X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/c5c2b7df2ec2de3a1759fb70d01a401d0a688b6f..f29f99052afe6957717bd71b319c2bcc57210b7a:/blog/index.rss diff --git a/blog/index.rss b/blog/index.rss index ceb3f6c615..e6b1048fbf 100644 --- a/blog/index.rss +++ b/blog/index.rss @@ -7,720 +7,728 @@ - All drones should be radio marked with what they do and who they belong to - http://people.skolelinux.org/pere/blog/All_drones_should_be_radio_marked_with_what_they_do_and_who_they_belong_to.html - http://people.skolelinux.org/pere/blog/All_drones_should_be_radio_marked_with_what_they_do_and_who_they_belong_to.html - Thu, 21 Nov 2013 15:40:00 +0100 - Drones, flying robots, are getting more and more popular. The most -know ones are the killer drones used by some government to murder -people they do not like without giving them the chance of a fair -trial, but the technology have many good uses too, from mapping and -forest maintenance to photography and search and rescue. I am sure it -is just a question of time before "bad drones" are in the hands of -private enterprises and not only state criminals but petty criminals -too. The drone technology is very useful and very dangerous. To have -some control over the use of drones, I agree with Daniel Suarez in his -TED talk -"<a href="http://www.ted.com/talks/daniel_suarez_the_kill_decision_shouldn_t_belong_to_a_robot.html">The -kill decision shouldn't belong to a robot</a>", where he suggested this -little gem to keep the good while limiting the bad use of drones:</p> - -<blockquote> - -<p>Each robot and drone should have a cryptographically signed -I.D. burned in at the factory that can be used to track its movement -through public spaces. We have license plates on cars, tail numbers on -aircraft. This is no different. And every citizen should be able to -download an app that shows the population of drones and autonomous -vehicles moving through public spaces around them, both right now and -historically. And civic leaders should deploy sensors and civic drones -to detect rogue drones, and instead of sending killer drones of their -own up to shoot them down, they should notify humans to their -presence. And in certain very high-security areas, perhaps civic -drones would snare them and drag them off to a bomb disposal facility.</p> - -<p>But notice, this is more an immune system than a weapons system. It -would allow us to avail ourselves of the use of autonomous vehicles -and drones while still preserving our open, civil society.</p> - -</blockquote> - -<p>The key is that <em>every citizen</em> should be able to read the -radio beacons sent from the drones in the area, to be able to check -both the government and others use of drones. For such control to be -effective, everyone must be able to do it. What should such beacon -contain? At least formal owner, purpose, contact information and GPS -location. Probably also the origin and target position of the current -flight. And perhaps some registration number to be able to look up -the drone in a central database tracking their movement. Robots -should not have privacy. It is people who need privacy.</p> + Hvordan vurderer regjeringen H.264-patentutfordringen? + http://people.skolelinux.org/pere/blog/Hvordan_vurderer_regjeringen_H_264_patentutfordringen_.html + http://people.skolelinux.org/pere/blog/Hvordan_vurderer_regjeringen_H_264_patentutfordringen_.html + Sun, 16 Nov 2014 10:30:00 +0100 + <p>For en stund tilbake spurte jeg Fornyingsdepartementet om hvilke +juridiske vurderinger rundt patentproblemstillingen som var gjort da +H.264 ble tatt inn i <a href="http://standard.difi.no/">statens +referansekatalog over standarder</a>. Stig Hornnes i FAD tipset meg +om følgende som står i oppsumeringen til høringen om +referansekatalogen versjon 2.0, som jeg siden ved hjelp av en +innsynsforespørsel fikk tak i +<a href="http://wiki.nuug.no/uttalelser/200901-standardkatalog-v2?action=AttachFile&do=get&target=kongelig-resolusjon.pdf">PDF-utgaven av</a> +datert 2009-06-03 (saksnummer 200803291, saksbehandler Henrik +Linnestad).</p> + +<p>Der står det følgende om problemstillingen:</p> + +<p><blockquote> +<strong>4.4 Patentproblematikk</strong> + +<p>NUUG og Opera ser det som særlig viktig at forslagene knyttet til +lyd og video baserer seg på de royalty-frie standardene Vorbis, Theora +og FLAC.</p> + +<p>Kommentarene relaterer seg til at enkelte standarder er åpne, men +inneholder tekniske prosedyrer som det i USA (og noen andre land som +Japan) er gitt patentrettigheter til. I vårt tilfelle berører dette +spesielt standardene Mp3 og H.264, selv om Politidirektoratet peker på +at det muligens kan være tilsvarende problematikk også for Theora og +Vorbis. Dette medfører at det i USA kan kreves royalties for bruk av +tekniske løsninger knyttet til standardene, et krav som også +håndheves. Patenter kan imidlertid bare hevdes i de landene hvor +patentet er gitt, så amerikanske patenter gjelder ikke andre steder +enn USA.</p> + +<p>Spesielt for utvikling av fri programvare er patenter +problematisk. GPL, en "grunnleggende" lisens for distribusjon av fri +programvare, avviser at programvare kan distribueres under denne +lisensen hvis det inneholder referanser til patenterte rutiner som +utløser krav om royalties. Det er imidlertid uproblematisk å +distribuere fri programvareløsninger under GPL som benytter de +aktuelle standardene innen eller mellom land som ikke anerkjenner +patentene. Derfor finner vi også flere implementeringer av Mp3 og +H.264 som er fri programvare, lisensiert under GPL.</p> + +<p>I Norge og EU er patentlovgivningen langt mer restriktiv enn i USA, +men det er også her mulig å få patentert metoder for løsning av et +problem som relaterer seg til databehandling. Det er AIF bekjent ikke +relevante patenter i EU eller Norge hva gjelder H.264 og Mp3, men +muligheten for at det finnes patenter uten at det er gjort krav om +royalties eller at det senere vil gis slike patenter kan ikke helt +avvises.</p> + +<p>AIF mener det er et behov for å gi offentlige virksomheter mulighet +til å benytte antatt royaltyfrie åpne standarder som et likeverdig +alternativ eller i tillegg til de markedsledende åpne standardene.</p> + +</blockquote></p> + +<p>Det ser dermed ikke ut til at de har vurdert patentspørsmålet i +sammenheng med opphavsrettsvilkår slik de er formulert for f.eks. +Apple Final Cut Pro, Adobe Premiere Pro, Avid og Sorenson-verktøyene, +der det kreves brukstillatelse for patenter som ikke er gyldige i +Norge for å bruke disse verktøyene til annet en personlig og ikke +kommersiell aktivitet når det gjelder H.264-video. Jeg må nok lete +videre etter svar på det spørsmålet.</p> - Lets make a wireless community network in Oslo! - http://people.skolelinux.org/pere/blog/Lets_make_a_wireless_community_network_in_Oslo_.html - http://people.skolelinux.org/pere/blog/Lets_make_a_wireless_community_network_in_Oslo_.html - Wed, 13 Nov 2013 21:00:00 +0100 - <p>Today NUUG and Hackeriet announced -<a href="http://www.nuug.no/news/Bli_med___bygge_dugnadsnett_for_alle_i_Oslo.shtml">our -plans to join forces and create a wireless community network in -Oslo</a>. The workshop to help people get started will take place -Thursday 2013-11-28, but we already are collecting the geolocation of -people joining forces to make this happen. We have -<a href="https://github.com/petterreinholdtsen/meshfx-node/blob/master/oslo-nodes.geojson">9 -locations plotted on the map</a>, but we will need more before we have -a connected mesh spread across Oslo. If this sound interesting to -you, please join us at the workshop. If you are too impatient to wait -15 days, please join us on the IRC channel -<a href="irc://irc.freenode.net/%23nuug">#nuug on irc.freenode.net</a> -right away. :)</p> + A Debian package for SMTP via Tor (aka SMTorP) using exim4 + http://people.skolelinux.org/pere/blog/A_Debian_package_for_SMTP_via_Tor__aka_SMTorP__using_exim4.html + http://people.skolelinux.org/pere/blog/A_Debian_package_for_SMTP_via_Tor__aka_SMTorP__using_exim4.html + Mon, 10 Nov 2014 13:40:00 +0100 + <p>The right to communicate with your friends and family in private, +without anyone snooping, is a right every citicen have in a liberal +democracy. But this right is under serious attack these days.