1 <?xml version=
"1.0" encoding=
"utf-8"?>
2 <rss version='
2.0' xmlns:lj='http://www.livejournal.org/rss/lj/
1.0/'
>
4 <title>Petter Reinholdtsen - Entries tagged debian
</title>
5 <description>Entries tagged debian
</description>
6 <link>https://people.skolelinux.org/pere/blog/
</link>
10 <title>Time to move orphaned Debian packages to git
</title>
11 <link>https://people.skolelinux.org/pere/blog/Time_to_move_orphaned_Debian_packages_to_git.html
</link>
12 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Time_to_move_orphaned_Debian_packages_to_git.html
</guid>
13 <pubDate>Sun,
14 Apr
2024 09:
30:
00 +
0200</pubDate>
14 <description><p
>There are several packages in Debian without a associated git
15 repository with the packaging history. This is unfortunate and it
16 would be nice if more of these would do so. Quote a lot of these are
17 without a maintainer, ie listed as maintained by the
18 '<a href=
"https://qa.debian.org/developer.php?email=packages%
40qa.debian.org
">Debian
19 QA Group
</a
>' place holder. In fact,
438 packages have this property
20 according to UDD (
<tt
>SELECT source FROM sources WHERE release =
'sid
'
21 AND (vcs_url ilike
'%anonscm.debian.org%
' OR vcs_browser ilike
22 '%anonscm.debian.org%
' or vcs_url IS NULL OR vcs_browser IS NULL) AND
23 maintainer ilike
'%packages@qa.debian.org%
';
</tt
>). Such packages can
24 be updated without much coordination by any Debian developer, as they
25 are considered orphaned.
</p
>
27 <p
>To try to improve the situation and reduce the number of packages
28 without associated git repository, I started a few days ago to search
29 out candiates and provide them with a git repository under the
30 'debian
' collaborative Salsa project. I started with the packages
31 pointing to obsolete Alioth git repositories, and am now working my
32 way across the ones completely without git references. In addition to
33 updating the Vcs-* debian/control fields, I try to update
34 Standards-Version, debhelper compat level, simplify d/rules, switch to
35 Rules-Requires-Root: no and fix lintian issues reported. I only
36 implement those that are trivial to fix, to avoid spending too much
37 time on each orphaned package. So far my experience is that it take
38 aproximately
20 minutes to convert a package without any git
39 references, and a lot more for packages with existing git repositories
40 incompatible with git-buildpackages.
</p
>
42 <p
>So far I have converted
10 packages, and I will keep going until I
43 run out of steam. As should be clear from the numbers, there is
44 enough packages remaining for more people to do the same without
45 stepping on each others toes. I find it useful to start by searching
46 for a git repo already on salsa, as I find that some times a git repo
47 has already been created, but no new version is uploaded to Debian
48 yet. In those cases I start with the existing git repository. I
49 convert to the git-buildpackage+pristine-tar workflow, and ensure a
50 debian/gbp.conf file with
"pristine-tar=True
" is added early, to avoid
51 uploading a orig.tar.gz with the wrong checksum by mistake. Did that
52 three times in the begin before I remembered my mistake.
</p
>
54 <p
>So, if you are a Debian Developer and got some spare time, perhaps
55 considering migrating some orphaned packages to git?
</p
>
57 <p
>As usual, if you use Bitcoin and want to show your support of my
58 activities, please send Bitcoin donations to my address
59 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
64 <title>New and improved sqlcipher in Debian for accessing Signal database
</title>
65 <link>https://people.skolelinux.org/pere/blog/New_and_improved_sqlcipher_in_Debian_for_accessing_Signal_database.html
</link>
66 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/New_and_improved_sqlcipher_in_Debian_for_accessing_Signal_database.html
</guid>
67 <pubDate>Sun,
12 Nov
2023 12:
00:
00 +
0100</pubDate>
68 <description><p
>For a while now I wanted to have direct access to the
69 <a href=
"https://signal.org/
">Signal
</a
> database of messages and
70 channels of my Desktop edition of Signal. I prefer the enforced end
71 to end encryption of Signal these days for my communication with
72 friends and family, to increase the level of safety and privacy as
73 well as raising the cost of the mass surveillance government and
74 non-government entities practice these days. In August I came across
76 <a href=
"https://www.yoranbrondsema.com/post/the-guide-to-extracting-statistics-from-your-signal-conversations/
">recipe
77 on how to use sqlcipher to extract statistics from the Signal
78 database
</a
> explaining how to do this. Unfortunately this did not
79 work with the version of sqlcipher in Debian. The
80 <a href=
"http://tracker.debian.org/sqlcipher/
">sqlcipher
</a
>
81 package is a
"fork
" of the sqlite package with added support for
82 encrypted databases. Sadly the current Debian maintainer
83 <a href=
"https://bugs.debian.org/
961598">announced more than three
84 years ago that he did not have time to maintain sqlcipher
</a
>, so it
85 seemed unlikely to be upgraded by the maintainer. I was reluctant to
86 take on the job myself, as I have very limited experience maintaining
87 shared libraries in Debian. After waiting and hoping for a few
88 months, I gave up the last week, and set out to update the package. In
89 the process I orphaned it to make it more obvious for the next person
90 looking at it that the package need proper maintenance.
</p
>
92 <p
>The version in Debian was around five years old, and quite a lot of
93 changes had taken place upstream into the Debian maintenance git
94 repository. After spending a few days importing the new upstream
95 versions, realising that upstream did not care much for SONAME
96 versioning as I saw library symbols being both added and removed with
97 minor version number changes to the project, I concluded that I had to
98 do a SONAME bump of the library package to avoid surprising the
99 reverse dependencies. I even added a simple
100 autopkgtest script to ensure the package work as intended. Dug deep
101 into the hole of learning shared library maintenance, I set out a few
102 days ago to upload the new version to Debian experimental to see what
103 the quality assurance framework in Debian had to say about the result.
104 The feedback told me the pacakge was not too shabby, and yesterday I
105 uploaded the latest version to Debian unstable. It should enter
106 testing today or tomorrow, perhaps delayed by
107 <a href=
"https://bugs.debian.org/
1055812">a small library
108 transition
</a
>.
</p
>
110 <p
>Armed with a new version of sqlcipher, I can now have a look at the
111 SQL database in ~/.config/Signal/sql/db.sqlite. First, one need to
112 fetch the encryption key from the Signal configuration using this
113 simple JSON extraction command:
</p
>
115 <pre
>/usr/bin/jq -r
'.
"key
"' ~/.config/Signal/config.json
</pre
>
117 <p
>Assuming the result from that command is
'secretkey
', which is a
118 hexadecimal number representing the key used to encrypt the database.
119 Next, one can now connect to the database and inject the encryption
120 key for access via SQL to fetch information from the database. Here
121 is an example dumping the database structure:
</p
>
124 % sqlcipher ~/.config/Signal/sql/db.sqlite
125 sqlite
> PRAGMA key =
"x
'secretkey
'";
127 CREATE TABLE sqlite_stat1(tbl,idx,stat);
128 CREATE TABLE conversations(
129 id STRING PRIMARY KEY ASC,
137 , profileFamilyName TEXT, profileFullName TEXT, e164 TEXT, serviceId TEXT, groupId TEXT, profileLastFetchedAt INTEGER);
138 CREATE TABLE identityKeys(
139 id STRING PRIMARY KEY ASC,
143 id STRING PRIMARY KEY ASC,
146 CREATE TABLE sessions(
150 , ourServiceId STRING, serviceId STRING);
151 CREATE TABLE attachment_downloads(
152 id STRING primary key,
157 CREATE TABLE sticker_packs(
162 coverStickerId INTEGER,
164 downloadAttempts INTEGER,
168 stickerCount INTEGER,
170 , attemptedStatus STRING, position INTEGER DEFAULT
0 NOT NULL, storageID STRING, storageVersion INTEGER, storageUnknownFields BLOB, storageNeedsSync
171 INTEGER DEFAULT
0 NOT NULL);
172 CREATE TABLE stickers(
174 packId TEXT NOT NULL,
183 PRIMARY KEY (id, packId),
184 CONSTRAINT stickers_fk
186 REFERENCES sticker_packs(id)
189 CREATE TABLE sticker_references(
192 CONSTRAINT sticker_references_fk
194 REFERENCES sticker_packs(id)
198 shortName TEXT PRIMARY KEY,
201 CREATE TABLE messages(
202 rowid INTEGER PRIMARY KEY ASC,
208 schemaVersion INTEGER,
209 conversationId STRING,
212 hasAttachments INTEGER,
213 hasFileAttachments INTEGER,
214 hasVisualMediaAttachments INTEGER,
216 expirationStartTimestamp INTEGER,
219 messageTimer INTEGER,
220 messageTimerStart INTEGER,
221 messageTimerExpiresAt INTEGER,
224 sourceServiceId TEXT, serverGuid STRING NULL, sourceDevice INTEGER, storyId STRING, isStory INTEGER
225 GENERATED ALWAYS AS (type IS
'story
'), isChangeCreatedByUs INTEGER NOT NULL DEFAULT
0, isTimerChangeFromSync INTEGER
226 GENERATED ALWAYS AS (
227 json_extract(json,
'$.expirationTimerUpdate.fromSync
') IS
1
228 ), seenStatus NUMBER default
0, storyDistributionListId STRING, expiresAt INT
231 expirationStartTimestamp + (expireTimer *
1000),
233 )), shouldAffectActivity INTEGER
234 GENERATED ALWAYS AS (
238 'change-number-notification
',
239 'contact-removed-notification
',
240 'conversation-merge
',
241 'group-v1-migration
',
243 'message-history-unsynced
',
244 'profile-change
',
246 'universal-timer-notification
',
247 'verified-change
'
249 ), shouldAffectPreview INTEGER
250 GENERATED ALWAYS AS (
254 'change-number-notification
',
255 'contact-removed-notification
',
256 'conversation-merge
',
257 'group-v1-migration
',
259 'message-history-unsynced
',
260 'profile-change
',
262 'universal-timer-notification
',
263 'verified-change
'
265 ), isUserInitiatedMessage INTEGER
266 GENERATED ALWAYS AS (
270 'change-number-notification
',
271 'contact-removed-notification
',
272 'conversation-merge
',
273 'group-v1-migration
',
274 'group-v2-change
',
276 'message-history-unsynced
',
277 'profile-change
',
279 'universal-timer-notification
',
280 'verified-change
'
282 ), mentionsMe INTEGER NOT NULL DEFAULT
0, isGroupLeaveEvent INTEGER
283 GENERATED ALWAYS AS (
284 type IS
'group-v2-change
' AND
285 json_array_length(json_extract(json,
'$.groupV2Change.details
')) IS
1 AND
286 json_extract(json,
'$.groupV2Change.details[
0].type
') IS
'member-remove
' AND
287 json_extract(json,
'$.groupV2Change.from
') IS NOT NULL AND
288 json_extract(json,
'$.groupV2Change.from
') IS json_extract(json,
'$.groupV2Change.details[
0].aci
')
289 ), isGroupLeaveEventFromOther INTEGER
290 GENERATED ALWAYS AS (
291 isGroupLeaveEvent IS
1
293 isChangeCreatedByUs IS
0
295 GENERATED ALWAYS AS (
296 json_extract(json,
'$.callId
')
298 CREATE TABLE sqlite_stat4(tbl,idx,neq,nlt,ndlt,sample);
301 queueType TEXT STRING NOT NULL,
302 timestamp INTEGER NOT NULL,
305 CREATE TABLE reactions(
306 conversationId STRING,
309 messageReceivedAt INTEGER,
310 targetAuthorAci STRING,
311 targetTimestamp INTEGER,
314 CREATE TABLE senderKeys(
315 id TEXT PRIMARY KEY NOT NULL,
316 senderId TEXT NOT NULL,
317 distributionId TEXT NOT NULL,
319 lastUpdatedDate NUMBER NOT NULL
321 CREATE TABLE unprocessed(
322 id STRING PRIMARY KEY ASC,
329 serverTimestamp INTEGER,
330 sourceServiceId STRING
331 , serverGuid STRING NULL, sourceDevice INTEGER, receivedAtCounter INTEGER, urgent INTEGER, story INTEGER);
332 CREATE TABLE sendLogPayloads(
333 id INTEGER PRIMARY KEY ASC,
335 timestamp INTEGER NOT NULL,
336 contentHint INTEGER NOT NULL,
338 , urgent INTEGER, hasPniSignatureMessage INTEGER DEFAULT
0 NOT NULL);
339 CREATE TABLE sendLogRecipients(
340 payloadId INTEGER NOT NULL,
342 recipientServiceId STRING NOT NULL,
343 deviceId INTEGER NOT NULL,
345 PRIMARY KEY (payloadId, recipientServiceId, deviceId),
347 CONSTRAINT sendLogRecipientsForeignKey
348 FOREIGN KEY (payloadId)
349 REFERENCES sendLogPayloads(id)
352 CREATE TABLE sendLogMessageIds(
353 payloadId INTEGER NOT NULL,
355 messageId STRING NOT NULL,
357 PRIMARY KEY (payloadId, messageId),
359 CONSTRAINT sendLogMessageIdsForeignKey
360 FOREIGN KEY (payloadId)
361 REFERENCES sendLogPayloads(id)
364 CREATE TABLE preKeys(
365 id STRING PRIMARY KEY ASC,
367 , ourServiceId NUMBER
368 GENERATED ALWAYS AS (json_extract(json,
'$.ourServiceId
')));
369 CREATE TABLE signedPreKeys(
370 id STRING PRIMARY KEY ASC,
372 , ourServiceId NUMBER
373 GENERATED ALWAYS AS (json_extract(json,
'$.ourServiceId
')));
376 category TEXT NOT NULL,
378 descriptionTemplate TEXT NOT NULL
380 CREATE TABLE badgeImageFiles(
381 badgeId TEXT REFERENCES badges(id)
384 'order
' INTEGER NOT NULL,
389 CREATE TABLE storyReads (
390 authorId STRING NOT NULL,
391 conversationId STRING NOT NULL,
392 storyId STRING NOT NULL,
393 storyReadDate NUMBER NOT NULL,
395 PRIMARY KEY (authorId, storyId)
397 CREATE TABLE storyDistributions(
398 id STRING PRIMARY KEY NOT NULL,
401 senderKeyInfoJson STRING
402 , deletedAtTimestamp INTEGER, allowsReplies INTEGER, isBlockList INTEGER, storageID STRING, storageVersion INTEGER, storageUnknownFields BLOB, storageNeedsSync INTEGER);
403 CREATE TABLE storyDistributionMembers(
404 listId STRING NOT NULL REFERENCES storyDistributions(id)
407 serviceId STRING NOT NULL,
409 PRIMARY KEY (listId, serviceId)
411 CREATE TABLE uninstalled_sticker_packs (
412 id STRING NOT NULL PRIMARY KEY,
413 uninstalledAt NUMBER NOT NULL,
415 storageVersion NUMBER,
416 storageUnknownFields BLOB,
417 storageNeedsSync INTEGER NOT NULL
419 CREATE TABLE groupCallRingCancellations(
420 ringId INTEGER PRIMARY KEY,
421 createdAt INTEGER NOT NULL
423 CREATE TABLE IF NOT EXISTS
'messages_fts_data
'(id INTEGER PRIMARY KEY, block BLOB);
424 CREATE TABLE IF NOT EXISTS
'messages_fts_idx
'(segid, term, pgno, PRIMARY KEY(segid, term)) WITHOUT ROWID;
425 CREATE TABLE IF NOT EXISTS
'messages_fts_content
'(id INTEGER PRIMARY KEY, c0);
426 CREATE TABLE IF NOT EXISTS
'messages_fts_docsize
'(id INTEGER PRIMARY KEY, sz BLOB);
427 CREATE TABLE IF NOT EXISTS
'messages_fts_config
'(k PRIMARY KEY, v) WITHOUT ROWID;
428 CREATE TABLE edited_messages(
429 messageId STRING REFERENCES messages(id)
433 , conversationId STRING);
434 CREATE TABLE mentions (
435 messageId REFERENCES messages(id) ON DELETE CASCADE,
440 CREATE TABLE kyberPreKeys(
441 id STRING PRIMARY KEY NOT NULL,
442 json TEXT NOT NULL, ourServiceId NUMBER
443 GENERATED ALWAYS AS (json_extract(json,
'$.ourServiceId
')));
444 CREATE TABLE callsHistory (
445 callId TEXT PRIMARY KEY,
446 peerId TEXT NOT NULL, -- conversation id (legacy) | uuid | groupId | roomId
447 ringerId TEXT DEFAULT NULL, -- ringer uuid
448 mode TEXT NOT NULL, -- enum
"Direct
" |
"Group
"
449 type TEXT NOT NULL, -- enum
"Audio
" |
"Video
" |
"Group
"
450 direction TEXT NOT NULL, -- enum
"Incoming
" |
"Outgoing
451 -- Direct: enum
"Pending
" |
"Missed
" |
"Accepted
" |
"Deleted
"
452 -- Group: enum
"GenericGroupCall
" |
"OutgoingRing
" |
"Ringing
" |
"Joined
" |
"Missed
" |
"Declined
" |
"Accepted
" |
"Deleted
"
453 status TEXT NOT NULL,
454 timestamp INTEGER NOT NULL,
455 UNIQUE (callId, peerId) ON CONFLICT FAIL
457 [ dropped all indexes to save space in this blog post ]
458 CREATE TRIGGER messages_on_view_once_update AFTER UPDATE ON messages
460 new.body IS NOT NULL AND new.isViewOnce =
1
462 DELETE FROM messages_fts WHERE rowid = old.rowid;
464 CREATE TRIGGER messages_on_insert AFTER INSERT ON messages
465 WHEN new.isViewOnce IS NOT
1 AND new.storyId IS NULL
467 INSERT INTO messages_fts
470 (new.rowid, new.body);
472 CREATE TRIGGER messages_on_delete AFTER DELETE ON messages BEGIN
473 DELETE FROM messages_fts WHERE rowid = old.rowid;
474 DELETE FROM sendLogPayloads WHERE id IN (
475 SELECT payloadId FROM sendLogMessageIds
476 WHERE messageId = old.id
478 DELETE FROM reactions WHERE rowid IN (
479 SELECT rowid FROM reactions
480 WHERE messageId = old.id
482 DELETE FROM storyReads WHERE storyId = old.storyId;
484 CREATE VIRTUAL TABLE messages_fts USING fts5(
486 tokenize =
'signal_tokenizer
'
488 CREATE TRIGGER messages_on_update AFTER UPDATE ON messages
490 (new.body IS NULL OR old.body IS NOT new.body) AND
491 new.isViewOnce IS NOT
1 AND new.storyId IS NULL
493 DELETE FROM messages_fts WHERE rowid = old.rowid;
494 INSERT INTO messages_fts
497 (new.rowid, new.body);
499 CREATE TRIGGER messages_on_insert_insert_mentions AFTER INSERT ON messages
501 INSERT INTO mentions (messageId, mentionAci, start, length)
503 SELECT messages.id, bodyRanges.value -
>> 'mentionAci
' as mentionAci,
504 bodyRanges.value -
>> 'start
' as start,
505 bodyRanges.value -
>> 'length
' as length
506 FROM messages, json_each(messages.json -
>> 'bodyRanges
') as bodyRanges
507 WHERE bodyRanges.value -
>> 'mentionAci
' IS NOT NULL
509 AND messages.id = new.id;
511 CREATE TRIGGER messages_on_update_update_mentions AFTER UPDATE ON messages
513 DELETE FROM mentions WHERE messageId = new.id;
514 INSERT INTO mentions (messageId, mentionAci, start, length)
516 SELECT messages.id, bodyRanges.value -
>> 'mentionAci
' as mentionAci,
517 bodyRanges.value -
>> 'start
' as start,
518 bodyRanges.value -
>> 'length
' as length
519 FROM messages, json_each(messages.json -
>> 'bodyRanges
') as bodyRanges
520 WHERE bodyRanges.value -
>> 'mentionAci
' IS NOT NULL
522 AND messages.id = new.id;
527 <p
>Finally I have the tool needed to inspect and process Signal
528 messages that I need, without using the vendor provided client. Now
529 on to transforming it to a more useful format.
</p
>
531 <p
>As usual, if you use Bitcoin and want to show your support of my
532 activities, please send Bitcoin donations to my address
533 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
538 <title>New chrpath release
0.17</title>
539 <link>https://people.skolelinux.org/pere/blog/New_chrpath_release_0_17.html
</link>
540 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/New_chrpath_release_0_17.html
</guid>
541 <pubDate>Fri,
10 Nov
2023 07:
30:
00 +
0100</pubDate>
542 <description><p
>The chrpath package provide a simple command line tool to remove or
543 modify the rpath or runpath of compiled ELF program. It is almost
10
544 years since I updated the code base, but I stumbled over the tool
545 today, and decided it was time to move the code base from Subversion
546 to git and find a new home for it, as the previous one (Debian Alioth)
547 has been shut down. I decided to go with
548 <a href=
"https://codeberg.org/
">Codeberg
</a
> this time, as it is my git
549 service of choice these days, did a quick and dirty migration to git
550 and updated the code with a few patches I found in the Debian bug
551 tracker. These are the release notes:
</p
>
553 <p
>New in
0.17 released
2023-
11-
10:
</p
>
556 <li
>Moved project to Codeberg, as Alioth is shut down.
</li
>
557 <li
>Add Solaris support (use
&lt;sys/byteorder.h
> instead of
&lt;byteswap.h
>).
558 Patch from Rainer Orth.
</li
>
559 <li
>Added missing newline from printf() line. Patch from Frank Dana.
</li
>
560 <li
>Corrected handling of multiple ELF sections. Patch from Frank Dana.
</li
>
561 <li
>Updated build rules for .deb. Partly based on patch from djcj.
</li
>
564 <p
>The latest edition is tagged and available from
565 <a href=
"https://codeberg.org/pere/chrpath
">https://codeberg.org/pere/chrpath
</a
>.
567 <p
>As usual, if you use Bitcoin and want to show your support of my
568 activities, please send Bitcoin donations to my address
569 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
574 <title>Test framework for DocBook processors / formatters
</title>
575 <link>https://people.skolelinux.org/pere/blog/Test_framework_for_DocBook_processors___formatters.html
</link>
576 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Test_framework_for_DocBook_processors___formatters.html
</guid>
577 <pubDate>Sun,
5 Nov
2023 13:
00:
00 +
0100</pubDate>
578 <description><p
>All the books I have published so far has been using
579 <a href=
"https://docbook.org/
">DocBook
</a
> somewhere in the process.
580 For the first book, the source format was DocBook, while for every
581 later book it was an intermediate format used as the stepping stone to
582 be able to present the same manuscript in several formats, on paper,
583 as ebook in ePub format, as a HTML page and as a PDF file either for
584 paper production or for Internet consumption. This is made possible
585 with a wide variety of free software tools with DocBook support in
586 Debian. The source format of later books have been docx via rst,
587 Markdown, Filemaker and Asciidoc, and for all of these I was able to
588 generate a suitable DocBook file for further processing using
589 <a href=
"https://tracker.debian.org/pkg/pandoc
">pandoc
</a
>,
590 <a href=
"https://tracker.debian.org/pkg/asciidoc
">a2x
</a
> and
591 <a href=
"https://tracker.debian.org/pkg/asciidoctor
">asciidoctor
</a
>,
592 as well as rendering using
593 <a href=
"https://tracker.debian.org/pkg/xmlto
">xmlto
</a
>,
594 <a href=
"https://tracker.debian.org/pkg/dbtoepub
">dbtoepub
</a
>,
595 <a href=
"https://tracker.debian.org/pkg/dblatex
">dblatex
</a
>,
596 <a href=
"https://tracker.debian.org/pkg/docbook-xsl
">docbook-xsl
</a
> and
597 <a href=
"https://tracker.debian.org/pkg/fop
">fop
</a
>.
</p
>
599 <p
>Most of the
<a href=
"http://www.hungry.com/~pere/publisher/
">books I
600 have published
</a
> are translated books, with English as the source
602 <a href=
"https://tracker.debian.org/pkg/po4a
">po4a
</a
> to
603 handle translations using the gettext PO format has been a blessing,
604 but publishing translated books had triggered the need to ensure the
605 DocBook tools handle relevant languages correctly. For every new
606 language I have published, I had to submit patches dblatex, dbtoepub
607 and docbook-xsl fixing incorrect language and country specific issues
608 in the framework themselves. Typically this has been missing keywords
609 like
'figure
' or sort ordering of index entries. After a while it
610 became tiresome to only discover issues like this by accident, and I
611 decided to write a DocBook
"test framework
" exercising various
612 features of DocBook and allowing me to see all features exercised for
613 a given language. It consist of a set of DocBook files, a version
4
614 book, a version
5 book, a v4 book set, a v4 selection of problematic
615 tables, one v4 testing sidefloat and finally one v4 testing a book of
616 articles. The DocBook files are accompanied with a set of build rules
617 for building PDF using dblatex and docbook-xsl/fop, HTML using xmlto
618 or docbook-xsl and epub using dbtoepub. The result is a set of files
619 visualizing footnotes, indexes, table of content list, figures,
620 formulas and other DocBook features, allowing for a quick review on
621 the completeness of the given locale settings. To build with a
622 different language setting, all one need to do is edit the lang= value
623 in the .xml file to pick a different ISO
639 code value and run
624 'make
'.
</p
>
626 <p
>The
<a href=
"https://codeberg.org/pere/docbook-example/
">test framework
627 source code
</a
> is available from Codeberg, and a generated set of
628 presentations of the various examples is available as Codeberg static
630 <a href=
"https://pere.codeberg.page/docbook-example/
">https://pere.codeberg.page/docbook-example/
</a
>.
631 Using this test framework I have been able to discover and report
632 several bugs and missing features in various tools, and got a lot of
633 them fixed. For example I got Northern Sami keywords added to both
634 docbook-xsl and dblatex, fixed several typos in Norwegian bokmål and
635 Norwegian Nynorsk, support for non-ascii title IDs added to pandoc,
636 Norwegian index sorting support fixed in xindy and initial Norwegian
637 Bokmål support added to dblatex. Some issues still remains, though.
638 Default index sorting rules are still broken in several tools, so the
639 Norwegian letters æ, ø and å are more often than not sorted properly
640 in the book index.
</p
>
642 <p
>The test framework recently received some more polish, as part of
643 publishing my latest book. This book contained a lot of fairly
644 complex tables, which exposed bugs in some of the tools. This made me
645 add a new test file with various tables, as well as spend some time to
646 brush up the build rules. My goal is for the test framework to
647 exercise all DocBook features to make it easier to see which features
648 work with different processors, and hopefully get them all to support
649 the full set of DocBook features. Feel free to send patches to extend
650 the test set, and test it with your favorite DocBook processor.
651 Please visit these two URLs to learn more:
</p
>
654 <li
><a href=
"https://codeberg.org/pere/docbook-example/
">https://codeberg.org/pere/docbook-example/
</a
></li
>
655 <li
><a href=
"https://pere.codeberg.page/docbook-example/
">https://pere.codeberg.page/docbook-example/
</a
></li
>
658 <p
>If you want to learn more on Docbook and translations, I recommend
659 having a look at the
<a href=
"https://docbook.org/
">the DocBook
661 <a href=
"https://doccookbook.sourceforge.net/html/en/
">the DoCookBook
662 site
<a/
> and my earlier blog post on
663 <a href=
"https://people.skolelinux.org/pere/blog/From_English_wiki_to_translated_PDF_and_epub_via_Docbook.html
">how
664 the Skolelinux project process and translate documentation
</a
>, a talk I gave earlier this year on
665 <a href=
"https://www.nuug.no/aktiviteter/
20230314-oversetting-og-publisering-av-b%c3%b8ker-med-fri-programvare/
">how
666 to translate and publish books using free software
</a
> (Norwegian
671 https://github.com/docbook/xslt10-stylesheets/issues/
205 (docbook-xsl: sme support)
672 https://bugs.debian.org/
968437 (xindy: index sorting rules for nb/nn)
673 https://bugs.debian.org/
856123 (pandoc: markdown to docbook with non-english titles)
674 https://bugs.debian.org/
864813 (dblatex: missing nb words)
675 https://bugs.debian.org/
756386 (dblatex: index sorting rules for nb/nn)
676 https://bugs.debian.org/
796871 (dbtoepub: index sorting rules for nb/nn)
677 https://bugs.debian.org/
792616 (dblatex: PDF metadata)
678 https://bugs.debian.org/
686908 (docbook-xsl: index sorting rules for nb/nn)
679 https://sourceforge.net/tracker/?func=detail
&atid=
373747&aid=
3556630&group_id=
21935 (docbook-xsl: nb/nn support)
680 https://bugs.debian.org/
684391 (dblatex: initial nb support)
684 <p
>As usual, if you use Bitcoin and want to show your support of my
685 activities, please send Bitcoin donations to my address
686 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
691 <title>What did I learn from OpenSnitch this summer?
</title>
692 <link>https://people.skolelinux.org/pere/blog/What_did_I_learn_from_OpenSnitch_this_summer_.html
</link>
693 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/What_did_I_learn_from_OpenSnitch_this_summer_.html
</guid>
694 <pubDate>Sun,
11 Jun
2023 08:
30:
00 +
0200</pubDate>
695 <description><p
>With yesterdays
696 <a href=
"https://www.debian.org/News/
2023/
20230610">release of Debian
697 12 Bookworm
</a
>, I am happy to know the
698 <a href=
"https://tracker.debian.org/pkg/opensnitch
">the interactive
699 application firewall OpenSnitch
</a
> is available for a wider audience.
700 I have been running it for a few weeks now, and have been surprised
701 about some of the programs connecting to the Internet. Some programs
702 are obviously calling out from my machine, like the NTP network based
703 clock adjusting system and Tor to reach other Tor clients, but others
704 were more dubious. For example, the KDE Window manager try to look up
705 the host name in DNS, for no apparent reason, but if this lookup is
706 blocked the KDE desktop get periodically stuck when I use it. Another
707 surprise was how much Firefox call home directly to mozilla.com,
708 mozilla.net and googleapis.com, to mention a few, when I visit other
709 web pages. This direct connection happen even if I told Firefox to
710 always use a proxy, and the proxy setting is ignored for this traffic.
711 Other surprising connections come from audacity and dirmngr (I do not
712 use Gnome). It took some trial and error to get a good default set of
713 permissions. Without it, I would get popups asking for permissions at
714 any time, also the most inconvenient ones where I am in the middle of
715 a time sensitive gaming session.
</p
>
717 <p
>I suspect some application developers should rethink when then need
718 to use network connections or DNS lookups, and recommend testing
719 OpenSnitch (only
<tt
>apt install opensnitch
</tt
> away in Debian
720 Bookworm) to locate and report any surprising Internet connections on
721 your desktop machine.
</p
>
723 <p
>At the moment the upstream developer and Debian package maintainer
724 is working on making the system more reliable in Debian, by enabling
725 the eBPF kernel module to track processes and connections instead of
726 depending in content in /proc/. This should enter unstable fairly
729 <p
>As usual, if you use Bitcoin and want to show your support of my
730 activities, please send Bitcoin donations to my address
731 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
733 <p
><strong
>Update
2023-
06-
12</strong
>: I got a tip about
734 <a href=
"https://wiki.debian.org/PrivacyIssues
">a list of privacy
735 issues in Free Software
</a
> and the
736 <a href=
"irc://irc.debian.org/%
23debian-privacy
">#debian-privacy IRC
737 channel
</a
> discussing these topics.
</p
>
743 <title>wmbusmeters, parse data from your utility meter - nice free software
</title>
744 <link>https://people.skolelinux.org/pere/blog/wmbusmeters__parse_data_from_your_utility_meter___nice_free_software.html
</link>
745 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/wmbusmeters__parse_data_from_your_utility_meter___nice_free_software.html
</guid>
746 <pubDate>Fri,
19 May
2023 21:
50:
00 +
0200</pubDate>
747 <description><p
>There is a European standard for reading utility meters like water,
748 gas, electricity or heat distribution meters. The
749 <a href=
"https://en.wikipedia.org/wiki/Meter-Bus
">Meter-Bus standard
750 (EN
13757-
2, EN
13757-
3 and EN
13757–
4)
</a
> provide a cross vendor way
751 to talk to and collect meter data. I ran into this standard when I
752 wanted to monitor some heat distribution meters, and managed to find
753 free software that could do the job. The meters in question broadcast
754 encrypted messages with meter information via radio, and the hardest
755 part was to track down the encryption keys from the vendor. With this
756 in place I could set up a MQTT gateway to submit the meter data for
759 <p
>The free software systems in question,
760 <a href=
"https://tracker.debian.org/pkg/rtl-wmbus
">rtl-wmbus
</a
> to
761 read the messages from a software defined radio, and
762 <a href=
"https://tracker.debian.org/pkg/wmbusmeters
">wmbusmeters
</a
> to
763 decrypt and decode the content of the messages, is working very well
764 and allowe me to get frequent updates from my meters. I got in touch
765 with upstream last year to see if there was any interest in publishing
766 the packages via Debian. I was very happy to learn that Fredrik
767 Öhrström volunteered to maintain the packages, and I have since
768 assisted him in getting Debian package build rules in place as well as
769 sponsoring the packages into the Debian archive. Sadly we completed
770 it too late for them to become part of the next stable Debian release
771 (Bookworm). The wmbusmeters package just cleared the NEW queue. It
772 will need some work to fix a built problem, but I expect Fredrik will
773 find a solution soon.
</p
>
775 <p
>If you got a infrastructure meter supporting the Meter Bus
776 standard, I strongly recommend having a look at these nice
779 <p
>As usual, if you use Bitcoin and want to show your support of my
780 activities, please send Bitcoin donations to my address
781 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
786 <title>The
2023 LinuxCNC Norwegian developer gathering
</title>
787 <link>https://people.skolelinux.org/pere/blog/The_2023_LinuxCNC_Norwegian_developer_gathering.html
</link>
788 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/The_2023_LinuxCNC_Norwegian_developer_gathering.html
</guid>
789 <pubDate>Sun,
14 May
2023 20:
30:
00 +
0200</pubDate>
790 <description><p
>The LinuxCNC project is making headway these days. A lot of
791 patches and issues have seen activity on
792 <a href=
"https://github.com/LinuxCNC/linuxcnc/
">the project github
793 pages
</a
> recently. A few weeks ago there was a developer gathering
794 over at the
<a href=
"https://tormach.com/
">Tormach
</a
> headquarter in
795 Wisconsin, and now we are planning a new gathering in Norway. If you
796 wonder what LinuxCNC is, lets quote Wikipedia:
</p
>
799 "LinuxCNC is a software system for numerical control of
800 machines such as milling machines, lathes, plasma cutters, routers,
801 cutting machines, robots and hexapods. It can control up to
9 axes or
802 joints of a CNC machine using G-code (RS-
274NGC) as input. It has
803 several GUIs suited to specific kinds of usage (touch screen,
804 interactive development).
"
807 <p
>The Norwegian developer gathering take place the weekend June
16th
808 to
18th this year, and is open for everyone interested in contributing
809 to LinuxCNC. Up to date information about the gathering can be found
811 <a href=
"https://sourceforge.net/p/emc/mailman/emc-developers/thread/sa64jp06nob.fsf%
40hjemme.reinholdtsen.name/#msg37837251
">the
812 developer mailing list thread
</a
> where the gathering was announced.
813 Thanks to the good people at
814 <a href=
"https://www.debian.org/
">Debian
</a
>,
815 <a href=
"https://www.redpill-linpro.com/
">Redpill-Linpro
</a
> and
816 <a href=
"https://www.nuugfoundation.no/no/
">NUUG Foundation
</a
>, we
817 have enough sponsor funds to pay for food, and shelter for the people
818 traveling from afar to join us. If you would like to join the
819 gathering, get in touch.
</p
>
821 <p
>As usual, if you use Bitcoin and want to show your support of my
822 activities, please send Bitcoin donations to my address
823 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
828 <title>OpenSnitch in Debian ready for prime time
</title>
829 <link>https://people.skolelinux.org/pere/blog/OpenSnitch_in_Debian_ready_for_prime_time.html
</link>
830 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/OpenSnitch_in_Debian_ready_for_prime_time.html
</guid>
831 <pubDate>Sat,
13 May
2023 12:
10:
00 +
0200</pubDate>
832 <description><p
>A bit delayed,
833 <a href=
"https://tracker.debian.org/pkg/opensnitch
">the interactive
834 application firewall OpenSnitch
</a
> package in Debian now got the
835 latest fixes ready for Debian Bookworm. Because it depend on a
836 package missing on some architectures, the autopkgtest check of the
837 testing migration script did not understand that the tests were
838 actually working, so the migration was delayed. A bug in the package
839 dependencies is also fixed, so those installing the firewall package
840 (opensnitch) now also get the GUI admin tool (python3-opensnitch-ui)
841 installed by default. I am very grateful to Gustavo Iñiguez Goya for
842 his work on getting the package ready for Debian Bookworm.
</p
>
844 <p
>Armed with this package I have discovered some surprising
845 connections from programs I believed were able to work completly
846 offline, and it has already proven its worth, at least to me. If you
847 too want to get more familiar with the kind of programs using
848 Internett connections on your machine, I recommend testing
<tt
>apt
849 install opensnitch
</tt
> in Bookworm and see what you think.
</p
>
851 <p
>The package is still not able to build its eBPF module within
852 Debian. Not sure how much work it would be to get it working, but
853 suspect some kernel related packages need to be extended with more
854 header files to get it working.
</p
>
856 <p
>As usual, if you use Bitcoin and want to show your support of my
857 activities, please send Bitcoin donations to my address
858 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
863 <title>Speech to text, she APTly whispered, how hard can it be?
</title>
864 <link>https://people.skolelinux.org/pere/blog/Speech_to_text__she_APTly_whispered__how_hard_can_it_be_.html
</link>
865 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Speech_to_text__she_APTly_whispered__how_hard_can_it_be_.html
</guid>
866 <pubDate>Sun,
23 Apr
2023 09:
40:
00 +
0200</pubDate>
867 <description><p
>While visiting a convention during Easter, it occurred to me that
868 it would be great if I could have a digital Dictaphone with
869 transcribing capabilities, providing me with texts to cut-n-paste into
870 stuff I need to write. The background is that long drives often bring
871 up the urge to write on texts I am working on, which of course is out
872 of the question while driving. With the release of
873 <a href=
"https://github.com/openai/whisper/
">OpenAI Whisper
</a
>, this
874 seem to be within reach with Free Software, so I decided to give it a
875 go. OpenAI Whisper is a Linux based neural network system to read in
876 audio files and provide text representation of the speech in that
877 audio recording. It handle multiple languages and according to its
878 creators even can translate into a different language than the spoken
879 one. I have not tested the latter feature. It can either use the CPU
880 or a GPU with CUDA support. As far as I can tell, CUDA in practice
881 limit that feature to NVidia graphics cards. I have few of those, as
882 they do not work great with free software drivers, and have not tested
883 the GPU option. While looking into the matter, I did discover some
884 work to provide CUDA support on non-NVidia GPUs, and some work with
885 the library used by Whisper to port it to other GPUs, but have not
886 spent much time looking into GPU support yet. I
've so far used an old
887 X220 laptop as my test machine, and only transcribed using its
890 <p
>As it from a privacy standpoint is unthinkable to use computers
891 under control of someone else (aka a
"cloud
" service) to transcribe
892 ones thoughts and personal notes, I want to run the transcribing
893 system locally on my own computers. The only sensible approach to me
894 is to make the effort I put into this available for any Linux user and
895 to upload the needed packages into Debian. Looking at Debian Bookworm, I
896 discovered that only three packages were missing,
897 <a href=
"https://bugs.debian.org/
1034307">tiktoken
</a
>,
898 <a href=
"https://bugs.debian.org/
1034144">triton
</a
>, and
899 <a href=
"https://bugs.debian.org/
1034091">openai-whisper
</a
>. For a while
901 <a href=
"https://bugs.debian.org/
1034286">ffmpeg-python
</a
> was
903 <a href=
"https://github.com/kkroening/ffmpeg-python/issues/
760">upstream
904 seem to have vanished
</a
> I found it safer
905 <a href=
"https://github.com/openai/whisper/pull/
1242">to rewrite
906 whisper
</a
> to stop depending on in than to introduce ffmpeg-python
907 into Debian. I decided to place these packages under the umbrella of
908 <a href=
"https://salsa.debian.org/deeplearning-team
">the Debian Deep
909 Learning Team
</a
>, which seem like the best team to look after such
910 packages. Discussing the topic within the group also made me aware
911 that the triton package was already a future dependency of newer
912 versions of the torch package being planned, and would be needed after
913 Bookworm is released.
</p
>
915 <p
>All required code packages have been now waiting in
916 <a href=
"https://ftp-master.debian.org/new.html
">the Debian NEW
917 queue
</a
> since Wednesday, heading for Debian Experimental until
918 Bookworm is released. An unsolved issue is how to handle the neural
919 network models used by Whisper. The default behaviour of Whisper is
920 to require Internet connectivity and download the model requested to
921 <tt
>~/.cache/whisper/
</tt
> on first invocation. This obviously would
922 fail
<a href=
"https://people.debian.org/~bap/dfsg-faq.html
">the
923 deserted island test of free software
</a
> as the Debian packages would
924 be unusable for someone stranded with only the Debian archive and solar
925 powered computer on a deserted island.
</p
>
927 <p
>Because of this, I would love to include the models in the Debian
928 mirror system. This is problematic, as the models are very large
929 files, which would put a heavy strain on the Debian mirror
930 infrastructure around the globe. The strain would be even higher if
931 the models change often, which luckily as far as I can tell they do
932 not. The small model, which according to its creator is most useful
933 for English and in my experience is not doing a great job there
934 either, is
462 MiB (deb is
414 MiB). The medium model, which to me
935 seem to handle English speech fairly well is
1.5 GiB (deb is
1.3 GiB)
936 and the large model is
2.9 GiB (deb is
2.6 GiB). I would assume
937 everyone with enough resources would prefer to use the large model for
938 highest quality. I believe the models themselves would have to go
939 into the non-free part of the Debian archive, as they are not really
940 including any useful source code for updating the models. The
941 "source
", aka the model training set, according to the creators
942 consist of
"680,
000 hours of multilingual and multitask supervised
943 data collected from the web
", which to me reads material with both
944 unknown copyright terms, unavailable to the general public. In other
945 words, the source is not available according to the Debian Free
946 Software Guidelines and the model should be considered non-free.
</p
>
948 <p
>I asked the Debian FTP masters for advice regarding uploading a
949 model package on their IRC channel, and based on the feedback there it
950 is still unclear to me if such package would be accepted into the
951 archive. In any case I wrote build rules for a
952 <a href=
"https://salsa.debian.org/deeplearning-team/openai-whisper-model
">OpenAI
953 Whisper model package
</a
> and
954 <a href=
"https://github.com/openai/whisper/pull/
1257">modified the
955 Whisper code base
</a
> to prefer shared files under
<tt
>/usr/
</tt
> and
956 <tt
>/var/
</tt
> over user specific files in
<tt
>~/.cache/whisper/
</tt
>
957 to be able to use these model packages, to prepare for such
958 possibility. One solution might be to include only one of the models
959 (small or medium, I guess) in the Debian archive, and ask people to
960 download the others from the Internet. Not quite sure what to do
961 here, and advice is most welcome (use the debian-ai mailing list).
</p
>
963 <p
>To make it easier to test the new packages while I wait for them to
964 clear the NEW queue, I created an APT source targeting bookworm. I
965 selected Bookworm instead of Bullseye, even though I know the latter
966 would reach more users, is that some of the required dependencies are
967 missing from Bullseye and I during this phase of testing did not want
968 to backport a lot of packages just to get up and running.
</p
>
970 <p
>Here is a recipe to run as user root if you want to test OpenAI
971 Whisper using Debian packages on your Debian Bookworm installation,
972 first adding the APT repository GPG key to the list of trusted keys,
973 then setting up the APT repository and finally installing the packages
974 and one of the models:
</p
>
977 curl https://geekbay.nuug.no/~pere/openai-whisper/D78F5C4796F353D211B119E28200D9B589641240.asc \
978 -o /etc/apt/trusted.gpg.d/pere-whisper.asc
979 mkdir -p /etc/apt/sources.list.d
980 cat
> /etc/apt/sources.list.d/pere-whisper.list
&lt;
&lt;EOF
981 deb https://geekbay.nuug.no/~pere/openai-whisper/ bookworm main
982 deb-src https://geekbay.nuug.no/~pere/openai-whisper/ bookworm main
985 apt install openai-whisper
986 </pre
></p
>
988 <p
>The package work for me, but have not yet been tested on any other
989 computer than my own. With it, I have been able to (badly) transcribe
990 a
2 minute
40 second Norwegian audio clip to test using the small
991 model. This took
11 minutes and around
2.2 GiB of RAM. Transcribing
992 the same file with the medium model gave a accurate text in
77 minutes
993 using around
5.2 GiB of RAM. My test machine had too little memory to
994 test the large model, which I believe require
11 GiB of RAM. In
995 short, this now work for me using Debian packages, and I hope it will
996 for you and everyone else once the packages enter Debian.
</p
>
998 <p
>Now I can start on the audio recording part of this project.
</p
>
1000 <p
>As usual, if you use Bitcoin and want to show your support of my
1001 activities, please send Bitcoin donations to my address
1002 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1007 <title>rtlsdr-scanner, software defined radio frequency scanner for Linux - nice free software
</title>
1008 <link>https://people.skolelinux.org/pere/blog/rtlsdr_scanner__software_defined_radio_frequency_scanner_for_Linux____nice_free_software.html
</link>
1009 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/rtlsdr_scanner__software_defined_radio_frequency_scanner_for_Linux____nice_free_software.html
</guid>
1010 <pubDate>Fri,
7 Apr
2023 23:
10:
00 +
0200</pubDate>
1011 <description><p
>Today I finally found time to track down a useful radio frequency
1012 scanner for my software defined radio. Just for fun I tried to locate
1013 the radios used in the areas, and a good start would be to scan all
1014 the frequencies to see what is in use. I
've tried to find a useful
1015 program earlier, but ran out of time before I managed to find a useful
1016 tool. This time I was more successful, and after a few false leads I
1017 found a description of
1018 <a href=
"https://www.kali.org/tools/rtlsdr-scanner/
">rtlsdr-scanner
1019 over at the Kali site
</a
>, and was able to track down
1020 <a href=
"https://gitlab.com/kalilinux/packages/rtlsdr-scanner.git
">the
1021 Kali package git repository
</a
> to build a deb package for the
1022 scanner. Sadly the package is missing from the Debian project itself,
1023 at least in Debian Bullseye. Two runtime dependencies,
1024 <a href=
"https://gitlab.com/kalilinux/packages/python-visvis.git
">python-visvis
</a
>
1026 <a href=
"https://gitlab.com/kalilinux/packages/python-rtlsdr.git
">python-rtlsdr
</a
>
1027 had to be built and installed separately. Luckily
'<tt
>gbp
1028 buildpackage
</tt
>' handled them just fine and no further packages had
1029 to be manually built. The end result worked out of the box after
1030 installation.
</p
>
1032 <p
>My initial scans for FM channels worked just fine, so I knew the
1033 scanner was functioning. But when I tried to scan every frequency
1034 from
100 to
1000 MHz, the program stopped unexpectedly near the
1035 completion. After some debugging I discovered USB software radio I
1036 used rejected frequencies above
948 MHz, triggering a unreported
1037 exception breaking the scan. Changing the scan to end at
957 worked
1038 better. I similarly found the lower limit to be around
15, and ended
1039 up with the following full scan:
</p
>
1041 <p
><a href=
"https://people.skolelinux.org/pere/blog/images/
2023-
04-
07-radio-freq-scanning.png
"><img src=
"https://people.skolelinux.org/pere/blog/images/
2023-
04-
07-radio-freq-scanning.png
" width=
"100%
"></a
></p
>
1043 <p
>Saving the scan did not work, but exporting it as a CSV file worked
1044 just fine. I ended up with around
477k CVS lines with dB level for
1045 the given frequency.
</p
>
1047 <p
>The save failure seem to be a missing UTF-
8 encoding issue in the
1048 python code. Will see if I can find time to send a patch
1049 <a href=
"https://github.com/CdeMills/RTLSDR-Scanner/
">upstream
</a
>
1050 later to fix this exception:
</p
>
1053 Traceback (most recent call last):
1054 File
"/usr/lib/python3/dist-packages/rtlsdr_scanner/main_window.py
", line
485, in __on_save
1055 save_plot(fullName, self.scanInfo, self.spectrum, self.locations)
1056 File
"/usr/lib/python3/dist-packages/rtlsdr_scanner/file.py
", line
408, in save_plot
1057 handle.write(json.dumps(data, indent=
4))
1058 TypeError: a bytes-like object is required, not
'str
'
1059 Traceback (most recent call last):
1060 File
"/usr/lib/python3/dist-packages/rtlsdr_scanner/main_window.py
", line
485, in __on_save
1061 save_plot(fullName, self.scanInfo, self.spectrum, self.locations)
1062 File
"/usr/lib/python3/dist-packages/rtlsdr_scanner/file.py
", line
408, in save_plot
1063 handle.write(json.dumps(data, indent=
4))
1064 TypeError: a bytes-like object is required, not
'str
'
1067 <p
>As usual, if you use Bitcoin and want to show your support of my
1068 activities, please send Bitcoin donations to my address
1069 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1074 <title>OpenSnitch available in Debian Sid and Bookworm
</title>
1075 <link>https://people.skolelinux.org/pere/blog/OpenSnitch_available_in_Debian_Sid_and_Bookworm.html
</link>
1076 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/OpenSnitch_available_in_Debian_Sid_and_Bookworm.html
</guid>
1077 <pubDate>Sat,
25 Feb
2023 20:
30:
00 +
0100</pubDate>
1078 <description><p
>Thanks to the efforts of the OpenSnitch lead developer Gustavo
1079 Iñiguez Goya allowing me to sponsor the upload,
1080 <a href=
"https://tracker.debian.org/pkg/opensnitch
">the interactive
1081 application firewall OpenSnitch
</a
> is now available in Debian
1082 Testing, soon to become the next stable release of Debian.
</p
>
1084 <p
>This is a package which set up a network firewall on one or more
1085 machines, which is controlled by a graphical user interface that will
1086 ask the user if a program should be allowed to connect to the local
1087 network or the Internet. If some background daemon is trying to dial
1088 home, it can be blocked from doing so with a simple mouse click, or by
1089 default simply by not doing anything when the GUI question dialog pop
1090 up. A list of all programs discovered using the network is provided
1091 in the GUI, giving the user an overview of how the machine(s) programs
1092 use the network.
</p
>
1094 <p
>OpenSnitch was uploaded for NEW processing about a month ago, and I
1095 had little hope of it getting accepted and shaping up in time for the
1096 package freeze, but the Debian ftpmasters proved to be amazingly quick
1097 at checking out the package and it was accepted into the archive about
1098 week after the first upload. It is now team maintained under the Go
1099 language team umbrella. A few fixes to the default setup is only in
1100 Sid, and should migrate to Testing/Bookworm in a week.
</p
>
1102 <p
>During testing I ran into an
1103 <a href=
"https://github.com/evilsocket/opensnitch/issues/
813">issue
1104 with Minecraft server broadcasts disappearing
</a
>, which was quickly
1105 resolved by the developer with a patch and a proposed configuration
1106 change. I
've been told this was caused by the Debian packages default
1107 use if /proc/ information to track down kernel status, instead of the
1108 newer eBPF module that can be used. The reason is simply that
1109 upstream and I have failed to find a way to build the eBPF modules for
1110 OpenSnitch without a complete configured Linux kernel source tree,
1111 which as far as we can tell is unavailable as a build dependency in
1112 Debian. We tried unsuccessfully so far to use the kernel-headers
1113 package. It would be great if someone could provide some clues how to
1114 build eBPF modules on build daemons in Debian, possibly without the full
1115 kernel source.
</p
>
1117 <p
>As usual, if you use Bitcoin and want to show your support of my
1118 activities, please send Bitcoin donations to my address
1119 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1124 <title>Is the desktop recommending your program for opening its files?
</title>
1125 <link>https://people.skolelinux.org/pere/blog/Is_the_desktop_recommending_your_program_for_opening_its_files_.html
</link>
1126 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Is_the_desktop_recommending_your_program_for_opening_its_files_.html
</guid>
1127 <pubDate>Sun,
29 Jan
2023 11:
00:
00 +
0100</pubDate>
1128 <description><p
>Linux desktop systems
1129 <a href=
"https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html
">have
1130 standardized
</a
> how programs present themselves to the desktop
1131 system. If a package include a .desktop file in
1132 /usr/share/applications/, Gnome, KDE, LXDE, Xfce and the other desktop
1133 environments will pick up the file and use its content to generate the
1134 menu of available programs in the system. A lesser known fact is that
1135 a package can also explain to the desktop system how to recognize the
1136 files created by the program in question, and use it to open these
1137 files on request, for example via a GUI file browser.
</p
>
1139 <p
>A while back I ran into a package that did not tell the desktop
1140 system how to recognize its files and was not used to open its files
1141 in the file browser and fixed it. In the process I wrote a simple
1142 debian/tests/ script to ensure the setup keep working. It might be
1143 useful for other packages too, to ensure any future version of the
1144 package keep handling its own files.
</p
>
1146 <p
>For this to work the file format need a useful MIME type that can
1147 be used to identify the format. If the file format do not yet have a
1148 MIME type, it should define one and preferably also
1149 <a href=
"https://www.iana.org/assignments/media-types/media-types.xhtml
">register
1150 it with IANA
</a
> to ensure the MIME type string is reserved.
</p
>
1152 <p
>The script uses the
<tt
>xdg-mime
</tt
> program from xdg-utils to
1153 query the database of standardized package information and ensure it
1154 return sensible values. It also need the location of an example file
1155 for xdg-mime to guess the format of.
</p
>
1160 # Author: Petter Reinholdtsen
1161 # License: GPL v2 or later at your choice.
1163 # Validate the MIME setup, making sure motor types have
1164 # application/vnd.openmotor+yaml associated with them and is connected
1165 # to the openmotor desktop file.
1169 mimetype=
"application/vnd.openmotor+yaml
"
1170 testfile=
"test/data/real/o3100/motor.ric
"
1171 mydesktopfile=
"openmotor.desktop
"
1173 filemime=
"$(xdg-mime query filetype
"$testfile
")
"
1175 if [
"$mimetype
" !=
"$filemime
" ] ; then
1177 echo
"error: xdg-mime claim motor file MIME type is $filemine, not $mimetype
"
1179 echo
"success: xdg-mime report correct mime type $mimetype for motor file
"
1182 desktop=$(xdg-mime query default
"$mimetype
")
1184 if [
"$mydesktopfile
" !=
"$desktop
" ]; then
1186 echo
"error: xdg-mime claim motor file should be handled by $desktop, not $mydesktopfile
"
1188 echo
"success: xdg-mime agree motor file should be handled by $mydesktopfile
"
1194 <p
>It is a simple way to ensure your users are not very surprised when
1195 they try to open one of your file formats in their file browser.
</p
>
1197 <p
>As usual, if you use Bitcoin and want to show your support of my
1198 activities, please send Bitcoin donations to my address
1199 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1204 <title>Opensnitch, the application level interactive firewall, heading into the Debian archive
</title>
1205 <link>https://people.skolelinux.org/pere/blog/Opensnitch__the_application_level_interactive_firewall__heading_into_the_Debian_archive.html
</link>
1206 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Opensnitch__the_application_level_interactive_firewall__heading_into_the_Debian_archive.html
</guid>
1207 <pubDate>Sun,
22 Jan
2023 23:
55:
00 +
0100</pubDate>
1208 <description><p
>While reading a
1209 <a href=
"https://sneak.berlin/
20230115/macos-scans-your-local-files-now/
">blog
1210 post claiming MacOS X recently started scanning local files and
1211 reporting information about them to Apple
</a
>, even on a machine where
1212 all such callback features had been disabled, I came across a
1213 description of the Little Snitch application for MacOS X. It seemed
1214 like a very nice tool to have in the tool box, and I decided to see if
1215 something similar was available for Linux.
</p
>
1217 <p
>It did not take long to find
1218 <a href=
"https://github.com/evilsocket/opensnitch
">the OpenSnitch
1219 package
</a
>, which has been in development since
2017, and now is in
1220 version
1.5.0. It has had a
1221 <a href=
"https://bugs.debian.org/
909567">request for Debian
1222 packaging
</a
> since
2018, but no-one completed the job so far. Just
1223 for fun, I decided to see if I could help, and I was very happy to
1225 <a href=
"https://github.com/evilsocket/opensnitch/issues/
304">upstream
1226 want a Debian package too
</a
>.
</p
>
1228 <p
>After struggling a bit with getting the program to run, figuring
1229 out building Go programs (and a little failed detour to look at eBPF
1230 builds too - help needed), I am very happy to report that I am
1231 sponsoring upstream to maintain the package in Debian, and it has
1232 since this morning been waiting in NEW for the ftpmasters to have a
1233 look. Perhaps it can get into the archive in time for the Bookworm
1236 <p
>As usual, if you use Bitcoin and want to show your support of my
1237 activities, please send Bitcoin donations to my address
1238 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1243 <title>LinuxCNC MQTT publisher component
</title>
1244 <link>https://people.skolelinux.org/pere/blog/LinuxCNC_MQTT_publisher_component.html
</link>
1245 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/LinuxCNC_MQTT_publisher_component.html
</guid>
1246 <pubDate>Sun,
8 Jan
2023 19:
30:
00 +
0100</pubDate>
1247 <description><p
>I watched
<a href=
"https://yewtu.be/watch?v=jmKUV3aNLjk
">a
2015
1248 video from Andreas Schiffler
</a
> the other day, where he set up
1249 <a href=
"https://linuxcnc.org/
">LinuxCNC
</a
> to send status
1250 information to the MQTT broker IBM Bluemix. As I also use MQTT for
1251 graphing, it occured to me that a generic MQTT LinuxCNC component
1252 would be useful and I set out to implement it. Today I got the first
1253 draft limping along and submitted as
1254 <a href=
"https://github.com/LinuxCNC/linuxcnc/pull/
2253">a patch to the
1255 LinuxCNC project
</a
>.
</p
>
1257 <p
>The simple part was setting up the MQTT publishing code in Python.
1258 I already have set up other parts submitting data to my Mosquito MQTT
1259 broker, so I could reuse that code. Writing a LinuxCNC component in
1260 Python as new to me, but using existing examples in the code
1261 repository and the extensive documentation, this was fairly straight
1262 forward. The hardest part was creating a automated test for the
1263 component to ensure it was working. Testing it in a simulated
1264 LinuxCNC machine proved very useful, as I discovered features I needed
1265 that I had not thought of yet, and adjusted the code quite a bit to
1266 make it easier to test without a operational MQTT broker
1267 available.
</p
>
1269 <p
>The draft is ready and working, but I am unsure which LinuxCNC HAL
1270 pins I should collect and publish by default (in other words, the
1271 default set of information pieces published), and how to get the
1272 machine name from the LinuxCNC INI file. The latter is a minor
1273 detail, but I expect it would be useful in a setup with several
1274 machines available. I am hoping for feedback from the experienced
1275 LinuxCNC developers and users, to make the component even better
1276 before it can go into the mainland LinuxCNC code base.
</p
>
1278 <p
>Since I started on the MQTT component, I came across
1279 <a href=
"https://yewtu.be/watch?v=Bqa2grG0XtA
">another video from Kent
1280 VanderVelden
</a
> where he combine LinuxCNC with a set of screen glasses
1281 controlled by a Raspberry Pi, and it occured to me that it would
1282 be useful for such use cases if LinuxCNC also provided a REST API for
1283 querying its status. I hope to start on such component once the MQTT
1284 component is working well.
</p
>
1286 <p
>As usual, if you use Bitcoin and want to show your support of my
1287 activities, please send Bitcoin donations to my address
1288 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1293 <title>ONVIF IP camera management tool finally in Debian
</title>
1294 <link>https://people.skolelinux.org/pere/blog/ONVIF_IP_camera_management_tool_finally_in_Debian.html
</link>
1295 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/ONVIF_IP_camera_management_tool_finally_in_Debian.html
</guid>
1296 <pubDate>Sat,
24 Dec
2022 08:
00:
00 +
0100</pubDate>
1297 <description><p
>Merry Christmas to you all. Here is a small gift to all those with
1298 IP cameras following the
<a href=
"https://www.onvif.org/
">ONVIF
1299 specification
</a
>. There is finally a nice command line and GUI tool
1300 in Debian to manage ONVIF IP cameras. After working with upstream for
1301 a few months and sponsoring the upload, I am very happy to report that
1302 the
<a href=
"https://tracker.debian.org/libonvif
">libonvif package
</a
>
1303 entered Debian Sid last night.
</p
>
1305 <p
>The package provide a C library to communicate with such cameras, a
1306 command line tool to locate and update settings of (like password) the
1307 cameras and a GUI tool to configure and control the units as well as
1308 preview the video from the camera. Libonvif is available on Both
1309 Linux and Windows and the GUI tool uses the Qt library. The main
1310 competitors are non-free software, while libonvif is GNU GPL licensed.
1311 I am very glad Debian users in the future can control their cameras
1312 using a free software system provided by Debian. But the ONVIF world
1313 is full of slightly broken firmware, where the cameras pretend to
1314 follow the ONVIF specification but fail to set some configuration
1315 values or refuse to provide video to more than one recipient at the
1316 time, and the onvif project is quite young and might take a while
1317 before it completely work with your camera. Upstream seem eager to
1318 improve the library, so handling any broken camera might be just
<a
1319 href=
"https://github.com/sr99622/libonvif/
">a bug report away
</a
>.
</p
>
1321 <p
>The package just cleared NEW, and need a new source only upload
1322 before it can enter testing. This will happen in the next few
1325 <p
>As usual, if you use Bitcoin and want to show your support of my
1326 activities, please send Bitcoin donations to my address
1327 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1332 <title>Managing and using ONVIF IP cameras with Linux
</title>
1333 <link>https://people.skolelinux.org/pere/blog/Managing_and_using_ONVIF_IP_cameras_with_Linux.html
</link>
1334 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Managing_and_using_ONVIF_IP_cameras_with_Linux.html
</guid>
1335 <pubDate>Wed,
19 Oct
2022 12:
30:
00 +
0200</pubDate>
1336 <description><p
>Recently I have been looking at how to control and collect data
1337 from a handful IP cameras using Linux. I both wanted to change their
1338 settings and to make their imagery available via a free software
1339 service under my control. Here is a summary of the tools I found.
</p
>
1341 <p
>First I had to identify the cameras and their protocols. As far as
1342 I could tell, they were using some SOAP looking protocol and their
1343 internal web server seem to only work with Microsoft Internet Explorer
1344 with some proprietary binary plugin, which in these days of course is
1345 a security disaster and also made it impossible for me to use the
1346 camera web interface. Luckily I discovered that the SOAP looking
1347 protocol is actually following
<a href=
"https://www.onvif.org/
">the
1348 ONVIF specification
</a
>, which seem to be supported by a lot of IP
1349 cameras these days.
</p
>
1351 <p
>Once the protocol was identified, I was able to find what appear to
1352 be the most popular way to configure ONVIF cameras, the free software
1354 <a href=
"https://sourceforge.net/projects/onvifdm/
">ONVIF Device
1355 Manager
</a
>. Lacking any other options at the time, I tried
1356 unsuccessfully to get it running using Wine, but was missing a dotnet
1357 40 library and I found no way around it to run it on Linux.
</p
>
1359 <p
>The next tool I found to configure the cameras were a non-free Linux Qt
1360 client
<a href=
"https://www.lingodigit.com/onvif_nvcdemo.html
">ONVIF
1361 Device Tool
</a
>. I did not like its terms of use, so did not spend
1362 much time on it.
</p
>
1364 <p
>To collect the video and make it available in a web interface, I
1365 found the Zoneminder tool in Debian. A recent version was able to
1366 automatically detect and configure ONVIF devices, so I could use it to
1367 set up motion detection in and collection of the camera output. I had
1368 initial problems getting the ONVIF autodetection to work, as both
1369 Firefox and Chromium
<a href=
"https://bugs.debian.org/
1001188">refused
1370 the inter-tab communication
</a
> being used by the Zoneminder web
1371 pages, but managed to get konqueror to work. Apparently the
"Enhanced
1372 Tracking Protection
" in Firefox cause the problem. I ended up
1373 upgrading to the Bookworm edition of Zoneminder in the process to try
1374 to fix the issue, and believe the problem might be solved now.
</p
>
1376 <p
>In the process I came across the nice Linux GUI tool
1377 <a href=
"https://gitlab.com/caspermeijn/onvifviewer/
">ONVIF Viewer
</a
>
1378 allowing me to preview the camera output and validate the login
1379 passwords required. Sadly its author has grown tired of maintaining
1380 the software, so it might not see any future updates. Which is sad,
1381 as the viewer is sightly unstable and the picture tend to lock up.
1382 Note, this lockup might be due to limitations in the cameras and not
1383 the viewer implementation. I suspect the camera is only able to
1384 provide pictures to one client at the time, and the Zoneminder feed
1385 might interfere with the GUI viewer. I have
1386 <a href=
"https://bugs.debian.org/
1000820">asked for the tool to be
1387 included in Debian
</a
>.
</p
>
1389 <p
>Finally, I found what appear to be very nice Linux free software
1390 replacement for the Windows tool, named
1391 <a href=
"https://github.com/sr99622/libonvif/
">libonvif
</a
>. It
1392 provide a C library to talk to ONVIF devices as well as a command line
1393 and GUI tool using the library. Using the GUI tool I was able to change
1394 the admin passwords and update other settings of the cameras. I have
1395 <a href=
"https://bugs.debian.org/
1021980">asked for the package to be
1396 included in Debian
</a
>.
</p
>
1398 <p
>As usual, if you use Bitcoin and want to show your support of my
1399 activities, please send Bitcoin donations to my address
1400 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1402 <p
><strong
>Update
2022-
10-
20</strong
>: Since my initial publication of
1403 this text, I got several suggestions for more free software Linux
1404 tools. There is
<a href=
"https://github.com/quatanium/python-onvif
">a
1405 ONVIF python library
</a
> (already
1406 <a href=
"https://bugs.debian.org/
824240">requested into Debian
</a
>) and
1407 <a href=
"https://github.com/FalkTannhaeuser/python-onvif-zeep
">a python
3
1408 fork
</a
> using a different SOAP dependency. There is also
1409 <a href=
"https://www.home-assistant.io/integrations/onvif/
">support for
1410 ONVIF in Home Assistant
</a
>, and there is an alternative to Zoneminder
1411 called
<a href=
"https://www.shinobi.video/
">Shinobi
</a
>. The latter
1412 two are not included in Debian either. I have not tested any of these
1418 <title>Time to translate the Bullseye edition of the Debian Administrator
's Handbook
</title>
1419 <link>https://people.skolelinux.org/pere/blog/Time_to_translate_the_Bullseye_edition_of_the_Debian_Administrator_s_Handbook.html
</link>
1420 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Time_to_translate_the_Bullseye_edition_of_the_Debian_Administrator_s_Handbook.html
</guid>
1421 <pubDate>Mon,
12 Sep
2022 15:
45:
00 +
0200</pubDate>
1422 <description><p align=
"center
"><img align=
"center
" src=
"https://people.skolelinux.org/pere/blog/images/
2020-
10-
20-debian-handbook-nb-testprint.jpeg
" width=
"60%
"/
></p
>
1424 <p
>(The picture is of the previous edition.)
</p
>
1426 <p
>Almost two years after the previous Norwegian Bokmål translation of
1427 the
"<a href=
"https://debian-handbook.info/
">The Debian Administrator
's
1428 Handbook
</a
>" was published, a new edition is finally being prepared. The
1429 english text is updated, and it is time to start working on the
1430 translations. Around
37 percent of the strings have been updated, one
1431 way or another, and the translations starting from a complete Debian Buster
1432 edition now need to bring their translation up from
63% to
100%. The
1433 complete book is licensed using a Creative Commons license, and has
1434 been published in several languages over the years. The translations
1435 are done by volunteers to bring Linux in their native tongue. The
1436 last time I checked, it complete text was available in English,
1437 Norwegian Bokmål, German, Indonesian, Brazil Portuguese and Spanish.
1438 In addition, work has been started for Arabic (Morocco), Catalan,
1439 Chinese (Simplified), Chinese (Traditional), Croatian, Czech, Danish,
1440 Dutch, French, Greek, Italian, Japanese, Korean, Persian, Polish,
1441 Romanian, Russian, Swedish, Turkish and Vietnamese.
</p
>
1443 <p
>The translation is conducted on
1444 <a href=
"https://hosted.weblate.org/projects/debian-handbook/
">the
1445 hosted weblate project page
</a
>. Prospective translators are
1446 recommeded to subscribe to
1447 <a href=
"http://lists.alioth.debian.org/mailman/listinfo/debian-handbook-translators
">the
1448 translators mailing list
</a
> and should also check out
1449 <a href=
"https://debian-handbook.info/contribute/
">the instructions for
1450 contributors
</a
>.
</p
>
1452 <p
>I am one of the Norwegian Bokmål translators of this book, and we
1453 have just started. Your contribution is most welcome.
</p
>
1455 <p
>As usual, if you use Bitcoin and want to show your support of my
1456 activities, please send Bitcoin donations to my address
1457 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1462 <title>Automatic LinuxCNC servo PID tuning?
</title>
1463 <link>https://people.skolelinux.org/pere/blog/Automatic_LinuxCNC_servo_PID_tuning_.html
</link>
1464 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Automatic_LinuxCNC_servo_PID_tuning_.html
</guid>
1465 <pubDate>Sat,
16 Jul
2022 22:
30:
00 +
0200</pubDate>
1466 <description><p
>While working on a CNC with servo motors controlled by the
1467 <a href=
"https://en.wikipedia.org/wiki/LinuxCNC
">LinuxCNC
</a
>
1468 <a href=
"https://en.wikipedia.org/wiki/PID_controller
">PID
1469 controller
</a
>, I recently had to learn how to tune the collection of values
1470 that control such mathematical machinery that a PID controller is. It
1471 proved to be a lot harder than I hoped, and I still have not succeeded
1472 in getting the Z PID controller to successfully defy gravity, nor X
1473 and Y to move accurately and reliably. But while climbing up this
1474 rather steep learning curve, I discovered that some motor control
1475 systems are able to tune their PID controllers. I got the impression
1476 from the documentation that LinuxCNC were not. This proved to be not
1479 <p
>The LinuxCNC
1480 <a href=
"http://linuxcnc.org/docs/html/man/man9/pid
.9.html
">pid
1481 component
</a
> is the recommended PID controller to use. It uses eight
1482 constants
<tt
>Pgain
</tt
>,
<tt
>Igain
</tt
>,
<tt
>Dgain
</tt
>,
1483 <tt
>bias
</tt
>,
<tt
>FF0
</tt
>,
<tt
>FF1
</tt
>,
<tt
>FF2
</tt
> and
1484 <tt
>FF3
</tt
> to calculate the output value based on current and wanted
1485 state, and all of these need to have a sensible value for the
1486 controller to behave properly. Note, there are even more values
1487 involved, theser are just the most important ones. In my case I need
1488 the X, Y and Z axes to follow the requested path with little error.
1489 This has proved quite a challenge for someone who have never tuned a
1490 PID controller before, but there is at least some help to be found.
1492 <p
>I discovered that included in LinuxCNC was this old PID component
1493 at_pid claiming to have auto tuning capabilities. Sadly it had been
1494 neglected since
2011, and could not be used as a plug in replacement
1495 for the default pid component. One would have to rewriting the
1496 LinuxCNC HAL setup to test at_pid. This was rather sad, when I wanted
1497 to quickly test auto tuning to see if it did a better job than me at
1498 figuring out good P, I and D values to use.
</p
>
1500 <p
>I decided to have a look if the situation could be improved. This
1501 involved trying to understand the code and history of the pid and
1502 at_pid components. Apparently they had a common ancestor, as code
1503 structure, comments and variable names were quite close to each other.
1504 Sadly this was not reflected in the git history, making it hard to
1505 figure out what really happened. My guess is that the author of
1506 <a href=
"https://github.com/LinuxCNC/linuxcnc/blob/master/src/hal/components/at_pid.c
">at_pid.c
</a
>
1508 <a href=
"https://github.com/LinuxCNC/linuxcnc/blob/master/src/hal/components/pid.c
">pid.c
</a
>,
1509 rewrote it to follow the structure he wished pid.c to have, then added
1510 support for auto tuning and finally got it included into the LinuxCNC
1511 repository. The restructuring and lack of early history made it
1512 harder to figure out which part of the code were relevant to the auto
1513 tuning, and which part of the code needed to be updated to work the
1514 same way as the current pid.c implementation. I started by trying to
1515 isolate relevant changes in pid.c, and applying them to at_pid.c. My
1516 aim was to make sure the at_pid component could replace the pid
1517 component with a simple change in the HAL setup loadrt line, without
1518 having to
"rewire
" the rest of the HAL configuration. After a few
1519 hours following this approach, I had learned quite a lot about the
1520 code structure of both components, while concluding I was heading down
1521 the wrong rabbit hole, and should get back to the surface and find a
1522 different path.
</p
>
1524 <p
>For the second attempt, I decided to throw away all the PID control
1525 related part of the original at_pid.c, and instead isolate and lift
1526 the auto tuning part of the code and inject it into a copy of pid.c.
1527 This ensured compatibility with the current pid component, while
1528 adding auto tuning as a run time option. To make it easier to identify
1529 the relevant parts in the future, I wrapped all the auto tuning code
1530 with
'#ifdef AUTO_TUNER
'. The end result behave just like the current
1531 pid component by default, as that part of the code is identical. The
1532 <a href=
"https://github.com/LinuxCNC/linuxcnc/pull/
1820">end result
1533 entered the LinuxCNC master branch
</a
> a few days ago.
</p
>
1535 <p
>To enable auto tuning, one need to set a few HAL pins in the PID
1536 component. The most important ones are
<tt
>tune-effort
</tt
>,
1537 <tt
>tune-mode
</tt
> and
<tt
>tune-start
</tt
>. But lets take a step
1538 back, and see what the auto tuning code will do. I do not know the
1539 mathematical foundation of the at_pid algorithm, but from observation
1540 I can tell that the algorithm will, when enabled, produce a square
1541 wave pattern centered around the
<tt
>bias
</tt
> value on the output pin
1542 of the PID controller. This can be seen using the HAL Scope provided
1543 by LinuxCNC. In my case, this is translated into voltage (+-
10V) sent
1544 to the motor controller, which in turn is translated into motor speed.
1545 So at_pid will ask the motor to move the axis back and forth. The
1546 number of cycles in the pattern is controlled by the
1547 <tt
>tune-cycles
</tt
> pin, and the extremes of the wave pattern is
1548 controlled by the
<tt
>tune-effort
</tt
> pin. Of course, trying to
1549 change the direction of a physical object instantly (as in going
1550 directly from a positive voltage to the equivalent negative voltage)
1551 do not change velocity instantly, and it take some time for the object
1552 to slow down and move in the opposite direction. This result in a
1553 more smooth movement wave form, as the axis in question were vibrating
1554 back and forth. When the axis reached the target speed in the
1555 opposing direction, the auto tuner change direction again. After
1556 several of these changes, the average time delay between the
'peaks
'
1557 and
'valleys
' of this movement graph is then used to calculate
1558 proposed values for Pgain, Igain and Dgain, and insert them into the
1559 HAL model to use by the pid controller. The auto tuned settings are
1560 not great, but htye work a lot better than the values I had been able
1561 to cook up on my own, at least for the horizontal X and Y axis. But I
1562 had to use very small
<tt
>tune-effort
<tt
> values, as my motor
1563 controllers error out if the voltage change too quickly. I
've been
1564 less lucky with the Z axis, which is moving a heavy object up and
1565 down, and seem to confuse the algorithm. The Z axis movement became a
1566 lot better when I introduced a
<tt
>bias
</tt
> value to counter the
1567 gravitational drag, but I will have to work a lot more on the Z axis
1568 PID values.
</p
>
1570 <p
>Armed with this knowledge, it is time to look at how to do the
1571 tuning. Lets say the HAL configuration in question load the PID
1572 component for X, Y and Z like this:
</p
>
1574 <blockquote
><pre
>
1575 loadrt pid names=pid.x,pid.y,pid.z
1576 </pre
></blockquote
>
1578 <p
>Armed with the new and improved at_pid component, the new line will
1579 look like this:
</p
>
1581 <blockquote
><pre
>
1582 loadrt at_pid names=pid.x,pid.y,pid.z
1583 </pre
></blockquote
>
1585 <p
>The rest of the HAL setup can stay the same. This work because the
1586 components are referenced by name. If the component had used count=
3
1587 instead, all use of pid.# had to be changed to at_pid.#.
</p
>
1589 <p
>To start tuning the X axis, move the axis to the middle of its
1590 range, to make sure it do not hit anything when it start moving back
1591 and forth. Next, set the
<tt
>tune-effort
</tt
> to a low number in the
1592 output range. I used
0.1 as my initial value. Next, assign
1 to the
1593 <tt
>tune-mode
</tt
> value. Note, this will disable the pid controlling
1594 part and feed
0 to the output pin, which in my case initially caused a
1595 lot of drift. In my case it proved to be a good idea with X and Y to
1596 tune the motor driver to make sure
0 voltage stopped the motor
1597 rotation. On the other hand, for the Z axis this proved to be a bad
1598 idea, so it will depend on your setup. It might help to set the
1599 <tt
>bias
</tt
> value to a output value that reduce or eliminate the
1600 axis drift. Finally, after setting
<tt
>tune-mode
</tt
>, set
1601 <tt
>tune-start
</tt
> to
1 to activate the auto tuning. If all go well,
1602 your axis will vibrate for a few seconds and when it is done, new
1603 values for Pgain, Igain and Dgain will be active. To test them,
1604 change
<tt
>tune-mode
</tt
> back to
0. Note that this might cause the
1605 machine to suddenly jerk as it bring the axis back to its commanded
1606 position, which it might have drifted away from during tuning. To
1607 summarize with some halcmd lines:
</p
>
1609 <blockquote
><pre
>
1610 setp pid.x.tune-effort
0.1
1611 setp pid.x.tune-mode
1
1612 setp pid.x.tune-start
1
1613 # wait for the tuning to complete
1614 setp pid.x.tune-mode
0
1615 </pre
></blockquote
>
1617 <p
>After doing this task quite a few times while trying to figure out
1618 how to properly tune the PID controllers on the machine in, I decided
1619 to figure out if this process could be automated, and wrote a script
1620 to do the entire tuning process from power on. The end result will
1621 ensure the machine is powered on and ready to run, home all axis if it
1622 is not already done, check that the extra tuning pins are available,
1623 move the axis to its mid point, run the auto tuning and re-enable the
1624 pid controller when it is done. It can be run several times. Check
1626 <a href=
"https://github.com/SebKuzminsky/MazakVQC1540/blob/bon-dev/scripts/run-auto-pid-tuner
">run-auto-pid-tuner
</a
>
1627 script on github if you want to learn how it is done.
</p
>
1629 <p
>My hope is that this little adventure can inspire someone who know
1630 more about motor PID controller tuning can implement even better
1631 algorithms for automatic PID tuning in LinuxCNC, making life easier
1632 for both me and all the others that want to use LinuxCNC but lack the
1633 in depth knowledge needed to tune PID controllers well.
</p
>
1635 <p
>As usual, if you use Bitcoin and want to show your support of my
1636 activities, please send Bitcoin donations to my address
1637 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1642 <title>LinuxCNC translators life just got a bit easier
</title>
1643 <link>https://people.skolelinux.org/pere/blog/LinuxCNC_translators_life_just_got_a_bit_easier.html
</link>
1644 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/LinuxCNC_translators_life_just_got_a_bit_easier.html
</guid>
1645 <pubDate>Fri,
3 Jun
2022 21:
10:
00 +
0200</pubDate>
1646 <description><p
>Back in oktober last year, when I started looking at the
1647 <a href=
"https://en.wikipedia.org/wiki/LinuxCNC
">LinuxCNC
</a
> system, I
1648 proposed to change the documentation build system make life easier for
1649 translators. The original system consisted of independently written
1650 documentation files for each language, with no automated way to track
1651 changes done in other translations and no help for the translators to
1652 know how much was left to translated. By using
1653 <a href=
"https://po4a.org/
">the po4a system
</a
> to generate POT and PO
1654 files from the English documentation, this can be improved. A small
1655 team of LinuxCNC contributors got together and today our labour
1656 finally payed off. Since a few hours ago, it is now possible to
1657 translate
<a href=
"https://hosted.weblate.org/projects/linuxcnc/
">the
1658 LinuxCNC documentation on Weblate
</a
>, alongside the program itself.
</p
>
1660 <p
>The effort to migrate the documentation to use po4a has been both
1661 slow and frustrating. I am very happy we finally made it.
</p
>
1663 <p
>As usual, if you use Bitcoin and want to show your support of my
1664 activities, please send Bitcoin donations to my address
1665 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1670 <title>geteltorito make CD firmware upgrades a breeze
</title>
1671 <link>https://people.skolelinux.org/pere/blog/geteltorito_make_CD_firmware_upgrades_a_breeze.html
</link>
1672 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/geteltorito_make_CD_firmware_upgrades_a_breeze.html
</guid>
1673 <pubDate>Wed,
20 Apr
2022 11:
50:
00 +
0200</pubDate>
1674 <description><p
>Recently I wanted to upgrade the firmware of my thinkpad, and
1675 located the firmware download page from Lenovo (which annoyingly do
1676 not allow access via Tor, forcing me to hand them more personal
1677 information that I would like). The
1678 <a href=
"https://support.lenovo.com/no/en/search?query=thinkpad firmware bios upgrade iso
&SearchType=Customer search
&searchLocation=Masthead
">download
1679 from Lenovo
</a
> is a bootable ISO image, which is a bit of a problem
1680 when all I got available is a USB memory stick. I tried booting the
1681 ISO as a USB stick, but this did not work. But genisoimage came to
1682 the rescue.
</p
>
1684 <P
>The geteltorito program in
1685 <a href=
"http://tracker.debian.org/cdrkit
">the genisoimage binary
1686 package
</a
> is able to convert the bootable ISO image to a bootable
1687 USB stick using a simple command line recipe, which I then can write
1688 to the most recently inserted USB stick:
</p
>
1690 <blockquote
><pre
>
1691 geteltorito -o usbstick.img lenovo-firmware.iso
1692 sudo dd bs=
10M if=usbstick.img of=$(ls -tr /dev/sd?|tail -
1)
1693 </pre
></blockquote
>
1695 <p
>This USB stick booted the firmware upgrader just fine, and in a few
1696 minutes my machine had the latest and greatest BIOS firmware in place.
</p
>
1701 <title>Run your industrial metal working machine using Debian?
</title>
1702 <link>https://people.skolelinux.org/pere/blog/Run_your_industrial_metal_working_machine_using_Debian_.html
</link>
1703 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Run_your_industrial_metal_working_machine_using_Debian_.html
</guid>
1704 <pubDate>Wed,
2 Mar
2022 18:
40:
00 +
0100</pubDate>
1705 <description><p
>After many months of hard work by the good people involved in
1706 <a href=
"https://en.wikipedia.org/wiki/LinuxCNC
">LinuxCNC
</a
>, the
1707 system was accepted Sunday
1708 <a href=
"https://tracker.debian.org/pkg/linuxcnc
">into Debian
</a
>.
1709 Once it was available from Debian, I was surprised to discover from
1710 <a href=
"https://qa.debian.org/popcon.php?package=linuxcnc
">its
1711 popularity-contest numbers
</a
> that people have been reporting its use
1712 since
2012.
<a href=
"http://linuxcnc.org/
">Its project site
</a
> might
1713 be a good place to check out, but sadly is not working when visiting
1716 <p
>But what is LinuxCNC, you are probably wondering? Perhaps a
1717 Wikipedia quote is in place?
</p
>
1720 "LinuxCNC is a software system for numerical control of
1721 machines such as milling machines, lathes, plasma cutters, routers,
1722 cutting machines, robots and hexapods. It can control up to
9 axes or
1723 joints of a CNC machine using G-code (RS-
274NGC) as input. It has
1724 several GUIs suited to specific kinds of usage (touch screen,
1725 interactive development).
"
1728 <p
>It can even control
3D printers. And even though the Wikipedia
1729 page indicate that it can only work with hard real time kernel
1730 features, it can also work with the user space soft real time features
1731 provided by the Debian kernel.
1732 <a href=
"https://github.com/linuxcnc/linuxcnc
">The source code
</a
> is
1733 available from Github. The last few months I
've been involved in the
1734 translation setup for the program and documentation. Translators are
1736 <a href=
"https://hosted.weblate.org/engage/linuxcnc/
">join the
1737 effort
</a
> using Weblate.
</p
>
1739 <p
>As usual, if you use Bitcoin and want to show your support of my
1740 activities, please send Bitcoin donations to my address
1741 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1746 <title>Debian still an excellent choice for Lego builders
</title>
1747 <link>https://people.skolelinux.org/pere/blog/Debian_still_an_excellent_choice_for_Lego_builders.html
</link>
1748 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Debian_still_an_excellent_choice_for_Lego_builders.html
</guid>
1749 <pubDate>Sun,
24 Oct
2021 07:
10:
00 +
0200</pubDate>
1750 <description><p
>The Debian Lego team saw a lot of activity the last few weeks. All
1751 the packages under the team umbrella has been updated to fix
1752 packaging, lintian issues and BTS reports. In addition, a new and
1753 inspiring team member appeared on both the
1754 <a href=
"https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-lego-team
">debian-lego-team
1755 Team mailing list
</a
> and
1756 <a href=
"irc://irc.debian.org/%
23debian-lego
">IRC channel
1757 #debian-lego
</a
>. If you are interested in Lego CAD design and LEGO
1758 Mindstorms programming, check out the
1759 <a href=
"http://wiki.debian.org/LegoDesigners
">team wiki page
</a
> to
1760 see what Debian can offer the Lego enthusiast.
