New home and release 1.0 for netgroup and innetgr (aka ng-utils)

22nd February 2014

Many years ago, I wrote a GPL licensed version of the netgroup and -innetgr tools, because I needed them in -Skolelinux. I called the project -ng-utils, and it has served me well. I placed the project under the -Hungry Programmer umbrella, and it was maintained in our CVS -repository. But many years ago, the CVS repository was dropped (lost, -not migrated to new hardware, not sure), and the project have lacked a -proper home since then.

- -

Last summer, I had a look at the package and made a new release -fixing a irritating crash bug, but was unable to store the changes in -a proper source control system. I applied for a project on -Alioth, but did not have time -to follow up on it. Until today. :)

- -

After many hours of cleaning and migration, the ng-utils project -now have a new home, and a git repository with the highlight of the -history of the project. I published all release tarballs and imported -them into the git repository. As the project is really stable and not -expected to gain new features any time soon, I decided to make a new -release and call it 1.0. Visit the new project home on -https://alioth.debian.org/projects/ng-utils/ -if you want to check it out. The new version is also uploaded into -Debian Unstable.

Simpler recipe on how to make a simple $7 IMSI Catcher using Debian

9th August 2017

On friday, I came across an interesting article in the Norwegian +web based ICT news magazine digi.no on +how +to collect the IMSI numbers of nearby cell phones using the cheap +DVB-T software defined radios. The article refered to instructions +and a recipe by +Keld Norman on Youtube on how to make a simple $7 IMSI Catcher, and I decided to test them out.

+ +

The instructions said to use Ubuntu, install pip using apt (to +bypass apt), use pip to install pybombs (to bypass both apt and pip), +and the ask pybombs to fetch and build everything you need from +scratch. I wanted to see if I could do the same on the most recent +Debian packages, but this did not work because pybombs tried to build +stuff that no longer build with the most recent openssl library or +some other version skew problem. While trying to get this recipe +working, I learned that the apt->pip->pybombs route was a long detour, +and the only piece of software dependency missing in Debian was the +gr-gsm package. I also found out that the lead upstream developer of +gr-gsm (the name stand for GNU Radio GSM) project already had a set of +Debian packages provided in an Ubuntu PPA repository. All I needed to +do was to dget the Debian source package and built it.

+ +

The IMSI collector is a python script listening for packages on the +loopback network device and printing to the terminal some specific GSM +packages with IMSI numbers in them. The code is fairly short and easy +to understand. The reason this work is because gr-gsm include a tool +to read GSM data from a software defined radio like a DVB-T USB stick +and other software defined radios, decode them and inject them into a +network device on your Linux machine (using the loopback device by +default). This proved to work just fine, and I've been testing the +collector for a few days now.

+ +

The updated and simpler recipe is thus to

+ +

start with a Debian machine running Stretch or newer,
build and install the gr-gsm package available from +http://ppa.launchpad.net/ptrkrysik/gr-gsm/ubuntu/pool/main/g/gr-gsm/,
clone the git repostory from https://github.com/Oros42/IMSI-catcher,
run grgsm_livemon and adjust the frequency until the terminal +where it was started is filled with a stream of text (meaning you +found a GSM station).
go into the IMSI-catcher directory and run 'sudo python simple_IMSI-catcher.py' to extract the IMSI numbers.

+ +

To make it even easier in the future to get this sniffer up and +running, I decided to package +the gr-gsm project +for Debian (WNPP +#871055), and the package was uploaded into the NEW queue today. +Luckily the gnuradio maintainer has promised to help me, as I do not +know much about gnuradio stuff yet.

+ +

I doubt this "IMSI cacher" is anywhere near as powerfull as +commercial tools like +The +Spy Phone Portable IMSI / IMEI Catcher or the +Harris +Stingray, but I hope the existance of cheap alternatives can make +more people realise how their whereabouts when carrying a cell phone +is easily tracked. Seeing the data flow on the screen, realizing that +I live close to a police station and knowing that the police is also +wearing cell phones, I wonder how hard it would be for criminals to +track the position of the police officers to discover when there are +police near by, or for foreign military forces to track the location +of the Norwegian military forces, or for anyone to track the location +of government officials...

+ +

It is worth noting that the data reported by the IMSI-catcher +script mentioned above is only a fraction of the data broadcasted on +the GSM network. It will only collect one frequency at the time, +while a typical phone will be using several frequencies, and not all +phones will be using the frequencies tracked by the grgsm_livemod +program. Also, there is a lot of radio chatter being ignored by the +simple_IMSI-catcher script, which would be collected by extending the +parser code. I wonder if gr-gsm can be set up to listen to more than +one frequency?

- Tags: debian, english. + Tags: debian, english, personvern, surveillance.

@@ -58,113 +117,37 @@ Debian Unstable.

Testing sysvinit from experimental in Debian Hurd

3rd February 2014

A few days ago I decided to try to help the Hurd people to get -their changes into sysvinit, to allow them to use the normal sysvinit -boot system instead of their old one. This follow up on the -great -Google Summer of Code work done last summer by Justus Winter to -get Debian on Hurd working more like Debian on Linux. To get started, -I downloaded a prebuilt hard disk image from -http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz, -and started it using virt-manager.

- -

The first think I had to do after logging in (root without any -password) was to get the network operational. I followed -the -instructions on the Debian GNU/Hurd ports page and ran these -commands as root to get the machine to accept a IP address from the -kvm internal DHCP server:

- -

-settrans -fgap /dev/netdde /hurd/netdde
-kill $(ps -ef|awk '/[p]finet/ { print $2}')
-kill $(ps -ef|awk '/[d]evnode/ { print $2}')
-dhclient /dev/eth0
-

- -

After this, the machine had internet connectivity, and I could -upgrade it and install the sysvinit packages from experimental and -enable it as the default boot system in Hurd.

- -

But before I did that, I set a password on the root user, as ssh is -running on the machine it for ssh login to work a password need to be -set. Also, note that a bug somewhere in openssh on Hurd block -compression from working. Remember to turn that off on the client -side.

