+ <div class="entry">
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/Free_software_car_computer_solution_.html">Free software car computer solution?</a></div>
+ <div class="date">29th May 2014</div>
+ <div class="body"><p>Dear lazyweb. I'm planning to set up a small Raspberry Pi computer
+in my car, connected to
+<a href="http://www.dx.com/p/400a-4-0-tft-lcd-digital-monitor-for-vehicle-parking-reverse-camera-1440x272-12v-dc-57776">a
+small screen</a> next to the rear mirror. I plan to hook it up with a
+GPL and a USB wifi card too. The idea is to get my own
+"<a href="http://en.wikipedia.org/wiki/Carputer">Carputer</a>". But I
+wonder if someone already created a good free software solution for
+such car computer.</p>
+
+<p>This is my current wish list for such system:</p>
+
+<ul>
+
+ <li>Work on Raspberry Pi.</li>
+
+ <li>Show current speed limit based on location, and warn if going too
+ fast (for example using color codes yellow and red on the screen,
+ or make a sound). This could be done either using either data from
+ <a href="http://www.openstreetmap.org/">Openstreetmap</a> or OCR
+ info gathered from a dashboard camera.</li>
+
+ <li>Track automatic toll road passes and their cost, show total spent
+ and make it possible to calculate toll costs for planned
+ route.</li>
+
+ <li>Collect GPX tracks for use with OpenStreetMap.</li>
+
+ <li>Automatically detect and use any wireless connection to connect
+ to home server. Try IP over DNS
+ (<a href="http://dev.kryo.se/iodine/">iodine</a>) or ICMP
+ (<a href="http://code.gerade.org/hans/">Hans</a>) if direct
+ connection do not work.</li>
+
+ <li>Set up mesh network to talk to other cars with the same system,
+ or some stanard car mesh protocol.</li>
+
+ <li>Warn when approaching speed cameras and speed camera ranges
+ (speed calculated between two cameras).</li>
+
+ <li>Suport dashboard/front facing camera to discover speed limits and
+ run OCR to track registration number of passing cars.</li>
+
+</ul>
+
+<p>If you know of any free software car computer system supporting
+some or all of these features, please let me know.</p>
+</div>
+ <div class="tags">
+
+
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>.
+
+
+ </div>
+ </div>
+ <div class="padding"></div>
+
+ <div class="entry">
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/Half_the_Coverity_issues_in_Gnash_fixed_in_the_next_release.html">Half the Coverity issues in Gnash fixed in the next release</a></div>
+ <div class="date">29th April 2014</div>
+ <div class="body"><p>I've been following <a href="http://www.getgnash.org/">the Gnash
+project</a> for quite a while now. It is a free software
+implementation of Adobe Flash, both a standalone player and a browser
+plugin. Gnash implement support for the AVM1 format (and not the
+newer AVM2 format - see
+<a href="http://lightspark.github.io/">Lightspark</a> for that one),
+allowing several flash based sites to work. Thanks to the friendly
+developers at Youtube, it also work with Youtube videos, because the
+Javascript code at Youtube detect Gnash and serve a AVM1 player to
+those users. :) Would be great if someone found time to implement AVM2
+support, but it has not happened yet. If you install both Lightspark
+and Gnash, Lightspark will invoke Gnash if it find a AVM1 flash file,
+so you can get both handled as free software. Unfortunately,
+Lightspark so far only implement a small subset of AVM2, and many
+sites do not work yet.</p>
+
+<p>A few months ago, I started looking at
+<a href="http://scan.coverity.com/">Coverity</a>, the static source
+checker used to find heaps and heaps of bugs in free software (thanks
+to the donation of a scanning service to free software projects by the
+company developing this non-free code checker), and Gnash was one of
+the projects I decided to check out. Coverity is able to find lock
+errors, memory errors, dead code and more. A few days ago they even
+extended it to also be able to find the heartbleed bug in OpenSSL.
+There are heaps of checks being done on the instrumented code, and the
+amount of bogus warnings is quite low compared to the other static
+code checkers I have tested over the years.</p>
+
+<p>Since a few weeks ago, I've been working with the other Gnash
+developers squashing bugs discovered by Coverity. I was quite happy
+today when I checked the current status and saw that of the 777 issues
+detected so far, 374 are marked as fixed. This make me confident that
+the next Gnash release will be more stable and more dependable than
+the previous one. Most of the reported issues were and are in the
+test suite, but it also found a few in the rest of the code.</p>
+
+<p>If you want to help out, you find us on
+<a href="https://lists.gnu.org/mailman/listinfo/gnash-dev">the
+gnash-dev mailing list</a> and on
+<a href="irc://irc.freenode.net/#gnash">the #gnash channel on
+irc.freenode.net IRC server</a>.</p>
+</div>
+ <div class="tags">
+
+
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia</a>, <a href="http://people.skolelinux.org/pere/blog/tags/video">video</a>, <a href="http://people.skolelinux.org/pere/blog/tags/web">web</a>.
