1 <?xml version=
"1.0" encoding=
"utf-8"?>
2 <rss version='
2.0' xmlns:lj='http://www.livejournal.org/rss/lj/
1.0/'
>
4 <title>Petter Reinholdtsen - Entries tagged debian
</title>
5 <description>Entries tagged debian
</description>
6 <link>http://people.skolelinux.org/pere/blog/
</link>
10 <title>Isenkram, Appstream and udev make life as a LEGO builder easier
</title>
11 <link>http://people.skolelinux.org/pere/blog/Isenkram__Appstream_and_udev_make_life_as_a_LEGO_builder_easier.html
</link>
12 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Isenkram__Appstream_and_udev_make_life_as_a_LEGO_builder_easier.html
</guid>
13 <pubDate>Fri,
7 Oct
2016 09:
50:
00 +
0200</pubDate>
14 <description><p
><a href=
"http://packages.qa.debian.org/isenkram
">The Isenkram
15 system
</a
> provide a practical and easy way to figure out which
16 packages support the hardware in a given machine. The command line
17 tool
<tt
>isenkram-lookup
</tt
> and the tasksel options provide a
18 convenient way to list and install packages relevant for the current
19 hardware during system installation, both user space packages and
20 firmware packages. The GUI background daemon on the other hand provide
21 a pop-up proposing to install packages when a new dongle is inserted
22 while using the computer. For example, if you plug in a smart card
23 reader, the system will ask if you want to install
<tt
>pcscd
</tt
> if
24 that package isn
't already installed, and if you plug in a USB video
25 camera the system will ask if you want to install
<tt
>cheese
</tt
> if
26 cheese is currently missing. This already work just fine.
</p
>
28 <p
>But Isenkram depend on a database mapping from hardware IDs to
29 package names. When I started no such database existed in Debian, so
30 I made my own data set and included it with the isenkram package and
31 made isenkram fetch the latest version of this database from git using
32 http. This way the isenkram users would get updated package proposals
33 as soon as I learned more about hardware related packages.
</p
>
35 <p
>The hardware is identified using modalias strings. The modalias
36 design is from the Linux kernel where most hardware descriptors are
37 made available as a strings that can be matched using filename style
38 globbing. It handle USB, PCI, DMI and a lot of other hardware related
39 identifiers.
</p
>
41 <p
>The downside to the Isenkram specific database is that there is no
42 information about relevant distribution / Debian version, making
43 isenkram propose obsolete packages too. But along came AppStream, a
44 cross distribution mechanism to store and collect metadata about
45 software packages. When I heard about the proposal, I contacted the
46 people involved and suggested to add a hardware matching rule using
47 modalias strings in the specification, to be able to use AppStream for
48 mapping hardware to packages. This idea was accepted and AppStream is
49 now a great way for a package to announce the hardware it support in a
50 distribution neutral way. I wrote
51 <a href=
"http://people.skolelinux.org/pere/blog/Using_appstream_with_isenkram_to_install_hardware_related_packages_in_Debian.html
">a
52 recipe on how to add such meta-information
</a
> in a blog post last
53 December. If you have a hardware related package in Debian, please
54 announce the relevant hardware IDs using AppStream.
</p
>
56 <p
>In Debian, almost all packages that can talk to a LEGO Mindestorms
57 RCX or NXT unit, announce this support using AppStream. The effect is
58 that when you insert such LEGO robot controller into your Debian
59 machine, Isenkram will propose to install the packages needed to get
60 it working. The intention is that this should allow the local user to
61 start programming his robot controller right away without having to
62 guess what packages to use or which permissions to fix.
</p
>
64 <p
>But when I sat down with my son the other day to program our NXT
65 unit using his Debian Stretch computer, I discovered something
66 annoying. The local console user (ie my son) did not get access to
67 the USB device for programming the unit. This used to work, but no
68 longer in Jessie and Stretch. After some investigation and asking
69 around on #debian-devel, I discovered that this was because udev had
70 changed the mechanism used to grant access to local devices. The
71 ConsoleKit mechanism from
<tt
>/lib/udev/rules.d/
70-udev-acl.rules
</tt
>
72 no longer applied, because LDAP users no longer was added to the
73 plugdev group during login. Michael Biebl told me that this method
74 was obsolete and the new method used ACLs instead. This was good
75 news, as the plugdev mechanism is a mess when using a remote user
76 directory like LDAP. Using ACLs would make sure a user lost device
77 access when she logged out, even if the user left behind a background
78 process which would retain the plugdev membership with the ConsoleKit
79 setup. Armed with this knowledge I moved on to fix the access problem
80 for the LEGO Mindstorms related packages.
</p
>
82 <p
>The new system uses a udev tag,
'uaccess
'. It can either be
83 applied directly for a device, or is applied in
84 /lib/udev/rules.d/
70-uaccess.rules for classes of devices. As the
85 LEGO Mindstorms udev rules did not have a class, I decided to add the
86 tag directly in the udev rules files included in the packages. Here
87 is one example. For the nqc C compiler for the RCX, the
88 <tt
>/lib/udev/rules.d/
60-nqc.rules
</tt
> file now look like this:
91 SUBSYSTEM==
"usb
", ACTION==
"add
", ATTR{idVendor}==
"0694", ATTR{idProduct}==
"0001", \
92 SYMLINK+=
"rcx-%k
", TAG+=
"uaccess
"
93 </pre
></p
>
95 <p
>The key part is the
'TAG+=
"uaccess
"' at the end. I suspect all
96 packages using plugdev in their /lib/udev/rules.d/ files should be
97 changed to use this tag (either directly or indirectly via
98 <tt
>70-uaccess.rules
</tt
>). Perhaps a lintian check should be created
99 to detect this?
</p
>
101 <p
>I
've been unable to find good documentation on the uaccess feature.
102 It is unclear to me if the uaccess tag is an internal implementation
103 detail like the udev-acl tag used by
104 <tt
>/lib/udev/rules.d/
70-udev-acl.rules
</tt
>. If it is, I guess the
105 indirect method is the preferred way. Michael
106 <a href=
"https://github.com/systemd/systemd/issues/
4288">asked for more
107 documentation from the systemd project
</a
> and I hope it will make
108 this clearer. For now I use the generic classes when they exist and
109 is already handled by
<tt
>70-uaccess.rules
</tt
>, and add the tag
110 directly if no such class exist.
</p
>
112 <p
>To learn more about the isenkram system, please check out
113 <a href=
"http://people.skolelinux.org/pere/blog/tags/isenkram/
">my
114 blog posts tagged isenkram
</a
>.
</p
>
116 <p
>To help out making life for LEGO constructors in Debian easier,
117 please join us on our IRC channel
118 <a href=
"irc://irc.debian.org/%
23debian-lego
">#debian-lego
</a
> and join
119 the
<a href=
"https://alioth.debian.org/projects/debian-lego/
">Debian
120 LEGO team
</a
> in the Alioth project we created yesterday. A mailing
121 list is not yet created, but we are working on it. :)
</p
>
123 <p
>As usual, if you use Bitcoin and want to show your support of my
124 activities, please send Bitcoin donations to my address
125 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
&label=PetterReinholdtsenBlog
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
130 <title>First draft Norwegian Bokmål edition of The Debian Administrator
's Handbook now public
</title>
131 <link>http://people.skolelinux.org/pere/blog/First_draft_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook_now_public.html
</link>
132 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/First_draft_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook_now_public.html
</guid>
133 <pubDate>Tue,
30 Aug
2016 10:
10:
00 +
0200</pubDate>
134 <description><p
>In April we
135 <a href=
"http://people.skolelinux.org/pere/blog/Lets_make_a_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook.html
">started
136 to work
</a
> on a Norwegian Bokmål edition of the
"open access
" book on
137 how to set up and administrate a Debian system. Today I am happy to
138 report that the first draft is now publicly available. You can find
139 it on
<a href=
"https://debian-handbook.info/get/
">get the Debian
140 Administrator
's Handbook page
</a
> (under Other languages). The first
141 eight chapters have a first draft translation, and we are working on
142 proofreading the content. If you want to help out, please start
144 <a href=
"https://hosted.weblate.org/projects/debian-handbook/
">the
145 hosted weblate project page
</a
>, and get in touch using
146 <a href=
"http://lists.alioth.debian.org/mailman/listinfo/debian-handbook-translators
">the
147 translators mailing list
</a
>. Please also check out
148 <a href=
"https://debian-handbook.info/contribute/
">the instructions for
149 contributors
</a
>. A good way to contribute is to proofread the text
150 and update weblate if you find errors.
</p
>
152 <p
>Our goal is still to make the Norwegian book available on paper as well as
153 electronic form.
</p
>
158 <title>Coz can help you find bottlenecks in multi-threaded software - nice free software
</title>
159 <link>http://people.skolelinux.org/pere/blog/Coz_can_help_you_find_bottlenecks_in_multi_threaded_software___nice_free_software.html
</link>
160 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Coz_can_help_you_find_bottlenecks_in_multi_threaded_software___nice_free_software.html
</guid>
161 <pubDate>Thu,
11 Aug
2016 12:
00:
00 +
0200</pubDate>
162 <description><p
>This summer, I read a great article
163 "<a href=
"https://www.usenix.org/publications/login/summer2016/curtsinger
">coz:
164 This Is the Profiler You
're Looking For
</a
>" in USENIX ;login: about
165 how to profile multi-threaded programs. It presented a system for
166 profiling software by running experiences in the running program,
167 testing how run time performance is affected by
"speeding up
" parts of
168 the code to various degrees compared to a normal run. It does this by
169 slowing down parallel threads while the
"faster up
" code is running
170 and measure how this affect processing time. The processing time is
171 measured using probes inserted into the code, either using progress
172 counters (COZ_PROGRESS) or as latency meters (COZ_BEGIN/COZ_END). It
173 can also measure unmodified code by measuring complete the program
174 runtime and running the program several times instead.
</p
>
176 <p
>The project and presentation was so inspiring that I would like to
177 get the system into Debian. I
178 <a href=
"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=
830708">created
179 a WNPP request for it
</a
> and contacted upstream to try to make the
180 system ready for Debian by sending patches. The build process need to
181 be changed a bit to avoid running
'git clone
' to get dependencies, and
182 to include the JavaScript web page used to visualize the collected
183 profiling information included in the source package.
184 But I expect that should work out fairly soon.
</p
>
186 <p
>The way the system work is fairly simple. To run an coz experiment
187 on a binary with debug symbols available, start the program like this:
189 <p
><blockquote
><pre
>
190 coz run --- program-to-run
191 </pre
></blockquote
></p
>
193 <p
>This will create a text file profile.coz with the instrumentation
194 information. To show what part of the code affect the performance
195 most, use a web browser and either point it to
196 <a href=
"http://plasma-umass.github.io/coz/
">http://plasma-umass.github.io/coz/
</a
>
197 or use the copy from git (in the gh-pages branch). Check out this web
198 site to have a look at several example profiling runs and get an idea what the end result from the profile runs look like. To make the
199 profiling more useful you include
&lt;coz.h
&gt; and insert the
200 COZ_PROGRESS or COZ_BEGIN and COZ_END at appropriate places in the
201 code, rebuild and run the profiler. This allow coz to do more
202 targeted experiments.
</p
>
204 <p
>A video published by ACM
205 <a href=
"https://www.youtube.com/watch?v=jE0V-p1odPg
">presenting the
206 Coz profiler
</a
> is available from Youtube. There is also a paper
207 from the
25th Symposium on Operating Systems Principles available
209 <a href=
"https://www.usenix.org/conference/atc16/technical-sessions/presentation/curtsinger
">Coz:
210 finding code that counts with causal profiling
</a
>.
</p
>
212 <p
><a href=
"https://github.com/plasma-umass/coz
">The source code
</a
>
213 for Coz is available from github. It will only build with clang
215 <a href=
"https://gcc.gnu.org/bugzilla/show_bug.cgi?id=
55606">C++
216 feature missing in GCC
</a
>, but I
've submitted
217 <a href=
"https://github.com/plasma-umass/coz/pull/
67">a patch to solve
218 it
</a
> and hope it will be included in the upstream source soon.
</p
>
220 <p
>Please get in touch if you, like me, would like to see this piece
221 of software in Debian. I would very much like some help with the
222 packaging effort, as I lack the in depth knowledge on how to package
223 C++ libraries.
</p
>
228 <title>Unlocking HTC Desire HD on Linux using unruu and fastboot
</title>
229 <link>http://people.skolelinux.org/pere/blog/Unlocking_HTC_Desire_HD_on_Linux_using_unruu_and_fastboot.html
</link>
230 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Unlocking_HTC_Desire_HD_on_Linux_using_unruu_and_fastboot.html
</guid>
231 <pubDate>Thu,
7 Jul
2016 11:
30:
00 +
0200</pubDate>
232 <description><p
>Yesterday, I tried to unlock a HTC Desire HD phone, and it proved
233 to be a slight challenge. Here is the recipe if I ever need to do it
234 again. It all started by me wanting to try the recipe to set up
235 <a href=
"https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy
">an
236 hardened Android installation
</a
> from the Tor project blog on a
237 device I had access to. It is a old mobile phone with a broken
238 microphone The initial idea had been to just
239 <a href=
"http://wiki.cyanogenmod.org/w/Install_CM_for_ace
">install
240 CyanogenMod on it
</a
>, but did not quite find time to start on it
241 until a few days ago.
</p
>
243 <p
>The unlock process is supposed to be simple: (
1) Boot into the boot
244 loader (press volume down and power at the same time), (
2) select
245 'fastboot
' before (
3) connecting the device via USB to a Linux
246 machine, (
4) request the device identifier token by running
'fastboot
247 oem get_identifier_token
', (
5) request the device unlocking key using
248 the
<a href=
"http://www.htcdev.com/bootloader/
">HTC developer web
249 site
</a
> and unlock the phone using the key file emailed to you.
</p
>
251 <p
>Unfortunately, this only work fi you have hboot version
2.00.0029
252 or newer, and the device I was working on had
2.00.0027. This
253 apparently can be easily fixed by downloading a Windows program and
254 running it on your Windows machine, if you accept the terms Microsoft
255 require you to accept to use Windows - which I do not. So I had to
256 come up with a different approach. I got a lot of help from AndyCap
257 on #nuug, and would not have been able to get this working without
260 <p
>First I needed to extract the hboot firmware from
261 <a href=
"http://www.htcdev.com/ruu/PD9810000_Ace_Sense30_S_hboot_2.00
.0029.exe
">the
262 windows binary for HTC Desire HD
</a
> downloaded as
'the RUU
' from HTC.
263 For this there is is
<a href=
"https://github.com/kmdm/unruu/
">a github
264 project named unruu
</a
> using libunshield. The unshield tool did not
265 recognise the file format, but unruu worked and extracted rom.zip,
266 containing the new hboot firmware and a text file describing which
267 devices it would work for.
</p
>
269 <p
>Next, I needed to get the new firmware into the device. For this I
270 followed some instructions
271 <a href=
"http://www.htc1guru.com/
2013/
09/new-ruu-zips-posted/
">available
272 from HTC1Guru.com
</a
>, and ran these commands as root on a Linux
273 machine with Debian testing:
</p
>
276 adb reboot-bootloader
277 fastboot oem rebootRUU
278 fastboot flash zip rom.zip
279 fastboot flash zip rom.zip
281 </pre
></p
>
283 <p
>The flash command apparently need to be done twice to take effect,
284 as the first is just preparations and the second one do the flashing.
285 The adb command is just to get to the boot loader menu, so turning the
286 device on while holding volume down and the power button should work
289 <p
>With the new hboot version in place I could start following the
290 instructions on the HTC developer web site. I got the device token
294 fastboot oem get_identifier_token
2>&1 | sed
's/(bootloader) //
'
297 <p
>And once I got the unlock code via email, I could use it like
301 fastboot flash unlocktoken Unlock_code.bin
302 </pre
></p
>
304 <p
>And with that final step in place, the phone was unlocked and I
305 could start stuffing the software of my own choosing into the device.
306 So far I only inserted a replacement recovery image to wipe the phone
307 before I start. We will see what happen next. Perhaps I should
308 install
<a href=
"https://www.debian.org/
">Debian
</a
> on it. :)
</p
>
313 <title>How to use the Signal app if you only have a land line (ie no mobile phone)
</title>
314 <link>http://people.skolelinux.org/pere/blog/How_to_use_the_Signal_app_if_you_only_have_a_land_line__ie_no_mobile_phone_.html
</link>
315 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_use_the_Signal_app_if_you_only_have_a_land_line__ie_no_mobile_phone_.html
</guid>
316 <pubDate>Sun,
3 Jul
2016 14:
20:
00 +
0200</pubDate>
317 <description><p
>For a while now, I have wanted to test
318 <a href=
"https://whispersystems.org/
">the Signal app
</a
>, as it is
319 said to provide end to end encrypted communication and several of my
320 friends and family are already using it. As I by choice do not own a
321 mobile phone, this proved to be harder than expected. And I wanted to
322 have the source of the client and know that it was the code used on my
323 machine. But yesterday I managed to get it working. I used the
324 Github source, compared it to the source in
325 <a href=
"https://chrome.google.com/webstore/detail/signal-private-messenger/bikioccmkafdpakkkcpdbppfkghcmihk?hl=en-US
">the
326 Signal Chrome app
</a
> available from the Chrome web store, applied
327 patches to use the production Signal servers, started the app and
328 asked for the hidden
"register without a smart phone
" form. Here is
329 the recipe how I did it.
</p
>
331 <p
>First, I fetched the Signal desktop source from Github, using
334 git clone https://github.com/WhisperSystems/Signal-Desktop.git
337 <p
>Next, I patched the source to use the production servers, to be
338 able to talk to other Signal users:
</p
>
341 cat
&lt;
&lt;EOF | patch -p0
342 diff -ur ./js/background.js userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/
0.15.0_0/js/background.js
343 --- ./js/background.js
2016-
06-
29 13:
43:
15.630344628 +
0200
344 +++ userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/
0.15.0_0/js/background.js
2016-
06-
29 14:
06:
29.530300934 +
0200
349 - var SERVER_URL =
'https://textsecure-service-staging.whispersystems.org
';
350 - var ATTACHMENT_SERVER_URL =
'https://whispersystems-textsecure-attachments-staging.s3.amazonaws.com
';
351 + var SERVER_URL =
'https://textsecure-service-ca.whispersystems.org:
4433';
352 + var ATTACHMENT_SERVER_URL =
'https://whispersystems-textsecure-attachments.s3.amazonaws.com
';
354 window.getSocketStatus = function() {
355 if (messageReceiver) {
356 diff -ur ./js/expire.js userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/
0.15.0_0/js/expire.js
357 --- ./js/expire.js
2016-
06-
29 13:
43:
15.630344628 +
0200
358 +++ userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/
0.15.0_0/js/expire.js2016-
06-
29 14:
06:
29.530300934 +
0200
361 'use strict
';
362 - var BUILD_EXPIRATION =
0;
363 + var BUILD_EXPIRATION =
1474492690000;
365 window.extension = window.extension || {};
370 <p
>The first part is changing the servers, and the second is updating
371 an expiration timestamp. This timestamp need to be updated regularly.
372 It is set
90 days in the future by the build process (Gruntfile.js).
373 The value is seconds since
1970 times
1000, as far as I can tell.
</p
>
375 <p
>Based on a tip and good help from the #nuug IRC channel, I wrote a
376 script to launch Signal in Chromium.
</p
>
383 --proxy-server=
"socks://localhost:
9050" \
384 --user-data-dir=`pwd`/userdata --load-and-launch-app=`pwd`
387 <p
> The script start the app and configure Chromium to use the Tor
388 SOCKS5 proxy to make sure those controlling the Signal servers (today
389 Amazon and Whisper Systems) as well as those listening on the lines
390 will have a harder time location my laptop based on the Signal
391 connections if they use source IP address.
