1 <?xml version=
"1.0" encoding=
"utf-8"?>
2 <rss version='
2.0' xmlns:lj='http://www.livejournal.org/rss/lj/
1.0/'
>
4 <title>Petter Reinholdtsen - Entries tagged debian
</title>
5 <description>Entries tagged debian
</description>
6 <link>http://people.skolelinux.org/pere/blog/
</link>
10 <title>Speeding up the Debian installer using eatmydata and dpkg-divert
</title>
11 <link>http://people.skolelinux.org/pere/blog/Speeding_up_the_Debian_installer_using_eatmydata_and_dpkg_divert.html
</link>
12 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Speeding_up_the_Debian_installer_using_eatmydata_and_dpkg_divert.html
</guid>
13 <pubDate>Tue,
16 Sep
2014 14:
00:
00 +
0200</pubDate>
14 <description><p
>The
<a href=
"https://www.debian.org/
">Debian
</a
> installer could be
15 a lot quicker. When we install more than
2000 packages in
16 <a href=
"http://www.skolelinux.org/
">Skolelinux / Debian Edu
</a
> using
17 tasksel in the installer, unpacking the binary packages take forever.
18 A part of the slow I/O issue was discussed in
19 <a href=
"https://bugs.debian.org/
613428">bug #
613428</a
> about too
20 much file system sync-ing done by dpkg, which is the package
21 responsible for unpacking the binary packages. Other parts (like code
22 executed by postinst scripts) might also sync to disk during
23 installation. All this sync-ing to disk do not really make sense to
24 me. If the machine crash half-way through, I start over, I do not try
25 to salvage the half installed system. So the failure sync-ing is
26 supposed to protect against, hardware or system crash, is not really
27 relevant while the installer is running.
</p
>
29 <p
>A few days ago, I thought of a way to get rid of all the file
30 system sync()-ing in a fairly non-intrusive way, without the need to
31 change the code in several packages. The idea is not new, but I have
32 not heard anyone propose the approach using dpkg-divert before. It
33 depend on the small and clever package
34 <a href=
"https://packages.qa.debian.org/eatmydata
">eatmydata
</a
>, which
35 uses LD_PRELOAD to replace the system functions for syncing data to
36 disk with functions doing nothing, thus allowing programs to live
37 dangerous while speeding up disk I/O significantly. Instead of
38 modifying the implementation of dpkg, apt and tasksel (which are the
39 packages responsible for selecting, fetching and installing packages),
40 it occurred to me that we could just divert the programs away, replace
41 them with a simple shell wrapper calling
42 "eatmydata
&nbsp;$program
&nbsp;$@
", to get the same effect.
43 Two days ago I decided to test the idea, and wrapped up a simple
44 implementation for the Debian Edu udeb.
</p
>
46 <p
>The effect was stunning. In my first test it reduced the running
47 time of the pkgsel step (installing tasks) from
64 to less than
44
48 minutes (
20 minutes shaved off the installation) on an old Dell
49 Latitude D505 machine. I am not quite sure what the optimised time
50 would have been, as I messed up the testing a bit, causing the debconf
51 priority to get low enough for two questions to pop up during
52 installation. As soon as I saw the questions I moved the installation
53 along, but do not know how long the question were holding up the
54 installation. I did some more measurements using Debian Edu Jessie,
55 and got these results. The time measured is the time stamp in
56 /var/log/syslog between the
"pkgsel: starting tasksel
" and the
57 "pkgsel: finishing up
" lines, if you want to do the same measurement
58 yourself. In Debian Edu, the tasksel dialog do not show up, and the
59 timing thus do not depend on how quickly the user handle the tasksel
62 <p
><table
>
65 <th
>Machine/setup
</th
>
66 <th
>Original tasksel
</th
>
67 <th
>Optimised tasksel
</th
>
68 <th
>Reduction
</th
>
72 <td
>Latitude D505 Main+LTSP LXDE
</td
>
73 <td
>64 min (
07:
46-
08:
50)
</td
>
74 <td
><44 min (
11:
27-
12:
11)
</td
>
75 <td
>>20 min
18%
</td
>
79 <td
>Latitude D505 Roaming LXDE
</td
>
80 <td
>57 min (
08:
48-
09:
45)
</td
>
81 <td
>34 min (
07:
43-
08:
17)
</td
>
82 <td
>23 min
40%
</td
>
86 <td
>Latitude D505 Minimal
</td
>
87 <td
>22 min (
10:
37-
10:
59)
</td
>
88 <td
>11 min (
11:
16-
11:
27)
</td
>
89 <td
>11 min
50%
</td
>
93 <td
>Thinkpad X200 Minimal
</td
>
94 <td
>6 min (
08:
19-
08:
25)
</td
>
95 <td
>4 min (
08:
04-
08:
08)
</td
>
96 <td
>2 min
33%
</td
>
100 <td
>Thinkpad X200 Roaming KDE
</td
>
101 <td
>19 min (
09:
21-
09:
40)
</td
>
102 <td
>15 min (
10:
25-
10:
40)
</td
>
103 <td
>4 min
21%
</td
>
106 </table
></p
>
108 <p
>The test is done using a netinst ISO on a USB stick, so some of the
109 time is spent downloading packages. The connection to the Internet
110 was
100Mbit/s during testing, so downloading should not be a
111 significant factor in the measurement. Download typically took a few
112 seconds to a few minutes, depending on the amount of packages being
115 <p
>The speedup is implemented by using two hooks in
116 <a href=
"https://www.debian.org/devel/debian-installer/
">Debian
117 Installer
</a
>, the pre-pkgsel.d hook to set up the diverts, and the
118 finish-install.d hook to remove the divert at the end of the
119 installation. I picked the pre-pkgsel.d hook instead of the
120 post-base-installer.d hook because I test using an ISO without the
121 eatmydata package included, and the post-base-installer.d hook in
122 Debian Edu can only operate on packages included in the ISO. The
123 negative effect of this is that I am unable to activate this
124 optimization for the kernel installation step in d-i. If the code is
125 moved to the post-base-installer.d hook, the speedup would be larger
126 for the entire installation.
</p
>
128 <p
>I
've implemented this in the
129 <a href=
"https://packages.qa.debian.org/debian-edu-install
">debian-edu-install
</a
>
130 git repository, and plan to provide the optimization as part of the
131 Debian Edu installation. If you want to test this yourself, you can
132 create two files in the installer (or in an udeb). One shell script
133 need do go into /usr/lib/pre-pkgsel.d/, with content like this:
</p
>
135 <p
><blockquote
><pre
>
138 . /usr/share/debconf/confmodule
140 logger -t my-pkgsel
"info: $*
"
143 logger -t my-pkgsel
"error: $*
"
146 apt-install eatmydata || true
147 if [ -x /target/usr/bin/eatmydata ] ; then
148 for bin in dpkg apt-get aptitude tasksel ; do
150 # Test that the file exist and have not been diverted already.
151 if [ -f /target$file ] ; then
152 info
"diverting $file using eatmydata
"
153 printf
"#!/bin/sh\neatmydata $bin.distrib \
"\$@\
"\n
" \
154 > /target$file.edu
155 chmod
755 /target$file.edu
156 in-target dpkg-divert --package debian-edu-config \
157 --rename --quiet --add $file
158 ln -sf ./$bin.edu /target$file
160 error
"unable to divert $file, as it is missing.
"
164 error
"unable to find /usr/bin/eatmydata after installing the eatmydata pacage
"
169 </pre
></blockquote
></p
>
171 <p
>To clean up, another shell script should go into
172 /usr/lib/finish-install.d/ with code like this:
174 <p
><blockquote
><pre
>
176 . /usr/share/debconf/confmodule
178 logger -t my-finish-install
"error: $@
"
180 remove_install_override() {
181 for bin in dpkg apt-get aptitude tasksel ; do
183 if [ -x /target$file.edu ] ; then
185 in-target dpkg-divert --package debian-edu-config \
186 --rename --quiet --remove $file
189 error
"Missing divert for $file.
"
192 sync # Flush file buffers before continuing
195 remove_install_override
196 </pre
></blockquote
></p
>
198 <p
>In Debian Edu, I placed both code fragments in a separate script
199 edu-eatmydata-install and call it from the pre-pkgsel.d and
200 finish-install.d scripts.
</p
>
202 <p
>By now you might ask if this change should get into the normal
203 Debian installer too? I suspect it should, but am not sure the
204 current debian-installer coordinators find it useful enough. It also
205 depend on the side effects of the change. I
'm not aware of any, but I
206 guess we will see if the change is safe after some more testing.
207 Perhaps there is some package in Debian depending on sync() and
208 fsync() having effect? Perhaps it should go into its own udeb, to
209 allow those of us wanting to enable it to do so without affecting
212 <p
>Update
2014-
09-
24: Since a few days ago, enabling this optimization
213 will break installation of all programs using gnutls because of
214 <ahref=
"https://bugs.debian.org/
702711">bug #
702711. An updated
215 eatmydata package in Debian will solve it.
</p
>
220 <title>Good bye subkeys.pgp.net, welcome pool.sks-keyservers.net
</title>
221 <link>http://people.skolelinux.org/pere/blog/Good_bye_subkeys_pgp_net__welcome_pool_sks_keyservers_net.html
</link>
222 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Good_bye_subkeys_pgp_net__welcome_pool_sks_keyservers_net.html
</guid>
223 <pubDate>Wed,
10 Sep
2014 13:
10:
00 +
0200</pubDate>
224 <description><p
>Yesterday, I had the pleasure of attending a talk with the
225 <a href=
"http://www.nuug.no/
">Norwegian Unix User Group
</a
> about
226 <a href=
"http://www.nuug.no/aktiviteter/
20140909-sks-keyservers/
">the
227 OpenPGP keyserver pool sks-keyservers.net
</a
>, and was very happy to
228 learn that there is a large set of publicly available key servers to
229 use when looking for peoples public key. So far I have used
230 subkeys.pgp.net, and some times wwwkeys.nl.pgp.net when the former
231 were misbehaving, but those days are ended. The servers I have used
232 up until yesterday have been slow and some times unavailable. I hope
233 those problems are gone now.
</p
>
235 <p
>Behind the round robin DNS entry of the
236 <a href=
"https://sks-keyservers.net/
">sks-keyservers.net
</a
> service
237 there is a pool of more than
100 keyservers which are checked every
238 day to ensure they are well connected and up to date. It must be
239 better than what I have used so far. :)
</p
>
241 <p
>Yesterdays speaker told me that the service is the default
242 keyserver provided by the default configuration in GnuPG, but this do
243 not seem to be used in Debian. Perhaps it should?
</p
>
245 <p
>Anyway, I
've updated my ~/.gnupg/options file to now include this
248 <p
><blockquote
><pre
>
249 keyserver pool.sks-keyservers.net
250 </pre
></blockquote
></p
>
252 <p
>With GnuPG version
2 one can also locate the keyserver using SRV
253 entries in DNS. Just for fun, I did just that at work, so now every
254 user of GnuPG at the University of Oslo should find a OpenGPG
255 keyserver automatically should their need it:
</p
>
257 <p
><blockquote
><pre
>
258 % host -t srv _pgpkey-http._tcp.uio.no
259 _pgpkey-http._tcp.uio.no has SRV record
0 100 11371 pool.sks-keyservers.net.
261 </pre
></blockquote
></p
>
264 <a href=
"http://ietfreport.isoc.org/idref/draft-shaw-openpgp-hkp/
">the
265 HKP lookup protocol
</a
> supported finding signature paths, I would be
266 very happy. It can look up a given key or search for a user ID, but I
267 normally do not want that, but to find a trust path from my key to
268 another key. Given a user ID or key ID, I would like to find (and
269 download) the keys representing a signature path from my key to the
270 key in question, to be able to get a trust path between the two keys.
271 This is as far as I can tell not possible today. Perhaps something
272 for a future version of the protocol?
</p
>
277 <title>From English wiki to translated PDF and epub via Docbook
</title>
278 <link>http://people.skolelinux.org/pere/blog/From_English_wiki_to_translated_PDF_and_epub_via_Docbook.html
</link>
279 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/From_English_wiki_to_translated_PDF_and_epub_via_Docbook.html
</guid>
280 <pubDate>Tue,
17 Jun
2014 11:
30:
00 +
0200</pubDate>
281 <description><p
>The
<a href=
"http://www.skolelinux.org/
">Debian Edu / Skolelinux
282 project
</a
> provide an instruction manual for teachers, system
283 administrators and other users that contain useful tips for setting up
284 and maintaining a Debian Edu installation. This text is about how the
285 text processing of this manual is handled in the project.
</p
>
287 <p
>One goal of the project is to provide information in the native
288 language of its users, and for this we need to handle translations.
289 But we also want to make sure each language contain the same
290 information, so for this we need a good way to keep the translations
291 in sync. And we want it to be easy for our users to improve the
292 documentation, avoiding the need to learn special formats or tools to
293 contribute, and the obvious way to do this is to make it possible to
294 edit the documentation using a web browser. We also want it to be
295 easy for translators to keep the translation up to date, and give them
296 help in figuring out what need to be translated. Here is the list of
297 tools and the process we have found trying to reach all these
300 <p
>We maintain the authoritative source of our manual in the
301 <a href=
"https://wiki.debian.org/DebianEdu/Documentation/Wheezy/
">Debian
302 wiki
</a
>, as several wiki pages written in English. It consist of one
303 front page with references to the different chapters, several pages
304 for each chapter, and finally one
"collection page
" gluing all the
305 chapters together into one large web page (aka
306 <a href=
"https://wiki.debian.org/DebianEdu/Documentation/Wheezy/AllInOne
">the
307 AllInOne page
</a
>). The AllInOne page is the one used for further
308 processing and translations. Thanks to the fact that the
309 <a href=
"http://moinmo.in/
">MoinMoin
</a
> installation on
310 wiki.debian.org support exporting pages in
311 <a href=
"http://www.docbook.org/
">the Docbook format
</a
>, we can fetch
312 the list of pages to export using the raw version of the AllInOne
313 page, loop over each of them to generate a Docbook XML version of the
314 manual. This process also download images and transform image
315 references to use the locally downloaded images. The generated
316 Docbook XML files are slightly broken, so some post-processing is done
317 using the
<tt
>documentation/scripts/get_manual
</tt
> program, and the
318 result is a nice Docbook XML file (debian-edu-wheezy-manual.xml) and
319 a handfull of images. The XML file can now be used to generate PDF, HTML
320 and epub versions of the English manual. This is the basic step of
321 our process, making PDF (using dblatex), HTML (using xsltproc) and
322 epub (using dbtoepub) version from Docbook XML, and the resulting files
323 are placed in the debian-edu-doc-en binary package.
</p
>
325 <p
>But English documentation is not enough for us. We want translated
326 documentation too, and we want to make it easy for translators to
327 track the English original. For this we use the
328 <a href=
"http://packages.qa.debian.org/p/poxml.html
">poxml
</a
> package,
329 which allow us to transform the English Docbook XML file into a
330 translation file (a .pot file), usable with the normal gettext based
331 translation tools used by those translating free software. The pot
332 file is used to create and maintain translation files (several .po
333 files), which the translations update with the native language
334 translations of all titles, paragraphs and blocks of text in the
335 original. The next step is combining the original English Docbook XML
336 and the translation file (say debian-edu-wheezy-manual.nb.po), to
337 create a translated Docbook XML file (in this case
338 debian-edu-wheezy-manual.nb.xml). This translated (or partly
339 translated, if the translation is not complete) Docbook XML file can
340 then be used like the original to create a PDF, HTML and epub version
341 of the documentation.
</p
>
343 <p
>The translators use different tools to edit the .po files. We
345 <a href=
"http://www.kde.org/applications/development/lokalize/
">lokalize
</a
>,
346 while some use emacs and vi, others can use web based editors like
347 <a href=
"http://pootle.translatehouse.org/
">Poodle
</a
> or
348 <a href=
"https://www.transifex.com/
">Transifex
</a
>. All we care about
349 is where the .po file end up, in our git repository. Updated
350 translations can either be committed directly to git, or submitted as
351 <a href=
"https://bugs.debian.org/src:debian-edu-doc
">bug reports
352 against the debian-edu-doc package
</a
>.
</p
>
354 <p
>One challenge is images, which both might need to be translated (if
355 they show translated user applications), and are needed in different
356 formats when creating PDF and HTML versions (epub is a HTML version in
357 this regard). For this we transform the original PNG images to the
358 needed density and format during build, and have a way to provide
359 translated images by storing translated versions in
360 images/$LANGUAGECODE/. I am a bit unsure about the details here. The
361 package maintainers know more.
</p
>
363 <p
>If you wonder what the result look like, we provide
364 <a href=
"http://maintainer.skolelinux.org/debian-edu-doc/
">the content
365 of the documentation packages on the web
</a
>. See for example the
366 <a href=
"http://maintainer.skolelinux.org/debian-edu-doc/it/debian-edu-wheezy-manual.pdf
">Italian
367 PDF version
</a
> or the
368 <a href=
"http://maintainer.skolelinux.org/debian-edu-doc/de/debian-edu-wheezy-manual.html
">German
369 HTML version
</a
>. We do not yet build the epub version by default,
370 but perhaps it will be done in the future.
</p
>
372 <p
>To learn more, check out
373 <a href=
"http://packages.qa.debian.org/d/debian-edu-doc.html
">the
374 debian-edu-doc package
</a
>,
375 <a href=
"https://wiki.debian.org/DebianEdu/Documentation/Wheezy/
">the
376 manual on the wiki
</a
> and
377 <a href=
"https://wiki.debian.org/DebianEdu/Documentation/Wheezy/Translations
">the
378 translation instructions
</a
> in the manual.
</p
>
383 <title>Install hardware dependent packages using tasksel (Isenkram
0.7)
</title>
384 <link>http://people.skolelinux.org/pere/blog/Install_hardware_dependent_packages_using_tasksel__Isenkram_0_7_.html
</link>
385 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Install_hardware_dependent_packages_using_tasksel__Isenkram_0_7_.html
</guid>
386 <pubDate>Wed,
23 Apr
2014 14:
50:
00 +
0200</pubDate>
387 <description><p
>It would be nice if it was easier in Debian to get all the hardware
388 related packages relevant for the computer installed automatically.
389 So I implemented one, using
390 <a href=
"http://packages.qa.debian.org/isenkram
">my Isenkram
391 package
</a
>. To use it, install the tasksel and isenkram packages and
392 run tasksel as user root. You should be presented with a new option,
393 "Hardware specific packages (autodetected by isenkram)
". When you
394 select it, tasksel will install the packages isenkram claim is fit for
395 the current hardware, hot pluggable or not.
<p
>
397 <p
>The implementation is in two files, one is the tasksel menu entry
398 description, and the other is the script used to extract the list of
399 packages to install. The first part is in
400 <tt
>/usr/share/tasksel/descs/isenkram.desc
</tt
> and look like
403 <p
><blockquote
><pre
>
406 Description: Hardware specific packages (autodetected by isenkram)
407 Based on the detected hardware various hardware specific packages are
409 Test-new-install: mark show
411 Packages: for-current-hardware
412 </pre
></blockquote
></p
>
414 <p
>The second part is in
415 <tt
>/usr/lib/tasksel/packages/for-current-hardware
</tt
> and look like
418 <p
><blockquote
><pre
>
423 isenkram-autoinstall-firmware -l
425 </pre
></blockquote
></p
>
427 <p
>All in all, a very short and simple implementation making it
428 trivial to install the hardware dependent package we all may want to
429 have installed on our machines. I
've not been able to find a way to
430 get tasksel to tell you exactly which packages it plan to install
431 before doing the installation. So if you are curious or careful,
432 check the output from the isenkram-* command line tools first.
</p
>
434 <p
>The information about which packages are handling which hardware is
435 fetched either from the isenkram package itself in
436 /usr/share/isenkram/, from git.debian.org or from the APT package
437 database (using the Modaliases header). The APT package database
438 parsing have caused a nasty resource leak in the isenkram daemon (bugs
439 <a href=
"http://bugs.debian.org/
719837">#
719837</a
> and
440 <a href=
"http://bugs.debian.org/
730704">#
730704</a
>). The cause is in
441 the python-apt code (bug
442 <a href=
"http://bugs.debian.org/
745487">#
745487</a
>), but using a
443 workaround I was able to get rid of the file descriptor leak and
444 reduce the memory leak from ~
30 MiB per hardware detection down to
445 around
2 MiB per hardware detection. It should make the desktop
446 daemon a lot more useful. The fix is in version
0.7 uploaded to
447 unstable today.
</p
>
449 <p
>I believe the current way of mapping hardware to packages in
450 Isenkram is is a good draft, but in the future I expect isenkram to
451 use the AppStream data source for this. A proposal for getting proper
452 AppStream support into Debian is floating around as
453 <a href=
"https://wiki.debian.org/DEP-
11">DEP-
11</a
>, and
454 <a href=
"https://wiki.debian.org/SummerOfCode2014/Projects#SummerOfCode2014.2FProjects
.2FAppStreamDEP11Implementation.AppStream
.2FDEP-
11_for_the_Debian_Archive
">GSoC
455 project
</a
> will take place this summer to improve the situation. I
456 look forward to seeing the result, and welcome patches for isenkram to
457 start using the information when it is ready.
</p
>
459 <p
>If you want your package to map to some specific hardware, either
460 add a
"Xb-Modaliases
" header to your control file like I did in
461 <a href=
"http://packages.qa.debian.org/pymissile
">the pymissile
462 package
</a
> or submit a bug report with the details to the isenkram
464 <a href=
"http://people.skolelinux.org/pere/blog/tags/isenkram/
">all my
465 blog posts tagged isenkram
</a
> for details on the notation. I expect
466 the information will be migrated to AppStream eventually, but for the
467 moment I got no better place to store it.
</p
>
472 <title>FreedomBox milestone - all packages now in Debian Sid
</title>
473 <link>http://people.skolelinux.org/pere/blog/FreedomBox_milestone___all_packages_now_in_Debian_Sid.html
</link>
474 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/FreedomBox_milestone___all_packages_now_in_Debian_Sid.html
</guid>
475 <pubDate>Tue,
15 Apr
2014 22:
10:
00 +
0200</pubDate>
476 <description><p
>The
<a href=
"https://wiki.debian.org/FreedomBox
">Freedombox
477 project
</a
> is working on providing the software and hardware to make
478 it easy for non-technical people to host their data and communication
479 at home, and being able to communicate with their friends and family
480 encrypted and away from prying eyes. It is still going strong, and
481 today a major mile stone was reached.
</p
>
483 <p
>Today, the last of the packages currently used by the project to
484 created the system images were accepted into Debian Unstable. It was
485 the freedombox-setup package, which is used to configure the images
486 during build and on the first boot. Now all one need to get going is
487 the build code from the freedom-maker git repository and packages from
488 Debian. And once the freedombox-setup package enter testing, we can
489 build everything directly from Debian. :)
</p
>
491 <p
>Some key packages used by Freedombox are
492 <a href=
"http://packages.qa.debian.org/freedombox-setup
">freedombox-setup
</a
>,
493 <a href=
"http://packages.qa.debian.org/plinth
">plinth
</a
>,
494 <a href=
"http://packages.qa.debian.org/pagekite
">pagekite
</a
>,
495 <a href=
"http://packages.qa.debian.org/tor
">tor
</a
>,
496 <a href=
"http://packages.qa.debian.org/privoxy
">privoxy
</a
>,
497 <a href=
"http://packages.qa.debian.org/owncloud
">owncloud
</a
> and
498 <a href=
"http://packages.qa.debian.org/dnsmasq
">dnsmasq
</a
>. There
499 are plans to integrate more packages into the setup. User
500 documentation is maintained on the Debian wiki. Please
501 <a href=
"https://wiki.debian.org/FreedomBox/Manual/Jessie
">check out
502 the manual
</a
> and help us improve it.
</p
>
504 <p
>To test for yourself and create boot images with the FreedomBox
505 setup, run this on a Debian machine using a user with sudo rights to
506 become root:
</p
>
509 sudo apt-get install git vmdebootstrap mercurial python-docutils \
510 mktorrent extlinux virtualbox qemu-user-static binfmt-support \
512 git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \
514 make -C freedom-maker dreamplug-image raspberry-image virtualbox-image
515 </pre
></p
>
517 <p
>Root access is needed to run debootstrap and mount loopback
518 devices. See the README in the freedom-maker git repo for more
519 details on the build. If you do not want all three images, trim the
520 make line. Note that the virtualbox-image target is not really
521 virtualbox specific. It create a x86 image usable in kvm, qemu,
522 vmware and any other x86 virtual machine environment. You might need
523 the version of vmdebootstrap in Jessie to get the build working, as it
524 include fixes for a race condition with kpartx.
</p
>
526 <p
>If you instead want to install using a Debian CD and the preseed
527 method, boot a Debian Wheezy ISO and use this boot argument to load
528 the preseed values:
</p
>
531 url=
<a href=
"http://www.reinholdtsen.name/freedombox/preseed-jessie.dat
">http://www.reinholdtsen.name/freedombox/preseed-jessie.dat
</a
>
532 </pre
></p
>
534 <p
>I have not tested it myself the last few weeks, so I do not know if
535 it still work.
</p
>
537 <p
>If you wonder how to help, one task you could look at is using
538 systemd as the boot system. It will become the default for Linux in
539 Jessie, so we need to make sure it is usable on the Freedombox. I did
540 a simple test a few weeks ago, and noticed dnsmasq failed to start
541 during boot when using systemd. I suspect there are other problems
542 too. :) To detect problems, there is a test suite included, which can
543 be run from the plinth web interface.
</p
>
545 <p
>Give it a go and let us know how it goes on the mailing list, and help
546 us get the new release published. :) Please join us on
547 <a href=
"irc://irc.debian.org:
6667/%
23freedombox
">IRC (#freedombox on
548 irc.debian.org)
</a
> and
549 <a href=
"http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
">the
550 mailing list
</a
> if you want to help make this vision come true.
</p
>
555 <title>S3QL, a locally mounted cloud file system - nice free software
</title>
556 <link>http://people.skolelinux.org/pere/blog/S3QL__a_locally_mounted_cloud_file_system___nice_free_software.html
</link>
557 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/S3QL__a_locally_mounted_cloud_file_system___nice_free_software.html
</guid>
558 <pubDate>Wed,
9 Apr
2014 11:
30:
00 +
0200</pubDate>
559 <description><p
>For a while now, I have been looking for a sensible offsite backup
560 solution for use at home. My requirements are simple, it must be
561 cheap and locally encrypted (in other words, I keep the encryption
562 keys, the storage provider do not have access to my private files).
563 One idea me and my friends had many years ago, before the cloud
564 storage providers showed up, was to use Google mail as storage,
565 writing a Linux block device storing blocks as emails in the mail
566 service provided by Google, and thus get heaps of free space. On top
567 of this one can add encryption, RAID and volume management to have
568 lots of (fairly slow, I admit that) cheap and encrypted storage. But
569 I never found time to implement such system. But the last few weeks I
570 have looked at a system called
571 <a href=
"https://bitbucket.org/nikratio/s3ql/
">S3QL
</a
>, a locally
572 mounted network backed file system with the features I need.
</p
>
574 <p
>S3QL is a fuse file system with a local cache and cloud storage,
575 handling several different storage providers, any with Amazon S3,
576 Google Drive or OpenStack API. There are heaps of such storage
577 providers. S3QL can also use a local directory as storage, which
578 combined with sshfs allow for file storage on any ssh server. S3QL
579 include support for encryption, compression, de-duplication, snapshots
580 and immutable file systems, allowing me to mount the remote storage as
581 a local mount point, look at and use the files as if they were local,
582 while the content is stored in the cloud as well. This allow me to
583 have a backup that should survive fire. The file system can not be
584 shared between several machines at the same time, as only one can
585 mount it at the time, but any machine with the encryption key and
586 access to the storage service can mount it if it is unmounted.
</p
>
588 <p
>It is simple to use. I
'm using it on Debian Wheezy, where the
589 package is included already. So to get started, run
<tt
>apt-get
590 install s3ql
</tt
>. Next, pick a storage provider. I ended up picking
591 Greenqloud, after reading their nice recipe on
592 <a href=
"https://greenqloud.zendesk.com/entries/
44611757-How-To-Use-S3QL-to-mount-a-StorageQloud-bucket-on-Debian-Wheezy
">how
593 to use S3QL with their Amazon S3 service
</a
>, because I trust the laws
594 in Iceland more than those in USA when it come to keeping my personal
595 data safe and private, and thus would rather spend money on a company
596 in Iceland. Another nice recipe is available from the article
597 <a href=
"http://www.admin-magazine.com/HPC/Articles/HPC-Cloud-Storage
">S3QL
598 Filesystem for HPC Storage
</a
> by Jeff Layton in the HPC section of
599 Admin magazine. When the provider is picked, figure out how to get
600 the API key needed to connect to the storage API. With Greencloud,
601 the key did not show up until I had added payment details to my
604 <p
>Armed with the API access details, it is time to create the file
605 system. First, create a new bucket in the cloud. This bucket is the
606 file system storage area. I picked a bucket name reflecting the
607 machine that was going to store data there, but any name will do.
608 I
'll refer to it as
<tt
>bucket-name
</tt
> below. In addition, one need
609 the API login and password, and a locally created password. Store it
610 all in ~root/.s3ql/authinfo2 like this:
612 <p
><blockquote
><pre
>
614 storage-url: s3c://s.greenqloud.com:
443/bucket-name
615 backend-login: API-login
616 backend-password: API-password
617 fs-passphrase: local-password
618 </pre
></blockquote
></p
>
620 <p
>I create my local passphrase using
<tt
>pwget
50</tt
> or similar,
621 but any sensible way to create a fairly random password should do it.
622 Armed with these details, it is now time to run mkfs, entering the API
623 details and password to create it:
</p
>
625 <p
><blockquote
><pre
>
626 # mkdir -m
700 /var/lib/s3ql-cache
627 # mkfs.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
628 --ssl s3c://s.greenqloud.com:
443/bucket-name
630 Enter backend password:
631 Before using S3QL, make sure to read the user
's guide, especially
632 the
'Important Rules to Avoid Loosing Data
' section.
633 Enter encryption password:
634 Confirm encryption password:
635 Generating random encryption key...
636 Creating metadata tables...
646 Compressing and uploading metadata...
647 Wrote
0.00 MB of compressed metadata.
648 #
</pre
></blockquote
></p
>
650 <p
>The next step is mounting the file system to make the storage available.
652 <p
><blockquote
><pre
>
653 # mount.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
654 --ssl --allow-root s3c://s.greenqloud.com:
443/bucket-name /s3ql
655 Using
4 upload threads.
656 Downloading and decompressing metadata...
666 Mounting filesystem...
668 Filesystem Size Used Avail Use% Mounted on
669 s3c://s.greenqloud.com:
443/bucket-name
1.0T
0 1.0T
0% /s3ql
671 </pre
></blockquote
></p
>
673 <p
>The file system is now ready for use. I use rsync to store my
674 backups in it, and as the metadata used by rsync is downloaded at
675 mount time, no network traffic (and storage cost) is triggered by
676 running rsync. To unmount, one should not use the normal umount
677 command, as this will not flush the cache to the cloud storage, but
678 instead running the umount.s3ql command like this:
680 <p
><blockquote
><pre
>
683 </pre
></blockquote
></p
>
685 <p
>There is a fsck command available to check the file system and
686 correct any problems detected. This can be used if the local server
687 crashes while the file system is mounted, to reset the
"already
688 mounted
" flag. This is what it look like when processing a working
689 file system:
</p
>
691 <p
><blockquote
><pre
>
692 # fsck.s3ql --force --ssl s3c://s.greenqloud.com:
443/bucket-name
693 Using cached metadata.
694 File system seems clean, checking anyway.
695 Checking DB integrity...
696 Creating temporary extra indices...
697 Checking lost+found...
698 Checking cached objects...
699 Checking names (refcounts)...
700 Checking contents (names)...
701 Checking contents (inodes)...
702 Checking contents (parent inodes)...
703 Checking objects (reference counts)...
704 Checking objects (backend)...
705 ..processed
5000 objects so far..
706 ..processed
10000 objects so far..
707 ..processed
15000 objects so far..
708 Checking objects (sizes)...
709 Checking blocks (referenced objects)...
710 Checking blocks (refcounts)...
711 Checking inode-block mapping (blocks)...
712 Checking inode-block mapping (inodes)...
713 Checking inodes (refcounts)...
714 Checking inodes (sizes)...
715 Checking extended attributes (names)...
716 Checking extended attributes (inodes)...
717 Checking symlinks (inodes)...
718 Checking directory reachability...
719 Checking unix conventions...
720 Checking referential integrity...
721 Dropping temporary indices...
722 Backing up old metadata...
732 Compressing and uploading metadata...
733 Wrote
0.89 MB of compressed metadata.
735 </pre
></blockquote
></p
>
737 <p
>Thanks to the cache, working on files that fit in the cache is very
738 quick, about the same speed as local file access. Uploading large
739 amount of data is to me limited by the bandwidth out of and into my
740 house. Uploading
685 MiB with a
100 MiB cache gave me
305 kiB/s,
741 which is very close to my upload speed, and downloading the same
742 Debian installation ISO gave me
610 kiB/s, close to my download speed.
743 Both were measured using
<tt
>dd
</tt
>. So for me, the bottleneck is my
744 network, not the file system code. I do not know what a good cache
745 size would be, but suspect that the cache should e larger than your
746 working set.
</p
>
748 <p
>I mentioned that only one machine can mount the file system at the
749 time. If another machine try, it is told that the file system is
752 <p
><blockquote
><pre
>
753 # mount.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
754 --ssl --allow-root s3c://s.greenqloud.com:
443/bucket-name /s3ql
755 Using
8 upload threads.
756 Backend reports that fs is still mounted elsewhere, aborting.
758 </pre
></blockquote
></p
>
760 <p
>The file content is uploaded when the cache is full, while the
761 metadata is uploaded once every
24 hour by default. To ensure the
762 file system content is flushed to the cloud, one can either umount the
763 file system, or ask S3QL to flush the cache and metadata using
766 <p
><blockquote
><pre
>
767 # s3qlctrl upload-meta /s3ql
768 # s3qlctrl flushcache /s3ql
770 </pre
></blockquote
></p
>
772 <p
>If you are curious about how much space your data uses in the
773 cloud, and how much compression and deduplication cut down on the
774 storage usage, you can use s3qlstat on the mounted file system to get
777 <p
><blockquote
><pre
>
779 Directory entries:
9141
782 Total data size:
22049.38 MB
783 After de-duplication:
21955.46 MB (
99.57% of total)
784 After compression:
21877.28 MB (
99.22% of total,
99.64% of de-duplicated)
785 Database size:
2.39 MB (uncompressed)
786 (some values do not take into account not-yet-uploaded dirty blocks in cache)
788 </pre
></blockquote
></p
>
790 <p
>I mentioned earlier that there are several possible suppliers of
791 storage. I did not try to locate them all, but am aware of at least
792 <a href=
"https://www.greenqloud.com/
">Greenqloud
</a
>,
793 <a href=
"http://drive.google.com/
">Google Drive
</a
>,
794 <a href=
"http://aws.amazon.com/s3/
">Amazon S3 web serivces
</a
>,
795 <a href=
"http://www.rackspace.com/
">Rackspace
</a
> and
796 <a href=
"http://crowncloud.net/
">Crowncloud
</A
>. The latter even
797 accept payment in Bitcoin. Pick one that suit your need. Some of
798 them provide several GiB of free storage, but the prize models are
799 quite different and you will have to figure out what suits you
802 <p
>While researching this blog post, I had a look at research papers
803 and posters discussing the S3QL file system. There are several, which
804 told me that the file system is getting a critical check by the
805 science community and increased my confidence in using it. One nice
807 "<a href=
"http://www.lanl.gov/orgs/adtsc/publications/science_highlights_2013/docs/pg68_69.pdf
">An
808 Innovative Parallel Cloud Storage System using OpenStack’s SwiftObject
809 Store and Transformative Parallel I/O Approach
</a
>" by Hsing-Bung
810 Chen, Benjamin McClelland, David Sherrill, Alfred Torrez, Parks Fields
811 and Pamela Smith. Please have a look.
</p
>
813 <p
>Given my problems with different file systems earlier, I decided to
814 check out the mounted S3QL file system to see if it would be usable as
815 a home directory (in other word, that it provided POSIX semantics when
816 it come to locking and umask handling etc). Running
817 <a href=
"http://people.skolelinux.org/pere/blog/Testing_if_a_file_system_can_be_used_for_home_directories___.html
">my
818 test code to check file system semantics
</a
>, I was happy to discover that
819 no error was found. So the file system can be used for home
820 directories, if one chooses to do so.
</p
>
822 <p
>If you do not want a locally file system, and want something that
823 work without the Linux fuse file system, I would like to mention the
824 <a href=
"http://www.tarsnap.com/
">Tarsnap service
</a
>, which also
825 provide locally encrypted backup using a command line client. It have
826 a nicer access control system, where one can split out read and write
827 access, allowing some systems to write to the backup and others to
828 only read from it.
</p
>
830 <p
>As usual, if you use Bitcoin and want to show your support of my
831 activities, please send Bitcoin donations to my address
832 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
&label=PetterReinholdtsenBlog
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
837 <title>Freedombox on Dreamplug, Raspberry Pi and virtual x86 machine
</title>
838 <link>http://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html
</link>
839 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html
</guid>
840 <pubDate>Fri,
14 Mar
2014 11:
00:
00 +
0100</pubDate>
841 <description><p
>The
<a href=
"https://wiki.debian.org/FreedomBox
">Freedombox
842 project
</a
> is working on providing the software and hardware for
843 making it easy for non-technical people to host their data and
844 communication at home, and being able to communicate with their
845 friends and family encrypted and away from prying eyes. It has been
846 going on for a while, and is slowly progressing towards a new test
847 release (
0.2).
</p
>
849 <p
>And what day could be better than the Pi day to announce that the
850 new version will provide
"hard drive
" / SD card / USB stick images for
851 Dreamplug, Raspberry Pi and VirtualBox (or any other virtualization
852 system), and can also be installed using a Debian installer preseed
853 file. The Debian based Freedombox is now based on Debian Jessie,
854 where most of the needed packages used are already present. Only one,
855 the freedombox-setup package, is missing. To try to build your own
856 boot image to test the current status, fetch the freedom-maker scripts
858 <a href=
"http://packages.qa.debian.org/vmdebootstrap
">vmdebootstrap
</a
>
859 with a user with sudo access to become root:
862 git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \
864 sudo apt-get install git vmdebootstrap mercurial python-docutils \
865 mktorrent extlinux virtualbox qemu-user-static binfmt-support \
867 make -C freedom-maker dreamplug-image raspberry-image virtualbox-image
870 <p
>Root access is needed to run debootstrap and mount loopback
871 devices. See the README for more details on the build. If you do not
872 want all three images, trim the make line. But note that thanks to
<a
873 href=
"https://bugs.debian.org/
741407">a race condition in
874 vmdebootstrap
</a
>, the build might fail without the patch to the
875 kpartx call.
</p
>
877 <p
>If you instead want to install using a Debian CD and the preseed
878 method, boot a Debian Wheezy ISO and use this boot argument to load
879 the preseed values:
</p
>
882 url=
<a href=
"http://www.reinholdtsen.name/freedombox/preseed-jessie.dat
">http://www.reinholdtsen.name/freedombox/preseed-jessie.dat
</a
>
885 <p
>But note that due to
<a href=
"https://bugs.debian.org/
740673">a
886 recently introduced bug in apt in Jessie
</a
>, the installer will
887 currently hang while setting up APT sources. Killing the
888 '<tt
>apt-cdrom ident
</tt
>' process when it hang a few times during the
889 installation will get the installation going. This affect all
890 installations in Jessie, and I expect it will be fixed soon.
</p
>
892 <p
>Give it a go and let us know how it goes on the mailing list, and help
893 us get the new release published. :) Please join us on
894 <a href=
"irc://irc.debian.org:
6667/%
23freedombox
">IRC (#freedombox on
895 irc.debian.org)
</a
> and
896 <a href=
"http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
">the
897 mailing list
</a
> if you want to help make this vision come true.
</p
>
902 <title>New home and release
1.0 for netgroup and innetgr (aka ng-utils)
</title>
903 <link>http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html
</link>
904 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html
</guid>
905 <pubDate>Sat,
22 Feb
2014 21:
45:
00 +
0100</pubDate>
906 <description><p
>Many years ago, I wrote a GPL licensed version of the netgroup and
907 innetgr tools, because I needed them in
908 <a href=
"http://www.skolelinux.org/
">Skolelinux
</a
>. I called the project
909 ng-utils, and it has served me well. I placed the project under the
910 <a href=
"http://www.hungry.com/
">Hungry Programmer
</a
> umbrella, and it was maintained in our CVS
911 repository. But many years ago, the CVS repository was dropped (lost,
912 not migrated to new hardware, not sure), and the project have lacked a
913 proper home since then.
</p
>
915 <p
>Last summer, I had a look at the package and made a new release
916 fixing a irritating crash bug, but was unable to store the changes in
917 a proper source control system. I applied for a project on
918 <a href=
"https://alioth.debian.org/
">Alioth
</a
>, but did not have time
919 to follow up on it. Until today. :)
</p
>
921 <p
>After many hours of cleaning and migration, the ng-utils project
922 now have a new home, and a git repository with the highlight of the
923 history of the project. I published all release tarballs and imported
924 them into the git repository. As the project is really stable and not
925 expected to gain new features any time soon, I decided to make a new
926 release and call it
1.0. Visit the new project home on
927 <a href=
"https://alioth.debian.org/projects/ng-utils/
">https://alioth.debian.org/projects/ng-utils/
</a
>
928 if you want to check it out. The new version is also uploaded into
929 <a href=
"http://packages.qa.debian.org/n/ng-utils.html
">Debian Unstable
</a
>.
</p
>
934 <title>Testing sysvinit from experimental in Debian Hurd
</title>
935 <link>http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html
</link>
936 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html
</guid>
937 <pubDate>Mon,
3 Feb
2014 13:
40:
00 +
0100</pubDate>
938 <description><p
>A few days ago I decided to try to help the Hurd people to get
939 their changes into sysvinit, to allow them to use the normal sysvinit
940 boot system instead of their old one. This follow up on the
941 <a href=
"https://teythoon.cryptobitch.de//categories/gsoc.html
">great
942 Google Summer of Code work
</a
> done last summer by Justus Winter to
943 get Debian on Hurd working more like Debian on Linux. To get started,
944 I downloaded a prebuilt hard disk image from
945 <a href=
"http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz
">http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz
</a
>,
946 and started it using virt-manager.
