<link>http://people.skolelinux.org/pere/blog/</link>
<atom:link href="http://people.skolelinux.org/pere/blog/index.rss" rel="self" type="application/rss+xml" />
+ <item>
+ <title>Debian init.d boot script example for rsyslog</title>
+ <link>http://people.skolelinux.org/pere/blog/Debian_init_d_boot_script_example_for_rsyslog.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Debian_init_d_boot_script_example_for_rsyslog.html</guid>
+ <pubDate>Sat, 2 Nov 2013 22:40:00 +0100</pubDate>
+ <description><p>If one of the points of switching to a new init system in Debian is
+<a href="http://thomas.goirand.fr/blog/?p=147">to get rid of huge
+init.d scripts</a>, I doubt we need to switch away from sysvinit and
+init.d scripts at all. Here is an example init.d script, ie a rewrite
+of /etc/init.d/rsyslog:</p>
+
+<p><pre>
+#!/lib/init/init-d-script
+### BEGIN INIT INFO
+# Provides: rsyslog
+# Required-Start: $remote_fs $time
+# Required-Stop: umountnfs $time
+# X-Stop-After: sendsigs
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: enhanced syslogd
+# Description: Rsyslog is an enhanced multi-threaded syslogd.
+# It is quite compatible to stock sysklogd and can be
+# used as a drop-in replacement.
+### END INIT INFO
+DESC="enhanced syslogd"
+DAEMON=/usr/sbin/rsyslogd
+</pre></p>
+
+<p>Pretty minimalistic to me... For the record, the original sysv-rc
+script was 137 lines, and the above is just 15 lines, most of it meta
+info/comments.</p>
+
+<p>How to do this, you ask? Well, one create a new script
+/lib/init/init-d-script looking something like this:
+
+<p><pre>
+#!/bin/sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
+# and status_of_proc is working.
+. /lib/lsb/init-functions
+
+#
+# Function that starts the daemon/service
+
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS \
+ || return 2
+ # Add code here, if necessary, that waits for the process to be ready
+ # to handle requests from services started subsequently which depend
+ # on this one. As a last resort, sleep for some time.
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Wait for children to finish too if this is a daemon that forks
+ # and if the daemon is only ever run from this initscript.
+ # If the above conditions are not satisfied then add some other code
+ # that waits for the process to drop all resources that could be
+ # needed by services started subsequently. A last resort is to
+ # sleep for some time.
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
+ [ "$?" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ #
+ # If the daemon can reload its configuration without
+ # restarting (for example, when it is sent a SIGHUP),
+ # then implement that here.
+ #
+ start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
+ return 0
+}
+
+SCRIPTNAME=$1
+scriptbasename="$(basename $1)"
+echo "SN: $scriptbasename"
+if [ "$scriptbasename" != "init-d-library" ] ; then
+ script="$1"
+ shift
+ . $script
+else
+ exit 0
+fi
+
+NAME=$(basename $DAEMON)
+PIDFILE=/var/run/$NAME.pid
+
+# Exit if the package is not installed
+#[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ #reload|force-reload)
+ #
+ # If do_reload() is not implemented then leave this commented out
+ # and leave 'force-reload' as an alias for 'restart'.
+ #
+ #log_daemon_msg "Reloading $DESC" "$NAME"
+ #do_reload
+ #log_end_msg $?