</p
>
1762 <p
>Patches has been sent upstream, causing new upstream releases, one
1763 even the first one in more than ten years, and old upstreams was
1764 released with new ones. There are still a lot of work left, and the
1765 team welcome more members to help us make sure Debian is the Linux
1766 distribution of choice for Lego builders. If you want to contribute,
1767 join us in the IRC channel and become part of
1768 <a href=
"https://salsa.debian.org/debian-lego-team/
">the team on
1769 Salsa
</a
>.
</p
>
1771 <p
>As usual, if you use Bitcoin and want to show your support of my
1772 activities, please send Bitcoin donations to my address
1773 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1778 <title>Six complete translations of The Debian Administrator
's Handbook for Buster
</title>
1779 <link>https://people.skolelinux.org/pere/blog/Six_complete_translations_of_The_Debian_Administrator_s_Handbook_for_Buster.html
</link>
1780 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Six_complete_translations_of_The_Debian_Administrator_s_Handbook_for_Buster.html
</guid>
1781 <pubDate>Mon,
5 Jul
2021 19:
20:
00 +
0200</pubDate>
1782 <description><p
>I am happy observe that the
<a href=
"https://debian-handbook.info/
">The
1783 Debian Administrator
's Handbook
</a
> is available in six languages now.
1784 I am not sure which one of these are completely proof read, but the
1785 complete book is available in these languages:
1789 <li
>English
</li
>
1790 <li
>Norwegian Bokmål
</li
>
1791 <li
>German
</li
>
1792 <li
>Indonesian
</li
>
1793 <li
>Brazil Portuguese
</li
>
1794 <li
>Spanish
</li
>
1798 <p
>This is the list of languages more than
70% complete, in other
1799 words with not too much left to do:
</p
>
1803 <li
>Chinese (Simplified) -
90%
</li
>
1804 <li
>French -
79%
</li
>
1805 <li
>Italian -
79%
</li
>
1806 <li
>Japanese -
77%
</li
>
1807 <li
>Arabic (Morocco) -
75%
</li
>
1808 <li
>Persian -
71%
</li
>
1812 <p
>I wonder how long it will take to bring these to
100%.
</p
>
1814 <p
>Then there is the list of languages about halfway done:
</p
>
1818 <li
>Russian -
63%
</li
>
1819 <li
>Swedish -
53%
</li
>
1820 <li
>Chinese (Traditional) -
46%
</li
>
1821 <li
>Catalan -
45%
</li
>
1825 <p
>Several are on to a good start:
</p
>
1829 <li
>Dutch -
26%
</li
>
1830 <li
>Vietnamese -
25%
</li
>
1831 <li
>Polish -
23%
</li
>
1832 <li
>Czech -
22%
</li
>
1833 <li
>Turkish -
18%
</li
>
1837 <p
>Finally, there are the ones just getting started:
</p
>
1841 <li
>Korean -
4%
</li
>
1842 <li
>Croatian -
2%
</li
>
1843 <li
>Greek -
2%
</li
>
1844 <li
>Danish -
1%
</li
>
1845 <li
>Romanian -
1%
</li
>
1849 <p
>If you want to help provide a Debian instruction book in your own
1851 <a href=
"https://hosted.weblate.org/projects/debian-handbook/#languages
">Weblate
</a
>
1852 to contribute to the translations.
</p
>
1854 <p
>As usual, if you use Bitcoin and want to show your support of my
1855 activities, please send Bitcoin donations to my address
1856 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1861 <title>Latest Jami back in Debian Testing, and scriptable using dbus
</title>
1862 <link>https://people.skolelinux.org/pere/blog/Latest_Jami_back_in_Debian_Testing__and_scriptable_using_dbus.html
</link>
1863 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Latest_Jami_back_in_Debian_Testing__and_scriptable_using_dbus.html
</guid>
1864 <pubDate>Tue,
12 Jan
2021 17:
00:
00 +
0100</pubDate>
1865 <description><p
>After a lot of hard work by its maintainer Alexandre Viau and
1866 others, the decentralized communication platform
1867 <a href=
"https://en.wikipedia.org/wiki/Jami_(software)
">Jami
</a
>
1868 (earlier known as Ring), managed to get
1869 <a href=
"https://tracker.debian.org/pkg/ring
">its latest version
</a
>
1870 into Debian Testing. Several of its dependencies has caused build and
1871 propagation problems, which all seem to be solved now.
</p
>
1873 <p
>In addition to the fact that Jami is decentralized, similar to how
1874 bittorrent is decentralized, I first of all like how it is not
1875 connected to external IDs like phone numbers. This allow me to set up
1876 computers to send me notifications using Jami without having to find
1877 get a phone number for each computer. Automatic notification via Jami
1878 is also made trivial thanks to the provided client side API (as a DBus
1879 service). Here is my bourne shell script demonstrating how to let any
1880 system send a message to any Jami address. It will create a new
1881 identity before sending the message, if no Jami identity exist
1884 <p
><pre
>
1887 # Usage: $
0 <jami-address
> <message
>
1889 # Send
<message
> to
<jami-address
>, create local jami account if
1892 # License: GPL v2 or later at your choice
1893 # Author: Petter Reinholdtsen
1896 if [ -z
"$HOME
" ] ; then
1897 echo
"error: missing \$HOME, required for dbus to work
"
1901 # First, get dbus running if not already running
1902 DBUSLAUNCH=/usr/bin/dbus-launch
1903 PIDFILE=/run/asterisk/dbus-session.pid
1904 if [ -e $PIDFILE ] ; then
1906 if ! kill -
0 $DBUS_SESSION_BUS_PID
2>/dev/null ; then
1907 unset DBUS_SESSION_BUS_ADDRESS
1910 if [ -z
"$DBUS_SESSION_BUS_ADDRESS
" ]
&& [ -x
"$DBUSLAUNCH
" ]; then
1911 DBUS_SESSION_BUS_ADDRESS=
"unix:path=$HOME/.dbus
"
1912 dbus-daemon --session --address=
"$DBUS_SESSION_BUS_ADDRESS
" --nofork --nopidfile --syslog-only
< /dev/null
> /dev/null
2>&1 3>&1 &
1913 DBUS_SESSION_BUS_PID=$!
1915 echo DBUS_SESSION_BUS_PID=$DBUS_SESSION_BUS_PID
1916 echo DBUS_SESSION_BUS_ADDRESS=\
""$DBUS_SESSION_BUS_ADDRESS
"\
"
1917 echo export DBUS_SESSION_BUS_ADDRESS
1923 part=
"$
1"; shift
1924 op=
"$
1"; shift
1925 dbus-send --session \
1926 --dest=
"cx.ring.Ring
" /cx/ring/Ring/$part cx.ring.Ring.$part.$op $*
1930 part=
"$
1"; shift
1931 op=
"$
1"; shift
1932 dbus-send --session --print-reply \
1933 --dest=
"cx.ring.Ring
" /cx/ring/Ring/$part cx.ring.Ring.$part.$op $*
1937 dringopreply ConfigurationManager getAccountList | \
1938 grep string | awk -F
'"' '{print $
2}
' | head -n
1
1941 account=$(firstaccount)
1943 if [ -z
"$account
" ] ; then
1944 echo
"Missing local account, trying to create it
"
1945 dringop ConfigurationManager addAccount \
1946 dict:string:string:
"Account.type
",
"RING
",
"Account.videoEnabled
",
"false
"
1947 account=$(firstaccount)
1948 if [ -z
"$account
" ] ; then
1949 echo
"unable to create local account
"
1954 # Not using dringopreply to ensure $
2 can contain spaces
1955 dbus-send --print-reply --session \
1956 --dest=cx.ring.Ring \
1957 /cx/ring/Ring/ConfigurationManager \
1958 cx.ring.Ring.ConfigurationManager.sendTextMessage \
1959 string:
"$account
" string:
"$
1" \
1960 dict:string:string:
"text/plain
",
"$
2"
1961 </pre
></p
>
1963 <p
>If you want to check it out yourself, visit the
1964 <a href=
"https://jami.net/
">the Jami system project page
</a
> to learn
1965 more, and install the latest Jami client from Debian Unstable or
1968 <p
>As usual, if you use Bitcoin and want to show your support of my
1969 activities, please send Bitcoin donations to my address
1970 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1975 <title>Buster based Bokmål edition of Debian Administrator
's Handbook
</title>
1976 <link>https://people.skolelinux.org/pere/blog/Buster_based_Bokm_l_edition_of_Debian_Administrator_s_Handbook.html
</link>
1977 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Buster_based_Bokm_l_edition_of_Debian_Administrator_s_Handbook.html
</guid>
1978 <pubDate>Tue,
20 Oct
2020 18:
35:
00 +
0200</pubDate>
1979 <description><p align=
"center
"><img align=
"center
" src=
"https://people.skolelinux.org/pere/blog/images/
2020-
10-
20-debian-handbook-nb-testprint.jpeg
" width=
"60%
"/
></p
>
1981 <p
>I am happy to report that we finally made it! Norwegian Bokmål
1982 became the first translation published on paper of the new Buster
1983 based edition of
"<a href=
"https://debian-handbook.info/
">The Debian
1984 Administrator
's Handbook
</a
>". The print proof reading copy arrived
1985 some days ago, and it looked good, so now the book is approved for
1986 general distribution. This updated paperback edition
<a
1987 href=
"https://debian-handbook.info/get/#norwegian
">is available from
1988 lulu.com
</a
>. The book is also available for download in electronic
1989 form as PDF, EPUB and Mobipocket, and can also be
1990 <a href=
"https://debian-handbook.info/browse/nb-NO/stable/
">read online
</a
>.
</p
>
1992 <p
>I am very happy to wrap up this Creative Common licensed project,
1993 which concludes several months of work by several volunteers. The
1994 number of Linux related books published in Norwegian are few, and I
1995 really hope this one will gain many readers, as it is packed with deep
1996 knowledge on Linux and the Debian ecosystem. The book will be
1997 available for various Internet book stores like Amazon and Barnes
&
1998 Noble soon, but I recommend buying
1999 "<a href=
"https://www.lulu.com/en/us/shop/roland-mas-and-rapha%C3%ABl-hertzog/h%C3%A5ndbok-for-debian-administratoren/paperback/product-
9j7qwq.html
">Håndbok
2000 for Debian-administratoren
</a
>" directly from the source at Lulu.
2002 <p
>As usual, if you use Bitcoin and want to show your support of my
2003 activities, please send Bitcoin donations to my address
2004 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2009 <title>Buster update of Norwegian Bokmål edition of Debian Administrator
's Handbook almost done
</title>
2010 <link>https://people.skolelinux.org/pere/blog/Buster_update_of_Norwegian_Bokm_l_edition_of_Debian_Administrator_s_Handbook_almost_done.html
</link>
2011 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Buster_update_of_Norwegian_Bokm_l_edition_of_Debian_Administrator_s_Handbook_almost_done.html
</guid>
2012 <pubDate>Fri,
11 Sep
2020 09:
45:
00 +
0200</pubDate>
2013 <description><p
>Thanks to the good work of several volunteers, the updated edition
2014 of the Norwegian translation for
2015 "<a href=
"https://debian-handbook.info/
">The Debian Administrator
's
2016 Handbook
</a
>" is now almost completed. After many months of proof
2017 reading, I consider the proof reading complete enough for us to move
2018 to the next step, and have asked for the print version to be prepared
2019 and sent of to the print on demand service lulu.com. While it is
2020 still not to late if you find any incorrect translations on
2021 <a href=
"https://hosted.weblate.org/languages/nb_NO/debian-handbook/
">the
2022 hosted Weblate service
</a
>, but it will be soon. :) You can check out
2023 <a href=
" https://debian-handbook.info/browse/nb-NO/stable/
">the Buster
2024 edition on the web
</a
> until the print edition is ready.
</p
>
2026 <p
>The book will be for sale on lulu.com and various web book stores,
2027 with links available from the web site for the book linked to above.
2028 I hope a lot of readers find it useful.
</p
>
2030 <p
>As usual, if you use Bitcoin and want to show your support of my
2031 activities, please send Bitcoin donations to my address
2032 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2037 <title>Working on updated Norwegian Bokmål edition of Debian Administrator
's Handbook
</title>
2038 <link>https://people.skolelinux.org/pere/blog/Working_on_updated_Norwegian_Bokm_l_edition_of_Debian_Administrator_s_Handbook.html
</link>
2039 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Working_on_updated_Norwegian_Bokm_l_edition_of_Debian_Administrator_s_Handbook.html
</guid>
2040 <pubDate>Sat,
4 Jul
2020 23:
55:
00 +
0200</pubDate>
2041 <description><p
>Three years ago, the first Norwegian Bokmål edition of
2042 "<a href=
"https://debian-handbook.info/
">The Debian Administrator
's
2043 Handbook
</a
>" was published. This was based on Debian Jessie. Now a
2044 new and updated version based on Buster is getting ready. Work on the
2045 updated Norwegian Bokmål edition has been going on for a few months
2046 now, and yesterday, we reached the first mile stone, with
100% of the
2047 texts being translated. A lot of proof reading remains, of course,
2048 but a major step towards a new edition has been taken.
</p
>
2050 <p
>The book is translated by volunteers, and we would love to get some
2051 help with the proof reading. The translation uses
2052 <a href=
"https://hosted.weblate.org/languages/nb_NO/debian-handbook/
">the
2053 hosted Weblate service
</a
>, and we welcome everyone to have a look and
2054 submit improvements and suggestions. There is also a proof readers
2055 PDF available on request, get in touch if you want to help out that
2058 <p
>As usual, if you use Bitcoin and want to show your support of my
2059 activities, please send Bitcoin donations to my address
2060 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2065 <title>Secure Socket API - a simple and powerful approach for TLS support in software
</title>
2066 <link>https://people.skolelinux.org/pere/blog/Secure_Socket_API___a_simple_and_powerful_approach_for_TLS_support_in_software.html
</link>
2067 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Secure_Socket_API___a_simple_and_powerful_approach_for_TLS_support_in_software.html
</guid>
2068 <pubDate>Sat,
6 Jun
2020 12:
40:
00 +
0200</pubDate>
2069 <description><p
>As a member of the
<a href=
"https://www.nuug.no/
">Norwegian Unix
2070 User Group
</a
>, I have the pleasure of receiving the
2071 <a href=
"https://www.usenix.org/
">USENIX
</a
> magazine
2072 <a href=
"https://www.usenix.org/publications/login/
">;login:
</a
>
2073 several times a year. I rarely have time to read all the articles,
2074 but try to at least skim through them all as there is a lot of nice
2075 knowledge passed on there. I even carry the latest issue with me most
2076 of the time to try to get through all the articles when I have a few
2077 spare minutes.
</p
>
2079 <p
>The other day I came across a nice article titled
2080 "<a href=
"https://www.usenix.org/publications/login/winter2018/oneill
">The
2081 Secure Socket API: TLS as an Operating System Service
</a
>" with a
2082 marvellous idea I hope can make it all the way into the POSIX standard.
2083 The idea is as simple as it is powerful. By introducing a new
2084 socket() option IPPROTO_TLS to use TLS, and a system wide service to
2085 handle setting up TLS connections, one both make it trivial to add TLS
2086 support to any program currently using the POSIX socket API, and gain
2087 system wide control over certificates, TLS versions and encryption
2088 systems used. Instead of doing this:
</p
>
2090 <p
><blockquote
><pre
>
2091 int socket = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
2092 </pre
></blockquote
></p
>
2094 <p
>the program code would be doing this:
<p
>
2096 <p
><blockquote
><pre
>
2097 int socket = socket(PF_INET, SOCK_STREAM, IPPROTO_TLS);
2098 </pre
></blockquote
></p
>
2100 <p
>According to the ;login: article, converting a C program to use TLS
2101 would normally modify only
5-
10 lines in the code, which is amazing
2102 when compared to using for example the OpenSSL API.
</p
>
2104 <p
>The project has set up the
2105 <a href=
"https://securesocketapi.org/
">https://securesocketapi.org/
</a
>
2106 web site to spread the idea, and the code for a kernel module and the
2107 associated system daemon is available from two github repositories:
2108 <a href=
"https://github.com/markoneill/ssa
">ssa
</a
> and
2109 <a href=
"https://github.com/markoneill/ssa-daemon
">ssa-daemon
</a
>.
2110 Unfortunately there is no explicit license information with the code,
2111 so its copyright status is unclear. A
2112 <a href=
"https://github.com/markoneill/ssa/issues/
2">request to solve
2113 this
</a
> about it has been unsolved since
2018-
08-
17.
</p
>
2115 <p
>I love the idea of extending socket() to gain TLS support, and
2116 understand why it is an advantage to implement this as a kernel module
2117 and system wide service daemon, but can not help to think that it
2118 would be a lot easier to get projects to move to this way of setting
2119 up TLS if it was done with a user space approach where programs
2120 wanting to use this API approach could just link with a wrapper
2123 <p
>I recommend you check out this simple and powerful approach to more
2124 secure network connections. :)
</p
>
2126 <p
>As usual, if you use Bitcoin and want to show your support of my
2127 activities, please send Bitcoin donations to my address
2128 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2133 <title>Jami as a Zoom client, a trick for password protected rooms...
</title>
2134 <link>https://people.skolelinux.org/pere/blog/Jami_as_a_Zoom_client__a_trick_for_password_protected_rooms___.html
</link>
2135 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Jami_as_a_Zoom_client__a_trick_for_password_protected_rooms___.html
</guid>
2136 <pubDate>Fri,
8 May
2020 13:
30:
00 +
0200</pubDate>
2137 <description><p
>Half a year ago,
2138 <a href=
"https://people.skolelinux.org/pere/blog/Jami_Ring__finally_functioning_peer_to_peer_communication_client.html
">I
2139 wrote
</a
> about
<a href=
"https://jami.net/
">the Jami communication
2140 client
</a
>, capable of peer-to-peer encrypted communication. It
2141 handle both messages, audio and video. It uses distributed hash
2142 tables instead of central infrastructure to connect its users to each
2143 other, which in my book is a plus. I mentioned briefly that it could
2144 also work as a SIP client, which came in handy when the higher
2145 educational sector in Norway started to promote Zoom as its video
2146 conferencing solution. I am reluctant to use the official Zoom client
2147 software, due to their
<a href=
"https://zoom.us/terms
">copyright
2148 license clauses
</a
> prohibiting users to reverse engineer (for example
2149 to check the security) and benchmark it, and thus prefer to connect to
2150 Zoom meetings with free software clients.
</p
>
2152 <p
>Jami worked OK as a SIP client to Zoom as long as there was no
2153 password set on the room. The Jami daemon leak memory like crazy
2154 (approximately
1 GiB a minute) when I am connected to the video
2155 conference, so I had to restart the client every
7-
10 minutes, which
2156 is not great. I tried to get other SIP Linux clients to work
2157 without success, so I decided I would have to live with this wart
2158 until someone managed to fix the leak in the dring code base. But
2159 another problem showed up once the rooms were password protected. I
2160 could not get my dial tone signaling through from Jami to Zoom, and
2161 dial tone signaling is used to enter the password when connecting to
2162 Zoom. I tried a lot of different permutations with my Jami and
2163 Asterisk setup to try to figure out why the signaling did not get
2164 through, only to finally discover that the fundamental problem seem to
2165 be that Zoom is simply not able to receive dial tone signaling when
2166 connecting via SIP. There seem to be nothing wrong with the Jami and
2167 Asterisk end, it is simply broken in the Zoom end. I got help from a
2168 very skilled VoIP engineer figuring out this last part. And being a
2169 very skilled engineer, he was also able to locate a solution for me.
2170 Or to be exact, a workaround that solve my initial problem of
2171 connecting to password protected Zoom rooms using Jami.
</p
>
2173 <p
>So, how do you do this, I am sure you are wondering by now. The
2175 <a href=
"https://support.zoom.us/hc/en-us/articles/
202405539-H-
323-SIP-Room-Connector-Dial-Strings#sip
">documented
2176 from Zoom
</a
>, and it is to modify the SIP address to include the room
2177 password. What is most surprising about this is that the
2178 automatically generated email from Zoom with instructions on how to
2179 connect via SIP do not mention this. The SIP address to use normally
2180 consist of the room ID (a number), an @ character and the IP address
2181 of the Zoom SIP gateway. But Zoom understand a lot more than just the
2182 room ID in front of the at sign. The format is
"<tt
>[Meeting
2183 ID].[Password].[Layout].[Host Key]
</tt
>", and you can here see how you
2184 can both enter password, control the layout (full screen, active
2185 presence and gallery) and specify the host key to start the meeting.
2186 The full SIP address entered into Jami to provide the password will
2187 then look like this (all using made up numbers):
</p
>
2189 <p
><blockquote
>
2190 <tt
>sip:
657837644.522827@
192.168.169.170</tt
>
2191 </blockquote
></p
>
2193 <p
>Now if only jami would reduce its memory usage, I could even
2194 recommend this setup to others. :)
</p
>
2196 <p
>As usual, if you use Bitcoin and want to show your support of my
2197 activities, please send Bitcoin donations to my address
2198 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2203 <title>GnuCOBOL, a free platform to learn and use COBOL - nice free software
</title>
2204 <link>https://people.skolelinux.org/pere/blog/GnuCOBOL__a_free_platform_to_learn_and_use_COBOL___nice_free_software.html
</link>
2205 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/GnuCOBOL__a_free_platform_to_learn_and_use_COBOL___nice_free_software.html
</guid>
2206 <pubDate>Wed,
29 Apr
2020 13:
10:
00 +
0200</pubDate>
2207 <description><p
>The curiosity got the better of me when
2208 <a href=
"https://developers.slashdot.org/story/
20/
04/
06/
1424246/new-jersey-desperately-needs-cobol-programmers
">Slashdot
2209 reported
</a
> that New Jersey was desperately looking for
2210 <a href=
"https://en.wikipedia.org/wiki/COBOL
">COBOL
</a
> programmers,
2211 and a few days later it was reported that
2212 <a href=
"https://onezero.medium.com/ibm-rallies-cobol-engineers-to-save-overloaded-unemployment-systems-eeadf13eddce
">IBM
2213 tried to locate COBOL programmers
</a
>.
</p
>
2215 <p
>I thus decided to have a look at free software alternatives to
2216 learn COBOL, and had the pleasure to find
2217 <a href=
"https://sourceforge.net/projects/open-cobol/
">GnuCOBOL
</a
> was
2218 already
<a href=
"https://tracker.debian.org/pkg/gnucobol
">in
2219 Debian
</a
>. It used to be called Open Cobol, and is a
"compiler
"
2220 transforming COBOL code to C or C++ before giving it to GCC or Visual
2221 Studio to build binaries.
</p
>
2223 <p
>I managed to get in touch with upstream, and was impressed with the
2224 quick response, and also was happy to see a new Debian maintainer
2225 taking over when the original one recently asked to be replaced. A
2226 new Debian upload was done as recently as yesterday.
</p
>
2228 <p
>Using the Debian package, I was able to follow a simple COBOL
2229 introduction and make and run simple COBOL programs. It was fun to
2230 learn a new programming language. If you want to test for yourself,
2231 <a href=
"https://en.wikipedia.org/wiki/GnuCOBOL
">the GnuCOBOL Wikipedia
2232 page
</a
> have a few simple examples to get you startet.
</p
>
2234 <p
>As I do not have much experience with COBOL, I do not know how
2235 standard compliant it is, but it claim to pass most tests from COBOL
2236 test suite, which sound good to me. It is nice to know it is possible
2237 to learn COBOL using software without any usage restrictions, and I am
2238 very happy such nice free software project as this is available. If
2239 you as me is curious about COBOL, check it out.
</p
>
2241 <p
>As usual, if you use Bitcoin and want to show your support of my
2242 activities, please send Bitcoin donations to my address
2243 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2248 <title>Jami/Ring, finally functioning peer to peer communication client
</title>
2249 <link>https://people.skolelinux.org/pere/blog/Jami_Ring__finally_functioning_peer_to_peer_communication_client.html
</link>
2250 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Jami_Ring__finally_functioning_peer_to_peer_communication_client.html
</guid>
2251 <pubDate>Wed,
19 Jun
2019 08:
50:
00 +
0200</pubDate>
2252 <description><p
>Some years ago, in
2016, I
2253 <a href=
"https://people.skolelinux.org/pere/blog/Experience_and_updated_recipe_for_using_the_Signal_app_without_a_mobile_phone.html
">wrote
2254 for the first time about
</a
> the Ring peer to peer messaging system.
2255 It would provide messaging without any central server coordinating the
2256 system and without requiring all users to register a phone number or
2257 own a mobile phone. Back then, I could not get it to work, and put it
2258 aside until it had seen more development. A few days ago I decided to
2259 give it another try, and am happy to report that this time I am able
2260 to not only send and receive messages, but also place audio and video
2261 calls. But only if UDP is not blocked into your network.
</p
>
2263 <p
>The Ring system changed name earlier this year to
2264 <a href=
"https://en.wikipedia.org/wiki/Jami_(software)
">Jami
</a
>. I
2265 tried doing web search for
'ring
' when I discovered it for the first
2266 time, and can only applaud this change as it is impossible to find
2267 something called Ring among the noise of other uses of that word. Now
2268 you can search for
'jami
' and this client and
2269 <a href=
"https://jami.net/
">the Jami system
</a
> is the first hit at
2270 least on duckduckgo.
</p
>
2272 <p
>Jami will by default encrypt messages as well as audio and video
2273 calls, and try to send them directly between the communicating parties
2274 if possible. If this proves impossible (for example if both ends are
2275 behind NAT), it will use a central SIP TURN server maintained by the
2276 Jami project. Jami can also be a normal SIP client. If the SIP
2277 server is unencrypted, the audio and video calls will also be
2278 unencrypted. This is as far as I know the only case where Jami will
2279 do anything without encryption.
</p
>
2281 <p
>Jami is available for several platforms: Linux, Windows, MacOSX,
2282 Android, iOS, and Android TV. It is included in Debian already. Jami
2283 also work for those using F-Droid without any Google connections,
2284 while Signal do not.
2285 <a href=
"https://git.jami.net/savoirfairelinux/ring-project/wikis/technical/Protocol
">The
2286 protocol
</a
> is described in the Ring project wiki. The system uses a
2287 distributed hash table (DHT) system (similar to BitTorrent) running
2288 over UDP. On one of the networks I use, I discovered Jami failed to
2289 work. I tracked this down to the fact that incoming UDP packages
2290 going to ports
1-
49999 were blocked, and the DHT would pick a random
2291 port and end up in the low range most of the time. After talking to
2292 the developers, I solved this by enabling the dhtproxy in the
2293 settings, thus using TCP to talk to a central DHT proxy instead of
2295 peering directly with others. I
've been told the developers are
2296 working on allowing DHT to use TCP to avoid this problem. I also ran
2297 into a problem when trying to talk to the version of Ring included in
2298 Debian Stable (Stretch). Apparently the protocol changed between
2299 beta2 and the current version, making these clients incompatible.
2300 Hopefully the protocol will not be made incompatible in the
2303 <p
>It is worth noting that while looking at Jami and its features, I
2304 came across another communication platform I have not tested yet. The
2305 <a href=
"https://en.wikipedia.org/wiki/Tox_(protocol)
">Tox protocol
</a
>
2306 and
<a href=
"https://tox.chat/
">family of Tox clients
</a
>. It might
2307 become the topic of a future blog post.
</p
>
2309 <p
>As usual, if you use Bitcoin and want to show your support of my
2310 activities, please send Bitcoin donations to my address
2311 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2316 <title>Strategispillet Unknown Horizons nå tilgjengelig på bokmål
</title>
2317 <link>https://people.skolelinux.org/pere/blog/Strategispillet_Unknown_Horizons_n__tilgjengelig_p__bokm_l.html
</link>
2318 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Strategispillet_Unknown_Horizons_n__tilgjengelig_p__bokm_l.html
</guid>
2319 <pubDate>Wed,
23 Jan
2019 07:
50:
00 +
0100</pubDate>
2320 <description><p
>I høst ble jeg inspirert til å bidra til oversettelsen av
2321 <a href=
"http://unknown-horizons.org/
">strategispillet Unknown
2322 Horizons
</a
>, og oversatte de nesten
200 strengene i prosjektet til
2323 bokmål. Deretter har jeg gått å ventet på at det kom en ny utgave som
2324 inneholdt disse oversettelsene. Nå er endelig ventetiden over. Den
2325 nye versjonen kom på nyåret, og ble
2326 <a href=
"https://tracker.debian.org/pkg/unknown-horizons
">lastet opp i
2327 Debian
</a
> for noen få dager siden. I går kveld fikk jeg testet det ut, og
2328 må innrømme at oversettelsene fungerer fint. Fant noen få tekster som
2329 måtte justeres, men ikke noe alvorlig. Har oppdatert
2330 <a href=
"https://hosted.weblate.org/projects/uh/
">oversettelsen på
2331 Weblate
</a
>, slik at neste utgave vil være enda bedre. :)
</p
>
2333 <p
>Spillet er et ressursstyringsspill ala Civilization, og er morsomt
2334 å spille for oss som liker slikt. :)
</p
>
2336 <p
>Som vanlig, hvis du bruker Bitcoin og ønsker å vise din støtte til
2337 det jeg driver med, setter jeg pris på om du sender Bitcoin-donasjoner
2339 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
2340 Merk, betaling med bitcoin er ikke anonymt. :)
</p
>
2345 <title>Debian now got everything you need to program Micro:bit
</title>
2346 <link>https://people.skolelinux.org/pere/blog/Debian_now_got_everything_you_need_to_program_Micro_bit.html
</link>
2347 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Debian_now_got_everything_you_need_to_program_Micro_bit.html
</guid>
2348 <pubDate>Tue,
22 Jan
2019 17:
20:
00 +
0100</pubDate>
2349 <description><p
>I am amazed and very pleased to discover that since a few days ago,
2350 everything you need to program the
<a href=
"https://microbit.org/
">BBC
2351 micro:bit
</a
> is available from the Debian archive. All this is
2352 thanks to the hard work of Nick Morrott and the Debian python
2353 packaging team. The micro:bit project recommend the mu-editor to
2354 program the microcomputer, as this editor will take care of all the
2355 machinery required to injekt/flash micropython alongside the program
2356 into the micro:bit, as long as the pieces are available.
</p
>
2358 <p
>There are three main pieces involved. The first to enter Debian
2360 <a href=
"https://tracker.debian.org/pkg/python-uflash
">python-uflash
</a
>,
2361 which was accepted into the archive
2019-
01-
12. The next one was
2362 <a href=
"https://tracker.debian.org/pkg/mu-editor
">mu-editor
</a
>, which
2363 showed up
2019-
01-
13. The final and hardest part to to into the
2365 <a href=
"https://tracker.debian.org/pkg/firmware-microbit-micropython
">firmware-microbit-micropython
</a
>,
2366 which needed to get its build system and dependencies into Debian
2367 before it was accepted
2019-
01-
20. The last one is already in Debian
2368 Unstable and should enter Debian Testing / Buster in three days. This
2369 all allow any user of the micro:bit to get going by simply running
2370 'apt install mu-editor
' when using Testing or Unstable, and once
2371 Buster is released as stable, all the users of Debian stable will be
2372 catered for.
</p
>
2374 <p
>As a minor final touch, I added rules to
2375 <a href=
"https://tracker.debian.org/pkg/isenkram
">the isenkram
2376 package
</a
> for recognizing micro:bit and recommend the mu-editor
2377 package. This make sure any user of the isenkram desktop daemon will
2378 get a popup suggesting to install mu-editor then the USB cable from
2379 the micro:bit is inserted for the first time.
</p
>
2381 <p
>This should make it easier to have fun.
</p
>
2383 <p
>As usual, if you use Bitcoin and want to show your support of my
2384 activities, please send Bitcoin donations to my address
2385 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2390 <title>Learn to program with Minetest on Debian
</title>
2391 <link>https://people.skolelinux.org/pere/blog/Learn_to_program_with_Minetest_on_Debian.html
</link>
2392 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Learn_to_program_with_Minetest_on_Debian.html
</guid>
2393 <pubDate>Sat,
15 Dec
2018 15:
30:
00 +
0100</pubDate>
2394 <description><p
>A fun way to learn how to program
2395 <a href=
"https://www.python.org/
">Python
</a
> is to follow the
2396 instructions in the book
2397 "<a href=
"https://nostarch.com/programwithminecraft
">Learn to program
2398 with Minecraft
</a
>", which introduces programming in Python to people
2399 who like to play with Minecraft. The book uses a Python library to
2400 talk to a TCP/IP socket with an API accepting build instructions and
2401 providing information about the current players in a Minecraft world.
2402 The TCP/IP API was first created for the Minecraft implementation for
2403 Raspberry Pi, and has since been ported to some server versions of
2404 Minecraft. The book contain recipes for those using Windows, MacOSX
2405 and Raspian. But a little known fact is that you can follow the same
2406 recipes using the free software construction game
2407 <a href=
"https://minetest.net/
">Minetest
</a
>.
</p
>
2409 <p
>There is
<a href=
"https://github.com/sprintingkiwi/pycraft_mod
">a
2410 Minetest module implementing the same API
</a
>, making it possible to
2411 use the Python programs coded to talk to Minecraft with Minetest too.
2413 <a href=
"https://ftp-master.debian.org/new/minetest-mod-pycraft_0.20%
2Bgit20180331.0376a0a%
2Bdfsg-
1.html
">uploaded
2414 this module
</a
> to Debian two weeks ago, and as soon as it clears the
2415 FTP masters NEW queue, learning to program Python with Minetest on
2416 Debian will be a simple
'apt install
' away. The Debian package is
2417 maintained as part of the Debian Games team, and
2418 <a href=
"https://salsa.debian.org/games-team/unfinished/minetest-mod-pycraft
">the
2419 packaging rules
</a
> are currently located under
'unfinished
' on
2422 <p
>You will most likely need to install several of the Minetest
2423 modules in Debian for the examples included with the library to work
2424 well, as there are several blocks used by the example scripts that are
2425 provided via modules in Minetest. Without the required blocks, a
2426 simple stone block is used instead. My initial testing with a analog
2427 clock did not get gold arms as instructed in the python library, but
2428 instead used stone arms.
</p
>
2430 <p
>I tried to find a way to add the API to the desktop version of
2431 Minecraft, but were unable to find any working recipes. The
2432 <a href=
"https://www.epiphanydigest.com/tag/minecraft-python-api/
">recipes
</a
>
2433 I
<a href=
"https://github.com/kbsriram/mcpiapi
">found
</a
> are only
2434 working with a standalone Minecraft server setup. Are there any
2435 options to use with the normal desktop version?
</p
>
2437 <p
>As usual, if you use Bitcoin and want to show your support of my
2438 activities, please send Bitcoin donations to my address
2439 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2444 <title>Time for an official MIME type for patches?
</title>
2445 <link>https://people.skolelinux.org/pere/blog/Time_for_an_official_MIME_type_for_patches_.html
</link>
2446 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Time_for_an_official_MIME_type_for_patches_.html
</guid>
2447 <pubDate>Thu,
1 Nov
2018 08:
15:
00 +
0100</pubDate>
2448 <description><p
>As part of my involvement in
2449 <a href=
"https://gitlab.com/OsloMet-ABI/nikita-noark5-core
">the Nikita
2450 archive API project
</a
>, I
've been importing a fairly large lump of
2451 emails into a test instance of the archive to see how well this would
2452 go. I picked a subset of
<a href=
"https://notmuchmail.org/
">my
2453 notmuch email database
</a
>, all public emails sent to me via
2454 @lists.debian.org, giving me a set of around
216 000 emails to import.
2455 In the process, I had a look at the various attachments included in
2456 these emails, to figure out what to do with attachments, and noticed
2457 that one of the most common attachment formats do not have
2458 <a href=
"https://www.iana.org/assignments/media-types/media-types.xhtml
">an
2459 official MIME type
</a
> registered with IANA/IETF. The output from
2460 diff, ie the input for patch, is on the top
10 list of formats
2461 included in these emails. At the moment people seem to use either
2462 text/x-patch or text/x-diff, but neither is officially registered. It
2463 would be better if one official MIME type were registered and used
2464 everywhere.
</p
>
2466 <p
>To try to get one official MIME type for these files, I
've brought
2468 <a href=
"https://www.ietf.org/mailman/listinfo/media-types
">the
2469 media-types mailing list
</a
>. If you are interested in discussion
2470 which MIME type to use as the official for patch files, or involved in
2471 making software using a MIME type for patches, perhaps you would like
2472 to join the discussion?
</p
>
2474 <p
>As usual, if you use Bitcoin and want to show your support of my
2475 activities, please send Bitcoin donations to my address
2476 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2481 <title>Automatic Google Drive sync using grive in Debian
</title>
2482 <link>https://people.skolelinux.org/pere/blog/Automatic_Google_Drive_sync_using_grive_in_Debian.html
</link>
2483 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Automatic_Google_Drive_sync_using_grive_in_Debian.html
</guid>
2484 <pubDate>Thu,
4 Oct
2018 15:
20:
00 +
0200</pubDate>
2485 <description><p
>A few days, I rescued a Windows victim over to Debian. To try to
2486 rescue the remains, I helped set up automatic sync with Google Drive.
2487 I did not find any sensible Debian package handling this
2488 automatically, so I rebuild the grive2 source from
2489 <a href=
"http://www.webupd8.org/
">the Ubuntu UPD8 PPA
</a
> to do the
2490 task and added a autostart desktop entry and a small shell script to
2491 run in the background while the user is logged in to do the sync.
2492 Here is a sketch of the setup for future reference.
</p
>
2494 <p
>I first created
<tt
>~/googledrive
</tt
>, entered the directory and
2495 ran
'<tt
>grive -a
</tt
>' to authenticate the machine/user. Next, I
2496 created a autostart hook in
<tt
>~/.config/autostart/grive.desktop
</tt
>
2497 to start the sync when the user log in:
</p
>
2499 <p
><blockquote
><pre
>
2501 Name=Google drive autosync
2503 Exec=/home/user/bin/grive-sync
2504 </pre
></blockquote
></p
>
2506 <p
>Finally, I wrote the
<tt
>~/bin/grive-sync
</tt
> script to sync
2507 ~/googledrive/ with the files in Google Drive.
</p
>
2509 <p
><blockquote
><pre
>
2514 if [
"$syncpid
" ] ; then
2518 trap cleanup EXIT INT QUIT
2519 /usr/lib/grive/grive-sync.sh listen googledrive
2>&1 | sed
"s%^%$
0:%
" &
2522 if ! xhost
>/dev/null
2>&1 ; then
2523 echo
"no DISPLAY, exiting as the user probably logged out
"
2526 if [ ! -e /run/user/
1000/grive-sync.sh_googledrive ] ; then
2527 /usr/lib/grive/grive-sync.sh sync googledrive
2530 done
2>&1 | sed
"s%^%$
0:%
"
2531 </pre
></blockquote
></p
>
2533 <p
>Feel free to use the setup if you want. It can be assumed to be
2534 GNU GPL v2 licensed (or any later version, at your leisure), but I
2535 doubt this code is possible to claim copyright on.
</p
>
2537 <p
>As usual, if you use Bitcoin and want to show your support of my
2538 activities, please send Bitcoin donations to my address
2539 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2544 <title>Using the Kodi API to play Youtube videos
</title>
2545 <link>https://people.skolelinux.org/pere/blog/Using_the_Kodi_API_to_play_Youtube_videos.html
</link>
2546 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Using_the_Kodi_API_to_play_Youtube_videos.html
</guid>
2547 <pubDate>Sun,
2 Sep
2018 23:
40:
00 +
0200</pubDate>
2548 <description><p
>I continue to explore my Kodi installation, and today I wanted to
2549 tell it to play a youtube URL I received in a chat, without having to
2550 insert search terms using the on-screen keyboard. After searching the
2551 web for API access to the Youtube plugin and testing a bit, I managed
2552 to find a recipe that worked. If you got a kodi instance with its API
2553 available from http://kodihost/jsonrpc, you can try the following to
2554 have check out a nice cover band.
</p
>
2556 <p
><blockquote
><pre
>curl --silent --header
'Content-Type: application/json
' \
2557 --data-binary
'{
"id
":
1,
"jsonrpc
":
"2.0",
"method
":
"Player.Open
",
2558 "params
": {
"item
": {
"file
":
2559 "plugin://plugin.video.youtube/play/?video_id=LuRGVM9O0qg
" } } }
' \
2560 http://projector.local/jsonrpc
</pre
></blockquote
></p
>
2562 <p
>I
've extended kodi-stream program to take a video source as its
2563 first argument. It can now handle direct video links, youtube links
2564 and
'desktop
' to stream my desktop to Kodi. It is almost like a
2565 Chromecast. :)
</p
>
2567 <p
>As usual, if you use Bitcoin and want to show your support of my
2568 activities, please send Bitcoin donations to my address
2569 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2574 <title>Sharing images with friends and family using RSS and EXIF/XMP metadata
</title>
2575 <link>https://people.skolelinux.org/pere/blog/Sharing_images_with_friends_and_family_using_RSS_and_EXIF_XMP_metadata.html
</link>
2576 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Sharing_images_with_friends_and_family_using_RSS_and_EXIF_XMP_metadata.html
</guid>
2577 <pubDate>Tue,
31 Jul
2018 23:
30:
00 +
0200</pubDate>
2578 <description><p
>For a while now, I have looked for a sensible way to share images
2579 with my family using a self hosted solution, as it is unacceptable to
2580 place images from my personal life under the control of strangers
2581 working for data hoarders like Google or Dropbox. The last few days I
2582 have drafted an approach that might work out, and I would like to
2583 share it with you. I would like to publish images on a server under
2584 my control, and point some Internet connected display units using some
2585 free and open standard to the images I published. As my primary
2586 language is not limited to ASCII, I need to store metadata using
2587 UTF-
8. Many years ago, I hoped to find a digital photo frame capable
2588 of reading a RSS feed with image references (aka using the
2589 &lt;enclosure
&gt; RSS tag), but was unable to find a current supplier
2590 of such frames. In the end I gave up that approach.
</p
>
2592 <p
>Some months ago, I discovered that
2593 <a href=
"https://www.jwz.org/xscreensaver/
">XScreensaver
</a
> is able to
2594 read images from a RSS feed, and used it to set up a screen saver on
2595 my home info screen, showing images from the Daily images feed from
2596 NASA. This proved to work well. More recently I discovered that
2597 <a href=
"https://kodi.tv
">Kodi
</a
> (both using
2598 <a href=
"https://www.openelec.tv/
">OpenELEC
</a
> and
2599 <a href=
"https://libreelec.tv
">LibreELEC
</a
>) provide the
2600 <a href=
"https://github.com/grinsted/script.screensaver.feedreader
">Feedreader
</a
>
2601 screen saver capable of reading a RSS feed with images and news. For
2602 fun, I used it this summer to test Kodi on my parents TV by hooking up
2603 a Raspberry PI unit with LibreELEC, and wanted to provide them with a
2604 screen saver showing selected pictures from my selection.
</p
>
2606 <p
>Armed with motivation and a test photo frame, I set out to generate
2607 a RSS feed for the Kodi instance. I adjusted my
<a
2608 href=
"https://freedombox.org/
">Freedombox
</a
> instance, created
2609 /var/www/html/privatepictures/, wrote a small Perl script to extract
2610 title and description metadata from the photo files and generate the
2611 RSS file. I ended up using Perl instead of python, as the
2612 libimage-exiftool-perl Debian package seemed to handle the EXIF/XMP
2613 tags I ended up using, while python3-exif did not. The relevant EXIF
2614 tags only support ASCII, so I had to find better alternatives. XMP
2615 seem to have the support I need.
</p
>
2617 <p
>I am a bit unsure which EXIF/XMP tags to use, as I would like to
2618 use tags that can be easily added/updated using normal free software
2619 photo managing software. I ended up using the tags set using this
2620 exiftool command, as these tags can also be set using digiKam:
</p
>
2622 <blockquote
><pre
>
2623 exiftool -headline=
'The RSS image title
' \
2624 -description=
'The RSS image description.
' \
2625 -subject+=for-family photo.jpeg
2626 </pre
></blockquote
>
2628 <p
>I initially tried the
"-title
" and
"keyword
" tags, but they were
2629 invisible in digiKam, so I changed to
"-headline
" and
"-subject
". I
2630 use the keyword/subject
'for-family
' to flag that the photo should be
2631 shared with my family. Images with this keyword set are located and
2632 copied into my Freedombox for the RSS generating script to find.
</p
>
2634 <p
>Are there better ways to do this? Get in touch if you have better
2635 suggestions.
</p
>
2637 <p
>As usual, if you use Bitcoin and want to show your support of my
2638 activities, please send Bitcoin donations to my address
2639 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2644 <title>Simple streaming the Linux desktop to Kodi using GStreamer and RTP
</title>
2645 <link>https://people.skolelinux.org/pere/blog/Simple_streaming_the_Linux_desktop_to_Kodi_using_GStreamer_and_RTP.html
</link>
2646 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Simple_streaming_the_Linux_desktop_to_Kodi_using_GStreamer_and_RTP.html
</guid>
2647 <pubDate>Thu,
12 Jul
2018 17:
55:
00 +
0200</pubDate>
2648 <description><p
>Last night, I wrote
2649 <a href=
"https://people.skolelinux.org/pere/blog/Streaming_the_Linux_desktop_to_Kodi_using_VLC_and_RTSP.html
">a
2650 recipe to stream a Linux desktop using VLC to a instance of Kodi
</a
>.
2651 During the day I received valuable feedback, and thanks to the
2652 suggestions I have been able to rewrite the recipe into a much simpler
2653 approach requiring no setup at all. It is a single script that take
2654 care of it all.
</p
>
2656 <p
>This new script uses GStreamer instead of VLC to capture the
2657 desktop and stream it to Kodi. This fixed the video quality issue I
2658 saw initially. It further removes the need to add a m3u file on the
2659 Kodi machine, as it instead connects to
2660 <a href=
"https://kodi.wiki/view/JSON-RPC_API/v8
">the JSON-RPC API in
2661 Kodi
</a
> and simply ask Kodi to play from the stream created using
2662 GStreamer. Streaming the desktop to Kodi now become trivial. Copy
2663 the script below, run it with the DNS name or IP address of the kodi
2664 server to stream to as the only argument, and watch your screen show
2665 up on the Kodi screen. Note, it depend on multicast on the local
2666 network, so if you need to stream outside the local network, the
2667 script must be modified. Also note, I have no idea if audio work, as
2668 I only care about the picture part.
</p
>
2670 <blockquote
><pre
>
2673 # Stream the Linux desktop view to Kodi. See
2674 # https://people.skolelinux.org/pere/blog/Streaming_the_Linux_desktop_to_Kodi_using_VLC_and_RTSP.html
2675 # for backgorund information.
2677 # Make sure the stream is stopped in Kodi and the gstreamer process is
2678 # killed if something go wrong (for example if curl is unable to find the
2679 # kodi server). Do the same when interrupting this script.
2683 params=
"$
3"
2684 curl --silent --header
'Content-Type: application/json
' \
2685 --data-binary
"{ \
"id\
":
1, \
"jsonrpc\
": \
"2.0\
", \
"method\
": \
"$cmd\
", \
"params\
": $params }
" \
2686 "http://$host/jsonrpc
"
2689 if [ -n
"$kodihost
" ] ; then
2690 # Stop the playing when we end
2691 playerid=$(kodicmd
"$kodihost
" Player.GetActivePlayers
"{}
" |
2692 jq .result[].playerid)
2693 kodicmd
"$kodihost
" Player.Stop
"{ \
"playerid\
" : $playerid }
" > /dev/null
2695 if [
"$gstpid
" ]
&& kill -
0 "$gstpid
" >/dev/null
2>&1; then
2696 kill
"$gstpid
"
2699 trap cleanup EXIT INT
2701 if [ -n
"$
1" ]; then
2712 pasrc=$(pactl list | grep -A2
'Source #
' | grep
'Name: .*\.monitor$
' | \
2713 cut -d
" " -f2|head -
1)
2714 gst-launch-
1.0 ximagesrc use-damage=
0 ! video/x-raw,framerate=
30/
1 ! \
2715 videoconvert ! queue2 ! \
2716 x264enc bitrate=
8000 speed-preset=superfast tune=zerolatency qp-min=
30 \
2717 key-int-max=
15 bframes=
2 ! video/x-h264,profile=high ! queue2 ! \
2718 mpegtsmux alignment=
7 name=mux ! rndbuffersize max=
1316 min=
1316 ! \
2719 udpsink host=$mcast port=$mcastport ttl-mc=$mcastttl auto-multicast=
1 sync=
0 \
2720 pulsesrc device=$pasrc ! audioconvert ! queue2 ! avenc_aac ! queue2 ! mux. \
2721 > /dev/null
2>&1 &
2724 # Give stream a second to get going
2727 # Ask kodi to start streaming using its JSON-RPC API
2728 kodicmd
"$kodihost
" Player.Open \
2729 "{\
"item\
": { \
"file\
": \
"udp://@$mcast:$mcastport\
" } }
" > /dev/null
2731 # wait for gst to end
2732 wait
"$gstpid
"
2733 </pre
></blockquote
>
2735 <p
>I hope you find the approach useful. I know I do.
</p
>
2737 <p
>As usual, if you use Bitcoin and want to show your support of my
2738 activities, please send Bitcoin donations to my address
2739 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2744 <title>Streaming the Linux desktop to Kodi using VLC and RTSP
</title>
2745 <link>https://people.skolelinux.org/pere/blog/Streaming_the_Linux_desktop_to_Kodi_using_VLC_and_RTSP.html
</link>
2746 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Streaming_the_Linux_desktop_to_Kodi_using_VLC_and_RTSP.html
</guid>
2747 <pubDate>Thu,
12 Jul
2018 02:
00:
00 +
0200</pubDate>
2748 <description><p
>PS: See
2749 <ahref=
"https://people.skolelinux.org/pere/blog/Simple_streaming_the_Linux_desktop_to_Kodi_using_GStreamer_and_RTP.html
">the
2750 followup post
</a
> for a even better approach.
</p
>
2752 <p
>A while back, I was asked by a friend how to stream the desktop to
2753 my projector connected to Kodi. I sadly had to admit that I had no
2754 idea, as it was a task I never had tried. Since then, I have been
2755 looking for a way to do so, preferable without much extra software to
2756 install on either side. Today I found a way that seem to kind of
2757 work. Not great, but it is a start.
</p
>
2759 <p
>I had a look at several approaches, for example
2760 <a href=
"https://github.com/mfoetsch/dlna_live_streaming
">using uPnP
2761 DLNA as described in
2011</a
>, but it required a uPnP server, fuse and
2762 local storage enough to store the stream locally. This is not going
2763 to work well for me, lacking enough free space, and it would
2764 impossible for my friend to get working.
</p
>
2766 <p
>Next, it occurred to me that perhaps I could use VLC to create a
2767 video stream that Kodi could play. Preferably using
2768 broadcast/multicast, to avoid having to change any setup on the Kodi
2769 side when starting such stream. Unfortunately, the only recipe I
2770 could find using multicast used the rtp protocol, and this protocol
2771 seem to not be supported by Kodi.
</p
>
2773 <p
>On the other hand, the rtsp protocol is working! Unfortunately I
2774 have to specify the IP address of the streaming machine in both the
2775 sending command and the file on the Kodi server. But it is showing my
2776 desktop, and thus allow us to have a shared look on the big screen at
2777 the programs I work on.
</p
>
2779 <p
>I did not spend much time investigating codeces. I combined the
2780 rtp and rtsp recipes from
2781 <a href=
"https://wiki.videolan.org/Documentation:Streaming_HowTo/Command_Line_Examples/
">the
2782 VLC Streaming HowTo/Command Line Examples
</a
>, and was able to get
2783 this working on the desktop/streaming end.
</p
>
2785 <blockquote
><pre
>
2786 vlc screen:// --sout \
2787 '#transcode{vcodec=mp4v,acodec=mpga,vb=
800,ab=
128}:rtp{dst=projector.local,port=
1234,sdp=rtsp://
192.168.11.4:
8080/test.sdp}
'
2788 </pre
></blockquote
>
2790 <p
>I ssh-ed into my Kodi box and created a file like this with the
2791 same IP address:
</p
>
2793 <blockquote
><pre
>
2794 echo rtsp://
192.168.11.4:
8080/test.sdp \
2795 > /storage/videos/screenstream.m3u
2796 </pre
></blockquote
>
2798 <p
>Note the
192.168.11.4 IP address is my desktops IP address. As far
2799 as I can tell the IP must be hardcoded for this to work. In other
2800 words, if someone elses machine is going to do the steaming, you have
2801 to update screenstream.m3u on the Kodi machine and adjust the vlc
2802 recipe. To get started, locate the file in Kodi and select the m3u
2803 file while the VLC stream is running. The desktop then show up in my
2804 big screen. :)
</p
>
2806 <p
>When using the same technique to stream a video file with audio,
2807 the audio quality is really bad. No idea if the problem is package
2808 loss or bad parameters for the transcode. I do not know VLC nor Kodi
2809 enough to tell.
</p
>
2811 <p
><strong
>Update
2018-
07-
12</strong
>: Johannes Schauer send me a few
2812 succestions and reminded me about an important step. The
"screen:
"
2813 input source is only available once the vlc-plugin-access-extra
2814 package is installed on Debian. Without it, you will see this error
2815 message:
"VLC is unable to open the MRL
'screen://
'. Check the log
2816 for details.
" He further found that it is possible to drop some parts
2817 of the VLC command line to reduce the amount of hardcoded information.
2818 It is also useful to consider using cvlc to avoid having the VLC
2819 window in the desktop view. In sum, this give us this command line on
2822 <blockquote
><pre
>
2823 cvlc screen:// --sout \
2824 '#transcode{vcodec=mp4v,acodec=mpga,vb=
800,ab=
128}:rtp{sdp=rtsp://:
8080/}
'
2825 </pre
></blockquote
>
2827 <p
>and this on the Kodi end
<p
>
2829 <blockquote
><pre
>
2830 echo rtsp://
192.168.11.4:
8080/ \
2831 > /storage/videos/screenstream.m3u
2832 </pre
></blockquote
>
2834 <p
>Still bad image quality, though. But I did discover that streaming
2835 a DVD using dvdsimple:///dev/dvd as the source had excellent video and
2836 audio quality, so I guess the issue is in the input or transcoding
2837 parts, not the rtsp part. I
've tried to change the vb and ab
2838 parameters to use more bandwidth, but it did not make a
2839 difference.
</p
>
2841 <p
>I further received a suggestion from Einar Haraldseid to try using
2842 gstreamer instead of VLC, and this proved to work great! He also
2843 provided me with the trick to get Kodi to use a multicast stream as
2844 its source. By using this monstrous oneliner, I can stream my desktop
2845 with good video quality in reasonable framerate to the
239.255.0.1
2846 multicast address on port
1234:
2848 <blockquote
><pre
>
2849 gst-launch-
1.0 ximagesrc use-damage=
0 ! video/x-raw,framerate=
30/
1 ! \
2850 videoconvert ! queue2 ! \
2851 x264enc bitrate=
8000 speed-preset=superfast tune=zerolatency qp-min=
30 \
2852 key-int-max=
15 bframes=
2 ! video/x-h264,profile=high ! queue2 ! \
2853 mpegtsmux alignment=
7 name=mux ! rndbuffersize max=
1316 min=
1316 ! \
2854 udpsink host=
239.255.0.1 port=
1234 ttl-mc=
1 auto-multicast=
1 sync=
0 \
2855 pulsesrc device=$(pactl list | grep -A2
'Source #
' | \
2856 grep
'Name: .*\.monitor$
' | cut -d
" " -f2|head -
1) ! \
2857 audioconvert ! queue2 ! avenc_aac ! queue2 ! mux.
2858 </pre
></blockquote
>
2860 <p
>and this on the Kodi end
<p
>
2862 <blockquote
><pre
>
2863 echo udp://@
239.255.0.1:
1234 \
2864 > /storage/videos/screenstream.m3u
2865 </pre
></blockquote
>
2867 <p
>Note the trick to pick a valid pulseaudio source. It might not
2868 pick the one you need. This approach will of course lead to trouble
2869 if more than one source uses the same multicast port and address.
2870 Note the ttl-mc=
1 setting, which limit the multicast packages to the
2871 local network. If the value is increased, your screen will be
2872 broadcasted further, one network
"hop
" for each increase (read up on
2873 multicast to learn more. :)!
</p
>
2875 <p
>Having cracked how to get Kodi to receive multicast streams, I
2876 could use this VLC command to stream to the same multicast address.
2877 The image quality is way better than the rtsp approach, but gstreamer
2878 seem to be doing a better job.
</p
>
2880 <blockquote
><pre
>
2881 cvlc screen:// --sout
'#transcode{vcodec=mp4v,acodec=mpga,vb=
800,ab=
128}:rtp{mux=ts,dst=
239.255.0.1,port=
1234,sdp=sap}
'
2882 </pre
></blockquote
>
2884 <p
>As usual, if you use Bitcoin and want to show your support of my
2885 activities, please send Bitcoin donations to my address
2886 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2891 <title>What is the most supported MIME type in Debian in
2018?
</title>
2892 <link>https://people.skolelinux.org/pere/blog/What_is_the_most_supported_MIME_type_in_Debian_in_2018_.html
</link>
2893 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/What_is_the_most_supported_MIME_type_in_Debian_in_2018_.html
</guid>
2894 <pubDate>Mon,
9 Jul
2018 08:
05:
00 +
0200</pubDate>
2895 <description><p
>Five years ago,
2896 <a href=
"https://people.skolelinux.org/pere/blog/What_is_the_most_supported_MIME_type_in_Debian_.html
">I
2897 measured what the most supported MIME type in Debian was
</a
>, by
2898 analysing the desktop files in all packages in the archive. Since
2899 then, the DEP-
11 AppStream system has been put into production, making
2900 the task a lot easier. This made me want to repeat the measurement,
2901 to see how much things changed. Here are the new numbers, for
2902 unstable only this time:
2904 <p
><strong
>Debian Unstable:
</strong
></p
>
2908 ----- -----------------------
2920 30 audio/x-vorbis+ogg
2921 29 image/x-portable-pixmap
2923 27 image/x-portable-bitmap
2925 26 application/x-ogg
2931 <p
>The list was created like this using a sid chroot:
"cat
2932 /var/lib/apt/lists/*sid*_dep11_Components-amd64.yml.gz| zcat | awk
'/^
2933 - \S+\/\S+$/ {print $
2 }
' | sort | uniq -c | sort -nr | head -
20"</p
>
2935 <p
>It is interesting to see how image formats have passed text/plain
2936 as the most announced supported MIME type. These days, thanks to the
2937 AppStream system, if you run into a file format you do not know, and
2938 want to figure out which packages support the format, you can find the
2939 MIME type of the file using
"file --mime
&lt;filename
&gt;
", and then
2940 look up all packages announcing support for this format in their
2941 AppStream metadata (XML or .desktop file) using
"appstreamcli
2942 what-provides mimetype
&lt;mime-type
&gt;. For example if you, like
2943 me, want to know which packages support inode/directory, you can get a
2944 list like this:
</p
>
2946 <p
><blockquote
><pre
>
2947 % appstreamcli what-provides mimetype inode/directory | grep Package: | sort
2954 Package: doublecmd-common
2956 Package: enlightenment
2976 </pre
></blockquote
></p
>
2978 <p
>Using the same method, I can quickly discover that the Sketchup file
2979 format is not yet supported by any package in Debian:
</p
>
2981 <p
><blockquote
><pre
>
2982 % appstreamcli what-provides mimetype application/vnd.sketchup.skp
2983 Could not find component providing
'mimetype::application/vnd.sketchup.skp
'.
2985 </pre
></blockquote
></p
>
2987 <p
>Yesterday I used it to figure out which packages support the STL
3D
2990 <p
><blockquote
><pre
>
2991 % appstreamcli what-provides mimetype application/sla|grep Package
2996 </pre
></blockquote
></p
>
2998 <p
>PS: A new version of Cura was uploaded to Debian yesterday.
</p
>
3000 <p
>As usual, if you use Bitcoin and want to show your support of my
3001 activities, please send Bitcoin donations to my address
3002 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
3007 <title>Debian APT upgrade without enough free space on the disk...
</title>
3008 <link>https://people.skolelinux.org/pere/blog/Debian_APT_upgrade_without_enough_free_space_on_the_disk___.html
</link>
3009 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Debian_APT_upgrade_without_enough_free_space_on_the_disk___.html
</guid>
3010 <pubDate>Sun,
8 Jul
2018 12:
10:
00 +
0200</pubDate>
3011 <description><p
>Quite regularly, I let my Debian Sid/Unstable chroot stay untouch
3012 for a while, and when I need to update it there is not enough free
3013 space on the disk for apt to do a normal
'apt upgrade
'. I normally
3014 would resolve the issue by doing
'apt install
&lt;somepackages
&gt;
' to
3015 upgrade only some of the packages in one batch, until the amount of
3016 packages to download fall below the amount of free space available.
3017 Today, I had about
500 packages to upgrade, and after a while I got
3018 tired of trying to install chunks of packages manually. I concluded
3019 that I did not have the spare hours required to complete the task, and
3020 decided to see if I could automate it. I came up with this small
3021 script which I call
'apt-in-chunks
':
</p
>
3023 <p
><blockquote
><pre
>
3026 # Upgrade packages when the disk is too full to upgrade every
3027 # upgradable package in one lump. Fetching packages to upgrade using
3028 # apt, and then installing using dpkg, to avoid changing the package
3029 # flag for manual/automatic.
3034 if [
"$
1" ]; then
3035 grep -v
"$
1"
3041 for p in $(apt list --upgradable | ignore
"$@
" |cut -d/ -f1 | grep -v
'^Listing...
'); do
3042 echo
"Upgrading $p
"
3044 apt install --download-only -y $p
3045 for f in /var/cache/apt/archives/*.deb; do
3046 if [ -e
"$f
" ]; then
3047 dpkg -i /var/cache/apt/archives/*.deb
3052 </pre
></blockquote
></p
>
3054 <p
>The script will extract the list of packages to upgrade, try to
3055 download the packages needed to upgrade one package, install the
3056 downloaded packages using dpkg. The idea is to upgrade packages
3057 without changing the APT mark for the package (ie the one recording of
3058 the package was manually requested or pulled in as a dependency). To
3059 use it, simply run it as root from the command line. If it fail, try
3060 'apt install -f
' to clean up the mess and run the script again. This
3061 might happen if the new packages conflict with one of the old
3062 packages. dpkg is unable to remove, while apt can do this.
</p
>
3064 <p
>It take one option, a package to ignore in the list of packages to
3065 upgrade. The option to ignore a package is there to be able to skip
3066 the packages that are simply too large to unpack. Today this was
3067 'ghc
', but I have run into other large packages causing similar
3068 problems earlier (like TeX).
</p
>
3070 <p
>Update
2018-
07-
08: Thanks to Paul Wise, I am aware of two
3071 alternative ways to handle this. The
"unattended-upgrades
3072 --minimal-upgrade-steps
" option will try to calculate upgrade sets for
3073 each package to upgrade, and then upgrade them in order, smallest set
3074 first. It might be a better option than my above mentioned script.
3075 Also,
"aptutude upgrade
" can upgrade single packages, thus avoiding
3076 the need for using
"dpkg -i
" in the script above.
</p
>
3078 <p
>As usual, if you use Bitcoin and want to show your support of my
3079 activities, please send Bitcoin donations to my address
3080 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
3085 <title>Version
3.1 of Cura, the
3D print slicer, is now in Debian
</title>
3086 <link>https://people.skolelinux.org/pere/blog/Version_3_1_of_Cura__the_3D_print_slicer__is_now_in_Debian.html
</link>
3087 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Version_3_1_of_Cura__the_3D_print_slicer__is_now_in_Debian.html
</guid>
3088 <pubDate>Tue,
13 Feb
2018 06:
20:
00 +
0100</pubDate>
3089 <description><p
>A new version of the
3090 <a href=
"https://tracker.debian.org/pkg/cura
">3D printer slicer
3091 software Cura
</a
>, version
3.1.0, is now available in Debian Testing
3092 (aka Buster) and Debian Unstable (aka Sid). I hope you find it
3093 useful. It was uploaded the last few days, and the last update will
3094 enter testing tomorrow. See the
3095 <a href=
"https://ultimaker.com/en/products/cura-software/release-notes
">release
3096 notes
</a
> for the list of bug fixes and new features. Version
3.2
3097 was announced
6 days ago. We will try to get it into Debian as
3100 <p
>More information related to
3D printing is available on the
3101 <a href=
"https://wiki.debian.org/
3DPrinting
">3D printing
</a
> and
3102 <a href=
"https://wiki.debian.org/
3D-printer
">3D printer
</a
> wiki pages
3103 in Debian.
</p
>
3105 <p
>As usual, if you use Bitcoin and want to show your support of my
3106 activities, please send Bitcoin donations to my address
3107 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
3112 <title>Cura, the nice
3D print slicer, is now in Debian Unstable
</title>
3113 <link>https://people.skolelinux.org/pere/blog/Cura__the_nice_3D_print_slicer__is_now_in_Debian_Unstable.html
</link>
3114 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Cura__the_nice_3D_print_slicer__is_now_in_Debian_Unstable.html
</guid>
3115 <pubDate>Sun,
17 Dec
2017 07:
00:
00 +
0100</pubDate>
3116 <description><p
>After several months of working and waiting, I am happy to report
3117 that the nice and user friendly
3D printer slicer software Cura just
3118 entered Debian Unstable. It consist of five packages,
3119 <a href=
"https://tracker.debian.org/pkg/cura
">cura
</a
>,
3120 <a href=
"https://tracker.debian.org/pkg/cura-engine
">cura-engine
</a
>,
3121 <a href=
"https://tracker.debian.org/pkg/libarcus
">libarcus
</a
>,
3122 <a href=
"https://tracker.debian.org/pkg/fdm-materials
">fdm-materials
</a
>,
3123 <a href=
"https://tracker.debian.org/pkg/libsavitar
">libsavitar
</a
> and
3124 <a href=
"https://tracker.debian.org/pkg/uranium
">uranium
</a
>. The last
3125 two, uranium and cura, entered Unstable yesterday. This should make
3126 it easier for Debian users to print on at least the Ultimaker class of
3127 3D printers. My nearest
3D printer is an Ultimaker
2+, so it will
3128 make life easier for at least me. :)
</p
>
3130 <p
>The work to make this happen was done by Gregor Riepl, and I was
3131 happy to assist him in sponsoring the packages. With the introduction
3132 of Cura, Debian is up to three
3D printer slicers at your service,
3133 Cura, Slic3r and Slic3r Prusa. If you own or have access to a
3D
3134 printer, give it a go. :)
</p
>
3136 <p
>The
3D printer software is maintained by the
3D printer Debian
3137 team, flocking together on the
3138 <a href=
"http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/
3dprinter-general
">3dprinter-general
</a
>
3139 mailing list and the
3140 <a href=
"irc://irc.debian.org/#debian-
3dprinting
">#debian-
3dprinting
</a
>
3141 IRC channel.
</p
>
3143 <p
>The next step for Cura in Debian is to update the cura package to
3144 version
3.0.3 and then update the entire set of packages to version
3145 3.1.0 which showed up the last few days.
</p
>
3150 <title>Generating
3D prints in Debian using Cura and Slic3r(-prusa)
</title>
3151 <link>https://people.skolelinux.org/pere/blog/Generating_3D_prints_in_Debian_using_Cura_and_Slic3r__prusa_.html
</link>
3152 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Generating_3D_prints_in_Debian_using_Cura_and_Slic3r__prusa_.html
</guid>
3153 <pubDate>Mon,
9 Oct
2017 10:
50:
00 +
0200</pubDate>
3154 <description><p
>At my nearby maker space,
3155 <a href=
"http://sonen.ifi.uio.no/
">Sonen
</a
>, I heard the story that it
3156 was easier to generate gcode files for theyr
3D printers (Ultimake
2+)
3157 on Windows and MacOS X than Linux, because the software involved had
3158 to be manually compiled and set up on Linux while premade packages
3159 worked out of the box on Windows and MacOS X. I found this annoying,
3160 as the software involved,
3161 <a href=
"https://github.com/Ultimaker/Cura
">Cura
</a
>, is free software
3162 and should be trivial to get up and running on Linux if someone took
3163 the time to package it for the relevant distributions. I even found
3164 <a href=
"https://bugs.debian.org/
706656">a request for adding into
3165 Debian
</a
> from
2013, which had seem some activity over the years but
3166 never resulted in the software showing up in Debian. So a few days
3167 ago I offered my help to try to improve the situation.
</p
>
3169 <p
>Now I am very happy to see that all the packages required by a
3170 working Cura in Debian are uploaded into Debian and waiting in the NEW
3171 queue for the ftpmasters to have a look. You can track the progress
3173 <a href=
"https://qa.debian.org/developer.php?email=
3dprinter-general%
40lists.alioth.debian.org
">the
3174 status page for the
3D printer team
</a
>.
</p
>
3176 <p
>The uploaded packages are a bit behind upstream, and was uploaded
3177 now to get slots in
<a href=
"https://ftp-master.debian.org/new.html
">the NEW
3178 queue
</a
> while we work up updating the packages to the latest
3179 upstream version.
</p
>
3181 <p
>On a related note, two competitors for Cura, which I found harder
3182 to use and was unable to configure correctly for Ultimaker
2+ in the
3183 short time I spent on it, are already in Debian. If you are looking
3184 for
3D printer
"slicers
" and want something already available in
3186 <a href=
"https://tracker.debian.org/pkg/slic3r
">slic3r
</a
> and
3187 <a href=
"https://tracker.debian.org/pkg/slic3r-prusa
">slic3r-prusa
</a
>.
3188 The latter is a fork of the former.
</p
>
3190 <p
>As usual, if you use Bitcoin and want to show your support of my
3191 activities, please send Bitcoin donations to my address
3192 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
3197 <title>Visualizing GSM radio chatter using gr-gsm and Hopglass
</title>
3198 <link>https://people.skolelinux.org/pere/blog/Visualizing_GSM_radio_chatter_using_gr_gsm_and_Hopglass.html
</link>
3199 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Visualizing_GSM_radio_chatter_using_gr_gsm_and_Hopglass.html
</guid>
3200 <pubDate>Fri,
29 Sep
2017 10:
30:
00 +
0200</pubDate>
3201 <description><p
>Every mobile phone announce its existence over radio to the nearby
3202 mobile cell towers. And this radio chatter is available for anyone
3203 with a radio receiver capable of receiving them. Details about the
3204 mobile phones with very good accuracy is of course collected by the
3205 phone companies, but this is not the topic of this blog post. The
3206 mobile phone radio chatter make it possible to figure out when a cell
3207 phone is nearby, as it include the SIM card ID (IMSI). By paying
3208 attention over time, one can see when a phone arrive and when it leave
3209 an area. I believe it would be nice to make this information more
3210 available to the general public, to make more people aware of how
3211 their phones are announcing their whereabouts to anyone that care to
3214 <p
>I am very happy to report that we managed to get something
3215 visualizing this information up and running for
3216 <a href=
"http://norwaymakers.org/osf17
">Oslo Skaperfestival
2017</a
>
3217 (Oslo Makers Festival) taking place today and tomorrow at Deichmanske
3218 library. The solution is based on the
3219 <a href=
"https://people.skolelinux.org/pere/blog/Easier_recipe_to_observe_the_cell_phones_around_you.html
">simple
3220 recipe for listening to GSM chatter
</a
> I posted a few days ago, and
3221 will show up at the stand of
<a href=
"http://sonen.ifi.uio.no/
">Åpen
3222 Sone from the Computer Science department of the University of
3223 Oslo
</a
>. The presentation will show the nearby mobile phones (aka
3224 IMSIs) as dots in a web browser graph, with lines to the dot
3225 representing mobile base station it is talking to. It was working in
3226 the lab yesterday, and was moved into place this morning.
</p
>
3228 <p
>We set up a fairly powerful desktop machine using Debian
3229 Buster/Testing with several (five, I believe) RTL2838 DVB-T receivers
3230 connected and visualize the visible cell phone towers using an
3231 <a href=
"https://github.com/marlow925/hopglass
">English version of
3232 Hopglass
</a
>. A fairly powerfull machine is needed as the
3233 grgsm_livemon_headless processes from
3234 <a href=
"https://tracker.debian.org/pkg/gr-gsm
">gr-gsm
</a
> converting
3235 the radio signal to data packages is quite CPU intensive.
</p
>
3237 <p
>The frequencies to listen to, are identified using a slightly
3238 patched scan-and-livemon (to set the --args values for each receiver),
3239 and the Hopglass data is generated using the
3240 <a href=
"https://github.com/petterreinholdtsen/IMSI-catcher/tree/meshviewer-output
">patches
3241 in my meshviewer-output branch
</a
>. For some reason we could not get
3242 more than four SDRs working. There is also a geographical map trying
3243 to show the location of the base stations, but I believe their
3244 coordinates are hardcoded to some random location in Germany, I
3245 believe. The code should be replaced with code to look up location in
3246 a text file, a sqlite database or one of the online databases
3248 <a href=
"https://github.com/Oros42/IMSI-catcher/issues/
14">the github
3249 issue for the topic
</a
>.
3251 <p
>If this sound interesting, visit the stand at the festival!
</p
>
3256 <title>Easier recipe to observe the cell phones around you
</title>
3257 <link>https://people.skolelinux.org/pere/blog/Easier_recipe_to_observe_the_cell_phones_around_you.html
</link>
3258 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Easier_recipe_to_observe_the_cell_phones_around_you.html
</guid>
3259 <pubDate>Sun,
24 Sep
2017 08:
30:
00 +
0200</pubDate>
3260 <description><p
>A little more than a month ago I wrote
3261 <a href=
"https://people.skolelinux.org/pere/blog/Simpler_recipe_on_how_to_make_a_simple__7_IMSI_Catcher_using_Debian.html
">how
3262 to observe the SIM card ID (aka IMSI number) of mobile phones talking
3263 to nearby mobile phone base stations using Debian GNU/Linux and a
3264 cheap USB software defined radio
</a
>, and thus being able to pinpoint
3265 the location of people and equipment (like cars and trains) with an
3266 accuracy of a few kilometer. Since then we have worked to make the
3267 procedure even simpler, and it is now possible to do this without any
3268 manual frequency tuning and without building your own packages.
</p
>
3270 <p
>The
<a href=
"https://tracker.debian.org/pkg/gr-gsm
">gr-gsm
</a
>
3271 package is now included in Debian testing and unstable, and the
3272 IMSI-catcher code no longer require root access to fetch and decode
3273 the GSM data collected using gr-gsm.
</p
>
3275 <p
>Here is an updated recipe, using packages built by Debian and a git
3276 clone of two python scripts:
</p
>
3280 <li
>Start with a Debian machine running the Buster version (aka
3281 testing).
</li
>
3283 <li
>Run
'<tt
>apt install gr-gsm python-numpy python-scipy
3284 python-scapy
</tt
>' as root to install required packages.
</li
>
3286 <li
>Fetch the code decoding GSM packages using
'<tt
>git clone
3287 github.com/Oros42/IMSI-catcher.git
</tt
>'.
</li
>
3289 <li
>Insert USB software defined radio supported by GNU Radio.
</li
>
3291 <li
>Enter the IMSI-catcher directory and run
'<tt
>python
3292 scan-and-livemon
</tt
>' to locate the frequency of nearby base
3293 stations and start listening for GSM packages on one of them.
</li
>
3295 <li
>Enter the IMSI-catcher directory and run
'<tt
>python
3296 simple_IMSI-catcher.py
</tt
>' to display the collected information.
</li
>
3300 <p
>Note, due to a bug somewhere the scan-and-livemon program (actually
3301 <a href=
"https://github.com/ptrkrysik/gr-gsm/issues/
336">its underlying
3302 program grgsm_scanner
</a
>) do not work with the HackRF radio. It does
3303 work with RTL
8232 and other similar USB radio receivers you can get
3305 (
<a href=
"https://www.ebay.com/sch/items/?_nkw=rtl+
2832">for example
3306 from ebay
</a
>), so for now the solution is to scan using the RTL radio
3307 and only use HackRF for fetching GSM data.
</p
>
3309 <p
>As far as I can tell, a cell phone only show up on one of the
3310 frequencies at the time, so if you are going to track and count every
3311 cell phone around you, you need to listen to all the frequencies used.
3312 To listen to several frequencies, use the --numrecv argument to
3313 scan-and-livemon to use several receivers. Further, I am not sure if
3314 phones using
3G or
4G will show as talking GSM to base stations, so
3315 this approach might not see all phones around you. I typically see
3316 0-
400 IMSI numbers an hour when looking around where I live.
</p
>
3318 <p
>I
've tried to run the scanner on a
3319 <a href=
"https://wiki.debian.org/RaspberryPi
">Raspberry Pi
2 and
3
3320 running Debian Buster
</a
>, but the grgsm_livemon_headless process seem
3321 to be too CPU intensive to keep up. When GNU Radio print
'O
' to
3322 stdout, I am told there it is caused by a buffer overflow between the
3323 radio and GNU Radio, caused by the program being unable to read the
3324 GSM data fast enough. If you see a stream of
'O
's from the terminal
3325 where you started scan-and-livemon, you need a give the process more
3326 CPU power. Perhaps someone are able to optimize the code to a point
3327 where it become possible to set up RPi3 based GSM sniffers? I tried
3328 using Raspbian instead of Debian, but there seem to be something wrong
3329 with GNU Radio on raspbian, causing glibc to abort().
</p
>
3334 <title>Simpler recipe on how to make a simple $
7 IMSI Catcher using Debian
</title>
3335 <link>https://people.skolelinux.org/pere/blog/Simpler_recipe_on_how_to_make_a_simple__7_IMSI_Catcher_using_Debian.html
</link>
3336 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Simpler_recipe_on_how_to_make_a_simple__7_IMSI_Catcher_using_Debian.html
</guid>
3337 <pubDate>Wed,
9 Aug
2017 23:
59:
00 +
0200</pubDate>
3338 <description><p
>On friday, I came across an interesting article in the Norwegian
3339 web based ICT news magazine digi.no on
3340 <a href=
"https://www.digi.no/artikler/sikkerhetsforsker-lagde-enkel-imsi-catcher-for-
60-kroner-na-kan-mobiler-kartlegges-av-alle/
398588">how
3341 to collect the IMSI numbers of nearby cell phones
</a
> using the cheap
3342 DVB-T software defined radios. The article refered to instructions
3343 and
<a href=
"https://www.youtube.com/watch?v=UjwgNd_as30
">a recipe by
3344 Keld Norman on Youtube on how to make a simple $
7 IMSI Catcher
</a
>, and I decided to test them out.
</p
>
3346 <p
>The instructions said to use Ubuntu, install pip using apt (to
3347 bypass apt), use pip to install pybombs (to bypass both apt and pip),
3348 and the ask pybombs to fetch and build everything you need from
3349 scratch. I wanted to see if I could do the same on the most recent
3350 Debian packages, but this did not work because pybombs tried to build
3351 stuff that no longer build with the most recent openssl library or
3352 some other version skew problem. While trying to get this recipe
3353 working, I learned that the apt-
>pip-
>pybombs route was a long detour,
3354 and the only piece of software dependency missing in Debian was the
3355 gr-gsm package. I also found out that the lead upstream developer of
3356 gr-gsm (the name stand for GNU Radio GSM) project already had a set of
3357 Debian packages provided in an Ubuntu PPA repository. All I needed to
3358 do was to dget the Debian source package and built it.
</p
>
3360 <p
>The IMSI collector is a python script listening for packages on the
3361 loopback network device and printing to the terminal some specific GSM
3362 packages with IMSI numbers in them. The code is fairly short and easy
3363 to understand. The reason this work is because gr-gsm include a tool
3364 to read GSM data from a software defined radio like a DVB-T USB stick
3365 and other software defined radios, decode them and inject them into a
3366 network device on your Linux machine (using the loopback device by
3367 default). This proved to work just fine, and I
've been testing the
3368 collector for a few days now.
</p
>
3370 <p
>The updated and simpler recipe is thus to
</p
>
3374 <li
>start with a Debian machine running Stretch or newer,
</li
>
3376 <li
>build and install the gr-gsm package available from
3377 <a href=
"http://ppa.launchpad.net/ptrkrysik/gr-gsm/ubuntu/pool/main/g/gr-gsm/
">http://ppa.launchpad.net/ptrkrysik/gr-gsm/ubuntu/pool/main/g/gr-gsm/
</a
>,
</li
>
3379 <li
>clone the git repostory from
<a href=
"https://github.com/Oros42/IMSI-catcher
">https://github.com/Oros42/IMSI-catcher
</a
>,
</li
>
3381 <li
>run grgsm_livemon and adjust the frequency until the terminal
3382 where it was started is filled with a stream of text (meaning you
3383 found a GSM station).
</li
>
3385 <li
>go into the IMSI-catcher directory and run
'sudo python simple_IMSI-catcher.py
' to extract the IMSI numbers.
</li
>
3389 <p
>To make it even easier in the future to get this sniffer up and
3390 running, I decided to package
3391 <a href=
"https://github.com/ptrkrysik/gr-gsm/
">the gr-gsm project
</a
>
3392 for Debian (
<a href=
"https://bugs.debian.org/
871055">WNPP
3393 #
871055</a
>), and the package was uploaded into the NEW queue today.
3394 Luckily the gnuradio maintainer has promised to help me, as I do not
3395 know much about gnuradio stuff yet.
</p
>
3397 <p
>I doubt this
"IMSI cacher
" is anywhere near as powerfull as
3398 commercial tools like
3399 <a href=
"https://www.thespyphone.com/portable-imsi-imei-catcher/
">The
3400 Spy Phone Portable IMSI / IMEI Catcher
</a
> or the
3401 <a href=
"https://en.wikipedia.org/wiki/Stingray_phone_tracker
">Harris
3402 Stingray
</a
>, but I hope the existance of cheap alternatives can make
3403 more people realise how their whereabouts when carrying a cell phone
3404 is easily tracked. Seeing the data flow on the screen, realizing that
3405 I live close to a police station and knowing that the police is also
3406 wearing cell phones, I wonder how hard it would be for criminals to
3407 track the position of the police officers to discover when there are
3408 police near by, or for foreign military forces to track the location
3409 of the Norwegian military forces, or for anyone to track the location
3410 of government officials...
</p
>
3412 <p
>It is worth noting that the data reported by the IMSI-catcher
3413 script mentioned above is only a fraction of the data broadcasted on
3414 the GSM network. It will only collect one frequency at the time,
3415 while a typical phone will be using several frequencies, and not all
3416 phones will be using the frequencies tracked by the grgsm_livemod
3417 program. Also, there is a lot of radio chatter being ignored by the
3418 simple_IMSI-catcher script, which would be collected by extending the
3419 parser code. I wonder if gr-gsm can be set up to listen to more than
3420 one frequency?
</p
>
3425 <title>Norwegian Bokmål edition of Debian Administrator
's Handbook is now available
</title>
3426 <link>https://people.skolelinux.org/pere/blog/Norwegian_Bokm_l_edition_of_Debian_Administrator_s_Handbook_is_now_available.html
</link>
3427 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Norwegian_Bokm_l_edition_of_Debian_Administrator_s_Handbook_is_now_available.html
</guid>
3428 <pubDate>Tue,
25 Jul
2017 21:
10:
00 +
0200</pubDate>
3429 <description><p align=
"center
"><img align=
"center
" src=
"https://people.skolelinux.org/pere/blog/images/
2017-
07-
25-debian-handbook-nb-testprint.png
"/
></p
>
3431 <p
>I finally received a copy of the Norwegian Bokmål edition of
3432 "<a href=
"https://debian-handbook.info/
">The Debian Administrator
's
3433 Handbook
</a
>". This test copy arrived in the mail a few days ago, and
3434 I am very happy to hold the result in my hand. We spent around one and a half year translating it. This paperbook edition
3435 <a href=
"https://debian-handbook.info/get/#norwegian
">is available
3436 from lulu.com
</a
>. If you buy it quickly, you save
25% on the list
3437 price. The book is also available for download in electronic form as
3438 PDF, EPUB and Mobipocket, as can be
3439 <a href=
"https://debian-handbook.info/browse/nb-NO/stable/
">read online
3440 as a web page
</a
>.
</p
>
3442 <p
>This is the second book I publish (the first was the book
3443 "<a href=
"http://free-culture.cc/
">Free Culture
</a
>" by Lawrence Lessig
3445 <a href=
"http://www.lulu.com/shop/lawrence-lessig/free-culture/paperback/product-
22440520.html
">English
</a
>,
3446 <a href=
"http://www.lulu.com/shop/lawrence-lessig/culture-libre/paperback/product-
22645082.html
">French
</a
>
3448 <a href=
"http://www.lulu.com/shop/lawrence-lessig/fri-kultur/paperback/product-
22441576.html
">Norwegian
3449 Bokmål
</a
>), and I am very excited to finally wrap up this
3451 "<a href=
"http://www.lulu.com/shop/rapha%C3%ABl-hertzog-and-roland-mas/h%C3%A5ndbok-for-debian-administratoren/paperback/product-
23262290.html
">Håndbok
3452 for Debian-administratoren
</a
>" will be well received.
</p
>
3457 <title>Når nynorskoversettelsen svikter til eksamen...
</title>
3458 <link>https://people.skolelinux.org/pere/blog/N_r_nynorskoversettelsen_svikter_til_eksamen___.html
</link>
3459 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/N_r_nynorskoversettelsen_svikter_til_eksamen___.html
</guid>
3460 <pubDate>Sat,
3 Jun
2017 08:
20:
00 +
0200</pubDate>
3461 <description><p
><a href=
"http://www.aftenposten.no/norge/Krever-at-elever-ma-fa-annullert-eksamen-etter-rot-med-oppgavetekster-
622459b.html
">Aftenposten
3462 melder i dag
</a
> om feil i eksamensoppgavene for eksamen i politikk og
3463 menneskerettigheter, der teksten i bokmåls og nynorskutgaven ikke var
3464 like. Oppgaveteksten er gjengitt i artikkelen, og jeg ble nysgjerring
3465 på om den fri oversetterløsningen
3466 <a href=
"https://www.apertium.org/
">Apertium
</a
> ville gjort en bedre
3467 jobb enn Utdanningsdirektoratet. Det kan se slik ut.