- -

Run these commands as root to upgrade and test the new sysvinit -stuff:

- -

-cat > /etc/apt/sources.list.d/experimental.list <<EOF
-deb http://http.debian.net/debian/ experimental main
-EOF
-apt-get update
-apt-get dist-upgrade
-apt-get install -t experimental initscripts sysv-rc sysvinit \
-    sysvinit-core sysvinit-utils
-update-alternatives --config runsystem
-

- -

To reboot after switching boot system, you have to use -reboot-hurd instead of just reboot, as there is not -yet a sysvinit process able to receive the signals from the normal -'reboot' command. After switching to sysvinit as the boot system, -upgrading every package and rebooting, the network come up with DHCP -after boot as it should, and the settrans/pkill hack mentioned at the -start is no longer needed. But for some strange reason, there are no -longer any login prompt in the virtual console, so I logged in using -ssh instead. - -

Note that there are some race conditions in Hurd making the boot -fail some times. No idea what the cause is, but hope the Hurd porters -figure it out. At least Justus said on IRC (#debian-hurd on -irc.debian.org) that they are aware of the problem. A way to reduce -the impact is to upgrade to the Hurd packages built by Justus by -adding this repository to the machine:

- -

-cat > /etc/apt/sources.list.d/hurd-ci.list <<EOF
-deb http://darnassus.sceen.net/~teythoon/hurd-ci/ sid main
-EOF
-

- -

At the moment the prebuilt virtual machine get some packages from -http://ftp.debian-ports.org/debian, because some of the packages in -unstable do not yet include the required patches that are lingering in -BTS. This is the completely list of "unofficial" packages installed:

- -

-# aptitude search '?narrow(?version(CURRENT),?origin(Debian Ports))'
-i   emacs                   - GNU Emacs editor (metapackage)
-i   gdb                     - GNU Debugger
-i   hurd-recommended        - Miscellaneous translators
-i   isc-dhcp-client         - ISC DHCP client
-i   isc-dhcp-common         - common files used by all the isc-dhcp* packages
-i   libc-bin                - Embedded GNU C Library: Binaries
-i   libc-dev-bin            - Embedded GNU C Library: Development binaries
-i   libc0.3                 - Embedded GNU C Library: Shared libraries
-i A libc0.3-dbg             - Embedded GNU C Library: detached debugging symbols
-i   libc0.3-dev             - Embedded GNU C Library: Development Libraries and Hea
-i   multiarch-support       - Transitional package to ensure multiarch compatibilit
-i A x11-common              - X Window System (X.Org) infrastructure
-i   xorg                    - X.Org X Window System
-i A xserver-xorg            - X.Org X server
-i A xserver-xorg-input-all  - X.Org X server -- input driver metapackage
-#
-

- -

All in all, testing hurd has been an interesting experience. :) -X.org did not work out of the box and I never took the time to follow -the porters instructions to fix it. This time I was interested in the -command line stuff.

Norwegian BokmÃ¥l edition of Debian Administrator's Handbook is now available

25th July 2017

+ +

I finally received a copy of the Norwegian BokmÃ¥l edition of +"The Debian Administrator's +Handbook". This test copy arrived in the mail a few days ago, and +I am very happy to hold the result in my hand. We spent around one and a half year translating it. This paperbook edition +is available +from lulu.com. If you buy it quickly, you save 25% on the list +price. The book is also available for download in electronic form as +PDF, EPUB and Mobipocket, as can be +read online +as a web page.

+ +

This is the second book I publish (the first was the book +"Free Culture" by Lawrence Lessig +in +English, +French +and +Norwegian +BokmÃ¥l), and I am very excited to finally wrap up this +project. I hope +"HÃ¥ndbok +for Debian-administratoren" will be well received.

- Tags: bootsystem, debian, english. + Tags: debian, debian-handbook, english.

@@ -172,90 +155,50 @@ command line stuff.

A fist full of non-anonymous Bitcoins

29th January 2014

Bitcoin is a incredible use of peer to peer communication and -encryption, allowing direct and immediate money transfer without any -central control. It is sometimes claimed to be ideal for illegal -activity, which I believe is quite a long way from the truth. At least -I would not conduct illegal money transfers using a system where the -details of every transaction are kept forever. This point is -investigated in -USENIX ;login: -from December 2013, in the article -"A -Fistful of Bitcoins - Characterizing Payments Among Men with No -Names" by Sarah Meiklejohn, Marjori Pomarole,Grant Jordan, Kirill -Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. They -analyse the transaction log in the Bitcoin system, using it to find -addresses belong to individuals and organisations and follow the flow -of money from both Bitcoin theft and trades on Silk Road to where the -money end up. This is how they wrap up their article:

Â«Rapporten ser ikke pÃ¥ informasjonssikkerhet knyttet til personlig integritetÂ»

27th June 2017

Jeg kom over teksten +Â«Killing +car privacy by federal mandateÂ» av Leonid Reyzin pÃ¥ Freedom to +Tinker i dag, og det gleder meg Ã¥ se en god gjennomgang om hvorfor det +er et urimelig inngrep i privatsfÃ¦ren Ã¥ la alle biler kringkaste sin +posisjon og bevegelse via radio. Det omtalte forslaget basert pÃ¥ +Dedicated Short Range Communication (DSRC) kalles Basic Safety Message +(BSM) i USA og Cooperative Awareness Message (CAM) i Europa, og det +norske Vegvesenet er en av de som ser ut til Ã¥ kunne tenke seg Ã¥ +pÃ¥legge alle biler Ã¥ fjerne nok en bit av innbyggernes privatsfÃ¦re. +Anbefaler alle Ã¥ lese det som stÃ¥r der. + +

Mens jeg tittet litt pÃ¥ DSRC pÃ¥ biler i Norge kom jeg over et sitat +jeg synes er illustrativt for hvordan det offentlige Norge hÃ¥ndterer +problemstillinger rundt innbyggernes privatsfÃ¦re i SINTEF-rapporten +Â«Informasjonssikkerhet +i AutoPASS-brikkerÂ» av Trond Foss:

-
"To demonstrate the usefulness of this type of analysis, we turned -our attention to criminal activity. In the Bitcoin economy, criminal -activity can appear in a number of forms, such as dealing drugs on -Silk Road or simply stealing someone elseâs bitcoins. We followed the -flow of bitcoins out of Silk Road (in particular, from one notorious -address) and from a number of highly publicized thefts to see whether -we could track the bitcoins to known services. Although some of the -thieves attempted to use sophisticated mixing techniques (or possibly -mix services) to obscure the flow of bitcoins, for the most part -tracking the bitcoins was quite straightforward, and we ultimately saw -large quantities of bitcoins flow to a variety of exchanges directly -from the point of theft (or the withdrawal from Silk Road).
- -
As acknowledged above, following stolen bitcoins to the point at -which they are deposited into an exchange does not in itself identify -the thief; however, it does enable further de-anonymization in the -case in which certain agencies can determine (through, for example, -subpoena power) the real-world owner of the account into which the -stolen bitcoins were deposited. Because such exchanges seem to serve -as chokepoints into and out of the Bitcoin economy (i.e., there are -few alternative ways to cash out), we conclude that using Bitcoin for -money laundering or other illicit purposes does not (at least at -present) seem to be particularly attractive."
-

- -

These researches are not the first to analyse the Bitcoin -transaction log. The 2011 paper -"An Analysis of Anonymity in -the Bitcoin System" by Fergal Reid and Martin Harrigan is -summarized like this:

