How to fix a Thinkpad X230 with a broken 180 GB SSD disk

17th July 2013

Today I switched to -my -new laptop. I've previously written about the problems I had with -my new Thinkpad X230, which was delivered with an -180 -GB Intel SSD disk with Lenovo firmware that did not handle -sustained writes. My hardware supplier have been very forthcoming in -trying to find a solution, and after first trying with another -identical 180 GB disks they decided to send me a 256 GB Samsung SSD -disk instead to fix it once and for all. The Samsung disk survived -the installation of Debian with encrypted disks (filling the disk with -random data during installation killed the first two), and I thus -decided to trust it with my data. I have installed it as a Debian Edu -Wheezy roaming workstation hooked up with my Debian Edu Squeeze main -server at home using Kerberos and LDAP, and will use it as my work -station from now on.

- -

As this is a solid state disk with no moving parts, I believe the -Debian Wheezy default installation need to be tuned a bit to increase -performance and increase life time of the disk. The Linux kernel and -user space applications do not yet adjust automatically to such -environment. To make it easier for my self, I created a draft Debian -package ssd-setup to handle this tuning. The -source -for the ssd-setup package is available from collab-maint, and it -is set up to adjust the setup of the machine by just installing the -package. If there is any non-SSD disk in the machine, the package -will refuse to install, as I did not try to write any logic to sort -file systems in SSD and non-SSD file systems.

- -

I consider the package a draft, as I am a bit unsure how to best -set up Debian Wheezy with an SSD. It is adjusted to my use case, -where I set up the machine with one large encrypted partition (in -addition to /boot), put LVM on top of this and set up partitions on -top of this again. See the README file in the package source for the -references I used to pick the settings. At the moment these -parameters are tuned:

- -

Set up cryptsetup to pass TRIM commands to the physical disk - (adding discard to /etc/crypttab)
Set up LVM to pass on TRIM commands to the underlying device (in - this case a cryptsetup partition) by changing issue_discards from - 0 to 1 in /etc/lvm/lvm.conf.
Set relatime as a file system option for ext3 and ext4 file - systems.
Tell swap to use TRIM commands by adding 'discard' to - /etc/fstab.
Change I/O scheduler from cfq to deadline using a udev rule.
Run fstrim on every ext3 and ext4 file system every night (from - cron.daily).
Adjust sysctl values vm.swappiness to 1 and vm.vfs_cache_pressure - to 50 to reduce the kernel eagerness to swap out processes.

- -

During installation, I cancelled the part where the installer fill -the disk with random data, as this would kill the SSD performance for -little gain. My goal with the encrypted file system is to ensure -those stealing my laptop end up with a brick and not a working -computer. I have no hope in keeping the really resourceful people -from getting the data on the disk (see -XKCD #538 for an explanation why). -Thus I concluded that adding the discard option to crypttab is the -right thing to do.

- -

I considered using the noop I/O scheduler, as several recommended -it for SSD, but others recommended deadline and a benchmark I found -indicated that deadline might be better for interactive use.

- -

I also considered using the 'discard' file system option for ext3 -and ext4, but read that it would give a performance hit ever time a -file is removed, and thought it best to that that slowdown once a day -instead of during my work.

- -

My package do not set up tmpfs on /var/run, /var/lock and /tmp, as -this is already done by Debian Edu.

- -

I have not yet started on the user space tuning. I expect -iceweasel need some tuning, and perhaps other applications too, but -have not yet had time to investigate those parts.

- -

The package should work on Ubuntu too, but I have not yet tested it -there.

- -

As for the answer to the question in the title of this blog post, -as far as I know, the only solution is to replace the disk. It might -be possible to flash it with Intel firmware instead of the Lenovo -firmware. But I have not tried and did not want to do so without -approval from Lenovo as I wanted to keep the warranty on the disk -until a solution was found and they wanted the broken disks back.

Freedombox on Dreamplug, Raspberry Pi and virtual x86 machine

14th March 2014

The Freedombox +project is working on providing the software and hardware for +making it easy for non-technical people to host their data and +communication at home, and being able to communicate with their +friends and family encrypted and away from prying eyes. It has been +going on for a while, and is slowly progressing towards a new test +release (0.2).

+ +

And what day could be better than the Pi day to announce that the +new version will provide "hard drive" / SD card / USB stick images for +Dreamplug, Raspberry Pi and VirtualBox (or any other virtualization +system), and can also be installed using a Debian installer preseed +file. The Debian based Freedombox is now based on Debian Jessie, +where most of the needed packages used are already present. Only one, +the freedombox-setup package, is missing. To try to build your own +boot image to test the current status, fetch the freedom-maker scripts +and build using +vmdebootstrap +with a user with sudo access to become root: + +

+git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \
+  freedom-maker
+sudo apt-get install git vmdebootstrap mercurial python-docutils \
+  mktorrent extlinux virtualbox qemu-user-static binfmt-support \
+  u-boot-tools
+make -C freedom-maker dreamplug-image raspberry-image virtualbox-image
+

+ +

Root access is needed to run debootstrap and mount loopback +devices. See the README for more details on the build. If you do not +want all three images, trim the make line. But note that thanks to a race condition in +vmdebootstrap, the build might fail without the patch to the +kpartx call.

+ +

If you instead want to install using a Debian CD and the preseed +method, boot a Debian Wheezy ISO and use this boot argument to load +the preseed values:

+ +

+url=http://www.reinholdtsen.name/freedombox/preseed-jessie.dat
+

+ +

But note that due to a +recently introduced bug in apt in Jessie, the installer will +currently hang while setting up APT sources. Killing the +'apt-cdrom ident' process when it hang a few times during the +installation will get the installation going. This affect all +installations in Jessie, and I expect it will be fixed soon.

+ +Give it a go and let us know how it goes on the mailing list, and help +us get the new release published. :) Please join us on +IRC (#freedombox on +irc.debian.org) and +the +mailing list if you want to help make this vision come true.

- Tags: debian, english. + Tags: debian, english, freedombox, sikkerhet, surveillance, web.

@@ -132,54 +91,94 @@ until a solution was found and they wanted the broken disks back.

Intel SSD 520 Series 180 GB with Lenovo firmware still lock up from sustained writes

10th July 2013

A few days ago, I wrote about -the -problems I experienced with my new X230 and its SSD disk, which -was dying during installation because it is unable to cope with -sustained write. My supplier is in contact with -Lenovo, and they wanted to send a -replacement disk to try to fix the problem. They decided to send an -identical model, so my hopes for a permanent fix was slim.

- -

Anyway, today I got the replacement disk and tried to install -Debian Edu Wheezy with encrypted disk on it. The new disk have the -same firmware version as the original. This time my hope raised -slightly as the installation progressed, as the original disk used to -die after 4-7% of the disk was written to, while this time it kept -going past 10%, 20%, 40% and even past 50%. But around 60%, the disk -died again and I was back on square one. I still do not have a new -laptop with a disk I can trust. I can not live with a disk that might -lock up when I download a new -Debian Edu / Skolelinux ISO or -other large files. I look forward to hearing from my supplier with -the next proposal from Lenovo.

- -

The original disk is marked Intel SSD 520 Series 180 GB, -11S0C38722Z1ZNME35X1TR, ISN: CVCV321407HB180EGN, SA: G57560302, FW: -LF1i, 29MAY2013, PBA: G39779-300, LBA 351,651,888, LI P/N: 0C38722, -Pb-free 2LI, LC P/N: 16-200366, WWN: 55CD2E40002756C4, Model: -SSDSC2BW180A3L 2.5" 6Gb/s SATA SSD 180G 5V 1A, ASM P/N 0C38732, FRU -P/N 45N8295, P0C38732.