+
+
+ </div>
+ </div>
+ <div class="padding"></div>
+
+ <div class="entry">
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/Install_hardware_dependent_packages_using_tasksel__Isenkram_0_7_.html">Install hardware dependent packages using tasksel (Isenkram 0.7)</a></div>
+ <div class="date">23rd April 2014</div>
+ <div class="body"><p>It would be nice if it was easier in Debian to get all the hardware
+related packages relevant for the computer installed automatically.
+So I implemented one, using
+<a href="http://packages.qa.debian.org/isenkram">my Isenkram
+package</a>. To use it, install the tasksel and isenkram packages and
+run tasksel as user root. You should be presented with a new option,
+"Hardware specific packages (autodetected by isenkram)". When you
+select it, tasksel will install the packages isenkram claim is fit for
+the current hardware, hot pluggable or not.<p>
+
+<p>The implementation is in two files, one is the tasksel menu entry
+description, and the other is the script used to extract the list of
+packages to install. The first part is in
+<tt>/usr/share/tasksel/descs/isenkram.desc</tt> and look like
+this:</p>
+
+<p><blockquote><pre>
+Task: isenkram
+Section: hardware
+Description: Hardware specific packages (autodetected by isenkram)
+ Based on the detected hardware various hardware specific packages are
+ proposed.
+Test-new-install: mark show
+Relevance: 8
+Packages: for-current-hardware
+</pre></blockquote></p>
+
+<p>The second part is in
+<tt>/usr/lib/tasksel/packages/for-current-hardware</tt> and look like
+this:</p>
+
+<p><blockquote><pre>
+#!/bin/sh
+#
+(
+ isenkram-lookup
+ isenkram-autoinstall-firmware -l
+) | sort -u
+</pre></blockquote></p>
+
+<p>All in all, a very short and simple implementation making it
+trivial to install the hardware dependent package we all may want to
+have installed on our machines. I've not been able to find a way to
+get tasksel to tell you exactly which packages it plan to install
+before doing the installation. So if you are curious or careful,
+check the output from the isenkram-* command line tools first.</p>
+
+<p>The information about which packages are handling which hardware is
+fetched either from the isenkram package itself in
+/usr/share/isenkram/, from git.debian.org or from the APT package
+database (using the Modaliases header). The APT package database
+parsing have caused a nasty resource leak in the isenkram daemon (bugs
+<a href="http://bugs.debian.org/719837">#719837</a> and
+<a href="http://bugs.debian.org/730704">#730704</a>). The cause is in
+the python-apt code (bug
+<a href="http://bugs.debian.org/745487">#745487</a>), but using a
+workaround I was able to get rid of the file descriptor leak and
+reduce the memory leak from ~30 MiB per hardware detection down to
+around 2 MiB per hardware detection. It should make the desktop
+daemon a lot more useful. The fix is in version 0.7 uploaded to
+unstable today.</p>
+
+<p>I believe the current way of mapping hardware to packages in
+Isenkram is is a good draft, but in the future I expect isenkram to
+use the AppStream data source for this. A proposal for getting proper
+AppStream support into Debian is floating around as
+<a href="https://wiki.debian.org/DEP-11">DEP-11</a>, and
+<a href="https://wiki.debian.org/SummerOfCode2014/Projects#SummerOfCode2014.2FProjects.2FAppStreamDEP11Implementation.AppStream.2FDEP-11_for_the_Debian_Archive">GSoC
+project</a> will take place this summer to improve the situation. I
+look forward to seeing the result, and welcome patches for isenkram to
+start using the information when it is ready.</p>
+
+<p>If you want your package to map to some specific hardware, either
+add a "Xb-Modaliases" header to your control file like I did in
+<a href="http://packages.qa.debian.org/pymissile">the pymissile
+package</a> or submit a bug report with the details to the isenkram
+package. See also
+<a href="http://people.skolelinux.org/pere/blog/tags/isenkram/">all my
+blog posts tagged isenkram</a> for details on the notation. I expect
+the information will be migrated to AppStream eventually, but for the
+moment I got no better place to store it.</p>
+</div>
+ <div class="tags">
+
+
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/isenkram">isenkram</a>.