- -

-"Anonymity in Bitcoin, a peer-to-peer electronic currency system, is a -complicated issue. Within the system, users are identified by -public-keys only. An attacker wishing to de-anonymize its users will -attempt to construct the one-to-many mapping between users and -public-keys and associate information external to the system with the -users. Bitcoin tries to prevent this attack by storing the mapping of -a user to his or her public-keys on that user's node only and by -allowing each user to generate as many public-keys as required. In -this chapter we consider the topological structure of two networks -derived from Bitcoin's public transaction history. We show that the -two networks have a non-trivial topological structure, provide -complementary views of the Bitcoin system and have implications for -anonymity. We combine these structures with external information and -techniques such as context discovery and flow analysis to investigate -an alleged theft of Bitcoins, which, at the time of the theft, had a -market value of approximately half a million U.S. dollars." +Â«Rapporten ser ikke pÃ¥ informasjonssikkerhet knyttet til personlig + integritet.Â»

I hope these references can help kill the urban myth that Bitcoin -is anonymous. It isn't really a good fit for illegal activites. Use -cash if you need to stay anonymous, at least until regular DNA -sampling of notes and coins become the norm. :)

- -

As usual, if you use Bitcoin and want to show your support of my -activities, please send Bitcoin donations to my address -15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

SÃ¥ enkelt kan det tydeligvis gjÃ¸res nÃ¥r en vurderer +informasjonssikkerheten. Det holder vel at folkene pÃ¥ toppen kan si +at Â«Personvernet er ivaretattÂ», som jo er den populÃ¦re intetsigende +frasen som gjÃ¸r at mange tror enkeltindividers integritet tas vare pÃ¥. +Sitatet fikk meg til Ã¥ undres pÃ¥ hvor ofte samme tilnÃ¦rming, Ã¥ bare se +bort fra behovet for personlig itegritet, blir valgt nÃ¥r en velger Ã¥ +legge til rette for nok et inngrep i privatsfÃ¦ren til personer i +Norge. Det er jo sjelden det fÃ¥r reaksjoner. Historien om +reaksjonene pÃ¥ Helse SÃ¸r-Ãsts tjenesteutsetting er jo sÃ¸rgelig nok et +unntak og toppen av isfjellet, desverre. Tror jeg fortsatt takker nei +til bÃ¥de AutoPASS og holder meg sÃ¥ langt unna det norske helsevesenet +som jeg kan, inntil de har demonstrert og dokumentert at de verdsetter +individets privatsfÃ¦re og personlige integritet hÃ¸yere enn kortsiktig +gevist og samfunnsnytte.

- Tags: bitcoin, english, personvern, sikkerhet. + Tags: norsk, personvern, sikkerhet.

@@ -263,54 +206,66 @@ activities, please send Bitcoin donations to my address

New chrpath release 0.16

14th January 2014

Coverity is a nice tool to -find problems in C, C++ and Java code using static source code -analysis. It can detect a lot of different problems, and is very -useful to find memory and locking bugs in the error handling part of -the source. The company behind it provide -check of free software projects as -a community service, and many hundred free software projects are -already checked. A few days ago I decided to have a closer look at -the Coverity system, and discovered that the -gnash and -ipmitool -projects I am involved with was already registered. But these are -fairly big, and I would also like to have a small and easy project to -check, and decided to request -checking of the chrpath project. It was -added to the checker and discovered seven potential defects. Six of -these were real, mostly resource "leak" when the program detected an -error. Nothing serious, as the resources would be released a fraction -of a second later when the program exited because of the error, but it -is nice to do it right in case the source of the program some time in -the future end up in a library. Having fixed all defects and added -a -mailing list for the chrpath developers, I decided it was time to -publish a new release. These are the release notes:

- -

New in 0.16 released 2014-01-14:

- -

Fixed all minor bugs discovered by Coverity.
Updated config.sub and config.guess from the GNU project.
Mention new project mailing list in the documentation.

- -

You can -download the -new version 0.16 from alioth. Please let us know via the Alioth -project if something is wrong with the new release. The test suite -did not discover any old errors, so if you find a new one, please also -include a test suite check.

Updated sales number for my Free Culture paper editions

12th June 2017

It is pleasing to see that the work we put down in publishing new +editions of the classic Free +Culture book by the founder of the Creative Commons movement, +Lawrence Lessig, is still being appreciated. I had a look at the +latest sales numbers for the paper edition today. Not too impressive, +but happy to see some buyers still exist. All the revenue from the +books is sent to the Creative +Commons Corporation, and they receive the largest cut if you buy +directly from Lulu. Most books are sold via Amazon, with Ingram +second and only a small fraction directly from Lulu. The ebook +edition is available for free from +Github.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Title / language	Quantity
Title / language	2016 jan-jun	2016 jul-dec	2017 jan-may
Culture Libre / French	3	6	15
Fri kultur / Norwegian	7	1	0
Free Culture / English	14	27	16
Total	24	34	31

+ +

A bit sad to see the low sales number on the Norwegian edition, and +a bit surprising the English edition still selling so well.

+ +

If you would like to translate and publish the book in your native +language, I would be happy to help make it happen. Please get in +touch.

- Tags: chrpath, debian, english. + Tags: docbook, english, freeculture.

@@ -318,261 +273,59 @@ include a test suite check.

Debian Edu interview: Dominik George

25th December 2013

The Debian Edu / Skolelinux -project consist of both newcomers and old timers, and this time I -was able to get an interview with a newcomer in the project who showed -up on the IRC channel a few weeks ago to let us know about his -successful installation of Debian Edu Wheezy in his School. Say hello -to Dominik -George.

- - - -

Who are you, and how do you spend your days?

- -

I am a 23 year-old student from Germany who has spent half of his -life with open source. In "real life", I am, as already mentioned, a -student in the fields of Computer Science, Electrical Engineering, -Information Technologies and Anglistics. Due to my (only partially -voluntary) huge engagement in the open source world, these things are -a bit vacant right now however.

- -

I also have been working as a project teacher at a Gymasnium -(public school) for various years now. I took up that work some time -around 2005 when still attending that school myself and have continued -it until today. I also had been running the (kind of very advanced) -network of that school together with a team of very interested and -talented students in the age of 11 to 15 years, who took the chance to -learn a lot about open source and networking before I left the school -to help building another school's informational education concept from -scratch.

- -

That said, one might see me as a kind of "glue" between school kids -and the elderly of teachers as well as between the open source -ecosystem and the (even more complex) educational ecosystem.

- -

When I am not busy with open source or education, I like Geocaching -and cycling.

- -

How did you get in contact with the Skolelinux / Debian Edu -project?

- -

I think that happened some time around 2009 when I first attended -FrOSCon and visited the project -booth. I think I wasn't too interested back then because I used to -have an attitude of disliking software that does too much stuff on its -own. Maybe I was too inexperienced to realise the upsides of an -"out-of-the-box" solution ;).