- -

The replacement disk is marked Intel SSD 520 Series 180 GB, -11S0C38722Z1ZNDE34N0L0, ISN: CVCV315306RK180EGN, SA: G57560-302, FW: -LF1i, 22APR2013, PBA: G39779-300, LBA 351,651,888, LI P/N: 0C38722, -Pb-free 2LI, LC P/N: 16-200366, WWN: 55CD2E40000AB69E, Model: -SSDSC2BW180A3L 2.5" 6Gb/s SATA SSD 180G 5V 1A, ASM P/N 0C38732, FRU -P/N 45N8295, P0C38732.

- -

The only difference is in the first number (serial number?), ISN, -SA, date and WNPP values. Mentioning all the details here in case -someone is able to use the information to find a way to identify the -failing disk among working ones (if any such working disk actually -exist).

How to add extra storage servers in Debian Edu / Skolelinux

12th March 2014

On larger sites, it is useful to use a dedicated storage server for +storing user home directories and data. The design for handling this +in Debian Edu / Skolelinux, is +to update the automount rules in LDAP and let the automount daemon on +the clients take care of the rest. I was reminded about the need to +document this better when one of the customers of +Skolelinux Drift AS, where I am +on the board of directors, asked about how to do this. The steps to +get this working are the following:

+ +

Add new storage server in DNS. I use nas-server.intern as the +example host here.
Add automoun LDAP information about this server in LDAP, to allow +all clients to automatically mount it on reqeust.
Add the relevant entries in tjener.intern:/etc/fstab, because +tjener.intern do not use automount to avoid mounting loops.

+ +

DNS entries are added in GOsaÂ², and not described here. Follow the +instructions +in the manual (Machine Management with GOsaÂ² in section Getting +started).

+ +

Ensure that the NFS export points on the server are exported to the +relevant subnets or machines:

+ +

+root@tjener:~# showmount -e nas-server
+Export list for nas-server:
+/storage         10.0.0.0/8
+root@tjener:~#
+

+ +

Here everything on the backbone network is granted access to the +/storage export. With NFSv3 it is slightly better to limit it to +netgroup membership or single IP addresses to have some limits on the +NFS access.

+ +

The next step is to update LDAP. This can not be done using GOsaÂ², +because it lack a module for automount. Instead, use ldapvi and add +the required LDAP objects using an editor.

+ +

+ldapvi --ldap-conf -ZD '(cn=admin)' -b ou=automount,dc=skole,dc=skolelinux,dc=no
+

+ +

When the editor show up, add the following LDAP objects at the +bottom of the document. The "/&" part in the last LDAP object is a +wild card matching everything the nas-server exports, removing the +need to list individual mount points in LDAP.

+ +

+add cn=nas-server,ou=auto.skole,ou=automount,dc=skole,dc=skolelinux,dc=no
+objectClass: automount
+cn: nas-server
+automountInformation: -fstype=autofs --timeout=60 ldap:ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+
+add ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+objectClass: top
+objectClass: automountMap
+ou: auto.nas-server
+
+add cn=/,ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+objectClass: automount
+cn: /
+automountInformation: -fstype=nfs,tcp,rsize=32768,wsize=32768,rw,intr,hard,nodev,nosuid,noatime nas-server.intern:/&
+

+ +

The last step to remember is to mount the relevant mount points in +tjener.intern by adding them to /etc/fstab, creating the mount +directories using mkdir and running "mount -a" to mount them.

+ +

When this is done, your users should be able to access the files on +the storage server directly by just visiting the +/tjener/nas-server/storage/ directory using any application on any +workstation, LTSP client or LTSP server.

- Tags: debian, english. + Tags: debian edu, english, ldap.

@@ -187,26 +186,97 @@ exist).

July 13th: Debian/Ubuntu BSP and Skolelinux/Debian Edu developer gathering in Oslo

9th July 2013

The upcoming Saturday, 2013-07-13, we are organising a combined -Debian Edu developer gathering and Debian and Ubuntu bug squashing -party in Oslo. It is organised by the -member assosiation NUUG and -the Debian Edu / Skolelinux -project together with the hack space -Bitraf.

- -

It starts 10:00 and continue until late evening. Everyone is -welcome, and there is no fee to participate. There is on the other -hand limited space, and only room for 30 people. Please put your name -on the event -wiki page if you plan to join us.

Hvordan bÃ¸r RFC 822-formattert epost lagres i en NOARK5-database?

7th March 2014

For noen uker siden ble NXCs fri programvarelisenserte +NOARK5-lÃ¸sning +presentert hos +NUUG (video +pÃ¥ youtube +forelÃ¸big), og det fikk meg til Ã¥ titte litt mer pÃ¥ NOARK5, +standarden for arkivhÃ¥ndtering i det offentlige Norge. Jeg lurer pÃ¥ +om denne kjernen kan vÃ¦re nyttig i et par av mine prosjekter, og for ett +av dem er det mest aktuelt Ã¥ lagre epost. Jeg klarte ikke finne noen +anbefaling om hvordan RFC 822-formattert epost (aka Internett-epost) +burde lagres i NOARK5, selv om jeg vet at noen arkiver tar +PDF-utskrift av eposten med sitt epostprogram og sÃ¥ arkiverer PDF-en +(eller enda vÃ¦rre, tar papirutskrift og lagrer bildet av eposten som +PDF i arkivet).

+ +

Det er ikke sÃ¥ mange formater som er akseptert av riksarkivet til +langtidsoppbevaring av offentlige arkiver, og PDF og XML er de mest +aktuelle i sÃ¥ mÃ¥te. Det slo meg at det mÃ¥tte da finnes en eller annen +egnet XML-representasjon og at det kanskje var enighet om hvilken som +burde brukes, sÃ¥ jeg tok mot til meg og spurte +SAMDOK, en gruppe tilknyttet +arkivverket som ser ut til Ã¥ jobbe med NOARK-samhandling, om de hadde +noen anbefalinger: + +

+
Hei.
+ +
Usikker pÃ¥ om dette er riktig forum Ã¥ ta opp mitt spÃ¸rsmÃ¥l, men jeg +lurer pÃ¥ om det er definert en anbefaling om hvordan RFC +822-formatterte epost (aka vanlig Internet-epost) bÃ¸r lages hÃ¥ndteres +i NOARK5, slik at en bevarer all informasjon i eposten +(f.eks. Received-linjer). Finnes det en anbefalt XML-mapping ala den +som beskrives pÃ¥ +<URL: https://www.informit.com/articles/article.aspx?p=32074 >? Mitt +mÃ¥l er at det skal vÃ¦re mulig Ã¥ lagre eposten i en NOARK5-kjerne og +kunne fÃ¥ ut en identisk formattert kopi av opprinnelig epost ved +behov.
+

+ +

Postmottaker hos SAMDOK mente spÃ¸rsmÃ¥let heller burde stilles +direkte til riksarkivet, og jeg fikk i dag svar derfra formulert av +seniorrÃ¥dgiver Geir Ivar Tungesvik:

+ +

+
Riksarkivet har ingen anbefalinger nÃ¥r det gjelder konvertering fra +e-post til XML. Det stÃ¥r arkivskaper fritt Ã¥ eventuelt definere/bruke +eget format. Inklusive da - som det spÃ¸rres om - et format der det er +mulig Ã¥ re-etablere e-post format ut fra XML-en. XML (e-post) +dokumenter mÃ¥ vÃ¦re referert i arkivstrukturen, og det mÃ¥ vedlegges et +gyldig XML skjema (.xsd) for XML-filene. Arkivskaper stÃ¥r altsÃ¥ fritt +til Ã¥ gjÃ¸re hva de vil, bare det dokumenteres og det kan dannes et +utrekk ved avlevering til depot.
+ +
De obligatoriske kravene i Noark 5 standarden mÃ¥ altsÃ¥ oppfylles - +etter dialog med Riksarkivet i forbindelse med godkjenning. For +offentlige arkiv er det sÃ¦rlig viktig med filene loependeJournal.xml +og offentligJournal.xml. Private arkiv som vil forholde seg til Noark +5 standarden er selvsagt frie til Ã¥ bruke det som er relevant for dem +av obligatoriske krav.
+

+ +

Det ser dermed ut for meg som om det er et lite behov for Ã¥ +standardisere XML-lagring av RFC-822-formatterte meldinger. Noen som +vet om god spesifikasjon i sÃ¥ mÃ¥te? I tillegg til den omtalt over, +har jeg kommet over flere aktuelle beskrivelser (sÃ¸k pÃ¥ "rfc 822 +xml", sÃ¥ finner du aktuelle alternativer).