</p
>
393 <p
>When the script starts, one need to follow the instructions under
394 "Standalone Registration
" in the CONTRIBUTING.md file in the git
395 repository. I right clicked on the Signal window to get up the
396 Chromium debugging tool, visited the
'Console
' tab and wrote
397 'extension.install(
"standalone
")
' on the console prompt to get the
398 registration form. Then I entered by land line phone number and
399 pressed
'Call
'.
5 seconds later the phone rang and a robot voice
400 repeated the verification code three times. After entering the number
401 into the verification code field in the form, I could start using
402 Signal from my laptop.
404 <p
>As far as I can tell, The Signal app will leak who is talking to
405 whom and thus who know who to those controlling the central server,
406 but such leakage is hard to avoid with a centrally controlled server
407 setup. It is something to keep in mind when using Signal - the
408 content of your chats are harder to intercept, but the meta data
409 exposing your contact network is available to people you do not know.
410 So better than many options, but not great. And sadly the usage is
411 connected to my land line, thus allowing those controlling the server
412 to associate it to my home and person. I would prefer it if only
413 those I knew could tell who I was on Signal. There are options
414 avoiding such information leakage, but most of my friends are not
415 using them, so I am stuck with Signal for now.
</p
>
420 <title>The new
"best
" multimedia player in Debian?
</title>
421 <link>http://people.skolelinux.org/pere/blog/The_new__best__multimedia_player_in_Debian_.html
</link>
422 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/The_new__best__multimedia_player_in_Debian_.html
</guid>
423 <pubDate>Mon,
6 Jun
2016 12:
50:
00 +
0200</pubDate>
424 <description><p
>When I set out a few weeks ago to figure out
425 <a href=
"http://people.skolelinux.org/pere/blog/What_is_the_best_multimedia_player_in_Debian_.html
">which
426 multimedia player in Debian claimed to support most file formats /
427 MIME types
</a
>, I was a bit surprised how varied the sets of MIME types
428 the various players claimed support for. The range was from
55 to
130
429 MIME types. I suspect most media formats are supported by all
430 players, but this is not really reflected in the MimeTypes values in
431 their desktop files. There are probably also some bogus MIME types
432 listed, but it is hard to identify which one this is.
</p
>
434 <p
>Anyway, in the mean time I got in touch with upstream for some of
435 the players suggesting to add more MIME types to their desktop files,
436 and decided to spend some time myself improving the situation for my
437 favorite media player VLC. The fixes for VLC entered Debian unstable
438 yesterday. The complete list of MIME types can be seen on the
439 <a href=
"https://wiki.debian.org/DebianMultimedia/PlayerSupport
">Multimedia
440 player MIME type support status
</a
> Debian wiki page.
</p
>
442 <p
>The new
"best
" multimedia player in Debian? It is VLC, followed by
443 totem, parole, kplayer, gnome-mpv, mpv, smplayer, mplayer-gui and
444 kmplayer. I am sure some of the other players desktop files support
445 several of the formats currently listed as working only with vlc,
446 toten and parole.
</p
>
448 <p
>A sad observation is that only
14 MIME types are listed as
449 supported by all the tested multimedia players in Debian in their
450 desktop files: audio/mpeg, audio/vnd.rn-realaudio, audio/x-mpegurl,
451 audio/x-ms-wma, audio/x-scpls, audio/x-wav, video/mp4, video/mpeg,
452 video/quicktime, video/vnd.rn-realvideo, video/x-matroska,
453 video/x-ms-asf, video/x-ms-wmv and video/x-msvideo. Personally I find
454 it sad that video/ogg and video/webm is not supported by all the media
455 players in Debian. As far as I can tell, all of them can handle both
461 <title>A program should be able to open its own files on Linux
</title>
462 <link>http://people.skolelinux.org/pere/blog/A_program_should_be_able_to_open_its_own_files_on_Linux.html
</link>
463 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/A_program_should_be_able_to_open_its_own_files_on_Linux.html
</guid>
464 <pubDate>Sun,
5 Jun
2016 08:
30:
00 +
0200</pubDate>
465 <description><p
>Many years ago, when koffice was fresh and with few users, I
466 decided to test its presentation tool when making the slides for a
467 talk I was giving for NUUG on Japhar, a free Java virtual machine. I
468 wrote the first draft of the slides, saved the result and went to bed
469 the day before I would give the talk. The next day I took a plane to
470 the location where the meeting should take place, and on the plane I
471 started up koffice again to polish the talk a bit, only to discover
472 that kpresenter refused to load its own data file. I cursed a bit and
473 started making the slides again from memory, to have something to
474 present when I arrived. I tested that the saved files could be
475 loaded, and the day seemed to be rescued. I continued to polish the
476 slides until I suddenly discovered that the saved file could no longer
477 be loaded into kpresenter. In the end I had to rewrite the slides
478 three times, condensing the content until the talk became shorter and
479 shorter. After the talk I was able to pinpoint the problem
&ndash;
480 kpresenter wrote inline images in a way itself could not understand.
481 Eventually that bug was fixed and kpresenter ended up being a great
482 program to make slides. The point I
'm trying to make is that we
483 expect a program to be able to load its own data files, and it is
484 embarrassing to its developers if it can
't.
</p
>
486 <p
>Did you ever experience a program failing to load its own data
487 files from the desktop file browser? It is not a uncommon problem. A
488 while back I discovered that the screencast recorder
489 gtk-recordmydesktop would save an Ogg Theora video file the KDE file
490 browser would refuse to open. No video player claimed to understand
491 such file. I tracked down the cause being
<tt
>file --mime-type
</tt
>
492 returning the application/ogg MIME type, which no video player I had
493 installed listed as a MIME type they would understand. I asked for
494 <a href=
"http://bugs.gw.com/view.php?id=
382">file to change its
495 behavour
</a
> and use the MIME type video/ogg instead. I also asked
496 several video players to add video/ogg to their desktop files, to give
497 the file browser an idea what to do about Ogg Theora files. After a
498 while, the desktop file browsers in Debian started to handle the
499 output from gtk-recordmydesktop properly.
</p
>
501 <p
>But history repeats itself. A few days ago I tested the music
502 system Rosegarden again, and I discovered that the KDE and xfce file
503 browsers did not know what to do with the Rosegarden project files
504 (*.rg). I
've reported
<a href=
"http://bugs.debian.org/
825993">the
505 rosegarden problem to BTS
</a
> and a fix is commited to git and will be
506 included in the next upload. To increase the chance of me remembering
507 how to fix the problem next time some program fail to load its files
508 from the file browser, here are some notes on how to fix it.
</p
>
510 <p
>The file browsers in Debian in general operates on MIME types.
511 There are two sources for the MIME type of a given file. The output from
512 <tt
>file --mime-type
</tt
> mentioned above, and the content of the
513 shared MIME type registry (under /usr/share/mime/). The file MIME
514 type is mapped to programs supporting the MIME type, and this
515 information is collected from
516 <a href=
"https://www.freedesktop.org/wiki/Specifications/desktop-entry-spec/
">the
517 desktop files
</a
> available in /usr/share/applications/. If there is
518 one desktop file claiming support for the MIME type of the file, it is
519 activated when asking to open a given file. If there are more, one
520 can normally select which one to use by right-clicking on the file and
521 selecting the wanted one using
'Open with
' or similar. In general
522 this work well. But it depend on each program picking a good MIME
524 <a href=
"http://www.iana.org/assignments/media-types/media-types.xhtml
">a
525 MIME type registered with IANA
</a
>), file and/or the shared MIME
526 registry recognizing the file and the desktop file to list the MIME
527 type in its list of supported MIME types.
</p
>
529 <p
>The
<tt
>/usr/share/mime/packages/rosegarden.xml
</tt
> entry for
530 <a href=
"http://www.freedesktop.org/wiki/Specifications/shared-mime-info-spec
">the
531 Shared MIME database
</a
> look like this:
</p
>
533 <p
><blockquote
><pre
>
534 &lt;?xml version=
"1.0" encoding=
"UTF-
8"?
&gt;
535 &lt;mime-info xmlns=
"http://www.freedesktop.org/standards/shared-mime-info
"&gt;
536 &lt;mime-type type=
"audio/x-rosegarden
"&gt;
537 &lt;sub-class-of type=
"application/x-gzip
"/
&gt;
538 &lt;comment
&gt;Rosegarden project file
&lt;/comment
&gt;
539 &lt;glob pattern=
"*.rg
"/
&gt;
540 &lt;/mime-type
&gt;
541 &lt;/mime-info
&gt;
542 </pre
></blockquote
></p
>
544 <p
>This states that audio/x-rosegarden is a kind of application/x-gzip
545 (it is a gzipped XML file). Note, it is much better to use an
546 official MIME type registered with IANA than it is to make up ones own
547 unofficial ones like the x-rosegarden type used by rosegarden.
</p
>
549 <p
>The desktop file of the rosegarden program failed to list
550 audio/x-rosegarden in its list of supported MIME types, causing the
551 file browsers to have no idea what to do with *.rg files:
</p
>
553 <p
><blockquote
><pre
>
554 % grep Mime /usr/share/applications/rosegarden.desktop
555 MimeType=audio/x-rosegarden-composition;audio/x-rosegarden-device;audio/x-rosegarden-project;audio/x-rosegarden-template;audio/midi;
556 X-KDE-NativeMimeType=audio/x-rosegarden-composition
558 </pre
></blockquote
></p
>
560 <p
>The fix was to add
"audio/x-rosegarden;
" at the end of the
561 MimeType= line.
</p
>
563 <p
>If you run into a file which fail to open the correct program when
564 selected from the file browser, please check out the output from
565 <tt
>file --mime-type
</tt
> for the file, ensure the file ending and
566 MIME type is registered somewhere under /usr/share/mime/ and check
567 that some desktop file under /usr/share/applications/ is claiming
568 support for this MIME type. If not, please report a bug to have it
574 <title>Isenkram with PackageKit support - new version
0.23 available in Debian unstable
</title>
575 <link>http://people.skolelinux.org/pere/blog/Isenkram_with_PackageKit_support___new_version_0_23_available_in_Debian_unstable.html
</link>
576 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Isenkram_with_PackageKit_support___new_version_0_23_available_in_Debian_unstable.html
</guid>
577 <pubDate>Wed,
25 May
2016 10:
20:
00 +
0200</pubDate>
578 <description><p
><a href=
"https://tracker.debian.org/pkg/isenkram
">The isenkram
579 system
</a
> is a user-focused solution in Debian for handling hardware
580 related packages. The idea is to have a database of mappings between
581 hardware and packages, and pop up a dialog suggesting for the user to
582 install the packages to use a given hardware dongle. Some use cases
583 are when you insert a Yubikey, it proposes to install the software
584 needed to control it; when you insert a braille reader list it
585 proposes to install the packages needed to send text to the reader;
586 and when you insert a ColorHug screen calibrator it suggests to
587 install the driver for it. The system work well, and even have a few
588 command line tools to install firmware packages and packages for the
589 hardware already in the machine (as opposed to hotpluggable hardware).
</p
>
591 <p
>The system was initially written using aptdaemon, because I found
592 good documentation and example code on how to use it. But aptdaemon
593 is going away and is generally being replaced by
594 <a href=
"http://www.freedesktop.org/software/PackageKit/
">PackageKit
</a
>,
595 so Isenkram needed a rewrite. And today, thanks to the great patch
596 from my college Sunil Mohan Adapa in the FreedomBox project, the
597 rewrite finally took place. I
've just uploaded a new version of
598 Isenkram into Debian Unstable with the patch included, and the default
599 for the background daemon is now to use PackageKit. To check it out,
600 install the
<tt
>isenkram
</tt
> package and insert some hardware dongle
601 and see if it is recognised.
</p
>
603 <p
>If you want to know what kind of packages isenkram would propose for
604 the machine it is running on, you can check out the isenkram-lookup
605 program. This is what it look like on a Thinkpad X230:
</p
>
607 <p
><blockquote
><pre
>
623 </pre
></blockquote
></p
>
625 <p
>The hardware mappings come from several places. The preferred way
626 is for packages to announce their hardware support using
627 <a href=
"https://www.freedesktop.org/software/appstream/docs/
">the
628 cross distribution appstream system
</a
>.
630 <a href=
"http://people.skolelinux.org/pere/blog/tags/isenkram/
">previous
631 blog posts about isenkram
</a
> to learn how to do that.
</p
>
636 <title>Discharge rate estimate in new battery statistics collector for Debian
</title>
637 <link>http://people.skolelinux.org/pere/blog/Discharge_rate_estimate_in_new_battery_statistics_collector_for_Debian.html
</link>
638 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Discharge_rate_estimate_in_new_battery_statistics_collector_for_Debian.html
</guid>
639 <pubDate>Mon,
23 May
2016 09:
35:
00 +
0200</pubDate>
640 <description><p
>Yesterday I updated the
641 <a href=
"https://tracker.debian.org/pkg/battery-stats
">battery-stats
642 package in Debian
</a
> with a few patches sent to me by skilled and
643 enterprising users. There were some nice user and visible changes.
644 First of all, both desktop menu entries now work. A design flaw in
645 one of the script made the history graph fail to show up (its PNG was
646 dumped in ~/.xsession-errors) if no controlling TTY was available.
647 The script worked when called from the command line, but not when
648 called from the desktop menu. I changed this to look for a DISPLAY
649 variable or a TTY before deciding where to draw the graph, and now the
650 graph window pop up as expected.
</p
>
652 <p
>The next new feature is a discharge rate estimator in one of the
653 graphs (the one showing the last few hours). New is also the user of
654 colours showing charging in blue and discharge in red. The percentages
655 of this graph is relative to last full charge, not battery design
658 <p align=
"center
"><img src=
"http://people.skolelinux.org/pere/blog/images/
2016-
05-
23-battery-stats-rate.png
"/
></p
>
660 <p
>The other graph show the entire history of the collected battery
661 statistics, comparing it to the design capacity of the battery to
662 visualise how the battery life time get shorter over time. The red
663 line in this graph is what the previous graph considers
100 percent:
665 <p align=
"center
"><img src=
"http://people.skolelinux.org/pere/blog/images/
2016-
05-
23-battery-stats-history.png
"/
></p
>
667 <p
>In this graph you can see that I only charge the battery to
80
668 percent of last full capacity, and how the capacity of the battery is
669 shrinking. :(
</p
>
671 <p
>The last new feature is in the collector, which now will handle
672 more hardware models. On some hardware, Linux power supply
673 information is stored in /sys/class/power_supply/ACAD/, while the
674 collector previously only looked in /sys/class/power_supply/AC/. Now
675 both are checked to figure if there is power connected to the
678 <p
>If you are interested in how your laptop battery is doing, please
680 <a href=
"https://tracker.debian.org/pkg/battery-stats
">battery-stats
</a
>
681 in Debian unstable, or rebuild it on Jessie to get it working on
682 Debian stable. :) The upstream source is available from
<a
683 href=
"https://github.com/petterreinholdtsen/battery-stats
">github
</a
>.
684 Patches are very welcome.
</p
>
686 <p
>As usual, if you use Bitcoin and want to show your support of my
687 activities, please send Bitcoin donations to my address
688 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
693 <title>Debian now with ZFS on Linux included
</title>
694 <link>http://people.skolelinux.org/pere/blog/Debian_now_with_ZFS_on_Linux_included.html
</link>
695 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_now_with_ZFS_on_Linux_included.html
</guid>
696 <pubDate>Thu,
12 May
2016 07:
30:
00 +
0200</pubDate>
697 <description><p
>Today, after many years of hard work from many people,
698 <a href=
"http://zfsonlinux.org/
">ZFS for Linux
</a
> finally entered
699 Debian. The package status can be seen on
700 <a href=
"https://tracker.debian.org/pkg/zfs-linux
">the package tracker
701 for zfs-linux
</a
>. and
702 <a href=
"https://qa.debian.org/developer.php?login=pkg-zfsonlinux-devel@lists.alioth.debian.org
">the
703 team status page
</a
>. If you want to help out, please join us.
704 <a href=
"http://anonscm.debian.org/gitweb/?p=pkg-zfsonlinux/zfs.git
">The
705 source code
</a
> is available via git on Alioth. It would also be
706 great if you could help out with
707 <a href=
"https://tracker.debian.org/pkg/dkms
">the dkms package
</a
>, as
708 it is an important piece of the puzzle to get ZFS working.
</p
>
713 <title>What is the best multimedia player in Debian?
</title>
714 <link>http://people.skolelinux.org/pere/blog/What_is_the_best_multimedia_player_in_Debian_.html
</link>
715 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/What_is_the_best_multimedia_player_in_Debian_.html
</guid>
716 <pubDate>Sun,
8 May
2016 09:
40:
00 +
0200</pubDate>
717 <description><p
><strong
>Where I set out to figure out which multimedia player in
718 Debian claim support for most file formats.
</strong
></p
>
720 <p
>A few years ago, I had a look at the media support for Browser
721 plugins in Debian, to get an idea which plugins to include in Debian
722 Edu. I created a script to extract the set of supported MIME types
723 for each plugin, and used this to find out which multimedia browser
724 plugin supported most file formats / media types.
725 <a href=
"https://wiki.debian.org/DebianEdu/BrowserMultimedia
">The
726 result
</a
> can still be seen on the Debian wiki, even though it have
727 not been updated for a while. But browser plugins are less relevant
728 these days, so I thought it was time to look at standalone
731 <p
>A few days ago I was tired of VLC not being listed as a viable
732 player when I wanted to play videos from the Norwegian National
733 Broadcasting Company, and decided to investigate why. The cause is a
734 <a href=
"https://bugs.debian.org/
822245">missing MIME type in the VLC
735 desktop file
</a
>. In the process I wrote a script to compare the set
736 of MIME types announced in the desktop file and the browser plugin,
737 only to discover that there is quite a large difference between the
738 two for VLC. This discovery made me dig up the script I used to
739 compare browser plugins, and adjust it to compare desktop files
740 instead, to try to figure out which multimedia player in Debian
741 support most file formats.
</p
>
743 <p
>The result can be seen on the Debian Wiki, as
744 <a href=
"https://wiki.debian.org/DebianMultimedia/PlayerSupport
">a
745 table listing all MIME types supported by one of the packages included
746 in the table
</a
>, with the package supporting most MIME types being
747 listed first in the table.
</p
>
749 </p
>The best multimedia player in Debian? It is totem, followed by
750 parole, kplayer, mpv, vlc, smplayer mplayer-gui gnome-mpv and
751 kmplayer. Time for the other players to update their announced MIME
757 <title>The Pyra - handheld computer with Debian preinstalled
</title>
758 <link>http://people.skolelinux.org/pere/blog/The_Pyra___handheld_computer_with_Debian_preinstalled.html
</link>
759 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/The_Pyra___handheld_computer_with_Debian_preinstalled.html
</guid>
760 <pubDate>Wed,
4 May
2016 10:
00:
00 +
0200</pubDate>
761 <description>A friend of mine made me aware of
762 <a href=
"https://pyra-handheld.com/boards/pages/pyra/
">The Pyra
</a
>, a
763 handheld computer which will be delivered with Debian preinstalled. I
764 would love to get one of those for my birthday. :)
</p
>
766 <p
>The machine is a complete ARM-based PC with micro HDMI, SATA, USB
767 plugs and many others connectors, and include a full keyboard and a
5"
768 LCD touch screen. The
6000mAh battery is claimed to provide a whole
769 day of battery life time, but I have not seen any independent tests
770 confirming this. The vendor is still collecting preorders, and the
771 last I heard last night was that
22 more orders were needed before
772 production started.
</p
>
774 <p
>As far as I know, this is the first handheld preinstalled with
775 Debian. Please let me know if you know of any others. Is it the
776 first computer being sold with Debian preinstalled?