+ #;;
+ restart|force-reload)
+ #
+ # If the "reload" option is implemented then remove the
+ # 'force-reload' alias
+ #
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+:
+</pre></p>
+
+<p>It is based on /etc/init.d/skeleton, and could be improved quite a
+lot. I did not really polish the approach, so it might not always
+work out of the box, but you get the idea. I did not try very hard to
+optimize it nor make it more robust either.</p>
+
+<p>A better argument for switching init system in Debian than reducing
+the size of init scripts (which is a good thing to do anyway), is to
+get boot system that is able to handle the kernel events sensibly and
+robustly, and do not depend on the boot to run sequentially. The boot
+and the kernel have not behaved sequentially in years.</p>
+</description>
+ </item>
+
+ <item>
+ <title>Browser plugin for SPICE (spice-xpi) uploaded to Debian</title>
+ <link>http://people.skolelinux.org/pere/blog/Browser_plugin_for_SPICE__spice_xpi__uploaded_to_Debian.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Browser_plugin_for_SPICE__spice_xpi__uploaded_to_Debian.html</guid>
+ <pubDate>Fri, 1 Nov 2013 11:00:00 +0100</pubDate>
+ <description><p><a href="http://www.spice-space.org/">The SPICE protocol</a> for
+remote display access is the preferred solution with oVirt and RedHat
+Enterprise Virtualization, and I was sad to discover the other day
+that the browser plugin needed to use these systems seamlessly was
+missing in Debian. The <a href="http://bugs.debian.org/668284">request
+for a package</a> was from 2012-04-10 with no progress since
+2013-04-01, so I decided to wrap up a package based on the great work
+from Cajus Pollmeier and put it in a collab-maint maintained git
+repository to get a package I could use. I would very much like
+others to help me maintain the package (or just take over, I do not
+mind), but as no-one had volunteered so far, I just uploaded it to
+NEW. I hope it will be available in Debian in a few days.</p>
+
+<p>The source is now available from
+<a href="http://anonscm.debian.org/gitweb/?p=collab-maint/spice-xpi.git;a=summary">http://anonscm.debian.org/gitweb/?p=collab-maint/spice-xpi.git;a=summary</a>.</p>
+</description>
+ </item>
+
+ <item>
+ <title>Teaching vmdebootstrap to create Raspberry Pi SD card images</title>
+ <link>http://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html</guid>
+ <pubDate>Sun, 27 Oct 2013 17:00:00 +0100</pubDate>
+ <description><p>The
+<a href="http://packages.qa.debian.org/v/vmdebootstrap.html">vmdebootstrap</a>
+program is a a very nice system to create virtual machine images. It
+create a image file, add a partition table, mount it and run
+debootstrap in the mounted directory to create a Debian system on a
+stick. Yesterday, I decided to try to teach it how to make images for
+<a href="https://wiki.debian.org/RaspberryPi">Raspberry Pi</a>, as part
+of a plan to simplify the build system for
+<a href="https://wiki.debian.org/FreedomBox">the FreedomBox
+project</a>. The FreedomBox project already uses vmdebootstrap for
+the virtualbox images, but its current build system made multistrap
+based system for Dreamplug images, and it is lacking support for
+Raspberry Pi.</p>
+
+<p>Armed with the knowledge on how to build "foreign" (aka non-native
+architecture) chroots for Raspberry Pi, I dived into the vmdebootstrap
+code and adjusted it to be able to build armel images on my amd64
+Debian laptop. I ended up giving vmdebootstrap five new options,
+allowing me to replicate the image creation process I use to make
+<a href="http://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html">Debian
+Jessie based mesh node images for the Raspberry Pi</a>. First, the
+<tt>--foreign /path/to/binfm_handler</tt> option tell vmdebootstrap to
+call debootstrap with --foreign and to copy the handler into the
+generated chroot before running the second stage. This allow
+vmdebootstrap to create armel images on an amd64 host. Next I added
+two new options <tt>--bootsize size</tt> and <tt>--boottype
+fstype</tt> to teach it to create a separate /boot/ partition with the
+given file system type, allowing me to create an image with a vfat
+partition for the /boot/ stuff. I also added a <tt>--variant
+variant</tt> option to allow me to create smaller images without the
+Debian base system packages installed. Finally, I added an option
+<tt>--no-extlinux</tt> to tell vmdebootstrap to not install extlinux
+as a boot loader. It is not needed on the Raspberry Pi and probably
+most other non-x86 architectures. The changes were accepted by the
+upstream author of vmdebootstrap yesterday and today, and is now
+available from
+<a href="http://git.liw.fi/cgi-bin/cgit/cgit.cgi/vmdebootstrap/">the
+upstream project page</a>.</p>
+
+<p>To use it to build a Raspberry Pi image using Debian Jessie, first
+create a small script (the customize script) to add the non-free
+binary blob needed to boot the Raspberry Pi and the APT source
+list:</p>
+
+<p><pre>
+#!/bin/sh
+set -e # Exit on first error
+rootdir="$1"
+cd "$rootdir"
+cat &lt;&lt;EOF > etc/apt/sources.list
+deb http://http.debian.net/debian/ jessie main contrib non-free
+EOF
+# Install non-free binary blob needed to boot Raspberry Pi. This
+# install a kernel somewhere too.
