X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/9c472ae020e66baaf6daaf23c06bb0308a065a0e..e86168b0cae5e6a526a6b36eb97989829af60b9b:/blog/index.rss diff --git a/blog/index.rss b/blog/index.rss index 18714281fe..92144c45c7 100644 --- a/blog/index.rss +++ b/blog/index.rss @@ -7,781 +7,888 @@ - New chrpath release 0.15 - http://people.skolelinux.org/pere/blog/New_chrpath_release_0_15.html - http://people.skolelinux.org/pere/blog/New_chrpath_release_0_15.html - Sun, 24 Nov 2013 09:30:00 +0100 - <p>After many years break from the package and a vain hope that -development would be continued by someone else, I finally pulled my -acts together this morning and wrapped up a new release of chrpath, -the command line tool to modify the rpath and runpath of already -compiled ELF programs. The update was triggered by the persistence of -Isha Vishnoi at IBM, which needed a new config.guess file to get -support for the ppc64le architecture (powerpc 64-bit Little Endian) he -is working on. I checked the -<a href="http://packages.qa.debian.org/chrpath">Debian</a>, -<a href="https://launchpad.net/ubuntu/+source/chrpath">Ubuntu</a> and -<a href="https://admin.fedoraproject.org/pkgdb/acls/name/chrpath">Fedora</a> -packages for interesting patches (failed to find the source from -OpenSUSE and Mandriva packages), and found quite a few nice fixes. -These are the release notes:</p> - -<p>New in 0.15 released 2013-11-24:</p> + Språkkoder for POSIX locale i Norge + http://people.skolelinux.org/pere/blog/Spr_kkoder_for_POSIX_locale_i_Norge.html + http://people.skolelinux.org/pere/blog/Spr_kkoder_for_POSIX_locale_i_Norge.html + Fri, 11 Apr 2014 21:30:00 +0200 + <p>For 12 år siden, skrev jeg et lite notat om +<a href="http://i18n.skolelinux.no/localekoder.txt">bruk av språkkoder +i Norge</a>. Jeg ble nettopp minnet på dette da jeg fikk spørsmål om +notatet fortsatt var aktuelt, og tenkte det var greit å repetere hva +som fortsatt gjelder. Det jeg skrev da er fortsatt like aktuelt.</p> + +<p>Når en velger språk i programmer på unix, så velger en blant mange +språkkoder. For språk i Norge anbefales følgende språkkoder (anbefalt +locale i parantes):</p> + +<p><dl> +<dt>nb (nb_NO)</dt><dd>Bokmål i Norge</dd> +<dt>nn (nn_NO)</dt><dd>Nynorsk i Norge</dd> +<dt>se (se_NO)</dt><dd>Nordsamisk i Norge</dd> +</dl></p> + +<p>Alle programmer som bruker andre koder bør endres.</p> + +<p>Språkkoden bør brukes når .po-filer navngis og installeres. Dette +er ikke det samme som locale-koden. For Norsk Bokmål, så bør filene +være navngitt nb.po, mens locale (LANG) bør være nb_NO.</p> + +<p>Hvis vi ikke får standardisert de kodene i alle programmene med +norske oversettelser, så er det umulig å gi LANG-variablen ett innhold +som fungerer for alle programmer.</p> + +<p>Språkkodene er de offisielle kodene fra ISO 639, og bruken av dem i +forbindelse med POSIX localer er standardisert i RFC 3066 og ISO +15897. Denne anbefalingen er i tråd med de angitte standardene.</p> + +<p>Følgende koder er eller har vært i bruk som locale-verdier for +"norske" språk. Disse bør unngås, og erstattes når de oppdages:</p> -<ul> +<p><table> +<tr><td>norwegian</td><td>-> nb_NO</td></tr> +<tr><td>bokmål </td><td>-> nb_NO</td></tr> +<tr><td>bokmal </td><td>-> nb_NO</td></tr> +<tr><td>nynorsk </td><td>-> nn_NO</td></tr> +<tr><td>no </td><td>-> nb_NO</td></tr> +<tr><td>no_NO </td><td>-> nb_NO</td></tr> +<tr><td>no_NY </td><td>-> nn_NO</td></tr> +<tr><td>sme_NO </td><td>-> se_NO</td></tr> +</table></p> - <li>Updated config.sub and config.guess from the GNU project to work - with newer architectures. Thanks to isha vishnoi for the heads - up.</li> +<p>Merk at når det gjelder de samiske språkene, at se_NO i praksis +henviser til nordsamisk i Norge, mens f.eks. smj_NO henviser til +lulesamisk. Dette notatet er dog ikke ment å gi råd rundt samiske +språkkoder, der gjør +<a href="http://www.divvun.no/">Divvun-prosjektet</a> en bedre +jobb.</p> - <li>Updated README with current URLs.</li> +<p><strong>Referanser:</strong></p> - <li>Added byteswap fix found in Ubuntu, credited Jeremy Kerr and - Matthias Klose.</li> +<ul> - <li>Added missing help for -k|--keepgoing option, using patch by - Petr Machata found in Fedora.</li> + <li><a href="http://www.rfc-base.org/rfc-3066.html">RFC 3066 - Tags + for the Identification of Languages</a> (Erstatter RFC 1766)</li> + + <li><a href="http://www.loc.gov/standards/iso639-2/langcodes.html">ISO + 639</a> - Codes for the Representation of Names of Languages</li> - <li>Rewrite removal of RPATH/RUNPATH to make sure the entry in - .dynamic is a NULL terminated string. Based on patch found in - Fedora credited Axel Thimm and Christian Krause.</li> + <li><a href="http://std.dkuug.dk/jtc1/sc22/wg20/docs/n897-14652w25.pdf">ISO + DTR 14652</a> - locale-standard Specification method for cultural + conventions</li> + + <li><a href="http://std.dkuug.dk/jtc1/sc22/wg20/docs/n610.pdf">ISO + 15897: Registration procedures for cultural elements (cultural + registry)</a>, + <a href="http://std.dkuug.dk/jtc1/sc22/wg20/docs/n849-15897wd6.pdf">(nytt + draft)</a></li> -</ul> + <li><a href="http://std.dkuug.dk/jtc1/sc22/wg20/">ISO/IEC + JTC1/SC22/WG20</a> - Gruppen for i18n-standardisering i ISO</li> -<p>You can -<a href="https://alioth.debian.org/frs/?group_id=31052">download the -new version 0.15 from alioth</a>. Please let us know via the Alioth -project if something is wrong with the new release. The test suite -did not discover any old errors, so if you find a new one, please also -include a testsuite check.</p> - - - - - RSS-kilde for fritekstsøk i offentlige anbud hos Doffin - http://people.skolelinux.org/pere/blog/RSS_kilde_for_friteksts_k_i_offentlige_anbud_hos_Doffin.html - http://people.skolelinux.org/pere/blog/RSS_kilde_for_friteksts_k_i_offentlige_anbud_hos_Doffin.html - Fri, 22 Nov 2013 13:40:00 +0100 - <p>I fjor sommer lagde jeg en -<a href="http://people.skolelinux.org/pere/blog/SQL_database_med_anbud_publisert_p__Doffin.html">offentlig -tilgjengelig SQL-database over offentlig anbud</a> basert på skraping -av HTML-data fra Doffin. Den har stått og gått siden da, og har nå -ca. 28000 oppføringer. Jeg oppdaget da jeg tittet innom at noen -oppføringer var ikke blitt med, antagelig på grunn av at de fikk -tildelt sekvensnummer i Doffin en godt stund før de ble publisert, -slik at min nettsideskraper som fortsatte skrapingen der den slapp -sist ikke fikk dem med seg. Jeg har fikset litt slik at skraperen nå -ser litt tilbake i tid for å se om den har gått glipp av noen -oppføringer, og har skrapet på nytt fra midten av september 2013 og -fremover. Det bør dermed bli en mer komplett database for kommende -måneder. Hvis jeg får tid skal jeg forsøke å skrape "glemte" data fra -før midten av september 2013, men tør ikke garantere at det blir -prioritert med det første. </p> - -<p>Men målet med denne bloggposten er å vise hvordan denne -Doffin-databasen kan brukes og integreres med en RSS-leser, slik at en -kan la datamaskinen holde et øye med Doffin-annonseringer etter -nøkkelord. En kan lage sitt eget søk ved å besøke -<ahref="https://classic.scraperwiki.com/docs/api?name=norwegian-doffin#sqlite">API-et -hos Scraperwiki</a>, velge format rss2 og så legge inn noe ala dette i -"query in SQL":</p> - -<p><pre> -select title, scrapedurl as link, abstract as description, - publishdate as pubDate from 'swdata' - where abstract like '%linux%' or title like '%linux%' - order by seq desc limit 20 -</pre></p> - -<p>Dette vil søke opp alle anbud med ordet linux i oppsummering eller -tittel. En kan lage mer avanserte søk hvis en ønsker det. URL-en som -dukker opp nederst på siden kan en så gi til sin RSS-leser (jeg bruker -akregator selv), og så automatisk få beskjed hvis det dukker opp anbud -med det aktuelle nøkkelordet i teksten. Merk at kapasiteten og -ytelsen hos Scraperwiki er begrenset, så ikke be RSS-leseren hente ned -oftere enn en gang hver dag.</p> - -<p>Du lurer kanskje på hva slags informasjon en kan få ut fra denne -databasen. Her er to RSS-kilder, med søkeordet -"<a href="https://api.scraperwiki.com/api/1.0/datastore/sqlite?format=rss2&name=norwegian-doffin&query=select%20title%2C%20scrapedurl%20as%20link%2C%20abstract%20as%20description%2C%0A%20%20%20%20%20%20%20publishdate%20as%20pubDate%20from%20'swdata'%0A%20%20%20where%20abstract%20like%20'%25linux%25'%20or%20title%20like%20'%25linux%25'%0A%20%20%20order%20by%20seq%20desc%20limit%2020">linux</a>", -søkeordet -"<a href="https://api.scraperwiki.com/api/1.0/datastore/sqlite?format=rss2&name=norwegian-doffin&query=select%20title%2C%20scrapedurl%20as%20link%2C%20abstract%20as%20description%2C%0A%20%20%20%20%20%20%20publishdate%20as%20pubDate%20from%20'swdata'%0A%20%20%20where%20abstract%20like%20'%25fri%20programvare%25'%20or%20title%20like%20'%25fri%20programvare%25'%0A%20%20%20order%20by%20seq%20desc%20limit%2020">fri -programvare</a>" -og søkeordet -"<a href="https://api.scraperwiki.com/api/1.0/datastore/sqlite?format=rss2&name=norwegian-doffin&query=select%20title%2C%20scrapedurl%20as%20link%2C%20abstract%20as%20description%2C%0A%20%20%20%20%20%20%20publishdate%20as%20pubDate%20from%20'swdata'%0A%20%20%20where%20abstract%20like%20'%25odf%25'%20or%20title%20like%20'%25odf%25'%0A%20%20%20order%20by%20seq%20desc%20limit%2020">odf</a>". -Det er bare å søke på det en er interessert i. Kopier gjerne -datasettet og sett opp din egen tjeneste hvis du vil gjøre mer -avanserte søk. SQLite-filen med Doffin-oppføringer kan lastes med fra -Scraperwiki for de som vil grave dypere.