X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/1a61a65f98e142155ea20c7a346739b629d5511f..d5419a21235ed29b12c81efeac4ade8ec1cc1a98:/blog/index.rss diff --git a/blog/index.rss b/blog/index.rss index 2d752b9efb..b623b75925 100644 --- a/blog/index.rss +++ b/blog/index.rss @@ -7,1007 +7,877 @@ - Recipe to test the Freedombox project on amd64 or Raspberry Pi - http://people.skolelinux.org/pere/blog/Recipe_to_test_the_Freedombox_project_on_amd64_or_Raspberry_Pi.html - http://people.skolelinux.org/pere/blog/Recipe_to_test_the_Freedombox_project_on_amd64_or_Raspberry_Pi.html - Tue, 10 Sep 2013 14:20:00 +0200 - <p>I was introduced to the -<a href="http://www.freedomboxfoundation.org/">Freedombox project</a> -in 2010, when Eben Moglen presented his vision about serving the need -of non-technical people to keep their personal information private and -within the legal protection of their own homes. The idea is to give -people back the power over their network and machines, and return -Internet back to its intended peer-to-peer architecture. Instead of -depending on a central service, the Freedombox will give everyone -control over their own basic infrastructure.</p> - -<p>I've intended to join the effort since then, but other tasks have -taken priority. But this summers nasty news about the misuse of trust -and privilege exercised by the "western" intelligence gathering -communities increased my eagerness to contribute to a point where I -actually started working on the project a while back.</p> - -<p>The <a href="https://alioth.debian.org/projects/freedombox/">initial -Debian initiative</a> based on the vision from Eben Moglen, is to -create a simple and cheap Debian based appliance that anyone can hook -up in their home and get access to secure and private services and -communication. The initial deployment platform have been the -<a href="http://www.globalscaletechnologies.com/t-dreamplugdetails.aspx">Dreamplug</a>, -which is a piece of hardware I do not own. So to be able to test what -the current Freedombox setup, I had to come up with a way to install -it on some hardware I do got access to. I have rewritten the -<a href="https://github.com/NickDaly/freedom-maker">freedom-maker</a> -image build framework to use .deb packages instead of only copying -setup into the boot images, and thanks to this rewrite I am able to -set up any machine supported by Debian Wheezy as a Freedombox, using -the previously mentioned deb (and a few support debs for packages -missing in Debian).</p> - -<p>The current Freedombox setup consist of a set of bootstrapping -scripts -(<a href="https://github.com/petterreinholdtsen/freedombox-setup">freedombox-setup</a>), -and a administrative web interface -(<a href="https://github.com/NickDaly/Plinth">plinth</a> + exmachina + -withsqlite), as well as a privacy enhancing proxy based on -<a href="http://packages.qa.debian.org/privoxy">privoxy</a> -(freedombox-privoxy). There is also a web/javascript based XMPP -client (<a href="http://packages.qa.debian.org/jwchat">jwchat</a>) -trying (unsuccessfully so far) to talk to the XMPP server -(<a href="http://packages.qa.debian.org/ejabberd">ejabberd</a>). The -web interface is pluggable, and the goal is to use it to enable OpenID -services, mesh network connectivity, use of TOR, etc, etc. Not much of -this is really working yet, see -<a href="https://github.com/NickDaly/freedombox-todos/blob/master/TODO">the -project TODO</a> for links to GIT repositories. Most of the code is -on github at the moment. The HTTP proxy is operational out of the -box, and the admin web interface can be used to add/remove plinth -users. I've not been able to do anything else with it so far, but -know there are several branches spread around github and other places -with lots of half baked features.</p> - -<p>Anyway, if you want to have a look at the current stat, the -following recipes should work to give you a test machine to poke -at.</p> - -<p><strong>Debian Wheezy amd64</strong></p> - -<ol> - -<li>Fetch normal Debian Wheezy installation ISO.</li> -<li>Boot from it, either as CD or USB stick.</li> -<li><p>Press [tab] on the boot prompt and add this as a boot argument -to the Debian installer:<p> -<pre>url=<a href="http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat">http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat</a></pre></li> - -<li>Answer the few language/region/password questions and pick disk to -install on.</li> - -<li>When the installation is finished and the machine have rebooted a -few times, your Freedombox is ready for testing.</li> - -</ol> - -<p><strong>Raspberry Pi Raspbian</strong></p> - -<ol> - -<li>Fetch a Raspbian SD card image, create SD card.</li> -<li>Boot from SD card, extend file system to fill the card completely.</li> -<li><p>Log in and add this to /etc/sources.list:</p> + Freedombox on Dreamplug, Raspberry Pi and virtual x86 machine + http://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html + http://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html + Fri, 14 Mar 2014 11:00:00 +0100 + <p>The <a href="https://wiki.debian.org/FreedomBox">Freedombox +project</a> is working on providing the software and hardware for +making it easy for non-technical people to host their data and +communication at home, and being able to communicate with their +friends and family encrypted and away from prying eyes. It has been +going on for a while, and is slowly progressing towards a new test +release (0.2).</p> + +<p>And what day could be better than the Pi day to announce that the +new version will provide "hard drive" / SD card / USB stick images for +Dreamplug, Raspberry Pi and VirtualBox (or any other virtualization +system), and can also be installed using a Debian installer preseed +file. The Debian based Freedombox is now based on Debian Jessie, +where most of the needed packages used are already present. Only one, +the freedombox-setup package, is missing. To try to build your own +boot image to test the current status, fetch the freedom-maker scripts +and build using +<a href="http://packages.qa.debian.org/vmdebootstrap">vmdebootstrap</a> +with a user with sudo access to become root: + <pre> -deb <a href="http://www.reinholdtsen.name/freedombox/">http://www.reinholdtsen.name/freedombox</a> wheezy main -</pre></li> -<li><p>Run this as root:</p> +git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \ + freedom-maker +sudo apt-get install git vmdebootstrap mercurial python-docutils \ + mktorrent extlinux virtualbox qemu-user-static binfmt-support \ + u-boot-tools +make -C freedom-maker dreamplug-image raspberry-image virtualbox-image +</pre> + +<p>Root access is needed to run debootstrap and mount loopback +devices. See the README for more details on the build. If you do not +want all three images, trim the make line. But note that thanks to <a +href="https://bugs.debian.org/741407">a race condition in +vmdebootstrap</a>, the build might fail without the patch to the +kpartx call.</p> + +<p>If you instead want to install using a Debian CD and the preseed +method, boot a Debian Wheezy ISO and use this boot argument to load +the preseed values:</p> + <pre> -wget -O - http://www.reinholdtsen.name/freedombox/BE1A583D.asc | \ - apt-key add - -apt-get update -apt-get install freedombox-setup -/usr/lib/freedombox/setup -</pre></li> -<li>Reboot into your freshly created Freedombox.</li> - -</ol> - -<p>You can test it on other architectures too, but because the -freedombox-privoxy package is binary, it will only work as intended on -the architectures where I have had time to build the binary and put it -in my APT repository. But do not let this stop you. It is only a -short "<tt>apt-get source -b freedombox-privoxy</tt>" away. :)</p> - -<p>Note that by default Freedombox is a DHCP server on the -192.168.1.0/24 subnet, so if this is your subnet be careful and turn -off the DHCP server by running "<tt>update-rc.d isc-dhcp-server -disable</tt>" as root.</p> - -<p>Please let me know if this work for you, or if you have any -problems. We gather on the IRC channel -<a href="irc://irc.debian.org:6667/%23freedombox">#freedombox</a> on -irc.debian.org and the -<a href="http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss">project -mailing list</a>.</p> - -<p>Once you get your freedombox operational, you can visit -<tt>http://your-host-name:8001/</tt> to see the state of the plint -welcome screen (dead end - do not be surprised if you are unable to -get past it), and next visit <tt>http://your-host-name:8001/help/</tt> -to look at the rest of plinth. The default user is 'admin' and the -default password is 'secret'.</p> +url=<a href="http://www.reinholdtsen.name/freedombox/preseed-jessie.dat">http://www.reinholdtsen.name/freedombox/preseed-jessie.dat</a> +</pre> + +<p>But note that due to <a href="https://bugs.debian.org/740673">a +recently introduced bug in apt in Jessie</a>, the installer will +currently hang while setting up APT sources. Killing the +'<tt>apt-cdrom ident</tt>' process when it hang a few times during the +installation will get the installation going. This affect all +installations in Jessie, and I expect it will be fixed soon.</p> + +Give it a go and let us know how it goes on the mailing list, and help +us get the new release published. :) Please join us on +<a href="irc://irc.debian.org:6667/%23freedombox">IRC (#freedombox on +irc.debian.org)</a> and +<a href="http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss">the +mailing list</a> if you want to help make this vision come true.</p> - Datalagringsdirektivet gjør at Oslo Høyre og Arbeiderparti ikke får min stemme i år - http://people.skolelinux.org/pere/blog/Datalagringsdirektivet_gj_r_at_Oslo_H_yre_og_Arbeiderparti_ikke_f_r_min_stemme_i__r.html - http://people.skolelinux.org/pere/blog/Datalagringsdirektivet_gj_r_at_Oslo_H_yre_og_Arbeiderparti_ikke_f_r_min_stemme_i__r.html - Sun, 8 Sep 2013 20:40:00 +0200 - <p>I 2011 raderte et stortingsflertall bestående av Høyre og -Arbeiderpartiet vekk en betydelig del av privatsfæren til det norske -folk. Det ble vedtatt at det skulle registreres og lagres i et halvt -år hvor alle som bærer på en mobiltelefon befinner seg, hvem de -snakker med og hvor lenge de snakket sammen. Det skal også -registreres hvem de sendte SMS-meldinger til, hvem en har sendt epost -til, og hvilke nett-tjenere en besøkte. Saken er kjent som -<a href="http://beta.holderdeord.no/issues/innfore-datalagringsdirektivet">Datalagringsdirektivet -(DLD)</a>, og innebærer at alle innbyggerne og andre innenfor Norges -grenser overvåkes døgnet rundt. Det ble i praksis innført brev og -besøkskontroll av hele befolkningen. Rapporter fra de landene som -allerede har innført slik total lagring av borgernes -kommunikasjonsmønstre forteller at det ikke hjelper i -kriminalitetsbekjempelsen. Den norske prislappen blir mange hundre -millioner, uten at det ser ut til å bidra positivt til politiets -arbeide. Jeg synes flere hundre millioner i stedet burde vært brukt -på noe som kan dokumenteres å ha effekt i kriminalitetsbekjempelsen. -Se mer på -<a href="http://no.wikipedia.org/wiki/Datalagringsdirektivet">Wikipedia</a> -og <a href="http://www.uhuru.biz/?cat=84">Jon Wessel-Aas</a>.