</p> + +<p>A while back it occurred to me that one way to make the dragnet +surveillance conducted by NSA, GCHQ, FRA and others (and confirmed by +the whisleblower Snowden) more expensive for Internet email, +is to deliver all email using SMTP via Tor. Such SMTP option would be +a nice addition to the FreedomBox project if we could send email +between FreedomBox machines without leaking metadata about the emails +to the people peeking on the wire. I +<a href="http://lists.alioth.debian.org/pipermail/freedombox-discuss/2014-October/006493.html">proposed +this on the FreedomBox project mailing list in October</a> and got a +lot of useful feedback and suggestions. It also became obvious to me +that this was not a novel idea, as the same idea was tested and +documented by Johannes Berg as early as 2006, and both +<a href="https://github.com/pagekite/Mailpile/wiki/SMTorP">the +Mailpile</a> and <a href="http://dee.su/cables">the Cables</a> systems +propose a similar method / protocol to pass emails between users.</p> + +<p>To implement such system one need to set up a Tor hidden service +providing the SMTP protocol on port 25, and use email addresses +looking like username@hidden-service-name.onion. With such addresses +the connections to port 25 on hidden-service-name.onion using Tor will +go to the correct SMTP server. To do this, one need to configure the +Tor daemon to provide the hidden service and the mail server to accept +emails for this .onion domain. To learn more about Exim configuration +in Debian and test the design provided by Johannes Berg in his FAQ, I +set out yesterday to create a Debian package for making it trivial to +set up such SMTP over Tor service based on Debian. Getting it to work +were fairly easy, and +<a href="https://github.com/petterreinholdtsen/exim4-smtorp">the +source code for the Debian package</a> is available from github. I +plan to move it into Debian if further testing prove this to be a +useful approach.</p> + +<p>If you want to test this, set up a blank Debian machine without any +mail system installed (or run <tt>apt-get purge exim4-config</tt> to +get rid of exim4). Install tor, clone the git repository mentioned +above, build the deb and install it on the machine. Next, run +<tt>/usr/lib/exim4-smtorp/setup-exim-hidden-service</tt> and follow +the instructions to get the service up and running. Restart tor and +exim when it is done, and test mail delivery using swaks like +this:</p> + +<p><blockquote><pre> +torsocks swaks --server dutlqrrmjhtfa3vp.onion \ + --to fbx@dutlqrrmjhtfa3vp.onion +</pre></blockquote></p> + +<p>This will test the SMTP delivery using tor. Replace the email +address with your own address to test your server. :)</p> + +<p>The setup procedure is still to complex, and I hope it can be made +easier and more automatic. Especially the tor setup need more work. +Also, the package include a tor-smtp tool written in C, but its task +should probably be rewritten in some script language to make the deb +architecture independent. It would probably also make the code easier +to review. The tor-smtp tool currently need to listen on a socket for +exim to talk to it and is started using xinetd. It would be better if +no daemon and no socket is needed. I suspect it is possible to get +exim to run a command line tool for delivery instead of talking to a +socket, and hope to figure out how in a future version of this +system.</p> + +<p>Until I wipe my test machine, I can be reached using the +<tt>fbx@dutlqrrmjhtfa3vp.onion</tt> mail address, deliverable over +SMTorP. :)</p> - Running TP-Link MR3040 as a batman-adv mesh node using openwrt - http://people.skolelinux.org/pere/blog/Running_TP_Link_MR3040_as_a_batman_adv_mesh_node_using_openwrt.html - http://people.skolelinux.org/pere/blog/Running_TP_Link_MR3040_as_a_batman_adv_mesh_node_using_openwrt.html - Sun, 10 Nov 2013 23:00:00 +0100 - <p>Continuing my research into mesh networking, I was recommended to -use TP-Link 3040 and 3600 access points as mesh nodes, and the pair I -bought arrived on Friday. Here are my notes on how to set up the -MR3040 as a mesh node using -<a href="http://www.openwrt.org/">OpenWrt</a>.</p> - -<p>I started by following the instructions on the OpenWRT wiki for -<a href="http://wiki.openwrt.org/toh/tp-link/tl-mr3040">TL-MR3040</a>, -and downloaded -<a href="http://downloads.openwrt.org/snapshots/trunk/ar71xx/openwrt-ar71xx-generic-tl-mr3040-v2-squashfs-factory.bin">the -recommended firmware image</a> -(openwrt-ar71xx-generic-tl-mr3040-v2-squashfs-factory.bin) and -uploaded it into the original web interface. The flashing went fine, -and the machine was available via telnet on the ethernet port. After -logging in and setting the root password, ssh was available and I -could start to set it up as a batman-adv mesh node.</p> - -<p>I started off by reading the instructions from -<a href="http://wirelessafrica.meraka.org.za/wiki/index.php?title=Antoine's_Research">Wireless -Africa</a>, which had quite a lot of useful information, but -eventually I followed the recipe from the Open Mesh wiki for -<a href="http://www.open-mesh.org/projects/batman-adv/wiki/Batman-adv-openwrt-config">using -batman-adv on OpenWrt</a>. A small snag was the fact that the -<tt>opkg install kmod-batman-adv</tt> command did not work as it -should. The batman-adv kernel module would fail to load because its -dependency crc16 was not already loaded. I -<a href="https://dev.openwrt.org/ticket/14452">reported the bug</a> to -the openwrt project and hope it will be fixed soon. But the problem -only seem to affect initial testing of batman-adv, as configuration -seem to work when booting from scratch.</p> - -<p>The setup is done using files in /etc/config/. I did not bridge -the Ethernet and mesh interfaces this time, to be able to hook up the -box on my local network and log into it for configuration updates. -The following files were changed and look like this after modifying -them:</p> - -<p><tt>/etc/config/network</tt></p> + First Jessie based Debian Edu released (alpha0) + http://people.skolelinux.org/pere/blog/First_Jessie_based_Debian_Edu_released__alpha0_.html + http://people.skolelinux.org/pere/blog/First_Jessie_based_Debian_Edu_released__alpha0_.html + Mon, 27 Oct 2014 20:40:00 +0100 + <p>I am happy to report that I on behalf of the Debian Edu team just +sent out +<a href="https://lists.debian.org/debian-edu-announce/2014/10/msg00000.html">this +announcement</a>:</p> <pre> +The Debian Edu Team is pleased to announce the release of Debian Edu +Jessie 8.0+edu0~alpha0 + +Debian Edu is a complete operating system for schools. Through its +various installation profiles you can install servers, workstations +and laptops which will work together on the school network. With +Debian Edu, the teachers themselves or their technical support can +roll out a complete multi-user multi-machine study environment within +hours or a few days. Debian Edu comes with hundreds of applications +pre-installed, but you can always add more packages from Debian. + +For those who want to give Debian Edu Jessie a try, download and +installation instructions are available, including detailed +instructions in the manual[1] explaining the first steps, such as +setting up a network or adding users. Please note that the password +for the user your prompted for during installation must have a length +of at least 5 characters! + + [1] &lt;URL: <a href="https://wiki.debian.org/DebianEdu/Documentation/Jessie">https://wiki.debian.org/DebianEdu/Documentation/Jessie</a> &gt; + +Would you like to give your school's computer a longer life? Are you +tired of sneaker administration, running from computer to computer +reinstalling the operating system? Would you like to administrate all +the computers in your school using only