</p> - - - - - All drones should be radio marked with what they do and who they belong to - http://people.skolelinux.org/pere/blog/All_drones_should_be_radio_marked_with_what_they_do_and_who_they_belong_to.html - http://people.skolelinux.org/pere/blog/All_drones_should_be_radio_marked_with_what_they_do_and_who_they_belong_to.html - Thu, 21 Nov 2013 15:40:00 +0100 - <p>Drones, flying robots, are getting more and more popular. The most -know ones are the killer drones used by some government to murder -people they do not like without giving them the chance of a fair -trial, but the technology have many good uses too, from mapping and -forest maintenance to photography and search and rescue. I am sure it -is just a question of time before "bad drones" are in the hands of -private enterprises and not only state criminals but petty criminals -too. The drone technology is very useful and very dangerous. To have -some control over the use of drones, I agree with Daniel Suarez in his -TED talk -"<a href="https://archive.org/details/DanielSuarez_2013G">The kill -decision shouldn't belong to a robot</a>", where he suggested this -little gem to keep the good while limiting the bad use of drones:</p> - -<blockquote> - -<p>Each robot and drone should have a cryptographically signed -I.D. burned in at the factory that can be used to track its movement -through public spaces. We have license plates on cars, tail numbers on -aircraft. This is no different. And every citizen should be able to -download an app that shows the population of drones and autonomous -vehicles moving through public spaces around them, both right now and -historically. And civic leaders should deploy sensors and civic drones -to detect rogue drones, and instead of sending killer drones of their -own up to shoot them down, they should notify humans to their -presence. And in certain very high-security areas, perhaps civic -drones would snare them and drag them off to a bomb disposal facility.</p> - -<p>But notice, this is more an immune system than a weapons system. It -would allow us to avail ourselves of the use of autonomous vehicles -and drones while still preserving our open, civil society.</p> - -</blockquote> - -<p>The key is that <em>every citizen</em> should be able to read the -radio beacons sent from the drones in the area, to be able to check -both the government and others use of drones. For such control to be -effective, everyone must be able to do it. What should such beacon -contain? At least formal owner, purpose, contact information and GPS -location. Probably also the origin and target position of the current -flight. And perhaps some registration number to be able to look up -the drone in a central database tracking their movement. Robots -should not have privacy. It is people who need privacy.</p> +<ul> - Lets make a wireless community network in Oslo! - http://people.skolelinux.org/pere/blog/Lets_make_a_wireless_community_network_in_Oslo_.html - http://people.skolelinux.org/pere/blog/Lets_make_a_wireless_community_network_in_Oslo_.html - Wed, 13 Nov 2013 21:00:00 +0100 - <p>Today NUUG and Hackeriet announced -<a href="http://www.nuug.no/news/Bli_med___bygge_dugnadsnett_for_alle_i_Oslo.shtml">our -plans to join forces and create a wireless community network in -Oslo</a>. The workshop to help people get started will take place -Thursday 2013-11-28, but we already are collecting the geolocation of -people joining forces to make this happen. We have -<a href="https://github.com/petterreinholdtsen/meshfx-node/blob/master/oslo-nodes.geojson">9 -locations plotted on the map</a>, but we will need more before we have -a connected mesh spread across Oslo. If this sound interesting to -you, please join us at the workshop. If you are too impatient to wait -15 days, please join us on the IRC channel -<a href="irc://irc.freenode.net/%23nuug">#nuug on irc.freenode.net</a> -right away. :)</p> + S3QL, a locally mounted cloud file system - nice free software + http://people.skolelinux.org/pere/blog/S3QL__a_locally_mounted_cloud_file_system___nice_free_software.html + http://people.skolelinux.org/pere/blog/S3QL__a_locally_mounted_cloud_file_system___nice_free_software.html + Wed, 9 Apr 2014 11:30:00 +0200 + <p>For a while now, I have been looking for a sensible offsite backup +solution for use at home. My requirements are simple, it must be +cheap and locally encrypted (in other words, I keep the encryption +keys, the storage provider do not have access to my private files). +One idea me and my friends had many years ago, before the cloud +storage providers showed up, was to use Google mail as storage, +writing a Linux block device storing blocks as emails in the mail +service provided by Google, and thus get heaps of free space. On top +of this one can add encryption, RAID and volume management to have +lots of (fairly slow, I admit that) cheap and encrypted storage. But +I never found time to implement such system. But the last few weeks I +have looked at a system called +<a href="https://bitbucket.org/nikratio/s3ql/">S3QL</a>, a locally +mounted network backed file system with the features I need.</p> + +<p>S3QL is a fuse file system with a local cache and cloud storage, +handling several different storage providers, any with Amazon S3, +Google Drive or OpenStack API. There are heaps of such storage +providers. S3QL can also use a local directory as storage, which +combined with sshfs allow for file storage on any ssh server. S3QL +include support for encryption, compression, de-duplication, snapshots +and immutable file systems, allowing me to mount the remote storage as +a local mount point, look at and use the files as if they were local, +while the content is stored in the cloud as well. This allow me to +have a backup that should survive fire. The file system can not be +shared between several machines at the same time, as only one can +mount it at the time, but any machine with the encryption key and +access to the storage service can mount it if it is unmounted.</p> + +<p>It is simple to use. I'm using it on Debian Wheezy, where the +package is included already. So to get started, run <tt>apt-get +install s3ql</tt>. Next, pick a storage provider. I ended up picking +Greenqloud, after reading their nice recipe on +<a href="https://greenqloud.zendesk.com/entries/44611757-How-To-Use-S3QL-to-mount-a-StorageQloud-bucket-on-Debian-Wheezy">how +to use S3QL with their Amazon S3 service</a>, because I trust the laws +in Iceland more than those in USA when it come to keeping my personal +data safe and private, and thus would rather spend money on a company +in Iceland. Another nice recipe is available from the article +<a href="http://www.admin-magazine.com/HPC/Articles/HPC-Cloud-Storage">S3QL +Filesystem for HPC Storage</a> by Jeff Layton in the HPC section of +Admin magazine. When the provider is picked, figure out how to get +the API key needed to connect to the storage API. With Greencloud, +the key did not show up until I had added payment details to my +account.</p> + +<p>Armed with the API access details, it is time to create the file +system. First, create a new bucket in the cloud. This bucket is the +file system storage area. I picked a bucket name reflecting the +machine that was going to store data there, but any name will do. +I'll refer to it as <tt>bucket-name</tt> below. In addition, one need +the API login and password, and a locally created password. Store it +all in ~root/.s3ql/authinfo2 like this: + +<p><blockquote><pre> +[s3c] +storage-url: s3c://s.greenqloud.com:443/bucket-name +backend-login: API-login +backend-password: API-password +fs-passphrase: local-password +</pre></blockquote></p> + +<p>I create my local passphrase using <tt>pwget 50</tt> or similar, +but any sensible way to create a fairly random password should do it. +Armed with these details, it is now time to run mkfs, entering the API +details and password to create it:</p> + +<p><blockquote><pre> +# mkdir -m 700 /var/lib/s3ql-cache +# mkfs.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \ + --ssl s3c://s.greenqloud.com:443/bucket-name +Enter backend login: +Enter backend password: +Before using S3QL, make sure to read the user's guide, especially +the 'Important Rules to Avoid Loosing Data' section. +Enter encryption password: +Confirm encryption password: +Generating random encryption key... +Creating metadata tables... +Dumping metadata... +..objects.. +..blocks.. +..inodes.. +..inode_blocks.. +..symlink_targets.. +..names.. +..contents.. +..ext_attributes.. +Compressing and uploading metadata... +Wrote 0.00 MB of compressed metadata. +# </pre></blockquote></p> + +<p>The next step is mounting the file system to make the storage available. + +<p><blockquote><pre> +# mount.