The last few days I came across a few good causes that should get
+wider attention. I recommend signing and donating to each one of
+these. :)
+
+
Via Debian
+Project News for 2013-10-14 I came across the Outreach Program for
+Women program which is a Google Summer of Code like initiative to get
+more women involved in free software. One debian sponsor has offered
+to match any donation done to Debian
+earmarked for this initiative. I donated a few minutes ago, and
+hope you will to. :)
+
+
And the Electronic Frontier Foundation just announced plans to
+create video
+documentaries about the excessive spying on every Internet user that
+take place these days, and their need to fund the work. I've already
+donated. Are you next?
+
+
For my Norwegian audience, the organisation Studentenes og
+Akademikernes Internasjonale Hjelpefond is collecting signatures for a
+statement under the heading
+Bloggers United for Open
+Access for those of us asking for more focus on open access in the
+Norwegian government. So far 499 signatures. I hope you will sign it
+too.
Wireless mesh networks are self organising and self healing
+networks that can be used to connect computers across small and large
+areas, depending on the radio technology used. Normal wifi equipment
+can be used to create home made radio networks, and there are several
+successful examples like
+Freifunk and
+Athens Wireless Metropolitan Network
+(see
+wikipedia
+for a large list) around the globe. To give you an idea how it
+work, check out the nice overview of the Kiel Freifunk community which
+can be seen from their
+dynamically
+updated node graph and map, where one can see how the mesh nodes
+automatically handle routing and recover from nodes disappearing.
+There is also a small community mesh network group in Oslo, Norway,
+and that is the main topic of this blog post.
+
+
I've wanted to check out mesh networks for a while now, and hoped
+to do it as part of my involvement with the NUUG member organisation community, and
+my recent involvement in
+the Freedombox project
+finally lead me to give mesh networks some priority, as I suspect a
+Freedombox should use mesh networks to connect neighbours and family
+when possible, given that most communication between people are
+between those nearby (as shown for example by research on Facebook
+communication patterns). It also allow people to communicate without
+any central hub to tap into for those that want to listen in on the
+private communication of citizens, which have become more and more
+important over the years.
+
+
So far I have only been able to find one group of people in Oslo
+working on community mesh networks, over at the hack space
+Hackeriet at Husmania. They seem to
+have started with some Freifunk based effort using OLSR, called
+the Oslo
+Freifunk project, but that effort is now dead and the people
+behind it have moved on to a batman-adv based system called
+meshfx. Unfortunately the wiki
+site for the Oslo Freifunk project is no longer possible to update to
+reflect this fact, so the old project page can't be updated to point to
+the new project. A while back, the people at Hackeriet invited people
+from the Freifunk community to Oslo to talk about mesh networks. I
+came across this video where Hans Jørgen Lysglimt interview the
+speakers about this talk (from
+youtube):
+
+
+
+
I mentioned OLSR and batman-adv, which are mesh routing protocols.
+There are heaps of different protocols, and I am still struggling to
+figure out which one would be "best" for some definitions of best, but
+given that the community mesh group in Oslo is so small, I believe it
+is best to hook up with the existing one instead of trying to create a
+completely different setup, and thus I have decided to focus on
+batman-adv for now. It sure help me to know that the very cool
+Serval project in Australia
+is using batman-adv as their meshing technology when it create a self
+organizing and self healing telephony system for disaster areas and
+less industrialized communities. Check out this cool video presenting
+that project (from
+youtube):
+
+
+
+
According to the wikipedia page on
+Wireless
+mesh network there are around 70 competing schemes for routing
+packets across mesh networks, and OLSR, B.A.T.M.A.N. and
+B.A.T.M.A.N. advanced are protocols used by several free software
+based community mesh networks.
+
+
The batman-adv protocol is a bit special, as it provide layer 2
+(as in ethernet ) routing, allowing ipv4 and ipv6 to work on the same
+network. One way to think about it is that it provide a mesh based
+vlan you can bridge to or handle like any other vlan connected to your
+computer. The required drivers are already in the Linux kernel at
+least since Debian Wheezy, and it is fairly easy to set up. A
+good
+introduction is available from the Open Mesh project. These are
+the key settings needed to join the Oslo meshfx network:
+
+
+
Setting
Value
+
Protocol / kernel module
batman-adv
+
ESSID
meshfx@hackeriet
+
Channel / Frequency
11 / 2462
+
Cell ID
02:BA:00:00:00:01
+
+
+
The reason for setting ad-hoc wifi Cell ID is to work around bugs
+in firmware used in wifi card and wifi drivers. (See a nice post from
+VillageTelco about
+"Information
+about cell-id splitting, stuck beacons, and failed IBSS merges!