</p
>
948 <p
>The first think I had to do after logging in (root without any
949 password) was to get the network operational. I followed
950 <a href=
"https://www.debian.org/ports/hurd/hurd-install
">the
951 instructions on the Debian GNU/Hurd ports page
</a
> and ran these
952 commands as root to get the machine to accept a IP address from the
953 kvm internal DHCP server:
</p
>
955 <p
><blockquote
><pre
>
956 settrans -fgap /dev/netdde /hurd/netdde
957 kill $(ps -ef|awk
'/[p]finet/ { print $
2}
')
958 kill $(ps -ef|awk
'/[d]evnode/ { print $
2}
')
960 </pre
></blockquote
></p
>
962 <p
>After this, the machine had internet connectivity, and I could
963 upgrade it and install the sysvinit packages from experimental and
964 enable it as the default boot system in Hurd.
</p
>
966 <p
>But before I did that, I set a password on the root user, as ssh is
967 running on the machine it for ssh login to work a password need to be
968 set. Also, note that a bug somewhere in openssh on Hurd block
969 compression from working. Remember to turn that off on the client
972 <p
>Run these commands as root to upgrade and test the new sysvinit
975 <p
><blockquote
><pre
>
976 cat
> /etc/apt/sources.list.d/experimental.list
&lt;
&lt;EOF
977 deb http://http.debian.net/debian/ experimental main
981 apt-get install -t experimental initscripts sysv-rc sysvinit \
982 sysvinit-core sysvinit-utils
983 update-alternatives --config runsystem
984 </pre
></blockquote
></p
>
986 <p
>To reboot after switching boot system, you have to use
987 <tt
>reboot-hurd
</tt
> instead of just
<tt
>reboot
</tt
>, as there is not
988 yet a sysvinit process able to receive the signals from the normal
989 'reboot
' command. After switching to sysvinit as the boot system,
990 upgrading every package and rebooting, the network come up with DHCP
991 after boot as it should, and the settrans/pkill hack mentioned at the
992 start is no longer needed. But for some strange reason, there are no
993 longer any login prompt in the virtual console, so I logged in using
996 <p
>Note that there are some race conditions in Hurd making the boot
997 fail some times. No idea what the cause is, but hope the Hurd porters
998 figure it out. At least Justus said on IRC (#debian-hurd on
999 irc.debian.org) that they are aware of the problem. A way to reduce
1000 the impact is to upgrade to the Hurd packages built by Justus by
1001 adding this repository to the machine:
</p
>
1003 <p
><blockquote
><pre
>
1004 cat
> /etc/apt/sources.list.d/hurd-ci.list
&lt;
&lt;EOF
1005 deb http://darnassus.sceen.net/~teythoon/hurd-ci/ sid main
1007 </pre
></blockquote
></p
>
1009 <p
>At the moment the prebuilt virtual machine get some packages from
1010 http://ftp.debian-ports.org/debian, because some of the packages in
1011 unstable do not yet include the required patches that are lingering in
1012 BTS. This is the completely list of
"unofficial
" packages installed:
</p
>
1014 <p
><blockquote
><pre
>
1015 # aptitude search
'?narrow(?version(CURRENT),?origin(Debian Ports))
'
1016 i emacs - GNU Emacs editor (metapackage)
1017 i gdb - GNU Debugger
1018 i hurd-recommended - Miscellaneous translators
1019 i isc-dhcp-client - ISC DHCP client
1020 i isc-dhcp-common - common files used by all the isc-dhcp* packages
1021 i libc-bin - Embedded GNU C Library: Binaries
1022 i libc-dev-bin - Embedded GNU C Library: Development binaries
1023 i libc0.3 - Embedded GNU C Library: Shared libraries
1024 i A libc0.3-dbg - Embedded GNU C Library: detached debugging symbols
1025 i libc0.3-dev - Embedded GNU C Library: Development Libraries and Hea
1026 i multiarch-support - Transitional package to ensure multiarch compatibilit
1027 i A x11-common - X Window System (X.Org) infrastructure
1028 i xorg - X.Org X Window System
1029 i A xserver-xorg - X.Org X server
1030 i A xserver-xorg-input-all - X.Org X server -- input driver metapackage
1032 </pre
></blockquote
></p
>
1034 <p
>All in all, testing hurd has been an interesting experience. :)
1035 X.org did not work out of the box and I never took the time to follow
1036 the porters instructions to fix it. This time I was interested in the
1037 command line stuff.
<p
>
1042 <title>New chrpath release
0.16</title>
1043 <link>http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html
</link>
1044 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html
</guid>
1045 <pubDate>Tue,
14 Jan
2014 11:
00:
00 +
0100</pubDate>
1046 <description><p
><a href=
"http://www.coverity.com/
">Coverity
</a
> is a nice tool to
1047 find problems in C, C++ and Java code using static source code
1048 analysis. It can detect a lot of different problems, and is very
1049 useful to find memory and locking bugs in the error handling part of
1050 the source. The company behind it provide
1051 <a href=
"https://scan.coverity.com/
">check of free software projects as
1052 a community service
</a
>, and many hundred free software projects are
1053 already checked. A few days ago I decided to have a closer look at
1054 the Coverity system, and discovered that the
1055 <a href=
"http://www.gnu.org/software/gnash/
">gnash
</a
> and
1056 <a href=
"http://sourceforge.net/projects/ipmitool/
">ipmitool
</a
>
1057 projects I am involved with was already registered. But these are
1058 fairly big, and I would also like to have a small and easy project to
1059 check, and decided to
<a href=
"http://scan.coverity.com/projects/
1179">request
1060 checking of the chrpath project
</a
>. It was
1061 added to the checker and discovered seven potential defects. Six of
1062 these were real, mostly resource
"leak
" when the program detected an
1063 error. Nothing serious, as the resources would be released a fraction
1064 of a second later when the program exited because of the error, but it
1065 is nice to do it right in case the source of the program some time in
1066 the future end up in a library. Having fixed all defects and added
1067 <a href=
"https://lists.alioth.debian.org/mailman/listinfo/chrpath-devel
">a
1068 mailing list for the chrpath developers
</a
>, I decided it was time to
1069 publish a new release. These are the release notes:
</p
>
1071 <p
>New in
0.16 released
2014-
01-
14:
</p
>
1075 <li
>Fixed all minor bugs discovered by Coverity.
</li
>
1076 <li
>Updated config.sub and config.guess from the GNU project.
</li
>
1077 <li
>Mention new project mailing list in the documentation.
</li
>
1082 <a href=
"https://alioth.debian.org/frs/?group_id=
31052">download the
1083 new version
0.16 from alioth
</a
>. Please let us know via the Alioth
1084 project if something is wrong with the new release. The test suite
1085 did not discover any old errors, so if you find a new one, please also
1086 include a test suite check.
</p
>
1091 <title>New chrpath release
0.15</title>
1092 <link>http://people.skolelinux.org/pere/blog/New_chrpath_release_0_15.html
</link>
1093 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_chrpath_release_0_15.html
</guid>
1094 <pubDate>Sun,
24 Nov
2013 09:
30:
00 +
0100</pubDate>
1095 <description><p
>After many years break from the package and a vain hope that
1096 development would be continued by someone else, I finally pulled my
1097 acts together this morning and wrapped up a new release of chrpath,
1098 the command line tool to modify the rpath and runpath of already
1099 compiled ELF programs. The update was triggered by the persistence of
1100 Isha Vishnoi at IBM, which needed a new config.guess file to get
1101 support for the ppc64le architecture (powerpc
64-bit Little Endian) he
1102 is working on. I checked the
1103 <a href=
"http://packages.qa.debian.org/chrpath
">Debian
</a
>,
1104 <a href=
"https://launchpad.net/ubuntu/+source/chrpath
">Ubuntu
</a
> and
1105 <a href=
"https://admin.fedoraproject.org/pkgdb/acls/name/chrpath
">Fedora
</a
>
1106 packages for interesting patches (failed to find the source from
1107 OpenSUSE and Mandriva packages), and found quite a few nice fixes.
1108 These are the release notes:
</p
>
1110 <p
>New in
0.15 released
2013-
11-
24:
</p
>
1114 <li
>Updated config.sub and config.guess from the GNU project to work
1115 with newer architectures. Thanks to isha vishnoi for the heads
1118 <li
>Updated README with current URLs.
</li
>
1120 <li
>Added byteswap fix found in Ubuntu, credited Jeremy Kerr and
1121 Matthias Klose.
</li
>
1123 <li
>Added missing help for -k|--keepgoing option, using patch by
1124 Petr Machata found in Fedora.
</li
>
1126 <li
>Rewrite removal of RPATH/RUNPATH to make sure the entry in
1127 .dynamic is a NULL terminated string. Based on patch found in
1128 Fedora credited Axel Thimm and Christian Krause.
</li
>
1133 <a href=
"https://alioth.debian.org/frs/?group_id=
31052">download the
1134 new version
0.15 from alioth
</a
>. Please let us know via the Alioth
1135 project if something is wrong with the new release. The test suite
1136 did not discover any old errors, so if you find a new one, please also
1137 include a testsuite check.
</p
>
1142 <title>Debian init.d boot script example for rsyslog
</title>
1143 <link>http://people.skolelinux.org/pere/blog/Debian_init_d_boot_script_example_for_rsyslog.html
</link>
1144 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_init_d_boot_script_example_for_rsyslog.html
</guid>
1145 <pubDate>Sat,
2 Nov
2013 22:
40:
00 +
0100</pubDate>
1146 <description><p
>If one of the points of switching to a new init system in Debian is
1147 <a href=
"http://thomas.goirand.fr/blog/?p=
147">to get rid of huge
1148 init.d scripts
</a
>, I doubt we need to switch away from sysvinit and
1149 init.d scripts at all. Here is an example init.d script, ie a rewrite
1150 of /etc/init.d/rsyslog:
</p
>
1152 <p
><pre
>
1153 #!/lib/init/init-d-script
1156 # Required-Start: $remote_fs $time
1157 # Required-Stop: umountnfs $time
1158 # X-Stop-After: sendsigs
1159 # Default-Start:
2 3 4 5
1160 # Default-Stop:
0 1 6
1161 # Short-Description: enhanced syslogd
1162 # Description: Rsyslog is an enhanced multi-threaded syslogd.
1163 # It is quite compatible to stock sysklogd and can be
1164 # used as a drop-in replacement.
1166 DESC=
"enhanced syslogd
"
1167 DAEMON=/usr/sbin/rsyslogd
1168 </pre
></p
>
1170 <p
>Pretty minimalistic to me... For the record, the original sysv-rc
1171 script was
137 lines, and the above is just
15 lines, most of it meta
1172 info/comments.
</p
>
1174 <p
>How to do this, you ask? Well, one create a new script
1175 /lib/init/init-d-script looking something like this:
1177 <p
><pre
>
1180 # Define LSB log_* functions.
1181 # Depend on lsb-base (
>=
3.2-
14) to ensure that this file is present
1182 # and status_of_proc is working.
1183 . /lib/lsb/init-functions
1186 # Function that starts the daemon/service
1192 #
0 if daemon has been started
1193 #
1 if daemon was already running
1194 #
2 if daemon could not be started
1195 start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test
> /dev/null \
1197 start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
1200 # Add code here, if necessary, that waits for the process to be ready
1201 # to handle requests from services started subsequently which depend
1202 # on this one. As a last resort, sleep for some time.
1206 # Function that stops the daemon/service
1211 #
0 if daemon has been stopped
1212 #
1 if daemon was already stopped
1213 #
2 if daemon could not be stopped
1214 # other if a failure occurred
1215 start-stop-daemon --stop --quiet --retry=TERM/
30/KILL/
5 --pidfile $PIDFILE --name $NAME
1216 RETVAL=
"$?
"
1217 [
"$RETVAL
" =
2 ]
&& return
2
1218 # Wait for children to finish too if this is a daemon that forks
1219 # and if the daemon is only ever run from this initscript.
1220 # If the above conditions are not satisfied then add some other code
1221 # that waits for the process to drop all resources that could be
1222 # needed by services started subsequently. A last resort is to
1223 # sleep for some time.
1224 start-stop-daemon --stop --quiet --oknodo --retry=
0/
30/KILL/
5 --exec $DAEMON
1225 [
"$?
" =
2 ]
&& return
2
1226 # Many daemons don
't delete their pidfiles when they exit.
1228 return
"$RETVAL
"
1232 # Function that sends a SIGHUP to the daemon/service
1236 # If the daemon can reload its configuration without
1237 # restarting (for example, when it is sent a SIGHUP),
1238 # then implement that here.
1240 start-stop-daemon --stop --signal
1 --quiet --pidfile $PIDFILE --name $NAME
1245 scriptbasename=
"$(basename $
1)
"
1246 echo
"SN: $scriptbasename
"
1247 if [
"$scriptbasename
" !=
"init-d-library
" ] ; then
1248 script=
"$
1"
1255 NAME=$(basename $DAEMON)
1256 PIDFILE=/var/run/$NAME.pid
1258 # Exit if the package is not installed
1259 #[ -x
"$DAEMON
" ] || exit
0
1261 # Read configuration variable file if it is present
1262 [ -r /etc/default/$NAME ]
&& . /etc/default/$NAME
1264 # Load the VERBOSE setting and other rcS variables
1267 case
"$
1" in
1269 [
"$VERBOSE
" != no ]
&& log_daemon_msg
"Starting $DESC
" "$NAME
"
1271 case
"$?
" in
1272 0|
1) [
"$VERBOSE
" != no ]
&& log_end_msg
0 ;;
1273 2) [
"$VERBOSE
" != no ]
&& log_end_msg
1 ;;
1277 [
"$VERBOSE
" != no ]
&& log_daemon_msg
"Stopping $DESC
" "$NAME
"
1279 case
"$?
" in
1280 0|
1) [
"$VERBOSE
" != no ]
&& log_end_msg
0 ;;
1281 2) [
"$VERBOSE
" != no ]
&& log_end_msg
1 ;;
1285 status_of_proc
"$DAEMON
" "$NAME
" && exit
0 || exit $?
1287 #reload|force-reload)
1289 # If do_reload() is not implemented then leave this commented out
1290 # and leave
'force-reload
' as an alias for
'restart
'.
1292 #log_daemon_msg
"Reloading $DESC
" "$NAME
"
1296 restart|force-reload)
1298 # If the
"reload
" option is implemented then remove the
1299 #
'force-reload
' alias
1301 log_daemon_msg
"Restarting $DESC
" "$NAME
"
1303 case
"$?
" in
1306 case
"$?
" in
1308 1) log_end_msg
1 ;; # Old process is still running
1309 *) log_end_msg
1 ;; # Failed to start
1319 echo
"Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}
" >&2
1325 </pre
></p
>
1327 <p
>It is based on /etc/init.d/skeleton, and could be improved quite a
1328 lot. I did not really polish the approach, so it might not always
1329 work out of the box, but you get the idea. I did not try very hard to
1330 optimize it nor make it more robust either.
</p
>
1332 <p
>A better argument for switching init system in Debian than reducing
1333 the size of init scripts (which is a good thing to do anyway), is to
1334 get boot system that is able to handle the kernel events sensibly and
1335 robustly, and do not depend on the boot to run sequentially. The boot
1336 and the kernel have not behaved sequentially in years.
</p
>
1341 <title>Browser plugin for SPICE (spice-xpi) uploaded to Debian
</title>
1342 <link>http://people.skolelinux.org/pere/blog/Browser_plugin_for_SPICE__spice_xpi__uploaded_to_Debian.html
</link>
1343 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Browser_plugin_for_SPICE__spice_xpi__uploaded_to_Debian.html
</guid>
1344 <pubDate>Fri,
1 Nov
2013 11:
00:
00 +
0100</pubDate>
1345 <description><p
><a href=
"http://www.spice-space.org/
">The SPICE protocol
</a
> for
1346 remote display access is the preferred solution with oVirt and RedHat
1347 Enterprise Virtualization, and I was sad to discover the other day
1348 that the browser plugin needed to use these systems seamlessly was
1349 missing in Debian. The
<a href=
"http://bugs.debian.org/
668284">request
1350 for a package
</a
> was from
2012-
04-
10 with no progress since
1351 2013-
04-
01, so I decided to wrap up a package based on the great work
1352 from Cajus Pollmeier and put it in a collab-maint maintained git
1353 repository to get a package I could use. I would very much like
1354 others to help me maintain the package (or just take over, I do not
1355 mind), but as no-one had volunteered so far, I just uploaded it to
1356 NEW. I hope it will be available in Debian in a few days.
</p
>
1358 <p
>The source is now available from
1359 <a href=
"http://anonscm.debian.org/gitweb/?p=collab-maint/spice-xpi.git;a=summary
">http://anonscm.debian.org/gitweb/?p=collab-maint/spice-xpi.git;a=summary
</a
>.
</p
>
1364 <title>Teaching vmdebootstrap to create Raspberry Pi SD card images
</title>
1365 <link>http://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html
</link>
1366 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html
</guid>
1367 <pubDate>Sun,
27 Oct
2013 17:
00:
00 +
0100</pubDate>
1368 <description><p
>The
1369 <a href=
"http://packages.qa.debian.org/v/vmdebootstrap.html
">vmdebootstrap
</a
>
1370 program is a a very nice system to create virtual machine images. It
1371 create a image file, add a partition table, mount it and run
1372 debootstrap in the mounted directory to create a Debian system on a
1373 stick. Yesterday, I decided to try to teach it how to make images for
1374 <a href=
"https://wiki.debian.org/RaspberryPi
">Raspberry Pi
</a
>, as part
1375 of a plan to simplify the build system for
1376 <a href=
"https://wiki.debian.org/FreedomBox
">the FreedomBox
1377 project
</a
>. The FreedomBox project already uses vmdebootstrap for
1378 the virtualbox images, but its current build system made multistrap
1379 based system for Dreamplug images, and it is lacking support for
1380 Raspberry Pi.
</p
>
1382 <p
>Armed with the knowledge on how to build
"foreign
" (aka non-native
1383 architecture) chroots for Raspberry Pi, I dived into the vmdebootstrap
1384 code and adjusted it to be able to build armel images on my amd64
1385 Debian laptop. I ended up giving vmdebootstrap five new options,
1386 allowing me to replicate the image creation process I use to make
1387 <a href=
"http://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html
">Debian
1388 Jessie based mesh node images for the Raspberry Pi
</a
>. First, the
1389 <tt
>--foreign /path/to/binfm_handler
</tt
> option tell vmdebootstrap to
1390 call debootstrap with --foreign and to copy the handler into the
1391 generated chroot before running the second stage. This allow
1392 vmdebootstrap to create armel images on an amd64 host. Next I added
1393 two new options
<tt
>--bootsize size
</tt
> and
<tt
>--boottype
1394 fstype
</tt
> to teach it to create a separate /boot/ partition with the
1395 given file system type, allowing me to create an image with a vfat
1396 partition for the /boot/ stuff. I also added a
<tt
>--variant
1397 variant
</tt
> option to allow me to create smaller images without the
1398 Debian base system packages installed. Finally, I added an option
1399 <tt
>--no-extlinux
</tt
> to tell vmdebootstrap to not install extlinux
1400 as a boot loader. It is not needed on the Raspberry Pi and probably
1401 most other non-x86 architectures. The changes were accepted by the
1402 upstream author of vmdebootstrap yesterday and today, and is now
1404 <a href=
"http://git.liw.fi/cgi-bin/cgit/cgit.cgi/vmdebootstrap/
">the
1405 upstream project page
</a
>.
</p
>
1407 <p
>To use it to build a Raspberry Pi image using Debian Jessie, first
1408 create a small script (the customize script) to add the non-free
1409 binary blob needed to boot the Raspberry Pi and the APT source
1412 <p
><pre
>
1414 set -e # Exit on first error
1415 rootdir=
"$
1"
1416 cd
"$rootdir
"
1417 cat
&lt;
&lt;EOF
> etc/apt/sources.list
1418 deb http://http.debian.net/debian/ jessie main contrib non-free
1420 # Install non-free binary blob needed to boot Raspberry Pi. This
1421 # install a kernel somewhere too.
1422 wget https://raw.github.com/Hexxeh/rpi-update/master/rpi-update \
1423 -O $rootdir/usr/bin/rpi-update
1424 chmod a+x $rootdir/usr/bin/rpi-update
1425 mkdir -p $rootdir/lib/modules
1426 touch $rootdir/boot/start.elf
1427 chroot $rootdir rpi-update
1428 </pre
></p
>
1430 <p
>Next, fetch the latest vmdebootstrap script and call it like this
1431 to build the image:
</p
>
1434 sudo ./vmdebootstrap \
1437 --distribution jessie \
1438 --mirror http://http.debian.net/debian \
1447 --root-password raspberry \
1448 --hostname raspberrypi \
1449 --foreign /usr/bin/qemu-arm-static \
1450 --customize `pwd`/customize \
1452 --package git-core \
1453 --package binutils \
1454 --package ca-certificates \
1457 </pre
></p
>
1459 <p
>The list of packages being installed are the ones needed by
1460 rpi-update to make the image bootable on the Raspberry Pi, with the
1461 exception of netbase, which is needed by debootstrap to find
1462 /etc/hosts with the minbase variant. I really wish there was a way to
1463 set up an Raspberry Pi using only packages in the Debian archive, but
1464 that is not possible as far as I know, because it boots from the GPU
1465 using a non-free binary blob.
</p
>
1467 <p
>The build host need debootstrap, kpartx and qemu-user-static and
1468 probably a few others installed. I have not checked the complete
1469 build dependency list.
</p
>
1471 <p
>The resulting image will not use the hardware floating point unit
1472 on the Raspberry PI, because the armel architecture in Debian is not
1473 optimized for that use. So the images created will be a bit slower
1474 than
<a href=
"http://www.raspbian.org/
">Raspbian
</a
> based images.
</p
>
1479 <title>Good causes: Debian Outreach Program for Women, EFF documenting the spying and Open access in Norway
</title>
1480 <link>http://people.skolelinux.org/pere/blog/Good_causes__Debian_Outreach_Program_for_Women__EFF_documenting_the_spying_and_Open_access_in_Norway.html
</link>
1481 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Good_causes__Debian_Outreach_Program_for_Women__EFF_documenting_the_spying_and_Open_access_in_Norway.html
</guid>
1482 <pubDate>Tue,
15 Oct
2013 21:
30:
00 +
0200</pubDate>
1483 <description><p
>The last few days I came across a few good causes that should get
1484 wider attention. I recommend signing and donating to each one of
1487 <p
>Via
<a href=
"http://www.debian.org/News/weekly/
2013/
18/
">Debian
1488 Project News for
2013-
10-
14</a
> I came across the Outreach Program for
1489 Women program which is a Google Summer of Code like initiative to get
1490 more women involved in free software. One debian sponsor has offered
1491 to match
<a href=
"http://debian.ch/opw2013
">any donation done to Debian
1492 earmarked
</a
> for this initiative. I donated a few minutes ago, and
1493 hope you will to. :)
</p
>
1495 <p
>And the Electronic Frontier Foundation just announced plans to
1496 create
<a href=
"https://supporters.eff.org/donate/nsa-videos
">video
1497 documentaries about the excessive spying
</a
> on every Internet user that
1498 take place these days, and their need to fund the work. I
've already
1499 donated. Are you next?
</p
>
1501 <p
>For my Norwegian audience, the organisation Studentenes og
1502 Akademikernes Internasjonale Hjelpefond is collecting signatures for a
1503 statement under the heading
1504 <a href=
"http://saih.no/Bloggers_United/
">Bloggers United for Open
1505 Access
</a
> for those of us asking for more focus on open access in the
1506 Norwegian government. So far
499 signatures. I hope you will sign it
1512 <title>Videos about the Freedombox project - for inspiration and learning
</title>
1513 <link>http://people.skolelinux.org/pere/blog/Videos_about_the_Freedombox_project___for_inspiration_and_learning.html
</link>
1514 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Videos_about_the_Freedombox_project___for_inspiration_and_learning.html
</guid>
1515 <pubDate>Fri,
27 Sep
2013 14:
10:
00 +
0200</pubDate>
1516 <description><p
>The
<a href=
"http://www.freedomboxfoundation.org/
">Freedombox
1517 project
</a
> have been going on for a while, and have presented the
1518 vision, ideas and solution several places. Here is a little
1519 collection of videos of talks and presentation of the project.
</p
>
1523 <li
><a href=
"http://www.youtube.com/watch?v=ukvUz5taxvA
">FreedomBox -
1524 2,
5 minute marketing film
</a
> (Youtube)
</li
>
1526 <li
><a href=
"http://www.youtube.com/watch?v=SzW25QTVWsE
">Eben Moglen
1527 discusses the Freedombox on CBS news
2011</a
> (Youtube)
</li
>
1529 <li
><a href=
"http://www.youtube.com/watch?v=Ae8SZbxfE0g
">Eben Moglen -
1530 Freedom in the Cloud - Software Freedom, Privacy and and Security for
1531 Web
2.0 and Cloud computing at ISOC-NY Public Meeting
2010</a
>
1532 (Youtube)
</li
>
1534 <li
><a href=
"http://www.youtube.com/watch?v=vNaIji_3xBE
">Fosdem
2011
1535 Keynote by Eben Moglen presenting the Freedombox
</a
> (Youtube)
</li
>
1537 <li
><a href=
"http://www.youtube.com/watch?v=
9bDDUyJSQ9s
">Presentation of
1538 the Freedombox by James Vasile at Elevate in Gratz
2011</a
> (Youtube)
</li
>
1540 <li
><a href=
"http://www.youtube.com/watch?v=zQTmnk27g9s
"> Freedombox -
1541 Discovery, Identity, and Trust by Nick Daly at Freedombox Hackfest New
1542 York City in
2012</a
> (Youtube)
</li
>
1544 <li
><a href=
"http://www.youtube.com/watch?v=tkbSB4Ba7Ck
">Introduction
1545 to the Freedombox at Freedombox Hackfest New York City in
2012</a
>
1546 (Youtube)
</li
>
1548 <li
><a href=
"http://www.youtube.com/watch?v=z-P2Jaeg0aQ
">Freedom, Out
1549 of the Box! by Bdale Garbee at linux.conf.au Ballarat,
2012</a
> (Youtube)
</li
>
1551 <li
><a href=
"https://archive.fosdem.org/
2013/schedule/event/freedombox/
">Freedombox
1552 1.0 by Eben Moglen and Bdale Garbee at Fosdem
2013</a
> (FOSDEM)
</li
>
1554 <li
><a href=
"http://www.youtube.com/watch?v=e1LpYX2zVYg
">What is the
1555 FreedomBox today by Bdale Garbee at Debconf13 in Vaumarcus
1556 2013</a
> (Youtube)
</li
>
1560 <p
>A larger list is available from
1561 <a href=
"https://wiki.debian.org/FreedomBox/TalksAndPresentations
">the
1562 Freedombox Wiki
</a
>.
</p
>
1564 <p
>On other news, I am happy to report that Freedombox based on Debian
1565 Jessie is coming along quite well, and soon both Owncloud and using
1566 Tor should be available for testers of the Freedombox solution. :) In
1567 a few weeks I hope everything needed to test it is included in Debian.
1568 The withsqlite package is already in Debian, and the plinth package is
1569 pending in NEW. The third and vital part of that puzzle is the
1570 metapackage/setup framework, which is still pending an upload. Join
1571 us on
<a href=
"irc://irc.debian.org:
6667/%
23freedombox
">IRC
1572 (#freedombox on irc.debian.org)
</a
> and
1573 <a href=
"http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
">the
1574 mailing list
</a
> if you want to help make this vision come true.
</p
>
1579 <title>Recipe to test the Freedombox project on amd64 or Raspberry Pi
</title>
1580 <link>http://people.skolelinux.org/pere/blog/Recipe_to_test_the_Freedombox_project_on_amd64_or_Raspberry_Pi.html
</link>
1581 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Recipe_to_test_the_Freedombox_project_on_amd64_or_Raspberry_Pi.html
</guid>
1582 <pubDate>Tue,
10 Sep
2013 14:
20:
00 +
0200</pubDate>
1583 <description><p
>I was introduced to the
1584 <a href=
"http://www.freedomboxfoundation.org/
">Freedombox project
</a
>
1585 in
2010, when Eben Moglen presented his vision about serving the need
1586 of non-technical people to keep their personal information private and
1587 within the legal protection of their own homes. The idea is to give
1588 people back the power over their network and machines, and return
1589 Internet back to its intended peer-to-peer architecture. Instead of
1590 depending on a central service, the Freedombox will give everyone
1591 control over their own basic infrastructure.
</p
>
1593 <p
>I
've intended to join the effort since then, but other tasks have
1594 taken priority. But this summers nasty news about the misuse of trust
1595 and privilege exercised by the
"western
" intelligence gathering
1596 communities increased my eagerness to contribute to a point where I
1597 actually started working on the project a while back.
</p
>
1599 <p
>The
<a href=
"https://alioth.debian.org/projects/freedombox/
">initial
1600 Debian initiative
</a
> based on the vision from Eben Moglen, is to
1601 create a simple and cheap Debian based appliance that anyone can hook
1602 up in their home and get access to secure and private services and
1603 communication. The initial deployment platform have been the
1604 <a href=
"http://www.globalscaletechnologies.com/t-dreamplugdetails.aspx
">Dreamplug
</a
>,
1605 which is a piece of hardware I do not own. So to be able to test what
1606 the current Freedombox setup look like, I had to come up with a way to install
1607 it on some hardware I do have access to. I have rewritten the
1608 <a href=
"https://github.com/NickDaly/freedom-maker
">freedom-maker
</a
>
1609 image build framework to use .deb packages instead of only copying
1610 setup into the boot images, and thanks to this rewrite I am able to
1611 set up any machine supported by Debian Wheezy as a Freedombox, using
1612 the previously mentioned deb (and a few support debs for packages
1613 missing in Debian).
</p
>
1615 <p
>The current Freedombox setup consist of a set of bootstrapping
1617 (
<a href=
"https://github.com/petterreinholdtsen/freedombox-setup
">freedombox-setup
</a
>),
1618 and a administrative web interface
1619 (
<a href=
"https://github.com/NickDaly/Plinth
">plinth
</a
> + exmachina +
1620 withsqlite), as well as a privacy enhancing proxy based on
1621 <a href=
"http://packages.qa.debian.org/privoxy
">privoxy
</a
>
1622 (freedombox-privoxy). There is also a web/javascript based XMPP
1623 client (
<a href=
"http://packages.qa.debian.org/jwchat
">jwchat
</a
>)
1624 trying (unsuccessfully so far) to talk to the XMPP server
1625 (
<a href=
"http://packages.qa.debian.org/ejabberd
">ejabberd
</a
>). The
1626 web interface is pluggable, and the goal is to use it to enable OpenID
1627 services, mesh network connectivity, use of TOR, etc, etc. Not much of
1628 this is really working yet, see
1629 <a href=
"https://github.com/NickDaly/freedombox-todos/blob/master/TODO
">the
1630 project TODO
</a
> for links to GIT repositories. Most of the code is
1631 on github at the moment. The HTTP proxy is operational out of the
1632 box, and the admin web interface can be used to add/remove plinth
1633 users. I
've not been able to do anything else with it so far, but
1634 know there are several branches spread around github and other places
1635 with lots of half baked features.
</p
>
1637 <p
>Anyway, if you want to have a look at the current state, the
1638 following recipes should work to give you a test machine to poke
1641 <p
><strong
>Debian Wheezy amd64
</strong
></p
>
1645 <li
>Fetch normal Debian Wheezy installation ISO.
</li
>
1646 <li
>Boot from it, either as CD or USB stick.
</li
>
1647 <li
><p
>Press [tab] on the boot prompt and add this as a boot argument
1648 to the Debian installer:
<p
>
1649 <pre
>url=
<a href=
"http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat
">http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat
</a
></pre
></li
>
1651 <li
>Answer the few language/region/password questions and pick disk to
1652 install on.
</li
>
1654 <li
>When the installation is finished and the machine have rebooted a
1655 few times, your Freedombox is ready for testing.
</li
>
1659 <p
><strong
>Raspberry Pi Raspbian
</strong
></p
>
1663 <li
>Fetch a Raspbian SD card image, create SD card.
</li
>
1664 <li
>Boot from SD card, extend file system to fill the card completely.
</li
>
1665 <li
><p
>Log in and add this to /etc/sources.list:
</p
>
1667 deb
<a href=
"http://www.reinholdtsen.name/freedombox/
">http://www.reinholdtsen.name/freedombox
</a
> wheezy main
1668 </pre
></li
>
1669 <li
><p
>Run this as root:
</p
>
1671 wget -O - http://www.reinholdtsen.name/freedombox/BE1A583D.asc | \
1674 apt-get install freedombox-setup
1675 /usr/lib/freedombox/setup
1676 </pre
></li
>
1677 <li
>Reboot into your freshly created Freedombox.
</li
>
1681 <p
>You can test it on other architectures too, but because the
1682 freedombox-privoxy package is binary, it will only work as intended on
1683 the architectures where I have had time to build the binary and put it
1684 in my APT repository. But do not let this stop you. It is only a
1685 short
"<tt
>apt-get source -b freedombox-privoxy
</tt
>" away. :)
</p
>
1687 <p
>Note that by default Freedombox is a DHCP server on the
1688 192.168.1.0/
24 subnet, so if this is your subnet be careful and turn
1689 off the DHCP server by running
"<tt
>update-rc.d isc-dhcp-server
1690 disable
</tt
>" as root.
</p
>
1692 <p
>Please let me know if this works for you, or if you have any
1693 problems. We gather on the IRC channel
1694 <a href=
"irc://irc.debian.org:
6667/%
23freedombox
">#freedombox
</a
> on
1695 irc.debian.org and the
1696 <a href=
"http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
">project
1697 mailing list
</a
>.
</p
>
1699 <p
>Once you get your freedombox operational, you can visit
1700 <tt
>http://your-host-name:
8001/
</tt
> to see the state of the plint
1701 welcome screen (dead end - do not be surprised if you are unable to
1702 get past it), and next visit
<tt
>http://your-host-name:
8001/help/
</tt
>
1703 to look at the rest of plinth. The default user is
'admin
' and the
1704 default password is
'secret
'.
</p
>
1709 <title>Intel
180 SSD disk with Lenovo firmware can not use Intel firmware
</title>
1710 <link>http://people.skolelinux.org/pere/blog/Intel_180_SSD_disk_with_Lenovo_firmware_can_not_use_Intel_firmware.html
</link>
1711 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Intel_180_SSD_disk_with_Lenovo_firmware_can_not_use_Intel_firmware.html
</guid>
1712 <pubDate>Sun,
18 Aug
2013 14:
00:
00 +
0200</pubDate>
1713 <description><p
>Earlier, I reported about
1714 <a href=
"http://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html
">my
1715 problems using an Intel SSD
520 Series
180 GB disk
</a
>. Friday I was
1716 told by IBM that the original disk should be thrown away. And as
1717 there no longer was a problem if I bricked the firmware, I decided
1718 today to try to install Intel firmware to replace the Lenovo firmware
1719 currently on the disk.
</p
>
1721 <p
>I searched the Intel site for firmware, and found
1722 <a href=
"https://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y
&ProdId=
3472&DwnldID=
18363&ProductFamily=Solid-State+Drives+and+Caching
&ProductLine=Intel%c2%ae+High+Performance+Solid-State+Drive
&ProductProduct=Intel%c2%ae+SSD+
520+Series+(
180GB%
2c+
2.5in+SATA+
6Gb%
2fs%
2c+
25nm%
2c+MLC)
&lang=eng
">issdfut_2.0
.4.iso
</a
>
1723 (aka Intel SATA Solid-State Drive Firmware Update Tool) which
1724 according to the site should contain the latest firmware for SSD
1725 disks. I inserted the broken disk in one of my spare laptops and
1726 booted the ISO from a USB stick. The disk was recognized, but the
1727 program claimed the newest firmware already were installed and refused
1728 to insert any Intel firmware. So no change, and the disk is still
1729 unable to handle write load. :( I guess the only way to get them
1730 working would be if Lenovo releases new firmware. No idea how likely
1731 that is. Anyway, just blogging about this test for completeness. I
1732 got a working Samsung disk, and see no point in spending more time on
1733 the broken disks.
</p
>
1738 <title>How to fix a Thinkpad X230 with a broken
180 GB SSD disk
</title>
1739 <link>http://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html
</link>
1740 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html
</guid>
1741 <pubDate>Wed,
17 Jul
2013 23:
50:
00 +
0200</pubDate>
1742 <description><p
>Today I switched to
1743 <a href=
"http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html
">my
1744 new laptop
</a
>. I
've previously written about the problems I had with
1745 my new Thinkpad X230, which was delivered with an
1746 <a href=
"http://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html
">180
1747 GB Intel SSD disk with Lenovo firmware
</a
> that did not handle
1748 sustained writes. My hardware supplier have been very forthcoming in
1749 trying to find a solution, and after first trying with another
1750 identical
180 GB disks they decided to send me a
256 GB Samsung SSD
1751 disk instead to fix it once and for all. The Samsung disk survived
1752 the installation of Debian with encrypted disks (filling the disk with
1753 random data during installation killed the first two), and I thus
1754 decided to trust it with my data. I have installed it as a Debian Edu
1755 Wheezy roaming workstation hooked up with my Debian Edu Squeeze main
1756 server at home using Kerberos and LDAP, and will use it as my work
1757 station from now on.
</p
>
1759 <p
>As this is a solid state disk with no moving parts, I believe the
1760 Debian Wheezy default installation need to be tuned a bit to increase
1761 performance and increase life time of the disk. The Linux kernel and
1762 user space applications do not yet adjust automatically to such
1763 environment. To make it easier for my self, I created a draft Debian
1764 package
<tt
>ssd-setup
</tt
> to handle this tuning. The
1765 <a href=
"http://anonscm.debian.org/gitweb/?p=collab-maint/ssd-setup.git
">source
1766 for the ssd-setup package
</a
> is available from collab-maint, and it
1767 is set up to adjust the setup of the machine by just installing the
1768 package. If there is any non-SSD disk in the machine, the package
1769 will refuse to install, as I did not try to write any logic to sort
1770 file systems in SSD and non-SSD file systems.
</p
>
1772 <p
>I consider the package a draft, as I am a bit unsure how to best
1773 set up Debian Wheezy with an SSD. It is adjusted to my use case,
1774 where I set up the machine with one large encrypted partition (in
1775 addition to /boot), put LVM on top of this and set up partitions on
1776 top of this again. See the README file in the package source for the
1777 references I used to pick the settings. At the moment these
1778 parameters are tuned:
</p
>
1782 <li
>Set up cryptsetup to pass TRIM commands to the physical disk
1783 (adding discard to /etc/crypttab)
</li
>
1785 <li
>Set up LVM to pass on TRIM commands to the underlying device (in
1786 this case a cryptsetup partition) by changing issue_discards from
1787 0 to
1 in /etc/lvm/lvm.conf.
</li
>
1789 <li
>Set relatime as a file system option for ext3 and ext4 file
1792 <li
>Tell swap to use TRIM commands by adding
'discard
' to
1793 /etc/fstab.
</li
>
1795 <li
>Change I/O scheduler from cfq to deadline using a udev rule.
</li
>
1797 <li
>Run fstrim on every ext3 and ext4 file system every night (from
1798 cron.daily).
</li
>
1800 <li
>Adjust sysctl values vm.swappiness to
1 and vm.vfs_cache_pressure
1801 to
50 to reduce the kernel eagerness to swap out processes.
</li
>
1805 <p
>During installation, I cancelled the part where the installer fill
1806 the disk with random data, as this would kill the SSD performance for
1807 little gain. My goal with the encrypted file system is to ensure
1808 those stealing my laptop end up with a brick and not a working
1809 computer. I have no hope in keeping the really resourceful people
1810 from getting the data on the disk (see
1811 <a href=
"http://xkcd.com/
538/
">XKCD #
538</a
> for an explanation why).
1812 Thus I concluded that adding the discard option to crypttab is the
1813 right thing to do.
</p
>
1815 <p
>I considered using the noop I/O scheduler, as several recommended
1816 it for SSD, but others recommended deadline and a benchmark I found
1817 indicated that deadline might be better for interactive use.
</p
>
1819 <p
>I also considered using the
'discard
' file system option for ext3
1820 and ext4, but read that it would give a performance hit ever time a
1821 file is removed, and thought it best to that that slowdown once a day
1822 instead of during my work.
</p
>
1824 <p
>My package do not set up tmpfs on /var/run, /var/lock and /tmp, as
1825 this is already done by Debian Edu.
</p
>
1827 <p
>I have not yet started on the user space tuning. I expect
1828 iceweasel need some tuning, and perhaps other applications too, but
1829 have not yet had time to investigate those parts.
</p
>
1831 <p
>The package should work on Ubuntu too, but I have not yet tested it
1834 <p
>As for the answer to the question in the title of this blog post,
1835 as far as I know, the only solution I know about is to replace the
1836 disk. It might be possible to flash it with Intel firmware instead of
1837 the Lenovo firmware. But I have not tried and did not want to do so
1838 without approval from Lenovo as I wanted to keep the warranty on the
1839 disk until a solution was found and they wanted the broken disks
1845 <title>Intel SSD
520 Series
180 GB with Lenovo firmware still lock up from sustained writes
</title>
1846 <link>http://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html
</link>
1847 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html
</guid>
1848 <pubDate>Wed,
10 Jul
2013 13:
30:
00 +
0200</pubDate>
1849 <description><p
>A few days ago, I wrote about
1850 <a href=
"http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html
">the
1851 problems I experienced with my new X230 and its SSD disk
</a
>, which
1852 was dying during installation because it is unable to cope with
1853 sustained write. My supplier is in contact with
1854 <a href=
"http://www.lenovo.com/
">Lenovo
</a
>, and they wanted to send a
1855 replacement disk to try to fix the problem. They decided to send an
1856 identical model, so my hopes for a permanent fix was slim.
</p
>
1858 <p
>Anyway, today I got the replacement disk and tried to install
1859 Debian Edu Wheezy with encrypted disk on it. The new disk have the
1860 same firmware version as the original. This time my hope raised
1861 slightly as the installation progressed, as the original disk used to
1862 die after
4-
7% of the disk was written to, while this time it kept
1863 going past
10%,
20%,
40% and even past
50%. But around
60%, the disk
1864 died again and I was back on square one. I still do not have a new
1865 laptop with a disk I can trust. I can not live with a disk that might
1866 lock up when I download a new
1867 <a href=
"http://www.skolelinux.org/
">Debian Edu / Skolelinux
</a
> ISO or
1868 other large files. I look forward to hearing from my supplier with
1869 the next proposal from Lenovo.