- -

The first time I actively talked to Skolelinux people was at -OpenRheinRuhr 2011 when the -BiscuIT project, a home-grewn software used by my school for various -really cool things from timetables and class contact lists to lunch -ordering, student ID card printing and project elections first got to -a stage where it could have been published. I asked the Skolelinux -guys running the booth if the project were interested in it and gave a -small demonstration, but there wasn't any real feedback and the guys -seemed rather uninterested.

- -

After I left the school where I developed the software, it got -mostly lost, but I am now reimplementing it for my new school. I have -reusability and compatibility in mind, and I hop there will be a new -basis for contributing it to the Skolelinux project ;)!

- -

What do you see as the advantages of Skolelinux / Debian -Edu?

- -

The most important advantage seems to be that it "just -works". After overcoming some minor (but still very annoying) glitches -in the installer, I got a fully functional, working school network, -without the month-long hassle I experienced when setting all that up -from scratch in earlier years. And above that, it rocked - I didn't -have any real hardware at hand, because the school was just founded -and has no money whatsoever, so I installed a combined server (main -server, terminal services and workstation) in a VM on my personal -notebook, bridging the LTSP network interface to the ethernet port, -and then PXE-booted the Windows notebooks that were lying around from -it. I could use 8 clients without any performance issues, by using a -tiny little VM on a tiny little notebook. I think that's enough to say -that it rocks!

- -

Secondly, there are marketing reasons. Life's bad, and so no -politician will ever permit a setup described as "Debian, an universal -operating system, with some really cool educational tools" while they -will be jsut fine with "Skolelinux, a single-purpose solution for your -school network", even if both turn out to be the very same thing (yes, -this is unfair towards the Skolelinux project, and must not be taken -too seriously - you get the idea, anyway).

- -

What do you see as the disadvantages of Skolelinux / Debian -Edu?

- -

I have not been involved with Skolelinux long enough to really -answer this question in a fair way. Thus, please allow me to put it in -other words: "What do you expect from Skolelinux to keep liking it?" I -can list a few points about that:

Release 0.1.1 of free software archive system Nikita announced

10th June 2017

I am very happy to report that the +Nikita Noark 5 +core project tagged its second release today. The free software +solution is an implementation of the Norwegian archive standard Noark +5 used by government offices in Norway. These were the changes in +version 0.1.1 since version 0.1.0 (from NEWS.md):

always strive to get all things integrated into Debian upstream -
be open to discussion about changes and the like, even with newcomers -
be helpful at being helpful ;) - +
Continued work on the angularjs GUI, including document upload.
Implemented correspondencepartPerson, correspondencepartUnit and + correspondencepartInternal
Applied for coverity coverage and started submitting code on + regualr basis.
Started fixing bugs reported by coverity
Corrected and completed HATEOAS links to make sure entire API is + available via URLs in _links.
Corrected all relation URLs to use trailing slash.
Add initial support for storing data in ElasticSearch.
Now able to receive and store uploaded files in the archive.
Changed JSON output for object lists to have relations in _links.
Improve JSON output for empty object lists.
Now uses correct MIME type application/vnd.noark5-v4+json.
Added support for docker container images.
Added simple API browser implemented in JavaScript/Angular.
Started on archive client implemented in JavaScript/Angular.
Started on prototype to show the public mail journal.
Improved performance by disabling Sprint FileWatcher.
Added support for 'arkivskaper', 'saksmappe' and 'journalpost'.
Added support for some metadata codelists.
Added support for Cross-origin resource sharing (CORS).
Changed login method from Basic Auth to JSON Web Token (RFC 7519) + style.
Added support for GET-ing ny-* URLs.
Added support for modifying entities using PUT and eTag.
Added support for returning XML output on request.
Removed support for English field and class names, limiting ourself + to the official names.
...

I'm really sorry I cannot say much more about that :(!

- -

Which free software do you use daily?

- -

First of all, all software I use is free and open. I have abandoned -all non-free software (except for firmware on my darned phone) this -year.

- -

I run Debian GNU/Linux on all PC systems I use. On that, I mostly -run text tools. I use -mksh as shell, -jupp as very advanced -text editor (I even got the developer to help me write a script/macro -based full-featured student management software with the two), -mcabber for XMPP and -irssi for IRC. For that overly -coloured world called the WWW, I use -Iceweasel -(Firefox). Oh, and mutt for -e-mail.

- -

However, while I am personally aware of the fact that text tools -are more efficient and powerful than anything else, I also use (or at -least operate) some tools that are suitable to bring open source to -kids. One of these things is Jappix, -which I already introduced to some kids even before they got aware of -Facebook, making them see for themselves that they do not need -Facebook now ;).

- -

Which strategy do you believe is the right one to use to -get schools to use free software?

- -

Well, that's a two-sided thing. One side is what I believe, and one -side is what I have experienced.

- -

I believe that the right strategy is showing them the benefits. But -that won't work out as long as the acceptance of free alternatives -grows globally. What I mean is that if all the kids are almost forced -to use Windows, Facebook, Skype, you name it at home, they will not -see why they would want to use alternatives at school. I have seen -students take seat in front of a fully-functional, modern Debian -desktop that could do anything their Windows at home could do, and -they jsut refused to use it because "Linux sucks". It is something -that makes the council of our city spend around 600000 â¬ to buy -software - not including hardware, mind you - for operating school -networks, and for installing a system that, as has been proved, does -not work. For those of you readers who are good at maths, have you -already found out how many lives could have been saved with that money -if we had instead used it to bring education to parts of the world -that need it? I have, and found it to be nothing less dramatic than -plain criminal.

- -

That said, the only feasible way appears to be the bottom up -method. We have to bring free software to kids and parents. I have -founded an association named -Teckids here in Germany that does -just that. We organise several events for kids and adolescents in the -area of free and open source software, for example the -FrogLabs, which share staff with -Teckids and are the youth programme of -the Free and Open Source Software -Conference (FrOSCon). We do a lot more than most other conferences -- this year, we first offered the FrogLabs as a holiday camp for kids -aged 10 to 16. It was a huge success, with approx. 30 kids taking part -and learning with and about free software through a whole weekend. All -of us had a lot of fun, and the results were really exciting.

- -

Apart from that, we are preparing a campaign that is supposed to bring -the message of free alternatives to stuff kids use every day to them and -their parents, e.g. the use of Jabber / Jappix instead of Facebook and -Skype. To make that possible, we are planning to get together a team of -clever kids who understand very well what their peers need and can bring -it across to them. So we will have a peer-driven network of adolescents -who teach each other and collect feedback from the community of minors. -We then take that feedback and our own experience to work closely with -open source projects, such as Skolelinux or Jappix, at improving their -software in a way that makes it more and more attractive for the target -group. At least I hope that we will have good cooperation with -Skolelinux in the future ;)!