+for details.) When these settings are activated and you have some
+other mesh node nearby, your computer will be connected to the mesh
+network and can communicate with any mesh node that is connected to
+any of the nodes in your network of nodes. :)
+
+
My initial plan was to reuse my old Linksys WRT54GL as a mesh node,
+but that seem to be very hard, as I have not been able to locate a
+firmware supporting batman-adv. If anyone know how to use that old
+wifi access point with batman-adv these days, please let me know.
+
+
If you find this project interesting and want to join, please join
+us on IRC, either channel
+#oslohackerspace
+or #nuug on
+irc.freenode.net.
+
+
While investigating mesh networks in Oslo, I came across an old
+research paper from the university of Stavanger and Telenor Research
+and Innovation called
+The
+reliability of wireless backhaul mesh networks and elsewhere
+learned that Telenor have been experimenting with mesh networks at
+Grünerløkka in Oslo. So mesh networks are also interesting for
+commercial companies, even though Telenor discovered that it was hard
+to figure out a good business plan for mesh networking and as far as I
+know have closed down the experiment. Perhaps Telenor or others would
+be interested in a cooperation?
+
+
Update 2013-10-12: I was just
+told
+by the Serval project developers that they no longer use
+batman-adv (but are compatible with it), but their own crypto based
+mesh system.
The other day I was pleased and surprised to discover that Marcelo
+Salvador had published a
+video on
+Youtube showing how to install the standalone Debian Edu /
+Skolelinux profile. This is the profile intended for use at home or
+on laptops that should not be integrated into the provided network
+services (no central home directory, no Kerberos / LDAP directory etc,
+in other word a single user machine). The result is 11 minutes long,
+and show some user applications (seem to be rather randomly picked).
+Missed a few of my favorites like celestia, planets and chromium
+showing the Zygote Body 3D model
+of the human body, but I guess he did not know about those or find
+other programs more interesting. :) And the video do not show the
+advantages I believe is one of the most valuable featuers in Debian
+Edu, its central school server making it possible to run hundreds of
+computers without hard drives by installing one central
+LTSP server.
+
+
Anyway, check out the video, embedded below and linked to above:
+
+
+
+
Are there other nice videos demonstrating Skolelinux? Please let
+me know. :)
A few hours ago, the announcement for the first stable release of
+Debian Edu Wheezy went out from the Debian publicity team. The
+complete announcement text can be found at
+the Debian News
+section, translated to several languages. Please check it out.
+
+
There is one minor known problem that we will fix very soon. One
+can not install a amd64 Thin Client Server using PXE, as the /var/
+partition is too small. A workaround is to extend the partition (use
+lvresize + resize2fs in tty 2 while installing).
It has been a while since my last update. Since last summer, I
-have worked on a Norwegian
-docbook version of the 2004 book
-Free Culture by Lawrence Lessig,
-to get a Norwegian text explaining the problems with the copyright
-law. Yesterday, I finally broken the 90% mark, when counting the
-number of strings to translate. Due to real life constraints, I have
-not had time to work on it since March, but when the summer broke out,
-I found time to work on it again. Still lots of work left, but the
-first draft is nearing completion. I created a graph to show the
-progress of the translation:
-
-
-
-
When the first draft is done, the translated text need to be
-proof read, and the remaining formatting problems with images and SVG
-drawings need to be fixed. There are probably also some index entries
-missing that need to be added. This can be done by comparing the
-index entries listed in the SiSU version of the book, or comparing the
-English docbook version with the paper version. Last, the colophon
-page with ISBN numbers etc need to be wrapped up before the release is
-done. I should also figure out how to get correct Norwegian sorting
-of the index pages. All docbook tools I have tried so far (xmlto,
-docbook-xsl, dblatex) get the order of symbols and the special
-Norwegian letters ÃÃÃ wrong.
-
-
There is still need for translators and people with docbook
-knowledge, to be able to get a good looking book (I still struggle
-with dblatex, xmlto and docbook-xsl) as well as to do the draft
-translation and proof reading. And I would like the figures to be
-redrawn as SVGs to make it easy to translate them. Any SVG master
-around? There are also some legal terms that are unfamiliar to me.
-If you want to help, please get in touch with me, and check out the
-project files currently available from
-github.
-
-
If you are curious what the translated book currently look like,
-the updated
-PDF
-and
-EPUB
-are published on github. The HTML version is published as well, but
-github hand it out with MIME type text/plain, confusing browsers, so I
-saw no point in linking to that version.
The first wheezy based beta release of Debian Edu was wrapped up
-today. This is the release announcement:
-
-
New features for Debian Edu 7.1+edu0~b0 released
-2013-07-27
-
-
These are the release notes for for Debian Edu / Skolelinux
-7.1+edu0~b0, based on Debian with codename "Wheezy".