a couple of hours every week? +Check out Debian Edu Jessie! + +Skolelinux is used by at least two hundred schools all over the world, +mostly in Germany and Norway. + +About Debian Edu and Skolelinux +=============================== + +Debian Edu, also known as Skolelinux[2], is a Linux distribution based +on Debian providing an out-of-the box environment of a completely +configured school network. Immediately after installation a school +server running all services needed for a school network is set up just +waiting for users and machines being added via GOsa², a comfortable +Web-UI. A netbooting environment is prepared using PXE, so after +initial installation of the main server from CD or USB stick all other +machines can be installed via the network. The provided school server +provides LDAP database and Kerberos authentication service, +centralized home directories, DHCP server, web proxy and many other +services. The desktop contains more than 60 educational software +packages[3] and more are available from the Debian archive, and +schools can choose between KDE, Gnome, LXDE, Xfce and MATE desktop +environment. + + [2] &lt;URL: <a href="http://www.skolelinux.org/">http://www.skolelinux.org/</a> &gt; + [3] &lt;URL: <a href="http://people.skolelinux.org/pere/blog/Educational_applications_included_in_Debian_Edu___Skolelinux__the_screenshot_collection____.html">http://people.skolelinux.org/pere/blog/Educational_applications_included_in_Debian_Edu___Skolelinux__the_screenshot_collection____.html</a> &gt; + +Full release notes and manual +============================= + +Below the download URLs there is a list of some of the new features +and bugfixes of Debian Edu 8.0+edu0~alpha0 Codename Jessie. The full +list is part of the manual. (See the feature list in the manual[4] for +the English version.) For some languages manual translations are +available, see the manual translation overview[5]. + + [4] &lt;URL: <a href="https://wiki.debian.org/DebianEdu/Documentation/Jessie/Features">https://wiki.debian.org/DebianEdu/Documentation/Jessie/Features</a> &gt; + [5] &lt;URL: <a href="http://maintainer.skolelinux.org/debian-edu-doc/">http://maintainer.skolelinux.org/debian-edu-doc/</a> &gt; + +Where to get it +--------------- + +To download the multiarch netinstall CD release (624 MiB) you can use + + * <a href="ftp://ftp.skolelinux.org/skolelinux-cd/debian-edu-8.0+edu0~alpha0-CD.iso">ftp://ftp.skolelinux.org/skolelinux-cd/debian-edu-8.0+edu0~alpha0-CD.iso</a> + * <a href="http://ftp.skolelinux.org/skolelinux-cd/debian-edu-8.0+edu0~alpha0-CD.iso">http://ftp.skolelinux.org/skolelinux-cd/debian-edu-8.0+edu0~alpha0-CD.iso</a> + * rsync -avzP ftp.skolelinux.org::skolelinux-cd/debian-edu-8.0+edu0~alpha0-CD.iso . + +The SHA1SUM of this image is: 361188818e036ce67280a572f757de82ebfeb095 + +New features for Debian Edu 8.0+edu0~alpha0 Codename Jessie released 2014-10-27 +=============================================================================== + + +Installation changes +-------------------- + + * PXE installation now installs firmware automatically for the hardware present. + +Software updates +---------------- + +Everything which is new in Debian Jessie 8.0, eg: + + * Linux kernel 3.16.x + * Desktop environments KDE "Plasma" 4.11.12, GNOME 3.14, Xfce 4.10, + LXDE 0.5.6 and MATE 1.8 (KDE "Plasma" is installed by default; to + choose one of the others see manual.) + * the browsers Iceweasel 31 ESR and Chromium 38 + * !LibreOffice 4.3.3 + * GOsa 2.7.4 + * LTSP 5.5.4 + * CUPS print system 1.7.5 + * new boot framework: systemd + * Educational toolbox GCompris 14.07 + * Music creator Rosegarden 14.02 + * Image editor Gimp 2.8.14 + * Virtual stargazer Stellarium 0.13.0 + * golearn 0.9 + * tuxpaint 0.9.22 + * New version of debian-installer from Debian Jessie. + * Debian Jessie includes about 42000 packages available for + installation. + * More information about Debian Jessie 8.0 is provided in the release + notes[6] and the installation manual[7]. + + [6] &lt;URL: <a href="http://www.debian.org/releases/jessie/releasenotes">http://www.debian.org/releases/jessie/releasenotes</a> &gt; + [7] &lt;URL: <a href="http://www.debian.org/releases/jessie/installmanual">http://www.debian.org/releases/jessie/installmanual</a> &gt; + +Fixed bugs +---------- + + * Inserting incorrect DNS information in Gosa will no longer break + DNS completely, but instead stop DNS updates until the incorrect + information is corrected (Debian bug #710362) + * and many others. + +Documentation and translation updates +------------------------------------- + + * The Debian Edu Jessie Manual is fully translated to German, French, + Italian, Danish and Dutch. Partly translated versions exist for + Norwegian Bokmal and Spanish. + +Other changes +------------- + + * Due to new Squid settings, powering off or rebooting the main + server takes more time. + * To manage printers localhost:631 has to be used, currently www:631 + doesn't work. + +Regressions / known problems +---------------------------- + + * Installing LTSP chroot fails with a bug related to eatmydata about + exim4-config failing to run its postinst (see Debian bug #765694 + and Debian bug #762103). + * Munin collection is not properly configured on clients (Debian bug + #764594). The fix is available in a newer version of munin-node. + * PXE setup for Main Server and Thin Client Server setup does not + work when installing on a machine without direct Internet access. + Will be fixed when Debian bug #766960 is fixed in Jessie. -config interface 'loopback' - option ifname 'lo' - option proto 'static' - option ipaddr '127.0.0.1' - option netmask '255.0.0.0' - -config globals 'globals' - option ula_prefix 'fdbf:4c12:3fed::/48' - -config interface 'lan' - option ifname 'eth0' - option type 'bridge' - option proto 'dhcp' - option ipaddr '192.168.1.1' - option netmask '255.255.255.0' - option hostname 'tl-mr3040' - option ip6assign '60' - -config interface 'mesh' - option ifname 'adhoc0' - option mtu '1528' - option proto 'batadv' - option mesh 'bat0' -</pre> +See the status page[8] for the complete list. -<p><tt>/etc/config/wireless</tt></p> -<pre> + [8] &lt;URL: <a href="https://wiki.debian.org/DebianEdu/Status/Jessie">https://wiki.debian.org/DebianEdu/Status/Jessie</a> &gt; -config wifi-device 'radio0' - option type 'mac80211' - option channel '11' - option hwmode '11ng' - option path 'platform/ar933x_wmac' - option htmode 'HT20' - list ht_capab 'SHORT-GI-20' - list ht_capab 'SHORT-GI-40' - list ht_capab 'RX-STBC1' - list ht_capab 'DSSS_CCK-40' - option disabled '0' - -config wifi-iface 'wmesh' - option device 'radio0' - option ifname 'adhoc0' - option network 'mesh' - option encryption 'none' - option mode 'adhoc' - option bssid '02:BA:00:00:00:01' - option ssid 'meshfx@hackeriet' -</pre> -<p><tt>/etc/config/batman-adv</tt></p> -<pre> +How to report bugs +------------------ -config 'mesh' 'bat0' - option interfaces 'adhoc0' - option 'aggregated_ogms' - option 'ap_isolation' - option 'bonding' - option 'fragmentation' - option 'gw_bandwidth' - option 'gw_mode' - option 'gw_sel_class' - option 'log_level' - option 'orig_interval' - option 'vis_mode' - option 'bridge_loop_avoidance' - option 'distributed_arp_table' - option 'network_coding' - option 'hop_penalty' - -# yet another batX instance -# config 'mesh' 'bat5' -# option 'interfaces' 'second_mesh' -</pre> +&lt;URL: <a href="http://wiki.debian.org/DebianEdu/HowTo/ReportBugs">http://wiki.debian.org/DebianEdu/HowTo/ReportBugs</a> &gt; + +About Debian +============ + +The Debian Project was founded in 1993 by Ian Murdock to be a truly +free community project. Since then the project has grown to be one of +the largest and most influential open source projects. Thousands of +volunteers from all over the world work together to create and +maintain Debian software. Available in 70 languages, and supporting a +huge range of computer types, Debian calls itself the universal +operating system. -<p>The mesh node is now operational. I have yet to test its range, -but I hope it is good. I have not yet tested the TP-Link 3600 box -still wrapped up in plastic.