X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/c77584d59551b9496ed7e4f70c730100cecf1d8e..ba7c0d679f76b718672964dfa4c748f7167247cf:/blog/archive/2013/10/10.rss diff --git a/blog/archive/2013/10/10.rss b/blog/archive/2013/10/10.rss index bbcf9ed796..472d8c7ce7 100644 --- a/blog/archive/2013/10/10.rss +++ b/blog/archive/2013/10/10.rss @@ -6,6 +6,441 @@ http://people.skolelinux.org/pere/blog/ + + Teaching vmdebootstrap to create Raspberry Pi SD card images + http://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html + http://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html + Sun, 27 Oct 2013 17:00:00 +0100 + <p>The +<a href="http://packages.qa.debian.org/v/vmdebootstrap.html">vmdebootstrap</a> +program is a a very nice system to create virtual machine images. It +create a image file, add a partition table, mount it and run +debootstrap in the mounted directory to create a Debian system on a +stick. Yesterday, I decided to try to teach it how to make images for +<a href="https://wiki.debian.org/RaspberryPi">Raspberry Pi</a>, as part +of a plan to simplify the build system for +<a href="https://wiki.debian.org/FreedomBox">the FreedomBox +project</a>. The FreedomBox project already uses vmdebootstrap for +the virtualbox images, but its current build system made multistrap +based system for Dreamplug images, and it is lacking support for +Raspberry Pi.</p> + +<p>Armed with the knowledge on how to build "foreign" (aka non-native +architecture) chroots for Raspberry Pi, I dived into the vmdebootstrap +code and adjusted it to be able to build armel images on my amd64 +Debian laptop. I ended up giving vmdebootstrap five new options, +allowing me to replicate the image creation process I use to make +<a href="http://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html">Debian +Jessie based mesh node images for the Raspberry Pi</a>. First, the +<tt>--foreign /path/to/binfm_handler</tt> option tell vmdebootstrap to +call debootstrap with --foreign and to copy the handler into the +generated chroot before running the second stage. This allow +vmdebootstrap to create armel images on an amd64 host. Next I added +two new options <tt>--bootsize size</tt> and <tt>--boottype +fstype</tt> to teach it to create a separate /boot/ partition with the +given file system type, allowing me to create an image with a vfat +partition for the /boot/ stuff. I also added a <tt>--variant +variant</tt> option to allow me to create smaller images without the +Debian base system packages installed. Finally, I added an option +<tt>--no-extlinux</tt> to tell vmdebootstrap to not install extlinux +as a boot loader. It is not needed on the Raspberry Pi and probably +most other non-x86 architectures. The changes were accepted by the +upstream author of vmdebootstrap yesterday and today, and is now +available from +<a href="http://git.liw.fi/cgi-bin/cgit/cgit.cgi/vmdebootstrap/">the +upstream project page</a>.</p> + +<p>To use it to build a Raspberry Pi image using Debian Jessie, first +create a small script (the customize script) to add the non-free +binary blob needed to boot the Raspberry Pi and the APT source +list:</p> + +<p><pre> +#!/bin/sh +set -e # Exit on first error +rootdir="$1" +cd "$rootdir" +cat &lt;&lt;EOF > etc/apt/sources.list +deb http://http.debian.net/debian/ jessie main contrib non-free +EOF +# Install non-free binary blob needed to boot Raspberry Pi. This +# install a kernel somewhere too. +wget https://raw.github.com/Hexxeh/rpi-update/master/rpi-update \ + -O $rootdir/usr/bin/rpi-update +chmod a+x $rootdir/usr/bin/rpi-update +mkdir -p $rootdir/lib/modules +touch $rootdir/boot/start.elf +chroot $rootdir rpi-update +</pre></p> + +<p>Next, fetch the latest vmdebootstrap script and call it like this +to build the image:</p> + +<pre> +sudo ./vmdebootstrap \ + --variant minbase \ + --arch armel \ + --distribution jessie \ + --mirror http://http.debian.net/debian \ + --image test.img \ + --size 600M \ + --bootsize 64M \ + --boottype vfat \ + --log-level debug \ + --verbose \ + --no-kernel \ + --no-extlinux \ + --root-password