+
+
+ </div>
+ </div>
+ <div class="padding"></div>
+
+ <div class="entry">
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/FreedomBox_milestone___all_packages_now_in_Debian_Sid.html">FreedomBox milestone - all packages now in Debian Sid</a></div>
+ <div class="date">15th April 2014</div>
+ <div class="body"><p>The <a href="https://wiki.debian.org/FreedomBox">Freedombox
+project</a> is working on providing the software and hardware to make
+it easy for non-technical people to host their data and communication
+at home, and being able to communicate with their friends and family
+encrypted and away from prying eyes. It is still going strong, and
+today a major mile stone was reached.</p>
+
+<p>Today, the last of the packages currently used by the project to
+created the system images were accepted into Debian Unstable. It was
+the freedombox-setup package, which is used to configure the images
+during build and on the first boot. Now all one need to get going is
+the build code from the freedom-maker git repository and packages from
+Debian. And once the freedombox-setup package enter testing, we can
+build everything directly from Debian. :)</p>
+
+<p>Some key packages used by Freedombox are
+<a href="http://packages.qa.debian.org/freedombox-setup">freedombox-setup</a>,
+<a href="http://packages.qa.debian.org/plinth">plinth</a>,
+<a href="http://packages.qa.debian.org/pagekite">pagekite</a>,
+<a href="http://packages.qa.debian.org/tor">tor</a>,
+<a href="http://packages.qa.debian.org/privoxy">privoxy</a>,
+<a href="http://packages.qa.debian.org/owncloud">owncloud</a> and
+<a href="http://packages.qa.debian.org/dnsmasq">dnsmasq</a>. There
+are plans to integrate more packages into the setup. User
+documentation is maintained on the Debian wiki. Please
+<a href="https://wiki.debian.org/FreedomBox/Manual/Jessie">check out
+the manual</a> and help us improve it.</p>
+
+<p>To test for yourself and create boot images with the FreedomBox
+setup, run this on a Debian machine using a user with sudo rights to
+become root:</p>
+
+<p><pre>
+sudo apt-get install git vmdebootstrap mercurial python-docutils \
+ mktorrent extlinux virtualbox qemu-user-static binfmt-support \
+ u-boot-tools
+git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \
+ freedom-maker
+make -C freedom-maker dreamplug-image raspberry-image virtualbox-image
+</pre></p>
+
+<p>Root access is needed to run debootstrap and mount loopback
+devices. See the README in the freedom-maker git repo for more
+details on the build. If you do not want all three images, trim the
+make line. Note that the virtualbox-image target is not really
+virtualbox specific. It create a x86 image usable in kvm, qemu,
+vmware and any other x86 virtual machine environment. You might need
+the version of vmdebootstrap in Jessie to get the build working, as it
+include fixes for a race condition with kpartx.</p>
+
+<p>If you instead want to install using a Debian CD and the preseed
+method, boot a Debian Wheezy ISO and use this boot argument to load
+the preseed values:</p>
+
+<p><pre>
+url=<a href="http://www.reinholdtsen.name/freedombox/preseed-jessie.dat">http://www.reinholdtsen.name/freedombox/preseed-jessie.dat</a>
+</pre></p>
+
+<p>I have not tested it myself the last few weeks, so I do not know if
+it still work.</p>
+
+<p>If you wonder how to help, one task you could look at is using
+systemd as the boot system. It will become the default for Linux in
+Jessie, so we need to make sure it is usable on the Freedombox. I did
+a simple test a few weeks ago, and noticed dnsmasq failed to start
+during boot when using systemd. I suspect there are other problems
+too. :) To detect problems, there is a test suite included, which can
+be run from the plinth web interface.</p>
+
+<p>Give it a go and let us know how it goes on the mailing list, and help
+us get the new release published. :) Please join us on
+<a href="irc://irc.debian.org:6667/%23freedombox">IRC (#freedombox on
+irc.debian.org)</a> and
+<a href="http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss">the
+mailing list</a> if you want to help make this vision come true.</p>
+</div>
+ <div class="tags">
+
+
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox</a>, <a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet</a>, <a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance</a>, <a href="http://people.skolelinux.org/pere/blog/tags/web">web</a>.
+
+
+ </div>
+ </div>
+ <div class="padding"></div>
+
+ <div class="entry">
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/Spr_kkoder_for_POSIX_locale_i_Norge.html">Språkkoder for POSIX locale i Norge</a></div>
+ <div class="date">11th April 2014</div>
+ <div class="body"><p>For 12 år siden, skrev jeg et lite notat om
+<a href="http://i18n.skolelinux.no/localekoder.txt">bruk av språkkoder
+i Norge</a>. Jeg ble nettopp minnet på dette da jeg fikk spørsmål om
+notatet fortsatt var aktuelt, og tenkte det var greit å repetere hva
+som fortsatt gjelder. Det jeg skrev da er fortsatt like aktuelt.</p>
+
+<p>Når en velger språk i programmer på unix, så velger en blant mange
+språkkoder. For språk i Norge anbefales følgende språkkoder (anbefalt
+locale i parantes):</p>
+
+<p><dl>
+<dt>nb (nb_NO)</dt><dd>Bokmål i Norge</dd>
+<dt>nn (nn_NO)</dt><dd>Nynorsk i Norge</dd>
+<dt>se (se_NO)</dt><dd>Nordsamisk i Norge</dd>
+</dl></p>
+
+<p>Alle programmer som bruker andre koder bør endres.</p>
+
+<p>Språkkoden bør brukes når .po-filer navngis og installeres. Dette
+er ikke det samme som locale-koden. For Norsk Bokmål, så bør filene