</p> +Contact Information +For further information, please visit the Debian web pages[9] or send +mail to press@debian.org. + + [9] &lt;URL: <a href="http://www.debian.org/">http://www.debian.org/</a> &gt; +</pre> - Debian init.d boot script example for rsyslog - http://people.skolelinux.org/pere/blog/Debian_init_d_boot_script_example_for_rsyslog.html - http://people.skolelinux.org/pere/blog/Debian_init_d_boot_script_example_for_rsyslog.html - Sat, 2 Nov 2013 22:40:00 +0100 - <p>If one of the points of switching to a new init system in Debian is -<a href="http://thomas.goirand.fr/blog/?p=147">to get rid of huge -init.d scripts</a>, I doubt we need to switch away from sysvinit and -init.d scripts at all. Here is an example init.d script, ie a rewrite -of /etc/init.d/rsyslog:</p> - -<p><pre> -#!/lib/init/init-d-script -### BEGIN INIT INFO -# Provides: rsyslog -# Required-Start: $remote_fs $time -# Required-Stop: umountnfs $time -# X-Stop-After: sendsigs -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: enhanced syslogd -# Description: Rsyslog is an enhanced multi-threaded syslogd. -# It is quite compatible to stock sysklogd and can be -# used as a drop-in replacement. -### END INIT INFO -DESC="enhanced syslogd" -DAEMON=/usr/sbin/rsyslogd -</pre></p> - -<p>Pretty minimalistic to me... For the record, the original sysv-rc -script was 137 lines, and the above is just 15 lines, most of it meta -info/comments.</p> - -<p>How to do this, you ask? Well, one create a new script -/lib/init/init-d-script looking something like this: - -<p><pre> -#!/bin/sh - -# Define LSB log_* functions. -# Depend on lsb-base (>= 3.2-14) to ensure that this file is present -# and status_of_proc is working. -. /lib/lsb/init-functions - -# -# Function that starts the daemon/service - -# -do_start() -{ - # Return - # 0 if daemon has been started - # 1 if daemon was already running - # 2 if daemon could not be started - start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ - || return 1 - start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ - $DAEMON_ARGS \ - || return 2 - # Add code here, if necessary, that waits for the process to be ready - # to handle requests from services started subsequently which depend - # on this one. As a last resort, sleep for some time. -} - -# -# Function that stops the daemon/service -# -do_stop() -{ - # Return - # 0 if daemon has been stopped - # 1 if daemon was already stopped - # 2 if daemon could not be stopped - # other if a failure occurred - start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME - RETVAL="$?" - [ "$RETVAL" = 2 ] && return 2 - # Wait for children to finish too if this is a daemon that forks - # and if the daemon is only ever run from this initscript. - # If the above conditions are not satisfied then add some other code - # that waits for the process to drop all resources that could be - # needed by services started subsequently. A last resort is to - # sleep for some time. - start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON - [ "$?" = 2 ] && return 2 - # Many daemons don't delete their pidfiles when they exit. - rm -f $PIDFILE - return "$RETVAL" -} - -# -# Function that sends a SIGHUP to the daemon/service -# -do_reload() { - # - # If the daemon can reload its configuration without - # restarting (for example, when it is sent a SIGHUP), - # then implement that here. - # - start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME - return 0 -} - -SCRIPTNAME=$1 -scriptbasename="$(basename $1)" -echo "SN: $scriptbasename" -if [ "$scriptbasename" != "init-d-library" ] ; then - script="$1" - shift - . $script -else - exit 0 -fi - -NAME=$(basename $DAEMON) -PIDFILE=/var/run/$NAME.pid - -# Exit if the package is not installed -#[ -x "$DAEMON" ] || exit 0 - -# Read configuration variable file if it is present -[ -r /etc/default/$NAME ] && . /etc/default/$NAME - -# Load the VERBOSE setting and other rcS variables -. /lib/init/vars.sh - -case "$1" in - start) - [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" - do_start - case "$?" in - 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; - 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; - esac - ;; - stop) - [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" - do_stop - case "$?" in - 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; - 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; - esac - ;; - status) - status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $? - ;; - #reload|force-reload) - # - # If do_reload() is not implemented then leave this commented out - # and leave 'force-reload' as an alias for 'restart'. - # - #log_daemon_msg "Reloading $DESC" "$NAME" - #do_reload - #log_end_msg $? - #;; - restart|force-reload) - # - # If the "reload" option is implemented then remove the - # 'force-reload' alias - # - log_daemon_msg "Restarting $DESC" "$NAME" - do_stop - case "$?" in - 0|1) - do_start - case "$?" in - 0) log_end_msg 0 ;; - 1) log_end_msg 1 ;; # Old process is still running - *) log_end_msg 1 ;; # Failed to start - esac - ;; - *) - # Failed to stop - log_end_msg 1 - ;; - esac - ;; - *) - echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2 - exit 3 - ;; -esac - -: -</pre></p> - -<p>It is based on /etc/init.d/skeleton, and could be improved quite a -lot. I did not really polish the approach, so it might not always -work out of the box, but you get the idea. I did not try very hard to -optimize it nor make it more robust either.</p> - -<p>A better argument for switching init system in Debian than reducing -the size of init scripts (which is a good thing to do anyway), is to -get boot system that is able to handle the kernel events sensibly and -robustly, and do not depend on the boot to run sequentially. The boot -and the kernel have not behaved sequentially in years.</p> + I spent last weekend recording MakerCon Nordic + http://people.skolelinux.org/pere/blog/I_spent_last_weekend_recording_MakerCon_Nordic.html + http://people.skolelinux.org/pere/blog/I_spent_last_weekend_recording_MakerCon_Nordic.html + Thu, 23 Oct 2014 23:00:00 +0200 + <p>I spent last weekend at <a href="http://www.makercon.no/">Makercon +Nordic</a>, a great conference and workshop for makers in Norway and +the surrounding countries. I had volunteered on behalf of the +Norwegian Unix Users Group (NUUG) to video record the talks, and we +had a great and exhausting time recording the entire day, two days in +a row. There were only two of us, Hans-Petter and me, and we used the +regular video equipment for NUUG, with a +<a href="http://dvswitch.alioth.debian.org/wiki/">dvswitch</a>, a +camera and a VGA to DV convert box, and mixed video and slides +live.</p> + +<p>Hans-Petter did the post-processing, consisting of uploading the +around 180 GiB of raw video to Youtube, and the result is +<a href="https://www.youtube.com/user/MakerConNordic/">now becoming +public</a> on the MakerConNordic account. The videos have the license +NUUG always use on our recordings, which is +<a href="http://creativecommons.org/licenses/by-sa/3.0/no/">Creative +Commons Navngivelse-Del på samme vilkår 3.0 Norge</a>. Many great +talks available. Check it out! :)</p> - Browser plugin for SPICE (spice-xpi) uploaded to Debian - http://people.skolelinux.org/pere/blog/Browser_plugin_for_SPICE__spice_xpi__uploaded_to_Debian.html - http://people.skolelinux.org/pere/blog/Browser_plugin_for_SPICE__spice_xpi__uploaded_to_Debian.html - Fri, 1 Nov 2013 11:00:00 +0100 - <p><a href="http://www.spice-space.org/">The SPICE protocol</a> for -remote display access is the preferred solution with oVirt and RedHat -Enterprise Virtualization, and I was sad to discover the other day -that the browser plugin needed to use these systems seamlessly was -missing in Debian. The <a href="http://bugs.debian.org/668284">request -for a package</a> was from 2012-04-10 with no progress since -2013-04-01, so I decided to wrap up a package based on the great work -from Cajus Pollmeier and put it in a collab-maint maintained git -repository to get a package I could use. I would very much like -others to help me maintain the package (or just take over, I do not -mind), but as no-one had volunteered so far, I just uploaded it to -NEW. I hope it will be available in Debian in a few days.