</p
>
3469 <p
>Her er bokmålsoppgaven fra eksamenen:
</p
>
3472 <p
>Drøft utfordringene knyttet til nasjonalstatenes og andre aktørers
3473 rolle og muligheter til å håndtere internasjonale utfordringer, som
3474 for eksempel flykningekrisen.
</p
>
3476 <p
>Vedlegge er eksempler på tekster som kan gi relevante perspektiver
3477 på temaet:
</p
>
3479 <li
>Flykningeregnskapet
2016, UNHCR og IDMC
3480 <li
>«Grenseløst Europa for fall» A-Magasinet,
26. november
2015
3485 <p
>Dette oversetter Apertium slik:
</p
>
3488 <p
>Drøft utfordringane knytte til nasjonalstatane sine og rolla til
3489 andre aktørar og høve til å handtera internasjonale utfordringar, som
3490 til dømes *flykningekrisen.
</p
>
3492 <p
>Vedleggja er døme på tekster som kan gje relevante perspektiv på
3496 <li
>*Flykningeregnskapet
2016, *UNHCR og *IDMC
</li
>
3497 <li
>«*Grenseløst Europa for fall» A-Magasinet,
26. november
2015</li
>
3502 <p
>Ord som ikke ble forstått er markert med stjerne (*), og trenger
3503 ekstra språksjekk. Men ingen ord er forsvunnet, slik det var i
3504 oppgaven elevene fikk presentert på eksamen. Jeg mistenker dog at
3505 "andre aktørers rolle og muligheter til ...
" burde vært oversatt til
3506 "rolla til andre aktørar og deira høve til ...
" eller noe slikt, men
3507 det er kanskje flisespikking. Det understreker vel bare at det alltid
3508 trengs korrekturlesning etter automatisk oversettelse.
</p
>
3513 <title>Detecting NFS hangs on Linux without hanging yourself...
</title>
3514 <link>https://people.skolelinux.org/pere/blog/Detecting_NFS_hangs_on_Linux_without_hanging_yourself___.html
</link>
3515 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Detecting_NFS_hangs_on_Linux_without_hanging_yourself___.html
</guid>
3516 <pubDate>Thu,
9 Mar
2017 15:
20:
00 +
0100</pubDate>
3517 <description><p
>Over the years, administrating thousand of NFS mounting linux
3518 computers at the time, I often needed a way to detect if the machine
3519 was experiencing NFS hang. If you try to use
<tt
>df
</tt
> or look at a
3520 file or directory affected by the hang, the process (and possibly the
3521 shell) will hang too. So you want to be able to detect this without
3522 risking the detection process getting stuck too. It has not been
3523 obvious how to do this. When the hang has lasted a while, it is
3524 possible to find messages like these in dmesg:
</p
>
3526 <p
><blockquote
>
3527 nfs: server nfsserver not responding, still trying
3528 <br
>nfs: server nfsserver OK
3529 </blockquote
></p
>
3531 <p
>It is hard to know if the hang is still going on, and it is hard to
3532 be sure looking in dmesg is going to work. If there are lots of other
3533 messages in dmesg the lines might have rotated out of site before they
3534 are noticed.
</p
>
3536 <p
>While reading through the nfs client implementation in linux kernel
3537 code, I came across some statistics that seem to give a way to detect
3538 it. The om_timeouts sunrpc value in the kernel will increase every
3539 time the above log entry is inserted into dmesg. And after digging a
3540 bit further, I discovered that this value show up in
3541 /proc/self/mountstats on Linux.
</p
>
3543 <p
>The mountstats content seem to be shared between files using the
3544 same file system context, so it is enough to check one of the
3545 mountstats files to get the state of the mount point for the machine.
3546 I assume this will not show lazy umounted NFS points, nor NFS mount
3547 points in a different process context (ie with a different filesystem
3548 view), but that does not worry me.
</p
>
3550 <p
>The content for a NFS mount point look similar to this:
</p
>
3552 <p
><blockquote
><pre
>
3554 device /dev/mapper/Debian-var mounted on /var with fstype ext3
3555 device nfsserver:/mnt/nfsserver/home0 mounted on /mnt/nfsserver/home0 with fstype nfs statvers=
1.1
3556 opts: rw,vers=
3,rsize=
65536,wsize=
65536,namlen=
255,acregmin=
3,acregmax=
60,acdirmin=
30,acdirmax=
60,soft,nolock,proto=tcp,timeo=
600,retrans=
2,sec=sys,mountaddr=
129.240.3.145,mountvers=
3,mountport=
4048,mountproto=udp,local_lock=all
3558 caps: caps=
0x3fe7,wtmult=
4096,dtsize=
8192,bsize=
0,namlen=
255
3559 sec: flavor=
1,pseudoflavor=
1
3560 events:
61063112 732346265 1028140 35486205 16220064 8162542 761447191 71714012 37189 3891185 45561809 110486139 4850138 420353 15449177 296502 52736725 13523379 0 52182 9016896 1231 0 0 0 0 0
3561 bytes:
166253035039 219519120027 0 0 40783504807 185466229638 11677877 45561809
3562 RPC iostats version:
1.0 p/v:
100003/
3 (nfs)
3563 xprt: tcp
925 1 6810 0 0 111505412 111480497 109 2672418560317 0 248 53869103 22481820
3565 NULL:
0 0 0 0 0 0 0 0
3566 GETATTR:
61063106 61063108 0 9621383060 6839064400 453650 77291321 78926132
3567 SETATTR:
463469 463470 0 92005440 66739536 63787 603235 687943
3568 LOOKUP:
17021657 17021657 0 3354097764 4013442928 57216 35125459 35566511
3569 ACCESS:
14281703 14290009 5 2318400592 1713803640 1709282 4865144 7130140
3570 READLINK:
125 125 0 20472 18620 0 1112 1118
3571 READ:
4214236 4214237 0 715608524 41328653212 89884 22622768 22806693
3572 WRITE:
8479010 8494376 22 187695798568 1356087148 178264904 51506907 231671771
3573 CREATE:
171708 171708 0 38084748 46702272 873 1041833 1050398
3574 MKDIR:
3680 3680 0 773980 993920 26 23990 24245
3575 SYMLINK:
903 903 0 233428 245488 6 5865 5917
3576 MKNOD:
80 80 0 20148 21760 0 299 304
3577 REMOVE:
429921 429921 0 79796004 61908192 3313 2710416 2741636
3578 RMDIR:
3367 3367 0 645112 484848 22 5782 6002
3579 RENAME:
466201 466201 0 130026184 121212260 7075 5935207 5961288
3580 LINK:
289155 289155 0 72775556 67083960 2199 2565060 2585579
3581 READDIR:
2933237 2933237 0 516506204 13973833412 10385 3190199 3297917
3582 READDIRPLUS:
1652839 1652839 0 298640972 6895997744 84735 14307895 14448937
3583 FSSTAT:
6144 6144 0 1010516 1032192 51 9654 10022
3584 FSINFO:
2 2 0 232 328 0 1 1
3585 PATHCONF:
1 1 0 116 140 0 0 0
3586 COMMIT:
0 0 0 0 0 0 0 0
3588 device binfmt_misc mounted on /proc/sys/fs/binfmt_misc with fstype binfmt_misc
3590 </pre
></blockquote
></p
>
3592 <p
>The key number to look at is the third number in the per-op list.
3593 It is the number of NFS timeouts experiences per file system
3594 operation. Here
22 write timeouts and
5 access timeouts. If these
3595 numbers are increasing, I believe the machine is experiencing NFS
3596 hang. Unfortunately the timeout value do not start to increase right
3597 away. The NFS operations need to time out first, and this can take a
3598 while. The exact timeout value depend on the setup. For example the
3599 defaults for TCP and UDP mount points are quite different, and the
3600 timeout value is affected by the soft, hard, timeo and retrans NFS
3601 mount options.
</p
>
3603 <p
>The only way I have been able to get working on Debian and RedHat
3604 Enterprise Linux for getting the timeout count is to peek in /proc/.
3606 <ahref=
"http://docs.oracle.com/cd/E19253-
01/
816-
4555/netmonitor-
12/index.html
">Solaris
3607 10 System Administration Guide: Network Services
</a
>, the
'nfsstat -c
'
3608 command can be used to get these timeout values. But this do not work
3609 on Linux, as far as I can tell. I
3610 <ahref=
"http://bugs.debian.org/
857043">asked Debian about this
</a
>,
3611 but have not seen any replies yet.
</p
>
3613 <p
>Is there a better way to figure out if a Linux NFS client is
3614 experiencing NFS hangs? Is there a way to detect which processes are
3615 affected? Is there a way to get the NFS mount going quickly once the
3616 network problem causing the NFS hang has been cleared? I would very
3617 much welcome some clues, as we regularly run into NFS hangs.
</p
>
3622 <title>Norwegian Bokmål translation of The Debian Administrator
's Handbook complete, proofreading in progress
</title>
3623 <link>https://people.skolelinux.org/pere/blog/Norwegian_Bokm_l_translation_of_The_Debian_Administrator_s_Handbook_complete__proofreading_in_progress.html
</link>
3624 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Norwegian_Bokm_l_translation_of_The_Debian_Administrator_s_Handbook_complete__proofreading_in_progress.html
</guid>
3625 <pubDate>Fri,
3 Mar
2017 14:
50:
00 +
0100</pubDate>
3626 <description><p
>For almost a year now, we have been working on making a Norwegian
3627 Bokmål edition of
<a href=
"https://debian-handbook.info/
">The Debian
3628 Administrator
's Handbook
</a
>. Now, thanks to the tireless effort of
3629 Ole-Erik, Ingrid and Andreas, the initial translation is complete, and
3630 we are working on the proof reading to ensure consistent language and
3631 use of correct computer science terms. The plan is to make the book
3632 available on paper, as well as in electronic form. For that to
3633 happen, the proof reading must be completed and all the figures need
3634 to be translated. If you want to help out, get in touch.
</p
>
3636 <p
><a href=
"https://people.skolelinux.org/pere/debian-handbook/debian-handbook-nb-NO.pdf
">A
3638 fresh PDF edition
</a
> in A4 format (the final book will have smaller
3639 pages) of the book created every morning is available for
3640 proofreading. If you find any errors, please
3641 <a href=
"https://hosted.weblate.org/projects/debian-handbook/
">visit
3642 Weblate and correct the error
</a
>. The
3643 <a href=
"http://l.github.io/debian-handbook/stat/nb-NO/index.html
">state
3644 of the translation including figures
</a
> is a useful source for those
3645 provide Norwegian bokmål screen shots and figures.
</p
>
3650 <title>Unlimited randomness with the ChaosKey?
</title>
3651 <link>https://people.skolelinux.org/pere/blog/Unlimited_randomness_with_the_ChaosKey_.html
</link>
3652 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Unlimited_randomness_with_the_ChaosKey_.html
</guid>
3653 <pubDate>Wed,
1 Mar
2017 20:
50:
00 +
0100</pubDate>
3654 <description><p
>A few days ago I ordered a small batch of
3655 <a href=
"http://altusmetrum.org/ChaosKey/
">the ChaosKey
</a
>, a small
3656 USB dongle for generating entropy created by Bdale Garbee and Keith
3657 Packard. Yesterday it arrived, and I am very happy to report that it
3658 work great! According to its designers, to get it to work out of the
3659 box, you need the Linux kernel version
4.1 or later. I tested on a
3660 Debian Stretch machine (kernel version
4.9), and there it worked just
3661 fine, increasing the available entropy very quickly. I wrote a small
3662 test oneliner to test. It first print the current entropy level,
3663 drain /dev/random, and then print the entropy level for five seconds.
3664 Here is the situation without the ChaosKey inserted:
</p
>
3666 <blockquote
><pre
>
3667 % cat /proc/sys/kernel/random/entropy_avail; \
3668 dd bs=
1M if=/dev/random of=/dev/null count=
1; \
3669 for n in $(seq
1 5); do \
3670 cat /proc/sys/kernel/random/entropy_avail; \
3676 28 byte kopiert,
0,
000264565 s,
106 kB/s
3683 </pre
></blockquote
>
3685 <p
>The entropy level increases by
3-
4 every second. In such case any
3686 application requiring random bits (like a HTTPS enabled web server)
3687 will halt and wait for more entrpy. And here is the situation with
3688 the ChaosKey inserted:
</p
>
3690 <blockquote
><pre
>
3691 % cat /proc/sys/kernel/random/entropy_avail; \
3692 dd bs=
1M if=/dev/random of=/dev/null count=
1; \
3693 for n in $(seq
1 5); do \
3694 cat /proc/sys/kernel/random/entropy_avail; \
3700 104 byte kopiert,
0,
000487647 s,
213 kB/s
3707 </pre
></blockquote
>
3709 <p
>Quite the difference. :) I bought a few more than I need, in case
3710 someone want to buy one here in Norway. :)
</p
>
3712 <p
>Update: The dongle was presented at Debconf last year. You might
3713 find
<a href=
"https://debconf16.debconf.org/talks/
94/
">the talk
3714 recording illuminating
</a
>. It explains exactly what the source of
3715 randomness is, if you are unable to spot it from the schema drawing
3716 available from the ChaosKey web site linked at the start of this blog
3722 <title>Where did that package go?
&mdash; geolocated IP traceroute
</title>
3723 <link>https://people.skolelinux.org/pere/blog/Where_did_that_package_go___mdash__geolocated_IP_traceroute.html
</link>
3724 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Where_did_that_package_go___mdash__geolocated_IP_traceroute.html
</guid>
3725 <pubDate>Mon,
9 Jan
2017 12:
20:
00 +
0100</pubDate>
3726 <description><p
>Did you ever wonder where the web trafic really flow to reach the
3727 web servers, and who own the network equipment it is flowing through?
3728 It is possible to get a glimpse of this from using traceroute, but it
3729 is hard to find all the details. Many years ago, I wrote a system to
3730 map the Norwegian Internet (trying to figure out if our plans for a
3731 network game service would get low enough latency, and who we needed
3732 to talk to about setting up game servers close to the users. Back
3733 then I used traceroute output from many locations (I asked my friends
3734 to run a script and send me their traceroute output) to create the
3735 graph and the map. The output from traceroute typically look like
3738 <p
><pre
>
3739 traceroute to www.stortinget.no (
85.88.67.10),
30 hops max,
60 byte packets
3740 1 uio-gw10.uio.no (
129.240.202.1)
0.447 ms
0.486 ms
0.621 ms
3741 2 uio-gw8.uio.no (
129.240.24.229)
0.467 ms
0.578 ms
0.675 ms
3742 3 oslo-gw1.uninett.no (
128.39.65.17)
0.385 ms
0.373 ms
0.358 ms
3743 4 te3-
1-
2.br1.fn3.as2116.net (
193.156.90.3)
1.174 ms
1.172 ms
1.153 ms
3744 5 he16-
1-
1.cr1.san110.as2116.net (
195.0.244.234)
2.627 ms he16-
1-
1.cr2.oslosda310.as2116.net (
195.0.244.48)
3.172 ms he16-
1-
1.cr1.san110.as2116.net (
195.0.244.234)
2.857 ms
3745 6 ae1.ar8.oslosda310.as2116.net (
195.0.242.39)
0.662 ms
0.637 ms ae0.ar8.oslosda310.as2116.net (
195.0.242.23)
0.622 ms
3746 7 89.191.10.146 (
89.191.10.146)
0.931 ms
0.917 ms
0.955 ms
3750 </pre
></p
>
3752 <p
>This show the DNS names and IP addresses of (at least some of the)
3753 network equipment involved in getting the data traffic from me to the
3754 www.stortinget.no server, and how long it took in milliseconds for a
3755 package to reach the equipment and return to me. Three packages are
3756 sent, and some times the packages do not follow the same path. This
3757 is shown for hop
5, where three different IP addresses replied to the
3758 traceroute request.
</p
>
3760 <p
>There are many ways to measure trace routes. Other good traceroute
3761 implementations I use are traceroute (using ICMP packages) mtr (can do
3762 both ICMP, UDP and TCP) and scapy (python library with ICMP, UDP, TCP
3763 traceroute and a lot of other capabilities). All of them are easily
3764 available in
<a href=
"https://www.debian.org/
">Debian
</a
>.
</p
>
3766 <p
>This time around, I wanted to know the geographic location of
3767 different route points, to visualize how visiting a web page spread
3768 information about the visit to a lot of servers around the globe. The
3769 background is that a web site today often will ask the browser to get
3770 from many servers the parts (for example HTML, JSON, fonts,
3771 JavaScript, CSS, video) required to display the content. This will
3772 leak information about the visit to those controlling these servers
3773 and anyone able to peek at the data traffic passing by (like your ISP,
3774 the ISPs backbone provider, FRA, GCHQ, NSA and others).
</p
>
3776 <p
>Lets pick an example, the Norwegian parliament web site
3777 www.stortinget.no. It is read daily by all members of parliament and
3778 their staff, as well as political journalists, activits and many other
3779 citizens of Norway. A visit to the www.stortinget.no web site will
3780 ask your browser to contact
8 other servers: ajax.googleapis.com,
3781 insights.hotjar.com, script.hotjar.com, static.hotjar.com,
3782 stats.g.doubleclick.net, www.google-analytics.com,
3783 www.googletagmanager.com and www.netigate.se. I extracted this by
3784 asking
<a href=
"http://phantomjs.org/
">PhantomJS
</a
> to visit the
3785 Stortinget web page and tell me all the URLs PhantomJS downloaded to
3786 render the page (in HAR format using
3787 <a href=
"https://github.com/ariya/phantomjs/blob/master/examples/netsniff.js
">their
3788 netsniff example
</a
>. I am very grateful to Gorm for showing me how
3789 to do this). My goal is to visualize network traces to all IP
3790 addresses behind these DNS names, do show where visitors personal
3791 information is spread when visiting the page.
</p
>
3793 <p align=
"center
"><a href=
"www.stortinget.no-geoip.kml
"><img
3794 src=
"https://people.skolelinux.org/pere/blog/images/
2017-
01-
09-www.stortinget.no-geoip-small.png
" alt=
"map of combined traces for URLs used by www.stortinget.no using GeoIP
"/
></a
></p
>
3796 <p
>When I had a look around for options, I could not find any good
3797 free software tools to do this, and decided I needed my own traceroute
3798 wrapper outputting KML based on locations looked up using GeoIP. KML
3799 is easy to work with and easy to generate, and understood by several
3800 of the GIS tools I have available. I got good help from by NUUG
3801 colleague Anders Einar with this, and the result can be seen in
3802 <a href=
"https://github.com/petterreinholdtsen/kmltraceroute
">my
3803 kmltraceroute git repository
</a
>. Unfortunately, the quality of the
3804 free GeoIP databases I could find (and the for-pay databases my
3805 friends had access to) is not up to the task. The IP addresses of
3806 central Internet infrastructure would typically be placed near the
3807 controlling companies main office, and not where the router is really
3808 located, as you can see from
<a href=
"www.stortinget.no-geoip.kml
">the
3809 KML file I created
</a
> using the GeoLite City dataset from MaxMind.
3811 <p align=
"center
"><a href=
"https://people.skolelinux.org/pere/blog/images/
2017-
01-
09-www.stortinget.no-scapy.svg
"><img
3812 src=
"https://people.skolelinux.org/pere/blog/images/
2017-
01-
09-www.stortinget.no-scapy-small.png
" alt=
"scapy traceroute graph for URLs used by www.stortinget.no
"/
></a
></p
>
3814 <p
>I also had a look at the visual traceroute graph created by
3815 <a href=
"http://www.secdev.org/projects/scapy/
">the scrapy project
</a
>,
3816 showing IP network ownership (aka AS owner) for the IP address in
3818 <a href=
"https://people.skolelinux.org/pere/blog/images/
2017-
01-
09-www.stortinget.no-scapy.svg
">The
3819 graph display a lot of useful information about the traceroute in SVG
3820 format
</a
>, and give a good indication on who control the network
3821 equipment involved, but it do not include geolocation. This graph
3822 make it possible to see the information is made available at least for
3823 UNINETT, Catchcom, Stortinget, Nordunet, Google, Amazon, Telia, Level
3824 3 Communications and NetDNA.
</p
>
3826 <p align=
"center
"><a href=
"https://geotraceroute.com/index.php?node=
4&host=www.stortinget.no
"><img
3827 src=
"https://people.skolelinux.org/pere/blog/images/
2017-
01-
09-www.stortinget.no-geotraceroute-small.png
" alt=
"example geotraceroute view for www.stortinget.no
"/
></a
></p
>
3829 <p
>In the process, I came across the
3830 <a href=
"https://geotraceroute.com/
">web service GeoTraceroute
</a
> by
3831 Salim Gasmi. Its methology of combining guesses based on DNS names,
3832 various location databases and finally use latecy times to rule out
3833 candidate locations seemed to do a very good job of guessing correct
3834 geolocation. But it could only do one trace at the time, did not have
3835 a sensor in Norway and did not make the geolocations easily available
3836 for postprocessing. So I contacted the developer and asked if he
3837 would be willing to share the code (he refused until he had time to
3838 clean it up), but he was interested in providing the geolocations in a
3839 machine readable format, and willing to set up a sensor in Norway. So
3840 since yesterday, it is possible to run traces from Norway in this
3841 service thanks to a sensor node set up by
3842 <a href=
"https://www.nuug.no/
">the NUUG assosiation
</a
>, and get the
3843 trace in KML format for further processing.
</p
>
3845 <p align=
"center
"><a href=
"https://people.skolelinux.org/pere/blog/images/
2017-
01-
09-www.stortinget.no-geotraceroute-kml-join.kml
"><img
3846 src=
"https://people.skolelinux.org/pere/blog/images/
2017-
01-
09-www.stortinget.no-geotraceroute-kml-join.png
" alt=
"map of combined traces for URLs used by www.stortinget.no using geotraceroute
"/
></a
></p
>
3848 <p
>Here we can see a lot of trafic passes Sweden on its way to
3849 Denmark, Germany, Holland and Ireland. Plenty of places where the
3850 Snowden confirmations verified the traffic is read by various actors
3851 without your best interest as their top priority.
</p
>
3853 <p
>Combining KML files is trivial using a text editor, so I could loop
3854 over all the hosts behind the urls imported by www.stortinget.no and
3855 ask for the KML file from GeoTraceroute, and create a combined KML
3856 file with all the traces (unfortunately only one of the IP addresses
3857 behind the DNS name is traced this time. To get them all, one would
3858 have to request traces using IP number instead of DNS names from
3859 GeoTraceroute). That might be the next step in this project.
</p
>
3861 <p
>Armed with these tools, I find it a lot easier to figure out where
3862 the IP traffic moves and who control the boxes involved in moving it.
3863 And every time the link crosses for example the Swedish border, we can
3864 be sure Swedish Signal Intelligence (FRA) is listening, as GCHQ do in
3865 Britain and NSA in USA and cables around the globe. (Hm, what should
3866 we tell them? :) Keep that in mind if you ever send anything
3867 unencrypted over the Internet.
</p
>
3869 <p
>PS: KML files are drawn using
3870 <a href=
"http://ivanrublev.me/kml/
">the KML viewer from Ivan
3871 Rublev
<a/
>, as it was less cluttered than the local Linux application
3872 Marble. There are heaps of other options too.
</p
>
3874 <p
>As usual, if you use Bitcoin and want to show your support of my
3875 activities, please send Bitcoin donations to my address
3876 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
3881 <title>Appstream just learned how to map hardware to packages too!
</title>
3882 <link>https://people.skolelinux.org/pere/blog/Appstream_just_learned_how_to_map_hardware_to_packages_too_.html
</link>
3883 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Appstream_just_learned_how_to_map_hardware_to_packages_too_.html
</guid>
3884 <pubDate>Fri,
23 Dec
2016 10:
30:
00 +
0100</pubDate>
3885 <description><p
>I received a very nice Christmas present today. As my regular
3886 readers probably know, I have been working on the
3887 <a href=
"http://packages.qa.debian.org/isenkram
">the Isenkram
3888 system
</a
> for many years. The goal of the Isenkram system is to make
3889 it easier for users to figure out what to install to get a given piece
3890 of hardware to work in Debian, and a key part of this system is a way
3891 to map hardware to packages. Isenkram have its own mapping database,
3892 and also uses data provided by each package using the AppStream
3893 metadata format. And today,
3894 <a href=
"https://tracker.debian.org/pkg/appstream
">AppStream
</a
> in
3895 Debian learned to look up hardware the same way Isenkram is doing it,
3896 ie using fnmatch():
</p
>
3898 <p
><pre
>
3899 % appstreamcli what-provides modalias \
3900 usb:v1130p0202d0100dc00dsc00dp00ic03isc00ip00in00
3901 Identifier: pymissile [generic]
3903 Summary: Control original Striker USB Missile Launcher
3905 % appstreamcli what-provides modalias usb:v0694p0002d0000
3906 Identifier: libnxt [generic]
3908 Summary: utility library for talking to the LEGO Mindstorms NXT brick
3911 Identifier: t2n [generic]
3913 Summary: Simple command-line tool for Lego NXT
3916 Identifier: python-nxt [generic]
3918 Summary: Python driver/interface/wrapper for the Lego Mindstorms NXT robot
3921 Identifier: nbc [generic]
3923 Summary: C compiler for LEGO Mindstorms NXT bricks
3926 </pre
></p
>
3928 <p
>A similar query can be done using the combined AppStream and
3929 Isenkram databases using the isenkram-lookup tool:
</p
>
3931 <p
><pre
>
3932 % isenkram-lookup usb:v1130p0202d0100dc00dsc00dp00ic03isc00ip00in00
3934 % isenkram-lookup usb:v0694p0002d0000
3940 </pre
></p
>
3942 <p
>You can find modalias values relevant for your machine using
3943 <tt
>cat $(find /sys/devices/ -name modalias)
</tt
>.
3945 <p
>If you want to make this system a success and help Debian users
3946 make the most of the hardware they have, please help
3947 <a href=
"https://wiki.debian.org/AppStream/Guidelines
">add AppStream
3948 metadata for your package following the guidelines
</a
> documented in
3949 the wiki. So far only
11 packages provide such information, among the
3950 several hundred hardware specific packages in Debian. The Isenkram
3951 database on the other hand contain
101 packages, mostly related to USB
3952 dongles. Most of the packages with hardware mapping in AppStream are
3953 LEGO Mindstorms related, because I have, as part of my involvement in
3954 <a href=
"https://wiki.debian.org/LegoDesigners
">the Debian LEGO
3955 team
</a
> given priority to making sure LEGO users get proposed the
3956 complete set of packages in Debian for that particular hardware. The
3957 team also got a nice Christmas present today. The
3958 <a href=
"https://tracker.debian.org/pkg/nxt-firmware
">nxt-firmware
3959 package
</a
> made it into Debian. With this package in place, it is
3960 now possible to use the LEGO Mindstorms NXT unit with only free
3961 software, as the nxt-firmware package contain the source and firmware
3962 binaries for the NXT brick.
</p
>
3964 <p
>As usual, if you use Bitcoin and want to show your support of my
3965 activities, please send Bitcoin donations to my address
3966 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
3971 <title>Isenkram updated with a lot more hardware-package mappings
</title>
3972 <link>https://people.skolelinux.org/pere/blog/Isenkram_updated_with_a_lot_more_hardware_package_mappings.html
</link>
3973 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Isenkram_updated_with_a_lot_more_hardware_package_mappings.html
</guid>
3974 <pubDate>Tue,
20 Dec
2016 11:
55:
00 +
0100</pubDate>
3975 <description><p
><a href=
"http://packages.qa.debian.org/isenkram
">The Isenkram
3976 system
</a
> I wrote two years ago to make it easier in Debian to find
3977 and install packages to get your hardware dongles to work, is still
3978 going strong. It is a system to look up the hardware present on or
3979 connected to the current system, and map the hardware to Debian
3980 packages. It can either be done using the tools in isenkram-cli or
3981 using the user space daemon in the isenkram package. The latter will
3982 notify you, when inserting new hardware, about what packages to
3983 install to get the dongle working. It will even provide a button to
3984 click on to ask packagekit to install the packages.
</p
>
3986 <p
>Here is an command line example from my Thinkpad laptop:
</p
>
3988 <p
><pre
>
4005 </pre
></p
>
4007 <p
>It can also list the firware package providing firmware requested
4008 by the load kernel modules, which in my case is an empty list because
4009 I have all the firmware my machine need:
4011 <p
><pre
>
4012 % /usr/sbin/isenkram-autoinstall-firmware -l
4013 info: did not find any firmware files requested by loaded kernel modules. exiting
4015 </pre
></p
>
4017 <p
>The last few days I had a look at several of the around
250
4018 packages in Debian with udev rules. These seem like good candidates
4019 to install when a given hardware dongle is inserted, and I found
4020 several that should be proposed by isenkram. I have not had time to
4021 check all of them, but am happy to report that now there are
97
4022 packages packages mapped to hardware by Isenkram.
11 of these
4023 packages provide hardware mapping using AppStream, while the rest are
4024 listed in the modaliases file provided in isenkram.
</p
>
4026 <p
>These are the packages with hardware mappings at the moment. The
4027 <strong
>marked packages
</strong
> are also announcing their hardware
4028 support using AppStream, for everyone to use:
</p
>
4030 <p
>air-quality-sensor, alsa-firmware-loaders, argyll,
4031 <strong
>array-info
</strong
>, avarice, avrdude, b43-fwcutter,
4032 bit-babbler, bluez, bluez-firmware,
<strong
>brltty
</strong
>,
4033 <strong
>broadcom-sta-dkms
</strong
>, calibre, cgminer, cheese, colord,
4034 <strong
>colorhug-client
</strong
>, dahdi-firmware-nonfree, dahdi-linux,
4035 dfu-util, dolphin-emu, ekeyd, ethtool, firmware-ipw2x00, fprintd,
4036 fprintd-demo,
<strong
>galileo
</strong
>, gkrellm-thinkbat, gphoto2,
4037 gpsbabel, gpsbabel-gui, gpsman, gpstrans, gqrx-sdr, gr-fcdproplus,
4038 gr-osmosdr, gtkpod, hackrf, hdapsd, hdmi2usb-udev, hpijs-ppds, hplip,
4039 ipw3945-source, ipw3945d, kde-config-tablet, kinect-audio-setup,
4040 <strong
>libnxt
</strong
>, libpam-fprintd,
<strong
>lomoco
</strong
>,
4041 madwimax, minidisc-utils, mkgmap, msi-keyboard, mtkbabel,
4042 <strong
>nbc
</strong
>,
<strong
>nqc
</strong
>, nut-hal-drivers, ola,
4043 open-vm-toolbox, open-vm-tools, openambit, pcgminer, pcmciautils,
4044 pcscd, pidgin-blinklight, printer-driver-splix,
4045 <strong
>pymissile
</strong
>, python-nxt, qlandkartegt,
4046 qlandkartegt-garmin, rosegarden, rt2x00-source, sispmctl,
4047 soapysdr-module-hackrf, solaar, squeak-plugins-scratch, sunxi-tools,
4048 <strong
>t2n
</strong
>, thinkfan, thinkfinger-tools, tlp, tp-smapi-dkms,
4049 tp-smapi-source, tpb, tucnak, uhd-host, usbmuxd, viking,
4050 virtualbox-ose-guest-x11, w1retap, xawtv, xserver-xorg-input-vmmouse,
4051 xserver-xorg-input-wacom, xserver-xorg-video-qxl,
4052 xserver-xorg-video-vmware, yubikey-personalization and
4053 zd1211-firmware
</p
>
4055 <p
>If you know of other packages, please let me know with a wishlist
4056 bug report against the isenkram-cli package, and ask the package
4058 <a href=
"https://wiki.debian.org/AppStream/Guidelines
">add AppStream
4059 metadata according to the guidelines
</a
> to provide the information
4060 for everyone. In time, I hope to get rid of the isenkram specific
4061 hardware mapping and depend exclusively on AppStream.
</p
>
4063 <p
>Note, the AppStream metadata for broadcom-sta-dkms is matching too
4064 much hardware, and suggest that the package with with any ethernet
4065 card. See
<a href=
"http://bugs.debian.org/
838735">bug #
838735</a
> for
4066 the details. I hope the maintainer find time to address it soon. In
4067 the mean time I provide an override in isenkram.
</p
>
4072 <title>Oolite, a life in space as vagabond and mercenary - nice free software
</title>
4073 <link>https://people.skolelinux.org/pere/blog/Oolite__a_life_in_space_as_vagabond_and_mercenary___nice_free_software.html
</link>
4074 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Oolite__a_life_in_space_as_vagabond_and_mercenary___nice_free_software.html
</guid>
4075 <pubDate>Sun,
11 Dec
2016 11:
40:
00 +
0100</pubDate>
4076 <description><p align=
"center
"><img width=
"70%
" src=
"https://people.skolelinux.org/pere/blog/images/
2016-
12-
11-nice-oolite.png
"/
></p
>
4078 <p
>In my early years, I played
4079 <a href=
"http://wiki.alioth.net/index.php/Classic_Elite
">the epic game
4080 Elite
</a
> on my PC. I spent many months trading and fighting in
4081 space, and reached the
'elite
' fighting status before I moved on. The
4082 original Elite game was available on Commodore
64 and the IBM PC
4083 edition I played had a
64 KB executable. I am still impressed today
4084 that the authors managed to squeeze both a
3D engine and details about
4085 more than
2000 planet systems across
7 galaxies into a binary so
4088 <p
>I have known about
<a href=
"http://www.oolite.org/
">the free
4089 software game Oolite inspired by Elite
</a
> for a while, but did not
4090 really have time to test it properly until a few days ago. It was
4091 great to discover that my old knowledge about trading routes were
4092 still valid. But my fighting and flying abilities were gone, so I had
4093 to retrain to be able to dock on a space station. And I am still not
4094 able to make much resistance when I am attacked by pirates, so I
4095 bougth and mounted the most powerful laser in the rear to be able to
4096 put up at least some resistance while fleeing for my life. :)
</p
>
4098 <p
>When playing Elite in the late eighties, I had to discover
4099 everything on my own, and I had long lists of prices seen on different
4100 planets to be able to decide where to trade what. This time I had the
4102 <a href=
"http://wiki.alioth.net/index.php/Main_Page
">Elite wiki
</a
>,
4103 where information about each planet is easily available with common
4104 price ranges and suggested trading routes. This improved my ability
4105 to earn money and I have been able to earn enough to buy a lot of
4106 useful equipent in a few days. I believe I originally played for
4107 months before I could get a docking computer, while now I could get it
4108 after less then a week.
</p
>
4110 <p
>If you like science fiction and dreamed of a life as a vagabond in
4111 space, you should try out Oolite. It is available for Linux, MacOSX
4112 and Windows, and is included in Debian and derivatives since
2011.
</p
>
4114 <p
>As usual, if you use Bitcoin and want to show your support of my
4115 activities, please send Bitcoin donations to my address
4116 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
4121 <title>Quicker Debian installations using eatmydata
</title>
4122 <link>https://people.skolelinux.org/pere/blog/Quicker_Debian_installations_using_eatmydata.html
</link>
4123 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Quicker_Debian_installations_using_eatmydata.html
</guid>
4124 <pubDate>Fri,
25 Nov
2016 14:
50:
00 +
0100</pubDate>
4125 <description><p
>Two years ago, I did some experiments with eatmydata and the Debian
4126 installation system, observing how using
4127 <a href=
"https://people.skolelinux.org/pere/blog/Speeding_up_the_Debian_installer_using_eatmydata_and_dpkg_divert.html
">eatmydata
4128 could speed up the installation
</a
> quite a bit. My testing measured
4129 speedup around
20-
40 percent for Debian Edu, where we install around
4130 1000 packages from within the installer. The eatmydata package
4131 provide a way to disable/delay file system flushing. This is a bit
4132 risky in the general case, as files that should be stored on disk will
4133 stay only in memory a bit longer than expected, causing problems if a
4134 machine crashes at an inconvenient time. But for an installation, if
4135 the machine crashes during installation the process is normally
4136 restarted, and avoiding disk operations as much as possible to speed
4137 up the process make perfect sense.
4139 <p
>I added code in the Debian Edu specific installation code to enable
4140 <a href=
"https://tracker.debian.org/pkg/libeatmydata
">eatmydata
</a
>,
4141 but did not have time to push it any further. But a few months ago I
4142 picked it up again and worked with the libeatmydata package maintainer
4143 Mattia Rizzolo to make it easier for everyone to get this installation
4144 speedup in Debian. Thanks to our cooperation There is now an
4145 eatmydata-udeb package in Debian testing and unstable, and simply
4146 enabling/installing it in debian-installer (d-i) is enough to get the
4147 quicker installations. It can be enabled using preseeding. The
4148 following untested kernel argument should do the trick:
</p
>
4150 <blockquote
><pre
>
4151 preseed/early_command=
"anna-install eatmydata-udeb
"
4152 </pre
></blockquote
>
4154 <p
>This should ask d-i to install the package inside the d-i
4155 environment early in the installation sequence. Having it installed
4156 in d-i in turn will make sure the relevant scripts are called just
4157 after debootstrap filled /target/ with the freshly installed Debian
4158 system to configure apt to run dpkg with eatmydata. This is enough to
4159 speed up the installation process. There is a proposal to
4160 <a href=
"https://bugs.debian.org/
841153">extend the idea a bit further
4161 by using /etc/ld.so.preload instead of apt.conf
</a
>, but I have not
4162 tested its impact.
</p
>
4168 <title>Oversette bokmål til nynorsk, enklere enn du tror takket være Apertium
</title>
4169 <link>https://people.skolelinux.org/pere/blog/Oversette_bokm_l_til_nynorsk__enklere_enn_du_tror_takket_v_re_Apertium.html
</link>
4170 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Oversette_bokm_l_til_nynorsk__enklere_enn_du_tror_takket_v_re_Apertium.html
</guid>
4171 <pubDate>Thu,
24 Nov
2016 10:
50:
00 +
0100</pubDate>
4172 <description><p
>I Norge er det mange som trenger å skrive både bokmål og nynorsk.
4173 Eksamensoppgaver, offentlige brev og nyheter er eksempler på tekster
4174 der det er krav om skriftspråk. I tillegg til alle skoleoppgavene som
4175 elever over det ganske land skal levere inn hvert år. Det mange ikke
4176 vet er at selv om de kommersielle alternativene
4177 <a href=
"https://translate.google.com/
">Google Translate
</a
> og
4178 <a href=
"https://www.bing.com/translator/
">Bing Translator
</a
> ikke kan
4179 bidra med å oversette mellom bokmål og nynorsk, så finnes det et
4180 utmerket fri programvarealternativ som kan. Oversetterverktøyet
4181 Apertium har støtte for en rekke språkkombinasjoner, og takket være
4182 den utrettelige innsatsen til blant annet Kevin Brubeck Unhammer, kan
4183 en bruke webtjenesten til å fylle inn en tekst på bokmål eller
4184 nynorsk, og få den automatoversatt til det andre skriftspråket.
4185 Resultatet er ikke perfekt, men et svært godt utgangspunkt. Av og til
4186 er resultatet så bra at det kan benyttes uten endringer. Jeg vet
4187 f.eks. at store deler av Joomla ble oversatt til nynorsk ved hjelp
4188 Apertium. Høres det ut som noe du kan ha bruk for? Besøk i så fall
4189 <a href=
"https://www.apertium.org/
">Apertium.org
</a
> og fyll inn
4190 teksten din i webskjemaet der.
4192 <p
>Hvis du trenger maskinell tilgang til den bakenforliggende
4193 teknologien kan du enten installere pakken
4194 <a href=
"https://tracker.debian.org/apertium-nno-nob
">apertium-nno-nob
</a
>
4195 på en Debian-maskin eller bruke web-API-et tilgjengelig fra
4196 api.apertium.org. Se
4197 <a href=
"http://wiki.apertium.org/wiki/Apertium-apy
">API-dokumentasjonen
</a
>
4198 for detaljer om web-API-et. Her kan du se hvordan resultatet blir for
4199 denne teksten som ble skrevet på bokmål over maskinoversatt til
4204 <p
>I Noreg er det mange som treng å skriva både bokmål og nynorsk.
4205 Eksamensoppgåver, offentlege brev og nyhende er døme på tekster der
4206 det er krav om skriftspråk. I tillegg til alle skuleoppgåvene som
4207 elevar over det ganske land skal levera inn kvart år. Det mange ikkje
4208 veit er at sjølv om dei kommersielle alternativa
4209 <a href=
"https://translate.google.com/
">Google *Translate
</a
> og
4210 <a href=
"https://www.bing.com/translator/
">Bing *Translator
</a
> ikkje
4211 kan bidra med å omsetja mellom bokmål og nynorsk, så finst det eit
4212 utmerka fri programvarealternativ som kan. Omsetjarverktøyet
4213 *Apertium har støtte for ei rekkje språkkombinasjonar, og takka vera
4214 den utrøyttelege innsatsen til blant anna Kevin Brubeck Unhammer, kan
4215 ein bruka *webtjenesten til å fylla inn ei tekst på bokmål eller
4216 nynorsk, og få den *automatoversatt til det andre skriftspråket.
4217 Resultatet er ikkje perfekt, men eit svært godt utgangspunkt. Av og
4218 til er resultatet så bra at det kan nyttast utan endringar. Eg veit
4219 t.d. at store delar av *Joomla vart omsett til nynorsk ved hjelp
4220 *Apertium. Høyrast det ut som noko du kan ha bruk for? Besøk i så
4221 fall
<a href=
"https://www.apertium.org/
">*Apertium.org
</a
> og fyll inn
4222 teksta di i *webskjemaet der.
4224 <p
>Viss du treng *maskinell tilgjenge til den *bakenforliggende
4225 teknologien kan du anten installera pakken
4226 <a href=
"https://tracker.debian.org/apertium-nno-nob
">*apertium-*nno-*nob
</a
>
4227 på ein *Debian-maskin eller bruka *web-*API-eit tilgjengeleg frå
4228 *api.*apertium.org. Sjå
4229 <a href=
"http://wiki.apertium.org/wiki/Apertium-apy
">*API-dokumentasjonen
</a
>
4230 for detaljar om *web-*API-eit. Her kan du sjå korleis resultatet vert
4231 for denne teksta som vart skreva på bokmål over *maskinoversatt til
4237 <title>Coz profiler for multi-threaded software is now in Debian
</title>
4238 <link>https://people.skolelinux.org/pere/blog/Coz_profiler_for_multi_threaded_software_is_now_in_Debian.html
</link>
4239 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Coz_profiler_for_multi_threaded_software_is_now_in_Debian.html
</guid>
4240 <pubDate>Sun,
13 Nov
2016 12:
30:
00 +
0100</pubDate>
4241 <description><p
><a href=
"http://coz-profiler.org/
">The Coz profiler
</a
>, a nice
4242 profiler able to run benchmarking experiments on the instrumented
4243 multi-threaded program, finally
4244 <a href=
"https://tracker.debian.org/pkg/coz-profiler
">made it into
4245 Debian unstable yesterday
</A
>. Lluís Vilanova and I have spent many
4247 <a href=
"https://people.skolelinux.org/pere/blog/Coz_can_help_you_find_bottlenecks_in_multi_threaded_software___nice_free_software.html
">I
4248 blogged about the coz tool
</a
> in August working with upstream to make
4249 it suitable for Debian. There are still issues with clang
4250 compatibility, inline assembly only working x86 and minimized
4251 JavaScript libraries.
</p
>
4253 <p
>To test it, install
'coz-profiler
' using apt and run it like this:
</p
>
4255 <p
><blockquote
>
4256 <tt
>coz run --- /path/to/binary-with-debug-info
</tt
>
4257 </blockquote
></p
>
4259 <p
>This will produce a profile.coz file in the current working
4260 directory with the profiling information. This is then given to a
4261 JavaScript application provided in the package and available from
4262 <a href=
"http://plasma-umass.github.io/coz/
">a project web page
</a
>.
4263 To start the local copy, invoke it in a browser like this:
</p
>
4265 <p
><blockquote
>
4266 <tt
>sensible-browser /usr/share/coz-profiler/viewer/index.htm
</tt
>
4267 </blockquote
></p
>
4269 <p
>See the project home page and the
4270 <a href=
"https://www.usenix.org/publications/login/summer2016/curtsinger
">USENIX
4271 ;login: article on Coz
</a
> for more information on how it is
4277 <title>My own self balancing Lego Segway
</title>
4278 <link>https://people.skolelinux.org/pere/blog/My_own_self_balancing_Lego_Segway.html
</link>
4279 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/My_own_self_balancing_Lego_Segway.html
</guid>
4280 <pubDate>Fri,
4 Nov
2016 10:
15:
00 +
0100</pubDate>
4281 <description><p
>A while back I received a Gyro sensor for the NXT
4282 <a href=
"mindstorms.lego.com
">Mindstorms
</a
> controller as a birthday
4283 present. It had been on my wishlist for a while, because I wanted to
4284 build a Segway like balancing lego robot. I had already built
4285 <a href=
"http://www.nxtprograms.com/NXT2/segway/
">a simple balancing
4286 robot
</a
> with the kids, using the light/color sensor included in the
4287 NXT kit as the balance sensor, but it was not working very well. It
4288 could balance for a while, but was very sensitive to the light
4289 condition in the room and the reflective properties of the surface and
4290 would fall over after a short while. I wanted something more robust,
4292 <a href=
"https://www.hitechnic.com/cgi-bin/commerce.cgi?preadd=action
&key=NGY1044
">the
4293 gyro sensor from HiTechnic
</a
> I believed would solve it on my
4294 wishlist for some years before it suddenly showed up as a gift from my
4295 loved ones. :)
</p
>
4297 <p
>Unfortunately I have not had time to sit down and play with it
4298 since then. But that changed some days ago, when I was searching for
4299 lego segway information and came across a recipe from HiTechnic for
4301 <a href=
"http://www.hitechnic.com/blog/gyro-sensor/htway/
">the
4302 HTWay
</a
>, a segway like balancing robot. Build instructions and
4303 <a href=
"https://www.hitechnic.com/upload/
786-HTWayC.nxc
">source
4304 code
</a
> was included, so it was just a question of putting it all
4305 together. And thanks to the great work of many Debian developers, the
4306 compiler needed to build the source for the NXT is already included in
4307 Debian, so I was read to go in less than an hour. The resulting robot
4308 do not look very impressive in its simplicity:
</p
>
4310 <p align=
"center
"><img width=
"70%
" src=
"https://people.skolelinux.org/pere/blog/images/
2016-
11-
04-lego-htway-robot.jpeg
"></p
>
4312 <p
>Because I lack the infrared sensor used to control the robot in the
4313 design from HiTechnic, I had to comment out the last task
4314 (taskControl). I simply placed /* and */ around it get the program
4315 working without that sensor present. Now it balances just fine until
4316 the battery status run low:
</p
>
4318 <p align=
"center
"><video width=
"70%
" controls=
"true
">
4319 <source src=
"https://people.skolelinux.org/pere/blog/images/
2016-
11-
04-lego-htway-balancing.ogv
" type=
"video/ogg
">
4320 </video
></p
>
4322 <p
>Now we would like to teach it how to follow a line and take remote
4323 control instructions using the included Bluetooth receiver in the NXT.
</p
>
4325 <p
>If you, like me, love LEGO and want to make sure we find the tools
4326 they need to work with LEGO in Debian and all our derivative
4327 distributions like Ubuntu, check out
4328 <a href=
"http://wiki.debian.org/LegoDesigners
">the LEGO designers
4329 project page
</a
> and join the Debian LEGO team. Personally I own a
4330 RCX and NXT controller (no EV3), and would like to make sure the
4331 Debian tools needed to program the systems I own work as they
4337 <title>Experience and updated recipe for using the Signal app without a mobile phone
</title>
4338 <link>https://people.skolelinux.org/pere/blog/Experience_and_updated_recipe_for_using_the_Signal_app_without_a_mobile_phone.html
</link>
4339 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Experience_and_updated_recipe_for_using_the_Signal_app_without_a_mobile_phone.html
</guid>
4340 <pubDate>Mon,
10 Oct
2016 11:
30:
00 +
0200</pubDate>
4341 <description><p
>In July
4342 <a href=
"https://people.skolelinux.org/pere/blog/How_to_use_the_Signal_app_if_you_only_have_a_land_line__ie_no_mobile_phone_.html
">I
4343 wrote how to get the Signal Chrome/Chromium app working
</a
> without
4344 the ability to receive SMS messages (aka without a cell phone). It is
4345 time to share some experiences and provide an updated setup.
</p
>
4347 <p
>The Signal app have worked fine for several months now, and I use
4348 it regularly to chat with my loved ones. I had a major snag at the
4349 end of my summer vacation, when the the app completely forgot my
4350 setup, identity and keys. The reason behind this major mess was
4351 running out of disk space. To avoid that ever happening again I have
4352 started storing everything in
<tt
>userdata/
</tt
> in git, to be able to
4353 roll back to an earlier version if the files are wiped by mistake. I
4354 had to use it once after introducing the git backup. When rolling
4355 back to an earlier version, one need to use the
'reset session
' option
4356 in Signal to get going, and notify the people you talk with about the
4357 problem. I assume there is some sequence number tracking in the
4358 protocol to detect rollback attacks. The git repository is rather big
4359 (
674 MiB so far), but I have not tried to figure out if some of the
4360 content can be added to a .gitignore file due to lack of spare
4363 <p
>I
've also hit the
90 days timeout blocking, and noticed that this
4364 make it impossible to send messages using Signal. I could still
4365 receive them, but had to patch the code with a new timestamp to send.
4366 I believe the timeout is added by the developers to force people to
4367 upgrade to the latest version of the app, even when there is no
4368 protocol changes, to reduce the version skew among the user base and
4369 thus try to keep the number of support requests down.
</p
>
4371 <p
>Since my original recipe, the Signal source code changed slightly,
4372 making the old patch fail to apply cleanly. Below is an updated
4373 patch, including the shell wrapper I use to start Signal. The
4374 original version required a new user to locate the JavaScript console
4375 and call a function from there. I got help from a friend with more
4376 JavaScript knowledge than me to modify the code to provide a GUI
4377 button instead. This mean that to get started you just need to run
4378 the wrapper and click the
'Register without mobile phone
' to get going
4379 now. I
've also modified the timeout code to always set it to
90 days
4380 in the future, to avoid having to patch the code regularly.
</p
>
4382 <p
>So, the updated recipe for Debian Jessie:
</p
>
4386 <li
>First, install required packages to get the source code and the
4387 browser you need. Signal only work with Chrome/Chromium, as far as I
4388 know, so you need to install it.
4391 apt install git tor chromium
4392 git clone https://github.com/WhisperSystems/Signal-Desktop.git
4393 </pre
></li
>
4395 <li
>Modify the source code using command listed in the the patch
4396 block below.
</li
>
4398 <li
>Start Signal using the run-signal-app wrapper (for example using
4399 <tt
>`pwd`/run-signal-app
</tt
>).
4401 <li
>Click on the
'Register without mobile phone
', will in a phone
4402 number you can receive calls to the next minute, receive the
4403 verification code and enter it into the form field and press
4404 'Register
'. Note, the phone number you use will be user Signal
4405 username, ie the way others can find you on Signal.
</li
>
4407 <li
>You can now use Signal to contact others. Note, new contacts do
4408 not show up in the contact list until you restart Signal, and there is
4409 no way to assign names to Contacts. There is also no way to create or
4410 update chat groups. I suspect this is because the web app do not have
4411 a associated contact database.
</li
>
4415 <p
>I am still a bit uneasy about using Signal, because of the way its
4416 main author moxie0 reject federation and accept dependencies to major
4417 corporations like Google (part of the code is fetched from Google) and
4418 Amazon (the central coordination point is owned by Amazon). See for
4420 <a href=
"https://github.com/LibreSignal/LibreSignal/issues/
37">the
4421 LibreSignal issue tracker
</a
> for a thread documenting the authors
4422 view on these issues. But the network effect is strong in this case,
4423 and several of the people I want to communicate with already use
4424 Signal. Perhaps we can all move to
<a href=
"https://ring.cx/
">Ring
</a
>
4425 once it
<a href=
"https://bugs.debian.org/
830265">work on my
4426 laptop
</a
>? It already work on Windows and Android, and is included
4427 in
<a href=
"https://tracker.debian.org/pkg/ring
">Debian
</a
> and
4428 <a href=
"https://launchpad.net/ubuntu/+source/ring
">Ubuntu
</a
>, but not
4429 working on Debian Stable.
</p
>
4431 <p
>Anyway, this is the patch I apply to the Signal code to get it
4432 working. It switch to the production servers, disable to timeout,
4433 make registration easier and add the shell wrapper:
</p
>
4436 cd Signal-Desktop; cat
&lt;
&lt;EOF | patch -p1
4437 diff --git a/js/background.js b/js/background.js
4438 index
24b4c1d.
.579345f
100644
4439 --- a/js/background.js
4440 +++ b/js/background.js
4445 - var SERVER_URL =
'https://textsecure-service-staging.whispersystems.org
';
4446 + var SERVER_URL =
'https://textsecure-service-ca.whispersystems.org
';
4447 var SERVER_PORTS = [
80,
4433,
8443];
4448 - var ATTACHMENT_SERVER_URL =
'https://whispersystems-textsecure-attachments-staging.s3.amazonaws.com
';
4449 + var ATTACHMENT_SERVER_URL =
'https://whispersystems-textsecure-attachments.s3.amazonaws.com
';
4450 var messageReceiver;
4451 window.getSocketStatus = function() {
4452 if (messageReceiver) {
4453 diff --git a/js/expire.js b/js/expire.js
4454 index
639aeae..beb91c3
100644
4459 'use strict
';
4460 - var BUILD_EXPIRATION =
0;
4461 + var BUILD_EXPIRATION = Date.now() + (
90 *
24 *
60 *
60 *
1000);
4463 window.extension = window.extension || {};
4465 diff --git a/js/views/install_view.js b/js/views/install_view.js
4466 index
7816f4f.
.1d6233b
100644
4467 --- a/js/views/install_view.js
4468 +++ b/js/views/install_view.js
4471 'click .step1
': this.selectStep.bind(this,
1),
4472 'click .step2
': this.selectStep.bind(this,
2),
4473 -
'click .step3
': this.selectStep.bind(this,
3)
4474 +
'click .step3
': this.selectStep.bind(this,
3),
4475 +
'click .callreg
': function() { extension.install(
'standalone
') },
4478 clearQR: function() {
4479 diff --git a/options.html b/options.html
4480 index dc0f28e.
.8d709f6
100644
4484 &lt;div class=
'nav
'>
4485 &lt;h1
>{{ installWelcome }}
&lt;/h1
>
4486 &lt;p
>{{ installTagline }}
&lt;/p
>
4487 -
&lt;div
> &lt;a class=
'button step2
'>{{ installGetStartedButton }}
&lt;/a
> &lt;/div
>
4488 +
&lt;div
> &lt;a class=
'button step2
'>{{ installGetStartedButton }}
&lt;/a
>
4489 +
&lt;br
> &lt;a class=
"button callreg
">Register without mobile phone
&lt;/a
>
4492 &lt;span class=
'dot step1 selected
'>&lt;/span
>
4493 &lt;span class=
'dot step2
'>&lt;/span
>
4494 &lt;span class=
'dot step3
'>&lt;/span
>
4495 --- /dev/null
2016-
10-
07 09:
55:
13.730181472 +
0200
4496 +++ b/run-signal-app
2016-
10-
10 08:
54:
09.434172391 +
0200
4502 +userdata=
"`pwd`/userdata
"
4503 +if [ -d
"$userdata
" ]
&& [ ! -d
"$userdata/.git
" ] ; then
4504 + (cd $userdata
&& git init)
4506 +(cd $userdata
&& git add .
&& git commit -m
"Current status.
" || true)
4508 + --proxy-server=
"socks://localhost:
9050" \
4509 + --user-data-dir=$userdata --load-and-launch-app=`pwd`
4511 chmod a+rx run-signal-app
4514 <p
>As usual, if you use Bitcoin and want to show your support of my
4515 activities, please send Bitcoin donations to my address
4516 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
4521 <title>Isenkram, Appstream and udev make life as a LEGO builder easier
</title>
4522 <link>https://people.skolelinux.org/pere/blog/Isenkram__Appstream_and_udev_make_life_as_a_LEGO_builder_easier.html
</link>
4523 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Isenkram__Appstream_and_udev_make_life_as_a_LEGO_builder_easier.html
</guid>
4524 <pubDate>Fri,
7 Oct
2016 09:
50:
00 +
0200</pubDate>
4525 <description><p
><a href=
"http://packages.qa.debian.org/isenkram
">The Isenkram
4526 system
</a
> provide a practical and easy way to figure out which
4527 packages support the hardware in a given machine. The command line
4528 tool
<tt
>isenkram-lookup
</tt
> and the tasksel options provide a
4529 convenient way to list and install packages relevant for the current
4530 hardware during system installation, both user space packages and
4531 firmware packages. The GUI background daemon on the other hand provide
4532 a pop-up proposing to install packages when a new dongle is inserted
4533 while using the computer. For example, if you plug in a smart card
4534 reader, the system will ask if you want to install
<tt
>pcscd
</tt
> if
4535 that package isn
't already installed, and if you plug in a USB video
4536 camera the system will ask if you want to install
<tt
>cheese
</tt
> if
4537 cheese is currently missing. This already work just fine.
</p
>
4539 <p
>But Isenkram depend on a database mapping from hardware IDs to
4540 package names. When I started no such database existed in Debian, so
4541 I made my own data set and included it with the isenkram package and
4542 made isenkram fetch the latest version of this database from git using
4543 http. This way the isenkram users would get updated package proposals
4544 as soon as I learned more about hardware related packages.
</p
>
4546 <p
>The hardware is identified using modalias strings. The modalias
4547 design is from the Linux kernel where most hardware descriptors are
4548 made available as a strings that can be matched using filename style
4549 globbing. It handle USB, PCI, DMI and a lot of other hardware related
4550 identifiers.
</p
>
4552 <p
>The downside to the Isenkram specific database is that there is no
4553 information about relevant distribution / Debian version, making
4554 isenkram propose obsolete packages too. But along came AppStream, a
4555 cross distribution mechanism to store and collect metadata about
4556 software packages. When I heard about the proposal, I contacted the
4557 people involved and suggested to add a hardware matching rule using
4558 modalias strings in the specification, to be able to use AppStream for
4559 mapping hardware to packages. This idea was accepted and AppStream is
4560 now a great way for a package to announce the hardware it support in a
4561 distribution neutral way. I wrote
4562 <a href=
"https://people.skolelinux.org/pere/blog/Using_appstream_with_isenkram_to_install_hardware_related_packages_in_Debian.html
">a
4563 recipe on how to add such meta-information
</a
> in a blog post last
4564 December. If you have a hardware related package in Debian, please
4565 announce the relevant hardware IDs using AppStream.
</p
>
4567 <p
>In Debian, almost all packages that can talk to a LEGO Mindestorms
4568 RCX or NXT unit, announce this support using AppStream. The effect is
4569 that when you insert such LEGO robot controller into your Debian
4570 machine, Isenkram will propose to install the packages needed to get
4571 it working. The intention is that this should allow the local user to
4572 start programming his robot controller right away without having to
4573 guess what packages to use or which permissions to fix.
</p
>
4575 <p
>But when I sat down with my son the other day to program our NXT
4576 unit using his Debian Stretch computer, I discovered something
4577 annoying. The local console user (ie my son) did not get access to
4578 the USB device for programming the unit. This used to work, but no
4579 longer in Jessie and Stretch. After some investigation and asking
4580 around on #debian-devel, I discovered that this was because udev had
4581 changed the mechanism used to grant access to local devices. The
4582 ConsoleKit mechanism from
<tt
>/lib/udev/rules.d/
70-udev-acl.rules
</tt
>
4583 no longer applied, because LDAP users no longer was added to the
4584 plugdev group during login. Michael Biebl told me that this method
4585 was obsolete and the new method used ACLs instead. This was good
4586 news, as the plugdev mechanism is a mess when using a remote user
4587 directory like LDAP. Using ACLs would make sure a user lost device
4588 access when she logged out, even if the user left behind a background
4589 process which would retain the plugdev membership with the ConsoleKit
4590 setup. Armed with this knowledge I moved on to fix the access problem
4591 for the LEGO Mindstorms related packages.
</p
>
4593 <p
>The new system uses a udev tag,
'uaccess
'. It can either be
4594 applied directly for a device, or is applied in
4595 /lib/udev/rules.d/
70-uaccess.rules for classes of devices. As the
4596 LEGO Mindstorms udev rules did not have a class, I decided to add the
4597 tag directly in the udev rules files included in the packages. Here
4598 is one example. For the nqc C compiler for the RCX, the
4599 <tt
>/lib/udev/rules.d/
60-nqc.rules
</tt
> file now look like this:
4601 <p
><pre
>
4602 SUBSYSTEM==
"usb
", ACTION==
"add
", ATTR{idVendor}==
"0694", ATTR{idProduct}==
"0001", \
4603 SYMLINK+=
"rcx-%k
", TAG+=
"uaccess
"
4604 </pre
></p
>
4606 <p
>The key part is the
'TAG+=
"uaccess
"' at the end. I suspect all
4607 packages using plugdev in their /lib/udev/rules.d/ files should be
4608 changed to use this tag (either directly or indirectly via
4609 <tt
>70-uaccess.rules
</tt
>). Perhaps a lintian check should be created
4610 to detect this?
</p
>
4612 <p
>I
've been unable to find good documentation on the uaccess feature.
4613 It is unclear to me if the uaccess tag is an internal implementation
4614 detail like the udev-acl tag used by
4615 <tt
>/lib/udev/rules.d/
70-udev-acl.rules
</tt
>. If it is, I guess the
4616 indirect method is the preferred way. Michael
4617 <a href=
"https://github.com/systemd/systemd/issues/
4288">asked for more
4618 documentation from the systemd project
</a
> and I hope it will make
4619 this clearer. For now I use the generic classes when they exist and
4620 is already handled by
<tt
>70-uaccess.rules
</tt
>, and add the tag
4621 directly if no such class exist.
</p
>
4623 <p
>To learn more about the isenkram system, please check out
4624 <a href=
"https://people.skolelinux.org/pere/blog/tags/isenkram/
">my
4625 blog posts tagged isenkram
</a
>.
</p
>
4627 <p
>To help out making life for LEGO constructors in Debian easier,
4628 please join us on our IRC channel
4629 <a href=
"irc://irc.debian.org/%
23debian-lego
">#debian-lego
</a
> and join
4630 the
<a href=
"https://alioth.debian.org/projects/debian-lego/
">Debian
4631 LEGO team
</a
> in the Alioth project we created yesterday. A mailing
4632 list is not yet created, but we are working on it. :)
</p
>
4634 <p
>As usual, if you use Bitcoin and want to show your support of my
4635 activities, please send Bitcoin donations to my address
4636 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
4641 <title>First draft Norwegian Bokmål edition of The Debian Administrator
's Handbook now public
</title>
4642 <link>https://people.skolelinux.org/pere/blog/First_draft_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook_now_public.html
</link>
4643 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/First_draft_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook_now_public.html
</guid>
4644 <pubDate>Tue,
30 Aug
2016 10:
10:
00 +
0200</pubDate>
4645 <description><p
>In April we
4646 <a href=
"https://people.skolelinux.org/pere/blog/Lets_make_a_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook.html
">started
4647 to work
</a
> on a Norwegian Bokmål edition of the
"open access
" book on
4648 how to set up and administrate a Debian system. Today I am happy to
4649 report that the first draft is now publicly available. You can find
4650 it on
<a href=
"https://debian-handbook.info/get/
">get the Debian
4651 Administrator
's Handbook page
</a
> (under Other languages). The first
4652 eight chapters have a first draft translation, and we are working on
4653 proofreading the content. If you want to help out, please start
4655 <a href=
"https://hosted.weblate.org/projects/debian-handbook/
">the
4656 hosted weblate project page
</a
>, and get in touch using
4657 <a href=
"http://lists.alioth.debian.org/mailman/listinfo/debian-handbook-translators
">the
4658 translators mailing list
</a
>. Please also check out
4659 <a href=
"https://debian-handbook.info/contribute/
">the instructions for
4660 contributors
</a
>. A good way to contribute is to proofread the text
4661 and update weblate if you find errors.
</p
>
4663 <p
>Our goal is still to make the Norwegian book available on paper as well as
4664 electronic form.
</p
>
4669 <title>Coz can help you find bottlenecks in multi-threaded software - nice free software
</title>
4670 <link>https://people.skolelinux.org/pere/blog/Coz_can_help_you_find_bottlenecks_in_multi_threaded_software___nice_free_software.html
</link>
4671 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Coz_can_help_you_find_bottlenecks_in_multi_threaded_software___nice_free_software.html
</guid>
4672 <pubDate>Thu,
11 Aug
2016 12:
00:
00 +
0200</pubDate>
4673 <description><p
>This summer, I read a great article
4674 "<a href=
"https://www.usenix.org/publications/login/summer2016/curtsinger
">coz:
4675 This Is the Profiler You
're Looking For
</a
>" in USENIX ;login: about
4676 how to profile multi-threaded programs. It presented a system for
4677 profiling software by running experiences in the running program,
4678 testing how run time performance is affected by
"speeding up
" parts of
4679 the code to various degrees compared to a normal run. It does this by
4680 slowing down parallel threads while the
"faster up
" code is running
4681 and measure how this affect processing time. The processing time is
4682 measured using probes inserted into the code, either using progress
4683 counters (COZ_PROGRESS) or as latency meters (COZ_BEGIN/COZ_END). It
4684 can also measure unmodified code by measuring complete the program
4685 runtime and running the program several times instead.
</p
>
4687 <p
>The project and presentation was so inspiring that I would like to
4688 get the system into Debian. I
4689 <a href=
"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=
830708">created
4690 a WNPP request for it
</a
> and contacted upstream to try to make the
4691 system ready for Debian by sending patches. The build process need to
4692 be changed a bit to avoid running
'git clone
' to get dependencies, and
4693 to include the JavaScript web page used to visualize the collected
4694 profiling information included in the source package.
4695 But I expect that should work out fairly soon.
</p
>
4697 <p
>The way the system work is fairly simple. To run an coz experiment
4698 on a binary with debug symbols available, start the program like this:
4700 <p
><blockquote
><pre
>
4701 coz run --- program-to-run
4702 </pre
></blockquote
></p
>
4704 <p
>This will create a text file profile.coz with the instrumentation
4705 information. To show what part of the code affect the performance
4706 most, use a web browser and either point it to
4707 <a href=
"http://plasma-umass.github.io/coz/
">http://plasma-umass.github.io/coz/
</a
>
4708 or use the copy from git (in the gh-pages branch). Check out this web
4709 site to have a look at several example profiling runs and get an idea what the end result from the profile runs look like. To make the
4710 profiling more useful you include
&lt;coz.h
&gt; and insert the
4711 COZ_PROGRESS or COZ_BEGIN and COZ_END at appropriate places in the
4712 code, rebuild and run the profiler. This allow coz to do more
4713 targeted experiments.
</p
>
4715 <p
>A video published by ACM
4716 <a href=
"https://www.youtube.com/watch?v=jE0V-p1odPg
">presenting the
4717 Coz profiler
</a
> is available from Youtube. There is also a paper
4718 from the
25th Symposium on Operating Systems Principles available
4720 <a href=
"https://www.usenix.org/conference/atc16/technical-sessions/presentation/curtsinger
">Coz:
4721 finding code that counts with causal profiling
</a
>.
</p
>
4723 <p
><a href=
"https://github.com/plasma-umass/coz
">The source code
</a
>
4724 for Coz is available from github. It will only build with clang
4726 <a href=
"https://gcc.gnu.org/bugzilla/show_bug.cgi?id=
55606">C++
4727 feature missing in GCC
</a
>, but I
've submitted
4728 <a href=
"https://github.com/plasma-umass/coz/pull/
67">a patch to solve
4729 it
</a
> and hope it will be included in the upstream source soon.
</p
>
4731 <p
>Please get in touch if you, like me, would like to see this piece
4732 of software in Debian. I would very much like some help with the
4733 packaging effort, as I lack the in depth knowledge on how to package
4734 C++ libraries.
</p
>
4739 <title>Unlocking HTC Desire HD on Linux using unruu and fastboot
</title>
4740 <link>https://people.skolelinux.org/pere/blog/Unlocking_HTC_Desire_HD_on_Linux_using_unruu_and_fastboot.html
</link>
4741 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Unlocking_HTC_Desire_HD_on_Linux_using_unruu_and_fastboot.html
</guid>
4742 <pubDate>Thu,
7 Jul
2016 11:
30:
00 +
0200</pubDate>
4743 <description><p
>Yesterday, I tried to unlock a HTC Desire HD phone, and it proved
4744 to be a slight challenge. Here is the recipe if I ever need to do it
4745 again. It all started by me wanting to try the recipe to set up
4746 <a href=
"https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy
">an
4747 hardened Android installation
</a
> from the Tor project blog on a
4748 device I had access to. It is a old mobile phone with a broken
4749 microphone The initial idea had been to just
4750 <a href=
"http://wiki.cyanogenmod.org/w/Install_CM_for_ace
">install
4751 CyanogenMod on it
</a
>, but did not quite find time to start on it
4752 until a few days ago.
</p
>
4754 <p
>The unlock process is supposed to be simple: (
1) Boot into the boot
4755 loader (press volume down and power at the same time), (
2) select
4756 'fastboot
' before (
3) connecting the device via USB to a Linux
4757 machine, (
4) request the device identifier token by running
'fastboot
4758 oem get_identifier_token
', (
5) request the device unlocking key using
4759 the
<a href=
"http://www.htcdev.com/bootloader/
">HTC developer web
4760 site
</a
> and unlock the phone using the key file emailed to you.
</p
>
4762 <p
>Unfortunately, this only work fi you have hboot version
2.00.0029
4763 or newer, and the device I was working on had
2.00.0027. This
4764 apparently can be easily fixed by downloading a Windows program and
4765 running it on your Windows machine, if you accept the terms Microsoft
4766 require you to accept to use Windows - which I do not. So I had to
4767 come up with a different approach. I got a lot of help from AndyCap
4768 on #nuug, and would not have been able to get this working without
4771 <p
>First I needed to extract the hboot firmware from
4772 <a href=
"http://www.htcdev.com/ruu/PD9810000_Ace_Sense30_S_hboot_2.00
.0029.exe
">the
4773 windows binary for HTC Desire HD
</a
> downloaded as
'the RUU
' from HTC.
4774 For this there is is
<a href=
"https://github.com/kmdm/unruu/
">a github
4775 project named unruu
</a
> using libunshield. The unshield tool did not
4776 recognise the file format, but unruu worked and extracted rom.zip,
4777 containing the new hboot firmware and a text file describing which
4778 devices it would work for.
</p
>
4780 <p
>Next, I needed to get the new firmware into the device. For this I
4781 followed some instructions
4782 <a href=
"http://www.htc1guru.com/
2013/
09/new-ruu-zips-posted/
">available
4783 from HTC1Guru.com
</a
>, and ran these commands as root on a Linux
4784 machine with Debian testing:
</p
>
4786 <p
><pre
>
4787 adb reboot-bootloader
4788 fastboot oem rebootRUU
4789 fastboot flash zip rom.zip
4790 fastboot flash zip rom.zip
4792 </pre
></p
>
4794 <p
>The flash command apparently need to be done twice to take effect,
4795 as the first is just preparations and the second one do the flashing.
4796 The adb command is just to get to the boot loader menu, so turning the
4797 device on while holding volume down and the power button should work
4800 <p
>With the new hboot version in place I could start following the
4801 instructions on the HTC developer web site. I got the device token
4802 like this:
</p
>
4804 <p
><pre
>
4805 fastboot oem get_identifier_token
2>&1 | sed
's/(bootloader) //
'
4808 <p
>And once I got the unlock code via email, I could use it like
4811 <p
><pre
>
4812 fastboot flash unlocktoken Unlock_code.bin
4813 </pre
></p
>
4815 <p
>And with that final step in place, the phone was unlocked and I
4816 could start stuffing the software of my own choosing into the device.
4817 So far I only inserted a replacement recovery image to wipe the phone
4818 before I start. We will see what happen next. Perhaps I should
4819 install
<a href=
"https://www.debian.org/
">Debian
</a
> on it. :)
</p
>
4824 <title>How to use the Signal app if you only have a land line (ie no mobile phone)
</title>
4825 <link>https://people.skolelinux.org/pere/blog/How_to_use_the_Signal_app_if_you_only_have_a_land_line__ie_no_mobile_phone_.html
</link>
4826 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/How_to_use_the_Signal_app_if_you_only_have_a_land_line__ie_no_mobile_phone_.html
</guid>
4827 <pubDate>Sun,
3 Jul
2016 14:
20:
00 +
0200</pubDate>
4828 <description><p
>For a while now, I have wanted to test
4829 <a href=
"https://whispersystems.org/
">the Signal app
</a
>, as it is
4830 said to provide end to end encrypted communication and several of my
4831 friends and family are already using it. As I by choice do not own a
4832 mobile phone, this proved to be harder than expected. And I wanted to
4833 have the source of the client and know that it was the code used on my
4834 machine. But yesterday I managed to get it working. I used the
4835 Github source, compared it to the source in
4836 <a href=
"https://chrome.google.com/webstore/detail/signal-private-messenger/bikioccmkafdpakkkcpdbppfkghcmihk?hl=en-US
">the
4837 Signal Chrome app
</a
> available from the Chrome web store, applied
4838 patches to use the production Signal servers, started the app and
4839 asked for the hidden
"register without a smart phone
" form. Here is
4840 the recipe how I did it.
</p
>
4842 <p
>First, I fetched the Signal desktop source from Github, using
4845 git clone https://github.com/WhisperSystems/Signal-Desktop.git
4848 <p
>Next, I patched the source to use the production servers, to be
4849 able to talk to other Signal users:
</p
>
4852 cat
&lt;
&lt;EOF | patch -p0
4853 diff -ur ./js/background.js userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/
0.15.0_0/js/background.js
4854 --- ./js/background.js
2016-
06-
29 13:
43:
15.630344628 +
0200
4855 +++ userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/
0.15.0_0/js/background.js
2016-
06-
29 14:
06:
29.530300934 +
0200
4860 - var SERVER_URL =
'https://textsecure-service-staging.whispersystems.org
';
4861 - var ATTACHMENT_SERVER_URL =
'https://whispersystems-textsecure-attachments-staging.s3.amazonaws.com
';
4862 + var SERVER_URL =
'https://textsecure-service-ca.whispersystems.org:
4433';
4863 + var ATTACHMENT_SERVER_URL =
'https://whispersystems-textsecure-attachments.s3.amazonaws.com
';
4864 var messageReceiver;
4865 window.getSocketStatus = function() {
4866 if (messageReceiver) {
4867 diff -ur ./js/expire.js userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/
0.15.0_0/js/expire.js
4868 --- ./js/expire.js
2016-
06-
29 13:
43:
15.630344628 +
0200
4869 +++ userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/
0.15.0_0/js/expire.js2016-
06-
29 14:
06:
29.530300934 +
0200
4872 'use strict
';
4873 - var BUILD_EXPIRATION =
0;
4874 + var BUILD_EXPIRATION =
1474492690000;
4876 window.extension = window.extension || {};
4881 <p
>The first part is changing the servers, and the second is updating
4882 an expiration timestamp. This timestamp need to be updated regularly.
4883 It is set
90 days in the future by the build process (Gruntfile.js).
4884 The value is seconds since
1970 times
1000, as far as I can tell.
</p
>
4886 <p
>Based on a tip and good help from the #nuug IRC channel, I wrote a
4887 script to launch Signal in Chromium.
</p
>
4894 --proxy-server=
"socks://localhost:
9050" \
4895 --user-data-dir=`pwd`/userdata --load-and-launch-app=`pwd`
4898 <p
> The script start the app and configure Chromium to use the Tor
4899 SOCKS5 proxy to make sure those controlling the Signal servers (today
4900 Amazon and Whisper Systems) as well as those listening on the lines
4901 will have a harder time location my laptop based on the Signal
4902 connections if they use source IP address.
</p
>
4904 <p
>When the script starts, one need to follow the instructions under
4905 "Standalone Registration
" in the CONTRIBUTING.md file in the git
4906 repository. I right clicked on the Signal window to get up the
4907 Chromium debugging tool, visited the
'Console
' tab and wrote
4908 'extension.install(
"standalone
")
' on the console prompt to get the
4909 registration form. Then I entered by land line phone number and
4910 pressed
'Call
'.
5 seconds later the phone rang and a robot voice
4911 repeated the verification code three times. After entering the number
4912 into the verification code field in the form, I could start using
4913 Signal from my laptop.
4915 <p
>As far as I can tell, The Signal app will leak who is talking to
4916 whom and thus who know who to those controlling the central server,
4917 but such leakage is hard to avoid with a centrally controlled server
4918 setup. It is something to keep in mind when using Signal - the
4919 content of your chats are harder to intercept, but the meta data
4920 exposing your contact network is available to people you do not know.
4921 So better than many options, but not great. And sadly the usage is
4922 connected to my land line, thus allowing those controlling the server
4923 to associate it to my home and person. I would prefer it if only
4924 those I knew could tell who I was on Signal. There are options
4925 avoiding such information leakage, but most of my friends are not
4926 using them, so I am stuck with Signal for now.
</p
>
4928 <p
><strong
>Update
2017-
01-
10</strong
>: There is an updated blog post
4930 <a href=
"https://people.skolelinux.org/pere/blog/Experience_and_updated_recipe_for_using_the_Signal_app_without_a_mobile_phone.html
">Experience
4931 and updated recipe for using the Signal app without a mobile
4932 phone
</a
>.
</p
>
4937 <title>The new
"best
" multimedia player in Debian?
</title>
4938 <link>https://people.skolelinux.org/pere/blog/The_new__best__multimedia_player_in_Debian_.html
</link>
4939 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/The_new__best__multimedia_player_in_Debian_.html
</guid>
4940 <pubDate>Mon,
6 Jun
2016 12:
50:
00 +
0200</pubDate>
4941 <description><p
>When I set out a few weeks ago to figure out
4942 <a href=
"https://people.skolelinux.org/pere/blog/What_is_the_best_multimedia_player_in_Debian_.html
">which
4943 multimedia player in Debian claimed to support most file formats /
4944 MIME types
</a
>, I was a bit surprised how varied the sets of MIME types
4945 the various players claimed support for. The range was from
55 to
130
4946 MIME types. I suspect most media formats are supported by all
4947 players, but this is not really reflected in the MimeTypes values in
4948 their desktop files. There are probably also some bogus MIME types
4949 listed, but it is hard to identify which one this is.
</p
>
4951 <p
>Anyway, in the mean time I got in touch with upstream for some of
4952 the players suggesting to add more MIME types to their desktop files,
4953 and decided to spend some time myself improving the situation for my
4954 favorite media player VLC. The fixes for VLC entered Debian unstable
4955 yesterday. The complete list of MIME types can be seen on the
4956 <a href=
"https://wiki.debian.org/DebianMultimedia/PlayerSupport
">Multimedia
4957 player MIME type support status
</a
> Debian wiki page.
</p
>
4959 <p
>The new
"best
" multimedia player in Debian? It is VLC, followed by
4960 totem, parole, kplayer, gnome-mpv, mpv, smplayer, mplayer-gui and
4961 kmplayer. I am sure some of the other players desktop files support
4962 several of the formats currently listed as working only with vlc,
4963 toten and parole.
</p
>
4965 <p
>A sad observation is that only
14 MIME types are listed as
4966 supported by all the tested multimedia players in Debian in their
4967 desktop files: audio/mpeg, audio/vnd.rn-realaudio, audio/x-mpegurl,
4968 audio/x-ms-wma, audio/x-scpls, audio/x-wav, video/mp4, video/mpeg,
4969 video/quicktime, video/vnd.rn-realvideo, video/x-matroska,
4970 video/x-ms-asf, video/x-ms-wmv and video/x-msvideo. Personally I find
4971 it sad that video/ogg and video/webm is not supported by all the media
4972 players in Debian. As far as I can tell, all of them can handle both
4978 <title>A program should be able to open its own files on Linux
</title>
4979 <link>https://people.skolelinux.org/pere/blog/A_program_should_be_able_to_open_its_own_files_on_Linux.html
</link>
4980 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/A_program_should_be_able_to_open_its_own_files_on_Linux.html
</guid>
4981 <pubDate>Sun,
5 Jun
2016 08:
30:
00 +
0200</pubDate>
4982 <description><p
>Many years ago, when koffice was fresh and with few users, I
4983 decided to test its presentation tool when making the slides for a
4984 talk I was giving for NUUG on Japhar, a free Java virtual machine. I
4985 wrote the first draft of the slides, saved the result and went to bed
4986 the day before I would give the talk. The next day I took a plane to
4987 the location where the meeting should take place, and on the plane I
4988 started up koffice again to polish the talk a bit, only to discover
4989 that kpresenter refused to load its own data file. I cursed a bit and
4990 started making the slides again from memory, to have something to
4991 present when I arrived. I tested that the saved files could be
4992 loaded, and the day seemed to be rescued. I continued to polish the
4993 slides until I suddenly discovered that the saved file could no longer
4994 be loaded into kpresenter. In the end I had to rewrite the slides
4995 three times, condensing the content until the talk became shorter and
4996 shorter. After the talk I was able to pinpoint the problem
&ndash;
4997 kpresenter wrote inline images in a way itself could not understand.
4998 Eventually that bug was fixed and kpresenter ended up being a great
4999 program to make slides. The point I
'm trying to make is that we
5000 expect a program to be able to load its own data files, and it is
5001 embarrassing to its developers if it can
't.
</p
>
5003 <p
>Did you ever experience a program failing to load its own data
5004 files from the desktop file browser? It is not a uncommon problem. A
5005 while back I discovered that the screencast recorder
5006 gtk-recordmydesktop would save an Ogg Theora video file the KDE file
5007 browser would refuse to open. No video player claimed to understand
5008 such file. I tracked down the cause being
<tt
>file --mime-type
</tt
>
5009 returning the application/ogg MIME type, which no video player I had
5010 installed listed as a MIME type they would understand. I asked for
5011 <a href=
"http://bugs.gw.com/view.php?id=
382">file to change its
5012 behavour
</a
> and use the MIME type video/ogg instead. I also asked
5013 several video players to add video/ogg to their desktop files, to give
5014 the file browser an idea what to do about Ogg Theora files. After a
5015 while, the desktop file browsers in Debian started to handle the
5016 output from gtk-recordmydesktop properly.
</p
>
5018 <p
>But history repeats itself. A few days ago I tested the music
5019 system Rosegarden again, and I discovered that the KDE and xfce file
5020 browsers did not know what to do with the Rosegarden project files
5021 (*.rg). I
've reported
<a href=
"http://bugs.debian.org/
825993">the
5022 rosegarden problem to BTS
</a
> and a fix is commited to git and will be
5023 included in the next upload. To increase the chance of me remembering
5024 how to fix the problem next time some program fail to load its files
5025 from the file browser, here are some notes on how to fix it.
</p
>
5027 <p
>The file browsers in Debian in general operates on MIME types.
5028 There are two sources for the MIME type of a given file. The output from
5029 <tt
>file --mime-type
</tt
> mentioned above, and the content of the
5030 shared MIME type registry (under /usr/share/mime/). The file MIME
5031 type is mapped to programs supporting the MIME type, and this
5032 information is collected from
5033 <a href=
"https://www.freedesktop.org/wiki/Specifications/desktop-entry-spec/
">the
5034 desktop files
</a
> available in /usr/share/applications/. If there is
5035 one desktop file claiming support for the MIME type of the file, it is
5036 activated when asking to open a given file. If there are more, one
5037 can normally select which one to use by right-clicking on the file and
5038 selecting the wanted one using
'Open with
' or similar. In general
5039 this work well. But it depend on each program picking a good MIME
5041 <a href=
"http://www.iana.org/assignments/media-types/media-types.xhtml
">a
5042 MIME type registered with IANA
</a
>), file and/or the shared MIME
5043 registry recognizing the file and the desktop file to list the MIME
5044 type in its list of supported MIME types.
</p
>
5046 <p
>The
<tt
>/usr/share/mime/packages/rosegarden.xml
</tt
> entry for
5047 <a href=
"http://www.freedesktop.org/wiki/Specifications/shared-mime-info-spec
">the
5048 Shared MIME database
</a
> look like this:
</p
>
5050 <p
><blockquote
><pre
>
5051 &lt;?xml version=
"1.0" encoding=
"UTF-
8"?
&gt;
5052 &lt;mime-info xmlns=
"http://www.freedesktop.org/standards/shared-mime-info
"&gt;
5053 &lt;mime-type type=
"audio/x-rosegarden
"&gt;
5054 &lt;sub-class-of type=
"application/x-gzip
"/
&gt;
5055 &lt;comment
&gt;Rosegarden project file
&lt;/comment
&gt;
5056 &lt;glob pattern=
"*.rg
"/
&gt;
5057 &lt;/mime-type
&gt;
5058 &lt;/mime-info
&gt;
5059 </pre
></blockquote
></p
>
5061 <p
>This states that audio/x-rosegarden is a kind of application/x-gzip
5062 (it is a gzipped XML file). Note, it is much better to use an
5063 official MIME type registered with IANA than it is to make up ones own
5064 unofficial ones like the x-rosegarden type used by rosegarden.