- -

So in conclusion, what I believe is that, if it weren't for the world -being so bad, it should be very clear to the political decision makers -that the only way to go nowadays is free software for various reasons, -but I have learnt that the only way that seems to work is bottom up.

- - -

- - - Tags: debian edu, english, intervju. - - -

- -

Dugnadsnett for alle stiller pÃ¥ Oslo Maker Faire i januar 2014

10th December 2013

Helga 18. og 19. januar 2014 arrangeres -Oslo Maker -Faire, og Dugnadsnett for -alle har fÃ¥tt plass! Planen er Ã¥ ha et bord med en plakat der vi -forteller om hva Dugnadsnett for alle er for noe, og et lite verksted -der vi hjelper folk som er interessert i Ã¥ fÃ¥ opp sin egen mesh-node. -Jeg gleder meg til Ã¥ se hvordan prosjektet blir mottatt der.

- -

MÃ¥let med dugnadsnett for alle i Oslo er Ã¥ fÃ¥ pÃ¥ plass et datanett -for kommunikasjon ved hjelp av radio-repeaterstasjoner (kalt -mesh-noder) som gjÃ¸r at en kan direkte kommunisere med slekt, venner -og bekjente i Oslo via andre som deltar i dugnadsnettet, samt gjÃ¸re -det mulig komme ut pÃ¥ internett via dugnadsnettet. FÃ¸rste delmÃ¥l er Ã¥ -kunne sende SMS-meldinger vha. IP-telefoni lÃ¸sningen -Serval project mellom -deltagerne i Dugnadsnett for alle i Oslo. FormÃ¥let er Ã¥ ta tilbake -kontrollen over egen nett-infrastruktur og gjÃ¸re det dyrere Ã¥ bedrive -massiv innsamling av informasjon om borgernes bruk av datanett.

- -

HÃ¸res dette interessant ut? Bli med pÃ¥ prosjektet, fortell oss -hvor du kunne tenke deg Ã¥ sette opp en radio-repeater (slik at folk i -nÃ¦rheten kan finne hverandre ved hjelp av -kartet over planlagte og -eksisterende radio-repeatere), bli med pÃ¥ epostlisten -dugnadsnett -(at) nuug.no og stikk innom -IRC-kanalen -#dugnadsnett.no. SÃ¥ langt er det planlagt over 40 -radio-repeatere, med VPN-forbindelser via Internet for Ã¥ la de delene -av nettet som ikke nÃ¥r hverandre via radio kunne snakke med hverandre -likevel.

If this sound interesting to you, please contact us on IRC (#nikita +on irc.freenode.net) or email +(nikita-noark +mailing list).

- Tags: mesh network, norsk, nuug. + Tags: english, nuug, offentlig innsyn, standard.

@@ -580,129 +333,99 @@ likevel.

Debian Edu interview: Klaus Knopper

6th December 2013

It has been a while since I managed to publish the last interview, -but the Debian Edu / -Skolelinux community is still going strong, and yesterday we even -had a new school administrator show up on -#debian-edu to share -his success story with installing Debian Edu at their school. This -time I have been able to get some helpful comments from the creator of -Knoppix, Klaus Knopper, who was involved in a Skolelinux project in -Germany a few years ago.

- -

Who are you, and how do you spend your days?

- -

I am Klaus Knopper. I have a master degree in electrical -engineering, and is currently professor in information management at -the university of applied sciences Kaiserslautern / Germany and -freelance Open Source software developer and consultant.

- -

All of this is pretty much of the work I spend my days with. Apart -from teaching, I'm also conducting some more or less experimental -projects like the Knoppix GNU/Linux live -system (Debian-based like Skolelinux), -ADRIANE -(a blind-friendly talking desktop system) and -LINBO -(Linux-based network boot console, a fast remote install and repair -system supporting various operating systems).

- -

How did you get in contact with the Skolelinux / Debian Edu -project?

- -

The credit for this have to go to Kurt Gramlich, who is the German -coordinator for Skolelinux. We were looking for an all-in-one open -source community-supported distribution for schools, and Kurt -introduced us to Skolelinux for this purpose.

- -

What do you see as the advantages of Skolelinux / Debian -Edu?

Idea for storing trusted timestamps in a Noark 5 archive

7th June 2017

This is a copy of +an +email I posted to the nikita-noark mailing list. Please follow up +there if you would like to discuss this topic. The background is that +we are making a free software archive system based on the Norwegian +Noark +5 standard for government archives.

+ +

I've been wondering a bit lately how trusted timestamps could be +stored in Noark 5. +Trusted +timestamps can be used to verify that some information +(document/file/checksum/metadata) have not been changed since a +specific time in the past. This is useful to verify the integrity of +the documents in the archive.

+ +

Then it occured to me, perhaps the trusted timestamps could be +stored as dokument variants (ie dokumentobjekt referered to from +dokumentbeskrivelse) with the filename set to the hash it is +stamping?

+ +

Given a "dokumentbeskrivelse" with an associated "dokumentobjekt", +a new dokumentobjekt is associated with "dokumentbeskrivelse" with the +same attributes as the stamped dokumentobjekt except these +attributes:

Quick installation,
works (almost) out of the box,
contains many useful software packages for teaching and learning,
is a purely community-based distro and not controlled by a - single company,
has a large number of supporters and teachers who share their - experience and problem solutions.

What do you see as the disadvantages of Skolelinux / Debian -Edu?

- -

Skolelinux is - as we had to learn - not easily upgradable to - the next version. Opposed to its genuine Debian base, upgrading to - a new version means a full new installation from scratch to get it - working again reliably. - -
Skolelinux is based on Debian/stable, and therefore always a - little outdated in terms of program versions compared to Edubuntu or - similar educational Linux distros, which rather use Debian/testing - as their base. - -
Skolelinux has some very self-opinionated and stubborn default - configuration which in my opinion adds unnecessary complexity and is - not always suitable for a schools needs, the preset network - configuration is actually a core definition feature of Skolelinux - and not easy to change, so schools sometimes have to change their - network configuration to make it "Skolelinux-compatible". - -
Some proposed extensions, which were made available as - contribution, like secure examination mode and lecture material - distribution and collection, were not accepted into the mainline - Skolelinux development and are now not easy to maintain in the - future because of Skolelinux somewhat undeterministic update - schemes.
Skolelinux has only a very tiny number of base developers - compared to Debian.
format -> "RFC3161" +
mimeType -> "application/timestamp-reply" +
formatDetaljer -> "<source URL for timestamp service>" +
filenavn -> "<sjekksum>.tsr"

For these reasons and experience from our project, I would now -rather consider using plain Debian for schools next time, until -Skolelinux is more closely integrated into Debian and becomes -upgradeable without reinstallation.