</p
>
781 <title>Lets make a Norwegian Bokmål edition of The Debian Administrator
's Handbook
</title>
782 <link>http://people.skolelinux.org/pere/blog/Lets_make_a_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook.html
</link>
783 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Lets_make_a_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook.html
</guid>
784 <pubDate>Sun,
10 Apr
2016 23:
20:
00 +
0200</pubDate>
785 <description><p
>During this weekends
786 <a href=
"http://www.nuug.no/news/Oslo__Takk_for_feilfiksingsfesten.shtml
">bug
787 squashing party and developer gathering
</a
>, we decided to do our part
788 to make sure there are good books about Debian available in Norwegian
789 Bokmål, and got in touch with the people behind the
790 <a href=
"http://debian-handbook.info/
">Debian Administrator
's Handbook
791 project
</a
> to get started. If you want to help out, please start
793 <a href=
"https://hosted.weblate.org/projects/debian-handbook/
">the
794 hosted weblate project page
</a
>, and get in touch using
795 <a href=
"http://lists.alioth.debian.org/mailman/listinfo/debian-handbook-translators
">the
796 translators mailing list
</a
>. Please also check out
797 <a href=
"https://debian-handbook.info/contribute/
">the instructions for
798 contributors
</a
>.
</p
>
800 <p
>The book is already available on paper in English, French and
801 Japanese, and our goal is to get it available on paper in Norwegian
802 Bokmål too. In addition to the paper edition, there are also EPUB and
803 Mobi versions available. And there are incomplete translations
804 available for many more languages.
</p
>
809 <title>One in two hundred Debian users using ZFS on Linux?
</title>
810 <link>http://people.skolelinux.org/pere/blog/One_in_two_hundred_Debian_users_using_ZFS_on_Linux_.html
</link>
811 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/One_in_two_hundred_Debian_users_using_ZFS_on_Linux_.html
</guid>
812 <pubDate>Thu,
7 Apr
2016 22:
30:
00 +
0200</pubDate>
813 <description><p
>Just for fun I had a look at the popcon number of ZFS related
814 packages in Debian, and was quite surprised with what I found. I use
815 ZFS myself at home, but did not really expect many others to do so.
816 But I might be wrong.
</p
>
818 <p
>According to
819 <a href=
"https://qa.debian.org/popcon.php?package=spl-linux
">the popcon
820 results for spl-linux
</a
>, there are
1019 Debian installations, or
821 0.53% of the population, with the package installed. As far as I know
822 the only use of the spl-linux package is as a support library for ZFS
823 on Linux, so I use it here as proxy for measuring the number of ZFS
824 installation on Linux in Debian. In the kFreeBSD variant of Debian
825 the ZFS feature is already available, and there
826 <a href=
"https://qa.debian.org/popcon.php?package=zfsutils
">the popcon
827 results for zfsutils
</a
> show
1625 Debian installations or
0.84% of
828 the population. So I guess I am not alone in using ZFS on Debian.
</p
>
830 <p
>But even though the Debian project leader Lucas Nussbaum
831 <a href=
"https://lists.debian.org/debian-devel-announce/
2015/
04/msg00006.html
">announced
832 in April
2015</a
> that the legal obstacles blocking ZFS on Debian were
833 cleared, the package is still not in Debian. The package is again in
834 the NEW queue. Several uploads have been rejected so far because the
835 debian/copyright file was incomplete or wrong, but there is no reason
836 to give up. The current status can be seen on
837 <a href=
"https://qa.debian.org/developer.php?login=pkg-zfsonlinux-devel@lists.alioth.debian.org
">the
838 team status page
</a
>, and
839 <a href=
"http://anonscm.debian.org/gitweb/?p=pkg-zfsonlinux/zfs.git
">the
840 source code
</a
> is available on Alioth.
</p
>
842 <p
>As I want ZFS to be included in next version of Debian to make sure
843 my home server can function in the future using only official Debian
844 packages, and the current blocker is to get the debian/copyright file
845 accepted by the FTP masters in Debian, I decided a while back to try
846 to help out the team. This was the background for my blog post about
847 <a href=
"http://people.skolelinux.org/pere/blog/Creating__updating_and_checking_debian_copyright_semi_automatically.html
">creating,
848 updating and checking debian/copyright semi-automatically
</a
>, and I
849 used the techniques I explored there to try to find any errors in the
850 copyright file. It is not very easy to check every one of the around
851 2000 files in the source package, but I hope we this time got it
852 right. If you want to help out, check out the git source and try to
853 find missing entries in the debian/copyright file.
</p
>
858 <title>Full battery stats collector is now available in Debian
</title>
859 <link>http://people.skolelinux.org/pere/blog/Full_battery_stats_collector_is_now_available_in_Debian.html
</link>
860 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Full_battery_stats_collector_is_now_available_in_Debian.html
</guid>
861 <pubDate>Wed,
23 Mar
2016 22:
10:
00 +
0100</pubDate>
862 <description><p
>Since this morning, the battery-stats package in Debian include an
863 extended collector that will collect the complete battery history for
864 later processing and graphing. The original collector store the
865 battery level as percentage of last full level, while the new
866 collector also record battery vendor, model, serial number, design
867 full level, last full level and current battery level. This make it
868 possible to predict the lifetime of the battery as well as visualise
869 the energy flow when the battery is charging or discharging.
</p
>
871 <p
>The new tools are available in
<tt
>/usr/share/battery-stats/
</tt
>
872 in the version
0.5.1 package in unstable. Get the new battery level graph
873 and lifetime prediction by running:
876 /usr/share/battery-stats/battery-stats-graph /var/log/battery-stats.csv
877 </pre
></p
>
879 <p
>Or select the
'Battery Level Graph
' from your application menu.
</p
>
881 <p
>The flow in/out of the battery can be seen by running (no menu
882 entry yet):
</p
>
885 /usr/share/battery-stats/battery-stats-graph-flow
886 </pre
></p
>
888 <p
>I
'm not quite happy with the way the data is visualised, at least
889 when there are few data points. The graphs look a bit better with a
890 few years of data.
</p
>
892 <p
>A while back one important feature I use in the battery stats
893 collector broke in Debian. The scripts in
894 <tt
>/usr/lib/pm-utils/power.d/
</tt
> were no longer executed. I
895 suspect it happened when Jessie started using systemd, but I do not
896 know. The issue is reported as
897 <a href=
"https://bugs.debian.org/
818649">bug #
818649</a
> against
898 pm-utils. I managed to work around it by adding an udev rule to call
899 the collector script every time the power connector is connected and
900 disconnected. With this fix in place it was finally time to make a
901 new release of the package, and get it into Debian.
</p
>
903 <p
>If you are interested in how your laptop battery is doing, please
905 <a href=
"https://tracker.debian.org/pkg/battery-stats
">battery-stats
</a
>
906 in Debian unstable, or rebuild it on Jessie to get it working on
907 Debian stable. :) The upstream source is available from
908 <a href=
"https://github.com/petterreinholdtsen/battery-stats
">github
</a
>.
909 As always, patches are very welcome.
</p
>
914 <title>Making battery measurements a little easier in Debian
</title>
915 <link>http://people.skolelinux.org/pere/blog/Making_battery_measurements_a_little_easier_in_Debian.html
</link>
916 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Making_battery_measurements_a_little_easier_in_Debian.html
</guid>
917 <pubDate>Tue,
15 Mar
2016 15:
00:
00 +
0100</pubDate>
918 <description><p
>Back in September, I blogged about
919 <a href=
"http://people.skolelinux.org/pere/blog/The_life_and_death_of_a_laptop_battery.html
">the
920 system I wrote to collect statistics about my laptop battery
</a
>, and
921 how it showed the decay and death of this battery (now replaced). I
922 created a simple deb package to handle the collection and graphing,
923 but did not want to upload it to Debian as there were already
924 <a href=
"https://tracker.debian.org/pkg/battery-stats
">a battery-stats
925 package in Debian
</a
> that should do the same thing, and I did not see
926 a point of uploading a competing package when battery-stats could be
927 fixed instead. I reported a few bugs about its non-function, and
928 hoped someone would step in and fix it. But no-one did.
</p
>
930 <p
>I got tired of waiting a few days ago, and took matters in my own
931 hands. The end result is that I am now the new upstream developer of
932 battery stats (
<a href=
"https://github.com/petterreinholdtsen/battery-stats
">available from github
</a
>) and part of the team maintaining
933 battery-stats in Debian, and the package in Debian unstable is finally
934 able to collect battery status using the
<tt
>/sys/class/power_supply/
</tt
>
935 information provided by the Linux kernel. If you install the
936 battery-stats package from unstable now, you will be able to get a
937 graph of the current battery fill level, to get some idea about the
938 status of the battery. The source package build and work just fine in
939 Debian testing and stable (and probably oldstable too, but I have not
940 tested). The default graph you get for that system look like this:
</p
>
942 <p align=
"center
"><img src=
"http://people.skolelinux.org/pere/blog/images/
2016-
03-
15-battery-stats-graph-example.png
" width=
"70%
" align=
"center
"></p
>
944 <p
>My plans for the future is to merge my old scripts into the
945 battery-stats package, as my old scripts collected a lot more details
946 about the battery. The scripts are merged into the upstream
947 battery-stats git repository already, but I am not convinced they work
948 yet, as I changed a lot of paths along the way. Will have to test a
949 bit more before I make a new release.
</p
>
951 <p
>I will also consider changing the file format slightly, as I
952 suspect the way I combine several values into one field might make it
953 impossible to know the type of the value when using it for processing
954 and graphing.
</p
>
956 <p
>If you would like I would like to keep an close eye on your laptop
957 battery, check out the battery-stats package in
958 <a href=
"https://tracker.debian.org/pkg/battery-stats
">Debian
</a
> and
960 <a href=
"https://github.com/petterreinholdtsen/battery-stats
">github
</a
>.
961 I would love some help to improve the system further.
</p
>
966 <title>Creating, updating and checking debian/copyright semi-automatically
</title>
967 <link>http://people.skolelinux.org/pere/blog/Creating__updating_and_checking_debian_copyright_semi_automatically.html
</link>
968 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Creating__updating_and_checking_debian_copyright_semi_automatically.html
</guid>
969 <pubDate>Fri,
19 Feb
2016 15:
00:
00 +
0100</pubDate>
970 <description><p
>Making packages for Debian requires quite a lot of attention to
971 details. And one of the details is the content of the
972 debian/copyright file, which should list all relevant licenses used by
973 the code in the package in question, preferably in
974 <a href=
"https://www.debian.org/doc/packaging-manuals/copyright-format/
1.0/
">machine
975 readable DEP5 format
</a
>.
</p
>
977 <p
>For large packages with lots of contributors it is hard to write
978 and update this file manually, and if you get some detail wrong, the
979 package is normally rejected by the ftpmasters. So getting it right
980 the first time around get the package into Debian faster, and save
981 both you and the ftpmasters some work.. Today, while trying to figure
982 out what was wrong with
983 <a href=
"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=
686447">the
984 zfsonlinux copyright file
</a
>, I decided to spend some time on
985 figuring out the options for doing this job automatically, or at least
986 semi-automatically.
</p
>
988 <p
>Lucikly, there are at least two tools available for generating the
989 file based on the code in the source package,
990 <tt
><a href=
"https://tracker.debian.org/pkg/debmake
">debmake
</a
></tt
>
991 and
<tt
><a href=
"https://tracker.debian.org/pkg/cme
">cme
</a
></tt
>. I
'm
992 not sure which one of them came first, but both seem to be able to
993 create a sensible draft file. As far as I can tell, none of them can
994 be trusted to get the result just right, so the content need to be
995 polished a bit before the file is OK to upload. I found the debmake
997 <a href=
"http://goofying-with-debian.blogspot.com/
2014/
07/debmake-checking-source-against-dep-
5.html
">a
998 blog posts from
2014</a
>.
1000 <p
>To generate using debmake, use the -cc option:
1002 <p
><pre
>
1003 debmake -cc
> debian/copyright
1004 </pre
></p
>
1006 <p
>Note there are some problems with python and non-ASCII names, so
1007 this might not be the best option.
</p
>
1009 <p
>The cme option is based on a config parsing library, and I found
1011 <a href=
"https://ddumont.wordpress.com/
2015/
04/
05/improving-creation-of-debian-copyright-file/
">a
1012 blog post from
2015</a
>. To generate using cme, use the
'update
1013 dpkg-copyright
' option:
1015 <p
><pre
>
1016 cme update dpkg-copyright
1017 </pre
></p
>
1019 <p
>This will create or update debian/copyright. The cme tool seem to
1020 handle UTF-
8 names better than debmake.
</p
>
1022 <p
>When the copyright file is created, I would also like some help to
1023 check if the file is correct. For this I found two good options,
1024 <tt
>debmake -k
</tt
> and
<tt
>license-reconcile
</tt
>. The former seem
1025 to focus on license types and file matching, and is able to detect
1026 ineffective blocks in the copyright file. The latter reports missing
1027 copyright holders and years, but was confused by inconsistent license
1028 names (like CDDL vs. CDDL-
1.0). I suspect it is good to use both and
1029 fix all issues reported by them before uploading. But I do not know
1030 if the tools and the ftpmasters agree on what is important to fix in a
1031 copyright file, so the package might still be rejected.
</p
>
1033 <p
>The devscripts tool
<tt
>licensecheck
</tt
> deserve mentioning. It
1034 will read through the source and try to find all copyright statements.
1035 It is not comparing the result to the content of debian/copyright, but
1036 can be useful when verifying the content of the copyright file.
</p
>
1038 <p
>Are you aware of better tools in Debian to create and update
1039 debian/copyright file. Please let me know, or blog about it on
1040 planet.debian.org.
</p
>
1042 <p
>As usual, if you use Bitcoin and want to show your support of my
1043 activities, please send Bitcoin donations to my address
1044 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
1046 <p
><strong
>Update
2016-
02-
20</strong
>: I got a tip from Mike Gabriel
1047 on how to use licensecheck and cdbs to create a draft copyright file
1049 <p
><pre
>
1050 licensecheck --copyright -r `find * -type f` | \
1051 /usr/lib/cdbs/licensecheck2dep5
> debian/copyright.auto
1052 </pre
></p
>
1054 <p
>He mentioned that he normally check the generated file into the
1055 version control system to make it easier to discover license and
1056 copyright changes in the upstream source. I will try to do the same
1057 with my packages in the future.
</p
>
1059 <p
><strong
>Update
2016-
02-
21</strong
>: The cme author recommended
1060 against using -quiet for new users, so I removed it from the proposed
1061 command line.
</p
>
1066 <title>Using appstream in Debian to locate packages with firmware and mime type support
</title>
1067 <link>http://people.skolelinux.org/pere/blog/Using_appstream_in_Debian_to_locate_packages_with_firmware_and_mime_type_support.html
</link>
1068 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Using_appstream_in_Debian_to_locate_packages_with_firmware_and_mime_type_support.html
</guid>
1069 <pubDate>Thu,
4 Feb
2016 16:
40:
00 +
0100</pubDate>
1070 <description><p
>The
<a href=
"https://wiki.debian.org/DEP-
11">appstream system
</a
>
1071 is taking shape in Debian, and one provided feature is a very
1072 convenient way to tell you which package to install to make a given
1073 firmware file available when the kernel is looking for it. This can
1074 be done using apt-file too, but that is for someone else to blog
1077 <p
>Here is a small recipe to find the package with a given firmware
1078 file, in this example I am looking for ctfw-
3.2.3.0.bin, randomly
1079 picked from the set of firmware announced using appstream in Debian
1080 unstable. In general you would be looking for the firmware requested
1081 by the kernel during kernel module loading. To find the package
1082 providing the example file, do like this:
</p
>
1084 <blockquote
><pre
>
1085 % apt install appstream
1089 % appstreamcli what-provides firmware:runtime ctfw-
3.2.3.0.bin | \
1090 awk
'/Package:/ {print $
2}
'
1093 </pre
></blockquote
>
1095 <p
>See
<a href=
"https://wiki.debian.org/AppStream/Guidelines
">the
1096 appstream wiki
</a
> page to learn how to embed the package metadata in
1097 a way appstream can use.
</p
>
1099 <p
>This same approach can be used to find any package supporting a
1100 given MIME type. This is very useful when you get a file you do not
1101 know how to handle. First find the mime type using
<tt
>file
1102 --mime-type
</tt
>, and next look up the package providing support for
1103 it. Lets say you got an SVG file. Its MIME type is image/svg+xml,
1104 and you can find all packages handling this type like this:
</p
>
1106 <blockquote
><pre
>
1107 % apt install appstream
1111 % appstreamcli what-provides mimetype image/svg+xml | \
1112 awk
'/Package:/ {print $
2}
'
1134 </pre
></blockquote
>
1136 <p
>I believe the MIME types are fetched from the desktop file for
1137 packages providing appstream metadata.
</p
>
1142 <title>Creepy, visualise geotagged social media information - nice free software
</title>
1143 <link>http://people.skolelinux.org/pere/blog/Creepy__visualise_geotagged_social_media_information___nice_free_software.html
</link>
1144 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Creepy__visualise_geotagged_social_media_information___nice_free_software.html
</guid>
1145 <pubDate>Sun,
24 Jan
2016 10:
50:
00 +
0100</pubDate>
1146 <description><p
>Most people seem not to realise that every time they walk around
1147 with the computerised radio beacon known as a mobile phone their
1148 position is tracked by the phone company and often stored for a long
1149 time (like every time a SMS is received or sent). And if their
1150 computerised radio beacon is capable of running programs (often called
1151 mobile apps) downloaded from the Internet, these programs are often
1152 also capable of tracking their location (if the app requested access
1153 during installation). And when these programs send out information to
1154 central collection points, the location is often included, unless
1155 extra care is taken to not send the location. The provided
1156 information is used by several entities, for good and bad (what is
1157 good and bad, depend on your point of view). What is certain, is that
1158 the private sphere and the right to free movement is challenged and
1159 perhaps even eradicated for those announcing their location this way,
1160 when they share their whereabouts with private and public
1163 <p align=
"center
"><img width=
"70%
" src=
"http://people.skolelinux.org/pere/blog/images/
2016-
01-
24-nice-creepy-desktop-window.png
"></p
>
1165 <p
>The phone company logs provide a register of locations to check out
1166 when one want to figure out what the tracked person was doing. It is
1167 unavailable for most of us, but provided to selected government
1168 officials, company staff, those illegally buying information from
1169 unfaithful servants and crackers stealing the information. But the
1170 public information can be collected and analysed, and a free software
1171 tool to do so is called
1172 <a href=
"http://www.geocreepy.com/
">Creepy or Cree.py
</a
>. I
1173 discovered it when I read
1174 <a href=
"http://www.aftenposten.no/kultur/Slik-kan-du-bli-overvaket-pa-Twitter-og-Instagram-uten-a-ane-det-
7787884.html
">an
1175 article about Creepy
</a
> in the Norwegian newspaper Aftenposten i
1176 November
2014, and decided to check if it was available in Debian.
1177 The python program was in Debian, but
1178 <a href=
"https://tracker.debian.org/pkg/creepy
">the version in
1179 Debian
</a
> was completely broken and practically unmaintained. I
1180 uploaded a new version which did not work quite right, but did not
1181 have time to fix it then. This Christmas I decided to finally try to
1182 get Creepy operational in Debian. Now a fixed version is available in
1183 Debian unstable and testing, and almost all Debian specific patches
1185 <a href=
"https://github.com/jkakavas/creepy
">upstream
</a
>.
</p
>
1187 <p
>The Creepy program visualises geolocation information fetched from
1188 Twitter, Instagram, Flickr and Google+, and allow one to get a
1189 complete picture of every social media message posted recently in a
1190 given area, or track the movement of a given individual across all
1191 these services. Earlier it was possible to use the search API of at
1192 least some of these services without identifying oneself, but these
1193 days it is impossible. This mean that to use Creepy, you need to
1194 configure it to log in as yourself on these services, and provide
1195 information to them about your search interests. This should be taken
1196 into account when using Creepy, as it will also share information
1197 about yourself with the services.