+ +

XML MIME Transformation +protocol (XMTP) fra OpenHealth, sist oppdatert 2001.
An +XML format for mail and other messages utkast fra IETF datert +2001.
xMail: +E-mail as XML en artikkel fra 2003 som beskriver python-modulen +rfc822 som gir ut XML-representasjon av en RFC 822-formattert epost.

+ +

Finnes det andre og bedre spesifikasjoner for slik lagring? Send +meg en epost hvis du har innspill.

- Tags: debian, debian edu, english, nuug. + Tags: norsk, offentlig innsyn.

@@ -214,79 +284,110 @@ wiki page if you plan to join us.

The Thinkpad is dead, long live the Thinkpad X230?

5th July 2013

Half a year ago, I reported that I had to find a -replacement -for my trusty old Thinkpad X41. Unfortunately I did not have much -time to spend on it, and it took a while to find a model I believe -will do the job, but two days ago the replacement finally arrived. I -ended up picking a -Thinkpad X230 -with SSD disk (NZDAJMN). I first test installed Debian Edu Wheezy as -a roaming workstation, and it seemed to work flawlessly. But my -second installation with encrypted disk was not as successful. More -on that below.

- -

I had a hard time trying to track down a good laptop, as my most -important requirements (robust and with a good keyboard) are never -listed in the feature list. But I did get good help from the search -feature at Prisjakt, which -allowed me to limit the list of interesting laptops based on my other -requirements. A bit surprising that SSD disk are not disks according -to that search interface, so I had to drop specifying the number of -disks from my search parameters. I also asked around among friends to -get their impression on keyboards and robustness.

- -

So the new laptop arrived, and it is quite a lot wider than the -X41. I am not quite convinced about the keyboard, as it is -significantly wider than my old keyboard, and I have to stretch my -hand a lot more to reach the edges. But the key response is fairly -good and the individual key shape is fairly easy to handle, so I hope -I will get used to it. My old X40 was starting to fail, and I really -needed a new laptop now. :)

- -

Turning off the touch pad was simple. All it took was a quick -visit to the BIOS during boot it disable it.

- -

But there is a fatal problem with the laptop. The 180 GB SSD disk -lock up during load. And this happen when installing Debian Wheezy -with encrypted disk, while the disk is being filled with random data. -I also tested to install Ubuntu Raring, and it happen there too if I -reenable the code to fill the disk with random data (it is disabled by -default in Ubuntu). And the bug with is already known. It was -reported to Debian as BTS -report #691427 2012-10-25 (journal commit I/O error on brand-new -Thinkpad T430s ext4 on lvm on SSD). It is also reported to the Linux -kernel developers as -Kernel bugzilla -report #51861 2012-12-20 (Intel SSD 520 stops working under load -(SSDSC2BW180A3L in Lenovo ThinkPad T430s)). It is also reported on the -Lenovo forums, both for -T430 -2012-11-10 and for -X230 -03-20-2013. The problem do not only affect installation. The -reports state that the disk lock up during use if many writes are done -on the disk, so it is much no use to work around the installation -problem and end up with a computer that can lock up at any moment. -There is even a -small C program -available that will lock up the hard drive after running a few -minutes by writing to a file.

- -

I've contacted my supplier and asked how to handle this, and after -contacting PCHELP Norway (request 01D1FDP) which handle support -requests for Lenovo, his first suggestion was to upgrade the disk -firmware. Unfortunately there is no newer firmware available from -Lenovo, as my disk already have the most recent one (version LF1i). I -hope to hear more from him today and hope the problem can be -fixed. :)

Lenker for 2014-02-28

28th February 2014

Her er noen lenker til tekster jeg har satt pris pÃ¥ Ã¥ lese de siste +mÃ¥nedene. Det er mye om varsleren Edward Snowden, som burde fÃ¥ all +hjelp, stÃ¸tte og beskyttelse Norge kan stille opp med for Ã¥ ha satt +totalitÃ¦r overvÃ¥kning pÃ¥ sakskartet, men ogsÃ¥ endel annet +tankevekkende og interessant.

+ +

2013-12-21 +- +NSA tenker som Stasi - Dagbladet.no
2013-12-19 - +Staten har ikke rett til Ã¥ vite alt om deg - DN.no
2013-12-21 +Nye +mÃ¥l for NSAs spionasje avslÃ¸rt - Dagbladet.no
2013-12-19 +Â«NSA +bÃ¸r fjernes fra sin makt til Ã¥ samle inn metadata fra amerikanske +telefonsamtalerÂ» - Dagbladet.no
2013-12-18 +Etterretning, +overvÃ¥king, frihet og sikkerhet - Dagbladet.no
2013-12-17 +Snowden +angriper USA i Ã¥pent brev - nrk.no
2013-12-17 +Rettslig +nederlag for etterretning - digi.no
2013-12-21 +Truende +nedkjÃ¸ling - dagbladet.no
2013-12-20 +Matematikk +og forstÃ¥else - aftenposten.no
2013-10-20 +Vi +sÃ¸v for Ã¥ reinse hjernen vÃ¥r, ifÃ¸lgje ny studie - nrk.no
2013-12-11 +Rotterace +i kloakken - nrk.no
2013-12-30 +Ãpne +brev og frie tanker - aftenposten.no
2014-01-12 +Stopp dagens kunnskapsapartheid! - aftenposten.no
2014-01-09 +EU-rapport: +Britisk og amerikansk overvÃ¥king ser ut til Ã¥ vÃ¦re ulovlig - +aftenposten.no
2013-10-23 Professor Jan Arild Audestad +Advarer +mot konspirasjonsteori i digi.no og sier han ikke tror NSA kan +avlytte mobiltelefoner, mens han noen mÃ¥neder senere forteller:
2014-01-09 +- +Vi ble presset til Ã¥ svekke mobilsikkerheten pÃ¥ 80-tallet - +aftenposten.no
2014-02-12 +Et +mÃ¸te med Edward Snowden - intervju sendt av nrk, tilgjengelig til +2015-01-31
2014-02-17 +LitteraturredaktÃ¸ren: +Helle Thornings tavshed om Snowden er en skandale - +politiken.dk
2014-02-21 +Bra Ã¥ ha en Â«StorebrorÂ» - aftenposten.no
2014-02-28 +"Narkotikasiktet +Stortingsmann" - Spillet bak kulissene - John Christian Eldens +blogg
2014-02-28 +Heksejakt +pÃ¥ hasjbrukere - aftenposten.no

- Tags: debian, english. + Tags: lenker, norsk, personvern.

@@ -294,34 +395,32 @@ fixed. :)

The Thinkpad is dead, long live the Thinkpad X230

4th July 2013

Half a year ago, I reported that I had to find a replacement for my -trusty old Thinkpad X41. Unfortunately I did not have much time to -spend on it, but today the replacement finally arrived. I ended up -picking a Thinkpad -X230 with SSD disk (NZDAJMN). I first test installed Debian Edu -Wheezy as a roaming workstation, and it worked flawlessly. As I write -this, it is installing what I hope will be a more final installation, -with a encrypted hard drive to ensure any dope head stealing it end up -with an expencive door stop.

- -

I had a hard time trying to track down a good laptop, as my most -important requirements (robust and with a good keyboard) are never -listed in the feature list. But I did get good help from the search -feature at Prisjakt, which -allowed me to limit the list of interesting laptops based on my other -requirements. A bit surprising that SSD disk are not disks, so I had -to drop number of disks from my search parameters.