- -

Which free software do you use daily?

- -

GNU/Linux with LXDE desktop, bash for interactive dialog and -programming, texlive for documentation and correspondence, -occasionally LibreOffice for document format conversion. Various -programming languages for teaching.

This assume a service following +IETF RFC 3161 is +used, which specifiy the given MIME type for replies and the .tsr file +ending for the content of such trusted timestamp. As far as I can +tell from the Noark 5 specifications, it is OK to have several +variants/renderings of a dokument attached to a given +dokumentbeskrivelse objekt. It might be stretching it a bit to make +some of these variants represent crypto-signatures useful for +verifying the document integrity instead of representing the dokument +itself.

+ +

Using the source of the service in formatDetaljer allow several +timestamping services to be used. This is useful to spread the risk +of key compromise over several organisations. It would only be a +problem to trust the timestamps if all of the organisations are +compromised.

+ +

The following oneliner on Linux can be used to generate the tsr +file. $input is the path to the file to checksum, and $sha256 is the +SHA-256 checksum of the file (ie the ".tsr" value mentioned +above).

Which strategy do you believe is the right one to use to -get schools to use free software?

+openssl ts -query -data "$inputfile" -cert -sha256 -no_nonce \
+  | curl -s -H "Content-Type: application/timestamp-query" \
+      --data-binary "@-" http://zeitstempel.dfn.de > $sha256.tsr
+

Strong arguments are

To verify the timestamp, you first need to download the public key +of the trusted timestamp service, for example using this command:

Knowledge is free, and so should be methods and tools for - teaching and learning.

+wget -O ca-cert.txt \
+  https://pki.pca.dfn.de/global-services-ca/pub/cacert/chain.txt
+

Students can learn with and use the same software at school, at - home, and at their working place without running into license or - conversion problems.

Note, the public key should be stored alongside the timestamps in +the archive to make sure it is also available 100 years from now. It +is probably a good idea to standardise how and were to store such +public keys, to make it easier to find for those trying to verify +documents 100 or 1000 years from now. :)

Closed source or proprietary software hides knowledge rather - than exposing it, and proprietary software vendors try to bind - customers to certain products. But teachers need to teach - science, not products.

The verification itself is a simple openssl command:

If you have everything you for daily work as open source, what - would you need proprietary software for?

+openssl ts -verify -data $inputfile -in $sha256.tsr \
+  -CAfile ca-cert.txt -text
+

Is there any reason this approach would not work? Is it somehow against +the Noark 5 specification?

- Tags: debian edu, english, intervju. + Tags: english, offentlig innsyn, standard.

@@ -710,33 +433,61 @@ get schools to use free software?

Dugnadsnett for alle, a wireless community network in Oslo, take shape

30th November 2013

If you want the ability to electronically communicate directly with -your neighbors and friends using a network controlled by your peers in -stead of centrally controlled by a few corporations, or would like to -experiment with interesting network technology, the -Dugnasnett for alle i Oslo -might be project for you. 39 mesh nodes are currently being planned, -in the freshly started initiative from NUUG and Hackeriet to create a -wireless community network. The work is inspired by -Freifunk, -Athens Wireless Metropolitan -Network, Roofnet -and other successful mesh networks around the globe. Two days ago we -held a workshop to try to get people started on setting up their own -mesh node, and there we decided to create a new mailing list -dugnadsnett -(at) nuug.no and IRC channel -#dugnadsnett.no to -coordinate the work. See also the NUUG blog post -announcing -the mailing list and IRC channel.

NÃ¥r nynorskoversettelsen svikter til eksamen...

3rd June 2017

Aftenposten +melder i dag om feil i eksamensoppgavene for eksamen i politikk og +menneskerettigheter, der teksten i bokmÃ¥ls og nynorskutgaven ikke var +like. Oppgaveteksten er gjengitt i artikkelen, og jeg ble nysgjerring +pÃ¥ om den fri oversetterlÃ¸sningen +Apertium ville gjort en bedre +jobb enn Utdanningsdirektoratet. Det kan se slik ut.

+ +

Her er bokmÃ¥lsoppgaven fra eksamenen:

+ +

+
DrÃ¸ft utfordringene knyttet til nasjonalstatenes og andre aktÃ¸rers +rolle og muligheter til Ã¥ hÃ¥ndtere internasjonale utfordringer, som +for eksempel flykningekrisen.
+ +
Vedlegge er eksempler pÃ¥ tekster som kan gi relevante perspektiver +pÃ¥ temaet:
+
+
Flykningeregnskapet 2016, UNHCR og IDMC +
Â«GrenselÃ¸st Europa for fallÂ» A-Magasinet, 26. november 2015 +
+ +

+ +

Dette oversetter Apertium slik:

+ +

+
DrÃ¸ft utfordringane knytte til nasjonalstatane sine og rolla til +andre aktÃ¸rar og hÃ¸ve til Ã¥ handtera internasjonale utfordringar, som +til dÃ¸mes *flykningekrisen.
+ +
Vedleggja er dÃ¸me pÃ¥ tekster som kan gje relevante perspektiv pÃ¥ +temaet:
+ +
+
*Flykningeregnskapet 2016, *UNHCR og *IDMC
+
Â«*GrenselÃ¸st Europa for fallÂ» A-Magasinet, 26. november 2015
+
+ +

+ +

Ord som ikke ble forstÃ¥tt er markert med stjerne (*), og trenger +ekstra sprÃ¥ksjekk. Men ingen ord er forsvunnet, slik det var i +oppgaven elevene fikk presentert pÃ¥ eksamen. Jeg mistenker dog at +"andre aktÃ¸rers rolle og muligheter til ..." burde vÃ¦rt oversatt til +"rolla til andre aktÃ¸rar og deira hÃ¸ve til ..." eller noe slikt, men +det er kanskje flisespikking. Det understreker vel bare at det alltid +trengs korrekturlesning etter automatisk oversettelse.

- Tags: english, mesh network, nuug. + Tags: debian, norsk, stavekontroll.

@@ -744,84 +495,67 @@ the mailing list and IRC channel.

Hvor godt fungerer Linux-klienter mot MS Exchange?

26th November 2013

Jeg -skrev -i juni om protestene pÃ¥ planene til min arbeidsplass, -Universitetet i Oslo, om Ã¥ gÃ¥ bort fra -fri programvare- og Ã¥pne standardlÃ¸sninger for Ã¥ hÃ¥ndtere epost, -vekk fra IETF-standarden SIEVE for filtrering av epost og over til -godseide spesifikasjoner og epostsystemet Microsoft Exchange. -Protestene har fÃ¥tt litt ny omtale i media de siste dagene, i tillegg -til de oppslagene som kom i mai.

Epost inn som arkivformat i Riksarkivarens forskrift?