</p
>
1199 <p
>The picture above show the twitter messages sent from (or at least
1200 geotagged with a position from) the city centre of Oslo, the capital
1201 of Norway. One useful way to use Creepy is to first look at
1202 information tagged with an area of interest, and next look at all the
1203 information provided by one or more individuals who was in the area.
1204 I tested it by checking out which celebrity provide their location in
1205 twitter messages by checkout out who sent twitter messages near a
1206 Norwegian TV station, and next could track their position over time,
1207 making it possible to locate their home and work place, among other
1208 things. A similar technique have been
1209 <a href=
"http://www.buzzfeed.com/maxseddon/does-this-soldiers-instagram-account-prove-russia-is-covertl
">used
1210 to locate Russian soldiers in Ukraine
</a
>, and it is both a powerful
1211 tool to discover lying governments, and a useful tool to help people
1212 understand the value of the private information they provide to the
1215 <p
>The package is not trivial to backport to Debian Stable/Jessie, as
1216 it depend on several python modules currently missing in Jessie (at
1217 least python-instagram, python-flickrapi and
1218 python-requests-toolbelt).
</p
>
1220 <p
>(I have uploaded
1221 <a href=
"https://screenshots.debian.net/package/creepy
">the image to
1222 screenshots.debian.net
</a
> and licensed it under the same terms as the
1223 Creepy program in Debian.)
</p
>
1228 <title>Always download Debian packages using Tor - the simple recipe
</title>
1229 <link>http://people.skolelinux.org/pere/blog/Always_download_Debian_packages_using_Tor___the_simple_recipe.html
</link>
1230 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Always_download_Debian_packages_using_Tor___the_simple_recipe.html
</guid>
1231 <pubDate>Fri,
15 Jan
2016 00:
30:
00 +
0100</pubDate>
1232 <description><p
>During his DebConf15 keynote, Jacob Appelbaum
1233 <a href=
"https://summit.debconf.org/debconf15/meeting/
331/what-is-to-be-done/
">observed
1234 that those listening on the Internet lines would have good reason to
1235 believe a computer have a given security hole
</a
> if it download a
1236 security fix from a Debian mirror. This is a good reason to always
1237 use encrypted connections to the Debian mirror, to make sure those
1238 listening do not know which IP address to attack. In August, Richard
1239 Hartmann observed that encryption was not enough, when it was possible
1240 to interfere download size to security patches or the fact that
1241 download took place shortly after a security fix was released, and
1242 <a href=
"http://richardhartmann.de/blog/posts/
2015/
08/
24-Tor-enabled_Debian_mirror/
">proposed
1243 to always use Tor to download packages from the Debian mirror
</a
>. He
1244 was not the first to propose this, as the
1245 <tt
><a href=
"https://tracker.debian.org/pkg/apt-transport-tor
">apt-transport-tor
</a
></tt
>
1246 package by Tim Retout already existed to make it easy to convince apt
1247 to use
<a href=
"https://www.torproject.org/
">Tor
</a
>, but I was not
1248 aware of that package when I read the blog post from Richard.
</p
>
1250 <p
>Richard discussed the idea with Peter Palfrader, one of the Debian
1251 sysadmins, and he set up a Tor hidden service on one of the central
1252 Debian mirrors using the address vwakviie2ienjx6t.onion, thus making
1253 it possible to download packages directly between two tor nodes,
1254 making sure the network traffic always were encrypted.
</p
>
1256 <p
>Here is a short recipe for enabling this on your machine, by
1257 installing
<tt
>apt-transport-tor
</tt
> and replacing http and https
1258 urls with tor+http and tor+https, and using the hidden service instead
1259 of the official Debian mirror site. I recommend installing
1260 <tt
>etckeeper
</tt
> before you start to have a history of the changes
1261 done in /etc/.
</p
>
1263 <blockquote
><pre
>
1264 apt install apt-transport-tor
1265 sed -i
's% http://ftp.debian.org/% tor+http://vwakviie2ienjx6t.onion/%
' /etc/apt/sources.list
1266 sed -i
's% http% tor+http%
' /etc/apt/sources.list
1267 </pre
></blockquote
>
1269 <p
>If you have more sources listed in /etc/apt/sources.list.d/, run
1270 the sed commands for these too. The sed command is assuming your are
1271 using the ftp.debian.org Debian mirror. Adjust the command (or just
1272 edit the file manually) to match your mirror.
</p
>
1274 <p
>This work in Debian Jessie and later. Note that tools like
1275 <tt
>apt-file
</tt
> only recently started using the apt transport
1276 system, and do not work with these tor+http URLs. For
1277 <tt
>apt-file
</tt
> you need the version currently in experimental,
1278 which need a recent apt version currently only in unstable. So if you
1279 need a working
<tt
>apt-file
</tt
>, this is not for you.
</p
>
1281 <p
>Another advantage from this change is that your machine will start
1282 using Tor regularly and at fairly random intervals (every time you
1283 update the package lists or upgrade or install a new package), thus
1284 masking other Tor traffic done from the same machine. Using Tor will
1285 become normal for the machine in question.
</p
>
1287 <p
>On
<a href=
"https://wiki.debian.org/FreedomBox
">Freedombox
</a
>, APT
1288 is set up by default to use
<tt
>apt-transport-tor
</tt
> when Tor is
1289 enabled. It would be great if it was the default on any Debian
1295 <title>OpenALPR, find car license plates in video streams - nice free software
</title>
1296 <link>http://people.skolelinux.org/pere/blog/OpenALPR__find_car_license_plates_in_video_streams___nice_free_software.html
</link>
1297 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/OpenALPR__find_car_license_plates_in_video_streams___nice_free_software.html
</guid>
1298 <pubDate>Wed,
23 Dec
2015 01:
00:
00 +
0100</pubDate>
1299 <description><p
>When I was a kid, we used to collect
"car numbers
", as we used to
1300 call the car license plate numbers in those days. I would write the
1301 numbers down in my little book and compare notes with the other kids
1302 to see how many region codes we had seen and if we had seen some
1303 exotic or special region codes and numbers. It was a fun game to pass
1304 time, as we kids have plenty of it.
</p
>
1306 <p
>A few days I came across
1307 <a href=
"https://github.com/openalpr/openalpr
">the OpenALPR
1308 project
</a
>, a free software project to automatically discover and
1309 report license plates in images and video streams, and provide the
1310 "car numbers
" in a machine readable format. I
've been looking for
1311 such system for a while now, because I believe it is a bad idea that the
1312 <a href=
"https://en.wikipedia.org/wiki/Automatic_number_plate_recognition
">automatic
1313 number plate recognition
</a
> tool only is available in the hands of
1314 the powerful, and want it to be available also for the powerless to
1315 even the score when it comes to surveillance and sousveillance. I
1316 discovered the developer
1317 <a href=
"https://bugs.debian.org/
747509">wanted to get the tool into
1318 Debian
</a
>, and as I too wanted it to be in Debian, I volunteered to
1319 help him get it into shape to get the package uploaded into the Debian
1322 <p
>Today we finally managed to get the package into shape and uploaded
1323 it into Debian, where it currently
1324 <a href=
"https://ftp-master.debian.org//new/openalpr_2.2
.1-
1.html
">waits
1325 in the NEW queue
</a
> for review by the Debian ftpmasters.
</p
>
1327 <p
>I guess you are wondering why on earth such tool would be useful
1328 for the common folks, ie those not running a large government
1329 surveillance system? Well, I plan to put it in a computer on my bike
1330 and in my car, tracking the cars nearby and allowing me to be notified
1331 when number plates on my watch list are discovered. Another use case
1332 was suggested by a friend of mine, who wanted to set it up at his home
1333 to open the car port automatically when it discovered the plate on his
1334 car. When I mentioned it perhaps was a bit foolhardy to allow anyone
1335 capable of placing his license plate number of a piece of cardboard to
1336 open his car port, men replied that it was always unlocked anyway. I
1337 guess for such use case it make sense. I am sure there are other use
1338 cases too, for those with imagination and a vision.
</p
>
1340 <p
>If you want to build your own version of the Debian package, check
1341 out the upstream git source and symlink ./distros/debian to ./debian/
1342 before running
"debuild
" to build the source. Or wait a bit until the
1343 package show up in unstable.
</p
>
1348 <title>Using appstream with isenkram to install hardware related packages in Debian
</title>
1349 <link>http://people.skolelinux.org/pere/blog/Using_appstream_with_isenkram_to_install_hardware_related_packages_in_Debian.html
</link>
1350 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Using_appstream_with_isenkram_to_install_hardware_related_packages_in_Debian.html
</guid>
1351 <pubDate>Sun,
20 Dec
2015 12:
20:
00 +
0100</pubDate>
1352 <description><p
>Around three years ago, I created
1353 <a href=
"http://packages.qa.debian.org/isenkram
">the isenkram
1354 system
</a
> to get a more practical solution in Debian for handing
1355 hardware related packages. A GUI system in the isenkram package will
1356 present a pop-up dialog when some hardware dongle supported by
1357 relevant packages in Debian is inserted into the machine. The same
1358 lookup mechanism to detect packages is available as command line
1359 tools in the isenkram-cli package. In addition to mapping hardware,
1360 it will also map kernel firmware files to packages and make it easy to
1361 install needed firmware packages automatically. The key for this
1362 system to work is a good way to map hardware to packages, in other
1363 words, allow packages to announce what hardware they will work
1366 <p
>I started by providing data files in the isenkram source, and
1367 adding code to download the latest version of these data files at run
1368 time, to ensure every user had the most up to date mapping available.
1369 I also added support for storing the mapping in the Packages file in
1370 the apt repositories, but did not push this approach because while I
1371 was trying to figure out how to best store hardware/package mappings,
1372 <a href=
"http://www.freedesktop.org/software/appstream/docs/
">the
1373 appstream system
</a
> was announced. I got in touch and suggested to
1374 add the hardware mapping into that data set to be able to use
1375 appstream as a data source, and this was accepted at least for the
1376 Debian version of appstream.
</p
>
1378 <p
>A few days ago using appstream in Debian for this became possible,
1379 and today I uploaded a new version
0.20 of isenkram adding support for
1380 appstream as a data source for mapping hardware to packages. The only
1381 package so far using appstream to announce its hardware support is my
1382 pymissile package. I got help from Matthias Klumpp with figuring out
1383 how do add the required
1384 <a href=
"https://appstream.debian.org/html/sid/main/metainfo/pymissile.html
">metadata
1385 in pymissile
</a
>. I added a file debian/pymissile.metainfo.xml with
1386 this content:
</p
>
1388 <blockquote
><pre
>
1389 &lt;?xml version=
"1.0" encoding=
"UTF-
8"?
&gt;
1390 &lt;component
&gt;
1391 &lt;id
&gt;pymissile
&lt;/id
&gt;
1392 &lt;metadata_license
&gt;MIT
&lt;/metadata_license
&gt;
1393 &lt;name
&gt;pymissile
&lt;/name
&gt;
1394 &lt;summary
&gt;Control original Striker USB Missile Launcher
&lt;/summary
&gt;
1395 &lt;description
&gt;
1397 Pymissile provides a curses interface to control an original
1398 Marks and Spencer / Striker USB Missile Launcher, as well as a
1399 motion control script to allow a webcamera to control the
1402 &lt;/description
&gt;
1403 &lt;provides
&gt;
1404 &lt;modalias
&gt;usb:v1130p0202d*
&lt;/modalias
&gt;
1405 &lt;/provides
&gt;
1406 &lt;/component
&gt;
1407 </pre
></blockquote
>
1409 <p
>The key for isenkram is the component/provides/modalias value,
1410 which is a glob style match rule for hardware specific strings
1411 (modalias strings) provided by the Linux kernel. In this case, it
1412 will map to all USB devices with vendor code
1130 and product code
1415 <p
>Note, it is important that the license of all the metadata files
1416 are compatible to have permissions to aggregate them into archive wide
1417 appstream files. Matthias suggested to use MIT or BSD licenses for
1418 these files. A challenge is figuring out a good id for the data, as
1419 it is supposed to be globally unique and shared across distributions
1420 (in other words, best to coordinate with upstream what to use). But
1421 it can be changed later or, so we went with the package name as
1422 upstream for this project is dormant.
</p
>
1424 <p
>To get the metadata file installed in the correct location for the
1425 mirror update scripts to pick it up and include its content the
1426 appstream data source, the file must be installed in the binary
1427 package under /usr/share/appdata/. I did this by adding the following
1428 line to debian/pymissile.install:
</p
>
1430 <blockquote
><pre
>
1431 debian/pymissile.metainfo.xml usr/share/appdata
1432 </pre
></blockquote
>
1434 <p
>With that in place, the command line tool isenkram-lookup will list
1435 all packages useful on the current computer automatically, and the GUI
1436 pop-up handler will propose to install the package not already
1437 installed if a hardware dongle is inserted into the machine in
1440 <p
>Details of the modalias field in appstream is available from the
1441 <a href=
"https://wiki.debian.org/DEP-
11">DEP-
11</a
> proposal.
</p
>
1443 <p
>To locate the modalias values of all hardware present in a machine,
1444 try running this command on the command line:
</p
>
1446 <blockquote
><pre
>
1447 cat $(find /sys/devices/|grep modalias)
1448 </pre
></blockquote
>
1450 <p
>To learn more about the isenkram system, please check out
1451 <a href=
"http://people.skolelinux.org/pere/blog/tags/isenkram/
">my
1452 blog posts tagged isenkram
</a
>.
</p
>
1457 <title>The GNU General Public License is not magic pixie dust
</title>
1458 <link>http://people.skolelinux.org/pere/blog/The_GNU_General_Public_License_is_not_magic_pixie_dust.html
</link>
1459 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/The_GNU_General_Public_License_is_not_magic_pixie_dust.html
</guid>
1460 <pubDate>Mon,
30 Nov
2015 09:
55:
00 +
0100</pubDate>
1461 <description><p
>A blog post from my fellow Debian developer Paul Wise titled
1462 "<a href=
"http://bonedaddy.net/pabs3/log/
2015/
11/
27/sfc-supporter/
">The
1463 GPL is not magic pixie dust
</a
>" explain the importance of making sure
1464 the
<a href=
"http://www.gnu.org/copyleft/gpl.html
">GPL
</a
> is enforced.
1465 I quote the blog post from Paul in full here with his permission:
<p
>
1469 <p
><a href=
"https://sfconservancy.org/supporter/
"><img src=
"https://sfconservancy.org/img/supporter-badge.png
" width=
"194" height=
"90" alt=
"Become a Software Freedom Conservancy Supporter!
" align=
"right
" border=
"0" /
></a
></p
>
1472 The GPL is not magic pixie dust. It does not work by itself.
<br/
>
1474 The first step is to choose a
1475 <a href=
"https://copyleft.org/
">copyleft
</a
> license for your
1478 The next step is, when someone fails to follow that copyleft license,
1479 <b
>it must be enforced
</b
><br/
>
1481 and its a simple fact of our modern society that such type of
1484 is incredibly expensive to do and incredibly difficult to do.
1487 <p
><small
>--
<a href=
"http://ebb.org/bkuhn/
">Bradley Kuhn
</a
>, in
1488 <a href=
"http://faif.us/
" title=
"Free as in Freedom
">FaiF
</a
>
1489 <a href=
"http://faif.us/cast/
2015/nov/
24/
0x57/
">episode
1490 0x57</a
></small
></p
>
1492 <p
>As the Debian Website
1493 <a href=
"https://bugs.debian.org/
794116">used
</a
>
1494 <a href=
"https://anonscm.debian.org/viewvc/webwml/webwml/english/intro/free.wml?r1=
1.24&amp;r2=
1.25">to
</a
>
1495 imply, public domain and permissively licensed software can lead to
1496 the production of more proprietary software as people discover useful
1497 software, extend it and or incorporate it into their hardware or
1498 software products. Copyleft licenses such as the GNU GPL were created
1499 to close off this avenue to the production of proprietary software but
1500 such licenses are not enough. With the ongoing adoption of Free
1501 Software by individuals and groups, inevitably the community
's
1502 expectations of license compliance are violated, usually out of
1503 ignorance of the way Free Software works, but not always. As Karen
1504 and Bradley explained in
<a href=
"http://faif.us/
" title=
"Free as in
1505 Freedom
">FaiF
</a
>
1506 <a href=
"http://faif.us/cast/
2015/nov/
24/
0x57/
">episode
0x57</a
>,
1507 copyleft is nothing if no-one is willing and able to stand up in court
1508 to protect it. The reality of today
's world is that legal
1509 representation is expensive, difficult and time consuming. With
1510 <a href=
"http://gpl-violations.org/
">gpl-violations.org
</a
> in hiatus
1511 <a href=
"http://gpl-violations.org/news/
20151027-homepage-recovers/
">until
</a
>
1512 some time in
2016, the
<a href=
"https://sfconservancy.org/
">Software
1513 Freedom Conservancy
</a
> (a tax-exempt charity) is the major defender
1514 of the Linux project, Debian and other groups against GPL violations.
1515 In March the SFC supported a
1516 <a href=
"https://sfconservancy.org/news/
2015/mar/
05/vmware-lawsuit/
">lawsuit
1517 by Christoph Hellwig
</a
> against VMware for refusing to
1518 <a href=
"https://sfconservancy.org/linux-compliance/vmware-lawsuit-faq.html
">comply
1519 with the GPL
</a
> in relation to their use of parts of the Linux
1520 kernel. Since then two of their sponsors pulled corporate funding and
1522 <a href=
"https://sfconservancy.org/blog/
2015/nov/
24/faif-carols-fundraiser/
">blocked
1523 or cancelled their talks
</a
>. As a result they have decided to rely
1524 less on corporate funding and more on the broad community of
1525 individuals who support Free Software and copyleft. So the SFC has
1526 <a href=
"https://sfconservancy.org/news/
2015/nov/
23/
2015fundraiser/
">launched
</a
>
1527 a
<a href=
"https://sfconservancy.org/supporter/
">campaign
</a
> to create
1528 a community of folks who stand up for copyleft and the GPL by
1529 supporting their work on promoting and supporting copyleft and Free
1532 <p
>If you support Free Software,
1533 <a href=
"https://sfconservancy.org/blog/
2015/nov/
26/like-what-I-do/
">like
</a
>
1534 what the SFC do, agree with their
1535 <a href=
"https://sfconservancy.org/linux-compliance/principles.html
">compliance
1536 principles
</a
>, are happy about their
1537 <a href=
"https://sfconservancy.org/supporter/
">successes
</a
> in
2015,
1538 work on a project that is an SFC
1539 <a href=
"https://sfconservancy.org/members/current/
">member
</a
> and or
1540 just want to stand up for copyleft, please join
1541 <a href=
"https://identi.ca/cwebber/image/JQGPA4qbTyyp3-MY8QpvuA
">Christopher
1542 Allan Webber
</a
>,
1543 <a href=
"https://sfconservancy.org/blog/
2015/nov/
24/faif-carols-fundraiser/
">Carol
1545 <a href=
"http://www.jonobacon.org/
2015/
11/
25/supporting-software-freedom-conservancy/
">Jono
1546 Bacon
</a
>, myself and
1547 <a href=
"https://sfconservancy.org/sponsors/#supporters
">others
</a
> in
1549 <a href=
"https://sfconservancy.org/supporter/
">supporter
</a
>. For the
1550 next week your donation will be
1551 <a href=
"https://sfconservancy.org/news/
2015/nov/
27/black-friday/
">matched
</a
>
1552 by an anonymous donor. Please also consider asking your employer to
1553 match your donation or become a sponsor of SFC. Don
't forget to
1554 spread the word about your support for SFC via email, your blog and or
1555 social media accounts.
</p
>
1559 <p
>I agree with Paul on this topic and just signed up as a Supporter
1560 of Software Freedom Conservancy myself. Perhaps you should be a
1561 supporter too?