- -

I am not quite convinced about the keyboard, as it is significantly -wider than my old keyboard, and I have to stretch my hand a lot more -to reach the edges. But the key response is fairly good and the -individual key shape is fairly easy to handle, so I hope I will get -used to it. My old X40 was starting to fail, and I really needed a -new laptop now. :)

- -

I look forward to figuring out how to turn off the touch pad.

New home and release 1.0 for netgroup and innetgr (aka ng-utils)

22nd February 2014

Many years ago, I wrote a GPL licensed version of the netgroup and +innetgr tools, because I needed them in +Skolelinux. I called the project +ng-utils, and it has served me well. I placed the project under the +Hungry Programmer umbrella, and it was maintained in our CVS +repository. But many years ago, the CVS repository was dropped (lost, +not migrated to new hardware, not sure), and the project have lacked a +proper home since then.

+ +

Last summer, I had a look at the package and made a new release +fixing a irritating crash bug, but was unable to store the changes in +a proper source control system. I applied for a project on +Alioth, but did not have time +to follow up on it. Until today. :)

+ +

After many hours of cleaning and migration, the ng-utils project +now have a new home, and a git repository with the highlight of the +history of the project. I published all release tarballs and imported +them into the git repository. As the project is really stable and not +expected to gain new features any time soon, I decided to make a new +release and call it 1.0. Visit the new project home on +https://alioth.debian.org/projects/ng-utils/ +if you want to check it out. The new version is also uploaded into +Debian Unstable.

@@ -334,115 +433,113 @@ new laptop now. :)

Fourth alpha release of Debian Edu/Skolelinux based on Debian Wheezy

3rd July 2013

The fourth wheezy based alpha release of Debian Edu was wrapped up -today. This is the release announcement:

- -

New features for Debian Edu 7.1+edu0~alpha3 released -2013-07-03

- -

These are the release notes for for Debian Edu / Skolelinux -7.1+edu0~alpha3, based on Debian with codename "Wheezy".

- -

About Debian Edu and Skolelinux

- -

Debian Edu, also known as -Skolelinux, is a Linux distribution based on Debian providing an -out-of-the box environment of a completely configured school -network. Immediately after installation a school server running all -services needed for a school network is set up just waiting for users -and machines being added via GOsaÂ², a comfortable Web-UI. A netbooting -environment is prepared using PXE, so after initial installation of -the main server from CD, DVD or USB stick all other machines can be -installed via the network. The provided school server provides LDAP -database and Kerberos authentication service, centralized home -directories, DHCP server, web proxy and many other services. The -desktop contains -more -than 60 educational software packages and more are available from -the Debian archive, and schools can choose between KDE, Gnome, LXDE -and Xfce desktop environment.

- -

This is the fourth test release based on Debian Wheezy. Basically -this is an updated and slightly improved version compared to the -Squeeze release.

- -

Software updates

Dropped ispell dictionaries from our default installation.
Dropped menu-xdg from the KDE desktop option, to drop the Debian - submenu. It was not included with Gnome, LXDE or Xfce, so this - brings KDE in line with the others.
Dropped xdrawchem, xjig and xsok from our default installation as - they don't have a desktop menu entry and thus won't show up in the - menu now that menu-xdg was removed.
Removed the killer system to kill left behind processes on - multi-user machines, as it was no longer able to understand when a - X display was in use and killed the processes of the active users - too.
Dropped the golearn (from goplay) package as the debtags in wheezy - are too few to make the package useful.

Other changes

Updated artwork matching http://wiki.debian.org/DebianArt/Themes/Joy -
Multi-arch i386/amd64 USB stick ISO available.
Got rid of ispell/wordlist related debconf questions that showed - up for some language options.
Switched to using http.debian.net as APT source by default.
Fixed proxy configuration on Main Server installations.
Changed LTSP setup to ask dpkg to use force-unsafe-io the same way - d-i is doing it.
Made sure root and user passwords were not left behind in the - debconf database after installation on Main Server installations.
Made Roaming Workstation dynamic setup more robust and added draft - script setup-ad-client to hook a Roaming Workstation up to a - Active Directory server instead of a Debian Edu Main Server.
Update system to install needed firmware packages during - installation, to work properly in Wheezy.
Update system to handle hardware quirks (debian-edu-hwsetup).
Corrected PXE installation setup to properly pass selected desktop - and keymap settings to PXE installation clients.
LTSP diskless workstations use sshfs by default, allowing them to - work without adding them to DNS and NIS netgroups for NFS access.

Known issues

No mass import of user account data in GOsa (ldif or csv) - available yet (698840).
Artwork not enabled for all desktops.

Where to get it

- -

To download the multiarch netinstall CD release you can use

ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~a3-CD.iso
http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~a3-CD.iso
rsync -avzP ftp.skolelinux.org::skolelinux-cd/wheezy/debian-edu-7.1+edu0~a3-CD.iso .

- -

The MD5SUM of this image is: 2b161a99d2a848c376d8d04e3854e30c -
The SHA1SUM of this image is: 498922e9c508c0a7ee9dbe1dfe5bf830d779c3c8

- -

To download the multiarch USB stick ISO release you can use

ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~a3-USB.iso
http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~a3-USB.iso
rsync -avzP ftp.skolelinux.org::skolelinux-cd/wheezy/debian-edu-7.1+edu0~a3-USB.iso .

- -

The MD5SUM of this image is: 25e808e403a4c15dbef1d13c37d572ac -
The SHA1SUM of this image is: 15ecfc93eb6b4f453b7eb0bc04b6a279262d9721

- -

How to report bugs

- -

http://wiki.debian.org/DebianEdu/HowTo/ReportBugs

Testing sysvinit from experimental in Debian Hurd

3rd February 2014

A few days ago I decided to try to help the Hurd people to get +their changes into sysvinit, to allow them to use the normal sysvinit +boot system instead of their old one. This follow up on the +great +Google Summer of Code work done last summer by Justus Winter to +get Debian on Hurd working more like Debian on Linux. To get started, +I downloaded a prebuilt hard disk image from +http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz, +and started it using virt-manager.

+ +

The first think I had to do after logging in (root without any +password) was to get the network operational. I followed +the +instructions on the Debian GNU/Hurd ports page and ran these +commands as root to get the machine to accept a IP address from the +kvm internal DHCP server:

+ +

+settrans -fgap /dev/netdde /hurd/netdde
+kill $(ps -ef|awk '/[p]finet/ { print $2}')
+kill $(ps -ef|awk '/[d]evnode/ { print $2}')
+dhclient /dev/eth0
+

+ +

After this, the machine had internet connectivity, and I could +upgrade it and install the sysvinit packages from experimental and +enable it as the default boot system in Hurd.

+ +

But before I did that, I set a password on the root user, as ssh is +running on the machine it for ssh login to work a password need to be +set. Also, note that a bug somewhere in openssh on Hurd block +compression from working. Remember to turn that off on the client +side.