raspberry \ + --hostname raspberrypi \ + --foreign /usr/bin/qemu-arm-static \ + --customize `pwd`/customize \ + --package netbase \ + --package git-core \ + --package binutils \ + --package ca-certificates \ + --package wget \ + --package kmod +</pre></p> + +<p>The list of packages being installed are the ones needed by +rpi-update to make the image bootable on the Raspberry Pi, with the +exception of netbase, which is needed by debootstrap to find +/etc/hosts with the minbase variant. I really wish there was a way to +set up an Raspberry Pi using only packages in the Debian archive, but +that is not possible as far as I know, because it boots from the GPU +using a non-free binary blob.</p> + +<p>The build host need debootstrap, kpartx and qemu-user-static and +probably a few others installed. I have not checked the complete +build dependency list.</p> + +<p>The resulting image will not use the hardware floating point unit +on the Raspberry PI, because the armel architecture in Debian is not +optimized for that use. So the images created will be a bit slower +than <a href="http://www.raspbian.org/">Raspbian</a> based images.</p> + + + + + Det er jo makta som er mest sårbar ved massiv overvåkning av Internett + http://people.skolelinux.org/pere/blog/Det_er_jo_makta_som_er_mest_s_rbar_ved_massiv_overv_kning_av_Internett.html + http://people.skolelinux.org/pere/blog/Det_er_jo_makta_som_er_mest_s_rbar_ved_massiv_overv_kning_av_Internett.html + Sat, 26 Oct 2013 20:30:00 +0200 + <p>De siste måneders eksponering av +<a href="http://www.aftenposten.no/nyheter/uriks/Her-er-Edvard-Snowdens-mest-omtalte-avsloringer-7351734.html">den +totale overvåkningen som foregår i den vestlige verden dokumenterer +hvor sårbare vi er</a>. Men det slår meg at de som er mest sårbare +for dette, myndighetspersoner på alle nivåer, neppe har innsett at de +selv er de mest interessante personene å lage profiler på, for å kunne +påvirke dem.</p> + +<p>For å ta et lite eksempel: Stortingets nettsted, +<a href="http://www.stortinget.no/">www.stortinget.no</a> (og +forsåvidt også +<a href="http://data.stortinget.no/">data.stortinget.no</a>), +inneholder informasjon om det som foregår på Stortinget, og jeg antar +de største brukerne av informasjonen der er representanter og +rådgivere på Stortinget. Intet overraskende med det. Det som derimot +er mer skjult er at Stortingets nettsted bruker +<a href="http://en.wikipedia.org/wiki/Google_Analytics">Google +Analytics</a>, hvilket gjør at enhver som besøker nettsidene der også +rapporterer om besøket via Internett-linjer som passerer Sverige, +England og videre til USA. Det betyr at informasjon om ethvert besøk +på stortingets nettsider kan snappes opp av svensk, britisk og USAs +etterretningsvesen. De kan dermed holde et øye med hvilke +Stortingssaker stortingsrepresentantene synes er interessante å sjekke +ut, og hvilke sider rådgivere og andre på stortinget synes er +interessant å besøke, når de gjør det og hvilke andre representanter +som sjekker de samme sidene omtrent samtidig. Stortingets bruk av +Google Analytics gjør det dermed enkelt for utenlands etteretning å +spore representantenes aktivitet og interesse. Hvis noen av +representantene bruker Google Mail eller noen andre tjenestene som +krever innlogging, så vil det være enda enklere å finne ut nøyaktig +hvilke personer som bruker hvilke nettlesere og dermed knytte +informasjonen opp til enkeltpersoner på Stortinget.</p> + +<p>Og jo flere nettsteder som bruker Google Analytics, jo bedre +oversikt over stortingsrepresentantenes lesevaner og interesse blir +tilgjengelig for svensk, britisk og USAs etterretning. Hva de kan +bruke den informasjonen til overlater jeg til leseren å undres +over.