</p
>
1566 <title>PGP key transition statement for key EE4E02F9
</title>
1567 <link>http://people.skolelinux.org/pere/blog/PGP_key_transition_statement_for_key_EE4E02F9.html
</link>
1568 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/PGP_key_transition_statement_for_key_EE4E02F9.html
</guid>
1569 <pubDate>Tue,
17 Nov
2015 10:
50:
00 +
0100</pubDate>
1570 <description><p
>I
've needed a new OpenPGP key for a while, but have not had time to
1571 set it up properly. I wanted to generate it offline and have it
1572 available on
<a href=
"http://shop.kernelconcepts.de/#openpgp
">a OpenPGP
1573 smart card
</a
> for daily use, and learning how to do it and finding
1574 time to sit down with an offline machine almost took forever. But
1575 finally I
've been able to complete the process, and have now moved
1576 from my old GPG key to a new GPG key. See
1577 <a href=
"http://people.skolelinux.org/pere/blog/images/
2015-
11-
17-new-gpg-key-transition.txt
">the
1578 full transition statement, signed with both my old and new key
</a
> for
1579 the details. This is my new key:
</p
>
1582 pub
3936R/
<a href=
"http://pgp.cs.uu.nl/stats/
111D6B29EE4E02F9.html
">111D6B29EE4E02F9
</a
> 2015-
11-
03 [expires:
2019-
11-
14]
1583 Key fingerprint =
3AC7 B2E3 ACA5 DF87
78F1 D827
111D
6B29 EE4E
02F9
1584 uid Petter Reinholdtsen
&lt;pere@hungry.com
&gt;
1585 uid Petter Reinholdtsen
&lt;pere@debian.org
&gt;
1586 sub
4096R/
87BAFB0E
2015-
11-
03 [expires:
2019-
11-
02]
1587 sub
4096R/F91E6DE9
2015-
11-
03 [expires:
2019-
11-
02]
1588 sub
4096R/A0439BAB
2015-
11-
03 [expires:
2019-
11-
02]
1591 <p
>The key can be downloaded from the OpenPGP key servers, signed by
1592 my old key.
</p
>
1594 <p
>If you signed my old key
1595 (
<a href=
"http://pgp.cs.uu.nl/stats/DB4CCC4B2A30D729.html
">DB4CCC4B2A30D729
</a
>),
1596 I
'd very much appreciate a signature on my new key, details and
1597 instructions in the transition statement. I m happy to reciprocate if
1598 you have a similarly signed transition statement to present.
</p
>
1603 <title>The life and death of a laptop battery
</title>
1604 <link>http://people.skolelinux.org/pere/blog/The_life_and_death_of_a_laptop_battery.html
</link>
1605 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/The_life_and_death_of_a_laptop_battery.html
</guid>
1606 <pubDate>Thu,
24 Sep
2015 16:
00:
00 +
0200</pubDate>
1607 <description><p
>When I get a new laptop, the battery life time at the start is OK.
1608 But this do not last. The last few laptops gave me a feeling that
1609 within a year, the life time is just a fraction of what it used to be,
1610 and it slowly become painful to use the laptop without power connected
1611 all the time. Because of this, when I got a new Thinkpad X230 laptop
1612 about two years ago, I decided to monitor its battery state to have
1613 more hard facts when the battery started to fail.
</p
>
1615 <img src=
"http://people.skolelinux.org/pere/blog/images/
2015-
09-
24-laptop-battery-graph.png
"/
>
1617 <p
>First I tried to find a sensible Debian package to record the
1618 battery status, assuming that this must be a problem already handled
1619 by someone else. I found
1620 <a href=
"https://tracker.debian.org/pkg/battery-stats
">battery-stats
</a
>,
1621 which collects statistics from the battery, but it was completely
1622 broken. I sent a few suggestions to the maintainer, but decided to
1623 write my own collector as a shell script while I waited for feedback
1625 <a href=
"http://www.ifweassume.com/
2013/
08/the-de-evolution-of-my-laptop-battery.html
">a
1626 blog post about the battery development on a MacBook Air
</a
> I also
1628 <a href=
"https://github.com/jradavenport/batlog.git
">batlog
</a
>, not
1629 available in Debian.
</p
>
1631 <p
>I started my collector
2013-
07-
15, and it has been collecting
1632 battery stats ever since. Now my
1633 /var/log/hjemmenett-battery-status.log file contain around
115,
000
1634 measurements, from the time the battery was working great until now,
1635 when it is unable to charge above
7% of original capacity. My
1636 collector shell script is quite simple and look like this:
</p
>
1641 # http://www.ifweassume.com/
2013/
08/the-de-evolution-of-my-laptop-battery.html
1643 # http://blog.sleeplessbeastie.eu/
2013/
01/
02/debian-how-to-monitor-battery-capacity/
1644 logfile=/var/log/hjemmenett-battery-status.log
1646 files=
"manufacturer model_name technology serial_number \
1647 energy_full energy_full_design energy_now cycle_count status
"
1649 if [ ! -e
"$logfile
" ] ; then
1651 printf
"timestamp,
"
1653 printf
"%s,
" $f
1656 )
> "$logfile
"
1660 # Print complete message in one echo call, to avoid race condition
1661 # when several log processes run in parallel.
1662 msg=$(printf
"%s,
" $(date +%s); \
1663 for f in $files; do \
1664 printf
"%s,
" $(cat $f); \
1666 echo
"$msg
"
1669 cd /sys/class/power_supply
1672 (cd $bat
&& log_battery
>> "$logfile
")
1676 <p
>The script is called when the power management system detect a
1677 change in the power status (power plug in or out), and when going into
1678 and out of hibernation and suspend. In addition, it collect a value
1679 every
10 minutes. This make it possible for me know when the battery
1680 is discharging, charging and how the maximum charge change over time.
1681 The code for the Debian package
1682 <a href=
"https://github.com/petterreinholdtsen/battery-status
">is now
1683 available on github
</a
>.
</p
>
1685 <p
>The collected log file look like this:
</p
>
1688 timestamp,manufacturer,model_name,technology,serial_number,energy_full,energy_full_design,energy_now,cycle_count,status,
1689 1376591133,LGC,
45N1025,Li-ion,
974,
62800000,
62160000,
39050000,
0,Discharging,
1691 1443090528,LGC,
45N1025,Li-ion,
974,
4900000,
62160000,
4900000,
0,Full,
1692 1443090601,LGC,
45N1025,Li-ion,
974,
4900000,
62160000,
4900000,
0,Full,
1695 <p
>I wrote a small script to create a graph of the charge development
1696 over time. This graph depicted above show the slow death of my laptop
1699 <p
>But why is this happening? Why are my laptop batteries always
1700 dying in a year or two, while the batteries of space probes and
1701 satellites keep working year after year. If we are to believe
1702 <a href=
"http://batteryuniversity.com/learn/article/how_to_prolong_lithium_based_batteries
">Battery
1703 University
</a
>, the cause is me charging the battery whenever I have a
1704 chance, and the fix is to not charge the Lithium-ion batteries to
100%
1705 all the time, but to stay below
90% of full charge most of the time.
1706 I
've been told that the Tesla electric cars
1707 <a href=
"http://my.teslamotors.com/de_CH/forum/forums/battery-charge-limit
">limit
1708 the charge of their batteries to
80%
</a
>, with the option to charge to
1709 100% when preparing for a longer trip (not that I would want a car
1710 like Tesla where rights to privacy is abandoned, but that is another
1711 story), which I guess is the option we should have for laptops on
1712 Linux too.
</p
>
1714 <p
>Is there a good and generic way with Linux to tell the battery to
1715 stop charging at
80%, unless requested to charge to
100% once in
1716 preparation for a longer trip? I found
1717 <a href=
"http://askubuntu.com/questions/
34452/how-can-i-limit-battery-charging-to-
80-capacity
">one
1718 recipe on askubuntu for Ubuntu to limit charging on Thinkpad to
1719 80%
</a
>, but could not get it to work (kernel module refused to
1722 <p
>I wonder why the battery capacity was reported to be more than
100%
1723 at the start. I also wonder why the
"full capacity
" increases some
1724 times, and if it is possible to repeat the process to get the battery
1725 back to design capacity. And I wonder if the discharge and charge
1726 speed change over time, or if this stay the same. I did not yet try
1727 to write a tool to calculate the derivative values of the battery
1728 level, but suspect some interesting insights might be learned from
1731 <p
>Update
2015-
09-
24: I got a tip to install the packages
1732 acpi-call-dkms and tlp (unfortunately missing in Debian stable)
1733 packages instead of the tp-smapi-dkms package I had tried to use
1734 initially, and use
'tlp setcharge
40 80' to change when charging start
1735 and stop. I
've done so now, but expect my existing battery is toast
1736 and need to be replaced. The proposal is unfortunately Thinkpad
1742 <title>New laptop - some more clues and ideas based on feedback
</title>
1743 <link>http://people.skolelinux.org/pere/blog/New_laptop___some_more_clues_and_ideas_based_on_feedback.html
</link>
1744 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_laptop___some_more_clues_and_ideas_based_on_feedback.html
</guid>
1745 <pubDate>Sun,
5 Jul
2015 21:
40:
00 +
0200</pubDate>
1746 <description><p
>Several people contacted me after my previous blog post about my
1747 need for a new laptop, and provided very useful feedback. I wish to
1748 thank every one of these. Several pointed me to the possibility of
1749 fixing my X230, and I am already in the process of getting Lenovo to
1750 do so thanks to the on site, next day support contract covering the
1751 machine. But the battery is almost useless (I expect to replace it
1752 with a non-official battery) and I do not expect the machine to live
1753 for many more years, so it is time to plan its replacement. If I did
1754 not have a support contract, it was suggested to find replacement parts
1755 using
<a href=
"http://www.francecrans.com/
">FrancEcrans
</a
>, but it
1756 might present a language barrier as I do not understand French.
</p
>
1758 <p
>One tip I got was to use the
1759 <a href=
"https://skinflint.co.uk/?cat=nb
">Skinflint
</a
> web service to
1760 compare laptop models. It seem to have more models available than
1761 prisjakt.no. Another tip I got from someone I know have similar
1762 keyboard preferences was that the HP EliteBook
840 keyboard is not
1763 very good, and this matches my experience with earlier EliteBook
1764 keyboards I tested. Because of this, I will not consider it any further.
1766 <p
>When I wrote my blog post, I was not aware of Thinkpad X250, the
1767 newest Thinkpad X model. The keyboard reintroduces mouse buttons
1768 (which is missing from the X240), and is working fairly well with
1769 Debian Sid/Unstable according to
1770 <a href=
"http://www.corsac.net/X250/
">Corsac.net
</a
>. The reports I
1771 got on the keyboard quality are not consistent. Some say the keyboard
1772 is good, others say it is ok, while others say it is not very good.
1773 Those with experience from X41 and and X60 agree that the X250
1774 keyboard is not as good as those trusty old laptops, and suggest I
1775 keep and fix my X230 instead of upgrading, or get a used X230 to
1776 replace it. I
'm also told that the X250 lack leds for caps lock, disk
1777 activity and battery status, which is very convenient on my X230. I
'm
1778 also told that the CPU fan is running very often, making it a bit
1779 noisy. In any case, the X250 do not work out of the box with Debian
1780 Stable/Jessie, one of my requirements.
</p
>
1782 <p
>I have also gotten a few vendor proposals, one was
1783 <a href=
"http://pro-star.com
">Pro-Star
</a
>, another was
1784 <a href=
"http://shop.gluglug.org.uk/product/libreboot-x200/
">Libreboot
</a
>.
1785 The latter look very attractive to me.
</p
>
1787 <p
>Again, thank you all for the very useful feedback. It help a lot
1788 as I keep looking for a replacement.
</p
>
1790 <p
>Update
2015-
07-
06: I was recommended to check out the
1791 <a href=
"">lapstore.de
</a
> web shop for used laptops. They got several
1793 <a href=
"http://www.lapstore.de/f.php/shop/lapstore/f/
411/lang/x/kw/Lenovo_ThinkPad_X_Serie/
">old
1794 thinkpad X models
</a
>, and provide one year warranty.
</p
>
1799 <title>Time to find a new laptop, as the old one is broken after only two years
</title>
1800 <link>http://people.skolelinux.org/pere/blog/Time_to_find_a_new_laptop__as_the_old_one_is_broken_after_only_two_years.html
</link>
1801 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Time_to_find_a_new_laptop__as_the_old_one_is_broken_after_only_two_years.html
</guid>
1802 <pubDate>Fri,
3 Jul
2015 07:
10:
00 +
0200</pubDate>
1803 <description><p
>My primary work horse laptop is failing, and will need a
1804 replacement soon. The left
5 cm of the screen on my Thinkpad X230
1805 started flickering yesterday, and I suspect the cause is a broken
1806 cable, as changing the angle of the screen some times get rid of the
1807 flickering.
</p
>
1809 <p
>My requirements have not really changed since I bought it, and is
1811 <a href=
"http://people.skolelinux.org/pere/blog/Thank_you_Thinkpad_X41__for_your_long_and_trustworthy_service.html
">I
1812 described them in
2013</a
>. The last time I bought a laptop, I had
1814 <a href=
"http://www.prisjakt.no/category.php?k=
353">prisjakt.no
</a
>
1815 where I could select at least a few of the requirements (mouse pin,
1816 wifi, weight) and go through the rest manually. Three button mouse
1817 and a good keyboard is not available as an option, and all the three
1818 laptop models proposed today (Thinkpad X240, HP EliteBook
820 G1 and
1819 G2) lack three mouse buttons). It is also unclear to me how good the
1820 keyboard on the HP EliteBooks are. I hope Lenovo have not messed up
1821 the keyboard, even if the quality and robustness in the X series have
1822 deteriorated since X41.
</p
>
1824 <p
>I wonder how I can find a sensible laptop when none of the options
1825 seem sensible to me? Are there better services around to search the
1826 set of available laptops for features? Please send me an email if you
1827 have suggestions.
</p
>
1829 <p
>Update
2015-
07-
23: I got a suggestion to check out the FSF
1830 <a href=
"http://www.fsf.org/resources/hw/endorsement/respects-your-freedom
">list
1831 of endorsed hardware
</a
>, which is useful background information.
</p
>
1836 <title>How to stay with sysvinit in Debian Jessie
</title>
1837 <link>http://people.skolelinux.org/pere/blog/How_to_stay_with_sysvinit_in_Debian_Jessie.html
</link>
1838 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_stay_with_sysvinit_in_Debian_Jessie.html
</guid>
1839 <pubDate>Sat,
22 Nov
2014 01:
00:
00 +
0100</pubDate>
1840 <description><p
>By now, it is well known that Debian Jessie will not be using
1841 sysvinit as its boot system by default. But how can one keep using
1842 sysvinit in Jessie? It is fairly easy, and here are a few recipes,
1844 <a href=
"http://www.vitavonni.de/blog/
201410/
2014102101-avoiding-systemd.html
">Erich
1845 Schubert
</a
> and
1846 <a href=
"http://smcv.pseudorandom.co.uk/
2014/still_universal/
">Simon
1849 <p
>If you already are using Wheezy and want to upgrade to Jessie and
1850 keep sysvinit as your boot system, create a file
1851 <tt
>/etc/apt/preferences.d/use-sysvinit
</tt
> with this content before
1852 you upgrade:
</p
>
1854 <p
><blockquote
><pre
>
1855 Package: systemd-sysv
1856 Pin: release o=Debian
1858 </pre
></blockquote
><p
>
1860 <p
>This file content will tell apt and aptitude to not consider
1861 installing systemd-sysv as part of any installation and upgrade
1862 solution when resolving dependencies, and thus tell it to avoid
1863 systemd as a default boot system. The end result should be that the
1864 upgraded system keep using sysvinit.
</p
>
1866 <p
>If you are installing Jessie for the first time, there is no way to
1867 get sysvinit installed by default (debootstrap used by
1868 debian-installer have no option for this), but one can tell the
1869 installer to switch to sysvinit before the first boot. Either by
1870 using a kernel argument to the installer, or by adding a line to the
1871 preseed file used. First, the kernel command line argument:
1873 <p
><blockquote
><pre
>
1874 preseed/late_command=
"in-target apt-get install --purge -y sysvinit-core
"
1875 </pre
></blockquote
><p
>
1877 <p
>Next, the line to use in a preseed file:
</p
>
1879 <p
><blockquote
><pre
>
1880 d-i preseed/late_command string in-target apt-get install -y sysvinit-core
1881 </pre
></blockquote
><p
>
1883 <p
>One can of course also do this after the first boot by installing
1884 the sysvinit-core package.
</p
>
1886 <p
>I recommend only using sysvinit if you really need it, as the
1887 sysvinit boot sequence in Debian have several hardware specific bugs
1888 on Linux caused by the fact that it is unpredictable when hardware
1889 devices show up during boot. But on the other hand, the new default
1890 boot system still have a few rough edges I hope will be fixed before
1891 Jessie is released.
</p
>
1893 <p
>Update
2014-
11-
26: Inspired by
1894 <ahref=
"https://www.mirbsd.org/permalinks/wlog-
10-tg_e20141125-tg.htm#e20141125-tg_wlog-
10-tg
">a
1895 blog post by Torsten Glaser
</a
>, added --purge to the preseed
1901 <title>A Debian package for SMTP via Tor (aka SMTorP) using exim4
</title>
1902 <link>http://people.skolelinux.org/pere/blog/A_Debian_package_for_SMTP_via_Tor__aka_SMTorP__using_exim4.html
</link>
1903 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/A_Debian_package_for_SMTP_via_Tor__aka_SMTorP__using_exim4.html
</guid>
1904 <pubDate>Mon,
10 Nov
2014 13:
40:
00 +
0100</pubDate>
1905 <description><p
>The right to communicate with your friends and family in private,
1906 without anyone snooping, is a right every citicen have in a liberal
1907 democracy. But this right is under serious attack these days.
</p
>
1909 <p
>A while back it occurred to me that one way to make the dragnet
1910 surveillance conducted by NSA, GCHQ, FRA and others (and confirmed by
1911 the whisleblower Snowden) more expensive for Internet email,
1912 is to deliver all email using SMTP via Tor. Such SMTP option would be
1913 a nice addition to the FreedomBox project if we could send email
1914 between FreedomBox machines without leaking metadata about the emails
1915 to the people peeking on the wire. I
1916 <a href=
"http://lists.alioth.debian.org/pipermail/freedombox-discuss/
2014-October/
006493.html
">proposed
1917 this on the FreedomBox project mailing list in October
</a
> and got a
1918 lot of useful feedback and suggestions. It also became obvious to me
1919 that this was not a novel idea, as the same idea was tested and
1920 documented by Johannes Berg as early as
2006, and both
1921 <a href=
"https://github.com/pagekite/Mailpile/wiki/SMTorP
">the
1922 Mailpile
</a
> and
<a href=
"http://dee.su/cables
">the Cables
</a
> systems
1923 propose a similar method / protocol to pass emails between users.
</p
>
1925 <p
>To implement such system one need to set up a Tor hidden service
1926 providing the SMTP protocol on port
25, and use email addresses
1927 looking like username@hidden-service-name.onion. With such addresses
1928 the connections to port
25 on hidden-service-name.onion using Tor will
1929 go to the correct SMTP server. To do this, one need to configure the
1930 Tor daemon to provide the hidden service and the mail server to accept
1931 emails for this .onion domain. To learn more about Exim configuration
1932 in Debian and test the design provided by Johannes Berg in his FAQ, I
1933 set out yesterday to create a Debian package for making it trivial to
1934 set up such SMTP over Tor service based on Debian. Getting it to work
1935 were fairly easy, and
1936 <a href=
"https://github.com/petterreinholdtsen/exim4-smtorp
">the
1937 source code for the Debian package
</a
> is available from github. I
1938 plan to move it into Debian if further testing prove this to be a
1939 useful approach.