+wget https://raw.github.com/Hexxeh/rpi-update/master/rpi-update \
+ -O $rootdir/usr/bin/rpi-update
+chmod a+x $rootdir/usr/bin/rpi-update
+mkdir -p $rootdir/lib/modules
+touch $rootdir/boot/start.elf
+chroot $rootdir rpi-update
+</pre></p>
+
+<p>Next, fetch the latest vmdebootstrap script and call it like this
+to build the image:</p>
+
+<pre>
+sudo ./vmdebootstrap \
+ --variant minbase \
+ --arch armel \
+ --distribution jessie \
+ --mirror http://http.debian.net/debian \
+ --image test.img \
+ --size 600M \
+ --bootsize 64M \
+ --boottype vfat \
+ --log-level debug \
+ --verbose \
+ --no-kernel \
+ --no-extlinux \
+ --root-password raspberry \
+ --hostname raspberrypi \
+ --foreign /usr/bin/qemu-arm-static \
+ --customize `pwd`/customize \
+ --package netbase \
+ --package git-core \
+ --package binutils \
+ --package ca-certificates \
+ --package wget \
+ --package kmod
+</pre></p>
+
+<p>The list of packages being installed are the ones needed by
+rpi-update to make the image bootable on the Raspberry Pi, with the
+exception of netbase, which is needed by debootstrap to find
+/etc/hosts with the minbase variant. I really wish there was a way to
+set up an Raspberry Pi using only packages in the Debian archive, but
+that is not possible as far as I know, because it boots from the GPU
+using a non-free binary blob.</p>
+
+<p>The build host need debootstrap, kpartx and qemu-user-static and
+probably a few others installed. I have not checked the complete
+build dependency list.</p>
+
+<p>The resulting image will not use the hardware floating point unit
+on the Raspberry PI, because the armel architecture in Debian is not
+optimized for that use. So the images created will be a bit slower
+than <a href="http://www.raspbian.org/">Raspbian</a> based images.</p>
+</description>
+ </item>
+
<item>
<title>Det er jo makta som er mest sårbar ved massiv overvåkning av Internett</title>
<link>http://people.skolelinux.org/pere/blog/Det_er_jo_makta_som_er_mest_s_rbar_ved_massiv_overv_kning_av_Internett.html</link>
</description>
</item>
- <item>
- <title>Videos about the Freedombox project - for inspiration and learning</title>
- <link>http://people.skolelinux.org/pere/blog/Videos_about_the_Freedombox_project___for_inspiration_and_learning.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Videos_about_the_Freedombox_project___for_inspiration_and_learning.html</guid>
- <pubDate>Fri, 27 Sep 2013 14:10:00 +0200</pubDate>
- <description><p>The <a href="http://www.freedomboxfoundation.org/">Freedombox
-project</a> have been going on for a while, and have presented the
-vision, ideas and solution several places. Here is a little
-collection of videos of talks and presentation of the project.</p>
-
-<ul>
-
-<li><a href="http://www.youtube.com/watch?v=ukvUz5taxvA">FreedomBox -
-2,5 minute marketing film</a> (Youtube)</li>
-
-<li><a href="http://www.youtube.com/watch?v=SzW25QTVWsE">Eben Moglen
-discusses the Freedombox on CBS news 2011</a> (Youtube)</li>
-
-<li><a href="http://www.youtube.com/watch?v=Ae8SZbxfE0g">Eben Moglen -
-Freedom in the Cloud - Software Freedom, Privacy and and Security for
-Web 2.0 and Cloud computing at ISOC-NY Public Meeting 2010</a>
-(Youtube)</li>
-
-<li><a href="http://www.youtube.com/watch?v=vNaIji_3xBE">Fosdem 2011
-Keynote by Eben Moglen presenting the Freedombox</a> (Youtube)</li>
-
-<li><a href="http://www.youtube.com/watch?v=9bDDUyJSQ9s">Presentation of
-the Freedombox by James Vasile at Elevate in Gratz 2011</a> (Youtube)</li>
-
-<li><a href="http://www.youtube.com/watch?v=zQTmnk27g9s"> Freedombox -
-Discovery, Identity, and Trust by Nick Daly at Freedombox Hackfest New
-York City in 2012</a> (Youtube)</li>
-
-<li><a href="http://www.youtube.com/watch?v=tkbSB4Ba7Ck">Introduction
-to the Freedombox at Freedombox Hackfest New York City in 2012</a>
-(Youtube)</li>
-
-<li><a href="http://www.youtube.com/watch?v=z-P2Jaeg0aQ">Freedom, Out
-of the Box! by Bdale Garbee at linux.conf.au Ballarat, 2012</a> (Youtube) </li>
-
-<li><a href="https://archive.fosdem.org/2013/schedule/event/freedombox/">Freedombox
-1.0 by Eben Moglen and Bdale Garbee at Fosdem 2013</a> (FOSDEM) </li>
-
-<li><a href="http://www.youtube.com/watch?v=e1LpYX2zVYg">What is the
-FreedomBox today by Bdale Garbee at Debconf13 in Vaumarcus
-2013</a> (Youtube)</li>
-
-</ul>
-
-<p>A larger list is available from
-<a href="https://wiki.debian.org/FreedomBox/TalksAndPresentations">the
-Freedombox Wiki</a>.</p>
-
-<p>On other news, I am happy to report that Freedombox based on Debian
-Jessie is coming along quite well, and soon both Owncloud and using
-Tor should be available for testers of the Freedombox solution. :) In
-a few weeks I hope everything needed to test it is included in Debian.