</p
>
5066 <p
>The desktop file of the rosegarden program failed to list
5067 audio/x-rosegarden in its list of supported MIME types, causing the
5068 file browsers to have no idea what to do with *.rg files:
</p
>
5070 <p
><blockquote
><pre
>
5071 % grep Mime /usr/share/applications/rosegarden.desktop
5072 MimeType=audio/x-rosegarden-composition;audio/x-rosegarden-device;audio/x-rosegarden-project;audio/x-rosegarden-template;audio/midi;
5073 X-KDE-NativeMimeType=audio/x-rosegarden-composition
5075 </pre
></blockquote
></p
>
5077 <p
>The fix was to add
"audio/x-rosegarden;
" at the end of the
5078 MimeType= line.
</p
>
5080 <p
>If you run into a file which fail to open the correct program when
5081 selected from the file browser, please check out the output from
5082 <tt
>file --mime-type
</tt
> for the file, ensure the file ending and
5083 MIME type is registered somewhere under /usr/share/mime/ and check
5084 that some desktop file under /usr/share/applications/ is claiming
5085 support for this MIME type. If not, please report a bug to have it
5091 <title>Isenkram with PackageKit support - new version
0.23 available in Debian unstable
</title>
5092 <link>https://people.skolelinux.org/pere/blog/Isenkram_with_PackageKit_support___new_version_0_23_available_in_Debian_unstable.html
</link>
5093 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Isenkram_with_PackageKit_support___new_version_0_23_available_in_Debian_unstable.html
</guid>
5094 <pubDate>Wed,
25 May
2016 10:
20:
00 +
0200</pubDate>
5095 <description><p
><a href=
"https://tracker.debian.org/pkg/isenkram
">The isenkram
5096 system
</a
> is a user-focused solution in Debian for handling hardware
5097 related packages. The idea is to have a database of mappings between
5098 hardware and packages, and pop up a dialog suggesting for the user to
5099 install the packages to use a given hardware dongle. Some use cases
5100 are when you insert a Yubikey, it proposes to install the software
5101 needed to control it; when you insert a braille reader list it
5102 proposes to install the packages needed to send text to the reader;
5103 and when you insert a ColorHug screen calibrator it suggests to
5104 install the driver for it. The system work well, and even have a few
5105 command line tools to install firmware packages and packages for the
5106 hardware already in the machine (as opposed to hotpluggable hardware).
</p
>
5108 <p
>The system was initially written using aptdaemon, because I found
5109 good documentation and example code on how to use it. But aptdaemon
5110 is going away and is generally being replaced by
5111 <a href=
"http://www.freedesktop.org/software/PackageKit/
">PackageKit
</a
>,
5112 so Isenkram needed a rewrite. And today, thanks to the great patch
5113 from my college Sunil Mohan Adapa in the FreedomBox project, the
5114 rewrite finally took place. I
've just uploaded a new version of
5115 Isenkram into Debian Unstable with the patch included, and the default
5116 for the background daemon is now to use PackageKit. To check it out,
5117 install the
<tt
>isenkram
</tt
> package and insert some hardware dongle
5118 and see if it is recognised.
</p
>
5120 <p
>If you want to know what kind of packages isenkram would propose for
5121 the machine it is running on, you can check out the isenkram-lookup
5122 program. This is what it look like on a Thinkpad X230:
</p
>
5124 <p
><blockquote
><pre
>
5140 </pre
></blockquote
></p
>
5142 <p
>The hardware mappings come from several places. The preferred way
5143 is for packages to announce their hardware support using
5144 <a href=
"https://www.freedesktop.org/software/appstream/docs/
">the
5145 cross distribution appstream system
</a
>.
5147 <a href=
"https://people.skolelinux.org/pere/blog/tags/isenkram/
">previous
5148 blog posts about isenkram
</a
> to learn how to do that.
</p
>
5153 <title>Discharge rate estimate in new battery statistics collector for Debian
</title>
5154 <link>https://people.skolelinux.org/pere/blog/Discharge_rate_estimate_in_new_battery_statistics_collector_for_Debian.html
</link>
5155 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Discharge_rate_estimate_in_new_battery_statistics_collector_for_Debian.html
</guid>
5156 <pubDate>Mon,
23 May
2016 09:
35:
00 +
0200</pubDate>
5157 <description><p
>Yesterday I updated the
5158 <a href=
"https://tracker.debian.org/pkg/battery-stats
">battery-stats
5159 package in Debian
</a
> with a few patches sent to me by skilled and
5160 enterprising users. There were some nice user and visible changes.
5161 First of all, both desktop menu entries now work. A design flaw in
5162 one of the script made the history graph fail to show up (its PNG was
5163 dumped in ~/.xsession-errors) if no controlling TTY was available.
5164 The script worked when called from the command line, but not when
5165 called from the desktop menu. I changed this to look for a DISPLAY
5166 variable or a TTY before deciding where to draw the graph, and now the
5167 graph window pop up as expected.
</p
>
5169 <p
>The next new feature is a discharge rate estimator in one of the
5170 graphs (the one showing the last few hours). New is also the user of
5171 colours showing charging in blue and discharge in red. The percentages
5172 of this graph is relative to last full charge, not battery design
5175 <p align=
"center
"><img src=
"https://people.skolelinux.org/pere/blog/images/
2016-
05-
23-battery-stats-rate.png
"/
></p
>
5177 <p
>The other graph show the entire history of the collected battery
5178 statistics, comparing it to the design capacity of the battery to
5179 visualise how the battery life time get shorter over time. The red
5180 line in this graph is what the previous graph considers
100 percent:
5182 <p align=
"center
"><img src=
"https://people.skolelinux.org/pere/blog/images/
2016-
05-
23-battery-stats-history.png
"/
></p
>
5184 <p
>In this graph you can see that I only charge the battery to
80
5185 percent of last full capacity, and how the capacity of the battery is
5186 shrinking. :(
</p
>
5188 <p
>The last new feature is in the collector, which now will handle
5189 more hardware models. On some hardware, Linux power supply
5190 information is stored in /sys/class/power_supply/ACAD/, while the
5191 collector previously only looked in /sys/class/power_supply/AC/. Now
5192 both are checked to figure if there is power connected to the
5195 <p
>If you are interested in how your laptop battery is doing, please
5197 <a href=
"https://tracker.debian.org/pkg/battery-stats
">battery-stats
</a
>
5198 in Debian unstable, or rebuild it on Jessie to get it working on
5199 Debian stable. :) The upstream source is available from
<a
5200 href=
"https://github.com/petterreinholdtsen/battery-stats
">github
</a
>.
5201 Patches are very welcome.
</p
>
5203 <p
>As usual, if you use Bitcoin and want to show your support of my
5204 activities, please send Bitcoin donations to my address
5205 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
5210 <title>Debian now with ZFS on Linux included
</title>
5211 <link>https://people.skolelinux.org/pere/blog/Debian_now_with_ZFS_on_Linux_included.html
</link>
5212 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Debian_now_with_ZFS_on_Linux_included.html
</guid>
5213 <pubDate>Thu,
12 May
2016 07:
30:
00 +
0200</pubDate>
5214 <description><p
>Today, after many years of hard work from many people,
5215 <a href=
"http://zfsonlinux.org/
">ZFS for Linux
</a
> finally entered
5216 Debian. The package status can be seen on
5217 <a href=
"https://tracker.debian.org/pkg/zfs-linux
">the package tracker
5218 for zfs-linux
</a
>. and
5219 <a href=
"https://qa.debian.org/developer.php?login=pkg-zfsonlinux-devel@lists.alioth.debian.org
">the
5220 team status page
</a
>. If you want to help out, please join us.
5221 <a href=
"http://anonscm.debian.org/gitweb/?p=pkg-zfsonlinux/zfs.git
">The
5222 source code
</a
> is available via git on Alioth. It would also be
5223 great if you could help out with
5224 <a href=
"https://tracker.debian.org/pkg/dkms
">the dkms package
</a
>, as
5225 it is an important piece of the puzzle to get ZFS working.
</p
>
5230 <title>What is the best multimedia player in Debian?
</title>
5231 <link>https://people.skolelinux.org/pere/blog/What_is_the_best_multimedia_player_in_Debian_.html
</link>
5232 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/What_is_the_best_multimedia_player_in_Debian_.html
</guid>
5233 <pubDate>Sun,
8 May
2016 09:
40:
00 +
0200</pubDate>
5234 <description><p
><strong
>Where I set out to figure out which multimedia player in
5235 Debian claim support for most file formats.
</strong
></p
>
5237 <p
>A few years ago, I had a look at the media support for Browser
5238 plugins in Debian, to get an idea which plugins to include in Debian
5239 Edu. I created a script to extract the set of supported MIME types
5240 for each plugin, and used this to find out which multimedia browser
5241 plugin supported most file formats / media types.
5242 <a href=
"https://wiki.debian.org/DebianEdu/BrowserMultimedia
">The
5243 result
</a
> can still be seen on the Debian wiki, even though it have
5244 not been updated for a while. But browser plugins are less relevant
5245 these days, so I thought it was time to look at standalone
5248 <p
>A few days ago I was tired of VLC not being listed as a viable
5249 player when I wanted to play videos from the Norwegian National
5250 Broadcasting Company, and decided to investigate why. The cause is a
5251 <a href=
"https://bugs.debian.org/
822245">missing MIME type in the VLC
5252 desktop file
</a
>. In the process I wrote a script to compare the set
5253 of MIME types announced in the desktop file and the browser plugin,
5254 only to discover that there is quite a large difference between the
5255 two for VLC. This discovery made me dig up the script I used to
5256 compare browser plugins, and adjust it to compare desktop files
5257 instead, to try to figure out which multimedia player in Debian
5258 support most file formats.
</p
>
5260 <p
>The result can be seen on the Debian Wiki, as
5261 <a href=
"https://wiki.debian.org/DebianMultimedia/PlayerSupport
">a
5262 table listing all MIME types supported by one of the packages included
5263 in the table
</a
>, with the package supporting most MIME types being
5264 listed first in the table.
</p
>
5266 </p
>The best multimedia player in Debian? It is totem, followed by
5267 parole, kplayer, mpv, vlc, smplayer mplayer-gui gnome-mpv and
5268 kmplayer. Time for the other players to update their announced MIME
5274 <title>The Pyra - handheld computer with Debian preinstalled
</title>
5275 <link>https://people.skolelinux.org/pere/blog/The_Pyra___handheld_computer_with_Debian_preinstalled.html
</link>
5276 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/The_Pyra___handheld_computer_with_Debian_preinstalled.html
</guid>
5277 <pubDate>Wed,
4 May
2016 10:
00:
00 +
0200</pubDate>
5278 <description>A friend of mine made me aware of
5279 <a href=
"https://pyra-handheld.com/boards/pages/pyra/
">The Pyra
</a
>, a
5280 handheld computer which will be delivered with Debian preinstalled. I
5281 would love to get one of those for my birthday. :)
</p
>
5283 <p
>The machine is a complete ARM-based PC with micro HDMI, SATA, USB
5284 plugs and many others connectors, and include a full keyboard and a
5"
5285 LCD touch screen. The
6000mAh battery is claimed to provide a whole
5286 day of battery life time, but I have not seen any independent tests
5287 confirming this. The vendor is still collecting preorders, and the
5288 last I heard last night was that
22 more orders were needed before
5289 production started.
</p
>
5291 <p
>As far as I know, this is the first handheld preinstalled with
5292 Debian. Please let me know if you know of any others. Is it the
5293 first computer being sold with Debian preinstalled?
</p
>
5298 <title>Lets make a Norwegian Bokmål edition of The Debian Administrator
's Handbook
</title>
5299 <link>https://people.skolelinux.org/pere/blog/Lets_make_a_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook.html
</link>
5300 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Lets_make_a_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook.html
</guid>
5301 <pubDate>Sun,
10 Apr
2016 23:
20:
00 +
0200</pubDate>
5302 <description><p
>During this weekends
5303 <a href=
"http://www.nuug.no/news/Oslo__Takk_for_feilfiksingsfesten.shtml
">bug
5304 squashing party and developer gathering
</a
>, we decided to do our part
5305 to make sure there are good books about Debian available in Norwegian
5306 Bokmål, and got in touch with the people behind the
5307 <a href=
"http://debian-handbook.info/
">Debian Administrator
's Handbook
5308 project
</a
> to get started. If you want to help out, please start
5310 <a href=
"https://hosted.weblate.org/projects/debian-handbook/
">the
5311 hosted weblate project page
</a
>, and get in touch using
5312 <a href=
"http://lists.alioth.debian.org/mailman/listinfo/debian-handbook-translators
">the
5313 translators mailing list
</a
>. Please also check out
5314 <a href=
"https://debian-handbook.info/contribute/
">the instructions for
5315 contributors
</a
>.
</p
>
5317 <p
>The book is already available on paper in English, French and
5318 Japanese, and our goal is to get it available on paper in Norwegian
5319 Bokmål too. In addition to the paper edition, there are also EPUB and
5320 Mobi versions available. And there are incomplete translations
5321 available for many more languages.
</p
>
5326 <title>One in two hundred Debian users using ZFS on Linux?
</title>
5327 <link>https://people.skolelinux.org/pere/blog/One_in_two_hundred_Debian_users_using_ZFS_on_Linux_.html
</link>
5328 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/One_in_two_hundred_Debian_users_using_ZFS_on_Linux_.html
</guid>
5329 <pubDate>Thu,
7 Apr
2016 22:
30:
00 +
0200</pubDate>
5330 <description><p
>Just for fun I had a look at the popcon number of ZFS related
5331 packages in Debian, and was quite surprised with what I found. I use
5332 ZFS myself at home, but did not really expect many others to do so.
5333 But I might be wrong.
</p
>
5335 <p
>According to
5336 <a href=
"https://qa.debian.org/popcon.php?package=spl-linux
">the popcon
5337 results for spl-linux
</a
>, there are
1019 Debian installations, or
5338 0.53% of the population, with the package installed. As far as I know
5339 the only use of the spl-linux package is as a support library for ZFS
5340 on Linux, so I use it here as proxy for measuring the number of ZFS
5341 installation on Linux in Debian. In the kFreeBSD variant of Debian
5342 the ZFS feature is already available, and there
5343 <a href=
"https://qa.debian.org/popcon.php?package=zfsutils
">the popcon
5344 results for zfsutils
</a
> show
1625 Debian installations or
0.84% of
5345 the population. So I guess I am not alone in using ZFS on Debian.
</p
>
5347 <p
>But even though the Debian project leader Lucas Nussbaum
5348 <a href=
"https://lists.debian.org/debian-devel-announce/
2015/
04/msg00006.html
">announced
5349 in April
2015</a
> that the legal obstacles blocking ZFS on Debian were
5350 cleared, the package is still not in Debian. The package is again in
5351 the NEW queue. Several uploads have been rejected so far because the
5352 debian/copyright file was incomplete or wrong, but there is no reason
5353 to give up. The current status can be seen on
5354 <a href=
"https://qa.debian.org/developer.php?login=pkg-zfsonlinux-devel@lists.alioth.debian.org
">the
5355 team status page
</a
>, and
5356 <a href=
"http://anonscm.debian.org/gitweb/?p=pkg-zfsonlinux/zfs.git
">the
5357 source code
</a
> is available on Alioth.
</p
>
5359 <p
>As I want ZFS to be included in next version of Debian to make sure
5360 my home server can function in the future using only official Debian
5361 packages, and the current blocker is to get the debian/copyright file
5362 accepted by the FTP masters in Debian, I decided a while back to try
5363 to help out the team. This was the background for my blog post about
5364 <a href=
"https://people.skolelinux.org/pere/blog/Creating__updating_and_checking_debian_copyright_semi_automatically.html
">creating,
5365 updating and checking debian/copyright semi-automatically
</a
>, and I
5366 used the techniques I explored there to try to find any errors in the
5367 copyright file. It is not very easy to check every one of the around
5368 2000 files in the source package, but I hope we this time got it
5369 right. If you want to help out, check out the git source and try to
5370 find missing entries in the debian/copyright file.
</p
>
5375 <title>Full battery stats collector is now available in Debian
</title>
5376 <link>https://people.skolelinux.org/pere/blog/Full_battery_stats_collector_is_now_available_in_Debian.html
</link>
5377 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Full_battery_stats_collector_is_now_available_in_Debian.html
</guid>
5378 <pubDate>Wed,
23 Mar
2016 22:
10:
00 +
0100</pubDate>
5379 <description><p
>Since this morning, the battery-stats package in Debian include an
5380 extended collector that will collect the complete battery history for
5381 later processing and graphing. The original collector store the
5382 battery level as percentage of last full level, while the new
5383 collector also record battery vendor, model, serial number, design
5384 full level, last full level and current battery level. This make it
5385 possible to predict the lifetime of the battery as well as visualise
5386 the energy flow when the battery is charging or discharging.
</p
>
5388 <p
>The new tools are available in
<tt
>/usr/share/battery-stats/
</tt
>
5389 in the version
0.5.1 package in unstable. Get the new battery level graph
5390 and lifetime prediction by running:
5392 <p
><pre
>
5393 /usr/share/battery-stats/battery-stats-graph /var/log/battery-stats.csv
5394 </pre
></p
>
5396 <p
>Or select the
'Battery Level Graph
' from your application menu.
</p
>
5398 <p
>The flow in/out of the battery can be seen by running (no menu
5399 entry yet):
</p
>
5401 <p
><pre
>
5402 /usr/share/battery-stats/battery-stats-graph-flow
5403 </pre
></p
>
5405 <p
>I
'm not quite happy with the way the data is visualised, at least
5406 when there are few data points. The graphs look a bit better with a
5407 few years of data.
</p
>
5409 <p
>A while back one important feature I use in the battery stats
5410 collector broke in Debian. The scripts in
5411 <tt
>/usr/lib/pm-utils/power.d/
</tt
> were no longer executed. I
5412 suspect it happened when Jessie started using systemd, but I do not
5413 know. The issue is reported as
5414 <a href=
"https://bugs.debian.org/
818649">bug #
818649</a
> against
5415 pm-utils. I managed to work around it by adding an udev rule to call
5416 the collector script every time the power connector is connected and
5417 disconnected. With this fix in place it was finally time to make a
5418 new release of the package, and get it into Debian.
</p
>
5420 <p
>If you are interested in how your laptop battery is doing, please
5422 <a href=
"https://tracker.debian.org/pkg/battery-stats
">battery-stats
</a
>
5423 in Debian unstable, or rebuild it on Jessie to get it working on
5424 Debian stable. :) The upstream source is available from
5425 <a href=
"https://github.com/petterreinholdtsen/battery-stats
">github
</a
>.
5426 As always, patches are very welcome.
</p
>
5431 <title>Making battery measurements a little easier in Debian
</title>
5432 <link>https://people.skolelinux.org/pere/blog/Making_battery_measurements_a_little_easier_in_Debian.html
</link>
5433 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Making_battery_measurements_a_little_easier_in_Debian.html
</guid>
5434 <pubDate>Tue,
15 Mar
2016 15:
00:
00 +
0100</pubDate>
5435 <description><p
>Back in September, I blogged about
5436 <a href=
"https://people.skolelinux.org/pere/blog/The_life_and_death_of_a_laptop_battery.html
">the
5437 system I wrote to collect statistics about my laptop battery
</a
>, and
5438 how it showed the decay and death of this battery (now replaced). I
5439 created a simple deb package to handle the collection and graphing,
5440 but did not want to upload it to Debian as there were already
5441 <a href=
"https://tracker.debian.org/pkg/battery-stats
">a battery-stats
5442 package in Debian
</a
> that should do the same thing, and I did not see
5443 a point of uploading a competing package when battery-stats could be
5444 fixed instead. I reported a few bugs about its non-function, and
5445 hoped someone would step in and fix it. But no-one did.
</p
>
5447 <p
>I got tired of waiting a few days ago, and took matters in my own
5448 hands. The end result is that I am now the new upstream developer of
5449 battery stats (
<a href=
"https://github.com/petterreinholdtsen/battery-stats
">available from github
</a
>) and part of the team maintaining
5450 battery-stats in Debian, and the package in Debian unstable is finally
5451 able to collect battery status using the
<tt
>/sys/class/power_supply/
</tt
>
5452 information provided by the Linux kernel. If you install the
5453 battery-stats package from unstable now, you will be able to get a
5454 graph of the current battery fill level, to get some idea about the
5455 status of the battery. The source package build and work just fine in
5456 Debian testing and stable (and probably oldstable too, but I have not
5457 tested). The default graph you get for that system look like this:
</p
>
5459 <p align=
"center
"><img src=
"https://people.skolelinux.org/pere/blog/images/
2016-
03-
15-battery-stats-graph-example.png
" width=
"70%
" align=
"center
"></p
>
5461 <p
>My plans for the future is to merge my old scripts into the
5462 battery-stats package, as my old scripts collected a lot more details
5463 about the battery. The scripts are merged into the upstream
5464 battery-stats git repository already, but I am not convinced they work
5465 yet, as I changed a lot of paths along the way. Will have to test a
5466 bit more before I make a new release.
</p
>
5468 <p
>I will also consider changing the file format slightly, as I
5469 suspect the way I combine several values into one field might make it
5470 impossible to know the type of the value when using it for processing
5471 and graphing.
</p
>
5473 <p
>If you would like I would like to keep an close eye on your laptop
5474 battery, check out the battery-stats package in
5475 <a href=
"https://tracker.debian.org/pkg/battery-stats
">Debian
</a
> and
5477 <a href=
"https://github.com/petterreinholdtsen/battery-stats
">github
</a
>.
5478 I would love some help to improve the system further.
</p
>
5483 <title>Creating, updating and checking debian/copyright semi-automatically
</title>
5484 <link>https://people.skolelinux.org/pere/blog/Creating__updating_and_checking_debian_copyright_semi_automatically.html
</link>
5485 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Creating__updating_and_checking_debian_copyright_semi_automatically.html
</guid>
5486 <pubDate>Fri,
19 Feb
2016 15:
00:
00 +
0100</pubDate>
5487 <description><p
>Making packages for Debian requires quite a lot of attention to
5488 details. And one of the details is the content of the
5489 debian/copyright file, which should list all relevant licenses used by
5490 the code in the package in question, preferably in
5491 <a href=
"https://www.debian.org/doc/packaging-manuals/copyright-format/
1.0/
">machine
5492 readable DEP5 format
</a
>.
</p
>
5494 <p
>For large packages with lots of contributors it is hard to write
5495 and update this file manually, and if you get some detail wrong, the
5496 package is normally rejected by the ftpmasters. So getting it right
5497 the first time around get the package into Debian faster, and save
5498 both you and the ftpmasters some work.. Today, while trying to figure
5499 out what was wrong with
5500 <a href=
"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=
686447">the
5501 zfsonlinux copyright file
</a
>, I decided to spend some time on
5502 figuring out the options for doing this job automatically, or at least
5503 semi-automatically.
</p
>
5505 <p
>Lucikly, there are at least two tools available for generating the
5506 file based on the code in the source package,
5507 <tt
><a href=
"https://tracker.debian.org/pkg/debmake
">debmake
</a
></tt
>
5508 and
<tt
><a href=
"https://tracker.debian.org/pkg/cme
">cme
</a
></tt
>. I
'm
5509 not sure which one of them came first, but both seem to be able to
5510 create a sensible draft file. As far as I can tell, none of them can
5511 be trusted to get the result just right, so the content need to be
5512 polished a bit before the file is OK to upload. I found the debmake
5514 <a href=
"http://goofying-with-debian.blogspot.com/
2014/
07/debmake-checking-source-against-dep-
5.html
">a
5515 blog posts from
2014</a
>.
5517 <p
>To generate using debmake, use the -cc option:
5519 <p
><pre
>
5520 debmake -cc
> debian/copyright
5521 </pre
></p
>
5523 <p
>Note there are some problems with python and non-ASCII names, so
5524 this might not be the best option.
</p
>
5526 <p
>The cme option is based on a config parsing library, and I found
5528 <a href=
"https://ddumont.wordpress.com/
2015/
04/
05/improving-creation-of-debian-copyright-file/
">a
5529 blog post from
2015</a
>. To generate using cme, use the
'update
5530 dpkg-copyright
' option:
5532 <p
><pre
>
5533 cme update dpkg-copyright
5534 </pre
></p
>
5536 <p
>This will create or update debian/copyright. The cme tool seem to
5537 handle UTF-
8 names better than debmake.
</p
>
5539 <p
>When the copyright file is created, I would also like some help to
5540 check if the file is correct. For this I found two good options,
5541 <tt
>debmake -k
</tt
> and
<tt
>license-reconcile
</tt
>. The former seem
5542 to focus on license types and file matching, and is able to detect
5543 ineffective blocks in the copyright file. The latter reports missing
5544 copyright holders and years, but was confused by inconsistent license
5545 names (like CDDL vs. CDDL-
1.0). I suspect it is good to use both and
5546 fix all issues reported by them before uploading. But I do not know
5547 if the tools and the ftpmasters agree on what is important to fix in a
5548 copyright file, so the package might still be rejected.
</p
>
5550 <p
>The devscripts tool
<tt
>licensecheck
</tt
> deserve mentioning. It
5551 will read through the source and try to find all copyright statements.
5552 It is not comparing the result to the content of debian/copyright, but
5553 can be useful when verifying the content of the copyright file.
</p
>
5555 <p
>Are you aware of better tools in Debian to create and update
5556 debian/copyright file. Please let me know, or blog about it on
5557 planet.debian.org.
</p
>
5559 <p
>As usual, if you use Bitcoin and want to show your support of my
5560 activities, please send Bitcoin donations to my address
5561 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
5563 <p
><strong
>Update
2016-
02-
20</strong
>: I got a tip from Mike Gabriel
5564 on how to use licensecheck and cdbs to create a draft copyright file
5566 <p
><pre
>
5567 licensecheck --copyright -r `find * -type f` | \
5568 /usr/lib/cdbs/licensecheck2dep5
> debian/copyright.auto
5569 </pre
></p
>
5571 <p
>He mentioned that he normally check the generated file into the
5572 version control system to make it easier to discover license and
5573 copyright changes in the upstream source. I will try to do the same
5574 with my packages in the future.
</p
>
5576 <p
><strong
>Update
2016-
02-
21</strong
>: The cme author recommended
5577 against using -quiet for new users, so I removed it from the proposed
5578 command line.
</p
>
5583 <title>Using appstream in Debian to locate packages with firmware and mime type support
</title>
5584 <link>https://people.skolelinux.org/pere/blog/Using_appstream_in_Debian_to_locate_packages_with_firmware_and_mime_type_support.html
</link>
5585 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Using_appstream_in_Debian_to_locate_packages_with_firmware_and_mime_type_support.html
</guid>
5586 <pubDate>Thu,
4 Feb
2016 16:
40:
00 +
0100</pubDate>
5587 <description><p
>The
<a href=
"https://wiki.debian.org/DEP-
11">appstream system
</a
>
5588 is taking shape in Debian, and one provided feature is a very
5589 convenient way to tell you which package to install to make a given
5590 firmware file available when the kernel is looking for it. This can
5591 be done using apt-file too, but that is for someone else to blog
5594 <p
>Here is a small recipe to find the package with a given firmware
5595 file, in this example I am looking for ctfw-
3.2.3.0.bin, randomly
5596 picked from the set of firmware announced using appstream in Debian
5597 unstable. In general you would be looking for the firmware requested
5598 by the kernel during kernel module loading. To find the package
5599 providing the example file, do like this:
</p
>
5601 <blockquote
><pre
>
5602 % apt install appstream
5606 % appstreamcli what-provides firmware:runtime ctfw-
3.2.3.0.bin | \
5607 awk
'/Package:/ {print $
2}
'
5610 </pre
></blockquote
>
5612 <p
>See
<a href=
"https://wiki.debian.org/AppStream/Guidelines
">the
5613 appstream wiki
</a
> page to learn how to embed the package metadata in
5614 a way appstream can use.
</p
>
5616 <p
>This same approach can be used to find any package supporting a
5617 given MIME type. This is very useful when you get a file you do not
5618 know how to handle. First find the mime type using
<tt
>file
5619 --mime-type
</tt
>, and next look up the package providing support for
5620 it. Lets say you got an SVG file. Its MIME type is image/svg+xml,
5621 and you can find all packages handling this type like this:
</p
>
5623 <blockquote
><pre
>
5624 % apt install appstream
5628 % appstreamcli what-provides mimetype image/svg+xml | \
5629 awk
'/Package:/ {print $
2}
'
5651 </pre
></blockquote
>
5653 <p
>I believe the MIME types are fetched from the desktop file for
5654 packages providing appstream metadata.
</p
>
5659 <title>Creepy, visualise geotagged social media information - nice free software
</title>
5660 <link>https://people.skolelinux.org/pere/blog/Creepy__visualise_geotagged_social_media_information___nice_free_software.html
</link>
5661 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Creepy__visualise_geotagged_social_media_information___nice_free_software.html
</guid>
5662 <pubDate>Sun,
24 Jan
2016 10:
50:
00 +
0100</pubDate>
5663 <description><p
>Most people seem not to realise that every time they walk around
5664 with the computerised radio beacon known as a mobile phone their
5665 position is tracked by the phone company and often stored for a long
5666 time (like every time a SMS is received or sent). And if their
5667 computerised radio beacon is capable of running programs (often called
5668 mobile apps) downloaded from the Internet, these programs are often
5669 also capable of tracking their location (if the app requested access
5670 during installation). And when these programs send out information to
5671 central collection points, the location is often included, unless
5672 extra care is taken to not send the location. The provided
5673 information is used by several entities, for good and bad (what is
5674 good and bad, depend on your point of view). What is certain, is that
5675 the private sphere and the right to free movement is challenged and
5676 perhaps even eradicated for those announcing their location this way,
5677 when they share their whereabouts with private and public
5680 <p align=
"center
"><img width=
"70%
" src=
"https://people.skolelinux.org/pere/blog/images/
2016-
01-
24-nice-creepy-desktop-window.png
"></p
>
5682 <p
>The phone company logs provide a register of locations to check out
5683 when one want to figure out what the tracked person was doing. It is
5684 unavailable for most of us, but provided to selected government
5685 officials, company staff, those illegally buying information from
5686 unfaithful servants and crackers stealing the information. But the
5687 public information can be collected and analysed, and a free software
5688 tool to do so is called
5689 <a href=
"http://www.geocreepy.com/
">Creepy or Cree.py
</a
>. I
5690 discovered it when I read
5691 <a href=
"http://www.aftenposten.no/kultur/Slik-kan-du-bli-overvaket-pa-Twitter-og-Instagram-uten-a-ane-det-
7787884.html
">an
5692 article about Creepy
</a
> in the Norwegian newspaper Aftenposten i
5693 November
2014, and decided to check if it was available in Debian.
5694 The python program was in Debian, but
5695 <a href=
"https://tracker.debian.org/pkg/creepy
">the version in
5696 Debian
</a
> was completely broken and practically unmaintained. I
5697 uploaded a new version which did not work quite right, but did not
5698 have time to fix it then. This Christmas I decided to finally try to
5699 get Creepy operational in Debian. Now a fixed version is available in
5700 Debian unstable and testing, and almost all Debian specific patches
5702 <a href=
"https://github.com/jkakavas/creepy
">upstream
</a
>.
</p
>
5704 <p
>The Creepy program visualises geolocation information fetched from
5705 Twitter, Instagram, Flickr and Google+, and allow one to get a
5706 complete picture of every social media message posted recently in a
5707 given area, or track the movement of a given individual across all
5708 these services. Earlier it was possible to use the search API of at
5709 least some of these services without identifying oneself, but these
5710 days it is impossible. This mean that to use Creepy, you need to
5711 configure it to log in as yourself on these services, and provide
5712 information to them about your search interests. This should be taken
5713 into account when using Creepy, as it will also share information
5714 about yourself with the services.
</p
>
5716 <p
>The picture above show the twitter messages sent from (or at least
5717 geotagged with a position from) the city centre of Oslo, the capital
5718 of Norway. One useful way to use Creepy is to first look at
5719 information tagged with an area of interest, and next look at all the
5720 information provided by one or more individuals who was in the area.
5721 I tested it by checking out which celebrity provide their location in
5722 twitter messages by checkout out who sent twitter messages near a
5723 Norwegian TV station, and next could track their position over time,
5724 making it possible to locate their home and work place, among other
5725 things. A similar technique have been
5726 <a href=
"http://www.buzzfeed.com/maxseddon/does-this-soldiers-instagram-account-prove-russia-is-covertl
">used
5727 to locate Russian soldiers in Ukraine
</a
>, and it is both a powerful
5728 tool to discover lying governments, and a useful tool to help people
5729 understand the value of the private information they provide to the
5732 <p
>The package is not trivial to backport to Debian Stable/Jessie, as
5733 it depend on several python modules currently missing in Jessie (at
5734 least python-instagram, python-flickrapi and
5735 python-requests-toolbelt).
</p
>
5737 <p
>(I have uploaded
5738 <a href=
"https://screenshots.debian.net/package/creepy
">the image to
5739 screenshots.debian.net
</a
> and licensed it under the same terms as the
5740 Creepy program in Debian.)
</p
>
5745 <title>Always download Debian packages using Tor - the simple recipe
</title>
5746 <link>https://people.skolelinux.org/pere/blog/Always_download_Debian_packages_using_Tor___the_simple_recipe.html
</link>
5747 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Always_download_Debian_packages_using_Tor___the_simple_recipe.html
</guid>
5748 <pubDate>Fri,
15 Jan
2016 00:
30:
00 +
0100</pubDate>
5749 <description><p
>During his DebConf15 keynote, Jacob Appelbaum
5750 <a href=
"https://summit.debconf.org/debconf15/meeting/
331/what-is-to-be-done/
">observed
5751 that those listening on the Internet lines would have good reason to
5752 believe a computer have a given security hole
</a
> if it download a
5753 security fix from a Debian mirror. This is a good reason to always
5754 use encrypted connections to the Debian mirror, to make sure those
5755 listening do not know which IP address to attack. In August, Richard
5756 Hartmann observed that encryption was not enough, when it was possible
5757 to interfere download size to security patches or the fact that
5758 download took place shortly after a security fix was released, and
5759 <a href=
"http://richardhartmann.de/blog/posts/
2015/
08/
24-Tor-enabled_Debian_mirror/
">proposed
5760 to always use Tor to download packages from the Debian mirror
</a
>. He
5761 was not the first to propose this, as the
5762 <tt
><a href=
"https://tracker.debian.org/pkg/apt-transport-tor
">apt-transport-tor
</a
></tt
>
5763 package by Tim Retout already existed to make it easy to convince apt
5764 to use
<a href=
"https://www.torproject.org/
">Tor
</a
>, but I was not
5765 aware of that package when I read the blog post from Richard.
</p
>
5767 <p
>Richard discussed the idea with Peter Palfrader, one of the Debian
5768 sysadmins, and he set up a Tor hidden service on one of the central
5769 Debian mirrors using the address vwakviie2ienjx6t.onion, thus making
5770 it possible to download packages directly between two tor nodes,
5771 making sure the network traffic always were encrypted.
</p
>
5773 <p
>Here is a short recipe for enabling this on your machine, by
5774 installing
<tt
>apt-transport-tor
</tt
> and replacing http and https
5775 urls with tor+http and tor+https, and using the hidden service instead
5776 of the official Debian mirror site. I recommend installing
5777 <tt
>etckeeper
</tt
> before you start to have a history of the changes
5778 done in /etc/.
</p
>
5780 <blockquote
><pre
>
5781 apt install apt-transport-tor
5782 sed -i
's% http://ftp.debian.org/% tor+http://vwakviie2ienjx6t.onion/%
' /etc/apt/sources.list
5783 sed -i
's% http% tor+http%
' /etc/apt/sources.list
5784 </pre
></blockquote
>
5786 <p
>If you have more sources listed in /etc/apt/sources.list.d/, run
5787 the sed commands for these too. The sed command is assuming your are
5788 using the ftp.debian.org Debian mirror. Adjust the command (or just
5789 edit the file manually) to match your mirror.
</p
>
5791 <p
>This work in Debian Jessie and later. Note that tools like
5792 <tt
>apt-file
</tt
> only recently started using the apt transport
5793 system, and do not work with these tor+http URLs. For
5794 <tt
>apt-file
</tt
> you need the version currently in experimental,
5795 which need a recent apt version currently only in unstable. So if you
5796 need a working
<tt
>apt-file
</tt
>, this is not for you.
</p
>
5798 <p
>Another advantage from this change is that your machine will start
5799 using Tor regularly and at fairly random intervals (every time you
5800 update the package lists or upgrade or install a new package), thus
5801 masking other Tor traffic done from the same machine. Using Tor will
5802 become normal for the machine in question.
</p
>
5804 <p
>On
<a href=
"https://wiki.debian.org/FreedomBox
">Freedombox
</a
>, APT
5805 is set up by default to use
<tt
>apt-transport-tor
</tt
> when Tor is
5806 enabled. It would be great if it was the default on any Debian
5812 <title>OpenALPR, find car license plates in video streams - nice free software
</title>
5813 <link>https://people.skolelinux.org/pere/blog/OpenALPR__find_car_license_plates_in_video_streams___nice_free_software.html
</link>
5814 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/OpenALPR__find_car_license_plates_in_video_streams___nice_free_software.html
</guid>
5815 <pubDate>Wed,
23 Dec
2015 01:
00:
00 +
0100</pubDate>
5816 <description><p
>When I was a kid, we used to collect
"car numbers
", as we used to
5817 call the car license plate numbers in those days. I would write the
5818 numbers down in my little book and compare notes with the other kids
5819 to see how many region codes we had seen and if we had seen some
5820 exotic or special region codes and numbers. It was a fun game to pass
5821 time, as we kids have plenty of it.
</p
>
5823 <p
>A few days I came across
5824 <a href=
"https://github.com/openalpr/openalpr
">the OpenALPR
5825 project
</a
>, a free software project to automatically discover and
5826 report license plates in images and video streams, and provide the
5827 "car numbers
" in a machine readable format. I
've been looking for
5828 such system for a while now, because I believe it is a bad idea that the
5829 <a href=
"https://en.wikipedia.org/wiki/Automatic_number_plate_recognition
">automatic
5830 number plate recognition
</a
> tool only is available in the hands of
5831 the powerful, and want it to be available also for the powerless to
5832 even the score when it comes to surveillance and sousveillance. I
5833 discovered the developer
5834 <a href=
"https://bugs.debian.org/
747509">wanted to get the tool into
5835 Debian
</a
>, and as I too wanted it to be in Debian, I volunteered to
5836 help him get it into shape to get the package uploaded into the Debian
5839 <p
>Today we finally managed to get the package into shape and uploaded
5840 it into Debian, where it currently
5841 <a href=
"https://ftp-master.debian.org//new/openalpr_2.2
.1-
1.html
">waits
5842 in the NEW queue
</a
> for review by the Debian ftpmasters.
</p
>
5844 <p
>I guess you are wondering why on earth such tool would be useful
5845 for the common folks, ie those not running a large government
5846 surveillance system? Well, I plan to put it in a computer on my bike
5847 and in my car, tracking the cars nearby and allowing me to be notified
5848 when number plates on my watch list are discovered. Another use case
5849 was suggested by a friend of mine, who wanted to set it up at his home
5850 to open the car port automatically when it discovered the plate on his
5851 car. When I mentioned it perhaps was a bit foolhardy to allow anyone
5852 capable of placing his license plate number of a piece of cardboard to
5853 open his car port, men replied that it was always unlocked anyway. I
5854 guess for such use case it make sense. I am sure there are other use
5855 cases too, for those with imagination and a vision.
</p
>
5857 <p
>If you want to build your own version of the Debian package, check
5858 out the upstream git source and symlink ./distros/debian to ./debian/
5859 before running
"debuild
" to build the source. Or wait a bit until the
5860 package show up in unstable.
</p
>
5865 <title>Using appstream with isenkram to install hardware related packages in Debian
</title>
5866 <link>https://people.skolelinux.org/pere/blog/Using_appstream_with_isenkram_to_install_hardware_related_packages_in_Debian.html
</link>
5867 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Using_appstream_with_isenkram_to_install_hardware_related_packages_in_Debian.html
</guid>
5868 <pubDate>Sun,
20 Dec
2015 12:
20:
00 +
0100</pubDate>
5869 <description><p
>Around three years ago, I created
5870 <a href=
"http://packages.qa.debian.org/isenkram
">the isenkram
5871 system
</a
> to get a more practical solution in Debian for handing
5872 hardware related packages. A GUI system in the isenkram package will
5873 present a pop-up dialog when some hardware dongle supported by
5874 relevant packages in Debian is inserted into the machine. The same
5875 lookup mechanism to detect packages is available as command line
5876 tools in the isenkram-cli package. In addition to mapping hardware,
5877 it will also map kernel firmware files to packages and make it easy to
5878 install needed firmware packages automatically. The key for this
5879 system to work is a good way to map hardware to packages, in other
5880 words, allow packages to announce what hardware they will work
5883 <p
>I started by providing data files in the isenkram source, and
5884 adding code to download the latest version of these data files at run
5885 time, to ensure every user had the most up to date mapping available.
5886 I also added support for storing the mapping in the Packages file in
5887 the apt repositories, but did not push this approach because while I
5888 was trying to figure out how to best store hardware/package mappings,
5889 <a href=
"http://www.freedesktop.org/software/appstream/docs/
">the
5890 appstream system
</a
> was announced. I got in touch and suggested to
5891 add the hardware mapping into that data set to be able to use
5892 appstream as a data source, and this was accepted at least for the
5893 Debian version of appstream.
</p
>
5895 <p
>A few days ago using appstream in Debian for this became possible,
5896 and today I uploaded a new version
0.20 of isenkram adding support for
5897 appstream as a data source for mapping hardware to packages. The only
5898 package so far using appstream to announce its hardware support is my
5899 pymissile package. I got help from Matthias Klumpp with figuring out
5900 how do add the required
5901 <a href=
"https://appstream.debian.org/html/sid/main/metainfo/pymissile.html
">metadata
5902 in pymissile
</a
>. I added a file debian/pymissile.metainfo.xml with
5903 this content:
</p
>
5905 <blockquote
><pre
>
5906 &lt;?xml version=
"1.0" encoding=
"UTF-
8"?
&gt;
5907 &lt;component
&gt;
5908 &lt;id
&gt;pymissile
&lt;/id
&gt;
5909 &lt;metadata_license
&gt;MIT
&lt;/metadata_license
&gt;
5910 &lt;name
&gt;pymissile
&lt;/name
&gt;
5911 &lt;summary
&gt;Control original Striker USB Missile Launcher
&lt;/summary
&gt;
5912 &lt;description
&gt;
5914 Pymissile provides a curses interface to control an original
5915 Marks and Spencer / Striker USB Missile Launcher, as well as a
5916 motion control script to allow a webcamera to control the
5919 &lt;/description
&gt;
5920 &lt;provides
&gt;
5921 &lt;modalias
&gt;usb:v1130p0202d*
&lt;/modalias
&gt;
5922 &lt;/provides
&gt;
5923 &lt;/component
&gt;
5924 </pre
></blockquote
>
5926 <p
>The key for isenkram is the component/provides/modalias value,
5927 which is a glob style match rule for hardware specific strings
5928 (modalias strings) provided by the Linux kernel. In this case, it
5929 will map to all USB devices with vendor code
1130 and product code
5932 <p
>Note, it is important that the license of all the metadata files
5933 are compatible to have permissions to aggregate them into archive wide
5934 appstream files. Matthias suggested to use MIT or BSD licenses for
5935 these files. A challenge is figuring out a good id for the data, as
5936 it is supposed to be globally unique and shared across distributions
5937 (in other words, best to coordinate with upstream what to use). But
5938 it can be changed later or, so we went with the package name as
5939 upstream for this project is dormant.
</p
>
5941 <p
>To get the metadata file installed in the correct location for the
5942 mirror update scripts to pick it up and include its content the
5943 appstream data source, the file must be installed in the binary
5944 package under /usr/share/appdata/. I did this by adding the following
5945 line to debian/pymissile.install:
</p
>
5947 <blockquote
><pre
>
5948 debian/pymissile.metainfo.xml usr/share/appdata
5949 </pre
></blockquote
>
5951 <p
>With that in place, the command line tool isenkram-lookup will list
5952 all packages useful on the current computer automatically, and the GUI
5953 pop-up handler will propose to install the package not already
5954 installed if a hardware dongle is inserted into the machine in
5957 <p
>Details of the modalias field in appstream is available from the
5958 <a href=
"https://wiki.debian.org/DEP-
11">DEP-
11</a
> proposal.
</p
>
5960 <p
>To locate the modalias values of all hardware present in a machine,
5961 try running this command on the command line:
</p
>
5963 <blockquote
><pre
>
5964 cat $(find /sys/devices/|grep modalias)
5965 </pre
></blockquote
>
5967 <p
>To learn more about the isenkram system, please check out
5968 <a href=
"https://people.skolelinux.org/pere/blog/tags/isenkram/
">my
5969 blog posts tagged isenkram
</a
>.
</p
>
5974 <title>The GNU General Public License is not magic pixie dust
</title>
5975 <link>https://people.skolelinux.org/pere/blog/The_GNU_General_Public_License_is_not_magic_pixie_dust.html
</link>
5976 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/The_GNU_General_Public_License_is_not_magic_pixie_dust.html
</guid>
5977 <pubDate>Mon,
30 Nov
2015 09:
55:
00 +
0100</pubDate>
5978 <description><p
>A blog post from my fellow Debian developer Paul Wise titled
5979 "<a href=
"http://bonedaddy.net/pabs3/log/
2015/
11/
27/sfc-supporter/
">The
5980 GPL is not magic pixie dust
</a
>" explain the importance of making sure
5981 the
<a href=
"http://www.gnu.org/copyleft/gpl.html
">GPL
</a
> is enforced.
5982 I quote the blog post from Paul in full here with his permission:
<p
>
5986 <p
><a href=
"https://sfconservancy.org/supporter/
"><img src=
"https://sfconservancy.org/img/supporter-badge.png
" width=
"194" height=
"90" alt=
"Become a Software Freedom Conservancy Supporter!
" align=
"right
" border=
"0" /
></a
></p
>
5989 The GPL is not magic pixie dust. It does not work by itself.
<br/
>
5991 The first step is to choose a
5992 <a href=
"https://copyleft.org/
">copyleft
</a
> license for your
5995 The next step is, when someone fails to follow that copyleft license,
5996 <b
>it must be enforced
</b
><br/
>
5998 and its a simple fact of our modern society that such type of
6001 is incredibly expensive to do and incredibly difficult to do.
6004 <p
><small
>--
<a href=
"http://ebb.org/bkuhn/
">Bradley Kuhn
</a
>, in
6005 <a href=
"http://faif.us/
" title=
"Free as in Freedom
">FaiF
</a
>
6006 <a href=
"http://faif.us/cast/
2015/nov/
24/
0x57/
">episode
6007 0x57</a
></small
></p
>
6009 <p
>As the Debian Website
6010 <a href=
"https://bugs.debian.org/
794116">used
</a
>
6011 <a href=
"https://anonscm.debian.org/viewvc/webwml/webwml/english/intro/free.wml?r1=
1.24&amp;r2=
1.25">to
</a
>
6012 imply, public domain and permissively licensed software can lead to
6013 the production of more proprietary software as people discover useful
6014 software, extend it and or incorporate it into their hardware or
6015 software products. Copyleft licenses such as the GNU GPL were created
6016 to close off this avenue to the production of proprietary software but
6017 such licenses are not enough. With the ongoing adoption of Free
6018 Software by individuals and groups, inevitably the community
's
6019 expectations of license compliance are violated, usually out of
6020 ignorance of the way Free Software works, but not always. As Karen
6021 and Bradley explained in
<a href=
"http://faif.us/
" title=
"Free as in
6022 Freedom
">FaiF
</a
>
6023 <a href=
"http://faif.us/cast/
2015/nov/
24/
0x57/
">episode
0x57</a
>,
6024 copyleft is nothing if no-one is willing and able to stand up in court
6025 to protect it. The reality of today
's world is that legal
6026 representation is expensive, difficult and time consuming. With
6027 <a href=
"http://gpl-violations.org/
">gpl-violations.org
</a
> in hiatus
6028 <a href=
"http://gpl-violations.org/news/
20151027-homepage-recovers/
">until
</a
>
6029 some time in
2016, the
<a href=
"https://sfconservancy.org/
">Software
6030 Freedom Conservancy
</a
> (a tax-exempt charity) is the major defender
6031 of the Linux project, Debian and other groups against GPL violations.
6032 In March the SFC supported a
6033 <a href=
"https://sfconservancy.org/news/
2015/mar/
05/vmware-lawsuit/
">lawsuit
6034 by Christoph Hellwig
</a
> against VMware for refusing to
6035 <a href=
"https://sfconservancy.org/linux-compliance/vmware-lawsuit-faq.html
">comply
6036 with the GPL
</a
> in relation to their use of parts of the Linux
6037 kernel. Since then two of their sponsors pulled corporate funding and
6039 <a href=
"https://sfconservancy.org/blog/
2015/nov/
24/faif-carols-fundraiser/
">blocked
6040 or cancelled their talks
</a
>. As a result they have decided to rely
6041 less on corporate funding and more on the broad community of
6042 individuals who support Free Software and copyleft. So the SFC has
6043 <a href=
"https://sfconservancy.org/news/
2015/nov/
23/
2015fundraiser/
">launched
</a
>
6044 a
<a href=
"https://sfconservancy.org/supporter/
">campaign
</a
> to create
6045 a community of folks who stand up for copyleft and the GPL by
6046 supporting their work on promoting and supporting copyleft and Free
6049 <p
>If you support Free Software,
6050 <a href=
"https://sfconservancy.org/blog/
2015/nov/
26/like-what-I-do/
">like
</a
>
6051 what the SFC do, agree with their
6052 <a href=
"https://sfconservancy.org/linux-compliance/principles.html
">compliance
6053 principles
</a
>, are happy about their
6054 <a href=
"https://sfconservancy.org/supporter/
">successes
</a
> in
2015,
6055 work on a project that is an SFC
6056 <a href=
"https://sfconservancy.org/members/current/
">member
</a
> and or
6057 just want to stand up for copyleft, please join
6058 <a href=
"https://identi.ca/cwebber/image/JQGPA4qbTyyp3-MY8QpvuA
">Christopher
6059 Allan Webber
</a
>,
6060 <a href=
"https://sfconservancy.org/blog/
2015/nov/
24/faif-carols-fundraiser/
">Carol
6062 <a href=
"http://www.jonobacon.org/
2015/
11/
25/supporting-software-freedom-conservancy/
">Jono
6063 Bacon
</a
>, myself and
6064 <a href=
"https://sfconservancy.org/sponsors/#supporters
">others
</a
> in
6066 <a href=
"https://sfconservancy.org/supporter/
">supporter
</a
>. For the
6067 next week your donation will be
6068 <a href=
"https://sfconservancy.org/news/
2015/nov/
27/black-friday/
">matched
</a
>
6069 by an anonymous donor. Please also consider asking your employer to
6070 match your donation or become a sponsor of SFC. Don
't forget to
6071 spread the word about your support for SFC via email, your blog and or
6072 social media accounts.
</p
>
6076 <p
>I agree with Paul on this topic and just signed up as a Supporter
6077 of Software Freedom Conservancy myself. Perhaps you should be a
6078 supporter too?
</p
>
6083 <title>PGP key transition statement for key EE4E02F9
</title>
6084 <link>https://people.skolelinux.org/pere/blog/PGP_key_transition_statement_for_key_EE4E02F9.html
</link>
6085 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/PGP_key_transition_statement_for_key_EE4E02F9.html
</guid>
6086 <pubDate>Tue,
17 Nov
2015 10:
50:
00 +
0100</pubDate>
6087 <description><p
>I
've needed a new OpenPGP key for a while, but have not had time to
6088 set it up properly. I wanted to generate it offline and have it
6089 available on
<a href=
"http://shop.kernelconcepts.de/#openpgp
">a OpenPGP
6090 smart card
</a
> for daily use, and learning how to do it and finding
6091 time to sit down with an offline machine almost took forever. But
6092 finally I
've been able to complete the process, and have now moved
6093 from my old GPG key to a new GPG key. See
6094 <a href=
"https://people.skolelinux.org/pere/blog/images/
2015-
11-
17-new-gpg-key-transition.txt
">the
6095 full transition statement, signed with both my old and new key
</a
> for
6096 the details. This is my new key:
</p
>
6099 pub
3936R/
<a href=
"http://pgp.cs.uu.nl/stats/
111D6B29EE4E02F9.html
">111D6B29EE4E02F9
</a
> 2015-
11-
03 [expires:
2019-
11-
14]
6100 Key fingerprint =
3AC7 B2E3 ACA5 DF87
78F1 D827
111D
6B29 EE4E
02F9
6101 uid Petter Reinholdtsen
&lt;pere@hungry.com
&gt;
6102 uid Petter Reinholdtsen
&lt;pere@debian.org
&gt;
6103 sub
4096R/
87BAFB0E
2015-
11-
03 [expires:
2019-
11-
02]
6104 sub
4096R/F91E6DE9
2015-
11-
03 [expires:
2019-
11-
02]
6105 sub
4096R/A0439BAB
2015-
11-
03 [expires:
2019-
11-
02]
6108 <p
>The key can be downloaded from the OpenPGP key servers, signed by
6109 my old key.
</p
>
6111 <p
>If you signed my old key
6112 (
<a href=
"http://pgp.cs.uu.nl/stats/DB4CCC4B2A30D729.html
">DB4CCC4B2A30D729
</a
>),
6113 I
'd very much appreciate a signature on my new key, details and
6114 instructions in the transition statement. I m happy to reciprocate if
6115 you have a similarly signed transition statement to present.
</p
>
6120 <title>The life and death of a laptop battery
</title>
6121 <link>https://people.skolelinux.org/pere/blog/The_life_and_death_of_a_laptop_battery.html
</link>
6122 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/The_life_and_death_of_a_laptop_battery.html
</guid>
6123 <pubDate>Thu,
24 Sep
2015 16:
00:
00 +
0200</pubDate>
6124 <description><p
>When I get a new laptop, the battery life time at the start is OK.
6125 But this do not last. The last few laptops gave me a feeling that
6126 within a year, the life time is just a fraction of what it used to be,
6127 and it slowly become painful to use the laptop without power connected
6128 all the time. Because of this, when I got a new Thinkpad X230 laptop
6129 about two years ago, I decided to monitor its battery state to have
6130 more hard facts when the battery started to fail.
</p
>
6132 <img src=
"https://people.skolelinux.org/pere/blog/images/
2015-
09-
24-laptop-battery-graph.png
"/
>
6134 <p
>First I tried to find a sensible Debian package to record the
6135 battery status, assuming that this must be a problem already handled
6136 by someone else. I found
6137 <a href=
"https://tracker.debian.org/pkg/battery-stats
">battery-stats
</a
>,
6138 which collects statistics from the battery, but it was completely
6139 broken. I sent a few suggestions to the maintainer, but decided to
6140 write my own collector as a shell script while I waited for feedback
6142 <a href=
"http://www.ifweassume.com/
2013/
08/the-de-evolution-of-my-laptop-battery.html
">a
6143 blog post about the battery development on a MacBook Air
</a
> I also
6145 <a href=
"https://github.com/jradavenport/batlog.git
">batlog
</a
>, not
6146 available in Debian.
</p
>
6148 <p
>I started my collector
2013-
07-
15, and it has been collecting
6149 battery stats ever since. Now my
6150 /var/log/hjemmenett-battery-status.log file contain around
115,
000
6151 measurements, from the time the battery was working great until now,
6152 when it is unable to charge above
7% of original capacity. My
6153 collector shell script is quite simple and look like this:
</p
>
6158 # http://www.ifweassume.com/
2013/
08/the-de-evolution-of-my-laptop-battery.html
6160 # http://blog.sleeplessbeastie.eu/
2013/
01/
02/debian-how-to-monitor-battery-capacity/
6161 logfile=/var/log/hjemmenett-battery-status.log
6163 files=
"manufacturer model_name technology serial_number \
6164 energy_full energy_full_design energy_now cycle_count status
"
6166 if [ ! -e
"$logfile
" ] ; then
6168 printf
"timestamp,
"
6170 printf
"%s,
" $f
6173 )
> "$logfile
"
6177 # Print complete message in one echo call, to avoid race condition
6178 # when several log processes run in parallel.
6179 msg=$(printf
"%s,
" $(date +%s); \
6180 for f in $files; do \
6181 printf
"%s,
" $(cat $f); \
6183 echo
"$msg
"
6186 cd /sys/class/power_supply
6189 (cd $bat
&& log_battery
>> "$logfile
")
6193 <p
>The script is called when the power management system detect a
6194 change in the power status (power plug in or out), and when going into
6195 and out of hibernation and suspend. In addition, it collect a value
6196 every
10 minutes. This make it possible for me know when the battery
6197 is discharging, charging and how the maximum charge change over time.
6198 The code for the Debian package
6199 <a href=
"https://github.com/petterreinholdtsen/battery-status
">is now
6200 available on github
</a
>.
</p
>
6202 <p
>The collected log file look like this:
</p
>
6205 timestamp,manufacturer,model_name,technology,serial_number,energy_full,energy_full_design,energy_now,cycle_count,status,
6206 1376591133,LGC,
45N1025,Li-ion,
974,
62800000,
62160000,
39050000,
0,Discharging,
6208 1443090528,LGC,
45N1025,Li-ion,
974,
4900000,
62160000,
4900000,
0,Full,
6209 1443090601,LGC,
45N1025,Li-ion,
974,
4900000,
62160000,
4900000,
0,Full,
6212 <p
>I wrote a small script to create a graph of the charge development
6213 over time. This graph depicted above show the slow death of my laptop
6216 <p
>But why is this happening? Why are my laptop batteries always
6217 dying in a year or two, while the batteries of space probes and
6218 satellites keep working year after year. If we are to believe
6219 <a href=
"http://batteryuniversity.com/learn/article/how_to_prolong_lithium_based_batteries
">Battery
6220 University
</a
>, the cause is me charging the battery whenever I have a
6221 chance, and the fix is to not charge the Lithium-ion batteries to
100%
6222 all the time, but to stay below
90% of full charge most of the time.
6223 I
've been told that the Tesla electric cars
6224 <a href=
"http://my.teslamotors.com/de_CH/forum/forums/battery-charge-limit
">limit
6225 the charge of their batteries to
80%
</a
>, with the option to charge to
6226 100% when preparing for a longer trip (not that I would want a car
6227 like Tesla where rights to privacy is abandoned, but that is another
6228 story), which I guess is the option we should have for laptops on
6229 Linux too.
</p
>
6231 <p
>Is there a good and generic way with Linux to tell the battery to
6232 stop charging at
80%, unless requested to charge to
100% once in
6233 preparation for a longer trip? I found
6234 <a href=
"http://askubuntu.com/questions/
34452/how-can-i-limit-battery-charging-to-
80-capacity
">one
6235 recipe on askubuntu for Ubuntu to limit charging on Thinkpad to
6236 80%
</a
>, but could not get it to work (kernel module refused to
6239 <p
>I wonder why the battery capacity was reported to be more than
100%
6240 at the start. I also wonder why the
"full capacity
" increases some
6241 times, and if it is possible to repeat the process to get the battery
6242 back to design capacity. And I wonder if the discharge and charge
6243 speed change over time, or if this stay the same. I did not yet try
6244 to write a tool to calculate the derivative values of the battery
6245 level, but suspect some interesting insights might be learned from
6248 <p
>Update
2015-
09-
24: I got a tip to install the packages
6249 acpi-call-dkms and tlp (unfortunately missing in Debian stable)
6250 packages instead of the tp-smapi-dkms package I had tried to use
6251 initially, and use
'tlp setcharge
40 80' to change when charging start
6252 and stop. I
've done so now, but expect my existing battery is toast
6253 and need to be replaced. The proposal is unfortunately Thinkpad
6259 <title>New laptop - some more clues and ideas based on feedback
</title>
6260 <link>https://people.skolelinux.org/pere/blog/New_laptop___some_more_clues_and_ideas_based_on_feedback.html
</link>
6261 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/New_laptop___some_more_clues_and_ideas_based_on_feedback.html
</guid>
6262 <pubDate>Sun,
5 Jul
2015 21:
40:
00 +
0200</pubDate>
6263 <description><p
>Several people contacted me after my previous blog post about my
6264 need for a new laptop, and provided very useful feedback. I wish to
6265 thank every one of these. Several pointed me to the possibility of
6266 fixing my X230, and I am already in the process of getting Lenovo to
6267 do so thanks to the on site, next day support contract covering the
6268 machine. But the battery is almost useless (I expect to replace it
6269 with a non-official battery) and I do not expect the machine to live
6270 for many more years, so it is time to plan its replacement. If I did
6271 not have a support contract, it was suggested to find replacement parts
6272 using
<a href=
"http://www.francecrans.com/
">FrancEcrans
</a
>, but it
6273 might present a language barrier as I do not understand French.
</p
>
6275 <p
>One tip I got was to use the
6276 <a href=
"https://skinflint.co.uk/?cat=nb
">Skinflint
</a
> web service to
6277 compare laptop models. It seem to have more models available than
6278 prisjakt.no. Another tip I got from someone I know have similar
6279 keyboard preferences was that the HP EliteBook
840 keyboard is not
6280 very good, and this matches my experience with earlier EliteBook
6281 keyboards I tested. Because of this, I will not consider it any further.
6283 <p
>When I wrote my blog post, I was not aware of Thinkpad X250, the
6284 newest Thinkpad X model. The keyboard reintroduces mouse buttons
6285 (which is missing from the X240), and is working fairly well with
6286 Debian Sid/Unstable according to
6287 <a href=
"http://www.corsac.net/X250/
">Corsac.net
</a
>. The reports I
6288 got on the keyboard quality are not consistent. Some say the keyboard
6289 is good, others say it is ok, while others say it is not very good.
6290 Those with experience from X41 and and X60 agree that the X250
6291 keyboard is not as good as those trusty old laptops, and suggest I
6292 keep and fix my X230 instead of upgrading, or get a used X230 to
6293 replace it. I
'm also told that the X250 lack leds for caps lock, disk
6294 activity and battery status, which is very convenient on my X230. I
'm
6295 also told that the CPU fan is running very often, making it a bit
6296 noisy. In any case, the X250 do not work out of the box with Debian
6297 Stable/Jessie, one of my requirements.
</p
>
6299 <p
>I have also gotten a few vendor proposals, one was
6300 <a href=
"http://pro-star.com
">Pro-Star
</a
>, another was
6301 <a href=
"http://shop.gluglug.org.uk/product/libreboot-x200/
">Libreboot
</a
>.
6302 The latter look very attractive to me.
</p
>
6304 <p
>Again, thank you all for the very useful feedback. It help a lot
6305 as I keep looking for a replacement.
</p
>
6307 <p
>Update
2015-
07-
06: I was recommended to check out the
6308 <a href=
"">lapstore.de
</a
> web shop for used laptops. They got several
6310 <a href=
"http://www.lapstore.de/f.php/shop/lapstore/f/
411/lang/x/kw/Lenovo_ThinkPad_X_Serie/
">old
6311 thinkpad X models
</a
>, and provide one year warranty.
</p
>
6316 <title>Time to find a new laptop, as the old one is broken after only two years
</title>
6317 <link>https://people.skolelinux.org/pere/blog/Time_to_find_a_new_laptop__as_the_old_one_is_broken_after_only_two_years.html
</link>
6318 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Time_to_find_a_new_laptop__as_the_old_one_is_broken_after_only_two_years.html
</guid>
6319 <pubDate>Fri,
3 Jul
2015 07:
10:
00 +
0200</pubDate>
6320 <description><p
>My primary work horse laptop is failing, and will need a
6321 replacement soon. The left
5 cm of the screen on my Thinkpad X230
6322 started flickering yesterday, and I suspect the cause is a broken
6323 cable, as changing the angle of the screen some times get rid of the
6324 flickering.
</p
>
6326 <p
>My requirements have not really changed since I bought it, and is
6328 <a href=
"https://people.skolelinux.org/pere/blog/Thank_you_Thinkpad_X41__for_your_long_and_trustworthy_service.html
">I
6329 described them in
2013</a
>. The last time I bought a laptop, I had
6331 <a href=
"http://www.prisjakt.no/category.php?k=
353">prisjakt.no
</a
>
6332 where I could select at least a few of the requirements (mouse pin,
6333 wifi, weight) and go through the rest manually. Three button mouse
6334 and a good keyboard is not available as an option, and all the three
6335 laptop models proposed today (Thinkpad X240, HP EliteBook
820 G1 and
6336 G2) lack three mouse buttons). It is also unclear to me how good the
6337 keyboard on the HP EliteBooks are. I hope Lenovo have not messed up
6338 the keyboard, even if the quality and robustness in the X series have
6339 deteriorated since X41.
</p
>
6341 <p
>I wonder how I can find a sensible laptop when none of the options
6342 seem sensible to me? Are there better services around to search the
6343 set of available laptops for features? Please send me an email if you
6344 have suggestions.
</p
>
6346 <p
>Update
2015-
07-
23: I got a suggestion to check out the FSF
6347 <a href=
"http://www.fsf.org/resources/hw/endorsement/respects-your-freedom
">list
6348 of endorsed hardware
</a
>, which is useful background information.
</p
>
6353 <title>How to stay with sysvinit in Debian Jessie
</title>
6354 <link>https://people.skolelinux.org/pere/blog/How_to_stay_with_sysvinit_in_Debian_Jessie.html
</link>
6355 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/How_to_stay_with_sysvinit_in_Debian_Jessie.html
</guid>
6356 <pubDate>Sat,
22 Nov
2014 01:
00:
00 +
0100</pubDate>
6357 <description><p
>By now, it is well known that Debian Jessie will not be using
6358 sysvinit as its boot system by default. But how can one keep using
6359 sysvinit in Jessie? It is fairly easy, and here are a few recipes,
6361 <a href=
"http://www.vitavonni.de/blog/
201410/
2014102101-avoiding-systemd.html
">Erich
6362 Schubert
</a
> and
6363 <a href=
"http://smcv.pseudorandom.co.uk/
2014/still_universal/
">Simon
6366 <p
>If you already are using Wheezy and want to upgrade to Jessie and
6367 keep sysvinit as your boot system, create a file
6368 <tt
>/etc/apt/preferences.d/use-sysvinit
</tt
> with this content before
6369 you upgrade:
</p
>
6371 <p
><blockquote
><pre
>
6372 Package: systemd-sysv
6373 Pin: release o=Debian
6375 </pre
></blockquote
><p
>
6377 <p
>This file content will tell apt and aptitude to not consider
6378 installing systemd-sysv as part of any installation and upgrade
6379 solution when resolving dependencies, and thus tell it to avoid
6380 systemd as a default boot system. The end result should be that the
6381 upgraded system keep using sysvinit.
</p
>
6383 <p
>If you are installing Jessie for the first time, there is no way to
6384 get sysvinit installed by default (debootstrap used by
6385 debian-installer have no option for this), but one can tell the
6386 installer to switch to sysvinit before the first boot. Either by
6387 using a kernel argument to the installer, or by adding a line to the
6388 preseed file used. First, the kernel command line argument:
6390 <p
><blockquote
><pre
>
6391 preseed/late_command=
"in-target apt-get install --purge -y sysvinit-core
"
6392 </pre
></blockquote
><p
>
6394 <p
>Next, the line to use in a preseed file:
</p
>
6396 <p
><blockquote
><pre
>
6397 d-i preseed/late_command string in-target apt-get install -y sysvinit-core
6398 </pre
></blockquote
><p
>
6400 <p
>One can of course also do this after the first boot by installing
6401 the sysvinit-core package.
</p
>
6403 <p
>I recommend only using sysvinit if you really need it, as the
6404 sysvinit boot sequence in Debian have several hardware specific bugs
6405 on Linux caused by the fact that it is unpredictable when hardware
6406 devices show up during boot. But on the other hand, the new default
6407 boot system still have a few rough edges I hope will be fixed before
6408 Jessie is released.
</p
>
6410 <p
>Update
2014-
11-
26: Inspired by
6411 <ahref=
"https://www.mirbsd.org/permalinks/wlog-
10-tg_e20141125-tg.htm#e20141125-tg_wlog-
10-tg
">a
6412 blog post by Torsten Glaser
</a
>, added --purge to the preseed
6418 <title>A Debian package for SMTP via Tor (aka SMTorP) using exim4
</title>
6419 <link>https://people.skolelinux.org/pere/blog/A_Debian_package_for_SMTP_via_Tor__aka_SMTorP__using_exim4.html
</link>
6420 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/A_Debian_package_for_SMTP_via_Tor__aka_SMTorP__using_exim4.html
</guid>
6421 <pubDate>Mon,
10 Nov
2014 13:
40:
00 +
0100</pubDate>
6422 <description><p
>The right to communicate with your friends and family in private,
6423 without anyone snooping, is a right every citicen have in a liberal
6424 democracy. But this right is under serious attack these days.
</p
>
6426 <p
>A while back it occurred to me that one way to make the dragnet
6427 surveillance conducted by NSA, GCHQ, FRA and others (and confirmed by
6428 the whisleblower Snowden) more expensive for Internet email,
6429 is to deliver all email using SMTP via Tor. Such SMTP option would be
6430 a nice addition to the FreedomBox project if we could send email
6431 between FreedomBox machines without leaking metadata about the emails
6432 to the people peeking on the wire. I
6433 <a href=
"http://lists.alioth.debian.org/pipermail/freedombox-discuss/
2014-October/
006493.html
">proposed
6434 this on the FreedomBox project mailing list in October
</a
> and got a
6435 lot of useful feedback and suggestions. It also became obvious to me
6436 that this was not a novel idea, as the same idea was tested and
6437 documented by Johannes Berg as early as
2006, and both
6438 <a href=
"https://github.com/pagekite/Mailpile/wiki/SMTorP
">the
6439 Mailpile
</a
> and
<a href=
"http://dee.su/cables
">the Cables
</a
> systems
6440 propose a similar method / protocol to pass emails between users.
</p
>
6442 <p
>To implement such system one need to set up a Tor hidden service
6443 providing the SMTP protocol on port
25, and use email addresses
6444 looking like username@hidden-service-name.onion. With such addresses
6445 the connections to port
25 on hidden-service-name.onion using Tor will
6446 go to the correct SMTP server. To do this, one need to configure the
6447 Tor daemon to provide the hidden service and the mail server to accept
6448 emails for this .onion domain. To learn more about Exim configuration
6449 in Debian and test the design provided by Johannes Berg in his FAQ, I
6450 set out yesterday to create a Debian package for making it trivial to
6451 set up such SMTP over Tor service based on Debian. Getting it to work
6452 were fairly easy, and
6453 <a href=
"https://github.com/petterreinholdtsen/exim4-smtorp
">the
6454 source code for the Debian package
</a
> is available from github. I
6455 plan to move it into Debian if further testing prove this to be a
6456 useful approach.
</p
>
6458 <p
>If you want to test this, set up a blank Debian machine without any
6459 mail system installed (or run
<tt
>apt-get purge exim4-config
</tt
> to
6460 get rid of exim4). Install tor, clone the git repository mentioned
6461 above, build the deb and install it on the machine. Next, run
6462 <tt
>/usr/lib/exim4-smtorp/setup-exim-hidden-service
</tt
> and follow
6463 the instructions to get the service up and running. Restart tor and
6464 exim when it is done, and test mail delivery using swaks like
6467 <p
><blockquote
><pre
>
6468 torsocks swaks --server dutlqrrmjhtfa3vp.onion \
6469 --to fbx@dutlqrrmjhtfa3vp.onion
6470 </pre
></blockquote
></p
>
6472 <p
>This will test the SMTP delivery using tor. Replace the email
6473 address with your own address to test your server. :)
</p
>
6475 <p
>The setup procedure is still to complex, and I hope it can be made
6476 easier and more automatic. Especially the tor setup need more work.
6477 Also, the package include a tor-smtp tool written in C, but its task
6478 should probably be rewritten in some script language to make the deb
6479 architecture independent. It would probably also make the code easier
6480 to review. The tor-smtp tool currently need to listen on a socket for
6481 exim to talk to it and is started using xinetd. It would be better if
6482 no daemon and no socket is needed. I suspect it is possible to get
6483 exim to run a command line tool for delivery instead of talking to a
6484 socket, and hope to figure out how in a future version of this
6487 <p
>Until I wipe my test machine, I can be reached using the
6488 <tt
>fbx@dutlqrrmjhtfa3vp.onion
</tt
> mail address, deliverable over
6489 SMTorP. :)
</p
>
6494 <title>listadmin, the quick way to moderate mailman lists - nice free software
</title>
6495 <link>https://people.skolelinux.org/pere/blog/listadmin__the_quick_way_to_moderate_mailman_lists___nice_free_software.html
</link>
6496 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/listadmin__the_quick_way_to_moderate_mailman_lists___nice_free_software.html
</guid>
6497 <pubDate>Wed,
22 Oct
2014 20:
00:
00 +
0200</pubDate>
6498 <description><p
>If you ever had to moderate a mailman list, like the ones on
6499 alioth.debian.org, you know the web interface is fairly slow to
6500 operate. First you visit one web page, enter the moderation password
6501 and get a new page shown with a list of all the messages to moderate
6502 and various options for each email address. This take a while for
6503 every list you moderate, and you need to do it regularly to do a good
6504 job as a list moderator. But there is a quick alternative,
6505 <a href=
"http://heim.ifi.uio.no/kjetilho/hacks/#listadmin
">the
6506 listadmin program
</a
>. It allow you to check lists for new messages
6507 to moderate in a fraction of a second. Here is a test run on two
6508 lists I recently took over:
</p
>
6510 <p
><blockquote
><pre
>
6511 % time listadmin xiph
6512 fetching data for pkg-xiph-commits@lists.alioth.debian.org ... nothing in queue
6513 fetching data for pkg-xiph-maint@lists.alioth.debian.org ... nothing in queue
6519 </pre
></blockquote
></p
>
6521 <p
>In
1.7 seconds I had checked two mailing lists and confirmed that
6522 there are no message in the moderation queue. Every morning I
6523 currently moderate
68 mailman lists, and it normally take around two
6524 minutes. When I took over the two pkg-xiph lists above a few days
6525 ago, there were
400 emails waiting in the moderator queue. It took me
6526 less than
15 minutes to process them all using the listadmin
6529 <p
>If you install
6530 <a href=
"https://tracker.debian.org/pkg/listadmin
">the listadmin
6531 package
</a
> from Debian and create a file
<tt
>~/.listadmin.ini
</tt
>
6532 with content like this, the moderation task is a breeze:
</p
>
6534 <p
><blockquote
><pre
>
6535 username username@example.org
6538 discard_if_reason
"Posting restricted to members only. Remove us from your mail list.
"
6541 adminurl https://{domain}/mailman/admindb/{list}
6542 mailman-list@lists.example.com
6545 other-list@otherserver.example.org
6546 </pre
></blockquote
></p
>
6548 <p
>There are other options to set as well. Check the manual page to
6549 learn the details.
</p
>
6551 <p
>If you are forced to moderate lists on a mailman installation where
6552 the SSL certificate is self signed or not properly signed by a
6553 generally accepted signing authority, you can set a environment
6554 variable when calling listadmin to disable SSL verification:
</p
>
6556 <p
><blockquote
><pre
>
6557 PERL_LWP_SSL_VERIFY_HOSTNAME=
0 listadmin
6558 </pre
></blockquote
></p
>
6560 <p
>If you want to moderate a subset of the lists you take care of, you
6561 can provide an argument to the listadmin script like I do in the
6562 initial screen dump (the xiph argument). Using an argument, only
6563 lists matching the argument string will be processed. This make it
6564 quick to accept messages if you notice the moderation request in your
6567 <p
>Without the listadmin program, I would never be the moderator of
68
6568 mailing lists, as I simply do not have time to spend on that if the
6569 process was any slower. The listadmin program have saved me hours of
6570 time I could spend elsewhere over the years. It truly is nice free
6573 <p
>As usual, if you use Bitcoin and want to show your support of my
6574 activities, please send Bitcoin donations to my address
6575 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
6577 <p
>Update
2014-
10-
27: Added missing
'username
' statement in
6578 configuration example. Also, I
've been told that the
6579 PERL_LWP_SSL_VERIFY_HOSTNAME=
0 setting do not work for everyone. Not
6585 <title>Debian Jessie, PXE and automatic firmware installation
</title>
6586 <link>https://people.skolelinux.org/pere/blog/Debian_Jessie__PXE_and_automatic_firmware_installation.html
</link>
6587 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Debian_Jessie__PXE_and_automatic_firmware_installation.html
</guid>
6588 <pubDate>Fri,
17 Oct
2014 14:
10:
00 +
0200</pubDate>
6589 <description><p
>When PXE installing laptops with Debian, I often run into the
6590 problem that the WiFi card require some firmware to work properly.
6591 And it has been a pain to fix this using preseeding in Debian.
6592 Normally something more is needed. But thanks to
6593 <a href=
"https://packages.qa.debian.org/i/isenkram.html
">my isenkram
6594 package
</a
> and its recent tasksel extension, it has now become easy
6595 to do this using simple preseeding.
</p
>
6597 <p
>The isenkram-cli package provide tasksel tasks which will install
6598 firmware for the hardware found in the machine (actually, requested by
6599 the kernel modules for the hardware). (It can also install user space
6600 programs supporting the hardware detected, but that is not the focus
6601 of this story.)
</p
>
6603 <p
>To get this working in the default installation, two preeseding
6604 values are needed. First, the isenkram-cli package must be installed
6605 into the target chroot (aka the hard drive) before tasksel is executed
6606 in the pkgsel step of the debian-installer system. This is done by
6607 preseeding the base-installer/includes debconf value to include the
6608 isenkram-cli package. The package name is next passed to debootstrap
6609 for installation. With the isenkram-cli package in place, tasksel
6610 will automatically use the isenkram tasks to detect hardware specific
6611 packages for the machine being installed and install them, because
6612 isenkram-cli contain tasksel tasks.
</p
>
6614 <p
>Second, one need to enable the non-free APT repository, because
6615 most firmware unfortunately is non-free. This is done by preseeding
6616 the apt-mirror-setup step. This is unfortunate, but for a lot of
6617 hardware it is the only option in Debian.
</p
>
6619 <p
>The end result is two lines needed in your preseeding file to get
6620 firmware installed automatically by the installer:
</p
>
6622 <p
><blockquote
><pre
>
6623 base-installer base-installer/includes string isenkram-cli
6624 apt-mirror-setup apt-setup/non-free boolean true
6625 </pre
></blockquote
></p
>
6627 <p
>The current version of isenkram-cli in testing/jessie will install
6628 both firmware and user space packages when using this method. It also
6629 do not work well, so use version
0.15 or later. Installing both
6630 firmware and user space packages might give you a bit more than you
6631 want, so I decided to split the tasksel task in two, one for firmware
6632 and one for user space programs. The firmware task is enabled by
6633 default, while the one for user space programs is not. This split is
6634 implemented in the package currently in unstable.
</p
>
6636 <p
>If you decide to give this a go, please let me know (via email) how
6637 this recipe work for you. :)
</p
>
6639 <p
>So, I bet you are wondering, how can this work. First and
6640 foremost, it work because tasksel is modular, and driven by whatever
6641 files it find in /usr/lib/tasksel/ and /usr/share/tasksel/. So the
6642 isenkram-cli package place two files for tasksel to find. First there
6643 is the task description file (/usr/share/tasksel/descs/isenkram.desc):
</p
>
6645 <p
><blockquote
><pre
>
6646 Task: isenkram-packages
6648 Description: Hardware specific packages (autodetected by isenkram)
6649 Based on the detected hardware various hardware specific packages are
6651 Test-new-install: show show
6653 Packages: for-current-hardware
6655 Task: isenkram-firmware
6657 Description: Hardware specific firmware packages (autodetected by isenkram)
6658 Based on the detected hardware various hardware specific firmware
6659 packages are proposed.
6660 Test-new-install: mark show
6662 Packages: for-current-hardware-firmware
6663 </pre
></blockquote
></p
>
6665 <p
>The key parts are Test-new-install which indicate how the task
6666 should be handled and the Packages line referencing to a script in
6667 /usr/lib/tasksel/packages/. The scripts use other scripts to get a
6668 list of packages to install. The for-current-hardware-firmware script
6669 look like this to list relevant firmware for the machine:
6671 <p
><blockquote
><pre
>
6674 PATH=/usr/sbin:$PATH
6676 isenkram-autoinstall-firmware -l
6677 </pre
></blockquote
></p
>
6679 <p
>With those two pieces in place, the firmware is installed by
6680 tasksel during the normal d-i run. :)
</p
>
6682 <p
>If you want to test what tasksel will install when isenkram-cli is
6683 installed, run
<tt
>DEBIAN_PRIORITY=critical tasksel --test
6684 --new-install
</tt
> to get the list of packages that tasksel would
6687 <p
><a href=
"https://wiki.debian.org/DebianEdu/
">Debian Edu
</a
> will be
6688 pilots in testing this feature, as isenkram is used there now to
6689 install firmware, replacing the earlier scripts.
</p
>
6694 <title>Ubuntu used to show the bread prizes at ICA Storo
</title>
6695 <link>https://people.skolelinux.org/pere/blog/Ubuntu_used_to_show_the_bread_prizes_at_ICA_Storo.html
</link>
6696 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Ubuntu_used_to_show_the_bread_prizes_at_ICA_Storo.html
</guid>
6697 <pubDate>Sat,
4 Oct
2014 15:
20:
00 +
0200</pubDate>
6698 <description><p
>Today I came across an unexpected Ubuntu boot screen. Above the
6699 bread shelf on the ICA shop at Storo in Oslo, the grub menu of Ubuntu
6700 with Linux kernel
3.2.0-
23 (ie probably version
12.04 LTS) was stuck
6701 on a screen normally showing the bread types and prizes:
</p
>
6703 <p align=
"center
"><img width=
"70%
" src=
"https://people.skolelinux.org/pere/blog/images/
2014-
10-
04-ubuntu-ica-storo-crop.jpeg
"></p
>
6705 <p
>If it had booted as it was supposed to, I would never had known
6706 about this hidden Linux installation. It is interesting what
6707 <a href=
"http://revealingerrors.com/
">errors can reveal
</a
>.
</p
>
6712 <title>New lsdvd release version
0.17 is ready
</title>
6713 <link>https://people.skolelinux.org/pere/blog/New_lsdvd_release_version_0_17_is_ready.html
</link>
6714 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/New_lsdvd_release_version_0_17_is_ready.html
</guid>
6715 <pubDate>Sat,
4 Oct
2014 08:
40:
00 +
0200</pubDate>
6716 <description><p
>The
<a href=
"https://sourceforge.net/p/lsdvd/
">lsdvd project
</a
>
6717 got a new set of developers a few weeks ago, after the original
6718 developer decided to step down and pass the project to fresh blood.
6719 This project is now maintained by Petter Reinholdtsen and Steve
6722 <p
>I just wrapped up
6723 <a href=
"https://sourceforge.net/p/lsdvd/mailman/message/
32896061/
">a
6724 new lsdvd release
</a
>, available in git or from
6725 <a href=
"https://sourceforge.net/projects/lsdvd/files/lsdvd/
">the
6726 download page
</a
>. This is the changelog dated
2014-
10-
03 for version
6731 <li
>Ignore
'phantom
' audio, subtitle tracks
</li
>
6732 <li
>Check for garbage in the program chains, which indicate that a track is
6733 non-existant, to work around additional copy protection
</li
>
6734 <li
>Fix displaying content type for audio tracks, subtitles
</li
>
6735 <li
>Fix pallete display of first entry
</li
>
6736 <li
>Fix include orders
</li
>
6737 <li
>Ignore read errors in titles that would not be displayed anyway
</li
>
6738 <li
>Fix the chapter count
</li
>
6739 <li
>Make sure the array size and the array limit used when initialising
6740 the palette size is the same.
</li
>
6741 <li
>Fix array printing.
</li
>
6742 <li
>Correct subsecond calculations.
</li
>
6743 <li
>Add sector information to the output format.
</li
>
6744 <li
>Clean up code to be closer to ANSI C and compile without warnings
6745 with more GCC compiler warnings.
</li
>
6749 <p
>This change bring together patches for lsdvd in use in various
6750 Linux and Unix distributions, as well as patches submitted to the
6751 project the last nine years. Please check it out. :)
</p
>
6756 <title>How to test Debian Edu Jessie despite some fatal problems with the installer
</title>
6757 <link>https://people.skolelinux.org/pere/blog/How_to_test_Debian_Edu_Jessie_despite_some_fatal_problems_with_the_installer.html
</link>
6758 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/How_to_test_Debian_Edu_Jessie_despite_some_fatal_problems_with_the_installer.html
</guid>
6759 <pubDate>Fri,
26 Sep
2014 12:
20:
00 +
0200</pubDate>
6760 <description><p
>The
<a href=
"http://www.skolelinux.org/
">Debian Edu / Skolelinux
6761 project
</a
> provide a Linux solution for schools, including a
6762 powerful desktop with education software, a central server providing
6763 web pages, user database, user home directories, central login and PXE
6764 boot of both clients without disk and the installation to install Debian
6765 Edu on machines with disk (and a few other services perhaps to small
6766 to mention here). We in the Debian Edu team are currently working on
6767 the Jessie based version, trying to get everything in shape before the
6768 freeze, to avoid having to maintain our own package repository in the
6770 <a href=
"https://wiki.debian.org/DebianEdu/Status/Jessie
">current
6771 status
</a
> can be seen on the Debian wiki, and there is still heaps of
6772 work left. Some fatal problems block testing, breaking the installer,
6773 but it is possible to work around these to get anyway. Here is a
6774 recipe on how to get the installation limping along.
</p
>
6776 <p
>First, download the test ISO via
6777 <a href=
"ftp://ftp.skolelinux.no/cd-edu-testing-nolocal-netinst/debian-edu-amd64-i386-NETINST-
1.iso
">ftp
</a
>,
6778 <a href=
"http://ftp.skolelinux.no/cd-edu-testing-nolocal-netinst/debian-edu-amd64-i386-NETINST-
1.iso
">http
</a
>
6780 ftp.skolelinux.org::cd-edu-testing-nolocal-netinst/debian-edu-amd64-i386-NETINST-
1.iso).
6781 The ISO build was broken on Tuesday, so we do not get a new ISO every
6782 12 hours or so, but thankfully the ISO we already got we are able to
6783 install with some tweaking.
</p
>
6785 <p
>When you get to the Debian Edu profile question, go to tty2
6786 (use Alt-Ctrl-F2), run
</p
>
6788 <p
><blockquote
><pre
>
6789 nano /usr/bin/edu-eatmydata-install
6790 </pre
></blockquote
></p
>
6792 <p
>and add
'exit
0' as the second line, disabling the eatmydata
6793 optimization. Return to the installation, select the profile you want
6794 and continue. Without this change, exim4-config will fail to install
6795 due to a known bug in eatmydata.
</p
>
6797 <p
>When you get the grub question at the end, answer /dev/sda (or if
6798 this do not work, figure out what your correct value would be. All my
6799 test machines need /dev/sda, so I have no advice if it do not fit
6800 your need.