27th April 2017

I disse dager, med frist 1. mai, har Riksarkivaren ute en hÃ¸ring pÃ¥ +sin forskrift. Som en kan se er det ikke mye tid igjen fÃ¸r fristen +som gÃ¥r ut pÃ¥ sÃ¸ndag. Denne forskriften er det som lister opp hvilke +formater det er greit Ã¥ arkivere i +Noark +5-lÃ¸sninger i Norge.

+ +

Jeg fant hÃ¸ringsdokumentene hos +Norsk +ArkivrÃ¥d etter Ã¥ ha blitt tipset pÃ¥ epostlisten til +fri +programvareprosjektet Nikita Noark5-Core, som lager et Noark 5 +Tjenestegresesnitt. Jeg er involvert i Nikita-prosjektet og takket +vÃ¦re min interesse for tjenestegrensesnittsprosjektet har jeg lest en +god del Noark 5-relaterte dokumenter, og til min overraskelse oppdaget +at standard epost ikke er pÃ¥ listen over godkjente formater som kan +arkiveres. HÃ¸ringen med frist sÃ¸ndag er en glimrende mulighet til Ã¥ +forsÃ¸ke Ã¥ gjÃ¸re noe med det. Jeg holder pÃ¥ med +egen +hÃ¸ringsuttalelse, og lurer pÃ¥ om andre er interessert i Ã¥ stÃ¸tte +forslaget om Ã¥ tillate arkivering av epost som epost i arkivet.

+ +

Er du igang med Ã¥ skrive egen hÃ¸ringsuttalelse allerede? I sÃ¥ fall +kan du jo vurdere Ã¥ ta med en formulering om epost-lagring. Jeg tror +ikke det trengs sÃ¥ mye. Her et kort forslag til tekst:

2013-11-26 Gigantisk Outlook-konvertering mÃ¸der protester pÃ¥ universitet - versjon2.dk
2013-11-25 - Microsoft-protest - pÃ¥ Universitetet - Computerworld
2013-11-25 - Kjemper - mot innfÃ¸ring av Microsoft Exchange pÃ¥ UiO - Uniforum
2013-11-25 - Utsetter - innfÃ¸ring av nytt e-postsystem - Uniforum
2013-05-29 - Forsvarer - nytt IT-system - Universitas

-
2013-05-23 - UiO - innfÃ¸rer nytt epost- og kalenderverktÃ¸y - Uniforum
+
Viser til hÃ¸ring sendt ut 2017-02-17 (Riksarkivarens referanse + 2016/9840 HELHJO), og tillater oss Ã¥ sende inn noen innspill om + revisjon av Forskrift om utfyllende tekniske og arkivfaglige + bestemmelser om behandling av offentlige arkiver (Riksarkivarens + forskrift).
-
2013-05-22 - Protestgruppe - vil stanse IT-system - Universitas
+
SvÃ¦rt mye av vÃ¥r kommuikasjon foregÃ¥r i dag pÃ¥ e-post.Â Vi + foreslÃ¥r derfor at Internett-e-post, slik det er beskrevet i IETF + RFC 5322, + https://tools.ietf.org/html/rfc5322. bÃ¸r + inn som godkjent dokumentformat.Â Vi foreslÃ¥r at forskriftens + oversikt over godkjente dokumentformater ved innlevering i Â§ 5-16 + endres til Ã¥ ta med Internett-e-post.
-
2013-05-15 - UiO - mÃ¥ ha kontroll over sitt eget epostsystem - Uniforum
+

Som del av arbeidet med tjenestegrensesnitt har vi testet hvordan +epost kan lagres i en Noark 5-struktur, og holder pÃ¥ Ã¥ skrive et +forslag om hvordan dette kan gjÃ¸res som vil bli sendt over til +arkivverket sÃ¥ snart det er ferdig. De som er interesserte kan +fÃ¸lge +fremdriften pÃ¥ web.

Prosjektledelsen har fortalt at dette skal fungere like godt for -Linux-brukere som for brukere av Microsoft Windows og Apple MacOSX, -men jeg lurer pÃ¥ hva slags erfaringer Linux-brukere i eksisterende -miljÃ¸er som bruker MS Exchange har gjort. Hvis du har slik erfaring -hadet det vÃ¦rt veldig fint om du kan send et leserbrev til -Uniforum og fortelle om hvor -greit det er Ã¥ bruke Exchange i kryss-platform-miljÃ¸er? De jeg har -snakket med sier en greit fÃ¥r lest e-posten sin hvis Exchange har -slÃ¥tt pÃ¥ IMAP-funksjonalitet, men at kalender og mÃ¸tebooking ikke -fungerer godt for Linux-klienter. Jeg har ingen personlig erfaring Ã¥ -komme med, sÃ¥ jeg er nysgjerrig pÃ¥ hva andre kan dele av erfaringer -med universitetet.

- -

Mitt ankerpunkt mot Ã¥ bytte ut fri programvare som fungerer godt -med godseid programvare er at en mister kontroll over egen -infrastruktur, lÃ¥ser seg inn i en lÃ¸sning det vil bli dyrt Ã¥ komme ut -av, uten at en fÃ¥r funksjonalitet en ikke kunne skaffet seg med fri -programvare, eventuelt videreutviklet med de pengene som brukes pÃ¥ -overgangen til MS Exchange. Personlig planlegger jeg Ã¥ fortsette Ã¥ -laste ned all eposten min til lokal maskin for indeksering og lesing -med notmuch, sÃ¥ jeg hÃ¥per jeg -ikke blir veldig skadelidende av overgangen.

- -

Underskriftslista -for oss som er mot endringen, som omtales i artiklene, er fortsatt -Ã¥pen for de som vil signere pÃ¥ oppropet. Akkurat nÃ¥ er det 298 -personer som har signert.

Oppdatering 2017-04-28: I dag ble hÃ¸ringuttalelsen jeg skrev + sendt + inn av foreningen NUUG.

- Tags: norsk, standard. + Tags: norsk, offentlig innsyn, standard.

@@ -829,56 +563,154 @@ personer som har signert.

New chrpath release 0.15

24th November 2013

After many years break from the package and a vain hope that -development would be continued by someone else, I finally pulled my -acts together this morning and wrapped up a new release of chrpath, -the command line tool to modify the rpath and runpath of already -compiled ELF programs. The update was triggered by the persistence of -Isha Vishnoi at IBM, which needed a new config.guess file to get -support for the ppc64le architecture (powerpc 64-bit Little Endian) he -is working on. I checked the -Debian, -Ubuntu and -Fedora -packages for interesting patches (failed to find the source from -OpenSUSE and Mandriva packages), and found quite a few nice fixes. -These are the release notes:

- -

New in 0.15 released 2013-11-24:

- -

Updated config.sub and config.guess from the GNU project to work - with newer architectures. Thanks to isha vishnoi for the heads - up.
Updated README with current URLs.
Added byteswap fix found in Ubuntu, credited Jeremy Kerr and - Matthias Klose.
Added missing help for -k|--keepgoing option, using patch by - Petr Machata found in Fedora.
Rewrite removal of RPATH/RUNPATH to make sure the entry in - .dynamic is a NULL terminated string. Based on patch found in - Fedora credited Axel Thimm and Christian Krause.