-The withsqlite package is already in Debian, and the plinth package is
-pending in NEW. The third and vital part of that puzzle is the
-metapackage/setup framework, which is still pending an upload. Join
-us on <a href="irc://irc.debian.org:6667/%23freedombox">IRC
-(#freedombox on irc.debian.org)</a> and
-<a href="http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss">the
-mailing list</a> if you want to help make this vision come true.</p>
-</description>
- </item>
-
- <item>
- <title>Third and probably last beta release of Debian Edu Wheezy</title>
- <link>http://people.skolelinux.org/pere/blog/Third_and_probably_last_beta_release_of_Debian_Edu_Wheezy.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Third_and_probably_last_beta_release_of_Debian_Edu_Wheezy.html</guid>
- <pubDate>Mon, 16 Sep 2013 21:30:00 +0200</pubDate>
- <description><p>The third wheezy based beta release of Debian Edu was wrapped up
-today. This is the release announcement from Holger Levsen:</p>
-
-<blockquote>
-<p>Hi,</p>
-
-<p>it is my pleasure to announce the third beta release (beta 2 for
-short) of <a href="http://www.skolelinux.org/">Debian Edu /
-Skolelinux</a> based on Debian Wheezy!</p>
-
-<p>Please test these images extensivly, if no new problems are found
-we plan to do this final Debian Edu Wheezy release this coming
-weekend. We are not aware of any major problems or blockers in beta2,
-if you find something, please notify us immediately!</p>
-
-<p>(More about the remaining steps for the Edu Wheezy release in
-another mail to the edu list tonight or tomorrow...)</p>
-
-<p>Noteworthy changes and software updates for Debian Edu 7.1+edu0~b2
-compared to beta1:</p>
-
-<ul>
-
-<li>The KDE proxy setup has been adjusted to use the provided wpad.dat. This
-also gets Chromium to use this proxy.</li>
-<li>Install kdepim-groupware with KDE desktops to make sure korganizer
-understand ical/dav sources.</li>
-<li>Increased default maximum size of /var/spool/squid and /skole/backup on the
-main server.</li>
-<li>A source DVD image containing all source packages is now available as well.</li>
-<li>Updates for chromium (29.0.1547.57-1~deb7u1), imagemagick
-(6.7.7.10-5+deb7u2), php5 (5.4.4-14+deb7u4), libmodplug
-(0.8.8.4-3+deb7u1+git20130828), tiff (4.0.2-6+deb7u2), linux-image
-(3.2.0-4-486_3.2.46-1+deb7u1).</li>
-
-</ul>
-
-<p>Where to get it:</p>
-
-<p>To download the multiarch netinstall CD release you can use</p>
-
-<ul>
-<li><a href="ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-CD.iso">ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-CD.iso</a></li>
-<li><a href="http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-CD.iso">http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-CD.iso</a></li>
-<li>rsync -avzP ftp.skolelinux.org::skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-CD.iso .</li>
-</ul>
-
-<p>The SHA1SUM of this image is: 3a1c89f4666df80eebcd46c5bf5fedb866f9472f</p>
-
-<p>To download the multiarch USB stick ISO release you can use
-<ul>
-<li><a href="ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-USB.iso">ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-USB.iso</a></li>
-<li><a href="http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-USB.iso">http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-USB.iso</a></li>
-<li>rsync -avzP ftp.skolelinux.org::skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-USB.iso .</li>
-</ul>
-
-<p>The SHA1SUM of this image is: 702d1718548f401c74bfa6df9f032cc3ee16597e</p>
-
-<p>The Source DVD image has the filename
-debian-edu-7.1+edu0~b2-source-DVD.iso and the SHA1SUM
-089eed8b3f962db47aae1f6a9685e9bb2fa30ca5 and is available the same way
-as the other isos.</p>
-
-<p>How to report bugs</p>
-
-<p>For information how to report bugs please see
-<br><a href="http://wiki.debian.org/DebianEdu/HowTo/ReportBugs">http://wiki.debian.org/DebianEdu/HowTo/ReportBugs</a></p>
-
-
-<p>About Debian Edu and Skolelinux</p>
-
-<p>Debian Edu, also known as Skolelinux, is a Linux distribution based