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \ + --ssl --allow-root s3c://s.greenqloud.com:443/bucket-name /s3ql +Using 4 upload threads. +Downloading and decompressing metadata... +Reading metadata... +..objects.. +..blocks.. +..inodes.. +..inode_blocks.. +..symlink_targets.. +..names.. +..contents.. +..ext_attributes.. +Mounting filesystem... +# df -h /s3ql +Filesystem Size Used Avail Use% Mounted on +s3c://s.greenqloud.com:443/bucket-name 1.0T 0 1.0T 0% /s3ql +# +</pre></blockquote></p> + +<p>The file system is now ready for use. I use rsync to store my +backups in it, and as the metadata used by rsync is downloaded at +mount time, no network traffic (and storage cost) is triggered by +running rsync. To unmount, one should not use the normal umount +command, as this will not flush the cache to the cloud storage, but +instead running the umount.s3ql command like this: + +<p><blockquote><pre> +# umount.s3ql /s3ql +# +</pre></blockquote></p> + +<p>There is a fsck command available to check the file system and +correct any problems detected. This can be used if the local server +crashes while the file system is mounted, to reset the "already +mounted" flag. This is what it look like when processing a working +file system:</p> + +<p><blockquote><pre> +# fsck.s3ql --force --ssl s3c://s.greenqloud.com:443/bucket-name +Using cached metadata. +File system seems clean, checking anyway. +Checking DB integrity... +Creating temporary extra indices... +Checking lost+found... +Checking cached objects... +Checking names (refcounts)... +Checking contents (names)... +Checking contents (inodes)... +Checking contents (parent inodes)... +Checking objects (reference counts)... +Checking objects (backend)... +..processed 5000 objects so far.. +..processed 10000 objects so far.. +..processed 15000 objects so far.. +Checking objects (sizes)... +Checking blocks (referenced objects)... +Checking blocks (refcounts)... +Checking inode-block mapping (blocks)... +Checking inode-block mapping (inodes)... +Checking inodes (refcounts)... +Checking inodes (sizes)... +Checking extended attributes (names)... +Checking extended attributes (inodes)... +Checking symlinks (inodes)... +Checking directory reachability... +Checking unix conventions... +Checking referential integrity... +Dropping temporary indices... +Backing up old metadata... +Dumping metadata... +..objects.. +..blocks.. +..inodes.. +..inode_blocks.. +..symlink_targets.. +..names.. +..contents.. +..ext_attributes.. +Compressing and uploading metadata... +Wrote 0.89 MB of compressed metadata. +# +</pre></blockquote></p> + +<p>Thanks to the cache, working on files that fit in the cache is very +quick, about the same speed as local file access. Uploading large +amount of data is to me limited by the bandwidth out of and into my +house. Uploading 685 MiB with a 100 MiB cache gave me 305 kiB/s, +which is very close to my upload speed, and downloading the same +Debian installation ISO gave me 610 kiB/s, close to my download speed. +Both were measured using <tt>dd</tt>. So for me, the bottleneck is my +network, not the file system code. I do not know what a good cache +size would be, but suspect that the cache should e larger than your +working set.</p> + +<p>I mentioned that only one machine can mount the file system at the +time. If another machine try, it is told that the file system is +busy:</p> + +<p><blockquote><pre> +# mount.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \ + --ssl --allow-root s3c://s.greenqloud.com:443/bucket-name /s3ql +Using 8 upload threads. +Backend reports that fs is still mounted elsewhere, aborting. +# +</pre></blockquote></p> + +<p>The file content is uploaded when the cache is full, while the +metadata is uploaded once every 24 hour by default. To ensure the +file system content is flushed to the cloud, one can either umount the +file system, or ask S3QL to flush the cache and metadata using +s3qlctrl: + +<p><blockquote><pre> +# s3qlctrl upload-meta /s3ql +# s3qlctrl flushcache /s3ql +# +</pre></blockquote></p> + +<p>If you are curious about how much space your data uses in the +cloud, and how much compression and deduplication cut down on the +storage usage, you can use s3qlstat on the mounted file system to get +a report:</p> + +<p><blockquote><pre> +# s3qlstat /s3ql +Directory entries: 9141 +Inodes: 9143 +Data blocks: 8851 +Total data size: 22049.38 MB +After de-duplication: 21955.46 MB (99.57% of total) +After compression: 21877.28 MB (99.22% of total, 99.64% of de-duplicated) +Database size: 2.39 MB (uncompressed) +(some values do not take into account not-yet-uploaded dirty blocks in cache) +# +</pre></blockquote></p> + +<p>I mentioned earlier that there are several possible suppliers of +storage. I did not try to locate them all, but am aware of at least +<a href="https://www.greenqloud.com/">Greenqloud</a>, +<a href="http://drive.google.com/">Google Drive</a>, +<a href="http://aws.amazon.com/s3/">Amazon S3 web serivces</a>, +<a href="http://www.rackspace.com/">Rackspace</a> and +<a href="http://crowncloud.net/">Crowncloud</A>. The latter even +accept payment in Bitcoin. Pick one that suit your need. Some of +them provide several GiB of free storage, but the prize models are +quite different and you will have to figure out what suits you +best.</p> + +<p>While researching this blog post, I had a look at research papers +and posters discussing the S3QL file system. There are several, which +told me that the file system is getting a critical check by the +science community and increased my confidence in using it. One nice +poster is titled +"<a href="http://www.lanl.gov/orgs/adtsc/publications/science_highlights_2013/docs/pg68_69.pdf">An +Innovative Parallel Cloud Storage System using OpenStack’s SwiftObject +Store and Transformative Parallel I/O Approach</a>" by Hsing-Bung +Chen, Benjamin McClelland, David Sherrill, Alfred Torrez, Parks Fields +and Pamela Smith. Please have a look.</p> + +<p>Given my problems with different file systems earlier, I decided to +check out the mounted S3QL file system to see if it would be usable as +a home directory (in other word, that it provided POSIX semantics when +it come to locking and umask handling etc). Running +<a href="http://people.skolelinux.org/pere/blog/Testing_if_a_file_system_can_be_used_for_home_directories___.html">my +test code to check file system semantics</a>, I was happy to discover that +no error was found. So the file system can be used for home +directories, if one chooses to do so.</p> + +<p>If you do not want a locally file system, and want something that +work without the Linux fuse file system, I would like to mention the +<a href="http://www.tarsnap.com/">Tarsnap service</a>, which also +provide locally encrypted backup using a command line client. It have +a nicer access control system, where one can split out read and write +access, allowing some systems to write to the backup and others to +only read from it.</p> + +<p>As usual, if you use Bitcoin and want to show your support of my +activities, please send Bitcoin donations to my address +<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&label=PetterReinholdtsenBlog">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p> - Running TP-Link MR3040 as a batman-adv mesh node using openwrt - http://people.skolelinux.org/pere/blog/Running_TP_Link_MR3040_as_a_batman_adv_mesh_node_using_openwrt.html - http://people.skolelinux.org/pere/blog/Running_TP_Link_MR3040_as_a_batman_adv_mesh_node_using_openwrt.html - Sun, 10 Nov 2013 23:00:00 +0100 - <p>Continuing my research into mesh networking, I was recommended to -use TP-Link 3040 and 3600 access points as mesh nodes, and the pair I -bought arrived on Friday. Here are my notes on how to set up the -MR3040 as a mesh node using -<a href="http://www.openwrt.org/">OpenWrt</a>.</p> - -<p>I started by following the instructions on the OpenWRT wiki for -<a href="http://wiki.openwrt.org/toh/tp-link/tl-mr3040">TL-MR3040</a>, -and downloaded -<a href="http://downloads.openwrt.org/snapshots/trunk/ar71xx/openwrt-ar71xx-generic-tl-mr3040-v2-squashfs-factory.bin">the -recommended firmware image</a> -(openwrt-ar71xx-generic-tl-mr3040-v2-squashfs-factory.bin) and -uploaded it into the original web interface. The flashing went fine, -and the machine was available via telnet on the ethernet port. After -logging in and setting the root password, ssh was available and I -could start to set it up as a batman-adv mesh node.</p> - -<p>I started off by reading the instructions from -<a href="http://wirelessafrica.meraka.org.za/wiki/index.php?title=Antoine's_Research">Wireless -Africa</a>, which had quite a lot of useful information, but -eventually I followed the recipe from the Open Mesh wiki for -<a href="http://www.open-mesh.org/projects/batman-adv/wiki/Batman-adv-openwrt-config">using -batman-adv on OpenWrt</a>. A small snag was the fact that the -<tt>opkg install kmod-batman-adv</tt> command did not work as it -should. The batman-adv kernel module would fail to load because its -dependency crc16 was not already loaded. I -<a href="https://dev.openwrt.org/ticket/14452">reported the bug</a> to -the openwrt project and hope it will be fixed soon. But the problem -only seem to affect initial testing of batman-adv, as configuration -seem to work when booting from scratch.</p> - -<p>The setup is done using files in /etc/config/. I did not bridge -the Ethernet and mesh interfaces this time, to be able to hook up the -box on my local network and log into it for configuration updates. -The following files were changed and look like this after modifying -them:</p> - -<p><tt>/etc/config/network</tt></p> + EU-domstolen bekreftet i dag at datalagringsdirektivet er ulovlig + http://people.skolelinux.org/pere/blog/EU_domstolen_bekreftet_i_dag_at_datalagringsdirektivet_er_ulovlig.html + http://people.skolelinux.org/pere/blog/EU_domstolen_bekreftet_i_dag_at_datalagringsdirektivet_er_ulovlig.html + Tue, 8 Apr 2014 11:30:00 +0200 + <p>I dag kom endelig avgjørelsen fra EU-domstolen om +datalagringsdirektivet, som ikke overraskende ble dømt ulovlig og i +strid med borgernes grunnleggende rettigheter. Hvis du lurer på hva +datalagringsdirektivet er for noe, så er det +<a href="http://tv.nrk.no/program/koid75005313/tema-dine-digitale-spor-datalagringsdirektivet">en +flott dokumentar tilgjengelig hos NRK</a> som jeg tidligere +<a href="http://people.skolelinux.org/pere/blog/Dokumentaren_om_Datalagringsdirektivet_sendes_endelig_p__NRK.html">har +anbefalt</a> alle å se.