+ +

Run these commands as root to upgrade and test the new sysvinit +stuff:

+ +

+cat > /etc/apt/sources.list.d/experimental.list <<EOF
+deb http://http.debian.net/debian/ experimental main
+EOF
+apt-get update
+apt-get dist-upgrade
+apt-get install -t experimental initscripts sysv-rc sysvinit \
+    sysvinit-core sysvinit-utils
+update-alternatives --config runsystem
+

+ +

To reboot after switching boot system, you have to use +reboot-hurd instead of just reboot, as there is not +yet a sysvinit process able to receive the signals from the normal +'reboot' command. After switching to sysvinit as the boot system, +upgrading every package and rebooting, the network come up with DHCP +after boot as it should, and the settrans/pkill hack mentioned at the +start is no longer needed. But for some strange reason, there are no +longer any login prompt in the virtual console, so I logged in using +ssh instead. + +

Note that there are some race conditions in Hurd making the boot +fail some times. No idea what the cause is, but hope the Hurd porters +figure it out. At least Justus said on IRC (#debian-hurd on +irc.debian.org) that they are aware of the problem. A way to reduce +the impact is to upgrade to the Hurd packages built by Justus by +adding this repository to the machine:

+ +

+cat > /etc/apt/sources.list.d/hurd-ci.list <<EOF
+deb http://darnassus.sceen.net/~teythoon/hurd-ci/ sid main
+EOF
+

+ +

At the moment the prebuilt virtual machine get some packages from +http://ftp.debian-ports.org/debian, because some of the packages in +unstable do not yet include the required patches that are lingering in +BTS. This is the completely list of "unofficial" packages installed:

+ +

+# aptitude search '?narrow(?version(CURRENT),?origin(Debian Ports))'
+i   emacs                   - GNU Emacs editor (metapackage)
+i   gdb                     - GNU Debugger
+i   hurd-recommended        - Miscellaneous translators
+i   isc-dhcp-client         - ISC DHCP client
+i   isc-dhcp-common         - common files used by all the isc-dhcp* packages
+i   libc-bin                - Embedded GNU C Library: Binaries
+i   libc-dev-bin            - Embedded GNU C Library: Development binaries
+i   libc0.3                 - Embedded GNU C Library: Shared libraries
+i A libc0.3-dbg             - Embedded GNU C Library: detached debugging symbols
+i   libc0.3-dev             - Embedded GNU C Library: Development Libraries and Hea
+i   multiarch-support       - Transitional package to ensure multiarch compatibilit
+i A x11-common              - X Window System (X.Org) infrastructure
+i   xorg                    - X.Org X Window System
+i A xserver-xorg            - X.Org X server
+i A xserver-xorg-input-all  - X.Org X server -- input driver metapackage
+#
+

+ +

All in all, testing hurd has been an interesting experience. :) +X.org did not work out of the box and I never took the time to follow +the porters instructions to fix it. This time I was interested in the +command line stuff.

- Tags: debian edu, english. + Tags: bootsystem, debian, english.

@@ -450,70 +547,90 @@ Squeeze release.

Automatically locate and install required firmware packages on Debian (Isenkram 0.4)

25th June 2013

It annoys me when the computer fail to do automatically what it is -perfectly capable of, and I have to do it manually to get things -working. One such task is to find out what firmware packages are -needed to get the hardware on my computer working. Most often this -affect the wifi card, but some times it even affect the RAID -controller or the ethernet card. Today I pushed version 0.4 of the -Isenkram package -including a new script isenkram-autoinstall-firmware handling the -process of asking all the loaded kernel modules what firmware files -they want, find debian packages providing these files and install the -debian packages. Here is a test run on my laptop:

- -

-# isenkram-autoinstall-firmware 
-info: kernel drivers requested extra firmware: ipw2200-bss.fw ipw2200-ibss.fw ipw2200-sniffer.fw
-info: fetching http://http.debian.net/debian/dists/squeeze/Contents-i386.gz
-info: locating packages with the requested firmware files
-info: Updating APT sources after adding non-free APT source
-info: trying to install firmware-ipw2x00
-firmware-ipw2x00
-firmware-ipw2x00
-Preconfiguring packages ...
-Selecting previously deselected package firmware-ipw2x00.
-(Reading database ... 259727 files and directories currently installed.)
-Unpacking firmware-ipw2x00 (from .../firmware-ipw2x00_0.28+squeeze1_all.deb) ...
-Setting up firmware-ipw2x00 (0.28+squeeze1) ...
-# 
-

- -

When all the requested firmware is present, a simple message is -printed instead:

- -

-# isenkram-autoinstall-firmware 
-info: did not find any firmware files requested by loaded kernel modules.  exiting
-# 
-

- -

It could use some polish, but it is already working well and saving -me some time when setting up new machines. :)

- -

So, how does it work? It look at the set of currently loaded -kernel modules, and look up each one of them using modinfo, to find -the firmware files listed in the module meta-information. Next, it -download the Contents file from a nearby APT mirror, and search for -the firmware files in this file to locate the package with the -requested firmware file. If the package is in the non-free section, a -non-free APT source is added and the package is installed using -apt-get install. The end result is a slightly better working -machine.

- -

I hope someone find time to implement a more polished version of -this script as part of the hw-detect debian-installer module, to -finally fix BTS report -#655507. There really is no need to insert USB sticks with -firmware during a PXE install when the packages already are available -from the nearby Debian mirror.

A fist full of non-anonymous Bitcoins

29th January 2014

Bitcoin is a incredible use of peer to peer communication and +encryption, allowing direct and immediate money transfer without any +central control. It is sometimes claimed to be ideal for illegal +activity, which I believe is quite a long way from the truth. At least +I would not conduct illegal money transfers using a system where the +details of every transaction are kept forever. This point is +investigated in +USENIX ;login: +from December 2013, in the article +"A +Fistful of Bitcoins - Characterizing Payments Among Men with No +Names" by Sarah Meiklejohn, Marjori Pomarole,Grant Jordan, Kirill +Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. They +analyse the transaction log in the Bitcoin system, using it to find +addresses belong to individuals and organisations and follow the flow +of money from both Bitcoin theft and trades on Silk Road to where the +money end up. This is how they wrap up their article:

+ +

+
"To demonstrate the usefulness of this type of analysis, we turned +our attention to criminal activity. In the Bitcoin economy, criminal +activity can appear in a number of forms, such as dealing drugs on +Silk Road or simply stealing someone elseâs bitcoins. We followed the +flow of bitcoins out of Silk Road (in particular, from one notorious +address) and from a number of highly publicized thefts to see whether +we could track the bitcoins to known services. Although some of the +thieves attempted to use sophisticated mixing techniques (or possibly +mix services) to obscure the flow of bitcoins, for the most part +tracking the bitcoins was quite straightforward, and we ultimately saw +large quantities of bitcoins flow to a variety of exchanges directly +from the point of theft (or the withdrawal from Silk Road).
+ +
As acknowledged above, following stolen bitcoins to the point at +which they are deposited into an exchange does not in itself identify +the thief; however, it does enable further de-anonymization in the +case in which certain agencies can determine (through, for example, +subpoena power) the real-world owner of the account into which the +stolen bitcoins were deposited. Because such exchanges seem to serve +as chokepoints into and out of the Bitcoin economy (i.e., there are +few alternative ways to cash out), we conclude that using Bitcoin for +money laundering or other illicit purposes does not (at least at +present) seem to be particularly attractive."
+

+ +

These researches are not the first to analyse the Bitcoin +transaction log. The 2011 paper +"An Analysis of Anonymity in +the Bitcoin System" by Fergal Reid and Martin Harrigan is +summarized like this:

+ +

+"Anonymity in Bitcoin, a peer-to-peer electronic currency system, is a +complicated issue. Within the system, users are identified by +public-keys only. An attacker wishing to de-anonymize its users will +attempt to construct the one-to-many mapping between users and +public-keys and associate information external to the system with the +users. Bitcoin tries to prevent this attack by storing the mapping of +a user to his or her public-keys on that user's node only and by +allowing each user to generate as many public-keys as required. In +this chapter we consider the topological structure of two networks +derived from Bitcoin's public transaction history. We show that the +two networks have a non-trivial topological structure, provide +complementary views of the Bitcoin system and have implications for +anonymity. We combine these structures with external information and +techniques such as context discovery and flow analysis to investigate +an alleged theft of Bitcoins, which, at the time of the theft, had a +market value of approximately half a million U.S. dollars." +

+ +

I hope these references can help kill the urban myth that Bitcoin +is anonymous. It isn't really a good fit for illegal activites. Use +cash if you need to stay anonymous, at least until regular DNA +sampling of notes and coins become the norm. :)

+ +

As usual, if you use Bitcoin and want to show your support of my +activities, please send Bitcoin donations to my address +15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

- Tags: debian, english, isenkram. + Tags: bitcoin, english, personvern, sikkerhet.

@@ -521,50 +638,54 @@ from the nearby Debian mirror.

The value of a good distro wide test suite...