</p
>
1941 <p
>If you want to test this, set up a blank Debian machine without any
1942 mail system installed (or run
<tt
>apt-get purge exim4-config
</tt
> to
1943 get rid of exim4). Install tor, clone the git repository mentioned
1944 above, build the deb and install it on the machine. Next, run
1945 <tt
>/usr/lib/exim4-smtorp/setup-exim-hidden-service
</tt
> and follow
1946 the instructions to get the service up and running. Restart tor and
1947 exim when it is done, and test mail delivery using swaks like
1950 <p
><blockquote
><pre
>
1951 torsocks swaks --server dutlqrrmjhtfa3vp.onion \
1952 --to fbx@dutlqrrmjhtfa3vp.onion
1953 </pre
></blockquote
></p
>
1955 <p
>This will test the SMTP delivery using tor. Replace the email
1956 address with your own address to test your server. :)
</p
>
1958 <p
>The setup procedure is still to complex, and I hope it can be made
1959 easier and more automatic. Especially the tor setup need more work.
1960 Also, the package include a tor-smtp tool written in C, but its task
1961 should probably be rewritten in some script language to make the deb
1962 architecture independent. It would probably also make the code easier
1963 to review. The tor-smtp tool currently need to listen on a socket for
1964 exim to talk to it and is started using xinetd. It would be better if
1965 no daemon and no socket is needed. I suspect it is possible to get
1966 exim to run a command line tool for delivery instead of talking to a
1967 socket, and hope to figure out how in a future version of this
1970 <p
>Until I wipe my test machine, I can be reached using the
1971 <tt
>fbx@dutlqrrmjhtfa3vp.onion
</tt
> mail address, deliverable over
1972 SMTorP. :)
</p
>
1977 <title>listadmin, the quick way to moderate mailman lists - nice free software
</title>
1978 <link>http://people.skolelinux.org/pere/blog/listadmin__the_quick_way_to_moderate_mailman_lists___nice_free_software.html
</link>
1979 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/listadmin__the_quick_way_to_moderate_mailman_lists___nice_free_software.html
</guid>
1980 <pubDate>Wed,
22 Oct
2014 20:
00:
00 +
0200</pubDate>
1981 <description><p
>If you ever had to moderate a mailman list, like the ones on
1982 alioth.debian.org, you know the web interface is fairly slow to
1983 operate. First you visit one web page, enter the moderation password
1984 and get a new page shown with a list of all the messages to moderate
1985 and various options for each email address. This take a while for
1986 every list you moderate, and you need to do it regularly to do a good
1987 job as a list moderator. But there is a quick alternative,
1988 <a href=
"http://heim.ifi.uio.no/kjetilho/hacks/#listadmin
">the
1989 listadmin program
</a
>. It allow you to check lists for new messages
1990 to moderate in a fraction of a second. Here is a test run on two
1991 lists I recently took over:
</p
>
1993 <p
><blockquote
><pre
>
1994 % time listadmin xiph
1995 fetching data for pkg-xiph-commits@lists.alioth.debian.org ... nothing in queue
1996 fetching data for pkg-xiph-maint@lists.alioth.debian.org ... nothing in queue
2002 </pre
></blockquote
></p
>
2004 <p
>In
1.7 seconds I had checked two mailing lists and confirmed that
2005 there are no message in the moderation queue. Every morning I
2006 currently moderate
68 mailman lists, and it normally take around two
2007 minutes. When I took over the two pkg-xiph lists above a few days
2008 ago, there were
400 emails waiting in the moderator queue. It took me
2009 less than
15 minutes to process them all using the listadmin
2012 <p
>If you install
2013 <a href=
"https://tracker.debian.org/pkg/listadmin
">the listadmin
2014 package
</a
> from Debian and create a file
<tt
>~/.listadmin.ini
</tt
>
2015 with content like this, the moderation task is a breeze:
</p
>
2017 <p
><blockquote
><pre
>
2018 username username@example.org
2021 discard_if_reason
"Posting restricted to members only. Remove us from your mail list.
"
2024 adminurl https://{domain}/mailman/admindb/{list}
2025 mailman-list@lists.example.com
2028 other-list@otherserver.example.org
2029 </pre
></blockquote
></p
>
2031 <p
>There are other options to set as well. Check the manual page to
2032 learn the details.
</p
>
2034 <p
>If you are forced to moderate lists on a mailman installation where
2035 the SSL certificate is self signed or not properly signed by a
2036 generally accepted signing authority, you can set a environment
2037 variable when calling listadmin to disable SSL verification:
</p
>
2039 <p
><blockquote
><pre
>
2040 PERL_LWP_SSL_VERIFY_HOSTNAME=
0 listadmin
2041 </pre
></blockquote
></p
>
2043 <p
>If you want to moderate a subset of the lists you take care of, you
2044 can provide an argument to the listadmin script like I do in the
2045 initial screen dump (the xiph argument). Using an argument, only
2046 lists matching the argument string will be processed. This make it
2047 quick to accept messages if you notice the moderation request in your
2050 <p
>Without the listadmin program, I would never be the moderator of
68
2051 mailing lists, as I simply do not have time to spend on that if the
2052 process was any slower. The listadmin program have saved me hours of
2053 time I could spend elsewhere over the years. It truly is nice free
2056 <p
>As usual, if you use Bitcoin and want to show your support of my
2057 activities, please send Bitcoin donations to my address
2058 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
&label=PetterReinholdtsenBlog
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
2060 <p
>Update
2014-
10-
27: Added missing
'username
' statement in
2061 configuration example. Also, I
've been told that the
2062 PERL_LWP_SSL_VERIFY_HOSTNAME=
0 setting do not work for everyone. Not
2068 <title>Debian Jessie, PXE and automatic firmware installation
</title>
2069 <link>http://people.skolelinux.org/pere/blog/Debian_Jessie__PXE_and_automatic_firmware_installation.html
</link>
2070 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_Jessie__PXE_and_automatic_firmware_installation.html
</guid>
2071 <pubDate>Fri,
17 Oct
2014 14:
10:
00 +
0200</pubDate>
2072 <description><p
>When PXE installing laptops with Debian, I often run into the
2073 problem that the WiFi card require some firmware to work properly.
2074 And it has been a pain to fix this using preseeding in Debian.
2075 Normally something more is needed. But thanks to
2076 <a href=
"https://packages.qa.debian.org/i/isenkram.html
">my isenkram
2077 package
</a
> and its recent tasksel extension, it has now become easy
2078 to do this using simple preseeding.
</p
>
2080 <p
>The isenkram-cli package provide tasksel tasks which will install
2081 firmware for the hardware found in the machine (actually, requested by
2082 the kernel modules for the hardware). (It can also install user space
2083 programs supporting the hardware detected, but that is not the focus
2084 of this story.)
</p
>
2086 <p
>To get this working in the default installation, two preeseding
2087 values are needed. First, the isenkram-cli package must be installed
2088 into the target chroot (aka the hard drive) before tasksel is executed
2089 in the pkgsel step of the debian-installer system. This is done by
2090 preseeding the base-installer/includes debconf value to include the
2091 isenkram-cli package. The package name is next passed to debootstrap
2092 for installation. With the isenkram-cli package in place, tasksel
2093 will automatically use the isenkram tasks to detect hardware specific
2094 packages for the machine being installed and install them, because
2095 isenkram-cli contain tasksel tasks.
</p
>
2097 <p
>Second, one need to enable the non-free APT repository, because
2098 most firmware unfortunately is non-free. This is done by preseeding
2099 the apt-mirror-setup step. This is unfortunate, but for a lot of
2100 hardware it is the only option in Debian.
</p
>
2102 <p
>The end result is two lines needed in your preseeding file to get
2103 firmware installed automatically by the installer:
</p
>
2105 <p
><blockquote
><pre
>
2106 base-installer base-installer/includes string isenkram-cli
2107 apt-mirror-setup apt-setup/non-free boolean true
2108 </pre
></blockquote
></p
>
2110 <p
>The current version of isenkram-cli in testing/jessie will install
2111 both firmware and user space packages when using this method. It also
2112 do not work well, so use version
0.15 or later. Installing both
2113 firmware and user space packages might give you a bit more than you
2114 want, so I decided to split the tasksel task in two, one for firmware
2115 and one for user space programs. The firmware task is enabled by
2116 default, while the one for user space programs is not. This split is
2117 implemented in the package currently in unstable.
</p
>
2119 <p
>If you decide to give this a go, please let me know (via email) how
2120 this recipe work for you. :)
</p
>
2122 <p
>So, I bet you are wondering, how can this work. First and
2123 foremost, it work because tasksel is modular, and driven by whatever
2124 files it find in /usr/lib/tasksel/ and /usr/share/tasksel/. So the
2125 isenkram-cli package place two files for tasksel to find. First there
2126 is the task description file (/usr/share/tasksel/descs/isenkram.desc):
</p
>
2128 <p
><blockquote
><pre
>
2129 Task: isenkram-packages
2131 Description: Hardware specific packages (autodetected by isenkram)
2132 Based on the detected hardware various hardware specific packages are
2134 Test-new-install: show show
2136 Packages: for-current-hardware
2138 Task: isenkram-firmware
2140 Description: Hardware specific firmware packages (autodetected by isenkram)
2141 Based on the detected hardware various hardware specific firmware
2142 packages are proposed.
2143 Test-new-install: mark show
2145 Packages: for-current-hardware-firmware
2146 </pre
></blockquote
></p
>
2148 <p
>The key parts are Test-new-install which indicate how the task
2149 should be handled and the Packages line referencing to a script in
2150 /usr/lib/tasksel/packages/. The scripts use other scripts to get a
2151 list of packages to install. The for-current-hardware-firmware script
2152 look like this to list relevant firmware for the machine:
2154 <p
><blockquote
><pre
>
2157 PATH=/usr/sbin:$PATH
2159 isenkram-autoinstall-firmware -l
2160 </pre
></blockquote
></p
>
2162 <p
>With those two pieces in place, the firmware is installed by
2163 tasksel during the normal d-i run. :)
</p
>
2165 <p
>If you want to test what tasksel will install when isenkram-cli is
2166 installed, run
<tt
>DEBIAN_PRIORITY=critical tasksel --test
2167 --new-install
</tt
> to get the list of packages that tasksel would
2170 <p
><a href=
"https://wiki.debian.org/DebianEdu/
">Debian Edu
</a
> will be
2171 pilots in testing this feature, as isenkram is used there now to
2172 install firmware, replacing the earlier scripts.
</p
>
2177 <title>Ubuntu used to show the bread prizes at ICA Storo
</title>
2178 <link>http://people.skolelinux.org/pere/blog/Ubuntu_used_to_show_the_bread_prizes_at_ICA_Storo.html
</link>
2179 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Ubuntu_used_to_show_the_bread_prizes_at_ICA_Storo.html
</guid>
2180 <pubDate>Sat,
4 Oct
2014 15:
20:
00 +
0200</pubDate>
2181 <description><p
>Today I came across an unexpected Ubuntu boot screen. Above the
2182 bread shelf on the ICA shop at Storo in Oslo, the grub menu of Ubuntu
2183 with Linux kernel
3.2.0-
23 (ie probably version
12.04 LTS) was stuck
2184 on a screen normally showing the bread types and prizes:
</p
>
2186 <p align=
"center
"><img width=
"70%
" src=
"http://people.skolelinux.org/pere/blog/images/
2014-
10-
04-ubuntu-ica-storo-crop.jpeg
"></p
>
2188 <p
>If it had booted as it was supposed to, I would never had known
2189 about this hidden Linux installation. It is interesting what
2190 <a href=
"http://revealingerrors.com/
">errors can reveal
</a
>.
</p
>
2195 <title>New lsdvd release version
0.17 is ready
</title>
2196 <link>http://people.skolelinux.org/pere/blog/New_lsdvd_release_version_0_17_is_ready.html
</link>
2197 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_lsdvd_release_version_0_17_is_ready.html
</guid>
2198 <pubDate>Sat,
4 Oct
2014 08:
40:
00 +
0200</pubDate>
2199 <description><p
>The
<a href=
"https://sourceforge.net/p/lsdvd/
">lsdvd project
</a
>
2200 got a new set of developers a few weeks ago, after the original
2201 developer decided to step down and pass the project to fresh blood.
2202 This project is now maintained by Petter Reinholdtsen and Steve
2205 <p
>I just wrapped up
2206 <a href=
"https://sourceforge.net/p/lsdvd/mailman/message/
32896061/
">a
2207 new lsdvd release
</a
>, available in git or from
2208 <a href=
"https://sourceforge.net/projects/lsdvd/files/lsdvd/
">the
2209 download page
</a
>. This is the changelog dated
2014-
10-
03 for version
2214 <li
>Ignore
'phantom
' audio, subtitle tracks
</li
>
2215 <li
>Check for garbage in the program chains, which indicate that a track is
2216 non-existant, to work around additional copy protection
</li
>
2217 <li
>Fix displaying content type for audio tracks, subtitles
</li
>
2218 <li
>Fix pallete display of first entry
</li
>
2219 <li
>Fix include orders
</li
>
2220 <li
>Ignore read errors in titles that would not be displayed anyway
</li
>
2221 <li
>Fix the chapter count
</li
>
2222 <li
>Make sure the array size and the array limit used when initialising
2223 the palette size is the same.
</li
>
2224 <li
>Fix array printing.
</li
>
2225 <li
>Correct subsecond calculations.
</li
>
2226 <li
>Add sector information to the output format.
</li
>
2227 <li
>Clean up code to be closer to ANSI C and compile without warnings
2228 with more GCC compiler warnings.
</li
>
2232 <p
>This change bring together patches for lsdvd in use in various
2233 Linux and Unix distributions, as well as patches submitted to the
2234 project the last nine years. Please check it out. :)
</p
>
2239 <title>How to test Debian Edu Jessie despite some fatal problems with the installer
</title>
2240 <link>http://people.skolelinux.org/pere/blog/How_to_test_Debian_Edu_Jessie_despite_some_fatal_problems_with_the_installer.html
</link>
2241 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_test_Debian_Edu_Jessie_despite_some_fatal_problems_with_the_installer.html
</guid>
2242 <pubDate>Fri,
26 Sep
2014 12:
20:
00 +
0200</pubDate>
2243 <description><p
>The
<a href=
"http://www.skolelinux.org/
">Debian Edu / Skolelinux
2244 project
</a
> provide a Linux solution for schools, including a
2245 powerful desktop with education software, a central server providing
2246 web pages, user database, user home directories, central login and PXE
2247 boot of both clients without disk and the installation to install Debian
2248 Edu on machines with disk (and a few other services perhaps to small
2249 to mention here). We in the Debian Edu team are currently working on
2250 the Jessie based version, trying to get everything in shape before the
2251 freeze, to avoid having to maintain our own package repository in the
2253 <a href=
"https://wiki.debian.org/DebianEdu/Status/Jessie
">current
2254 status
</a
> can be seen on the Debian wiki, and there is still heaps of
2255 work left. Some fatal problems block testing, breaking the installer,
2256 but it is possible to work around these to get anyway. Here is a
2257 recipe on how to get the installation limping along.
</p
>
2259 <p
>First, download the test ISO via
2260 <a href=
"ftp://ftp.skolelinux.no/cd-edu-testing-nolocal-netinst/debian-edu-amd64-i386-NETINST-
1.iso
">ftp
</a
>,
2261 <a href=
"http://ftp.skolelinux.no/cd-edu-testing-nolocal-netinst/debian-edu-amd64-i386-NETINST-
1.iso
">http
</a
>
2263 ftp.skolelinux.org::cd-edu-testing-nolocal-netinst/debian-edu-amd64-i386-NETINST-
1.iso).
2264 The ISO build was broken on Tuesday, so we do not get a new ISO every
2265 12 hours or so, but thankfully the ISO we already got we are able to
2266 install with some tweaking.
</p
>
2268 <p
>When you get to the Debian Edu profile question, go to tty2
2269 (use Alt-Ctrl-F2), run
</p
>
2271 <p
><blockquote
><pre
>
2272 nano /usr/bin/edu-eatmydata-install
2273 </pre
></blockquote
></p
>
2275 <p
>and add
'exit
0' as the second line, disabling the eatmydata
2276 optimization. Return to the installation, select the profile you want
2277 and continue. Without this change, exim4-config will fail to install
2278 due to a known bug in eatmydata.
</p
>
2280 <p
>When you get the grub question at the end, answer /dev/sda (or if
2281 this do not work, figure out what your correct value would be. All my
2282 test machines need /dev/sda, so I have no advice if it do not fit
2283 your need.
</p
>
2285 <p
>If you installed a profile including a graphical desktop, log in as
2286 root after the initial boot from hard drive, and install the
2287 education-desktop-XXX metapackage. XXX can be kde, gnome, lxde, xfce
2288 or mate. If you want several desktop options, install more than one
2289 metapackage. Once this is done, reboot and you should have a working
2290 graphical login screen. This workaround should no longer be needed
2291 once the education-tasks package version
1.801 enter testing in two
2294 <p
>I believe the ISO build will start working on two days when the new
2295 tasksel package enter testing and Steve McIntyre get a chance to
2296 update the debian-cd git repository. The eatmydata, grub and desktop
2297 issues are already fixed in unstable and testing, and should show up
2298 on the ISO as soon as the ISO build start working again. Well the
2299 eatmydata optimization is really just disabled. The proper fix
2300 require an upload by the eatmydata maintainer applying the patch
2301 provided in bug
<a href=
"https://bugs.debian.org/
702711">#
702711</a
>.
2302 The rest have proper fixes in unstable.
</p
>
2304 <p
>I hope this get you going with the installation testing, as we are
2305 quickly running out of time trying to get our Jessie based
2306 installation ready before the distribution freeze in a month.
</p
>
2311 <title>Suddenly I am the new upstream of the lsdvd command line tool
</title>
2312 <link>http://people.skolelinux.org/pere/blog/Suddenly_I_am_the_new_upstream_of_the_lsdvd_command_line_tool.html
</link>
2313 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Suddenly_I_am_the_new_upstream_of_the_lsdvd_command_line_tool.html
</guid>
2314 <pubDate>Thu,
25 Sep
2014 11:
20:
00 +
0200</pubDate>
2315 <description><p
>I use the
<a href=
"https://sourceforge.net/p/lsdvd/
">lsdvd tool
</a
>
2316 to handle my fairly large DVD collection. It is a nice command line
2317 tool to get details about a DVD, like title, tracks, track length,
2318 etc, in XML, Perl or human readable format. But lsdvd have not seen
2319 any new development since
2006 and had a few irritating bugs affecting
2320 its use with some DVDs. Upstream seemed to be dead, and in January I
2321 sent a small probe asking for a version control repository for the
2322 project, without any reply. But I use it regularly and would like to
2323 get
<a href=
"https://packages.qa.debian.org/lsdvd
">an updated version
2324 into Debian
</a
>. So two weeks ago I tried harder to get in touch with
2325 the project admin, and after getting a reply from him explaining that
2326 he was no longer interested in the project, I asked if I could take
2327 over. And yesterday, I became project admin.
</p
>
2329 <p
>I
've been in touch with a Gentoo developer and the Debian
2330 maintainer interested in joining forces to maintain the upstream
2331 project, and I hope we can get a new release out fairly quickly,
2332 collecting the patches spread around on the internet into on place.