</p
>
6802 <p
>If you installed a profile including a graphical desktop, log in as
6803 root after the initial boot from hard drive, and install the
6804 education-desktop-XXX metapackage. XXX can be kde, gnome, lxde, xfce
6805 or mate. If you want several desktop options, install more than one
6806 metapackage. Once this is done, reboot and you should have a working
6807 graphical login screen. This workaround should no longer be needed
6808 once the education-tasks package version
1.801 enter testing in two
6811 <p
>I believe the ISO build will start working on two days when the new
6812 tasksel package enter testing and Steve McIntyre get a chance to
6813 update the debian-cd git repository. The eatmydata, grub and desktop
6814 issues are already fixed in unstable and testing, and should show up
6815 on the ISO as soon as the ISO build start working again. Well the
6816 eatmydata optimization is really just disabled. The proper fix
6817 require an upload by the eatmydata maintainer applying the patch
6818 provided in bug
<a href=
"https://bugs.debian.org/
702711">#
702711</a
>.
6819 The rest have proper fixes in unstable.
</p
>
6821 <p
>I hope this get you going with the installation testing, as we are
6822 quickly running out of time trying to get our Jessie based
6823 installation ready before the distribution freeze in a month.
</p
>
6828 <title>Suddenly I am the new upstream of the lsdvd command line tool
</title>
6829 <link>https://people.skolelinux.org/pere/blog/Suddenly_I_am_the_new_upstream_of_the_lsdvd_command_line_tool.html
</link>
6830 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Suddenly_I_am_the_new_upstream_of_the_lsdvd_command_line_tool.html
</guid>
6831 <pubDate>Thu,
25 Sep
2014 11:
20:
00 +
0200</pubDate>
6832 <description><p
>I use the
<a href=
"https://sourceforge.net/p/lsdvd/
">lsdvd tool
</a
>
6833 to handle my fairly large DVD collection. It is a nice command line
6834 tool to get details about a DVD, like title, tracks, track length,
6835 etc, in XML, Perl or human readable format. But lsdvd have not seen
6836 any new development since
2006 and had a few irritating bugs affecting
6837 its use with some DVDs. Upstream seemed to be dead, and in January I
6838 sent a small probe asking for a version control repository for the
6839 project, without any reply. But I use it regularly and would like to
6840 get
<a href=
"https://packages.qa.debian.org/lsdvd
">an updated version
6841 into Debian
</a
>. So two weeks ago I tried harder to get in touch with
6842 the project admin, and after getting a reply from him explaining that
6843 he was no longer interested in the project, I asked if I could take
6844 over. And yesterday, I became project admin.
</p
>
6846 <p
>I
've been in touch with a Gentoo developer and the Debian
6847 maintainer interested in joining forces to maintain the upstream
6848 project, and I hope we can get a new release out fairly quickly,
6849 collecting the patches spread around on the internet into on place.
6850 I
've added the relevant Debian patches to the freshly created git
6851 repository, and expect the Gentoo patches to make it too. If you got
6852 a DVD collection and care about command line tools, check out
6853 <a href=
"https://sourceforge.net/p/lsdvd/git/ci/master/tree/
">the git source
</a
> and join
6854 <a href=
"https://sourceforge.net/p/lsdvd/mailman/
">the project mailing
6855 list
</a
>. :)
</p
>
6860 <title>Speeding up the Debian installer using eatmydata and dpkg-divert
</title>
6861 <link>https://people.skolelinux.org/pere/blog/Speeding_up_the_Debian_installer_using_eatmydata_and_dpkg_divert.html
</link>
6862 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Speeding_up_the_Debian_installer_using_eatmydata_and_dpkg_divert.html
</guid>
6863 <pubDate>Tue,
16 Sep
2014 14:
00:
00 +
0200</pubDate>
6864 <description><p
>The
<a href=
"https://www.debian.org/
">Debian
</a
> installer could be
6865 a lot quicker. When we install more than
2000 packages in
6866 <a href=
"http://www.skolelinux.org/
">Skolelinux / Debian Edu
</a
> using
6867 tasksel in the installer, unpacking the binary packages take forever.
6868 A part of the slow I/O issue was discussed in
6869 <a href=
"https://bugs.debian.org/
613428">bug #
613428</a
> about too
6870 much file system sync-ing done by dpkg, which is the package
6871 responsible for unpacking the binary packages. Other parts (like code
6872 executed by postinst scripts) might also sync to disk during
6873 installation. All this sync-ing to disk do not really make sense to
6874 me. If the machine crash half-way through, I start over, I do not try
6875 to salvage the half installed system. So the failure sync-ing is
6876 supposed to protect against, hardware or system crash, is not really
6877 relevant while the installer is running.
</p
>
6879 <p
>A few days ago, I thought of a way to get rid of all the file
6880 system sync()-ing in a fairly non-intrusive way, without the need to
6881 change the code in several packages. The idea is not new, but I have
6882 not heard anyone propose the approach using dpkg-divert before. It
6883 depend on the small and clever package
6884 <a href=
"https://packages.qa.debian.org/eatmydata
">eatmydata
</a
>, which
6885 uses LD_PRELOAD to replace the system functions for syncing data to
6886 disk with functions doing nothing, thus allowing programs to live
6887 dangerous while speeding up disk I/O significantly. Instead of
6888 modifying the implementation of dpkg, apt and tasksel (which are the
6889 packages responsible for selecting, fetching and installing packages),
6890 it occurred to me that we could just divert the programs away, replace
6891 them with a simple shell wrapper calling
6892 "eatmydata
&nbsp;$program
&nbsp;$@
", to get the same effect.
6893 Two days ago I decided to test the idea, and wrapped up a simple
6894 implementation for the Debian Edu udeb.
</p
>
6896 <p
>The effect was stunning. In my first test it reduced the running
6897 time of the pkgsel step (installing tasks) from
64 to less than
44
6898 minutes (
20 minutes shaved off the installation) on an old Dell
6899 Latitude D505 machine. I am not quite sure what the optimised time
6900 would have been, as I messed up the testing a bit, causing the debconf
6901 priority to get low enough for two questions to pop up during
6902 installation. As soon as I saw the questions I moved the installation
6903 along, but do not know how long the question were holding up the
6904 installation. I did some more measurements using Debian Edu Jessie,
6905 and got these results. The time measured is the time stamp in
6906 /var/log/syslog between the
"pkgsel: starting tasksel
" and the
6907 "pkgsel: finishing up
" lines, if you want to do the same measurement
6908 yourself. In Debian Edu, the tasksel dialog do not show up, and the
6909 timing thus do not depend on how quickly the user handle the tasksel
6912 <p
><table
>
6915 <th
>Machine/setup
</th
>
6916 <th
>Original tasksel
</th
>
6917 <th
>Optimised tasksel
</th
>
6918 <th
>Reduction
</th
>
6922 <td
>Latitude D505 Main+LTSP LXDE
</td
>
6923 <td
>64 min (
07:
46-
08:
50)
</td
>
6924 <td
><44 min (
11:
27-
12:
11)
</td
>
6925 <td
>>20 min
18%
</td
>
6929 <td
>Latitude D505 Roaming LXDE
</td
>
6930 <td
>57 min (
08:
48-
09:
45)
</td
>
6931 <td
>34 min (
07:
43-
08:
17)
</td
>
6932 <td
>23 min
40%
</td
>
6936 <td
>Latitude D505 Minimal
</td
>
6937 <td
>22 min (
10:
37-
10:
59)
</td
>
6938 <td
>11 min (
11:
16-
11:
27)
</td
>
6939 <td
>11 min
50%
</td
>
6943 <td
>Thinkpad X200 Minimal
</td
>
6944 <td
>6 min (
08:
19-
08:
25)
</td
>
6945 <td
>4 min (
08:
04-
08:
08)
</td
>
6946 <td
>2 min
33%
</td
>
6950 <td
>Thinkpad X200 Roaming KDE
</td
>
6951 <td
>19 min (
09:
21-
09:
40)
</td
>
6952 <td
>15 min (
10:
25-
10:
40)
</td
>
6953 <td
>4 min
21%
</td
>
6956 </table
></p
>
6958 <p
>The test is done using a netinst ISO on a USB stick, so some of the
6959 time is spent downloading packages. The connection to the Internet
6960 was
100Mbit/s during testing, so downloading should not be a
6961 significant factor in the measurement. Download typically took a few
6962 seconds to a few minutes, depending on the amount of packages being
6963 installed.
</p
>
6965 <p
>The speedup is implemented by using two hooks in
6966 <a href=
"https://www.debian.org/devel/debian-installer/
">Debian
6967 Installer
</a
>, the pre-pkgsel.d hook to set up the diverts, and the
6968 finish-install.d hook to remove the divert at the end of the
6969 installation. I picked the pre-pkgsel.d hook instead of the
6970 post-base-installer.d hook because I test using an ISO without the
6971 eatmydata package included, and the post-base-installer.d hook in
6972 Debian Edu can only operate on packages included in the ISO. The
6973 negative effect of this is that I am unable to activate this
6974 optimization for the kernel installation step in d-i. If the code is
6975 moved to the post-base-installer.d hook, the speedup would be larger
6976 for the entire installation.
</p
>
6978 <p
>I
've implemented this in the
6979 <a href=
"https://packages.qa.debian.org/debian-edu-install
">debian-edu-install
</a
>
6980 git repository, and plan to provide the optimization as part of the
6981 Debian Edu installation. If you want to test this yourself, you can
6982 create two files in the installer (or in an udeb). One shell script
6983 need do go into /usr/lib/pre-pkgsel.d/, with content like this:
</p
>
6985 <p
><blockquote
><pre
>
6988 . /usr/share/debconf/confmodule
6990 logger -t my-pkgsel
"info: $*
"
6993 logger -t my-pkgsel
"error: $*
"
6995 override_install() {
6996 apt-install eatmydata || true
6997 if [ -x /target/usr/bin/eatmydata ] ; then
6998 for bin in dpkg apt-get aptitude tasksel ; do
7000 # Test that the file exist and have not been diverted already.
7001 if [ -f /target$file ] ; then
7002 info
"diverting $file using eatmydata
"
7003 printf
"#!/bin/sh\neatmydata $bin.distrib \
"\$@\
"\n
" \
7004 > /target$file.edu
7005 chmod
755 /target$file.edu
7006 in-target dpkg-divert --package debian-edu-config \
7007 --rename --quiet --add $file
7008 ln -sf ./$bin.edu /target$file
7010 error
"unable to divert $file, as it is missing.
"
7014 error
"unable to find /usr/bin/eatmydata after installing the eatmydata pacage
"
7019 </pre
></blockquote
></p
>
7021 <p
>To clean up, another shell script should go into
7022 /usr/lib/finish-install.d/ with code like this:
7024 <p
><blockquote
><pre
>
7026 . /usr/share/debconf/confmodule
7028 logger -t my-finish-install
"error: $@
"
7030 remove_install_override() {
7031 for bin in dpkg apt-get aptitude tasksel ; do
7033 if [ -x /target$file.edu ] ; then
7035 in-target dpkg-divert --package debian-edu-config \
7036 --rename --quiet --remove $file
7039 error
"Missing divert for $file.
"
7042 sync # Flush file buffers before continuing
7045 remove_install_override
7046 </pre
></blockquote
></p
>
7048 <p
>In Debian Edu, I placed both code fragments in a separate script
7049 edu-eatmydata-install and call it from the pre-pkgsel.d and
7050 finish-install.d scripts.
</p
>
7052 <p
>By now you might ask if this change should get into the normal
7053 Debian installer too? I suspect it should, but am not sure the
7054 current debian-installer coordinators find it useful enough. It also
7055 depend on the side effects of the change. I
'm not aware of any, but I
7056 guess we will see if the change is safe after some more testing.
7057 Perhaps there is some package in Debian depending on sync() and
7058 fsync() having effect? Perhaps it should go into its own udeb, to
7059 allow those of us wanting to enable it to do so without affecting
7062 <p
>Update
2014-
09-
24: Since a few days ago, enabling this optimization
7063 will break installation of all programs using gnutls because of
7064 <a href=
"https://bugs.debian.org/
702711">bug #
702711</a
>. An updated
7065 eatmydata package in Debian will solve it.
</p
>
7067 <p
>Update
2014-
10-
17: The bug mentioned above is fixed in testing and
7068 the optimization work again. And I have discovered that the
7069 dpkg-divert trick is not really needed and implemented a slightly
7070 simpler approach as part of the debian-edu-install package. See
7071 tools/edu-eatmydata-install in the source package.
</p
>
7073 <p
>Update
2014-
11-
11: Unfortunately, a new
7074 <a href=
"http://bugs.debian.org/
765738">bug #
765738</a
> in eatmydata only
7075 triggering on i386 made it into testing, and broke this installation
7076 optimization again. If
<a href=
"http://bugs.debian.org/
768893">unblock
7077 request
768893</a
> is accepted, it should be working again.
</p
>
7082 <title>Good bye subkeys.pgp.net, welcome pool.sks-keyservers.net
</title>
7083 <link>https://people.skolelinux.org/pere/blog/Good_bye_subkeys_pgp_net__welcome_pool_sks_keyservers_net.html
</link>
7084 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Good_bye_subkeys_pgp_net__welcome_pool_sks_keyservers_net.html
</guid>
7085 <pubDate>Wed,
10 Sep
2014 13:
10:
00 +
0200</pubDate>
7086 <description><p
>Yesterday, I had the pleasure of attending a talk with the
7087 <a href=
"http://www.nuug.no/
">Norwegian Unix User Group
</a
> about
7088 <a href=
"http://www.nuug.no/aktiviteter/
20140909-sks-keyservers/
">the
7089 OpenPGP keyserver pool sks-keyservers.net
</a
>, and was very happy to
7090 learn that there is a large set of publicly available key servers to
7091 use when looking for peoples public key. So far I have used
7092 subkeys.pgp.net, and some times wwwkeys.nl.pgp.net when the former
7093 were misbehaving, but those days are ended. The servers I have used
7094 up until yesterday have been slow and some times unavailable. I hope
7095 those problems are gone now.
</p
>
7097 <p
>Behind the round robin DNS entry of the
7098 <a href=
"https://sks-keyservers.net/
">sks-keyservers.net
</a
> service
7099 there is a pool of more than
100 keyservers which are checked every
7100 day to ensure they are well connected and up to date. It must be
7101 better than what I have used so far. :)
</p
>
7103 <p
>Yesterdays speaker told me that the service is the default
7104 keyserver provided by the default configuration in GnuPG, but this do
7105 not seem to be used in Debian. Perhaps it should?
</p
>
7107 <p
>Anyway, I
've updated my ~/.gnupg/options file to now include this
7110 <p
><blockquote
><pre
>
7111 keyserver pool.sks-keyservers.net
7112 </pre
></blockquote
></p
>
7114 <p
>With GnuPG version
2 one can also locate the keyserver using SRV
7115 entries in DNS. Just for fun, I did just that at work, so now every
7116 user of GnuPG at the University of Oslo should find a OpenGPG
7117 keyserver automatically should their need it:
</p
>
7119 <p
><blockquote
><pre
>
7120 % host -t srv _pgpkey-http._tcp.uio.no
7121 _pgpkey-http._tcp.uio.no has SRV record
0 100 11371 pool.sks-keyservers.net.
7123 </pre
></blockquote
></p
>
7125 <p
>Now if only
7126 <a href=
"http://ietfreport.isoc.org/idref/draft-shaw-openpgp-hkp/
">the
7127 HKP lookup protocol
</a
> supported finding signature paths, I would be
7128 very happy. It can look up a given key or search for a user ID, but I
7129 normally do not want that, but to find a trust path from my key to
7130 another key. Given a user ID or key ID, I would like to find (and
7131 download) the keys representing a signature path from my key to the
7132 key in question, to be able to get a trust path between the two keys.
7133 This is as far as I can tell not possible today. Perhaps something
7134 for a future version of the protocol?
</p
>
7139 <title>From English wiki to translated PDF and epub via Docbook
</title>
7140 <link>https://people.skolelinux.org/pere/blog/From_English_wiki_to_translated_PDF_and_epub_via_Docbook.html
</link>
7141 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/From_English_wiki_to_translated_PDF_and_epub_via_Docbook.html
</guid>
7142 <pubDate>Tue,
17 Jun
2014 11:
30:
00 +
0200</pubDate>
7143 <description><p
>The
<a href=
"http://www.skolelinux.org/
">Debian Edu / Skolelinux
7144 project
</a
> provide an instruction manual for teachers, system
7145 administrators and other users that contain useful tips for setting up
7146 and maintaining a Debian Edu installation. This text is about how the
7147 text processing of this manual is handled in the project.
</p
>
7149 <p
>One goal of the project is to provide information in the native
7150 language of its users, and for this we need to handle translations.
7151 But we also want to make sure each language contain the same
7152 information, so for this we need a good way to keep the translations
7153 in sync. And we want it to be easy for our users to improve the
7154 documentation, avoiding the need to learn special formats or tools to
7155 contribute, and the obvious way to do this is to make it possible to
7156 edit the documentation using a web browser. We also want it to be
7157 easy for translators to keep the translation up to date, and give them
7158 help in figuring out what need to be translated. Here is the list of
7159 tools and the process we have found trying to reach all these
7162 <p
>We maintain the authoritative source of our manual in the
7163 <a href=
"https://wiki.debian.org/DebianEdu/Documentation/Wheezy/
">Debian
7164 wiki
</a
>, as several wiki pages written in English. It consist of one
7165 front page with references to the different chapters, several pages
7166 for each chapter, and finally one
"collection page
" gluing all the
7167 chapters together into one large web page (aka
7168 <a href=
"https://wiki.debian.org/DebianEdu/Documentation/Wheezy/AllInOne
">the
7169 AllInOne page
</a
>). The AllInOne page is the one used for further
7170 processing and translations. Thanks to the fact that the
7171 <a href=
"http://moinmo.in/
">MoinMoin
</a
> installation on
7172 wiki.debian.org support exporting pages in
7173 <a href=
"http://www.docbook.org/
">the Docbook format
</a
>, we can fetch
7174 the list of pages to export using the raw version of the AllInOne
7175 page, loop over each of them to generate a Docbook XML version of the
7176 manual. This process also download images and transform image
7177 references to use the locally downloaded images. The generated
7178 Docbook XML files are slightly broken, so some post-processing is done
7179 using the
<tt
>documentation/scripts/get_manual
</tt
> program, and the
7180 result is a nice Docbook XML file (debian-edu-wheezy-manual.xml) and
7181 a handfull of images. The XML file can now be used to generate PDF, HTML
7182 and epub versions of the English manual. This is the basic step of
7183 our process, making PDF (using dblatex), HTML (using xsltproc) and
7184 epub (using dbtoepub) version from Docbook XML, and the resulting files
7185 are placed in the debian-edu-doc-en binary package.
</p
>
7187 <p
>But English documentation is not enough for us. We want translated
7188 documentation too, and we want to make it easy for translators to
7189 track the English original. For this we use the
7190 <a href=
"http://packages.qa.debian.org/p/poxml.html
">poxml
</a
> package,
7191 which allow us to transform the English Docbook XML file into a
7192 translation file (a .pot file), usable with the normal gettext based
7193 translation tools used by those translating free software. The pot
7194 file is used to create and maintain translation files (several .po
7195 files), which the translations update with the native language
7196 translations of all titles, paragraphs and blocks of text in the
7197 original. The next step is combining the original English Docbook XML
7198 and the translation file (say debian-edu-wheezy-manual.nb.po), to
7199 create a translated Docbook XML file (in this case
7200 debian-edu-wheezy-manual.nb.xml). This translated (or partly
7201 translated, if the translation is not complete) Docbook XML file can
7202 then be used like the original to create a PDF, HTML and epub version
7203 of the documentation.
</p
>
7205 <p
>The translators use different tools to edit the .po files. We
7207 <a href=
"http://www.kde.org/applications/development/lokalize/
">lokalize
</a
>,
7208 while some use emacs and vi, others can use web based editors like
7209 <a href=
"http://pootle.translatehouse.org/
">Poodle
</a
> or
7210 <a href=
"https://www.transifex.com/
">Transifex
</a
>. All we care about
7211 is where the .po file end up, in our git repository. Updated
7212 translations can either be committed directly to git, or submitted as
7213 <a href=
"https://bugs.debian.org/src:debian-edu-doc
">bug reports
7214 against the debian-edu-doc package
</a
>.
</p
>
7216 <p
>One challenge is images, which both might need to be translated (if
7217 they show translated user applications), and are needed in different
7218 formats when creating PDF and HTML versions (epub is a HTML version in
7219 this regard). For this we transform the original PNG images to the
7220 needed density and format during build, and have a way to provide
7221 translated images by storing translated versions in
7222 images/$LANGUAGECODE/. I am a bit unsure about the details here. The
7223 package maintainers know more.
</p
>
7225 <p
>If you wonder what the result look like, we provide
7226 <a href=
"http://maintainer.skolelinux.org/debian-edu-doc/
">the content
7227 of the documentation packages on the web
</a
>. See for example the
7228 <a href=
"http://maintainer.skolelinux.org/debian-edu-doc/it/debian-edu-wheezy-manual.pdf
">Italian
7229 PDF version
</a
> or the
7230 <a href=
"http://maintainer.skolelinux.org/debian-edu-doc/de/debian-edu-wheezy-manual.html
">German
7231 HTML version
</a
>. We do not yet build the epub version by default,
7232 but perhaps it will be done in the future.
</p
>
7234 <p
>To learn more, check out
7235 <a href=
"http://packages.qa.debian.org/d/debian-edu-doc.html
">the
7236 debian-edu-doc package
</a
>,
7237 <a href=
"https://wiki.debian.org/DebianEdu/Documentation/Wheezy/
">the
7238 manual on the wiki
</a
> and
7239 <a href=
"https://wiki.debian.org/DebianEdu/Documentation/Wheezy/Translations
">the
7240 translation instructions
</a
> in the manual.
</p
>
7245 <title>Install hardware dependent packages using tasksel (Isenkram
0.7)
</title>
7246 <link>https://people.skolelinux.org/pere/blog/Install_hardware_dependent_packages_using_tasksel__Isenkram_0_7_.html
</link>
7247 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Install_hardware_dependent_packages_using_tasksel__Isenkram_0_7_.html
</guid>
7248 <pubDate>Wed,
23 Apr
2014 14:
50:
00 +
0200</pubDate>
7249 <description><p
>It would be nice if it was easier in Debian to get all the hardware
7250 related packages relevant for the computer installed automatically.
7251 So I implemented one, using
7252 <a href=
"http://packages.qa.debian.org/isenkram
">my Isenkram
7253 package
</a
>. To use it, install the tasksel and isenkram packages and
7254 run tasksel as user root. You should be presented with a new option,
7255 "Hardware specific packages (autodetected by isenkram)
". When you
7256 select it, tasksel will install the packages isenkram claim is fit for
7257 the current hardware, hot pluggable or not.
<p
>
7259 <p
>The implementation is in two files, one is the tasksel menu entry
7260 description, and the other is the script used to extract the list of
7261 packages to install. The first part is in
7262 <tt
>/usr/share/tasksel/descs/isenkram.desc
</tt
> and look like
7265 <p
><blockquote
><pre
>
7268 Description: Hardware specific packages (autodetected by isenkram)
7269 Based on the detected hardware various hardware specific packages are
7271 Test-new-install: mark show
7273 Packages: for-current-hardware
7274 </pre
></blockquote
></p
>
7276 <p
>The second part is in
7277 <tt
>/usr/lib/tasksel/packages/for-current-hardware
</tt
> and look like
7280 <p
><blockquote
><pre
>
7285 isenkram-autoinstall-firmware -l
7287 </pre
></blockquote
></p
>
7289 <p
>All in all, a very short and simple implementation making it
7290 trivial to install the hardware dependent package we all may want to
7291 have installed on our machines. I
've not been able to find a way to
7292 get tasksel to tell you exactly which packages it plan to install
7293 before doing the installation. So if you are curious or careful,
7294 check the output from the isenkram-* command line tools first.
</p
>
7296 <p
>The information about which packages are handling which hardware is
7297 fetched either from the isenkram package itself in
7298 /usr/share/isenkram/, from git.debian.org or from the APT package
7299 database (using the Modaliases header). The APT package database
7300 parsing have caused a nasty resource leak in the isenkram daemon (bugs
7301 <a href=
"http://bugs.debian.org/
719837">#
719837</a
> and
7302 <a href=
"http://bugs.debian.org/
730704">#
730704</a
>). The cause is in
7303 the python-apt code (bug
7304 <a href=
"http://bugs.debian.org/
745487">#
745487</a
>), but using a
7305 workaround I was able to get rid of the file descriptor leak and
7306 reduce the memory leak from ~
30 MiB per hardware detection down to
7307 around
2 MiB per hardware detection. It should make the desktop
7308 daemon a lot more useful. The fix is in version
0.7 uploaded to
7309 unstable today.
</p
>
7311 <p
>I believe the current way of mapping hardware to packages in
7312 Isenkram is is a good draft, but in the future I expect isenkram to
7313 use the AppStream data source for this. A proposal for getting proper
7314 AppStream support into Debian is floating around as
7315 <a href=
"https://wiki.debian.org/DEP-
11">DEP-
11</a
>, and
7316 <a href=
"https://wiki.debian.org/SummerOfCode2014/Projects#SummerOfCode2014.2FProjects
.2FAppStreamDEP11Implementation.AppStream
.2FDEP-
11_for_the_Debian_Archive
">GSoC
7317 project
</a
> will take place this summer to improve the situation. I
7318 look forward to seeing the result, and welcome patches for isenkram to
7319 start using the information when it is ready.
</p
>
7321 <p
>If you want your package to map to some specific hardware, either
7322 add a
"Xb-Modaliases
" header to your control file like I did in
7323 <a href=
"http://packages.qa.debian.org/pymissile
">the pymissile
7324 package
</a
> or submit a bug report with the details to the isenkram
7326 <a href=
"https://people.skolelinux.org/pere/blog/tags/isenkram/
">all my
7327 blog posts tagged isenkram
</a
> for details on the notation. I expect
7328 the information will be migrated to AppStream eventually, but for the
7329 moment I got no better place to store it.
</p
>
7334 <title>FreedomBox milestone - all packages now in Debian Sid
</title>
7335 <link>https://people.skolelinux.org/pere/blog/FreedomBox_milestone___all_packages_now_in_Debian_Sid.html
</link>
7336 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/FreedomBox_milestone___all_packages_now_in_Debian_Sid.html
</guid>
7337 <pubDate>Tue,
15 Apr
2014 22:
10:
00 +
0200</pubDate>
7338 <description><p
>The
<a href=
"https://wiki.debian.org/FreedomBox
">Freedombox
7339 project
</a
> is working on providing the software and hardware to make
7340 it easy for non-technical people to host their data and communication
7341 at home, and being able to communicate with their friends and family
7342 encrypted and away from prying eyes. It is still going strong, and
7343 today a major mile stone was reached.
</p
>
7345 <p
>Today, the last of the packages currently used by the project to
7346 created the system images were accepted into Debian Unstable. It was
7347 the freedombox-setup package, which is used to configure the images
7348 during build and on the first boot. Now all one need to get going is
7349 the build code from the freedom-maker git repository and packages from
7350 Debian. And once the freedombox-setup package enter testing, we can
7351 build everything directly from Debian. :)
</p
>
7353 <p
>Some key packages used by Freedombox are
7354 <a href=
"http://packages.qa.debian.org/freedombox-setup
">freedombox-setup
</a
>,
7355 <a href=
"http://packages.qa.debian.org/plinth
">plinth
</a
>,
7356 <a href=
"http://packages.qa.debian.org/pagekite
">pagekite
</a
>,
7357 <a href=
"http://packages.qa.debian.org/tor
">tor
</a
>,
7358 <a href=
"http://packages.qa.debian.org/privoxy
">privoxy
</a
>,
7359 <a href=
"http://packages.qa.debian.org/owncloud
">owncloud
</a
> and
7360 <a href=
"http://packages.qa.debian.org/dnsmasq
">dnsmasq
</a
>. There
7361 are plans to integrate more packages into the setup. User
7362 documentation is maintained on the Debian wiki. Please
7363 <a href=
"https://wiki.debian.org/FreedomBox/Manual/Jessie
">check out
7364 the manual
</a
> and help us improve it.
</p
>
7366 <p
>To test for yourself and create boot images with the FreedomBox
7367 setup, run this on a Debian machine using a user with sudo rights to
7368 become root:
</p
>
7370 <p
><pre
>
7371 sudo apt-get install git vmdebootstrap mercurial python-docutils \
7372 mktorrent extlinux virtualbox qemu-user-static binfmt-support \
7374 git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \
7376 make -C freedom-maker dreamplug-image raspberry-image virtualbox-image
7377 </pre
></p
>
7379 <p
>Root access is needed to run debootstrap and mount loopback
7380 devices. See the README in the freedom-maker git repo for more
7381 details on the build. If you do not want all three images, trim the
7382 make line. Note that the virtualbox-image target is not really
7383 virtualbox specific. It create a x86 image usable in kvm, qemu,
7384 vmware and any other x86 virtual machine environment. You might need
7385 the version of vmdebootstrap in Jessie to get the build working, as it
7386 include fixes for a race condition with kpartx.
</p
>
7388 <p
>If you instead want to install using a Debian CD and the preseed
7389 method, boot a Debian Wheezy ISO and use this boot argument to load
7390 the preseed values:
</p
>
7392 <p
><pre
>
7393 url=
<a href=
"http://www.reinholdtsen.name/freedombox/preseed-jessie.dat
">http://www.reinholdtsen.name/freedombox/preseed-jessie.dat
</a
>
7394 </pre
></p
>
7396 <p
>I have not tested it myself the last few weeks, so I do not know if
7397 it still work.
</p
>
7399 <p
>If you wonder how to help, one task you could look at is using
7400 systemd as the boot system. It will become the default for Linux in
7401 Jessie, so we need to make sure it is usable on the Freedombox. I did
7402 a simple test a few weeks ago, and noticed dnsmasq failed to start
7403 during boot when using systemd. I suspect there are other problems
7404 too. :) To detect problems, there is a test suite included, which can
7405 be run from the plinth web interface.
</p
>
7407 <p
>Give it a go and let us know how it goes on the mailing list, and help
7408 us get the new release published. :) Please join us on
7409 <a href=
"irc://irc.debian.org:
6667/%
23freedombox
">IRC (#freedombox on
7410 irc.debian.org)
</a
> and
7411 <a href=
"http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
">the
7412 mailing list
</a
> if you want to help make this vision come true.
</p
>
7417 <title>S3QL, a locally mounted cloud file system - nice free software
</title>
7418 <link>https://people.skolelinux.org/pere/blog/S3QL__a_locally_mounted_cloud_file_system___nice_free_software.html
</link>
7419 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/S3QL__a_locally_mounted_cloud_file_system___nice_free_software.html
</guid>
7420 <pubDate>Wed,
9 Apr
2014 11:
30:
00 +
0200</pubDate>
7421 <description><p
>For a while now, I have been looking for a sensible offsite backup
7422 solution for use at home. My requirements are simple, it must be
7423 cheap and locally encrypted (in other words, I keep the encryption
7424 keys, the storage provider do not have access to my private files).
7425 One idea me and my friends had many years ago, before the cloud
7426 storage providers showed up, was to use Google mail as storage,
7427 writing a Linux block device storing blocks as emails in the mail
7428 service provided by Google, and thus get heaps of free space. On top
7429 of this one can add encryption, RAID and volume management to have
7430 lots of (fairly slow, I admit that) cheap and encrypted storage. But
7431 I never found time to implement such system. But the last few weeks I
7432 have looked at a system called
7433 <a href=
"https://bitbucket.org/nikratio/s3ql/
">S3QL
</a
>, a locally
7434 mounted network backed file system with the features I need.
</p
>
7436 <p
>S3QL is a fuse file system with a local cache and cloud storage,
7437 handling several different storage providers, any with Amazon S3,
7438 Google Drive or OpenStack API. There are heaps of such storage
7439 providers. S3QL can also use a local directory as storage, which
7440 combined with sshfs allow for file storage on any ssh server. S3QL
7441 include support for encryption, compression, de-duplication, snapshots
7442 and immutable file systems, allowing me to mount the remote storage as
7443 a local mount point, look at and use the files as if they were local,
7444 while the content is stored in the cloud as well. This allow me to
7445 have a backup that should survive fire. The file system can not be
7446 shared between several machines at the same time, as only one can
7447 mount it at the time, but any machine with the encryption key and
7448 access to the storage service can mount it if it is unmounted.
</p
>
7450 <p
>It is simple to use. I
'm using it on Debian Wheezy, where the
7451 package is included already. So to get started, run
<tt
>apt-get
7452 install s3ql
</tt
>. Next, pick a storage provider. I ended up picking
7453 Greenqloud, after reading their nice recipe on
7454 <a href=
"https://greenqloud.zendesk.com/entries/
44611757-How-To-Use-S3QL-to-mount-a-StorageQloud-bucket-on-Debian-Wheezy
">how
7455 to use S3QL with their Amazon S3 service
</a
>, because I trust the laws
7456 in Iceland more than those in USA when it come to keeping my personal
7457 data safe and private, and thus would rather spend money on a company
7458 in Iceland. Another nice recipe is available from the article
7459 <a href=
"http://www.admin-magazine.com/HPC/Articles/HPC-Cloud-Storage
">S3QL
7460 Filesystem for HPC Storage
</a
> by Jeff Layton in the HPC section of
7461 Admin magazine. When the provider is picked, figure out how to get
7462 the API key needed to connect to the storage API. With Greencloud,
7463 the key did not show up until I had added payment details to my
7466 <p
>Armed with the API access details, it is time to create the file
7467 system. First, create a new bucket in the cloud. This bucket is the
7468 file system storage area. I picked a bucket name reflecting the
7469 machine that was going to store data there, but any name will do.
7470 I
'll refer to it as
<tt
>bucket-name
</tt
> below. In addition, one need
7471 the API login and password, and a locally created password. Store it
7472 all in ~root/.s3ql/authinfo2 like this:
7474 <p
><blockquote
><pre
>
7476 storage-url: s3c://s.greenqloud.com:
443/bucket-name
7477 backend-login: API-login
7478 backend-password: API-password
7479 fs-passphrase: local-password
7480 </pre
></blockquote
></p
>
7482 <p
>I create my local passphrase using
<tt
>pwget
50</tt
> or similar,
7483 but any sensible way to create a fairly random password should do it.
7484 Armed with these details, it is now time to run mkfs, entering the API
7485 details and password to create it:
</p
>
7487 <p
><blockquote
><pre
>
7488 # mkdir -m
700 /var/lib/s3ql-cache
7489 # mkfs.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
7490 --ssl s3c://s.greenqloud.com:
443/bucket-name
7491 Enter backend login:
7492 Enter backend password:
7493 Before using S3QL, make sure to read the user
's guide, especially
7494 the
'Important Rules to Avoid Loosing Data
' section.
7495 Enter encryption password:
7496 Confirm encryption password:
7497 Generating random encryption key...
7498 Creating metadata tables...
7508 Compressing and uploading metadata...
7509 Wrote
0.00 MB of compressed metadata.
7510 #
</pre
></blockquote
></p
>
7512 <p
>The next step is mounting the file system to make the storage available.
7514 <p
><blockquote
><pre
>
7515 # mount.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
7516 --ssl --allow-root s3c://s.greenqloud.com:
443/bucket-name /s3ql
7517 Using
4 upload threads.
7518 Downloading and decompressing metadata...
7528 Mounting filesystem...
7530 Filesystem Size Used Avail Use% Mounted on
7531 s3c://s.greenqloud.com:
443/bucket-name
1.0T
0 1.0T
0% /s3ql
7533 </pre
></blockquote
></p
>
7535 <p
>The file system is now ready for use. I use rsync to store my
7536 backups in it, and as the metadata used by rsync is downloaded at
7537 mount time, no network traffic (and storage cost) is triggered by
7538 running rsync. To unmount, one should not use the normal umount
7539 command, as this will not flush the cache to the cloud storage, but
7540 instead running the umount.s3ql command like this:
7542 <p
><blockquote
><pre
>
7545 </pre
></blockquote
></p
>
7547 <p
>There is a fsck command available to check the file system and
7548 correct any problems detected. This can be used if the local server
7549 crashes while the file system is mounted, to reset the
"already
7550 mounted
" flag. This is what it look like when processing a working
7551 file system:
</p
>
7553 <p
><blockquote
><pre
>
7554 # fsck.s3ql --force --ssl s3c://s.greenqloud.com:
443/bucket-name
7555 Using cached metadata.
7556 File system seems clean, checking anyway.
7557 Checking DB integrity...
7558 Creating temporary extra indices...
7559 Checking lost+found...
7560 Checking cached objects...
7561 Checking names (refcounts)...
7562 Checking contents (names)...
7563 Checking contents (inodes)...
7564 Checking contents (parent inodes)...
7565 Checking objects (reference counts)...
7566 Checking objects (backend)...
7567 ..processed
5000 objects so far..
7568 ..processed
10000 objects so far..
7569 ..processed
15000 objects so far..
7570 Checking objects (sizes)...
7571 Checking blocks (referenced objects)...
7572 Checking blocks (refcounts)...
7573 Checking inode-block mapping (blocks)...
7574 Checking inode-block mapping (inodes)...
7575 Checking inodes (refcounts)...
7576 Checking inodes (sizes)...
7577 Checking extended attributes (names)...
7578 Checking extended attributes (inodes)...
7579 Checking symlinks (inodes)...
7580 Checking directory reachability...
7581 Checking unix conventions...
7582 Checking referential integrity...
7583 Dropping temporary indices...
7584 Backing up old metadata...
7594 Compressing and uploading metadata...
7595 Wrote
0.89 MB of compressed metadata.
7597 </pre
></blockquote
></p
>
7599 <p
>Thanks to the cache, working on files that fit in the cache is very
7600 quick, about the same speed as local file access. Uploading large
7601 amount of data is to me limited by the bandwidth out of and into my
7602 house. Uploading
685 MiB with a
100 MiB cache gave me
305 kiB/s,
7603 which is very close to my upload speed, and downloading the same
7604 Debian installation ISO gave me
610 kiB/s, close to my download speed.
7605 Both were measured using
<tt
>dd
</tt
>. So for me, the bottleneck is my
7606 network, not the file system code. I do not know what a good cache
7607 size would be, but suspect that the cache should e larger than your
7608 working set.
</p
>
7610 <p
>I mentioned that only one machine can mount the file system at the
7611 time. If another machine try, it is told that the file system is
7614 <p
><blockquote
><pre
>
7615 # mount.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
7616 --ssl --allow-root s3c://s.greenqloud.com:
443/bucket-name /s3ql
7617 Using
8 upload threads.
7618 Backend reports that fs is still mounted elsewhere, aborting.
7620 </pre
></blockquote
></p
>
7622 <p
>The file content is uploaded when the cache is full, while the
7623 metadata is uploaded once every
24 hour by default. To ensure the
7624 file system content is flushed to the cloud, one can either umount the
7625 file system, or ask S3QL to flush the cache and metadata using
7628 <p
><blockquote
><pre
>
7629 # s3qlctrl upload-meta /s3ql
7630 # s3qlctrl flushcache /s3ql
7632 </pre
></blockquote
></p
>
7634 <p
>If you are curious about how much space your data uses in the
7635 cloud, and how much compression and deduplication cut down on the
7636 storage usage, you can use s3qlstat on the mounted file system to get
7639 <p
><blockquote
><pre
>
7641 Directory entries:
9141
7644 Total data size:
22049.38 MB
7645 After de-duplication:
21955.46 MB (
99.57% of total)
7646 After compression:
21877.28 MB (
99.22% of total,
99.64% of de-duplicated)
7647 Database size:
2.39 MB (uncompressed)
7648 (some values do not take into account not-yet-uploaded dirty blocks in cache)
7650 </pre
></blockquote
></p
>
7652 <p
>I mentioned earlier that there are several possible suppliers of
7653 storage. I did not try to locate them all, but am aware of at least
7654 <a href=
"https://www.greenqloud.com/
">Greenqloud
</a
>,
7655 <a href=
"http://drive.google.com/
">Google Drive
</a
>,
7656 <a href=
"http://aws.amazon.com/s3/
">Amazon S3 web serivces
</a
>,
7657 <a href=
"http://www.rackspace.com/
">Rackspace
</a
> and
7658 <a href=
"http://crowncloud.net/
">Crowncloud
</A
>. The latter even
7659 accept payment in Bitcoin. Pick one that suit your need. Some of
7660 them provide several GiB of free storage, but the prize models are
7661 quite different and you will have to figure out what suits you
7664 <p
>While researching this blog post, I had a look at research papers
7665 and posters discussing the S3QL file system. There are several, which
7666 told me that the file system is getting a critical check by the
7667 science community and increased my confidence in using it. One nice
7669 "<a href=
"http://www.lanl.gov/orgs/adtsc/publications/science_highlights_2013/docs/pg68_69.pdf
">An
7670 Innovative Parallel Cloud Storage System using OpenStack’s SwiftObject
7671 Store and Transformative Parallel I/O Approach
</a
>" by Hsing-Bung
7672 Chen, Benjamin McClelland, David Sherrill, Alfred Torrez, Parks Fields
7673 and Pamela Smith. Please have a look.
</p
>
7675 <p
>Given my problems with different file systems earlier, I decided to
7676 check out the mounted S3QL file system to see if it would be usable as
7677 a home directory (in other word, that it provided POSIX semantics when
7678 it come to locking and umask handling etc). Running
7679 <a href=
"https://people.skolelinux.org/pere/blog/Testing_if_a_file_system_can_be_used_for_home_directories___.html
">my
7680 test code to check file system semantics
</a
>, I was happy to discover that
7681 no error was found. So the file system can be used for home
7682 directories, if one chooses to do so.
</p
>
7684 <p
>If you do not want a locally file system, and want something that
7685 work without the Linux fuse file system, I would like to mention the
7686 <a href=
"http://www.tarsnap.com/
">Tarsnap service
</a
>, which also
7687 provide locally encrypted backup using a command line client. It have
7688 a nicer access control system, where one can split out read and write
7689 access, allowing some systems to write to the backup and others to
7690 only read from it.
</p
>
7692 <p
>As usual, if you use Bitcoin and want to show your support of my
7693 activities, please send Bitcoin donations to my address
7694 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
7699 <title>Freedombox on Dreamplug, Raspberry Pi and virtual x86 machine
</title>
7700 <link>https://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html
</link>
7701 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html
</guid>
7702 <pubDate>Fri,
14 Mar
2014 11:
00:
00 +
0100</pubDate>
7703 <description><p
>The
<a href=
"https://wiki.debian.org/FreedomBox
">Freedombox
7704 project
</a
> is working on providing the software and hardware for
7705 making it easy for non-technical people to host their data and
7706 communication at home, and being able to communicate with their
7707 friends and family encrypted and away from prying eyes. It has been
7708 going on for a while, and is slowly progressing towards a new test
7709 release (
0.2).
</p
>
7711 <p
>And what day could be better than the Pi day to announce that the
7712 new version will provide
"hard drive
" / SD card / USB stick images for
7713 Dreamplug, Raspberry Pi and VirtualBox (or any other virtualization
7714 system), and can also be installed using a Debian installer preseed
7715 file. The Debian based Freedombox is now based on Debian Jessie,
7716 where most of the needed packages used are already present. Only one,
7717 the freedombox-setup package, is missing. To try to build your own
7718 boot image to test the current status, fetch the freedom-maker scripts
7720 <a href=
"http://packages.qa.debian.org/vmdebootstrap
">vmdebootstrap
</a
>
7721 with a user with sudo access to become root:
7724 git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \
7726 sudo apt-get install git vmdebootstrap mercurial python-docutils \
7727 mktorrent extlinux virtualbox qemu-user-static binfmt-support \
7729 make -C freedom-maker dreamplug-image raspberry-image virtualbox-image
7732 <p
>Root access is needed to run debootstrap and mount loopback
7733 devices. See the README for more details on the build. If you do not
7734 want all three images, trim the make line. But note that thanks to
<a
7735 href=
"https://bugs.debian.org/
741407">a race condition in
7736 vmdebootstrap
</a
>, the build might fail without the patch to the
7737 kpartx call.
</p
>
7739 <p
>If you instead want to install using a Debian CD and the preseed
7740 method, boot a Debian Wheezy ISO and use this boot argument to load
7741 the preseed values:
</p
>
7744 url=
<a href=
"http://www.reinholdtsen.name/freedombox/preseed-jessie.dat
">http://www.reinholdtsen.name/freedombox/preseed-jessie.dat
</a
>
7747 <p
>But note that due to
<a href=
"https://bugs.debian.org/
740673">a
7748 recently introduced bug in apt in Jessie
</a
>, the installer will
7749 currently hang while setting up APT sources. Killing the
7750 '<tt
>apt-cdrom ident
</tt
>' process when it hang a few times during the
7751 installation will get the installation going. This affect all
7752 installations in Jessie, and I expect it will be fixed soon.
</p
>
7754 <p
>Give it a go and let us know how it goes on the mailing list, and help
7755 us get the new release published. :) Please join us on
7756 <a href=
"irc://irc.debian.org:
6667/%
23freedombox
">IRC (#freedombox on
7757 irc.debian.org)
</a
> and
7758 <a href=
"http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
">the
7759 mailing list
</a
> if you want to help make this vision come true.
</p
>
7764 <title>New home and release
1.0 for netgroup and innetgr (aka ng-utils)
</title>
7765 <link>https://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html
</link>
7766 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html
</guid>
7767 <pubDate>Sat,
22 Feb
2014 21:
45:
00 +
0100</pubDate>
7768 <description><p
>Many years ago, I wrote a GPL licensed version of the netgroup and
7769 innetgr tools, because I needed them in
7770 <a href=
"http://www.skolelinux.org/
">Skolelinux
</a
>. I called the project
7771 ng-utils, and it has served me well. I placed the project under the
7772 <a href=
"http://www.hungry.com/
">Hungry Programmer
</a
> umbrella, and it was maintained in our CVS
7773 repository. But many years ago, the CVS repository was dropped (lost,
7774 not migrated to new hardware, not sure), and the project have lacked a
7775 proper home since then.
</p
>
7777 <p
>Last summer, I had a look at the package and made a new release
7778 fixing a irritating crash bug, but was unable to store the changes in
7779 a proper source control system. I applied for a project on
7780 <a href=
"https://alioth.debian.org/
">Alioth
</a
>, but did not have time
7781 to follow up on it. Until today. :)
</p
>
7783 <p
>After many hours of cleaning and migration, the ng-utils project
7784 now have a new home, and a git repository with the highlight of the
7785 history of the project. I published all release tarballs and imported
7786 them into the git repository. As the project is really stable and not
7787 expected to gain new features any time soon, I decided to make a new
7788 release and call it
1.0. Visit the new project home on
7789 <a href=
"https://alioth.debian.org/projects/ng-utils/
">https://alioth.debian.org/projects/ng-utils/
</a
>
7790 if you want to check it out. The new version is also uploaded into
7791 <a href=
"http://packages.qa.debian.org/n/ng-utils.html
">Debian Unstable
</a
>.
</p
>
7796 <title>Testing sysvinit from experimental in Debian Hurd
</title>
7797 <link>https://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html
</link>
7798 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html
</guid>
7799 <pubDate>Mon,
3 Feb
2014 13:
40:
00 +
0100</pubDate>
7800 <description><p
>A few days ago I decided to try to help the Hurd people to get
7801 their changes into sysvinit, to allow them to use the normal sysvinit
7802 boot system instead of their old one. This follow up on the
7803 <a href=
"https://teythoon.cryptobitch.de//categories/gsoc.html
">great
7804 Google Summer of Code work
</a
> done last summer by Justus Winter to
7805 get Debian on Hurd working more like Debian on Linux. To get started,
7806 I downloaded a prebuilt hard disk image from
7807 <a href=
"http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz
">http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz
</a
>,
7808 and started it using virt-manager.
</p
>
7810 <p
>The first think I had to do after logging in (root without any
7811 password) was to get the network operational. I followed
7812 <a href=
"https://www.debian.org/ports/hurd/hurd-install
">the
7813 instructions on the Debian GNU/Hurd ports page
</a
> and ran these
7814 commands as root to get the machine to accept a IP address from the
7815 kvm internal DHCP server:
</p
>
7817 <p
><blockquote
><pre
>
7818 settrans -fgap /dev/netdde /hurd/netdde
7819 kill $(ps -ef|awk
'/[p]finet/ { print $
2}
')
7820 kill $(ps -ef|awk
'/[d]evnode/ { print $
2}
')
7822 </pre
></blockquote
></p
>
7824 <p
>After this, the machine had internet connectivity, and I could
7825 upgrade it and install the sysvinit packages from experimental and
7826 enable it as the default boot system in Hurd.
</p
>
7828 <p
>But before I did that, I set a password on the root user, as ssh is
7829 running on the machine it for ssh login to work a password need to be
7830 set. Also, note that a bug somewhere in openssh on Hurd block
7831 compression from working. Remember to turn that off on the client
7834 <p
>Run these commands as root to upgrade and test the new sysvinit
7837 <p
><blockquote
><pre
>
7838 cat
> /etc/apt/sources.list.d/experimental.list
&lt;
&lt;EOF
7839 deb http://http.debian.net/debian/ experimental main
7842 apt-get dist-upgrade
7843 apt-get install -t experimental initscripts sysv-rc sysvinit \
7844 sysvinit-core sysvinit-utils
7845 update-alternatives --config runsystem
7846 </pre
></blockquote
></p
>
7848 <p
>To reboot after switching boot system, you have to use
7849 <tt
>reboot-hurd
</tt
> instead of just
<tt
>reboot
</tt
>, as there is not
7850 yet a sysvinit process able to receive the signals from the normal
7851 'reboot
' command. After switching to sysvinit as the boot system,
7852 upgrading every package and rebooting, the network come up with DHCP
7853 after boot as it should, and the settrans/pkill hack mentioned at the
7854 start is no longer needed. But for some strange reason, there are no
7855 longer any login prompt in the virtual console, so I logged in using
7858 <p
>Note that there are some race conditions in Hurd making the boot
7859 fail some times. No idea what the cause is, but hope the Hurd porters
7860 figure it out. At least Justus said on IRC (#debian-hurd on
7861 irc.debian.org) that they are aware of the problem. A way to reduce
7862 the impact is to upgrade to the Hurd packages built by Justus by
7863 adding this repository to the machine:
</p
>
7865 <p
><blockquote
><pre
>
7866 cat
> /etc/apt/sources.list.d/hurd-ci.list
&lt;
&lt;EOF
7867 deb http://darnassus.sceen.net/~teythoon/hurd-ci/ sid main
7869 </pre
></blockquote
></p
>
7871 <p
>At the moment the prebuilt virtual machine get some packages from
7872 http://ftp.debian-ports.org/debian, because some of the packages in
7873 unstable do not yet include the required patches that are lingering in
7874 BTS. This is the completely list of
"unofficial
" packages installed:
</p
>
7876 <p
><blockquote
><pre
>
7877 # aptitude search
'?narrow(?version(CURRENT),?origin(Debian Ports))
'
7878 i emacs - GNU Emacs editor (metapackage)
7879 i gdb - GNU Debugger
7880 i hurd-recommended - Miscellaneous translators
7881 i isc-dhcp-client - ISC DHCP client
7882 i isc-dhcp-common - common files used by all the isc-dhcp* packages
7883 i libc-bin - Embedded GNU C Library: Binaries
7884 i libc-dev-bin - Embedded GNU C Library: Development binaries
7885 i libc0.3 - Embedded GNU C Library: Shared libraries
7886 i A libc0.3-dbg - Embedded GNU C Library: detached debugging symbols
7887 i libc0.3-dev - Embedded GNU C Library: Development Libraries and Hea
7888 i multiarch-support - Transitional package to ensure multiarch compatibilit
7889 i A x11-common - X Window System (X.Org) infrastructure
7890 i xorg - X.Org X Window System
7891 i A xserver-xorg - X.Org X server
7892 i A xserver-xorg-input-all - X.Org X server -- input driver metapackage
7894 </pre
></blockquote
></p
>
7896 <p
>All in all, testing hurd has been an interesting experience. :)
7897 X.org did not work out of the box and I never took the time to follow
7898 the porters instructions to fix it. This time I was interested in the
7899 command line stuff.
<p
>
7904 <title>New chrpath release
0.16</title>
7905 <link>https://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html
</link>
7906 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html
</guid>
7907 <pubDate>Tue,
14 Jan
2014 11:
00:
00 +
0100</pubDate>
7908 <description><p
><a href=
"http://www.coverity.com/
">Coverity
</a
> is a nice tool to
7909 find problems in C, C++ and Java code using static source code
7910 analysis. It can detect a lot of different problems, and is very
7911 useful to find memory and locking bugs in the error handling part of
7912 the source. The company behind it provide
7913 <a href=
"https://scan.coverity.com/
">check of free software projects as
7914 a community service
</a
>, and many hundred free software projects are
7915 already checked. A few days ago I decided to have a closer look at
7916 the Coverity system, and discovered that the
7917 <a href=
"http://www.gnu.org/software/gnash/
">gnash
</a
> and
7918 <a href=
"http://sourceforge.net/projects/ipmitool/
">ipmitool
</a
>
7919 projects I am involved with was already registered. But these are
7920 fairly big, and I would also like to have a small and easy project to
7921 check, and decided to
<a href=
"http://scan.coverity.com/projects/
1179">request
7922 checking of the chrpath project
</a
>. It was
7923 added to the checker and discovered seven potential defects. Six of
7924 these were real, mostly resource
"leak
" when the program detected an
7925 error. Nothing serious, as the resources would be released a fraction
7926 of a second later when the program exited because of the error, but it
7927 is nice to do it right in case the source of the program some time in
7928 the future end up in a library. Having fixed all defects and added
7929 <a href=
"https://lists.alioth.debian.org/mailman/listinfo/chrpath-devel
">a
7930 mailing list for the chrpath developers
</a
>, I decided it was time to
7931 publish a new release. These are the release notes:
</p
>
7933 <p
>New in
0.16 released
2014-
01-
14:
</p
>
7937 <li
>Fixed all minor bugs discovered by Coverity.
</li
>
7938 <li
>Updated config.sub and config.guess from the GNU project.
</li
>
7939 <li
>Mention new project mailing list in the documentation.
</li
>
7944 <a href=
"https://alioth.debian.org/frs/?group_id=
31052">download the
7945 new version
0.16 from alioth
</a
>. Please let us know via the Alioth
7946 project if something is wrong with the new release. The test suite
7947 did not discover any old errors, so if you find a new one, please also
7948 include a test suite check.
</p
>
7953 <title>New chrpath release
0.15</title>
7954 <link>https://people.skolelinux.org/pere/blog/New_chrpath_release_0_15.html
</link>
7955 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/New_chrpath_release_0_15.html
</guid>
7956 <pubDate>Sun,
24 Nov
2013 09:
30:
00 +
0100</pubDate>
7957 <description><p
>After many years break from the package and a vain hope that
7958 development would be continued by someone else, I finally pulled my
7959 acts together this morning and wrapped up a new release of chrpath,
7960 the command line tool to modify the rpath and runpath of already
7961 compiled ELF programs. The update was triggered by the persistence of
7962 Isha Vishnoi at IBM, which needed a new config.guess file to get
7963 support for the ppc64le architecture (powerpc
64-bit Little Endian) he
7964 is working on. I checked the
7965 <a href=
"http://packages.qa.debian.org/chrpath
">Debian
</a
>,
7966 <a href=
"https://launchpad.net/ubuntu/+source/chrpath
">Ubuntu
</a
> and
7967 <a href=
"https://admin.fedoraproject.org/pkgdb/acls/name/chrpath
">Fedora
</a
>
7968 packages for interesting patches (failed to find the source from
7969 OpenSUSE and Mandriva packages), and found quite a few nice fixes.
7970 These are the release notes:
</p
>
7972 <p
>New in
0.15 released
2013-
11-
24:
</p
>
7976 <li
>Updated config.sub and config.guess from the GNU project to work
7977 with newer architectures. Thanks to isha vishnoi for the heads
7980 <li
>Updated README with current URLs.
</li
>
7982 <li
>Added byteswap fix found in Ubuntu, credited Jeremy Kerr and
7983 Matthias Klose.
</li
>
7985 <li
>Added missing help for -k|--keepgoing option, using patch by
7986 Petr Machata found in Fedora.
</li
>
7988 <li
>Rewrite removal of RPATH/RUNPATH to make sure the entry in
7989 .dynamic is a NULL terminated string. Based on patch found in
7990 Fedora credited Axel Thimm and Christian Krause.
</li
>
7995 <a href=
"https://alioth.debian.org/frs/?group_id=
31052">download the
7996 new version
0.15 from alioth
</a
>. Please let us know via the Alioth
7997 project if something is wrong with the new release. The test suite
7998 did not discover any old errors, so if you find a new one, please also
7999 include a testsuite check.
</p
>
8004 <title>Debian init.d boot script example for rsyslog
</title>
8005 <link>https://people.skolelinux.org/pere/blog/Debian_init_d_boot_script_example_for_rsyslog.html
</link>
8006 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Debian_init_d_boot_script_example_for_rsyslog.html
</guid>
8007 <pubDate>Sat,
2 Nov
2013 22:
40:
00 +
0100</pubDate>
8008 <description><p
>If one of the points of switching to a new init system in Debian is
8009 <a href=
"http://thomas.goirand.fr/blog/?p=
147">to get rid of huge
8010 init.d scripts
</a
>, I doubt we need to switch away from sysvinit and
8011 init.d scripts at all. Here is an example init.d script, ie a rewrite
8012 of /etc/init.d/rsyslog:
</p
>
8014 <p
><pre
>
8015 #!/lib/init/init-d-script
8018 # Required-Start: $remote_fs $time
8019 # Required-Stop: umountnfs $time
8020 # X-Stop-After: sendsigs
8021 # Default-Start:
2 3 4 5
8022 # Default-Stop:
0 1 6
8023 # Short-Description: enhanced syslogd
8024 # Description: Rsyslog is an enhanced multi-threaded syslogd.
8025 # It is quite compatible to stock sysklogd and can be
8026 # used as a drop-in replacement.
8028 DESC=
"enhanced syslogd
"
8029 DAEMON=/usr/sbin/rsyslogd
8030 </pre
></p
>
8032 <p
>Pretty minimalistic to me... For the record, the original sysv-rc
8033 script was
137 lines, and the above is just
15 lines, most of it meta
8034 info/comments.
</p
>
8036 <p
>How to do this, you ask? Well, one create a new script
8037 /lib/init/init-d-script looking something like this:
8039 <p
><pre
>
8042 # Define LSB log_* functions.
8043 # Depend on lsb-base (
>=
3.2-
14) to ensure that this file is present
8044 # and status_of_proc is working.
8045 . /lib/lsb/init-functions
8048 # Function that starts the daemon/service
8054 #
0 if daemon has been started
8055 #
1 if daemon was already running
8056 #
2 if daemon could not be started
8057 start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test
> /dev/null \
8059 start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
8062 # Add code here, if necessary, that waits for the process to be ready
8063 # to handle requests from services started subsequently which depend
8064 # on this one. As a last resort, sleep for some time.
8068 # Function that stops the daemon/service
8073 #
0 if daemon has been stopped
8074 #
1 if daemon was already stopped
8075 #
2 if daemon could not be stopped
8076 # other if a failure occurred
8077 start-stop-daemon --stop --quiet --retry=TERM/
30/KILL/
5 --pidfile $PIDFILE --name $NAME
8078 RETVAL=
"$?
"
8079 [
"$RETVAL
" =
2 ]
&& return
2
8080 # Wait for children to finish too if this is a daemon that forks
8081 # and if the daemon is only ever run from this initscript.
8082 # If the above conditions are not satisfied then add some other code
8083 # that waits for the process to drop all resources that could be
8084 # needed by services started subsequently. A last resort is to
8085 # sleep for some time.
8086 start-stop-daemon --stop --quiet --oknodo --retry=
0/
30/KILL/
5 --exec $DAEMON
8087 [
"$?
" =
2 ]
&& return
2
8088 # Many daemons don
't delete their pidfiles when they exit.
8090 return
"$RETVAL
"
8094 # Function that sends a SIGHUP to the daemon/service
8098 # If the daemon can reload its configuration without
8099 # restarting (for example, when it is sent a SIGHUP),
8100 # then implement that here.
8102 start-stop-daemon --stop --signal
1 --quiet --pidfile $PIDFILE --name $NAME
8107 scriptbasename=
"$(basename $
1)
"
8108 echo
"SN: $scriptbasename
"
8109 if [
"$scriptbasename
" !=
"init-d-library
" ] ; then
8110 script=
"$
1"
8117 NAME=$(basename $DAEMON)
8118 PIDFILE=/var/run/$NAME.pid
8120 # Exit if the package is not installed
8121 #[ -x
"$DAEMON
" ] || exit
0
8123 # Read configuration variable file if it is present
8124 [ -r /etc/default/$NAME ]
&& . /etc/default/$NAME
8126 # Load the VERBOSE setting and other rcS variables
8129 case
"$
1" in
8131 [
"$VERBOSE
" != no ]
&& log_daemon_msg
"Starting $DESC
" "$NAME
"
8133 case
"$?
" in
8134 0|
1) [
"$VERBOSE
" != no ]
&& log_end_msg
0 ;;
8135 2) [
"$VERBOSE
" != no ]
&& log_end_msg
1 ;;
8139 [
"$VERBOSE
" != no ]
&& log_daemon_msg
"Stopping $DESC
" "$NAME
"
8141 case
"$?
" in
8142 0|
1) [
"$VERBOSE
" != no ]
&& log_end_msg
0 ;;
8143 2) [
"$VERBOSE
" != no ]
&& log_end_msg
1 ;;
8147 status_of_proc
"$DAEMON
" "$NAME
" && exit
0 || exit $?
8149 #reload|force-reload)
8151 # If do_reload() is not implemented then leave this commented out
8152 # and leave
'force-reload
' as an alias for
'restart
'.
8154 #log_daemon_msg
"Reloading $DESC
" "$NAME
"
8158 restart|force-reload)
8160 # If the
"reload
" option is implemented then remove the
8161 #
'force-reload
' alias
8163 log_daemon_msg
"Restarting $DESC
" "$NAME
"
8165 case
"$?
" in
8168 case
"$?
" in
8170 1) log_end_msg
1 ;; # Old process is still running
8171 *) log_end_msg
1 ;; # Failed to start
8181 echo
"Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}
" >&2
8187 </pre
></p
>
8189 <p
>It is based on /etc/init.d/skeleton, and could be improved quite a
8190 lot. I did not really polish the approach, so it might not always
8191 work out of the box, but you get the idea. I did not try very hard to
8192 optimize it nor make it more robust either.
</p
>
8194 <p
>A better argument for switching init system in Debian than reducing
8195 the size of init scripts (which is a good thing to do anyway), is to
8196 get boot system that is able to handle the kernel events sensibly and
8197 robustly, and do not depend on the boot to run sequentially. The boot
8198 and the kernel have not behaved sequentially in years.
</p
>
8203 <title>Browser plugin for SPICE (spice-xpi) uploaded to Debian
</title>
8204 <link>https://people.skolelinux.org/pere/blog/Browser_plugin_for_SPICE__spice_xpi__uploaded_to_Debian.html
</link>
8205 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Browser_plugin_for_SPICE__spice_xpi__uploaded_to_Debian.html
</guid>
8206 <pubDate>Fri,
1 Nov
2013 11:
00:
00 +
0100</pubDate>
8207 <description><p
><a href=
"http://www.spice-space.org/
">The SPICE protocol
</a
> for
8208 remote display access is the preferred solution with oVirt and RedHat
8209 Enterprise Virtualization, and I was sad to discover the other day
8210 that the browser plugin needed to use these systems seamlessly was
8211 missing in Debian. The
<a href=
"http://bugs.debian.org/
668284">request
8212 for a package
</a
> was from
2012-
04-
10 with no progress since
8213 2013-
04-
01, so I decided to wrap up a package based on the great work
8214 from Cajus Pollmeier and put it in a collab-maint maintained git
8215 repository to get a package I could use. I would very much like
8216 others to help me maintain the package (or just take over, I do not
8217 mind), but as no-one had volunteered so far, I just uploaded it to
8218 NEW. I hope it will be available in Debian in a few days.
</p
>
8220 <p
>The source is now available from
8221 <a href=
"http://anonscm.debian.org/gitweb/?p=collab-maint/spice-xpi.git;a=summary
">http://anonscm.debian.org/gitweb/?p=collab-maint/spice-xpi.git;a=summary
</a
>.
</p
>
8226 <title>Teaching vmdebootstrap to create Raspberry Pi SD card images
</title>
8227 <link>https://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html
</link>
8228 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html
</guid>
8229 <pubDate>Sun,
27 Oct
2013 17:
00:
00 +
0100</pubDate>
8230 <description><p
>The
8231 <a href=
"http://packages.qa.debian.org/v/vmdebootstrap.html
">vmdebootstrap
</a
>
8232 program is a a very nice system to create virtual machine images. It
8233 create a image file, add a partition table, mount it and run
8234 debootstrap in the mounted directory to create a Debian system on a
8235 stick. Yesterday, I decided to try to teach it how to make images for
8236 <a href=
"https://wiki.debian.org/RaspberryPi
">Raspberry Pi
</a
>, as part
8237 of a plan to simplify the build system for
8238 <a href=
"https://wiki.debian.org/FreedomBox
">the FreedomBox
8239 project
</a
>. The FreedomBox project already uses vmdebootstrap for
8240 the virtualbox images, but its current build system made multistrap
8241 based system for Dreamplug images, and it is lacking support for
8242 Raspberry Pi.
</p
>
8244 <p
>Armed with the knowledge on how to build
"foreign
" (aka non-native
8245 architecture) chroots for Raspberry Pi, I dived into the vmdebootstrap
8246 code and adjusted it to be able to build armel images on my amd64
8247 Debian laptop. I ended up giving vmdebootstrap five new options,
8248 allowing me to replicate the image creation process I use to make
8249 <a href=
"https://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html
">Debian
8250 Jessie based mesh node images for the Raspberry Pi
</a
>. First, the
8251 <tt
>--foreign /path/to/binfm_handler
</tt
> option tell vmdebootstrap to
8252 call debootstrap with --foreign and to copy the handler into the
8253 generated chroot before running the second stage. This allow
8254 vmdebootstrap to create armel images on an amd64 host. Next I added
8255 two new options
<tt
>--bootsize size
</tt
> and
<tt
>--boottype
8256 fstype
</tt
> to teach it to create a separate /boot/ partition with the
8257 given file system type, allowing me to create an image with a vfat
8258 partition for the /boot/ stuff. I also added a
<tt
>--variant
8259 variant
</tt
> option to allow me to create smaller images without the
8260 Debian base system packages installed. Finally, I added an option
8261 <tt
>--no-extlinux
</tt
> to tell vmdebootstrap to not install extlinux
8262 as a boot loader. It is not needed on the Raspberry Pi and probably
8263 most other non-x86 architectures. The changes were accepted by the
8264 upstream author of vmdebootstrap yesterday and today, and is now
8266 <a href=
"http://git.liw.fi/cgi-bin/cgit/cgit.cgi/vmdebootstrap/
">the
8267 upstream project page
</a
>.
</p
>
8269 <p
>To use it to build a Raspberry Pi image using Debian Jessie, first
8270 create a small script (the customize script) to add the non-free
8271 binary blob needed to boot the Raspberry Pi and the APT source
8274 <p
><pre
>
8276 set -e # Exit on first error
8277 rootdir=
"$
1"
8278 cd
"$rootdir
"
8279 cat
&lt;
&lt;EOF
> etc/apt/sources.list
8280 deb http://http.debian.net/debian/ jessie main contrib non-free
8282 # Install non-free binary blob needed to boot Raspberry Pi. This
8283 # install a kernel somewhere too.
8284 wget https://raw.github.com/Hexxeh/rpi-update/master/rpi-update \
8285 -O $rootdir/usr/bin/rpi-update
8286 chmod a+x $rootdir/usr/bin/rpi-update
8287 mkdir -p $rootdir/lib/modules
8288 touch $rootdir/boot/start.elf
8289 chroot $rootdir rpi-update
8290 </pre
></p
>
8292 <p
>Next, fetch the latest vmdebootstrap script and call it like this
8293 to build the image:
</p
>
8296 sudo ./vmdebootstrap \
8299 --distribution jessie \
8300 --mirror http://http.debian.net/debian \
8309 --root-password raspberry \
8310 --hostname raspberrypi \
8311 --foreign /usr/bin/qemu-arm-static \
8312 --customize `pwd`/customize \
8314 --package git-core \
8315 --package binutils \
8316 --package ca-certificates \
8319 </pre
></p
>
8321 <p
>The list of packages being installed are the ones needed by
8322 rpi-update to make the image bootable on the Raspberry Pi, with the
8323 exception of netbase, which is needed by debootstrap to find
8324 /etc/hosts with the minbase variant. I really wish there was a way to
8325 set up an Raspberry Pi using only packages in the Debian archive, but
8326 that is not possible as far as I know, because it boots from the GPU
8327 using a non-free binary blob.
</p
>
8329 <p
>The build host need debootstrap, kpartx and qemu-user-static and
8330 probably a few others installed. I have not checked the complete
8331 build dependency list.
</p
>
8333 <p
>The resulting image will not use the hardware floating point unit
8334 on the Raspberry PI, because the armel architecture in Debian is not
8335 optimized for that use. So the images created will be a bit slower
8336 than
<a href=
"http://www.raspbian.org/
">Raspbian
</a
> based images.
</p
>
8341 <title>Good causes: Debian Outreach Program for Women, EFF documenting the spying and Open access in Norway
</title>
8342 <link>https://people.skolelinux.org/pere/blog/Good_causes__Debian_Outreach_Program_for_Women__EFF_documenting_the_spying_and_Open_access_in_Norway.html
</link>
8343 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Good_causes__Debian_Outreach_Program_for_Women__EFF_documenting_the_spying_and_Open_access_in_Norway.html
</guid>
8344 <pubDate>Tue,
15 Oct
2013 21:
30:
00 +
0200</pubDate>
8345 <description><p
>The last few days I came across a few good causes that should get
8346 wider attention. I recommend signing and donating to each one of
8349 <p
>Via
<a href=
"http://www.debian.org/News/weekly/
2013/
18/
">Debian
8350 Project News for
2013-
10-
14</a
> I came across the Outreach Program for
8351 Women program which is a Google Summer of Code like initiative to get
8352 more women involved in free software. One debian sponsor has offered
8353 to match
<a href=
"http://debian.ch/opw2013
">any donation done to Debian
8354 earmarked
</a
> for this initiative. I donated a few minutes ago, and
8355 hope you will to. :)
</p
>
8357 <p
>And the Electronic Frontier Foundation just announced plans to
8358 create
<a href=
"https://supporters.eff.org/donate/nsa-videos
">video
8359 documentaries about the excessive spying
</a
> on every Internet user that
8360 take place these days, and their need to fund the work. I
've already
8361 donated. Are you next?
</p
>
8363 <p
>For my Norwegian audience, the organisation Studentenes og
8364 Akademikernes Internasjonale Hjelpefond is collecting signatures for a
8365 statement under the heading
8366 <a href=
"http://saih.no/Bloggers_United/
">Bloggers United for Open
8367 Access
</a
> for those of us asking for more focus on open access in the
8368 Norwegian government. So far
499 signatures. I hope you will sign it
8374 <title>Videos about the Freedombox project - for inspiration and learning
</title>
8375 <link>https://people.skolelinux.org/pere/blog/Videos_about_the_Freedombox_project___for_inspiration_and_learning.html
</link>
8376 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Videos_about_the_Freedombox_project___for_inspiration_and_learning.html
</guid>
8377 <pubDate>Fri,
27 Sep
2013 14:
10:
00 +
0200</pubDate>
8378 <description><p
>The
<a href=
"http://www.freedomboxfoundation.org/
">Freedombox
8379 project
</a
> have been going on for a while, and have presented the
8380 vision, ideas and solution several places. Here is a little
8381 collection of videos of talks and presentation of the project.
</p
>
8385 <li
><a href=
"http://www.youtube.com/watch?v=ukvUz5taxvA
">FreedomBox -
8386 2,
5 minute marketing film
</a
> (Youtube)
</li
>
8388 <li
><a href=
"http://www.youtube.com/watch?v=SzW25QTVWsE
">Eben Moglen
8389 discusses the Freedombox on CBS news
2011</a
> (Youtube)
</li
>
8391 <li
><a href=
"http://www.youtube.com/watch?v=Ae8SZbxfE0g
">Eben Moglen -
8392 Freedom in the Cloud - Software Freedom, Privacy and and Security for
8393 Web
2.0 and Cloud computing at ISOC-NY Public Meeting
2010</a
>
8394 (Youtube)
</li
>
8396 <li
><a href=
"http://www.youtube.com/watch?v=vNaIji_3xBE
">Fosdem
2011
8397 Keynote by Eben Moglen presenting the Freedombox
</a
> (Youtube)
</li
>
8399 <li
><a href=
"http://www.youtube.com/watch?v=
9bDDUyJSQ9s
">Presentation of
8400 the Freedombox by James Vasile at Elevate in Gratz
2011</a
> (Youtube)
</li
>
8402 <li
><a href=
"http://www.youtube.com/watch?v=zQTmnk27g9s
"> Freedombox -
8403 Discovery, Identity, and Trust by Nick Daly at Freedombox Hackfest New
8404 York City in
2012</a
> (Youtube)
</li
>
8406 <li
><a href=
"http://www.youtube.com/watch?v=tkbSB4Ba7Ck
">Introduction
8407 to the Freedombox at Freedombox Hackfest New York City in
2012</a
>
8408 (Youtube)
</li
>
8410 <li
><a href=
"http://www.youtube.com/watch?v=z-P2Jaeg0aQ
">Freedom, Out
8411 of the Box! by Bdale Garbee at linux.conf.au Ballarat,
2012</a
> (Youtube)
</li
>
8413 <li
><a href=
"https://archive.fosdem.org/
2013/schedule/event/freedombox/
">Freedombox
8414 1.0 by Eben Moglen and Bdale Garbee at Fosdem
2013</a
> (FOSDEM)
</li
>
8416 <li
><a href=
"http://www.youtube.com/watch?v=e1LpYX2zVYg
">What is the
8417 FreedomBox today by Bdale Garbee at Debconf13 in Vaumarcus
8418 2013</a
> (Youtube)
</li
>
8422 <p
>A larger list is available from
8423 <a href=
"https://wiki.debian.org/FreedomBox/TalksAndPresentations
">the
8424 Freedombox Wiki
</a
>.
</p
>
8426 <p
>On other news, I am happy to report that Freedombox based on Debian
8427 Jessie is coming along quite well, and soon both Owncloud and using
8428 Tor should be available for testers of the Freedombox solution. :) In
8429 a few weeks I hope everything needed to test it is included in Debian.
8430 The withsqlite package is already in Debian, and the plinth package is
8431 pending in NEW. The third and vital part of that puzzle is the
8432 metapackage/setup framework, which is still pending an upload. Join
8433 us on
<a href=
"irc://irc.debian.org:
6667/%
23freedombox
">IRC
8434 (#freedombox on irc.debian.org)
</a
> and
8435 <a href=
"http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
">the
8436 mailing list
</a
> if you want to help make this vision come true.
</p
>
8441 <title>Recipe to test the Freedombox project on amd64 or Raspberry Pi
</title>
8442 <link>https://people.skolelinux.org/pere/blog/Recipe_to_test_the_Freedombox_project_on_amd64_or_Raspberry_Pi.html
</link>
8443 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Recipe_to_test_the_Freedombox_project_on_amd64_or_Raspberry_Pi.html
</guid>
8444 <pubDate>Tue,
10 Sep
2013 14:
20:
00 +
0200</pubDate>
8445 <description><p
>I was introduced to the
8446 <a href=
"http://www.freedomboxfoundation.org/
">Freedombox project
</a
>
8447 in
2010, when Eben Moglen presented his vision about serving the need
8448 of non-technical people to keep their personal information private and
8449 within the legal protection of their own homes. The idea is to give
8450 people back the power over their network and machines, and return
8451 Internet back to its intended peer-to-peer architecture. Instead of
8452 depending on a central service, the Freedombox will give everyone
8453 control over their own basic infrastructure.
</p
>
8455 <p
>I
've intended to join the effort since then, but other tasks have
8456 taken priority. But this summers nasty news about the misuse of trust
8457 and privilege exercised by the
"western
" intelligence gathering
8458 communities increased my eagerness to contribute to a point where I
8459 actually started working on the project a while back.
</p
>
8461 <p
>The
<a href=
"https://alioth.debian.org/projects/freedombox/
">initial
8462 Debian initiative
</a
> based on the vision from Eben Moglen, is to
8463 create a simple and cheap Debian based appliance that anyone can hook
8464 up in their home and get access to secure and private services and
8465 communication. The initial deployment platform have been the
8466 <a href=
"http://www.globalscaletechnologies.com/t-dreamplugdetails.aspx
">Dreamplug
</a
>,
8467 which is a piece of hardware I do not own. So to be able to test what
8468 the current Freedombox setup look like, I had to come up with a way to install
8469 it on some hardware I do have access to. I have rewritten the
8470 <a href=
"https://github.com/NickDaly/freedom-maker
">freedom-maker
</a
>
8471 image build framework to use .deb packages instead of only copying
8472 setup into the boot images, and thanks to this rewrite I am able to
8473 set up any machine supported by Debian Wheezy as a Freedombox, using
8474 the previously mentioned deb (and a few support debs for packages
8475 missing in Debian).
</p
>
8477 <p
>The current Freedombox setup consist of a set of bootstrapping
8479 (
<a href=
"https://github.com/petterreinholdtsen/freedombox-setup
">freedombox-setup
</a
>),
8480 and a administrative web interface
8481 (
<a href=
"https://github.com/NickDaly/Plinth
">plinth
</a
> + exmachina +
8482 withsqlite), as well as a privacy enhancing proxy based on
8483 <a href=
"http://packages.qa.debian.org/privoxy
">privoxy
</a
>
8484 (freedombox-privoxy). There is also a web/javascript based XMPP
8485 client (
<a href=
"http://packages.qa.debian.org/jwchat
">jwchat
</a
>)
8486 trying (unsuccessfully so far) to talk to the XMPP server
8487 (
<a href=
"http://packages.qa.debian.org/ejabberd
">ejabberd
</a
>). The
8488 web interface is pluggable, and the goal is to use it to enable OpenID
8489 services, mesh network connectivity, use of TOR, etc, etc. Not much of
8490 this is really working yet, see
8491 <a href=
"https://github.com/NickDaly/freedombox-todos/blob/master/TODO
">the
8492 project TODO
</a
> for links to GIT repositories. Most of the code is
8493 on github at the moment. The HTTP proxy is operational out of the
8494 box, and the admin web interface can be used to add/remove plinth
8495 users. I
've not been able to do anything else with it so far, but
8496 know there are several branches spread around github and other places
8497 with lots of half baked features.
</p
>
8499 <p
>Anyway, if you want to have a look at the current state, the
8500 following recipes should work to give you a test machine to poke
8503 <p
><strong
>Debian Wheezy amd64
</strong
></p
>
8507 <li
>Fetch normal Debian Wheezy installation ISO.
</li
>
8508 <li
>Boot from it, either as CD or USB stick.
</li
>
8509 <li
><p
>Press [tab] on the boot prompt and add this as a boot argument
8510 to the Debian installer:
<p
>
8511 <pre
>url=
<a href=
"http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat
">http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat
</a
></pre
></li
>
8513 <li
>Answer the few language/region/password questions and pick disk to
8514 install on.
</li
>
8516 <li
>When the installation is finished and the machine have rebooted a
8517 few times, your Freedombox is ready for testing.
</li
>
8521 <p
><strong
>Raspberry Pi Raspbian
</strong
></p
>
8525 <li
>Fetch a Raspbian SD card image, create SD card.
</li
>
8526 <li
>Boot from SD card, extend file system to fill the card completely.
</li
>
8527 <li
><p
>Log in and add this to /etc/sources.list:
</p
>
8529 deb
<a href=
"http://www.reinholdtsen.name/freedombox/
">http://www.reinholdtsen.name/freedombox
</a
> wheezy main
8530 </pre
></li
>
8531 <li
><p
>Run this as root:
</p
>
8533 wget -O - http://www.reinholdtsen.name/freedombox/BE1A583D.asc | \
8536 apt-get install freedombox-setup
8537 /usr/lib/freedombox/setup
8538 </pre
></li
>
8539 <li
>Reboot into your freshly created Freedombox.
</li
>
8543 <p
>You can test it on other architectures too, but because the
8544 freedombox-privoxy package is binary, it will only work as intended on
8545 the architectures where I have had time to build the binary and put it
8546 in my APT repository. But do not let this stop you. It is only a
8547 short
"<tt
>apt-get source -b freedombox-privoxy
</tt
>" away. :)
</p
>
8549 <p
>Note that by default Freedombox is a DHCP server on the
8550 192.168.1.0/
24 subnet, so if this is your subnet be careful and turn
8551 off the DHCP server by running
"<tt
>update-rc.d isc-dhcp-server
8552 disable
</tt
>" as root.
</p
>
8554 <p
>Please let me know if this works for you, or if you have any
8555 problems. We gather on the IRC channel
8556 <a href=
"irc://irc.debian.org:
6667/%
23freedombox
">#freedombox
</a
> on
8557 irc.debian.org and the
8558 <a href=
"http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
">project
8559 mailing list
</a
>.
</p
>
8561 <p
>Once you get your freedombox operational, you can visit
8562 <tt
>http://your-host-name:
8001/
</tt
> to see the state of the plint
8563 welcome screen (dead end - do not be surprised if you are unable to
8564 get past it), and next visit
<tt
>http://your-host-name:
8001/help/
</tt
>
8565 to look at the rest of plinth. The default user is
'admin
' and the
8566 default password is
'secret
'.
</p
>
8571 <title>Intel
180 SSD disk with Lenovo firmware can not use Intel firmware
</title>
8572 <link>https://people.skolelinux.org/pere/blog/Intel_180_SSD_disk_with_Lenovo_firmware_can_not_use_Intel_firmware.html
</link>
8573 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Intel_180_SSD_disk_with_Lenovo_firmware_can_not_use_Intel_firmware.html
</guid>
8574 <pubDate>Sun,
18 Aug
2013 14:
00:
00 +
0200</pubDate>
8575 <description><p
>Earlier, I reported about
8576 <a href=
"https://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html
">my
8577 problems using an Intel SSD
520 Series
180 GB disk
</a
>. Friday I was
8578 told by IBM that the original disk should be thrown away. And as
8579 there no longer was a problem if I bricked the firmware, I decided
8580 today to try to install Intel firmware to replace the Lenovo firmware
8581 currently on the disk.
</p
>
8583 <p
>I searched the Intel site for firmware, and found
8584 <a href=
"https://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y
&ProdId=
3472&DwnldID=
18363&ProductFamily=Solid-State+Drives+and+Caching
&ProductLine=Intel%c2%ae+High+Performance+Solid-State+Drive
&ProductProduct=Intel%c2%ae+SSD+
520+Series+(
180GB%
2c+
2.5in+SATA+
6Gb%
2fs%
2c+
25nm%
2c+MLC)
&lang=eng
">issdfut_2.0
.4.iso
</a
>
8585 (aka Intel SATA Solid-State Drive Firmware Update Tool) which
8586 according to the site should contain the latest firmware for SSD
8587 disks. I inserted the broken disk in one of my spare laptops and
8588 booted the ISO from a USB stick. The disk was recognized, but the
8589 program claimed the newest firmware already were installed and refused
8590 to insert any Intel firmware. So no change, and the disk is still
8591 unable to handle write load. :( I guess the only way to get them
8592 working would be if Lenovo releases new firmware. No idea how likely
8593 that is. Anyway, just blogging about this test for completeness. I
8594 got a working Samsung disk, and see no point in spending more time on
8595 the broken disks.
</p
>
8600 <title>How to fix a Thinkpad X230 with a broken
180 GB SSD disk
</title>
8601 <link>https://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html
</link>
8602 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html
</guid>
8603 <pubDate>Wed,
17 Jul
2013 23:
50:
00 +
0200</pubDate>
8604 <description><p
>Today I switched to
8605 <a href=
"https://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html
">my
8606 new laptop
</a
>. I
've previously written about the problems I had with
8607 my new Thinkpad X230, which was delivered with an
8608 <a href=
"https://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html
">180
8609 GB Intel SSD disk with Lenovo firmware
</a
> that did not handle
8610 sustained writes. My hardware supplier have been very forthcoming in
8611 trying to find a solution, and after first trying with another
8612 identical
180 GB disks they decided to send me a
256 GB Samsung SSD
8613 disk instead to fix it once and for all. The Samsung disk survived
8614 the installation of Debian with encrypted disks (filling the disk with
8615 random data during installation killed the first two), and I thus
8616 decided to trust it with my data. I have installed it as a Debian Edu
8617 Wheezy roaming workstation hooked up with my Debian Edu Squeeze main
8618 server at home using Kerberos and LDAP, and will use it as my work
8619 station from now on.
</p
>
8621 <p
>As this is a solid state disk with no moving parts, I believe the
8622 Debian Wheezy default installation need to be tuned a bit to increase
8623 performance and increase life time of the disk. The Linux kernel and
8624 user space applications do not yet adjust automatically to such
8625 environment. To make it easier for my self, I created a draft Debian
8626 package
<tt
>ssd-setup
</tt
> to handle this tuning. The
8627 <a href=
"http://anonscm.debian.org/gitweb/?p=collab-maint/ssd-setup.git
">source
8628 for the ssd-setup package
</a
> is available from collab-maint, and it
8629 is set up to adjust the setup of the machine by just installing the
8630 package. If there is any non-SSD disk in the machine, the package
8631 will refuse to install, as I did not try to write any logic to sort
8632 file systems in SSD and non-SSD file systems.
</p
>
8634 <p
>I consider the package a draft, as I am a bit unsure how to best
8635 set up Debian Wheezy with an SSD. It is adjusted to my use case,
8636 where I set up the machine with one large encrypted partition (in
8637 addition to /boot), put LVM on top of this and set up partitions on
8638 top of this again. See the README file in the package source for the
8639 references I used to pick the settings. At the moment these
8640 parameters are tuned:
</p
>
8644 <li
>Set up cryptsetup to pass TRIM commands to the physical disk
8645 (adding discard to /etc/crypttab)
</li
>
8647 <li
>Set up LVM to pass on TRIM commands to the underlying device (in
8648 this case a cryptsetup partition) by changing issue_discards from
8649 0 to
1 in /etc/lvm/lvm.conf.