</p> + + + + + A Raspberry Pi based batman-adv Mesh network node + http://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html + http://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html + Mon, 21 Oct 2013 11:40:00 +0200 + <p>The last few days I have been experimenting with +<a href="http://www.open-mesh.org/projects/batman-adv/wiki">the +batman-adv mesh technology</a>. I want to gain some experience to see +if it will fit <a href="https://wiki.debian.org/FreedomBox">the +Freedombox project</a>, and together with my neighbors try to build a +mesh network around the park where I live. Batman-adv is a layer 2 +mesh system ("ethernet" in other words), where the mesh network appear +as if all the mesh clients are connected to the same switch.</p> + +<p>My hardware of choice was the Linksys WRT54GL routers I had lying +around, but I've been unable to get them working with batman-adv. So +instead, I started playing with a +<a href="http://www.raspberrypi.org/">Raspberry Pi</a>, and tried to +get it working as a mesh node. My idea is to use it to create a mesh +node which function as a switch port, where everything connected to +the Raspberry Pi ethernet plug is connected (bridged) to the mesh +network. This allow me to hook a wifi base station like the Linksys +WRT54GL to the mesh by plugging it into a Raspberry Pi, and allow +non-mesh clients to hook up to the mesh. This in turn is useful for +Android phones using <a href="http://servalproject.org/">the Serval +Project</a> voip client, allowing every one around the playground to +phone and message each other for free. The reason is that Android +phones do not see ad-hoc wifi networks (they are filtered away from +the GUI view), and can not join the mesh without being rooted. But if +they are connected using a normal wifi base station, they can talk to +every client on the local network.</p> + +<p>To get this working, I've created a debian package +<a href="https://github.com/petterreinholdtsen/meshfx-node">meshfx-node</a> +and a script +<a href="https://github.com/petterreinholdtsen/meshfx-node/blob/master/build-rpi-mesh-node">build-rpi-mesh-node</a> +to create the Raspberry Pi boot image. I'm using Debian Jessie (and +not Raspbian), to get more control over the packages available. +Unfortunately a huge binary blob need to be inserted into the boot +image to get it booting, but I'll ignore that for now. Also, as +Debian lack support for the CPU features available in the Raspberry +Pi, the system do not use the hardware floating point unit. I hope +the routing performance isn't affected by the lack of hardware FPU +support.</p> + +<p>To create an image, run the following with a sudo enabled user +after inserting the target SD card into the build machine:</p> + +<p><pre> +% wget -O build-rpi-mesh-node \ + https://raw.github.com/petterreinholdtsen/meshfx-node/master/build-rpi-mesh-node +% sudo bash -x ./build-rpi-mesh-node > build.log 2>&1 +% dd if=/root/rpi/rpi_basic_jessie_$(date +%Y%m%d).img of=/dev/mmcblk0 bs=1M +% +</pre></p> + +<p>Booting with the resulting SD card on a Raspberry PI with a USB +wifi card inserted should give you a mesh node. At least it does for +me with a the wifi card I am using. The default mesh settings are the +ones used by the Oslo mesh project at Hackeriet, as I mentioned in +<a href="http://people.skolelinux.org/pere/blog/Oslo_community_mesh_network___with_NUUG_and_Hackeriet_at_Hausmania.html">an +earlier blog post about this mesh testing</a>.</p> + +<p>The mesh node was not horribly expensive either. I bought +everything over the counter in shops nearby. If I had ordered online +from the lowest bidder, the price should be significantly lower:</p> + +<p><table> + +<tr><th>Supplier</th><th>Model</th><th>NOK</th></tr> +<tr><td>Teknikkmagasinet</td><td>Raspberry Pi model B</td><td>349.90</td></tr> +<tr><td>Teknikkmagasinet</td><td>Raspberry Pi type B case</td><td>99.90</td></tr> +<tr><td>Lefdal</td><td>Jensen Air:Link 25150</td><td>295.-</td></tr> +<tr><td>Clas Ohlson</td><td>Kingston 16 GB SD card</td><td>199.