</p> - -<p>Hva er problemet, tenkter du kanskje? Et åpenbart problem er at -medienes kildevern i praksis blir radert ut. Den innsamlede -informasjonen gjør det mulig å finne ut hvem som har snakket med -journalister på telefon, SMS og epost, og hvem som har vært i nærheten -av journalister så sant begge bar med seg en telefon. Et annet er at -advokatvernet blir sterkt redusert, der politiet kan finne ut hvem -som har snakket med en advokat når, eller vært i møter en med advokat. -Et tredje er at svært personlig informasjon kan avledes fra hvilke -nettsteder en har besøkt. Har en besøkt hivnorge.no, -swingersnorge.com eller andre sider som kan brukes til avlede -interesser som hører til privatsfæren, vil denne informasjonen være -tilgjengelig takket være datalagringsdirektivet.</p> - -<p>De fleste partiene var mot, kun to partier stemte for. Høyre og -Arbeiderpartiet. Og både Høyre og Arbeiderpartiet i Oslo har -DLD-forkjempere på toppen av sine lister (har ikke sjekket de andre -fylkene). Det er dermed helt uaktuelt for meg å stemme på disse -partiene. Her er oversikten over partienes valglister i Oslo, med -informasjon om hvem som stemte hva i første DLD-votering i Stortinget, -basert på informasjon fra mine venner i -<a href="http://beta.holderdeord.no/votes/1301946411e">Holder de -Ord</a> samt <a href="http://data.stortinget.no/">data.stortinget.no</a>. -Først ut er stortingslista fra Høyre for Oslo:</p> - -<style type="text/css"> -.for {background-color:#F5A9A9;} -.mot {background-color:#A9F5BC;} -.ukjent { } -</style> - -<table> -<tr><th>#</th><th>Navn, fødselsår og valgkrets</th><th>Stemme/kommentar</th></tr> - -<tr class="for"><td>1.</td> -<td>Ine Marie Eriksen Søreide (1976), Gamle Oslo</td> -<td>Stemte for DLD</td></tr> - -<tr class="mot"><td>2.</td> -<td>Nikolai Astrup (1978), Frogner</td> -<td>Stemte mot DLD</td></tr> - -<tr class="mot"><td>3.</td> -<td>Michael Tetzschner (1954), Vestre Aker</td> -<td>Stemte mot DLD</td> - -<tr class="ukjent"><td>4.</td> -<td>Kristin Vinje (1963), Nordre Aker</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>5.</td> -<td>Mudassar Hussain Kapur (1976), Nordstrand</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>6.</td> -<td>Stefan Magnus B. Heggelund (1984), Grünerløkka</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>7.</td> -<td>Heidi Nordby Lunde (1973), Grünerløkka</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>8.</td> -<td>Frode Helgerud (1950), Frogner</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>9.</td> -<td>Afshan Rafiq (1975), Stovner</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>10.</td> -<td>Astrid Nøklebye Heiberg (1936), Frogner</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>11.</td> -<td>Camilla Strandskog (1984) St.Hanshaugen</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>12.</td> -<td>John Christian Elden (1967), Ullern</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>13.</td> -<td>Berit Solli (1972), Alna</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>14.</td> -<td>Ola Kvisgaard (1963), Frogner</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>15.</td> -<td>James Stove Lorentzen (1957), Vestre Aker</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>16.</td> -<td>Gülsüm Koc (1987), Stovner</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>17.</td> -<td>Jon Ole Whist (1976), Grünerløkka</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>18.</td> -<td>Maren Eline Malthe-Sørenssen (1971), Vestre Aker</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>19.</td> -<td>Ståle Hagen (1968), Søndre Nordstrand</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>20.</td> -<td>Kjell Omdal Erichsen (1978), Sagene</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>21.</td> -<td>Saida R. Begum (1987), Grünerløkka</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>22.</td> -<td>Torkel Brekke (1970), Nordre Aker</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>23.</td> -<td>Sverre K. Seeberg (1950), Vestre Aker</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>24.</td> -<td>Julie Margrethe Brodtkorb (1974), Ullern</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td>25.</td> -<td>Fabian Stang (1955), Frogner</td> -<td>Ikke til stede</td></tr> - -</table> - -<p>Deretter har vi stortingslista fra Arbeiderpartiet for Oslo:</p> - -<table> - -<tr><th>#</th><th>Navn, fødselsår og valgkrets</th><th>Stemme/kommentar</th></tr> - -<tr class="for"><td>1.</td> -<td>Jens Stoltenberg (1959), Frogner</td> -<td>Ikke til stede i Stortinget, leder av regjeringen som fremmet forslaget</td></tr> - -<tr class="for"><td>2.</td> -<td>Hadia Tajik (1983), Grünerløkka</td> -<td>Stemte for DLD</td></tr> - -<tr class="for"><td> 3.</td> -<td>Jonas Gahr Støre (1960), Vestre Aker</td> -<td>Ikke til stede i Stortinget, medlem av regjeringen som fremmet forslaget</td></tr> - -<tr class="for"><td> 4.</td> -<td>Marianne Marthinsen (1980), Grünerløkka</td> -<td>Stemte for DLD</td></tr> - -<tr class="for"><td> 5.</td> -<td>Jan Bøhler (1952), Alna</td> -<td>Stemte for DLD</td></tr> - -<tr class="for"><td> 6.</td> -<td>Marit Nybakk (1947), Frogner</td> -<td>Stemte for DLD</td></tr> - -<tr class="for"><td> 7.</td> -<td>Truls Wickholm (1978), Sagene</td> -<td>Stemte for DLD</td></tr> - -<tr class="ukjent"><td> 8.</td> -<td>Prableen Kaur (1993), Grorud</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td> 9.</td> -<td>Vegard Grøslie Wennesland (1983), St.Hanshaugen</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td> 10.</td> -<td>Inger Helene Vaaten (1975), Grorud</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td> 11.</td> -<td>Ivar Leveraas (1939), Alna</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td> 12.</td> -<td>Grete Haugdal (1971), Gamle Oslo</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td> 13.</td> -<td>Olav Tønsberg (1948), Alna</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td> 14.</td> -<td>Khamshajiny Gunaratnam (1988), Grorud</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td> 15.</td> -<td>Fredrik Mellem (1969), Sagene</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td> 16.</td> -<td>Brit Axelsen (1945), Stovner</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td> 17.</td> -<td>Dag Bayegan-Harlem (1977), Ullern</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td> 18.</td> -<td>Kristin Sandaker (1963), Østeinsjø</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td> 19.</td> -<td>Bashe Musse (1965), Grünerløkka</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td> 20.</td> -<td>Torunn Kanutte Husvik (1983), St. Hanshaugen</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td> 21.</td> -<td>Steinar Andersen (1947), Nordstrand</td> -<td>Ikke til stede</td></tr> - -<tr class="ukjent"><td> 22.</td> -<td>Anne Cathrine Berger (1972), Sagene</td> -<td>Ikke til stede</td></tr> + How to add extra storage servers in Debian Edu / Skolelinux + http://people.skolelinux.org/pere/blog/How_to_add_extra_storage_servers_in_Debian_Edu___Skolelinux.html + http://people.skolelinux.org/pere/blog/How_to_add_extra_storage_servers_in_Debian_Edu___Skolelinux.html + Wed, 12 Mar 2014 12:50:00 +0100 + <p>On larger sites, it is useful to use a dedicated storage server for +storing user home directories and data. The design for handling this +in <a href="http://www.skolelinux.org/">Debian Edu / Skolelinux</a>, is +to update the automount rules in LDAP and let the automount daemon on +the clients take care of the rest. I was reminded about the need to +document this better when one of the customers of +<a href="http://www.slxdrift.no/">Skolelinux Drift AS</a>, where I am +on the board of directors, asked about how to do this. The steps to +get this working are the following:</p> + +<p><ol> + +<li>Add new storage server in DNS. I use nas-server.intern as the +example host here.</li> + +<li>Add automoun LDAP information about this server in LDAP, to allow +all clients to automatically mount it on reqeust.</li> + +<li>Add the relevant entries in tjener.intern:/etc/fstab, because +tjener.intern do not use automount to avoid mounting loops.</li> + +</ol></p> + +<p>DNS entries are added in GOsa², and not described here. Follow the +<a href="https://wiki.debian.org/DebianEdu/Documentation/Wheezy/GettingStarted">instructions +in the manual</a> (Machine Management with GOsa² in section Getting +started).</p> + +<p>Ensure that the NFS export points on the server are exported to the +relevant subnets or machines:</p> + +<p><blockquote><pre> +root@tjener:~# showmount -e nas-server +Export list for nas-server: +/storage 10.0.0.0/8 +root@tjener:~# +</pre></blockquote></p> + +<p>Here everything on the backbone network is granted access to the +/storage export. With NFSv3 it is slightly better to limit it to +netgroup membership or single IP addresses to have some limits on the +NFS access.</p> + +<p>The next step is to update LDAP. This can not be done using GOsa², +because it lack a module for automount. Instead, use ldapvi and add +the required LDAP objects using an editor.</p> + +<p><blockquote><pre> +ldapvi --ldap-conf -ZD '(cn=admin)' -b ou=automount,dc=skole,dc=skolelinux,dc=no +</pre></blockquote></p> + +<p>When the editor show up, add the following LDAP objects at the +bottom of the document. The "/&" part in the last LDAP object is a +wild card matching everything the nas-server exports, removing the +need to list individual mount points in LDAP.</p> + +<p><blockquote><pre> +add cn=nas-server,ou=auto.skole,ou=automount,dc=skole,dc=skolelinux,dc=no +objectClass: automount +cn: nas-server +automountInformation: -fstype=autofs --timeout=60 ldap:ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no + +add ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no +objectClass: top +objectClass: automountMap +ou: auto.nas-server + +add cn=/,ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no +objectClass: automount +cn: / +automountInformation: -fstype=nfs,tcp,rsize=32768,wsize=32768,rw,intr,hard,nodev,nosuid,noatime nas-server.intern:/& +</pre></blockquote></p> + +<p>The last step to remember is to mount the relevant mount points in +tjener.intern by adding them to /etc/fstab, creating the mount +directories using mkdir and running "mount -a" to mount them.