</p> - -<p>The source is now available from -<a href="http://anonscm.debian.org/gitweb/?p=collab-maint/spice-xpi.git;a=summary">http://anonscm.debian.org/gitweb/?p=collab-maint/spice-xpi.git;a=summary</a>.</p> + listadmin, the quick way to moderate mailman lists - nice free software + http://people.skolelinux.org/pere/blog/listadmin__the_quick_way_to_moderate_mailman_lists___nice_free_software.html + http://people.skolelinux.org/pere/blog/listadmin__the_quick_way_to_moderate_mailman_lists___nice_free_software.html + Wed, 22 Oct 2014 20:00:00 +0200 + <p>If you ever had to moderate a mailman list, like the ones on +alioth.debian.org, you know the web interface is fairly slow to +operate. First you visit one web page, enter the moderation password +and get a new page shown with a list of all the messages to moderate +and various options for each email address. This take a while for +every list you moderate, and you need to do it regularly to do a good +job as a list moderator. But there is a quick alternative, +<a href="http://heim.ifi.uio.no/kjetilho/hacks/#listadmin">the +listadmin program</a>. It allow you to check lists for new messages +to moderate in a fraction of a second. Here is a test run on two +lists I recently took over:</p> + +<p><blockquote><pre> +% time listadmin xiph +fetching data for pkg-xiph-commits@lists.alioth.debian.org ... nothing in queue +fetching data for pkg-xiph-maint@lists.alioth.debian.org ... nothing in queue + +real 0m1.709s +user 0m0.232s +sys 0m0.012s +% +</pre></blockquote></p> + +<p>In 1.7 seconds I had checked two mailing lists and confirmed that +there are no message in the moderation queue. Every morning I +currently moderate 68 mailman lists, and it normally take around two +minutes. When I took over the two pkg-xiph lists above a few days +ago, there were 400 emails waiting in the moderator queue. It took me +less than 15 minutes to process them all using the listadmin +program.</p> + +<p>If you install +<a href="https://tracker.debian.org/pkg/listadmin">the listadmin +package</a> from Debian and create a file <tt>~/.listadmin.ini</tt> +with content like this, the moderation task is a breeze:</p> + +<p><blockquote><pre> +username username@example.org +spamlevel 23 +default discard +discard_if_reason "Posting restricted to members only. Remove us from your mail list." + +password secret +adminurl https://{domain}/mailman/admindb/{list} +mailman-list@lists.example.com + +password hidden +other-list@otherserver.example.org +</pre></blockquote></p> + +<p>There are other options to set as well. Check the manual page to +learn the details.</p> + +<p>If you are forced to moderate lists on a mailman installation where +the SSL certificate is self signed or not properly signed by a +generally accepted signing authority, you can set a environment +variable when calling listadmin to disable SSL verification:</p> + +<p><blockquote><pre> +PERL_LWP_SSL_VERIFY_HOSTNAME=0 listadmin +</pre></blockquote></p> + +<p>If you want to moderate a subset of the lists you take care of, you +can provide an argument to the listadmin script like I do in the +initial screen dump (the xiph argument). Using an argument, only +lists matching the argument string will be processed. This make it +quick to accept messages if you notice the moderation request in your +email.</p> + +<p>Without the listadmin program, I would never be the moderator of 68 +mailing lists, as I simply do not have time to spend on that if the +process was any slower. The listadmin program have saved me hours of +time I could spend elsewhere over the years. It truly is nice free +software.</p> + +<p>As usual, if you use Bitcoin and want to show your support of my +activities, please send Bitcoin donations to my address +<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&label=PetterReinholdtsenBlog">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p> + +<p>Update 2014-10-27: Added missing 'username' statement in +configuration example. Also, I've been told that the +PERL_LWP_SSL_VERIFY_HOSTNAME=0 setting do not work for everyone. Not +sure why.</p> - Teaching vmdebootstrap to create Raspberry Pi SD card images - http://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html - http://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html - Sun, 27 Oct 2013 17:00:00 +0100 - <p>The -<a href="http://packages.qa.debian.org/v/vmdebootstrap.html">vmdebootstrap</a> -program is a a very nice system to create virtual machine images. It -create a image file, add a partition table, mount it and run -debootstrap in the mounted directory to create a Debian system on a -stick. Yesterday, I decided to try to teach it how to make images for -<a href="https://wiki.debian.org/RaspberryPi">Raspberry Pi</a>, as part -of a plan to simplify the build system for -<a href="https://wiki.debian.org/FreedomBox">the FreedomBox -project</a>. The FreedomBox project already uses vmdebootstrap for -the virtualbox images, but its current build system made multistrap -based system for Dreamplug images, and it is lacking support for -Raspberry Pi.</p> - -<p>Armed with the knowledge on how to build "foreign" (aka non-native -architecture) chroots for Raspberry Pi, I dived into the vmdebootstrap -code and adjusted it to be able to build armel images on my amd64 -Debian laptop. I ended up giving vmdebootstrap five new options, -allowing me to replicate the image creation process I use to make -<a href="http://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html">Debian -Jessie based mesh node images for the Raspberry Pi</a>. First, the -<tt>--foreign /path/to/binfm_handler</tt> option tell vmdebootstrap to -call debootstrap with --foreign and to copy the handler into the -generated chroot before running the second stage. This allow -vmdebootstrap to create armel images on an amd64 host. Next I added -two new options <tt>--bootsize size</tt> and <tt>--boottype -fstype</tt> to teach it to create a separate /boot/ partition with the -given file system type, allowing me to create an image with a vfat -partition for the /boot/ stuff. I also added a <tt>--variant -variant</tt> option to allow me to create smaller images without the -Debian base system packages installed. Finally, I added an option -<tt>--no-extlinux</tt> to tell vmdebootstrap to not install extlinux -as a boot loader. It is not needed on the Raspberry Pi and probably -most other non-x86 architectures. The changes were accepted by the -upstream author of vmdebootstrap yesterday and today, and is now -available from -<a href="http://git.liw.fi/cgi-bin/cgit/cgit.cgi/vmdebootstrap/">the -upstream project page</a>.</p> - -<p>To use it to build a Raspberry Pi image using Debian Jessie, first -create a small script (the customize script) to add the non-free -binary blob needed to boot the Raspberry Pi and the APT source -list:</p> - -<p><pre> + Debian Jessie, PXE and automatic firmware installation + http://people.skolelinux.org/pere/blog/Debian_Jessie__PXE_and_automatic_firmware_installation.html + http://people.skolelinux.org/pere/blog/Debian_Jessie__PXE_and_automatic_firmware_installation.html + Fri, 17 Oct 2014 14:10:00 +0200 + <p>When PXE installing laptops with Debian, I often run into the +problem that the WiFi card require some firmware to work properly. +And it has been a pain to fix this using preseeding in Debian. +Normally something more is needed. But thanks to +<a href="https://packages.qa.debian.org/i/isenkram.html">my isenkram +package</a> and its recent tasksel extension, it has now become easy +to do this using simple preseeding.