</li
>
8651 <li
>Set relatime as a file system option for ext3 and ext4 file
8654 <li
>Tell swap to use TRIM commands by adding
'discard
' to
8655 /etc/fstab.
</li
>
8657 <li
>Change I/O scheduler from cfq to deadline using a udev rule.
</li
>
8659 <li
>Run fstrim on every ext3 and ext4 file system every night (from
8660 cron.daily).
</li
>
8662 <li
>Adjust sysctl values vm.swappiness to
1 and vm.vfs_cache_pressure
8663 to
50 to reduce the kernel eagerness to swap out processes.
</li
>
8667 <p
>During installation, I cancelled the part where the installer fill
8668 the disk with random data, as this would kill the SSD performance for
8669 little gain. My goal with the encrypted file system is to ensure
8670 those stealing my laptop end up with a brick and not a working
8671 computer. I have no hope in keeping the really resourceful people
8672 from getting the data on the disk (see
8673 <a href=
"http://xkcd.com/
538/
">XKCD #
538</a
> for an explanation why).
8674 Thus I concluded that adding the discard option to crypttab is the
8675 right thing to do.
</p
>
8677 <p
>I considered using the noop I/O scheduler, as several recommended
8678 it for SSD, but others recommended deadline and a benchmark I found
8679 indicated that deadline might be better for interactive use.
</p
>
8681 <p
>I also considered using the
'discard
' file system option for ext3
8682 and ext4, but read that it would give a performance hit ever time a
8683 file is removed, and thought it best to that that slowdown once a day
8684 instead of during my work.
</p
>
8686 <p
>My package do not set up tmpfs on /var/run, /var/lock and /tmp, as
8687 this is already done by Debian Edu.
</p
>
8689 <p
>I have not yet started on the user space tuning. I expect
8690 iceweasel need some tuning, and perhaps other applications too, but
8691 have not yet had time to investigate those parts.
</p
>
8693 <p
>The package should work on Ubuntu too, but I have not yet tested it
8696 <p
>As for the answer to the question in the title of this blog post,
8697 as far as I know, the only solution I know about is to replace the
8698 disk. It might be possible to flash it with Intel firmware instead of
8699 the Lenovo firmware. But I have not tried and did not want to do so
8700 without approval from Lenovo as I wanted to keep the warranty on the
8701 disk until a solution was found and they wanted the broken disks
8707 <title>Intel SSD
520 Series
180 GB with Lenovo firmware still lock up from sustained writes
</title>
8708 <link>https://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html
</link>
8709 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html
</guid>
8710 <pubDate>Wed,
10 Jul
2013 13:
30:
00 +
0200</pubDate>
8711 <description><p
>A few days ago, I wrote about
8712 <a href=
"https://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html
">the
8713 problems I experienced with my new X230 and its SSD disk
</a
>, which
8714 was dying during installation because it is unable to cope with
8715 sustained write. My supplier is in contact with
8716 <a href=
"http://www.lenovo.com/
">Lenovo
</a
>, and they wanted to send a
8717 replacement disk to try to fix the problem. They decided to send an
8718 identical model, so my hopes for a permanent fix was slim.
</p
>
8720 <p
>Anyway, today I got the replacement disk and tried to install
8721 Debian Edu Wheezy with encrypted disk on it. The new disk have the
8722 same firmware version as the original. This time my hope raised
8723 slightly as the installation progressed, as the original disk used to
8724 die after
4-
7% of the disk was written to, while this time it kept
8725 going past
10%,
20%,
40% and even past
50%. But around
60%, the disk
8726 died again and I was back on square one. I still do not have a new
8727 laptop with a disk I can trust. I can not live with a disk that might
8728 lock up when I download a new
8729 <a href=
"http://www.skolelinux.org/
">Debian Edu / Skolelinux
</a
> ISO or
8730 other large files. I look forward to hearing from my supplier with
8731 the next proposal from Lenovo.
</p
>
8733 <p
>The original disk is marked Intel SSD
520 Series
180 GB,
8734 11S0C38722Z1ZNME35X1TR, ISN: CVCV321407HB180EGN, SA: G57560302, FW:
8735 LF1i,
29MAY2013, PBA: G39779-
300, LBA
351,
651,
888, LI P/N:
0C38722,
8736 Pb-free
2LI, LC P/N:
16-
200366, WWN:
55CD2E40002756C4, Model:
8737 SSDSC2BW180A3L
2.5" 6Gb/s SATA SSD
180G
5V
1A, ASM P/N
0C38732, FRU
8738 P/N
45N8295, P0C38732.
</p
>
8740 <p
>The replacement disk is marked Intel SSD
520 Series
180 GB,
8741 11S0C38722Z1ZNDE34N0L0, ISN: CVCV315306RK180EGN, SA: G57560-
302, FW:
8742 LF1i,
22APR2013, PBA: G39779-
300, LBA
351,
651,
888, LI P/N:
0C38722,
8743 Pb-free
2LI, LC P/N:
16-
200366, WWN:
55CD2E40000AB69E, Model:
8744 SSDSC2BW180A3L
2.5" 6Gb/s SATA SSD
180G
5V
1A, ASM P/N
0C38732, FRU
8745 P/N
45N8295, P0C38732.
</p
>
8747 <p
>The only difference is in the first number (serial number?), ISN,
8748 SA, date and WNPP values. Mentioning all the details here in case
8749 someone is able to use the information to find a way to identify the
8750 failing disk among working ones (if any such working disk actually
8756 <title>July
13th: Debian/Ubuntu BSP and Skolelinux/Debian Edu developer gathering in Oslo
</title>
8757 <link>https://people.skolelinux.org/pere/blog/July_13th__Debian_Ubuntu_BSP_and_Skolelinux_Debian_Edu_developer_gathering_in_Oslo.html
</link>
8758 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/July_13th__Debian_Ubuntu_BSP_and_Skolelinux_Debian_Edu_developer_gathering_in_Oslo.html
</guid>
8759 <pubDate>Tue,
9 Jul
2013 10:
40:
00 +
0200</pubDate>
8760 <description><p
>The upcoming Saturday,
2013-
07-
13, we are organising a combined
8761 Debian Edu developer gathering and Debian and Ubuntu bug squashing
8762 party in Oslo. It is organised by
<a href=
"http://www.nuug.no/
">the
8763 member assosiation NUUG
</a
> and
8764 <a href=
"http://www.skolelinux.org/
">the Debian Edu / Skolelinux
8765 project
</a
> together with
<a href=
"http://bitraf.no/
">the hack space
8766 Bitraf
</a
>.
</p
>
8768 <p
>It starts
10:
00 and continue until late evening. Everyone is
8769 welcome, and there is no fee to participate. There is on the other
8770 hand limited space, and only room for
30 people. Please put your name
8771 on
<a href=
"http://wiki.debian.org/BSP/
2013/
07/
13/no/Oslo
">the event
8772 wiki page
</a
> if you plan to join us.
</p
>
8777 <title>The Thinkpad is dead, long live the Thinkpad X230?
</title>
8778 <link>https://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html
</link>
8779 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html
</guid>
8780 <pubDate>Fri,
5 Jul
2013 08:
30:
00 +
0200</pubDate>
8781 <description><p
>Half a year ago, I reported that I had to find a
8782 <a href=
"https://people.skolelinux.org/pere/blog/Thank_you_Thinkpad_X41__for_your_long_and_trustworthy_service.html
">replacement
8783 for my trusty old Thinkpad X41
</a
>. Unfortunately I did not have much
8784 time to spend on it, and it took a while to find a model I believe
8785 will do the job, but two days ago the replacement finally arrived. I
8787 <a href=
"http://www.linlap.com/lenovo_thinkpad_x230
">Thinkpad X230
</a
>
8788 with SSD disk (NZDAJMN). I first test installed Debian Edu Wheezy as
8789 a roaming workstation, and it seemed to work flawlessly. But my
8790 second installation with encrypted disk was not as successful. More
8791 on that below.
</p
>
8793 <p
>I had a hard time trying to track down a good laptop, as my most
8794 important requirements (robust and with a good keyboard) are never
8795 listed in the feature list. But I did get good help from the search
8796 feature at
<a href=
"http://www.prisjakt.no/
">Prisjakt
</a
>, which
8797 allowed me to limit the list of interesting laptops based on my other
8798 requirements. A bit surprising that SSD disk are not disks according
8799 to that search interface, so I had to drop specifying the number of
8800 disks from my search parameters. I also asked around among friends to
8801 get their impression on keyboards and robustness.
</p
>
8803 <p
>So the new laptop arrived, and it is quite a lot wider than the
8804 X41. I am not quite convinced about the keyboard, as it is
8805 significantly wider than my old keyboard, and I have to stretch my
8806 hand a lot more to reach the edges. But the key response is fairly
8807 good and the individual key shape is fairly easy to handle, so I hope
8808 I will get used to it. My old X40 was starting to fail, and I really
8809 needed a new laptop now. :)
</p
>
8811 <p
>Turning off the touch pad was simple. All it took was a quick
8812 visit to the BIOS during boot it disable it.
</p
>
8814 <p
>But there is a fatal problem with the laptop. The
180 GB SSD disk
8815 lock up during load. And this happen when installing Debian Wheezy
8816 with encrypted disk, while the disk is being filled with random data.
8817 I also tested to install Ubuntu Raring, and it happen there too if I
8818 reenable the code to fill the disk with random data (it is disabled by
8819 default in Ubuntu). And the bug with is already known. It was
8820 reported to Debian as
<a href=
"http://bugs.debian.org/
691427">BTS
8821 report #
691427 2012-
10-
25</a
> (journal commit I/O error on brand-new
8822 Thinkpad T430s ext4 on lvm on SSD). It is also reported to the Linux
8823 kernel developers as
8824 <a href=
"https://bugzilla.kernel.org/show_bug.cgi?id=
51861">Kernel bugzilla
8825 report #
51861 2012-
12-
20</a
> (Intel SSD
520 stops working under load
8826 (SSDSC2BW180A3L in Lenovo ThinkPad T430s)). It is also reported on the
8827 Lenovo forums, both for
8828 <a href=
"http://forums.lenovo.com/t5/T400-T500-and-newer-T-series/T430s-Intel-SSD-
520-
180GB-issue/m-p/
1070549">T430
8829 2012-
11-
10</a
> and for
8830 <a href=
"http://forums.lenovo.com/t5/X-Series-ThinkPad-Laptops/x230-SATA-errors-with-
180GB-Intel-
520-SSD-under-heavy-write-load/m-p/
1068147">X230
8831 03-
20-
2013</a
>. The problem do not only affect installation. The
8832 reports state that the disk lock up during use if many writes are done
8833 on the disk, so it is much no use to work around the installation
8834 problem and end up with a computer that can lock up at any moment.
8836 <a href=
"https://git.efficios.com/?p=test-ssd.git
">small C program
8837 available
</a
> that will lock up the hard drive after running a few
8838 minutes by writing to a file.
</p
>
8840 <p
>I
've contacted my supplier and asked how to handle this, and after
8841 contacting PCHELP Norway (request
01D1FDP) which handle support
8842 requests for Lenovo, his first suggestion was to upgrade the disk
8843 firmware. Unfortunately there is no newer firmware available from
8844 Lenovo, as my disk already have the most recent one (version LF1i). I
8845 hope to hear more from him today and hope the problem can be
8851 <title>The Thinkpad is dead, long live the Thinkpad X230
</title>
8852 <link>https://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230.html
</link>
8853 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230.html
</guid>
8854 <pubDate>Thu,
4 Jul
2013 09:
20:
00 +
0200</pubDate>
8855 <description><p
>Half a year ago, I reported that I had to find a replacement for my
8856 trusty old Thinkpad X41. Unfortunately I did not have much time to
8857 spend on it, but today the replacement finally arrived. I ended up
8858 picking a
<a href=
"http://www.linlap.com/lenovo_thinkpad_x230
">Thinkpad
8859 X230
</a
> with SSD disk (NZDAJMN). I first test installed Debian Edu
8860 Wheezy as a roaming workstation, and it worked flawlessly. As I write
8861 this, it is installing what I hope will be a more final installation,
8862 with a encrypted hard drive to ensure any dope head stealing it end up
8863 with an expencive door stop.
</p
>
8865 <p
>I had a hard time trying to track down a good laptop, as my most
8866 important requirements (robust and with a good keyboard) are never
8867 listed in the feature list. But I did get good help from the search
8868 feature at
<ahref=
"http://www.prisjakt.no/
">Prisjakt
</a
>, which
8869 allowed me to limit the list of interesting laptops based on my other
8870 requirements. A bit surprising that SSD disk are not disks, so I had
8871 to drop number of disks from my search parameters.
</p
>
8873 <p
>I am not quite convinced about the keyboard, as it is significantly
8874 wider than my old keyboard, and I have to stretch my hand a lot more
8875 to reach the edges. But the key response is fairly good and the
8876 individual key shape is fairly easy to handle, so I hope I will get
8877 used to it. My old X40 was starting to fail, and I really needed a
8878 new laptop now. :)
</p
>
8880 <p
>I look forward to figuring out how to turn off the touch pad.
</p
>
8885 <title>Automatically locate and install required firmware packages on Debian (Isenkram
0.4)
</title>
8886 <link>https://people.skolelinux.org/pere/blog/Automatically_locate_and_install_required_firmware_packages_on_Debian__Isenkram_0_4_.html
</link>
8887 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Automatically_locate_and_install_required_firmware_packages_on_Debian__Isenkram_0_4_.html
</guid>
8888 <pubDate>Tue,
25 Jun
2013 11:
50:
00 +
0200</pubDate>
8889 <description><p
>It annoys me when the computer fail to do automatically what it is
8890 perfectly capable of, and I have to do it manually to get things
8891 working. One such task is to find out what firmware packages are
8892 needed to get the hardware on my computer working. Most often this
8893 affect the wifi card, but some times it even affect the RAID
8894 controller or the ethernet card. Today I pushed version
0.4 of the
8895 <a href=
"http://packages.qa.debian.org/isenkram
">Isenkram package
</a
>
8896 including a new script isenkram-autoinstall-firmware handling the
8897 process of asking all the loaded kernel modules what firmware files
8898 they want, find debian packages providing these files and install the
8899 debian packages. Here is a test run on my laptop:
</p
>
8901 <p
><pre
>
8902 # isenkram-autoinstall-firmware
8903 info: kernel drivers requested extra firmware: ipw2200-bss.fw ipw2200-ibss.fw ipw2200-sniffer.fw
8904 info: fetching http://http.debian.net/debian/dists/squeeze/Contents-i386.gz
8905 info: locating packages with the requested firmware files
8906 info: Updating APT sources after adding non-free APT source
8907 info: trying to install firmware-ipw2x00
8910 Preconfiguring packages ...
8911 Selecting previously deselected package firmware-ipw2x00.
8912 (Reading database ...
259727 files and directories currently installed.)
8913 Unpacking firmware-ipw2x00 (from .../firmware-ipw2x00_0.28+squeeze1_all.deb) ...
8914 Setting up firmware-ipw2x00 (
0.28+squeeze1) ...
8916 </pre
></p
>
8918 <p
>When all the requested firmware is present, a simple message is
8919 printed instead:
</p
>
8921 <p
><pre
>
8922 # isenkram-autoinstall-firmware
8923 info: did not find any firmware files requested by loaded kernel modules. exiting
8925 </pre
></p
>
8927 <p
>It could use some polish, but it is already working well and saving
8928 me some time when setting up new machines. :)
</p
>
8930 <p
>So, how does it work? It look at the set of currently loaded
8931 kernel modules, and look up each one of them using modinfo, to find
8932 the firmware files listed in the module meta-information. Next, it
8933 download the Contents file from a nearby APT mirror, and search for
8934 the firmware files in this file to locate the package with the
8935 requested firmware file. If the package is in the non-free section, a
8936 non-free APT source is added and the package is installed using
8937 <tt
>apt-get install
</tt
>. The end result is a slightly better working
8940 <p
>I hope someone find time to implement a more polished version of
8941 this script as part of the hw-detect debian-installer module, to
8942 finally fix
<a href=
"http://bugs.debian.org/
655507">BTS report
8943 #
655507</a
>. There really is no need to insert USB sticks with
8944 firmware during a PXE install when the packages already are available
8945 from the nearby Debian mirror.
</p
>
8950 <title>Fixing the Linux black screen of death on machines with Intel HD video
</title>
8951 <link>https://people.skolelinux.org/pere/blog/Fixing_the_Linux_black_screen_of_death_on_machines_with_Intel_HD_video.html
</link>
8952 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Fixing_the_Linux_black_screen_of_death_on_machines_with_Intel_HD_video.html
</guid>
8953 <pubDate>Tue,
11 Jun
2013 11:
00:
00 +
0200</pubDate>
8954 <description><p
>When installing RedHat, Fedora, Debian and Ubuntu on some machines,
8955 the screen just turn black when Linux boot, either during installation
8956 or on first boot from the hard disk. I
've seen it once in a while the
8957 last few years, but only recently understood the cause. I
've seen it
8958 on HP laptops, and on my latest acquaintance the Packard Bell laptop.
8959 The reason seem to be in the wiring of some laptops. The system to
8960 control the screen background light is inverted, so when Linux try to
8961 turn the brightness fully on, it end up turning it off instead. I do
8962 not know which Linux drivers are affected, but this post is about the
8963 i915 driver used by the
8964 <a href=
"http://www.linlap.com/packard_bell_easynote_lv
">Packard Bell
8965 EasyNote LV
</a
>, Thinkpad X40 and many other laptops.
</p
>
8967 <p
>The problem can be worked around two ways. Either by adding
8968 i915.invert_brightness=
1 as a kernel option, or by adding a file in
8969 /etc/modprobe.d/ to tell modprobe to add the invert_brightness=
1
8970 option when it load the i915 kernel module. On Debian and Ubuntu, it
8971 can be done by running these commands as root:
</p
>
8974 echo options i915 invert_brightness=
1 | tee /etc/modprobe.d/i915.conf
8975 update-initramfs -u -k all
8978 <p
>Since March
2012 there is
8979 <a href=
"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=
4dca20efb1a9c2efefc28ad2867e5d6c3f5e1955
">a
8980 mechanism in the Linux kernel
</a
> to tell the i915 driver which
8981 hardware have this problem, and get the driver to invert the
8982 brightness setting automatically. To use it, one need to add a row in
8983 <a href=
"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/drivers/gpu/drm/i915/intel_display.c
">the
8984 intel_quirks array
</a
> in the driver source
8985 <tt
>drivers/gpu/drm/i915/intel_display.c
</tt
> (look for
"<tt
>static
8986 struct intel_quirk intel_quirks
</tt
>"), specifying the PCI device
8987 number (vendor number
8086 is assumed) and subdevice vendor and device
8990 <p
>My Packard Bell EasyNote LV got this output from
<tt
>lspci
8991 -vvnn
</tt
> for the video card in question:
</p
>
8993 <p
><pre
>
8994 00:
02.0 VGA compatible controller [
0300]: Intel Corporation \
8995 3rd Gen Core processor Graphics Controller [
8086:
0156] \
8996 (rev
09) (prog-if
00 [VGA controller])
8997 Subsystem: Acer Incorporated [ALI] Device [
1025:
0688]
8998 Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- \
8999 ParErr- Stepping- SE RR- FastB2B- DisINTx+
9000 Status: Cap+
66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast
>TAbort- \
9001 <TAbort-
<MAbort-
>SERR-
<PERR- INTx-
9003 Interrupt: pin A routed to IRQ
42
9004 Region
0: Memory at c2000000 (
64-bit, non-prefetchable) [size=
4M]
9005 Region
2: Memory at b0000000 (
64-bit, prefetchable) [size=
256M]
9006 Region
4: I/O ports at
4000 [size=
64]
9007 Expansion ROM at
<unassigned
> [disabled]
9008 Capabilities:
<access denied
>
9009 Kernel driver in use: i915
9010 </pre
></p
>
9012 <p
>The resulting intel_quirks entry would then look like this:
</p
>
9014 <p
><pre
>
9015 struct intel_quirk intel_quirks[] = {
9017 /* Packard Bell EasyNote LV11HC needs invert brightness quirk */
9018 {
0x0156,
0x1025,
0x0688, quirk_invert_brightness },
9021 </pre
></p
>
9023 <p
>According to the kernel module instructions (as seen using
9024 <tt
>modinfo i915
</tt
>), information about hardware needing the
9025 invert_brightness flag should be sent to the
9026 <a href=
"http://lists.freedesktop.org/mailman/listinfo/dri-devel
">dri-devel
9027 (at) lists.freedesktop.org
</a
> mailing list to reach the kernel
9028 developers. But my email about the laptop sent
2013-
06-
03 have not
9030 <a href=
"http://lists.freedesktop.org/archives/dri-devel/
2013-June/thread.html
">the
9031 web archive for the mailing list
</a
>, so I suspect they do not accept
9032 emails from non-subscribers. Because of this, I sent my patch also to
9033 the Debian bug tracking system instead as
9034 <a href=
"http://bugs.debian.org/
710938">BTS report #
710938</a
>, to make
9035 sure the patch is not lost.
</p
>
9037 <p
>Unfortunately, it is not enough to fix the kernel to get Laptops
9038 with this problem working properly with Linux. If you use Gnome, your
9039 worries should be over at this point. But if you use KDE, there is
9040 something in KDE ignoring the invert_brightness setting and turning on
9041 the screen during login. I
've reported it to Debian as
9042 <a href=
"http://bugs.debian.org/
711237">BTS report #
711237</a
>, and
9043 have no idea yet how to figure out exactly what subsystem is doing
9044 this. Perhaps you can help? Perhaps you know what the Gnome
9045 developers did to handle this, and this can give a clue to the KDE
9046 developers? Or you know where in KDE the screen brightness is changed
9047 during login? If so, please update the BTS report (or get in touch if
9048 you do not know how to update BTS).
</p
>
9050 <p
>Update
2013-
07-
19: The correct fix for this machine seem to be
9051 acpi_backlight=vendor, to disable ACPI backlight support completely,
9052 as the ACPI information on the machine is trash and it is better to
9053 leave it to the intel video driver to control the screen
9054 backlight.
</p
>
9059 <title>How to install Linux on a Packard Bell Easynote LV preinstalled with Windows
8</title>
9060 <link>https://people.skolelinux.org/pere/blog/How_to_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8.html
</link>
9061 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/How_to_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8.html
</guid>
9062 <pubDate>Mon,
27 May
2013 15:
20:
00 +
0200</pubDate>
9063 <description><p
>Two days ago, I asked
9064 <a href=
"https://people.skolelinux.org/pere/blog/How_can_I_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8_.html
">how
9065 I could install Linux on a Packard Bell EasyNote LV computer
9066 preinstalled with Windows
8</a
>. I found a solution, but am horrified
9067 with the obstacles put in the way of Linux users on a laptop with UEFI
9068 and Windows
8.
</p
>
9070 <p
>I never found out if the cause of my problems were the use of UEFI
9071 secure booting or fast boot. I suspect fast boot was the problem,
9072 causing the firmware to boot directly from HD without considering any
9073 key presses and alternative devices, but do not know UEFI settings
9074 enough to tell.
</p
>
9076 <p
>There is no way to install Linux on the machine in question without
9077 opening the box and disconnecting the hard drive! This is as far as I
9078 can tell, the only way to get access to the firmware setup menu
9079 without accepting the Windows
8 license agreement. I am told (and
9080 found description on how to) that it is possible to configure the
9081 firmware setup once booted into Windows
8. But as I believe the terms
9082 of that agreement are completely unacceptable, accepting the license
9083 was never an alternative. I do not enter agreements I do not intend
9084 to follow.
</p
>
9086 <p
>I feared I had to return the laptops and ask for a refund, and
9087 waste many hours on this, but luckily there was a way to get it to
9088 work. But I would not recommend it to anyone planning to run Linux on
9089 it, and I have become sceptical to Windows
8 certified laptops. Is
9090 this the way Linux will be forced out of the market place, by making
9091 it close to impossible for
"normal
" users to install Linux without
9092 accepting the Microsoft Windows license terms? Or at least not
9093 without risking to loose the warranty?
</p
>
9095 <p
>I
've updated the
9096 <a href=
"http://www.linlap.com/packard_bell_easynote_lv
">Linux Laptop
9097 wiki page for Packard Bell EasyNote LV
</a
>, to ensure the next person
9098 do not have to struggle as much as I did to get Linux into the
9101 <p
>Thanks to Bob Rosbag, Florian Weimer, Philipp Kern, Ben Hutching,
9102 Michael Tokarev and others for feedback and ideas.
</p
>
9107 <title>How can I install Linux on a Packard Bell Easynote LV preinstalled with Windows
8?
</title>
9108 <link>https://people.skolelinux.org/pere/blog/How_can_I_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8_.html
</link>
9109 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/How_can_I_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8_.html
</guid>
9110 <pubDate>Sat,
25 May
2013 18:
20:
00 +
0200</pubDate>
9111 <description><p
>I
've run into quite a problem the last few days. I bought three
9112 new laptops for my parents and a few others. I bought Packard Bell
9113 Easynote LV to run Kubuntu on and use as their home computer. But I
9114 am completely unable to figure out how to install Linux on it. The
9115 computer is preinstalled with Windows
8, and I suspect it uses UEFI
9116 instead of a BIOS to boot.
</p
>
9118 <p
>The problem is that I am unable to get it to PXE boot, and unable
9119 to get it to boot the Linux installer from my USB stick. I have yet
9120 to try the DVD install, and still hope it will work. when I turn on
9121 the computer, there is no information on what buttons to press to get
9122 the normal boot menu. I expect to get some boot menu to select PXE or
9123 USB stick booting. When booting, it first ask for the language to
9124 use, then for some regional settings, and finally if I will accept the
9125 Windows
8 terms of use. As these terms are completely unacceptable to
9126 me, I have no other choice but to turn off the computer and try again
9127 to get it to boot the Linux installer.
</p
>
9129 <p
>I have gathered my findings so far on a Linlap page about the
9130 <a href=
"http://www.linlap.com/packard_bell_easynote_lv
">Packard Bell
9131 EasyNote LV
</a
> model. If you have any idea how to get Linux
9132 installed on this machine, please get in touch or update that wiki
9133 page. If I can
't find a way to install Linux, I will have to return
9134 the laptop to the seller and find another machine for my parents.
</p
>
9136 <p
>I wonder, is this the way Linux will be forced out of the market
9137 using UEFI and
"secure boot
" by making it impossible to install Linux
9138 on new Laptops?
</p
>
9143 <title>How to transform a Debian based system to a Debian Edu installation
</title>
9144 <link>https://people.skolelinux.org/pere/blog/How_to_transform_a_Debian_based_system_to_a_Debian_Edu_installation.html
</link>
9145 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/How_to_transform_a_Debian_based_system_to_a_Debian_Edu_installation.html
</guid>
9146 <pubDate>Fri,
17 May
2013 11:
50:
00 +
0200</pubDate>
9147 <description><p
><a href=
"http://www.skolelinux.org/
">Debian Edu / Skolelinux
</a
> is
9148 an operating system based on Debian intended for use in schools. It
9149 contain a turn-key solution for the computer network provided to
9150 pupils in the primary schools. It provide both the central server,
9151 network boot servers and desktop environments with heaps of
9152 educational software. The project was founded almost
12 years ago,
9153 2001-
07-
02. If you want to support the project, which is in need for
9154 cash to fund developer gatherings and other project related activity,
9155 <a href=
"http://www.linuxiskolen.no/slxdebianlabs/donations.html
">please
9156 donate some money
</a
>.
9158 <p
>A topic that come up again and again on the Debian Edu mailing
9159 lists and elsewhere, is the question on how to transform a Debian or
9160 Ubuntu installation into a Debian Edu installation. It isn
't very
9161 hard, and last week I wrote a script to replicate the steps done by
9162 the Debian Edu installer.
</p
>
9164 <p
>The script,
9165 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/branches/wheezy/debian-edu-config/share/debian-edu-config/tools/debian-edu-bless?view=markup
">debian-edu-bless
<a/
>
9166 in the debian-edu-config package, will go through these six steps and
9167 transform an existing Debian Wheezy or Ubuntu (untested) installation
9168 into a Debian Edu Workstation:
</p
>
9172 <li
>Add skolelinux related APT sources.
</li
>
9173 <li
>Create /etc/debian-edu/config with the wanted configuration.
</li
>
9174 <li
>Install debian-edu-install to load preseeding values and pull in
9175 our configuration.
</li
>
9176 <li
>Preseed debconf database with profile setup in
9177 /etc/debian-edu/config, and run tasksel to install packages
9178 according to the profile specified in the config above,
9179 overriding some of the Debian automation machinery.
</li
>
9180 <li
>Run debian-edu-cfengine-D installation to configure everything
9181 that could not be done using preseeding.
</li
>
9182 <li
>Ask for a reboot to enable all the configuration changes.
</li
>
9186 <p
>There are some steps in the Debian Edu installation that can not be
9187 replicated like this. Disk partitioning and LVM setup, for example.
9188 So this script just assume there is enough disk space to install all
9189 the needed packages.
</p
>
9191 <p
>The script was created to help a Debian Edu student working on
9192 setting up
<a href=
"http://www.raspberrypi.org
">Raspberry Pi
</a
> as a
9193 Debian Edu client, and using it he can take the existing
9194 <a href=
"http://www.raspbian.org/FrontPage
">Raspbian
</a
> installation and
9195 transform it into a fully functioning Debian Edu Workstation (or
9196 Roaming Workstation, or whatever :).
</p
>
9198 <p
>The default setting in the script is to create a KDE Workstation.
9199 If a LXDE based Roaming workstation is wanted instead, modify the
9200 PROFILE and DESKTOP values at the top to look like this instead:
</p
>
9202 <p
><pre
>
9203 PROFILE=
"Roaming-Workstation
"
9204 DESKTOP=
"lxde
"
9205 </pre
></p
>
9207 <p
>The script could even become useful to set up Debian Edu servers in
9208 the cloud, by starting with a virtual Debian installation at some
9209 virtual hosting service and setting up all the services on first
9215 <title>Debian, the Linux distribution of choice for LEGO designers?
</title>
9216 <link>https://people.skolelinux.org/pere/blog/Debian__the_Linux_distribution_of_choice_for_LEGO_designers_.html
</link>
9217 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Debian__the_Linux_distribution_of_choice_for_LEGO_designers_.html
</guid>
9218 <pubDate>Sat,
11 May
2013 20:
30:
00 +
0200</pubDate>
9219 <description><P
>In January,
9220 <a href=
"https://people.skolelinux.org/pere/blog/New_IRC_channel_for_LEGO_designers_using_Debian.html
">I
9221 announced a
</a
> new
<a href=
"irc://irc.debian.org/%
23debian-lego
">IRC
9222 channel #debian-lego
</a
>, for those of us in the Debian and Linux
9223 community interested in
<a href=
"http://www.lego.com/
">LEGO
</a
>, the
9224 marvellous construction system from Denmark. We also created
9225 <a href=
"http://wiki.debian.org/LegoDesigners
">a wiki page
</a
> to have
9226 a place to take notes and write down our plans and hopes. And several
9227 people showed up to help. I was very happy to see the effect of my
9228 call. Since the small start, we have a debtags tag
9229 <a href=
"http://debtags.debian.net/search/bytag?wl=hardware::hobby:lego
">hardware::hobby:lego
</a
>
9230 tag for LEGO related packages, and now count
10 packages related to
9231 LEGO and
<a href=
"http://mindstorms.lego.com/
">Mindstorms
</a
>:
</p
>
9233 <p
><table
>
9234 <tr
><td
><a href=
"http://packages.qa.debian.org/brickos
">brickos
</a
></td
><td
>alternative OS for LEGO Mindstorms RCX. Supports development in C/C++
</td
></tr
>
9235 <tr
><td
><a href=
"http://packages.qa.debian.org/leocad
">leocad
</a
></td
><td
>virtual brick CAD software
</td
></tr
>
9236 <tr
><td
><a href=
"http://packages.qa.debian.org/libnxt
">libnxt
</a
></td
><td
>utility library for talking to the LEGO Mindstorms NX
</td
></tr
>
9237 <tr
><td
><a href=
"http://packages.qa.debian.org/lnpd
">lnpd
</a
></td
><td
>daemon for LNP communication with BrickOS
</td
></tr
>
9238 <tr
><td
><a href=
"http://packages.qa.debian.org/nbc
">nbc
</a
></td
><td
>compiler for LEGO Mindstorms NXT bricks
</td
></tr
>
9239 <tr
><td
><a href=
"http://packages.qa.debian.org/nqc
">nqc
</a
></td
><td
>Not Quite C compiler for LEGO Mindstorms RCX
</td
></tr
>
9240 <tr
><td
><a href=
"http://packages.qa.debian.org/python-nxt
">python-nxt
</a
></td
><td
>python driver/interface/wrapper for the Lego Mindstorms NXT robot
</td
></tr
>
9241 <tr
><td
><a href=
"http://packages.qa.debian.org/python-nxt-filer
">python-nxt-filer
</a
></td
><td
>simple GUI to manage files on a LEGO Mindstorms NXT
</td
></tr
>
9242 <tr
><td
><a href=
"http://packages.qa.debian.org/scratch
">scratch
</a
></td
><td
>easy to use programming environment for ages
8 and up
</td
></tr
>
9243 <tr
><td
><a href=
"http://packages.qa.debian.org/t2n
">t2n
</a
></td
><td
>simple command-line tool for Lego NXT
</td
></tr
>
9244 </table
></p
>
9246 <p
>Some of these are available in Wheezy, and all but one are
9247 currently available in Jessie/testing. leocad is so far only
9248 available in experimental.
</p
>
9250 <p
>If you care about LEGO in Debian, please join us on IRC and help
9251 adding the rest of the great free software tools available on Linux
9252 for LEGO designers.
</p
>
9257 <title>Debian Wheezy is out - and Debian Edu / Skolelinux should soon follow! #newinwheezy
</title>
9258 <link>https://people.skolelinux.org/pere/blog/Debian_Wheezy_is_out___and_Debian_Edu___Skolelinux_should_soon_follow___newinwheezy.html
</link>
9259 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Debian_Wheezy_is_out___and_Debian_Edu___Skolelinux_should_soon_follow___newinwheezy.html
</guid>
9260 <pubDate>Sun,
5 May
2013 07:
40:
00 +
0200</pubDate>
9261 <description><p
>When I woke up this morning, I was very happy to see that the
9262 <a href=
"http://www.debian.org/News/
2013/
20130504">release announcement
9263 for Debian Wheezy
</a
> was waiting in my mail box. This is a great
9264 Debian release, and I expect to move my machines at home over to it fairly
9267 <p
>The new debian release contain heaps of new stuff, and one program
9268 in particular make me very happy to see included. The
9269 <a href=
"http://scratch.mit.edu/
">Scratch
</a
> program, made famous by
9270 the
<a href=
"http://www.code.org/
">Teach kids code
</a
> movement, is
9271 included for the first time. Alongside similar programs like
9272 <a href=
"http://edu.kde.org/kturtle/
">kturtle
</a
> and
9273 <a href=
"http://wiki.sugarlabs.org/go/Activities/Turtle_Art
">turtleart
</a
>,
9274 it allow for visual programming where syntax errors can not happen,
9275 and a friendly programming environment for learning to control the
9276 computer. Scratch will also be included in the next release of Debian
9279 <p
>And now that Wheezy is wrapped up, we can wrap up the next Debian
9280 Edu/Skolelinux release too. The
9281 <a href=
"http://lists.debian.org/debian-edu/
2013/
04/msg00132.html
">first
9282 alpha release
</a
> went out last week, and the next should soon
9288 <title>Isenkram
0.2 finally in the Debian archive
</title>
9289 <link>https://people.skolelinux.org/pere/blog/Isenkram_0_2_finally_in_the_Debian_archive.html
</link>
9290 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Isenkram_0_2_finally_in_the_Debian_archive.html
</guid>
9291 <pubDate>Wed,
3 Apr
2013 23:
40:
00 +
0200</pubDate>
9292 <description><p
>Today the
<a href=
"http://packages.qa.debian.org/isenkram
">Isenkram
9293 package
</a
> finally made it into the archive, after lingering in NEW
9294 for many months. I uploaded it to the Debian experimental suite
9295 2013-
01-
27, and today it was accepted into the archive.
</p
>
9297 <p
>Isenkram is a system for suggesting to users what packages to
9298 install to work with a pluggable hardware device. The suggestion pop
9299 up when the device is plugged in. For example if a Lego Mindstorm NXT
9300 is inserted, it will suggest to install the program needed to program
9301 the NXT controller. Give it a go, and report bugs and suggestions to
9307 <title>Bitcoin GUI now available from Debian/unstable (and Ubuntu/raring)
</title>
9308 <link>https://people.skolelinux.org/pere/blog/Bitcoin_GUI_now_available_from_Debian_unstable__and_Ubuntu_raring_.html
</link>
9309 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Bitcoin_GUI_now_available_from_Debian_unstable__and_Ubuntu_raring_.html
</guid>
9310 <pubDate>Sat,
2 Feb
2013 09:
00:
00 +
0100</pubDate>
9311 <description><p
>My
9312 <a href=
"https://people.skolelinux.org/pere/blog/How_to_backport_bitcoin_qt_version_0_7_2_2_to_Debian_Squeeze.html
">last
9313 bitcoin related blog post
</a
> mentioned that the new
9314 <a href=
"http://packages.qa.debian.org/bitcoin
">bitcoin package
</a
> for
9315 Debian was waiting in NEW. It was accepted by the Debian ftp-masters
9316 2013-
01-
19, and have been available in unstable since then. It was
9317 automatically copied to Ubuntu, and is available in their Raring
9318 version too.
</p
>
9320 <p
>But there is a strange problem with the build that block this new
9321 version from being available on the i386 and kfreebsd-i386
9322 architectures. For some strange reason, the autobuilders in Debian
9323 for these architectures fail to run the test suite on these
9324 architectures (
<a href=
"http://bugs.debian.org/
672524">BTS #
672524</a
>).
9325 We are so far unable to reproduce it when building it manually, and
9326 no-one have been able to propose a fix. If you got an idea what is
9327 failing, please let us know via the BTS.
</p
>
9329 <p
>One feature that is annoying me with of the bitcoin client, because
9330 I often run low on disk space, is the fact that the client will exit
9331 if it run short on space (
<a href=
"http://bugs.debian.org/
696715">BTS
9332 #
696715</a
>). So make sure you have enough disk space when you run
9335 <p
>As usual, if you use bitcoin and want to show your support of my
9336 activities, please send Bitcoin donations to my address
9337 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
9342 <title>Welcome to the world, Isenkram!
</title>
9343 <link>https://people.skolelinux.org/pere/blog/Welcome_to_the_world__Isenkram_.html
</link>
9344 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Welcome_to_the_world__Isenkram_.html
</guid>
9345 <pubDate>Tue,
22 Jan
2013 22:
00:
00 +
0100</pubDate>
9346 <description><p
>Yesterday, I
9347 <a href=
"https://people.skolelinux.org/pere/blog/First_prototype_ready_making_hardware_easier_to_use_in_Debian.html
">asked
9348 for testers
</a
> for my prototype for making Debian better at handling
9349 pluggable hardware devices, which I
9350 <a href=
"https://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
">set
9351 out to create
</a
> earlier this month. Several valuable testers showed
9352 up, and caused me to really want to to open up the development to more
9353 people. But before I did this, I want to come up with a sensible name
9354 for this project. Today I finally decided on a new name, and I have
9355 renamed the project from hw-support-handler to this new name. In the
9356 process, I moved the source to git and made it available as a
9357 <a href=
"http://anonscm.debian.org/gitweb/?p=collab-maint/isenkram.git
">collab-maint
</a
>
9358 repository in Debian. The new name? It is
<strong
>Isenkram
</strong
>.
9359 To fetch and build the latest version of the source, use
</p
>
9362 git clone http://anonscm.debian.org/git/collab-maint/isenkram.git
9363 cd isenkram
&& git-buildpackage -us -uc
9366 <p
>I have not yet adjusted all files to use the new name yet. If you
9367 want to hack on the source or improve the package, please go ahead.
9368 But please talk to me first on IRC or via email before you do major
9369 changes, to make sure we do not step on each others toes. :)
</p
>
9371 <p
>If you wonder what
'isenkram
' is, it is a Norwegian word for iron
9372 stuff, typically meaning tools, nails, screws, etc. Typical hardware
9373 stuff, in other words. I
've been told it is the Norwegian variant of
9374 the German word eisenkram, for those that are familiar with that
9377 <p
><strong
>Update
2013-
01-
26</strong
>: Added -us -us to build
9378 instructions, to avoid confusing people with an error from the signing
9381 <p
><strong
>Update
2013-
01-
27</strong
>: Switch to HTTP URL for the git
9382 clone argument to avoid the need for authentication.
</p
>
9387 <title>First prototype ready making hardware easier to use in Debian
</title>
9388 <link>https://people.skolelinux.org/pere/blog/First_prototype_ready_making_hardware_easier_to_use_in_Debian.html
</link>
9389 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/First_prototype_ready_making_hardware_easier_to_use_in_Debian.html
</guid>
9390 <pubDate>Mon,
21 Jan
2013 12:
00:
00 +
0100</pubDate>
9391 <description><p
>Early this month I set out to try to
9392 <a href=
"https://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
">improve
9393 the Debian support for pluggable hardware devices
</a
>. Now my
9394 prototype is working, and it is ready for a larger audience. To test
9396 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/
">source
9397 from the Debian Edu subversion repository
</a
>, build and install the
9398 package. You might have to log out and in again activate the
9399 autostart script.
</p
>
9401 <p
>The design is simple:
</p
>
9405 <li
>Add desktop entry in /usr/share/autostart/ causing a program
9406 hw-support-handlerd to start when the user log in.
</li
>
9408 <li
>This program listen for kernel events about new hardware (directly
9409 from the kernel like udev does), not using HAL dbus events as I
9410 initially did.
</li
>
9412 <li
>When new hardware is inserted, look up the hardware modalias in
9413 the APT database, a database
9414 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/modaliases?view=markup
">available
9415 via HTTP
</a
> and a database available as part of the package.
</li
>
9417 <li
>If a package is mapped to the hardware in question, the package
9418 isn
't installed yet and this is the first time the hardware was
9419 plugged in, show a desktop notification suggesting to install the
9420 package or packages.
</li
>
9422 <li
>If the user click on the
'install package now
' button, ask
9423 aptdaemon via the PackageKit API to install the requrired package.
</li
>
9425 <li
>aptdaemon ask for root password or sudo password, and install the
9426 package while showing progress information in a window.
</li
>
9430 <p
>I still need to come up with a better name for the system. Here
9431 are some screen shots showing the prototype in action. First the
9432 notification, then the password request, and finally the request to
9433 approve all the dependencies. Sorry for the Norwegian Bokmål GUI.
</p
>
9435 <p
><img src=
"https://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
1-notification.png
">
9436 <br
><img src=
"https://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
2-password.png
">
9437 <br
><img src=
"https://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
3-dependencies.png
">
9438 <br
><img src=
"https://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
4-installing.png
">
9439 <br
><img src=
"https://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
5-installing-details.png
" width=
"70%
"></p
>
9441 <p
>The prototype still need to be improved with longer timeouts, but
9442 is already useful. The database of hardware to package mappings also
9443 need more work. It is currently compatible with the Ubuntu way of
9444 storing such information in the package control file, but could be
9445 changed to use other formats instead or in addition to the current
9446 method. I
've dropped the use of discover for this mapping, as the
9447 modalias approach is more flexible and easier to use on Linux as long
9448 as the Linux kernel expose its modalias strings directly.
</p
>
9450 <p
><strong
>Update
2013-
01-
21 16:
50</strong
>: Due to popular demand,
9451 here is the command required to check out and build the source: Use
9452 '<tt
>svn checkout
9453 svn://svn.debian.org/debian-edu/trunk/src/hw-support-handler/; cd
9454 hw-support-handler; debuild
</tt
>'. If you lack debuild, install the
9455 devscripts package.
</p
>
9457 <p
><strong
>Update
2013-
01-
23 12:
00</strong
>: The project is now
9458 renamed to Isenkram and the source moved from the Debian Edu
9459 subversion repository to a Debian collab-maint git repository. See
9460 <a href=
"https://people.skolelinux.org/pere/blog/Welcome_to_the_world__Isenkram_.html
">build
9461 instructions
</a
> for details.
</p
>
9466 <title>Thank you Thinkpad X41, for your long and trustworthy service
</title>
9467 <link>https://people.skolelinux.org/pere/blog/Thank_you_Thinkpad_X41__for_your_long_and_trustworthy_service.html
</link>
9468 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Thank_you_Thinkpad_X41__for_your_long_and_trustworthy_service.html
</guid>
9469 <pubDate>Sat,
19 Jan
2013 09:
20:
00 +
0100</pubDate>
9470 <description><p
>This Christmas my trusty old laptop died. It died quietly and
9471 suddenly in bed. With a quiet whimper, it went completely quiet and
9472 black. The power button was no longer able to turn it on. It was a
9473 IBM Thinkpad X41, and the best laptop I ever had. Better than both
9474 Thinkpads X30, X31, X40, X60, X61 and X61S. Far better than the
9475 Compaq I had before that. Now I need to find a replacement. To keep
9476 going during Christmas, I moved the one year old SSD disk to my old
9477 X40 where it fitted (only one I had left that could use it), but it is
9478 not a durable solution.
9480 <p
>My laptop needs are fairly modest. This is my wishlist from when I
9481 got a new one more than
10 years ago. It still holds true.:)
</p
>
9485 <li
>Lightweight (around
1 kg) and small volume (preferably smaller
9486 than A4).
</li
>
9487 <li
>Robust, it will be in my backpack every day.
</li
>
9488 <li
>Three button mouse and a mouse pin instead of touch pad.
</li
>
9489 <li
>Long battery life time. Preferable a week.
</li
>
9490 <li
>Internal WIFI network card.
</li
>
9491 <li
>Internal Twisted Pair network card.
</li
>
9492 <li
>Some USB slots (
2-
3 is plenty)
</li
>
9493 <li
>Good keyboard - similar to the Thinkpad.
</li
>
9494 <li
>Video resolution at least
1024x768, with size around
12" (A4 paper
9496 <li
>Hardware supported by Debian Stable, ie the default kernel and
9497 X.org packages.
</li
>
9498 <li
>Quiet, preferably fan free (or at least not using the fan most of
9503 <p
>You will notice that there are no RAM and CPU requirements in the
9504 list. The reason is simply that the specifications on laptops the
9505 last
10-
15 years have been sufficient for my needs, and I have to look
9506 at other features to choose my laptop. But are there still made as
9507 robust laptops as my X41? The Thinkpad X60/X61 proved to be less
9508 robust, and Thinkpads seem to be heading in the wrong direction since
9509 Lenovo took over. But I
've been told that X220 and X1 Carbon might
9510 still be useful.
</p
>
9512 <p
>Perhaps I should rethink my needs, and look for a pad with an
9513 external keyboard? I
'll have to check the
9514 <a href=
"http://www.linux-laptop.net/
">Linux Laptops site
</a
> for
9515 well-supported laptops, or perhaps just buy one preinstalled from one
9516 of the vendors listed on the
<a href=
"http://linuxpreloaded.com/
">Linux
9517 Pre-loaded site
</a
>.
</p
>
9522 <title>How to find a browser plugin supporting a given MIME type
</title>
9523 <link>https://people.skolelinux.org/pere/blog/How_to_find_a_browser_plugin_supporting_a_given_MIME_type.html
</link>
9524 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/How_to_find_a_browser_plugin_supporting_a_given_MIME_type.html
</guid>
9525 <pubDate>Fri,
18 Jan
2013 10:
40:
00 +
0100</pubDate>
9526 <description><p
>Some times I try to figure out which Iceweasel browser plugin to
9527 install to get support for a given MIME type. Thanks to
9528 <a href=
"https://wiki.ubuntu.com/MozillaTeam/Plugins
">specifications
9529 done by Ubuntu
</a
> and Mozilla, it is possible to do this in Debian.
9530 Unfortunately, not very many packages provide the needed meta
9531 information, Anyway, here is a small script to look up all browser
9532 plugin packages announcing ther MIME support using this specification:
</p
>
9538 def pkgs_handling_mimetype(mimetype):
9543 version = pkg.candidate
9545 version = pkg.installed
9548 record = version.record
9549 if not record.has_key(
'Npp-MimeType
'):
9551 mime_types = record[
'Npp-MimeType
'].split(
',
')
9552 for t in mime_types:
9553 t = t.rstrip().strip()
9555 thepkgs.append(pkg.name)
9557 mimetype =
"audio/ogg
"
9558 if
1 < len(sys.argv):
9559 mimetype = sys.argv[
1]
9560 print
"Browser plugin packages supporting %s:
" % mimetype
9561 for pkg in pkgs_handling_mimetype(mimetype):
9562 print
" %s
" %pkg
9565 <p
>It can be used like this to look up a given MIME type:
</p
>
9568 % ./apt-find-browserplug-for-mimetype
9569 Browser plugin packages supporting audio/ogg:
9571 % ./apt-find-browserplug-for-mimetype application/x-shockwave-flash
9572 Browser plugin packages supporting application/x-shockwave-flash:
9573 browser-plugin-gnash
9577 <p
>In Ubuntu this mechanism is combined with support in the browser
9578 itself to query for plugins and propose to install the needed
9579 packages. It would be great if Debian supported such feature too. Is
9580 anyone working on adding it?
</p
>
9582 <p
><strong
>Update
2013-
01-
18 14:
20</strong
>: The Debian BTS
9583 request for icweasel support for this feature is
9584 <a href=
"http://bugs.debian.org/
484010">#
484010</a
> from
2008 (and
9585 <a href=
"http://bugs.debian.org/
698426">#
698426</a
> from today). Lack
9586 of manpower and wish for a different design is the reason thus feature
9587 is not yet in iceweasel from Debian.
</p
>
9592 <title>What is the most supported MIME type in Debian?
</title>
9593 <link>https://people.skolelinux.org/pere/blog/What_is_the_most_supported_MIME_type_in_Debian_.html
</link>
9594 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/What_is_the_most_supported_MIME_type_in_Debian_.html
</guid>
9595 <pubDate>Wed,
16 Jan
2013 10:
10:
00 +
0100</pubDate>
9596 <description><p
>The
<a href=
"http://wiki.debian.org/AppStreamDebianProposal
">DEP-
11
9597 proposal to add AppStream information to the Debian archive
</a
>, is a
9598 proposal to make it possible for a Desktop application to propose to
9599 the user some package to install to gain support for a given MIME
9600 type, font, library etc. that is currently missing. With such
9601 mechanism in place, it would be possible for the desktop to
9602 automatically propose and install leocad if some LDraw file is
9603 downloaded by the browser.
</p
>
9605 <p
>To get some idea about the current content of the archive, I decided
9606 to write a simple program to extract all .desktop files from the
9607 Debian archive and look up the claimed MIME support there. The result
9609 <a href=
"http://ftp.skolelinux.org/pub/AppStreamTest
">Skolelinux FTP
9610 site
</a
>. Using the collected information, it become possible to
9611 answer the question in the title. Here are the
20 most supported MIME
9612 types in Debian stable (Squeeze), testing (Wheezy) and unstable (Sid).
9613 The complete list is available from the link above.
</p
>
9615 <p
><strong
>Debian Stable:
</strong
></p
>
9619 ----- -----------------------
9635 18 application/x-ogg
9642 <p
><strong
>Debian Testing:
</strong
></p
>
9646 ----- -----------------------
9662 18 application/x-ogg
9669 <p
><strong
>Debian Unstable:
</strong
></p
>
9673 ----- -----------------------
9690 18 application/x-ogg
9696 <p
>I am told that PackageKit can provide an API to access the kind of
9697 information mentioned in DEP-
11. I have not yet had time to look at
9698 it, but hope the PackageKit people in Debian are on top of these
9701 <p
><strong
>Update
2013-
01-
16 13:
35</strong
>: Updated numbers after
9702 discovering a typo in my script.
</p
>
9707 <title>Using modalias info to find packages handling my hardware
</title>
9708 <link>https://people.skolelinux.org/pere/blog/Using_modalias_info_to_find_packages_handling_my_hardware.html
</link>
9709 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Using_modalias_info_to_find_packages_handling_my_hardware.html
</guid>
9710 <pubDate>Tue,
15 Jan
2013 08:
00:
00 +
0100</pubDate>
9711 <description><p
>Yesterday, I wrote about the
9712 <a href=
"https://people.skolelinux.org/pere/blog/Modalias_strings___a_practical_way_to_map__stuff__to_hardware.html
">modalias
9713 values provided by the Linux kernel
</a
> following my hope for
9714 <a href=
"https://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
">better
9715 dongle support in Debian
</a
>. Using this knowledge, I have tested how
9716 modalias values attached to package names can be used to map packages
9717 to hardware. This allow the system to look up and suggest relevant
9718 packages when I plug in some new hardware into my machine, and replace
9719 discover and discover-data as the database used to map hardware to
9722 <p
>I create a modaliases file with entries like the following,
9723 containing package name, kernel module name (if relevant, otherwise
9724 the package name) and globs matching the relevant hardware
9727 <p
><blockquote
>
9728 Package: package-name
9729 <br
>Modaliases: module(modaliasglob, modaliasglob, modaliasglob)
</p
>
9730 </blockquote
></p
>
9732 <p
>It is fairly trivial to write code to find the relevant packages
9733 for a given modalias value using this file.
</p
>
9735 <p
>An entry like this would suggest the video and picture application
9736 cheese for many USB web cameras (interface bus class
0E01):
</p
>
9738 <p
><blockquote
>
9740 <br
>Modaliases: cheese(usb:v*p*d*dc*dsc*dp*ic0Eisc01ip*)
</p
>
9741 </blockquote
></p
>
9743 <p
>An entry like this would suggest the pcmciautils package when a
9744 CardBus bridge (bus class
0607) PCI device is present:
</p
>
9746 <p
><blockquote
>
9747 Package: pcmciautils
9748 <br
>Modaliases: pcmciautils(pci:v*d*sv*sd*bc06sc07i*)
9749 </blockquote
></p
>
9751 <p
>An entry like this would suggest the package colorhug-client when
9752 plugging in a ColorHug with USB IDs
04D8:F8DA:
</p
>
9754 <p
><blockquote
>
9755 Package: colorhug-client
9756 <br
>Modaliases: colorhug-client(usb:v04D8pF8DAd*)
</p
>
9757 </blockquote
></p
>
9759 <p
>I believe the format is compatible with the format of the Packages
9760 file in the Debian archive. Ubuntu already uses their Packages file
9761 to store their mappings from packages to hardware.
</p
>
9763 <p
>By adding a XB-Modaliases: header in debian/control, any .deb can
9764 announce the hardware it support in a way my prototype understand.
9765 This allow those publishing packages in an APT source outside the
9766 Debian archive as well as those backporting packages to make sure the
9767 hardware mapping are included in the package meta information. I
've
9768 tested such header in the pymissile package, and its modalias mapping
9769 is working as it should with my prototype. It even made it to Ubuntu
9772 <p
>To test if it was possible to look up supported hardware using only
9773 the shell tools available in the Debian installer, I wrote a shell
9774 implementation of the lookup code. The idea is to create files for
9775 each modalias and let the shell do the matching. Please check out and
9777 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/hw-support-lookup?view=co
">hw-support-lookup
</a
>
9778 shell script. It run without any extra dependencies and fetch the
9779 hardware mappings from the Debian archive and the subversion
9780 repository where I currently work on my prototype.
</p
>
9782 <p
>When I use it on a machine with a yubikey inserted, it suggest to
9783 install yubikey-personalization:
</p
>
9785 <p
><blockquote
>
9786 % ./hw-support-lookup
9787 <br
>yubikey-personalization
9789 </blockquote
></p
>
9791 <p
>When I run it on my Thinkpad X40 with a PCMCIA/CardBus slot, it
9792 propose to install the pcmciautils package:
</p
>
9794 <p
><blockquote
>
9795 % ./hw-support-lookup
9796 <br
>pcmciautils
9798 </blockquote
></p
>
9800 <p
>If you know of any hardware-package mapping that should be added to
9801 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/modaliases?view=co
">my
9802 database
</a
>, please tell me about it.
</p
>
9804 <p
>It could be possible to generate several of the mappings between
9805 packages and hardware. One source would be to look at packages with
9806 kernel modules, ie packages with *.ko files in /lib/modules/, and
9807 extract their modalias information. Another would be to look at
9808 packages with udev rules, ie packages with files in
9809 /lib/udev/rules.d/, and extract their vendor/model information to
9810 generate a modalias matching rule. I have not tested any of these to
9811 see if it work.
</p
>
9813 <p
>If you want to help implementing a system to let us propose what
9814 packages to install when new hardware is plugged into a Debian
9815 machine, please send me an email or talk to me on
9816 <a href=
"irc://irc.debian.org/%
23debian-devel
">#debian-devel
</a
>.
</p
>
9821 <title>Modalias strings - a practical way to map
"stuff
" to hardware
</title>
9822 <link>https://people.skolelinux.org/pere/blog/Modalias_strings___a_practical_way_to_map__stuff__to_hardware.html
</link>
9823 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Modalias_strings___a_practical_way_to_map__stuff__to_hardware.html
</guid>
9824 <pubDate>Mon,
14 Jan
2013 11:
20:
00 +
0100</pubDate>
9825 <description><p
>While looking into how to look up Debian packages based on hardware
9826 information, to find the packages that support a given piece of
9827 hardware, I refreshed my memory regarding modalias values, and decided
9828 to document the details. Here are my findings so far, also available
9830 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/
">the
9831 Debian Edu subversion repository
</a
>:
9833 <p
><strong
>Modalias decoded
</strong
></p
>
9835 <p
>This document try to explain what the different types of modalias
9836 values stands for. It is in part based on information from
9837 &lt;URL:
<a href=
"https://wiki.archlinux.org/index.php/Modalias
">https://wiki.archlinux.org/index.php/Modalias
</a
> &gt;,
9838 &lt;URL:
<a href=
"http://unix.stackexchange.com/questions/
26132/how-to-assign-usb-driver-to-device
">http://unix.stackexchange.com/questions/
26132/how-to-assign-usb-driver-to-device
</a
> &gt;,
9839 &lt;URL:
<a href=
"http://code.metager.de/source/history/linux/stable/scripts/mod/file2alias.c
">http://code.metager.de/source/history/linux/stable/scripts/mod/file2alias.c
</a
> &gt; and
9840 &lt;URL:
<a href=
"http://cvs.savannah.gnu.org/viewvc/dmidecode/dmidecode.c?root=dmidecode
&view=markup
">http://cvs.savannah.gnu.org/viewvc/dmidecode/dmidecode.c?root=dmidecode
&view=markup
</a
> &gt;.
9842 <p
>The modalias entries for a given Linux machine can be found using
9843 this shell script:
</p
>
9846 find /sys -name modalias -print0 | xargs -
0 cat | sort -u
9849 <p
>The supported modalias globs for a given kernel module can be found
9850 using modinfo:
</p
>
9853 % /sbin/modinfo psmouse | grep alias:
9854 alias: serio:ty05pr*id*ex*
9855 alias: serio:ty01pr*id*ex*
9859 <p
><strong
>PCI subtype
</strong
></p
>
9861 <p
>A typical PCI entry can look like this. This is an Intel Host
9862 Bridge memory controller:
</p
>
9864 <p
><blockquote
>
9865 pci:v00008086d00002770sv00001028sd000001ADbc06sc00i00
9866 </blockquote
></p
>
9868 <p
>This represent these values:
</p
>
9873 sv
00001028 (subvendor)
9874 sd
000001AD (subdevice)
9876 sc
00 (bus subclass)
9880 <p
>The vendor/device values are the same values outputted from
'lspci
9881 -n
' as
8086:
2770. The bus class/subclass is also shown by lspci as
9882 0600. The
0600 class is a host bridge. Other useful bus values are
9883 0300 (VGA compatible card) and
0200 (Ethernet controller).
</p
>
9885 <p
>Not sure how to figure out the interface value, nor what it
9888 <p
><strong
>USB subtype
</strong
></p
>
9890 <p
>Some typical USB entries can look like this. This is an internal
9891 USB hub in a laptop:
</p
>
9893 <p
><blockquote
>
9894 usb:v1D6Bp0001d0206dc09dsc00dp00ic09isc00ip00
9895 </blockquote
></p
>
9897 <p
>Here is the values included in this alias:
</p
>
9900 v
1D6B (device vendor)
9901 p
0001 (device product)
9903 dc
09 (device class)
9904 dsc
00 (device subclass)
9905 dp
00 (device protocol)
9906 ic
09 (interface class)
9907 isc
00 (interface subclass)
9908 ip
00 (interface protocol)
9911 <p
>The
0900 device class/subclass means hub. Some times the relevant
9912 class is in the interface class section. For a simple USB web camera,
9913 these alias entries show up:
</p
>
9915 <p
><blockquote
>
9916 usb:v0AC8p3420d5000dcEFdsc02dp01ic01isc01ip00
9917 <br
>usb:v0AC8p3420d5000dcEFdsc02dp01ic01isc02ip00
9918 <br
>usb:v0AC8p3420d5000dcEFdsc02dp01ic0Eisc01ip00
9919 <br
>usb:v0AC8p3420d5000dcEFdsc02dp01ic0Eisc02ip00
9920 </blockquote
></p
>
9922 <p
>Interface class
0E01 is video control,
0E02 is video streaming (aka
9923 camera),
0101 is audio control device and
0102 is audio streaming (aka
9924 microphone). Thus this is a camera with microphone included.
</p
>
9926 <p
><strong
>ACPI subtype
</strong
></p
>
9928 <p
>The ACPI type is used for several non-PCI/USB stuff. This is an IR
9929 receiver in a Thinkpad X40:
</p
>
9931 <p
><blockquote
>
9932 acpi:IBM0071:PNP0511:
9933 </blockquote
></p
>
9935 <p
>The values between the colons are IDs.
</p
>
9937 <p
><strong
>DMI subtype
</strong
></p
>
9939 <p
>The DMI table contain lots of information about the computer case
9940 and model. This is an entry for a IBM Thinkpad X40, fetched from
9941 /sys/devices/virtual/dmi/id/modalias:
</p
>
9943 <p
><blockquote
>
9944 dmi:bvnIBM:bvr1UETB6WW(
1.66):bd06/
15/
2005:svnIBM:pn2371H4G:pvrThinkPadX40:rvnIBM:rn2371H4G:rvrNotAvailable:cvnIBM:ct10:cvrNotAvailable:
9945 </blockquote
></p
>
9947 <p
>The values present are
</p
>
9950 bvn IBM (BIOS vendor)
9951 bvr
1UETB
6WW(
1.66) (BIOS version)
9952 bd
06/
15/
2005 (BIOS date)
9953 svn IBM (system vendor)
9954 pn
2371H4G (product name)
9955 pvr ThinkPadX40 (product version)
9956 rvn IBM (board vendor)
9957 rn
2371H4G (board name)
9958 rvr NotAvailable (board version)
9959 cvn IBM (chassis vendor)
9960 ct
10 (chassis type)
9961 cvr NotAvailable (chassis version)
9964 <p
>The chassis type
10 is Notebook. Other interesting values can be
9965 found in the dmidecode source:
</p
>
9969 4 Low Profile Desktop
9982 17 Main Server Chassis
9983 18 Expansion Chassis
9985 20 Bus Expansion Chassis
9986 21 Peripheral Chassis
9988 23 Rack Mount Chassis
9997 <p
>The chassis type values are not always accurately set in the DMI
9998 table. For example my home server is a tower, but the DMI modalias
9999 claim it is a desktop.
</p
>
10001 <p
><strong
>SerIO subtype
</strong
></p
>
10003 <p
>This type is used for PS/
2 mouse plugs. One example is from my
10004 test machine:
</p
>
10006 <p
><blockquote
>
10007 serio:ty01pr00id00ex00
10008 </blockquote
></p
>
10010 <p
>The values present are
</p
>
10019 <p
>This type is supported by the psmouse driver. I am not sure what
10020 the valid values are.
</p
>
10022 <p
><strong
>Other subtypes
</strong
></p
>
10024 <p
>There are heaps of other modalias subtypes according to
10025 file2alias.c. There is the rest of the list from that source: amba,
10026 ap, bcma, ccw, css, eisa, hid, i2c, ieee1394, input, ipack, isapnp,
10027 mdio, of, parisc, pcmcia, platform, scsi, sdio, spi, ssb, vio, virtio,
10028 vmbus, x86cpu and zorro. I did not spend time documenting all of
10029 these, as they do not seem relevant for my intended use with mapping
10030 hardware to packages when new stuff is inserted during run time.
</p
>
10032 <p
><strong
>Looking up kernel modules using modalias values
</strong
></p
>
10034 <p
>To check which kernel modules provide support for a given modalias,
10035 one can use the following shell script:
</p
>
10038 for id in $(find /sys -name modalias -print0 | xargs -
0 cat | sort -u); do \
10039 echo
"$id
" ; \
10040 /sbin/modprobe --show-depends
"$id
"|sed
's/^/ /
' ; \
10044 <p
>The output can look like this (only the first few entries as the
10045 list is very long on my test machine):
</p
>
10049 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/acpi/ac.ko
10051 FATAL: Module acpi:device: not found.
10053 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/char/nvram.ko
10054 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/leds/led-class.ko
10055 insmod /lib/modules/
2.6.32-
5-
686/kernel/net/rfkill/rfkill.ko
10056 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/platform/x86/thinkpad_acpi.ko
10057 acpi:IBM0071:PNP0511:
10058 insmod /lib/modules/
2.6.32-
5-
686/kernel/lib/crc-ccitt.ko
10059 insmod /lib/modules/
2.6.32-
5-
686/kernel/net/irda/irda.ko
10060 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/net/irda/nsc-ircc.ko
10064 <p
>If you want to help implementing a system to let us propose what
10065 packages to install when new hardware is plugged into a Debian
10066 machine, please send me an email or talk to me on
10067 <a href=
"irc://irc.debian.org/%
23debian-devel
">#debian-devel
</a
>.
</p
>
10069 <p
><strong
>Update
2013-
01-
15:
</strong
> Rewrite
"cat $(find ...)
" to
10070 "find ... -print0 | xargs -
0 cat
" to make sure it handle directories
10071 in /sys/ with space in them.
</p
>
10076 <title>Moved the pymissile Debian packaging to collab-maint
</title>
10077 <link>https://people.skolelinux.org/pere/blog/Moved_the_pymissile_Debian_packaging_to_collab_maint.html
</link>
10078 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Moved_the_pymissile_Debian_packaging_to_collab_maint.html
</guid>
10079 <pubDate>Thu,
10 Jan
2013 20:
40:
00 +
0100</pubDate>
10080 <description><p
>As part of my investigation on how to improve the support in Debian
10081 for hardware dongles, I dug up my old Mark and Spencer USB Rocket
10082 Launcher and updated the Debian package
10083 <a href=
"http://packages.qa.debian.org/pymissile
">pymissile
</a
> to make
10084 sure udev will fix the device permissions when it is plugged in. I
10085 also added a
"Modaliases
" header to test it in the Debian archive and
10086 hopefully make the package be proposed by jockey in Ubuntu when a user
10087 plug in his rocket launcher. In the process I moved the source to a
10088 git repository under collab-maint, to make it easier for any DD to
10089 contribute.
<a href=
"http://code.google.com/p/pymissile/
">Upstream
</a
>
10090 is not very active, but the software still work for me even after five
10091 years of relative silence. The new git repository is not listed in
10092 the uploaded package yet, because I want to test the other changes a
10093 bit more before I upload the new version. If you want to check out
10094 the new version with a .desktop file included, visit the
10095 <a href=
"http://anonscm.debian.org/gitweb/?p=collab-maint/pymissile.git
">gitweb
10096 view
</a
> or use
"<tt
>git clone
10097 git://anonscm.debian.org/collab-maint/pymissile.git
</tt
>".
</p
>
10102 <title>Lets make hardware dongles easier to use in Debian
</title>
10103 <link>https://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
</link>
10104 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
</guid>
10105 <pubDate>Wed,
9 Jan
2013 15:
40:
00 +
0100</pubDate>
10106 <description><p
>One thing that annoys me with Debian and Linux distributions in
10107 general, is that there is a great package management system with the
10108 ability to automatically install software packages by downloading them
10109 from the distribution mirrors, but no way to get it to automatically
10110 install the packages I need to use the hardware I plug into my
10111 machine. Even if the package to use it is easily available from the
10112 Linux distribution. When I plug in a LEGO Mindstorms NXT, it could
10113 suggest to automatically install the python-nxt, nbc and t2n packages
10114 I need to talk to it. When I plug in a Yubikey, it could propose the
10115 yubikey-personalization package. The information required to do this
10116 is available, but no-one have pulled all the pieces together.
</p
>
10118 <p
>Some years ago, I proposed to
10119 <a href=
"http://lists.debian.org/debian-devel/
2010/
05/msg01206.html
">use
10120 the discover subsystem to implement this
</a
>. The idea is fairly
10125 <li
>Add a desktop entry in /usr/share/autostart/ pointing to a program
10126 starting when a user log in.
</li
>
10128 <li
>Set this program up to listen for kernel events emitted when new
10129 hardware is inserted into the computer.
</li
>
10131 <li
>When new hardware is inserted, look up the hardware ID in a
10132 database mapping to packages, and take note of any non-installed
10133 packages.
</li
>
10135 <li
>Show a message to the user proposing to install the discovered
10136 package, and make it easy to install it.
</li
>
10140 <p
>I am not sure what the best way to implement this is, but my
10141 initial idea was to use dbus events to discover new hardware, the
10142 discover database to find packages and
10143 <a href=
"http://www.packagekit.org/
">PackageKit
</a
> to install
10144 packages.
</p
>
10146 <p
>Yesterday, I found time to try to implement this idea, and the
10147 draft package is now checked into
10148 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/
">the
10149 Debian Edu subversion repository
</a
>. In the process, I updated the
10150 <a href=
"http://packages.qa.debian.org/d/discover-data.html
">discover-data
</a
>
10151 package to map the USB ids of LEGO Mindstorms and Yubikey devices to
10152 the relevant packages in Debian, and uploaded a new version
10153 2.2013.01.09 to unstable. I also discovered that the current
10154 <a href=
"http://packages.qa.debian.org/d/discover.html
">discover
</a
>
10155 package in Debian no longer discovered any USB devices, because
10156 /proc/bus/usb/devices is no longer present. I ported it to use
10157 libusb as a fall back option to get it working. The fixed package
10158 version
2.1.2-
6 is now in experimental (didn
't upload it to unstable
10159 because of the freeze).
</p
>
10161 <p
>With this prototype in place, I can insert my Yubikey, and get this
10162 desktop notification to show up (only once, the first time it is
10163 inserted):
</p
>
10165 <p align=
"center
"><img src=
"https://people.skolelinux.org/pere/blog/images/
2013-
01-
09-hw-autoinstall.png
"></p
>
10167 <p
>For this prototype to be really useful, some way to automatically
10168 install the proposed packages by pressing the
"Please install
10169 program(s)
" button should to be implemented.
</p
>
10171 <p
>If this idea seem useful to you, and you want to help make it
10172 happen, please help me update the discover-data database with mappings
10173 from hardware to Debian packages. Check if
'discover-pkginstall -l
'
10174 list the package you would like to have installed when a given
10175 hardware device is inserted into your computer, and report bugs using
10176 reportbug if it isn
't. Or, if you know of a better way to provide
10177 such mapping, please let me know.
</p
>
10179 <p
>This prototype need more work, and there are several questions that
10180 should be considered before it is ready for production use. Is dbus
10181 the correct way to detect new hardware? At the moment I look for HAL
10182 dbus events on the system bus, because that is the events I could see
10183 on my Debian Squeeze KDE desktop. Are there better events to use?
10184 How should the user be notified? Is the desktop notification
10185 mechanism the best option, or should the background daemon raise a
10186 popup instead? How should packages be installed? When should they
10187 not be installed?
</p
>
10189 <p
>If you want to help getting such feature implemented in Debian,
10190 please send me an email. :)
</p
>
10195 <title>New IRC channel for LEGO designers using Debian
</title>
10196 <link>https://people.skolelinux.org/pere/blog/New_IRC_channel_for_LEGO_designers_using_Debian.html
</link>
10197 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/New_IRC_channel_for_LEGO_designers_using_Debian.html
</guid>
10198 <pubDate>Wed,
2 Jan
2013 15:
40:
00 +
0100</pubDate>
10199 <description><p
>During Christmas, I have worked a bit on the Debian support for
10200 <a href=
"http://mindstorms.lego.com/en-us/Default.aspx
">LEGO Mindstorm
10201 NXT
</a
>. My son and I have played a bit with my NXT set, and I
10202 discovered I had to build all the tools myself because none were
10203 already in Debian Squeeze. If Debian support for LEGO is something
10204 you care about, please join me on the IRC channel
10205 <a href=
"irc://irc.debian.org/%
23debian-lego
">#debian-lego
</a
> (server
10206 irc.debian.org). There is a lot that could be done to improve the
10207 Debian support for LEGO designers. For example both CAD software
10208 and Mindstorm compilers are missing. :)
</p
>
10210 <p
>Update
2012-
01-
03: A
10211 <a href=
"http://wiki.debian.org/LegoDesigners
">project page
</a
>
10212 including links to Lego related packages is now available.
</p
>
10217 <title>How to backport bitcoin-qt version
0.7.2-
2 to Debian Squeeze
</title>
10218 <link>https://people.skolelinux.org/pere/blog/How_to_backport_bitcoin_qt_version_0_7_2_2_to_Debian_Squeeze.html
</link>
10219 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/How_to_backport_bitcoin_qt_version_0_7_2_2_to_Debian_Squeeze.html
</guid>
10220 <pubDate>Tue,
25 Dec
2012 20:
50:
00 +
0100</pubDate>
10221 <description><p
>Let me start by wishing you all marry Christmas and a happy new
10222 year! I hope next year will prove to be a good year.
</p
>
10224 <p
><a href=
"http://www.bitcoin.org/
">Bitcoin
</a
>, the digital
10225 decentralised
"currency
" that allow people to transfer bitcoins
10226 between each other with minimal overhead, is a very interesting
10227 experiment. And as I wrote a few days ago, the bitcoin situation in
10228 <a href=
"http://www.debian.org/
">Debian
</a
> is about to improve a bit.
10229 The
<a href=
"http://packages.qa.debian.org/bitcoin
">new debian source
10230 package
</a
> (version
0.7.2-
2) was uploaded yesterday, and is waiting
10231 in
<a href=
"http://ftp-master.debian.org/new.html
">the NEW queue
</A
>
10232 for one of the ftpmasters to approve the new bitcoin-qt package
10235 <p
>And thanks to the great work of Jonas and the rest of the bitcoin
10236 team in Debian, you can easily test the package in Debian Squeeze
10237 using the following steps to get a set of working packages:
</p
>
10239 <blockquote
><pre
>
10240 git clone git://git.debian.org/git/collab-maint/bitcoin
10242 DEB_MAINTAINER_MODE=
1 DEB_BUILD_OPTIONS=noupnp fakeroot debian/rules clean
10243 DEB_BUILD_OPTIONS=noupnp git-buildpackage --git-ignore-new
10244 </pre
></blockquote
>
10246 <p
>You might have to install some build dependencies as well. The
10247 list of commands should give you two packages, bitcoind and
10248 bitcoin-qt, ready for use in a Squeeze environment. Note that the
10249 client will download the complete set of bitcoin
"blocks
", which need
10250 around
5.6 GiB of data on my machine at the moment. Make sure your
10251 ~/.bitcoin/ directory have lots of spare room if you want to download
10252 all the blocks. The client will warn if the disk is getting full, so
10253 there is not really a problem if you got too little room, but you will
10254 not be able to get all the features out of the client.
</p
>
10256 <p
>As usual, if you use bitcoin and want to show your support of my
10257 activities, please send Bitcoin donations to my address
10258 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
10263 <title>A word on bitcoin support in Debian
</title>
10264 <link>https://people.skolelinux.org/pere/blog/A_word_on_bitcoin_support_in_Debian.html
</link>
10265 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/A_word_on_bitcoin_support_in_Debian.html
</guid>
10266 <pubDate>Fri,
21 Dec
2012 23:
59:
00 +
0100</pubDate>
10267 <description><p
>It has been a while since I wrote about
10268 <a href=
"http://www.bitcoin.org/
">bitcoin
</a
>, the decentralised
10269 peer-to-peer based crypto-currency, and the reason is simply that I
10270 have been busy elsewhere. But two days ago, I started looking at the
10271 state of
<a href=
"http://packages.qa.debian.org/bitcoin
">bitcoin in
10272 Debian
</a
> again to try to recover my old bitcoin wallet. The package
10273 is now maintained by a
10274 <a href=
"https://alioth.debian.org/projects/pkg-bitcoin/
">team of
10275 people
</a
>, and the grunt work had already been done by this team. We
10276 owe a huge thank you to all these team members. :)
10277 But I was sad to discover that the bitcoin client is missing in
10278 Wheezy. It is only available in Sid (and an outdated client from
10279 backports). The client had several RC bugs registered in BTS blocking
10280 it from entering testing. To try to help the team and improve the
10281 situation, I spent some time providing patches and triaging the bug
10282 reports. I also had a look at the bitcoin package available from Matt
10284 <a href=
"https://launchpad.net/~bitcoin/+archive/bitcoin
">PPA for
10285 Ubuntu
</a
>, and moved the useful pieces from that version into the
10286 Debian package.
</p
>
10288 <p
>After checking with the main package maintainer Jonas Smedegaard on
10289 IRC, I pushed several patches into the collab-maint git repository to
10290 improve the package. It now contains fixes for the RC issues (not from
10291 me, but fixed by Scott Howard), build rules for a Qt GUI client
10292 package, konqueror support for the bitcoin: URI and bash completion
10293 setup. As I work on Debian Squeeze, I also created
10294 <a href=
"http://lists.alioth.debian.org/pipermail/pkg-bitcoin-devel/Week-of-Mon-
20121217/
000041.html
">a
10295 patch to backport
</a
> the latest version. Jonas is going to look at
10296 it and try to integrate it into the git repository before uploading a
10297 new version to unstable.
10299 <p
>I would very much like bitcoin to succeed, to get rid of the
10300 centralized control currently exercised in the monetary system. I
10301 find it completely unacceptable that the USA government is collecting
10302 transaction data for almost all international money transfers (most are done in USD and transaction logs shipped to the spooks), and
10303 that the major credit card companies can block legal money
10304 transactions to Wikileaks. But for bitcoin to succeed, more people
10305 need to use bitcoins, and more people need to accept bitcoins when
10306 they sell products and services. Improving the bitcoin support in
10307 Debian is a small step in the right direction, but not enough.
10308 Unfortunately the user experience when browsing the web and wanting to
10309 pay with bitcoin is still not very good. The bitcoin: URI is a step
10310 in the right direction, but need to work in most or every browser in
10311 use. Also the bitcoin-qt client is too heavy to fire up to do a
10312 quick transaction. I believe there are other clients available, but
10313 have not tested them.
</p
>
10316 <a href=
"https://people.skolelinux.org/pere/blog/Now_accepting_bitcoins___anonymous_and_distributed_p2p_crypto_money.html
">experiment
10317 with bitcoins
</a
> showed that at least some of my readers use bitcoin.
10318 I received
20.15 BTC so far on the address I provided in my blog two
10319 years ago, as can be
10320 <a href=
"http://blockexplorer.com/address/
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">seen
10321 on the blockexplorer service
</a
>. Thank you everyone for your
10322 donation. The blockexplorer service demonstrates quite well that
10323 bitcoin is not quite anonymous and untracked. :) I wonder if the
10324 number of users have gone up since then. If you use bitcoin and want
10325 to show your support of my activity, please send Bitcoin donations to
10326 the same address as last time,
10327 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
10332 <title>Git repository for song book for Computer Scientists
</title>
10333 <link>https://people.skolelinux.org/pere/blog/Git_repository_for_song_book_for_Computer_Scientists.html
</link>
10334 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Git_repository_for_song_book_for_Computer_Scientists.html
</guid>
10335 <pubDate>Fri,
7 Sep
2012 13:
50:
00 +
0200</pubDate>
10336 <description><p
>As I
10337 <a href=
"https://people.skolelinux.org/pere/blog/Song_book_for_Computer_Scientists.html
">mentioned
10338 this summer
</a
>, I have created a Computer Science song book a few
10339 years ago, and today I finally found time to create a public
10340 <a href=
"https://gitorious.org/pere-cs-songbook/pere-cs-songbook
">Gitorious
10341 repository for the project
</a
>.
</p
>
10343 <p
>If you want to help out, please clone the source and submit patches
10344 to the HTML version. To generate the PDF and PostScript version,
10345 please use prince XML, or let me know about a useful free software
10346 processor capable of creating a good looking PDF from the HTML.
</p
>
10348 <p
>Want to sing? You can still find the song book in HTML, PDF and
10349 PostScript formats at
10350 <a href=
"http://www.hungry.com/~pere/cs-songbook/
">Petter
's Computer
10351 Science Songbook
</a
>.
</p
>
10356 <title>Gratulerer med
19-årsdagen, Debian!
</title>
10357 <link>https://people.skolelinux.org/pere/blog/Gratulerer_med_19__rsdagen__Debian_.html
</link>
10358 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Gratulerer_med_19__rsdagen__Debian_.html
</guid>
10359 <pubDate>Thu,
16 Aug
2012 11:
20:
00 +
0200</pubDate>
10360 <description><p
>I dag fyller
10361 <a href=
"http://www.debian.org/News/
2012/
20120813">Debian-prosjektet
19
10362 år
</a
>. Jeg har fulgt det de siste
12 årene, og er veldig glad for å kunne
10363 si gratulerer med dagen, Debian!
</p
>
10368 <title>Song book for Computer Scientists
</title>
10369 <link>https://people.skolelinux.org/pere/blog/Song_book_for_Computer_Scientists.html
</link>
10370 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Song_book_for_Computer_Scientists.html
</guid>
10371 <pubDate>Sun,
24 Jun
2012 13:
30:
00 +
0200</pubDate>
10372 <description><p
>Many years ago, while studying Computer Science at the
10373 <a href=
"http://www.uit.no/
">University of Tromsø
</a
>, I started
10374 collecting computer related songs for use at parties. The original
10375 version was written in LaTeX, but a few years ago I got help from
10376 Håkon W. Lie, one of the inventors of W3C CSS, to convert it to HTML
10377 while keeping the ability to create a nice book in PDF format. I have
10378 not had time to maintain the book for a while now, and guess I should
10379 put it up on some public version control repository where others can
10380 help me extend and update the book. If anyone is volunteering to help
10381 me with this, send me an email. Also let me know if there are songs
10382 missing in my book.
</p
>
10384 <p
>I have not mentioned the book on my blog so far, and it occured to
10385 me today that I really should let all my readers share the joys of
10386 singing out load about programming, computers and computer networks.
10387 Especially now that
<a href=
"http://debconf12.debconf.org/
">Debconf
10388 12</a
> is about to start (and I am not going). Want to sing? Check
10389 out
<a href=
"http://www.hungry.com/~pere/cs-songbook/
">Petter
's
10390 Computer Science Songbook
</a
>.
10395 <title>Automatically upgrading server firmware on Dell PowerEdge
</title>
10396 <link>https://people.skolelinux.org/pere/blog/Automatically_upgrading_server_firmware_on_Dell_PowerEdge.html
</link>
10397 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Automatically_upgrading_server_firmware_on_Dell_PowerEdge.html
</guid>
10398 <pubDate>Mon,
21 Nov
2011 12:
00:
00 +
0100</pubDate>
10399 <description><p
>At work we have heaps of servers. I believe the total count is
10400 around
1000 at the moment. To be able to get help from the vendors
10401 when something go wrong, we want to keep the firmware on the servers
10402 up to date. If the firmware isn
't the latest and greatest, the
10403 vendors typically refuse to start debugging any problems until the
10404 firmware is upgraded. So before every reboot, we want to upgrade the
10405 firmware, and we would really like everyone handling servers at the
10406 university to do this themselves when they plan to reboot a machine.
10407 For that to happen we at the unix server admin group need to provide
10408 the tools to do so.
</p
>
10410 <p
>To make firmware upgrading easier, I am working on a script to
10411 fetch and install the latest firmware for the servers we got. Most of
10412 our hardware are from Dell and HP, so I have focused on these servers
10413 so far. This blog post is about the Dell part.
</P
>
10415 <p
>On the Dell FTP site I was lucky enough to find
10416 <a href=
"ftp://ftp.us.dell.com/catalog/Catalog.xml.gz
">an XML file
</a
>
10417 with firmware information for all
11th generation servers, listing
10418 which firmware should be used on a given model and where on the FTP
10419 site I can find it. Using a simple perl XML parser I can then
10420 download the shell scripts Dell provides to do firmware upgrades from
10421 within Linux and reboot when all the firmware is primed and ready to
10422 be activated on the first reboot.
</p
>
10424 <p
>This is the Dell related fragment of the perl code I am working on.
10425 Are there anyone working on similar tools for firmware upgrading all
10426 servers at a site? Please get in touch and lets share resources.
</p
>
10428 <p
><pre
>
10432 use File::Temp qw(tempdir);
10434 # Install needed RHEL packages if missing
10435 my %rhelmodules = (
10436 'XML::Simple
' =
> 'perl-XML-Simple
',
10438 for my $module (keys %rhelmodules) {
10439 eval
"use $module;
";
10441 my $pkg = $rhelmodules{$module};
10442 system(
"yum install -y $pkg
");
10443 eval
"use $module;
";
10447 my $errorsto =
'pere@hungry.com
';
10453 sub run_firmware_script {
10454 my ($opts, $script) = @_;
10456 print STDERR
"fail: missing script name\n
";
10459 print STDERR
"Running $script\n\n
";
10461 if (
0 == system(
"sh $script $opts
")) { # FIXME correct exit code handling
10462 print STDERR
"success: firmware script ran succcessfully\n
";
10464 print STDERR
"fail: firmware script returned error\n
";
10468 sub run_firmware_scripts {
10469 my ($opts, @dirs) = @_;
10470 # Run firmware packages
10471 for my $dir (@dirs) {
10472 print STDERR
"info: Running scripts in $dir\n
";
10473 opendir(my $dh, $dir) or die
"Unable to open directory $dir: $!