</p> + +<p>When this is done, your users should be able to access the files on +the storage server directly by just visiting the +/tjener/nas-server/storage/ directory using any application on any +workstation, LTSP client or LTSP server.</p> + + + + + Hvordan bør RFC 822-formattert epost lagres i en NOARK5-database? + http://people.skolelinux.org/pere/blog/Hvordan_b_r_RFC_822_formattert_epost_lagres_i_en_NOARK5_database_.html + http://people.skolelinux.org/pere/blog/Hvordan_b_r_RFC_822_formattert_epost_lagres_i_en_NOARK5_database_.html + Fri, 7 Mar 2014 15:20:00 +0100 + <p>For noen uker siden ble NXCs fri programvarelisenserte +NOARK5-løsning +<a href="http://www.nuug.no/aktiviteter/20140211-noark/">presentert hos +NUUG</a> (video +<a href="https://www.youtube.com/watch?v=JCb_dNS3MHQ">på youtube +foreløbig</a>), og det fikk meg til å titte litt mer på NOARK5, +standarden for arkivhåndtering i det offentlige Norge. Jeg lurer på +om denne kjernen kan være nyttig i et par av mine prosjekter, og for ett +av dem er det mest aktuelt å lagre epost. Jeg klarte ikke finne noen +anbefaling om hvordan RFC 822-formattert epost (aka Internett-epost) +burde lagres i NOARK5, selv om jeg vet at noen arkiver tar +PDF-utskrift av eposten med sitt epostprogram og så arkiverer PDF-en +(eller enda værre, tar papirutskrift og lagrer bildet av eposten som +PDF i arkivet).</p> + +<p>Det er ikke så mange formater som er akseptert av riksarkivet til +langtidsoppbevaring av offentlige arkiver, og PDF og XML er de mest +aktuelle i så måte. Det slo meg at det måtte da finnes en eller annen +egnet XML-representasjon og at det kanskje var enighet om hvilken som +burde brukes, så jeg tok mot til meg og spurte +<a href="http://samdok.com/">SAMDOK</a>, en gruppe tilknyttet +arkivverket som ser ut til å jobbe med NOARK-samhandling, om de hadde +noen anbefalinger: + +<p><blockquote> +<p>Hei.</p> + +<p>Usikker på om dette er riktig forum å ta opp mitt spørsmål, men jeg +lurer på om det er definert en anbefaling om hvordan RFC +822-formatterte epost (aka vanlig Internet-epost) bør lages håndteres +i NOARK5, slik at en bevarer all informasjon i eposten +(f.eks. Received-linjer). Finnes det en anbefalt XML-mapping ala den +som beskrives på +&lt;URL: <a href="https://www.informit.com/articles/article.aspx?p=32074">https://www.informit.com/articles/article.aspx?p=32074</a> &gt;? Mitt +mål er at det skal være mulig å lagre eposten i en NOARK5-kjerne og +kunne få ut en identisk formattert kopi av opprinnelig epost ved +behov.</p> +</blockquote></p> + +<p>Postmottaker hos SAMDOK mente spørsmålet heller burde stilles +direkte til riksarkivet, og jeg fikk i dag svar derfra formulert av +seniorrådgiver Geir Ivar Tungesvik:</p> + +<p><blockquote> +<p>Riksarkivet har ingen anbefalinger når det gjelder konvertering fra +e-post til XML. Det står arkivskaper fritt å eventuelt definere/bruke +eget format. Inklusive da - som det spørres om - et format der det er +mulig å re-etablere e-post format ut fra XML-en. XML (e-post) +dokumenter må være referert i arkivstrukturen, og det må vedlegges et +gyldig XML skjema (.xsd) for XML-filene. Arkivskaper står altså fritt +til å gjøre hva de vil, bare det dokumenteres og det kan dannes et +utrekk ved avlevering til depot.</p> + +<p>De obligatoriske kravene i Noark 5 standarden må altså oppfylles - +etter dialog med Riksarkivet i forbindelse med godkjenning. For +offentlige arkiv er det særlig viktig med filene loependeJournal.xml +og offentligJournal.xml. Private arkiv som vil forholde seg til Noark +5 standarden er selvsagt frie til å bruke det som er relevant for dem +av obligatoriske krav.</p> +</blockquote></p> + +<p>Det ser dermed ut for meg som om det er et lite behov for å +standardisere XML-lagring av RFC-822-formatterte meldinger. Noen som +vet om god spesifikasjon i så måte? I tillegg til den omtalt over, +har jeg kommet over flere aktuelle beskrivelser (søk på "rfc 822 +xml", så finner du aktuelle alternativer).</p> -<tr class="ukjent"><td> 23.</td> -<td>Khalid Mahmood (1959), Østensjø</td> -<td>Ikke til stede</td></tr> +<ul> -<tr class="ukjent"><td> 24.</td> -<td>Munir Jaber (1990), Alna</td> -<td>Ikke til stede</td></tr> +<li><a href="http://www.openhealth.org/xmtp/">XML MIME Transformation +protocol (XMTP)</a> fra OpenHealth, sist oppdatert 2001.</li> -<tr class="ukjent"><td> 25.</td> -<td>Libe Solberg Rieber-Mohn (1965), Frogner</td> -<td>Ikke til stede</td></tr> +<li><a href="https://tools.ietf.org/html/draft-klyne-message-rfc822-xml-03">An +XML format for mail and other messages</a> utkast fra IETF datert +2001.</li> -</table> +<li><a href="http://www.informit.com/articles/article.aspx?p=32074">xMail: +E-mail as XML</a> en artikkel fra 2003 som beskriver python-modulen +rfc822 som gir ut XML-representasjon av en RFC 822-formattert epost.</li> -<p>Hvilket parti får så min stemme i år. Jeg tror det blir -<a href="http://piratpartiet.no/">Piratpartiet</a>. Hvis de kan bidra -til at det kommer noen inn på Stortinget med teknisk peiling, så får -kanskje ikke overvåkningsgalskapen like fritt spillerom som det har -hatt så langt.</p> +</ul> +<p>Finnes det andre og bedre spesifikasjoner for slik lagring? Send +meg en epost hvis du har innspill.</p> - Second beta release (beta 1) of Debian Edu/Skolelinux based on Debian Wheezy - http://people.skolelinux.org/pere/blog/Second_beta_release__beta_1__of_Debian_Edu_Skolelinux_based_on_Debian_Wheezy.html - http://people.skolelinux.org/pere/blog/Second_beta_release__beta_1__of_Debian_Edu_Skolelinux_based_on_Debian_Wheezy.html - Thu, 22 Aug 2013 09:30:00 +0200 - <p>The second wheezy based beta release of Debian Edu was wrapped up -today, slightly delayed because of some bugs in the initial Windows -integration fixes . This is the release announcement:</p> - -<p><strong>New features for Debian Edu 7.1+edu0~b1 released 2013-08-22</strong></p> - -<p>These are the release notes for Debian Edu / Skolelinux -7.1+edu0~b1, based on Debian with codename "Wheezy".</p> - -<p><strong>About Debian Edu and Skolelinux</strong></p> - -<p><a href="http://www.skolelinux.org/">Debian Edu, also known as -Skolelinux</a>, is a Linux distribution based on Debian providing an -out-of-the box environment of a completely configured school -network. Immediately after installation a school server running all -services needed for a school network is set up just waiting for users -and machines being added via GOsa², a comfortable Web-UI. A netbooting -environment is prepared using PXE, so after initial installation of -the main server from CD or USB stick all other machines can be -installed via the network. The provided school server provides LDAP -database and Kerberos authentication service, centralized home -directories, DHCP server, web proxy and many other services. The -desktop contains -<a href="http://people.skolelinux.org/pere/blog/Educational_applications_included_in_Debian_Edu___Skolelinux__the_screenshot_collection____.html">more -than 60 educational software packages</a> and more are available from -the Debian archive, and schools can choose between KDE, Gnome, LXDE -and Xfce desktop environment.</p> - -<p>This is the sixth test release based on Debian Wheezy. Basically this -is an updated and slightly improved version compared to the Squeeze -release.</p> - -<p>ALERT: Alpha based installations should reinstall or downgrade the -versions of gosa and libpam-mklocaluser to the ones used in this beta -release. Both alpha and beta0 based installations should reinstall or -deal with gosa.conf manually; there are two options: (1) Keep -gosa.conf and edit this file as outlined -<a href="http://lists.debian.org/debian-edu/2013/08/msg00127.html">on -the mailing list</a>. (2) Accept the new version of gosa.conf and -replace both contained admin password placeholders with the password -hashes found in the old one (backup copy!). In both cases every user -need to change their their password to make sure a password is set for -CIFS access to their home directory.</p> - -<p><strong>Software updates</strong></p> + Lenker for 2014-02-28 + http://people.skolelinux.org/pere/blog/Lenker_for_2014_02_28.html + http://people.skolelinux.org/pere/blog/Lenker_for_2014_02_28.html + Fri, 28 Feb 2014 13:30:00 +0100 + <p>Her er noen lenker til tekster jeg har satt pris på å lese de siste +månedene. Det er mye om varsleren Edward Snowden, som burde få all +hjelp, støtte og beskyttelse Norge kan stille opp med for å ha satt +totalitær overvåkning på sakskartet, men også endel annet +tankevekkende og interessant.</p> <ul> -<li>Added ssh askpass packages to default installation, to ensure ssh - work also without a attached tty.</li> -<li>Add the command-not-found package to the default installation to - make it easier to figure out where to find missing command line - tools. Please note, that the command 'update-command-not-found' - has to be run as root to actually make it useful (internet access - required).</li> +<li>2013-12-21 +<a href="http://www.dagbladet.no/2013/12/21/nyheter/thomas_drake/nsa/overvakning/snowden/30925886/">- +NSA tenker som Stasi</a> - Dagbladet.no</li> -</ul> +<li>2013-12-19 <a href="http://www.dagensit.no/article2732734.ece">- +Staten har ikke rett til å vite alt om deg</a> - DN.no</li> -<p><strong>Other changes</strong></p> +<li>2013-12-21 +<a href="http://www.dagbladet.no/2013/12/21/nyheter/krig_og_konflikter/politikk/utenriks/30961126/">Nye +mål for NSAs spionasje avslørt</a> - Dagbladet.no</li> -<ul> +<li>2013-12-19 +<a href="http://www.dagbladet.no/2013/12/19/nyheter/nsa/usa/politikk/barack_obama/30918684/">«NSA +bør fjernes fra sin makt til å samle inn metadata fra amerikanske +telefonsamtaler»</a> - Dagbladet.no</li> -<li>Adjusted the USB stick ISO image build to include every tool -needed for desktop=xfce installations.</li> -<li>Adjust thin-client-server task to work when installing from USB -stick ISO image.</li> -<li>Made new grub artwork (changed png from indexed to RGB format).</li> -<li>Minor cleanup in the CUPS setup.</li> -<li>Make sure that bootstrapping of the Samba domain really happens - during installation of the main server and adjust SID handling to - cope with this.</li> -<li>Make Samba passwords changeable (again) via GOsa².</li> -<li>Fix generation of LM and NT password hashes via GOsa² to avoid - empty password hashes.</li> -<li>Adapted Samba machine domain joining to latest change in the - smbldap-tools Perl package, fixing bugs blocking Windows machines - from joining the Samba domain.</li> +<li>2013-12-18 +<a href="http://www.dagbladet.no/2013/12/18/kultur/meninger/hovedkronikk/debatt/snowden/30901089/">Etterretning, +overvåking, frihet og sikkerhet</a> - Dagbladet.no</li> -</ul> +<li>2013-12-17 +<a href="http://www.nrk.no/verden/snowden-vil-ha-asyl-i-brasil-1.11423444">Snowden +angriper USA i åpent brev</a> - nrk.no</li> -<p><strong>Known issues</strong></p> +<li>2013-12-17 +<a href="http://www.digi.no/925820/rettslig-nederlag-for-etterretning">Rettslig +nederlag for etterretning</a> - digi.no</li> -<ul> +<li>2013-12-21 +<a href="http://www.dagbladet.no/2013/12/21/kultur/meninger/hovedkommentar/kommentar/etterretning/30963284/">Truende +nedkjøling</a> - dagbladet.no</li> -<li>KDE fails to understand the wpad.dat file provided, causing it to - not use the http proxy as it should.