</p> + +<p>The isenkram-cli package provide tasksel tasks which will install +firmware for the hardware found in the machine (actually, requested by +the kernel modules for the hardware). (It can also install user space +programs supporting the hardware detected, but that is not the focus +of this story.)</p> + +<p>To get this working in the default installation, two preeseding +values are needed. First, the isenkram-cli package must be installed +into the target chroot (aka the hard drive) before tasksel is executed +in the pkgsel step of the debian-installer system. This is done by +preseeding the base-installer/includes debconf value to include the +isenkram-cli package. The package name is next passed to debootstrap +for installation. With the isenkram-cli package in place, tasksel +will automatically use the isenkram tasks to detect hardware specific +packages for the machine being installed and install them, because +isenkram-cli contain tasksel tasks.</p> + +<p>Second, one need to enable the non-free APT repository, because +most firmware unfortunately is non-free. This is done by preseeding +the apt-mirror-setup step. This is unfortunate, but for a lot of +hardware it is the only option in Debian.</p> + +<p>The end result is two lines needed in your preseeding file to get +firmware installed automatically by the installer:</p> + +<p><blockquote><pre> +base-installer base-installer/includes string isenkram-cli +apt-mirror-setup apt-setup/non-free boolean true +</pre></blockquote></p> + +<p>The current version of isenkram-cli in testing/jessie will install +both firmware and user space packages when using this method. It also +do not work well, so use version 0.15 or later. Installing both +firmware and user space packages might give you a bit more than you +want, so I decided to split the tasksel task in two, one for firmware +and one for user space programs. The firmware task is enabled by +default, while the one for user space programs is not. This split is +implemented in the package currently in unstable.</p> + +<p>If you decide to give this a go, please let me know (via email) how +this recipe work for you. :)</p> + +<p>So, I bet you are wondering, how can this work. First and +foremost, it work because tasksel is modular, and driven by whatever +files it find in /usr/lib/tasksel/ and /usr/share/tasksel/. So the +isenkram-cli package place two files for tasksel to find. First there +is the task description file (/usr/share/tasksel/descs/isenkram.desc):</p> + +<p><blockquote><pre> +Task: isenkram-packages +Section: hardware +Description: Hardware specific packages (autodetected by isenkram) + Based on the detected hardware various hardware specific packages are + proposed. +Test-new-install: show show +Relevance: 8 +Packages: for-current-hardware + +Task: isenkram-firmware +Section: hardware +Description: Hardware specific firmware packages (autodetected by isenkram) + Based on the detected hardware various hardware specific firmware + packages are proposed. +Test-new-install: mark show +Relevance: 8 +Packages: for-current-hardware-firmware +</pre></blockquote></p> + +<p>The key parts are Test-new-install which indicate how the task +should be handled and the Packages line referencing to a script in +/usr/lib/tasksel/packages/. The scripts use other scripts to get a +list of packages to install. The for-current-hardware-firmware script +look like this to list relevant firmware for the machine: + +<p><blockquote><pre> #!/bin/sh -set -e # Exit on first error -rootdir="$1" -cd "$rootdir" -cat &lt;&lt;EOF > etc/apt/sources.list -deb http://http.debian.net/debian/ jessie main contrib non-free -EOF -# Install non-free binary blob needed to boot Raspberry Pi. This -# install a kernel somewhere too. -wget https://raw.github.com/Hexxeh/rpi-update/master/rpi-update \ - -O $rootdir/usr/bin/rpi-update -chmod a+x $rootdir/usr/bin/rpi-update -mkdir -p $rootdir/lib/modules -touch $rootdir/boot/start.elf -chroot $rootdir rpi-update -</pre></p> - -<p>Next, fetch the latest vmdebootstrap script and call it like this -to build the image:</p> - -<pre> -sudo ./vmdebootstrap \ - --variant minbase \ - --arch armel \ - --distribution jessie \ - --mirror http://http.debian.net/debian \ - --image test.img \ - --size 600M \ - --bootsize 64M \ - --boottype vfat \ - --log-level debug \ - --verbose \ - --no-kernel \ - --no-extlinux \ - --root-password raspberry \ - --hostname raspberrypi \ - --foreign /usr/bin/qemu-arm-static \ - --customize `pwd`/customize \ - --package netbase \ - --package git-core \ - --package binutils \ - --package ca-certificates \ - --package wget \ - --package kmod -</pre></p> - -<p>The list of packages being installed are the ones needed by -rpi-update to make the image bootable on the Raspberry Pi, with the -exception of netbase, which is needed by debootstrap to find -/etc/hosts with the minbase variant. I really wish there was a way to -set up an Raspberry Pi using only packages in the Debian archive, but -that is not possible as far as I know, because it boots from the GPU -using a non-free binary blob.</p> - -<p>The build host need debootstrap, kpartx and qemu-user-static and -probably a few others installed. I have not checked the complete -build dependency list.</p> - -<p>The resulting image will not use the hardware floating point unit -on the Raspberry PI, because the armel architecture in Debian is not -optimized for that use. So the images created will be a bit slower -than <a href="http://www.raspbian.org/">Raspbian</a> based images.</p> +# +PATH=/usr/sbin:$PATH +export PATH +isenkram-autoinstall-firmware -l +</pre></blockquote></p> + +<p>With those two pieces in place, the firmware is installed by +tasksel during the normal d-i run. :)</p> + +<p>If you want to test what tasksel will install when isenkram-cli is +installed, run <tt>DEBIAN_PRIORITY=critical tasksel --test +--new-install</tt> to get the list of packages that tasksel would +install.</p> + +<p><a href="https://wiki.debian.org/DebianEdu/">Debian Edu</a> will be +pilots in testing this feature, as isenkram is used there now to +install firmware, replacing the earlier scripts.</p> - Det er jo makta som er mest sårbar ved massiv overvåkning av Internett - http://people.skolelinux.org/pere/blog/Det_er_jo_makta_som_er_mest_s_rbar_ved_massiv_overv_kning_av_Internett.html - http://people.skolelinux.org/pere/blog/Det_er_jo_makta_som_er_mest_s_rbar_ved_massiv_overv_kning_av_Internett.html - Sat, 26 Oct 2013 20:30:00 +0200 - <p>De siste måneders eksponering av -<a href="http://www.aftenposten.no/nyheter/uriks/Her-er-Edvard-Snowdens-mest-omtalte-avsloringer-7351734.html">den -totale overvåkningen som foregår i den vestlige verden dokumenterer -hvor sårbare vi er</a>. Men det slår meg at de som er mest sårbare -for dette, myndighetspersoner på alle nivåer, neppe har innsett at de -selv er de mest interessante personene å lage profiler på, for å kunne -påvirke dem.</p> - -<p>For å ta et lite eksempel: Stortingets nettsted, -<a href="http://www.stortinget.no/">www.stortinget.no</a> (og -forsåvidt også -<a href="http://data.stortinget.no/">data.stortinget.no</a>), -inneholder informasjon om det som foregår på Stortinget, og jeg antar -de største brukerne av informasjonen der er representanter og -rådgivere på Stortinget. Intet overraskende med det. Det som derimot -er mer skjult er at Stortingets nettsted bruker -<a href="http://en.wikipedia.org/wiki/Google_Analytics">Google -Analytics</a>, hvilket gjør at enhver som besøker nettsidene der også -rapporterer om besøket via Internett-linjer som passerer Sverige, -England og videre til USA. Det betyr at informasjon om ethvert besøk -på stortingets nettsider kan snappes opp av svensk, britisk og USAs -etterretningsvesen. De kan dermed holde et øye med hvilke -Stortingssaker stortingsrepresentantene synes er interessante å sjekke -ut, og hvilke sider rådgivere og andre på stortinget synes er -interessant å besøke, når de gjør det og hvilke andre representanter -som sjekker de samme sidene omtrent samtidig. Stortingets bruk av -Google Analytics gjør det dermed enkelt for utenlands etteretning å -spore representantenes aktivitet og interesse. Hvis noen av -representantene bruker Google Mail eller noen andre tjenestene som -krever innlogging, så vil det være enda enklere å finne ut nøyaktig -hvilke personer som bruker hvilke nettlesere og dermed knytte -informasjonen opp til enkeltpersoner på Stortinget.