</p> -<pre> +<p>Her er et liten knippe nyhetsoppslag om saken, og jeg regner med at +det kommer flere ut over dagen. Flere kan finnes +<a href="http://www.mylder.no/?drill=datalagringsdirektivet&intern=1">via +mylder</a>.</p> -config interface 'loopback' - option ifname 'lo' - option proto 'static' - option ipaddr '127.0.0.1' - option netmask '255.0.0.0' - -config globals 'globals' - option ula_prefix 'fdbf:4c12:3fed::/48' - -config interface 'lan' - option ifname 'eth0' - option type 'bridge' - option proto 'dhcp' - option ipaddr '192.168.1.1' - option netmask '255.255.255.0' - option hostname 'tl-mr3040' - option ip6assign '60' - -config interface 'mesh' - option ifname 'adhoc0' - option mtu '1528' - option proto 'batadv' - option mesh 'bat0' -</pre> +<p><ul> -<p><tt>/etc/config/wireless</tt></p> -<pre> +<li><a href="http://e24.no/digital/eu-domstolen-datalagringsdirektivet-er-ugyldig/22879592">EU-domstolen: +Datalagringsdirektivet er ugyldig</a> - e24.no 2014-04-08 -config wifi-device 'radio0' - option type 'mac80211' - option channel '11' - option hwmode '11ng' - option path 'platform/ar933x_wmac' - option htmode 'HT20' - list ht_capab 'SHORT-GI-20' - list ht_capab 'SHORT-GI-40' - list ht_capab 'RX-STBC1' - list ht_capab 'DSSS_CCK-40' - option disabled '0' - -config wifi-iface 'wmesh' - option device 'radio0' - option ifname 'adhoc0' - option network 'mesh' - option encryption 'none' - option mode 'adhoc' - option bssid '02:BA:00:00:00:01' - option ssid 'meshfx@hackeriet' -</pre> -<p><tt>/etc/config/batman-adv</tt></p> -<pre> +<li><a href="http://www.aftenposten.no/nyheter/iriks/EU-domstolen-Datalagringsdirektivet-er-ulovlig-7529032.html">EU-domstolen: +Datalagringsdirektivet er ulovlig</a> - aftenposten.no 2014-04-08 -config 'mesh' 'bat0' - option interfaces 'adhoc0' - option 'aggregated_ogms' - option 'ap_isolation' - option 'bonding' - option 'fragmentation' - option 'gw_bandwidth' - option 'gw_mode' - option 'gw_sel_class' - option 'log_level' - option 'orig_interval' - option 'vis_mode' - option 'bridge_loop_avoidance' - option 'distributed_arp_table' - option 'network_coding' - option 'hop_penalty' - -# yet another batX instance -# config 'mesh' 'bat5' -# option 'interfaces' 'second_mesh' -</pre> +<li><a href="http://www.aftenposten.no/nyheter/iriks/politikk/Krever-DLD-stopp-i-Norge-7530086.html">Krever +DLD-stopp i Norge</a> - aftenposten.no 2014-04-08 -<p>The mesh node is now operational. I have yet to test its range, -but I hope it is good. I have not yet tested the TP-Link 3600 box -still wrapped up in plastic.</p> - - - - - Debian init.d boot script example for rsyslog - http://people.skolelinux.org/pere/blog/Debian_init_d_boot_script_example_for_rsyslog.html - http://people.skolelinux.org/pere/blog/Debian_init_d_boot_script_example_for_rsyslog.html - Sat, 2 Nov 2013 22:40:00 +0100 - <p>If one of the points of switching to a new init system in Debian is -<a href="http://thomas.goirand.fr/blog/?p=147">to get rid of huge -init.d scripts</a>, I doubt we need to switch away from sysvinit and -init.d scripts at all. Here is an example init.d script, ie a rewrite -of /etc/init.d/rsyslog:</p> - -<p><pre> -#!/lib/init/init-d-script -### BEGIN INIT INFO -# Provides: rsyslog -# Required-Start: $remote_fs $time -# Required-Stop: umountnfs $time -# X-Stop-After: sendsigs -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: enhanced syslogd -# Description: Rsyslog is an enhanced multi-threaded syslogd. -# It is quite compatible to stock sysklogd and can be -# used as a drop-in replacement. -### END INIT INFO -DESC="enhanced syslogd" -DAEMON=/usr/sbin/rsyslogd -</pre></p> - -<p>Pretty minimalistic to me... For the record, the original sysv-rc -script was 137 lines, and the above is just 15 lines, most of it meta -info/comments.</p> - -<p>How to do this, you ask? Well, one create a new script -/lib/init/init-d-script looking something like this: - -<p><pre> -#!/bin/sh +<li><a href="http://www.p4.no/story.aspx?id=566431">Apenes: - En +gledens dag</a> - p4.no 2014-04-08 -# Define LSB log_* functions. -# Depend on lsb-base (>= 3.2-14) to ensure that this file is present -# and status_of_proc is working. -. /lib/lsb/init-functions +<li><a href="http://www.nrk.no/norge/_-datalagringsdirektivet-er-ugyldig-1.11655929">EU-domstolen: +– Datalagringsdirektivet er ugyldig</a> - nrk.no 2014-04-08</li> -# -# Function that starts the daemon/service +<li><a href="http://www.vg.no/nyheter/utenriks/data-og-nett/eu-domstolen-datalagringsdirektivet-er-ugyldig/a/10130280/">EU-domstolen: +Datalagringsdirektivet er ugyldig</a> - vg.no 2014-04-08</li> -# -do_start() -{ - # Return - # 0 if daemon has been started - # 1 if daemon was already running - # 2 if daemon could not be started - start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ - || return 1 - start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ - $DAEMON_ARGS \ - || return 2 - # Add code here, if necessary, that waits for the process to be ready - # to handle requests from services started subsequently which depend - # on this one. As a last resort, sleep for some time. -} +<li><a href="http://www.dagbladet.no/2014/04/08/nyheter/innenriks/datalagringsdirektivet/personvern/32711646/">- +Vi bør skrote hele datalagringsdirektivet</a> - dagbladet.no +2014-04-08</li> -# -# Function that stops the daemon/service -# -do_stop() -{ - # Return - # 0 if daemon has been stopped - # 1 if daemon was already stopped - # 2 if daemon could not be stopped - # other if a failure occurred - start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME - RETVAL="$?" - [ "$RETVAL" = 2 ] && return 2 - # Wait for children to finish too if this is a daemon that forks - # and if the daemon is only ever run from this initscript. - # If the above conditions are not satisfied then add some other code - # that waits for the process to drop all resources that could be - # needed by services started subsequently. A last resort is to - # sleep for some time. - start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON - [ "$?" = 2 ] && return 2 - # Many daemons don't delete their pidfiles when they exit. - rm -f $PIDFILE - return "$RETVAL" -} +<li><a href="http://www.digi.no/928137/eu-domstolen-dld-er-ugyldig">EU-domstolen: +DLD er ugyldig</a> - digi.no 2014-04-08</li> -# -# Function that sends a SIGHUP to the daemon/service -# -do_reload() { - # - # If the daemon can reload its configuration without - # restarting (for example, when it is sent a SIGHUP), - # then implement that here. - # - start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME - return 0 -} - -SCRIPTNAME=$1 -scriptbasename="$(basename $1)" -echo "SN: $scriptbasename" -if [ "$scriptbasename" != "init-d-library" ] ; then - script="$1" - shift - . $script -else - exit 0 -fi +<li><a href="http://www.irishtimes.com/business/sectors/technology/european-court-declares-data-retention-directive-invalid-1.1754150">European +court declares data retention directive invalid</a> - irishtimes.com +2014-04-08</li> -NAME=$(basename $DAEMON) -PIDFILE=/var/run/$NAME.pid - -# Exit if the package is not installed -#[ -x "$DAEMON" ] || exit 0 - -# Read configuration variable file if it is present -[ -r /etc/default/$NAME ] && . /etc/default/$NAME - -# Load the VERBOSE setting and other rcS variables -. /lib/init/vars.sh - -case "$1" in - start) - [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" - do_start - case "$?" in - 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; - 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; - esac - ;; - stop) - [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" - do_stop - case "$?" in - 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; - 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; - esac - ;; - status) - status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $? - ;; - #reload|force-reload) - # - # If do_reload() is not implemented then leave this commented out - # and leave 'force-reload' as an alias for 'restart'. - # - #log_daemon_msg "Reloading $DESC" "$NAME" - #do_reload - #log_end_msg $? - #;; - restart|force-reload) - # - # If the "reload" option is implemented then remove the - # 'force-reload' alias - # - log_daemon_msg "Restarting $DESC" "$NAME" - do_stop - case "$?" in - 0|1) - do_start - case "$?" in - 0) log_end_msg 0 ;; - 1) log_end_msg 1 ;; # Old process is still running - *) log_end_msg 1 ;; # Failed to start - esac - ;; - *) - # Failed to stop - log_end_msg 1 - ;; - esac - ;; - *) - echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2 - exit 3 - ;; -esac - -: -</pre></p> - -<p>It is based on /etc/init.d/skeleton, and could be improved quite a -lot. I did not really polish the approach, so it might not always -work out of the box, but you get the idea. I did not try very hard to -optimize it nor make it more robust either.