";
10474 while (my $s = readdir $dh) {
10475 next if $s =~ m/^\.\.?/;
10476 run_firmware_script($opts,
"$dir/$s
");
10484 print STDERR
"info: Downloading $url\n
";
10485 system(
"wget --quiet \
"$url\
"");
10490 my $product = `dmidecode -s system-product-name`;
10493 if ($product =~ m/PowerEdge/) {
10495 # on RHEL, these pacakges are needed by the firwmare upgrade scripts
10496 system(
'yum install -y compat-libstdc++-
33.i686 libstdc++.i686 libxml2.i686 procmail
');
10498 my $tmpdir = tempdir(
10502 fetch_dell_fw(
'catalog/Catalog.xml.gz
');
10503 system(
'gunzip Catalog.xml.gz
');
10504 my @paths = fetch_dell_fw_list(
'Catalog.xml
');
10505 # -q is quiet, disabling interactivity and reducing console output
10506 my $fwopts =
"-q
";
10508 for my $url (@paths) {
10509 fetch_dell_fw($url);
10511 run_firmware_scripts($fwopts, $tmpdir);
10513 print STDERR
"error: Unsupported Dell model
'$product
'.\n
";
10514 print STDERR
"error: Please report to $errorsto.\n
";
10516 chdir(
'/
');
10518 print STDERR
"error: Unsupported Dell model
'$product
'.\n
";
10519 print STDERR
"error: Please report to $errorsto.\n
";
10523 sub fetch_dell_fw {
10525 my $url =
"ftp://ftp.us.dell.com/$path
";
10529 # Using ftp://ftp.us.dell.com/catalog/Catalog.xml.gz, figure out which
10530 # firmware packages to download from Dell. Only work for Linux
10531 # machines and
11th generation Dell servers.
10532 sub fetch_dell_fw_list {
10533 my $filename = shift;
10535 my $product = `dmidecode -s system-product-name`;
10537 my ($mybrand, $mymodel) = split(/\s+/, $product);
10539 print STDERR
"Finding firmware bundles for $mybrand $mymodel\n
";
10541 my $xml = XMLin($filename);
10543 for my $bundle (@{$xml-
>{SoftwareBundle}}) {
10544 my $brand = $bundle-
>{TargetSystems}-
>{Brand}-
>{Display}-
>{content};
10545 my $model = $bundle-
>{TargetSystems}-
>{Brand}-
>{Model}-
>{Display}-
>{content};
10547 if (
"ARRAY
" eq ref $bundle-
>{TargetOSes}-
>{OperatingSystem}) {
10548 $oscode = $bundle-
>{TargetOSes}-
>{OperatingSystem}[
0]-
>{osCode};
10550 $oscode = $bundle-
>{TargetOSes}-
>{OperatingSystem}-
>{osCode};
10552 if ($mybrand eq $brand
&& $mymodel eq $model
&& "LIN
" eq $oscode)
10554 @paths = map { $_-
>{path} } @{$bundle-
>{Contents}-
>{Package}};
10557 for my $component (@{$xml-
>{SoftwareComponent}}) {
10558 my $componenttype = $component-
>{ComponentType}-
>{value};
10560 # Drop application packages, only firmware and BIOS
10561 next if
'APAC
' eq $componenttype;
10563 my $cpath = $component-
>{path};
10564 for my $path (@paths) {
10565 if ($cpath =~ m%/$path$%) {
10566 push(@paths, $cpath);
10574 <p
>The code is only tested on RedHat Enterprise Linux, but I suspect
10575 it could work on other platforms with some tweaking. Anyone know a
10576 index like Catalog.xml is available from HP for HP servers? At the
10577 moment I maintain a similar list manually and it is quickly getting
10578 outdated.
</p
>
10583 <title>How is booting into runlevel
1 different from single user boots?
</title>
10584 <link>https://people.skolelinux.org/pere/blog/How_is_booting_into_runlevel_1_different_from_single_user_boots_.html
</link>
10585 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/How_is_booting_into_runlevel_1_different_from_single_user_boots_.html
</guid>
10586 <pubDate>Thu,
4 Aug
2011 12:
40:
00 +
0200</pubDate>
10587 <description><p
>Wouter Verhelst have some
10588 <a href=
"http://grep.be/blog/en/retorts/pere_kubuntu_boot
">interesting
10589 comments and opinions
</a
> on my blog post on
10590 <a href=
"https://people.skolelinux.org/pere/blog/What_should_start_from__etc_rcS_d__in_Debian____almost_nothing.html
">the
10591 need to clean up /etc/rcS.d/ in Debian
</a
> and my blog post about
10592 <a href=
"https://people.skolelinux.org/pere/blog/What_is_missing_in_the_Debian_desktop__or_why_my_parents_use_Kubuntu.html
">the
10593 default KDE desktop in Debian
</a
>. I only have time to address one
10594 small piece of his comment now, and though it best to address the
10595 misunderstanding he bring forward:
</p
>
10597 <p
><blockquote
>
10598 Currently, a system admin has four options: [...] boot to a
10599 single-user system (by adding
'single
' to the kernel command line;
10600 this runs rcS and rc1 scripts)
10601 </blockquote
></p
>
10603 <p
>This make me believe Wouter believe booting into single user mode
10604 and booting into runlevel
1 is the same. I am not surprised he
10605 believe this, because it would make sense and is a quite sensible
10606 thing to believe. But because the boot in Debian is slightly broken,
10607 runlevel
1 do not work properly and it isn
't the same as single user
10608 mode. I
'll try to explain what is actually happing, but it is a bit
10609 hard to explain.
</p
>
10611 <p
>Single user mode is defined like this in /etc/inittab:
10612 "<tt
>~~:S:wait:/sbin/sulogin
</tt
>". This means the only thing that is
10613 executed in single user mode is sulogin. Single user mode is a boot
10614 state
"between
" the runlevels, and when booting into single user mode,
10615 only the scripts in /etc/rcS.d/ are executed before the init process
10616 enters the single user state. When switching to runlevel
1, the state
10617 is in fact not ending in runlevel
1, but it passes through runlevel
1
10618 and end up in the single user mode (see /etc/rc1.d/S03single, which
10619 runs
"init -t1 S
" to switch to single user mode at the end of runlevel
10620 1. It is confusing that the
'S
' (single user) init mode is not the
10621 mode enabled by /etc/rcS.d/ (which is more like the initial boot
10624 <p
>This summary might make it clearer. When booting for the first
10625 time into single user mode, the following commands are executed:
10626 "<tt
>/etc/init.d/rc S; /sbin/sulogin
</tt
>". When booting into
10627 runlevel
1, the following commands are executed:
"<tt
>/etc/init.d/rc
10628 S; /etc/init.d/rc
1; /sbin/sulogin
</tt
>". A problem show up when
10629 trying to continue after visiting single user mode. Not all services
10630 are started again as they should, causing the machine to end up in an
10631 unpredicatble state. This is why Debian admins recommend rebooting
10632 after visiting single user mode.
</p
>
10634 <p
>A similar problem with runlevel
1 is caused by the amount of
10635 scripts executed from /etc/rcS.d/. When switching from say runlevel
2
10636 to runlevel
1, the services started from /etc/rcS.d/ are not properly
10637 stopped when passing through the scripts in /etc/rc1.d/, and not
10638 started again when switching away from runlevel
1 to the runlevels
10639 2-
5. I believe the problem is best fixed by moving all the scripts
10640 out of /etc/rcS.d/ that are not
<strong
>required
</strong
> to get a
10641 functioning single user mode during boot.
</p
>
10643 <p
>I have spent several years investigating the Debian boot system,
10644 and discovered this problem a few years ago. I suspect it originates
10645 from when sysvinit was introduced into Debian, a long time ago.
</p
>
10650 <title>What should start from /etc/rcS.d/ in Debian? - almost nothing
</title>
10651 <link>https://people.skolelinux.org/pere/blog/What_should_start_from__etc_rcS_d__in_Debian____almost_nothing.html
</link>
10652 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/What_should_start_from__etc_rcS_d__in_Debian____almost_nothing.html
</guid>
10653 <pubDate>Sat,
30 Jul
2011 14:
00:
00 +
0200</pubDate>
10654 <description><p
>In the Debian boot system, several packages include scripts that
10655 are started from /etc/rcS.d/. In fact, there is a bite more of them
10656 than make sense, and this causes a few problems. What kind of
10657 problems, you might ask. There are at least two problems. The first
10658 is that it is not possible to recover a machine after switching to
10659 runlevel
1. One need to actually reboot to get the machine back to
10660 the expected state. The other is that single user boot will sometimes
10661 run into problems because some of the subsystems are activated before
10662 the root login is presented, causing problems when trying to recover a
10663 machine from a problem in that subsystem. A minor additional point is
10664 that moving more scripts out of rcS.d/ and into the other rc#.d/
10665 directories will increase the amount of scripts that can run in
10666 parallel during boot, and thus decrease the boot time.
</p
>
10668 <p
>So, which scripts should start from rcS.d/. In short, only the
10669 scripts that _have_ to execute before the root login prompt is
10670 presented during a single user boot should go there. Everything else
10671 should go into the numeric runlevels. This means things like
10672 lm-sensors, fuse and x11-common should not run from rcS.d, but from
10673 the numeric runlevels. Today in Debian, there are around
115 init.d
10674 scripts that are started from rcS.d/, and most of them should be moved
10675 out. Do your package have one of them? Please help us make single
10676 user and runlevel
1 better by moving it.
</p
>
10678 <p
>Scripts setting up the screen, keyboard, system partitions
10679 etc. should still be started from rcS.d/, but there is for example no
10680 need to have the network enabled before the single user login prompt
10681 is presented.
</p
>
10683 <p
>As always, things are not so easy to fix as they sound. To keep
10684 Debian systems working while scripts migrate and during upgrades, the
10685 scripts need to be moved from rcS.d/ to rc2.d/ in reverse dependency
10686 order, ie the scripts that nothing in rcS.d/ depend on can be moved,
10687 and the next ones can only be moved when their dependencies have been
10688 moved first. This migration must be done sequentially while we ensure
10689 that the package system upgrade packages in the right order to keep
10690 the system state correct. This will require some coordination when it
10691 comes to network related packages, but most of the packages with
10692 scripts that should migrate do not have anything in rcS.d/ depending
10693 on them. Some packages have already been updated, like the sudo
10694 package, while others are still left to do. I wish I had time to work
10695 on this myself, but real live constrains make it unlikely that I will
10696 find time to push this forward.
</p
>
10701 <title>What is missing in the Debian desktop, or why my parents use Kubuntu
</title>
10702 <link>https://people.skolelinux.org/pere/blog/What_is_missing_in_the_Debian_desktop__or_why_my_parents_use_Kubuntu.html
</link>
10703 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/What_is_missing_in_the_Debian_desktop__or_why_my_parents_use_Kubuntu.html
</guid>
10704 <pubDate>Fri,
29 Jul
2011 08:
10:
00 +
0200</pubDate>
10705 <description><p
>While at Debconf11, I have several times during discussions
10706 mentioned the issues I believe should be improved in Debian for its
10707 desktop to be useful for more people. The use case for this is my
10708 parents, which are currently running Kubuntu which solve the
10711 <p
>I suspect these four missing features are not very hard to
10712 implement. After all, they are present in Ubuntu, so if we wanted to
10713 do this in Debian we would have a source.
</p
>
10717 <li
><strong
>Simple GUI based upgrade of packages.
</strong
> When there
10718 are new packages available for upgrades, a icon in the KDE status bar
10719 indicate this, and clicking on it will activate the simple upgrade
10720 tool to handle it. I have no problem guiding both of my parents
10721 through the process over the phone. If a kernel reboot is required,
10722 this too is indicated by the status bars and the upgrade tool. Last
10723 time I checked, nothing with the same features was working in KDE in
10726 <li
><strong
>Simple handling of missing Firefox browser
10727 plugins.
</strong
> When the browser encounter a MIME type it do not
10728 currently have a handler for, it will ask the user if the system
10729 should search for a package that would add support for this MIME type,
10730 and if the user say yes, the APT sources will be searched for packages
10731 advertising the MIME type in their control file (visible in the
10732 Packages file in the APT archive). If one or more packages are found,
10733 it is a simple click of the mouse to add support for the missing mime
10734 type. If the package require the user to accept some non-free
10735 license, this is explained to the user. The entire process make it
10736 more clear to the user why something do not work in the browser, and
10737 make the chances higher for the user to blame the web page authors and
10738 not the browser for any missing features.
</li
>
10740 <li
><strong
>Simple handling of missing multimedia codec/format
10741 handlers.
</strong
> When the media players encounter a format or codec
10742 it is not supporting, a dialog pop up asking the user if the system
10743 should search for a package that would add support for it. This
10744 happen with things like MP3, Windows Media or H
.264. The selection
10745 and installation procedure is very similar to the Firefox browser
10746 plugin handling. This is as far as I know implemented using a
10747 gstreamer hook. The end result is that the user easily get access to
10748 the codecs that are present from the APT archives available, while
10749 explaining more on why a given format is unsupported by Ubuntu.
</li
>
10751 <li
><strong
>Better browser handling of some MIME types.
</strong
> When
10752 displaying a text/plain file in my Debian browser, it will propose to
10753 start emacs to show it. If I remember correctly, when doing the same
10754 in Kunbutu it show the file as a text file in the browser. At least I
10755 know Opera will show text files within the browser. I much prefer the
10756 latter behaviour.
</li
>
10760 <p
>There are other nice features as well, like the simplified suite
10761 upgrader, but given that I am the one mostly doing the dist-upgrade,
10762 it do not matter much.
</p
>
10764 <p
>I really hope we could get these features in place for the next
10765 Debian release. It would require the coordinated effort of several
10766 maintainers, but would make the end user experience a lot better.
</p
>
10771 <title>Perl modules used by FixMyStreet which are missing in Debian/Squeeze
</title>
10772 <link>https://people.skolelinux.org/pere/blog/Perl_modules_used_by_FixMyStreet_which_are_missing_in_Debian_Squeeze.html
</link>
10773 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Perl_modules_used_by_FixMyStreet_which_are_missing_in_Debian_Squeeze.html
</guid>
10774 <pubDate>Tue,
26 Jul
2011 12:
25:
00 +
0200</pubDate>
10775 <description><p
>The Norwegian
<a href=
"http://www.fiksgatami.no/
">FiksGataMi
</A
>
10776 site is build on Debian/Squeeze, and this platform was chosen because
10777 I am most familiar with Debian (being a Debian Developer for around
10
10778 years) because it is the latest stable Debian release which should get
10779 security support for a few years.
</p
>
10781 <p
>The web service is written in Perl, and depend on some perl modules
10782 that are missing in Debian at the moment. It would be great if these
10783 modules were added to the Debian archive, allowing anyone to set up
10784 their own
<a href=
"http://www.fixmystreet.com
">FixMyStreet
</a
> clone
10785 in their own country using only Debian packages. The list of modules
10786 missing in Debian/Squeeze isn
't very long, and I hope the perl group
10787 will find time to package the
12 modules Catalyst::Plugin::SmartURI,
10788 Catalyst::Plugin::Unicode::Encoding, Catalyst::View::TT, Devel::Hide,
10789 Sort::Key, Statistics::Distributions, Template::Plugin::Comma,
10790 Template::Plugin::DateTime::Format, Term::Size::Any, Term::Size::Perl,
10791 URI::SmartURI and Web::Scraper to make the maintenance of FixMyStreet
10792 easier in the future.
</p
>
10794 <p
>Thanks to the great tools in Debian, getting the missing modules
10795 installed on my server was a simple call to
'cpan2deb Module::Name
'
10796 and
'dpkg -i
' to install the resulting package. But this leave me
10797 with the responsibility of tracking security problems, which I really
10798 do not have time for.
</p
>
10803 <title>A Norwegian FixMyStreet have kept me busy the last few weeks
</title>
10804 <link>https://people.skolelinux.org/pere/blog/A_Norwegian_FixMyStreet_have_kept_me_busy_the_last_few_weeks.html
</link>
10805 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/A_Norwegian_FixMyStreet_have_kept_me_busy_the_last_few_weeks.html
</guid>
10806 <pubDate>Sun,
3 Apr
2011 22:
50:
00 +
0200</pubDate>
10807 <description><p
>Here is a small update for my English readers. Most of my blog
10808 posts have been in Norwegian the last few weeks, so here is a short
10809 update in English.
</p
>
10811 <p
>The kids still keep me too busy to get much free software work
10812 done, but I did manage to organise a project to get a Norwegian port
10813 of the British service
10814 <a href=
"http://www.fixmystreet.com/
">FixMyStreet
</a
> up and running,
10815 and it has been running for a month now. The entire project has been
10816 organised by me and two others. Around Christmas we gathered sponsors
10817 to fund the development work. In January I drafted a contract with
10818 <a href=
"http://www.mysociety.org/
">mySociety
</a
> on what to develop,
10819 and in February the development took place. Most of it involved
10820 converting the source to use GPS coordinates instead of British
10821 easting/northing, and the resulting code should be a lot easier to get
10822 running in any country by now. The Norwegian
10823 <a href=
"http://www.fiksgatami.no/
">FiksGataMi
</a
> is using
10824 <a href=
"http://www.openstreetmap.org/
">OpenStreetmap
</a
> as the map
10825 source and the source for administrative borders in Norway, and
10826 support for this had to be added/fixed.
</p
>
10828 <p
>The Norwegian version went live March
3th, and we spent the weekend
10829 polishing the system before we announced it March
7th. The system is
10830 running on a KVM instance of Debian/Squeeze, and has seen almost
3000
10831 problem reports in a few weeks. Soon we hope to announce the Android
10832 and iPhone versions making it even easier to report problems with the
10833 public infrastructure.
</p
>
10835 <p
>Perhaps something to consider for those of you in countries without
10836 such service?
</p
>
10841 <title>Using NVD and CPE to track CVEs in locally maintained software
</title>
10842 <link>https://people.skolelinux.org/pere/blog/Using_NVD_and_CPE_to_track_CVEs_in_locally_maintained_software.html
</link>
10843 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Using_NVD_and_CPE_to_track_CVEs_in_locally_maintained_software.html
</guid>
10844 <pubDate>Fri,
28 Jan
2011 15:
40:
00 +
0100</pubDate>
10845 <description><p
>The last few days I have looked at ways to track open security
10846 issues here at my work with the University of Oslo. My idea is that
10847 it should be possible to use the information about security issues
10848 available on the Internet, and check our locally
10849 maintained/distributed software against this information. It should
10850 allow us to verify that no known security issues are forgotten. The
10851 CVE database listing vulnerabilities seem like a great central point,
10852 and by using the package lists from Debian mapped to CVEs provided by
10853 the testing security team, I believed it should be possible to figure
10854 out which security holes were present in our free software
10855 collection.
</p
>
10857 <p
>After reading up on the topic, it became obvious that the first
10858 building block is to be able to name software packages in a unique and
10859 consistent way across data sources. I considered several ways to do
10860 this, for example coming up with my own naming scheme like using URLs
10861 to project home pages or URLs to the Freshmeat entries, or using some
10862 existing naming scheme. And it seem like I am not the first one to
10863 come across this problem, as MITRE already proposed and implemented a
10864 solution. Enter the
<a href=
"http://cpe.mitre.org/index.html
">Common
10865 Platform Enumeration
</a
> dictionary, a vocabulary for referring to
10866 software, hardware and other platform components. The CPE ids are
10867 mapped to CVEs in the
<a href=
"http://web.nvd.nist.gov/
">National
10868 Vulnerability Database
</a
>, allowing me to look up know security
10869 issues for any CPE name. With this in place, all I need to do is to
10870 locate the CPE id for the software packages we use at the university.
10871 This is fairly trivial (I google for
'cve cpe $package
' and check the
10872 NVD entry if a CVE for the package exist).
</p
>
10874 <p
>To give you an example. The GNU gzip source package have the CPE
10875 name cpe:/a:gnu:gzip. If the old version
1.3.3 was the package to
10876 check out, one could look up
10877 <a href=
"http://web.nvd.nist.gov/view/vuln/search?cpe=cpe%
3A%
2Fa%
3Agnu%
3Agzip:
1.3.3">cpe:/a:gnu:gzip:
1.3.3
10878 in NVD
</a
> and get a list of
6 security holes with public CVE entries.
10879 The most recent one is
10880 <a href=
"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-
2010-
0001">CVE-
2010-
0001</a
>,
10881 and at the bottom of the NVD page for this vulnerability the complete
10882 list of affected versions is provided.
</p
>
10884 <p
>The NVD database of CVEs is also available as a XML dump, allowing
10885 for offline processing of issues. Using this dump, I
've written a
10886 small script taking a list of CPEs as input and list all CVEs
10887 affecting the packages represented by these CPEs. One give it CPEs
10888 with version numbers as specified above and get a list of open
10889 security issues out.
</p
>
10891 <p
>Of course for this approach to be useful, the quality of the NVD
10892 information need to be high. For that to happen, I believe as many as
10893 possible need to use and contribute to the NVD database. I notice
10895 <a href=
"https://www.redhat.com/security/data/metrics/rhsamapcpe.txt
">a
10896 map from CVE to CPE
</a
>, indicating that they are using the CPE
10897 information. I
'm not aware of Debian and Ubuntu doing the same.
</p
>
10899 <p
>To get an idea about the quality for free software, I spent some
10900 time making it possible to compare the CVE database from Debian with
10901 the CVE database in NVD. The result look fairly good, but there are
10902 some inconsistencies in NVD (same software package having several
10903 CPEs), and some inaccuracies (NVD not mentioning buggy packages that
10904 Debian believe are affected by a CVE). Hope to find time to improve
10905 the quality of NVD, but that require being able to get in touch with
10906 someone maintaining it. So far my three emails with questions and
10907 corrections have not seen any reply, but I hope contact can be
10908 established soon.
</p
>
10910 <p
>An interesting application for CPEs is cross platform package
10911 mapping. It would be useful to know which packages in for example
10912 RHEL, OpenSuSe and Mandriva are missing from Debian and Ubuntu, and
10913 this would be trivial if all linux distributions provided CPE entries
10914 for their packages.
</p
>
10919 <title>Which module is loaded for a given PCI and USB device?
</title>
10920 <link>https://people.skolelinux.org/pere/blog/Which_module_is_loaded_for_a_given_PCI_and_USB_device_.html
</link>
10921 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Which_module_is_loaded_for_a_given_PCI_and_USB_device_.html
</guid>
10922 <pubDate>Sun,
23 Jan
2011 00:
20:
00 +
0100</pubDate>
10923 <description><p
>In the
10924 <a href=
"http://packages.qa.debian.org/discover-data
">discover-data
</a
>
10925 package in Debian, there is a script to report useful information
10926 about the running hardware for use when people report missing
10927 information. One part of this script that I find very useful when
10928 debugging hardware problems, is the part mapping loaded kernel module
10929 to the PCI device it claims. It allow me to quickly see if the kernel
10930 module I expect is driving the hardware I am struggling with. To see
10931 the output, make sure discover-data is installed and run
10932 <tt
>/usr/share/bug/discover-data
3>&1</tt
>. The relevant output on
10933 one of my machines like this:
</p
>
10937 10de:
03eb i2c_nforce2
10940 10de:
03f0 snd_hda_intel
10945 109e:
0878 snd_bt87x
10949 <p
>The code in question look like this, slightly modified for
10950 readability and to drop the output to file descriptor
3:
</p
>
10953 if [ -d /sys/bus/pci/devices/ ] ; then
10954 echo loaded pci modules:
10956 cd /sys/bus/pci/devices/
10957 for address in * ; do
10958 if [ -d
"$address/driver/module
" ] ; then
10959 module=`cd $address/driver/module ; pwd -P | xargs basename`
10960 if grep -q
"^$module
" /proc/modules ; then
10961 address=$(echo $address |sed s/
0000://)
10962 id=`lspci -n -s $address | tail -n
1 | awk
'{print $
3}
'`
10963 echo
"$id $module
"
10972 <p
>Similar code could be used to extract USB device module
10973 mappings:
</p
>
10976 if [ -d /sys/bus/usb/devices/ ] ; then
10977 echo loaded usb modules:
10979 cd /sys/bus/usb/devices/
10980 for address in * ; do
10981 if [ -d
"$address/driver/module
" ] ; then
10982 module=`cd $address/driver/module ; pwd -P | xargs basename`
10983 if grep -q
"^$module
" /proc/modules ; then
10984 address=$(echo $address |sed s/
0000://)
10985 id=$(lsusb -s $address | tail -n
1 | awk
'{print $
6}
')
10986 if [
"$id
" ] ; then
10987 echo
"$id $module
"
10997 <p
>This might perhaps be something to include in other tools as
11003 <title>How to test if a laptop is working with Linux
</title>
11004 <link>https://people.skolelinux.org/pere/blog/How_to_test_if_a_laptop_is_working_with_Linux.html
</link>
11005 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/How_to_test_if_a_laptop_is_working_with_Linux.html
</guid>
11006 <pubDate>Wed,
22 Dec
2010 14:
55:
00 +
0100</pubDate>
11007 <description><p
>The last few days I have spent at work here at the
<a
11008 href=
"http://www.uio.no/
">University of Oslo
</a
> testing if the new
11009 batch of computers will work with Linux. Every year for the last few
11010 years the university have organised shared bid of a few thousand
11011 computers, and this year HP won the bid. Two different desktops and
11012 five different laptops are on the list this year. We in the UNIX
11013 group want to know which one of these computers work well with RHEL
11014 and Ubuntu, the two Linux distributions we currently handle at the
11015 university.
</p
>
11017 <p
>My test method is simple, and I share it here to get feedback and
11018 perhaps inspire others to test hardware as well. To test, I PXE
11019 install the OS version of choice, and log in as my normal user and run
11020 a few applications and plug in selected pieces of hardware. When
11021 something fail, I make a note about this in the test matrix and move
11022 on. If I have some spare time I try to report the bug to the OS
11023 vendor, but as I only have the machines for a short time, I rarely
11024 have the time to do this for all the problems I find.
</p
>
11026 <p
>Anyway, to get to the point of this post. Here is the simple tests
11027 I perform on a new model.
</p
>
11031 <li
>Is PXE installation working? I
'm testing with RHEL6, Ubuntu Lucid
11032 and Ubuntu Maverik at the moment. If I feel like it, I also test with
11033 RHEL5 and Debian Edu/Squeeze.
</li
>
11035 <li
>Is X.org working? If the graphical login screen show up after
11036 installation, X.org is working.
</li
>
11038 <li
>Is hardware accelerated OpenGL working? Running glxgears (in
11039 package mesa-utils on Ubuntu) and writing down the frames per second
11040 reported by the program.
</li
>
11042 <li
>Is sound working? With Gnome and KDE, a sound is played when
11043 logging in, and if I can hear this the test is successful. If there
11044 are several audio exits on the machine, I try them all and check if
11045 the Gnome/KDE audio mixer can control where to send the sound. I
11046 normally test this by playing
11047 <a href=
"http://www.nuug.no/aktiviteter/
20101012-chef/
">a HTML5
11048 video
</a
> in Firefox/Iceweasel.
</li
>
11050 <li
>Is the USB subsystem working? I test this by plugging in a USB
11051 memory stick and see if Gnome/KDE notices this.
</li
>
11053 <li
>Is the CD/DVD player working? I test this by inserting any CD/DVD
11054 I have lying around, and see if Gnome/KDE notices this.
</li
>
11056 <li
>Is any built in camera working? Test using cheese, and see if a
11057 picture from the v4l device show up.
</li
>
11059 <li
>Is bluetooth working? Use the Gnome/KDE browsing tool to see if
11060 any bluetooth devices are discovered. In my office, I normally see a
11063 <li
>For laptops, is the SD or Compaq Flash reader working. I have
11064 memory modules lying around, and stick them in and see if Gnome/KDE
11065 notice this.
</li
>
11067 <li
>For laptops, is suspend/hibernate working? I
'm testing if the
11068 special button work, and if the laptop continue to work after
11071 <li
>For laptops, is the extra buttons working, like audio level,
11072 adjusting background light, switching on/off external video output,
11073 switching on/off wifi, bluetooth, etc? The set of buttons differ from
11074 laptop to laptop, so I just write down which are working and which are
11077 <li
>Some laptops have smart card readers, finger print readers,
11078 acceleration sensors etc. I rarely test these, as I do not know how
11079 to quickly test if they are working or not, so I only document their
11080 existence.
</li
>
11084 <p
>By now I suspect you are really curious what the test results are
11085 for the HP machines I am testing. I
'm not done yet, so I will report
11086 the test results later. For now I can report that HP
8100 Elite work
11087 fine, and hibernation fail with HP EliteBook
8440p on Ubuntu Lucid,
11088 and audio fail on RHEL6. Ubuntu Maverik worked with
8440p. As you
11089 can see, I have most machines left to test. One interesting
11090 observation is that Ubuntu Lucid has almost twice the frame rate than
11091 RHEL6 with glxgears. No idea why.
</p
>
11096 <title>Some thoughts on BitCoins
</title>
11097 <link>https://people.skolelinux.org/pere/blog/Some_thoughts_on_BitCoins.html
</link>
11098 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Some_thoughts_on_BitCoins.html
</guid>
11099 <pubDate>Sat,
11 Dec
2010 15:
10:
00 +
0100</pubDate>
11100 <description><p
>As I continue to explore
11101 <a href=
"http://www.bitcoin.org/
">BitCoin
</a
>, I
've starting to wonder
11102 what properties the system have, and how it will be affected by laws
11103 and regulations here in Norway. Here are some random notes.
</p
>
11105 <p
>One interesting thing to note is that since the transactions are
11106 verified using a peer to peer network, all details about a transaction
11107 is known to everyone. This means that if a BitCoin address has been
11108 published like I did with mine in my initial post about BitCoin, it is
11109 possible for everyone to see how many BitCoins have been transfered to
11110 that address. There is even a web service to look at the details for
11111 all transactions. There I can see that my address
11112 <a href=
"http://blockexplorer.com/address/
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
>
11113 have received
16.06 Bitcoin, the
11114 <a href=
"http://blockexplorer.com/address/
1LfdGnGuWkpSJgbQySxxCWhv
8MHqvwst
3">1LfdGnGuWkpSJgbQySxxCWhv
8MHqvwst
3</a
>
11115 address of Simon Phipps have received
181.97 BitCoin and the address
11116 <a href=
"http://blockexplorer.com/address/
1MCwBbhNGp5hRm5rC1Aims2YFRe2SXPYKt
">1MCwBbhNGp5hRm5rC1Aims2YFRe2SXPYKt
</A
>
11117 of EFF have received
2447.38 BitCoins so far. Thank you to each and
11118 every one of you that donated bitcoins to support my activity. The
11119 fact that anyone can see how much money was transfered to a given
11120 address make it more obvious why the BitCoin community recommend to
11121 generate and hand out a new address for each transaction. I
'm told
11122 there is no way to track which addresses belong to a given person or
11123 organisation without the person or organisation revealing it
11124 themselves, as Simon, EFF and I have done.
</p
>
11126 <p
>In Norway, and in most other countries, there are laws and
11127 regulations limiting how much money one can transfer across the border
11128 without declaring it. There are money laundering, tax and accounting
11129 laws and regulations I would expect to apply to the use of BitCoin.
11130 If the Skolelinux foundation
11131 (
<a href=
"http://linuxiskolen.no/slxdebianlabs/donations.html
">SLX
11132 Debian Labs
</a
>) were to accept donations in BitCoin in addition to
11133 normal bank transfers like EFF is doing, how should this be accounted?
11134 Given that it is impossible to know if money can cross the border or
11135 not, should everything or nothing be declared? What exchange rate
11136 should be used when calculating taxes? Would receivers have to pay
11137 income tax if the foundation were to pay Skolelinux contributors in
11138 BitCoin? I have no idea, but it would be interesting to know.
</p
>
11140 <p
>For a currency to be useful and successful, it must be trusted and
11141 accepted by a lot of users. It must be possible to get easy access to
11142 the currency (as a wage or using currency exchanges), and it must be
11143 easy to spend it. At the moment BitCoin seem fairly easy to get
11144 access to, but there are very few places to spend it. I am not really
11145 a regular user of any of the vendor types currently accepting BitCoin,
11146 so I wonder when my kind of shop would start accepting BitCoins. I
11147 would like to buy electronics, travels and subway tickets, not herbs
11148 and books. :) The currency is young, and this will improve over time
11149 if it become popular, but I suspect regular banks will start to lobby
11150 to get BitCoin declared illegal if it become popular. I
'm sure they
11151 will claim it is helping fund terrorism and money laundering (which
11152 probably would be true, as is any currency in existence), but I
11153 believe the problems should be solved elsewhere and not by blaming
11154 currencies.
</p
>
11156 <p
>The process of creating new BitCoins is called mining, and it is
11157 CPU intensive process that depend on a bit of luck as well (as one is
11158 competing against all the other miners currently spending CPU cycles
11159 to see which one get the next lump of cash). The
"winner
" get
50
11160 BitCoin when this happen. Yesterday I came across the obvious way to
11161 join forces to increase ones changes of getting at least some coins,
11162 by coordinating the work on mining BitCoins across several machines
11163 and people, and sharing the result if one is lucky and get the
50
11164 BitCoins. Check out
11165 <a href=
"http://www.bluishcoder.co.nz/bitcoin-pool/
">BitCoin Pool
</a
>
11166 if this sounds interesting. I have not had time to try to set up a
11167 machine to participate there yet, but have seen that running on ones
11168 own for a few days have not yield any BitCoins througth mining
11171 <p
>Update
2010-
12-
15: Found an
<a
11172 href=
"http://inertia.posterous.com/reply-to-the-underground-economist-why-bitcoi
">interesting
11173 criticism
</a
> of bitcoin. Not quite sure how valid it is, but thought
11174 it was interesting to read. The arguments presented seem to be
11175 equally valid for gold, which was used as a currency for many years.
</p
>
11180 <title>Now accepting bitcoins - anonymous and distributed p2p crypto-money
</title>
11181 <link>https://people.skolelinux.org/pere/blog/Now_accepting_bitcoins___anonymous_and_distributed_p2p_crypto_money.html
</link>
11182 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Now_accepting_bitcoins___anonymous_and_distributed_p2p_crypto_money.html
</guid>
11183 <pubDate>Fri,
10 Dec
2010 08:
20:
00 +
0100</pubDate>
11184 <description><p
>With this weeks lawless
11185 <a href=
"http://www.salon.com/news/opinion/glenn_greenwald/
2010/
12/
06/wikileaks/index.html
">governmental
11186 attacks
</a
> on Wikileak and
11187 <a href=
"http://www.salon.com/technology/dan_gillmor/
2010/
12/
06/war_on_speech
">free
11188 speech
</a
>, it has become obvious that PayPal, visa and mastercard can
11189 not be trusted to handle money transactions.
11191 <a href=
"http://webmink.com/
2010/
12/
06/now-accepting-bitcoin/
">Simon
11192 Phipps on bitcoin
</a
> reminded me about a project that a friend of
11193 mine mentioned earlier. I decided to follow Simon
's example, and get
11194 involved with
<a href=
"http://www.bitcoin.org/
">BitCoin
</a
>. I got
11195 some help from my friend to get it all running, and he even handed me
11196 some bitcoins to get started. I even donated a few bitcoins to Simon
11197 for helping me remember BitCoin.
</p
>
11199 <p
>So, what is bitcoins, you probably wonder? It is a digital
11200 crypto-currency, decentralised and handled using peer-to-peer
11201 networks. It allows anonymous transactions and prohibits central
11202 control over the transactions, making it impossible for governments
11203 and companies alike to block donations and other transactions. The
11204 source is free software, and while the key dependency wxWidgets
2.9
11205 for the graphical user interface is missing in Debian, the command
11206 line client builds just fine. Hopefully Jonas
11207 <a href=
"http://bugs.debian.org/
578157">will get the package into
11208 Debian
</a
> soon.
</p
>
11210 <p
>Bitcoins can be converted to other currencies, like USD and EUR.
11211 There are
<a href=
"http://www.bitcoin.org/trade
">companies accepting
11212 bitcoins
</a
> when selling services and goods, and there are even
11213 currency
"stock
" markets where the exchange rate is decided. There
11214 are not many users so far, but the concept seems promising. If you
11215 want to get started and lack a friend with any bitcoins to spare,
11217 <a href=
"https://freebitcoins.appspot.com/
">some for free
</a
> (
0.05
11218 bitcoin at the time of writing). Use
11219 <a href=
"http://www.bitcoinwatch.com/
">BitcoinWatch
</a
> to keep an eye
11220 on the current exchange rates.
</p
>
11222 <p
>As an experiment, I have decided to set up bitcoind on one of my
11223 machines. If you want to support my activity, please send Bitcoin
11224 donations to the address
11225 <b
>15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</b
>. Thank you!
</p
>
11230 <title>Why isn
't Debian Edu using VLC?
</title>
11231 <link>https://people.skolelinux.org/pere/blog/Why_isn_t_Debian_Edu_using_VLC_.html
</link>
11232 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Why_isn_t_Debian_Edu_using_VLC_.html
</guid>
11233 <pubDate>Sat,
27 Nov
2010 11:
30:
00 +
0100</pubDate>
11234 <description><p
>In the latest issue of Linux Journal, the readers choices were
11235 presented, and the winner among the multimedia player were VLC.
11236 Personally, I like VLC, and it is my player of choice when I first try
11237 to play a video file or stream. Only if VLC fail will I drag out
11238 gmplayer to see if it can do better. The reason is mostly the failure
11239 model and trust. When VLC fail, it normally pop up a error message
11240 reporting the problem. When mplayer fail, it normally segfault or
11241 just hangs. The latter failure mode drain my trust in the program.
<p
>
11243 <p
>But even if VLC is my player of choice, we have choosen to use
11244 mplayer in
<a href=
"http://www.skolelinux.org/
">Debian
11245 Edu/Skolelinux
</a
>. The reason is simple. We need a good browser
11246 plugin to play web videos seamlessly, and the VLC browser plugin is
11247 not very good. For example, it lack in-line control buttons, so there
11248 is no way for the user to pause the video. Also, when I
11249 <a href=
"http://wiki.debian.org/DebianEdu/BrowserMultimedia
">last
11250 tested the browser plugins
</a
> available in Debian, the VLC plugin
11251 failed on several video pages where mplayer based plugins worked. If
11252 the browser plugin for VLC was as good as the gecko-mediaplayer
11253 package (which uses mplayer), we would switch.
</P
>
11255 <p
>While VLC is a good player, its user interface is slightly
11256 annoying. The most annoying feature is its inconsistent use of
11257 keyboard shortcuts. When the player is in full screen mode, its
11258 shortcuts are different from when it is playing the video in a window.
11259 For example, space only work as pause when in full screen mode. I
11260 wish it had consisten shortcuts and that space also would work when in
11261 window mode. Another nice shortcut in gmplayer is [enter] to restart
11262 the current video. It is very nice when playing short videos from the
11263 web and want to restart it when new people arrive to have a look at
11264 what is going on.
</p
>
11269 <title>Lenny-
>Squeeze upgrades of the Gnome and KDE desktop, now with apt-get autoremove
</title>
11270 <link>https://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades_of_the_Gnome_and_KDE_desktop__now_with_apt_get_autoremove.html
</link>
11271 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades_of_the_Gnome_and_KDE_desktop__now_with_apt_get_autoremove.html
</guid>
11272 <pubDate>Mon,
22 Nov
2010 14:
15:
00 +
0100</pubDate>
11273 <description><p
>Michael Biebl suggested to me on IRC, that I changed my automated
11274 upgrade testing of the
11275 <a href=
"https://people.skolelinux.org/~pere/debian-upgrade-testing/
">Lenny
11276 Gnome and KDE Desktop
</a
> to do
<tt
>apt-get autoremove
</tt
> when using apt-get.
11277 This seem like a very good idea, so I adjusted by test scripts and
11278 can now present the updated result from today:
</p
>
11280 <p
>This is for Gnome:
</p
>
11282 <p
>Installed using apt-get, missing with aptitude
</p
>
11284 <blockquote
><p
>
11289 browser-plugin-gnash
11296 freedesktop-sound-theme
11298 gconf-defaults-service
11311 gnome-codec-install
11313 gnome-desktop-environment
11317 gnome-session-canberra
11319 gnome-themes-extras
11322 gstreamer0.10-fluendo-mp3
11323 gstreamer0.10-tools
11325 gtk2-engines-pixbuf
11326 gtk2-engines-smooth
11328 libapache2-mod-dnssd
11331 libaprutil1-dbd-sqlite3
11334 libboost-date-time1.42
.0
11335 libboost-python1.42
.0
11336 libboost-thread1.42
.0
11338 libchamplain-gtk-
0.4-
0
11340 libclutter-gtk-
0.10-
0
11347 libfreerdp-plugins-standard
11360 libgnome-vfs2.0-cil
11362 libgnomepanel2.24-cil
11367 libgtksourceview2.0-common
11368 libmono-addins-gui0.2-cil
11369 libmono-addins0.2-cil
11370 libmono-cairo2.0-cil
11371 libmono-corlib2.0-cil
11372 libmono-i18n-west2.0-cil
11373 libmono-posix2.0-cil
11374 libmono-security2.0-cil
11375 libmono-sharpzip2.84-cil
11376 libmono-system2.0-cil
11379 libndesk-dbus-glib1.0-cil
11380 libndesk-dbus1.0-cil
11390 libtelepathy-farsight0
11399 nautilus-sendto-empathy
11403 python-aptdaemon-gtk
11405 python-beautifulsoup
11420 python-gtksourceview2
11431 python-pkg-resources
11438 python-twisted-conch
11439 python-twisted-core
11444 python-zope.interface
11446 remmina-plugin-data
11449 rhythmbox-plugin-cdrecorder
11456 system-config-printer-udev
11458 telepathy-mission-control-
5
11465 transmission-common
11469 </p
></blockquote
>
11471 <p
>Installed using apt-get, removed with aptitude
</p
>
11473 <blockquote
><p
>
11477 epiphany-extensions
11479 fast-user-switch-applet
11498 libgtksourceview2.0-
0
11500 libsdl1.2debian-alsa
11506 system-config-printer
11511 </p
></blockquote
>
11513 <p
>Installed using aptitude, missing with apt-get
</p
>
11515 <blockquote
><p
>
11516 gstreamer0.10-gnomevfs
11517 </p
></blockquote
>
11519 <p
>Installed using aptitude, removed with apt-get
</p
>
11521 <blockquote
><p
>
11523 </p
></blockquote
>
11525 <p
>This is for KDE:
</p
>
11527 <p
>Installed using apt-get, missing with aptitude
</p
>
11529 <blockquote
><p
>
11531 </p
></blockquote
>
11533 <p
>Installed using apt-get, removed with aptitude
</p
>
11535 <blockquote
><p
>
11537 network-manager-kde
11538 </p
></blockquote
>
11540 <p
>Installed using aptitude, missing with apt-get
</p
>
11542 <blockquote
><p
>
11556 kdeartwork-emoticons
11558 kdeartwork-theme-icon
11562 kdebase-workspace-bin
11563 kdebase-workspace-data
11575 konqueror-nsplugins
11577 kscreensaver-xsavers
11592 plasma-dataengines-workspace
11594 plasma-desktopthemes-artwork
11595 plasma-runners-addons
11596 plasma-scriptengine-googlegadgets
11597 plasma-scriptengine-python
11598 plasma-scriptengine-qedje
11599 plasma-scriptengine-ruby
11600 plasma-scriptengine-webkit
11601 plasma-scriptengines
11602 plasma-wallpapers-addons
11603 plasma-widget-folderview
11604 plasma-widget-networkmanagement
11607 update-notifier-kde
11608 xscreensaver-data-extra
11610 xscreensaver-gl-extra
11611 xscreensaver-screensaver-bsod
11612 </p
></blockquote
>
11614 <p
>Installed using aptitude, removed with apt-get
</p
>
11616 <blockquote
><p
>
11618 google-gadgets-common
11636 libggadget-qt-
1.0-
0b
11641 libkonqsidebarplugin4a
11645 libkunitconversion4
11650 libplasma-geolocation-interface4
11652 libplasmagenericshell4
11666 libsmokeknewstuff2-
3
11667 libsmokeknewstuff3-
3
11669 libsmokektexteditor3
11677 libsmokeqtnetwork4-
3
11678 libsmokeqtopengl4-
3
11679 libsmokeqtscript4-
3
11683 libsmokeqtuitools4-
3
11684 libsmokeqtwebkit4-
3
11695 plasma-dataengines-addons
11696 plasma-scriptengine-superkaramba
11697 plasma-widget-lancelot
11698 plasma-widgets-addons
11699 plasma-widgets-workspace
11703 update-notifier-common
11704 </p
></blockquote
>
11706 <p
>Running apt-get autoremove made the results using apt-get and
11707 aptitude a bit more similar, but there are still quite a lott of
11708 differences. I have no idea what packages should be installed after
11709 the upgrade, but hope those that do can have a look.
</p
>
11714 <title>Migrating Xen virtual machines using LVM to KVM using disk images
</title>
11715 <link>https://people.skolelinux.org/pere/blog/Migrating_Xen_virtual_machines_using_LVM_to_KVM_using_disk_images.html
</link>
11716 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Migrating_Xen_virtual_machines_using_LVM_to_KVM_using_disk_images.html
</guid>
11717 <pubDate>Mon,
22 Nov
2010 11:
20:
00 +
0100</pubDate>
11718 <description><p
>Most of the computers in use by the
11719 <a href=
"http://www.skolelinux.org/
">Debian Edu/Skolelinux project
</a
>
11720 are virtual machines. And they have been Xen machines running on a
11721 fairly old IBM eserver xseries
345 machine, and we wanted to migrate
11722 them to KVM on a newer Dell PowerEdge
2950 host machine. This was a
11723 bit harder that it could have been, because we set up the Xen virtual
11724 machines to get the virtual partitions from LVM, which as far as I
11725 know is not supported by KVM. So to migrate, we had to convert
11726 several LVM logical volumes to partitions on a virtual disk file.
</p
>
11729 <a href=
"http://searchnetworking.techtarget.com.au/articles/
35011-Six-steps-for-migrating-Xen-virtual-machines-to-KVM
">a
11730 nice recipe
</a
> to do this, and wrote the following script to do the
11731 migration. It uses qemu-img from the qemu package to make the disk
11732 image, parted to partition it, losetup and kpartx to present the disk
11733 image partions as devices, and dd to copy the data. I NFS mounted the
11734 new servers storage area on the old server to do the migration.
</p
>
11740 # http://searchnetworking.techtarget.com.au/articles/
35011-Six-steps-for-migrating-Xen-virtual-machines-to-KVM
11745 if [ -z
"$
1" ] ; then
11746 echo
"Usage: $
0 &lt;hostname
&gt;
"
11749 host=
"$
1"
11752 if [ ! -e /dev/vg_data/$host-disk ] ; then
11753 echo
"error: unable to find LVM volume for $host
"
11757 # Partitions need to be a bit bigger than the LVM LVs. not sure why.
11758 disksize=$( lvs --units m | grep $host-disk | awk
'{sum = sum + $
4} END { print int(sum *
1.05) }
')
11759 swapsize=$( lvs --units m | grep $host-swap | awk
'{sum = sum + $
4} END { print int(sum *
1.05) }
')
11760 totalsize=$(( ( $disksize + $swapsize ) ))
11763 #dd if=/dev/zero of=$img bs=
1M count=$(( $disksize + $swapsize ))
11764 qemu-img create $img ${totalsize}MMaking room on the Debian Edu/Sqeeze DVD
11766 parted $img mklabel msdos
11767 parted $img mkpart primary linux-swap
0 $disksize
11768 parted $img mkpart primary ext2 $disksize $totalsize
11769 parted $img set
1 boot on
11772 losetup /dev/loop0 $img
11773 kpartx -a /dev/loop0
11775 dd if=/dev/vg_data/$host-disk of=/dev/mapper/loop0p1 bs=
1M
11776 fsck.ext3 -f /dev/mapper/loop0p1 || true
11777 mkswap /dev/mapper/loop0p2
11779 kpartx -d /dev/loop0
11780 losetup -d /dev/loop0
11783 <p
>The script is perhaps so simple that it is not copyrightable, but
11784 if it is, it is licenced using GPL v2 or later at your discretion.
</p
>
11786 <p
>After doing this, I booted a Debian CD in rescue mode in KVM with
11787 the new disk image attached, installed grub-pc and linux-image-
686 and
11788 set up grub to boot from the disk image. After this, the KVM machines
11789 seem to work just fine.
</p
>
11794 <title>Lenny-
>Squeeze upgrades, apt vs aptitude with the Gnome and KDE desktop
</title>
11795 <link>https://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__apt_vs_aptitude_with_the_Gnome_and_KDE_desktop.html
</link>
11796 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__apt_vs_aptitude_with_the_Gnome_and_KDE_desktop.html
</guid>
11797 <pubDate>Sat,
20 Nov
2010 22:
50:
00 +
0100</pubDate>
11798 <description><p
>I
'm still running upgrade testing of the
11799 <a href=
"https://people.skolelinux.org/~pere/debian-upgrade-testing/
">Lenny
11800 Gnome and KDE Desktop
</a
>, but have not had time to spend on reporting the
11801 status. Here is a short update based on a test I ran
20101118.
</p
>
11803 <p
>I still do not know what a correct migration should look like, so I
11804 report any differences between apt and aptitude and hope someone else
11805 can see if anything should be changed.
</p
>
11807 <p
>This is for Gnome:
</p
>
11809 <p
>Installed using apt-get, missing with aptitude
</p
>
11811 <blockquote
><p
>
11812 apache2.2-bin aptdaemon at-spi baobab binfmt-support
11813 browser-plugin-gnash cheese-common cli-common cpp-
4.3 cups-pk-helper
11814 dmz-cursor-theme empathy empathy-common finger
11815 freedesktop-sound-theme freeglut3 gconf-defaults-service gdm-themes
11816 gedit-plugins geoclue geoclue-hostip geoclue-localnet geoclue-manual
11817 geoclue-yahoo gnash gnash-common gnome gnome-backgrounds
11818 gnome-cards-data gnome-codec-install gnome-core
11819 gnome-desktop-environment gnome-disk-utility gnome-screenshot
11820 gnome-search-tool gnome-session-canberra gnome-spell
11821 gnome-system-log gnome-themes-extras gnome-themes-more
11822 gnome-user-share gs-common gstreamer0.10-fluendo-mp3
11823 gstreamer0.10-tools gtk2-engines gtk2-engines-pixbuf
11824 gtk2-engines-smooth hal-info hamster-applet libapache2-mod-dnssd
11825 libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap
11826 libart2.0-cil libatspi1.0-
0 libboost-date-time1.42
.0
11827 libboost-python1.42
.0 libboost-thread1.42
.0 libchamplain-
0.4-
0
11828 libchamplain-gtk-
0.4-
0 libcheese-gtk18 libclutter-gtk-
0.10-
0
11829 libcryptui0 libcupsys2 libdiscid0 libeel2-data libelf1 libepc-
1.0-
2
11830 libepc-common libepc-ui-
1.0-
2 libfreerdp-plugins-standard
11831 libfreerdp0 libgail-common libgconf2.0-cil libgdata-common libgdata7
11832 libgdl-
1-common libgdu-gtk0 libgee2 libgeoclue0 libgexiv2-
0 libgif4
11833 libglade2.0-cil libglib2.0-cil libgmime2.4-cil libgnome-vfs2.0-cil
11834 libgnome2.24-cil libgnomepanel2.24-cil libgnomeprint2.2-data
11835 libgnomeprintui2.2-common libgnomevfs2-bin libgpod-common libgpod4
11836 libgtk2.0-cil libgtkglext1 libgtksourceview-common
11837 libgtksourceview2.0-common libmono-addins-gui0.2-cil
11838 libmono-addins0.2-cil libmono-cairo2.0-cil libmono-corlib2.0-cil
11839 libmono-i18n-west2.0-cil libmono-posix2.0-cil
11840 libmono-security2.0-cil libmono-sharpzip2.84-cil
11841 libmono-system2.0-cil libmtp8 libmusicbrainz3-
6
11842 libndesk-dbus-glib1.0-cil libndesk-dbus1.0-cil libopal3.6
.8
11843 libpolkit-gtk-
1-
0 libpt-
1.10.10-plugins-alsa
11844 libpt-
1.10.10-plugins-v4l libpt2.6
.7 libpython2.6 librpm1 librpmio1
11845 libsdl1.2debian libservlet2.4-java libsrtp0 libssh-
4
11846 libtelepathy-farsight0 libtelepathy-glib0 libtidy-
0.99-
0
11847 libxalan2-java libxerces2-java media-player-info mesa-utils
11848 mono-
2.0-gac mono-gac mono-runtime nautilus-sendto
11849 nautilus-sendto-empathy openoffice.org-writer2latex
11850 openssl-blacklist p7zip p7zip-full pkg-config python-
4suite-xml
11851 python-aptdaemon python-aptdaemon-gtk python-axiom
11852 python-beautifulsoup python-bugbuddy python-clientform
11853 python-coherence python-configobj python-crypto python-cupshelpers
11854 python-cupsutils python-eggtrayicon python-elementtree
11855 python-epsilon python-evolution python-feedparser python-gdata
11856 python-gdbm python-gst0.10 python-gtkglext1 python-gtkmozembed
11857 python-gtksourceview2 python-httplib2 python-louie python-mako
11858 python-markupsafe python-mechanize python-nevow python-notify
11859 python-opengl python-openssl python-pam python-pkg-resources
11860 python-pyasn1 python-pysqlite2 python-rdflib python-serial
11861 python-tagpy python-twisted-bin python-twisted-conch
11862 python-twisted-core python-twisted-web python-utidylib python-webkit
11863 python-xdg python-zope.interface remmina remmina-plugin-data
11864 remmina-plugin-rdp remmina-plugin-vnc rhythmbox-plugin-cdrecorder
11865 rhythmbox-plugins rpm-common rpm2cpio seahorse-plugins shotwell
11866 software-center svgalibg1 system-config-printer-udev
11867 telepathy-gabble telepathy-mission-control-
5 telepathy-salut tomboy
11868 totem totem-coherence totem-mozilla totem-plugins
11869 transmission-common xdg-user-dirs xdg-user-dirs-gtk xserver-xephyr
11871 </p
></blockquote
>
11873 Installed using apt-get, removed with aptitude
11875 <blockquote
><p
>
11876 arj bluez-utils cheese dhcdbd djvulibre-desktop ekiga eog
11877 epiphany-extensions epiphany-gecko evolution-exchange
11878 fast-user-switch-applet file-roller gcalctool gconf-editor gdm gedit
11879 gedit-common gnome-app-install gnome-games gnome-games-data
11880 gnome-nettool gnome-system-tools gnome-themes gnome-utils
11881 gnome-vfs-obexftp gnome-volume-manager gnuchess gucharmap
11882 guile-
1.8-libs hal libavahi-compat-libdnssd1 libavahi-core5
11883 libavahi-ui0 libbind9-
50 libbluetooth2 libcamel1.2-
11 libcdio7
11884 libcucul0 libcurl3 libdirectfb-
1.0-
0 libdmx1 libdvdread3
11885 libedata-cal1.2-
6 libedataserver1.2-
9 libeel2-
2.20 libepc-
1.0-
1
11886 libepc-ui-
1.0-
1 libexchange-storage1.2-
3 libfaad0 libgadu3
11887 libgalago3 libgd2-noxpm libgda3-
3 libgda3-common libggz2 libggzcore9
11888 libggzmod4 libgksu1.2-
0 libgksuui1.0-
1 libgmyth0 libgnome-desktop-
2
11889 libgnome-pilot2 libgnomecups1.0-
1 libgnomeprint2.2-
0
11890 libgnomeprintui2.2-
0 libgpod3 libgraphviz4 libgtk-vnc-
1.0-
0
11891 libgtkhtml2-
0 libgtksourceview1.0-
0 libgtksourceview2.0-
0
11892 libgucharmap6 libhesiod0 libicu38 libisccc50 libisccfg50 libiw29
11893 libjaxp1.3-java-gcj libkpathsea4 liblircclient0 libltdl3 liblwres50
11894 libmagick++
10 libmagick10 libmalaga7 libmozjs1d libmpfr1ldbl libmtp7
11895 libmysqlclient15off libnautilus-burn4 libneon27 libnm-glib0
11896 libnm-util0 libopal-
2.2 libosp5 libparted1.8-
10 libpisock9
11897 libpisync1 libpoppler-glib3 libpoppler3 libpt-
1.10.10 libraw1394-
8
11898 libsdl1.2debian-alsa libsensors3 libsexy2 libsmbios2 libsoup2.2-
8
11899 libspeexdsp1 libssh2-
1 libsuitesparse-
3.1.0 libsvga1
11900 libswfdec-
0.6-
90 libtalloc1 libtotem-plparser10 libtrackerclient0
11901 libvoikko1 libxalan2-java-gcj libxerces2-java-gcj libxklavier12
11902 libxtrap6 libxxf86misc1 libzephyr3 mysql-common rhythmbox seahorse
11903 sound-juicer swfdec-gnome system-config-printer totem-common
11904 totem-gstreamer transmission-gtk vinagre vino w3c-dtd-xhtml wodim
11905 </p
></blockquote
>
11907 <p
>Installed using aptitude, missing with apt-get
</p
>
11909 <blockquote
><p
>
11910 gstreamer0.10-gnomevfs
11911 </p
></blockquote
>
11913 <p
>Installed using aptitude, removed with apt-get
</p
>
11915 <blockquote
><p
>
11917 </p
></blockquote
>
11919 <p
>This is for KDE:
</p
>
11921 <p
>Installed using apt-get, missing with aptitude
</p
>
11923 <blockquote
><p
>
11924 autopoint bomber bovo cantor cantor-backend-kalgebra cpp-
4.3 dcoprss
11925 edict espeak espeak-data eyesapplet fifteenapplet finger gettext
11926 ghostscript-x git gnome-audio gnugo granatier gs-common
11927 gstreamer0.10-pulseaudio indi kaddressbook-plugins kalgebra
11928 kalzium-data kanjidic kapman kate-plugins kblocks kbreakout kbstate
11929 kde-icons-mono kdeaccessibility kdeaddons-kfile-plugins
11930 kdeadmin-kfile-plugins kdeartwork-misc kdeartwork-theme-window
11931 kdeedu kdeedu-data kdeedu-kvtml-data kdegames kdegames-card-data
11932 kdegames-mahjongg-data kdegraphics-kfile-plugins kdelirc
11933 kdemultimedia-kfile-plugins kdenetwork-kfile-plugins
11934 kdepim-kfile-plugins kdepim-kio-plugins kdessh kdetoys kdewebdev
11935 kdiamond kdnssd kfilereplace kfourinline kgeography-data kigo
11936 killbots kiriki klettres-data kmoon kmrml knewsticker-scripts
11937 kollision kpf krosspython ksirk ksmserver ksquares kstars-data
11938 ksudoku kubrick kweather libasound2-plugins libboost-python1.42
.0
11939 libcfitsio3 libconvert-binhex-perl libcrypt-ssleay-perl libdb4.6++
11940 libdjvulibre-text libdotconf1.0 liberror-perl libespeak1
11941 libfinance-quote-perl libgail-common libgsl0ldbl libhtml-parser-perl
11942 libhtml-tableextract-perl libhtml-tagset-perl libhtml-tree-perl
11943 libio-stringy-perl libkdeedu4 libkdegames5 libkiten4 libkpathsea5
11944 libkrossui4 libmailtools-perl libmime-tools-perl
11945 libnews-nntpclient-perl libopenbabel3 libportaudio2 libpulse-browse0
11946 libservlet2.4-java libspeechd2 libtiff-tools libtimedate-perl
11947 libunistring0 liburi-perl libwww-perl libxalan2-java libxerces2-java
11948 lirc luatex marble networkstatus noatun-plugins
11949 openoffice.org-writer2latex palapeli palapeli-data parley
11950 parley-data poster psutils pulseaudio pulseaudio-esound-compat
11951 pulseaudio-module-x11 pulseaudio-utils quanta-data rocs rsync
11952 speech-dispatcher step svgalibg1 texlive-binaries texlive-luatex
11953 ttf-sazanami-gothic
11954 </p
></blockquote
>
11956 <p
>Installed using apt-get, removed with aptitude
</p
>
11958 <blockquote
><p
>
11959 amor artsbuilder atlantik atlantikdesigner blinken bluez-utils cvs
11960 dhcdbd djvulibre-desktop imlib-base imlib11 kalzium kanagram kandy
11961 kasteroids katomic kbackgammon kbattleship kblackbox kbounce kbruch
11962 kcron kdat kdemultimedia-kappfinder-data kdeprint kdict kdvi kedit
11963 keduca kenolaba kfax kfaxview kfouleggs kgeography kghostview
11964 kgoldrunner khangman khexedit kiconedit kig kimagemapeditor
11965 kitchensync kiten kjumpingcube klatin klettres klickety klines
11966 klinkstatus kmag kmahjongg kmailcvt kmenuedit kmid kmilo kmines
11967 kmousetool kmouth kmplot knetwalk kodo kolf kommander konquest kooka
11968 kpager kpat kpdf kpercentage kpilot kpoker kpovmodeler krec
11969 kregexpeditor kreversi ksame ksayit kshisen ksig ksim ksirc ksirtet
11970 ksmiletris ksnake ksokoban kspaceduel kstars ksvg ksysv kteatime
11971 ktip ktnef ktouch ktron kttsd ktuberling kturtle ktux kuickshow
11972 kverbos kview kviewshell kvoctrain kwifimanager kwin kwin4 kwordquiz
11973 kworldclock kxsldbg libakode2 libarts1-akode libarts1-audiofile
11974 libarts1-mpeglib libarts1-xine libavahi-compat-libdnssd1
11975 libavahi-core5 libavc1394-
0 libbind9-
50 libbluetooth2
11976 libboost-python1.34
.1 libcucul0 libcurl3 libcvsservice0
11977 libdirectfb-
1.0-
0 libdjvulibre21 libdvdread3 libfaad0 libfreebob0
11978 libgd2-noxpm libgraphviz4 libgsmme1c2a libgtkhtml2-
0 libicu38
11979 libiec61883-
0 libindex0 libisccc50 libisccfg50 libiw29
11980 libjaxp1.3-java-gcj libk3b3 libkcal2b libkcddb1 libkdeedu3
11981 libkdegames1 libkdepim1a libkgantt0 libkleopatra1 libkmime2
11982 libkpathsea4 libkpimexchange1 libkpimidentities1 libkscan1
11983 libksieve0 libktnef1 liblockdev1 libltdl3 liblwres50 libmagick10
11984 libmimelib1c2a libmodplug0c2 libmozjs1d libmpcdec3 libmpfr1ldbl
11985 libneon27 libnm-util0 libopensync0 libpisock9 libpoppler-glib3
11986 libpoppler-qt2 libpoppler3 libraw1394-
8 librss1 libsensors3
11987 libsmbios2 libssh2-
1 libsuitesparse-
3.1.0 libswfdec-
0.6-
90
11988 libtalloc1 libxalan2-java-gcj libxerces2-java-gcj libxtrap6 lskat
11989 mpeglib network-manager-kde noatun pmount tex-common texlive-base
11990 texlive-common texlive-doc-base texlive-fonts-recommended tidy
11991 ttf-dustin ttf-kochi-gothic ttf-sjfonts
11992 </p
></blockquote
>
11994 <p
>Installed using aptitude, missing with apt-get
</p
>
11996 <blockquote
><p
>
11997 dolphin kde-core kde-plasma-desktop kde-standard kde-window-manager
11998 kdeartwork kdebase kdebase-apps kdebase-workspace
11999 kdebase-workspace-bin kdebase-workspace-data kdeutils kscreensaver
12000 kscreensaver-xsavers libgle3 libkonq5 libkonq5-templates libnetpbm10
12001 netpbm plasma-widget-folderview plasma-widget-networkmanagement
12002 xscreensaver-data-extra xscreensaver-gl xscreensaver-gl-extra
12003 xscreensaver-screensaver-bsod
12004 </p
></blockquote
>
12006 <p
>Installed using aptitude, removed with apt-get
</p
>
12008 <blockquote
><p
>
12009 kdebase-bin konq-plugins konqueror
12010 </p
></blockquote
>
12015 <title>Gnash buildbot slave and Debian kfreebsd
</title>
12016 <link>https://people.skolelinux.org/pere/blog/Gnash_buildbot_slave_and_Debian_kfreebsd.html
</link>
12017 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Gnash_buildbot_slave_and_Debian_kfreebsd.html
</guid>
12018 <pubDate>Sat,
20 Nov
2010 07:
20:
00 +
0100</pubDate>
12019 <description><p
>Answering
12020 <a href=
"http://www.listware.net/
201011/gnash-dev/
67431-gnash-dev-buildbot-looking-for-slaves.html
">the
12021 call from the Gnash project
</a
> for
12022 <a href=
"http://www.gnashdev.org:
8010">buildbot
</a
> slaves to test the
12023 current source, I have set up a virtual KVM machine on the Debian
12024 Edu/Skolelinux virtualization host to test the git source on
12025 Debian/Squeeze. I hope this can help the developers in getting new
12026 releases out more often.
</p
>
12028 <p
>As the developers want less main-stream build platforms tested to,
12029 I have considered setting up a
<a
12030 href=
"http://www.debian.org/ports/kfreebsd-gnu/
">Debian/kfreebsd
</a
>
12031 machine as well. I have also considered using the kfreebsd
12032 architecture in Debian as a file server in NUUG to get access to the
5
12033 TB zfs volume we currently use to store DV video. Because of this, I
12034 finally got around to do a test installation of Debian/Squeeze with
12035 kfreebsd. Installation went fairly smooth, thought I noticed some
12036 visual glitches in the cdebconf dialogs (black cursor left on the
12037 screen at random locations). Have not gotten very far with the
12038 testing. Noticed cfdisk did not work, but fdisk did so it was not a
12039 fatal problem. Have to spend some more time on it to see if it is
12040 useful as a file server for NUUG. Will try to find time to set up a
12041 gnash buildbot slave on the Debian Edu/Skolelinux this weekend.
</p
>
12046 <title>Debian in
3D
</title>
12047 <link>https://people.skolelinux.org/pere/blog/Debian_in_3D.html
</link>
12048 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Debian_in_3D.html
</guid>
12049 <pubDate>Tue,
9 Nov
2010 16:
10:
00 +
0100</pubDate>
12050 <description><p
><img src=
"http://thingiverse-production.s3.amazonaws.com/renders/
23/e0/c4/f9/
2b/debswagtdose_preview_medium.jpg
"></p
>
12052 <p
>3D printing is just great. I just came across this Debian logo in
12054 <a href=
"http://blog.thingiverse.com/
2010/
11/
09/participatory-branding/
">the
12055 thingiverse blog
</a
>.
</p
>
12060 <title>Software updates
2010-
10-
24</title>
12061 <link>https://people.skolelinux.org/pere/blog/Software_updates_2010_10_24.html
</link>
12062 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Software_updates_2010_10_24.html
</guid>
12063 <pubDate>Sun,
24 Oct
2010 22:
45:
00 +
0200</pubDate>
12064 <description><p
>Some updates.
</p
>
12066 <p
>My
<a href=
"http://pledgebank.com/gnash-avm2
">gnash pledge
</a
> to
12067 raise money for the project is going well. The lower limit of
10
12068 signers was reached in
24 hours, and so far
13 people have signed it.
12069 More signers and more funding is most welcome, and I am really curious
12070 how far we can get before the time limit of December
24 is reached.
12073 <p
>On the #gnash IRC channel on irc.freenode.net, I was just tipped
12074 about what appear to be a great code coverage tool capable of
12075 generating code coverage stats without any changes to the source code.
12077 <a href=
"http://simonkagstrom.github.com/kcov/index.html
">kcov
</a
>,
12078 and can be used using
<tt
>kcov
&lt;directory
&gt;
&lt;binary
&gt;
</tt
>.
12079 It is missing in Debian, but the git source built just fine in Squeeze
12080 after I installed libelf-dev, libdwarf-dev, pkg-config and
12081 libglib2.0-dev. Failed to build in Lenny, but suspect that is
12082 solvable. I hope kcov make it into Debian soon.
</p
>
12084 <p
>Finally found time to wrap up the release notes for
<a
12085 href=
"http://lists.debian.org/debian-edu-announce/
2010/
10/msg00002.html
">a
12086 new alpha release of Debian Edu
</a
>, and just published the second
12087 alpha test release of the Squeeze based Debian Edu /
12088 <a href=
"http://www.skolelinux.org/
">Skolelinux
</a
>
12089 release. Give it a try if you need a complete linux solution for your
12090 school, including central infrastructure server, workstations, thin
12091 client servers and diskless workstations. A nice touch added
12092 yesterday is RDP support on the thin client servers, for windows
12093 clients to get a Linux desktop on request.
</p
>
12098 <title>Some notes on Flash in Debian and Debian Edu
</title>
12099 <link>https://people.skolelinux.org/pere/blog/Some_notes_on_Flash_in_Debian_and_Debian_Edu.html
</link>
12100 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Some_notes_on_Flash_in_Debian_and_Debian_Edu.html
</guid>
12101 <pubDate>Sat,
4 Sep
2010 10:
10:
00 +
0200</pubDate>
12102 <description><p
>In the
<a href=
"http://popcon.debian.org/unknown/by_vote
">Debian
12103 popularity-contest numbers
</a
>, the adobe-flashplugin package the
12104 second most popular used package that is missing in Debian. The sixth
12105 most popular is flashplayer-mozilla. This is a clear indication that
12106 working flash is important for Debian users. Around
10 percent of the
12107 users submitting data to popcon.debian.org have this package
12108 installed.
</p
>
12110 <p
>In the report written by Lars Risan in August
2008
12111 («
<a href=
"http://wiki.skolelinux.no/Dokumentasjon/Rapporter?action=AttachFile
&do=view
&target=Skolelinux_i_bruk_rapport_1.0.pdf
">Skolelinux
12112 i bruk – Rapport for Hurum kommune, Universitetet i Agder og
12113 stiftelsen SLX Debian Labs
</a
>»), one of the most important problems
12114 schools experienced with
<a href=
"http://www.skolelinux.org/
">Debian
12115 Edu/Skolelinux
</a
> was the lack of working Flash. A lot of educational
12116 web sites require Flash to work, and lacking working Flash support in
12117 the web browser and the problems with installing it was perceived as a
12118 good reason to stay with Windows.
</p
>
12120 <p
>I once saw a funny and sad comment in a web forum, where Linux was
12121 said to be the retarded cousin that did not really understand
12122 everything you told him but could work fairly well. This was a
12123 comment regarding the problems Linux have with proprietary formats and
12124 non-standard web pages, and is sad because it exposes a fairly common
12125 understanding of whose fault it is if web pages that only work in for
12126 example Internet Explorer
6 fail to work on Firefox, and funny because
12127 it explain very well how annoying it is for users when Linux
12128 distributions do not work with the documents they receive or the web
12129 pages they want to visit.
</p
>
12131 <p
>This is part of the reason why I believe it is important for Debian
12132 and Debian Edu to have a well working Flash implementation in the
12133 distribution, to get at least popular sites as Youtube and Google
12134 Video to working out of the box. For Squeeze, Debian have the chance
12135 to include the latest version of Gnash that will make this happen, as
12136 the new release
0.8.8 was published a few weeks ago and is resting in
12137 unstable. The new version work with more sites that version
0.8.7.
12138 The Gnash maintainers have asked for a freeze exception, but the
12139 release team have not had time to reply to it yet. I hope they agree
12140 with me that Flash is important for the Debian desktop users, and thus
12141 accept the new package into Squeeze.
</p
>
12146 <title>Circular package dependencies harms apt recovery
</title>
12147 <link>https://people.skolelinux.org/pere/blog/Circular_package_dependencies_harms_apt_recovery.html
</link>
12148 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Circular_package_dependencies_harms_apt_recovery.html
</guid>
12149 <pubDate>Tue,
27 Jul
2010 23:
50:
00 +
0200</pubDate>
12150 <description><p
>I discovered this while doing
12151 <a href=
"https://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html
">automated
12152 testing of upgrades from Debian Lenny to Squeeze
</a
>. A few packages
12153 in Debian still got circular dependencies, and it is often claimed
12154 that apt and aptitude should be able to handle this just fine, but
12155 some times these dependency loops causes apt to fail.
</p
>
12157 <p
>An example is from todays
12158 <a href=
"https://people.skolelinux.org/~pere/debian-upgrade-testing//test-
20100727-lenny-squeeze-kde-aptitude.txt
">upgrade
12159 of KDE using aptitude
</a
>. In it, a bug in kdebase-workspace-data
12160 causes perl-modules to fail to upgrade. The cause is simple. If a
12161 package fail to unpack, then only part of packages with the circular
12162 dependency might end up being unpacked when unpacking aborts, and the
12163 ones already unpacked will fail to configure in the recovery phase
12164 because its dependencies are unavailable.
</p
>
12166 <p
>In this log, the problem manifest itself with this error:
</p
>
12168 <blockquote
><pre
>
12169 dpkg: dependency problems prevent configuration of perl-modules:
12170 perl-modules depends on perl (
>=
5.10.1-
1); however:
12171 Version of perl on system is
5.10.0-
19lenny
2.
12172 dpkg: error processing perl-modules (--configure):
12173 dependency problems - leaving unconfigured
12174 </pre
></blockquote
>
12176 <p
>The perl/perl-modules circular dependency is already
12177 <a href=
"http://bugs.debian.org/
527917">reported as a bug
</a
>, and will
12178 hopefully be solved as soon as possible, but it is not the only one,
12179 and each one of these loops in the dependency tree can cause similar
12180 failures. Of course, they only occur when there are bugs in other
12181 packages causing the unpacking to fail, but it is rather nasty when
12182 the failure of one package causes the problem to become worse because
12183 of dependency loops.
</p
>
12186 <a href=
"http://lists.debian.org/debian-devel/
2010/
06/msg00116.html
">the
12187 tireless effort by Bill Allombert
</a
>, the number of circular
12189 <a href=
"http://debian.semistable.com/debgraph.out.html
">left in Debian
12190 is dropping
</a
>, and perhaps it will reach zero one day. :)
</p
>
12192 <p
>Todays testing also exposed a bug in
12193 <a href=
"http://bugs.debian.org/
590605">update-notifier
</a
> and
12194 <a href=
"http://bugs.debian.org/
590604">different behaviour
</a
> between
12195 apt-get and aptitude, the latter possibly caused by some circular
12196 dependency. Reported both to BTS to try to get someone to look at
12202 <title>What are they searching for - PowerDNS and ISC DHCP in LDAP
</title>
12203 <link>https://people.skolelinux.org/pere/blog/What_are_they_searching_for___PowerDNS_and_ISC_DHCP_in_LDAP.html
</link>
12204 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/What_are_they_searching_for___PowerDNS_and_ISC_DHCP_in_LDAP.html
</guid>
12205 <pubDate>Sat,
17 Jul
2010 21:
00:
00 +
0200</pubDate>
12206 <description><p
>This is a
12207 <a href=
"https://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
">followup
</a
>
12209 <a href=
"https://people.skolelinux.org/pere/blog/Idea_for_a_change_to_LDAP_schemas_allowing_DNS_and_DHCP_info_to_be_combined_into_one_object.html
">previous
12211 <a href=
"https://people.skolelinux.org/pere/blog/Combining_PowerDNS_and_ISC_DHCP_LDAP_objects.html
">merging
12212 all
</a
> the computer related LDAP objects in Debian Edu.
</p
>
12214 <p
>As a step to try to see if it possible to merge the DNS and DHCP
12215 LDAP objects, I have had a look at how the packages pdns-backend-ldap
12216 and dhcp3-server-ldap in Debian use the LDAP server. The two
12217 implementations are quite different in how they use LDAP.
</p
>
12219 To get this information, I started slapd with debugging enabled and
12220 dumped the debug output to a file to get the LDAP searches performed
12221 on a Debian Edu main-server. Here is a summary.
12223 <p
><strong
>powerdns
</strong
></p
>
12225 <a href=
"http://www.linuxnetworks.de/doc/index.php/PowerDNS_LDAP_Backend
">Clues
12226 on how to
</a
> set up PowerDNS to use a LDAP backend is available on
12229 <p
>PowerDNS have two modes of operation using LDAP as its backend.
12230 One
"strict
" mode where the forward and reverse DNS lookups are done
12231 using the same LDAP objects, and a
"tree
" mode where the forward and
12232 reverse entries are in two different subtrees in LDAP with a structure
12233 based on the DNS names, as in tjener.intern and
12234 2.2.0.10.in-addr.arpa.
</p
>
12236 <p
>In tree mode, the server is set up to use a LDAP subtree as its
12237 base, and uses a
"base
" scoped search for the DNS name by adding
12238 "dc=tjener,dc=intern,
" to the base with a filter for
12239 "(associateddomain=tjener.intern)
" for the forward entry and
12240 "dc=
2,dc=
2,dc=
0,dc=
10,dc=in-addr,dc=arpa,
" with a filter for
12241 "(associateddomain=
2.2.0.10.in-addr.arpa)
" for the reverse entry. For
12242 forward entries, it is looking for attributes named dnsttl, arecord,
12243 nsrecord, cnamerecord, soarecord, ptrrecord, hinforecord, mxrecord,
12244 txtrecord, rprecord, afsdbrecord, keyrecord, aaaarecord, locrecord,
12245 srvrecord, naptrrecord, kxrecord, certrecord, dsrecord, sshfprecord,
12246 ipseckeyrecord, rrsigrecord, nsecrecord, dnskeyrecord, dhcidrecord,
12247 spfrecord and modifytimestamp. For reverse entries it is looking for
12248 the attributes dnsttl, arecord, nsrecord, cnamerecord, soarecord,
12249 ptrrecord, hinforecord, mxrecord, txtrecord, rprecord, aaaarecord,
12250 locrecord, srvrecord, naptrrecord and modifytimestamp. The equivalent
12251 ldapsearch commands could look like this:
</p
>
12253 <blockquote
><pre
>
12254 ldapsearch -h ldap \
12255 -b dc=tjener,dc=intern,ou=hosts,dc=skole,dc=skolelinux,dc=no \
12256 -s base -x
'(associateddomain=tjener.intern)
' dNSTTL aRecord nSRecord \
12257 cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord \
12258 rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord \
12259 nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord \
12260 rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp
12262 ldapsearch -h ldap \
12263 -b dc=
2,dc=
2,dc=
0,dc=
10,dc=in-addr,dc=arpa,ou=hosts,dc=skole,dc=skolelinux,dc=no \
12264 -s base -x
'(associateddomain=
2.2.0.10.in-addr.arpa)
'
12265 dnsttl, arecord, nsrecord, cnamerecord soarecord ptrrecord \
12266 hinforecord mxrecord txtrecord rprecord aaaarecord locrecord \
12267 srvrecord naptrrecord modifytimestamp
12268 </pre
></blockquote
>
12270 <p
>In Debian Edu/Lenny, the PowerDNS tree mode is used with
12271 ou=hosts,dc=skole,dc=skolelinux,dc=no as the base, and these are two
12272 example LDAP objects used there. In addition to these objects, the
12273 parent objects all th way up to ou=hosts,dc=skole,dc=skolelinux,dc=no
12274 also exist.
</p
>
12276 <blockquote
><pre
>
12277 dn: dc=tjener,dc=intern,ou=hosts,dc=skole,dc=skolelinux,dc=no
12279 objectclass: dnsdomain
12280 objectclass: domainrelatedobject
12283 associateddomain: tjener.intern
12285 dn: dc=
2,dc=
2,dc=
0,dc=
10,dc=in-addr,dc=arpa,ou=hosts,dc=skole,dc=skolelinux,dc=no
12287 objectclass: dnsdomain2
12288 objectclass: domainrelatedobject
12290 ptrrecord: tjener.intern
12291 associateddomain:
2.2.0.10.in-addr.arpa
12292 </pre
></blockquote
>
12294 <p
>In strict mode, the server behaves differently. When looking for
12295 forward DNS entries, it is doing a
"subtree
" scoped search with the
12296 same base as in the tree mode for a object with filter
12297 "(associateddomain=tjener.intern)
" and requests the attributes dnsttl,
12298 arecord, nsrecord, cnamerecord, soarecord, ptrrecord, hinforecord,
12299 mxrecord, txtrecord, rprecord, aaaarecord, locrecord, srvrecord,
12300 naptrrecord and modifytimestamp. For reverse entires it also do a
12301 subtree scoped search but this time the filter is
"(arecord=
10.0.2.2)
"
12302 and the requested attributes are associateddomain, dnsttl and
12303 modifytimestamp. In short, in strict mode the objects with ptrrecord
12304 go away, and the arecord attribute in the forward object is used
12307 <p
>The forward and reverse searches can be simulated using ldapsearch
12308 like this:
</p
>
12310 <blockquote
><pre
>
12311 ldapsearch -h ldap -b ou=hosts,dc=skole,dc=skolelinux,dc=no -s sub -x \
12312 '(associateddomain=tjener.intern)
' dNSTTL aRecord nSRecord \
12313 cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord \
12314 rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord \
12315 nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord \
12316 rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp
12318 ldapsearch -h ldap -b ou=hosts,dc=skole,dc=skolelinux,dc=no -s sub -x \
12319 '(arecord=
10.0.2.2)
' associateddomain dnsttl modifytimestamp
12320 </pre
></blockquote
>
12322 <p
>In addition to the forward and reverse searches , there is also a
12323 search for SOA records, which behave similar to the forward and
12324 reverse lookups.
</p
>
12326 <p
>A thing to note with the PowerDNS behaviour is that it do not
12327 specify any objectclass names, and instead look for the attributes it
12328 need to generate a DNS reply. This make it able to work with any
12329 objectclass that provide the needed attributes.
</p
>
12331 <p
>The attributes are normally provided in the cosine (RFC
1274) and
12332 dnsdomain2 schemas. The latter is used for reverse entries like
12333 ptrrecord and recent DNS additions like aaaarecord and srvrecord.
</p
>
12335 <p
>In Debian Edu, we have created DNS objects using the object classes
12336 dcobject (for dc), dnsdomain or dnsdomain2 (structural, for the DNS
12337 attributes) and domainrelatedobject (for associatedDomain). The use
12338 of structural object classes make it impossible to combine these
12339 classes with the object classes used by DHCP.
</p
>
12341 <p
>There are other schemas that could be used too, for example the
12342 dnszone structural object class used by Gosa and bind-sdb for the DNS
12343 attributes combined with the domainrelatedobject object class, but in
12344 this case some unused attributes would have to be included as well
12345 (zonename and relativedomainname).
</p
>
12347 <p
>My proposal for Debian Edu would be to switch PowerDNS to strict
12348 mode and not use any of the existing objectclasses (dnsdomain,
12349 dnsdomain2 and dnszone) when one want to combine the DNS information
12350 with DHCP information, and instead create a auxiliary object class
12351 defined something like this (using the attributes defined for
12352 dnsdomain and dnsdomain2 or dnszone):
</p
>
12354 <blockquote
><pre
>
12355 objectclass ( some-oid NAME
'dnsDomainAux
'
12358 MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord $ CNAMERecord $
12359 DNSTTL $ DNSClass $ PTRRecord $ HINFORecord $ MINFORecord $
12360 TXTRecord $ SIGRecord $ KEYRecord $ AAAARecord $ LOCRecord $
12361 NXTRecord $ SRVRecord $ NAPTRRecord $ KXRecord $ CERTRecord $
12362 A6Record $ DNAMERecord
12364 </pre
></blockquote
>
12366 <p
>This will allow any object to become a DNS entry when combined with
12367 the domainrelatedobject object class, and allow any entity to include
12368 all the attributes PowerDNS wants. I
've sent an email to the PowerDNS
12369 developers asking for their view on this schema and if they are
12370 interested in providing such schema with PowerDNS, and I hope my
12371 message will be accepted into their mailing list soon.
</p
>
12373 <p
><strong
>ISC dhcp
</strong
></p
>
12375 <p
>The DHCP server searches for specific objectclass and requests all
12376 the object attributes, and then uses the attributes it want. This
12377 make it harder to figure out exactly what attributes are used, but
12378 thanks to the working example in Debian Edu I can at least get an idea
12379 what is needed without having to read the source code.
</p
>
12381 <p
>In the DHCP server configuration, the LDAP base to use and the
12382 search filter to use to locate the correct dhcpServer entity is
12383 stored. These are the relevant entries from
12384 /etc/dhcp3/dhcpd.conf:
</p
>
12386 <blockquote
><pre
>
12387 ldap-base-dn
"dc=skole,dc=skolelinux,dc=no
";
12388 ldap-dhcp-server-cn
"dhcp
";
12389 </pre
></blockquote
>
12391 <p
>The DHCP server uses this information to nest all the DHCP
12392 configuration it need. The cn
"dhcp
" is located using the given LDAP
12393 base and the filter
"(
&(objectClass=dhcpServer)(cn=dhcp))
". The
12394 search result is this entry:
</p
>
12396 <blockquote
><pre
>
12397 dn: cn=dhcp,dc=skole,dc=skolelinux,dc=no
12400 objectClass: dhcpServer
12401 dhcpServiceDN: cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
12402 </pre
></blockquote
>
12404 <p
>The content of the dhcpServiceDN attribute is next used to locate the
12405 subtree with DHCP configuration. The DHCP configuration subtree base
12406 is located using a base scope search with base
"cn=DHCP
12407 Config,dc=skole,dc=skolelinux,dc=no
" and filter
12408 "(
&(objectClass=dhcpService)(|(dhcpPrimaryDN=cn=dhcp,dc=skole,dc=skolelinux,dc=no)(dhcpSecondaryDN=cn=dhcp,dc=skole,dc=skolelinux,dc=no)))
".