-</td></tr> +<tr><td>Total cost</td><td></td><td>943.80</td></tr> + +</table></p> + +<p>Now my mesh network at home consist of one laptop in the basement +connected to my production network, one Raspberry Pi node on the 1th +floor that can be seen by my neighbor across the park, and one +play-node I use to develop the image building script. And some times +I hook up my work horse laptop to the mesh to test it. I look forward +to figuring out what kind of latency the batman-adv setup will give, +and how much packet loss we will experience around the park. :)</p> + + + + + Perl library to control the Spykee robot moved to github + http://people.skolelinux.org/pere/blog/Perl_library_to_control_the_Spykee_robot_moved_to_github.html + http://people.skolelinux.org/pere/blog/Perl_library_to_control_the_Spykee_robot_moved_to_github.html + Sat, 19 Oct 2013 10:20:00 +0200 + <p>Back in 2010, I created a Perl library to talk to +<a href="http://en.wikipedia.org/wiki/Spykee">the Spykee robot</a> +(with two belts, wifi, USB and Linux) and made it available from my +web page. Today I concluded that it should move to a site that is +easier to use to cooperate with others, and moved it to github. If +you got a Spykee robot, you might want to check out +<a href="https://github.com/petterreinholdtsen/libspykee-perl">the +libspykee-perl github repository</a>.</p> + + + + + Good causes: Debian Outreach Program for Women, EFF documenting the spying and Open access in Norway + http://people.skolelinux.org/pere/blog/Good_causes__Debian_Outreach_Program_for_Women__EFF_documenting_the_spying_and_Open_access_in_Norway.html + http://people.skolelinux.org/pere/blog/Good_causes__Debian_Outreach_Program_for_Women__EFF_documenting_the_spying_and_Open_access_in_Norway.html + Tue, 15 Oct 2013 21:30:00 +0200 + <p>The last few days I came across a few good causes that should get +wider attention. I recommend signing and donating to each one of +these. :)</p> + +<p>Via <a href="http://www.debian.org/News/weekly/2013/18/">Debian +Project News for 2013-10-14</a> I came across the Outreach Program for +Women program which is a Google Summer of Code like initiative to get +more women involved in free software. One debian sponsor has offered +to match <a href="http://debian.ch/opw2013">any donation done to Debian +earmarked</a> for this initiative. I donated a few minutes ago, and +hope you will to. :)</p> + +<p>And the Electronic Frontier Foundation just announced plans to +create <a href="https://supporters.eff.org/donate/nsa-videos">video +documentaries about the excessive spying</a> on every Internet user that +take place these days, and their need to fund the work. I've already +donated. Are you next?</p> + +<p>For my Norwegian audience, the organisation Studentenes og +Akademikernes Internasjonale Hjelpefond is collecting signatures for a +statement under the heading +<a href="http://saih.no/Bloggers_United/">Bloggers United for Open +Access</a> for those of us asking for more focus on open access in the +Norwegian government. So far 499 signatures. I hope you will sign it +too.</p> + + + + + Oslo community mesh network - with NUUG and Hackeriet at Hausmania + http://people.skolelinux.org/pere/blog/Oslo_community_mesh_network___with_NUUG_and_Hackeriet_at_Hausmania.html + http://people.skolelinux.org/pere/blog/Oslo_community_mesh_network___with_NUUG_and_Hackeriet_at_Hausmania.html + Fri, 11 Oct 2013 14:10:00 +0200 + <p>Wireless mesh networks are self organising and self healing +networks that can be used to connect computers across small and large +areas, depending on the radio technology used. Normal wifi equipment +can be used to create home made radio networks, and there are several +successful examples like +<a href="http://www.freifunk.net/">Freifunk</a> and +<a href="http://www.awmn.net/">Athens Wireless Metropolitan Network</a> +(see +<a href="http://en.wikipedia.org/wiki/List_of_wireless_community_networks_by_region#Greece">wikipedia +for a large list</a>) around the globe. To give you an idea how it +work, check out the nice overview of the Kiel Freifunk community which +can be seen from their +<a href="http://freifunk.in-kiel.de/ffmap/nodes.html">dynamically +updated node graph and map</a>, where one can see how the mesh nodes +automatically handle routing and recover from nodes disappearing. +There is also a small community mesh network group in Oslo, Norway, +and that is the main topic of this blog post.