22nd June 2013

In the Debian Edu / -Skolelinux project, we include a post-installation test suite, -which check that services are running, working, and return the -expected results. It runs automatically just after the first boot on -test installations (using test ISOs), but not on production -installations (using non-test ISOs). It test that the LDAP service is -operating, Kerberos is responding, DNS is replying, file systems are -online resizable, etc, etc. And it check that the PXE service is -configured, which is the topic of this post.

- -

The last week I've fixed the DVD and USB stick ISOs for our Debian -Edu Wheezy release. These ISOs are supposed to be able to install a -complete system without any Internet connection, but for that to -happen all the needed packages need to be on them. Thanks to our test -suite, I discovered that we had forgotten to adjust our PXE setup to -cope with the new names and paths used by the netboot d-i packages. -When Internet connectivity was available, the installer fall back to -using wget to fetch d-i boot images, but when offline it require -working packages to get it working. And ad the packages changed name -from debian-installer-6.0-netboot-$arch to -debian-installer-7.0-netboot-$arch, we no longer pulled in the -packages during installation. Without our test suite, I suspect we -would never have discovered this before release. Now it is fixed -right after we got the ISOs operational.

- -

Another by-product of the test suite is that we can ask system -administrators with problems getting Debian Edu to work, to run the -test suite using /usr/sbin/debian-edu-test-install and see if -any errors are detected. This usually pinpoint the subsystem causing -the problem.

- -

If you want to help us help kids learn how to share and create, -please join us on -#debian-edu on -irc.debian.org and the -debian-edu@ mailing -list.

New chrpath release 0.16

14th January 2014

Coverity is a nice tool to +find problems in C, C++ and Java code using static source code +analysis. It can detect a lot of different problems, and is very +useful to find memory and locking bugs in the error handling part of +the source. The company behind it provide +check of free software projects as +a community service, and many hundred free software projects are +already checked. A few days ago I decided to have a closer look at +the Coverity system, and discovered that the +gnash and +ipmitool +projects I am involved with was already registered. But these are +fairly big, and I would also like to have a small and easy project to +check, and decided to request +checking of the chrpath project. It was +added to the checker and discovered seven potential defects. Six of +these were real, mostly resource "leak" when the program detected an +error. Nothing serious, as the resources would be released a fraction +of a second later when the program exited because of the error, but it +is nice to do it right in case the source of the program some time in +the future end up in a library. Having fixed all defects and added +a +mailing list for the chrpath developers, I decided it was time to +publish a new release. These are the release notes:

+ +

New in 0.16 released 2014-01-14:

+ +

Fixed all minor bugs discovered by Coverity.
Updated config.sub and config.guess from the GNU project.
Mention new project mailing list in the documentation.

+ +

You can +download the +new version 0.16 from alioth. Please let us know via the Alioth +project if something is wrong with the new release. The test suite +did not discover any old errors, so if you find a new one, please also +include a test suite check.

- Tags: debian edu, english. + Tags: chrpath, debian, english.

@@ -572,138 +693,211 @@ list.

Debian Edu interview: Victor NiÈu

17th June 2013

The Debian Edu and -Skolelinux distribution have users and contributors all around the -globe. And a while back, an enterprising young man showed up on -our IRC channel -#debian-edu and started asking questions about how Debian Edu -worked. We answered as good as we could, and even convinced him to -help us with translations. And today I managed to get an interview -with him, to learn more about him.

Debian Edu interview: Dominik George

25th December 2013

The Debian Edu / Skolelinux +project consist of both newcomers and old timers, and this time I +was able to get an interview with a newcomer in the project who showed +up on the IRC channel a few weeks ago to let us know about his +successful installation of Debian Edu Wheezy in his School. Say hello +to Dominik +George.

+ +

Who are you, and how do you spend your days?

I'm a 25 year old free software enthusiast, living in Romania, -which is also my country of origin. Back in 2009, at a New Year's Eve -party, I had a very nice ~~beer~~ discussion with a -friend, when we realized we have no organised Debian community in our -country. A few days later, we put together the infrastructure for such -community and even gathered a nice Debian-ish crowd. Since then, I -began my quest as a free software hacker and activist and I am -constantly trying to cover as much ground as possible on that -field.

- -

A few years ago I founded a small web development company, which -provided me the flexible schedule I needed so much for my -activities. For the last 13 months, I have been the Technical Director -of FundaÈia Ceata, which is a free -software activist organisation endorsed by the FSF and the FSFE, and -the only one we have in our country.

I am a 23 year-old student from Germany who has spent half of his +life with open source. In "real life", I am, as already mentioned, a +student in the fields of Computer Science, Electrical Engineering, +Information Technologies and Anglistics. Due to my (only partially +voluntary) huge engagement in the open source world, these things are +a bit vacant right now however.

+ +

I also have been working as a project teacher at a Gymasnium +(public school) for various years now. I took up that work some time +around 2005 when still attending that school myself and have continued +it until today. I also had been running the (kind of very advanced) +network of that school together with a team of very interested and +talented students in the age of 11 to 15 years, who took the chance to +learn a lot about open source and networking before I left the school +to help building another school's informational education concept from +scratch.

+ +

That said, one might see me as a kind of "glue" between school kids +and the elderly of teachers as well as between the open source +ecosystem and the (even more complex) educational ecosystem.

+ +

When I am not busy with open source or education, I like Geocaching +and cycling.

How did you get in contact with the Skolelinux / Debian Edu project?

The idea of participating in the Debian Edu project was a surprise -even to me, since I never used it before I began getting involved in -it. This year I had a great opportunity to deliver a talk on -educational software, and I knew immediately where to look. It was a -love at first sight, since I was previously involved with some of the -technologies the project incorporates, and I rapidly found a lot of -ways to contribute.

- -

My first contributions consisted in translating the installer and -configuration dialogs, then I found some bugs to squash (I still -haven't fixed them yet though), and I even got my eyes on some other -areas where I can prove myself helpful. Since the appetite for free -software in my country is pretty low, I'll be happy to be the first -one around here advocating for the project's adoption in educational -environments, and maybe even get my hands dirty in creating a flavour -for our own needs. I am not used to make very advanced plannings, so -from now on, time will tell what I'll be doing next, but I think I -have a pretty consistent starting point.

- -

What do you see as the advantages of Skolelinux/Debian +

I think that happened some time around 2009 when I first attended +FrOSCon and visited the project +booth. I think I wasn't too interested back then because I used to +have an attitude of disliking software that does too much stuff on its +own. Maybe I was too inexperienced to realise the upsides of an +"out-of-the-box" solution ;).

+ +
The first time I actively talked to Skolelinux people was at +OpenRheinRuhr 2011 when the +BiscuIT project, a home-grewn software used by my school for various +really cool things from timetables and class contact lists to lunch +ordering, student ID card printing and project elections first got to +a stage where it could have been published. I asked the Skolelinux +guys running the booth if the project were interested in it and gave a +small demonstration, but there wasn't any real feedback and the guys +seemed rather uninterested.
+ +
After I left the school where I developed the software, it got +mostly lost, but I am now reimplementing it for my new school. I have +reusability and compatibility in mind, and I hop there will be a new +basis for contributing it to the Skolelinux project ;)!
+ +
What do you see as the advantages of Skolelinux / Debian Edu?
-
Not a long time ago, I was in the position of configuring and -maintaining a LDAP server on some Debian derivative, and I must say it -took me a while. A long time ago, I was maintaining a bigger -Samba-powered infrastructure, and I must say I spent quite a lot of -time on it. I have similar stories about many of the services included -with Skolelinux, and the main advantage I see about it is the -out-of-the box availability of them, making it quite competitive when -it comes to managing a school's network, for example.
- -
Of course, there is more to say about Skolelinux than the -availability of the software included, its flexibility in various -scenarios is something I can't wait to experiment "into the wild" (I -only played with virtual machines so far). And I am sure there is a -lot more I haven't discovered yet about it, being so new within the -project.
+
The most important advantage seems to be that it "just +works". After overcoming some minor (but still very annoying) glitches +in the installer, I got a fully functional, working school network, +without the month-long hassle I experienced when setting all that up +from scratch in earlier years. And above that, it rocked - I didn't +have any real hardware at hand, because the school was just founded +and has no money whatsoever, so I installed a combined server (main +server, terminal services and workstation) in a VM on my personal +notebook, bridging the LTSP network interface to the ethernet port, +and then PXE-booted the Windows notebooks that were lying around from +it. I could use 8 clients without any performance issues, by using a +tiny little VM on a tiny little notebook. I think that's enough to say +that it rocks!
+ +
Secondly, there are marketing reasons. Life's bad, and so no +politician will ever permit a setup described as "Debian, an universal +operating system, with some really cool educational tools" while they +will be jsut fine with "Skolelinux, a single-purpose solution for your +school network", even if both turn out to be the very same thing (yes, +this is unfair towards the Skolelinux project, and must not be taken +too seriously - you get the idea, anyway).