2333 I
've added the relevant Debian patches to the freshly created git
2334 repository, and expect the Gentoo patches to make it too. If you got
2335 a DVD collection and care about command line tools, check out
2336 <a href=
"https://sourceforge.net/p/lsdvd/git/ci/master/tree/
">the git source
</a
> and join
2337 <a href=
"https://sourceforge.net/p/lsdvd/mailman/
">the project mailing
2338 list
</a
>. :)
</p
>
2343 <title>Speeding up the Debian installer using eatmydata and dpkg-divert
</title>
2344 <link>http://people.skolelinux.org/pere/blog/Speeding_up_the_Debian_installer_using_eatmydata_and_dpkg_divert.html
</link>
2345 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Speeding_up_the_Debian_installer_using_eatmydata_and_dpkg_divert.html
</guid>
2346 <pubDate>Tue,
16 Sep
2014 14:
00:
00 +
0200</pubDate>
2347 <description><p
>The
<a href=
"https://www.debian.org/
">Debian
</a
> installer could be
2348 a lot quicker. When we install more than
2000 packages in
2349 <a href=
"http://www.skolelinux.org/
">Skolelinux / Debian Edu
</a
> using
2350 tasksel in the installer, unpacking the binary packages take forever.
2351 A part of the slow I/O issue was discussed in
2352 <a href=
"https://bugs.debian.org/
613428">bug #
613428</a
> about too
2353 much file system sync-ing done by dpkg, which is the package
2354 responsible for unpacking the binary packages. Other parts (like code
2355 executed by postinst scripts) might also sync to disk during
2356 installation. All this sync-ing to disk do not really make sense to
2357 me. If the machine crash half-way through, I start over, I do not try
2358 to salvage the half installed system. So the failure sync-ing is
2359 supposed to protect against, hardware or system crash, is not really
2360 relevant while the installer is running.
</p
>
2362 <p
>A few days ago, I thought of a way to get rid of all the file
2363 system sync()-ing in a fairly non-intrusive way, without the need to
2364 change the code in several packages. The idea is not new, but I have
2365 not heard anyone propose the approach using dpkg-divert before. It
2366 depend on the small and clever package
2367 <a href=
"https://packages.qa.debian.org/eatmydata
">eatmydata
</a
>, which
2368 uses LD_PRELOAD to replace the system functions for syncing data to
2369 disk with functions doing nothing, thus allowing programs to live
2370 dangerous while speeding up disk I/O significantly. Instead of
2371 modifying the implementation of dpkg, apt and tasksel (which are the
2372 packages responsible for selecting, fetching and installing packages),
2373 it occurred to me that we could just divert the programs away, replace
2374 them with a simple shell wrapper calling
2375 "eatmydata
&nbsp;$program
&nbsp;$@
", to get the same effect.
2376 Two days ago I decided to test the idea, and wrapped up a simple
2377 implementation for the Debian Edu udeb.
</p
>
2379 <p
>The effect was stunning. In my first test it reduced the running
2380 time of the pkgsel step (installing tasks) from
64 to less than
44
2381 minutes (
20 minutes shaved off the installation) on an old Dell
2382 Latitude D505 machine. I am not quite sure what the optimised time
2383 would have been, as I messed up the testing a bit, causing the debconf
2384 priority to get low enough for two questions to pop up during
2385 installation. As soon as I saw the questions I moved the installation
2386 along, but do not know how long the question were holding up the
2387 installation. I did some more measurements using Debian Edu Jessie,
2388 and got these results. The time measured is the time stamp in
2389 /var/log/syslog between the
"pkgsel: starting tasksel
" and the
2390 "pkgsel: finishing up
" lines, if you want to do the same measurement
2391 yourself. In Debian Edu, the tasksel dialog do not show up, and the
2392 timing thus do not depend on how quickly the user handle the tasksel
2395 <p
><table
>
2398 <th
>Machine/setup
</th
>
2399 <th
>Original tasksel
</th
>
2400 <th
>Optimised tasksel
</th
>
2401 <th
>Reduction
</th
>
2405 <td
>Latitude D505 Main+LTSP LXDE
</td
>
2406 <td
>64 min (
07:
46-
08:
50)
</td
>
2407 <td
><44 min (
11:
27-
12:
11)
</td
>
2408 <td
>>20 min
18%
</td
>
2412 <td
>Latitude D505 Roaming LXDE
</td
>
2413 <td
>57 min (
08:
48-
09:
45)
</td
>
2414 <td
>34 min (
07:
43-
08:
17)
</td
>
2415 <td
>23 min
40%
</td
>
2419 <td
>Latitude D505 Minimal
</td
>
2420 <td
>22 min (
10:
37-
10:
59)
</td
>
2421 <td
>11 min (
11:
16-
11:
27)
</td
>
2422 <td
>11 min
50%
</td
>
2426 <td
>Thinkpad X200 Minimal
</td
>
2427 <td
>6 min (
08:
19-
08:
25)
</td
>
2428 <td
>4 min (
08:
04-
08:
08)
</td
>
2429 <td
>2 min
33%
</td
>
2433 <td
>Thinkpad X200 Roaming KDE
</td
>
2434 <td
>19 min (
09:
21-
09:
40)
</td
>
2435 <td
>15 min (
10:
25-
10:
40)
</td
>
2436 <td
>4 min
21%
</td
>
2439 </table
></p
>
2441 <p
>The test is done using a netinst ISO on a USB stick, so some of the
2442 time is spent downloading packages. The connection to the Internet
2443 was
100Mbit/s during testing, so downloading should not be a
2444 significant factor in the measurement. Download typically took a few
2445 seconds to a few minutes, depending on the amount of packages being
2446 installed.
</p
>
2448 <p
>The speedup is implemented by using two hooks in
2449 <a href=
"https://www.debian.org/devel/debian-installer/
">Debian
2450 Installer
</a
>, the pre-pkgsel.d hook to set up the diverts, and the
2451 finish-install.d hook to remove the divert at the end of the
2452 installation. I picked the pre-pkgsel.d hook instead of the
2453 post-base-installer.d hook because I test using an ISO without the
2454 eatmydata package included, and the post-base-installer.d hook in
2455 Debian Edu can only operate on packages included in the ISO. The
2456 negative effect of this is that I am unable to activate this
2457 optimization for the kernel installation step in d-i. If the code is
2458 moved to the post-base-installer.d hook, the speedup would be larger
2459 for the entire installation.
</p
>
2461 <p
>I
've implemented this in the
2462 <a href=
"https://packages.qa.debian.org/debian-edu-install
">debian-edu-install
</a
>
2463 git repository, and plan to provide the optimization as part of the
2464 Debian Edu installation. If you want to test this yourself, you can
2465 create two files in the installer (or in an udeb). One shell script
2466 need do go into /usr/lib/pre-pkgsel.d/, with content like this:
</p
>
2468 <p
><blockquote
><pre
>
2471 . /usr/share/debconf/confmodule
2473 logger -t my-pkgsel
"info: $*
"
2476 logger -t my-pkgsel
"error: $*
"
2478 override_install() {
2479 apt-install eatmydata || true
2480 if [ -x /target/usr/bin/eatmydata ] ; then
2481 for bin in dpkg apt-get aptitude tasksel ; do
2483 # Test that the file exist and have not been diverted already.
2484 if [ -f /target$file ] ; then
2485 info
"diverting $file using eatmydata
"
2486 printf
"#!/bin/sh\neatmydata $bin.distrib \
"\$@\
"\n
" \
2487 > /target$file.edu
2488 chmod
755 /target$file.edu
2489 in-target dpkg-divert --package debian-edu-config \
2490 --rename --quiet --add $file
2491 ln -sf ./$bin.edu /target$file
2493 error
"unable to divert $file, as it is missing.
"
2497 error
"unable to find /usr/bin/eatmydata after installing the eatmydata pacage
"
2502 </pre
></blockquote
></p
>
2504 <p
>To clean up, another shell script should go into
2505 /usr/lib/finish-install.d/ with code like this:
2507 <p
><blockquote
><pre
>
2509 . /usr/share/debconf/confmodule
2511 logger -t my-finish-install
"error: $@
"
2513 remove_install_override() {
2514 for bin in dpkg apt-get aptitude tasksel ; do
2516 if [ -x /target$file.edu ] ; then
2518 in-target dpkg-divert --package debian-edu-config \
2519 --rename --quiet --remove $file
2522 error
"Missing divert for $file.
"
2525 sync # Flush file buffers before continuing
2528 remove_install_override
2529 </pre
></blockquote
></p
>
2531 <p
>In Debian Edu, I placed both code fragments in a separate script
2532 edu-eatmydata-install and call it from the pre-pkgsel.d and
2533 finish-install.d scripts.
</p
>
2535 <p
>By now you might ask if this change should get into the normal
2536 Debian installer too? I suspect it should, but am not sure the
2537 current debian-installer coordinators find it useful enough. It also
2538 depend on the side effects of the change. I
'm not aware of any, but I
2539 guess we will see if the change is safe after some more testing.
2540 Perhaps there is some package in Debian depending on sync() and
2541 fsync() having effect? Perhaps it should go into its own udeb, to
2542 allow those of us wanting to enable it to do so without affecting
2545 <p
>Update
2014-
09-
24: Since a few days ago, enabling this optimization
2546 will break installation of all programs using gnutls because of
2547 <a href=
"https://bugs.debian.org/
702711">bug #
702711</a
>. An updated
2548 eatmydata package in Debian will solve it.
</p
>
2550 <p
>Update
2014-
10-
17: The bug mentioned above is fixed in testing and
2551 the optimization work again. And I have discovered that the
2552 dpkg-divert trick is not really needed and implemented a slightly
2553 simpler approach as part of the debian-edu-install package. See
2554 tools/edu-eatmydata-install in the source package.
</p
>
2556 <p
>Update
2014-
11-
11: Unfortunately, a new
2557 <a href=
"http://bugs.debian.org/
765738">bug #
765738</a
> in eatmydata only
2558 triggering on i386 made it into testing, and broke this installation
2559 optimization again. If
<a href=
"http://bugs.debian.org/
768893">unblock
2560 request
768893</a
> is accepted, it should be working again.
</p
>
2565 <title>Good bye subkeys.pgp.net, welcome pool.sks-keyservers.net
</title>
2566 <link>http://people.skolelinux.org/pere/blog/Good_bye_subkeys_pgp_net__welcome_pool_sks_keyservers_net.html
</link>
2567 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Good_bye_subkeys_pgp_net__welcome_pool_sks_keyservers_net.html
</guid>
2568 <pubDate>Wed,
10 Sep
2014 13:
10:
00 +
0200</pubDate>
2569 <description><p
>Yesterday, I had the pleasure of attending a talk with the
2570 <a href=
"http://www.nuug.no/
">Norwegian Unix User Group
</a
> about
2571 <a href=
"http://www.nuug.no/aktiviteter/
20140909-sks-keyservers/
">the
2572 OpenPGP keyserver pool sks-keyservers.net
</a
>, and was very happy to
2573 learn that there is a large set of publicly available key servers to
2574 use when looking for peoples public key. So far I have used
2575 subkeys.pgp.net, and some times wwwkeys.nl.pgp.net when the former
2576 were misbehaving, but those days are ended. The servers I have used
2577 up until yesterday have been slow and some times unavailable. I hope
2578 those problems are gone now.
</p
>
2580 <p
>Behind the round robin DNS entry of the
2581 <a href=
"https://sks-keyservers.net/
">sks-keyservers.net
</a
> service
2582 there is a pool of more than
100 keyservers which are checked every
2583 day to ensure they are well connected and up to date. It must be
2584 better than what I have used so far. :)
</p
>
2586 <p
>Yesterdays speaker told me that the service is the default
2587 keyserver provided by the default configuration in GnuPG, but this do
2588 not seem to be used in Debian. Perhaps it should?
</p
>
2590 <p
>Anyway, I
've updated my ~/.gnupg/options file to now include this
2593 <p
><blockquote
><pre
>
2594 keyserver pool.sks-keyservers.net
2595 </pre
></blockquote
></p
>
2597 <p
>With GnuPG version
2 one can also locate the keyserver using SRV
2598 entries in DNS. Just for fun, I did just that at work, so now every
2599 user of GnuPG at the University of Oslo should find a OpenGPG
2600 keyserver automatically should their need it:
</p
>
2602 <p
><blockquote
><pre
>
2603 % host -t srv _pgpkey-http._tcp.uio.no
2604 _pgpkey-http._tcp.uio.no has SRV record
0 100 11371 pool.sks-keyservers.net.
2606 </pre
></blockquote
></p
>
2608 <p
>Now if only
2609 <a href=
"http://ietfreport.isoc.org/idref/draft-shaw-openpgp-hkp/
">the
2610 HKP lookup protocol
</a
> supported finding signature paths, I would be
2611 very happy. It can look up a given key or search for a user ID, but I
2612 normally do not want that, but to find a trust path from my key to
2613 another key. Given a user ID or key ID, I would like to find (and
2614 download) the keys representing a signature path from my key to the
2615 key in question, to be able to get a trust path between the two keys.
2616 This is as far as I can tell not possible today. Perhaps something
2617 for a future version of the protocol?
</p
>
2622 <title>From English wiki to translated PDF and epub via Docbook
</title>
2623 <link>http://people.skolelinux.org/pere/blog/From_English_wiki_to_translated_PDF_and_epub_via_Docbook.html
</link>
2624 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/From_English_wiki_to_translated_PDF_and_epub_via_Docbook.html
</guid>
2625 <pubDate>Tue,
17 Jun
2014 11:
30:
00 +
0200</pubDate>
2626 <description><p
>The
<a href=
"http://www.skolelinux.org/
">Debian Edu / Skolelinux
2627 project
</a
> provide an instruction manual for teachers, system
2628 administrators and other users that contain useful tips for setting up
2629 and maintaining a Debian Edu installation. This text is about how the
2630 text processing of this manual is handled in the project.
</p
>
2632 <p
>One goal of the project is to provide information in the native
2633 language of its users, and for this we need to handle translations.
2634 But we also want to make sure each language contain the same
2635 information, so for this we need a good way to keep the translations
2636 in sync. And we want it to be easy for our users to improve the
2637 documentation, avoiding the need to learn special formats or tools to
2638 contribute, and the obvious way to do this is to make it possible to
2639 edit the documentation using a web browser. We also want it to be
2640 easy for translators to keep the translation up to date, and give them
2641 help in figuring out what need to be translated. Here is the list of
2642 tools and the process we have found trying to reach all these
2645 <p
>We maintain the authoritative source of our manual in the
2646 <a href=
"https://wiki.debian.org/DebianEdu/Documentation/Wheezy/
">Debian
2647 wiki
</a
>, as several wiki pages written in English. It consist of one
2648 front page with references to the different chapters, several pages
2649 for each chapter, and finally one
"collection page
" gluing all the
2650 chapters together into one large web page (aka
2651 <a href=
"https://wiki.debian.org/DebianEdu/Documentation/Wheezy/AllInOne
">the
2652 AllInOne page
</a
>). The AllInOne page is the one used for further
2653 processing and translations. Thanks to the fact that the
2654 <a href=
"http://moinmo.in/
">MoinMoin
</a
> installation on
2655 wiki.debian.org support exporting pages in
2656 <a href=
"http://www.docbook.org/
">the Docbook format
</a
>, we can fetch
2657 the list of pages to export using the raw version of the AllInOne
2658 page, loop over each of them to generate a Docbook XML version of the
2659 manual. This process also download images and transform image
2660 references to use the locally downloaded images. The generated
2661 Docbook XML files are slightly broken, so some post-processing is done
2662 using the
<tt
>documentation/scripts/get_manual
</tt
> program, and the
2663 result is a nice Docbook XML file (debian-edu-wheezy-manual.xml) and
2664 a handfull of images. The XML file can now be used to generate PDF, HTML
2665 and epub versions of the English manual. This is the basic step of
2666 our process, making PDF (using dblatex), HTML (using xsltproc) and
2667 epub (using dbtoepub) version from Docbook XML, and the resulting files
2668 are placed in the debian-edu-doc-en binary package.
</p
>
2670 <p
>But English documentation is not enough for us. We want translated
2671 documentation too, and we want to make it easy for translators to
2672 track the English original. For this we use the
2673 <a href=
"http://packages.qa.debian.org/p/poxml.html
">poxml
</a
> package,
2674 which allow us to transform the English Docbook XML file into a
2675 translation file (a .pot file), usable with the normal gettext based
2676 translation tools used by those translating free software. The pot
2677 file is used to create and maintain translation files (several .po
2678 files), which the translations update with the native language
2679 translations of all titles, paragraphs and blocks of text in the
2680 original. The next step is combining the original English Docbook XML
2681 and the translation file (say debian-edu-wheezy-manual.nb.po), to
2682 create a translated Docbook XML file (in this case
2683 debian-edu-wheezy-manual.nb.xml). This translated (or partly
2684 translated, if the translation is not complete) Docbook XML file can
2685 then be used like the original to create a PDF, HTML and epub version
2686 of the documentation.
</p
>
2688 <p
>The translators use different tools to edit the .po files. We
2690 <a href=
"http://www.kde.org/applications/development/lokalize/
">lokalize
</a
>,
2691 while some use emacs and vi, others can use web based editors like
2692 <a href=
"http://pootle.translatehouse.org/
">Poodle
</a
> or
2693 <a href=
"https://www.transifex.com/
">Transifex
</a
>. All we care about
2694 is where the .po file end up, in our git repository. Updated
2695 translations can either be committed directly to git, or submitted as
2696 <a href=
"https://bugs.debian.org/src:debian-edu-doc
">bug reports
2697 against the debian-edu-doc package
</a
>.
</p
>
2699 <p
>One challenge is images, which both might need to be translated (if
2700 they show translated user applications), and are needed in different
2701 formats when creating PDF and HTML versions (epub is a HTML version in
2702 this regard). For this we transform the original PNG images to the
2703 needed density and format during build, and have a way to provide
2704 translated images by storing translated versions in
2705 images/$LANGUAGECODE/. I am a bit unsure about the details here. The
2706 package maintainers know more.
</p
>
2708 <p
>If you wonder what the result look like, we provide
2709 <a href=
"http://maintainer.skolelinux.org/debian-edu-doc/
">the content
2710 of the documentation packages on the web
</a
>. See for example the
2711 <a href=
"http://maintainer.skolelinux.org/debian-edu-doc/it/debian-edu-wheezy-manual.pdf
">Italian
2712 PDF version
</a
> or the
2713 <a href=
"http://maintainer.skolelinux.org/debian-edu-doc/de/debian-edu-wheezy-manual.html
">German
2714 HTML version
</a
>. We do not yet build the epub version by default,
2715 but perhaps it will be done in the future.
</p
>
2717 <p
>To learn more, check out
2718 <a href=
"http://packages.qa.debian.org/d/debian-edu-doc.html
">the
2719 debian-edu-doc package
</a
>,
2720 <a href=
"https://wiki.debian.org/DebianEdu/Documentation/Wheezy/
">the
2721 manual on the wiki
</a
> and
2722 <a href=
"https://wiki.debian.org/DebianEdu/Documentation/Wheezy/Translations
">the
2723 translation instructions
</a
> in the manual.
</p
>
2728 <title>Install hardware dependent packages using tasksel (Isenkram
0.7)
</title>
2729 <link>http://people.skolelinux.org/pere/blog/Install_hardware_dependent_packages_using_tasksel__Isenkram_0_7_.html
</link>
2730 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Install_hardware_dependent_packages_using_tasksel__Isenkram_0_7_.html
</guid>
2731 <pubDate>Wed,
23 Apr
2014 14:
50:
00 +
0200</pubDate>
2732 <description><p
>It would be nice if it was easier in Debian to get all the hardware
2733 related packages relevant for the computer installed automatically.
2734 So I implemented one, using
2735 <a href=
"http://packages.qa.debian.org/isenkram
">my Isenkram
2736 package
</a
>. To use it, install the tasksel and isenkram packages and
2737 run tasksel as user root. You should be presented with a new option,
2738 "Hardware specific packages (autodetected by isenkram)
". When you
2739 select it, tasksel will install the packages isenkram claim is fit for
2740 the current hardware, hot pluggable or not.