</p
>
1871 <p
>The original disk is marked Intel SSD
520 Series
180 GB,
1872 11S0C38722Z1ZNME35X1TR, ISN: CVCV321407HB180EGN, SA: G57560302, FW:
1873 LF1i,
29MAY2013, PBA: G39779-
300, LBA
351,
651,
888, LI P/N:
0C38722,
1874 Pb-free
2LI, LC P/N:
16-
200366, WWN:
55CD2E40002756C4, Model:
1875 SSDSC2BW180A3L
2.5" 6Gb/s SATA SSD
180G
5V
1A, ASM P/N
0C38732, FRU
1876 P/N
45N8295, P0C38732.
</p
>
1878 <p
>The replacement disk is marked Intel SSD
520 Series
180 GB,
1879 11S0C38722Z1ZNDE34N0L0, ISN: CVCV315306RK180EGN, SA: G57560-
302, FW:
1880 LF1i,
22APR2013, PBA: G39779-
300, LBA
351,
651,
888, LI P/N:
0C38722,
1881 Pb-free
2LI, LC P/N:
16-
200366, WWN:
55CD2E40000AB69E, Model:
1882 SSDSC2BW180A3L
2.5" 6Gb/s SATA SSD
180G
5V
1A, ASM P/N
0C38732, FRU
1883 P/N
45N8295, P0C38732.
</p
>
1885 <p
>The only difference is in the first number (serial number?), ISN,
1886 SA, date and WNPP values. Mentioning all the details here in case
1887 someone is able to use the information to find a way to identify the
1888 failing disk among working ones (if any such working disk actually
1894 <title>July
13th: Debian/Ubuntu BSP and Skolelinux/Debian Edu developer gathering in Oslo
</title>
1895 <link>http://people.skolelinux.org/pere/blog/July_13th__Debian_Ubuntu_BSP_and_Skolelinux_Debian_Edu_developer_gathering_in_Oslo.html
</link>
1896 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/July_13th__Debian_Ubuntu_BSP_and_Skolelinux_Debian_Edu_developer_gathering_in_Oslo.html
</guid>
1897 <pubDate>Tue,
9 Jul
2013 10:
40:
00 +
0200</pubDate>
1898 <description><p
>The upcoming Saturday,
2013-
07-
13, we are organising a combined
1899 Debian Edu developer gathering and Debian and Ubuntu bug squashing
1900 party in Oslo. It is organised by
<a href=
"http://www.nuug.no/
">the
1901 member assosiation NUUG
</a
> and
1902 <a href=
"http://www.skolelinux.org/
">the Debian Edu / Skolelinux
1903 project
</a
> together with
<a href=
"http://bitraf.no/
">the hack space
1904 Bitraf
</a
>.
</p
>
1906 <p
>It starts
10:
00 and continue until late evening. Everyone is
1907 welcome, and there is no fee to participate. There is on the other
1908 hand limited space, and only room for
30 people. Please put your name
1909 on
<a href=
"http://wiki.debian.org/BSP/
2013/
07/
13/no/Oslo
">the event
1910 wiki page
</a
> if you plan to join us.
</p
>
1915 <title>The Thinkpad is dead, long live the Thinkpad X230?
</title>
1916 <link>http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html
</link>
1917 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html
</guid>
1918 <pubDate>Fri,
5 Jul
2013 08:
30:
00 +
0200</pubDate>
1919 <description><p
>Half a year ago, I reported that I had to find a
1920 <a href=
"http://people.skolelinux.org/pere/blog/Thank_you_Thinkpad_X41__for_your_long_and_trustworthy_service.html
">replacement
1921 for my trusty old Thinkpad X41
</a
>. Unfortunately I did not have much
1922 time to spend on it, and it took a while to find a model I believe
1923 will do the job, but two days ago the replacement finally arrived. I
1925 <a href=
"http://www.linlap.com/lenovo_thinkpad_x230
">Thinkpad X230
</a
>
1926 with SSD disk (NZDAJMN). I first test installed Debian Edu Wheezy as
1927 a roaming workstation, and it seemed to work flawlessly. But my
1928 second installation with encrypted disk was not as successful. More
1929 on that below.
</p
>
1931 <p
>I had a hard time trying to track down a good laptop, as my most
1932 important requirements (robust and with a good keyboard) are never
1933 listed in the feature list. But I did get good help from the search
1934 feature at
<a href=
"http://www.prisjakt.no/
">Prisjakt
</a
>, which
1935 allowed me to limit the list of interesting laptops based on my other
1936 requirements. A bit surprising that SSD disk are not disks according
1937 to that search interface, so I had to drop specifying the number of
1938 disks from my search parameters. I also asked around among friends to
1939 get their impression on keyboards and robustness.
</p
>
1941 <p
>So the new laptop arrived, and it is quite a lot wider than the
1942 X41. I am not quite convinced about the keyboard, as it is
1943 significantly wider than my old keyboard, and I have to stretch my
1944 hand a lot more to reach the edges. But the key response is fairly
1945 good and the individual key shape is fairly easy to handle, so I hope
1946 I will get used to it. My old X40 was starting to fail, and I really
1947 needed a new laptop now. :)
</p
>
1949 <p
>Turning off the touch pad was simple. All it took was a quick
1950 visit to the BIOS during boot it disable it.
</p
>
1952 <p
>But there is a fatal problem with the laptop. The
180 GB SSD disk
1953 lock up during load. And this happen when installing Debian Wheezy
1954 with encrypted disk, while the disk is being filled with random data.
1955 I also tested to install Ubuntu Raring, and it happen there too if I
1956 reenable the code to fill the disk with random data (it is disabled by
1957 default in Ubuntu). And the bug with is already known. It was
1958 reported to Debian as
<a href=
"http://bugs.debian.org/
691427">BTS
1959 report #
691427 2012-
10-
25</a
> (journal commit I/O error on brand-new
1960 Thinkpad T430s ext4 on lvm on SSD). It is also reported to the Linux
1961 kernel developers as
1962 <a href=
"https://bugzilla.kernel.org/show_bug.cgi?id=
51861">Kernel bugzilla
1963 report #
51861 2012-
12-
20</a
> (Intel SSD
520 stops working under load
1964 (SSDSC2BW180A3L in Lenovo ThinkPad T430s)). It is also reported on the
1965 Lenovo forums, both for
1966 <a href=
"http://forums.lenovo.com/t5/T400-T500-and-newer-T-series/T430s-Intel-SSD-
520-
180GB-issue/m-p/
1070549">T430
1967 2012-
11-
10</a
> and for
1968 <a href=
"http://forums.lenovo.com/t5/X-Series-ThinkPad-Laptops/x230-SATA-errors-with-
180GB-Intel-
520-SSD-under-heavy-write-load/m-p/
1068147">X230
1969 03-
20-
2013</a
>. The problem do not only affect installation. The
1970 reports state that the disk lock up during use if many writes are done
1971 on the disk, so it is much no use to work around the installation
1972 problem and end up with a computer that can lock up at any moment.
1974 <a href=
"https://git.efficios.com/?p=test-ssd.git
">small C program
1975 available
</a
> that will lock up the hard drive after running a few
1976 minutes by writing to a file.
</p
>
1978 <p
>I
've contacted my supplier and asked how to handle this, and after
1979 contacting PCHELP Norway (request
01D1FDP) which handle support
1980 requests for Lenovo, his first suggestion was to upgrade the disk
1981 firmware. Unfortunately there is no newer firmware available from
1982 Lenovo, as my disk already have the most recent one (version LF1i). I
1983 hope to hear more from him today and hope the problem can be
1989 <title>The Thinkpad is dead, long live the Thinkpad X230
</title>
1990 <link>http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230.html
</link>
1991 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230.html
</guid>
1992 <pubDate>Thu,
4 Jul
2013 09:
20:
00 +
0200</pubDate>
1993 <description><p
>Half a year ago, I reported that I had to find a replacement for my
1994 trusty old Thinkpad X41. Unfortunately I did not have much time to
1995 spend on it, but today the replacement finally arrived. I ended up
1996 picking a
<a href=
"http://www.linlap.com/lenovo_thinkpad_x230
">Thinkpad
1997 X230
</a
> with SSD disk (NZDAJMN). I first test installed Debian Edu
1998 Wheezy as a roaming workstation, and it worked flawlessly. As I write
1999 this, it is installing what I hope will be a more final installation,
2000 with a encrypted hard drive to ensure any dope head stealing it end up
2001 with an expencive door stop.
</p
>
2003 <p
>I had a hard time trying to track down a good laptop, as my most
2004 important requirements (robust and with a good keyboard) are never
2005 listed in the feature list. But I did get good help from the search
2006 feature at
<ahref=
"http://www.prisjakt.no/
">Prisjakt
</a
>, which
2007 allowed me to limit the list of interesting laptops based on my other
2008 requirements. A bit surprising that SSD disk are not disks, so I had
2009 to drop number of disks from my search parameters.
</p
>
2011 <p
>I am not quite convinced about the keyboard, as it is significantly
2012 wider than my old keyboard, and I have to stretch my hand a lot more
2013 to reach the edges. But the key response is fairly good and the
2014 individual key shape is fairly easy to handle, so I hope I will get
2015 used to it. My old X40 was starting to fail, and I really needed a
2016 new laptop now. :)
</p
>
2018 <p
>I look forward to figuring out how to turn off the touch pad.
</p
>
2023 <title>Automatically locate and install required firmware packages on Debian (Isenkram
0.4)
</title>
2024 <link>http://people.skolelinux.org/pere/blog/Automatically_locate_and_install_required_firmware_packages_on_Debian__Isenkram_0_4_.html
</link>
2025 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Automatically_locate_and_install_required_firmware_packages_on_Debian__Isenkram_0_4_.html
</guid>
2026 <pubDate>Tue,
25 Jun
2013 11:
50:
00 +
0200</pubDate>
2027 <description><p
>It annoys me when the computer fail to do automatically what it is
2028 perfectly capable of, and I have to do it manually to get things
2029 working. One such task is to find out what firmware packages are
2030 needed to get the hardware on my computer working. Most often this
2031 affect the wifi card, but some times it even affect the RAID
2032 controller or the ethernet card. Today I pushed version
0.4 of the
2033 <a href=
"http://packages.qa.debian.org/isenkram
">Isenkram package
</a
>
2034 including a new script isenkram-autoinstall-firmware handling the
2035 process of asking all the loaded kernel modules what firmware files
2036 they want, find debian packages providing these files and install the
2037 debian packages. Here is a test run on my laptop:
</p
>
2039 <p
><pre
>
2040 # isenkram-autoinstall-firmware
2041 info: kernel drivers requested extra firmware: ipw2200-bss.fw ipw2200-ibss.fw ipw2200-sniffer.fw
2042 info: fetching http://http.debian.net/debian/dists/squeeze/Contents-i386.gz
2043 info: locating packages with the requested firmware files
2044 info: Updating APT sources after adding non-free APT source
2045 info: trying to install firmware-ipw2x00
2048 Preconfiguring packages ...
2049 Selecting previously deselected package firmware-ipw2x00.
2050 (Reading database ...
259727 files and directories currently installed.)
2051 Unpacking firmware-ipw2x00 (from .../firmware-ipw2x00_0.28+squeeze1_all.deb) ...
2052 Setting up firmware-ipw2x00 (
0.28+squeeze1) ...
2054 </pre
></p
>
2056 <p
>When all the requested firmware is present, a simple message is
2057 printed instead:
</p
>
2059 <p
><pre
>
2060 # isenkram-autoinstall-firmware
2061 info: did not find any firmware files requested by loaded kernel modules. exiting
2063 </pre
></p
>
2065 <p
>It could use some polish, but it is already working well and saving
2066 me some time when setting up new machines. :)
</p
>
2068 <p
>So, how does it work? It look at the set of currently loaded
2069 kernel modules, and look up each one of them using modinfo, to find
2070 the firmware files listed in the module meta-information. Next, it
2071 download the Contents file from a nearby APT mirror, and search for
2072 the firmware files in this file to locate the package with the
2073 requested firmware file. If the package is in the non-free section, a
2074 non-free APT source is added and the package is installed using
2075 <tt
>apt-get install
</tt
>. The end result is a slightly better working
2078 <p
>I hope someone find time to implement a more polished version of
2079 this script as part of the hw-detect debian-installer module, to
2080 finally fix
<a href=
"http://bugs.debian.org/
655507">BTS report
2081 #
655507</a
>. There really is no need to insert USB sticks with
2082 firmware during a PXE install when the packages already are available
2083 from the nearby Debian mirror.
</p
>
2088 <title>Fixing the Linux black screen of death on machines with Intel HD video
</title>
2089 <link>http://people.skolelinux.org/pere/blog/Fixing_the_Linux_black_screen_of_death_on_machines_with_Intel_HD_video.html
</link>
2090 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Fixing_the_Linux_black_screen_of_death_on_machines_with_Intel_HD_video.html
</guid>
2091 <pubDate>Tue,
11 Jun
2013 11:
00:
00 +
0200</pubDate>
2092 <description><p
>When installing RedHat, Fedora, Debian and Ubuntu on some machines,
2093 the screen just turn black when Linux boot, either during installation
2094 or on first boot from the hard disk. I
've seen it once in a while the
2095 last few years, but only recently understood the cause. I
've seen it
2096 on HP laptops, and on my latest acquaintance the Packard Bell laptop.
2097 The reason seem to be in the wiring of some laptops. The system to
2098 control the screen background light is inverted, so when Linux try to
2099 turn the brightness fully on, it end up turning it off instead. I do
2100 not know which Linux drivers are affected, but this post is about the
2101 i915 driver used by the
2102 <a href=
"http://www.linlap.com/packard_bell_easynote_lv
">Packard Bell
2103 EasyNote LV
</a
>, Thinkpad X40 and many other laptops.
</p
>
2105 <p
>The problem can be worked around two ways. Either by adding
2106 i915.invert_brightness=
1 as a kernel option, or by adding a file in
2107 /etc/modprobe.d/ to tell modprobe to add the invert_brightness=
1
2108 option when it load the i915 kernel module. On Debian and Ubuntu, it
2109 can be done by running these commands as root:
</p
>
2112 echo options i915 invert_brightness=
1 | tee /etc/modprobe.d/i915.conf
2113 update-initramfs -u -k all
2116 <p
>Since March
2012 there is
2117 <a href=
"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=
4dca20efb1a9c2efefc28ad2867e5d6c3f5e1955
">a
2118 mechanism in the Linux kernel
</a
> to tell the i915 driver which
2119 hardware have this problem, and get the driver to invert the
2120 brightness setting automatically. To use it, one need to add a row in
2121 <a href=
"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/drivers/gpu/drm/i915/intel_display.c
">the
2122 intel_quirks array
</a
> in the driver source
2123 <tt
>drivers/gpu/drm/i915/intel_display.c
</tt
> (look for
"<tt
>static
2124 struct intel_quirk intel_quirks
</tt
>"), specifying the PCI device
2125 number (vendor number
8086 is assumed) and subdevice vendor and device
2128 <p
>My Packard Bell EasyNote LV got this output from
<tt
>lspci
2129 -vvnn
</tt
> for the video card in question:
</p
>
2131 <p
><pre
>
2132 00:
02.0 VGA compatible controller [
0300]: Intel Corporation \
2133 3rd Gen Core processor Graphics Controller [
8086:
0156] \
2134 (rev
09) (prog-if
00 [VGA controller])
2135 Subsystem: Acer Incorporated [ALI] Device [
1025:
0688]
2136 Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- \
2137 ParErr- Stepping- SE RR- FastB2B- DisINTx+
2138 Status: Cap+
66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast
>TAbort- \
2139 <TAbort-
<MAbort-
>SERR-
<PERR- INTx-
2141 Interrupt: pin A routed to IRQ
42
2142 Region
0: Memory at c2000000 (
64-bit, non-prefetchable) [size=
4M]
2143 Region
2: Memory at b0000000 (
64-bit, prefetchable) [size=
256M]
2144 Region
4: I/O ports at
4000 [size=
64]
2145 Expansion ROM at
<unassigned
> [disabled]
2146 Capabilities:
<access denied
>
2147 Kernel driver in use: i915
2148 </pre
></p
>
2150 <p
>The resulting intel_quirks entry would then look like this:
</p
>
2152 <p
><pre
>
2153 struct intel_quirk intel_quirks[] = {
2155 /* Packard Bell EasyNote LV11HC needs invert brightness quirk */
2156 {
0x0156,
0x1025,
0x0688, quirk_invert_brightness },
2159 </pre
></p
>
2161 <p
>According to the kernel module instructions (as seen using
2162 <tt
>modinfo i915
</tt
>), information about hardware needing the
2163 invert_brightness flag should be sent to the
2164 <a href=
"http://lists.freedesktop.org/mailman/listinfo/dri-devel
">dri-devel
2165 (at) lists.freedesktop.org
</a
> mailing list to reach the kernel
2166 developers. But my email about the laptop sent
2013-
06-
03 have not
2168 <a href=
"http://lists.freedesktop.org/archives/dri-devel/
2013-June/thread.html
">the
2169 web archive for the mailing list
</a
>, so I suspect they do not accept
2170 emails from non-subscribers. Because of this, I sent my patch also to
2171 the Debian bug tracking system instead as
2172 <a href=
"http://bugs.debian.org/
710938">BTS report #
710938</a
>, to make
2173 sure the patch is not lost.
</p
>
2175 <p
>Unfortunately, it is not enough to fix the kernel to get Laptops
2176 with this problem working properly with Linux. If you use Gnome, your
2177 worries should be over at this point. But if you use KDE, there is
2178 something in KDE ignoring the invert_brightness setting and turning on
2179 the screen during login. I
've reported it to Debian as
2180 <a href=
"http://bugs.debian.org/
711237">BTS report #
711237</a
>, and
2181 have no idea yet how to figure out exactly what subsystem is doing
2182 this. Perhaps you can help? Perhaps you know what the Gnome
2183 developers did to handle this, and this can give a clue to the KDE
2184 developers? Or you know where in KDE the screen brightness is changed
2185 during login? If so, please update the BTS report (or get in touch if
2186 you do not know how to update BTS).
</p
>
2188 <p
>Update
2013-
07-
19: The correct fix for this machine seem to be
2189 acpi_backlight=vendor, to disable ACPI backlight support completely,
2190 as the ACPI information on the machine is trash and it is better to
2191 leave it to the intel video driver to control the screen
2192 backlight.
</p
>
2197 <title>How to install Linux on a Packard Bell Easynote LV preinstalled with Windows
8</title>
2198 <link>http://people.skolelinux.org/pere/blog/How_to_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8.html
</link>
2199 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8.html
</guid>
2200 <pubDate>Mon,
27 May
2013 15:
20:
00 +
0200</pubDate>
2201 <description><p
>Two days ago, I asked
2202 <a href=
"http://people.skolelinux.org/pere/blog/How_can_I_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8_.html
">how
2203 I could install Linux on a Packard Bell EasyNote LV computer
2204 preinstalled with Windows
8</a
>. I found a solution, but am horrified
2205 with the obstacles put in the way of Linux users on a laptop with UEFI
2206 and Windows
8.
</p
>
2208 <p
>I never found out if the cause of my problems were the use of UEFI
2209 secure booting or fast boot. I suspect fast boot was the problem,
2210 causing the firmware to boot directly from HD without considering any
2211 key presses and alternative devices, but do not know UEFI settings
2212 enough to tell.
</p
>
2214 <p
>There is no way to install Linux on the machine in question without
2215 opening the box and disconnecting the hard drive! This is as far as I
2216 can tell, the only way to get access to the firmware setup menu
2217 without accepting the Windows
8 license agreement. I am told (and
2218 found description on how to) that it is possible to configure the
2219 firmware setup once booted into Windows
8. But as I believe the terms
2220 of that agreement are completely unacceptable, accepting the license
2221 was never an alternative. I do not enter agreements I do not intend
2222 to follow.
</p
>
2224 <p
>I feared I had to return the laptops and ask for a refund, and
2225 waste many hours on this, but luckily there was a way to get it to
2226 work. But I would not recommend it to anyone planning to run Linux on
2227 it, and I have become sceptical to Windows
8 certified laptops. Is
2228 this the way Linux will be forced out of the market place, by making
2229 it close to impossible for
"normal
" users to install Linux without
2230 accepting the Microsoft Windows license terms? Or at least not
2231 without risking to loose the warranty?
</p
>
2233 <p
>I
've updated the
2234 <a href=
"http://www.linlap.com/packard_bell_easynote_lv
">Linux Laptop
2235 wiki page for Packard Bell EasyNote LV
</a
>, to ensure the next person
2236 do not have to struggle as much as I did to get Linux into the
2239 <p
>Thanks to Bob Rosbag, Florian Weimer, Philipp Kern, Ben Hutching,
2240 Michael Tokarev and others for feedback and ideas.
</p
>
2245 <title>How can I install Linux on a Packard Bell Easynote LV preinstalled with Windows
8?
</title>
2246 <link>http://people.skolelinux.org/pere/blog/How_can_I_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8_.html
</link>
2247 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_can_I_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8_.html
</guid>
2248 <pubDate>Sat,
25 May
2013 18:
20:
00 +
0200</pubDate>
2249 <description><p
>I
've run into quite a problem the last few days. I bought three
2250 new laptops for my parents and a few others. I bought Packard Bell
2251 Easynote LV to run Kubuntu on and use as their home computer. But I
2252 am completely unable to figure out how to install Linux on it. The
2253 computer is preinstalled with Windows
8, and I suspect it uses UEFI
2254 instead of a BIOS to boot.
</p
>
2256 <p
>The problem is that I am unable to get it to PXE boot, and unable
2257 to get it to boot the Linux installer from my USB stick. I have yet
2258 to try the DVD install, and still hope it will work. when I turn on
2259 the computer, there is no information on what buttons to press to get
2260 the normal boot menu. I expect to get some boot menu to select PXE or
2261 USB stick booting. When booting, it first ask for the language to
2262 use, then for some regional settings, and finally if I will accept the
2263 Windows
8 terms of use. As these terms are completely unacceptable to
2264 me, I have no other choice but to turn off the computer and try again
2265 to get it to boot the Linux installer.
</p
>
2267 <p
>I have gathered my findings so far on a Linlap page about the
2268 <a href=
"http://www.linlap.com/packard_bell_easynote_lv
">Packard Bell
2269 EasyNote LV
</a
> model. If you have any idea how to get Linux
2270 installed on this machine, please get in touch or update that wiki
2271 page. If I can
't find a way to install Linux, I will have to return
2272 the laptop to the seller and find another machine for my parents.
</p
>
2274 <p
>I wonder, is this the way Linux will be forced out of the market
2275 using UEFI and
"secure boot
" by making it impossible to install Linux
2276 on new Laptops?
</p
>
2281 <title>How to transform a Debian based system to a Debian Edu installation
</title>
2282 <link>http://people.skolelinux.org/pere/blog/How_to_transform_a_Debian_based_system_to_a_Debian_Edu_installation.html
</link>
2283 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_transform_a_Debian_based_system_to_a_Debian_Edu_installation.html
</guid>
2284 <pubDate>Fri,
17 May
2013 11:
50:
00 +
0200</pubDate>
2285 <description><p
><a href=
"http://www.skolelinux.org/
">Debian Edu / Skolelinux
</a
> is
2286 an operating system based on Debian intended for use in schools. It
2287 contain a turn-key solution for the computer network provided to
2288 pupils in the primary schools. It provide both the central server,
2289 network boot servers and desktop environments with heaps of
2290 educational software. The project was founded almost
12 years ago,
2291 2001-
07-
02. If you want to support the project, which is in need for
2292 cash to fund developer gatherings and other project related activity,
2293 <a href=
"http://www.linuxiskolen.no/slxdebianlabs/donations.html
">please
2294 donate some money
</a
>.
2296 <p
>A topic that come up again and again on the Debian Edu mailing
2297 lists and elsewhere, is the question on how to transform a Debian or
2298 Ubuntu installation into a Debian Edu installation. It isn
't very
2299 hard, and last week I wrote a script to replicate the steps done by
2300 the Debian Edu installer.
</p
>
2302 <p
>The script,
2303 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/branches/wheezy/debian-edu-config/share/debian-edu-config/tools/debian-edu-bless?view=markup
">debian-edu-bless
<a/
>
2304 in the debian-edu-config package, will go through these six steps and
2305 transform an existing Debian Wheezy or Ubuntu (untested) installation
2306 into a Debian Edu Workstation:
</p
>
2310 <li
>Add skolelinux related APT sources.
</li
>
2311 <li
>Create /etc/debian-edu/config with the wanted configuration.
</li
>
2312 <li
>Install debian-edu-install to load preseeding values and pull in
2313 our configuration.
</li
>
2314 <li
>Preseed debconf database with profile setup in
2315 /etc/debian-edu/config, and run tasksel to install packages
2316 according to the profile specified in the config above,
2317 overriding some of the Debian automation machinery.
</li
>
2318 <li
>Run debian-edu-cfengine-D installation to configure everything
2319 that could not be done using preseeding.
</li
>
2320 <li
>Ask for a reboot to enable all the configuration changes.
</li
>
2324 <p
>There are some steps in the Debian Edu installation that can not be
2325 replicated like this. Disk partitioning and LVM setup, for example.
2326 So this script just assume there is enough disk space to install all
2327 the needed packages.
</p
>
2329 <p
>The script was created to help a Debian Edu student working on
2330 setting up
<a href=
"http://www.raspberrypi.org
">Raspberry Pi
</a
> as a
2331 Debian Edu client, and using it he can take the existing
2332 <a href=
"http://www.raspbian.org/FrontPage
">Raspbian
</a
> installation and
2333 transform it into a fully functioning Debian Edu Workstation (or
2334 Roaming Workstation, or whatever :).
</p
>
2336 <p
>The default setting in the script is to create a KDE Workstation.
2337 If a LXDE based Roaming workstation is wanted instead, modify the
2338 PROFILE and DESKTOP values at the top to look like this instead:
</p
>
2340 <p
><pre
>
2341 PROFILE=
"Roaming-Workstation
"
2342 DESKTOP=
"lxde
"
2343 </pre
></p
>
2345 <p
>The script could even become useful to set up Debian Edu servers in
2346 the cloud, by starting with a virtual Debian installation at some
2347 virtual hosting service and setting up all the services on first
2353 <title>Debian, the Linux distribution of choice for LEGO designers?
</title>
2354 <link>http://people.skolelinux.org/pere/blog/Debian__the_Linux_distribution_of_choice_for_LEGO_designers_.html
</link>
2355 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian__the_Linux_distribution_of_choice_for_LEGO_designers_.html
</guid>
2356 <pubDate>Sat,
11 May
2013 20:
30:
00 +
0200</pubDate>
2357 <description><P
>In January,
2358 <a href=
"http://people.skolelinux.org/pere/blog/New_IRC_channel_for_LEGO_designers_using_Debian.html
">I
2359 announced a
</a
> new
<a href=
"irc://irc.debian.org/%
23debian-lego
">IRC
2360 channel #debian-lego
</a
>, for those of us in the Debian and Linux
2361 community interested in
<a href=
"http://www.lego.com/
">LEGO
</a
>, the
2362 marvellous construction system from Denmark. We also created
2363 <a href=
"http://wiki.debian.org/LegoDesigners
">a wiki page
</a
> to have
2364 a place to take notes and write down our plans and hopes. And several
2365 people showed up to help. I was very happy to see the effect of my
2366 call. Since the small start, we have a debtags tag
2367 <a href=
"http://debtags.debian.net/search/bytag?wl=hardware::hobby:lego
">hardware::hobby:lego
</a
>
2368 tag for LEGO related packages, and now count
10 packages related to
2369 LEGO and
<a href=
"http://mindstorms.lego.com/
">Mindstorms
</a
>:
</p
>
2371 <p
><table
>
2372 <tr
><td
><a href=
"http://packages.qa.debian.org/brickos
">brickos
</a
></td
><td
>alternative OS for LEGO Mindstorms RCX. Supports development in C/C++
</td
></tr
>
2373 <tr
><td
><a href=
"http://packages.qa.debian.org/leocad
">leocad
</a
></td
><td
>virtual brick CAD software
</td
></tr
>
2374 <tr
><td
><a href=
"http://packages.qa.debian.org/libnxt
">libnxt
</a
></td
><td
>utility library for talking to the LEGO Mindstorms NX
</td
></tr
>
2375 <tr
><td
><a href=
"http://packages.qa.debian.org/lnpd
">lnpd
</a
></td
><td
>daemon for LNP communication with BrickOS
</td
></tr
>
2376 <tr
><td
><a href=
"http://packages.qa.debian.org/nbc
">nbc
</a
></td
><td
>compiler for LEGO Mindstorms NXT bricks
</td
></tr
>
2377 <tr
><td
><a href=
"http://packages.qa.debian.org/nqc
">nqc
</a
></td
><td
>Not Quite C compiler for LEGO Mindstorms RCX
</td
></tr
>
2378 <tr
><td
><a href=
"http://packages.qa.debian.org/python-nxt
">python-nxt
</a
></td
><td
>python driver/interface/wrapper for the Lego Mindstorms NXT robot
</td
></tr
>
2379 <tr
><td
><a href=
"http://packages.qa.debian.org/python-nxt-filer
">python-nxt-filer
</a
></td
><td
>simple GUI to manage files on a LEGO Mindstorms NXT
</td
></tr
>
2380 <tr
><td
><a href=
"http://packages.qa.debian.org/scratch
">scratch
</a
></td
><td
>easy to use programming environment for ages
8 and up
</td
></tr
>
2381 <tr
><td
><a href=
"http://packages.qa.debian.org/t2n
">t2n
</a
></td
><td
>simple command-line tool for Lego NXT
</td
></tr
>
2382 </table
></p
>
2384 <p
>Some of these are available in Wheezy, and all but one are
2385 currently available in Jessie/testing. leocad is so far only
2386 available in experimental.
</p
>
2388 <p
>If you care about LEGO in Debian, please join us on IRC and help
2389 adding the rest of the great free software tools available on Linux
2390 for LEGO designers.
</p
>
2395 <title>Debian Wheezy is out - and Debian Edu / Skolelinux should soon follow! #newinwheezy
</title>
2396 <link>http://people.skolelinux.org/pere/blog/Debian_Wheezy_is_out___and_Debian_Edu___Skolelinux_should_soon_follow___newinwheezy.html
</link>
2397 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_Wheezy_is_out___and_Debian_Edu___Skolelinux_should_soon_follow___newinwheezy.html
</guid>
2398 <pubDate>Sun,
5 May
2013 07:
40:
00 +
0200</pubDate>
2399 <description><p
>When I woke up this morning, I was very happy to see that the
2400 <a href=
"http://www.debian.org/News/
2013/
20130504">release announcement
2401 for Debian Wheezy
</a
> was waiting in my mail box. This is a great
2402 Debian release, and I expect to move my machines at home over to it fairly
2405 <p
>The new debian release contain heaps of new stuff, and one program
2406 in particular make me very happy to see included. The
2407 <a href=
"http://scratch.mit.edu/
">Scratch
</a
> program, made famous by
2408 the
<a href=
"http://www.code.org/
">Teach kids code
</a
> movement, is
2409 included for the first time. Alongside similar programs like
2410 <a href=
"http://edu.kde.org/kturtle/
">kturtle
</a
> and
2411 <a href=
"http://wiki.sugarlabs.org/go/Activities/Turtle_Art
">turtleart
</a
>,
2412 it allow for visual programming where syntax errors can not happen,
2413 and a friendly programming environment for learning to control the
2414 computer. Scratch will also be included in the next release of Debian
2417 <p
>And now that Wheezy is wrapped up, we can wrap up the next Debian
2418 Edu/Skolelinux release too. The
2419 <a href=
"http://lists.debian.org/debian-edu/
2013/
04/msg00132.html
">first
2420 alpha release
</a
> went out last week, and the next should soon
2426 <title>Isenkram
0.2 finally in the Debian archive
</title>
2427 <link>http://people.skolelinux.org/pere/blog/Isenkram_0_2_finally_in_the_Debian_archive.html
</link>
2428 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Isenkram_0_2_finally_in_the_Debian_archive.html
</guid>
2429 <pubDate>Wed,
3 Apr
2013 23:
40:
00 +
0200</pubDate>
2430 <description><p
>Today the
<a href=
"http://packages.qa.debian.org/isenkram
">Isenkram
2431 package
</a
> finally made it into the archive, after lingering in NEW
2432 for many months. I uploaded it to the Debian experimental suite
2433 2013-
01-
27, and today it was accepted into the archive.
</p
>
2435 <p
>Isenkram is a system for suggesting to users what packages to
2436 install to work with a pluggable hardware device. The suggestion pop
2437 up when the device is plugged in. For example if a Lego Mindstorm NXT
2438 is inserted, it will suggest to install the program needed to program
2439 the NXT controller. Give it a go, and report bugs and suggestions to
2445 <title>Bitcoin GUI now available from Debian/unstable (and Ubuntu/raring)
</title>
2446 <link>http://people.skolelinux.org/pere/blog/Bitcoin_GUI_now_available_from_Debian_unstable__and_Ubuntu_raring_.html
</link>
2447 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Bitcoin_GUI_now_available_from_Debian_unstable__and_Ubuntu_raring_.html
</guid>
2448 <pubDate>Sat,
2 Feb
2013 09:
00:
00 +
0100</pubDate>
2449 <description><p
>My
2450 <a href=
"http://people.skolelinux.org/pere/blog/How_to_backport_bitcoin_qt_version_0_7_2_2_to_Debian_Squeeze.html
">last
2451 bitcoin related blog post
</a
> mentioned that the new
2452 <a href=
"http://packages.qa.debian.org/bitcoin
">bitcoin package
</a
> for
2453 Debian was waiting in NEW. It was accepted by the Debian ftp-masters
2454 2013-
01-
19, and have been available in unstable since then. It was
2455 automatically copied to Ubuntu, and is available in their Raring
2456 version too.
</p
>
2458 <p
>But there is a strange problem with the build that block this new
2459 version from being available on the i386 and kfreebsd-i386
2460 architectures. For some strange reason, the autobuilders in Debian
2461 for these architectures fail to run the test suite on these
2462 architectures (
<a href=
"http://bugs.debian.org/
672524">BTS #
672524</a
>).
2463 We are so far unable to reproduce it when building it manually, and
2464 no-one have been able to propose a fix. If you got an idea what is
2465 failing, please let us know via the BTS.
</p
>
2467 <p
>One feature that is annoying me with of the bitcoin client, because
2468 I often run low on disk space, is the fact that the client will exit
2469 if it run short on space (
<a href=
"http://bugs.debian.org/
696715">BTS
2470 #
696715</a
>). So make sure you have enough disk space when you run
2473 <p
>As usual, if you use bitcoin and want to show your support of my
2474 activities, please send Bitcoin donations to my address
2475 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
&label=PetterReinholdtsenBlog
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2480 <title>Welcome to the world, Isenkram!
</title>
2481 <link>http://people.skolelinux.org/pere/blog/Welcome_to_the_world__Isenkram_.html
</link>
2482 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Welcome_to_the_world__Isenkram_.html
</guid>
2483 <pubDate>Tue,
22 Jan
2013 22:
00:
00 +
0100</pubDate>
2484 <description><p
>Yesterday, I
2485 <a href=
"http://people.skolelinux.org/pere/blog/First_prototype_ready_making_hardware_easier_to_use_in_Debian.html
">asked
2486 for testers
</a
> for my prototype for making Debian better at handling
2487 pluggable hardware devices, which I
2488 <a href=
"http://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
">set
2489 out to create
</a
> earlier this month. Several valuable testers showed
2490 up, and caused me to really want to to open up the development to more
2491 people. But before I did this, I want to come up with a sensible name
2492 for this project. Today I finally decided on a new name, and I have
2493 renamed the project from hw-support-handler to this new name. In the
2494 process, I moved the source to git and made it available as a
2495 <a href=
"http://anonscm.debian.org/gitweb/?p=collab-maint/isenkram.git
">collab-maint
</a
>
2496 repository in Debian. The new name? It is
<strong
>Isenkram
</strong
>.
2497 To fetch and build the latest version of the source, use
</p
>
2500 git clone http://anonscm.debian.org/git/collab-maint/isenkram.git
2501 cd isenkram
&& git-buildpackage -us -uc
2504 <p
>I have not yet adjusted all files to use the new name yet. If you
2505 want to hack on the source or improve the package, please go ahead.
2506 But please talk to me first on IRC or via email before you do major
2507 changes, to make sure we do not step on each others toes. :)
</p
>
2509 <p
>If you wonder what
'isenkram
' is, it is a Norwegian word for iron
2510 stuff, typically meaning tools, nails, screws, etc. Typical hardware
2511 stuff, in other words. I
've been told it is the Norwegian variant of
2512 the German word eisenkram, for those that are familiar with that
2515 <p
><strong
>Update
2013-
01-
26</strong
>: Added -us -us to build
2516 instructions, to avoid confusing people with an error from the signing
2519 <p
><strong
>Update
2013-
01-
27</strong
>: Switch to HTTP URL for the git
2520 clone argument to avoid the need for authentication.
</p
>
2525 <title>First prototype ready making hardware easier to use in Debian
</title>
2526 <link>http://people.skolelinux.org/pere/blog/First_prototype_ready_making_hardware_easier_to_use_in_Debian.html
</link>
2527 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/First_prototype_ready_making_hardware_easier_to_use_in_Debian.html
</guid>
2528 <pubDate>Mon,
21 Jan
2013 12:
00:
00 +
0100</pubDate>
2529 <description><p
>Early this month I set out to try to
2530 <a href=
"http://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
">improve
2531 the Debian support for pluggable hardware devices
</a
>. Now my
2532 prototype is working, and it is ready for a larger audience. To test
2534 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/
">source
2535 from the Debian Edu subversion repository
</a
>, build and install the
2536 package. You might have to log out and in again activate the
2537 autostart script.
</p
>
2539 <p
>The design is simple:
</p
>
2543 <li
>Add desktop entry in /usr/share/autostart/ causing a program
2544 hw-support-handlerd to start when the user log in.
</li
>
2546 <li
>This program listen for kernel events about new hardware (directly
2547 from the kernel like udev does), not using HAL dbus events as I
2548 initially did.
</li
>
2550 <li
>When new hardware is inserted, look up the hardware modalias in
2551 the APT database, a database
2552 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/modaliases?view=markup
">available
2553 via HTTP
</a
> and a database available as part of the package.
</li
>
2555 <li
>If a package is mapped to the hardware in question, the package
2556 isn
't installed yet and this is the first time the hardware was
2557 plugged in, show a desktop notification suggesting to install the
2558 package or packages.
</li
>
2560 <li
>If the user click on the
'install package now
' button, ask
2561 aptdaemon via the PackageKit API to install the requrired package.
</li
>
2563 <li
>aptdaemon ask for root password or sudo password, and install the
2564 package while showing progress information in a window.
</li
>
2568 <p
>I still need to come up with a better name for the system. Here
2569 are some screen shots showing the prototype in action. First the
2570 notification, then the password request, and finally the request to
2571 approve all the dependencies. Sorry for the Norwegian Bokmål GUI.
</p
>
2573 <p
><img src=
"http://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
1-notification.png
">
2574 <br
><img src=
"http://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
2-password.png
">
2575 <br
><img src=
"http://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
3-dependencies.png
">
2576 <br
><img src=
"http://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
4-installing.png
">
2577 <br
><img src=
"http://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
5-installing-details.png
" width=
"70%
"></p
>
2579 <p
>The prototype still need to be improved with longer timeouts, but
2580 is already useful. The database of hardware to package mappings also
2581 need more work. It is currently compatible with the Ubuntu way of
2582 storing such information in the package control file, but could be
2583 changed to use other formats instead or in addition to the current
2584 method. I
've dropped the use of discover for this mapping, as the
2585 modalias approach is more flexible and easier to use on Linux as long
2586 as the Linux kernel expose its modalias strings directly.
</p
>
2588 <p
><strong
>Update
2013-
01-
21 16:
50</strong
>: Due to popular demand,
2589 here is the command required to check out and build the source: Use
2590 '<tt
>svn checkout
2591 svn://svn.debian.org/debian-edu/trunk/src/hw-support-handler/; cd
2592 hw-support-handler; debuild
</tt
>'. If you lack debuild, install the
2593 devscripts package.
</p
>
2595 <p
><strong
>Update
2013-
01-
23 12:
00</strong
>: The project is now
2596 renamed to Isenkram and the source moved from the Debian Edu
2597 subversion repository to a Debian collab-maint git repository. See
2598 <a href=
"http://people.skolelinux.org/pere/blog/Welcome_to_the_world__Isenkram_.html
">build
2599 instructions
</a
> for details.
</p
>
2604 <title>Thank you Thinkpad X41, for your long and trustworthy service
</title>
2605 <link>http://people.skolelinux.org/pere/blog/Thank_you_Thinkpad_X41__for_your_long_and_trustworthy_service.html
</link>
2606 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Thank_you_Thinkpad_X41__for_your_long_and_trustworthy_service.html
</guid>
2607 <pubDate>Sat,
19 Jan
2013 09:
20:
00 +
0100</pubDate>
2608 <description><p
>This Christmas my trusty old laptop died. It died quietly and
2609 suddenly in bed. With a quiet whimper, it went completely quiet and
2610 black. The power button was no longer able to turn it on. It was a
2611 IBM Thinkpad X41, and the best laptop I ever had. Better than both
2612 Thinkpads X30, X31, X40, X60, X61 and X61S. Far better than the
2613 Compaq I had before that. Now I need to find a replacement. To keep
2614 going during Christmas, I moved the one year old SSD disk to my old
2615 X40 where it fitted (only one I had left that could use it), but it is
2616 not a durable solution.
2618 <p
>My laptop needs are fairly modest. This is my wishlist from when I
2619 got a new one more than
10 years ago. It still holds true.:)
</p
>
2623 <li
>Lightweight (around
1 kg) and small volume (preferably smaller
2624 than A4).
</li
>
2625 <li
>Robust, it will be in my backpack every day.
</li
>
2626 <li
>Three button mouse and a mouse pin instead of touch pad.
</li
>
2627 <li
>Long battery life time. Preferable a week.