What do you see as the disadvantages of Skolelinux / Debian Edu?
-
As usual, when it comes to Debian Blends, I see as the biggest -disadvantage the lack of a numerous team dedicated to the -project. Every day I see the same names in the changelogs, and I have -a constantly fear of the bus factor in this story. I'd like to see -Debian Edu advertised more as an entry point into the Debian -ecosystem, especially amongst newcomers and students. IMHO there are a -lot low-hanging fruits in terms of bug squashing, and enough -opportunities to get the feeling of the Debian Project's dynamics. Not -to mention it's a very fun blend to work on!
- -
Derived from the previous statement, is the delay in catching up -with the main Debian release and documentation. This is common though -to all blends and derivatives, but it's an issue we can all work -on.
- -
Which free software do you use daily?
- -
I can hardly imagine myself spending a day without Vim, since my -daily routine covers writing code and hacking configuration files. I -am a fan of the Awesome window manager (but I also like the -Enlightenment project a lot!), -Claws Mail due to its ease of -use and very configurable behaviour. Recently I fell in love with -Redshift, which helps me -get through the night without headaches. Of course, there is much more -stuff in this bag, but I'll need a blog on my own for doing this!
- -
Which strategy do you believe is the right one to use to -get schools to use free software?
- -
Well, on this field, I cannot do much more than experiment right -now. So, being far from having a recipe for success, I can only assume -that:
+
I have not been involved with Skolelinux long enough to really +answer this question in a fair way. Thus, please allow me to put it in +other words: "What do you expect from Skolelinux to keep liking it?" I +can list a few points about that:

-
schools would like to get rid of proprietary software
+
always strive to get all things integrated into Debian upstream +
be open to discussion about changes and the like, even with newcomers +
be helpful at being helpful ;) -
students will love the openness of the system, and will want to - experiment with it - maybe we need to harvest the native curiosity - of teenagers more?
+
+ +
I'm really sorry I cannot say much more about that :(!
-
there is no "right one" when it comes to strategies, but it would - be useful to have some success stories published somewhere, so - other can get some inspiration from them (I know I'd promote - them!)
+
Which free software do you use daily?
-
more active promotion - talks, conferences, even small school - lectures can do magical things if they encounter at least one - person interested. Who knows who that person might be? ;-)
+
First of all, all software I use is free and open. I have abandoned +all non-free software (except for firmware on my darned phone) this +year.
+ +
I run Debian GNU/Linux on all PC systems I use. On that, I mostly +run text tools. I use +mksh as shell, +jupp as very advanced +text editor (I even got the developer to help me write a script/macro +based full-featured student management software with the two), +mcabber for XMPP and +irssi for IRC. For that overly +coloured world called the WWW, I use +Iceweasel +(Firefox). Oh, and mutt for +e-mail.
+ +
However, while I am personally aware of the fact that text tools +are more efficient and powerful than anything else, I also use (or at +least operate) some tools that are suitable to bring open source to +kids. One of these things is Jappix, +which I already introduced to some kids even before they got aware of +Facebook, making them see for themselves that they do not need +Facebook now ;).
- +
Which strategy do you believe is the right one to use to +get schools to use free software?
-
I also see some problems in getting Skolelinux into schools; for -example, in our country we have a great deal of corruption issues, so -it might be hard(er) to fight against proprietary solutions. Also, -people who relied on commercial software for all their lives, would be -very hard to convert against their will.
+
Well, that's a two-sided thing. One side is what I believe, and one +side is what I have experienced.
+ +
I believe that the right strategy is showing them the benefits. But +that won't work out as long as the acceptance of free alternatives +grows globally. What I mean is that if all the kids are almost forced +to use Windows, Facebook, Skype, you name it at home, they will not +see why they would want to use alternatives at school. I have seen +students take seat in front of a fully-functional, modern Debian +desktop that could do anything their Windows at home could do, and +they jsut refused to use it because "Linux sucks". It is something +that makes the council of our city spend around 600000 â¬ to buy +software - not including hardware, mind you - for operating school +networks, and for installing a system that, as has been proved, does +not work. For those of you readers who are good at maths, have you +already found out how many lives could have been saved with that money +if we had instead used it to bring education to parts of the world +that need it? I have, and found it to be nothing less dramatic than +plain criminal.
+ +
That said, the only feasible way appears to be the bottom up +method. We have to bring free software to kids and parents. I have +founded an association named +Teckids here in Germany that does +just that. We organise several events for kids and adolescents in the +area of free and open source software, for example the +FrogLabs, which share staff with +Teckids and are the youth programme of +the Free and Open Source Software +Conference (FrOSCon). We do a lot more than most other conferences +- this year, we first offered the FrogLabs as a holiday camp for kids +aged 10 to 16. It was a huge success, with approx. 30 kids taking part +and learning with and about free software through a whole weekend. All +of us had a lot of fun, and the results were really exciting.
+ +
Apart from that, we are preparing a campaign that is supposed to bring +the message of free alternatives to stuff kids use every day to them and +their parents, e.g. the use of Jabber / Jappix instead of Facebook and +Skype. To make that possible, we are planning to get together a team of +clever kids who understand very well what their peers need and can bring +it across to them. So we will have a peer-driven network of adolescents +who teach each other and collect feedback from the community of minors. +We then take that feedback and our own experience to work closely with +open source projects, such as Skolelinux or Jappix, at improving their +software in a way that makes it more and more attractive for the target +group. At least I hope that we will have good cooperation with +Skolelinux in the future ;)!
+ +
So in conclusion, what I believe is that, if it weren't for the world +being so bad, it should be very clear to the political decision makers +that the only way to go nowadays is free software for various reasons, +but I have learnt that the only way that seems to work is bottom up.
+ +

@@ -716,131 +910,44 @@ very hard to convert against their will.