</p> - -<p>A better argument for switching init system in Debian than reducing -the size of init scripts (which is a good thing to do anyway), is to -get boot system that is able to handle the kernel events sensibly and -robustly, and do not depend on the boot to run sequentially. The boot -and the kernel have not behaved sequentially in years.</p> +<li><a href="http://www.reuters.com/article/2014/04/08/us-eu-data-ruling-idUSBREA370F020140408?feedType=RSS">EU +court rules against requirement to keep data of telecom users</a> - +reuters.com 2014-04-08</li> + +</ul> +</p> + +<p>Jeg synes det er veldig fint at nok en stemme slår fast at +totalitær overvåkning av befolkningen er uakseptabelt, men det er +fortsatt like viktig å beskytte privatsfæren som før, da de +teknologiske mulighetene fortsatt finnes og utnyttes, og jeg tror +innsats i prosjekter som +<a href="https://wiki.debian.org/FreedomBox">Freedombox</a> og +<a href="http://www.dugnadsnett.no/">Dugnadsnett</a> er viktigere enn +noen gang.</p> + +<p><strong>Update 2014-04-08 12:10</strong>: Kronerullingen for å +stoppe datalagringsdirektivet i Norge gjøres hos foreningen +<a href="http://www.digitaltpersonvern.no/">Digitalt Personvern</a>, +som har samlet inn 843 215,- så langt men trenger nok mye mer hvis + +ikke Høyre og Arbeiderpartiet bytter mening i saken. Det var +<a href="http://www.holderdeord.no/parliament-issues/48650">kun +partinene Høyre og Arbeiderpartiet</a> som stemte for +Datalagringsdirektivet, og en av dem må bytte mening for at det skal +bli flertall mot i Stortinget. Se mer om saken +<a href="http://www.holderdeord.no/issues/69-innfore-datalagringsdirektivet">Holder +de ord</a>.</p> + + + + + ReactOS Windows clone - nice free software + http://people.skolelinux.org/pere/blog/ReactOS_Windows_clone___nice_free_software.html + http://people.skolelinux.org/pere/blog/ReactOS_Windows_clone___nice_free_software.html + Tue, 1 Apr 2014 12:10:00 +0200 + <p>Microsoft have announced that Windows XP reaches its end of life +2014-04-08, in 7 days. But there are heaps of machines still running +Windows XP, and depending on Windows XP to run their applications, and +upgrading will be expensive, both when it comes to money and when it +comes to the amount of effort needed to migrate from Windows XP to a +new operating system. Some obvious options (buy new a Windows +machine, buy a MacOSX machine, install Linux on the existing machine) +are already well known and covered elsewhere. Most of them involve +leaving the user applications installed on Windows XP behind and +trying out replacements or updated versions. In this blog post I want +to mention one strange bird that allow people to keep the hardware and +the existing Windows XP applications and run them on a free software +operating system that is Windows XP compatible.</p> + +<p><a href="http://www.reactos.org/">ReactOS</a> is a free software +operating system (GNU GPL licensed) working on providing a operating +system that is binary compatible with Windows, able to run windows +programs directly and to use Windows drivers for hardware directly. +The project goal is for Windows user to keep their existing machines, +drivers and software, and gain the advantages from user a operating +system without usage limitations caused by non-free licensing. It is +a Windows clone running directly on the hardware, so quite different +from the approach taken by <a href="http://www.winehq.org/">the Wine +project</a>, which make it possible to run Windows binaries on +Linux.</p> + +<p>The ReactOS project share code with the Wine project, so most +shared libraries available on Windows are already implemented already. +There is also a software manager like the one we are used to on Linux, +allowing the user to install free software applications with a simple +click directly from the Internet. Check out the +<a href="http://www.reactos.org/screenshots">screen shots on the +project web site</a> for an idea what it look like (it looks just like +Windows before metro).</p> + +<p>I do not use ReactOS myself, preferring Linux and Unix like +operating systems. I've tested it, and it work fine in a virt-manager +virtual machine. The browser, minesweeper, notepad etc is working +fine as far as I can tell. Unfortunately, my main test application +is the software included on a CD with the Lego Mindstorms NXT, which +seem to install just fine from CD but fail to leave any binaries on +the disk after the installation. So no luck with that test software. +No idea why, but hope someone else figure out and fix the problem. +I've tried the ReactOS Live ISO on a physical machine, and it seemed +to work just fine. If you like Windows and want to keep running your +old Windows binaries, check it out by +<a href="http://www.reactos.org/download">downloading</a> the +installation CD, the live CD or the preinstalled virtual machine +image.</p> + + + + + Debian Edu interview: Roger Marsal + http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Roger_Marsal.html + http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Roger_Marsal.html + Sun, 30 Mar 2014 11:40:00 +0200 + <p><a href="http://www.skolelinux.org/">Debian Edu / Skolelinux</a> +keep gaining new users. Some weeks ago, a person showed up on IRC, +<a href="irc://irc.debian.org/#debian-edu">#debian-edu</a>, with a +wish to contribute, and I managed to get a interview with this great +contributor Roger Marsal to learn more about his background.</p> + +<p><strong>Who are you, and how do you spend your days?</strong></p> + +<p>My name is Roger Marsal, I'm 27 years old (1986 generation) and I +live in Barcelona, Spain. I've got a strong business background and I +work as a patrimony manager and as a real estate agent. Additionally, +I've co-founded a British based tech company that is nowadays on the +last development phase of a new social networking concept.</p> + +<p>I'm a Linux enthusiast that started its journey with Ubuntu four years +ago and have recently switched to Debian seeking rock solid stability +and as a necessary step to gain expertise.</p> + +<p>In a nutshell, I spend my days working and learning as much as I +can to face both my job, entrepreneur project and feed my Linux +hunger.</p> + +<p><strong>How did you get in contact with the Skolelinux / Debian Edu +project?</strong></p> + +<p>I discovered the <a href="http://www.ltsp.org/">LTSP</a> advantages +with "Ubuntu 12.04 alternate install" and after a year of use I +started looking for an alternative. Even though I highly value and +respect the Ubuntu project, I thought it was necessary for me to +change to a more robust and stable alternative. As far as I was using +Debian on my personal laptop I thought it would be fine to install +Debian and configure an LTSP server myself. Surprised, I discovered +that the Debian project also supported a kind of Edubuntu equivalent, +and after having some pain I obtained a Debian Edu network up and +running. I just loved it.</p> + +<p><strong>What do you see as the advantages of Skolelinux / Debian +Edu?</strong></p> + +<p>I found a main advantage in that, once you know "the tips and +tricks", a new installation just works out of the box. It's the most +complete alternative I've found to create an LTSP network. All the +other distributions seems to be made of plastic, Debian Edu seems to +be made of steel.</p> + +<p><strong>What do you see as the disadvantages of Skolelinux / Debian +Edu?</strong></p> + +<p>I found two main disadvantages.</p> + +<p>I'm not an expert but I've got notions and I had to spent a considerable +amount of time trying to bring up a standard network topology. I'm quite +stubborn and I just worked until I did but I'm sure many people with few +resources (not big schools, but academies for example) would have switched +or dropped.</p> + +<p>It's amazing how such a complex system like Debian Edu has achieved +this out-of-the-box state. Even though tweaking without breaking gets +more difficult, as more factors have to be considered. This can +discourage many people too.</p> + +<p><strong>Which free software do you use daily?</strong></p> + +<p>I use Debian, Firefox, Okular, Inkscape, LibreOffice and +Virtualbox.</p> + + +<p><strong>Which strategy do you believe is the right one to use to +get schools to use free software?</strong></p> + +<p>I don't think there is a need for a particular strategy. The free +attribute in both "freedom" and "no price" meanings is what will +really bring free software to schools. In my experience I can think of +the <a href="http://www.r-project.org/">"R" statistical language</a>; a +few years a ago was an extremely nerd tool for university people. +Today it's being increasingly used to teach statistics at many +different level of studies. I believe free and open software will +increasingly gain popularity, but I'm sure schools will be one of the +first scenarios where this will happen.</p> - Browser plugin for SPICE (spice-xpi) uploaded to Debian - http://people.skolelinux.org/pere/blog/Browser_plugin_for_SPICE__spice_xpi__uploaded_to_Debian.html - http://people.skolelinux.org/pere/blog/Browser_plugin_for_SPICE__spice_xpi__uploaded_to_Debian.html - Fri, 1 Nov 2013 11:00:00 +0100 - <p><a href="http://www.spice-space.org/">The SPICE protocol</a> for -remote display access is the preferred solution with oVirt and RedHat -Enterprise Virtualization, and I was sad to discover the other day -that the browser plugin needed to use these systems seamlessly was -missing in Debian. The <a href="http://bugs.debian.org/668284">request -for a package</a> was from 2012-04-10 with no progress since -2013-04-01, so I decided to wrap up a package based on the great work -from Cajus Pollmeier and put it in a collab-maint maintained git -repository to get a package I could use. I would very much like -others to help me maintain the package (or just take over, I do not -mind), but as no-one had volunteered so far, I just uploaded it to -NEW. I hope it will be available in Debian in a few days.