the physical disk
- (adding discard to /etc/crypttab)</li>
-
-<li>Set up LVM to pass on TRIM commands to the underlying device (in
- this case a cryptsetup partition) by changing issue_discards from
- 0 to 1 in /etc/lvm/lvm.conf.</li>
-
-<li>Set relatime as a file system option for ext3 and ext4 file
- systems.</li>
-
-<li>Tell swap to use TRIM commands by adding 'discard' to
- /etc/fstab.</li>
-
-<li>Change I/O scheduler from cfq to deadline using a udev rule.</li>
-
-<li>Run fstrim on every ext3 and ext4 file system every night (from
- cron.daily).</li>
-
-<li>Adjust sysctl values vm.swappiness to 1 and vm.vfs_cache_pressure
- to 50 to reduce the kernel eagerness to swap out processes.</li>
+ <li>always strive to get all things integrated into Debian upstream
+ <li>be open to discussion about changes and the like, even with newcomers
+ <li>be helpful at being helpful ;)
</ul>
-<p>During installation, I cancelled the part where the installer fill
-the disk with random data, as this would kill the SSD performance for
-little gain. My goal with the encrypted file system is to ensure
-those stealing my laptop end up with a brick and not a working
-computer. I have no hope in keeping the really resourceful people
-from getting the data on the disk (see
-<a href="http://xkcd.com/538/">XKCD #538</a> for an explanation why).
-Thus I concluded that adding the discard option to crypttab is the
-right thing to do.</p>
-
-<p>I considered using the noop I/O scheduler, as several recommended
-it for SSD, but others recommended deadline and a benchmark I found
-indicated that deadline might be better for interactive use.</p>
-
-<p>I also considered using the 'discard' file system option for ext3
-and ext4, but read that it would give a performance hit ever time a
-file is removed, and thought it best to that that slowdown once a day
-instead of during my work.</p>
-
-<p>My package do not set up tmpfs on /var/run, /var/lock and /tmp, as
-this is already done by Debian Edu.</p>
-
-<p>I have not yet started on the user space tuning. I expect
-iceweasel need some tuning, and perhaps other applications too, but
-have not yet had time to investigate those parts.</p>
-
-<p>The package should work on Ubuntu too, but I have not yet tested it
-there.</p>
-
-<p>As for the answer to the question in the title of this blog post,
-as far as I know, the only solution I know about is to replace the
-disk. It might be possible to flash it with Intel firmware instead of
-the Lenovo firmware. But I have not tried and did not want to do so
-without approval from Lenovo as I wanted to keep the warranty on the
-disk until a solution was found and they wanted the broken disks
-back.</p>
-</description>
- </item>
-
- <item>
- <title>Intel SSD 520 Series 180 GB with Lenovo firmware still lock up from sustained writes</title>
- <link>http://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html</guid>
- <pubDate>Wed, 10 Jul 2013 13:30:00 +0200</pubDate>
- <description><p>A few days ago, I wrote about
-<a href="http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html">the
-problems I experienced with my new X230 and its SSD disk</a>, which
-was dying during installation because it is unable to cope with
-sustained write. My supplier is in contact with
-<a href="http://www.lenovo.com/">Lenovo</a>, and they wanted to send a
-replacement disk to try to fix the problem. They decided to send an
-identical model, so my hopes for a permanent fix was slim.</p>
-
-<p>Anyway, today I got the replacement disk and tried to install
-Debian Edu Wheezy with encrypted disk on it. The new disk have the
-same firmware version as the original. This time my hope raised
-slightly as the installation progressed, as the original disk used to
-die after 4-7% of the disk was written to, while this time it kept
-going past 10%, 20%, 40% and even past 50%. But around 60%, the disk
-died again and I was back on square one. I still do not have a new
-laptop with a disk I can trust. I can not live with a disk that might
-lock up when I download a new
-<a href="http://www.skolelinux.org/">Debian Edu / Skolelinux</a> ISO or
-other large files. I look forward to hearing from my supplier with
-the next proposal from Lenovo.</p>
-
-<p>The original disk is marked Intel SSD 520 Series 180 GB,
-11S0C38722Z1ZNME35X1TR, ISN: CVCV321407HB180EGN, SA: G57560302, FW:
-LF1i, 29MAY2013, PBA: G39779-300, LBA 351,651,888, LI P/N: 0C38722,
-Pb-free 2LI, LC P/N: 16-200366, WWN: 55CD2E40002756C4, Model:
-SSDSC2BW180A3L 2.5" 6Gb/s SATA SSD 180G 5V 1A, ASM P/N 0C38732, FRU
-P/N 45N8295, P0C38732.</p>
-
-<p>The replacement disk is marked Intel SSD 520 Series 180 GB,
-11S0C38722Z1ZNDE34N0L0, ISN: CVCV315306RK180EGN, SA: G57560-302, FW:
-LF1i, 22APR2013, PBA: G39779-300, LBA 351,651,888, LI P/N: 0C38722,
-Pb-free 2LI, LC P/N: 16-200366, WWN: 55CD2E40000AB69E, Model:
-SSDSC2BW180A3L 2.5" 6Gb/s SATA SSD 180G 5V 1A, ASM P/N 0C38732, FRU
-P/N 45N8295, P0C38732.</p>
-
-<p>The only difference is in the first number (serial number?), ISN,
-SA, date and WNPP values. Mentioning all the details here in case
-someone is able to use the information to find a way to identify the
-failing disk among working ones (if any such working disk actually
-exist).</p>
-</description>