</p> + +<p>I've wanted to check out mesh networks for a while now, and hoped +to do it as part of my involvement with the <a +href="http://www.nuug.no/">NUUG member organisation</a> community, and +my recent involvement in +<a href="https://wiki.debian.org/FreedomBox">the Freedombox project</a> +finally lead me to give mesh networks some priority, as I suspect a +Freedombox should use mesh networks to connect neighbours and family +when possible, given that most communication between people are +between those nearby (as shown for example by research on Facebook +communication patterns). It also allow people to communicate without +any central hub to tap into for those that want to listen in on the +private communication of citizens, which have become more and more +important over the years.</p> + +<p>So far I have only been able to find one group of people in Oslo +working on community mesh networks, over at the hack space +<a href="http://hackeriet.no/">Hackeriet</a> at Husmania. They seem to +have started with some Freifunk based effort using OLSR, called +<a href="http://oslo.freifunk.net/index.php?title=Main_Page">the Oslo +Freifunk project</a>, but that effort is now dead and the people +behind it have moved on to a batman-adv based system called +<a href="http://meshfx.org/trac">meshfx</a>. Unfortunately the wiki +site for the Oslo Freifunk project is no longer possible to update to +reflect this fact, so the old project page can't be updated to point to +the new project. A while back, the people at Hackeriet invited people +from the Freifunk community to Oslo to talk about mesh networks. I +came across this video where Hans Jørgen Lysglimt interview the +speakers about this talk (from +<a href="https://www.youtube.com/watch?v=N2Kd7CLkhSY">youtube</a>):</p> + +<p><iframe width="420" height="315" src="https://www.youtube.com/embed/N2Kd7CLkhSY" frameborder="0" allowfullscreen></iframe></p> + +<p>I mentioned OLSR and batman-adv, which are mesh routing protocols. +There are heaps of different protocols, and I am still struggling to +figure out which one would be "best" for some definitions of best, but +given that the community mesh group in Oslo is so small, I believe it +is best to hook up with the existing one instead of trying to create a +completely different setup, and thus I have decided to focus on +batman-adv for now. It sure help me to know that the very cool +<a href="http://www.servalproject.org/">Serval project in Australia</a> +is using batman-adv as their meshing technology when it create a self +organizing and self healing telephony system for disaster areas and +less industrialized communities. Check out this cool video presenting +that project (from +<a href="https://www.youtube.com/watch?v=30qNfzJCQOA">youtube</a>):</p> + +<p><iframe width="560" height="315" src="https://www.youtube.com/embed/30qNfzJCQOA" frameborder="0" allowfullscreen></iframe></p> + +<p>According to the wikipedia page on +<a href="http://en.wikipedia.org/wiki/Wireless_mesh_network">Wireless +mesh network</a> there are around 70 competing schemes for routing +packets across mesh networks, and OLSR, B.A.T.M.A.N. and +B.A.T.M.A.N. advanced are protocols used by several free software +based community mesh networks.</p> + +<p>The batman-adv protocol is a bit special, as it provide layer 2 +(as in ethernet ) routing, allowing ipv4 and ipv6 to work on the same +network. One way to think about it is that it provide a mesh based +vlan you can bridge to or handle like any other vlan connected to your +computer. The required drivers are already in the Linux kernel at +least since Debian Wheezy, and it is fairly easy to set up. A +<a href="http://www.open-mesh.org/projects/batman-adv/wiki/Quick-start-guide">good +introduction</a> is available from the Open Mesh project. These are +the key settings needed to join the Oslo meshfx network:</p> + +<p><table> +<tr><th>Setting</th><th>Value</th></tr> +<tr><td>Protocol / kernel module</td><td>batman-adv</td></tr> +<tr><td>ESSID</td><td>meshfx@hackeriet</td></tr> +<td>Channel / Frequency</td><td>11 / 2462</td></tr> +<td>Cell ID</td><td>02:BA:00:00:00:01</td> +</table></p> + +<p>The reason for setting ad-hoc wifi Cell ID is to work around bugs +in firmware used in wifi card and wifi drivers. (See a nice post from +VillageTelco about +"<a href="http://tiebing.blogspot.no/2009/12/ad-hoc-cell-splitting-re-post-original.html">Information +about cell-id splitting, stuck beacons, and failed IBSS merges!