</li> -<li>Chromium also fails to use the proxy when using the KDE desktop - (using the KDE configuration).</li> +<li>2013-12-20 +<a href="http://www.aftenposten.no/viten/Matematikk-og-forstaelse-7411849.html">Matematikk +og forståelse</a> - aftenposten.no</li> -</ul> +<li>2013-10-20 +<a href="http://www.nrk.no/viten/ny-studie_sovn-reinser-hjernen-var-1.11306106">Vi +søv for å reinse hjernen vår, ifølgje ny studie</a> - nrk.no</li> -<p><strong>Where to get it</strong></p> +<li>2013-12-11 +<a href="http://www.nrk.no/buskerud/julebaksten-i-vasken-1.11410033">Rotterace +i kloakken</a> - nrk.no</li> -<p>To download the multiarch netinstall CD release you can use</p> +<li>2013-12-30 +<a href="http://www.aftenposten.no/viten/Apne-brev-og-frie-tanker-7413734.html">Åpne +brev og frie tanker</a> - aftenposten.no</li> -<ul> +<li>2014-01-12 +<a href="http://www.aftenposten.no/viten/Stopp-kunnskapsapartheidet-7428229.html">Stopp dagens kunnskapsapartheid!</a> - aftenposten.no</li> -<li><a href="ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-CD.iso">ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-CD.iso</a></li> +<li>2014-01-09 +<a href="http://www.aftenposten.no/nyheter/uriks/EU-rapport-Britisk-og-amerikansk-overvaking-ser-ut-til-a-vare-ulovlig-7428933.html">EU-rapport: +Britisk og amerikansk overvåking ser ut til å være ulovlig</a> - +aftenposten.no</li> -<li><a href="http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-CD.iso">http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-CD.iso</a></li> +<li>2013-10-23 Professor Jan Arild Audestad +<a href="http://www.digi.no/924008/advarer-mot-konspirasjonsteori">Advarer +mot konspirasjonsteori</a> i digi.no og sier han ikke tror NSA kan +avlytte mobiltelefoner, mens han noen måneder senere forteller:</li> -<li>rsync -avzP ftp.skolelinux.org::skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-CD.iso .</li> +<li>2014-01-09 +<a href="http://www.aftenposten.no/nyheter/iriks/--Vi-ble-presset-til-a-svekke-mobilsikkerheten-pa-80-tallet-7410467.html">- +Vi ble presset til å svekke mobilsikkerheten på 80-tallet</a> - +aftenposten.no</li> -</ul> +<li>2014-02-12 +<a href="http://tv.nrk.no/program/koid20005814/et-moete-med-edward-snowden">Et +møte med Edward Snowden</a> - intervju sendt av nrk, tilgjengelig til +2015-01-31</li> -<p>The MD5SUM of this image is: 1e357f80b55e703523f2254adde6d78b -<br>The SHA1SUM of this image is: 7157f9be5fd27c7694d713c6ecfed61c3edda3b2</p> +<li>2014-02-17 +<a href="http://politiken.dk/debat/profiler/jessteinpedersen/ECE2210356/litteraturredaktoeren-helle-thornings-tavshed-om-snowden-er-en-skandale/">Litteraturredaktøren: +Helle Thornings tavshed om Snowden er en skandale</a> - +politiken.dk</li> -<p>To download the multiarch USB stick ISO release you can use</p> +<li>2014-02-21 +<a href="http://www.aftenposten.no/meninger/kronikker/Bra-a-ha-en-Storebror-7476734.html">Bra å ha en «Storebror»</a> - aftenposten.no</li> -<ul> +<li>2014-02-28 +<a href="http://johnchristianelden.blogg.no/1393536806_narkotikasiktet_stort.html">"Narkotikasiktet +Stortingsmann" - Spillet bak kulissene</a> - John Christian Eldens +blogg</li> -<li><a href="ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-USB.iso">ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-USB.iso</a></li> -<li><a href="http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-USB.iso">http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-USB.iso</a></li> -<li>rsync -avzP ftp.skolelinux.org::skolelinux-cd/wheezy/debian-edu-7.1+edu0~b1-USB.iso .</li> +<li>2014-02-28 +<a href="http://www.aftenposten.no/meninger/Heksejakt-pa-hasjbrukere-7486283.html">Heksejakt +på hasjbrukere</a> - aftenposten.no</li> </ul> - -<p>The MD5SUM of this image is: 7a8408ead59cf7e3cef25afb6e91590b -<br>The SHA1SUM of this image is: f1817c031f02790d5edb3bfa0dcf8451088ad119</p> - - -<p><strong>How to report bugs</strong></p> - -<p><a href="http://wiki.debian.org/DebianEdu/HowTo/ReportBugs">http://wiki.debian.org/DebianEdu/HowTo/ReportBugs</a> - Intel 180 SSD disk with Lenovo firmware can not use Intel firmware - http://people.skolelinux.org/pere/blog/Intel_180_SSD_disk_with_Lenovo_firmware_can_not_use_Intel_firmware.html - http://people.skolelinux.org/pere/blog/Intel_180_SSD_disk_with_Lenovo_firmware_can_not_use_Intel_firmware.html - Sun, 18 Aug 2013 14:00:00 +0200 - <p>Earlier, I reported about -<a href="http://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html">my -problems using an Intel SSD 520 Series 180 GB disk</a>. Friday I was -told by IBM that the original disk should be thrown away. And as -there no longer was a problem if I bricked the firmware, I decided -today to try to install Intel firmware to replace the Lenovo firmware -currently on the disk.</p> - -<p>I searched the Intel site for firmware, and found -<a href="https://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&ProdId=3472&DwnldID=18363&ProductFamily=Solid-State+Drives+and+Caching&ProductLine=Intel%c2%ae+High+Performance+Solid-State+Drive&ProductProduct=Intel%c2%ae+SSD+520+Series+(180GB%2c+2.5in+SATA+6Gb%2fs%2c+25nm%2c+MLC)&lang=eng">issdfut_2.0.4.iso</a> -(aka Intel SATA Solid-State Drive Firmware Update Tool) which -according to the site should contain the latest firmware for SSD -disks. I inserted the broken disk in one of my spare laptops and -booted the ISO from a USB stick. The disk was recognized, but the -program claimed the newest firmware already were installed and refused -to insert any Intel firmware. So no change, and the disk is still -unable to handle write load. :( I guess the only way to get them -working would be if Lenovo releases new firmware. No idea how likely -that is. Anyway, just blogging about this test for completeness. I -got a working Samsung disk, and see no point in spending more time on -the broken disks.</p> + New home and release 1.0 for netgroup and innetgr (aka ng-utils) + http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html + http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html + Sat, 22 Feb 2014 21:45:00 +0100 + <p>Many years ago, I wrote a GPL licensed version of the netgroup and +innetgr tools, because I needed them in +<a href="http://www.skolelinux.org/">Skolelinux</a>. I called the project +ng-utils, and it has served me well. I placed the project under the +<a href="http://www.hungry.com/">Hungry Programmer</a> umbrella, and it was maintained in our CVS +repository. But many years ago, the CVS repository was dropped (lost, +not migrated to new hardware, not sure), and the project have lacked a +proper home since then.</p> + +<p>Last summer, I had a look at the package and made a new release +fixing a irritating crash bug, but was unable to store the changes in +a proper source control system. I applied for a project on +<a href="https://alioth.debian.org/">Alioth</a>, but did not have time +to follow up on it. Until today. :)</p> + +<p>After many hours of cleaning and migration, the ng-utils project +now have a new home, and a git repository with the highlight of the +history of the project. I published all release tarballs and imported +them into the git repository. As the project is really stable and not +expected to gain new features any time soon, I decided to make a new +release and call it 1.0. Visit the new project home on +<a href="https://alioth.debian.org/projects/ng-utils/">https://alioth.debian.org/projects/ng-utils/</a> +if you want to check it out. The new version is also uploaded into +<a href="http://packages.qa.debian.org/n/ng-utils.html">Debian Unstable</a>.</p> - 90 percent done with the Norwegian draft translation of Free Culture - http://people.skolelinux.org/pere/blog/90_percent_done_with_the_Norwegian_draft_translation_of_Free_Culture.html - http://people.skolelinux.org/pere/blog/90_percent_done_with_the_Norwegian_draft_translation_of_Free_Culture.html - Fri, 2 Aug 2013 10:40:00 +0200 - <p>It has been a while since my last update. Since last summer, I -have worked on a Norwegian -<a href="http://www.docbook.org/">docbook</a> version of the 2004 book -<a href="http://free-culture.cc/">Free Culture</a> by Lawrence Lessig, -to get a Norwegian text explaining the problems with the copyright -law. Yesterday, I finally broken the 90% mark, when counting the -number of strings to translate. Due to real life constraints, I have -not had time to work on it since March, but when the summer broke out, -I found time to work on it again. Still lots of work left, but the -first draft is nearing completion. I created a graph to show the -progress of the translation:</p> - -<p><img width="80%" align="center" src="https://github.com/petterreinholdtsen/free-culture-lessig/raw/master/progress.png"></p> - -<p>When the first draft is done, the translated text need to be -proof read, and the remaining formatting problems with images and SVG -drawings need to be fixed. There are probably also some index entries -missing that need to be added. This can be done by comparing the -index entries listed in the SiSU version of the book, or comparing the -English docbook version with the paper version. Last, the colophon -page with ISBN numbers etc need to be wrapped up before the release is -done. I should also figure out how to get correct Norwegian sorting -of the index pages. All docbook tools I have tried so far (xmlto, -docbook-xsl, dblatex) get the order of symbols and the special -Norwegian letters ÆØÅ wrong.</p> - -<p>There is still need for translators and people with docbook -knowledge, to be able to get a good looking book (I still struggle -with dblatex, xmlto and docbook-xsl) as well as to do the draft -translation and proof reading. And I would like the figures to be -redrawn as SVGs to make it easy to translate them. Any SVG master -around? There are also some legal terms that are unfamiliar to me. -If you want to help, please get in touch with me, and check out the -project files currently available from -<a href="https://github.com/petterreinholdtsen/free-culture-lessig">github</a>.</p> - -<p>If you are curious what the translated book currently look like, -the updated -<a href="https://github.com/petterreinholdtsen/free-culture-lessig/blob/master/archive/freeculture.nb.pdf?raw=true">PDF</a> -and -<a href="https://github.com/petterreinholdtsen/free-culture-lessig/blob/master/archive/freeculture.nb.epub?raw=true">EPUB</a> -are published on github. The HTML version is published as well, but -github hand it out with MIME type text/plain, confusing browsers, so I -saw no point in linking to that version.