+være navngitt nb.po, mens locale (LANG) bør være nb_NO.</p>
+
+<p>Hvis vi ikke får standardisert de kodene i alle programmene med
+norske oversettelser, så er det umulig å gi LANG-variablen ett innhold
+som fungerer for alle programmer.</p>
+
+<p>Språkkodene er de offisielle kodene fra ISO 639, og bruken av dem i
+forbindelse med POSIX localer er standardisert i RFC 3066 og ISO
+15897. Denne anbefalingen er i tråd med de angitte standardene.</p>
+
+<p>Følgende koder er eller har vært i bruk som locale-verdier for
+"norske" språk. Disse bør unngås, og erstattes når de oppdages:</p>
+
+<p><table>
+<tr><td>norwegian</td><td>-> nb_NO</td></tr>
+<tr><td>bokmål </td><td>-> nb_NO</td></tr>
+<tr><td>bokmal </td><td>-> nb_NO</td></tr>
+<tr><td>nynorsk </td><td>-> nn_NO</td></tr>
+<tr><td>no </td><td>-> nb_NO</td></tr>
+<tr><td>no_NO </td><td>-> nb_NO</td></tr>
+<tr><td>no_NY </td><td>-> nn_NO</td></tr>
+<tr><td>sme_NO </td><td>-> se_NO</td></tr>
+</table></p>
+
+<p>Merk at når det gjelder de samiske språkene, at se_NO i praksis
+henviser til nordsamisk i Norge, mens f.eks. smj_NO henviser til
+lulesamisk. Dette notatet er dog ikke ment å gi råd rundt samiske
+språkkoder, der gjør
+<a href="http://www.divvun.no/">Divvun-prosjektet</a> en bedre
+jobb.</p>
+
+<p><strong>Referanser:</strong></p>
+
+<ul>
+
+ <li><a href="http://www.rfc-base.org/rfc-3066.html">RFC 3066 - Tags
+ for the Identification of Languages</a> (Erstatter RFC 1766)</li>
+
+ <li><a href="http://www.loc.gov/standards/iso639-2/langcodes.html">ISO
+ 639</a> - Codes for the Representation of Names of Languages</li>
+
+ <li><a href="http://std.dkuug.dk/jtc1/sc22/wg20/docs/n897-14652w25.pdf">ISO
+ DTR 14652</a> - locale-standard Specification method for cultural
+ conventions</li>
+
+ <li><a href="http://std.dkuug.dk/jtc1/sc22/wg20/docs/n610.pdf">ISO
+ 15897: Registration procedures for cultural elements (cultural
+ registry)</a>,
+ <a href="http://std.dkuug.dk/jtc1/sc22/wg20/docs/n849-15897wd6.pdf">(nytt
+ draft)</a></li>
+
+ <li><a href="http://std.dkuug.dk/jtc1/sc22/wg20/">ISO/IEC
+ JTC1/SC22/WG20</a> - Gruppen for i18n-standardisering i ISO</li>
+
+<ul>
+</div>
+ <div class="tags">
+
+
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk</a>.
+
+
+ </div>
+ </div>
+ <div class="padding"></div>
+
<div class="entry">
<div class="title"><a href="http://people.skolelinux.org/pere/blog/S3QL__a_locally_mounted_cloud_file_system___nice_free_software.html">S3QL, a locally mounted cloud file system - nice free software</a></div>
<div class="date"> 9th April 2014</div>
solution for use at home. My requirements are simple, it must be
cheap and locally encrypted (in other words, I keep the encryption
keys, the storage provider do not have access to my private files).
-One idea me and my friends have had many years ago, before the cloud
-storage providers showed up, have been to use Google mail as storage,
+One idea me and my friends had many years ago, before the cloud
+storage providers showed up, was to use Google mail as storage,
writing a Linux block device storing blocks as emails in the mail
service provided by Google, and thus get heaps of free space. On top
of this one can add encryption, RAID and volume management to have
install s3ql</tt>. Next, pick a storage provider. I ended up picking
Greenqloud, after reading their nice recipe on
<a href="https://greenqloud.zendesk.com/entries/44611757-How-To-Use-S3QL-to-mount-a-StorageQloud-bucket-on-Debian-Wheezy">how
-to use s3ql with their Amazon S3 service</a>, because I trust the laws
+to use S3QL with their Amazon S3 service</a>, because I trust the laws
in Iceland more than those in USA when it come to keeping my personal
data safe and private, and thus would rather spend money on a company
in Iceland. Another nice recipe is available from the article
..contents..
..ext_attributes..
Mounting filesystem...
-# df -h /mnt
+# df -h /s3ql
Filesystem Size Used Avail Use% Mounted on
s3c://s.greenqloud.com:443/bucket-name 1.0T 0 1.0T 0% /s3ql
#
<p>The file content is uploaded when the cache is full, while the
metadata is uploaded once every 24 hour by default. To ensure the
file system content is flushed to the cloud, one can either umount the
-file system, or ask s3ql to flush the cache and metadata using
+file system, or ask S3QL to flush the cache and metadata using
s3qlctrl:
<p><blockquote><pre>
<a href="http://crowncloud.net/">Crowncloud</A>. The latter even
accept payment in Bitcoin. Pick one that suit your need. Some of
them provide several GiB of free storage, but the prize models are
-quire different and you will have to figure out what suit you
+quite different and you will have to figure out what suits you
best.</p>
<p>While researching this blog post, I had a look at research papers
a home directory (in other word, that it provided POSIX semantics when
it come to locking and umask handling etc). Running
<a href="http://people.skolelinux.org/pere/blog/Testing_if_a_file_system_can_be_used_for_home_directories___.html">my
-test code to check file system semantics, I was happy to discover that
+test code to check file system semantics</a>, I was happy to discover that
no error was found. So the file system can be used for home
directories, if one chooses to do so.</p>
<div class="tags">
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk</a>, <a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern</a>, <a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet</a>, <a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance</a>.