</li
>
2628 <li
>Internal WIFI network card.
</li
>
2629 <li
>Internal Twisted Pair network card.
</li
>
2630 <li
>Some USB slots (
2-
3 is plenty)
</li
>
2631 <li
>Good keyboard - similar to the Thinkpad.
</li
>
2632 <li
>Video resolution at least
1024x768, with size around
12" (A4 paper
2634 <li
>Hardware supported by Debian Stable, ie the default kernel and
2635 X.org packages.
</li
>
2636 <li
>Quiet, preferably fan free (or at least not using the fan most of
2641 <p
>You will notice that there are no RAM and CPU requirements in the
2642 list. The reason is simply that the specifications on laptops the
2643 last
10-
15 years have been sufficient for my needs, and I have to look
2644 at other features to choose my laptop. But are there still made as
2645 robust laptops as my X41? The Thinkpad X60/X61 proved to be less
2646 robust, and Thinkpads seem to be heading in the wrong direction since
2647 Lenovo took over. But I
've been told that X220 and X1 Carbon might
2648 still be useful.
</p
>
2650 <p
>Perhaps I should rethink my needs, and look for a pad with an
2651 external keyboard? I
'll have to check the
2652 <a href=
"http://www.linux-laptop.net/
">Linux Laptops site
</a
> for
2653 well-supported laptops, or perhaps just buy one preinstalled from one
2654 of the vendors listed on the
<a href=
"http://linuxpreloaded.com/
">Linux
2655 Pre-loaded site
</a
>.
</p
>
2660 <title>How to find a browser plugin supporting a given MIME type
</title>
2661 <link>http://people.skolelinux.org/pere/blog/How_to_find_a_browser_plugin_supporting_a_given_MIME_type.html
</link>
2662 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_find_a_browser_plugin_supporting_a_given_MIME_type.html
</guid>
2663 <pubDate>Fri,
18 Jan
2013 10:
40:
00 +
0100</pubDate>
2664 <description><p
>Some times I try to figure out which Iceweasel browser plugin to
2665 install to get support for a given MIME type. Thanks to
2666 <a href=
"https://wiki.ubuntu.com/MozillaTeam/Plugins
">specifications
2667 done by Ubuntu
</a
> and Mozilla, it is possible to do this in Debian.
2668 Unfortunately, not very many packages provide the needed meta
2669 information, Anyway, here is a small script to look up all browser
2670 plugin packages announcing ther MIME support using this specification:
</p
>
2676 def pkgs_handling_mimetype(mimetype):
2681 version = pkg.candidate
2683 version = pkg.installed
2686 record = version.record
2687 if not record.has_key(
'Npp-MimeType
'):
2689 mime_types = record[
'Npp-MimeType
'].split(
',
')
2690 for t in mime_types:
2691 t = t.rstrip().strip()
2693 thepkgs.append(pkg.name)
2695 mimetype =
"audio/ogg
"
2696 if
1 < len(sys.argv):
2697 mimetype = sys.argv[
1]
2698 print
"Browser plugin packages supporting %s:
" % mimetype
2699 for pkg in pkgs_handling_mimetype(mimetype):
2700 print
" %s
" %pkg
2703 <p
>It can be used like this to look up a given MIME type:
</p
>
2706 % ./apt-find-browserplug-for-mimetype
2707 Browser plugin packages supporting audio/ogg:
2709 % ./apt-find-browserplug-for-mimetype application/x-shockwave-flash
2710 Browser plugin packages supporting application/x-shockwave-flash:
2711 browser-plugin-gnash
2715 <p
>In Ubuntu this mechanism is combined with support in the browser
2716 itself to query for plugins and propose to install the needed
2717 packages. It would be great if Debian supported such feature too. Is
2718 anyone working on adding it?
</p
>
2720 <p
><strong
>Update
2013-
01-
18 14:
20</strong
>: The Debian BTS
2721 request for icweasel support for this feature is
2722 <a href=
"http://bugs.debian.org/
484010">#
484010</a
> from
2008 (and
2723 <a href=
"http://bugs.debian.org/
698426">#
698426</a
> from today). Lack
2724 of manpower and wish for a different design is the reason thus feature
2725 is not yet in iceweasel from Debian.
</p
>
2730 <title>What is the most supported MIME type in Debian?
</title>
2731 <link>http://people.skolelinux.org/pere/blog/What_is_the_most_supported_MIME_type_in_Debian_.html
</link>
2732 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/What_is_the_most_supported_MIME_type_in_Debian_.html
</guid>
2733 <pubDate>Wed,
16 Jan
2013 10:
10:
00 +
0100</pubDate>
2734 <description><p
>The
<a href=
"http://wiki.debian.org/AppStreamDebianProposal
">DEP-
11
2735 proposal to add AppStream information to the Debian archive
</a
>, is a
2736 proposal to make it possible for a Desktop application to propose to
2737 the user some package to install to gain support for a given MIME
2738 type, font, library etc. that is currently missing. With such
2739 mechanism in place, it would be possible for the desktop to
2740 automatically propose and install leocad if some LDraw file is
2741 downloaded by the browser.
</p
>
2743 <p
>To get some idea about the current content of the archive, I decided
2744 to write a simple program to extract all .desktop files from the
2745 Debian archive and look up the claimed MIME support there. The result
2747 <a href=
"http://ftp.skolelinux.org/pub/AppStreamTest
">Skolelinux FTP
2748 site
</a
>. Using the collected information, it become possible to
2749 answer the question in the title. Here are the
20 most supported MIME
2750 types in Debian stable (Squeeze), testing (Wheezy) and unstable (Sid).
2751 The complete list is available from the link above.
</p
>
2753 <p
><strong
>Debian Stable:
</strong
></p
>
2757 ----- -----------------------
2773 18 application/x-ogg
2780 <p
><strong
>Debian Testing:
</strong
></p
>
2784 ----- -----------------------
2800 18 application/x-ogg
2807 <p
><strong
>Debian Unstable:
</strong
></p
>
2811 ----- -----------------------
2828 18 application/x-ogg
2834 <p
>I am told that PackageKit can provide an API to access the kind of
2835 information mentioned in DEP-
11. I have not yet had time to look at
2836 it, but hope the PackageKit people in Debian are on top of these
2839 <p
><strong
>Update
2013-
01-
16 13:
35</strong
>: Updated numbers after
2840 discovering a typo in my script.
</p
>
2845 <title>Using modalias info to find packages handling my hardware
</title>
2846 <link>http://people.skolelinux.org/pere/blog/Using_modalias_info_to_find_packages_handling_my_hardware.html
</link>
2847 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Using_modalias_info_to_find_packages_handling_my_hardware.html
</guid>
2848 <pubDate>Tue,
15 Jan
2013 08:
00:
00 +
0100</pubDate>
2849 <description><p
>Yesterday, I wrote about the
2850 <a href=
"http://people.skolelinux.org/pere/blog/Modalias_strings___a_practical_way_to_map__stuff__to_hardware.html
">modalias
2851 values provided by the Linux kernel
</a
> following my hope for
2852 <a href=
"http://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
">better
2853 dongle support in Debian
</a
>. Using this knowledge, I have tested how
2854 modalias values attached to package names can be used to map packages
2855 to hardware. This allow the system to look up and suggest relevant
2856 packages when I plug in some new hardware into my machine, and replace
2857 discover and discover-data as the database used to map hardware to
2860 <p
>I create a modaliases file with entries like the following,
2861 containing package name, kernel module name (if relevant, otherwise
2862 the package name) and globs matching the relevant hardware
2865 <p
><blockquote
>
2866 Package: package-name
2867 <br
>Modaliases: module(modaliasglob, modaliasglob, modaliasglob)
</p
>
2868 </blockquote
></p
>
2870 <p
>It is fairly trivial to write code to find the relevant packages
2871 for a given modalias value using this file.
</p
>
2873 <p
>An entry like this would suggest the video and picture application
2874 cheese for many USB web cameras (interface bus class
0E01):
</p
>
2876 <p
><blockquote
>
2878 <br
>Modaliases: cheese(usb:v*p*d*dc*dsc*dp*ic0Eisc01ip*)
</p
>
2879 </blockquote
></p
>
2881 <p
>An entry like this would suggest the pcmciautils package when a
2882 CardBus bridge (bus class
0607) PCI device is present:
</p
>
2884 <p
><blockquote
>
2885 Package: pcmciautils
2886 <br
>Modaliases: pcmciautils(pci:v*d*sv*sd*bc06sc07i*)
2887 </blockquote
></p
>
2889 <p
>An entry like this would suggest the package colorhug-client when
2890 plugging in a ColorHug with USB IDs
04D8:F8DA:
</p
>
2892 <p
><blockquote
>
2893 Package: colorhug-client
2894 <br
>Modaliases: colorhug-client(usb:v04D8pF8DAd*)
</p
>
2895 </blockquote
></p
>
2897 <p
>I believe the format is compatible with the format of the Packages
2898 file in the Debian archive. Ubuntu already uses their Packages file
2899 to store their mappings from packages to hardware.
</p
>
2901 <p
>By adding a XB-Modaliases: header in debian/control, any .deb can
2902 announce the hardware it support in a way my prototype understand.
2903 This allow those publishing packages in an APT source outside the
2904 Debian archive as well as those backporting packages to make sure the
2905 hardware mapping are included in the package meta information. I
've
2906 tested such header in the pymissile package, and its modalias mapping
2907 is working as it should with my prototype. It even made it to Ubuntu
2910 <p
>To test if it was possible to look up supported hardware using only
2911 the shell tools available in the Debian installer, I wrote a shell
2912 implementation of the lookup code. The idea is to create files for
2913 each modalias and let the shell do the matching. Please check out and
2915 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/hw-support-lookup?view=co
">hw-support-lookup
</a
>
2916 shell script. It run without any extra dependencies and fetch the
2917 hardware mappings from the Debian archive and the subversion
2918 repository where I currently work on my prototype.
</p
>
2920 <p
>When I use it on a machine with a yubikey inserted, it suggest to
2921 install yubikey-personalization:
</p
>
2923 <p
><blockquote
>
2924 % ./hw-support-lookup
2925 <br
>yubikey-personalization
2927 </blockquote
></p
>
2929 <p
>When I run it on my Thinkpad X40 with a PCMCIA/CardBus slot, it
2930 propose to install the pcmciautils package:
</p
>
2932 <p
><blockquote
>
2933 % ./hw-support-lookup
2934 <br
>pcmciautils
2936 </blockquote
></p
>
2938 <p
>If you know of any hardware-package mapping that should be added to
2939 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/modaliases?view=co
">my
2940 database
</a
>, please tell me about it.
</p
>
2942 <p
>It could be possible to generate several of the mappings between
2943 packages and hardware. One source would be to look at packages with
2944 kernel modules, ie packages with *.ko files in /lib/modules/, and
2945 extract their modalias information. Another would be to look at
2946 packages with udev rules, ie packages with files in
2947 /lib/udev/rules.d/, and extract their vendor/model information to
2948 generate a modalias matching rule. I have not tested any of these to
2949 see if it work.
</p
>
2951 <p
>If you want to help implementing a system to let us propose what
2952 packages to install when new hardware is plugged into a Debian
2953 machine, please send me an email or talk to me on
2954 <a href=
"irc://irc.debian.org/%
23debian-devel
">#debian-devel
</a
>.
</p
>
2959 <title>Modalias strings - a practical way to map
"stuff
" to hardware
</title>
2960 <link>http://people.skolelinux.org/pere/blog/Modalias_strings___a_practical_way_to_map__stuff__to_hardware.html
</link>
2961 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Modalias_strings___a_practical_way_to_map__stuff__to_hardware.html
</guid>
2962 <pubDate>Mon,
14 Jan
2013 11:
20:
00 +
0100</pubDate>
2963 <description><p
>While looking into how to look up Debian packages based on hardware
2964 information, to find the packages that support a given piece of
2965 hardware, I refreshed my memory regarding modalias values, and decided
2966 to document the details. Here are my findings so far, also available
2968 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/
">the
2969 Debian Edu subversion repository
</a
>:
2971 <p
><strong
>Modalias decoded
</strong
></p
>
2973 <p
>This document try to explain what the different types of modalias
2974 values stands for. It is in part based on information from
2975 &lt;URL:
<a href=
"https://wiki.archlinux.org/index.php/Modalias
">https://wiki.archlinux.org/index.php/Modalias
</a
> &gt;,
2976 &lt;URL:
<a href=
"http://unix.stackexchange.com/questions/
26132/how-to-assign-usb-driver-to-device
">http://unix.stackexchange.com/questions/
26132/how-to-assign-usb-driver-to-device
</a
> &gt;,
2977 &lt;URL:
<a href=
"http://code.metager.de/source/history/linux/stable/scripts/mod/file2alias.c
">http://code.metager.de/source/history/linux/stable/scripts/mod/file2alias.c
</a
> &gt; and
2978 &lt;URL:
<a href=
"http://cvs.savannah.gnu.org/viewvc/dmidecode/dmidecode.c?root=dmidecode
&view=markup
">http://cvs.savannah.gnu.org/viewvc/dmidecode/dmidecode.c?root=dmidecode
&view=markup
</a
> &gt;.
2980 <p
>The modalias entries for a given Linux machine can be found using
2981 this shell script:
</p
>
2984 find /sys -name modalias -print0 | xargs -
0 cat | sort -u
2987 <p
>The supported modalias globs for a given kernel module can be found
2988 using modinfo:
</p
>
2991 % /sbin/modinfo psmouse | grep alias:
2992 alias: serio:ty05pr*id*ex*
2993 alias: serio:ty01pr*id*ex*
2997 <p
><strong
>PCI subtype
</strong
></p
>
2999 <p
>A typical PCI entry can look like this. This is an Intel Host
3000 Bridge memory controller:
</p
>
3002 <p
><blockquote
>
3003 pci:v00008086d00002770sv00001028sd000001ADbc06sc00i00
3004 </blockquote
></p
>
3006 <p
>This represent these values:
</p
>
3011 sv
00001028 (subvendor)
3012 sd
000001AD (subdevice)
3014 sc
00 (bus subclass)
3018 <p
>The vendor/device values are the same values outputted from
'lspci
3019 -n
' as
8086:
2770. The bus class/subclass is also shown by lspci as
3020 0600. The
0600 class is a host bridge. Other useful bus values are
3021 0300 (VGA compatible card) and
0200 (Ethernet controller).
</p
>
3023 <p
>Not sure how to figure out the interface value, nor what it
3026 <p
><strong
>USB subtype
</strong
></p
>
3028 <p
>Some typical USB entries can look like this. This is an internal
3029 USB hub in a laptop:
</p
>
3031 <p
><blockquote
>
3032 usb:v1D6Bp0001d0206dc09dsc00dp00ic09isc00ip00
3033 </blockquote
></p
>
3035 <p
>Here is the values included in this alias:
</p
>
3038 v
1D6B (device vendor)
3039 p
0001 (device product)
3041 dc
09 (device class)
3042 dsc
00 (device subclass)
3043 dp
00 (device protocol)
3044 ic
09 (interface class)
3045 isc
00 (interface subclass)
3046 ip
00 (interface protocol)
3049 <p
>The
0900 device class/subclass means hub. Some times the relevant
3050 class is in the interface class section. For a simple USB web camera,
3051 these alias entries show up:
</p
>
3053 <p
><blockquote
>
3054 usb:v0AC8p3420d5000dcEFdsc02dp01ic01isc01ip00
3055 <br
>usb:v0AC8p3420d5000dcEFdsc02dp01ic01isc02ip00
3056 <br
>usb:v0AC8p3420d5000dcEFdsc02dp01ic0Eisc01ip00
3057 <br
>usb:v0AC8p3420d5000dcEFdsc02dp01ic0Eisc02ip00
3058 </blockquote
></p
>
3060 <p
>Interface class
0E01 is video control,
0E02 is video streaming (aka
3061 camera),
0101 is audio control device and
0102 is audio streaming (aka
3062 microphone). Thus this is a camera with microphone included.
</p
>
3064 <p
><strong
>ACPI subtype
</strong
></p
>
3066 <p
>The ACPI type is used for several non-PCI/USB stuff. This is an IR
3067 receiver in a Thinkpad X40:
</p
>
3069 <p
><blockquote
>
3070 acpi:IBM0071:PNP0511:
3071 </blockquote
></p
>
3073 <p
>The values between the colons are IDs.
</p
>
3075 <p
><strong
>DMI subtype
</strong
></p
>
3077 <p
>The DMI table contain lots of information about the computer case
3078 and model. This is an entry for a IBM Thinkpad X40, fetched from
3079 /sys/devices/virtual/dmi/id/modalias:
</p
>
3081 <p
><blockquote
>
3082 dmi:bvnIBM:bvr1UETB6WW(
1.66):bd06/
15/
2005:svnIBM:pn2371H4G:pvrThinkPadX40:rvnIBM:rn2371H4G:rvrNotAvailable:cvnIBM:ct10:cvrNotAvailable:
3083 </blockquote
></p
>
3085 <p
>The values present are
</p
>
3088 bvn IBM (BIOS vendor)
3089 bvr
1UETB
6WW(
1.66) (BIOS version)
3090 bd
06/
15/
2005 (BIOS date)
3091 svn IBM (system vendor)
3092 pn
2371H4G (product name)
3093 pvr ThinkPadX40 (product version)
3094 rvn IBM (board vendor)
3095 rn
2371H4G (board name)
3096 rvr NotAvailable (board version)
3097 cvn IBM (chassis vendor)
3098 ct
10 (chassis type)
3099 cvr NotAvailable (chassis version)
3102 <p
>The chassis type
10 is Notebook. Other interesting values can be
3103 found in the dmidecode source:
</p
>
3107 4 Low Profile Desktop
3120 17 Main Server Chassis
3121 18 Expansion Chassis
3123 20 Bus Expansion Chassis
3124 21 Peripheral Chassis
3126 23 Rack Mount Chassis
3135 <p
>The chassis type values are not always accurately set in the DMI
3136 table. For example my home server is a tower, but the DMI modalias
3137 claim it is a desktop.
</p
>
3139 <p
><strong
>SerIO subtype
</strong
></p
>
3141 <p
>This type is used for PS/
2 mouse plugs. One example is from my
3142 test machine:
</p
>
3144 <p
><blockquote
>
3145 serio:ty01pr00id00ex00
3146 </blockquote
></p
>
3148 <p
>The values present are
</p
>
3157 <p
>This type is supported by the psmouse driver. I am not sure what
3158 the valid values are.
</p
>
3160 <p
><strong
>Other subtypes
</strong
></p
>
3162 <p
>There are heaps of other modalias subtypes according to
3163 file2alias.c. There is the rest of the list from that source: amba,
3164 ap, bcma, ccw, css, eisa, hid, i2c, ieee1394, input, ipack, isapnp,
3165 mdio, of, parisc, pcmcia, platform, scsi, sdio, spi, ssb, vio, virtio,
3166 vmbus, x86cpu and zorro. I did not spend time documenting all of
3167 these, as they do not seem relevant for my intended use with mapping
3168 hardware to packages when new stuff is inserted during run time.
</p
>
3170 <p
><strong
>Looking up kernel modules using modalias values
</strong
></p
>
3172 <p
>To check which kernel modules provide support for a given modalias,
3173 one can use the following shell script:
</p
>
3176 for id in $(find /sys -name modalias -print0 | xargs -
0 cat | sort -u); do \
3177 echo
"$id
" ; \
3178 /sbin/modprobe --show-depends
"$id
"|sed
's/^/ /
' ; \
3182 <p
>The output can look like this (only the first few entries as the
3183 list is very long on my test machine):
</p
>
3187 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/acpi/ac.ko
3189 FATAL: Module acpi:device: not found.
3191 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/char/nvram.ko
3192 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/leds/led-class.ko
3193 insmod /lib/modules/
2.6.32-
5-
686/kernel/net/rfkill/rfkill.ko
3194 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/platform/x86/thinkpad_acpi.ko
3195 acpi:IBM0071:PNP0511:
3196 insmod /lib/modules/
2.6.32-
5-
686/kernel/lib/crc-ccitt.ko
3197 insmod /lib/modules/
2.6.32-
5-
686/kernel/net/irda/irda.ko
3198 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/net/irda/nsc-ircc.ko
3202 <p
>If you want to help implementing a system to let us propose what
3203 packages to install when new hardware is plugged into a Debian
3204 machine, please send me an email or talk to me on
3205 <a href=
"irc://irc.debian.org/%
23debian-devel
">#debian-devel
</a
>.
</p
>
3207 <p
><strong
>Update
2013-
01-
15:
</strong
> Rewrite
"cat $(find ...)
" to
3208 "find ... -print0 | xargs -
0 cat
" to make sure it handle directories
3209 in /sys/ with space in them.
</p
>
3214 <title>Moved the pymissile Debian packaging to collab-maint
</title>
3215 <link>http://people.skolelinux.org/pere/blog/Moved_the_pymissile_Debian_packaging_to_collab_maint.html
</link>
3216 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Moved_the_pymissile_Debian_packaging_to_collab_maint.html
</guid>
3217 <pubDate>Thu,
10 Jan
2013 20:
40:
00 +
0100</pubDate>
3218 <description><p
>As part of my investigation on how to improve the support in Debian
3219 for hardware dongles, I dug up my old Mark and Spencer USB Rocket
3220 Launcher and updated the Debian package
3221 <a href=
"http://packages.qa.debian.org/pymissile
">pymissile
</a
> to make
3222 sure udev will fix the device permissions when it is plugged in. I
3223 also added a
"Modaliases
" header to test it in the Debian archive and
3224 hopefully make the package be proposed by jockey in Ubuntu when a user
3225 plug in his rocket launcher. In the process I moved the source to a
3226 git repository under collab-maint, to make it easier for any DD to
3227 contribute.
<a href=
"http://code.google.com/p/pymissile/
">Upstream
</a
>
3228 is not very active, but the software still work for me even after five
3229 years of relative silence. The new git repository is not listed in
3230 the uploaded package yet, because I want to test the other changes a
3231 bit more before I upload the new version. If you want to check out
3232 the new version with a .desktop file included, visit the
3233 <a href=
"http://anonscm.debian.org/gitweb/?p=collab-maint/pymissile.git
">gitweb
3234 view
</a
> or use
"<tt
>git clone
3235 git://anonscm.debian.org/collab-maint/pymissile.git
</tt
>".
</p
>
3240 <title>Lets make hardware dongles easier to use in Debian
</title>
3241 <link>http://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
</link>
3242 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
</guid>
3243 <pubDate>Wed,
9 Jan
2013 15:
40:
00 +
0100</pubDate>
3244 <description><p
>One thing that annoys me with Debian and Linux distributions in
3245 general, is that there is a great package management system with the
3246 ability to automatically install software packages by downloading them
3247 from the distribution mirrors, but no way to get it to automatically
3248 install the packages I need to use the hardware I plug into my
3249 machine. Even if the package to use it is easily available from the
3250 Linux distribution. When I plug in a LEGO Mindstorms NXT, it could
3251 suggest to automatically install the python-nxt, nbc and t2n packages
3252 I need to talk to it. When I plug in a Yubikey, it could propose the
3253 yubikey-personalization package. The information required to do this
3254 is available, but no-one have pulled all the pieces together.
</p
>
3256 <p
>Some years ago, I proposed to
3257 <a href=
"http://lists.debian.org/debian-devel/
2010/
05/msg01206.html
">use
3258 the discover subsystem to implement this
</a
>. The idea is fairly
3263 <li
>Add a desktop entry in /usr/share/autostart/ pointing to a program
3264 starting when a user log in.
</li
>
3266 <li
>Set this program up to listen for kernel events emitted when new
3267 hardware is inserted into the computer.
</li
>
3269 <li
>When new hardware is inserted, look up the hardware ID in a
3270 database mapping to packages, and take note of any non-installed
3271 packages.
</li
>
3273 <li
>Show a message to the user proposing to install the discovered
3274 package, and make it easy to install it.
</li
>
3278 <p
>I am not sure what the best way to implement this is, but my
3279 initial idea was to use dbus events to discover new hardware, the
3280 discover database to find packages and
3281 <a href=
"http://www.packagekit.org/
">PackageKit
</a
> to install
3284 <p
>Yesterday, I found time to try to implement this idea, and the
3285 draft package is now checked into
3286 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/
">the
3287 Debian Edu subversion repository
</a
>. In the process, I updated the
3288 <a href=
"http://packages.qa.debian.org/d/discover-data.html
">discover-data
</a
>
3289 package to map the USB ids of LEGO Mindstorms and Yubikey devices to
3290 the relevant packages in Debian, and uploaded a new version
3291 2.2013.01.09 to unstable. I also discovered that the current
3292 <a href=
"http://packages.qa.debian.org/d/discover.html
">discover
</a
>
3293 package in Debian no longer discovered any USB devices, because
3294 /proc/bus/usb/devices is no longer present. I ported it to use
3295 libusb as a fall back option to get it working. The fixed package
3296 version
2.1.2-
6 is now in experimental (didn
't upload it to unstable
3297 because of the freeze).
</p
>
3299 <p
>With this prototype in place, I can insert my Yubikey, and get this
3300 desktop notification to show up (only once, the first time it is
3301 inserted):
</p
>
3303 <p align=
"center
"><img src=
"http://people.skolelinux.org/pere/blog/images/
2013-
01-
09-hw-autoinstall.png
"></p
>
3305 <p
>For this prototype to be really useful, some way to automatically
3306 install the proposed packages by pressing the
"Please install
3307 program(s)
" button should to be implemented.
</p
>
3309 <p
>If this idea seem useful to you, and you want to help make it
3310 happen, please help me update the discover-data database with mappings
3311 from hardware to Debian packages. Check if
'discover-pkginstall -l
'
3312 list the package you would like to have installed when a given
3313 hardware device is inserted into your computer, and report bugs using
3314 reportbug if it isn
't. Or, if you know of a better way to provide
3315 such mapping, please let me know.
</p
>
3317 <p
>This prototype need more work, and there are several questions that
3318 should be considered before it is ready for production use. Is dbus
3319 the correct way to detect new hardware? At the moment I look for HAL
3320 dbus events on the system bus, because that is the events I could see
3321 on my Debian Squeeze KDE desktop. Are there better events to use?
3322 How should the user be notified? Is the desktop notification
3323 mechanism the best option, or should the background daemon raise a
3324 popup instead? How should packages be installed? When should they
3325 not be installed?
</p
>
3327 <p
>If you want to help getting such feature implemented in Debian,
3328 please send me an email. :)
</p
>
3333 <title>New IRC channel for LEGO designers using Debian
</title>
3334 <link>http://people.skolelinux.org/pere/blog/New_IRC_channel_for_LEGO_designers_using_Debian.html
</link>
3335 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_IRC_channel_for_LEGO_designers_using_Debian.html
</guid>
3336 <pubDate>Wed,
2 Jan
2013 15:
40:
00 +
0100</pubDate>
3337 <description><p
>During Christmas, I have worked a bit on the Debian support for
3338 <a href=
"http://mindstorms.lego.com/en-us/Default.aspx
">LEGO Mindstorm
3339 NXT
</a
>. My son and I have played a bit with my NXT set, and I
3340 discovered I had to build all the tools myself because none were
3341 already in Debian Squeeze. If Debian support for LEGO is something
3342 you care about, please join me on the IRC channel
3343 <a href=
"irc://irc.debian.org/%
23debian-lego
">#debian-lego
</a
> (server
3344 irc.debian.org). There is a lot that could be done to improve the
3345 Debian support for LEGO designers. For example both CAD software
3346 and Mindstorm compilers are missing. :)
</p
>
3348 <p
>Update
2012-
01-
03: A
3349 <a href=
"http://wiki.debian.org/LegoDesigners
">project page
</a
>
3350 including links to Lego related packages is now available.
</p
>
3355 <title>How to backport bitcoin-qt version
0.7.2-
2 to Debian Squeeze
</title>
3356 <link>http://people.skolelinux.org/pere/blog/How_to_backport_bitcoin_qt_version_0_7_2_2_to_Debian_Squeeze.html
</link>
3357 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_backport_bitcoin_qt_version_0_7_2_2_to_Debian_Squeeze.html
</guid>
3358 <pubDate>Tue,
25 Dec
2012 20:
50:
00 +
0100</pubDate>
3359 <description><p
>Let me start by wishing you all marry Christmas and a happy new
3360 year! I hope next year will prove to be a good year.
</p
>
3362 <p
><a href=
"http://www.bitcoin.org/
">Bitcoin
</a
>, the digital
3363 decentralised
"currency
" that allow people to transfer bitcoins
3364 between each other with minimal overhead, is a very interesting
3365 experiment. And as I wrote a few days ago, the bitcoin situation in
3366 <a href=
"http://www.debian.org/
">Debian
</a
> is about to improve a bit.
3367 The
<a href=
"http://packages.qa.debian.org/bitcoin
">new debian source
3368 package
</a
> (version
0.7.2-
2) was uploaded yesterday, and is waiting
3369 in
<a href=
"http://ftp-master.debian.org/new.html
">the NEW queue
</A
>
3370 for one of the ftpmasters to approve the new bitcoin-qt package
3373 <p
>And thanks to the great work of Jonas and the rest of the bitcoin
3374 team in Debian, you can easily test the package in Debian Squeeze
3375 using the following steps to get a set of working packages:
</p
>
3377 <blockquote
><pre
>
3378 git clone git://git.debian.org/git/collab-maint/bitcoin
3380 DEB_MAINTAINER_MODE=
1 DEB_BUILD_OPTIONS=noupnp fakeroot debian/rules clean
3381 DEB_BUILD_OPTIONS=noupnp git-buildpackage --git-ignore-new
3382 </pre
></blockquote
>
3384 <p
>You might have to install some build dependencies as well. The
3385 list of commands should give you two packages, bitcoind and
3386 bitcoin-qt, ready for use in a Squeeze environment. Note that the
3387 client will download the complete set of bitcoin
"blocks
", which need
3388 around
5.6 GiB of data on my machine at the moment. Make sure your
3389 ~/.bitcoin/ directory have lots of spare room if you want to download
3390 all the blocks. The client will warn if the disk is getting full, so
3391 there is not really a problem if you got too little room, but you will
3392 not be able to get all the features out of the client.
</p
>
3394 <p
>As usual, if you use bitcoin and want to show your support of my
3395 activities, please send Bitcoin donations to my address
3396 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
&label=PetterReinholdtsenBlog
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
3401 <title>A word on bitcoin support in Debian
</title>
3402 <link>http://people.skolelinux.org/pere/blog/A_word_on_bitcoin_support_in_Debian.html
</link>
3403 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/A_word_on_bitcoin_support_in_Debian.html
</guid>
3404 <pubDate>Fri,
21 Dec
2012 23:
59:
00 +
0100</pubDate>
3405 <description><p
>It has been a while since I wrote about
3406 <a href=
"http://www.bitcoin.org/
">bitcoin
</a
>, the decentralised
3407 peer-to-peer based crypto-currency, and the reason is simply that I
3408 have been busy elsewhere. But two days ago, I started looking at the
3409 state of
<a href=
"http://packages.qa.debian.org/bitcoin
">bitcoin in
3410 Debian
</a
> again to try to recover my old bitcoin wallet. The package
3411 is now maintained by a
3412 <a href=
"https://alioth.debian.org/projects/pkg-bitcoin/
">team of
3413 people
</a
>, and the grunt work had already been done by this team. We
3414 owe a huge thank you to all these team members. :)
3415 But I was sad to discover that the bitcoin client is missing in
3416 Wheezy. It is only available in Sid (and an outdated client from
3417 backports). The client had several RC bugs registered in BTS blocking
3418 it from entering testing. To try to help the team and improve the
3419 situation, I spent some time providing patches and triaging the bug
3420 reports. I also had a look at the bitcoin package available from Matt
3422 <a href=
"https://launchpad.net/~bitcoin/+archive/bitcoin
">PPA for
3423 Ubuntu
</a
>, and moved the useful pieces from that version into the
3424 Debian package.
</p
>
3426 <p
>After checking with the main package maintainer Jonas Smedegaard on
3427 IRC, I pushed several patches into the collab-maint git repository to
3428 improve the package. It now contains fixes for the RC issues (not from
3429 me, but fixed by Scott Howard), build rules for a Qt GUI client
3430 package, konqueror support for the bitcoin: URI and bash completion
3431 setup. As I work on Debian Squeeze, I also created
3432 <a href=
"http://lists.alioth.debian.org/pipermail/pkg-bitcoin-devel/Week-of-Mon-
20121217/
000041.html
">a
3433 patch to backport
</a
> the latest version. Jonas is going to look at
3434 it and try to integrate it into the git repository before uploading a
3435 new version to unstable.
3437 <p
>I would very much like bitcoin to succeed, to get rid of the
3438 centralized control currently exercised in the monetary system. I
3439 find it completely unacceptable that the USA government is collecting
3440 transaction data for almost all international money transfers (most are done in USD and transaction logs shipped to the spooks), and
3441 that the major credit card companies can block legal money
3442 transactions to Wikileaks. But for bitcoin to succeed, more people
3443 need to use bitcoins, and more people need to accept bitcoins when
3444 they sell products and services. Improving the bitcoin support in
3445 Debian is a small step in the right direction, but not enough.
3446 Unfortunately the user experience when browsing the web and wanting to
3447 pay with bitcoin is still not very good. The bitcoin: URI is a step
3448 in the right direction, but need to work in most or every browser in
3449 use. Also the bitcoin-qt client is too heavy to fire up to do a
3450 quick transaction. I believe there are other clients available, but
3451 have not tested them.
</p
>
3454 <a href=
"http://people.skolelinux.org/pere/blog/Now_accepting_bitcoins___anonymous_and_distributed_p2p_crypto_money.html
">experiment
3455 with bitcoins
</a
> showed that at least some of my readers use bitcoin.
3456 I received
20.15 BTC so far on the address I provided in my blog two
3457 years ago, as can be
3458 <a href=
"http://blockexplorer.com/address/
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">seen
3459 on the blockexplorer service
</a
>. Thank you everyone for your
3460 donation. The blockexplorer service demonstrates quite well that
3461 bitcoin is not quite anonymous and untracked. :) I wonder if the
3462 number of users have gone up since then. If you use bitcoin and want
3463 to show your support of my activity, please send Bitcoin donations to
3464 the same address as last time,
3465 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
&label=PetterReinholdtsenBlog
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
3470 <title>Git repository for song book for Computer Scientists
</title>
3471 <link>http://people.skolelinux.org/pere/blog/Git_repository_for_song_book_for_Computer_Scientists.html
</link>
3472 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Git_repository_for_song_book_for_Computer_Scientists.html
</guid>
3473 <pubDate>Fri,
7 Sep
2012 13:
50:
00 +
0200</pubDate>
3474 <description><p
>As I
3475 <a href=
"http://people.skolelinux.org/pere/blog/Song_book_for_Computer_Scientists.html
">mentioned
3476 this summer
</a
>, I have created a Computer Science song book a few
3477 years ago, and today I finally found time to create a public
3478 <a href=
"https://gitorious.org/pere-cs-songbook/pere-cs-songbook
">Gitorious
3479 repository for the project
</a
>.
</p
>
3481 <p
>If you want to help out, please clone the source and submit patches
3482 to the HTML version. To generate the PDF and PostScript version,
3483 please use prince XML, or let me know about a useful free software
3484 processor capable of creating a good looking PDF from the HTML.
</p
>
3486 <p
>Want to sing? You can still find the song book in HTML, PDF and
3487 PostScript formats at
3488 <a href=
"http://www.hungry.com/~pere/cs-songbook/
">Petter
's Computer
3489 Science Songbook
</a
>.
</p
>
3494 <title>Gratulerer med
19-årsdagen, Debian!
</title>
3495 <link>http://people.skolelinux.org/pere/blog/Gratulerer_med_19__rsdagen__Debian_.html
</link>
3496 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Gratulerer_med_19__rsdagen__Debian_.html
</guid>
3497 <pubDate>Thu,
16 Aug
2012 11:
20:
00 +
0200</pubDate>
3498 <description><p
>I dag fyller
3499 <a href=
"http://www.debian.org/News/
2012/
20120813">Debian-prosjektet
19
3500 år
</a
>. Jeg har fulgt det de siste
12 årene, og er veldig glad for å kunne
3501 si gratulerer med dagen, Debian!
</p
>
3506 <title>Song book for Computer Scientists
</title>
3507 <link>http://people.skolelinux.org/pere/blog/Song_book_for_Computer_Scientists.html
</link>
3508 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Song_book_for_Computer_Scientists.html
</guid>
3509 <pubDate>Sun,
24 Jun
2012 13:
30:
00 +
0200</pubDate>
3510 <description><p
>Many years ago, while studying Computer Science at the
3511 <a href=
"http://www.uit.no/
">University of Tromsø
</a
>, I started
3512 collecting computer related songs for use at parties. The original
3513 version was written in LaTeX, but a few years ago I got help from
3514 Håkon W. Lie, one of the inventors of W3C CSS, to convert it to HTML
3515 while keeping the ability to create a nice book in PDF format. I have
3516 not had time to maintain the book for a while now, and guess I should
3517 put it up on some public version control repository where others can
3518 help me extend and update the book. If anyone is volunteering to help
3519 me with this, send me an email. Also let me know if there are songs
3520 missing in my book.
</p
>
3522 <p
>I have not mentioned the book on my blog so far, and it occured to
3523 me today that I really should let all my readers share the joys of
3524 singing out load about programming, computers and computer networks.
3525 Especially now that
<a href=
"http://debconf12.debconf.org/
">Debconf
3526 12</a
> is about to start (and I am not going). Want to sing? Check
3527 out
<a href=
"http://www.hungry.com/~pere/cs-songbook/
">Petter
's
3528 Computer Science Songbook
</a
>.
3533 <title>Automatically upgrading server firmware on Dell PowerEdge
</title>
3534 <link>http://people.skolelinux.org/pere/blog/Automatically_upgrading_server_firmware_on_Dell_PowerEdge.html
</link>
3535 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Automatically_upgrading_server_firmware_on_Dell_PowerEdge.html
</guid>
3536 <pubDate>Mon,
21 Nov
2011 12:
00:
00 +
0100</pubDate>
3537 <description><p
>At work we have heaps of servers. I believe the total count is
3538 around
1000 at the moment. To be able to get help from the vendors
3539 when something go wrong, we want to keep the firmware on the servers
3540 up to date. If the firmware isn
't the latest and greatest, the
3541 vendors typically refuse to start debugging any problems until the
3542 firmware is upgraded. So before every reboot, we want to upgrade the
3543 firmware, and we would really like everyone handling servers at the
3544 university to do this themselves when they plan to reboot a machine.
3545 For that to happen we at the unix server admin group need to provide
3546 the tools to do so.
</p
>
3548 <p
>To make firmware upgrading easier, I am working on a script to
3549 fetch and install the latest firmware for the servers we got. Most of
3550 our hardware are from Dell and HP, so I have focused on these servers
3551 so far. This blog post is about the Dell part.
</P
>
3553 <p
>On the Dell FTP site I was lucky enough to find
3554 <a href=
"ftp://ftp.us.dell.com/catalog/Catalog.xml.gz
">an XML file
</a
>
3555 with firmware information for all
11th generation servers, listing
3556 which firmware should be used on a given model and where on the FTP
3557 site I can find it. Using a simple perl XML parser I can then
3558 download the shell scripts Dell provides to do firmware upgrades from
3559 within Linux and reboot when all the firmware is primed and ready to
3560 be activated on the first reboot.
</p
>
3562 <p
>This is the Dell related fragment of the perl code I am working on.
3563 Are there anyone working on similar tools for firmware upgrading all
3564 servers at a site? Please get in touch and lets share resources.
</p
>
3566 <p
><pre
>
3570 use File::Temp qw(tempdir);
3572 # Install needed RHEL packages if missing
3574 'XML::Simple
' =
> 'perl-XML-Simple
',
3576 for my $module (keys %rhelmodules) {
3577 eval
"use $module;
";
3579 my $pkg = $rhelmodules{$module};
3580 system(
"yum install -y $pkg
");
3581 eval
"use $module;
";
3585 my $errorsto =
'pere@hungry.com
';
3591 sub run_firmware_script {
3592 my ($opts, $script) = @_;
3594 print STDERR
"fail: missing script name\n
";
3597 print STDERR
"Running $script\n\n
";
3599 if (
0 == system(
"sh $script $opts
")) { # FIXME correct exit code handling
3600 print STDERR
"success: firmware script ran succcessfully\n
";
3602 print STDERR
"fail: firmware script returned error\n
";
3606 sub run_firmware_scripts {
3607 my ($opts, @dirs) = @_;
3608 # Run firmware packages
3609 for my $dir (@dirs) {
3610 print STDERR
"info: Running scripts in $dir\n
";
3611 opendir(my $dh, $dir) or die
"Unable to open directory $dir: $!
";
3612 while (my $s = readdir $dh) {
3613 next if $s =~ m/^\.\.?/;
3614 run_firmware_script($opts,
"$dir/$s
");
3622 print STDERR
"info: Downloading $url\n
";
3623 system(
"wget --quiet \
"$url\
"");
3628 my $product = `dmidecode -s system-product-name`;
3631 if ($product =~ m/PowerEdge/) {
3633 # on RHEL, these pacakges are needed by the firwmare upgrade scripts
3634 system(
'yum install -y compat-libstdc++-
33.i686 libstdc++.i686 libxml2.i686 procmail
');
3636 my $tmpdir = tempdir(
3640 fetch_dell_fw(
'catalog/Catalog.xml.gz
');
3641 system(
'gunzip Catalog.xml.gz
');
3642 my @paths = fetch_dell_fw_list(
'Catalog.xml
');
3643 # -q is quiet, disabling interactivity and reducing console output
3644 my $fwopts =
"-q
";
3646 for my $url (@paths) {
3647 fetch_dell_fw($url);
3649 run_firmware_scripts($fwopts, $tmpdir);
3651 print STDERR
"error: Unsupported Dell model
'$product
'.\n
";
3652 print STDERR
"error: Please report to $errorsto.\n
";
3656 print STDERR
"error: Unsupported Dell model
'$product
'.\n
";
3657 print STDERR
"error: Please report to $errorsto.\n
";
3663 my $url =
"ftp://ftp.us.dell.com/$path
";
3667 # Using ftp://ftp.us.dell.com/catalog/Catalog.xml.gz, figure out which
3668 # firmware packages to download from Dell. Only work for Linux
3669 # machines and
11th generation Dell servers.