</p> + Testing sysvinit from experimental in Debian Hurd + http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html + http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html + Mon, 3 Feb 2014 13:40:00 +0100 + <p>A few days ago I decided to try to help the Hurd people to get +their changes into sysvinit, to allow them to use the normal sysvinit +boot system instead of their old one. This follow up on the +<a href="https://teythoon.cryptobitch.de//categories/gsoc.html">great +Google Summer of Code work</a> done last summer by Justus Winter to +get Debian on Hurd working more like Debian on Linux. To get started, +I downloaded a prebuilt hard disk image from +<a href="http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz">http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz</a>, +and started it using virt-manager.</p> + +<p>The first think I had to do after logging in (root without any +password) was to get the network operational. I followed +<a href="https://www.debian.org/ports/hurd/hurd-install">the +instructions on the Debian GNU/Hurd ports page</a> and ran these +commands as root to get the machine to accept a IP address from the +kvm internal DHCP server:</p> + +<p><blockquote><pre> +settrans -fgap /dev/netdde /hurd/netdde +kill $(ps -ef|awk '/[p]finet/ { print $2}') +kill $(ps -ef|awk '/[d]evnode/ { print $2}') +dhclient /dev/eth0 +</pre></blockquote></p> + +<p>After this, the machine had internet connectivity, and I could +upgrade it and install the sysvinit packages from experimental and +enable it as the default boot system in Hurd.</p> + +<p>But before I did that, I set a password on the root user, as ssh is +running on the machine it for ssh login to work a password need to be +set. Also, note that a bug somewhere in openssh on Hurd block +compression from working. Remember to turn that off on the client +side.</p> + +<p>Run these commands as root to upgrade and test the new sysvinit +stuff:</p> + +<p><blockquote><pre> +cat > /etc/apt/sources.list.d/experimental.list &lt;&lt;EOF +deb http://http.debian.net/debian/ experimental main +EOF +apt-get update +apt-get dist-upgrade +apt-get install -t experimental initscripts sysv-rc sysvinit \ + sysvinit-core sysvinit-utils +update-alternatives --config runsystem +</pre></blockquote></p> + +<p>To reboot after switching boot system, you have to use +<tt>reboot-hurd</tt> instead of just <tt>reboot</tt>, as there is not +yet a sysvinit process able to receive the signals from the normal +'reboot' command. After switching to sysvinit as the boot system, +upgrading every package and rebooting, the network come up with DHCP +after boot as it should, and the settrans/pkill hack mentioned at the +start is no longer needed. But for some strange reason, there are no +longer any login prompt in the virtual console, so I logged in using +ssh instead. + +<p>Note that there are some race conditions in Hurd making the boot +fail some times. No idea what the cause is, but hope the Hurd porters +figure it out. At least Justus said on IRC (#debian-hurd on +irc.debian.org) that they are aware of the problem. A way to reduce +the impact is to upgrade to the Hurd packages built by Justus by +adding this repository to the machine:</p> + +<p><blockquote><pre> +cat > /etc/apt/sources.list.d/hurd-ci.list &lt;&lt;EOF +deb http://darnassus.sceen.net/~teythoon/hurd-ci/ sid main +EOF +</pre></blockquote></p> + +<p>At the moment the prebuilt virtual machine get some packages from +http://ftp.debian-ports.org/debian, because some of the packages in +unstable do not yet include the required patches that are lingering in +BTS. This is the completely list of "unofficial" packages installed:</p> + +<p><blockquote><pre> +# aptitude search '?narrow(?version(CURRENT),?origin(Debian Ports))' +i emacs - GNU Emacs editor (metapackage) +i gdb - GNU Debugger +i hurd-recommended - Miscellaneous translators +i isc-dhcp-client - ISC DHCP client +i isc-dhcp-common - common files used by all the isc-dhcp* packages +i libc-bin - Embedded GNU C Library: Binaries +i libc-dev-bin - Embedded GNU C Library: Development binaries +i libc0.3 - Embedded GNU C Library: Shared libraries +i A libc0.3-dbg - Embedded GNU C Library: detached debugging symbols +i libc0.3-dev - Embedded GNU C Library: Development Libraries and Hea +i multiarch-support - Transitional package to ensure multiarch compatibilit +i A x11-common - X Window System (X.Org) infrastructure +i xorg - X.Org X Window System +i A xserver-xorg - X.Org X server +i A xserver-xorg-input-all - X.Org X server -- input driver metapackage +# +</pre></blockquote></p> + +<p>All in all, testing hurd has been an interesting experience. :) +X.org did not work out of the box and I never took the time to follow +the porters instructions to fix it. This time I was interested in the +command line stuff.<p> - First beta release of Debian Edu/Skolelinux based on Debian Wheezy - http://people.skolelinux.org/pere/blog/First_beta_release_of_Debian_Edu_Skolelinux_based_on_Debian_Wheezy.html - http://people.skolelinux.org/pere/blog/First_beta_release_of_Debian_Edu_Skolelinux_based_on_Debian_Wheezy.html - Sat, 27 Jul 2013 20:30:00 +0200 - <p>The first wheezy based beta release of Debian Edu was wrapped up -today. This is the release announcement:</p> - -<p><strong>New features for Debian Edu 7.1+edu0~b0 released -2013-07-27</strong></p> - -<p>These are the release notes for for Debian Edu / Skolelinux -7.1+edu0~b0, based on Debian with codename "Wheezy".</p> - -<p><strong>About Debian Edu and Skolelinux</strong></p> - -<p><a href="http://www.skolelinux.org/">Debian Edu, also known as -Skolelinux</a>, is a Linux distribution based on Debian providing an -out-of-the box environment of a completely configured school -network. Immediately after installation a school server running all -services needed for a school network is set up just waiting for users -and machines being added via GOsa², a comfortable Web-UI. A netbooting -environment is prepared using PXE, so after initial installation of -the main server from CD, DVD or USB stick all other machines can be -installed via the network. The provided school server provides LDAP -database and Kerberos authentication service, centralized home -directories, DHCP server, web proxy and many other services. The -desktop contains -<a href="http://people.skolelinux.org/pere/blog/Educational_applications_included_in_Debian_Edu___Skolelinux__the_screenshot_collection____.html">more -than 60 educational software packages</a> and more are available from -the Debian archive, and schools can choose between KDE, Gnome, LXDE -and Xfce desktop environment.</p> - -<p>This is the fifth test release based on Debian Wheezy. Basically -this is an updated and slightly improved version compared to the -Squeeze release.</p> - -<p>ALERT: Alpha based installations should reinstall or downgrade the -versions of gosa and libpam-mklocaluser to the ones used in this beta -release.</p> - -<p><strong>Software updates</strong></p> - -<ul> - -<li>Switched roaming workstation profiles from wicd to network-manager - for network configuration, as wicd didn't work any more.</li> -<li>Changed version numbers of patched gosa and libpam-mklocaluser - packages to make sure our locally patched versions will be replaced - by the official packages when they are released from Debian. Those - installing alpha version need to reinstall or manually downgrade gosa - and libpam-mklocaluser.</li> -<li>Added bluetooth tools to the default desktop (bluedevil, blueman).</li> -<li>Added tools for sharing the desktop on KDE (krdc, krfb).</li> -<li>Added valgrind to the default installation for easier debugging of - crash bugs.</li> - -</ul> - -<p><strong>Other changes</strong></p> - -<ul> - -<li>Fixed artwork package to work with gnome, no longer break - desktop=gnome installations.</li> -<li>Adjusted installer to now work when forced to use a proxy with the - netinst CD.</li> -<li>Fixed code detecting and setting/loading hardware specific - setup/firmware to work more robust out of the box.</li> -<li>Adjusted Kerberos setup to detect realm and server settings at - install time instead of dynamically at run time. This avoid a crash - with krb5-auth-dialog on diskless workstations without a DNS name.</li> -<li>Worked around misfeature in network-manager not calling the dhclient - exit hooks, causing automatic proxy configuration and automatic host - name setting at run time to work again.</li> -<li>Fixed feature setting the default Iceweasel start page from URL - fetched from LDAP, to allow schools to set the global default by - updating the dc=skole,dc=skolelinux,dc=no LDAP object.</li> -<li>Changed default host name on all networked machines to be unique - (generated from MAC or reverse DNS) after boot.</li> -<li>Adjusted partition sizes to make sure they are big enough.</li> - -</ul> - -<p><strong>Known issues</strong></p> - -<ul> - -<li>Grub is missing the new artwork.</li> -<li>KDE fail to understand the wpad.dat file provided, causing it to - not use the http proxy as it should.</li> -<li>Chromium also fail to use the proxy.</li> - -</ul> - -<p><strong>Where to get it</strong></p> - -<p>To download the multiarch netinstall CD release you can use</p> - -<ul> - -<li><a href="ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-CD.iso">ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-CD.iso</a></li> - -<li><a href="http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-CD.iso">http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-CD.iso</a></li> - -<li>rsync -avzP ftp.skolelinux.org::skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-CD.iso .