</a> +for details.) When these settings are activated and you have some +other mesh node nearby, your computer will be connected to the mesh +network and can communicate with any mesh node that is connected to +any of the nodes in your network of nodes. :)</p> + +<p>My initial plan was to reuse my old Linksys WRT54GL as a mesh node, +but that seem to be very hard, as I have not been able to locate a +firmware supporting batman-adv. If anyone know how to use that old +wifi access point with batman-adv these days, please let me know.</p> + +<p>If you find this project interesting and want to join, please join +us on IRC, either channel +<a href="irc://irc.freenode.net/#oslohackerspace">#oslohackerspace</a> +or <a href="irc://irc.freenode.net/#nuug">#nuug</a> on +irc.freenode.net.</p> + +<p>While investigating mesh networks in Oslo, I came across an old +research paper from the university of Stavanger and Telenor Research +and Innovation called +<a href="http://folk.uio.no/paalee/publications/netrel-egeland-iswcs-2008.pdf">The +reliability of wireless backhaul mesh networks</a> and elsewhere +learned that Telenor have been experimenting with mesh networks at +Grünerløkka in Oslo. So mesh networks are also interesting for +commercial companies, even though Telenor discovered that it was hard +to figure out a good business plan for mesh networking and as far as I +know have closed down the experiment. Perhaps Telenor or others would +be interested in a cooperation?</p> + +<p><strong>Update 2013-10-12</strong>: I was just +<a href="http://lists.alioth.debian.org/pipermail/freedombox-discuss/2013-October/005900.html">told +by the Serval project developers</a> that they no longer use +batman-adv (but are compatible with it), but their own crypto based +mesh system.</p> + + + Skolelinux / Debian Edu 7.1 install and overview video from Marcelo Salvador http://people.skolelinux.org/pere/blog/Skolelinux___Debian_Edu_7_1_install_and_overview_video_from_Marcelo_Salvador.html @@ -13,7 +448,7 @@ Tue, 8 Oct 2013 17:10:00 +0200 <p>The other day I was pleased and surprised to discover that Marcelo Salvador had published a -<ahref="https://www.youtube.com/watch?v=w-GgpdqgLFc">video on +<a href="https://www.youtube.com/watch?v=w-GgpdqgLFc">video on Youtube</a> showing how to install the standalone Debian Edu / Skolelinux profile. This is the profile intended for use at home or on laptops that should not be integrated into the provided network @@ -21,13 +456,13 @@ services (no central home directory, no Kerberos / LDAP directory etc, in other word a single user machine). The result is 11 minutes long, and show some user applications (seem to be rather randomly picked). Missed a few of my favorites like celestia, planets and chromium -showing the <ahref="http://www.zygotebody.com/no_webgl.html">Zygote -Body 3D model of the human body</a>, but I guess he did not know about -those or find other programs more interesting. :) And the video do not -show the advantages I believe is one of the most valuable featuers in -Debian Edu, its central school server making it possible to run -hundreds of computers without hard drives by installing one central -LTSP server.</p> +showing the <a href="http://www.zygotebody.com/">Zygote Body 3D model +of the human body</a>, but I guess he did not know about those or find +other programs more interesting. :) And the video do not show the +advantages I believe is one of the most valuable featuers in Debian +Edu, its central school server making it possible to run hundreds of +computers without hard drives by installing one central +<a href="http://www.ltsp.org/">LTSP server</a>.</p> <p>Anyway, check out the video, embedded below and linked to above:</p>