-
-
About Debian Edu and Skolelinux
-
-
Debian Edu, also known as
-Skolelinux, is a Linux distribution based on Debian providing an
-out-of-the box environment of a completely configured school
-network. Immediately after installation a school server running all
-services needed for a school network is set up just waiting for users
-and machines being added via GOsa², a comfortable Web-UI. A netbooting
-environment is prepared using PXE, so after initial installation of
-the main server from CD, DVD or USB stick all other machines can be
-installed via the network. The provided school server provides LDAP
-database and Kerberos authentication service, centralized home
-directories, DHCP server, web proxy and many other services. The
-desktop contains
-more
-than 60 educational software packages and more are available from
-the Debian archive, and schools can choose between KDE, Gnome, LXDE
-and Xfce desktop environment.
-
-
This is the fifth test release based on Debian Wheezy. Basically
-this is an updated and slightly improved version compared to the
-Squeeze release.
-
-
ALERT: Alpha based installations should reinstall or downgrade the
-versions of gosa and libpam-mklocaluser to the ones used in this beta
-release.
-
-
Software updates
-
-
-
-
Switched roaming workstation profiles from wicd to network-manager
- for network configuration, as wicd didn't work any more.
-
Changed version numbers of patched gosa and libpam-mklocaluser
- packages to make sure our locally patched versions will be replaced
- by the official packages when they are released from Debian. Those
- installing alpha version need to reinstall or manually downgrade gosa
- and libpam-mklocaluser.
-
Added bluetooth tools to the default desktop (bluedevil, blueman).
-
Added tools for sharing the desktop on KDE (krdc, krfb).
-
Added valgrind to the default installation for easier debugging of
- crash bugs.
-
-
-
-
Other changes
-
-
-
-
Fixed artwork package to work with gnome, no longer break
- desktop=gnome installations.
-
Adjusted installer to now work when forced to use a proxy with the
- netinst CD.
-
Fixed code detecting and setting/loading hardware specific
- setup/firmware to work more robust out of the box.
-
Adjusted Kerberos setup to detect realm and server settings at
- install time instead of dynamically at run time. This avoid a crash
- with krb5-auth-dialog on diskless workstations without a DNS name.
-
Worked around misfeature in network-manager not calling the dhclient
- exit hooks, causing automatic proxy configuration and automatic host
- name setting at run time to work again.
-
Fixed feature setting the default Iceweasel start page from URL
- fetched from LDAP, to allow schools to set the global default by
- updating the dc=skole,dc=skolelinux,dc=no LDAP object.
-
Changed default host name on all networked machines to be unique
- (generated from MAC or reverse DNS) after boot.
-
Adjusted partition sizes to make sure they are big enough.
-
-
-
-
Known issues
-
-
-
-
Grub is missing the new artwork.
-
KDE fail to understand the wpad.dat file provided, causing it to
- not use the http proxy as it should.
-
Chromium also fail to use the proxy.
-
-
-
-
Where to get it
-
-
To download the multiarch netinstall CD release you can use
Today I switched to
-my
-new laptop. I've previously written about the problems I had with
-my new Thinkpad X230, which was delivered with an
-180
-GB Intel SSD disk with Lenovo firmware that did not handle
-sustained writes. My hardware supplier have been very forthcoming in
-trying to find a solution, and after first trying with another
-identical 180 GB disks they decided to send me a 256 GB Samsung SSD
-disk instead to fix it once and for all. The Samsung disk survived
-the installation of Debian with encrypted disks (filling the disk with
-random data during installation killed the first two), and I thus
-decided to trust it with my data. I have installed it as a Debian Edu
-Wheezy roaming workstation hooked up with my Debian Edu Squeeze main
-server at home using Kerberos and LDAP, and will use it as my work
-station from now on.
-
-
As this is a solid state disk with no moving parts, I believe the
-Debian Wheezy default installation need to be tuned a bit to increase
-performance and increase life time of the disk. The Linux kernel and
-user space applications do not yet adjust automatically to such
-environment. To make it easier for my self, I created a draft Debian
-package ssd-setup to handle this tuning. The
-source
-for the ssd-setup package is available from collab-maint, and it
-is set up to adjust the setup of the machine by just installing the
-package. If there is any non-SSD disk in the machine, the package
-will refuse to install, as I did not try to write any logic to sort
-file systems in SSD and non-SSD file systems.
-
-
I consider the package a draft, as I am a bit unsure how to best
-set up Debian Wheezy with an SSD. It is adjusted to my use case,
-where I set up the machine with one large encrypted partition (in
-addition to /boot), put LVM on top of this and set up partitions on
-top of this again. See the README file in the package source for the
-references I used to pick the settings. At the moment these
-parameters are tuned:
-
-
-
-
Set up cryptsetup to pass TRIM commands to the physical disk
- (adding discard to /etc/crypttab)
-
-
Set up LVM to pass on TRIM commands to the underlying device (in
- this case a cryptsetup partition) by changing issue_discards from
- 0 to 1 in /etc/lvm/lvm.conf.