-
Debian Edu interview: Jonathan Carter
-
12th June 2013
-
There is a certain cross-over between the -Debian Edu / Skolelinux -project and the Edubuntu -project, and for example the LTSP packages in Debian are a joint -effort between the projects. One person with a foot in both camps is -Jonathan Carter, which I am now happy to present to you.
- -
Who are you, and how do you spend your days?
- -
I'm a South-African free software geek who lives in Cape Town. My -days vary quite a bit since I'm involved in too many things. As I'm -getting older I'm learning how to focus a bit more :)
- -
I'm also an Edubuntu contributor and I love when there are -opportunities for the Edubuntu and Debian Edu projects to benefit from -each other.
- -
How did you get in contact with the Skolelinux / Debian Edu -project?
- -
I've been somewhat familiar with the project before, but I think my -first direct exposure to the project was when I met Petter -[Reinholdtsen] and Knut [Yrvin] at the Edubuntu summit in 2005 in -London. They provided great feedback that helped the bootstrapping of -Edubuntu. Back then Edubuntu (and even Ubuntu) was still very new and -it was great getting input from people who have been around longer. I -was also still very excitable and said yes to everything and to this -day I have a big todo list backlog that I'm catching up with. I think -over the years the relationship between Edubuntu and Debian-Edu has -been gradually improving, although I think there's a lot that we could -still improve on in terms of working together on packages. I'm sure -we'll get there one day.
- -
What do you see as the advantages of Skolelinux / Debian -Edu?
- -
Debian itself already has so many advantages. I could go on about -it for pages, but in essence I love that it's a very honest project -that puts its users first with no hidden agendas and also produces -very high quality work.
- -
I think the advantage of Debian Edu is that it makes many common -set-up tasks simpler so that administrators can get up and running -with a lot less effort and frustration. At the same time I think it -helps to standardise installations in schools so that it's easier for -community members and commercial suppliers to support.
- -
What do you see as the disadvantages of Skolelinux / Debian -Edu?
- -
I had to re-type this one a few times because I'm trying to -separate "disadvantages" from "areas that need improvement" (which is -what I originally rambled on about)
- -
The biggest disadvantage I can think of is lack of manpower. The -project could do so much more if there were more good contributors. I -think some of the problems are external too. Free software and free -content in education is a no-brainer but it takes some time to catch -on. When you've been working with the same proprietary eco-system for -years and have gotten used to it, it can be hard to adjust to some -concepts in the free software world. It would be nice if there were -more Debian Edu consultants across the world. I'd love to be one -myself but I'm already so over-committed that it's just not possible -currently.
- -
I think the best short-term solution to that large-scale problem is -for schools to be pro-active and share their experiences and grow -their skills in-house. I'm often saddened to see how much money -educational institutions spend on 3rd party solutions that they don't -have access to after the service has ended and they could've gotten so -much more value otherwise by being more self-sustainable and -autonomous.
- -
Which free software do you use daily?
- -
My main laptop dual-boots between Debian and Windows 7. I was -Windows free for years but started dual-booting again last year for -some games which help me focus and relax (Starcraft II in -particular). Gaming support on Linux is improving in leaps and bounds -so I suppose I'll soon be able to regain that disk space :)
- -
Besides that I rely on Icedove, Chromium, Terminator, Byobu, irssi, -git, Tomboy, KVM, VLC and LibreOffice. Recently I've been torn on -which desktop environment I like and I'm taking some refuge in Xfce -while I figure that out. I like tools that keep things simple. I enjoy -Python and shell scripting. I went to an Arduino workshop recently and -it was awesome seeing how easy and simple the IDE software was to get -up and running in Debian compared to the users running Windows and OS -X.
- -
I also use mc which some people frown upon slightly. I got used to -using Norton Commander in the early 90's and it stuck (I think the -people who sneer at it is just jealous that they don't know how to use -it :p) - -
Which strategy do you believe is the right one to use to -get schools to use free software?
- -
I think trying to force it is unproductive. I also think that in -many cases it's appropriate for schools to use non-free systems and I -don't think that there's any particular moral or ethical problem with -that.
- -
I do think though that free software can already solve so so many -problems in educational institutions and it's just a shame not taking -advantage of that.
- -
I also think that some curricula need serious review. For example, -some areas of the world rely heavily on very specific versions of MS -Office, teaching students to parrot menu items instead of learning the -general concepts. I think that's very unproductive because firstly, MS -Office's interface changes drastically every few years and on top of -that it also locks in a generation to a product that might not be the -best solution for them.
- -
To answer your question, I believe that the right strategy is to -educate and inform, giving someone the information they require to -make a decision that would work for them.
+
Dugnadsnett for alle stiller pÃ¥ Oslo Maker Faire i januar 2014
+
10th December 2013
+
Helga 18. og 19. januar 2014 arrangeres +Oslo Maker +Faire, og Dugnadsnett for +alle har fÃ¥tt plass! Planen er Ã¥ ha et bord med en plakat der vi +forteller om hva Dugnadsnett for alle er for noe, og et lite verksted +der vi hjelper folk som er interessert i Ã¥ fÃ¥ opp sin egen mesh-node. +Jeg gleder meg til Ã¥ se hvordan prosjektet blir mottatt der.
+ +
MÃ¥let med dugnadsnett for alle i Oslo er Ã¥ fÃ¥ pÃ¥ plass et datanett +for kommunikasjon ved hjelp av radio-repeaterstasjoner (kalt +mesh-noder) som gjÃ¸r at en kan direkte kommunisere med slekt, venner +og bekjente i Oslo via andre som deltar i dugnadsnettet, samt gjÃ¸re +det mulig komme ut pÃ¥ internett via dugnadsnettet. FÃ¸rste delmÃ¥l er Ã¥ +kunne sende SMS-meldinger vha. IP-telefoni lÃ¸sningen +Serval project mellom +deltagerne i Dugnadsnett for alle i Oslo. FormÃ¥let er Ã¥ ta tilbake +kontrollen over egen nett-infrastruktur og gjÃ¸re det dyrere Ã¥ bedrive +massiv innsamling av informasjon om borgernes bruk av datanett.
+ +
HÃ¸res dette interessant ut? Bli med pÃ¥ prosjektet, fortell oss +hvor du kunne tenke deg Ã¥ sette opp en radio-repeater (slik at folk i +nÃ¦rheten kan finne hverandre ved hjelp av +kartet over planlagte og +eksisterende radio-repeatere), bli med pÃ¥ epostlisten +dugnadsnett +(at) nuug.no og stikk innom +IRC-kanalen +#dugnadsnett.no. SÃ¥ langt er det planlagt over 40 +radio-repeatere, med VPN-forbindelser via Internet for Ã¥ la de delene +av nettet som ikke nÃ¥r hverandre via radio kunne snakke med hverandre +likevel.

- Tags: debian edu, english, intervju. + Tags: mesh network, norsk, nuug.
@@ -855,6 +962,17 @@ make a decision that would work for them.

Archive

+
2014 +
+ +
January (2)
+ +
February (3)
+ +
March (3)
+ +
+
2013
@@ -870,7 +988,17 @@ make a decision that would work for them.

June (10)
-
July (6)
+
July (7)
+ +
August (3)
+ +
September (5)
+ +
October (7)
+ +
November (9)
+ +
December (3)

@@ -1014,57 +1142,63 @@ make a decision that would work for them.

bankid (4)
-
bitcoin (7)
+
bitcoin (8)
-
bootsystem (12)
+
bootsystem (14)

bsa (2)
-
debian (83)
+
chrpath (2)
-
debian edu (137)
+
debian (95)
+ +
debian edu (145)

digistan (10)
-
docbook (9)
+
docbook (10)

drivstoffpriser (4)
-
english (209)
+
english (238)

fiksgatami (21)

fildeling (12)
-
freeculture (11)
+
freeculture (12)
+ +
freedombox (6)

frikanalen (11)
-
intervju (37)
+
intervju (39)

isenkram (7)

kart (18)
-
ldap (8)
+
ldap (9)
-
lenker (6)
+
lenker (7)

ltsp (1)
+
mesh network (7)
+
multimedia (25)
-
norsk (234)
+
norsk (241)
-
nuug (153)
+
nuug (161)
-
offentlig innsyn (8)
+
offentlig innsyn (10)

open311 (2)
-
opphavsrett (44)
+
opphavsrett (45)
-
personvern (65)
+
personvern (69)

raid (1)
@@ -1072,7 +1206,7 @@ make a decision that would work for them.

rfid (2)
-
robot (7)
+
robot (9)

rss (1)
@@ -1080,29 +1214,29 @@ make a decision that would work for them.

scraperwiki (2)
-
sikkerhet (29)
+
sikkerhet (35)

sitesummary (4)

skepsis (4)
-
standard (43)
+
standard (44)

stavekontroll (3)
-
stortinget (7)
+
stortinget (9)
-
surveillance (15)
+
surveillance (22)

sysadmin (1)
-
valg (7)
+
valg (8)
-
video (38)
+
video (39)

vitenskap (4)
-
web (26)
+
web (29)