</p> - -<p>Og jo flere nettsteder som bruker Google Analytics, jo bedre -oversikt over stortingsrepresentantenes lesevaner og interesse blir -tilgjengelig for svensk, britisk og USAs etterretning. Hva de kan -bruke den informasjonen til overlater jeg til leseren å undres -over.</p> + Ubuntu used to show the bread prizes at ICA Storo + http://people.skolelinux.org/pere/blog/Ubuntu_used_to_show_the_bread_prizes_at_ICA_Storo.html + http://people.skolelinux.org/pere/blog/Ubuntu_used_to_show_the_bread_prizes_at_ICA_Storo.html + Sat, 4 Oct 2014 15:20:00 +0200 + <p>Today I came across an unexpected Ubuntu boot screen. Above the +bread shelf on the ICA shop at Storo in Oslo, the grub menu of Ubuntu +with Linux kernel 3.2.0-23 (ie probably version 12.04 LTS) was stuck +on a screen normally showing the bread types and prizes:</p> + +<p align="center"><img width="70%" src="http://people.skolelinux.org/pere/blog/images/2014-10-04-ubuntu-ica-storo-crop.jpeg"></p> + +<p>If it had booted as it was supposed to, I would never had known +about this hidden Linux installation. It is interesting what +<a href="http://revealingerrors.com/">errors can reveal</a>.</p> - A Raspberry Pi based batman-adv Mesh network node - http://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html - http://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html - Mon, 21 Oct 2013 11:40:00 +0200 - <p>The last few days I have been experimenting with -<a href="http://www.open-mesh.org/projects/batman-adv/wiki">the -batman-adv mesh technology</a>. I want to gain some experience to see -if it will fit <a href="https://wiki.debian.org/FreedomBox">the -Freedombox project</a>, and together with my neighbors try to build a -mesh network around the park where I live. Batman-adv is a layer 2 -mesh system ("ethernet" in other words), where the mesh network appear -as if all the mesh clients are connected to the same switch.</p> - -<p>My hardware of choice was the Linksys WRT54GL routers I had lying -around, but I've been unable to get them working with batman-adv. So -instead, I started playing with a -<a href="http://www.raspberrypi.org/">Raspberry Pi</a>, and tried to -get it working as a mesh node. My idea is to use it to create a mesh -node which function as a switch port, where everything connected to -the Raspberry Pi ethernet plug is connected (bridged) to the mesh -network. This allow me to hook a wifi base station like the Linksys -WRT54GL to the mesh by plugging it into a Raspberry Pi, and allow -non-mesh clients to hook up to the mesh. This in turn is useful for -Android phones using <a href="http://servalproject.org/">the Serval -Project</a> voip client, allowing every one around the playground to -phone and message each other for free. The reason is that Android -phones do not see ad-hoc wifi networks (they are filtered away from -the GUI view), and can not join the mesh without being rooted. But if -they are connected using a normal wifi base station, they can talk to -every client on the local network.</p> - -<p>To get this working, I've created a debian package -<a href="https://github.com/petterreinholdtsen/meshfx-node">meshfx-node</a> -and a script -<a href="https://github.com/petterreinholdtsen/meshfx-node/blob/master/build-rpi-mesh-node">build-rpi-mesh-node</a> -to create the Raspberry Pi boot image. I'm using Debian Jessie (and -not Raspbian), to get more control over the packages available. -Unfortunately a huge binary blob need to be inserted into the boot -image to get it booting, but I'll ignore that for now. Also, as -Debian lack support for the CPU features available in the Raspberry -Pi, the system do not use the hardware floating point unit. I hope -the routing performance isn't affected by the lack of hardware FPU -support.</p> - -<p>To create an image, run the following with a sudo enabled user -after inserting the target SD card into the build machine:</p> - -<p><pre> -% wget -O build-rpi-mesh-node \ - https://raw.github.com/petterreinholdtsen/meshfx-node/master/build-rpi-mesh-node -% sudo bash -x ./build-rpi-mesh-node > build.log 2>&1 -% dd if=/root/rpi/rpi_basic_jessie_$(date +%Y%m%d).img of=/dev/mmcblk0 bs=1M -% -</pre></p> - -<p>Booting with the resulting SD card on a Raspberry PI with a USB -wifi card inserted should give you a mesh node. At least it does for -me with a the wifi card I am using. The default mesh settings are the -ones used by the Oslo mesh project at Hackeriet, as I mentioned in -<a href="http://people.skolelinux.org/pere/blog/Oslo_community_mesh_network___with_NUUG_and_Hackeriet_at_Hausmania.html">an -earlier blog post about this mesh testing</a>.</p> - -<p>The mesh node was not horribly expensive either. I bought -everything over the counter in shops nearby. If I had ordered online -from the lowest bidder, the price should be significantly lower:</p> - -<p><table> - -<tr><th>Supplier</th><th>Model</th><th>NOK</th></tr> -<tr><td>Teknikkmagasinet</td><td>Raspberry Pi model B</td><td>349.90</td></tr> -<tr><td>Teknikkmagasinet</td><td>Raspberry Pi type B case</td><td>99.90</td></tr> -<tr><td>Lefdal</td><td>Jensen Air:Link 25150</td><td>295.-</td></tr> -<tr><td>Clas Ohlson</td><td>Kingston 16 GB SD card</td><td>199.-</td></tr> -<tr><td>Total cost</td><td></td><td>943.80</td></tr> - -</table></p> - -<p>Now my mesh network at home consist of one laptop in the basement -connected to my production network, one Raspberry Pi node on the 1th -floor that can be seen by my neighbor across the park, and one -play-node I use to develop the image building script. And some times -I hook up my work horse laptop to the mesh to test it. I look forward -to figuring out what kind of latency the batman-adv setup will give, -and how much packet loss we will experience around the park. :)</p> + New lsdvd release version 0.17 is ready + http://people.skolelinux.org/pere/blog/New_lsdvd_release_version_0_17_is_ready.html + http://people.skolelinux.org/pere/blog/New_lsdvd_release_version_0_17_is_ready.html + Sat, 4 Oct 2014 08:40:00 +0200 + <p>The <a href="https://sourceforge.net/p/lsdvd/">lsdvd project</a> +got a new set of developers a few weeks ago, after the original +developer decided to step down and pass the project to fresh blood. +This project is now maintained by Petter Reinholdtsen and Steve +Dibb.</p> + +<p>I just wrapped up +<a href="https://sourceforge.net/p/lsdvd/mailman/message/32896061/">a +new lsdvd release</a>, available in git or from +<a href="https://sourceforge.net/projects/lsdvd/files/lsdvd/">the +download page</a>. This is the changelog dated 2014-10-03 for version +0.17.</p> + +<ul> + + <li>Ignore 'phantom' audio, subtitle tracks</li> + <li>Check for garbage in the program chains, which indicate that a track is + non-existant, to work around additional copy protection</li> + <li>Fix displaying content type for audio tracks, subtitles</li> + <li>Fix pallete display of first entry</li> + <li>Fix include orders</li> + <li>Ignore read errors in titles that would not be displayed anyway</li> + <li>Fix the chapter count</li> + <li>Make sure the array size and the array limit used when initialising + the palette size is the same.</li> + <li>Fix array printing.</li> + <li>Correct subsecond calculations.</li> + <li>Add sector information to the output format.</li> + <li>Clean up code to be closer to ANSI C and compile without warnings + with more GCC compiler warnings.