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/
dld">dld</a>, <a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk</a>, <a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern</a>, <a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet</a>, <a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance</a>.
</div>
<div class="tags">
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox</a>, <a href="http://people.skolelinux.org/pere/blog/tags/mesh network">mesh network</a>, <a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk</a>, <a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern</a>, <a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet</a>, <a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance</a>.
-
-
- </div>
- </div>
- <div class="padding"></div>
-
- <div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/Public_Trusted_Timestamping_services_for_everyone.html">Public Trusted Timestamping services for everyone</a></div>
- <div class="date">25th March 2014</div>
- <div class="body"><p>Did you ever need to store logs or other files in a way that would
-allow it to be used as evidence in court, and needed a way to
-demonstrate without reasonable doubt that the file had not been
-changed since it was created? Or, did you ever need to document that
-a given document was received at some point in time, like some
-archived document or the answer to an exam, and not changed after it
-was received? The problem in these settings is to remove the need to
-trust yourself and your computers, while still being able to prove
-that a file is the same as it was at some given time in the past.</p>
-
-<p>A solution to these problems is to have a trusted third party
-"stamp" the document and verify that at some given time the document
-looked a given way. Such
-<a href="https://en.wikipedia.org/wiki/Notarius">notarius</a> service
-have been around for thousands of years, and its digital equivalent is
-called a
-<a href="http://en.wikipedia.org/wiki/Trusted_timestamping">trusted
-timestamping service</a>. <a href="http://www.ietf.org/">The Internet
-Engineering Task Force</a> standardised how such service could work a
-few years ago as <a href="http://tools.ietf.org/html/rfc3161">RFC
-3161</a>. The mechanism is simple. Create a hash of the file in
-question, send it to a trusted third party which add a time stamp to
-the hash and sign the result with its private key, and send back the
-signed hash + timestamp. Both email, FTP and HTTP can be used to
-request such signature, depending on what is provided by the service
-used. Anyone with the document and the signature can then verify that
-the document matches the signature by creating their own hash and
-checking the signature using the trusted third party public key.
-There are several commercial services around providing such
-timestamping. A quick search for
-"<a href="https://duckduckgo.com/?q=rfc+3161+service">rfc 3161
-service</a>" pointed me to at least
-<a href="https://www.digistamp.com/technical/how-a-digital-time-stamp-works/">DigiStamp</a>,
-<a href="http://www.quovadisglobal.co.uk/CertificateServices/SigningServices/TimeStamp.aspx">Quo
-Vadis</a>,
-<a href="https://www.globalsign.com/timestamp-service/">Global Sign</a>
-and <a href="http://www.globaltrustfinder.com/TSADefault.aspx">Global
-Trust Finder</a>. The system work as long as the private key of the
-trusted third party is not compromised.</p>
-
-<p>But as far as I can tell, there are very few public trusted
-timestamp services available for everyone. I've been looking for one
-for a while now. But yesterday I found one over at
-<a href="https://www.pki.dfn.de/zeitstempeldienst/">Deutches
-Forschungsnetz</a> mentioned in
-<a href="http://www.d-mueller.de/blog/dealing-with-trusted-timestamps-in-php-rfc-3161/">a
-blog by David Müller</a>. I then found
-<a href="http://www.rz.uni-greifswald.de/support/dfn-pki-zertifikate/zeitstempeldienst.html">a
-good recipe on how to use the service</a> over at the University of
-Greifswald.</p>
-
-<p><a href="http://www.openssl.org/">The OpenSSL library</a> contain
-both server and tools to use and set up your own signing service. See
-the ts(1SSL), tsget(1SSL) manual pages for more details. The
-following shell script demonstrate how to extract a signed timestamp
-for any file on the disk in a Debian environment:</p>
-
-<p><blockquote><pre>
-#!/bin/sh
-set -e
-url="http://zeitstempel.dfn.de"
-caurl="https://pki.pca.dfn.de/global-services-ca/pub/cacert/chain.txt"
-reqfile=$(mktemp -t tmp.XXXXXXXXXX.tsq)
-resfile=$(mktemp -t tmp.XXXXXXXXXX.tsr)
-cafile=chain.txt
-if [ ! -f $cafile ] ; then
- wget -O $cafile "$caurl"
-fi
-openssl ts -query -data "$1" -cert | tee "$reqfile" \
- | /usr/lib/ssl/misc/tsget -h "$url" -o "$resfile"
-openssl ts -reply -in "$resfile" -text 1>&2
-openssl ts -verify -data "$1" -in "$resfile" -CAfile "$cafile" 1>&2
-base64 < "$resfile"
-rm "$reqfile" "$resfile"
-</pre></blockquote></p>
-
-<p>The argument to the script is the file to timestamp, and the output
-is a base64 encoded version of the signature to STDOUT and details
-about the signature to STDERR. Note that due to
-<a href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742553">a bug
-in the tsget script</a>, you might need to modify the included script
-and remove the last line. Or just write your own HTTP uploader using
-curl. :) Now you too can prove and verify that files have not been
-changed.</p>
-
-<p>But the Internet need more public trusted timestamp services.