3670 sub fetch_dell_fw_list {
3671 my $filename = shift;
3673 my $product = `dmidecode -s system-product-name`;
3675 my ($mybrand, $mymodel) = split(/\s+/, $product);
3677 print STDERR
"Finding firmware bundles for $mybrand $mymodel\n
";
3679 my $xml = XMLin($filename);
3681 for my $bundle (@{$xml-
>{SoftwareBundle}}) {
3682 my $brand = $bundle-
>{TargetSystems}-
>{Brand}-
>{Display}-
>{content};
3683 my $model = $bundle-
>{TargetSystems}-
>{Brand}-
>{Model}-
>{Display}-
>{content};
3685 if (
"ARRAY
" eq ref $bundle-
>{TargetOSes}-
>{OperatingSystem}) {
3686 $oscode = $bundle-
>{TargetOSes}-
>{OperatingSystem}[
0]-
>{osCode};
3688 $oscode = $bundle-
>{TargetOSes}-
>{OperatingSystem}-
>{osCode};
3690 if ($mybrand eq $brand
&& $mymodel eq $model
&& "LIN
" eq $oscode)
3692 @paths = map { $_-
>{path} } @{$bundle-
>{Contents}-
>{Package}};
3695 for my $component (@{$xml-
>{SoftwareComponent}}) {
3696 my $componenttype = $component-
>{ComponentType}-
>{value};
3698 # Drop application packages, only firmware and BIOS
3699 next if
'APAC
' eq $componenttype;
3701 my $cpath = $component-
>{path};
3702 for my $path (@paths) {
3703 if ($cpath =~ m%/$path$%) {
3704 push(@paths, $cpath);
3712 <p
>The code is only tested on RedHat Enterprise Linux, but I suspect
3713 it could work on other platforms with some tweaking. Anyone know a
3714 index like Catalog.xml is available from HP for HP servers? At the
3715 moment I maintain a similar list manually and it is quickly getting
3721 <title>How is booting into runlevel
1 different from single user boots?
</title>
3722 <link>http://people.skolelinux.org/pere/blog/How_is_booting_into_runlevel_1_different_from_single_user_boots_.html
</link>
3723 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_is_booting_into_runlevel_1_different_from_single_user_boots_.html
</guid>
3724 <pubDate>Thu,
4 Aug
2011 12:
40:
00 +
0200</pubDate>
3725 <description><p
>Wouter Verhelst have some
3726 <a href=
"http://grep.be/blog/en/retorts/pere_kubuntu_boot
">interesting
3727 comments and opinions
</a
> on my blog post on
3728 <a href=
"http://people.skolelinux.org/pere/blog/What_should_start_from__etc_rcS_d__in_Debian____almost_nothing.html
">the
3729 need to clean up /etc/rcS.d/ in Debian
</a
> and my blog post about
3730 <a href=
"http://people.skolelinux.org/pere/blog/What_is_missing_in_the_Debian_desktop__or_why_my_parents_use_Kubuntu.html
">the
3731 default KDE desktop in Debian
</a
>. I only have time to address one
3732 small piece of his comment now, and though it best to address the
3733 misunderstanding he bring forward:
</p
>
3735 <p
><blockquote
>
3736 Currently, a system admin has four options: [...] boot to a
3737 single-user system (by adding
'single
' to the kernel command line;
3738 this runs rcS and rc1 scripts)
3739 </blockquote
></p
>
3741 <p
>This make me believe Wouter believe booting into single user mode
3742 and booting into runlevel
1 is the same. I am not surprised he
3743 believe this, because it would make sense and is a quite sensible
3744 thing to believe. But because the boot in Debian is slightly broken,
3745 runlevel
1 do not work properly and it isn
't the same as single user
3746 mode. I
'll try to explain what is actually happing, but it is a bit
3747 hard to explain.
</p
>
3749 <p
>Single user mode is defined like this in /etc/inittab:
3750 "<tt
>~~:S:wait:/sbin/sulogin
</tt
>". This means the only thing that is
3751 executed in single user mode is sulogin. Single user mode is a boot
3752 state
"between
" the runlevels, and when booting into single user mode,
3753 only the scripts in /etc/rcS.d/ are executed before the init process
3754 enters the single user state. When switching to runlevel
1, the state
3755 is in fact not ending in runlevel
1, but it passes through runlevel
1
3756 and end up in the single user mode (see /etc/rc1.d/S03single, which
3757 runs
"init -t1 S
" to switch to single user mode at the end of runlevel
3758 1. It is confusing that the
'S
' (single user) init mode is not the
3759 mode enabled by /etc/rcS.d/ (which is more like the initial boot
3762 <p
>This summary might make it clearer. When booting for the first
3763 time into single user mode, the following commands are executed:
3764 "<tt
>/etc/init.d/rc S; /sbin/sulogin
</tt
>". When booting into
3765 runlevel
1, the following commands are executed:
"<tt
>/etc/init.d/rc
3766 S; /etc/init.d/rc
1; /sbin/sulogin
</tt
>". A problem show up when
3767 trying to continue after visiting single user mode. Not all services
3768 are started again as they should, causing the machine to end up in an
3769 unpredicatble state. This is why Debian admins recommend rebooting
3770 after visiting single user mode.
</p
>
3772 <p
>A similar problem with runlevel
1 is caused by the amount of
3773 scripts executed from /etc/rcS.d/. When switching from say runlevel
2
3774 to runlevel
1, the services started from /etc/rcS.d/ are not properly
3775 stopped when passing through the scripts in /etc/rc1.d/, and not
3776 started again when switching away from runlevel
1 to the runlevels
3777 2-
5. I believe the problem is best fixed by moving all the scripts
3778 out of /etc/rcS.d/ that are not
<strong
>required
</strong
> to get a
3779 functioning single user mode during boot.
</p
>
3781 <p
>I have spent several years investigating the Debian boot system,
3782 and discovered this problem a few years ago. I suspect it originates
3783 from when sysvinit was introduced into Debian, a long time ago.
</p
>
3788 <title>What should start from /etc/rcS.d/ in Debian? - almost nothing
</title>
3789 <link>http://people.skolelinux.org/pere/blog/What_should_start_from__etc_rcS_d__in_Debian____almost_nothing.html
</link>
3790 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/What_should_start_from__etc_rcS_d__in_Debian____almost_nothing.html
</guid>
3791 <pubDate>Sat,
30 Jul
2011 14:
00:
00 +
0200</pubDate>
3792 <description><p
>In the Debian boot system, several packages include scripts that
3793 are started from /etc/rcS.d/. In fact, there is a bite more of them
3794 than make sense, and this causes a few problems. What kind of
3795 problems, you might ask. There are at least two problems. The first
3796 is that it is not possible to recover a machine after switching to
3797 runlevel
1. One need to actually reboot to get the machine back to
3798 the expected state. The other is that single user boot will sometimes
3799 run into problems because some of the subsystems are activated before
3800 the root login is presented, causing problems when trying to recover a
3801 machine from a problem in that subsystem. A minor additional point is
3802 that moving more scripts out of rcS.d/ and into the other rc#.d/
3803 directories will increase the amount of scripts that can run in
3804 parallel during boot, and thus decrease the boot time.
</p
>
3806 <p
>So, which scripts should start from rcS.d/. In short, only the
3807 scripts that _have_ to execute before the root login prompt is
3808 presented during a single user boot should go there. Everything else
3809 should go into the numeric runlevels. This means things like
3810 lm-sensors, fuse and x11-common should not run from rcS.d, but from
3811 the numeric runlevels. Today in Debian, there are around
115 init.d
3812 scripts that are started from rcS.d/, and most of them should be moved
3813 out. Do your package have one of them? Please help us make single
3814 user and runlevel
1 better by moving it.
</p
>
3816 <p
>Scripts setting up the screen, keyboard, system partitions
3817 etc. should still be started from rcS.d/, but there is for example no
3818 need to have the network enabled before the single user login prompt
3819 is presented.
</p
>
3821 <p
>As always, things are not so easy to fix as they sound. To keep
3822 Debian systems working while scripts migrate and during upgrades, the
3823 scripts need to be moved from rcS.d/ to rc2.d/ in reverse dependency
3824 order, ie the scripts that nothing in rcS.d/ depend on can be moved,
3825 and the next ones can only be moved when their dependencies have been
3826 moved first. This migration must be done sequentially while we ensure
3827 that the package system upgrade packages in the right order to keep
3828 the system state correct. This will require some coordination when it
3829 comes to network related packages, but most of the packages with
3830 scripts that should migrate do not have anything in rcS.d/ depending
3831 on them. Some packages have already been updated, like the sudo
3832 package, while others are still left to do. I wish I had time to work
3833 on this myself, but real live constrains make it unlikely that I will
3834 find time to push this forward.
</p
>
3839 <title>What is missing in the Debian desktop, or why my parents use Kubuntu
</title>
3840 <link>http://people.skolelinux.org/pere/blog/What_is_missing_in_the_Debian_desktop__or_why_my_parents_use_Kubuntu.html
</link>
3841 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/What_is_missing_in_the_Debian_desktop__or_why_my_parents_use_Kubuntu.html
</guid>
3842 <pubDate>Fri,
29 Jul
2011 08:
10:
00 +
0200</pubDate>
3843 <description><p
>While at Debconf11, I have several times during discussions
3844 mentioned the issues I believe should be improved in Debian for its
3845 desktop to be useful for more people. The use case for this is my
3846 parents, which are currently running Kubuntu which solve the
3849 <p
>I suspect these four missing features are not very hard to
3850 implement. After all, they are present in Ubuntu, so if we wanted to
3851 do this in Debian we would have a source.
</p
>
3855 <li
><strong
>Simple GUI based upgrade of packages.
</strong
> When there
3856 are new packages available for upgrades, a icon in the KDE status bar
3857 indicate this, and clicking on it will activate the simple upgrade
3858 tool to handle it. I have no problem guiding both of my parents
3859 through the process over the phone. If a kernel reboot is required,
3860 this too is indicated by the status bars and the upgrade tool. Last
3861 time I checked, nothing with the same features was working in KDE in
3864 <li
><strong
>Simple handling of missing Firefox browser
3865 plugins.
</strong
> When the browser encounter a MIME type it do not
3866 currently have a handler for, it will ask the user if the system
3867 should search for a package that would add support for this MIME type,
3868 and if the user say yes, the APT sources will be searched for packages
3869 advertising the MIME type in their control file (visible in the
3870 Packages file in the APT archive). If one or more packages are found,
3871 it is a simple click of the mouse to add support for the missing mime
3872 type. If the package require the user to accept some non-free
3873 license, this is explained to the user. The entire process make it
3874 more clear to the user why something do not work in the browser, and
3875 make the chances higher for the user to blame the web page authors and
3876 not the browser for any missing features.
</li
>
3878 <li
><strong
>Simple handling of missing multimedia codec/format
3879 handlers.
</strong
> When the media players encounter a format or codec
3880 it is not supporting, a dialog pop up asking the user if the system
3881 should search for a package that would add support for it. This
3882 happen with things like MP3, Windows Media or H
.264. The selection
3883 and installation procedure is very similar to the Firefox browser
3884 plugin handling. This is as far as I know implemented using a
3885 gstreamer hook. The end result is that the user easily get access to
3886 the codecs that are present from the APT archives available, while
3887 explaining more on why a given format is unsupported by Ubuntu.
</li
>
3889 <li
><strong
>Better browser handling of some MIME types.
</strong
> When
3890 displaying a text/plain file in my Debian browser, it will propose to
3891 start emacs to show it. If I remember correctly, when doing the same
3892 in Kunbutu it show the file as a text file in the browser. At least I
3893 know Opera will show text files within the browser. I much prefer the
3894 latter behaviour.
</li
>
3898 <p
>There are other nice features as well, like the simplified suite
3899 upgrader, but given that I am the one mostly doing the dist-upgrade,
3900 it do not matter much.
</p
>
3902 <p
>I really hope we could get these features in place for the next
3903 Debian release. It would require the coordinated effort of several
3904 maintainers, but would make the end user experience a lot better.
</p
>
3909 <title>Perl modules used by FixMyStreet which are missing in Debian/Squeeze
</title>
3910 <link>http://people.skolelinux.org/pere/blog/Perl_modules_used_by_FixMyStreet_which_are_missing_in_Debian_Squeeze.html
</link>
3911 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Perl_modules_used_by_FixMyStreet_which_are_missing_in_Debian_Squeeze.html
</guid>
3912 <pubDate>Tue,
26 Jul
2011 12:
25:
00 +
0200</pubDate>
3913 <description><p
>The Norwegian
<a href=
"http://www.fiksgatami.no/
">FiksGataMi
</A
>
3914 site is build on Debian/Squeeze, and this platform was chosen because
3915 I am most familiar with Debian (being a Debian Developer for around
10
3916 years) because it is the latest stable Debian release which should get
3917 security support for a few years.
</p
>
3919 <p
>The web service is written in Perl, and depend on some perl modules
3920 that are missing in Debian at the moment. It would be great if these
3921 modules were added to the Debian archive, allowing anyone to set up
3922 their own
<a href=
"http://www.fixmystreet.com
">FixMyStreet
</a
> clone
3923 in their own country using only Debian packages. The list of modules
3924 missing in Debian/Squeeze isn
't very long, and I hope the perl group
3925 will find time to package the
12 modules Catalyst::Plugin::SmartURI,
3926 Catalyst::Plugin::Unicode::Encoding, Catalyst::View::TT, Devel::Hide,
3927 Sort::Key, Statistics::Distributions, Template::Plugin::Comma,
3928 Template::Plugin::DateTime::Format, Term::Size::Any, Term::Size::Perl,
3929 URI::SmartURI and Web::Scraper to make the maintenance of FixMyStreet
3930 easier in the future.
</p
>
3932 <p
>Thanks to the great tools in Debian, getting the missing modules
3933 installed on my server was a simple call to
'cpan2deb Module::Name
'
3934 and
'dpkg -i
' to install the resulting package. But this leave me
3935 with the responsibility of tracking security problems, which I really
3936 do not have time for.
</p
>
3941 <title>A Norwegian FixMyStreet have kept me busy the last few weeks
</title>
3942 <link>http://people.skolelinux.org/pere/blog/A_Norwegian_FixMyStreet_have_kept_me_busy_the_last_few_weeks.html
</link>
3943 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/A_Norwegian_FixMyStreet_have_kept_me_busy_the_last_few_weeks.html
</guid>
3944 <pubDate>Sun,
3 Apr
2011 22:
50:
00 +
0200</pubDate>
3945 <description><p
>Here is a small update for my English readers. Most of my blog
3946 posts have been in Norwegian the last few weeks, so here is a short
3947 update in English.
</p
>
3949 <p
>The kids still keep me too busy to get much free software work
3950 done, but I did manage to organise a project to get a Norwegian port
3951 of the British service
3952 <a href=
"http://www.fixmystreet.com/
">FixMyStreet
</a
> up and running,
3953 and it has been running for a month now. The entire project has been
3954 organised by me and two others. Around Christmas we gathered sponsors
3955 to fund the development work. In January I drafted a contract with
3956 <a href=
"http://www.mysociety.org/
">mySociety
</a
> on what to develop,
3957 and in February the development took place. Most of it involved
3958 converting the source to use GPS coordinates instead of British
3959 easting/northing, and the resulting code should be a lot easier to get
3960 running in any country by now. The Norwegian
3961 <a href=
"http://www.fiksgatami.no/
">FiksGataMi
</a
> is using
3962 <a href=
"http://www.openstreetmap.org/
">OpenStreetmap
</a
> as the map
3963 source and the source for administrative borders in Norway, and
3964 support for this had to be added/fixed.
</p
>
3966 <p
>The Norwegian version went live March
3th, and we spent the weekend
3967 polishing the system before we announced it March
7th. The system is
3968 running on a KVM instance of Debian/Squeeze, and has seen almost
3000
3969 problem reports in a few weeks. Soon we hope to announce the Android
3970 and iPhone versions making it even easier to report problems with the
3971 public infrastructure.
</p
>
3973 <p
>Perhaps something to consider for those of you in countries without
3974 such service?
</p
>
3979 <title>Using NVD and CPE to track CVEs in locally maintained software
</title>
3980 <link>http://people.skolelinux.org/pere/blog/Using_NVD_and_CPE_to_track_CVEs_in_locally_maintained_software.html
</link>
3981 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Using_NVD_and_CPE_to_track_CVEs_in_locally_maintained_software.html
</guid>
3982 <pubDate>Fri,
28 Jan
2011 15:
40:
00 +
0100</pubDate>
3983 <description><p
>The last few days I have looked at ways to track open security
3984 issues here at my work with the University of Oslo. My idea is that
3985 it should be possible to use the information about security issues
3986 available on the Internet, and check our locally
3987 maintained/distributed software against this information. It should
3988 allow us to verify that no known security issues are forgotten. The
3989 CVE database listing vulnerabilities seem like a great central point,
3990 and by using the package lists from Debian mapped to CVEs provided by
3991 the testing security team, I believed it should be possible to figure
3992 out which security holes were present in our free software
3993 collection.
</p
>
3995 <p
>After reading up on the topic, it became obvious that the first
3996 building block is to be able to name software packages in a unique and
3997 consistent way across data sources. I considered several ways to do
3998 this, for example coming up with my own naming scheme like using URLs
3999 to project home pages or URLs to the Freshmeat entries, or using some
4000 existing naming scheme. And it seem like I am not the first one to
4001 come across this problem, as MITRE already proposed and implemented a
4002 solution. Enter the
<a href=
"http://cpe.mitre.org/index.html
">Common
4003 Platform Enumeration
</a
> dictionary, a vocabulary for referring to
4004 software, hardware and other platform components. The CPE ids are
4005 mapped to CVEs in the
<a href=
"http://web.nvd.nist.gov/
">National
4006 Vulnerability Database
</a
>, allowing me to look up know security
4007 issues for any CPE name. With this in place, all I need to do is to
4008 locate the CPE id for the software packages we use at the university.
4009 This is fairly trivial (I google for
'cve cpe $package
' and check the
4010 NVD entry if a CVE for the package exist).
</p
>
4012 <p
>To give you an example. The GNU gzip source package have the CPE
4013 name cpe:/a:gnu:gzip. If the old version
1.3.3 was the package to
4014 check out, one could look up
4015 <a href=
"http://web.nvd.nist.gov/view/vuln/search?cpe=cpe%
3A%
2Fa%
3Agnu%
3Agzip:
1.3.3">cpe:/a:gnu:gzip:
1.3.3
4016 in NVD
</a
> and get a list of
6 security holes with public CVE entries.
4017 The most recent one is
4018 <a href=
"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-
2010-
0001">CVE-
2010-
0001</a
>,
4019 and at the bottom of the NVD page for this vulnerability the complete
4020 list of affected versions is provided.
</p
>
4022 <p
>The NVD database of CVEs is also available as a XML dump, allowing
4023 for offline processing of issues. Using this dump, I
've written a
4024 small script taking a list of CPEs as input and list all CVEs
4025 affecting the packages represented by these CPEs. One give it CPEs
4026 with version numbers as specified above and get a list of open
4027 security issues out.
</p
>
4029 <p
>Of course for this approach to be useful, the quality of the NVD
4030 information need to be high. For that to happen, I believe as many as
4031 possible need to use and contribute to the NVD database. I notice
4033 <a href=
"https://www.redhat.com/security/data/metrics/rhsamapcpe.txt
">a
4034 map from CVE to CPE
</a
>, indicating that they are using the CPE
4035 information. I
'm not aware of Debian and Ubuntu doing the same.
</p
>
4037 <p
>To get an idea about the quality for free software, I spent some
4038 time making it possible to compare the CVE database from Debian with
4039 the CVE database in NVD. The result look fairly good, but there are
4040 some inconsistencies in NVD (same software package having several
4041 CPEs), and some inaccuracies (NVD not mentioning buggy packages that
4042 Debian believe are affected by a CVE). Hope to find time to improve
4043 the quality of NVD, but that require being able to get in touch with
4044 someone maintaining it. So far my three emails with questions and
4045 corrections have not seen any reply, but I hope contact can be
4046 established soon.
</p
>
4048 <p
>An interesting application for CPEs is cross platform package
4049 mapping. It would be useful to know which packages in for example
4050 RHEL, OpenSuSe and Mandriva are missing from Debian and Ubuntu, and
4051 this would be trivial if all linux distributions provided CPE entries
4052 for their packages.
</p
>
4057 <title>Which module is loaded for a given PCI and USB device?
</title>
4058 <link>http://people.skolelinux.org/pere/blog/Which_module_is_loaded_for_a_given_PCI_and_USB_device_.html
</link>
4059 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Which_module_is_loaded_for_a_given_PCI_and_USB_device_.html
</guid>
4060 <pubDate>Sun,
23 Jan
2011 00:
20:
00 +
0100</pubDate>
4061 <description><p
>In the
4062 <a href=
"http://packages.qa.debian.org/discover-data
">discover-data
</a
>
4063 package in Debian, there is a script to report useful information
4064 about the running hardware for use when people report missing
4065 information. One part of this script that I find very useful when
4066 debugging hardware problems, is the part mapping loaded kernel module
4067 to the PCI device it claims. It allow me to quickly see if the kernel
4068 module I expect is driving the hardware I am struggling with. To see
4069 the output, make sure discover-data is installed and run
4070 <tt
>/usr/share/bug/discover-data
3>&1</tt
>. The relevant output on
4071 one of my machines like this:
</p
>
4075 10de:
03eb i2c_nforce2
4078 10de:
03f0 snd_hda_intel
4087 <p
>The code in question look like this, slightly modified for
4088 readability and to drop the output to file descriptor
3:
</p
>
4091 if [ -d /sys/bus/pci/devices/ ] ; then
4092 echo loaded pci modules:
4094 cd /sys/bus/pci/devices/
4095 for address in * ; do
4096 if [ -d
"$address/driver/module
" ] ; then
4097 module=`cd $address/driver/module ; pwd -P | xargs basename`
4098 if grep -q
"^$module
" /proc/modules ; then
4099 address=$(echo $address |sed s/
0000://)
4100 id=`lspci -n -s $address | tail -n
1 | awk
'{print $
3}
'`
4101 echo
"$id $module
"
4110 <p
>Similar code could be used to extract USB device module
4114 if [ -d /sys/bus/usb/devices/ ] ; then
4115 echo loaded usb modules:
4117 cd /sys/bus/usb/devices/
4118 for address in * ; do
4119 if [ -d
"$address/driver/module
" ] ; then
4120 module=`cd $address/driver/module ; pwd -P | xargs basename`
4121 if grep -q
"^$module
" /proc/modules ; then
4122 address=$(echo $address |sed s/
0000://)
4123 id=$(lsusb -s $address | tail -n
1 | awk
'{print $
6}
')
4124 if [
"$id
" ] ; then
4125 echo
"$id $module
"
4135 <p
>This might perhaps be something to include in other tools as
4141 <title>How to test if a laptop is working with Linux
</title>
4142 <link>http://people.skolelinux.org/pere/blog/How_to_test_if_a_laptop_is_working_with_Linux.html
</link>
4143 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_test_if_a_laptop_is_working_with_Linux.html
</guid>
4144 <pubDate>Wed,
22 Dec
2010 14:
55:
00 +
0100</pubDate>
4145 <description><p
>The last few days I have spent at work here at the
<a
4146 href=
"http://www.uio.no/
">University of Oslo
</a
> testing if the new
4147 batch of computers will work with Linux. Every year for the last few
4148 years the university have organised shared bid of a few thousand
4149 computers, and this year HP won the bid. Two different desktops and
4150 five different laptops are on the list this year. We in the UNIX
4151 group want to know which one of these computers work well with RHEL
4152 and Ubuntu, the two Linux distributions we currently handle at the
4153 university.
</p
>
4155 <p
>My test method is simple, and I share it here to get feedback and
4156 perhaps inspire others to test hardware as well. To test, I PXE
4157 install the OS version of choice, and log in as my normal user and run
4158 a few applications and plug in selected pieces of hardware. When
4159 something fail, I make a note about this in the test matrix and move
4160 on. If I have some spare time I try to report the bug to the OS
4161 vendor, but as I only have the machines for a short time, I rarely
4162 have the time to do this for all the problems I find.
</p
>
4164 <p
>Anyway, to get to the point of this post. Here is the simple tests
4165 I perform on a new model.
</p
>
4169 <li
>Is PXE installation working? I
'm testing with RHEL6, Ubuntu Lucid
4170 and Ubuntu Maverik at the moment. If I feel like it, I also test with
4171 RHEL5 and Debian Edu/Squeeze.
</li
>
4173 <li
>Is X.org working? If the graphical login screen show up after
4174 installation, X.org is working.
</li
>
4176 <li
>Is hardware accelerated OpenGL working? Running glxgears (in
4177 package mesa-utils on Ubuntu) and writing down the frames per second
4178 reported by the program.
</li
>
4180 <li
>Is sound working? With Gnome and KDE, a sound is played when
4181 logging in, and if I can hear this the test is successful. If there
4182 are several audio exits on the machine, I try them all and check if
4183 the Gnome/KDE audio mixer can control where to send the sound. I
4184 normally test this by playing
4185 <a href=
"http://www.nuug.no/aktiviteter/
20101012-chef/
">a HTML5
4186 video
</a
> in Firefox/Iceweasel.
</li
>
4188 <li
>Is the USB subsystem working? I test this by plugging in a USB
4189 memory stick and see if Gnome/KDE notices this.
</li
>
4191 <li
>Is the CD/DVD player working? I test this by inserting any CD/DVD
4192 I have lying around, and see if Gnome/KDE notices this.
</li
>
4194 <li
>Is any built in camera working? Test using cheese, and see if a
4195 picture from the v4l device show up.
</li
>
4197 <li
>Is bluetooth working? Use the Gnome/KDE browsing tool to see if
4198 any bluetooth devices are discovered. In my office, I normally see a
4201 <li
>For laptops, is the SD or Compaq Flash reader working. I have
4202 memory modules lying around, and stick them in and see if Gnome/KDE
4203 notice this.
</li
>
4205 <li
>For laptops, is suspend/hibernate working? I
'm testing if the
4206 special button work, and if the laptop continue to work after
4209 <li
>For laptops, is the extra buttons working, like audio level,
4210 adjusting background light, switching on/off external video output,
4211 switching on/off wifi, bluetooth, etc? The set of buttons differ from
4212 laptop to laptop, so I just write down which are working and which are
4215 <li
>Some laptops have smart card readers, finger print readers,
4216 acceleration sensors etc. I rarely test these, as I do not know how
4217 to quickly test if they are working or not, so I only document their
4218 existence.
</li
>
4222 <p
>By now I suspect you are really curious what the test results are
4223 for the HP machines I am testing. I
'm not done yet, so I will report
4224 the test results later. For now I can report that HP
8100 Elite work
4225 fine, and hibernation fail with HP EliteBook
8440p on Ubuntu Lucid,
4226 and audio fail on RHEL6. Ubuntu Maverik worked with
8440p. As you
4227 can see, I have most machines left to test. One interesting
4228 observation is that Ubuntu Lucid has almost twice the frame rate than
4229 RHEL6 with glxgears. No idea why.
</p
>
4234 <title>Some thoughts on BitCoins
</title>
4235 <link>http://people.skolelinux.org/pere/blog/Some_thoughts_on_BitCoins.html
</link>
4236 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Some_thoughts_on_BitCoins.html
</guid>
4237 <pubDate>Sat,
11 Dec
2010 15:
10:
00 +
0100</pubDate>
4238 <description><p
>As I continue to explore
4239 <a href=
"http://www.bitcoin.org/
">BitCoin
</a
>, I
've starting to wonder
4240 what properties the system have, and how it will be affected by laws
4241 and regulations here in Norway. Here are some random notes.
</p
>
4243 <p
>One interesting thing to note is that since the transactions are
4244 verified using a peer to peer network, all details about a transaction
4245 is known to everyone. This means that if a BitCoin address has been
4246 published like I did with mine in my initial post about BitCoin, it is
4247 possible for everyone to see how many BitCoins have been transfered to
4248 that address. There is even a web service to look at the details for
4249 all transactions. There I can see that my address
4250 <a href=
"http://blockexplorer.com/address/
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
>
4251 have received
16.06 Bitcoin, the
4252 <a href=
"http://blockexplorer.com/address/
1LfdGnGuWkpSJgbQySxxCWhv
8MHqvwst
3">1LfdGnGuWkpSJgbQySxxCWhv
8MHqvwst
3</a
>
4253 address of Simon Phipps have received
181.97 BitCoin and the address
4254 <a href=
"http://blockexplorer.com/address/
1MCwBbhNGp5hRm5rC1Aims2YFRe2SXPYKt
">1MCwBbhNGp5hRm5rC1Aims2YFRe2SXPYKt
</A
>
4255 of EFF have received
2447.38 BitCoins so far. Thank you to each and
4256 every one of you that donated bitcoins to support my activity. The
4257 fact that anyone can see how much money was transfered to a given
4258 address make it more obvious why the BitCoin community recommend to
4259 generate and hand out a new address for each transaction. I
'm told
4260 there is no way to track which addresses belong to a given person or
4261 organisation without the person or organisation revealing it
4262 themselves, as Simon, EFF and I have done.
</p
>
4264 <p
>In Norway, and in most other countries, there are laws and
4265 regulations limiting how much money one can transfer across the border
4266 without declaring it. There are money laundering, tax and accounting
4267 laws and regulations I would expect to apply to the use of BitCoin.
4268 If the Skolelinux foundation
4269 (
<a href=
"http://linuxiskolen.no/slxdebianlabs/donations.html
">SLX
4270 Debian Labs
</a
>) were to accept donations in BitCoin in addition to
4271 normal bank transfers like EFF is doing, how should this be accounted?
4272 Given that it is impossible to know if money can cross the border or
4273 not, should everything or nothing be declared? What exchange rate
4274 should be used when calculating taxes? Would receivers have to pay
4275 income tax if the foundation were to pay Skolelinux contributors in
4276 BitCoin? I have no idea, but it would be interesting to know.
</p
>
4278 <p
>For a currency to be useful and successful, it must be trusted and
4279 accepted by a lot of users. It must be possible to get easy access to
4280 the currency (as a wage or using currency exchanges), and it must be
4281 easy to spend it. At the moment BitCoin seem fairly easy to get
4282 access to, but there are very few places to spend it. I am not really
4283 a regular user of any of the vendor types currently accepting BitCoin,
4284 so I wonder when my kind of shop would start accepting BitCoins. I
4285 would like to buy electronics, travels and subway tickets, not herbs
4286 and books. :) The currency is young, and this will improve over time
4287 if it become popular, but I suspect regular banks will start to lobby
4288 to get BitCoin declared illegal if it become popular. I
'm sure they
4289 will claim it is helping fund terrorism and money laundering (which
4290 probably would be true, as is any currency in existence), but I
4291 believe the problems should be solved elsewhere and not by blaming
4292 currencies.
</p
>
4294 <p
>The process of creating new BitCoins is called mining, and it is
4295 CPU intensive process that depend on a bit of luck as well (as one is
4296 competing against all the other miners currently spending CPU cycles
4297 to see which one get the next lump of cash). The
"winner
" get
50
4298 BitCoin when this happen. Yesterday I came across the obvious way to
4299 join forces to increase ones changes of getting at least some coins,
4300 by coordinating the work on mining BitCoins across several machines
4301 and people, and sharing the result if one is lucky and get the
50
4303 <a href=
"http://www.bluishcoder.co.nz/bitcoin-pool/
">BitCoin Pool
</a
>
4304 if this sounds interesting. I have not had time to try to set up a
4305 machine to participate there yet, but have seen that running on ones
4306 own for a few days have not yield any BitCoins througth mining
4309 <p
>Update
2010-
12-
15: Found an
<a
4310 href=
"http://inertia.posterous.com/reply-to-the-underground-economist-why-bitcoi
">interesting
4311 criticism
</a
> of bitcoin. Not quite sure how valid it is, but thought
4312 it was interesting to read. The arguments presented seem to be
4313 equally valid for gold, which was used as a currency for many years.
</p
>
4318 <title>Now accepting bitcoins - anonymous and distributed p2p crypto-money
</title>
4319 <link>http://people.skolelinux.org/pere/blog/Now_accepting_bitcoins___anonymous_and_distributed_p2p_crypto_money.html
</link>
4320 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Now_accepting_bitcoins___anonymous_and_distributed_p2p_crypto_money.html
</guid>
4321 <pubDate>Fri,
10 Dec
2010 08:
20:
00 +
0100</pubDate>
4322 <description><p
>With this weeks lawless
4323 <a href=
"http://www.salon.com/news/opinion/glenn_greenwald/
2010/
12/
06/wikileaks/index.html
">governmental
4324 attacks
</a
> on Wikileak and
4325 <a href=
"http://www.salon.com/technology/dan_gillmor/
2010/
12/
06/war_on_speech
">free
4326 speech
</a
>, it has become obvious that PayPal, visa and mastercard can
4327 not be trusted to handle money transactions.
4329 <a href=
"http://webmink.com/
2010/
12/
06/now-accepting-bitcoin/
">Simon
4330 Phipps on bitcoin
</a
> reminded me about a project that a friend of
4331 mine mentioned earlier. I decided to follow Simon
's example, and get
4332 involved with
<a href=
"http://www.bitcoin.org/
">BitCoin
</a
>. I got
4333 some help from my friend to get it all running, and he even handed me
4334 some bitcoins to get started. I even donated a few bitcoins to Simon
4335 for helping me remember BitCoin.
</p
>
4337 <p
>So, what is bitcoins, you probably wonder? It is a digital
4338 crypto-currency, decentralised and handled using peer-to-peer
4339 networks. It allows anonymous transactions and prohibits central
4340 control over the transactions, making it impossible for governments
4341 and companies alike to block donations and other transactions. The
4342 source is free software, and while the key dependency wxWidgets
2.9
4343 for the graphical user interface is missing in Debian, the command
4344 line client builds just fine. Hopefully Jonas
4345 <a href=
"http://bugs.debian.org/
578157">will get the package into
4346 Debian
</a
> soon.
</p
>
4348 <p
>Bitcoins can be converted to other currencies, like USD and EUR.
4349 There are
<a href=
"http://www.bitcoin.org/trade
">companies accepting
4350 bitcoins
</a
> when selling services and goods, and there are even
4351 currency
"stock
" markets where the exchange rate is decided. There
4352 are not many users so far, but the concept seems promising. If you
4353 want to get started and lack a friend with any bitcoins to spare,
4355 <a href=
"https://freebitcoins.appspot.com/
">some for free
</a
> (
0.05
4356 bitcoin at the time of writing). Use
4357 <a href=
"http://www.bitcoinwatch.com/
">BitcoinWatch
</a
> to keep an eye
4358 on the current exchange rates.
</p
>
4360 <p
>As an experiment, I have decided to set up bitcoind on one of my
4361 machines. If you want to support my activity, please send Bitcoin
4362 donations to the address
4363 <b
>15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</b
>. Thank you!
</p
>
4368 <title>Why isn
't Debian Edu using VLC?
</title>
4369 <link>http://people.skolelinux.org/pere/blog/Why_isn_t_Debian_Edu_using_VLC_.html
</link>
4370 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Why_isn_t_Debian_Edu_using_VLC_.html
</guid>
4371 <pubDate>Sat,
27 Nov
2010 11:
30:
00 +
0100</pubDate>
4372 <description><p
>In the latest issue of Linux Journal, the readers choices were
4373 presented, and the winner among the multimedia player were VLC.
4374 Personally, I like VLC, and it is my player of choice when I first try
4375 to play a video file or stream. Only if VLC fail will I drag out
4376 gmplayer to see if it can do better. The reason is mostly the failure
4377 model and trust. When VLC fail, it normally pop up a error message
4378 reporting the problem. When mplayer fail, it normally segfault or
4379 just hangs. The latter failure mode drain my trust in the program.
<p
>
4381 <p
>But even if VLC is my player of choice, we have choosen to use
4382 mplayer in
<a href=
"http://www.skolelinux.org/
">Debian
4383 Edu/Skolelinux
</a
>. The reason is simple. We need a good browser
4384 plugin to play web videos seamlessly, and the VLC browser plugin is
4385 not very good. For example, it lack in-line control buttons, so there
4386 is no way for the user to pause the video. Also, when I
4387 <a href=
"http://wiki.debian.org/DebianEdu/BrowserMultimedia
">last
4388 tested the browser plugins
</a
> available in Debian, the VLC plugin
4389 failed on several video pages where mplayer based plugins worked. If
4390 the browser plugin for VLC was as good as the gecko-mediaplayer
4391 package (which uses mplayer), we would switch.
</P
>
4393 <p
>While VLC is a good player, its user interface is slightly
4394 annoying. The most annoying feature is its inconsistent use of
4395 keyboard shortcuts. When the player is in full screen mode, its
4396 shortcuts are different from when it is playing the video in a window.
4397 For example, space only work as pause when in full screen mode. I
4398 wish it had consisten shortcuts and that space also would work when in
4399 window mode. Another nice shortcut in gmplayer is [enter] to restart
4400 the current video. It is very nice when playing short videos from the
4401 web and want to restart it when new people arrive to have a look at
4402 what is going on.
</p
>
4407 <title>Lenny-
>Squeeze upgrades of the Gnome and KDE desktop, now with apt-get autoremove
</title>
4408 <link>http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades_of_the_Gnome_and_KDE_desktop__now_with_apt_get_autoremove.html
</link>
4409 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades_of_the_Gnome_and_KDE_desktop__now_with_apt_get_autoremove.html
</guid>
4410 <pubDate>Mon,
22 Nov
2010 14:
15:
00 +
0100</pubDate>
4411 <description><p
>Michael Biebl suggested to me on IRC, that I changed my automated
4412 upgrade testing of the
4413 <a href=
"http://people.skolelinux.org/~pere/debian-upgrade-testing/
">Lenny
4414 Gnome and KDE Desktop
</a
> to do
<tt
>apt-get autoremove
</tt
> when using apt-get.
4415 This seem like a very good idea, so I adjusted by test scripts and
4416 can now present the updated result from today:
</p
>
4418 <p
>This is for Gnome:
</p
>
4420 <p
>Installed using apt-get, missing with aptitude
</p
>
4422 <blockquote
><p
>
4427 browser-plugin-gnash
4434 freedesktop-sound-theme
4436 gconf-defaults-service
4451 gnome-desktop-environment
4455 gnome-session-canberra
4460 gstreamer0.10-fluendo-mp3
4466 libapache2-mod-dnssd
4469 libaprutil1-dbd-sqlite3
4472 libboost-date-time1.42
.0
4473 libboost-python1.42
.0
4474 libboost-thread1.42
.0
4476 libchamplain-gtk-
0.4-
0
4478 libclutter-gtk-
0.10-
0
4485 libfreerdp-plugins-standard
4500 libgnomepanel2.24-cil
4505 libgtksourceview2.0-common
4506 libmono-addins-gui0.2-cil
4507 libmono-addins0.2-cil
4508 libmono-cairo2.0-cil
4509 libmono-corlib2.0-cil
4510 libmono-i18n-west2.0-cil
4511 libmono-posix2.0-cil
4512 libmono-security2.0-cil
4513 libmono-sharpzip2.84-cil
4514 libmono-system2.0-cil
4517 libndesk-dbus-glib1.0-cil
4518 libndesk-dbus1.0-cil
4528 libtelepathy-farsight0
4537 nautilus-sendto-empathy
4541 python-aptdaemon-gtk
4543 python-beautifulsoup
4558 python-gtksourceview2
4569 python-pkg-resources
4576 python-twisted-conch
4582 python-zope.interface
4587 rhythmbox-plugin-cdrecorder
4594 system-config-printer-udev
4596 telepathy-mission-control-
5
4607 </p
></blockquote
>
4609 <p
>Installed using apt-get, removed with aptitude
</p
>
4611 <blockquote
><p
>
4617 fast-user-switch-applet
4636 libgtksourceview2.0-
0
4638 libsdl1.2debian-alsa
4644 system-config-printer
4649 </p
></blockquote
>
4651 <p
>Installed using aptitude, missing with apt-get
</p
>
4653 <blockquote
><p
>
4654 gstreamer0.10-gnomevfs
4655 </p
></blockquote
>
4657 <p
>Installed using aptitude, removed with apt-get
</p
>
4659 <blockquote
><p
>
4661 </p
></blockquote
>
4663 <p
>This is for KDE:
</p
>
4665 <p
>Installed using apt-get, missing with aptitude
</p
>
4667 <blockquote
><p
>
4669 </p
></blockquote
>
4671 <p
>Installed using apt-get, removed with aptitude
</p
>
4673 <blockquote
><p
>
4676 </p
></blockquote
>
4678 <p
>Installed using aptitude, missing with apt-get
</p
>
4680 <blockquote
><p
>
4694 kdeartwork-emoticons
4696 kdeartwork-theme-icon
4700 kdebase-workspace-bin
4701 kdebase-workspace-data
4715 kscreensaver-xsavers
4730 plasma-dataengines-workspace
4732 plasma-desktopthemes-artwork
4733 plasma-runners-addons
4734 plasma-scriptengine-googlegadgets
4735 plasma-scriptengine-python
4736 plasma-scriptengine-qedje
4737 plasma-scriptengine-ruby
4738 plasma-scriptengine-webkit
4739 plasma-scriptengines
4740 plasma-wallpapers-addons
4741 plasma-widget-folderview
4742 plasma-widget-networkmanagement
4746 xscreensaver-data-extra
4748 xscreensaver-gl-extra
4749 xscreensaver-screensaver-bsod
4750 </p
></blockquote
>
4752 <p
>Installed using aptitude, removed with apt-get
</p
>
4754 <blockquote
><p
>
4756 google-gadgets-common
4774 libggadget-qt-
1.0-
0b
4779 libkonqsidebarplugin4a
4788 libplasma-geolocation-interface4
4790 libplasmagenericshell4
4804 libsmokeknewstuff2-
3
4805 libsmokeknewstuff3-
3
4807 libsmokektexteditor3
4815 libsmokeqtnetwork4-
3
4821 libsmokeqtuitools4-
3
4833 plasma-dataengines-addons
4834 plasma-scriptengine-superkaramba
4835 plasma-widget-lancelot
4836 plasma-widgets-addons
4837 plasma-widgets-workspace
4841 update-notifier-common
4842 </p
></blockquote
>
4844 <p
>Running apt-get autoremove made the results using apt-get and
4845 aptitude a bit more similar, but there are still quite a lott of
4846 differences. I have no idea what packages should be installed after
4847 the upgrade, but hope those that do can have a look.