</li> - -</ul> - -<p>The MD5SUM of this image is: 55d5de9765b6dccd5d9ec33cf1a07109 -<br>The SHA1SUM of this image is: 996a1d9517740e4d627d100de2d12b23dd545a3f</p> - -<p>To download the multiarch USB stick ISO release you can use</p> + A fist full of non-anonymous Bitcoins + http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html + http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html + Wed, 29 Jan 2014 14:10:00 +0100 + <p>Bitcoin is a incredible use of peer to peer communication and +encryption, allowing direct and immediate money transfer without any +central control. It is sometimes claimed to be ideal for illegal +activity, which I believe is quite a long way from the truth. At least +I would not conduct illegal money transfers using a system where the +details of every transaction are kept forever. This point is +investigated in +<a href="https://www.usenix.org/publications/login">USENIX ;login:</a> +from December 2013, in the article +"<a href="https://www.usenix.org/system/files/login/articles/03_meiklejohn-online.pdf">A +Fistful of Bitcoins - Characterizing Payments Among Men with No +Names</a>" by Sarah Meiklejohn, Marjori Pomarole,Grant Jordan, Kirill +Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. They +analyse the transaction log in the Bitcoin system, using it to find +addresses belong to individuals and organisations and follow the flow +of money from both Bitcoin theft and trades on Silk Road to where the +money end up. This is how they wrap up their article:</p> + +<p><blockquote> +<p>"To demonstrate the usefulness of this type of analysis, we turned +our attention to criminal activity. In the Bitcoin economy, criminal +activity can appear in a number of forms, such as dealing drugs on +Silk Road or simply stealing someone else’s bitcoins. We followed the +flow of bitcoins out of Silk Road (in particular, from one notorious +address) and from a number of highly publicized thefts to see whether +we could track the bitcoins to known services. Although some of the +thieves attempted to use sophisticated mixing techniques (or possibly +mix services) to obscure the flow of bitcoins, for the most part +tracking the bitcoins was quite straightforward, and we ultimately saw +large quantities of bitcoins flow to a variety of exchanges directly +from the point of theft (or the withdrawal from Silk Road).</p> + +<p>As acknowledged above, following stolen bitcoins to the point at +which they are deposited into an exchange does not in itself identify +the thief; however, it does enable further de-anonymization in the +case in which certain agencies can determine (through, for example, +subpoena power) the real-world owner of the account into which the +stolen bitcoins were deposited. Because such exchanges seem to serve +as chokepoints into and out of the Bitcoin economy (i.e., there are +few alternative ways to cash out), we conclude that using Bitcoin for +money laundering or other illicit purposes does not (at least at +present) seem to be particularly attractive."</p> +</blockquote><p> + +<p>These researches are not the first to analyse the Bitcoin +transaction log. The 2011 paper +"<a href="http://arxiv.org/abs/1107.4524">An Analysis of Anonymity in +the Bitcoin System</A>" by Fergal Reid and Martin Harrigan is +summarized like this:</p> + +<p><blockquote> +"Anonymity in Bitcoin, a peer-to-peer electronic currency system, is a +complicated issue. Within the system, users are identified by +public-keys only. An attacker wishing to de-anonymize its users will +attempt to construct the one-to-many mapping between users and +public-keys and associate information external to the system with the +users. Bitcoin tries to prevent this attack by storing the mapping of +a user to his or her public-keys on that user's node only and by +allowing each user to generate as many public-keys as required. In +this chapter we consider the topological structure of two networks +derived from Bitcoin's public transaction history. We show that the +two networks have a non-trivial topological structure, provide +complementary views of the Bitcoin system and have implications for +anonymity. We combine these structures with external information and +techniques such as context discovery and flow analysis to investigate +an alleged theft of Bitcoins, which, at the time of the theft, had a +market value of approximately half a million U.S. dollars." +</blockquote></p> + +<p>I hope these references can help kill the urban myth that Bitcoin +is anonymous. It isn't really a good fit for illegal activites. Use +cash if you need to stay anonymous, at least until regular DNA +sampling of notes and coins become the norm. :)</p> + +<p>As usual, if you use Bitcoin and want to show your support of my +activities, please send Bitcoin donations to my address +<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&label=PetterReinholdtsenBlog">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p> + + + + + New chrpath release 0.16 + http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html + http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html + Tue, 14 Jan 2014 11:00:00 +0100 + <p><a href="http://www.coverity.com/">Coverity</a> is a nice tool to +find problems in C, C++ and Java code using static source code +analysis. It can detect a lot of different problems, and is very +useful to find memory and locking bugs in the error handling part of +the source. The company behind it provide +<a href="https://scan.coverity.com/">check of free software projects as +a community service</a>, and many hundred free software projects are +already checked. A few days ago I decided to have a closer look at +the Coverity system, and discovered that the +<a href="http://www.gnu.org/software/gnash/">gnash</a> and +<a href="http://sourceforge.net/projects/ipmitool/">ipmitool</a> +projects I am involved with was already registered. But these are +fairly big, and I would also like to have a small and easy project to +check, and decided to <a href="http://scan.coverity.com/projects/1179">request +checking of the chrpath project</a>. It was +added to the checker and discovered seven potential defects. Six of +these were real, mostly resource "leak" when the program detected an +error. Nothing serious, as the resources would be released a fraction +of a second later when the program exited because of the error, but it +is nice to do it right in case the source of the program some time in +the future end up in a library. Having fixed all defects and added +<a href="https://lists.alioth.debian.org/mailman/listinfo/chrpath-devel">a +mailing list for the chrpath developers</a>, I decided it was time to +publish a new release. These are the release notes:</p> + +<p>New in 0.16 released 2014-01-14:</p> <ul> -<li><a href="ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-USB.iso">ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-USB.iso</a></li> -<li><a href="http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-USB.iso">http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-USB.iso</a></li> -<li>rsync -avzP ftp.skolelinux.org::skolelinux-cd/wheezy/debian-edu-7.1+edu0~b0-USB.iso .</li> + <li>Fixed all minor bugs discovered by Coverity.</li> + <li>Updated config.sub and config.guess from the GNU project.</li> + <li>Mention new project mailing list in the documentation.</li> </ul> -<p>The MD5SUM of this image is: d8f0818c51a78d357de794066f289f69 -<br>The SHA1SUM of this image is: 49185ca354e8d0543240423746924f76a6cee733</p> - - -<p><strong>How to report bugs</strong></p> - -<p><a href="http://wiki.debian.org/DebianEdu/HowTo/ReportBugs">http://wiki.debian.org/DebianEdu/HowTo/ReportBugs</a> +<p>You can +<a href="https://alioth.debian.org/frs/?group_id=31052">download the +new version 0.16 from alioth</a>. Please let us know via the Alioth +project if something is wrong with the new release. The test suite +did not discover any old errors, so if you find a new one, please also +include a test suite check.</p> - How to fix a Thinkpad X230 with a broken 180 GB SSD disk - http://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html - http://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html - Wed, 17 Jul 2013 23:50:00 +0200 - <p>Today I switched to -<a href="http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html">my -new laptop</a>. I've previously written about the problems I had with -my new Thinkpad X230, which was delivered with an -<a href="http://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html">180 -GB Intel SSD disk with Lenovo firmware</a> that did not handle -sustained writes. My hardware supplier have been very forthcoming in -trying to find a solution, and after first trying with another -identical 180 GB disks they decided to send me a 256 GB Samsung SSD -disk instead to fix it once and for all. The Samsung disk survived -the installation of Debian with encrypted disks (filling the disk with -random data during installation killed the first two), and I thus -decided to trust it with my data. I have installed it as a Debian Edu -Wheezy roaming workstation hooked up with my Debian Edu Squeeze main -server at home using Kerberos and LDAP, and will use it as my work -station from now on.</p> - -<p>As this is a solid state disk with no moving parts, I believe the -Debian Wheezy default installation need to be tuned a bit to increase -performance and increase life time of the disk. The Linux kernel and -user space applications do not yet adjust automatically to such -environment. To make it easier for my self, I created a draft Debian -package <tt>ssd-setup</tt> to handle this tuning. The -<a href="http://anonscm.debian.org/gitweb/?p=collab-maint/ssd-setup.git">source -for the ssd-setup package</a> is available from collab-maint, and it -is set up to adjust the setup of the machine by just installing the -package. If there is any non-SSD disk in the machine, the package -will refuse to install, as I did not try to write any logic to sort -file systems in SSD and non-SSD file systems.</p> - -<p>I consider the package a draft, as I am a bit unsure how to best -set up Debian Wheezy with an SSD. It is adjusted to my use case, -where I set up the machine with one large encrypted partition (in -addition to /boot), put LVM on top of this and set up partitions on -top of this again. See the README file in the package source for the -references I used to pick the settings. At the moment these -parameters are tuned:</p> + Debian Edu interview: Dominik George + http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Dominik_George.html + http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Dominik_George.html + Wed, 25 Dec 2013 13:40:00 +0100 + <p>The <a href="http://www.skolelinux.org/">Debian Edu / Skolelinux +project</a> consist of both newcomers and old timers, and this time I +was able to get an interview with a newcomer in the project who showed +up on the IRC channel a few weeks ago to let us know about his +successful installation of Debian Edu Wheezy in his School. Say hello +to <a href="https://www.ohloh.net/accounts/Natureshadow">Dominik +George</a>.</p> + +<!-- http://www.dominik-george.de/images/foto.jpg --> + +<p><strong>Who are you, and how do you spend your days?</strong></p> + +<p>I am a 23 year-old student from Germany who has spent half of his +life with open source. In "real life", I am, as already mentioned, a +student in the fields of Computer Science, Electrical Engineering, +Information Technologies and Anglistics. Due to my (only partially +voluntary) huge engagement in the open source world, these things are +a bit vacant right now however.