</li> + +</ul> + +<p>This change bring together patches for lsdvd in use in various +Linux and Unix distributions, as well as patches submitted to the +project the last nine years. Please check it out. :)</p> - Perl library to control the Spykee robot moved to github - http://people.skolelinux.org/pere/blog/Perl_library_to_control_the_Spykee_robot_moved_to_github.html - http://people.skolelinux.org/pere/blog/Perl_library_to_control_the_Spykee_robot_moved_to_github.html - Sat, 19 Oct 2013 10:20:00 +0200 - <p>Back in 2010, I created a Perl library to talk to -<a href="http://en.wikipedia.org/wiki/Spykee">the Spykee robot</a> -(with two belts, wifi, USB and Linux) and made it available from my -web page. Today I concluded that it should move to a site that is -easier to use to cooperate with others, and moved it to github. If -you got a Spykee robot, you might want to check out -<a href="https://github.com/petterreinholdtsen/libspykee-perl">the -libspykee-perl github repository</a>.</p> + How to test Debian Edu Jessie despite some fatal problems with the installer + http://people.skolelinux.org/pere/blog/How_to_test_Debian_Edu_Jessie_despite_some_fatal_problems_with_the_installer.html + http://people.skolelinux.org/pere/blog/How_to_test_Debian_Edu_Jessie_despite_some_fatal_problems_with_the_installer.html + Fri, 26 Sep 2014 12:20:00 +0200 + <p>The <a href="http://www.skolelinux.org/">Debian Edu / Skolelinux +project</a> provide a Linux solution for schools, including a +powerful desktop with education software, a central server providing +web pages, user database, user home directories, central login and PXE +boot of both clients without disk and the installation to install Debian +Edu on machines with disk (and a few other services perhaps to small +to mention here). We in the Debian Edu team are currently working on +the Jessie based version, trying to get everything in shape before the +freeze, to avoid having to maintain our own package repository in the +future. The +<a href="https://wiki.debian.org/DebianEdu/Status/Jessie">current +status</a> can be seen on the Debian wiki, and there is still heaps of +work left. Some fatal problems block testing, breaking the installer, +but it is possible to work around these to get anyway. Here is a +recipe on how to get the installation limping along.</p> + +<p>First, download the test ISO via +<a href="ftp://ftp.skolelinux.no/cd-edu-testing-nolocal-netinst/debian-edu-amd64-i386-NETINST-1.iso">ftp</a>, +<a href="http://ftp.skolelinux.no/cd-edu-testing-nolocal-netinst/debian-edu-amd64-i386-NETINST-1.iso">http</a> +or rsync (use +ftp.skolelinux.org::cd-edu-testing-nolocal-netinst/debian-edu-amd64-i386-NETINST-1.iso). +The ISO build was broken on Tuesday, so we do not get a new ISO every +12 hours or so, but thankfully the ISO we already got we are able to +install with some tweaking.</p> + +<p>When you get to the Debian Edu profile question, go to tty2 +(use Alt-Ctrl-F2), run</p> + +<p><blockquote><pre> +nano /usr/bin/edu-eatmydata-install +</pre></blockquote></p> + +<p>and add 'exit 0' as the second line, disabling the eatmydata +optimization. Return to the installation, select the profile you want +and continue. Without this change, exim4-config will fail to install +due to a known bug in eatmydata.</p> + +<p>When you get the grub question at the end, answer /dev/sda (or if +this do not work, figure out what your correct value would be. All my +test machines need /dev/sda, so I have no advice if it do not fit +your need.</p> + +<p>If you installed a profile including a graphical desktop, log in as +root after the initial boot from hard drive, and install the +education-desktop-XXX metapackage. XXX can be kde, gnome, lxde, xfce +or mate. If you want several desktop options, install more than one +metapackage. Once this is done, reboot and you should have a working +graphical login screen. This workaround should no longer be needed +once the education-tasks package version 1.801 enter testing in two +days.</p> + +<p>I believe the ISO build will start working on two days when the new +tasksel package enter testing and Steve McIntyre get a chance to +update the debian-cd git repository. The eatmydata, grub and desktop +issues are already fixed in unstable and testing, and should show up +on the ISO as soon as the ISO build start working again. Well the +eatmydata optimization is really just disabled. The proper fix +require an upload by the eatmydata maintainer applying the patch +provided in bug <a href="https://bugs.debian.org/702711">#702711</a>. +The rest have proper fixes in unstable.</p> + +<p>I hope this get you going with the installation testing, as we are +quickly running out of time trying to get our Jessie based +installation ready before the distribution freeze in a month.</p> - Good causes: Debian Outreach Program for Women, EFF documenting the spying and Open access in Norway - http://people.skolelinux.org/pere/blog/Good_causes__Debian_Outreach_Program_for_Women__EFF_documenting_the_spying_and_Open_access_in_Norway.html - http://people.skolelinux.org/pere/blog/Good_causes__Debian_Outreach_Program_for_Women__EFF_documenting_the_spying_and_Open_access_in_Norway.html - Tue, 15 Oct 2013 21:30:00 +0200 - <p>The last few days I came across a few good causes that should get -wider attention. I recommend signing and donating to each one of -these. :)</p> - -<p>Via <a href="http://www.debian.org/News/weekly/2013/18/">Debian -Project News for 2013-10-14</a> I came across the Outreach Program for -Women program which is a Google Summer of Code like initiative to get -more women involved in free software. One debian sponsor has offered -to match <a href="http://debian.ch/opw2013">any donation done to Debian -earmarked</a> for this initiative. I donated a few minutes ago, and -hope you will to. :)</p> - -<p>And the Electronic Frontier Foundation just announced plans to -create <a href="https://supporters.eff.org/donate/nsa-videos">video -documentaries about the excessive spying</a> on every Internet user that -take place these days, and their need to fund the work. I've already -donated. Are you next?</p> - -<p>For my Norwegian audience, the organisation Studentenes og -Akademikernes Internasjonale Hjelpefond is collecting signatures for a -statement under the heading -<a href="http://saih.no/Bloggers_United/">Bloggers United for Open -Access</a> for those of us asking for more focus on open access in the -Norwegian government. So far 499 signatures. I hope you will sign it -too.</p> + Suddenly I am the new upstream of the lsdvd command line tool + http://people.skolelinux.org/pere/blog/Suddenly_I_am_the_new_upstream_of_the_lsdvd_command_line_tool.html + http://people.skolelinux.org/pere/blog/Suddenly_I_am_the_new_upstream_of_the_lsdvd_command_line_tool.html + Thu, 25 Sep 2014 11:20:00 +0200 + <p>I use the <a href="https://sourceforge.net/p/lsdvd/">lsdvd tool</a> +to handle my fairly large DVD collection. It is a nice command line +tool to get details about a DVD, like title, tracks, track length, +etc, in XML, Perl or human readable format. But lsdvd have not seen +any new development since 2006 and had a few irritating bugs affecting +its use with some DVDs. Upstream seemed to be dead, and in January I +sent a small probe asking for a version control repository for the +project, without any reply. But I use it regularly and would like to +get <a href="https://packages.qa.debian.org/lsdvd">an updated version +into Debian</a>. So two weeks ago I tried harder to get in touch with +the project admin, and after getting a reply from him explaining that +he was no longer interested in the project, I asked if I could take +over. And yesterday, I became project admin.</p> + +<p>I've been in touch with a Gentoo developer and the Debian +maintainer interested in joining forces to maintain the upstream +project, and I hope we can get a new release out fairly quickly, +collecting the patches spread around on the internet into on place. +I've added the relevant Debian patches to the freshly created git +repository, and expect the Gentoo patches to make it too. If you got +a DVD collection and care about command line tools, check out +<a href="https://sourceforge.net/p/lsdvd/git/ci/master/tree/">the git source</a> and join +<a href="https://sourceforge.net/p/lsdvd/mailman/">the project mailing +list</a>. :)</p>