</p
>
4852 <title>Migrating Xen virtual machines using LVM to KVM using disk images
</title>
4853 <link>http://people.skolelinux.org/pere/blog/Migrating_Xen_virtual_machines_using_LVM_to_KVM_using_disk_images.html
</link>
4854 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Migrating_Xen_virtual_machines_using_LVM_to_KVM_using_disk_images.html
</guid>
4855 <pubDate>Mon,
22 Nov
2010 11:
20:
00 +
0100</pubDate>
4856 <description><p
>Most of the computers in use by the
4857 <a href=
"http://www.skolelinux.org/
">Debian Edu/Skolelinux project
</a
>
4858 are virtual machines. And they have been Xen machines running on a
4859 fairly old IBM eserver xseries
345 machine, and we wanted to migrate
4860 them to KVM on a newer Dell PowerEdge
2950 host machine. This was a
4861 bit harder that it could have been, because we set up the Xen virtual
4862 machines to get the virtual partitions from LVM, which as far as I
4863 know is not supported by KVM. So to migrate, we had to convert
4864 several LVM logical volumes to partitions on a virtual disk file.
</p
>
4867 <a href=
"http://searchnetworking.techtarget.com.au/articles/
35011-Six-steps-for-migrating-Xen-virtual-machines-to-KVM
">a
4868 nice recipe
</a
> to do this, and wrote the following script to do the
4869 migration. It uses qemu-img from the qemu package to make the disk
4870 image, parted to partition it, losetup and kpartx to present the disk
4871 image partions as devices, and dd to copy the data. I NFS mounted the
4872 new servers storage area on the old server to do the migration.
</p
>
4878 # http://searchnetworking.techtarget.com.au/articles/
35011-Six-steps-for-migrating-Xen-virtual-machines-to-KVM
4883 if [ -z
"$
1" ] ; then
4884 echo
"Usage: $
0 &lt;hostname
&gt;
"
4890 if [ ! -e /dev/vg_data/$host-disk ] ; then
4891 echo
"error: unable to find LVM volume for $host
"
4895 # Partitions need to be a bit bigger than the LVM LVs. not sure why.
4896 disksize=$( lvs --units m | grep $host-disk | awk
'{sum = sum + $
4} END { print int(sum *
1.05) }
')
4897 swapsize=$( lvs --units m | grep $host-swap | awk
'{sum = sum + $
4} END { print int(sum *
1.05) }
')
4898 totalsize=$(( ( $disksize + $swapsize ) ))
4901 #dd if=/dev/zero of=$img bs=
1M count=$(( $disksize + $swapsize ))
4902 qemu-img create $img ${totalsize}MMaking room on the Debian Edu/Sqeeze DVD
4904 parted $img mklabel msdos
4905 parted $img mkpart primary linux-swap
0 $disksize
4906 parted $img mkpart primary ext2 $disksize $totalsize
4907 parted $img set
1 boot on
4910 losetup /dev/loop0 $img
4911 kpartx -a /dev/loop0
4913 dd if=/dev/vg_data/$host-disk of=/dev/mapper/loop0p1 bs=
1M
4914 fsck.ext3 -f /dev/mapper/loop0p1 || true
4915 mkswap /dev/mapper/loop0p2
4917 kpartx -d /dev/loop0
4918 losetup -d /dev/loop0
4921 <p
>The script is perhaps so simple that it is not copyrightable, but
4922 if it is, it is licenced using GPL v2 or later at your discretion.
</p
>
4924 <p
>After doing this, I booted a Debian CD in rescue mode in KVM with
4925 the new disk image attached, installed grub-pc and linux-image-
686 and
4926 set up grub to boot from the disk image. After this, the KVM machines
4927 seem to work just fine.
</p
>
4932 <title>Lenny-
>Squeeze upgrades, apt vs aptitude with the Gnome and KDE desktop
</title>
4933 <link>http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__apt_vs_aptitude_with_the_Gnome_and_KDE_desktop.html
</link>
4934 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__apt_vs_aptitude_with_the_Gnome_and_KDE_desktop.html
</guid>
4935 <pubDate>Sat,
20 Nov
2010 22:
50:
00 +
0100</pubDate>
4936 <description><p
>I
'm still running upgrade testing of the
4937 <a href=
"http://people.skolelinux.org/~pere/debian-upgrade-testing/
">Lenny
4938 Gnome and KDE Desktop
</a
>, but have not had time to spend on reporting the
4939 status. Here is a short update based on a test I ran
20101118.
</p
>
4941 <p
>I still do not know what a correct migration should look like, so I
4942 report any differences between apt and aptitude and hope someone else
4943 can see if anything should be changed.
</p
>
4945 <p
>This is for Gnome:
</p
>
4947 <p
>Installed using apt-get, missing with aptitude
</p
>
4949 <blockquote
><p
>
4950 apache2.2-bin aptdaemon at-spi baobab binfmt-support
4951 browser-plugin-gnash cheese-common cli-common cpp-
4.3 cups-pk-helper
4952 dmz-cursor-theme empathy empathy-common finger
4953 freedesktop-sound-theme freeglut3 gconf-defaults-service gdm-themes
4954 gedit-plugins geoclue geoclue-hostip geoclue-localnet geoclue-manual
4955 geoclue-yahoo gnash gnash-common gnome gnome-backgrounds
4956 gnome-cards-data gnome-codec-install gnome-core
4957 gnome-desktop-environment gnome-disk-utility gnome-screenshot
4958 gnome-search-tool gnome-session-canberra gnome-spell
4959 gnome-system-log gnome-themes-extras gnome-themes-more
4960 gnome-user-share gs-common gstreamer0.10-fluendo-mp3
4961 gstreamer0.10-tools gtk2-engines gtk2-engines-pixbuf
4962 gtk2-engines-smooth hal-info hamster-applet libapache2-mod-dnssd
4963 libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap
4964 libart2.0-cil libatspi1.0-
0 libboost-date-time1.42
.0
4965 libboost-python1.42
.0 libboost-thread1.42
.0 libchamplain-
0.4-
0
4966 libchamplain-gtk-
0.4-
0 libcheese-gtk18 libclutter-gtk-
0.10-
0
4967 libcryptui0 libcupsys2 libdiscid0 libeel2-data libelf1 libepc-
1.0-
2
4968 libepc-common libepc-ui-
1.0-
2 libfreerdp-plugins-standard
4969 libfreerdp0 libgail-common libgconf2.0-cil libgdata-common libgdata7
4970 libgdl-
1-common libgdu-gtk0 libgee2 libgeoclue0 libgexiv2-
0 libgif4
4971 libglade2.0-cil libglib2.0-cil libgmime2.4-cil libgnome-vfs2.0-cil
4972 libgnome2.24-cil libgnomepanel2.24-cil libgnomeprint2.2-data
4973 libgnomeprintui2.2-common libgnomevfs2-bin libgpod-common libgpod4
4974 libgtk2.0-cil libgtkglext1 libgtksourceview-common
4975 libgtksourceview2.0-common libmono-addins-gui0.2-cil
4976 libmono-addins0.2-cil libmono-cairo2.0-cil libmono-corlib2.0-cil
4977 libmono-i18n-west2.0-cil libmono-posix2.0-cil
4978 libmono-security2.0-cil libmono-sharpzip2.84-cil
4979 libmono-system2.0-cil libmtp8 libmusicbrainz3-
6
4980 libndesk-dbus-glib1.0-cil libndesk-dbus1.0-cil libopal3.6
.8
4981 libpolkit-gtk-
1-
0 libpt-
1.10.10-plugins-alsa
4982 libpt-
1.10.10-plugins-v4l libpt2.6
.7 libpython2.6 librpm1 librpmio1
4983 libsdl1.2debian libservlet2.4-java libsrtp0 libssh-
4
4984 libtelepathy-farsight0 libtelepathy-glib0 libtidy-
0.99-
0
4985 libxalan2-java libxerces2-java media-player-info mesa-utils
4986 mono-
2.0-gac mono-gac mono-runtime nautilus-sendto
4987 nautilus-sendto-empathy openoffice.org-writer2latex
4988 openssl-blacklist p7zip p7zip-full pkg-config python-
4suite-xml
4989 python-aptdaemon python-aptdaemon-gtk python-axiom
4990 python-beautifulsoup python-bugbuddy python-clientform
4991 python-coherence python-configobj python-crypto python-cupshelpers
4992 python-cupsutils python-eggtrayicon python-elementtree
4993 python-epsilon python-evolution python-feedparser python-gdata
4994 python-gdbm python-gst0.10 python-gtkglext1 python-gtkmozembed
4995 python-gtksourceview2 python-httplib2 python-louie python-mako
4996 python-markupsafe python-mechanize python-nevow python-notify
4997 python-opengl python-openssl python-pam python-pkg-resources
4998 python-pyasn1 python-pysqlite2 python-rdflib python-serial
4999 python-tagpy python-twisted-bin python-twisted-conch
5000 python-twisted-core python-twisted-web python-utidylib python-webkit
5001 python-xdg python-zope.interface remmina remmina-plugin-data
5002 remmina-plugin-rdp remmina-plugin-vnc rhythmbox-plugin-cdrecorder
5003 rhythmbox-plugins rpm-common rpm2cpio seahorse-plugins shotwell
5004 software-center svgalibg1 system-config-printer-udev
5005 telepathy-gabble telepathy-mission-control-
5 telepathy-salut tomboy
5006 totem totem-coherence totem-mozilla totem-plugins
5007 transmission-common xdg-user-dirs xdg-user-dirs-gtk xserver-xephyr
5009 </p
></blockquote
>
5011 Installed using apt-get, removed with aptitude
5013 <blockquote
><p
>
5014 arj bluez-utils cheese dhcdbd djvulibre-desktop ekiga eog
5015 epiphany-extensions epiphany-gecko evolution-exchange
5016 fast-user-switch-applet file-roller gcalctool gconf-editor gdm gedit
5017 gedit-common gnome-app-install gnome-games gnome-games-data
5018 gnome-nettool gnome-system-tools gnome-themes gnome-utils
5019 gnome-vfs-obexftp gnome-volume-manager gnuchess gucharmap
5020 guile-
1.8-libs hal libavahi-compat-libdnssd1 libavahi-core5
5021 libavahi-ui0 libbind9-
50 libbluetooth2 libcamel1.2-
11 libcdio7
5022 libcucul0 libcurl3 libdirectfb-
1.0-
0 libdmx1 libdvdread3
5023 libedata-cal1.2-
6 libedataserver1.2-
9 libeel2-
2.20 libepc-
1.0-
1
5024 libepc-ui-
1.0-
1 libexchange-storage1.2-
3 libfaad0 libgadu3
5025 libgalago3 libgd2-noxpm libgda3-
3 libgda3-common libggz2 libggzcore9
5026 libggzmod4 libgksu1.2-
0 libgksuui1.0-
1 libgmyth0 libgnome-desktop-
2
5027 libgnome-pilot2 libgnomecups1.0-
1 libgnomeprint2.2-
0
5028 libgnomeprintui2.2-
0 libgpod3 libgraphviz4 libgtk-vnc-
1.0-
0
5029 libgtkhtml2-
0 libgtksourceview1.0-
0 libgtksourceview2.0-
0
5030 libgucharmap6 libhesiod0 libicu38 libisccc50 libisccfg50 libiw29
5031 libjaxp1.3-java-gcj libkpathsea4 liblircclient0 libltdl3 liblwres50
5032 libmagick++
10 libmagick10 libmalaga7 libmozjs1d libmpfr1ldbl libmtp7
5033 libmysqlclient15off libnautilus-burn4 libneon27 libnm-glib0
5034 libnm-util0 libopal-
2.2 libosp5 libparted1.8-
10 libpisock9
5035 libpisync1 libpoppler-glib3 libpoppler3 libpt-
1.10.10 libraw1394-
8
5036 libsdl1.2debian-alsa libsensors3 libsexy2 libsmbios2 libsoup2.2-
8
5037 libspeexdsp1 libssh2-
1 libsuitesparse-
3.1.0 libsvga1
5038 libswfdec-
0.6-
90 libtalloc1 libtotem-plparser10 libtrackerclient0
5039 libvoikko1 libxalan2-java-gcj libxerces2-java-gcj libxklavier12
5040 libxtrap6 libxxf86misc1 libzephyr3 mysql-common rhythmbox seahorse
5041 sound-juicer swfdec-gnome system-config-printer totem-common
5042 totem-gstreamer transmission-gtk vinagre vino w3c-dtd-xhtml wodim
5043 </p
></blockquote
>
5045 <p
>Installed using aptitude, missing with apt-get
</p
>
5047 <blockquote
><p
>
5048 gstreamer0.10-gnomevfs
5049 </p
></blockquote
>
5051 <p
>Installed using aptitude, removed with apt-get
</p
>
5053 <blockquote
><p
>
5055 </p
></blockquote
>
5057 <p
>This is for KDE:
</p
>
5059 <p
>Installed using apt-get, missing with aptitude
</p
>
5061 <blockquote
><p
>
5062 autopoint bomber bovo cantor cantor-backend-kalgebra cpp-
4.3 dcoprss
5063 edict espeak espeak-data eyesapplet fifteenapplet finger gettext
5064 ghostscript-x git gnome-audio gnugo granatier gs-common
5065 gstreamer0.10-pulseaudio indi kaddressbook-plugins kalgebra
5066 kalzium-data kanjidic kapman kate-plugins kblocks kbreakout kbstate
5067 kde-icons-mono kdeaccessibility kdeaddons-kfile-plugins
5068 kdeadmin-kfile-plugins kdeartwork-misc kdeartwork-theme-window
5069 kdeedu kdeedu-data kdeedu-kvtml-data kdegames kdegames-card-data
5070 kdegames-mahjongg-data kdegraphics-kfile-plugins kdelirc
5071 kdemultimedia-kfile-plugins kdenetwork-kfile-plugins
5072 kdepim-kfile-plugins kdepim-kio-plugins kdessh kdetoys kdewebdev
5073 kdiamond kdnssd kfilereplace kfourinline kgeography-data kigo
5074 killbots kiriki klettres-data kmoon kmrml knewsticker-scripts
5075 kollision kpf krosspython ksirk ksmserver ksquares kstars-data
5076 ksudoku kubrick kweather libasound2-plugins libboost-python1.42
.0
5077 libcfitsio3 libconvert-binhex-perl libcrypt-ssleay-perl libdb4.6++
5078 libdjvulibre-text libdotconf1.0 liberror-perl libespeak1
5079 libfinance-quote-perl libgail-common libgsl0ldbl libhtml-parser-perl
5080 libhtml-tableextract-perl libhtml-tagset-perl libhtml-tree-perl
5081 libio-stringy-perl libkdeedu4 libkdegames5 libkiten4 libkpathsea5
5082 libkrossui4 libmailtools-perl libmime-tools-perl
5083 libnews-nntpclient-perl libopenbabel3 libportaudio2 libpulse-browse0
5084 libservlet2.4-java libspeechd2 libtiff-tools libtimedate-perl
5085 libunistring0 liburi-perl libwww-perl libxalan2-java libxerces2-java
5086 lirc luatex marble networkstatus noatun-plugins
5087 openoffice.org-writer2latex palapeli palapeli-data parley
5088 parley-data poster psutils pulseaudio pulseaudio-esound-compat
5089 pulseaudio-module-x11 pulseaudio-utils quanta-data rocs rsync
5090 speech-dispatcher step svgalibg1 texlive-binaries texlive-luatex
5092 </p
></blockquote
>
5094 <p
>Installed using apt-get, removed with aptitude
</p
>
5096 <blockquote
><p
>
5097 amor artsbuilder atlantik atlantikdesigner blinken bluez-utils cvs
5098 dhcdbd djvulibre-desktop imlib-base imlib11 kalzium kanagram kandy
5099 kasteroids katomic kbackgammon kbattleship kblackbox kbounce kbruch
5100 kcron kdat kdemultimedia-kappfinder-data kdeprint kdict kdvi kedit
5101 keduca kenolaba kfax kfaxview kfouleggs kgeography kghostview
5102 kgoldrunner khangman khexedit kiconedit kig kimagemapeditor
5103 kitchensync kiten kjumpingcube klatin klettres klickety klines
5104 klinkstatus kmag kmahjongg kmailcvt kmenuedit kmid kmilo kmines
5105 kmousetool kmouth kmplot knetwalk kodo kolf kommander konquest kooka
5106 kpager kpat kpdf kpercentage kpilot kpoker kpovmodeler krec
5107 kregexpeditor kreversi ksame ksayit kshisen ksig ksim ksirc ksirtet
5108 ksmiletris ksnake ksokoban kspaceduel kstars ksvg ksysv kteatime
5109 ktip ktnef ktouch ktron kttsd ktuberling kturtle ktux kuickshow
5110 kverbos kview kviewshell kvoctrain kwifimanager kwin kwin4 kwordquiz
5111 kworldclock kxsldbg libakode2 libarts1-akode libarts1-audiofile
5112 libarts1-mpeglib libarts1-xine libavahi-compat-libdnssd1
5113 libavahi-core5 libavc1394-
0 libbind9-
50 libbluetooth2
5114 libboost-python1.34
.1 libcucul0 libcurl3 libcvsservice0
5115 libdirectfb-
1.0-
0 libdjvulibre21 libdvdread3 libfaad0 libfreebob0
5116 libgd2-noxpm libgraphviz4 libgsmme1c2a libgtkhtml2-
0 libicu38
5117 libiec61883-
0 libindex0 libisccc50 libisccfg50 libiw29
5118 libjaxp1.3-java-gcj libk3b3 libkcal2b libkcddb1 libkdeedu3
5119 libkdegames1 libkdepim1a libkgantt0 libkleopatra1 libkmime2
5120 libkpathsea4 libkpimexchange1 libkpimidentities1 libkscan1
5121 libksieve0 libktnef1 liblockdev1 libltdl3 liblwres50 libmagick10
5122 libmimelib1c2a libmodplug0c2 libmozjs1d libmpcdec3 libmpfr1ldbl
5123 libneon27 libnm-util0 libopensync0 libpisock9 libpoppler-glib3
5124 libpoppler-qt2 libpoppler3 libraw1394-
8 librss1 libsensors3
5125 libsmbios2 libssh2-
1 libsuitesparse-
3.1.0 libswfdec-
0.6-
90
5126 libtalloc1 libxalan2-java-gcj libxerces2-java-gcj libxtrap6 lskat
5127 mpeglib network-manager-kde noatun pmount tex-common texlive-base
5128 texlive-common texlive-doc-base texlive-fonts-recommended tidy
5129 ttf-dustin ttf-kochi-gothic ttf-sjfonts
5130 </p
></blockquote
>
5132 <p
>Installed using aptitude, missing with apt-get
</p
>
5134 <blockquote
><p
>
5135 dolphin kde-core kde-plasma-desktop kde-standard kde-window-manager
5136 kdeartwork kdebase kdebase-apps kdebase-workspace
5137 kdebase-workspace-bin kdebase-workspace-data kdeutils kscreensaver
5138 kscreensaver-xsavers libgle3 libkonq5 libkonq5-templates libnetpbm10
5139 netpbm plasma-widget-folderview plasma-widget-networkmanagement
5140 xscreensaver-data-extra xscreensaver-gl xscreensaver-gl-extra
5141 xscreensaver-screensaver-bsod
5142 </p
></blockquote
>
5144 <p
>Installed using aptitude, removed with apt-get
</p
>
5146 <blockquote
><p
>
5147 kdebase-bin konq-plugins konqueror
5148 </p
></blockquote
>
5153 <title>Gnash buildbot slave and Debian kfreebsd
</title>
5154 <link>http://people.skolelinux.org/pere/blog/Gnash_buildbot_slave_and_Debian_kfreebsd.html
</link>
5155 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Gnash_buildbot_slave_and_Debian_kfreebsd.html
</guid>
5156 <pubDate>Sat,
20 Nov
2010 07:
20:
00 +
0100</pubDate>
5157 <description><p
>Answering
5158 <a href=
"http://www.listware.net/
201011/gnash-dev/
67431-gnash-dev-buildbot-looking-for-slaves.html
">the
5159 call from the Gnash project
</a
> for
5160 <a href=
"http://www.gnashdev.org:
8010">buildbot
</a
> slaves to test the
5161 current source, I have set up a virtual KVM machine on the Debian
5162 Edu/Skolelinux virtualization host to test the git source on
5163 Debian/Squeeze. I hope this can help the developers in getting new
5164 releases out more often.
</p
>
5166 <p
>As the developers want less main-stream build platforms tested to,
5167 I have considered setting up a
<a
5168 href=
"http://www.debian.org/ports/kfreebsd-gnu/
">Debian/kfreebsd
</a
>
5169 machine as well. I have also considered using the kfreebsd
5170 architecture in Debian as a file server in NUUG to get access to the
5
5171 TB zfs volume we currently use to store DV video. Because of this, I
5172 finally got around to do a test installation of Debian/Squeeze with
5173 kfreebsd. Installation went fairly smooth, thought I noticed some
5174 visual glitches in the cdebconf dialogs (black cursor left on the
5175 screen at random locations). Have not gotten very far with the
5176 testing. Noticed cfdisk did not work, but fdisk did so it was not a
5177 fatal problem. Have to spend some more time on it to see if it is
5178 useful as a file server for NUUG. Will try to find time to set up a
5179 gnash buildbot slave on the Debian Edu/Skolelinux this weekend.
</p
>
5184 <title>Debian in
3D
</title>
5185 <link>http://people.skolelinux.org/pere/blog/Debian_in_3D.html
</link>
5186 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_in_3D.html
</guid>
5187 <pubDate>Tue,
9 Nov
2010 16:
10:
00 +
0100</pubDate>
5188 <description><p
><img src=
"http://thingiverse-production.s3.amazonaws.com/renders/
23/e0/c4/f9/
2b/debswagtdose_preview_medium.jpg
"></p
>
5190 <p
>3D printing is just great. I just came across this Debian logo in
5192 <a href=
"http://blog.thingiverse.com/
2010/
11/
09/participatory-branding/
">the
5193 thingiverse blog
</a
>.
</p
>
5198 <title>Software updates
2010-
10-
24</title>
5199 <link>http://people.skolelinux.org/pere/blog/Software_updates_2010_10_24.html
</link>
5200 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Software_updates_2010_10_24.html
</guid>
5201 <pubDate>Sun,
24 Oct
2010 22:
45:
00 +
0200</pubDate>
5202 <description><p
>Some updates.
</p
>
5204 <p
>My
<a href=
"http://pledgebank.com/gnash-avm2
">gnash pledge
</a
> to
5205 raise money for the project is going well. The lower limit of
10
5206 signers was reached in
24 hours, and so far
13 people have signed it.
5207 More signers and more funding is most welcome, and I am really curious
5208 how far we can get before the time limit of December
24 is reached.
5211 <p
>On the #gnash IRC channel on irc.freenode.net, I was just tipped
5212 about what appear to be a great code coverage tool capable of
5213 generating code coverage stats without any changes to the source code.
5215 <a href=
"http://simonkagstrom.github.com/kcov/index.html
">kcov
</a
>,
5216 and can be used using
<tt
>kcov
&lt;directory
&gt;
&lt;binary
&gt;
</tt
>.
5217 It is missing in Debian, but the git source built just fine in Squeeze
5218 after I installed libelf-dev, libdwarf-dev, pkg-config and
5219 libglib2.0-dev. Failed to build in Lenny, but suspect that is
5220 solvable. I hope kcov make it into Debian soon.
</p
>
5222 <p
>Finally found time to wrap up the release notes for
<a
5223 href=
"http://lists.debian.org/debian-edu-announce/
2010/
10/msg00002.html
">a
5224 new alpha release of Debian Edu
</a
>, and just published the second
5225 alpha test release of the Squeeze based Debian Edu /
5226 <a href=
"http://www.skolelinux.org/
">Skolelinux
</a
>
5227 release. Give it a try if you need a complete linux solution for your
5228 school, including central infrastructure server, workstations, thin
5229 client servers and diskless workstations. A nice touch added
5230 yesterday is RDP support on the thin client servers, for windows
5231 clients to get a Linux desktop on request.
</p
>
5236 <title>Some notes on Flash in Debian and Debian Edu
</title>
5237 <link>http://people.skolelinux.org/pere/blog/Some_notes_on_Flash_in_Debian_and_Debian_Edu.html
</link>
5238 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Some_notes_on_Flash_in_Debian_and_Debian_Edu.html
</guid>
5239 <pubDate>Sat,
4 Sep
2010 10:
10:
00 +
0200</pubDate>
5240 <description><p
>In the
<a href=
"http://popcon.debian.org/unknown/by_vote
">Debian
5241 popularity-contest numbers
</a
>, the adobe-flashplugin package the
5242 second most popular used package that is missing in Debian. The sixth
5243 most popular is flashplayer-mozilla. This is a clear indication that
5244 working flash is important for Debian users. Around
10 percent of the
5245 users submitting data to popcon.debian.org have this package
5246 installed.
</p
>
5248 <p
>In the report written by Lars Risan in August
2008
5249 («
<a href=
"http://wiki.skolelinux.no/Dokumentasjon/Rapporter?action=AttachFile
&do=view
&target=Skolelinux_i_bruk_rapport_1.0.pdf
">Skolelinux
5250 i bruk – Rapport for Hurum kommune, Universitetet i Agder og
5251 stiftelsen SLX Debian Labs
</a
>»), one of the most important problems
5252 schools experienced with
<a href=
"http://www.skolelinux.org/
">Debian
5253 Edu/Skolelinux
</a
> was the lack of working Flash. A lot of educational
5254 web sites require Flash to work, and lacking working Flash support in
5255 the web browser and the problems with installing it was perceived as a
5256 good reason to stay with Windows.
</p
>
5258 <p
>I once saw a funny and sad comment in a web forum, where Linux was
5259 said to be the retarded cousin that did not really understand
5260 everything you told him but could work fairly well. This was a
5261 comment regarding the problems Linux have with proprietary formats and
5262 non-standard web pages, and is sad because it exposes a fairly common
5263 understanding of whose fault it is if web pages that only work in for
5264 example Internet Explorer
6 fail to work on Firefox, and funny because
5265 it explain very well how annoying it is for users when Linux
5266 distributions do not work with the documents they receive or the web
5267 pages they want to visit.
</p
>
5269 <p
>This is part of the reason why I believe it is important for Debian
5270 and Debian Edu to have a well working Flash implementation in the
5271 distribution, to get at least popular sites as Youtube and Google
5272 Video to working out of the box. For Squeeze, Debian have the chance
5273 to include the latest version of Gnash that will make this happen, as
5274 the new release
0.8.8 was published a few weeks ago and is resting in
5275 unstable. The new version work with more sites that version
0.8.7.
5276 The Gnash maintainers have asked for a freeze exception, but the
5277 release team have not had time to reply to it yet. I hope they agree
5278 with me that Flash is important for the Debian desktop users, and thus
5279 accept the new package into Squeeze.
</p
>
5284 <title>Circular package dependencies harms apt recovery
</title>
5285 <link>http://people.skolelinux.org/pere/blog/Circular_package_dependencies_harms_apt_recovery.html
</link>
5286 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Circular_package_dependencies_harms_apt_recovery.html
</guid>
5287 <pubDate>Tue,
27 Jul
2010 23:
50:
00 +
0200</pubDate>
5288 <description><p
>I discovered this while doing
5289 <a href=
"http://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html
">automated
5290 testing of upgrades from Debian Lenny to Squeeze
</a
>. A few packages
5291 in Debian still got circular dependencies, and it is often claimed
5292 that apt and aptitude should be able to handle this just fine, but
5293 some times these dependency loops causes apt to fail.
</p
>
5295 <p
>An example is from todays
5296 <a href=
"http://people.skolelinux.org/~pere/debian-upgrade-testing//test-
20100727-lenny-squeeze-kde-aptitude.txt
">upgrade
5297 of KDE using aptitude
</a
>. In it, a bug in kdebase-workspace-data
5298 causes perl-modules to fail to upgrade. The cause is simple. If a
5299 package fail to unpack, then only part of packages with the circular
5300 dependency might end up being unpacked when unpacking aborts, and the
5301 ones already unpacked will fail to configure in the recovery phase
5302 because its dependencies are unavailable.
</p
>
5304 <p
>In this log, the problem manifest itself with this error:
</p
>
5306 <blockquote
><pre
>
5307 dpkg: dependency problems prevent configuration of perl-modules:
5308 perl-modules depends on perl (
>=
5.10.1-
1); however:
5309 Version of perl on system is
5.10.0-
19lenny
2.
5310 dpkg: error processing perl-modules (--configure):
5311 dependency problems - leaving unconfigured
5312 </pre
></blockquote
>
5314 <p
>The perl/perl-modules circular dependency is already
5315 <a href=
"http://bugs.debian.org/
527917">reported as a bug
</a
>, and will
5316 hopefully be solved as soon as possible, but it is not the only one,
5317 and each one of these loops in the dependency tree can cause similar
5318 failures. Of course, they only occur when there are bugs in other
5319 packages causing the unpacking to fail, but it is rather nasty when
5320 the failure of one package causes the problem to become worse because
5321 of dependency loops.
</p
>
5324 <a href=
"http://lists.debian.org/debian-devel/
2010/
06/msg00116.html
">the
5325 tireless effort by Bill Allombert
</a
>, the number of circular
5327 <a href=
"http://debian.semistable.com/debgraph.out.html
">left in Debian
5328 is dropping
</a
>, and perhaps it will reach zero one day. :)
</p
>
5330 <p
>Todays testing also exposed a bug in
5331 <a href=
"http://bugs.debian.org/
590605">update-notifier
</a
> and
5332 <a href=
"http://bugs.debian.org/
590604">different behaviour
</a
> between
5333 apt-get and aptitude, the latter possibly caused by some circular
5334 dependency. Reported both to BTS to try to get someone to look at
5340 <title>What are they searching for - PowerDNS and ISC DHCP in LDAP
</title>
5341 <link>http://people.skolelinux.org/pere/blog/What_are_they_searching_for___PowerDNS_and_ISC_DHCP_in_LDAP.html
</link>
5342 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/What_are_they_searching_for___PowerDNS_and_ISC_DHCP_in_LDAP.html
</guid>
5343 <pubDate>Sat,
17 Jul
2010 21:
00:
00 +
0200</pubDate>
5344 <description><p
>This is a
5345 <a href=
"http://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
">followup
</a
>
5347 <a href=
"http://people.skolelinux.org/pere/blog/Idea_for_a_change_to_LDAP_schemas_allowing_DNS_and_DHCP_info_to_be_combined_into_one_object.html
">previous
5349 <a href=
"http://people.skolelinux.org/pere/blog/Combining_PowerDNS_and_ISC_DHCP_LDAP_objects.html
">merging
5350 all
</a
> the computer related LDAP objects in Debian Edu.
</p
>
5352 <p
>As a step to try to see if it possible to merge the DNS and DHCP
5353 LDAP objects, I have had a look at how the packages pdns-backend-ldap
5354 and dhcp3-server-ldap in Debian use the LDAP server. The two
5355 implementations are quite different in how they use LDAP.
</p
>
5357 To get this information, I started slapd with debugging enabled and
5358 dumped the debug output to a file to get the LDAP searches performed
5359 on a Debian Edu main-server. Here is a summary.
5361 <p
><strong
>powerdns
</strong
></p
>
5363 <a href=
"http://www.linuxnetworks.de/doc/index.php/PowerDNS_LDAP_Backend
">Clues
5364 on how to
</a
> set up PowerDNS to use a LDAP backend is available on
5367 <p
>PowerDNS have two modes of operation using LDAP as its backend.
5368 One
"strict
" mode where the forward and reverse DNS lookups are done
5369 using the same LDAP objects, and a
"tree
" mode where the forward and
5370 reverse entries are in two different subtrees in LDAP with a structure
5371 based on the DNS names, as in tjener.intern and
5372 2.2.0.10.in-addr.arpa.
</p
>
5374 <p
>In tree mode, the server is set up to use a LDAP subtree as its
5375 base, and uses a
"base
" scoped search for the DNS name by adding
5376 "dc=tjener,dc=intern,
" to the base with a filter for
5377 "(associateddomain=tjener.intern)
" for the forward entry and
5378 "dc=
2,dc=
2,dc=
0,dc=
10,dc=in-addr,dc=arpa,
" with a filter for
5379 "(associateddomain=
2.2.0.10.in-addr.arpa)
" for the reverse entry. For
5380 forward entries, it is looking for attributes named dnsttl, arecord,
5381 nsrecord, cnamerecord, soarecord, ptrrecord, hinforecord, mxrecord,
5382 txtrecord, rprecord, afsdbrecord, keyrecord, aaaarecord, locrecord,
5383 srvrecord, naptrrecord, kxrecord, certrecord, dsrecord, sshfprecord,
5384 ipseckeyrecord, rrsigrecord, nsecrecord, dnskeyrecord, dhcidrecord,
5385 spfrecord and modifytimestamp. For reverse entries it is looking for
5386 the attributes dnsttl, arecord, nsrecord, cnamerecord, soarecord,
5387 ptrrecord, hinforecord, mxrecord, txtrecord, rprecord, aaaarecord,
5388 locrecord, srvrecord, naptrrecord and modifytimestamp. The equivalent
5389 ldapsearch commands could look like this:
</p
>
5391 <blockquote
><pre
>
5392 ldapsearch -h ldap \
5393 -b dc=tjener,dc=intern,ou=hosts,dc=skole,dc=skolelinux,dc=no \
5394 -s base -x
'(associateddomain=tjener.intern)
' dNSTTL aRecord nSRecord \
5395 cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord \
5396 rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord \
5397 nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord \
5398 rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp
5400 ldapsearch -h ldap \
5401 -b dc=
2,dc=
2,dc=
0,dc=
10,dc=in-addr,dc=arpa,ou=hosts,dc=skole,dc=skolelinux,dc=no \
5402 -s base -x
'(associateddomain=
2.2.0.10.in-addr.arpa)
'
5403 dnsttl, arecord, nsrecord, cnamerecord soarecord ptrrecord \
5404 hinforecord mxrecord txtrecord rprecord aaaarecord locrecord \
5405 srvrecord naptrrecord modifytimestamp
5406 </pre
></blockquote
>
5408 <p
>In Debian Edu/Lenny, the PowerDNS tree mode is used with
5409 ou=hosts,dc=skole,dc=skolelinux,dc=no as the base, and these are two
5410 example LDAP objects used there. In addition to these objects, the
5411 parent objects all th way up to ou=hosts,dc=skole,dc=skolelinux,dc=no
5412 also exist.
</p
>
5414 <blockquote
><pre
>
5415 dn: dc=tjener,dc=intern,ou=hosts,dc=skole,dc=skolelinux,dc=no
5417 objectclass: dnsdomain
5418 objectclass: domainrelatedobject
5421 associateddomain: tjener.intern
5423 dn: dc=
2,dc=
2,dc=
0,dc=
10,dc=in-addr,dc=arpa,ou=hosts,dc=skole,dc=skolelinux,dc=no
5425 objectclass: dnsdomain2
5426 objectclass: domainrelatedobject
5428 ptrrecord: tjener.intern
5429 associateddomain:
2.2.0.10.in-addr.arpa
5430 </pre
></blockquote
>
5432 <p
>In strict mode, the server behaves differently. When looking for
5433 forward DNS entries, it is doing a
"subtree
" scoped search with the
5434 same base as in the tree mode for a object with filter
5435 "(associateddomain=tjener.intern)
" and requests the attributes dnsttl,
5436 arecord, nsrecord, cnamerecord, soarecord, ptrrecord, hinforecord,
5437 mxrecord, txtrecord, rprecord, aaaarecord, locrecord, srvrecord,
5438 naptrrecord and modifytimestamp. For reverse entires it also do a
5439 subtree scoped search but this time the filter is
"(arecord=
10.0.2.2)
"
5440 and the requested attributes are associateddomain, dnsttl and
5441 modifytimestamp. In short, in strict mode the objects with ptrrecord
5442 go away, and the arecord attribute in the forward object is used
5445 <p
>The forward and reverse searches can be simulated using ldapsearch
5446 like this:
</p
>
5448 <blockquote
><pre
>
5449 ldapsearch -h ldap -b ou=hosts,dc=skole,dc=skolelinux,dc=no -s sub -x \
5450 '(associateddomain=tjener.intern)
' dNSTTL aRecord nSRecord \
5451 cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord \
5452 rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord \
5453 nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord \
5454 rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp
5456 ldapsearch -h ldap -b ou=hosts,dc=skole,dc=skolelinux,dc=no -s sub -x \
5457 '(arecord=
10.0.2.2)
' associateddomain dnsttl modifytimestamp
5458 </pre
></blockquote
>
5460 <p
>In addition to the forward and reverse searches , there is also a
5461 search for SOA records, which behave similar to the forward and
5462 reverse lookups.
</p
>
5464 <p
>A thing to note with the PowerDNS behaviour is that it do not
5465 specify any objectclass names, and instead look for the attributes it
5466 need to generate a DNS reply. This make it able to work with any
5467 objectclass that provide the needed attributes.
</p
>
5469 <p
>The attributes are normally provided in the cosine (RFC
1274) and
5470 dnsdomain2 schemas. The latter is used for reverse entries like
5471 ptrrecord and recent DNS additions like aaaarecord and srvrecord.
</p
>
5473 <p
>In Debian Edu, we have created DNS objects using the object classes
5474 dcobject (for dc), dnsdomain or dnsdomain2 (structural, for the DNS
5475 attributes) and domainrelatedobject (for associatedDomain). The use
5476 of structural object classes make it impossible to combine these
5477 classes with the object classes used by DHCP.
</p
>
5479 <p
>There are other schemas that could be used too, for example the
5480 dnszone structural object class used by Gosa and bind-sdb for the DNS
5481 attributes combined with the domainrelatedobject object class, but in
5482 this case some unused attributes would have to be included as well
5483 (zonename and relativedomainname).
</p
>
5485 <p
>My proposal for Debian Edu would be to switch PowerDNS to strict
5486 mode and not use any of the existing objectclasses (dnsdomain,
5487 dnsdomain2 and dnszone) when one want to combine the DNS information
5488 with DHCP information, and instead create a auxiliary object class
5489 defined something like this (using the attributes defined for
5490 dnsdomain and dnsdomain2 or dnszone):
</p
>
5492 <blockquote
><pre
>
5493 objectclass ( some-oid NAME
'dnsDomainAux
'
5496 MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord $ CNAMERecord $
5497 DNSTTL $ DNSClass $ PTRRecord $ HINFORecord $ MINFORecord $
5498 TXTRecord $ SIGRecord $ KEYRecord $ AAAARecord $ LOCRecord $
5499 NXTRecord $ SRVRecord $ NAPTRRecord $ KXRecord $ CERTRecord $
5500 A6Record $ DNAMERecord
5502 </pre
></blockquote
>
5504 <p
>This will allow any object to become a DNS entry when combined with
5505 the domainrelatedobject object class, and allow any entity to include
5506 all the attributes PowerDNS wants. I
've sent an email to the PowerDNS
5507 developers asking for their view on this schema and if they are
5508 interested in providing such schema with PowerDNS, and I hope my
5509 message will be accepted into their mailing list soon.
</p
>
5511 <p
><strong
>ISC dhcp
</strong
></p
>
5513 <p
>The DHCP server searches for specific objectclass and requests all
5514 the object attributes, and then uses the attributes it want. This
5515 make it harder to figure out exactly what attributes are used, but
5516 thanks to the working example in Debian Edu I can at least get an idea
5517 what is needed without having to read the source code.
</p
>
5519 <p
>In the DHCP server configuration, the LDAP base to use and the
5520 search filter to use to locate the correct dhcpServer entity is
5521 stored. These are the relevant entries from
5522 /etc/dhcp3/dhcpd.conf:
</p
>
5524 <blockquote
><pre
>
5525 ldap-base-dn
"dc=skole,dc=skolelinux,dc=no
";
5526 ldap-dhcp-server-cn
"dhcp
";
5527 </pre
></blockquote
>
5529 <p
>The DHCP server uses this information to nest all the DHCP
5530 configuration it need. The cn
"dhcp
" is located using the given LDAP
5531 base and the filter
"(
&(objectClass=dhcpServer)(cn=dhcp))
". The
5532 search result is this entry:
</p
>
5534 <blockquote
><pre
>
5535 dn: cn=dhcp,dc=skole,dc=skolelinux,dc=no
5538 objectClass: dhcpServer
5539 dhcpServiceDN: cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
5540 </pre
></blockquote
>
5542 <p
>The content of the dhcpServiceDN attribute is next used to locate the
5543 subtree with DHCP configuration. The DHCP configuration subtree base
5544 is located using a base scope search with base
"cn=DHCP
5545 Config,dc=skole,dc=skolelinux,dc=no
" and filter
5546 "(
&(objectClass=dhcpService)(|(dhcpPrimaryDN=cn=dhcp,dc=skole,dc=skolelinux,dc=no)(dhcpSecondaryDN=cn=dhcp,dc=skole,dc=skolelinux,dc=no)))
".
5547 The search result is this entry:
</p
>
5549 <blockquote
><pre
>
5550 dn: cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
5553 objectClass: dhcpService
5554 objectClass: dhcpOptions
5555 dhcpPrimaryDN: cn=dhcp, dc=skole,dc=skolelinux,dc=no
5556 dhcpStatements: ddns-update-style none
5557 dhcpStatements: authoritative
5558 dhcpOption: smtp-server code
69 = array of ip-address
5559 dhcpOption: www-server code
72 = array of ip-address
5560 dhcpOption: wpad-url code
252 = text
5561 </pre
></blockquote
>
5563 <p
>Next, the entire subtree is processed, one level at the time. When
5564 all the DHCP configuration is loaded, it is ready to receive requests.
5565 The subtree in Debian Edu contain objects with object classes
5566 top/dhcpService/dhcpOptions, top/dhcpSharedNetwork/dhcpOptions,
5567 top/dhcpSubnet, top/dhcpGroup and top/dhcpHost. These provide options
5568 and information about netmasks, dynamic range etc. Leaving out the
5569 details here because it is not relevant for the focus of my
5570 investigation, which is to see if it is possible to merge dns and dhcp
5571 related computer objects.