</p> - -<p>The source is now available from -<a href="http://anonscm.debian.org/gitweb/?p=collab-maint/spice-xpi.git;a=summary">http://anonscm.debian.org/gitweb/?p=collab-maint/spice-xpi.git;a=summary</a>.</p> + Dokumentaren om Datalagringsdirektivet sendes endelig på NRK + http://people.skolelinux.org/pere/blog/Dokumentaren_om_Datalagringsdirektivet_sendes_endelig_p__NRK.html + http://people.skolelinux.org/pere/blog/Dokumentaren_om_Datalagringsdirektivet_sendes_endelig_p__NRK.html + Wed, 26 Mar 2014 09:50:00 +0100 + <p><a href="http://www.nuug.no/">Foreningen NUUG</a> melder i natt at +NRK nå har bestemt seg for +<a href="http://www.nuug.no/news/NRK_viser_filmen_om_Datalagringsdirektivet_f_rste_gang_2014_03_31.shtml">når +den norske dokumentarfilmen om datalagringsdirektivet skal +sendes</a> (se <a href="http://www.imdb.com/title/tt2832844/">IMDB</a> +for detaljer om filmen) . Første visning blir på NRK2 mandag +2014-03-31 kl. 19:50, og deretter visninger onsdag 2014-04-02 +kl. 12:30, fredag 2014-04-04 kl. 19:40 og søndag 2014-04-06 kl. 15:10. +Jeg har sett dokumentaren, og jeg anbefaler enhver å se den selv. Som +oppvarming mens vi venter anbefaler jeg Bjørn Stærks kronikk i +Aftenposten fra i går, +<a href="http://www.aftenposten.no/meninger/kronikker/Autoritar-gjokunge-7514915.html">Autoritær +gjøkunge</a>, der han gir en grei skisse av hvor ille det står til med +retten til privatliv og beskyttelsen av demokrati i Norge og resten +verden, og helt riktig slår fast at det er vi i databransjen som +sitter med nøkkelen til å gjøre noe med dette. Jeg har involvert meg +i prosjektene <a href="http://www.dugnadsnett.no/">dugnadsnett.no</a> +og <a href="https://wiki.debian.org/FreedomBox">FreedomBox</a> for å +forsøke å gjøre litt selv for å bedre situasjonen, men det er mye +hardt arbeid fra mange flere enn meg som gjenstår før vi kan sies å ha +gjenopprettet balansen.</p> + +<p>Jeg regner med at nettutgaven dukker opp på +<a href="http://tv.nrk.no/program/koid75005313/tema-dine-digitale-spor-datalagringsdirektivet">NRKs +side om filmen om datalagringsdirektivet</a> om fem dager. Hold et +øye med siden, og tips venner og slekt om at de også bør se den.</p> - Teaching vmdebootstrap to create Raspberry Pi SD card images - http://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html - http://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html - Sun, 27 Oct 2013 17:00:00 +0100 - <p>The -<a href="http://packages.qa.debian.org/v/vmdebootstrap.html">vmdebootstrap</a> -program is a a very nice system to create virtual machine images. It -create a image file, add a partition table, mount it and run -debootstrap in the mounted directory to create a Debian system on a -stick. Yesterday, I decided to try to teach it how to make images for -<a href="https://wiki.debian.org/RaspberryPi">Raspberry Pi</a>, as part -of a plan to simplify the build system for -<a href="https://wiki.debian.org/FreedomBox">the FreedomBox -project</a>. The FreedomBox project already uses vmdebootstrap for -the virtualbox images, but its current build system made multistrap -based system for Dreamplug images, and it is lacking support for -Raspberry Pi.</p> - -<p>Armed with the knowledge on how to build "foreign" (aka non-native -architecture) chroots for Raspberry Pi, I dived into the vmdebootstrap -code and adjusted it to be able to build armel images on my amd64 -Debian laptop. I ended up giving vmdebootstrap five new options, -allowing me to replicate the image creation process I use to make -<a href="http://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html">Debian -Jessie based mesh node images for the Raspberry Pi</a>. First, the -<tt>--foreign /path/to/binfm_handler</tt> option tell vmdebootstrap to -call debootstrap with --foreign and to copy the handler into the -generated chroot before running the second stage. This allow -vmdebootstrap to create armel images on an amd64 host. Next I added -two new options <tt>--bootsize size</tt> and <tt>--boottype -fstype</tt> to teach it to create a separate /boot/ partition with the -given file system type, allowing me to create an image with a vfat -partition for the /boot/ stuff. I also added a <tt>--variant -variant</tt> option to allow me to create smaller images without the -Debian base system packages installed. Finally, I added an option -<tt>--no-extlinux</tt> to tell vmdebootstrap to not install extlinux -as a boot loader. It is not needed on the Raspberry Pi and probably -most other non-x86 architectures. The changes were accepted by the -upstream author of vmdebootstrap yesterday and today, and is now -available from -<a href="http://git.liw.fi/cgi-bin/cgit/cgit.cgi/vmdebootstrap/">the -upstream project page</a>.</p> - -<p>To use it to build a Raspberry Pi image using Debian Jessie, first -create a small script (the customize script) to add the non-free -binary blob needed to boot the Raspberry Pi and the APT source -list:</p> - -<p><pre> + Public Trusted Timestamping services for everyone + http://people.skolelinux.org/pere/blog/Public_Trusted_Timestamping_services_for_everyone.html + http://people.skolelinux.org/pere/blog/Public_Trusted_Timestamping_services_for_everyone.html + Tue, 25 Mar 2014 12:50:00 +0100 + <p>Did you ever need to store logs or other files in a way that would +allow it to be used as evidence in court, and needed a way to +demonstrate without reasonable doubt that the file had not been +changed since it was created? Or, did you ever need to document that +a given document was received at some point in time, like some +archived document or the answer to an exam, and not changed after it +was received? The problem in these settings is to remove the need to +trust yourself and your computers, while still being able to prove +that a file is the same as it was at some given time in the past.</p> + +<p>A solution to these problems is to have a trusted third party +"stamp" the document and verify that at some given time the document +looked a given way. Such +<a href="https://en.wikipedia.org/wiki/Notarius">notarius</a> service +have been around for thousands of years, and its digital equivalent is +called a +<a href="http://en.wikipedia.org/wiki/Trusted_timestamping">trusted +timestamping service</a>. <a href="http://www.ietf.org/">The Internet +Engineering Task Force</a> standardised how such service could work a +few years ago as <a href="http://tools.ietf.org/html/rfc3161">RFC +3161</a>. The mechanism is simple. Create a hash of the file in +question, send it to a trusted third party which add a time stamp to +the hash and sign the result with its private key, and send back the +signed hash + timestamp. Both email, FTP and HTTP can be used to +request such signature, depending on what is provided by the service +used. Anyone with the document and the signature can then verify that +the document matches the signature by creating their own hash and +checking the signature using the trusted third party public key. +There are several commercial services around providing such +timestamping. A quick search for +"<a href="https://duckduckgo.com/?q=rfc+3161+service">rfc 3161 +service</a>" pointed me to at least +<a href="https://www.digistamp.com/technical/how-a-digital-time-stamp-works/">DigiStamp</a>, +<a href="http://www.quovadisglobal.co.uk/CertificateServices/SigningServices/TimeStamp.aspx">Quo +Vadis</a>, +<a href="https://www.globalsign.com/timestamp-service/">Global Sign</a> +and <a href="http://www.globaltrustfinder.com/TSADefault.aspx">Global +Trust Finder</a>. The system work as long as the private key of the +trusted third party is not compromised.</p> + +<p>But as far as I can tell, there are very few public trusted +timestamp services available for everyone. I've been looking for one +for a while now. But yesterday I found one over at +<a href="https://www.pki.dfn.de/zeitstempeldienst/">Deutches +Forschungsnetz</a> mentioned in +<a href="http://www.d-mueller.de/blog/dealing-with-trusted-timestamps-in-php-rfc-3161/">a +blog by David Müller</a>. I then found +<a href="http://www.rz.uni-greifswald.de/support/dfn-pki-zertifikate/zeitstempeldienst.html">a +good recipe on how to use the service</a> over at the University of +Greifswald.</p> + +<p><a href="http://www.openssl.org/">The OpenSSL library</a> contain +both server and tools to use and set up your own signing service. See +the ts(1SSL), tsget(1SSL) manual pages for more details. The +following shell script demonstrate how to extract a signed timestamp +for any file on the disk in a Debian environment:</p> + +<p><blockquote><pre> #!