-on Debian providing an out-of-the box environment of a completely
-configured school network. Immediately after installation a school
-server running all services needed for a school network is set up just
-waiting for users and machines being added via GOsa², a comfortable
-Web-UI. A netbooting environment is prepared using PXE, so after
-initial installation of the main server from CD or USB stick all other
-machines can be installed via the network. The provided school server
-provides LDAP database and Kerberos authentication service,
-centralized home directories, DHCP server, web proxy and many other
-services. The desktop contains more than 60 educational software
-packages and more are available from the Debian archive, and schools
-can choose between KDE, Gnome, LXDE and Xfce desktop environment.</p>
-
-<p>This is the seventh test release based on Debian Wheezy. Basically
-this is an updated and slightly improved version compared to the
-Squeeze release.</p>
-
-<p>Notes for upgrades from Alpha Prereleases</p>
-
-<p>Alpha based installations should reinstall or downgrade the
-versions of gosa and libpam-mklocaluser to the ones used in this beta
-release. Both alpha and beta0 based installations should reinstall or
-deal with gosa.conf manually; there are two options: (1) Keep
-gosa.conf and edit this file as outlined on the mailing list. (2)
-Accept the new version of gosa.conf and replace both contained admin
-password placeholders with the password hashes found in the old one
-(backup copy!). In both cases all users need to change their password
-to make sure a password is set for CIFS access to their home
-directory.</p>
-
-
-<p>cheers,
-<br> Holger</p>
-</blockquote>
-</description>
- </item>
-
- <item>
- <title>Recipe to test the Freedombox project on amd64 or Raspberry Pi</title>
- <link>http://people.skolelinux.org/pere/blog/Recipe_to_test_the_Freedombox_project_on_amd64_or_Raspberry_Pi.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Recipe_to_test_the_Freedombox_project_on_amd64_or_Raspberry_Pi.html</guid>
- <pubDate>Tue, 10 Sep 2013 14:20:00 +0200</pubDate>
- <description><p>I was introduced to the
-<a href="http://www.freedomboxfoundation.org/">Freedombox project</a>
-in 2010, when Eben Moglen presented his vision about serving the need
-of non-technical people to keep their personal information private and
-within the legal protection of their own homes. The idea is to give
-people back the power over their network and machines, and return
-Internet back to its intended peer-to-peer architecture. Instead of
-depending on a central service, the Freedombox will give everyone
-control over their own basic infrastructure.</p>
-
-<p>I've intended to join the effort since then, but other tasks have
-taken priority. But this summers nasty news about the misuse of trust
-and privilege exercised by the "western" intelligence gathering
-communities increased my eagerness to contribute to a point where I
-actually started working on the project a while back.</p>
-
-<p>The <a href="https://alioth.debian.org/projects/freedombox/">initial
-Debian initiative</a> based on the vision from Eben Moglen, is to
-create a simple and cheap Debian based appliance that anyone can hook
-up in their home and get access to secure and private services and
-communication. The initial deployment platform have been the
-<a href="http://www.globalscaletechnologies.com/t-dreamplugdetails.aspx">Dreamplug</a>,
-which is a piece of hardware I do not own. So to be able to test what
-the current Freedombox setup look like, I had to come up with a way to install
-it on some hardware I do have access to. I have rewritten the
-<a href="https://github.com/NickDaly/freedom-maker">freedom-maker</a>
-image build framework to use .deb packages instead of only copying
-setup into the boot images, and thanks to this rewrite I am able to
-set up any machine supported by Debian Wheezy as a Freedombox, using
-the previously mentioned deb (and a few support debs for packages
-missing in Debian).</p>
-