</p
>
5573 <p
>When a DHCP request come in, LDAP is searched for the MAC address
5574 of the client (
00:
00:
00:
00:
00:
00 in this example), using a subtree
5575 scoped search with
"cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
" as
5576 the base and
"(
&(objectClass=dhcpHost)(dhcpHWAddress=ethernet
5577 00:
00:
00:
00:
00:
00))
" as the filter. This is what a host object look
5580 <blockquote
><pre
>
5581 dn: cn=hostname,cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
5584 objectClass: dhcpHost
5585 dhcpHWAddress: ethernet
00:
00:
00:
00:
00:
00
5586 dhcpStatements: fixed-address hostname
5587 </pre
></blockquote
>
5589 <p
>There is less flexiblity in the way LDAP searches are done here.
5590 The object classes need to have fixed names, and the configuration
5591 need to be stored in a fairly specific LDAP structure. On the
5592 positive side, the invidiual dhcpHost entires can be anywhere without
5593 the DN pointed to by the dhcpServer entries. The latter should make
5594 it possible to group all host entries in a subtree next to the
5595 configuration entries, and this subtree can also be shared with the
5596 DNS server if the schema proposed above is combined with the dhcpHost
5597 structural object class.
5599 <p
><strong
>Conclusion
</strong
></p
>
5601 <p
>The PowerDNS implementation seem to be very flexible when it come
5602 to which LDAP schemas to use. While its
"tree
" mode is rigid when it
5603 come to the the LDAP structure, the
"strict
" mode is very flexible,
5604 allowing DNS objects to be stored anywhere under the base cn specified
5605 in the configuration.
</p
>
5607 <p
>The DHCP implementation on the other hand is very inflexible, both
5608 regarding which LDAP schemas to use and which LDAP structure to use.
5609 I guess one could implement ones own schema, as long as the
5610 objectclasses and attributes have the names used, but this do not
5611 really help when the DHCP subtree need to have a fairly fixed
5612 structure.
</p
>
5614 <p
>Based on the observed behaviour, I suspect a LDAP structure like
5615 this might work for Debian Edu:
</p
>
5617 <blockquote
><pre
>
5619 cn=machine-info (dhcpService) - dhcpServiceDN points here
5620 cn=dhcp (dhcpServer)
5621 cn=dhcp-internal (dhcpSharedNetwork/dhcpOptions)
5622 cn=
10.0.2.0 (dhcpSubnet)
5623 cn=group1 (dhcpGroup/dhcpOptions)
5624 cn=dhcp-thinclients (dhcpSharedNetwork/dhcpOptions)
5625 cn=
192.168.0.0 (dhcpSubnet)
5626 cn=group1 (dhcpGroup/dhcpOptions)
5627 ou=machines - PowerDNS base points here
5628 cn=hostname (dhcpHost/domainrelatedobject/dnsDomainAux)
5629 </pre
></blockquote
>
5631 <P
>This is not tested yet. If the DHCP server require the dhcpHost
5632 entries to be in the dhcpGroup subtrees, the entries can be stored
5633 there instead of a common machines subtree, and the PowerDNS base
5634 would have to be moved one level up to the machine-info subtree.
</p
>
5636 <p
>The combined object under the machines subtree would look something
5637 like this:
</p
>
5639 <blockquote
><pre
>
5640 dn: dc=hostname,ou=machines,cn=machine-info,dc=skole,dc=skolelinux,dc=no
5643 objectClass: dhcpHost
5644 objectclass: domainrelatedobject
5645 objectclass: dnsDomainAux
5646 associateddomain: hostname.intern
5647 arecord:
10.11.12.13
5648 dhcpHWAddress: ethernet
00:
00:
00:
00:
00:
00
5649 dhcpStatements: fixed-address hostname.intern
5650 </pre
></blockquote
>
5652 </p
>One could even add the LTSP configuration associated with a given
5653 machine, as long as the required attributes are available in a
5654 auxiliary object class.
</p
>
5659 <title>Combining PowerDNS and ISC DHCP LDAP objects
</title>
5660 <link>http://people.skolelinux.org/pere/blog/Combining_PowerDNS_and_ISC_DHCP_LDAP_objects.html
</link>
5661 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Combining_PowerDNS_and_ISC_DHCP_LDAP_objects.html
</guid>
5662 <pubDate>Wed,
14 Jul
2010 23:
45:
00 +
0200</pubDate>
5663 <description><p
>For a while now, I have wanted to find a way to change the DNS and
5664 DHCP services in Debian Edu to use the same LDAP objects for a given
5665 computer, to avoid the possibility of having a inconsistent state for
5666 a computer in LDAP (as in DHCP but no DNS entry or the other way
5667 around) and make it easier to add computers to LDAP.
</p
>
5669 <p
>I
've looked at how powerdns and dhcpd is using LDAP, and using this
5670 information finally found a solution that seem to work.
</p
>
5672 <p
>The old setup required three LDAP objects for a given computer.
5673 One forward DNS entry, one reverse DNS entry and one DHCP entry. If
5674 we switch powerdns to use its strict LDAP method (ldap-method=strict
5675 in pdns-debian-edu.conf), the forward and reverse DNS entries are
5676 merged into one while making it impossible to transfer the reverse map
5677 to a slave DNS server.
</p
>
5679 <p
>If we also replace the object class used to get the DNS related
5680 attributes to one allowing these attributes to be combined with the
5681 dhcphost object class, we can merge the DNS and DHCP entries into one.
5682 I
've written such object class in the dnsdomainaux.schema file (need
5683 proper OIDs, but that is a minor issue), and tested the setup. It
5684 seem to work.
</p
>
5686 <p
>With this test setup in place, we can get away with one LDAP object
5687 for both DNS and DHCP, and even the LTSP configuration I suggested in
5688 an earlier email. The combined LDAP object will look something like
5691 <blockquote
><pre
>
5692 dn: cn=hostname,cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
5694 objectClass: dhcphost
5695 objectclass: domainrelatedobject
5696 objectclass: dnsdomainaux
5697 associateddomain: hostname.intern
5698 arecord:
10.11.12.13
5699 dhcphwaddress: ethernet
00:
00:
00:
00:
00:
00
5700 dhcpstatements: fixed-address hostname
5702 </pre
></blockquote
>
5704 <p
>The DNS server uses the associateddomain and arecord entries, while
5705 the DHCP server uses the dhcphwaddress and dhcpstatements entries
5706 before asking DNS to resolve the fixed-adddress. LTSP will use
5707 dhcphwaddress or associateddomain and the ldapconfig* attributes.
</p
>
5709 <p
>I am not yet sure if I can get the DHCP server to look for its
5710 dhcphost in a different location, to allow us to put the objects
5711 outside the
"DHCP Config
" subtree, but hope to figure out a way to do
5712 that. If I can
't figure out a way to do that, we can still get rid of
5713 the hosts subtree and move all its content into the DHCP Config tree
5714 (which probably should be renamed to be more related to the new
5715 content. I suspect cn=dnsdhcp,ou=services or something like that
5716 might be a good place to put it.
</p
>
5718 <p
>If you want to help out with implementing this for Debian Edu,
5719 please contact us on debian-edu@lists.debian.org.
</p
>
5724 <title>Idea for storing LTSP configuration in LDAP
</title>
5725 <link>http://people.skolelinux.org/pere/blog/Idea_for_storing_LTSP_configuration_in_LDAP.html
</link>
5726 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Idea_for_storing_LTSP_configuration_in_LDAP.html
</guid>
5727 <pubDate>Sun,
11 Jul
2010 22:
00:
00 +
0200</pubDate>
5728 <description><p
>Vagrant mentioned on IRC today that ltsp_config now support
5729 sourcing files from /usr/share/ltsp/ltsp_config.d/ on the thin
5730 clients, and that this can be used to fetch configuration from LDAP if
5731 Debian Edu choose to store configuration there.
</p
>
5733 <p
>Armed with this information, I got inspired and wrote a test module
5734 to get configuration from LDAP. The idea is to look up the MAC
5735 address of the client in LDAP, and look for attributes on the form
5736 ltspconfigsetting=value, and use this to export SETTING=value to the
5737 LTSP clients.
</p
>
5739 <p
>The goal is to be able to store the LTSP configuration attributes
5740 in a
"computer
" LDAP object used by both DNS and DHCP, and thus
5741 allowing us to store all information about a computer in one place.
</p
>
5743 <p
>This is a untested draft implementation, and I welcome feedback on
5744 this approach. A real LDAP schema for the ltspClientAux objectclass
5745 need to be written. Comments, suggestions, etc?
</p
>
5747 <blockquote
><pre
>
5748 # Store in /opt/ltsp/$arch/usr/share/ltsp/ltsp_config.d/ldap-config
5750 # Fetch LTSP client settings from LDAP based on MAC address
5752 # Uses ethernet address as stored in the dhcpHost objectclass using
5753 # the dhcpHWAddress attribute or ethernet address stored in the
5754 # ieee802Device objectclass with the macAddress attribute.
5756 # This module is written to be schema agnostic, and only depend on the
5757 # existence of attribute names.
5759 # The LTSP configuration variables are saved directly using a
5760 # ltspConfig prefix and uppercasing the rest of the attribute name.
5761 # To set the SERVER variable, set the ltspConfigServer attribute.
5763 # Some LDAP schema should be created with all the relevant
5764 # configuration settings. Something like this should work:
5766 # objectclass (
1.1.2.2 NAME
'ltspClientAux
'
5769 # MAY ( ltspConfigServer $ ltsConfigSound $ ... )
5771 LDAPSERVER=$(debian-edu-ldapserver)
5772 if [
"$LDAPSERVER
" ] ; then
5773 LDAPBASE=$(debian-edu-ldapserver -b)
5774 for MAC in $(LANG=C ifconfig |grep -i hwaddr| awk
'{print $
5}
'|sort -u) ; do
5775 filter=
"(|(dhcpHWAddress=ethernet $MAC)(macAddress=$MAC))
"
5776 ldapsearch -h
"$LDAPSERVER
" -b
"$LDAPBASE
" -v -x
"$filter
" | \
5777 grep
'^ltspConfig
' | while read attr value ; do
5778 # Remove prefix and convert to upper case
5779 attr=$(echo $attr | sed
's/^ltspConfig//i
' | tr a-z A-Z)
5780 # bass value on to clients
5781 eval
"$attr=$value; export $attr
"
5785 </pre
></blockquote
>
5787 <p
>I
'm not sure this shell construction will work, because I suspect
5788 the while block might end up in a subshell causing the variables set
5789 there to not show up in ltsp-config, but if that is the case I am sure
5790 the code can be restructured to make sure the variables are passed on.
5791 I expect that can be solved with some testing. :)
</p
>
5793 <p
>If you want to help out with implementing this for Debian Edu,
5794 please contact us on debian-edu@lists.debian.org.
</p
>
5796 <p
>Update
2010-
07-
17: I am aware of another effort to store LTSP
5797 configuration in LDAP that was created around year
2000 by
5798 <a href=
"http://www.pcxperience.com/thinclient/documentation/ldap.html
">PC
5799 Xperience, Inc.,
2000</a
>. I found its
5800 <a href=
"http://people.redhat.com/alikins/ltsp/ldap/
">files
</a
> on a
5801 personal home page over at redhat.com.
</p
>
5806 <title>jXplorer, a very nice LDAP GUI
</title>
5807 <link>http://people.skolelinux.org/pere/blog/jXplorer__a_very_nice_LDAP_GUI.html
</link>
5808 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/jXplorer__a_very_nice_LDAP_GUI.html
</guid>
5809 <pubDate>Fri,
9 Jul
2010 12:
55:
00 +
0200</pubDate>
5810 <description><p
>Since
5811 <a href=
"http://people.skolelinux.org/pere/blog/LUMA__a_very_nice_LDAP_GUI.html
">my
5812 last post
</a
> about available LDAP tools in Debian, I was told about a
5813 LDAP GUI that is even better than luma. The java application
5814 <a href=
"http://jxplorer.org/
">jXplorer
</a
> is claimed to be capable of
5815 moving LDAP objects and subtrees using drag-and-drop, and can
5816 authenticate using Kerberos. I have only tested the Kerberos
5817 authentication, but do not have a LDAP setup allowing me to rewrite
5818 LDAP with my test user yet. It is
5819 <a href=
"http://packages.qa.debian.org/j/jxplorer.html
">available in
5820 Debian
</a
> testing and unstable at the moment. The only problem I
5821 have with it is how it handle errors. If something go wrong, its
5822 non-intuitive behaviour require me to go through some query work list
5823 and remove the failing query. Nothing big, but very annoying.
</p
>
5828 <title>Lenny-
>Squeeze upgrades, apt vs aptitude with the Gnome desktop
</title>
5829 <link>http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__apt_vs_aptitude_with_the_Gnome_desktop.html
</link>
5830 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__apt_vs_aptitude_with_the_Gnome_desktop.html
</guid>
5831 <pubDate>Sat,
3 Jul
2010 23:
55:
00 +
0200</pubDate>
5832 <description><p
>Here is a short update on my
<a
5833 href=
"http://people.skolelinux.org/~pere/debian-upgrade-testing/
">my
5834 Debian Lenny-
>Squeeze upgrade testing
</a
>. Here is a summary of the
5835 difference for Gnome when it is upgraded by apt-get and aptitude. I
'm
5836 not reporting the status for KDE, because the upgrade crashes when
5837 aptitude try because of missing conflicts
5838 (
<a href=
"http://bugs.debian.org/
584861">#
584861</a
> and
5839 <a href=
"http://bugs.debian.org/
585716">#
585716</a
>).
</p
>
5841 <p
>At the end of the upgrade test script, dpkg -l is executed to get a
5842 complete list of the installed packages. Based on this I see these
5843 differences when I did a test run today. As usual, I do not really
5844 know what the correct set of packages would be, but thought it best to
5845 publish the difference.
</p
>
5847 <p
>Installed using apt-get, missing with aptitude
</p
>
5849 <blockquote
><p
>
5850 at-spi cpp-
4.3 finger gnome-spell gstreamer0.10-gnomevfs
5851 libatspi1.0-
0 libcupsys2 libeel2-data libgail-common libgdl-
1-common
5852 libgnomeprint2.2-data libgnomeprintui2.2-common libgnomevfs2-bin
5853 libgtksourceview-common libpt-
1.10.10-plugins-alsa
5854 libpt-
1.10.10-plugins-v4l libservlet2.4-java libxalan2-java
5855 libxerces2-java openoffice.org-writer2latex openssl-blacklist p7zip
5856 python-
4suite-xml python-eggtrayicon python-gtkhtml2
5857 python-gtkmozembed svgalibg1 xserver-xephyr zip
5858 </p
></blockquote
>
5860 <p
>Installed using apt-get, removed with aptitude
</p
>
5862 <blockquote
><p
>
5863 bluez-utils dhcdbd djvulibre-desktop epiphany-gecko
5864 gnome-app-install gnome-mount gnome-vfs-obexftp gnome-volume-manager
5865 libao2 libavahi-compat-libdnssd1 libavahi-core5 libbind9-
50
5866 libbluetooth2 libcamel1.2-
11 libcdio7 libcucul0 libcurl3
5867 libdirectfb-
1.0-
0 libdvdread3 libedata-cal1.2-
6 libedataserver1.2-
9
5868 libeel2-
2.20 libepc-
1.0-
1 libepc-ui-
1.0-
1 libexchange-storage1.2-
3
5869 libfaad0 libgd2-noxpm libgda3-
3 libgda3-common libggz2 libggzcore9
5870 libggzmod4 libgksu1.2-
0 libgksuui1.0-
1 libgmyth0 libgnome-desktop-
2
5871 libgnome-pilot2 libgnomecups1.0-
1 libgnomeprint2.2-
0
5872 libgnomeprintui2.2-
0 libgpod3 libgraphviz4 libgtkhtml2-
0
5873 libgtksourceview1.0-
0 libgucharmap6 libhesiod0 libicu38 libisccc50
5874 libisccfg50 libiw29 libkpathsea4 libltdl3 liblwres50 libmagick++
10
5875 libmagick10 libmalaga7 libmtp7 libmysqlclient15off libnautilus-burn4
5876 libneon27 libnm-glib0 libnm-util0 libopal-
2.2 libosp5
5877 libparted1.8-
10 libpisock9 libpisync1 libpoppler-glib3 libpoppler3
5878 libpt-
1.10.10 libraw1394-
8 libsensors3 libsmbios2 libsoup2.2-
8
5879 libssh2-
1 libsuitesparse-
3.1.0 libswfdec-
0.6-
90 libtalloc1
5880 libtotem-plparser10 libtrackerclient0 libvoikko1 libxalan2-java-gcj
5881 libxerces2-java-gcj libxklavier12 libxtrap6 libxxf86misc1 libzephyr3
5882 mysql-common swfdec-gnome totem-gstreamer wodim
5883 </p
></blockquote
>
5885 <p
>Installed using aptitude, missing with apt-get
</p
>
5887 <blockquote
><p
>
5888 gnome gnome-desktop-environment hamster-applet python-gnomeapplet
5889 python-gnomekeyring python-wnck rhythmbox-plugins xorg
5890 xserver-xorg-input-all xserver-xorg-input-evdev
5891 xserver-xorg-input-kbd xserver-xorg-input-mouse
5892 xserver-xorg-input-synaptics xserver-xorg-video-all
5893 xserver-xorg-video-apm xserver-xorg-video-ark xserver-xorg-video-ati
5894 xserver-xorg-video-chips xserver-xorg-video-cirrus
5895 xserver-xorg-video-dummy xserver-xorg-video-fbdev
5896 xserver-xorg-video-glint xserver-xorg-video-i128
5897 xserver-xorg-video-i740 xserver-xorg-video-mach64
5898 xserver-xorg-video-mga xserver-xorg-video-neomagic
5899 xserver-xorg-video-nouveau xserver-xorg-video-nv
5900 xserver-xorg-video-r128 xserver-xorg-video-radeon
5901 xserver-xorg-video-radeonhd xserver-xorg-video-rendition
5902 xserver-xorg-video-s3 xserver-xorg-video-s3virge
5903 xserver-xorg-video-savage xserver-xorg-video-siliconmotion
5904 xserver-xorg-video-sis xserver-xorg-video-sisusb
5905 xserver-xorg-video-tdfx xserver-xorg-video-tga
5906 xserver-xorg-video-trident xserver-xorg-video-tseng
5907 xserver-xorg-video-vesa xserver-xorg-video-vmware
5908 xserver-xorg-video-voodoo
5909 </p
></blockquote
>
5911 <p
>Installed using aptitude, removed with apt-get
</p
>
5913 <blockquote
><p
>
5914 deskbar-applet xserver-xorg xserver-xorg-core
5915 xserver-xorg-input-wacom xserver-xorg-video-intel
5916 xserver-xorg-video-openchrome
5917 </p
></blockquote
>
5919 <p
>I was told on IRC that the xorg-xserver package was
5920 <a href=
"http://git.debian.org/?p=pkg-xorg/xserver/xorg-server.git;a=commit;h=
9c8080d06c457932d3bfec021c69ac000aa60120
">changed
5921 in git
</a
> today to try to get apt-get to not remove xorg completely.
5922 No idea when it hits Squeeze, but when it does I hope it will reduce
5923 the difference somewhat.
5928 <title>LUMA, a very nice LDAP GUI
</title>
5929 <link>http://people.skolelinux.org/pere/blog/LUMA__a_very_nice_LDAP_GUI.html
</link>
5930 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/LUMA__a_very_nice_LDAP_GUI.html
</guid>
5931 <pubDate>Mon,
28 Jun
2010 00:
30:
00 +
0200</pubDate>
5932 <description><p
>The last few days I have been looking into the status of the LDAP
5933 directory in Debian Edu, and in the process I started to miss a GUI
5934 tool to browse the LDAP tree. The only one I was able to find in
5935 Debian/Squeeze and Lenny is
5936 <a href=
"http://luma.sourceforge.net/
">LUMA
</a
>, which has proved to
5937 be a great tool to get a overview of the current LDAP directory
5938 populated by default in Skolelinux. Thanks to it, I have been able to
5939 find empty and obsolete subtrees, misplaced objects and duplicate
5940 objects. It will be installed by default in Debian/Squeeze. If you
5941 are working with LDAP, give it a go. :)
</p
>
5943 <p
>I did notice one problem with it I have not had time to report to
5944 the BTS yet. There is no .desktop file in the package, so the tool do
5945 not show up in the Gnome and KDE menus, but only deep down in in the
5946 Debian submenu in KDE. I hope that can be fixed before Squeeze is
5949 <p
>I have not yet been able to get it to modify the tree yet. I would
5950 like to move objects and remove subtrees directly in the GUI, but have
5951 not found a way to do that with LUMA yet. So in the mean time, I use
5952 <a href=
"http://www.lichteblau.com/ldapvi/
">ldapvi
</a
> for that.
</p
>
5954 <p
>If you have tips on other GUI tools for LDAP that might be useful
5955 in Debian Edu, please contact us on debian-edu@lists.debian.org.
</p
>
5957 <p
>Update
2010-
06-
29: Ross Reedstrom tipped us about the
5958 <a href=
"http://packages.qa.debian.org/g/gq.html
">gq
</a
> package as a
5959 useful GUI alternative. It seem like a good tool, but is unmaintained
5960 in Debian and got a RC bug keeping it out of Squeeze. Unless that
5961 changes, it will not be an option for Debian Edu based on Squeeze.
</p
>
5966 <title>Idea for a change to LDAP schemas allowing DNS and DHCP info to be combined into one object
</title>
5967 <link>http://people.skolelinux.org/pere/blog/Idea_for_a_change_to_LDAP_schemas_allowing_DNS_and_DHCP_info_to_be_combined_into_one_object.html
</link>
5968 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Idea_for_a_change_to_LDAP_schemas_allowing_DNS_and_DHCP_info_to_be_combined_into_one_object.html
</guid>
5969 <pubDate>Thu,
24 Jun
2010 00:
35:
00 +
0200</pubDate>
5970 <description><p
>A while back, I
5971 <a href=
"http://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
">complained
5972 about the fact
</a
> that it is not possible with the provided schemas
5973 for storing DNS and DHCP information in LDAP to combine the two sets
5974 of information into one LDAP object representing a computer.
</p
>
5976 <p
>In the mean time, I discovered that a simple fix would be to make
5977 the dhcpHost object class auxiliary, to allow it to be combined with
5978 the dNSDomain object class, and thus forming one object for one
5979 computer when storing both DHCP and DNS information in LDAP.
</p
>
5981 <p
>If I understand this correctly, it is not safe to do this change
5982 without also changing the assigned number for the object class, and I
5983 do not know enough about LDAP schema design to do that properly for
5984 Debian Edu.
</p
>
5986 <p
>Anyway, for future reference, this is how I believe we could change
5988 <a href=
"http://tools.ietf.org/html/draft-ietf-dhc-ldap-schema-
00">DHCP
5989 schema
</a
> to solve at least part of the problem with the LDAP schemas
5990 available today from IETF.
</p
>
5993 --- dhcp.schema (revision
65192)
5994 +++ dhcp.schema (working copy)
5996 objectclass (
2.16.840.1.113719.1.203.6.6
5997 NAME
'dhcpHost
'
5998 DESC
'This represents information about a particular client
'
6002 MAY (dhcpLeaseDN $ dhcpHWAddress $ dhcpOptionsDN $ dhcpStatements $ dhcpComments $ dhcpOption)
6003 X-NDS_CONTAINMENT (
'dhcpService
' 'dhcpSubnet
' 'dhcpGroup
') )
6006 <p
>I very much welcome clues on how to do this properly for Debian
6007 Edu/Squeeze. We provide the DHCP schema in our debian-edu-config
6008 package, and should thus be free to rewrite it as we see fit.
</p
>
6010 <p
>If you want to help out with implementing this for Debian Edu,
6011 please contact us on debian-edu@lists.debian.org.
</p
>
6016 <title>Calling tasksel like the installer, while still getting useful output
</title>
6017 <link>http://people.skolelinux.org/pere/blog/Calling_tasksel_like_the_installer__while_still_getting_useful_output.html
</link>
6018 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Calling_tasksel_like_the_installer__while_still_getting_useful_output.html
</guid>
6019 <pubDate>Wed,
16 Jun
2010 14:
55:
00 +
0200</pubDate>
6020 <description><p
>A few times I have had the need to simulate the way tasksel
6021 installs packages during the normal debian-installer run. Until now,
6022 I have ended up letting tasksel do the work, with the annoying problem
6023 of not getting any feedback at all when something fails (like a
6024 conffile question from dpkg or a download that fails), using code like
6027 <blockquote
><pre
>
6028 export DEBIAN_FRONTEND=noninteractive
6029 tasksel --new-install
6030 </pre
></blockquote
>
6032 This would invoke tasksel, let its automatic task selection pick the
6033 tasks to install, and continue to install the requested tasks without
6034 any output what so ever.
6036 Recently I revisited this problem while working on the automatic
6037 package upgrade testing, because tasksel would some times hang without
6038 any useful feedback, and I want to see what is going on when it
6039 happen. Then it occured to me, I can parse the output from tasksel
6040 when asked to run in test mode, and use that aptitude command line
6041 printed by tasksel then to simulate the tasksel run. I ended up using
6044 <blockquote
><pre
>
6045 export DEBIAN_FRONTEND=noninteractive
6046 cmd=
"$(in_target tasksel -t --new-install | sed
's/debconf-apt-progress -- //
')
"
6048 </pre
></blockquote
>
6050 <p
>The content of $cmd is typically something like
"<tt
>aptitude -q
6051 --without-recommends -o APT::Install-Recommends=no -y install
6052 ~t^desktop$ ~t^gnome-desktop$ ~t^laptop$ ~pstandard ~prequired
6053 ~pimportant
</tt
>", which will install the gnome desktop task, the
6054 laptop task and all packages with priority standard , required and
6055 important, just like tasksel would have done it during
6056 installation.
</p
>
6058 <p
>A better approach is probably to extend tasksel to be able to
6059 install packages without using debconf-apt-progress, for use cases
6060 like this.
</p
>
6065 <title>Lenny-
>Squeeze upgrades, removals by apt and aptitude
</title>
6066 <link>http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__removals_by_apt_and_aptitude.html
</link>
6067 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__removals_by_apt_and_aptitude.html
</guid>
6068 <pubDate>Sun,
13 Jun
2010 09:
05:
00 +
0200</pubDate>
6069 <description><p
>My
6070 <a href=
"http://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html
">testing
6071 of Debian upgrades
</a
> from Lenny to Squeeze continues, and I
've
6072 finally made the upgrade logs available from
6073 <a href=
"http://people.skolelinux.org/pere/debian-upgrade-testing/
">http://people.skolelinux.org/pere/debian-upgrade-testing/
</a
>.
6074 I am now testing dist-upgrade of Gnome and KDE in a chroot using both
6075 apt and aptitude, and found their differences interesting. This time
6076 I will only focus on their removal plans.
</p
>
6078 <p
>After installing a Gnome desktop and the laptop task, apt-get wants
6079 to remove
72 packages when dist-upgrading from Lenny to Squeeze. The
6080 surprising part is that it want to remove xorg and all
6081 xserver-xorg-video* drivers. Clearly not a good choice, but I am not
6082 sure why. When asking aptitude to do the same, it want to remove
129
6083 packages, but most of them are library packages I suspect are no
6084 longer needed. Both of them want to remove bluetooth packages, which
6085 I do not know. Perhaps these bluetooth packages are obsolete?
</p
>
6087 <p
>For KDE, apt-get want to remove
82 packages, among them kdebase
6088 which seem like a bad idea and xorg the same way as with Gnome. Asking
6089 aptitude for the same, it wants to remove
192 packages, none which are
6090 too surprising.
</p
>
6092 <p
>I guess the removal of xorg during upgrades should be investigated
6093 and avoided, and perhaps others as well. Here are the complete list
6094 of planned removals. The complete logs is available from the URL
6095 above. Note if you want to repeat these tests, that the upgrade test
6096 for kde+apt-get hung in the tasksel setup because of dpkg asking
6097 conffile questions. No idea why. I worked around it by using
6098 '<tt
>echo
>> /proc/
<em
>pidofdpkg
</em
>/fd/
0</tt
>' to tell dpkg to
6101 <p
><b
>apt-get gnome
72</b
>
6102 <br
>bluez-gnome cupsddk-drivers deskbar-applet gnome
6103 gnome-desktop-environment gnome-network-admin gtkhtml3.14
6104 iceweasel-gnome-support libavcodec51 libdatrie0 libgdl-
1-
0
6105 libgnomekbd2 libgnomekbdui2 libmetacity0 libslab0 libxcb-xlib0
6106 nautilus-cd-burner python-gnome2-desktop python-gnome2-extras
6107 serpentine swfdec-mozilla update-manager xorg xserver-xorg
6108 xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-evdev
6109 xserver-xorg-input-kbd xserver-xorg-input-mouse
6110 xserver-xorg-input-synaptics xserver-xorg-input-wacom
6111 xserver-xorg-video-all xserver-xorg-video-apm xserver-xorg-video-ark
6112 xserver-xorg-video-ati xserver-xorg-video-chips
6113 xserver-xorg-video-cirrus xserver-xorg-video-cyrix
6114 xserver-xorg-video-dummy xserver-xorg-video-fbdev
6115 xserver-xorg-video-glint xserver-xorg-video-i128
6116 xserver-xorg-video-i740 xserver-xorg-video-imstt
6117 xserver-xorg-video-intel xserver-xorg-video-mach64
6118 xserver-xorg-video-mga xserver-xorg-video-neomagic
6119 xserver-xorg-video-nsc xserver-xorg-video-nv
6120 xserver-xorg-video-openchrome xserver-xorg-video-r128
6121 xserver-xorg-video-radeon xserver-xorg-video-radeonhd
6122 xserver-xorg-video-rendition xserver-xorg-video-s3
6123 xserver-xorg-video-s3virge xserver-xorg-video-savage
6124 xserver-xorg-video-siliconmotion xserver-xorg-video-sis
6125 xserver-xorg-video-sisusb xserver-xorg-video-tdfx
6126 xserver-xorg-video-tga xserver-xorg-video-trident
6127 xserver-xorg-video-tseng xserver-xorg-video-v4l
6128 xserver-xorg-video-vesa xserver-xorg-video-vga
6129 xserver-xorg-video-vmware xserver-xorg-video-voodoo xulrunner-
1.9
6130 xulrunner-
1.9-gnome-support
</p
>
6132 <p
><b
>aptitude gnome
129</b
>
6134 <br
>bluez-gnome bluez-utils cpp-
4.3 cupsddk-drivers dhcdbd
6135 djvulibre-desktop finger gnome-app-install gnome-mount
6136 gnome-network-admin gnome-spell gnome-vfs-obexftp
6137 gnome-volume-manager gstreamer0.10-gnomevfs gtkhtml3.14 libao2
6138 libavahi-compat-libdnssd1 libavahi-core5 libavcodec51 libbluetooth2
6139 libcamel1.2-
11 libcdio7 libcucul0 libcupsys2 libcurl3 libdatrie0
6140 libdirectfb-
1.0-
0 libdvdread3 libedataserver1.2-
9 libeel2-
2.20
6141 libeel2-data libepc-
1.0-
1 libepc-ui-
1.0-
1 libfaad0 libgail-common
6142 libgd2-noxpm libgda3-
3 libgda3-common libgdl-
1-
0 libgdl-
1-common
6143 libggz2 libggzcore9 libggzmod4 libgksu1.2-
0 libgksuui1.0-
1 libgmyth0
6144 libgnomecups1.0-
1 libgnomekbd2 libgnomekbdui2 libgnomeprint2.2-
0
6145 libgnomeprint2.2-data libgnomeprintui2.2-
0 libgnomeprintui2.2-common
6146 libgnomevfs2-bin libgpod3 libgraphviz4 libgtkhtml2-
0
6147 libgtksourceview-common libgtksourceview1.0-
0 libgucharmap6
6148 libhesiod0 libicu38 libiw29 libkpathsea4 libltdl3 libmagick++
10
6149 libmagick10 libmalaga7 libmetacity0 libmtp7 libmysqlclient15off
6150 libnautilus-burn4 libneon27 libnm-glib0 libnm-util0 libopal-
2.2
6151 libosp5 libparted1.8-
10 libpoppler-glib3 libpoppler3 libpt-
1.10.10
6152 libpt-
1.10.10-plugins-alsa libpt-
1.10.10-plugins-v4l libraw1394-
8
6153 libsensors3 libslab0 libsmbios2 libsoup2.2-
8 libssh2-
1
6154 libsuitesparse-
3.1.0 libswfdec-
0.6-
90 libtalloc1 libtotem-plparser10
6155 libtrackerclient0 libxalan2-java libxalan2-java-gcj libxcb-xlib0
6156 libxerces2-java libxerces2-java-gcj libxklavier12 libxtrap6
6157 libxxf86misc1 libzephyr3 mysql-common nautilus-cd-burner
6158 openoffice.org-writer2latex openssl-blacklist p7zip
6159 python-
4suite-xml python-eggtrayicon python-gnome2-desktop
6160 python-gnome2-extras python-gtkhtml2 python-gtkmozembed
6161 python-numeric python-sexy serpentine svgalibg1 swfdec-gnome
6162 swfdec-mozilla totem-gstreamer update-manager wodim
6163 xserver-xorg-video-cyrix xserver-xorg-video-imstt
6164 xserver-xorg-video-nsc xserver-xorg-video-v4l xserver-xorg-video-vga
6167 <p
><b
>apt-get kde
82</b
>
6169 <br
>cupsddk-drivers karm kaudiocreator kcoloredit kcontrol kde kde-core
6170 kdeaddons kdeartwork kdebase kdebase-bin kdebase-bin-kde3
6171 kdebase-kio-plugins kdesktop kdeutils khelpcenter kicker
6172 kicker-applets knewsticker kolourpaint konq-plugins konqueror korn
6173 kpersonalizer kscreensaver ksplash libavcodec51 libdatrie0 libkiten1
6174 libxcb-xlib0 quanta superkaramba texlive-base-bin xorg xserver-xorg
6175 xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-evdev
6176 xserver-xorg-input-kbd xserver-xorg-input-mouse
6177 xserver-xorg-input-synaptics xserver-xorg-input-wacom
6178 xserver-xorg-video-all xserver-xorg-video-apm xserver-xorg-video-ark
6179 xserver-xorg-video-ati xserver-xorg-video-chips
6180 xserver-xorg-video-cirrus xserver-xorg-video-cyrix
6181 xserver-xorg-video-dummy xserver-xorg-video-fbdev
6182 xserver-xorg-video-glint xserver-xorg-video-i128
6183 xserver-xorg-video-i740 xserver-xorg-video-imstt
6184 xserver-xorg-video-intel xserver-xorg-video-mach64
6185 xserver-xorg-video-mga xserver-xorg-video-neomagic
6186 xserver-xorg-video-nsc xserver-xorg-video-nv
6187 xserver-xorg-video-openchrome xserver-xorg-video-r128
6188 xserver-xorg-video-radeon xserver-xorg-video-radeonhd
6189 xserver-xorg-video-rendition xserver-xorg-video-s3
6190 xserver-xorg-video-s3virge xserver-xorg-video-savage
6191 xserver-xorg-video-siliconmotion xserver-xorg-video-sis
6192 xserver-xorg-video-sisusb xserver-xorg-video-tdfx
6193 xserver-xorg-video-tga xserver-xorg-video-trident
6194 xserver-xorg-video-tseng xserver-xorg-video-v4l
6195 xserver-xorg-video-vesa xserver-xorg-video-vga
6196 xserver-xorg-video-vmware xserver-xorg-video-voodoo xulrunner-
1.9</p
>
6198 <p
><b
>aptitude kde
192</b
>
6199 <br
>bluez-utils cpp-
4.3 cupsddk-drivers cvs dcoprss dhcdbd
6200 djvulibre-desktop dosfstools eyesapplet fifteenapplet finger gettext
6201 ghostscript-x imlib-base imlib11 indi kandy karm kasteroids
6202 kaudiocreator kbackgammon kbstate kcoloredit kcontrol kcron kdat
6203 kdeadmin-kfile-plugins kdeartwork-misc kdeartwork-theme-window
6204 kdebase-bin-kde3 kdebase-kio-plugins kdeedu-data
6205 kdegraphics-kfile-plugins kdelirc kdemultimedia-kappfinder-data
6206 kdemultimedia-kfile-plugins kdenetwork-kfile-plugins
6207 kdepim-kfile-plugins kdepim-kio-plugins kdeprint kdesktop kdessh
6208 kdict kdnssd kdvi kedit keduca kenolaba kfax kfaxview kfouleggs
6209 kghostview khelpcenter khexedit kiconedit kitchensync klatin
6210 klickety kmailcvt kmenuedit kmid kmilo kmoon kmrml kodo kolourpaint
6211 kooka korn kpager kpdf kpercentage kpf kpilot kpoker kpovmodeler
6212 krec kregexpeditor ksayit ksim ksirc ksirtet ksmiletris ksmserver
6213 ksnake ksokoban ksplash ksvg ksysv ktip ktnef kuickshow kverbos
6214 kview kviewshell kvoctrain kwifimanager kwin kwin4 kworldclock
6215 kxsldbg libakode2 libao2 libarts1-akode libarts1-audiofile
6216 libarts1-mpeglib libarts1-xine libavahi-compat-libdnssd1
6217 libavahi-core5 libavc1394-
0 libavcodec51 libbluetooth2
6218 libboost-python1.34
.1 libcucul0 libcurl3 libcvsservice0 libdatrie0
6219 libdirectfb-
1.0-
0 libdjvulibre21 libdvdread3 libfaad0 libfreebob0
6220 libgail-common libgd2-noxpm libgraphviz4 libgsmme1c2a libgtkhtml2-
0
6221 libicu38 libiec61883-
0 libindex0 libiw29 libk3b3 libkcal2b libkcddb1
6222 libkdeedu3 libkdepim1a libkgantt0 libkiten1 libkleopatra1 libkmime2
6223 libkpathsea4 libkpimexchange1 libkpimidentities1 libkscan1
6224 libksieve0 libktnef1 liblockdev1 libltdl3 libmagick10 libmimelib1c2a
6225 libmozjs1d libmpcdec3 libneon27 libnm-util0 libopensync0 libpisock9
6226 libpoppler-glib3 libpoppler-qt2 libpoppler3 libraw1394-
8 libsmbios2
6227 libssh2-
1 libsuitesparse-
3.1.0 libtalloc1 libtiff-tools
6228 libxalan2-java libxalan2-java-gcj libxcb-xlib0 libxerces2-java
6229 libxerces2-java-gcj libxtrap6 mpeglib networkstatus
6230 openoffice.org-writer2latex pmount poster psutils quanta quanta-data
6231 superkaramba svgalibg1 tex-common texlive-base texlive-base-bin
6232 texlive-common texlive-doc-base texlive-fonts-recommended
6233 xserver-xorg-video-cyrix xserver-xorg-video-imstt
6234 xserver-xorg-video-nsc xserver-xorg-video-v4l xserver-xorg-video-vga
6235 xulrunner-
1.9</p
>
6241 <title>Automatic upgrade testing from Lenny to Squeeze
</title>
6242 <link>http://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html
</link>
6243 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html
</guid>
6244 <pubDate>Fri,
11 Jun
2010 22:
50:
00 +
0200</pubDate>
6245 <description><p
>The last few days I have done some upgrade testing in Debian, to
6246 see if the upgrade from Lenny to Squeeze will go smoothly. A few bugs
6247 have been discovered and reported in the process
6248 (
<a href=
"http://bugs.debian.org/
585410">#
585410</a
> in nagios3-cgi,
6249 <a href=
"http://bugs.debian.org/
584879">#
584879</a
> already fixed in
6250 enscript and
<a href=
"http://bugs.debian.org/
584861">#
584861</a
> in
6251 kdebase-workspace-data), and to get a more regular testing going on, I
6252 am working on a script to automate the test.
</p
>
6254 <p
>The idea is to create a Lenny chroot and use tasksel to install a
6255 Gnome or KDE desktop installation inside the chroot before upgrading
6256 it. To ensure no services are started in the chroot, a policy-rc.d
6257 script is inserted. To make sure tasksel believe it is to install a
6258 desktop on a laptop, the tasksel tests are replaced in the chroot
6259 (only acceptable because this is a throw-away chroot).
</p
>
6261 <p
>A naive upgrade from Lenny to Squeeze using aptitude dist-upgrade
6262 currently always fail because udev refuses to upgrade with the kernel
6263 in Lenny, so to avoid that problem the file /etc/udev/kernel-upgrade
6264 is created. The bug report
6265 <a href=
"http://bugs.debian.org/
566000">#
566000</a
> make me suspect
6266 this problem do not trigger in a chroot, but I touch the file anyway
6267 to make sure the upgrade go well. Testing on virtual and real
6268 hardware have failed me because of udev so far, and creating this file
6269 do the trick in such settings anyway. This is a
6270 <a href=
"http://www.linuxquestions.org/questions/debian-
26/failed-dist-upgrade-due-to-udev-config_sysfs_deprecated-nonsense-
804130/
">known
6271 issue
</a
> and the current udev behaviour is intended by the udev
6272 maintainer because he lack the resources to rewrite udev to keep
6273 working with old kernels or something like that. I really wish the
6274 udev upstream would keep udev backwards compatible, to avoid such
6275 upgrade problem, but given that they fail to do so, I guess
6276 documenting the way out of this mess is the best option we got for
6277 Debian Squeeze.
</p
>
6279 <p
>Anyway, back to the task at hand, testing upgrades. This test
6280 script, which I call
<tt
>upgrade-test
</tt
> for now, is doing the
6283 <blockquote
><pre
>
6287 if [
"$
1" ] ; then
6296 exec
&lt; /dev/null
6298 mirror=http://ftp.skolelinux.org/debian
6299 tmpdir=chroot-$from-upgrade-$to-$desktop
6301 debootstrap $from $tmpdir $mirror
6302 chroot $tmpdir aptitude update
6303 cat
> $tmpdir/usr/sbin/policy-rc.d
&lt;
&lt;EOF
6307 chmod a+rx $tmpdir/usr/sbin/policy-rc.d
6311 mount -t proc proc $tmpdir/proc
6312 # Make sure proc is unmounted also on failure
6313 trap exit_cleanup EXIT INT
6315 chroot $tmpdir aptitude -y install debconf-utils
6317 # Make sure tasksel autoselection trigger. It need the test scripts
6318 # to return the correct answers.