-Perhaps something for <a href="http://www.uninett.no/">Uninett</a> or
-my work place the <a href="http://www.uio.no/">University of Oslo</a>
-to set up?</p>
-</div>
- <div class="tags">
-
-
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet</a>.
-
-
- </div>
- </div>
- <div class="padding"></div>
-
- <div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/Video_DVD_reader_library___python_dvdvideo___nice_free_software.html">Video DVD reader library / python-dvdvideo - nice free software</a></div>
- <div class="date">21st March 2014</div>
- <div class="body"><p>Keeping your DVD collection safe from scratches and curious
-children fingers while still having it available when you want to see a
-movie is not straight forward. My preferred method at the moment is
-to store a full copy of the ISO on a hard drive, and use VLC, Popcorn
-Hour or other useful players to view the resulting file. This way the
-subtitles and bonus material are still available and using the ISO is
-just like inserting the original DVD record in the DVD player.</p>
-
-<p>Earlier I used dd for taking security copies, but it do not handle
-DVDs giving read errors (which are quite a few of them). I've also
-tried using
-<a href="http://people.skolelinux.org/pere/blog/Ripping_problematic_DVDs_using_dvdbackup_and_genisoimage.html">dvdbackup
-and genisoimage</a>, but these days I use the marvellous python library
-and program
-<a href="http://bblank.thinkmo.de/blog/new-software-python-dvdvideo">python-dvdvideo</a>
-written by Bastian Blank. It is
-<a href="http://packages.qa.debian.org/p/python-dvdvideo.html">in Debian
-already</a> and the binary package name is python3-dvdvideo. Instead
-of trying to read every block from the DVD, it parses the file
-structure and figure out which block on the DVD is actually in used,
-and only read those blocks from the DVD. This work surprisingly well,
-and I have been able to almost backup my entire DVD collection using
-this method.</p>
-
-<p>So far, python-dvdvideo have failed on between 10 and
-20 DVDs, which is a small fraction of my collection. The most common
-problem is
-<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720831">DVDs
-using UTF-16 instead of UTF-8 characters</a>, which according to
-Bastian is against the DVD specification (and seem to cause some
-players to fail too). A rarer problem is what seem to be inconsistent
-DVD structures, as the python library
-<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723079">claim
-there is a overlap between objects</a>. An equally rare problem claim
-<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741878">some
-value is out of range</a>. No idea what is going on there. I wish I
-knew enough about the DVD format to fix these, to ensure my movie
-collection will stay with me in the future.</p>
-
-<p>So, if you need to keep your DVDs safe, back them up using
-python-dvdvideo. :)</p>
-</div>
- <div class="tags">
-
-
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia</a>, <a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett</a>, <a href="http://people.skolelinux.org/pere/blog/tags/video">video</a>.
-
-
- </div>
- </div>
- <div class="padding"></div>
-
- <div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/Norsk_utgave_av_Alaveteli___WhatDoTheyKnow_p__trappene.html">Norsk utgave av Alaveteli / WhatDoTheyKnow på trappene</a></div>
- <div class="date">16th March 2014</div>
- <div class="body"><p>Det offentlige Norge har mye kunnskap og informasjon. Men hvordan
-kan en få tilgang til den på en enkel måte? Takket være et lite
-knippe lover og tilhørende forskrifter, blant annet
-<a href="http://lovdata.no/dokument/NL/lov/2006-05-19-16">offentlighetsloven</a>,
-<a href="http://lovdata.no/dokument/NL/lov/2003-05-09-31">miljøinformasjonsloven</a>
-og
-<a href="http://lovdata.no/dokument/NL/lov/1967-02-10/">forvaltningsloven</a>
-har en rett til å spørre det offentlige og få svar. Men det finnes
-intet offentlig arkiv over hva andre har spurt om, og dermed risikerer en
-å måtte forstyrre myndighetene gang på gang for å få tak i samme
-informasjonen på nytt. <a href="http://www.mysociety.org/">Britiske
-mySociety</a> har laget tjenesten
-<a href="http://www.whatdotheyknow.com/">WhatDoTheyKnow</a> som gjør
-noe med dette. I Storbritannia blir WhatdoTheyKnow brukt i
-<a href="http://www.mysociety.org/2011/07/01/whatdotheyknows-share-of-central-government-foi-requests-q2-2011/">ca
-15% av alle innsynsforespørsler mot sentraladministrasjonen</a>.