Offentlig elektronisk postjournal blokkerer tilgang for utvalgte webklienter

20th April 2017

Jeg oppdaget i dag at nettstedet som +publiserer offentlige postjournaler fra statlige etater, OEP, har +begynt Ã¥ blokkerer enkelte typer webklienter fra Ã¥ fÃ¥ tilgang. Vet +ikke hvor mange det gjelder, men det gjelder i hvert fall libwww-perl +og curl. For Ã¥ teste selv, kjÃ¸r fÃ¸lgende:

+ +

+% curl -v -s https://www.oep.no/pub/report.xhtml?reportId=3 2>&1 |grep '< HTTP'
+< HTTP/1.1 404 Not Found
+% curl -v -s --header 'User-Agent:Opera/12.0' https://www.oep.no/pub/report.xhtml?reportId=3 2>&1 |grep '< HTTP'
+< HTTP/1.1 200 OK
+%
+

+ +

Her kan en se at tjenesten gir Â«404 Not FoundÂ» for curl i +standardoppsettet, mens den gir Â«200 OKÂ» hvis curl hevder Ã¥ vÃ¦re Opera +versjon 12.0. Offentlig elektronisk postjournal startet blokkeringen +2017-03-02.

+ +

Blokkeringen vil gjÃ¸re det litt vanskeligere Ã¥ maskinelt hente +informasjon fra oep.no. Kan blokkeringen vÃ¦re gjort for Ã¥ hindre +automatisert innsamling av informasjon fra OEP, slik Pressens +Offentlighetsutvalg gjorde for Ã¥ dokumentere hvordan departementene +hindrer innsyn i +rapporten +Â«Slik hindrer departementer innsynÂ» som ble publiserte i januar +2017. Det virker usannsynlig, da det jo er trivielt Ã¥ bytte +User-Agent til noe nytt.

+ +

Finnes det juridisk grunnlag for det offentlige Ã¥ diskriminere +webklienter slik det gjÃ¸res her? Der tilgang gis eller ikke alt etter +hva klienten sier at den heter? Da OEP eies av DIFI og driftes av +Basefarm, finnes det kanskje noen dokumenter sendt mellom disse to +aktÃ¸rene man kan be om innsyn i for Ã¥ forstÃ¥ hva som har skjedd. Men +postjournalen +til DIFI viser kun to dokumenter det siste Ã¥ret mellom DIFI og +Basefarm. +Mimes brÃ¸nn neste, +tenker jeg.

+ + + Tags: norsk, offentlig innsyn. + + +

+ +

Free software archive system Nikita now able to store documents

19th March 2017

The Nikita +Noark 5 core project is implementing the Norwegian standard for +keeping an electronic archive of government documents. +The +Noark 5 standard document the requirement for data systems used by +the archives in the Norwegian government, and the Noark 5 web interface +specification document a REST web service for storing, searching and +retrieving documents and metadata in such archive. I've been involved +in the project since a few weeks before Christmas, when the Norwegian +Unix User Group +announced +it supported the project. I believe this is an important project, +and hope it can make it possible for the government archives in the +future to use free software to keep the archives we citizens depend +on. But as I do not hold such archive myself, personally my first use +case is to store and analyse public mail journal metadata published +from the government. I find it useful to have a clear use case in +mind when developing, to make sure the system scratches one of my +itches.

+ +

If you would like to help make sure there is a free software +alternatives for the archives, please join our IRC channel +(#nikita on +irc.freenode.net) and +the +project mailing list.

+ +

When I got involved, the web service could store metadata about +documents. But a few weeks ago, a new milestone was reached when it +became possible to store full text documents too. Yesterday, I +completed an implementation of a command line tool +archive-pdf to upload a PDF file to the archive using this +API. The tool is very simple at the moment, and find existing +fonds, series and +files while asking the user to select which one to use if more than +one exist. Once a file is identified, the PDF is associated with the +file and uploaded, using the title extracted from the PDF itself. The +process is fairly similar to visiting the archive, opening a cabinet, +locating a file and storing a piece of paper in the archive. Here is +a test run directly after populating the database with test data using +our API tester:

- +

+~/src//noark5-tester$ ./archive-pdf mangelmelding/mangler.pdf
+using arkiv: Title of the test fonds created 2017-03-18T23:49:32.103446
+using arkivdel: Title of the test series created 2017-03-18T23:49:32.103446
+
+ 0 - Title of the test case file created 2017-03-18T23:49:32.103446
+ 1 - Title of the test file created 2017-03-18T23:49:32.103446
+Select which mappe you want (or search term): 0
+Uploading mangelmelding/mangler.pdf
+  PDF title: Mangler i spesifikasjonsdokumentet for NOARK 5 Tjenestegrensesnitt
+  File 2017/1: Title of the test case file created 2017-03-18T23:49:32.103446
+~/src//noark5-tester$
+

You can -download the -new version 0.15 from alioth. Please let us know via the Alioth -project if something is wrong with the new release. The test suite -did not discover any old errors, so if you find a new one, please also -include a testsuite check.

You can see here how the fonds (arkiv) and serie (arkivdel) only had +one option, while the user need to choose which file (mappe) to use +among the two created by the API tester. The archive-pdf +tool can be found in the git repository for the API tester.

+ +

In the project, I have been mostly working on +the API +tester so far, while getting to know the code base. The API +tester currently use +the HATEOAS links +to traverse the entire exposed service API and verify that the exposed +operations and objects match the specification, as well as trying to +create objects holding metadata and uploading a simple XML file to +store. The tester has proved very useful for finding flaws in our +implementation, as well as flaws in the reference site and the +specification.

+ +

The test document I uploaded is a summary of all the specification +defects we have collected so far while implementing the web service. +There are several unclear and conflicting parts of the specification, +and we have +started +writing down the questions we get from implementing it. We use a +format inspired by how The +Austin Group collect defect reports for the POSIX standard with +their +instructions for the MANTIS defect tracker system, in lack of an official way to structure defect reports for Noark 5 (our first submitted defect report was a request for a procedure for submitting defect reports :). + +

The Nikita project is implemented using Java and Spring, and is +fairly easy to get up and running using Docker containers for those +that want to test the current code base. The API tester is +implemented in Python.

- Tags: chrpath, debian, english. + Tags: english, nuug, offentlig innsyn, standard.

@@ -893,12 +725,109 @@ include a testsuite check.

Archive