12409 The search result is this entry:
</p
>
12411 <blockquote
><pre
>
12412 dn: cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
12415 objectClass: dhcpService
12416 objectClass: dhcpOptions
12417 dhcpPrimaryDN: cn=dhcp, dc=skole,dc=skolelinux,dc=no
12418 dhcpStatements: ddns-update-style none
12419 dhcpStatements: authoritative
12420 dhcpOption: smtp-server code
69 = array of ip-address
12421 dhcpOption: www-server code
72 = array of ip-address
12422 dhcpOption: wpad-url code
252 = text
12423 </pre
></blockquote
>
12425 <p
>Next, the entire subtree is processed, one level at the time. When
12426 all the DHCP configuration is loaded, it is ready to receive requests.
12427 The subtree in Debian Edu contain objects with object classes
12428 top/dhcpService/dhcpOptions, top/dhcpSharedNetwork/dhcpOptions,
12429 top/dhcpSubnet, top/dhcpGroup and top/dhcpHost. These provide options
12430 and information about netmasks, dynamic range etc. Leaving out the
12431 details here because it is not relevant for the focus of my
12432 investigation, which is to see if it is possible to merge dns and dhcp
12433 related computer objects.
</p
>
12435 <p
>When a DHCP request come in, LDAP is searched for the MAC address
12436 of the client (
00:
00:
00:
00:
00:
00 in this example), using a subtree
12437 scoped search with
"cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
" as
12438 the base and
"(
&(objectClass=dhcpHost)(dhcpHWAddress=ethernet
12439 00:
00:
00:
00:
00:
00))
" as the filter. This is what a host object look
12442 <blockquote
><pre
>
12443 dn: cn=hostname,cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
12446 objectClass: dhcpHost
12447 dhcpHWAddress: ethernet
00:
00:
00:
00:
00:
00
12448 dhcpStatements: fixed-address hostname
12449 </pre
></blockquote
>
12451 <p
>There is less flexiblity in the way LDAP searches are done here.
12452 The object classes need to have fixed names, and the configuration
12453 need to be stored in a fairly specific LDAP structure. On the
12454 positive side, the invidiual dhcpHost entires can be anywhere without
12455 the DN pointed to by the dhcpServer entries. The latter should make
12456 it possible to group all host entries in a subtree next to the
12457 configuration entries, and this subtree can also be shared with the
12458 DNS server if the schema proposed above is combined with the dhcpHost
12459 structural object class.
12461 <p
><strong
>Conclusion
</strong
></p
>
12463 <p
>The PowerDNS implementation seem to be very flexible when it come
12464 to which LDAP schemas to use. While its
"tree
" mode is rigid when it
12465 come to the the LDAP structure, the
"strict
" mode is very flexible,
12466 allowing DNS objects to be stored anywhere under the base cn specified
12467 in the configuration.
</p
>
12469 <p
>The DHCP implementation on the other hand is very inflexible, both
12470 regarding which LDAP schemas to use and which LDAP structure to use.
12471 I guess one could implement ones own schema, as long as the
12472 objectclasses and attributes have the names used, but this do not
12473 really help when the DHCP subtree need to have a fairly fixed
12474 structure.
</p
>
12476 <p
>Based on the observed behaviour, I suspect a LDAP structure like
12477 this might work for Debian Edu:
</p
>
12479 <blockquote
><pre
>
12481 cn=machine-info (dhcpService) - dhcpServiceDN points here
12482 cn=dhcp (dhcpServer)
12483 cn=dhcp-internal (dhcpSharedNetwork/dhcpOptions)
12484 cn=
10.0.2.0 (dhcpSubnet)
12485 cn=group1 (dhcpGroup/dhcpOptions)
12486 cn=dhcp-thinclients (dhcpSharedNetwork/dhcpOptions)
12487 cn=
192.168.0.0 (dhcpSubnet)
12488 cn=group1 (dhcpGroup/dhcpOptions)
12489 ou=machines - PowerDNS base points here
12490 cn=hostname (dhcpHost/domainrelatedobject/dnsDomainAux)
12491 </pre
></blockquote
>
12493 <P
>This is not tested yet. If the DHCP server require the dhcpHost
12494 entries to be in the dhcpGroup subtrees, the entries can be stored
12495 there instead of a common machines subtree, and the PowerDNS base
12496 would have to be moved one level up to the machine-info subtree.
</p
>
12498 <p
>The combined object under the machines subtree would look something
12499 like this:
</p
>
12501 <blockquote
><pre
>
12502 dn: dc=hostname,ou=machines,cn=machine-info,dc=skole,dc=skolelinux,dc=no
12505 objectClass: dhcpHost
12506 objectclass: domainrelatedobject
12507 objectclass: dnsDomainAux
12508 associateddomain: hostname.intern
12509 arecord:
10.11.12.13
12510 dhcpHWAddress: ethernet
00:
00:
00:
00:
00:
00
12511 dhcpStatements: fixed-address hostname.intern
12512 </pre
></blockquote
>
12514 </p
>One could even add the LTSP configuration associated with a given
12515 machine, as long as the required attributes are available in a
12516 auxiliary object class.
</p
>
12521 <title>Combining PowerDNS and ISC DHCP LDAP objects
</title>
12522 <link>https://people.skolelinux.org/pere/blog/Combining_PowerDNS_and_ISC_DHCP_LDAP_objects.html
</link>
12523 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Combining_PowerDNS_and_ISC_DHCP_LDAP_objects.html
</guid>
12524 <pubDate>Wed,
14 Jul
2010 23:
45:
00 +
0200</pubDate>
12525 <description><p
>For a while now, I have wanted to find a way to change the DNS and
12526 DHCP services in Debian Edu to use the same LDAP objects for a given
12527 computer, to avoid the possibility of having a inconsistent state for
12528 a computer in LDAP (as in DHCP but no DNS entry or the other way
12529 around) and make it easier to add computers to LDAP.
</p
>
12531 <p
>I
've looked at how powerdns and dhcpd is using LDAP, and using this
12532 information finally found a solution that seem to work.
</p
>
12534 <p
>The old setup required three LDAP objects for a given computer.
12535 One forward DNS entry, one reverse DNS entry and one DHCP entry. If
12536 we switch powerdns to use its strict LDAP method (ldap-method=strict
12537 in pdns-debian-edu.conf), the forward and reverse DNS entries are
12538 merged into one while making it impossible to transfer the reverse map
12539 to a slave DNS server.
</p
>
12541 <p
>If we also replace the object class used to get the DNS related
12542 attributes to one allowing these attributes to be combined with the
12543 dhcphost object class, we can merge the DNS and DHCP entries into one.
12544 I
've written such object class in the dnsdomainaux.schema file (need
12545 proper OIDs, but that is a minor issue), and tested the setup. It
12546 seem to work.
</p
>
12548 <p
>With this test setup in place, we can get away with one LDAP object
12549 for both DNS and DHCP, and even the LTSP configuration I suggested in
12550 an earlier email. The combined LDAP object will look something like
12553 <blockquote
><pre
>
12554 dn: cn=hostname,cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
12556 objectClass: dhcphost
12557 objectclass: domainrelatedobject
12558 objectclass: dnsdomainaux
12559 associateddomain: hostname.intern
12560 arecord:
10.11.12.13
12561 dhcphwaddress: ethernet
00:
00:
00:
00:
00:
00
12562 dhcpstatements: fixed-address hostname
12564 </pre
></blockquote
>
12566 <p
>The DNS server uses the associateddomain and arecord entries, while
12567 the DHCP server uses the dhcphwaddress and dhcpstatements entries
12568 before asking DNS to resolve the fixed-adddress. LTSP will use
12569 dhcphwaddress or associateddomain and the ldapconfig* attributes.
</p
>
12571 <p
>I am not yet sure if I can get the DHCP server to look for its
12572 dhcphost in a different location, to allow us to put the objects
12573 outside the
"DHCP Config
" subtree, but hope to figure out a way to do
12574 that. If I can
't figure out a way to do that, we can still get rid of
12575 the hosts subtree and move all its content into the DHCP Config tree
12576 (which probably should be renamed to be more related to the new
12577 content. I suspect cn=dnsdhcp,ou=services or something like that
12578 might be a good place to put it.
</p
>
12580 <p
>If you want to help out with implementing this for Debian Edu,
12581 please contact us on debian-edu@lists.debian.org.
</p
>
12586 <title>Idea for storing LTSP configuration in LDAP
</title>
12587 <link>https://people.skolelinux.org/pere/blog/Idea_for_storing_LTSP_configuration_in_LDAP.html
</link>
12588 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Idea_for_storing_LTSP_configuration_in_LDAP.html
</guid>
12589 <pubDate>Sun,
11 Jul
2010 22:
00:
00 +
0200</pubDate>
12590 <description><p
>Vagrant mentioned on IRC today that ltsp_config now support
12591 sourcing files from /usr/share/ltsp/ltsp_config.d/ on the thin
12592 clients, and that this can be used to fetch configuration from LDAP if
12593 Debian Edu choose to store configuration there.
</p
>
12595 <p
>Armed with this information, I got inspired and wrote a test module
12596 to get configuration from LDAP. The idea is to look up the MAC
12597 address of the client in LDAP, and look for attributes on the form
12598 ltspconfigsetting=value, and use this to export SETTING=value to the
12599 LTSP clients.
</p
>
12601 <p
>The goal is to be able to store the LTSP configuration attributes
12602 in a
"computer
" LDAP object used by both DNS and DHCP, and thus
12603 allowing us to store all information about a computer in one place.
</p
>
12605 <p
>This is a untested draft implementation, and I welcome feedback on
12606 this approach. A real LDAP schema for the ltspClientAux objectclass
12607 need to be written. Comments, suggestions, etc?
</p
>
12609 <blockquote
><pre
>
12610 # Store in /opt/ltsp/$arch/usr/share/ltsp/ltsp_config.d/ldap-config
12612 # Fetch LTSP client settings from LDAP based on MAC address
12614 # Uses ethernet address as stored in the dhcpHost objectclass using
12615 # the dhcpHWAddress attribute or ethernet address stored in the
12616 # ieee802Device objectclass with the macAddress attribute.
12618 # This module is written to be schema agnostic, and only depend on the
12619 # existence of attribute names.
12621 # The LTSP configuration variables are saved directly using a
12622 # ltspConfig prefix and uppercasing the rest of the attribute name.
12623 # To set the SERVER variable, set the ltspConfigServer attribute.
12625 # Some LDAP schema should be created with all the relevant
12626 # configuration settings. Something like this should work:
12628 # objectclass (
1.1.2.2 NAME
'ltspClientAux
'
12631 # MAY ( ltspConfigServer $ ltsConfigSound $ ... )
12633 LDAPSERVER=$(debian-edu-ldapserver)
12634 if [
"$LDAPSERVER
" ] ; then
12635 LDAPBASE=$(debian-edu-ldapserver -b)
12636 for MAC in $(LANG=C ifconfig |grep -i hwaddr| awk
'{print $
5}
'|sort -u) ; do
12637 filter=
"(|(dhcpHWAddress=ethernet $MAC)(macAddress=$MAC))
"
12638 ldapsearch -h
"$LDAPSERVER
" -b
"$LDAPBASE
" -v -x
"$filter
" | \
12639 grep
'^ltspConfig
' | while read attr value ; do
12640 # Remove prefix and convert to upper case
12641 attr=$(echo $attr | sed
's/^ltspConfig//i
' | tr a-z A-Z)
12642 # bass value on to clients
12643 eval
"$attr=$value; export $attr
"
12647 </pre
></blockquote
>
12649 <p
>I
'm not sure this shell construction will work, because I suspect
12650 the while block might end up in a subshell causing the variables set
12651 there to not show up in ltsp-config, but if that is the case I am sure
12652 the code can be restructured to make sure the variables are passed on.
12653 I expect that can be solved with some testing. :)
</p
>
12655 <p
>If you want to help out with implementing this for Debian Edu,
12656 please contact us on debian-edu@lists.debian.org.
</p
>
12658 <p
>Update
2010-
07-
17: I am aware of another effort to store LTSP
12659 configuration in LDAP that was created around year
2000 by
12660 <a href=
"http://www.pcxperience.com/thinclient/documentation/ldap.html
">PC
12661 Xperience, Inc.,
2000</a
>. I found its
12662 <a href=
"http://people.redhat.com/alikins/ltsp/ldap/
">files
</a
> on a
12663 personal home page over at redhat.com.
</p
>
12668 <title>jXplorer, a very nice LDAP GUI
</title>
12669 <link>https://people.skolelinux.org/pere/blog/jXplorer__a_very_nice_LDAP_GUI.html
</link>
12670 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/jXplorer__a_very_nice_LDAP_GUI.html
</guid>
12671 <pubDate>Fri,
9 Jul
2010 12:
55:
00 +
0200</pubDate>
12672 <description><p
>Since
12673 <a href=
"https://people.skolelinux.org/pere/blog/LUMA__a_very_nice_LDAP_GUI.html
">my
12674 last post
</a
> about available LDAP tools in Debian, I was told about a
12675 LDAP GUI that is even better than luma. The java application
12676 <a href=
"http://jxplorer.org/
">jXplorer
</a
> is claimed to be capable of
12677 moving LDAP objects and subtrees using drag-and-drop, and can
12678 authenticate using Kerberos. I have only tested the Kerberos
12679 authentication, but do not have a LDAP setup allowing me to rewrite
12680 LDAP with my test user yet. It is
12681 <a href=
"http://packages.qa.debian.org/j/jxplorer.html
">available in
12682 Debian
</a
> testing and unstable at the moment. The only problem I
12683 have with it is how it handle errors. If something go wrong, its
12684 non-intuitive behaviour require me to go through some query work list
12685 and remove the failing query. Nothing big, but very annoying.
</p
>
12690 <title>Lenny-
>Squeeze upgrades, apt vs aptitude with the Gnome desktop
</title>
12691 <link>https://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__apt_vs_aptitude_with_the_Gnome_desktop.html
</link>
12692 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__apt_vs_aptitude_with_the_Gnome_desktop.html
</guid>
12693 <pubDate>Sat,
3 Jul
2010 23:
55:
00 +
0200</pubDate>
12694 <description><p
>Here is a short update on my
<a
12695 href=
"https://people.skolelinux.org/~pere/debian-upgrade-testing/
">my
12696 Debian Lenny-
>Squeeze upgrade testing
</a
>. Here is a summary of the
12697 difference for Gnome when it is upgraded by apt-get and aptitude. I
'm
12698 not reporting the status for KDE, because the upgrade crashes when
12699 aptitude try because of missing conflicts
12700 (
<a href=
"http://bugs.debian.org/
584861">#
584861</a
> and
12701 <a href=
"http://bugs.debian.org/
585716">#
585716</a
>).
</p
>
12703 <p
>At the end of the upgrade test script, dpkg -l is executed to get a
12704 complete list of the installed packages. Based on this I see these
12705 differences when I did a test run today. As usual, I do not really
12706 know what the correct set of packages would be, but thought it best to
12707 publish the difference.
</p
>
12709 <p
>Installed using apt-get, missing with aptitude
</p
>
12711 <blockquote
><p
>
12712 at-spi cpp-
4.3 finger gnome-spell gstreamer0.10-gnomevfs
12713 libatspi1.0-
0 libcupsys2 libeel2-data libgail-common libgdl-
1-common
12714 libgnomeprint2.2-data libgnomeprintui2.2-common libgnomevfs2-bin
12715 libgtksourceview-common libpt-
1.10.10-plugins-alsa
12716 libpt-
1.10.10-plugins-v4l libservlet2.4-java libxalan2-java
12717 libxerces2-java openoffice.org-writer2latex openssl-blacklist p7zip
12718 python-
4suite-xml python-eggtrayicon python-gtkhtml2
12719 python-gtkmozembed svgalibg1 xserver-xephyr zip
12720 </p
></blockquote
>
12722 <p
>Installed using apt-get, removed with aptitude
</p
>
12724 <blockquote
><p
>
12725 bluez-utils dhcdbd djvulibre-desktop epiphany-gecko
12726 gnome-app-install gnome-mount gnome-vfs-obexftp gnome-volume-manager
12727 libao2 libavahi-compat-libdnssd1 libavahi-core5 libbind9-
50
12728 libbluetooth2 libcamel1.2-
11 libcdio7 libcucul0 libcurl3
12729 libdirectfb-
1.0-
0 libdvdread3 libedata-cal1.2-
6 libedataserver1.2-
9
12730 libeel2-
2.20 libepc-
1.0-
1 libepc-ui-
1.0-
1 libexchange-storage1.2-
3
12731 libfaad0 libgd2-noxpm libgda3-
3 libgda3-common libggz2 libggzcore9
12732 libggzmod4 libgksu1.2-
0 libgksuui1.0-
1 libgmyth0 libgnome-desktop-
2
12733 libgnome-pilot2 libgnomecups1.0-
1 libgnomeprint2.2-
0
12734 libgnomeprintui2.2-
0 libgpod3 libgraphviz4 libgtkhtml2-
0
12735 libgtksourceview1.0-
0 libgucharmap6 libhesiod0 libicu38 libisccc50
12736 libisccfg50 libiw29 libkpathsea4 libltdl3 liblwres50 libmagick++
10
12737 libmagick10 libmalaga7 libmtp7 libmysqlclient15off libnautilus-burn4
12738 libneon27 libnm-glib0 libnm-util0 libopal-
2.2 libosp5
12739 libparted1.8-
10 libpisock9 libpisync1 libpoppler-glib3 libpoppler3
12740 libpt-
1.10.10 libraw1394-
8 libsensors3 libsmbios2 libsoup2.2-
8
12741 libssh2-
1 libsuitesparse-
3.1.0 libswfdec-
0.6-
90 libtalloc1
12742 libtotem-plparser10 libtrackerclient0 libvoikko1 libxalan2-java-gcj
12743 libxerces2-java-gcj libxklavier12 libxtrap6 libxxf86misc1 libzephyr3
12744 mysql-common swfdec-gnome totem-gstreamer wodim
12745 </p
></blockquote
>
12747 <p
>Installed using aptitude, missing with apt-get
</p
>
12749 <blockquote
><p
>
12750 gnome gnome-desktop-environment hamster-applet python-gnomeapplet
12751 python-gnomekeyring python-wnck rhythmbox-plugins xorg
12752 xserver-xorg-input-all xserver-xorg-input-evdev
12753 xserver-xorg-input-kbd xserver-xorg-input-mouse
12754 xserver-xorg-input-synaptics xserver-xorg-video-all
12755 xserver-xorg-video-apm xserver-xorg-video-ark xserver-xorg-video-ati
12756 xserver-xorg-video-chips xserver-xorg-video-cirrus
12757 xserver-xorg-video-dummy xserver-xorg-video-fbdev
12758 xserver-xorg-video-glint xserver-xorg-video-i128
12759 xserver-xorg-video-i740 xserver-xorg-video-mach64
12760 xserver-xorg-video-mga xserver-xorg-video-neomagic
12761 xserver-xorg-video-nouveau xserver-xorg-video-nv
12762 xserver-xorg-video-r128 xserver-xorg-video-radeon
12763 xserver-xorg-video-radeonhd xserver-xorg-video-rendition
12764 xserver-xorg-video-s3 xserver-xorg-video-s3virge
12765 xserver-xorg-video-savage xserver-xorg-video-siliconmotion
12766 xserver-xorg-video-sis xserver-xorg-video-sisusb
12767 xserver-xorg-video-tdfx xserver-xorg-video-tga
12768 xserver-xorg-video-trident xserver-xorg-video-tseng
12769 xserver-xorg-video-vesa xserver-xorg-video-vmware
12770 xserver-xorg-video-voodoo
12771 </p
></blockquote
>
12773 <p
>Installed using aptitude, removed with apt-get
</p
>
12775 <blockquote
><p
>
12776 deskbar-applet xserver-xorg xserver-xorg-core
12777 xserver-xorg-input-wacom xserver-xorg-video-intel
12778 xserver-xorg-video-openchrome
12779 </p
></blockquote
>
12781 <p
>I was told on IRC that the xorg-xserver package was
12782 <a href=
"http://git.debian.org/?p=pkg-xorg/xserver/xorg-server.git;a=commit;h=
9c8080d06c457932d3bfec021c69ac000aa60120
">changed
12783 in git
</a
> today to try to get apt-get to not remove xorg completely.
12784 No idea when it hits Squeeze, but when it does I hope it will reduce
12785 the difference somewhat.
12790 <title>LUMA, a very nice LDAP GUI
</title>
12791 <link>https://people.skolelinux.org/pere/blog/LUMA__a_very_nice_LDAP_GUI.html
</link>
12792 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/LUMA__a_very_nice_LDAP_GUI.html
</guid>
12793 <pubDate>Mon,
28 Jun
2010 00:
30:
00 +
0200</pubDate>
12794 <description><p
>The last few days I have been looking into the status of the LDAP
12795 directory in Debian Edu, and in the process I started to miss a GUI
12796 tool to browse the LDAP tree. The only one I was able to find in
12797 Debian/Squeeze and Lenny is
12798 <a href=
"http://luma.sourceforge.net/
">LUMA
</a
>, which has proved to
12799 be a great tool to get a overview of the current LDAP directory
12800 populated by default in Skolelinux. Thanks to it, I have been able to
12801 find empty and obsolete subtrees, misplaced objects and duplicate
12802 objects. It will be installed by default in Debian/Squeeze. If you
12803 are working with LDAP, give it a go. :)
</p
>
12805 <p
>I did notice one problem with it I have not had time to report to
12806 the BTS yet. There is no .desktop file in the package, so the tool do
12807 not show up in the Gnome and KDE menus, but only deep down in in the
12808 Debian submenu in KDE. I hope that can be fixed before Squeeze is
12809 released.
</p
>
12811 <p
>I have not yet been able to get it to modify the tree yet. I would
12812 like to move objects and remove subtrees directly in the GUI, but have
12813 not found a way to do that with LUMA yet. So in the mean time, I use
12814 <a href=
"http://www.lichteblau.com/ldapvi/
">ldapvi
</a
> for that.
</p
>
12816 <p
>If you have tips on other GUI tools for LDAP that might be useful
12817 in Debian Edu, please contact us on debian-edu@lists.debian.org.
</p
>
12819 <p
>Update
2010-
06-
29: Ross Reedstrom tipped us about the
12820 <a href=
"http://packages.qa.debian.org/g/gq.html
">gq
</a
> package as a
12821 useful GUI alternative. It seem like a good tool, but is unmaintained
12822 in Debian and got a RC bug keeping it out of Squeeze. Unless that
12823 changes, it will not be an option for Debian Edu based on Squeeze.
</p
>
12828 <title>Idea for a change to LDAP schemas allowing DNS and DHCP info to be combined into one object
</title>
12829 <link>https://people.skolelinux.org/pere/blog/Idea_for_a_change_to_LDAP_schemas_allowing_DNS_and_DHCP_info_to_be_combined_into_one_object.html
</link>
12830 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Idea_for_a_change_to_LDAP_schemas_allowing_DNS_and_DHCP_info_to_be_combined_into_one_object.html
</guid>
12831 <pubDate>Thu,
24 Jun
2010 00:
35:
00 +
0200</pubDate>
12832 <description><p
>A while back, I
12833 <a href=
"https://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
">complained
12834 about the fact
</a
> that it is not possible with the provided schemas
12835 for storing DNS and DHCP information in LDAP to combine the two sets
12836 of information into one LDAP object representing a computer.
</p
>
12838 <p
>In the mean time, I discovered that a simple fix would be to make
12839 the dhcpHost object class auxiliary, to allow it to be combined with
12840 the dNSDomain object class, and thus forming one object for one
12841 computer when storing both DHCP and DNS information in LDAP.
</p
>
12843 <p
>If I understand this correctly, it is not safe to do this change
12844 without also changing the assigned number for the object class, and I
12845 do not know enough about LDAP schema design to do that properly for
12846 Debian Edu.
</p
>
12848 <p
>Anyway, for future reference, this is how I believe we could change
12850 <a href=
"http://tools.ietf.org/html/draft-ietf-dhc-ldap-schema-
00">DHCP
12851 schema
</a
> to solve at least part of the problem with the LDAP schemas
12852 available today from IETF.
</p
>
12855 --- dhcp.schema (revision
65192)
12856 +++ dhcp.schema (working copy)
12857 @@ -
376,
7 +
376,
7 @@
12858 objectclass (
2.16.840.1.113719.1.203.6.6
12859 NAME
'dhcpHost
'
12860 DESC
'This represents information about a particular client
'
12862 + SUP top AUXILIARY
12864 MAY (dhcpLeaseDN $ dhcpHWAddress $ dhcpOptionsDN $ dhcpStatements $ dhcpComments $ dhcpOption)
12865 X-NDS_CONTAINMENT (
'dhcpService
' 'dhcpSubnet
' 'dhcpGroup
') )
12868 <p
>I very much welcome clues on how to do this properly for Debian
12869 Edu/Squeeze. We provide the DHCP schema in our debian-edu-config
12870 package, and should thus be free to rewrite it as we see fit.
</p
>
12872 <p
>If you want to help out with implementing this for Debian Edu,
12873 please contact us on debian-edu@lists.debian.org.
</p
>
12878 <title>Calling tasksel like the installer, while still getting useful output
</title>
12879 <link>https://people.skolelinux.org/pere/blog/Calling_tasksel_like_the_installer__while_still_getting_useful_output.html
</link>
12880 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Calling_tasksel_like_the_installer__while_still_getting_useful_output.html
</guid>
12881 <pubDate>Wed,
16 Jun
2010 14:
55:
00 +
0200</pubDate>
12882 <description><p
>A few times I have had the need to simulate the way tasksel
12883 installs packages during the normal debian-installer run. Until now,
12884 I have ended up letting tasksel do the work, with the annoying problem
12885 of not getting any feedback at all when something fails (like a
12886 conffile question from dpkg or a download that fails), using code like
12889 <blockquote
><pre
>
12890 export DEBIAN_FRONTEND=noninteractive
12891 tasksel --new-install
12892 </pre
></blockquote
>
12894 This would invoke tasksel, let its automatic task selection pick the
12895 tasks to install, and continue to install the requested tasks without
12896 any output what so ever.
12898 Recently I revisited this problem while working on the automatic
12899 package upgrade testing, because tasksel would some times hang without
12900 any useful feedback, and I want to see what is going on when it
12901 happen. Then it occured to me, I can parse the output from tasksel
12902 when asked to run in test mode, and use that aptitude command line
12903 printed by tasksel then to simulate the tasksel run. I ended up using
12906 <blockquote
><pre
>
12907 export DEBIAN_FRONTEND=noninteractive
12908 cmd=
"$(in_target tasksel -t --new-install | sed
's/debconf-apt-progress -- //
')
"
12910 </pre
></blockquote
>
12912 <p
>The content of $cmd is typically something like
"<tt
>aptitude -q
12913 --without-recommends -o APT::Install-Recommends=no -y install
12914 ~t^desktop$ ~t^gnome-desktop$ ~t^laptop$ ~pstandard ~prequired
12915 ~pimportant
</tt
>", which will install the gnome desktop task, the
12916 laptop task and all packages with priority standard , required and
12917 important, just like tasksel would have done it during
12918 installation.
</p
>
12920 <p
>A better approach is probably to extend tasksel to be able to
12921 install packages without using debconf-apt-progress, for use cases
12922 like this.
</p
>
12927 <title>Lenny-
>Squeeze upgrades, removals by apt and aptitude
</title>
12928 <link>https://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__removals_by_apt_and_aptitude.html
</link>
12929 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__removals_by_apt_and_aptitude.html
</guid>
12930 <pubDate>Sun,
13 Jun
2010 09:
05:
00 +
0200</pubDate>
12931 <description><p
>My
12932 <a href=
"https://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html
">testing
12933 of Debian upgrades
</a
> from Lenny to Squeeze continues, and I
've
12934 finally made the upgrade logs available from
12935 <a href=
"https://people.skolelinux.org/pere/debian-upgrade-testing/
">https://people.skolelinux.org/pere/debian-upgrade-testing/
</a
>.
12936 I am now testing dist-upgrade of Gnome and KDE in a chroot using both
12937 apt and aptitude, and found their differences interesting. This time
12938 I will only focus on their removal plans.
</p
>
12940 <p
>After installing a Gnome desktop and the laptop task, apt-get wants
12941 to remove
72 packages when dist-upgrading from Lenny to Squeeze. The
12942 surprising part is that it want to remove xorg and all
12943 xserver-xorg-video* drivers. Clearly not a good choice, but I am not
12944 sure why. When asking aptitude to do the same, it want to remove
129
12945 packages, but most of them are library packages I suspect are no
12946 longer needed. Both of them want to remove bluetooth packages, which
12947 I do not know. Perhaps these bluetooth packages are obsolete?
</p
>
12949 <p
>For KDE, apt-get want to remove
82 packages, among them kdebase
12950 which seem like a bad idea and xorg the same way as with Gnome. Asking
12951 aptitude for the same, it wants to remove
192 packages, none which are
12952 too surprising.
</p
>
12954 <p
>I guess the removal of xorg during upgrades should be investigated
12955 and avoided, and perhaps others as well. Here are the complete list
12956 of planned removals. The complete logs is available from the URL
12957 above. Note if you want to repeat these tests, that the upgrade test
12958 for kde+apt-get hung in the tasksel setup because of dpkg asking
12959 conffile questions. No idea why. I worked around it by using
12960 '<tt
>echo
>> /proc/
<em
>pidofdpkg
</em
>/fd/
0</tt
>' to tell dpkg to
12961 continue.
</p
>
12963 <p
><b
>apt-get gnome
72</b
>
12964 <br
>bluez-gnome cupsddk-drivers deskbar-applet gnome
12965 gnome-desktop-environment gnome-network-admin gtkhtml3.14
12966 iceweasel-gnome-support libavcodec51 libdatrie0 libgdl-
1-
0
12967 libgnomekbd2 libgnomekbdui2 libmetacity0 libslab0 libxcb-xlib0
12968 nautilus-cd-burner python-gnome2-desktop python-gnome2-extras
12969 serpentine swfdec-mozilla update-manager xorg xserver-xorg
12970 xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-evdev
12971 xserver-xorg-input-kbd xserver-xorg-input-mouse
12972 xserver-xorg-input-synaptics xserver-xorg-input-wacom
12973 xserver-xorg-video-all xserver-xorg-video-apm xserver-xorg-video-ark
12974 xserver-xorg-video-ati xserver-xorg-video-chips
12975 xserver-xorg-video-cirrus xserver-xorg-video-cyrix
12976 xserver-xorg-video-dummy xserver-xorg-video-fbdev
12977 xserver-xorg-video-glint xserver-xorg-video-i128
12978 xserver-xorg-video-i740 xserver-xorg-video-imstt
12979 xserver-xorg-video-intel xserver-xorg-video-mach64
12980 xserver-xorg-video-mga xserver-xorg-video-neomagic
12981 xserver-xorg-video-nsc xserver-xorg-video-nv
12982 xserver-xorg-video-openchrome xserver-xorg-video-r128
12983 xserver-xorg-video-radeon xserver-xorg-video-radeonhd
12984 xserver-xorg-video-rendition xserver-xorg-video-s3
12985 xserver-xorg-video-s3virge xserver-xorg-video-savage
12986 xserver-xorg-video-siliconmotion xserver-xorg-video-sis
12987 xserver-xorg-video-sisusb xserver-xorg-video-tdfx
12988 xserver-xorg-video-tga xserver-xorg-video-trident
12989 xserver-xorg-video-tseng xserver-xorg-video-v4l
12990 xserver-xorg-video-vesa xserver-xorg-video-vga
12991 xserver-xorg-video-vmware xserver-xorg-video-voodoo xulrunner-
1.9
12992 xulrunner-
1.9-gnome-support
</p
>
12994 <p
><b
>aptitude gnome
129</b
>
12996 <br
>bluez-gnome bluez-utils cpp-
4.3 cupsddk-drivers dhcdbd
12997 djvulibre-desktop finger gnome-app-install gnome-mount
12998 gnome-network-admin gnome-spell gnome-vfs-obexftp
12999 gnome-volume-manager gstreamer0.10-gnomevfs gtkhtml3.14 libao2
13000 libavahi-compat-libdnssd1 libavahi-core5 libavcodec51 libbluetooth2
13001 libcamel1.2-
11 libcdio7 libcucul0 libcupsys2 libcurl3 libdatrie0
13002 libdirectfb-
1.0-
0 libdvdread3 libedataserver1.2-
9 libeel2-
2.20
13003 libeel2-data libepc-
1.0-
1 libepc-ui-
1.0-
1 libfaad0 libgail-common
13004 libgd2-noxpm libgda3-
3 libgda3-common libgdl-
1-
0 libgdl-
1-common
13005 libggz2 libggzcore9 libggzmod4 libgksu1.2-
0 libgksuui1.0-
1 libgmyth0
13006 libgnomecups1.0-
1 libgnomekbd2 libgnomekbdui2 libgnomeprint2.2-
0
13007 libgnomeprint2.2-data libgnomeprintui2.2-
0 libgnomeprintui2.2-common
13008 libgnomevfs2-bin libgpod3 libgraphviz4 libgtkhtml2-
0
13009 libgtksourceview-common libgtksourceview1.0-
0 libgucharmap6
13010 libhesiod0 libicu38 libiw29 libkpathsea4 libltdl3 libmagick++
10
13011 libmagick10 libmalaga7 libmetacity0 libmtp7 libmysqlclient15off
13012 libnautilus-burn4 libneon27 libnm-glib0 libnm-util0 libopal-
2.2
13013 libosp5 libparted1.8-
10 libpoppler-glib3 libpoppler3 libpt-
1.10.10
13014 libpt-
1.10.10-plugins-alsa libpt-
1.10.10-plugins-v4l libraw1394-
8
13015 libsensors3 libslab0 libsmbios2 libsoup2.2-
8 libssh2-
1
13016 libsuitesparse-
3.1.0 libswfdec-
0.6-
90 libtalloc1 libtotem-plparser10
13017 libtrackerclient0 libxalan2-java libxalan2-java-gcj libxcb-xlib0
13018 libxerces2-java libxerces2-java-gcj libxklavier12 libxtrap6
13019 libxxf86misc1 libzephyr3 mysql-common nautilus-cd-burner
13020 openoffice.org-writer2latex openssl-blacklist p7zip
13021 python-
4suite-xml python-eggtrayicon python-gnome2-desktop
13022 python-gnome2-extras python-gtkhtml2 python-gtkmozembed
13023 python-numeric python-sexy serpentine svgalibg1 swfdec-gnome
13024 swfdec-mozilla totem-gstreamer update-manager wodim
13025 xserver-xorg-video-cyrix xserver-xorg-video-imstt
13026 xserver-xorg-video-nsc xserver-xorg-video-v4l xserver-xorg-video-vga
13029 <p
><b
>apt-get kde
82</b
>
13031 <br
>cupsddk-drivers karm kaudiocreator kcoloredit kcontrol kde kde-core
13032 kdeaddons kdeartwork kdebase kdebase-bin kdebase-bin-kde3
13033 kdebase-kio-plugins kdesktop kdeutils khelpcenter kicker
13034 kicker-applets knewsticker kolourpaint konq-plugins konqueror korn
13035 kpersonalizer kscreensaver ksplash libavcodec51 libdatrie0 libkiten1
13036 libxcb-xlib0 quanta superkaramba texlive-base-bin xorg xserver-xorg
13037 xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-evdev
13038 xserver-xorg-input-kbd xserver-xorg-input-mouse
13039 xserver-xorg-input-synaptics xserver-xorg-input-wacom
13040 xserver-xorg-video-all xserver-xorg-video-apm xserver-xorg-video-ark
13041 xserver-xorg-video-ati xserver-xorg-video-chips
13042 xserver-xorg-video-cirrus xserver-xorg-video-cyrix
13043 xserver-xorg-video-dummy xserver-xorg-video-fbdev
13044 xserver-xorg-video-glint xserver-xorg-video-i128
13045 xserver-xorg-video-i740 xserver-xorg-video-imstt
13046 xserver-xorg-video-intel xserver-xorg-video-mach64
13047 xserver-xorg-video-mga xserver-xorg-video-neomagic
13048 xserver-xorg-video-nsc xserver-xorg-video-nv
13049 xserver-xorg-video-openchrome xserver-xorg-video-r128
13050 xserver-xorg-video-radeon xserver-xorg-video-radeonhd
13051 xserver-xorg-video-rendition xserver-xorg-video-s3
13052 xserver-xorg-video-s3virge xserver-xorg-video-savage
13053 xserver-xorg-video-siliconmotion xserver-xorg-video-sis
13054 xserver-xorg-video-sisusb xserver-xorg-video-tdfx
13055 xserver-xorg-video-tga xserver-xorg-video-trident
13056 xserver-xorg-video-tseng xserver-xorg-video-v4l
13057 xserver-xorg-video-vesa xserver-xorg-video-vga
13058 xserver-xorg-video-vmware xserver-xorg-video-voodoo xulrunner-
1.9</p
>
13060 <p
><b
>aptitude kde
192</b
>
13061 <br
>bluez-utils cpp-
4.3 cupsddk-drivers cvs dcoprss dhcdbd
13062 djvulibre-desktop dosfstools eyesapplet fifteenapplet finger gettext
13063 ghostscript-x imlib-base imlib11 indi kandy karm kasteroids
13064 kaudiocreator kbackgammon kbstate kcoloredit kcontrol kcron kdat
13065 kdeadmin-kfile-plugins kdeartwork-misc kdeartwork-theme-window
13066 kdebase-bin-kde3 kdebase-kio-plugins kdeedu-data
13067 kdegraphics-kfile-plugins kdelirc kdemultimedia-kappfinder-data
13068 kdemultimedia-kfile-plugins kdenetwork-kfile-plugins
13069 kdepim-kfile-plugins kdepim-kio-plugins kdeprint kdesktop kdessh
13070 kdict kdnssd kdvi kedit keduca kenolaba kfax kfaxview kfouleggs
13071 kghostview khelpcenter khexedit kiconedit kitchensync klatin
13072 klickety kmailcvt kmenuedit kmid kmilo kmoon kmrml kodo kolourpaint
13073 kooka korn kpager kpdf kpercentage kpf kpilot kpoker kpovmodeler
13074 krec kregexpeditor ksayit ksim ksirc ksirtet ksmiletris ksmserver
13075 ksnake ksokoban ksplash ksvg ksysv ktip ktnef kuickshow kverbos
13076 kview kviewshell kvoctrain kwifimanager kwin kwin4 kworldclock
13077 kxsldbg libakode2 libao2 libarts1-akode libarts1-audiofile
13078 libarts1-mpeglib libarts1-xine libavahi-compat-libdnssd1
13079 libavahi-core5 libavc1394-
0 libavcodec51 libbluetooth2
13080 libboost-python1.34
.1 libcucul0 libcurl3 libcvsservice0 libdatrie0
13081 libdirectfb-
1.0-
0 libdjvulibre21 libdvdread3 libfaad0 libfreebob0
13082 libgail-common libgd2-noxpm libgraphviz4 libgsmme1c2a libgtkhtml2-
0
13083 libicu38 libiec61883-
0 libindex0 libiw29 libk3b3 libkcal2b libkcddb1
13084 libkdeedu3 libkdepim1a libkgantt0 libkiten1 libkleopatra1 libkmime2
13085 libkpathsea4 libkpimexchange1 libkpimidentities1 libkscan1
13086 libksieve0 libktnef1 liblockdev1 libltdl3 libmagick10 libmimelib1c2a
13087 libmozjs1d libmpcdec3 libneon27 libnm-util0 libopensync0 libpisock9
13088 libpoppler-glib3 libpoppler-qt2 libpoppler3 libraw1394-
8 libsmbios2
13089 libssh2-
1 libsuitesparse-
3.1.0 libtalloc1 libtiff-tools
13090 libxalan2-java libxalan2-java-gcj libxcb-xlib0 libxerces2-java
13091 libxerces2-java-gcj libxtrap6 mpeglib networkstatus
13092 openoffice.org-writer2latex pmount poster psutils quanta quanta-data
13093 superkaramba svgalibg1 tex-common texlive-base texlive-base-bin
13094 texlive-common texlive-doc-base texlive-fonts-recommended
13095 xserver-xorg-video-cyrix xserver-xorg-video-imstt
13096 xserver-xorg-video-nsc xserver-xorg-video-v4l xserver-xorg-video-vga
13097 xulrunner-
1.9</p
>
13103 <title>Automatic upgrade testing from Lenny to Squeeze
</title>
13104 <link>https://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html
</link>
13105 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html
</guid>
13106 <pubDate>Fri,
11 Jun
2010 22:
50:
00 +
0200</pubDate>
13107 <description><p
>The last few days I have done some upgrade testing in Debian, to
13108 see if the upgrade from Lenny to Squeeze will go smoothly. A few bugs
13109 have been discovered and reported in the process
13110 (
<a href=
"http://bugs.debian.org/
585410">#
585410</a
> in nagios3-cgi,
13111 <a href=
"http://bugs.debian.org/
584879">#
584879</a
> already fixed in
13112 enscript and
<a href=
"http://bugs.debian.org/
584861">#
584861</a
> in
13113 kdebase-workspace-data), and to get a more regular testing going on, I
13114 am working on a script to automate the test.
</p
>
13116 <p
>The idea is to create a Lenny chroot and use tasksel to install a
13117 Gnome or KDE desktop installation inside the chroot before upgrading
13118 it. To ensure no services are started in the chroot, a policy-rc.d
13119 script is inserted. To make sure tasksel believe it is to install a
13120 desktop on a laptop, the tasksel tests are replaced in the chroot
13121 (only acceptable because this is a throw-away chroot).
</p
>
13123 <p
>A naive upgrade from Lenny to Squeeze using aptitude dist-upgrade
13124 currently always fail because udev refuses to upgrade with the kernel
13125 in Lenny, so to avoid that problem the file /etc/udev/kernel-upgrade
13126 is created. The bug report
13127 <a href=
"http://bugs.debian.org/
566000">#
566000</a
> make me suspect
13128 this problem do not trigger in a chroot, but I touch the file anyway
13129 to make sure the upgrade go well. Testing on virtual and real
13130 hardware have failed me because of udev so far, and creating this file
13131 do the trick in such settings anyway. This is a
13132 <a href=
"http://www.linuxquestions.org/questions/debian-
26/failed-dist-upgrade-due-to-udev-config_sysfs_deprecated-nonsense-
804130/
">known
13133 issue
</a
> and the current udev behaviour is intended by the udev
13134 maintainer because he lack the resources to rewrite udev to keep
13135 working with old kernels or something like that. I really wish the
13136 udev upstream would keep udev backwards compatible, to avoid such
13137 upgrade problem, but given that they fail to do so, I guess
13138 documenting the way out of this mess is the best option we got for
13139 Debian Squeeze.
</p
>
13141 <p
>Anyway, back to the task at hand, testing upgrades. This test
13142 script, which I call
<tt
>upgrade-test
</tt
> for now, is doing the
13145 <blockquote
><pre
>
13149 if [
"$
1" ] ; then
13158 exec
&lt; /dev/null
13160 mirror=http://ftp.skolelinux.org/debian
13161 tmpdir=chroot-$from-upgrade-$to-$desktop
13163 debootstrap $from $tmpdir $mirror
13164 chroot $tmpdir aptitude update
13165 cat
> $tmpdir/usr/sbin/policy-rc.d
&lt;
&lt;EOF
13169 chmod a+rx $tmpdir/usr/sbin/policy-rc.d
13171 umount $tmpdir/proc
13173 mount -t proc proc $tmpdir/proc
13174 # Make sure proc is unmounted also on failure
13175 trap exit_cleanup EXIT INT
13177 chroot $tmpdir aptitude -y install debconf-utils
13179 # Make sure tasksel autoselection trigger. It need the test scripts
13180 # to return the correct answers.
13181 echo tasksel tasksel/desktop multiselect $desktop | \
13182 chroot $tmpdir debconf-set-selections
13184 # Include the desktop and laptop task
13185 for test in desktop laptop ; do
13186 echo
> $tmpdir/usr/lib/tasksel/tests/$test
&lt;
&lt;EOF
13190 chmod a+rx $tmpdir/usr/lib/tasksel/tests/$test
13193 DEBIAN_FRONTEND=noninteractive
13194 DEBIAN_PRIORITY=critical
13195 export DEBIAN_FRONTEND DEBIAN_PRIORITY
13196 chroot $tmpdir tasksel --new-install
13198 echo deb $mirror $to main
> $tmpdir/etc/apt/sources.list
13199 chroot $tmpdir aptitude update
13200 touch $tmpdir/etc/udev/kernel-upgrade
13201 chroot $tmpdir aptitude -y dist-upgrade
13203 </pre
></blockquote
>
13205 <p
>I suspect it would be useful to test upgrades with both apt-get and
13206 with aptitude, but I have not had time to look at how they behave
13207 differently so far. I hope to get a cron job running to do the test
13208 regularly and post the result on the web. The Gnome upgrade currently
13209 work, while the KDE upgrade fail because of the bug in
13210 kdebase-workspace-data
</p
>
13212 <p
>I am not quite sure what kind of extract from the huge upgrade logs
13213 (KDE
167 KiB, Gnome
516 KiB) it make sense to include in this blog
13214 post, so I will refrain from trying. I can report that for Gnome,
13215 aptitude report
760 packages upgraded,
448 newly installed,
129 to
13216 remove and
1 not upgraded and
1024MB need to be downloaded while for
13217 KDE the same numbers are
702 packages upgraded,
507 newly installed,
13218 193 to remove and
0 not upgraded and
1117MB need to be downloaded
</p
>
13220 <p
>I am very happy to notice that the Gnome desktop + laptop upgrade
13221 is able to migrate to dependency based boot sequencing and parallel
13222 booting without a hitch. Was unsure if there were still bugs with
13223 packages failing to clean up their obsolete init.d script during
13224 upgrades, and no such problem seem to affect the Gnome desktop+laptop
13225 packages.
</p
>
13230 <title>Upstart or sysvinit - as init.d scripts see it
</title>
13231 <link>https://people.skolelinux.org/pere/blog/Upstart_or_sysvinit___as_init_d_scripts_see_it.html
</link>
13232 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Upstart_or_sysvinit___as_init_d_scripts_see_it.html
</guid>
13233 <pubDate>Sun,
6 Jun
2010 23:
55:
00 +
0200</pubDate>
13234 <description><p
>If Debian is to migrate to upstart on Linux, I expect some init.d
13235 scripts to migrate (some of) their operations to upstart job while
13236 keeping the init.d for hurd and kfreebsd. The packages with such
13237 needs will need a way to get their init.d scripts to behave
13238 differently when used with sysvinit and with upstart. Because of
13239 this, I had a look at the environment variables set when a init.d
13240 script is running under upstart, and when it is not.
</p
>
13242 <p
>With upstart, I notice these environment variables are set when a
13243 script is started from rcS.d/ (ignoring some irrelevant ones like
13244 COLUMNS):
</p
>
13246 <blockquote
><pre
>
13252 UPSTART_EVENTS=startup
13254 UPSTART_JOB=rc-sysinit
13255 </pre
></blockquote
>
13257 <p
>With sysvinit, these environment variables are set for the same
13260 <blockquote
><pre
>
13261 INIT_VERSION=sysvinit-
2.88
13266 </pre
></blockquote
>
13268 <p
>The RUNLEVEL and PREVLEVEL environment variables passed on from
13269 sysvinit are not set by upstart. Not sure if it is intentional or not
13270 to not be compatible with sysvinit in this regard.
</p
>
13272 <p
>For scripts needing to behave differently when upstart is used,
13273 looking for the UPSTART_JOB environment variable seem to be a good
13279 <title>A manual for standards wars...
</title>
13280 <link>https://people.skolelinux.org/pere/blog/A_manual_for_standards_wars___.html
</link>
13281 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/A_manual_for_standards_wars___.html
</guid>
13282 <pubDate>Sun,
6 Jun
2010 14:
15:
00 +
0200</pubDate>
13283 <description><p
>Via the
13284 <a href=
"http://feedproxy.google.com/~r/robweir/antic-atom/~
3/QzU4RgoAGMg/weekly-links-
10.html
">blog
13285 of Rob Weir
</a
> I came across the very interesting essay named
13286 <a href=
"http://faculty.haas.berkeley.edu/shapiro/wars.pdf
">The Art of
13287 Standards Wars
</a
> (PDF
25 pages). I recommend it for everyone
13288 following the standards wars of today.
</p
>
13293 <title>Sitesummary tip: Listing computer hardware models used at site
</title>
13294 <link>https://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_computer_hardware_models_used_at_site.html
</link>
13295 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_computer_hardware_models_used_at_site.html
</guid>
13296 <pubDate>Thu,
3 Jun
2010 12:
05:
00 +
0200</pubDate>
13297 <description><p
>When using sitesummary at a site to track machines, it is possible
13298 to get a list of the machine types in use thanks to the DMI
13299 information extracted from each machine. The script to do so is
13300 included in the sitesummary package, and here is example output from
13301 the Skolelinux build servers:
</p
>
13303 <blockquote
><pre
>
13304 maintainer:~# /usr/lib/sitesummary/hardware-model-summary
13306 Dell Computer Corporation
1
13309 eserver xSeries
345 -[
8670M1X]-
1
13313 </pre
></blockquote
>
13315 <p
>The quality of the report depend on the quality of the DMI tables
13316 provided in each machine. Here there are Intel machines without model
13317 information listed with Intel as vendor and no model, and virtual Xen
13318 machines listed as [no-dmi-info]. One can add -l as a command line
13319 option to list the individual machines.
</p
>
13321 <p
>A larger list is
13322 <a href=
"http://narvikskolen.no/sitesummary/
">available from the the
13323 city of Narvik
</a
>, which uses Skolelinux on all their shools and also
13324 provide the basic sitesummary report publicly. In their report there
13325 are ~
1400 machines. I know they use both Ubuntu and Skolelinux on
13326 their machines, and as sitesummary is available in both distributions,
13327 it is trivial to get all of them to report to the same central
13328 collector.
</p
>
13333 <title>KDM fail at boot with NVidia cards - and no one try to fix it?
</title>
13334 <link>https://people.skolelinux.org/pere/blog/KDM_fail_at_boot_with_NVidia_cards___and_no_one_try_to_fix_it_.html
</link>
13335 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/KDM_fail_at_boot_with_NVidia_cards___and_no_one_try_to_fix_it_.html
</guid>
13336 <pubDate>Tue,
1 Jun
2010 17:
05:
00 +
0200</pubDate>
13337 <description><p
>It is strange to watch how a bug in Debian causing KDM to fail to
13338 start at boot when an NVidia video card is used is handled. The
13339 problem seem to be that the nvidia X.org driver uses a long time to
13340 initialize, and this duration is longer than kdm is configured to
13343 <p
>I came across two bugs related to this issue,
13344 <a href=
"http://bugs.debian.org/
583312">#
583312</a
> initially filed
13345 against initscripts and passed on to nvidia-glx when it became obvious
13346 that the nvidia drivers were involved, and
13347 <a href=
"http://bugs.debian.org/
524751">#
524751</a
> initially filed against
13348 kdm and passed on to src:nvidia-graphics-drivers for unknown reasons.
</p
>
13350 <p
>To me, it seem that no-one is interested in actually solving the
13351 problem nvidia video card owners experience and make sure the Debian
13352 distribution work out of the box for these users. The nvidia driver
13353 maintainers expect kdm to be set up to wait longer, while kdm expect
13354 the nvidia driver maintainers to fix the driver to start faster, and
13355 while they wait for each other I guess the users end up switching to a
13356 distribution that work for them. I have no idea what the solution is,
13357 but I am pretty sure that waiting for each other is not it.
</p
>
13359 <p
>I wonder why we end up handling bugs this way.
</p
>
13364 <title>Parallellized boot seem to hold up well in Debian/testing
</title>
13365 <link>https://people.skolelinux.org/pere/blog/Parallellized_boot_seem_to_hold_up_well_in_Debian_testing.html
</link>
13366 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Parallellized_boot_seem_to_hold_up_well_in_Debian_testing.html
</guid>
13367 <pubDate>Thu,
27 May
2010 23:
55:
00 +
0200</pubDate>
13368 <description><p
>A few days ago, parallel booting was enabled in Debian/testing.
13369 The feature seem to hold up pretty well, but three fairly serious
13370 issues are known and should be solved:
13372 <p
><ul
>
13374 <li
>The wicd package seen to
13375 <a href=
"http://bugs.debian.org/
508289">break NFS mounting
</a
> and
13376 <a href=
"http://bugs.debian.org/
581586">network setup
</a
> when
13377 parallel booting is enabled. No idea why, but the wicd maintainer
13378 seem to be on the case.
</li
>
13380 <li
>The nvidia X driver seem to
13381 <a href=
"http://bugs.debian.org/
583312">have a race condition
</a
>
13382 triggered more easily when parallel booting is in effect. The
13383 maintainer is on the case.
</li
>
13385 <li
>The sysv-rc package fail to properly enable dependency based boot
13386 sequencing (the shutdown is broken) when old file-rc users
13387 <a href=
"http://bugs.debian.org/
575080">try to switch back
</a
> to
13388 sysv-rc. One way to solve it would be for file-rc to create
13389 /etc/init.d/.legacy-bootordering, and another is to try to make
13390 sysv-rc more robust. Will investigate some more and probably upload a
13391 workaround in sysv-rc to help those trying to move from file-rc to
13392 sysv-rc get a working shutdown.
</li
>
13394 </ul
></p
>
13396 <p
>All in all not many surprising issues, and all of them seem
13397 solvable before Squeeze is released. In addition to these there are
13398 some packages with bugs in their dependencies and run level settings,
13399 which I expect will be fixed in a reasonable time span.
</p
>
13401 <p
>If you report any problems with dependencies in init.d scripts to
13402 the BTS, please usertag the report to get it to show up at
13403 <a href=
"http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org
">the
13404 list of usertagged bugs related to this
</a
>.
</p
>
13406 <p
>Update: Correct bug number to file-rc issue.
</p
>
13411 <title>More flexible firmware handling in debian-installer
</title>
13412 <link>https://people.skolelinux.org/pere/blog/More_flexible_firmware_handling_in_debian_installer.html
</link>
13413 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/More_flexible_firmware_handling_in_debian_installer.html
</guid>
13414 <pubDate>Sat,
22 May
2010 21:
30:
00 +
0200</pubDate>
13415 <description><p
>After a long break from debian-installer development, I finally
13416 found time today to return to the project. Having to spend less time
13417 working dependency based boot in debian, as it is almost complete now,
13418 definitely helped freeing some time.
</p
>
13420 <p
>A while back, I ran into a problem while working on Debian Edu. We
13421 include some firmware packages on the Debian Edu CDs, those needed to
13422 get disk and network controllers working. Without having these
13423 firmware packages available during installation, it is impossible to
13424 install Debian Edu on the given machine, and because our target group
13425 are non-technical people, asking them to provide firmware packages on
13426 an external medium is a support pain. Initially, I expected it to be
13427 enough to include the firmware packages on the CD to get
13428 debian-installer to find and use them. This proved to be wrong.
13429 Next, I hoped it was enough to symlink the relevant firmware packages
13430 to some useful location on the CD (tried /cdrom/ and
13431 /cdrom/firmware/). This also proved to not work, and at this point I
13432 found time to look at the debian-installer code to figure out what was
13433 going to work.
</p
>
13435 <p
>The firmware loading code is in the hw-detect package, and a closer
13436 look revealed that it would only look for firmware packages outside
13437 the installation media, so the CD was never checked for firmware
13438 packages. It would only check USB sticks, floppies and other
13439 "external
" media devices. Today I changed it to also look in the
13440 /cdrom/firmware/ directory on the mounted CD or DVD, which should
13441 solve the problem I ran into with Debian edu. I also changed it to
13442 look in /firmware/, to make sure the installer also find firmware
13443 provided in the initrd when booting the installer via PXE, to allow us
13444 to provide the same feature in the PXE setup included in Debian
13447 <p
>To make sure firmware deb packages with a license questions are not
13448 activated without asking if the license is accepted, I extended
13449 hw-detect to look for preinst scripts in the firmware packages, and
13450 run these before activating the firmware during installation. The
13451 license question is asked using debconf in the preinst, so this should
13452 solve the issue for the firmware packages I have looked at so far.
</p
>
13454 <p
>If you want to discuss the details of these features, please
13455 contact us on debian-boot@lists.debian.org.
</p
>
13460 <title>Parallellized boot is now the default in Debian/unstable
</title>
13461 <link>https://people.skolelinux.org/pere/blog/Parallellized_boot_is_now_the_default_in_Debian_unstable.html
</link>
13462 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Parallellized_boot_is_now_the_default_in_Debian_unstable.html
</guid>
13463 <pubDate>Fri,
14 May
2010 22:
40:
00 +
0200</pubDate>
13464 <description><p
>Since this evening, parallel booting is the default in
13465 Debian/unstable for machines using dependency based boot sequencing.
13466 Apparently the testing of concurrent booting has been wider than
13467 expected, if I am to believe the
13468 <a href=
"http://lists.debian.org/debian-devel/
2010/
05/msg00122.html
">input
13469 on debian-devel@
</a
>, and I concluded a few days ago to move forward
13470 with the feature this weekend, to give us some time to detect any
13471 remaining problems before Squeeze is frozen. If serious problems are
13472 detected, it is simple to change the default back to sequential boot.
13473 The upload of the new sysvinit package also activate a new upstream
13476 More information about
13477 <a href=
"http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot
">dependency
13478 based boot sequencing
</a
> is available from the Debian wiki. It is
13479 currently possible to disable parallel booting when one run into
13480 problems caused by it, by adding this line to /etc/default/rcS:
</p
>
13482 <blockquote
><pre
>
13484 </pre
></blockquote
>
13486 <p
>If you report any problems with dependencies in init.d scripts to
13487 the BTS, please usertag the report to get it to show up at
13488 <a href=
"http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org
">the
13489 list of usertagged bugs related to this
</a
>.
</p
>
13494 <title>Sitesummary tip: Listing MAC address of all clients
</title>
13495 <link>https://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_MAC_address_of_all_clients.html
</link>
13496 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_MAC_address_of_all_clients.html
</guid>
13497 <pubDate>Fri,
14 May
2010 21:
10:
00 +
0200</pubDate>
13498 <description><p
>In the recent Debian Edu versions, the
13499 <a href=
"http://wiki.debian.org/DebianEdu/HowTo/SiteSummary
">sitesummary
13500 system
</a
> is used to keep track of the machines in the school
13501 network. Each machine will automatically report its status to the
13502 central server after boot and once per night. The network setup is
13503 also reported, and using this information it is possible to get the
13504 MAC address of all network interfaces in the machines. This is useful
13505 to update the DHCP configuration.
</p
>
13507 <p
>To give some idea how to use sitesummary, here is a one-liner to
13508 ist all MAC addresses of all machines reporting to sitesummary. Run
13509 this on the collector host:
</p
>
13511 <blockquote
><pre
>
13512 perl -MSiteSummary -e
'for_all_hosts(sub { print join(
" ", get_macaddresses(shift)),
"\n
"; });
'
13513 </pre
></blockquote
>
13515 <p
>This will list all MAC addresses assosiated with all machine, one
13516 line per machine and with space between the MAC addresses.
</p
>
13518 <p
>To allow system administrators easier job at adding static DHCP
13519 addresses for hosts, it would be possible to extend this to fetch
13520 machine information from sitesummary and update the DHCP and DNS
13521 tables in LDAP using this information. Such tool is unfortunately not
13522 written yet.
</p
>
13527 <title>systemd, an interesting alternative to upstart
</title>
13528 <link>https://people.skolelinux.org/pere/blog/systemd__an_interesting_alternative_to_upstart.html
</link>
13529 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/systemd__an_interesting_alternative_to_upstart.html
</guid>
13530 <pubDate>Thu,
13 May
2010 22:
20:
00 +
0200</pubDate>
13531 <description><p
>The last few days a new boot system called
13532 <a href=
"http://www.freedesktop.org/wiki/Software/systemd
">systemd
</a
>
13534 <a href=
"http://
0pointer.de/blog/projects/systemd.html
">introduced
</a
>
13536 to the free software world. I have not yet had time to play around
13537 with it, but it seem to be a very interesting alternative to
13538 <a href=
"http://upstart.ubuntu.com/
">upstart
</a
>, and might prove to be
13539 a good alternative for Debian when we are able to switch to an event
13540 based boot system. Tollef is
13541 <a href=
"http://bugs.debian.org/
580814">in the process
</a
> of getting
13542 systemd into Debian, and I look forward to seeing how well it work. I
13543 like the fact that systemd handles init.d scripts with dependency
13544 information natively, allowing them to run in parallel where upstart
13545 at the moment do not.
</p
>
13547 <p
>Unfortunately do systemd have the same problem as upstart regarding
13548 platform support. It only work on recent Linux kernels, and also need
13549 some new kernel features enabled to function properly. This means
13550 kFreeBSD and Hurd ports of Debian will need a port or a different boot
13551 system. Not sure how that will be handled if systemd proves to be the
13552 way forward.
</p
>
13554 <p
>In the mean time, based on the
13555 <a href=
"http://lists.debian.org/debian-devel/
2010/
05/msg00122.html
">input
13556 on debian-devel@
</a
> regarding parallel booting in Debian, I have
13557 decided to enable full parallel booting as the default in Debian as
13558 soon as possible (probably this weekend or early next week), to see if
13559 there are any remaining serious bugs in the init.d dependencies. A
13560 new version of the sysvinit package implementing this change is
13561 already in experimental. If all go well, Squeeze will be released
13562 with parallel booting enabled by default.
</p
>
13567 <title>Parallellizing the boot in Debian Squeeze - ready for wider testing
</title>
13568 <link>https://people.skolelinux.org/pere/blog/Parallellizing_the_boot_in_Debian_Squeeze___ready_for_wider_testing.html
</link>
13569 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Parallellizing_the_boot_in_Debian_Squeeze___ready_for_wider_testing.html
</guid>
13570 <pubDate>Thu,
6 May
2010 23:
25:
00 +
0200</pubDate>
13571 <description><p
>These days, the init.d script dependencies in Squeeze are quite
13572 complete, so complete that it is actually possible to run all the
13573 init.d scripts in parallell based on these dependencies. If you want
13574 to test your Squeeze system, make sure
13575 <a href=
"http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot
">dependency
13576 based boot sequencing
</a
> is enabled, and add this line to
13577 /etc/default/rcS:
</p
>
13579 <blockquote
><pre
>
13580 CONCURRENCY=makefile
13581 </pre
></blockquote
>
13583 <p
>That is it. It will cause sysv-rc to use the startpar tool to run
13584 scripts in parallel using the dependency information stored in
13585 /etc/init.d/.depend.boot, /etc/init.d/.depend.start and
13586 /etc/init.d/.depend.stop to order the scripts. Startpar is configured
13587 to try to start the kdm and gdm scripts as early as possible, and will
13588 start the facilities required by kdm or gdm as early as possible to
13589 make this happen.
</p
>
13591 <p
>Give it a try, and see if you like the result. If some services
13592 fail to start properly, it is most likely because they have incomplete
13593 init.d script dependencies in their startup script (or some of their
13594 dependent scripts have incomplete dependencies). Report bugs and get
13595 the package maintainers to fix it. :)
</p
>
13597 <p
>Running scripts in parallel could be the default in Debian when we
13598 manage to get the init.d script dependencies complete and correct. I
13599 expect we will get there in Squeeze+
1, if we get manage to test and
13600 fix the remaining issues.
</p
>
13602 <p
>If you report any problems with dependencies in init.d scripts to
13603 the BTS, please usertag the report to get it to show up at
13604 <a href=
"http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org
">the
13605 list of usertagged bugs related to this
</a
>.
</p
>
13610 <title>Debian has switched to dependency based boot sequencing
</title>
13611 <link>https://people.skolelinux.org/pere/blog/Debian_has_switched_to_dependency_based_boot_sequencing.html
</link>
13612 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Debian_has_switched_to_dependency_based_boot_sequencing.html
</guid>
13613 <pubDate>Mon,
27 Jul
2009 23:
50:
00 +
0200</pubDate>
13614 <description><p
>Since this evening, with the upload of sysvinit version
2.87dsf-
2,
13615 and the upload of insserv version
1.12.0-
10 yesterday, Debian unstable
13616 have been migrated to using dependency based boot sequencing. This
13617 conclude work me and others have been doing for the last three days.
13618 It feels great to see this finally part of the default Debian
13619 installation. Now we just need to weed out the last few problems that
13620 are bound to show up, to get everything ready for Squeeze.
</p
>
13622 <p
>The next step is migrating /sbin/init from sysvinit to upstart, and
13623 fixing the more fundamental problem of handing the event based
13624 non-predictable kernel in the early boot.
</p
>
13629 <title>Taking over sysvinit development
</title>
13630 <link>https://people.skolelinux.org/pere/blog/Taking_over_sysvinit_development.html
</link>
13631 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Taking_over_sysvinit_development.html
</guid>
13632 <pubDate>Wed,
22 Jul
2009 23:
00:
00 +
0200</pubDate>
13633 <description><p
>After several years of frustration with the lack of activity from
13634 the existing sysvinit upstream developer, I decided a few weeks ago to
13635 take over the package and become the new upstream. The number of
13636 patches to track for the Debian package was becoming a burden, and the
13637 lack of synchronization between the distribution made it hard to keep
13638 the package up to date.
</p
>
13640 <p
>On the new sysvinit team is the SuSe maintainer Dr. Werner Fink,
13641 and my Debian co-maintainer Kel Modderman. About
10 days ago, I made
13642 a new upstream tarball with version number
2.87dsf (for Debian, SuSe
13643 and Fedora), based on the patches currently in use in these
13644 distributions. We Debian maintainers plan to move to this tarball as
13645 the new upstream as soon as we find time to do the merge. Since the
13646 new tarball was created, we agreed with Werner at SuSe to make a new
13647 upstream project at
<a href=
"http://savannah.nongnu.org/
">Savannah
</a
>, and continue
13648 development there. The project is registered and currently waiting
13649 for approval by the Savannah administrators, and as soon as it is
13650 approved, we will import the old versions from svn and continue
13651 working on the future release.
</p
>
13653 <p
>It is a bit ironic that this is done now, when some of the involved
13654 distributions are moving to upstart as a syvinit replacement.
</p
>
13659 <title>Debian boots quicker and quicker
</title>
13660 <link>https://people.skolelinux.org/pere/blog/Debian_boots_quicker_and_quicker.html
</link>
13661 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Debian_boots_quicker_and_quicker.html
</guid>
13662 <pubDate>Wed,
24 Jun
2009 21:
40:
00 +
0200</pubDate>
13663 <description><p
>I spent Monday and tuesday this week in London with a lot of the
13664 people involved in the boot system on Debian and Ubuntu, to see if we
13665 could find more ways to speed up the boot system. This was an Ubuntu
13667 <a href=
"https://wiki.ubuntu.com/FoundationsTeam/BootPerformance/DebianUbuntuSprint
">developer
13668 gathering
</a
>. It was quite productive. We also discussed the future
13669 of boot systems, and ways to handle the increasing number of boot
13670 issues introduced by the Linux kernel becoming more and more
13671 asynchronous and event base. The Ubuntu approach using udev and
13672 upstart might be a good way forward. Time will show.
</p
>
13674 <p
>Anyway, there are a few ways at the moment to speed up the boot
13675 process in Debian. All of these should be applied to get a quick
13680 <li
>Use dash as /bin/sh.
</li
>
13682 <li
>Disable the init.d/hwclock*.sh scripts and make sure the hardware
13683 clock is in UTC.
</li
>
13685 <li
>Install and activate the insserv package to enable
13686 <a href=
"http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot
">dependency
13687 based boot sequencing
</a
>, and enable concurrent booting.
</li
>
13691 These points are based on the Google summer of code work done by
13692 <a href=
"http://initscripts-ng.alioth.debian.org/soc2006-bootsystem/
">Carlos
13693 Villegas
</a
>.
13695 <p
>Support for makefile-style concurrency during boot was uploaded to
13696 unstable yesterday. When we tested it, we were able to cut
6 seconds
13697 from the boot sequence. It depend on very correct dependency
13698 declaration in all init.d scripts, so I expect us to find edge cases
13699 where the dependences in some scripts are slightly wrong when we start
13700 using this.
</p
>
13702 <p
>On our IRC channel for this effort, #pkg-sysvinit, a new idea was
13703 introduced by Raphael Geissert today, one that could affect the
13704 startup speed as well. Instead of starting some scripts concurrently
13705 from rcS.d/ and another set of scripts from rc2.d/, it would be
13706 possible to run a of them in the same process. A quick way to test
13707 this would be to enable insserv and run
'mv /etc/rc2.d/S* /etc/rcS.d/;
13708 insserv
'. Will need to test if that work. :)
</p
>
13713 <title>BSAs påstander om piratkopiering møter motstand
</title>
13714 <link>https://people.skolelinux.org/pere/blog/BSAs_p_stander_om_piratkopiering_m_ter_motstand.html
</link>
13715 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/BSAs_p_stander_om_piratkopiering_m_ter_motstand.html
</guid>
13716 <pubDate>Sun,
17 May
2009 23:
05:
00 +
0200</pubDate>
13717 <description><p
>Hvert år de siste årene har BSA, lobbyfronten til de store
13718 programvareselskapene som Microsoft og Apple, publisert en rapport der
13719 de gjetter på hvor mye piratkopiering påfører i tapte inntekter i
13720 ulike land rundt om i verden. Resultatene er tendensiøse. For noen
13722 <a href=
"http://global.bsa.org/globalpiracy2008/studies/globalpiracy2008.pdf
">siste
13723 rapport
</a
>, og det er flere kritiske kommentarer publisert de siste
13724 dagene. Et spesielt interessant kommentar fra Sverige,
13725 <a href=
"http://www.idg.se/
2.1085/
1.229795/bsa-hoftade-sverigesiffror
">BSA
13726 höftade Sverigesiffror
</a
>, oppsummeres slik:
</p
>
13729 I sin senaste rapport slår BSA fast att
25 procent av all mjukvara i
13730 Sverige är piratkopierad. Det utan att ha pratat med ett enda svenskt
13731 företag.
"Man bör nog kanske inte se de här siffrorna som helt
13732 exakta
", säger BSAs Sverigechef John Hugosson.
13733 </blockquote
>
13735 <p
>Mon tro om de er like metodiske når de gjetter på andelen piratkopiering i Norge? To andre kommentarer er
<a
13736 href=
"http://www.vnunet.com/vnunet/comment/
2242134/bsa-piracy-figures-shot-reality
">BSA
13737 piracy figures need a shot of reality
</a
> og
<a
13738 href=
"http://www.michaelgeist.ca/content/view/
3958/
125/
">Does The WIPO
13739 Copyright Treaty Work?
</a
></p
>
13741 <p
>Fant lenkene via
<a
13742 href=
"http://tech.slashdot.org/article.pl?sid=
09/
05/
17/
1632242">oppslag
13743 på Slashdot
</a
>.
</p
>
13748 <title>IDG mener linux i servermarkedet vil vokse med
21% i
2009</title>
13749 <link>https://people.skolelinux.org/pere/blog/IDG_mener_linux_i_servermarkedet_vil_vokse_med_21__i_2009.html
</link>
13750 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/IDG_mener_linux_i_servermarkedet_vil_vokse_med_21__i_2009.html
</guid>
13751 <pubDate>Thu,
7 May
2009 22:
30:
00 +
0200</pubDate>
13752 <description><p
>Kom over
13753 <a href=
"http://news.cnet.com/
8301-
13505_3-
10216873-
16.html
">interessante
13754 tall
</a
> fra IDG om utviklingen av linuxservermarkedet. Fikk meg til
13755 å tenke på antall tjenermaskiner ved Universitetet i Oslo der jeg
13756 jobber til daglig. En rask opptelling forteller meg at vi har
490
13757 (
61%) fysiske unix-tjener (mest linux men også noen solaris) og
196
13758 (
25%) windowstjenere, samt
112 (
14%) virtuelle unix-tjenere. Med den
13759 bakgrunnskunnskapen kan jeg godt tro at IDG er inne på noe.
</p
>
13764 <title>Kryptert harddisk - naturligvis
</title>
13765 <link>https://people.skolelinux.org/pere/blog/Kryptert_harddisk___naturligvis.html
</link>
13766 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Kryptert_harddisk___naturligvis.html
</guid>
13767 <pubDate>Sat,
2 May
2009 15:
30:
00 +
0200</pubDate>
13768 <description><p
><a href=
"http://www.dagensit.no/trender/article1658676.ece
">Dagens
13769 IT melder
</a
> at Intel hevder at det er dyrt å miste en datamaskin,
13770 når en tar tap av arbeidstid, fortrolige dokumenter,
13771 personopplysninger og alt annet det innebærer. Det er ingen tvil om
13772 at det er en kostbar affære å miste sin datamaskin, og det er årsaken
13773 til at jeg har kryptert harddisken på både kontormaskinen og min
13774 bærbare. Begge inneholder personopplysninger jeg ikke ønsker skal
13775 komme på avveie, den første informasjon relatert til jobben min ved
13776 Universitetet i Oslo, og den andre relatert til blant annet
13777 foreningsarbeide. Kryptering av diskene gjør at det er lite
13778 sannsynlig at dophoder som kan finne på å rappe maskinene får noe ut
13779 av dem. Maskinene låses automatisk etter noen minutter uten bruk,
13780 og en reboot vil gjøre at de ber om passord før de vil starte opp.
13781 Jeg bruker Debian på begge maskinene, og installasjonssystemet der
13782 gjør det trivielt å sette opp krypterte disker. Jeg har LVM på toppen
13783 av krypterte partisjoner, slik at alt av datapartisjoner er kryptert.
13784 Jeg anbefaler alle å kryptere diskene på sine bærbare. Kostnaden når
13785 det er gjort slik jeg gjør det er minimale, og gevinstene er
13786 betydelige. En bør dog passe på passordet. Hvis det går tapt, må
13787 maskinen reinstalleres og alt er tapt.
</p
>
13789 <p
>Krypteringen vil ikke stoppe kompetente angripere som f.eks. kjøler
13790 ned minnebrikkene før maskinen rebootes med programvare for å hente ut
13791 krypteringsnøklene. Kostnaden med å forsvare seg mot slike angripere
13792 er for min del høyere enn gevinsten. Jeg tror oddsene for at
13793 f.eks. etteretningsorganisasjoner har glede av å titte på mine
13794 maskiner er minimale, og ulempene jeg ville oppnå ved å forsøke å
13795 gjøre det vanskeligere for angripere med kompetanse og ressurser er
13796 betydelige.
</p
>
13801 <title>Two projects that have improved the quality of free software a lot
</title>
13802 <link>https://people.skolelinux.org/pere/blog/Two_projects_that_have_improved_the_quality_of_free_software_a_lot.html
</link>
13803 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Two_projects_that_have_improved_the_quality_of_free_software_a_lot.html
</guid>
13804 <pubDate>Sat,
2 May
2009 15:
00:
00 +
0200</pubDate>
13805 <description><p
>There are two software projects that have had huge influence on the
13806 quality of free software, and I wanted to mention both in case someone
13807 do not yet know them.
</p
>
13809 <p
>The first one is
<a href=
"http://valgrind.org/
">valgrind
</a
>, a
13810 tool to detect and expose errors in the memory handling of programs.
13811 It is easy to use, all one need to do is to run
'valgrind program
',
13812 and it will report any problems on stdout. It is even better if the
13813 program include debug information. With debug information, it is able
13814 to report the source file name and line number where the problem
13815 occurs. It can report things like
'reading past memory block in file
13816 X line N, the memory block was allocated in file Y, line M
', and
13817 'using uninitialised value in control logic
'. This tool has made it
13818 trivial to investigate reproducible crash bugs in programs, and have
13819 reduced the number of this kind of bugs in free software a lot.
13821 <p
>The second one is
13822 <a href=
"http://en.wikipedia.org/wiki/Coverity
">Coverity
</a
> which is
13823 a source code checker. It is able to process the source of a program
13824 and find problems in the logic without running the program. It
13825 started out as the Stanford Checker and became well known when it was
13826 used to find bugs in the Linux kernel. It is now a commercial tool
13827 and the company behind it is running
13828 <a href=
"http://www.scan.coverity.com/
">a community service
</a
> for the
13829 free software community, where a lot of free software projects get
13830 their source checked for free. Several thousand defects have been
13831 found and fixed so far. It can find errors like
'lock L taken in file
13832 X line N is never released if exiting in line M
', or
'the code in file
13833 Y lines O to P can never be executed
'. The projects included in the
13834 community service project have managed to get rid of a lot of
13835 reliability problems thanks to Coverity.
</p
>
13837 <p
>I believe tools like this, that are able to automatically find
13838 errors in the source, are vital to improve the quality of software and
13839 make sure we can get rid of the crashing and failing software we are
13840 surrounded by today.
</p
>
13845 <title>No patch is not better than a useless patch
</title>
13846 <link>https://people.skolelinux.org/pere/blog/No_patch_is_not_better_than_a_useless_patch.html
</link>
13847 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/No_patch_is_not_better_than_a_useless_patch.html
</guid>
13848 <pubDate>Tue,
28 Apr
2009 09:
30:
00 +
0200</pubDate>
13849 <description><p
>Julien Blache
13850 <a href=
"http://blog.technologeek.org/
2009/
04/
12/
214">claim that no
13851 patch is better than a useless patch
</a
>. I completely disagree, as a
13852 patch allow one to discuss a concrete and proposed solution, and also
13853 prove that the issue at hand is important enough for someone to spent
13854 time on fixing it. No patch do not provide any of these positive
13855 properties.
</p
>
13860 <title>Standardize on protocols and formats, not vendors and applications
</title>
13861 <link>https://people.skolelinux.org/pere/blog/Standardize_on_protocols_and_formats__not_vendors_and_applications.html
</link>
13862 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Standardize_on_protocols_and_formats__not_vendors_and_applications.html
</guid>
13863 <pubDate>Mon,
30 Mar
2009 11:
50:
00 +
0200</pubDate>
13864 <description><p
>Where I work at the University of Oslo, one decision stand out as a
13865 very good one to form a long lived computer infrastructure. It is the
13866 simple one, lost by many in todays computer industry: Standardize on
13867 open network protocols and open exchange/storage formats, not applications.
13868 Applications come and go, while protocols and files tend to stay, and
13869 thus one want to make it easy to change application and vendor, while
13870 avoiding conversion costs and locking users to a specific platform or
13871 application.
</p
>
13873 <p
>This approach make it possible to replace the client applications
13874 independently of the server applications. One can even allow users to
13875 use several different applications as long as they handle the selected
13876 protocol and format. In the normal case, only one client application
13877 is recommended and users only get help if they choose to use this
13878 application, but those that want to deviate from the easy path are not
13879 blocked from doing so.
</p
>
13881 <p
>It also allow us to replace the server side without forcing the
13882 users to replace their applications, and thus allow us to select the
13883 best server implementation at any moment, when scale and resouce
13884 requirements change.
</p
>
13886 <p
>I strongly recommend standardizing - on open network protocols and
13887 open formats, but I would never recommend standardizing on a single
13888 application that do not use open network protocol or open formats.
</p
>
13893 <title>Returning from Skolelinux developer gathering
</title>
13894 <link>https://people.skolelinux.org/pere/blog/Returning_from_Skolelinux_developer_gathering.html
</link>
13895 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Returning_from_Skolelinux_developer_gathering.html
</guid>
13896 <pubDate>Sun,
29 Mar
2009 21:
00:
00 +
0200</pubDate>
13897 <description><p
>I
'm sitting on the train going home from this weekends Debian
13898 Edu/Skolelinux development gathering. I got a bit done tuning the
13899 desktop, and looked into the dynamic service location protocol
13900 implementation avahi. It look like it could be useful for us. Almost
13901 30 people participated, and I believe it was a great environment to
13902 get to know the Skolelinux system. Walter Bender, involved in the
13903 development of the Sugar educational platform, presented his stuff and
13904 also helped me improve my OLPC installation. He also showed me that
13905 his Turtle Art application can be used in standalone mode, and we
13906 agreed that I would help getting it packaged for Debian. As a
13907 standalone application it would be great for Debian Edu. We also
13908 tried to get the video conferencing working with two OLPCs, but that
13909 proved to be too hard for us. The application seem to need more work
13910 before it is ready for me. I look forward to getting home and relax
13916 <title>Time for new LDAP schemas replacing RFC
2307?
</title>
13917 <link>https://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
</link>
13918 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
</guid>
13919 <pubDate>Sun,
29 Mar
2009 20:
30:
00 +
0200</pubDate>
13920 <description><p
>The state of standardized LDAP schemas on Linux is far from
13921 optimal. There is RFC
2307 documenting one way to store NIS maps in
13922 LDAP, and a modified version of this normally called RFC
2307bis, with
13923 some modifications to be compatible with Active Directory. The RFC
13924 specification handle the content of a lot of system databases, but do
13925 not handle DNS zones and DHCP configuration.
</p
>
13927 <p
>In
<a href=
"http://www.skolelinux.org/
">Debian Edu/Skolelinux
</a
>,
13928 we would like to store information about users, SMB clients/hosts,
13929 filegroups, netgroups (users and hosts), DHCP and DNS configuration,
13930 and LTSP configuration in LDAP. These objects have a lot in common,
13931 but with the current LDAP schemas it is not possible to have one
13932 object per entity. For example, one need to have at least three LDAP
13933 objects for a given computer, one with the SMB related stuff, one with
13934 DNS information and another with DHCP information. The schemas
13935 provided for DNS and DHCP are impossible to combine into one LDAP
13936 object. In addition, it is impossible to implement quick queries for
13937 netgroup membership, because of the way NIS triples are implemented.
13938 It just do not scale. I believe it is time for a few RFC
13939 specifications to cleam up this mess.
</p
>
13941 <p
>I would like to have one LDAP object representing each computer in
13942 the network, and this object can then keep the SMB (ie host key), DHCP
13943 (mac address/name) and DNS (name/IP address) settings in one place.
13944 It need to be efficently stored to make sure it scale well.
</p
>
13946 <p
>I would also like to have a quick way to map from a user or
13947 computer and to the net group this user or computer is a member.
</p
>
13949 <p
>Active Directory have done a better job than unix heads like myself
13950 in this regard, and the unix side need to catch up. Time to start a
13951 new IETF work group?
</p
>
13956 <title>Endelig er Debian Lenny gitt ut
</title>
13957 <link>https://people.skolelinux.org/pere/blog/Endelig_er_Debian_Lenny_gitt_ut.html
</link>
13958 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Endelig_er_Debian_Lenny_gitt_ut.html
</guid>
13959 <pubDate>Sun,
15 Feb
2009 11:
50:
00 +
0100</pubDate>
13960 <description><p
>Endelig er
<a href=
"http://www.debian.org/
">Debian
</a
>
13961 <a href=
"http://www.debian.org/News/
2009/
20090214">Lenny
</a
> gitt ut.
13962 Et langt steg videre for Debian-prosjektet, og en rekke nye
13963 programpakker blir nå tilgjengelig for de av oss som bruker den
13964 stabile utgaven av Debian. Neste steg er nå å få
13965 <a href=
"http://www.skolelinux.org/
">Skolelinux
</a
> /
13966 <a href=
"http://wiki.debian.org/DebianEdu/
">Debian Edu
</a
> ferdig
13967 oppdatert for den nye utgaven, slik at en oppdatert versjon kan
13968 slippes løs på skolene. Takk til alle debian-utviklerne som har
13969 gjort dette mulig. Endelig er f.eks. fungerende avhengighetsstyrt
13970 bootsekvens tilgjengelig i stabil utgave, vha pakken
13971 <tt
>insserv
</tt
>.
</p
>
13976 <title>Devcamp brought us closer to the Lenny based Debian Edu release
</title>
13977 <link>https://people.skolelinux.org/pere/blog/Devcamp_brought_us_closer_to_the_Lenny_based_Debian_Edu_release.html
</link>
13978 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/Devcamp_brought_us_closer_to_the_Lenny_based_Debian_Edu_release.html
</guid>
13979 <pubDate>Sun,
7 Dec
2008 12:
00:
00 +
0100</pubDate>
13980 <description><p
>This weekend we had a small developer gathering for Debian Edu in
13981 Oslo. Most of Saturday was used for the general assemly for the
13982 member organization, but the rest of the weekend I used to tune the
13983 LTSP installation. LTSP now work out of the box on the
10-network.
13984 Acer Aspire One proved to be a very nice thin client, with both
13985 screen, mouse and keybard in a small box. Was working on getting the
13986 diskless workstation setup configured out of the box, but did not
13987 finish it before the weekend was up.
</p
>
13989 <p
>Did not find time to look at the
4 VGA cards in one box we got from
13990 the Brazilian group, so that will have to wait for the next
13991 development gathering. Would love to have the Debian Edu installer
13992 automatically detect and configure a multiseat setup when it find one
13993 of these cards.
</p
>
13998 <title>The sorry state of multimedia browser plugins in Debian
</title>
13999 <link>https://people.skolelinux.org/pere/blog/The_sorry_state_of_multimedia_browser_plugins_in_Debian.html
</link>
14000 <guid isPermaLink=
"true">https://people.skolelinux.org/pere/blog/The_sorry_state_of_multimedia_browser_plugins_in_Debian.html
</guid>
14001 <pubDate>Tue,
25 Nov
2008 00:
10:
00 +
0100</pubDate>
14002 <description><p
>Recently I have spent some time evaluating the multimedia browser
14003 plugins available in Debian Lenny, to see which one we should use by
14004 default in Debian Edu. We need an embedded video playing plugin with
14005 control buttons to pause or stop the video, and capable of streaming
14006 all the multimedia content available on the web. The test results and
14007 notes are available on
14008 <a href=
"http://wiki.debian.org/DebianEdu/BrowserMultimedia
">the
14009 Debian wiki
</a
>. I was surprised how few of the plugins are able to
14010 fill this need. My personal video player favorite, VLC, has a really
14011 bad plugin which fail on a lot of the test pages. A lot of the MIME
14012 types I would expect to work with any free software player (like
14013 video/ogg), just do not work. And simple formats like the
14014 audio/x-mplegurl format (m3u playlists), just isn
't supported by the
14015 totem and vlc plugins. I hope the situation will improve soon. No
14016 wonder sites use the proprietary Adobe flash to play video.
</p
>
14018 <p
>For Lenny, we seem to end up with the mplayer plugin. It seem to
14019 be the only one fitting our needs. :/
</p
>
projects / homepage.git / blob