-Prosjektet heter <a href="http://www.alaveteli.org/">Alaveteli</A>, og
-er takk i bruk en rekke steder etter at løsningen ble generalisert og
-gjort mulig å oversette. Den hjelper borgerne med å be om innsyn,
-rådgir ved purringer og klager og lar alle se hvilke henvendelser som
-er sendt til det offentlige og hvilke svar som er kommet inn, i et
-søkpart arkiv. Her i Norge holder vi i foreningen NUUG på å få opp en
-norsk utgave av Alaveteli, og her trenger vi din hjelp med
-oversettelsen.</p>
-
-<p>Så langt er 76 % av Alaveteli oversatt til norsk bokmål, men vi
-skulle gjerne vært oppe i 100 % før lansering. Oversettelsen gjøres
-på <a href="https://www.transifex.com/projects/p/alaveteli/">Transifex,
-der enhver som registrerer seg</a> og ber om tilgang til
-bokmålsoversettelsen får bidra. Vi har satt opp en test av tjenesten
-(som ikke sender epost til det offentlige, kun til oss som holder på å
-sette opp tjenesten) på maskinen
-<a href="http://alaveteli-dev.nuug.no/">alaveteli-dev.nuug.no</a>, der
-en kan se hvordan de oversatte meldingen blir seende ut på nettsiden.
-Når tjenesten lanseres vil den hete
-<a href="https://www.mimesbrønn.no/">Mimes brønn</a>, etter
-visdomskilden som Odin måtte gi øyet sitt for å få drikke i. Den
-nettsiden er er ennå ikke klar til bruk.</p>
-
-<p>Hvis noen vil oversette til nynorsk også, så skal vi finne ut
-hvordan vi lager en flerspråklig tjeneste. Men i første omgang er
-fokus på bokmålsoversettelsen, der vi selv har nok peiling til å ha
-fått oversatt 76%, men trenger hjelp for å komme helt i mål. :)</p>
-</div>
- <div class="tags">
-
-
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug</a>, <a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn</a>.
-
-
- </div>
- </div>
- <div class="padding"></div>
-
- <div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html">Freedombox on Dreamplug, Raspberry Pi and virtual x86 machine</a></div>
- <div class="date">14th March 2014</div>
- <div class="body"><p>The <a href="https://wiki.debian.org/FreedomBox">Freedombox
-project</a> is working on providing the software and hardware for
-making it easy for non-technical people to host their data and
-communication at home, and being able to communicate with their
-friends and family encrypted and away from prying eyes. It has been
-going on for a while, and is slowly progressing towards a new test
-release (0.2).</p>
-
-<p>And what day could be better than the Pi day to announce that the
-new version will provide "hard drive" / SD card / USB stick images for
-Dreamplug, Raspberry Pi and VirtualBox (or any other virtualization
-system), and can also be installed using a Debian installer preseed
-file. The Debian based Freedombox is now based on Debian Jessie,
-where most of the needed packages used are already present. Only one,
-the freedombox-setup package, is missing. To try to build your own
-boot image to test the current status, fetch the freedom-maker scripts
-and build using
-<a href="http://packages.qa.debian.org/vmdebootstrap">vmdebootstrap</a>
-with a user with sudo access to become root:
-
-<pre>
-git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \
- freedom-maker
-sudo apt-get install git vmdebootstrap mercurial python-docutils \
- mktorrent extlinux virtualbox qemu-user-static binfmt-support \
- u-boot-tools
-make -C freedom-maker dreamplug-image raspberry-image virtualbox-image
-</pre>
-
-<p>Root access is needed to run debootstrap and mount loopback
-devices. See the README for more details on the build. If you do not
-want all three images, trim the make line. But note that thanks to <a
-href="https://bugs.debian.org/741407">a race condition in
-vmdebootstrap</a>, the build might fail without the patch to the
-kpartx call.</p>
-
-<p>If you instead want to install using a Debian CD and the preseed
-method, boot a Debian Wheezy ISO and use this boot argument to load
-the preseed values:</p>
-
-<pre>
-url=<a href="http://www.reinholdtsen.name/freedombox/preseed-jessie.dat">http://www.reinholdtsen.name/freedombox/preseed-jessie.dat</a>
-</pre>
-
-<p>But note that due to <a href="https://bugs.debian.org/740673">a
-recently introduced bug in apt in Jessie</a>, the installer will
-currently hang while setting up APT sources. Killing the
-'<tt>apt-cdrom ident</tt>' process when it hang a few times during the
-installation will get the installation going. This affect all
-installations in Jessie, and I expect it will be fixed soon.</p>
-
-<p>Give it a go and let us know how it goes on the mailing list, and help
-us get the new release published. :) Please join us on
-<a href="irc://irc.debian.org:6667/%23freedombox">IRC (#freedombox on
-irc.debian.org)</a> and
-<a href="http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss">the
-mailing list</a> if you want to help make this vision come true.</p>
-</div>
- <div class="tags">
-
-
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox</a>, <a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet</a>, <a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance</a>, <a href="http://people.skolelinux.org/pere/blog/tags/web">web</a>.