- </item>
-
- <item>
- <title>July 13th: Debian/Ubuntu BSP and Skolelinux/Debian Edu developer gathering in Oslo</title>
- <link>http://people.skolelinux.org/pere/blog/July_13th__Debian_Ubuntu_BSP_and_Skolelinux_Debian_Edu_developer_gathering_in_Oslo.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/July_13th__Debian_Ubuntu_BSP_and_Skolelinux_Debian_Edu_developer_gathering_in_Oslo.html</guid>
- <pubDate>Tue, 9 Jul 2013 10:40:00 +0200</pubDate>
- <description><p>The upcoming Saturday, 2013-07-13, we are organising a combined
-Debian Edu developer gathering and Debian and Ubuntu bug squashing
-party in Oslo. It is organised by <a href="http://www.nuug.no/">the
-member assosiation NUUG</a> and
-<a href="http://www.skolelinux.org/">the Debian Edu / Skolelinux
-project</a> together with <a href="http://bitraf.no/">the hack space
-Bitraf</a>.</p>
-
-<p>It starts 10:00 and continue until late evening. Everyone is
-welcome, and there is no fee to participate. There is on the other
-hand limited space, and only room for 30 people. Please put your name
-on <a href="http://wiki.debian.org/BSP/2013/07/13/no/Oslo">the event
-wiki page</a> if you plan to join us.</p>
+<p>I'm really sorry I cannot say much more about that :(!</p>
+
+<p><strong>Which free software do you use daily?</strong></p>
+
+<p>First of all, all software I use is free and open. I have abandoned
+all non-free software (except for firmware on my darned phone) this
+year.</p>
+
+<p>I run Debian GNU/Linux on all PC systems I use. On that, I mostly
+run text tools. I use
+<a href="https://www.mirbsd.org/mksh.htm">mksh</a> as shell,
+<a href="https://www.mirbsd.org/jupp.htm">jupp</a> as very advanced
+text editor (I even got the developer to help me write a script/macro
+based full-featured student management software with the two),
+<a href="http://mcabber.com/">mcabber</a> for XMPP and
+<a href="http://www.irssi.org/">irssi</a> for IRC. For that overly
+coloured world called the WWW, I use
+<a href="https://www.mozilla.org/en-US/firefox/new/">Iceweasel
+(Firefox)</a>. Oh, and <a href="http://www.mutt.org/">mutt</a> for
+e-mail.</p>
+
+<p>However, while I am personally aware of the fact that text tools
+are more efficient and powerful than anything else, I also use (or at
+least operate) some tools that are suitable to bring open source to
+kids. One of these things is <a href="http://jappix.org/">Jappix</a>,
+which I already introduced to some kids even before they got aware of
+Facebook, making them see for themselves that they do not need
+Facebook now ;).</p>
+
+<p><strong>Which strategy do you believe is the right one to use to
+get schools to use free software?</strong></p>
+
+<p>Well, that's a two-sided thing. One side is what I believe, and one
+side is what I have experienced.</p>
+
+<p>I believe that the right strategy is showing them the benefits. But
+that won't work out as long as the acceptance of free alternatives
+grows globally. What I mean is that if all the kids are almost forced
+to use Windows, Facebook, Skype, you name it at home, they will not
+see why they would want to use alternatives at school. I have seen
+students take seat in front of a fully-functional, modern Debian
+desktop that could do anything their Windows at home could do, and
+they jsut refused to use it because "Linux sucks". It is something
+that makes the council of our city spend around 600000 € to buy
+software - not including hardware, mind you - for operating school
+networks, and for installing a system that, as has been proved, does
+not work. For those of you readers who are good at maths, have you
+already found out how many lives could have been saved with that money
+if we had instead used it to bring education to parts of the world
+that need it? I have, and found it to be nothing less dramatic than
+plain criminal.</p>
+
+<p>That said, the only feasible way appears to be the bottom up
+method. We have to bring free software to kids and parents. I have
+founded an association named
+<a href="https://www.teckids.org">Teckids</a> here in Germany that does
+just that. We organise several events for kids and adolescents in the
+area of free and open source software, for example the
+<a href="http://kids.froscon.org">FrogLabs</a>, which share staff with
+Teckids and are the youth programme of
+<a href="http://www.froscon.org">the Free and Open Source Software
+Conference (FrOSCon)</a>. We do a lot more than most other conferences
+- this year, we first offered the FrogLabs as a holiday camp for kids
+aged 10 to 16. It was a huge success, with approx. 30 kids taking part
+and learning with and about free software through a whole weekend. All
+of us had a lot of fun, and the results were really exciting.</p>
+
+<p>Apart from that, we are preparing a campaign that is supposed to bring
+the message of free alternatives to stuff kids use every day to them and
+their parents, e.g. the use of Jabber / Jappix instead of Facebook and
+Skype. To make that possible, we are planning to get together a team of
+clever kids who understand very well what their peers need and can bring
+it across to them. So we will have a peer-driven network of adolescents
+who teach each other and collect feedback from the community of minors.