/bin/sh -set -e # Exit on first error -rootdir="$1" -cd "$rootdir" -cat &lt;&lt;EOF > etc/apt/sources.list -deb http://http.debian.net/debian/ jessie main contrib non-free -EOF -# Install non-free binary blob needed to boot Raspberry Pi. This -# install a kernel somewhere too. -wget https://raw.github.com/Hexxeh/rpi-update/master/rpi-update \ - -O $rootdir/usr/bin/rpi-update -chmod a+x $rootdir/usr/bin/rpi-update -mkdir -p $rootdir/lib/modules -touch $rootdir/boot/start.elf -chroot $rootdir rpi-update -</pre></p> - -<p>Next, fetch the latest vmdebootstrap script and call it like this -to build the image:</p> - -<pre> -sudo ./vmdebootstrap \ - --variant minbase \ - --arch armel \ - --distribution jessie \ - --mirror http://http.debian.net/debian \ - --image test.img \ - --size 600M \ - --bootsize 64M \ - --boottype vfat \ - --log-level debug \ - --verbose \ - --no-kernel \ - --no-extlinux \ - --root-password raspberry \ - --hostname raspberrypi \ - --foreign /usr/bin/qemu-arm-static \ - --customize `pwd`/customize \ - --package netbase \ - --package git-core \ - --package binutils \ - --package ca-certificates \ - --package wget \ - --package kmod -</pre></p> - -<p>The list of packages being installed are the ones needed by -rpi-update to make the image bootable on the Raspberry Pi, with the -exception of netbase, which is needed by debootstrap to find -/etc/hosts with the minbase variant. I really wish there was a way to -set up an Raspberry Pi using only packages in the Debian archive, but -that is not possible as far as I know, because it boots from the GPU -using a non-free binary blob.</p> - -<p>The build host need debootstrap, kpartx and qemu-user-static and -probably a few others installed. I have not checked the complete -build dependency list.</p> - -<p>The resulting image will not use the hardware floating point unit -on the Raspberry PI, because the armel architecture in Debian is not -optimized for that use. So the images created will be a bit slower -than <a href="http://www.raspbian.org/">Raspbian</a> based images.</p> +set -e +url="http://zeitstempel.dfn.de" +caurl="https://pki.pca.dfn.de/global-services-ca/pub/cacert/chain.txt" +reqfile=$(mktemp -t tmp.XXXXXXXXXX.tsq) +resfile=$(mktemp -t tmp.XXXXXXXXXX.tsr) +cafile=chain.txt +if [ ! -f $cafile ] ; then + wget -O $cafile "$caurl" +fi +openssl ts -query -data "$1" -cert | tee "$reqfile" \ + | /usr/lib/ssl/misc/tsget -h "$url" -o "$resfile" +openssl ts -reply -in "$resfile" -text 1>&2 +openssl ts -verify -data "$1" -in "$resfile" -CAfile "$cafile" 1>&2 +base64 < "$resfile" +rm "$reqfile" "$resfile" +</pre></blockquote></p> + +<p>The argument to the script is the file to timestamp, and the output +is a base64 encoded version of the signature to STDOUT and details +about the signature to STDERR. Note that due to +<a href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742553">a bug +in the tsget script</a>, you might need to modify the included script +and remove the last line. Or just write your own HTTP uploader using +curl. :) Now you too can prove and verify that files have not been +changed.</p> + +<p>But the Internet need more public trusted timestamp services. +Perhaps something for <a href="http://www.uninett.no/">Uninett</a> or +my work place the <a href="http://www.uio.no/">University of Oslo</a> +to set up?</p> + + + + + Video DVD reader library / python-dvdvideo - nice free software + http://people.skolelinux.org/pere/blog/Video_DVD_reader_library___python_dvdvideo___nice_free_software.html + http://people.skolelinux.org/pere/blog/Video_DVD_reader_library___python_dvdvideo___nice_free_software.html + Fri, 21 Mar 2014 15:25:00 +0100 + <p>Keeping your DVD collection safe from scratches and curious +children fingers while still having it available when you want to see a +movie is not straight forward. My preferred method at the moment is +to store a full copy of the ISO on a hard drive, and use VLC, Popcorn +Hour or other useful players to view the resulting file. This way the +subtitles and bonus material are still available and using the ISO is +just like inserting the original DVD record in the DVD player.</p> + +<p>Earlier I used dd for taking security copies, but it do not handle +DVDs giving read errors (which are quite a few of them). I've also +tried using +<a href="http://people.skolelinux.org/pere/blog/Ripping_problematic_DVDs_using_dvdbackup_and_genisoimage.html">dvdbackup +and genisoimage</a>, but these days I use the marvellous python library +and program +<a href="http://bblank.thinkmo.de/blog/new-software-python-dvdvideo">python-dvdvideo</a> +written by Bastian Blank. It is +<a href="http://packages.qa.debian.org/p/python-dvdvideo.html">in Debian +already</a> and the binary package name is python3-dvdvideo. Instead +of trying to read every block from the DVD, it parses the file +structure and figure out which block on the DVD is actually in used, +and only read those blocks from the DVD. This work surprisingly well, +and I have been able to almost backup my entire DVD collection using +this method.</p> + +<p>So far, python-dvdvideo have failed on between 10 and +20 DVDs, which is a small fraction of my collection. The most common +problem is +<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720831">DVDs +using UTF-16 instead of UTF-8 characters</a>, which according to +Bastian is against the DVD specification (and seem to cause some +players to fail too). A rarer problem is what seem to be inconsistent +DVD structures, as the python library +<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723079">claim +there is a overlap between objects</a>. An equally rare problem claim +<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741878">some +value is out of range</a>. No idea what is going on there. I wish I +knew enough about the DVD format to fix these, to ensure my movie +collection will stay with me in the future.</p> + +<p>So, if you need to keep your DVDs safe, back them up using +python-dvdvideo. :)</p> - Det er jo makta som er mest sårbar ved massiv overvåkning av Internett - http://people.skolelinux.org/pere/blog/Det_er_jo_makta_som_er_mest_s_rbar_ved_massiv_overv_kning_av_Internett.html - http://people.skolelinux.org/pere/blog/Det_er_jo_makta_som_er_mest_s_rbar_ved_massiv_overv_kning_av_Internett.html - Sat, 26 Oct 2013 20:30:00 +0200 - <p>De siste måneders eksponering av -<a href="http://www.aftenposten.no/nyheter/uriks/Her-er-Edvard-Snowdens-mest-omtalte-avsloringer-7351734.html">den -totale overvåkningen som foregår i den vestlige verden dokumenterer -hvor sårbare vi er</a>. Men det slår meg at de som er mest sårbare -for dette, myndighetspersoner på alle nivåer, neppe har innsett at de -selv er de mest interessante personene å lage profiler på, for å kunne -påvirke dem.</p> - -<p>For å ta et lite eksempel: Stortingets nettsted, -<a href="http://www.stortinget.no/">www.stortinget.no</a> (og -forsåvidt også -<a href="http://data.stortinget.no/">data.stortinget.no</a>), -inneholder informasjon om det som foregår på Stortinget, og jeg antar -de største brukerne av informasjonen der er representanter og -rådgivere på Stortinget. Intet overraskende med det. Det som derimot -er mer skjult er at Stortingets nettsted bruker -<a href="http://en.wikipedia.org/wiki/Google_Analytics">Google -Analytics</a>, hvilket gjør at enhver som besøker nettsidene der også -rapporterer om besøket via Internett-linjer som passerer Sverige, -England og videre til USA. Det betyr at informasjon om ethvert besøk -på stortingets nettsider kan snappes opp av svensk, britisk og USAs -etterretningsvesen. De kan dermed holde et øye med hvilke -Stortingssaker stortingsrepresentantene synes er interessante å sjekke -ut, og hvilke sider rådgivere og andre på stortinget synes er -interessant å besøke, når de gjør det og hvilke andre representanter -som sjekker de samme sidene omtrent samtidig. Stortingets bruk av -Google Analytics gjør det dermed enkelt for utenlands etteretning å -spore representantenes aktivitet og interesse. Hvis noen av -representantene bruker Google Mail eller noen andre tjenestene som -krever innlogging, så vil det være enda enklere å finne ut nøyaktig -hvilke personer som bruker hvilke nettlesere og dermed knytte -informasjonen opp til enkeltpersoner på Stortinget.</p> - -<p>Og jo flere nettsteder som bruker Google Analytics, jo bedre -oversikt over stortingsrepresentantenes lesevaner og interesse blir -tilgjengelig for svensk, britisk og USAs etterretning. Hva de kan -bruke den informasjonen til overlater jeg til leseren å undres -over.</p> + Norsk utgave av Alaveteli / WhatDoTheyKnow på trappene + http://people.skolelinux.org/pere/blog/Norsk_utgave_av_Alaveteli___WhatDoTheyKnow_p__trappene.html + http://people.skolelinux.org/pere/blog/Norsk_utgave_av_Alaveteli___WhatDoTheyKnow_p__trappene.html + Sun, 16 Mar 2014 09:30:00 +0100 + <p>Det offentlige Norge har mye kunnskap og informasjon. Men hvordan +kan en få tilgang til den på en enkel måte? Takket være et lite +knippe lover og tilhørende forskrifter, blant annet +<a href="http://lovdata.no/dokument/NL/lov/2006-05-19-16">offentlighetsloven</a>, +<a href="http://lovdata.no/dokument/NL/lov/2003-05-09-31">miljøinformasjonsloven</a> +og +<a href="http://lovdata.no/dokument/NL/lov/1967-02-10/">forvaltningsloven</a> +har en rett til å spørre det offentlige og få svar. Men det finnes +intet offentlig arkiv over hva andre har spurt om, og dermed risikerer en +å måtte forstyrre myndighetene gang på gang for å få tak i samme +informasjonen på nytt. <a href="http://www.mysociety.org/">Britiske +mySociety</a> har laget tjenesten +<a href="http://www.whatdotheyknow.com/">WhatDoTheyKnow</a> som gjør +noe med dette. I Storbritannia blir WhatdoTheyKnow brukt i +<a href="http://www.mysociety.org/2011/07/01/whatdotheyknows-share-of-central-government-foi-requests-q2-2011/">ca +15% av alle innsynsforespørsler mot sentraladministrasjonen</a>. +Prosjektet heter <a href="http://www.alaveteli.org/">Alaveteli</A>, og +er takk i bruk en rekke steder etter at løsningen ble generalisert og +gjort mulig å oversette. Den hjelper borgerne med å be om innsyn, +rådgir ved purringer og klager og lar alle se hvilke henvendelser som +er sendt til det offentlige og hvilke svar som er kommet inn, i et +søkpart arkiv. Her i Norge holder vi i foreningen NUUG på å få opp en +norsk utgave av Alaveteli, og her trenger vi din hjelp med +oversettelsen.