-
-
- </div>
- </div>
- <div class="padding"></div>
-
- <div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/How_to_add_extra_storage_servers_in_Debian_Edu___Skolelinux.html">How to add extra storage servers in Debian Edu / Skolelinux</a></div>
- <div class="date">12th March 2014</div>
- <div class="body"><p>On larger sites, it is useful to use a dedicated storage server for
-storing user home directories and data. The design for handling this
-in <a href="http://www.skolelinux.org/">Debian Edu / Skolelinux</a>, is
-to update the automount rules in LDAP and let the automount daemon on
-the clients take care of the rest. I was reminded about the need to
-document this better when one of the customers of
-<a href="http://www.slxdrift.no/">Skolelinux Drift AS</a>, where I am
-on the board of directors, asked about how to do this. The steps to
-get this working are the following:</p>
-
-<p><ol>
-
-<li>Add new storage server in DNS. I use nas-server.intern as the
-example host here.</li>
-
-<li>Add automoun LDAP information about this server in LDAP, to allow
-all clients to automatically mount it on reqeust.</li>
-
-<li>Add the relevant entries in tjener.intern:/etc/fstab, because
-tjener.intern do not use automount to avoid mounting loops.</li>
-
-</ol></p>
-
-<p>DNS entries are added in GOsa², and not described here. Follow the
-<a href="https://wiki.debian.org/DebianEdu/Documentation/Wheezy/GettingStarted">instructions
-in the manual</a> (Machine Management with GOsa² in section Getting
-started).</p>
-
-<p>Ensure that the NFS export points on the server are exported to the
-relevant subnets or machines:</p>
-
-<p><blockquote><pre>
-root@tjener:~# showmount -e nas-server
-Export list for nas-server:
-/storage 10.0.0.0/8
-root@tjener:~#
-</pre></blockquote></p>
-
-<p>Here everything on the backbone network is granted access to the
-/storage export. With NFSv3 it is slightly better to limit it to
-netgroup membership or single IP addresses to have some limits on the
-NFS access.</p>
-
-<p>The next step is to update LDAP. This can not be done using GOsa²,
-because it lack a module for automount. Instead, use ldapvi and add
-the required LDAP objects using an editor.</p>
-
-<p><blockquote><pre>
-ldapvi --ldap-conf -ZD '(cn=admin)' -b ou=automount,dc=skole,dc=skolelinux,dc=no
-</pre></blockquote></p>
-
-<p>When the editor show up, add the following LDAP objects at the
-bottom of the document. The "/&" part in the last LDAP object is a
-wild card matching everything the nas-server exports, removing the
-need to list individual mount points in LDAP.</p>
-
-<p><blockquote><pre>
-add cn=nas-server,ou=auto.skole,ou=automount,dc=skole,dc=skolelinux,dc=no
-objectClass: automount
-cn: nas-server
-automountInformation: -fstype=autofs --timeout=60 ldap:ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
-
-add ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
-objectClass: top
-objectClass: automountMap
-ou: auto.nas-server
-
-add cn=/,ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
-objectClass: automount
-cn: /
-automountInformation: -fstype=nfs,tcp,rsize=32768,wsize=32768,rw,intr,hard,nodev,nosuid,noatime nas-server.intern:/&
-</pre></blockquote></p>
-
-<p>The last step to remember is to mount the relevant mount points in
-tjener.intern by adding them to /etc/fstab, creating the mount
-directories using mkdir and running "mount -a" to mount them.</p>
-
-<p>When this is done, your users should be able to access the files on
-the storage server directly by just visiting the
-/tjener/nas-server/storage/ directory using any application on any
-workstation, LTSP client or LTSP server.</p>
-</div>
- <div class="tags">
-
-
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap</a>.
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/dld">dld</a>, <a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox</a>, <a href="http://people.skolelinux.org/pere/blog/tags/mesh network">mesh network</a>, <a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk</a>, <a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern</a>, <a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet</a>, <a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance</a>.
</div>
<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/03/">March (8)</a></li>
-<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/04/">April (3)</a></li>
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/04/">April (7)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/05/">May (1)</a></li>
</ul></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/chrpath">chrpath (2)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (96)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (98)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (146)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/digistan">digistan (10)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/dld">dld (15)</a></li>
+
<li><a href="http://people.skolelinux.org/pere/blog/tags/docbook">docbook (10)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (243)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (247)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (21)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/freeculture">freeculture (12)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox (7)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox (8)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/frikanalen">frikanalen (11)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/intervju">intervju (40)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/isenkram">isenkram (7)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/isenkram">isenkram (9)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (18)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/mesh network">mesh network (8)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (26)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (27)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (244)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (245)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug (162)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/scraperwiki">scraperwiki (2)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (39)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (40)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary (4)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/stortinget">stortinget (9)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (24)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (25)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/sysadmin">sysadmin (1)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/valg">valg (8)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (40)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (41)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/vitenskap">vitenskap (4)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (29)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (31)</a></li>
</ul>
projects / homepage.git / blobdiff