+We then take that feedback and our own experience to work closely with
+open source projects, such as Skolelinux or Jappix, at improving their
+software in a way that makes it more and more attractive for the target
+group. At least I hope that we will have good cooperation with
+Skolelinux in the future ;)!</p>
+
+<p>So in conclusion, what I believe is that, if it weren't for the world
+being so bad, it should be very clear to the political decision makers
+that the only way to go nowadays is free software for various reasons,
+but I have learnt that the only way that seems to work is bottom up.</p>
+
+<!--
+
+> * Who should be interviewed with this questions in the future?
+
+That's probably the hardest question of them all, as I do not know the
+community. However, I would be willing to do the following:
+
+ <li>Run an interview with a German headteacher who is very open to
+ free software, and also prefers it, but cannot really use it because
+ of the decision makers above;
+ <li>Run interviews with some kids, both with and without previous
+ knowledge about free software
+
+If that is wanted, just let me know ;).
+
+-->
</description>
</item>
<item>
- <title>The Thinkpad is dead, long live the Thinkpad X230?</title>
- <link>http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html</guid>
- <pubDate>Fri, 5 Jul 2013 08:30:00 +0200</pubDate>
- <description><p>Half a year ago, I reported that I had to find a
-<a href="http://people.skolelinux.org/pere/blog/Thank_you_Thinkpad_X41__for_your_long_and_trustworthy_service.html">replacement
-for my trusty old Thinkpad X41</a>. Unfortunately I did not have much
-time to spend on it, and it took a while to find a model I believe
-will do the job, but two days ago the replacement finally arrived. I
-ended up picking a
-<a href="http://www.linlap.com/lenovo_thinkpad_x230">Thinkpad X230</a>
-with SSD disk (NZDAJMN). I first test installed Debian Edu Wheezy as
-a roaming workstation, and it seemed to work flawlessly. But my
-second installation with encrypted disk was not as successful. More
-on that below.</p>
-
-<p>I had a hard time trying to track down a good laptop, as my most
-important requirements (robust and with a good keyboard) are never
-listed in the feature list. But I did get good help from the search
-feature at <a href="http://www.prisjakt.no/">Prisjakt</a>, which
-allowed me to limit the list of interesting laptops based on my other
-requirements. A bit surprising that SSD disk are not disks according
-to that search interface, so I had to drop specifying the number of
-disks from my search parameters. I also asked around among friends to
-get their impression on keyboards and robustness.</p>
-
-<p>So the new laptop arrived, and it is quite a lot wider than the
-X41. I am not quite convinced about the keyboard, as it is
-significantly wider than my old keyboard, and I have to stretch my
-hand a lot more to reach the edges. But the key response is fairly
-good and the individual key shape is fairly easy to handle, so I hope
-I will get used to it. My old X40 was starting to fail, and I really
-needed a new laptop now. :)</p>
-
-<p>Turning off the touch pad was simple. All it took was a quick
-visit to the BIOS during boot it disable it.</p>
-
-<p>But there is a fatal problem with the laptop. The 180 GB SSD disk
-lock up during load. And this happen when installing Debian Wheezy
-with encrypted disk, while the disk is being filled with random data.