</p> + +<p>Så langt er 76 % av Alaveteli oversatt til norsk bokmål, men vi +skulle gjerne vært oppe i 100 % før lansering. Oversettelsen gjøres +på <a href="https://www.transifex.com/projects/p/alaveteli/">Transifex, +der enhver som registrerer seg</a> og ber om tilgang til +bokmålsoversettelsen får bidra. Vi har satt opp en test av tjenesten +(som ikke sender epost til det offentlige, kun til oss som holder på å +sette opp tjenesten) på maskinen +<a href="http://alaveteli-dev.nuug.no/">alaveteli-dev.nuug.no</a>, der +en kan se hvordan de oversatte meldingen blir seende ut på nettsiden. +Når tjenesten lanseres vil den hete +<a href="https://www.mimesbrønn.no/">Mimes brønn</a>, etter +visdomskilden som Odin måtte gi øyet sitt for å få drikke i. Den +nettsiden er er ennå ikke klar til bruk.</p> + +<p>Hvis noen vil oversette til nynorsk også, så skal vi finne ut +hvordan vi lager en flerspråklig tjeneste. Men i første omgang er +fokus på bokmålsoversettelsen, der vi selv har nok peiling til å ha +fått oversatt 76%, men trenger hjelp for å komme helt i mål. :)</p> - A Raspberry Pi based batman-adv Mesh network node - http://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html - http://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html - Mon, 21 Oct 2013 11:40:00 +0200 - <p>The last few days I have been experimenting with -<a href="http://www.open-mesh.org/projects/batman-adv/wiki">the -batman-adv mesh technology</a>. I want to gain some experience to see -if it will fit <a href="https://wiki.debian.org/FreedomBox">the -Freedombox project</a>, and together with my neighbors try to build a -mesh network around the park where I live. Batman-adv is a layer 2 -mesh system ("ethernet" in other words), where the mesh network appear -as if all the mesh clients are connected to the same switch.</p> - -<p>My hardware of choice was the Linksys WRT54GL routers I had lying -around, but I've been unable to get them working with batman-adv. So -instead, I started playing with a -<a href="http://www.raspberrypi.org/">Raspberry Pi</a>, and tried to -get it working as a mesh node. My idea is to use it to create a mesh -node which function as a switch port, where everything connected to -the Raspberry Pi ethernet plug is connected (bridged) to the mesh -network. This allow me to hook a wifi base station like the Linksys -WRT54GL to the mesh by plugging it into a Raspberry Pi, and allow -non-mesh clients to hook up to the mesh. This in turn is useful for -Android phones using <a href="http://servalproject.org/">the Serval -Project</a> voip client, allowing every one around the playground to -phone and message each other for free. The reason is that Android -phones do not see ad-hoc wifi networks (they are filtered away from -the GUI view), and can not join the mesh without being rooted. But if -they are connected using a normal wifi base station, they can talk to -every client on the local network.</p> - -<p>To get this working, I've created a debian package -<a href="https://github.com/petterreinholdtsen/meshfx-node">meshfx-node</a> -and a script -<a href="https://github.com/petterreinholdtsen/meshfx-node/blob/master/build-rpi-mesh-node">build-rpi-mesh-node</a> -to create the Raspberry Pi boot image. I'm using Debian Jessie (and -not Raspbian), to get more control over the packages available. -Unfortunately a huge binary blob need to be inserted into the boot -image to get it booting, but I'll ignore that for now. Also, as -Debian lack support for the CPU features available in the Raspberry -Pi, the system do not use the hardware floating point unit. I hope -the routing performance isn't affected by the lack of hardware FPU -support.</p> - -<p>To create an image, run the following with a sudo enabled user -after inserting the target SD card into the build machine:</p> - -<p><pre> -% wget -O build-rpi-mesh-node \ - https://raw.github.com/petterreinholdtsen/meshfx-node/master/build-rpi-mesh-node -% sudo bash -x ./build-rpi-mesh-node > build.log 2>&1 -% dd if=/root/rpi/rpi_basic_jessie_$(date +%Y%m%d).img of=/dev/mmcblk0 bs=1M -% -</pre></p> - -<p>Booting with the resulting SD card on a Raspberry PI with a USB -wifi card inserted should give you a mesh node. At least it does for -me with a the wifi card I am using. The default mesh settings are the -ones used by the Oslo mesh project at Hackeriet, as I mentioned in -<a href="http://people.skolelinux.org/pere/blog/Oslo_community_mesh_network___with_NUUG_and_Hackeriet_at_Hausmania.html">an -earlier blog post about this mesh testing</a>.</p> - -<p>The mesh node was not horribly expensive either. I bought -everything over the counter in shops nearby. If I had ordered online -from the lowest bidder, the price should be significantly lower:</p> + Freedombox on Dreamplug, Raspberry Pi and virtual x86 machine + http://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html + http://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html + Fri, 14 Mar 2014 11:00:00 +0100 + <p>The <a href="https://wiki.debian.org/FreedomBox">Freedombox +project</a> is working on providing the software and hardware for +making it easy for non-technical people to host their data and +communication at home, and being able to communicate with their +friends and family encrypted and away from prying eyes. It has been +going on for a while, and is slowly progressing towards a new test +release (0.2).</p> + +<p>And what day could be better than the Pi day to announce that the +new version will provide "hard drive" / SD card / USB stick images for +Dreamplug, Raspberry Pi and VirtualBox (or any other virtualization +system), and can also be installed using a Debian installer preseed +file. The Debian based Freedombox is now based on Debian Jessie, +where most of the needed packages used are already present. Only one, +the freedombox-setup package, is missing. To try to build your own +boot image to test the current status, fetch the freedom-maker scripts +and build using +<a href="http://packages.qa.debian.org/vmdebootstrap">vmdebootstrap</a> +with a user with sudo access to become root: -<p><table> +<pre> +git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \ + freedom-maker +sudo apt-get install git vmdebootstrap mercurial python-docutils \ + mktorrent extlinux virtualbox qemu-user-static binfmt-support \ + u-boot-tools +make -C freedom-maker dreamplug-image raspberry-image virtualbox-image +</pre> -<tr><th>Supplier</th><th>Model</th><th>NOK</th></tr> -<tr><td>Teknikkmagasinet</td><td>Raspberry Pi model B</td><td>349.90</td></tr> -<tr><td>Teknikkmagasinet</td><td>Raspberry Pi type B case</td><td>99.90</td></tr> -<tr><td>Lefdal</td><td>Jensen Air:Link 25150</td><td>295.-</td></tr> -<tr><td>Clas Ohlson</td><td>Kingston 16 GB SD card</td><td>199.-</td></tr> -<tr><td>Total cost</td><td></td><td>943.80</td></tr> +<p>Root access is needed to run debootstrap and mount loopback +devices. See the README for more details on the build. If you do not +want all three images, trim the make line. But note that thanks to <a +href="https://bugs.debian.org/741407">a race condition in +vmdebootstrap</a>, the build might fail without the patch to the +kpartx call.</p> -</table></p> +<p>If you instead want to install using a Debian CD and the preseed +method, boot a Debian Wheezy ISO and use this boot argument to load +the preseed values:</p> + +<pre> +url=<a href="http://www.reinholdtsen.name/freedombox/preseed-jessie.dat">http://www.reinholdtsen.name/freedombox/preseed-jessie.dat</a> +</pre> -<p>Now my mesh network at home consist of one laptop in the basement -connected to my production network, one Raspberry Pi node on the 1th -floor that can be seen by my neighbor across the park, and one -play-node I use to develop the image building script. And some times -I hook up my work horse laptop to the mesh to test it. I look forward -to figuring out what kind of latency the batman-adv setup will give, -and how much packet loss we will experience around the park. :)</p> +<p>But note that due to <a href="https://bugs.debian.org/740673">a +recently introduced bug in apt in Jessie</a>, the installer will +currently hang while setting up APT sources. Killing the +'<tt>apt-cdrom ident</tt>' process when it hang a few times during the +installation will get the installation going. This affect all +installations in Jessie, and I expect it will be fixed soon.</p> + +<p>Give it a go and let us know how it goes on the mailing list, and help +us get the new release published. :) Please join us on +<a href="irc://irc.debian.org:6667/%23freedombox">IRC (#freedombox on +irc.debian.org)</a> and +<a href="http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss">the +mailing list</a> if you want to help make this vision come true.</p>