-<p>The current Freedombox setup consist of a set of bootstrapping
-scripts
-(<a href="https://github.com/petterreinholdtsen/freedombox-setup">freedombox-setup</a>),
-and a administrative web interface
-(<a href="https://github.com/NickDaly/Plinth">plinth</a> + exmachina +
-withsqlite), as well as a privacy enhancing proxy based on
-<a href="http://packages.qa.debian.org/privoxy">privoxy</a>
-(freedombox-privoxy). There is also a web/javascript based XMPP
-client (<a href="http://packages.qa.debian.org/jwchat">jwchat</a>)
-trying (unsuccessfully so far) to talk to the XMPP server
-(<a href="http://packages.qa.debian.org/ejabberd">ejabberd</a>). The
-web interface is pluggable, and the goal is to use it to enable OpenID
-services, mesh network connectivity, use of TOR, etc, etc. Not much of
-this is really working yet, see
-<a href="https://github.com/NickDaly/freedombox-todos/blob/master/TODO">the
-project TODO</a> for links to GIT repositories. Most of the code is
-on github at the moment. The HTTP proxy is operational out of the
-box, and the admin web interface can be used to add/remove plinth
-users. I've not been able to do anything else with it so far, but
-know there are several branches spread around github and other places
-with lots of half baked features.</p>
-
-<p>Anyway, if you want to have a look at the current state, the
-following recipes should work to give you a test machine to poke
-at.</p>
-
-<p><strong>Debian Wheezy amd64</strong></p>
-
-<ol>
-
-<li>Fetch normal Debian Wheezy installation ISO.</li>
-<li>Boot from it, either as CD or USB stick.</li>
-<li><p>Press [tab] on the boot prompt and add this as a boot argument
-to the Debian installer:<p>
-<pre>url=<a href="http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat">http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat</a></pre></li>
-
-<li>Answer the few language/region/password questions and pick disk to
-install on.</li>
-
-<li>When the installation is finished and the machine have rebooted a
-few times, your Freedombox is ready for testing.</li>
-
-</ol>
-
-<p><strong>Raspberry Pi Raspbian</strong></p>
-
-<ol>
-
-<li>Fetch a Raspbian SD card image, create SD card.</li>
-<li>Boot from SD card, extend file system to fill the card completely.</li>
-<li><p>Log in and add this to /etc/sources.list:</p>
-<pre>
-deb <a href="http://www.reinholdtsen.name/freedombox/">http://www.reinholdtsen.name/freedombox</a> wheezy main
-</pre></li>
-<li><p>Run this as root:</p>
-<pre>
-wget -O - http://www.reinholdtsen.name/freedombox/BE1A583D.asc | \
- apt-key add -
-apt-get update
-apt-get install freedombox-setup
-/usr/lib/freedombox/setup
-</pre></li>
-<li>Reboot into your freshly created Freedombox.</li>
-
-</ol>
-
-<p>You can test it on other architectures too, but because the
-freedombox-privoxy package is binary, it will only work as intended on
-the architectures where I have had time to build the binary and put it
-in my APT repository. But do not let this stop you. It is only a
-short "<tt>apt-get source -b freedombox-privoxy</tt>" away. :)</p>
-
-<p>Note that by default Freedombox is a DHCP server on the
-192.168.1.0/24 subnet, so if this is your subnet be careful and turn
-off the DHCP server by running "<tt>update-rc.d isc-dhcp-server
-disable</tt>" as root.</p>
-
-<p>Please let me know if this works for you, or if you have any
-problems. We gather on the IRC channel
-<a href="irc://irc.debian.org:6667/%23freedombox">#freedombox</a> on
-irc.debian.org and the
-<a href="http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss">project
-mailing list</a>.</p>
-
-<p>Once you get your freedombox operational, you can visit
-<tt>http://your-host-name:8001/</tt> to see the state of the plint
-welcome screen (dead end - do not be surprised if you are unable to
-get past it), and next visit <tt>http://your-host-name:8001/help/</tt>
-to look at the rest of plinth. The default user is 'admin' and the
-default password is 'secret'.</p>
-</description>
- </item>
-
</channel>
</rss>
projects / homepage.git / blobdiff