-
-
Set relatime as a file system option for ext3 and ext4 file
- systems.
-
-
Tell swap to use TRIM commands by adding 'discard' to
- /etc/fstab.
-
-
Change I/O scheduler from cfq to deadline using a udev rule.
-
-
Run fstrim on every ext3 and ext4 file system every night (from
- cron.daily).
-
-
Adjust sysctl values vm.swappiness to 1 and vm.vfs_cache_pressure
- to 50 to reduce the kernel eagerness to swap out processes.
-
-
-
-
During installation, I cancelled the part where the installer fill
-the disk with random data, as this would kill the SSD performance for
-little gain. My goal with the encrypted file system is to ensure
-those stealing my laptop end up with a brick and not a working
-computer. I have no hope in keeping the really resourceful people
-from getting the data on the disk (see
-XKCD #538 for an explanation why).
-Thus I concluded that adding the discard option to crypttab is the
-right thing to do.
-
-
I considered using the noop I/O scheduler, as several recommended
-it for SSD, but others recommended deadline and a benchmark I found
-indicated that deadline might be better for interactive use.
-
-
I also considered using the 'discard' file system option for ext3
-and ext4, but read that it would give a performance hit ever time a
-file is removed, and thought it best to that that slowdown once a day
-instead of during my work.
-
-
My package do not set up tmpfs on /var/run, /var/lock and /tmp, as
-this is already done by Debian Edu.
-
-
I have not yet started on the user space tuning. I expect
-iceweasel need some tuning, and perhaps other applications too, but
-have not yet had time to investigate those parts.
-
-
The package should work on Ubuntu too, but I have not yet tested it
-there.
-
-
As for the answer to the question in the title of this blog post,
-as far as I know, the only solution I know about is to replace the
-disk. It might be possible to flash it with Intel firmware instead of
-the Lenovo firmware. But I have not tried and did not want to do so
-without approval from Lenovo as I wanted to keep the warranty on the
-disk until a solution was found and they wanted the broken disks
-back.
A few days ago, I wrote about
-the
-problems I experienced with my new X230 and its SSD disk, which
-was dying during installation because it is unable to cope with
-sustained write. My supplier is in contact with
-Lenovo, and they wanted to send a
-replacement disk to try to fix the problem. They decided to send an
-identical model, so my hopes for a permanent fix was slim.
-
-
Anyway, today I got the replacement disk and tried to install
-Debian Edu Wheezy with encrypted disk on it. The new disk have the
-same firmware version as the original. This time my hope raised
-slightly as the installation progressed, as the original disk used to
-die after 4-7% of the disk was written to, while this time it kept
-going past 10%, 20%, 40% and even past 50%. But around 60%, the disk
-died again and I was back on square one. I still do not have a new
-laptop with a disk I can trust. I can not live with a disk that might
-lock up when I download a new
-Debian Edu / Skolelinux ISO or
-other large files. I look forward to hearing from my supplier with
-the next proposal from Lenovo.
-
-
The original disk is marked Intel SSD 520 Series 180 GB,
-11S0C38722Z1ZNME35X1TR, ISN: CVCV321407HB180EGN, SA: G57560302, FW:
-LF1i, 29MAY2013, PBA: G39779-300, LBA 351,651,888, LI P/N: 0C38722,
-Pb-free 2LI, LC P/N: 16-200366, WWN: 55CD2E40002756C4, Model:
-SSDSC2BW180A3L 2.5" 6Gb/s SATA SSD 180G 5V 1A, ASM P/N 0C38732, FRU
-P/N 45N8295, P0C38732.
-
-
The replacement disk is marked Intel SSD 520 Series 180 GB,
-11S0C38722Z1ZNDE34N0L0, ISN: CVCV315306RK180EGN, SA: G57560-302, FW:
-LF1i, 22APR2013, PBA: G39779-300, LBA 351,651,888, LI P/N: 0C38722,
-Pb-free 2LI, LC P/N: 16-200366, WWN: 55CD2E40000AB69E, Model:
-SSDSC2BW180A3L 2.5" 6Gb/s SATA SSD 180G 5V 1A, ASM P/N 0C38732, FRU
-P/N 45N8295, P0C38732.
-
-
The only difference is in the first number (serial number?), ISN,
-SA, date and WNPP values. Mentioning all the details here in case
-someone is able to use the information to find a way to identify the
-failing disk among working ones (if any such working disk actually
-exist).