</p> + +<p>I also have been working as a project teacher at a Gymasnium +(public school) for various years now. I took up that work some time +around 2005 when still attending that school myself and have continued +it until today. I also had been running the (kind of very advanced) +network of that school together with a team of very interested and +talented students in the age of 11 to 15 years, who took the chance to +learn a lot about open source and networking before I left the school +to help building another school's informational education concept from +scratch.</p> + +<p>That said, one might see me as a kind of "glue" between school kids +and the elderly of teachers as well as between the open source +ecosystem and the (even more complex) educational ecosystem.</p> + +<p>When I am not busy with open source or education, I like Geocaching +and cycling.</p> + +<p><strong>How did you get in contact with the Skolelinux / Debian Edu +project?</strong></p> + +<p>I think that happened some time around 2009 when I first attended +<a href="http://www.froscon.org">FrOSCon</a> and visited the project +booth. I think I wasn't too interested back then because I used to +have an attitude of disliking software that does too much stuff on its +own. Maybe I was too inexperienced to realise the upsides of an +"out-of-the-box" solution ;).</p> + +<p>The first time I actively talked to Skolelinux people was at +<a href="http://www.openrheinruhr.de">OpenRheinRuhr</a> 2011 when the +BiscuIT project, a home-grewn software used by my school for various +really cool things from timetables and class contact lists to lunch +ordering, student ID card printing and project elections first got to +a stage where it could have been published. I asked the Skolelinux +guys running the booth if the project were interested in it and gave a +small demonstration, but there wasn't any real feedback and the guys +seemed rather uninterested.</p> + +<p>After I left the school where I developed the software, it got +mostly lost, but I am now reimplementing it for my new school. I have +reusability and compatibility in mind, and I hop there will be a new +basis for contributing it to the Skolelinux project ;)!</p> + +<p><strong>What do you see as the advantages of Skolelinux / Debian +Edu?</strong></p> + +<p>The most important advantage seems to be that it "just +works". After overcoming some minor (but still very annoying) glitches +in the installer, I got a fully functional, working school network, +without the month-long hassle I experienced when setting all that up +from scratch in earlier years. And above that, it rocked - I didn't +have any real hardware at hand, because the school was just founded +and has no money whatsoever, so I installed a combined server (main +server, terminal services and workstation) in a VM on my personal +notebook, bridging the LTSP network interface to the ethernet port, +and then PXE-booted the Windows notebooks that were lying around from +it. I could use 8 clients without any performance issues, by using a +tiny little VM on a tiny little notebook. I think that's enough to say +that it rocks!</p> + +<p>Secondly, there are marketing reasons. Life's bad, and so no +politician will ever permit a setup described as "Debian, an universal +operating system, with some really cool educational tools" while they +will be jsut fine with "Skolelinux, a single-purpose solution for your +school network", even if both turn out to be the very same thing (yes, +this is unfair towards the Skolelinux project, and must not be taken +too seriously - you get the idea, anyway).</p> + +<p><strong>What do you see as the disadvantages of Skolelinux / Debian +Edu?</strong></p> + +<p>I have not been involved with Skolelinux long enough to really +answer this question in a fair way. Thus, please allow me to put it in +other words: "What do you expect from Skolelinux to keep liking it?" I +can list a few points about that:</p> <ul> -<li>Set up cryptsetup to pass TRIM commands to the physical disk - (adding discard to /etc/crypttab)</li> - -<li>Set up LVM to pass on TRIM commands to the underlying device (in - this case a cryptsetup partition) by changing issue_discards from - 0 to 1 in /etc/lvm/lvm.conf.</li> - -<li>Set relatime as a file system option for ext3 and ext4 file - systems.</li> - -<li>Tell swap to use TRIM commands by adding 'discard' to - /etc/fstab.</li> - -<li>Change I/O scheduler from cfq to deadline using a udev rule.</li> - -<li>Run fstrim on every ext3 and ext4 file system every night (from - cron.daily).</li> - -<li>Adjust sysctl values vm.swappiness to 1 and vm.vfs_cache_pressure - to 50 to reduce the kernel eagerness to swap out processes.</li> + <li>always strive to get all things integrated into Debian upstream + <li>be open to discussion about changes and the like, even with newcomers + <li>be helpful at being helpful ;) </ul> -<p>During installation, I cancelled the part where the installer fill -the disk with random data, as this would kill the SSD performance for -little gain. My goal with the encrypted file system is to ensure -those stealing my laptop end up with a brick and not a working -computer. I have no hope in keeping the really resourceful people -from getting the data on the disk (see -<a href="http://xkcd.com/538/">XKCD #538</a> for an explanation why). -Thus I concluded that adding the discard option to crypttab is the -right thing to do.</p> - -<p>I considered using the noop I/O scheduler, as several recommended -it for SSD, but others recommended deadline and a benchmark I found -indicated that deadline might be better for interactive use.</p> - -<p>I also considered using the 'discard' file system option for ext3 -and ext4, but read that it would give a performance hit ever time a -file is removed, and thought it best to that that slowdown once a day -instead of during my work.</p> - -<p>My package do not set up tmpfs on /var/run, /var/lock and /tmp, as -this is already done by Debian Edu.</p> - -<p>I have not yet started on the user space tuning. I expect -iceweasel need some tuning, and perhaps other applications too, but -have not yet had time to investigate those parts.</p> - -<p>The package should work on Ubuntu too, but I have not yet tested it -there.</p> - -<p>As for the answer to the question in the title of this blog post, -as far as I know, the only solution I know about is to replace the -disk. It might be possible to flash it with Intel firmware instead of -the Lenovo firmware. But I have not tried and did not want to do so -without approval from Lenovo as I wanted to keep the warranty on the -disk until a solution was found and they wanted the broken disks -back.</p> - - - - - Intel SSD 520 Series 180 GB with Lenovo firmware still lock up from sustained writes - http://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html - http://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html - Wed, 10 Jul 2013 13:30:00 +0200 - <p>A few days ago, I wrote about -<a href="http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html">the -problems I experienced with my new X230 and its SSD disk</a>, which -was dying during installation because it is unable to cope with -sustained write. My supplier is in contact with -<a href="http://www.lenovo.com/">Lenovo</a>, and they wanted to send a -replacement disk to try to fix the problem. They decided to send an -identical model, so my hopes for a permanent fix was slim.</p> - -<p>Anyway, today I got the replacement disk and tried to install -Debian Edu Wheezy with encrypted disk on it. The new disk have the -same firmware version as the original. This time my hope raised -slightly as the installation progressed, as the original disk used to -die after 4-7% of the disk was written to, while this time it kept -going past 10%, 20%, 40% and even past 50%. But around 60%, the disk -died again and I was back on square one. I still do not have a new -laptop with a disk I can trust. I can not live with a disk that might -lock up when I download a new -<a href="http://www.skolelinux.org/">Debian Edu / Skolelinux</a> ISO or -other large files. I look forward to hearing from my supplier with -the next proposal from Lenovo.</p> - -<p>The original disk is marked Intel SSD 520 Series 180 GB, -11S0C38722Z1ZNME35X1TR, ISN: CVCV321407HB180EGN, SA: G57560302, FW: -LF1i, 29MAY2013, PBA: G39779-300, LBA 351,651,888, LI P/N: 0C38722, -Pb-free 2LI, LC P/N: 16-200366, WWN: 55CD2E40002756C4, Model: -SSDSC2BW180A3L 2.5" 6Gb/s SATA SSD 180G 5V 1A, ASM P/N 0C38732, FRU -P/N 45N8295, P0C38732.</p> - -<p>The replacement disk is marked Intel SSD 520 Series 180 GB, -11S0C38722Z1ZNDE34N0L0, ISN: CVCV315306RK180EGN, SA: G57560-302, FW: -LF1i, 22APR2013, PBA: G39779-300, LBA 351,651,888, LI P/N: 0C38722, -Pb-free 2LI, LC P/N: 16-200366, WWN: 55CD2E40000AB69E, Model: -SSDSC2BW180A3L 2.5" 6Gb/s SATA SSD 180G 5V 1A, ASM P/N 0C38732, FRU -P/N 45N8295, P0C38732.</p> - -<p>The only difference is in the first number (serial number?), ISN, -SA, date and WNPP values. Mentioning all the details here in case -someone is able to use the information to find a way to identify the -failing disk among working ones (if any such working disk actually -exist).</p> - - - - - July 13th: Debian/Ubuntu BSP and Skolelinux/Debian Edu developer gathering in Oslo - http://people.skolelinux.org/pere/blog/July_13th__Debian_Ubuntu_BSP_and_Skolelinux_Debian_Edu_developer_gathering_in_Oslo.html - http://people.skolelinux.org/pere/blog/July_13th__Debian_Ubuntu_BSP_and_Skolelinux_Debian_Edu_developer_gathering_in_Oslo.html - Tue, 9 Jul 2013 10:40:00 +0200 - <p>The upcoming Saturday, 2013-07-13, we are organising a combined -Debian Edu developer gathering and Debian and Ubuntu bug squashing -party in Oslo. It is organised by <a href="http://www.nuug.no/">the -member assosiation NUUG</a> and -<a href="http://www.skolelinux.org/">the Debian Edu / Skolelinux -project</a> together with <a href="http://bitraf.no/">the hack space -Bitraf</a>.</p> - -<p>It starts 10:00 and continue until late evening. Everyone is -welcome, and there is no fee to participate. There is on the other -hand limited space, and only room for 30 people. Please put your name -on <a href="http://wiki.debian.org/BSP/2013/07/13/no/Oslo">the event -wiki page</a> if you plan to join us.</p> +<p>I'm really sorry I cannot say much more about that :(!</p> + +<p><strong>Which free software do you use daily?</strong></p> + +<p>First of all, all software I use is free and open. I have abandoned +all non-free software (except for firmware on my darned phone) this +year.</p> + +<p>I run Debian GNU/Linux on all PC systems I use. On that, I mostly +run text tools. I use +<a href="https://www.mirbsd.org/mksh.htm">mksh</a> as shell, +<a href="https://www.mirbsd.org/jupp.htm">jupp</a> as very advanced +text editor (I even got the developer to help me write a script/macro +based full-featured student management software with the two), +<a href="http://mcabber.com/">mcabber</a> for XMPP and +<a href="http://www.irssi.org/">irssi</a> for IRC. For that overly +coloured world called the WWW, I use +<a href="https://www.mozilla.org/en-US/firefox/new/">Iceweasel +(Firefox)</a>. Oh, and <a href="http://www.mutt.org/">mutt</a> for +e-mail.