-I also tested to install Ubuntu Raring, and it happen there too if I
-reenable the code to fill the disk with random data (it is disabled by
-default in Ubuntu). And the bug with is already known. It was
-reported to Debian as <a href="http://bugs.debian.org/691427">BTS
-report #691427 2012-10-25</a> (journal commit I/O error on brand-new
-Thinkpad T430s ext4 on lvm on SSD). It is also reported to the Linux
-kernel developers as
-<a href="https://bugzilla.kernel.org/show_bug.cgi?id=51861">Kernel bugzilla
-report #51861 2012-12-20</a> (Intel SSD 520 stops working under load
-(SSDSC2BW180A3L in Lenovo ThinkPad T430s)). It is also reported on the
-Lenovo forums, both for
-<a href="http://forums.lenovo.com/t5/T400-T500-and-newer-T-series/T430s-Intel-SSD-520-180GB-issue/m-p/1070549">T430
-2012-11-10</a> and for
-<a href="http://forums.lenovo.com/t5/X-Series-ThinkPad-Laptops/x230-SATA-errors-with-180GB-Intel-520-SSD-under-heavy-write-load/m-p/1068147">X230
-03-20-2013</a>. The problem do not only affect installation. The
-reports state that the disk lock up during use if many writes are done
-on the disk, so it is much no use to work around the installation
-problem and end up with a computer that can lock up at any moment.
-There is even a
-<a href="https://git.efficios.com/?p=test-ssd.git">small C program
-available</a> that will lock up the hard drive after running a few
-minutes by writing to a file.</p>
-
-<p>I've contacted my supplier and asked how to handle this, and after
-contacting PCHELP Norway (request 01D1FDP) which handle support
-requests for Lenovo, his first suggestion was to upgrade the disk
-firmware. Unfortunately there is no newer firmware available from
-Lenovo, as my disk already have the most recent one (version LF1i). I
-hope to hear more from him today and hope the problem can be
-fixed. :)</p>
+ <title>Dugnadsnett for alle stiller på Oslo Maker Faire i januar 2014</title>
+ <link>http://people.skolelinux.org/pere/blog/Dugnadsnett_for_alle_stiller_p__Oslo_Maker_Faire_i_januar_2014.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Dugnadsnett_for_alle_stiller_p__Oslo_Maker_Faire_i_januar_2014.html</guid>
+ <pubDate>Tue, 10 Dec 2013 19:20:00 +0100</pubDate>
+ <description><p>Helga 18. og 19. januar 2014 arrangeres
+<a href="http://makerfaireoslo.no/no/program/dugnadsnett">Oslo Maker
+Faire</a>, og <a href="http://www.dugnadsnett.no/">Dugnadsnett for
+alle</a> har fått plass! Planen er å ha et bord med en plakat der vi
+forteller om hva Dugnadsnett for alle er for noe, og et lite verksted
+der vi hjelper folk som er interessert i å få opp sin egen mesh-node.
+Jeg gleder meg til å se hvordan prosjektet blir mottatt der.</p>
+
+<p>Målet med dugnadsnett for alle i Oslo er å få på plass et datanett
+for kommunikasjon ved hjelp av radio-repeaterstasjoner (kalt
+mesh-noder) som gjør at en kan direkte kommunisere med slekt, venner
+og bekjente i Oslo via andre som deltar i dugnadsnettet, samt gjøre
+det mulig komme ut på internett via dugnadsnettet. Første delmål er å
+kunne sende SMS-meldinger vha. IP-telefoni løsningen
+<a href="http://www.servalproject.org/">Serval project</a> mellom
+deltagerne i Dugnadsnett for alle i Oslo. Formålet er å ta tilbake
+kontrollen over egen nett-infrastruktur og gjøre det dyrere å bedrive
+massiv innsamling av informasjon om borgernes bruk av datanett.</p>
+
+<p>Høres dette interessant ut? Bli med på prosjektet, fortell oss
+hvor du kunne tenke deg å sette opp en radio-repeater (slik at folk i
+nærheten kan finne hverandre ved hjelp av
+<a href="http://flynor.net/mesh/mesh.php">kartet over planlagte og
+eksisterende radio-repeatere</A>), bli med på epostlisten
+<a href="http://lists.nuug.no/mailman/listinfo/dugnadsnett">dugnadsnett
+(at) nuug.no</a> og stikk innom
+<a href="irc://irc.freenode.net/#dugnadsnett.no">IRC-kanalen
+#dugnadsnett.no</a>. Så langt er det planlagt over 40
+radio-repeatere, med VPN-forbindelser via Internet for å la de delene
+av nettet som ikke når hverandre via radio kunne snakke med hverandre
+likevel.</p>
</description>
</item>
projects / homepage.git / blobdiff