6319 echo tasksel tasksel/desktop multiselect $desktop | \
6320 chroot $tmpdir debconf-set-selections
6322 # Include the desktop and laptop task
6323 for test in desktop laptop ; do
6324 echo
> $tmpdir/usr/lib/tasksel/tests/$test
&lt;
&lt;EOF
6328 chmod a+rx $tmpdir/usr/lib/tasksel/tests/$test
6331 DEBIAN_FRONTEND=noninteractive
6332 DEBIAN_PRIORITY=critical
6333 export DEBIAN_FRONTEND DEBIAN_PRIORITY
6334 chroot $tmpdir tasksel --new-install
6336 echo deb $mirror $to main
> $tmpdir/etc/apt/sources.list
6337 chroot $tmpdir aptitude update
6338 touch $tmpdir/etc/udev/kernel-upgrade
6339 chroot $tmpdir aptitude -y dist-upgrade
6341 </pre
></blockquote
>
6343 <p
>I suspect it would be useful to test upgrades with both apt-get and
6344 with aptitude, but I have not had time to look at how they behave
6345 differently so far. I hope to get a cron job running to do the test
6346 regularly and post the result on the web. The Gnome upgrade currently
6347 work, while the KDE upgrade fail because of the bug in
6348 kdebase-workspace-data
</p
>
6350 <p
>I am not quite sure what kind of extract from the huge upgrade logs
6351 (KDE
167 KiB, Gnome
516 KiB) it make sense to include in this blog
6352 post, so I will refrain from trying. I can report that for Gnome,
6353 aptitude report
760 packages upgraded,
448 newly installed,
129 to
6354 remove and
1 not upgraded and
1024MB need to be downloaded while for
6355 KDE the same numbers are
702 packages upgraded,
507 newly installed,
6356 193 to remove and
0 not upgraded and
1117MB need to be downloaded
</p
>
6358 <p
>I am very happy to notice that the Gnome desktop + laptop upgrade
6359 is able to migrate to dependency based boot sequencing and parallel
6360 booting without a hitch. Was unsure if there were still bugs with
6361 packages failing to clean up their obsolete init.d script during
6362 upgrades, and no such problem seem to affect the Gnome desktop+laptop
6368 <title>Upstart or sysvinit - as init.d scripts see it
</title>
6369 <link>http://people.skolelinux.org/pere/blog/Upstart_or_sysvinit___as_init_d_scripts_see_it.html
</link>
6370 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Upstart_or_sysvinit___as_init_d_scripts_see_it.html
</guid>
6371 <pubDate>Sun,
6 Jun
2010 23:
55:
00 +
0200</pubDate>
6372 <description><p
>If Debian is to migrate to upstart on Linux, I expect some init.d
6373 scripts to migrate (some of) their operations to upstart job while
6374 keeping the init.d for hurd and kfreebsd. The packages with such
6375 needs will need a way to get their init.d scripts to behave
6376 differently when used with sysvinit and with upstart. Because of
6377 this, I had a look at the environment variables set when a init.d
6378 script is running under upstart, and when it is not.
</p
>
6380 <p
>With upstart, I notice these environment variables are set when a
6381 script is started from rcS.d/ (ignoring some irrelevant ones like
6384 <blockquote
><pre
>
6390 UPSTART_EVENTS=startup
6392 UPSTART_JOB=rc-sysinit
6393 </pre
></blockquote
>
6395 <p
>With sysvinit, these environment variables are set for the same
6398 <blockquote
><pre
>
6399 INIT_VERSION=sysvinit-
2.88
6404 </pre
></blockquote
>
6406 <p
>The RUNLEVEL and PREVLEVEL environment variables passed on from
6407 sysvinit are not set by upstart. Not sure if it is intentional or not
6408 to not be compatible with sysvinit in this regard.
</p
>
6410 <p
>For scripts needing to behave differently when upstart is used,
6411 looking for the UPSTART_JOB environment variable seem to be a good
6417 <title>A manual for standards wars...
</title>
6418 <link>http://people.skolelinux.org/pere/blog/A_manual_for_standards_wars___.html
</link>
6419 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/A_manual_for_standards_wars___.html
</guid>
6420 <pubDate>Sun,
6 Jun
2010 14:
15:
00 +
0200</pubDate>
6421 <description><p
>Via the
6422 <a href=
"http://feedproxy.google.com/~r/robweir/antic-atom/~
3/QzU4RgoAGMg/weekly-links-
10.html
">blog
6423 of Rob Weir
</a
> I came across the very interesting essay named
6424 <a href=
"http://faculty.haas.berkeley.edu/shapiro/wars.pdf
">The Art of
6425 Standards Wars
</a
> (PDF
25 pages). I recommend it for everyone
6426 following the standards wars of today.
</p
>
6431 <title>Sitesummary tip: Listing computer hardware models used at site
</title>
6432 <link>http://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_computer_hardware_models_used_at_site.html
</link>
6433 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_computer_hardware_models_used_at_site.html
</guid>
6434 <pubDate>Thu,
3 Jun
2010 12:
05:
00 +
0200</pubDate>
6435 <description><p
>When using sitesummary at a site to track machines, it is possible
6436 to get a list of the machine types in use thanks to the DMI
6437 information extracted from each machine. The script to do so is
6438 included in the sitesummary package, and here is example output from
6439 the Skolelinux build servers:
</p
>
6441 <blockquote
><pre
>
6442 maintainer:~# /usr/lib/sitesummary/hardware-model-summary
6444 Dell Computer Corporation
1
6447 eserver xSeries
345 -[
8670M1X]-
1
6451 </pre
></blockquote
>
6453 <p
>The quality of the report depend on the quality of the DMI tables
6454 provided in each machine. Here there are Intel machines without model
6455 information listed with Intel as vendor and no model, and virtual Xen
6456 machines listed as [no-dmi-info]. One can add -l as a command line
6457 option to list the individual machines.
</p
>
6459 <p
>A larger list is
6460 <a href=
"http://narvikskolen.no/sitesummary/
">available from the the
6461 city of Narvik
</a
>, which uses Skolelinux on all their shools and also
6462 provide the basic sitesummary report publicly. In their report there
6463 are ~
1400 machines. I know they use both Ubuntu and Skolelinux on
6464 their machines, and as sitesummary is available in both distributions,
6465 it is trivial to get all of them to report to the same central
6466 collector.
</p
>
6471 <title>KDM fail at boot with NVidia cards - and no one try to fix it?
</title>
6472 <link>http://people.skolelinux.org/pere/blog/KDM_fail_at_boot_with_NVidia_cards___and_no_one_try_to_fix_it_.html
</link>
6473 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/KDM_fail_at_boot_with_NVidia_cards___and_no_one_try_to_fix_it_.html
</guid>
6474 <pubDate>Tue,
1 Jun
2010 17:
05:
00 +
0200</pubDate>
6475 <description><p
>It is strange to watch how a bug in Debian causing KDM to fail to
6476 start at boot when an NVidia video card is used is handled. The
6477 problem seem to be that the nvidia X.org driver uses a long time to
6478 initialize, and this duration is longer than kdm is configured to
6481 <p
>I came across two bugs related to this issue,
6482 <a href=
"http://bugs.debian.org/
583312">#
583312</a
> initially filed
6483 against initscripts and passed on to nvidia-glx when it became obvious
6484 that the nvidia drivers were involved, and
6485 <a href=
"http://bugs.debian.org/
524751">#
524751</a
> initially filed against
6486 kdm and passed on to src:nvidia-graphics-drivers for unknown reasons.
</p
>
6488 <p
>To me, it seem that no-one is interested in actually solving the
6489 problem nvidia video card owners experience and make sure the Debian
6490 distribution work out of the box for these users. The nvidia driver
6491 maintainers expect kdm to be set up to wait longer, while kdm expect
6492 the nvidia driver maintainers to fix the driver to start faster, and
6493 while they wait for each other I guess the users end up switching to a
6494 distribution that work for them. I have no idea what the solution is,
6495 but I am pretty sure that waiting for each other is not it.
</p
>
6497 <p
>I wonder why we end up handling bugs this way.
</p
>
6502 <title>Parallellized boot seem to hold up well in Debian/testing
</title>
6503 <link>http://people.skolelinux.org/pere/blog/Parallellized_boot_seem_to_hold_up_well_in_Debian_testing.html
</link>
6504 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Parallellized_boot_seem_to_hold_up_well_in_Debian_testing.html
</guid>
6505 <pubDate>Thu,
27 May
2010 23:
55:
00 +
0200</pubDate>
6506 <description><p
>A few days ago, parallel booting was enabled in Debian/testing.
6507 The feature seem to hold up pretty well, but three fairly serious
6508 issues are known and should be solved:
6512 <li
>The wicd package seen to
6513 <a href=
"http://bugs.debian.org/
508289">break NFS mounting
</a
> and
6514 <a href=
"http://bugs.debian.org/
581586">network setup
</a
> when
6515 parallel booting is enabled. No idea why, but the wicd maintainer
6516 seem to be on the case.
</li
>
6518 <li
>The nvidia X driver seem to
6519 <a href=
"http://bugs.debian.org/
583312">have a race condition
</a
>
6520 triggered more easily when parallel booting is in effect. The
6521 maintainer is on the case.
</li
>
6523 <li
>The sysv-rc package fail to properly enable dependency based boot
6524 sequencing (the shutdown is broken) when old file-rc users
6525 <a href=
"http://bugs.debian.org/
575080">try to switch back
</a
> to
6526 sysv-rc. One way to solve it would be for file-rc to create
6527 /etc/init.d/.legacy-bootordering, and another is to try to make
6528 sysv-rc more robust. Will investigate some more and probably upload a
6529 workaround in sysv-rc to help those trying to move from file-rc to
6530 sysv-rc get a working shutdown.
</li
>
6532 </ul
></p
>
6534 <p
>All in all not many surprising issues, and all of them seem
6535 solvable before Squeeze is released. In addition to these there are
6536 some packages with bugs in their dependencies and run level settings,
6537 which I expect will be fixed in a reasonable time span.
</p
>
6539 <p
>If you report any problems with dependencies in init.d scripts to
6540 the BTS, please usertag the report to get it to show up at
6541 <a href=
"http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org
">the
6542 list of usertagged bugs related to this
</a
>.
</p
>
6544 <p
>Update: Correct bug number to file-rc issue.
</p
>
6549 <title>More flexible firmware handling in debian-installer
</title>
6550 <link>http://people.skolelinux.org/pere/blog/More_flexible_firmware_handling_in_debian_installer.html
</link>
6551 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/More_flexible_firmware_handling_in_debian_installer.html
</guid>
6552 <pubDate>Sat,
22 May
2010 21:
30:
00 +
0200</pubDate>
6553 <description><p
>After a long break from debian-installer development, I finally
6554 found time today to return to the project. Having to spend less time
6555 working dependency based boot in debian, as it is almost complete now,
6556 definitely helped freeing some time.
</p
>
6558 <p
>A while back, I ran into a problem while working on Debian Edu. We
6559 include some firmware packages on the Debian Edu CDs, those needed to
6560 get disk and network controllers working. Without having these
6561 firmware packages available during installation, it is impossible to
6562 install Debian Edu on the given machine, and because our target group
6563 are non-technical people, asking them to provide firmware packages on
6564 an external medium is a support pain. Initially, I expected it to be
6565 enough to include the firmware packages on the CD to get
6566 debian-installer to find and use them. This proved to be wrong.
6567 Next, I hoped it was enough to symlink the relevant firmware packages
6568 to some useful location on the CD (tried /cdrom/ and
6569 /cdrom/firmware/). This also proved to not work, and at this point I
6570 found time to look at the debian-installer code to figure out what was
6571 going to work.
</p
>
6573 <p
>The firmware loading code is in the hw-detect package, and a closer
6574 look revealed that it would only look for firmware packages outside
6575 the installation media, so the CD was never checked for firmware
6576 packages. It would only check USB sticks, floppies and other
6577 "external
" media devices. Today I changed it to also look in the
6578 /cdrom/firmware/ directory on the mounted CD or DVD, which should
6579 solve the problem I ran into with Debian edu. I also changed it to
6580 look in /firmware/, to make sure the installer also find firmware
6581 provided in the initrd when booting the installer via PXE, to allow us
6582 to provide the same feature in the PXE setup included in Debian
6585 <p
>To make sure firmware deb packages with a license questions are not
6586 activated without asking if the license is accepted, I extended
6587 hw-detect to look for preinst scripts in the firmware packages, and
6588 run these before activating the firmware during installation. The
6589 license question is asked using debconf in the preinst, so this should
6590 solve the issue for the firmware packages I have looked at so far.
</p
>
6592 <p
>If you want to discuss the details of these features, please
6593 contact us on debian-boot@lists.debian.org.
</p
>
6598 <title>Parallellized boot is now the default in Debian/unstable
</title>
6599 <link>http://people.skolelinux.org/pere/blog/Parallellized_boot_is_now_the_default_in_Debian_unstable.html
</link>
6600 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Parallellized_boot_is_now_the_default_in_Debian_unstable.html
</guid>
6601 <pubDate>Fri,
14 May
2010 22:
40:
00 +
0200</pubDate>
6602 <description><p
>Since this evening, parallel booting is the default in
6603 Debian/unstable for machines using dependency based boot sequencing.
6604 Apparently the testing of concurrent booting has been wider than
6605 expected, if I am to believe the
6606 <a href=
"http://lists.debian.org/debian-devel/
2010/
05/msg00122.html
">input
6607 on debian-devel@
</a
>, and I concluded a few days ago to move forward
6608 with the feature this weekend, to give us some time to detect any
6609 remaining problems before Squeeze is frozen. If serious problems are
6610 detected, it is simple to change the default back to sequential boot.
6611 The upload of the new sysvinit package also activate a new upstream
6614 More information about
6615 <a href=
"http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot
">dependency
6616 based boot sequencing
</a
> is available from the Debian wiki. It is
6617 currently possible to disable parallel booting when one run into
6618 problems caused by it, by adding this line to /etc/default/rcS:
</p
>
6620 <blockquote
><pre
>
6622 </pre
></blockquote
>
6624 <p
>If you report any problems with dependencies in init.d scripts to
6625 the BTS, please usertag the report to get it to show up at
6626 <a href=
"http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org
">the
6627 list of usertagged bugs related to this
</a
>.
</p
>
6632 <title>Sitesummary tip: Listing MAC address of all clients
</title>
6633 <link>http://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_MAC_address_of_all_clients.html
</link>
6634 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_MAC_address_of_all_clients.html
</guid>
6635 <pubDate>Fri,
14 May
2010 21:
10:
00 +
0200</pubDate>
6636 <description><p
>In the recent Debian Edu versions, the
6637 <a href=
"http://wiki.debian.org/DebianEdu/HowTo/SiteSummary
">sitesummary
6638 system
</a
> is used to keep track of the machines in the school
6639 network. Each machine will automatically report its status to the
6640 central server after boot and once per night. The network setup is
6641 also reported, and using this information it is possible to get the
6642 MAC address of all network interfaces in the machines. This is useful
6643 to update the DHCP configuration.
</p
>
6645 <p
>To give some idea how to use sitesummary, here is a one-liner to
6646 ist all MAC addresses of all machines reporting to sitesummary. Run
6647 this on the collector host:
</p
>
6649 <blockquote
><pre
>
6650 perl -MSiteSummary -e
'for_all_hosts(sub { print join(
" ", get_macaddresses(shift)),
"\n
"; });
'
6651 </pre
></blockquote
>
6653 <p
>This will list all MAC addresses assosiated with all machine, one
6654 line per machine and with space between the MAC addresses.
</p
>
6656 <p
>To allow system administrators easier job at adding static DHCP
6657 addresses for hosts, it would be possible to extend this to fetch
6658 machine information from sitesummary and update the DHCP and DNS
6659 tables in LDAP using this information. Such tool is unfortunately not
6660 written yet.
</p
>
6665 <title>systemd, an interesting alternative to upstart
</title>
6666 <link>http://people.skolelinux.org/pere/blog/systemd__an_interesting_alternative_to_upstart.html
</link>
6667 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/systemd__an_interesting_alternative_to_upstart.html
</guid>
6668 <pubDate>Thu,
13 May
2010 22:
20:
00 +
0200</pubDate>
6669 <description><p
>The last few days a new boot system called
6670 <a href=
"http://www.freedesktop.org/wiki/Software/systemd
">systemd
</a
>
6672 <a href=
"http://
0pointer.de/blog/projects/systemd.html
">introduced
</a
>
6674 to the free software world. I have not yet had time to play around
6675 with it, but it seem to be a very interesting alternative to
6676 <a href=
"http://upstart.ubuntu.com/
">upstart
</a
>, and might prove to be
6677 a good alternative for Debian when we are able to switch to an event
6678 based boot system. Tollef is
6679 <a href=
"http://bugs.debian.org/
580814">in the process
</a
> of getting
6680 systemd into Debian, and I look forward to seeing how well it work. I
6681 like the fact that systemd handles init.d scripts with dependency
6682 information natively, allowing them to run in parallel where upstart
6683 at the moment do not.
</p
>
6685 <p
>Unfortunately do systemd have the same problem as upstart regarding
6686 platform support. It only work on recent Linux kernels, and also need
6687 some new kernel features enabled to function properly. This means
6688 kFreeBSD and Hurd ports of Debian will need a port or a different boot
6689 system. Not sure how that will be handled if systemd proves to be the
6690 way forward.
</p
>
6692 <p
>In the mean time, based on the
6693 <a href=
"http://lists.debian.org/debian-devel/
2010/
05/msg00122.html
">input
6694 on debian-devel@
</a
> regarding parallel booting in Debian, I have
6695 decided to enable full parallel booting as the default in Debian as
6696 soon as possible (probably this weekend or early next week), to see if
6697 there are any remaining serious bugs in the init.d dependencies. A
6698 new version of the sysvinit package implementing this change is
6699 already in experimental. If all go well, Squeeze will be released
6700 with parallel booting enabled by default.
</p
>
6705 <title>Parallellizing the boot in Debian Squeeze - ready for wider testing
</title>
6706 <link>http://people.skolelinux.org/pere/blog/Parallellizing_the_boot_in_Debian_Squeeze___ready_for_wider_testing.html
</link>
6707 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Parallellizing_the_boot_in_Debian_Squeeze___ready_for_wider_testing.html
</guid>
6708 <pubDate>Thu,
6 May
2010 23:
25:
00 +
0200</pubDate>
6709 <description><p
>These days, the init.d script dependencies in Squeeze are quite
6710 complete, so complete that it is actually possible to run all the
6711 init.d scripts in parallell based on these dependencies. If you want
6712 to test your Squeeze system, make sure
6713 <a href=
"http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot
">dependency
6714 based boot sequencing
</a
> is enabled, and add this line to
6715 /etc/default/rcS:
</p
>
6717 <blockquote
><pre
>
6718 CONCURRENCY=makefile
6719 </pre
></blockquote
>
6721 <p
>That is it. It will cause sysv-rc to use the startpar tool to run
6722 scripts in parallel using the dependency information stored in
6723 /etc/init.d/.depend.boot, /etc/init.d/.depend.start and
6724 /etc/init.d/.depend.stop to order the scripts. Startpar is configured
6725 to try to start the kdm and gdm scripts as early as possible, and will
6726 start the facilities required by kdm or gdm as early as possible to
6727 make this happen.
</p
>
6729 <p
>Give it a try, and see if you like the result. If some services
6730 fail to start properly, it is most likely because they have incomplete
6731 init.d script dependencies in their startup script (or some of their
6732 dependent scripts have incomplete dependencies). Report bugs and get
6733 the package maintainers to fix it. :)
</p
>
6735 <p
>Running scripts in parallel could be the default in Debian when we
6736 manage to get the init.d script dependencies complete and correct. I
6737 expect we will get there in Squeeze+
1, if we get manage to test and
6738 fix the remaining issues.
</p
>
6740 <p
>If you report any problems with dependencies in init.d scripts to
6741 the BTS, please usertag the report to get it to show up at
6742 <a href=
"http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org
">the
6743 list of usertagged bugs related to this
</a
>.
</p
>
6748 <title>Debian has switched to dependency based boot sequencing
</title>
6749 <link>http://people.skolelinux.org/pere/blog/Debian_has_switched_to_dependency_based_boot_sequencing.html
</link>
6750 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_has_switched_to_dependency_based_boot_sequencing.html
</guid>
6751 <pubDate>Mon,
27 Jul
2009 23:
50:
00 +
0200</pubDate>
6752 <description><p
>Since this evening, with the upload of sysvinit version
2.87dsf-
2,
6753 and the upload of insserv version
1.12.0-
10 yesterday, Debian unstable
6754 have been migrated to using dependency based boot sequencing. This
6755 conclude work me and others have been doing for the last three days.
6756 It feels great to see this finally part of the default Debian
6757 installation. Now we just need to weed out the last few problems that
6758 are bound to show up, to get everything ready for Squeeze.
</p
>
6760 <p
>The next step is migrating /sbin/init from sysvinit to upstart, and
6761 fixing the more fundamental problem of handing the event based
6762 non-predictable kernel in the early boot.
</p
>
6767 <title>Taking over sysvinit development
</title>
6768 <link>http://people.skolelinux.org/pere/blog/Taking_over_sysvinit_development.html
</link>
6769 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Taking_over_sysvinit_development.html
</guid>
6770 <pubDate>Wed,
22 Jul
2009 23:
00:
00 +
0200</pubDate>
6771 <description><p
>After several years of frustration with the lack of activity from
6772 the existing sysvinit upstream developer, I decided a few weeks ago to
6773 take over the package and become the new upstream. The number of
6774 patches to track for the Debian package was becoming a burden, and the
6775 lack of synchronization between the distribution made it hard to keep
6776 the package up to date.
</p
>
6778 <p
>On the new sysvinit team is the SuSe maintainer Dr. Werner Fink,
6779 and my Debian co-maintainer Kel Modderman. About
10 days ago, I made
6780 a new upstream tarball with version number
2.87dsf (for Debian, SuSe
6781 and Fedora), based on the patches currently in use in these
6782 distributions. We Debian maintainers plan to move to this tarball as
6783 the new upstream as soon as we find time to do the merge. Since the
6784 new tarball was created, we agreed with Werner at SuSe to make a new
6785 upstream project at
<a href=
"http://savannah.nongnu.org/
">Savannah
</a
>, and continue
6786 development there. The project is registered and currently waiting
6787 for approval by the Savannah administrators, and as soon as it is
6788 approved, we will import the old versions from svn and continue
6789 working on the future release.
</p
>
6791 <p
>It is a bit ironic that this is done now, when some of the involved
6792 distributions are moving to upstart as a syvinit replacement.
</p
>
6797 <title>Debian boots quicker and quicker
</title>
6798 <link>http://people.skolelinux.org/pere/blog/Debian_boots_quicker_and_quicker.html
</link>
6799 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_boots_quicker_and_quicker.html
</guid>
6800 <pubDate>Wed,
24 Jun
2009 21:
40:
00 +
0200</pubDate>
6801 <description><p
>I spent Monday and tuesday this week in London with a lot of the
6802 people involved in the boot system on Debian and Ubuntu, to see if we
6803 could find more ways to speed up the boot system. This was an Ubuntu
6805 <a href=
"https://wiki.ubuntu.com/FoundationsTeam/BootPerformance/DebianUbuntuSprint
">developer
6806 gathering
</a
>. It was quite productive. We also discussed the future
6807 of boot systems, and ways to handle the increasing number of boot
6808 issues introduced by the Linux kernel becoming more and more
6809 asynchronous and event base. The Ubuntu approach using udev and
6810 upstart might be a good way forward. Time will show.
</p
>
6812 <p
>Anyway, there are a few ways at the moment to speed up the boot
6813 process in Debian. All of these should be applied to get a quick
6818 <li
>Use dash as /bin/sh.
</li
>
6820 <li
>Disable the init.d/hwclock*.sh scripts and make sure the hardware
6821 clock is in UTC.
</li
>
6823 <li
>Install and activate the insserv package to enable
6824 <a href=
"http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot
">dependency
6825 based boot sequencing
</a
>, and enable concurrent booting.
</li
>
6829 These points are based on the Google summer of code work done by
6830 <a href=
"http://initscripts-ng.alioth.debian.org/soc2006-bootsystem/
">Carlos
6833 <p
>Support for makefile-style concurrency during boot was uploaded to
6834 unstable yesterday. When we tested it, we were able to cut
6 seconds
6835 from the boot sequence. It depend on very correct dependency
6836 declaration in all init.d scripts, so I expect us to find edge cases
6837 where the dependences in some scripts are slightly wrong when we start
6838 using this.
</p
>
6840 <p
>On our IRC channel for this effort, #pkg-sysvinit, a new idea was
6841 introduced by Raphael Geissert today, one that could affect the
6842 startup speed as well. Instead of starting some scripts concurrently
6843 from rcS.d/ and another set of scripts from rc2.d/, it would be
6844 possible to run a of them in the same process. A quick way to test
6845 this would be to enable insserv and run
'mv /etc/rc2.d/S* /etc/rcS.d/;
6846 insserv
'. Will need to test if that work. :)
</p
>
6851 <title>BSAs påstander om piratkopiering møter motstand
</title>
6852 <link>http://people.skolelinux.org/pere/blog/BSAs_p_stander_om_piratkopiering_m_ter_motstand.html
</link>
6853 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/BSAs_p_stander_om_piratkopiering_m_ter_motstand.html
</guid>
6854 <pubDate>Sun,
17 May
2009 23:
05:
00 +
0200</pubDate>
6855 <description><p
>Hvert år de siste årene har BSA, lobbyfronten til de store
6856 programvareselskapene som Microsoft og Apple, publisert en rapport der
6857 de gjetter på hvor mye piratkopiering påfører i tapte inntekter i
6858 ulike land rundt om i verden. Resultatene er tendensiøse. For noen
6860 <a href=
"http://global.bsa.org/globalpiracy2008/studies/globalpiracy2008.pdf
">siste
6861 rapport
</a
>, og det er flere kritiske kommentarer publisert de siste
6862 dagene. Et spesielt interessant kommentar fra Sverige,
6863 <a href=
"http://www.idg.se/
2.1085/
1.229795/bsa-hoftade-sverigesiffror
">BSA
6864 höftade Sverigesiffror
</a
>, oppsummeres slik:
</p
>
6867 I sin senaste rapport slår BSA fast att
25 procent av all mjukvara i
6868 Sverige är piratkopierad. Det utan att ha pratat med ett enda svenskt
6869 företag.
"Man bör nog kanske inte se de här siffrorna som helt
6870 exakta
", säger BSAs Sverigechef John Hugosson.
6873 <p
>Mon tro om de er like metodiske når de gjetter på andelen piratkopiering i Norge? To andre kommentarer er
<a
6874 href=
"http://www.vnunet.com/vnunet/comment/
2242134/bsa-piracy-figures-shot-reality
">BSA
6875 piracy figures need a shot of reality
</a
> og
<a
6876 href=
"http://www.michaelgeist.ca/content/view/
3958/
125/
">Does The WIPO
6877 Copyright Treaty Work?
</a
></p
>
6879 <p
>Fant lenkene via
<a
6880 href=
"http://tech.slashdot.org/article.pl?sid=
09/
05/
17/
1632242">oppslag
6881 på Slashdot
</a
>.
</p
>
6886 <title>IDG mener linux i servermarkedet vil vokse med
21% i
2009</title>
6887 <link>http://people.skolelinux.org/pere/blog/IDG_mener_linux_i_servermarkedet_vil_vokse_med_21__i_2009.html
</link>
6888 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/IDG_mener_linux_i_servermarkedet_vil_vokse_med_21__i_2009.html
</guid>
6889 <pubDate>Thu,
7 May
2009 22:
30:
00 +
0200</pubDate>
6890 <description><p
>Kom over
6891 <a href=
"http://news.cnet.com/
8301-
13505_3-
10216873-
16.html
">interessante
6892 tall
</a
> fra IDG om utviklingen av linuxservermarkedet. Fikk meg til
6893 å tenke på antall tjenermaskiner ved Universitetet i Oslo der jeg
6894 jobber til daglig. En rask opptelling forteller meg at vi har
490
6895 (
61%) fysiske unix-tjener (mest linux men også noen solaris) og
196
6896 (
25%) windowstjenere, samt
112 (
14%) virtuelle unix-tjenere. Med den
6897 bakgrunnskunnskapen kan jeg godt tro at IDG er inne på noe.
</p
>
6902 <title>Kryptert harddisk - naturligvis
</title>
6903 <link>http://people.skolelinux.org/pere/blog/Kryptert_harddisk___naturligvis.html
</link>
6904 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Kryptert_harddisk___naturligvis.html
</guid>
6905 <pubDate>Sat,
2 May
2009 15:
30:
00 +
0200</pubDate>
6906 <description><p
><a href=
"http://www.dagensit.no/trender/article1658676.ece
">Dagens
6907 IT melder
</a
> at Intel hevder at det er dyrt å miste en datamaskin,
6908 når en tar tap av arbeidstid, fortrolige dokumenter,
6909 personopplysninger og alt annet det innebærer. Det er ingen tvil om
6910 at det er en kostbar affære å miste sin datamaskin, og det er årsaken
6911 til at jeg har kryptert harddisken på både kontormaskinen og min
6912 bærbare. Begge inneholder personopplysninger jeg ikke ønsker skal
6913 komme på avveie, den første informasjon relatert til jobben min ved
6914 Universitetet i Oslo, og den andre relatert til blant annet
6915 foreningsarbeide. Kryptering av diskene gjør at det er lite
6916 sannsynlig at dophoder som kan finne på å rappe maskinene får noe ut
6917 av dem. Maskinene låses automatisk etter noen minutter uten bruk,
6918 og en reboot vil gjøre at de ber om passord før de vil starte opp.
6919 Jeg bruker Debian på begge maskinene, og installasjonssystemet der
6920 gjør det trivielt å sette opp krypterte disker. Jeg har LVM på toppen
6921 av krypterte partisjoner, slik at alt av datapartisjoner er kryptert.
6922 Jeg anbefaler alle å kryptere diskene på sine bærbare. Kostnaden når
6923 det er gjort slik jeg gjør det er minimale, og gevinstene er
6924 betydelige. En bør dog passe på passordet. Hvis det går tapt, må
6925 maskinen reinstalleres og alt er tapt.
</p
>
6927 <p
>Krypteringen vil ikke stoppe kompetente angripere som f.eks. kjøler
6928 ned minnebrikkene før maskinen rebootes med programvare for å hente ut
6929 krypteringsnøklene. Kostnaden med å forsvare seg mot slike angripere
6930 er for min del høyere enn gevinsten. Jeg tror oddsene for at
6931 f.eks. etteretningsorganisasjoner har glede av å titte på mine
6932 maskiner er minimale, og ulempene jeg ville oppnå ved å forsøke å
6933 gjøre det vanskeligere for angripere med kompetanse og ressurser er
6934 betydelige.
</p
>
6939 <title>Two projects that have improved the quality of free software a lot
</title>
6940 <link>http://people.skolelinux.org/pere/blog/Two_projects_that_have_improved_the_quality_of_free_software_a_lot.html
</link>
6941 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Two_projects_that_have_improved_the_quality_of_free_software_a_lot.html
</guid>
6942 <pubDate>Sat,
2 May
2009 15:
00:
00 +
0200</pubDate>
6943 <description><p
>There are two software projects that have had huge influence on the
6944 quality of free software, and I wanted to mention both in case someone
6945 do not yet know them.
</p
>
6947 <p
>The first one is
<a href=
"http://valgrind.org/
">valgrind
</a
>, a
6948 tool to detect and expose errors in the memory handling of programs.
6949 It is easy to use, all one need to do is to run
'valgrind program
',
6950 and it will report any problems on stdout. It is even better if the
6951 program include debug information. With debug information, it is able
6952 to report the source file name and line number where the problem
6953 occurs. It can report things like
'reading past memory block in file
6954 X line N, the memory block was allocated in file Y, line M
', and
6955 'using uninitialised value in control logic
'. This tool has made it
6956 trivial to investigate reproducible crash bugs in programs, and have
6957 reduced the number of this kind of bugs in free software a lot.
6959 <p
>The second one is
6960 <a href=
"http://en.wikipedia.org/wiki/Coverity
">Coverity
</a
> which is
6961 a source code checker. It is able to process the source of a program
6962 and find problems in the logic without running the program. It
6963 started out as the Stanford Checker and became well known when it was
6964 used to find bugs in the Linux kernel. It is now a commercial tool
6965 and the company behind it is running
6966 <a href=
"http://www.scan.coverity.com/
">a community service
</a
> for the
6967 free software community, where a lot of free software projects get
6968 their source checked for free. Several thousand defects have been
6969 found and fixed so far. It can find errors like
'lock L taken in file
6970 X line N is never released if exiting in line M
', or
'the code in file
6971 Y lines O to P can never be executed
'. The projects included in the
6972 community service project have managed to get rid of a lot of
6973 reliability problems thanks to Coverity.
</p
>
6975 <p
>I believe tools like this, that are able to automatically find
6976 errors in the source, are vital to improve the quality of software and
6977 make sure we can get rid of the crashing and failing software we are
6978 surrounded by today.
</p
>
6983 <title>No patch is not better than a useless patch
</title>
6984 <link>http://people.skolelinux.org/pere/blog/No_patch_is_not_better_than_a_useless_patch.html
</link>
6985 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/No_patch_is_not_better_than_a_useless_patch.html
</guid>
6986 <pubDate>Tue,
28 Apr
2009 09:
30:
00 +
0200</pubDate>
6987 <description><p
>Julien Blache
6988 <a href=
"http://blog.technologeek.org/
2009/
04/
12/
214">claim that no
6989 patch is better than a useless patch
</a
>. I completely disagree, as a
6990 patch allow one to discuss a concrete and proposed solution, and also
6991 prove that the issue at hand is important enough for someone to spent
6992 time on fixing it. No patch do not provide any of these positive
6993 properties.
</p
>
6998 <title>Standardize on protocols and formats, not vendors and applications
</title>
6999 <link>http://people.skolelinux.org/pere/blog/Standardize_on_protocols_and_formats__not_vendors_and_applications.html
</link>
7000 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Standardize_on_protocols_and_formats__not_vendors_and_applications.html
</guid>
7001 <pubDate>Mon,
30 Mar
2009 11:
50:
00 +
0200</pubDate>
7002 <description><p
>Where I work at the University of Oslo, one decision stand out as a
7003 very good one to form a long lived computer infrastructure. It is the
7004 simple one, lost by many in todays computer industry: Standardize on
7005 open network protocols and open exchange/storage formats, not applications.
7006 Applications come and go, while protocols and files tend to stay, and
7007 thus one want to make it easy to change application and vendor, while
7008 avoiding conversion costs and locking users to a specific platform or
7009 application.
</p
>
7011 <p
>This approach make it possible to replace the client applications
7012 independently of the server applications. One can even allow users to
7013 use several different applications as long as they handle the selected
7014 protocol and format. In the normal case, only one client application
7015 is recommended and users only get help if they choose to use this
7016 application, but those that want to deviate from the easy path are not
7017 blocked from doing so.
</p
>
7019 <p
>It also allow us to replace the server side without forcing the
7020 users to replace their applications, and thus allow us to select the
7021 best server implementation at any moment, when scale and resouce
7022 requirements change.
</p
>
7024 <p
>I strongly recommend standardizing - on open network protocols and
7025 open formats, but I would never recommend standardizing on a single
7026 application that do not use open network protocol or open formats.
</p
>
7031 <title>Returning from Skolelinux developer gathering
</title>
7032 <link>http://people.skolelinux.org/pere/blog/Returning_from_Skolelinux_developer_gathering.html
</link>
7033 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Returning_from_Skolelinux_developer_gathering.html
</guid>
7034 <pubDate>Sun,
29 Mar
2009 21:
00:
00 +
0200</pubDate>
7035 <description><p
>I
'm sitting on the train going home from this weekends Debian
7036 Edu/Skolelinux development gathering. I got a bit done tuning the
7037 desktop, and looked into the dynamic service location protocol
7038 implementation avahi. It look like it could be useful for us. Almost
7039 30 people participated, and I believe it was a great environment to
7040 get to know the Skolelinux system. Walter Bender, involved in the
7041 development of the Sugar educational platform, presented his stuff and
7042 also helped me improve my OLPC installation. He also showed me that
7043 his Turtle Art application can be used in standalone mode, and we
7044 agreed that I would help getting it packaged for Debian. As a
7045 standalone application it would be great for Debian Edu. We also
7046 tried to get the video conferencing working with two OLPCs, but that
7047 proved to be too hard for us. The application seem to need more work
7048 before it is ready for me. I look forward to getting home and relax
7054 <title>Time for new LDAP schemas replacing RFC
2307?
</title>
7055 <link>http://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
</link>
7056 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
</guid>
7057 <pubDate>Sun,
29 Mar
2009 20:
30:
00 +
0200</pubDate>
7058 <description><p
>The state of standardized LDAP schemas on Linux is far from
7059 optimal. There is RFC
2307 documenting one way to store NIS maps in
7060 LDAP, and a modified version of this normally called RFC
2307bis, with
7061 some modifications to be compatible with Active Directory. The RFC
7062 specification handle the content of a lot of system databases, but do
7063 not handle DNS zones and DHCP configuration.
</p
>
7065 <p
>In
<a href=
"http://www.skolelinux.org/
">Debian Edu/Skolelinux
</a
>,
7066 we would like to store information about users, SMB clients/hosts,
7067 filegroups, netgroups (users and hosts), DHCP and DNS configuration,
7068 and LTSP configuration in LDAP. These objects have a lot in common,
7069 but with the current LDAP schemas it is not possible to have one
7070 object per entity. For example, one need to have at least three LDAP
7071 objects for a given computer, one with the SMB related stuff, one with
7072 DNS information and another with DHCP information. The schemas
7073 provided for DNS and DHCP are impossible to combine into one LDAP
7074 object. In addition, it is impossible to implement quick queries for
7075 netgroup membership, because of the way NIS triples are implemented.
7076 It just do not scale. I believe it is time for a few RFC
7077 specifications to cleam up this mess.
</p
>
7079 <p
>I would like to have one LDAP object representing each computer in
7080 the network, and this object can then keep the SMB (ie host key), DHCP
7081 (mac address/name) and DNS (name/IP address) settings in one place.
7082 It need to be efficently stored to make sure it scale well.
</p
>
7084 <p
>I would also like to have a quick way to map from a user or
7085 computer and to the net group this user or computer is a member.
</p
>
7087 <p
>Active Directory have done a better job than unix heads like myself
7088 in this regard, and the unix side need to catch up. Time to start a
7089 new IETF work group?
</p
>
7094 <title>Endelig er Debian Lenny gitt ut
</title>
7095 <link>http://people.skolelinux.org/pere/blog/Endelig_er_Debian_Lenny_gitt_ut.html
</link>
7096 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Endelig_er_Debian_Lenny_gitt_ut.html
</guid>
7097 <pubDate>Sun,
15 Feb
2009 11:
50:
00 +
0100</pubDate>
7098 <description><p
>Endelig er
<a href=
"http://www.debian.org/
">Debian
</a
>
7099 <a href=
"http://www.debian.org/News/
2009/
20090214">Lenny
</a
> gitt ut.
7100 Et langt steg videre for Debian-prosjektet, og en rekke nye
7101 programpakker blir nå tilgjengelig for de av oss som bruker den
7102 stabile utgaven av Debian. Neste steg er nå å få
7103 <a href=
"http://www.skolelinux.org/
">Skolelinux
</a
> /
7104 <a href=
"http://wiki.debian.org/DebianEdu/
">Debian Edu
</a
> ferdig
7105 oppdatert for den nye utgaven, slik at en oppdatert versjon kan
7106 slippes løs på skolene. Takk til alle debian-utviklerne som har
7107 gjort dette mulig. Endelig er f.eks. fungerende avhengighetsstyrt
7108 bootsekvens tilgjengelig i stabil utgave, vha pakken
7109 <tt
>insserv
</tt
>.
</p
>
7114 <title>Devcamp brought us closer to the Lenny based Debian Edu release
</title>
7115 <link>http://people.skolelinux.org/pere/blog/Devcamp_brought_us_closer_to_the_Lenny_based_Debian_Edu_release.html
</link>
7116 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Devcamp_brought_us_closer_to_the_Lenny_based_Debian_Edu_release.html
</guid>
7117 <pubDate>Sun,
7 Dec
2008 12:
00:
00 +
0100</pubDate>
7118 <description><p
>This weekend we had a small developer gathering for Debian Edu in
7119 Oslo. Most of Saturday was used for the general assemly for the
7120 member organization, but the rest of the weekend I used to tune the
7121 LTSP installation. LTSP now work out of the box on the
10-network.
7122 Acer Aspire One proved to be a very nice thin client, with both
7123 screen, mouse and keybard in a small box. Was working on getting the
7124 diskless workstation setup configured out of the box, but did not
7125 finish it before the weekend was up.
</p
>
7127 <p
>Did not find time to look at the
4 VGA cards in one box we got from
7128 the Brazilian group, so that will have to wait for the next
7129 development gathering. Would love to have the Debian Edu installer
7130 automatically detect and configure a multiseat setup when it find one
7131 of these cards.
</p
>
7136 <title>The sorry state of multimedia browser plugins in Debian
</title>
7137 <link>http://people.skolelinux.org/pere/blog/The_sorry_state_of_multimedia_browser_plugins_in_Debian.html
</link>
7138 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/The_sorry_state_of_multimedia_browser_plugins_in_Debian.html
</guid>
7139 <pubDate>Tue,
25 Nov
2008 00:
10:
00 +
0100</pubDate>
7140 <description><p
>Recently I have spent some time evaluating the multimedia browser
7141 plugins available in Debian Lenny, to see which one we should use by
7142 default in Debian Edu. We need an embedded video playing plugin with
7143 control buttons to pause or stop the video, and capable of streaming
7144 all the multimedia content available on the web. The test results and
7145 notes are available on
7146 <a href=
"http://wiki.debian.org/DebianEdu/BrowserMultimedia
">the
7147 Debian wiki
</a
>. I was surprised how few of the plugins are able to
7148 fill this need. My personal video player favorite, VLC, has a really
7149 bad plugin which fail on a lot of the test pages. A lot of the MIME
7150 types I would expect to work with any free software player (like
7151 video/ogg), just do not work. And simple formats like the
7152 audio/x-mplegurl format (m3u playlists), just isn
't supported by the
7153 totem and vlc plugins. I hope the situation will improve soon. No
7154 wonder sites use the proprietary Adobe flash to play video.
</p
>
7156 <p
>For Lenny, we seem to end up with the mplayer plugin. It seem to
7157 be the only one fitting our needs. :/
</p
>
projects / homepage.git / blob