</p> + +<p>However, while I am personally aware of the fact that text tools +are more efficient and powerful than anything else, I also use (or at +least operate) some tools that are suitable to bring open source to +kids. One of these things is <a href="http://jappix.org/">Jappix</a>, +which I already introduced to some kids even before they got aware of +Facebook, making them see for themselves that they do not need +Facebook now ;).</p> + +<p><strong>Which strategy do you believe is the right one to use to +get schools to use free software?</strong></p> + +<p>Well, that's a two-sided thing. One side is what I believe, and one +side is what I have experienced.</p> + +<p>I believe that the right strategy is showing them the benefits. But +that won't work out as long as the acceptance of free alternatives +grows globally. What I mean is that if all the kids are almost forced +to use Windows, Facebook, Skype, you name it at home, they will not +see why they would want to use alternatives at school. I have seen +students take seat in front of a fully-functional, modern Debian +desktop that could do anything their Windows at home could do, and +they jsut refused to use it because "Linux sucks". It is something +that makes the council of our city spend around 600000 € to buy +software - not including hardware, mind you - for operating school +networks, and for installing a system that, as has been proved, does +not work. For those of you readers who are good at maths, have you +already found out how many lives could have been saved with that money +if we had instead used it to bring education to parts of the world +that need it? I have, and found it to be nothing less dramatic than +plain criminal.</p> + +<p>That said, the only feasible way appears to be the bottom up +method. We have to bring free software to kids and parents. I have +founded an association named +<a href="https://www.teckids.org">Teckids</a> here in Germany that does +just that. We organise several events for kids and adolescents in the +area of free and open source software, for example the +<a href="http://kids.froscon.org">FrogLabs</a>, which share staff with +Teckids and are the youth programme of +<a href="http://www.froscon.org">the Free and Open Source Software +Conference (FrOSCon)</a>. We do a lot more than most other conferences +- this year, we first offered the FrogLabs as a holiday camp for kids +aged 10 to 16. It was a huge success, with approx. 30 kids taking part +and learning with and about free software through a whole weekend. All +of us had a lot of fun, and the results were really exciting.</p> + +<p>Apart from that, we are preparing a campaign that is supposed to bring +the message of free alternatives to stuff kids use every day to them and +their parents, e.g. the use of Jabber / Jappix instead of Facebook and +Skype. To make that possible, we are planning to get together a team of +clever kids who understand very well what their peers need and can bring +it across to them. So we will have a peer-driven network of adolescents +who teach each other and collect feedback from the community of minors. +We then take that feedback and our own experience to work closely with +open source projects, such as Skolelinux or Jappix, at improving their +software in a way that makes it more and more attractive for the target +group. At least I hope that we will have good cooperation with +Skolelinux in the future ;)!</p> + +<p>So in conclusion, what I believe is that, if it weren't for the world +being so bad, it should be very clear to the political decision makers +that the only way to go nowadays is free software for various reasons, +but I have learnt that the only way that seems to work is bottom up.</p> + +<!-- + +> * Who should be interviewed with this questions in the future? + +That's probably the hardest question of them all, as I do not know the +community. However, I would be willing to do the following: + + <li>Run an interview with a German headteacher who is very open to + free software, and also prefers it, but cannot really use it because + of the decision makers above; + <li>Run interviews with some kids, both with and without previous + knowledge about free software + +If that is wanted, just let me know ;). + +--> - The Thinkpad is dead, long live the Thinkpad X230? - http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html - http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html - Fri, 5 Jul 2013 08:30:00 +0200 - <p>Half a year ago, I reported that I had to find a -<a href="http://people.skolelinux.org/pere/blog/Thank_you_Thinkpad_X41__for_your_long_and_trustworthy_service.html">replacement -for my trusty old Thinkpad X41</a>. Unfortunately I did not have much -time to spend on it, and it took a while to find a model I believe -will do the job, but two days ago the replacement finally arrived. I -ended up picking a -<a href="http://www.linlap.com/lenovo_thinkpad_x230">Thinkpad X230</a> -with SSD disk (NZDAJMN). I first test installed Debian Edu Wheezy as -a roaming workstation, and it seemed to work flawlessly. But my -second installation with encrypted disk was not as successful. More -on that below.</p> - -<p>I had a hard time trying to track down a good laptop, as my most -important requirements (robust and with a good keyboard) are never -listed in the feature list. But I did get good help from the search -feature at <a href="http://www.prisjakt.no/">Prisjakt</a>, which -allowed me to limit the list of interesting laptops based on my other -requirements. A bit surprising that SSD disk are not disks according -to that search interface, so I had to drop specifying the number of -disks from my search parameters. I also asked around among friends to -get their impression on keyboards and robustness.</p> - -<p>So the new laptop arrived, and it is quite a lot wider than the -X41. I am not quite convinced about the keyboard, as it is -significantly wider than my old keyboard, and I have to stretch my -hand a lot more to reach the edges. But the key response is fairly -good and the individual key shape is fairly easy to handle, so I hope -I will get used to it. My old X40 was starting to fail, and I really -needed a new laptop now. :)</p> - -<p>Turning off the touch pad was simple. All it took was a quick -visit to the BIOS during boot it disable it.</p> - -<p>But there is a fatal problem with the laptop. The 180 GB SSD disk -lock up during load. And this happen when installing Debian Wheezy -with encrypted disk, while the disk is being filled with random data. -I also tested to install Ubuntu Raring, and it happen there too if I -reenable the code to fill the disk with random data (it is disabled by -default in Ubuntu). And the bug with is already known. It was -reported to Debian as <a href="http://bugs.debian.org/691427">BTS -report #691427 2012-10-25</a> (journal commit I/O error on brand-new -Thinkpad T430s ext4 on lvm on SSD). It is also reported to the Linux -kernel developers as -<a href="https://bugzilla.kernel.org/show_bug.cgi?id=51861">Kernel bugzilla -report #51861 2012-12-20</a> (Intel SSD 520 stops working under load -(SSDSC2BW180A3L in Lenovo ThinkPad T430s)). It is also reported on the -Lenovo forums, both for -<a href="http://forums.lenovo.com/t5/T400-T500-and-newer-T-series/T430s-Intel-SSD-520-180GB-issue/m-p/1070549">T430 -2012-11-10</a> and for -<a href="http://forums.lenovo.com/t5/X-Series-ThinkPad-Laptops/x230-SATA-errors-with-180GB-Intel-520-SSD-under-heavy-write-load/m-p/1068147">X230 -03-20-2013</a>. The problem do not only affect installation. The -reports state that the disk lock up during use if many writes are done -on the disk, so it is much no use to work around the installation -problem and end up with a computer that can lock up at any moment. -There is even a -<a href="https://git.efficios.com/?p=test-ssd.git">small C program -available</a> that will lock up the hard drive after running a few -minutes by writing to a file.</p> - -<p>I've contacted my supplier and asked how to handle this, and after -contacting PCHELP Norway (request 01D1FDP) which handle support -requests for Lenovo, his first suggestion was to upgrade the disk -firmware. Unfortunately there is no newer firmware available from -Lenovo, as my disk already have the most recent one (version LF1i). I -hope to hear more from him today and hope the problem can be -fixed. :)</p> + Dugnadsnett for alle stiller på Oslo Maker Faire i januar 2014 + http://people.skolelinux.org/pere/blog/Dugnadsnett_for_alle_stiller_p__Oslo_Maker_Faire_i_januar_2014.html + http://people.skolelinux.org/pere/blog/Dugnadsnett_for_alle_stiller_p__Oslo_Maker_Faire_i_januar_2014.html + Tue, 10 Dec 2013 19:20:00 +0100 + <p>Helga 18. og 19. januar 2014 arrangeres +<a href="http://makerfaireoslo.no/no/program/dugnadsnett">Oslo Maker +Faire</a>, og <a href="http://www.dugnadsnett.no/">Dugnadsnett for +alle</a> har fått plass! Planen er å ha et bord med en plakat der vi +forteller om hva Dugnadsnett for alle er for noe, og et lite verksted +der vi hjelper folk som er interessert i å få opp sin egen mesh-node. +Jeg gleder meg til å se hvordan prosjektet blir mottatt der.</p> + +<p>Målet med dugnadsnett for alle i Oslo er å få på plass et datanett +for kommunikasjon ved hjelp av radio-repeaterstasjoner (kalt +mesh-noder) som gjør at en kan direkte kommunisere med slekt, venner +og bekjente i Oslo via andre som deltar i dugnadsnettet, samt gjøre +det mulig komme ut på internett via dugnadsnettet. Første delmål er å +kunne sende SMS-meldinger vha. IP-telefoni løsningen +<a href="http://www.servalproject.org/">Serval project</a> mellom +deltagerne i Dugnadsnett for alle i Oslo. Formålet er å ta tilbake +kontrollen over egen nett-infrastruktur og gjøre det dyrere å bedrive +massiv innsamling av informasjon om borgernes bruk av datanett.</p> + +<p>Høres dette interessant ut? Bli med på prosjektet, fortell oss +hvor du kunne tenke deg å sette opp en radio-repeater (slik at folk i +nærheten kan finne hverandre ved hjelp av +<a href="http://flynor.net/mesh/mesh.php">kartet over planlagte og +eksisterende radio-repeatere</A>), bli med på epostlisten +<a href="http://lists.nuug.no/mailman/listinfo/dugnadsnett">dugnadsnett +(at) nuug.no</a> og stikk innom +<a href="irc://irc.freenode.net/#dugnadsnett.no">IRC-kanalen +#dugnadsnett.no</a>. Så langt er det planlagt over 40 +radio-repeatere, med VPN-forbindelser via Internet for å la de delene +av nettet som ikke når hverandre via radio kunne snakke med hverandre +likevel.</p>