<p
>
2742 <p
>The implementation is in two files, one is the tasksel menu entry
2743 description, and the other is the script used to extract the list of
2744 packages to install. The first part is in
2745 <tt
>/usr/share/tasksel/descs/isenkram.desc
</tt
> and look like
2748 <p
><blockquote
><pre
>
2751 Description: Hardware specific packages (autodetected by isenkram)
2752 Based on the detected hardware various hardware specific packages are
2754 Test-new-install: mark show
2756 Packages: for-current-hardware
2757 </pre
></blockquote
></p
>
2759 <p
>The second part is in
2760 <tt
>/usr/lib/tasksel/packages/for-current-hardware
</tt
> and look like
2763 <p
><blockquote
><pre
>
2768 isenkram-autoinstall-firmware -l
2770 </pre
></blockquote
></p
>
2772 <p
>All in all, a very short and simple implementation making it
2773 trivial to install the hardware dependent package we all may want to
2774 have installed on our machines. I
've not been able to find a way to
2775 get tasksel to tell you exactly which packages it plan to install
2776 before doing the installation. So if you are curious or careful,
2777 check the output from the isenkram-* command line tools first.
</p
>
2779 <p
>The information about which packages are handling which hardware is
2780 fetched either from the isenkram package itself in
2781 /usr/share/isenkram/, from git.debian.org or from the APT package
2782 database (using the Modaliases header). The APT package database
2783 parsing have caused a nasty resource leak in the isenkram daemon (bugs
2784 <a href=
"http://bugs.debian.org/
719837">#
719837</a
> and
2785 <a href=
"http://bugs.debian.org/
730704">#
730704</a
>). The cause is in
2786 the python-apt code (bug
2787 <a href=
"http://bugs.debian.org/
745487">#
745487</a
>), but using a
2788 workaround I was able to get rid of the file descriptor leak and
2789 reduce the memory leak from ~
30 MiB per hardware detection down to
2790 around
2 MiB per hardware detection. It should make the desktop
2791 daemon a lot more useful. The fix is in version
0.7 uploaded to
2792 unstable today.
</p
>
2794 <p
>I believe the current way of mapping hardware to packages in
2795 Isenkram is is a good draft, but in the future I expect isenkram to
2796 use the AppStream data source for this. A proposal for getting proper
2797 AppStream support into Debian is floating around as
2798 <a href=
"https://wiki.debian.org/DEP-
11">DEP-
11</a
>, and
2799 <a href=
"https://wiki.debian.org/SummerOfCode2014/Projects#SummerOfCode2014.2FProjects
.2FAppStreamDEP11Implementation.AppStream
.2FDEP-
11_for_the_Debian_Archive
">GSoC
2800 project
</a
> will take place this summer to improve the situation. I
2801 look forward to seeing the result, and welcome patches for isenkram to
2802 start using the information when it is ready.
</p
>
2804 <p
>If you want your package to map to some specific hardware, either
2805 add a
"Xb-Modaliases
" header to your control file like I did in
2806 <a href=
"http://packages.qa.debian.org/pymissile
">the pymissile
2807 package
</a
> or submit a bug report with the details to the isenkram
2809 <a href=
"http://people.skolelinux.org/pere/blog/tags/isenkram/
">all my
2810 blog posts tagged isenkram
</a
> for details on the notation. I expect
2811 the information will be migrated to AppStream eventually, but for the
2812 moment I got no better place to store it.
</p
>
2817 <title>FreedomBox milestone - all packages now in Debian Sid
</title>
2818 <link>http://people.skolelinux.org/pere/blog/FreedomBox_milestone___all_packages_now_in_Debian_Sid.html
</link>
2819 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/FreedomBox_milestone___all_packages_now_in_Debian_Sid.html
</guid>
2820 <pubDate>Tue,
15 Apr
2014 22:
10:
00 +
0200</pubDate>
2821 <description><p
>The
<a href=
"https://wiki.debian.org/FreedomBox
">Freedombox
2822 project
</a
> is working on providing the software and hardware to make
2823 it easy for non-technical people to host their data and communication
2824 at home, and being able to communicate with their friends and family
2825 encrypted and away from prying eyes. It is still going strong, and
2826 today a major mile stone was reached.
</p
>
2828 <p
>Today, the last of the packages currently used by the project to
2829 created the system images were accepted into Debian Unstable. It was
2830 the freedombox-setup package, which is used to configure the images
2831 during build and on the first boot. Now all one need to get going is
2832 the build code from the freedom-maker git repository and packages from
2833 Debian. And once the freedombox-setup package enter testing, we can
2834 build everything directly from Debian. :)
</p
>
2836 <p
>Some key packages used by Freedombox are
2837 <a href=
"http://packages.qa.debian.org/freedombox-setup
">freedombox-setup
</a
>,
2838 <a href=
"http://packages.qa.debian.org/plinth
">plinth
</a
>,
2839 <a href=
"http://packages.qa.debian.org/pagekite
">pagekite
</a
>,
2840 <a href=
"http://packages.qa.debian.org/tor
">tor
</a
>,
2841 <a href=
"http://packages.qa.debian.org/privoxy
">privoxy
</a
>,
2842 <a href=
"http://packages.qa.debian.org/owncloud
">owncloud
</a
> and
2843 <a href=
"http://packages.qa.debian.org/dnsmasq
">dnsmasq
</a
>. There
2844 are plans to integrate more packages into the setup. User
2845 documentation is maintained on the Debian wiki. Please
2846 <a href=
"https://wiki.debian.org/FreedomBox/Manual/Jessie
">check out
2847 the manual
</a
> and help us improve it.
</p
>
2849 <p
>To test for yourself and create boot images with the FreedomBox
2850 setup, run this on a Debian machine using a user with sudo rights to
2851 become root:
</p
>
2853 <p
><pre
>
2854 sudo apt-get install git vmdebootstrap mercurial python-docutils \
2855 mktorrent extlinux virtualbox qemu-user-static binfmt-support \
2857 git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \
2859 make -C freedom-maker dreamplug-image raspberry-image virtualbox-image
2860 </pre
></p
>
2862 <p
>Root access is needed to run debootstrap and mount loopback
2863 devices. See the README in the freedom-maker git repo for more
2864 details on the build. If you do not want all three images, trim the
2865 make line. Note that the virtualbox-image target is not really
2866 virtualbox specific. It create a x86 image usable in kvm, qemu,
2867 vmware and any other x86 virtual machine environment. You might need
2868 the version of vmdebootstrap in Jessie to get the build working, as it
2869 include fixes for a race condition with kpartx.
</p
>
2871 <p
>If you instead want to install using a Debian CD and the preseed
2872 method, boot a Debian Wheezy ISO and use this boot argument to load
2873 the preseed values:
</p
>
2875 <p
><pre
>
2876 url=
<a href=
"http://www.reinholdtsen.name/freedombox/preseed-jessie.dat
">http://www.reinholdtsen.name/freedombox/preseed-jessie.dat
</a
>
2877 </pre
></p
>
2879 <p
>I have not tested it myself the last few weeks, so I do not know if
2880 it still work.
</p
>
2882 <p
>If you wonder how to help, one task you could look at is using
2883 systemd as the boot system. It will become the default for Linux in
2884 Jessie, so we need to make sure it is usable on the Freedombox. I did
2885 a simple test a few weeks ago, and noticed dnsmasq failed to start
2886 during boot when using systemd. I suspect there are other problems
2887 too. :) To detect problems, there is a test suite included, which can
2888 be run from the plinth web interface.
</p
>
2890 <p
>Give it a go and let us know how it goes on the mailing list, and help
2891 us get the new release published. :) Please join us on
2892 <a href=
"irc://irc.debian.org:
6667/%
23freedombox
">IRC (#freedombox on
2893 irc.debian.org)
</a
> and
2894 <a href=
"http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
">the
2895 mailing list
</a
> if you want to help make this vision come true.
</p
>
2900 <title>S3QL, a locally mounted cloud file system - nice free software
</title>
2901 <link>http://people.skolelinux.org/pere/blog/S3QL__a_locally_mounted_cloud_file_system___nice_free_software.html
</link>
2902 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/S3QL__a_locally_mounted_cloud_file_system___nice_free_software.html
</guid>
2903 <pubDate>Wed,
9 Apr
2014 11:
30:
00 +
0200</pubDate>
2904 <description><p
>For a while now, I have been looking for a sensible offsite backup
2905 solution for use at home. My requirements are simple, it must be
2906 cheap and locally encrypted (in other words, I keep the encryption
2907 keys, the storage provider do not have access to my private files).
2908 One idea me and my friends had many years ago, before the cloud
2909 storage providers showed up, was to use Google mail as storage,
2910 writing a Linux block device storing blocks as emails in the mail
2911 service provided by Google, and thus get heaps of free space. On top
2912 of this one can add encryption, RAID and volume management to have
2913 lots of (fairly slow, I admit that) cheap and encrypted storage. But
2914 I never found time to implement such system. But the last few weeks I
2915 have looked at a system called
2916 <a href=
"https://bitbucket.org/nikratio/s3ql/
">S3QL
</a
>, a locally
2917 mounted network backed file system with the features I need.
</p
>
2919 <p
>S3QL is a fuse file system with a local cache and cloud storage,
2920 handling several different storage providers, any with Amazon S3,
2921 Google Drive or OpenStack API. There are heaps of such storage
2922 providers. S3QL can also use a local directory as storage, which
2923 combined with sshfs allow for file storage on any ssh server. S3QL
2924 include support for encryption, compression, de-duplication, snapshots
2925 and immutable file systems, allowing me to mount the remote storage as
2926 a local mount point, look at and use the files as if they were local,
2927 while the content is stored in the cloud as well. This allow me to
2928 have a backup that should survive fire. The file system can not be
2929 shared between several machines at the same time, as only one can
2930 mount it at the time, but any machine with the encryption key and
2931 access to the storage service can mount it if it is unmounted.
</p
>
2933 <p
>It is simple to use. I
'm using it on Debian Wheezy, where the
2934 package is included already. So to get started, run
<tt
>apt-get
2935 install s3ql
</tt
>. Next, pick a storage provider. I ended up picking
2936 Greenqloud, after reading their nice recipe on
2937 <a href=
"https://greenqloud.zendesk.com/entries/
44611757-How-To-Use-S3QL-to-mount-a-StorageQloud-bucket-on-Debian-Wheezy
">how
2938 to use S3QL with their Amazon S3 service
</a
>, because I trust the laws
2939 in Iceland more than those in USA when it come to keeping my personal
2940 data safe and private, and thus would rather spend money on a company
2941 in Iceland. Another nice recipe is available from the article
2942 <a href=
"http://www.admin-magazine.com/HPC/Articles/HPC-Cloud-Storage
">S3QL
2943 Filesystem for HPC Storage
</a
> by Jeff Layton in the HPC section of
2944 Admin magazine. When the provider is picked, figure out how to get
2945 the API key needed to connect to the storage API. With Greencloud,
2946 the key did not show up until I had added payment details to my
2949 <p
>Armed with the API access details, it is time to create the file
2950 system. First, create a new bucket in the cloud. This bucket is the
2951 file system storage area. I picked a bucket name reflecting the
2952 machine that was going to store data there, but any name will do.
2953 I
'll refer to it as
<tt
>bucket-name
</tt
> below. In addition, one need
2954 the API login and password, and a locally created password. Store it
2955 all in ~root/.s3ql/authinfo2 like this:
2957 <p
><blockquote
><pre
>
2959 storage-url: s3c://s.greenqloud.com:
443/bucket-name
2960 backend-login: API-login
2961 backend-password: API-password
2962 fs-passphrase: local-password
2963 </pre
></blockquote
></p
>
2965 <p
>I create my local passphrase using
<tt
>pwget
50</tt
> or similar,
2966 but any sensible way to create a fairly random password should do it.
2967 Armed with these details, it is now time to run mkfs, entering the API
2968 details and password to create it:
</p
>
2970 <p
><blockquote
><pre
>
2971 # mkdir -m
700 /var/lib/s3ql-cache
2972 # mkfs.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
2973 --ssl s3c://s.greenqloud.com:
443/bucket-name
2974 Enter backend login:
2975 Enter backend password:
2976 Before using S3QL, make sure to read the user
's guide, especially
2977 the
'Important Rules to Avoid Loosing Data
' section.
2978 Enter encryption password:
2979 Confirm encryption password:
2980 Generating random encryption key...
2981 Creating metadata tables...
2991 Compressing and uploading metadata...
2992 Wrote
0.00 MB of compressed metadata.
2993 #
</pre
></blockquote
></p
>
2995 <p
>The next step is mounting the file system to make the storage available.
2997 <p
><blockquote
><pre
>
2998 # mount.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
2999 --ssl --allow-root s3c://s.greenqloud.com:
443/bucket-name /s3ql
3000 Using
4 upload threads.
3001 Downloading and decompressing metadata...
3011 Mounting filesystem...
3013 Filesystem Size Used Avail Use% Mounted on
3014 s3c://s.greenqloud.com:
443/bucket-name
1.0T
0 1.0T
0% /s3ql
3016 </pre
></blockquote
></p
>
3018 <p
>The file system is now ready for use. I use rsync to store my
3019 backups in it, and as the metadata used by rsync is downloaded at
3020 mount time, no network traffic (and storage cost) is triggered by
3021 running rsync. To unmount, one should not use the normal umount
3022 command, as this will not flush the cache to the cloud storage, but
3023 instead running the umount.s3ql command like this:
3025 <p
><blockquote
><pre
>
3028 </pre
></blockquote
></p
>
3030 <p
>There is a fsck command available to check the file system and
3031 correct any problems detected. This can be used if the local server
3032 crashes while the file system is mounted, to reset the
"already
3033 mounted
" flag. This is what it look like when processing a working
3034 file system:
</p
>
3036 <p
><blockquote
><pre
>
3037 # fsck.s3ql --force --ssl s3c://s.greenqloud.com:
443/bucket-name
3038 Using cached metadata.
3039 File system seems clean, checking anyway.
3040 Checking DB integrity...
3041 Creating temporary extra indices...
3042 Checking lost+found...
3043 Checking cached objects...
3044 Checking names (refcounts)...
3045 Checking contents (names)...
3046 Checking contents (inodes)...
3047 Checking contents (parent inodes)...
3048 Checking objects (reference counts)...
3049 Checking objects (backend)...
3050 ..processed
5000 objects so far..
3051 ..processed
10000 objects so far..
3052 ..processed
15000 objects so far..
3053 Checking objects (sizes)...
3054 Checking blocks (referenced objects)...
3055 Checking blocks (refcounts)...
3056 Checking inode-block mapping (blocks)...
3057 Checking inode-block mapping (inodes)...
3058 Checking inodes (refcounts)...
3059 Checking inodes (sizes)...
3060 Checking extended attributes (names)...
3061 Checking extended attributes (inodes)...
3062 Checking symlinks (inodes)...
3063 Checking directory reachability...
3064 Checking unix conventions...
3065 Checking referential integrity...
3066 Dropping temporary indices...
3067 Backing up old metadata...
3077 Compressing and uploading metadata...
3078 Wrote
0.89 MB of compressed metadata.
3080 </pre
></blockquote
></p
>
3082 <p
>Thanks to the cache, working on files that fit in the cache is very
3083 quick, about the same speed as local file access. Uploading large
3084 amount of data is to me limited by the bandwidth out of and into my
3085 house. Uploading
685 MiB with a
100 MiB cache gave me
305 kiB/s,
3086 which is very close to my upload speed, and downloading the same
3087 Debian installation ISO gave me
610 kiB/s, close to my download speed.
3088 Both were measured using
<tt
>dd
</tt
>. So for me, the bottleneck is my
3089 network, not the file system code. I do not know what a good cache
3090 size would be, but suspect that the cache should e larger than your
3091 working set.
</p
>
3093 <p
>I mentioned that only one machine can mount the file system at the
3094 time. If another machine try, it is told that the file system is
3097 <p
><blockquote
><pre
>
3098 # mount.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
3099 --ssl --allow-root s3c://s.greenqloud.com:
443/bucket-name /s3ql
3100 Using
8 upload threads.
3101 Backend reports that fs is still mounted elsewhere, aborting.
3103 </pre
></blockquote
></p
>
3105 <p
>The file content is uploaded when the cache is full, while the
3106 metadata is uploaded once every
24 hour by default. To ensure the
3107 file system content is flushed to the cloud, one can either umount the
3108 file system, or ask S3QL to flush the cache and metadata using
3111 <p
><blockquote
><pre
>
3112 # s3qlctrl upload-meta /s3ql
3113 # s3qlctrl flushcache /s3ql
3115 </pre
></blockquote
></p
>
3117 <p
>If you are curious about how much space your data uses in the
3118 cloud, and how much compression and deduplication cut down on the
3119 storage usage, you can use s3qlstat on the mounted file system to get
3122 <p
><blockquote
><pre
>
3124 Directory entries:
9141
3127 Total data size:
22049.38 MB
3128 After de-duplication:
21955.46 MB (
99.57% of total)
3129 After compression:
21877.28 MB (
99.22% of total,
99.64% of de-duplicated)
3130 Database size:
2.39 MB (uncompressed)
3131 (some values do not take into account not-yet-uploaded dirty blocks in cache)
3133 </pre
></blockquote
></p
>
3135 <p
>I mentioned earlier that there are several possible suppliers of
3136 storage. I did not try to locate them all, but am aware of at least
3137 <a href=
"https://www.greenqloud.com/
">Greenqloud
</a
>,
3138 <a href=
"http://drive.google.com/
">Google Drive
</a
>,
3139 <a href=
"http://aws.amazon.com/s3/
">Amazon S3 web serivces
</a
>,
3140 <a href=
"http://www.rackspace.com/
">Rackspace
</a
> and
3141 <a href=
"http://crowncloud.net/
">Crowncloud
</A
>. The latter even
3142 accept payment in Bitcoin. Pick one that suit your need. Some of
3143 them provide several GiB of free storage, but the prize models are
3144 quite different and you will have to figure out what suits you
3147 <p
>While researching this blog post, I had a look at research papers
3148 and posters discussing the S3QL file system. There are several, which
3149 told me that the file system is getting a critical check by the
3150 science community and increased my confidence in using it. One nice
3152 "<a href=
"http://www.lanl.gov/orgs/adtsc/publications/science_highlights_2013/docs/pg68_69.pdf
">An
3153 Innovative Parallel Cloud Storage System using OpenStack’s SwiftObject
3154 Store and Transformative Parallel I/O Approach
</a
>" by Hsing-Bung
3155 Chen, Benjamin McClelland, David Sherrill, Alfred Torrez, Parks Fields
3156 and Pamela Smith. Please have a look.
</p
>
3158 <p
>Given my problems with different file systems earlier, I decided to
3159 check out the mounted S3QL file system to see if it would be usable as
3160 a home directory (in other word, that it provided POSIX semantics when
3161 it come to locking and umask handling etc). Running
3162 <a href=
"http://people.skolelinux.org/pere/blog/Testing_if_a_file_system_can_be_used_for_home_directories___.html
">my
3163 test code to check file system semantics
</a
>, I was happy to discover that
3164 no error was found. So the file system can be used for home
3165 directories, if one chooses to do so.
</p
>
3167 <p
>If you do not want a locally file system, and want something that
3168 work without the Linux fuse file system, I would like to mention the
3169 <a href=
"http://www.tarsnap.com/
">Tarsnap service
</a
>, which also
3170 provide locally encrypted backup using a command line client. It have
3171 a nicer access control system, where one can split out read and write
3172 access, allowing some systems to write to the backup and others to
3173 only read from it.
</p
>
3175 <p
>As usual, if you use Bitcoin and want to show your support of my
3176 activities, please send Bitcoin donations to my address
3177 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
&label=PetterReinholdtsenBlog
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
3182 <title>Freedombox on Dreamplug, Raspberry Pi and virtual x86 machine
</title>
3183 <link>http://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html
</link>
3184 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html
</guid>
3185 <pubDate>Fri,
14 Mar
2014 11:
00:
00 +
0100</pubDate>
3186 <description><p
>The
<a href=
"https://wiki.debian.org/FreedomBox
">Freedombox
3187 project
</a
> is working on providing the software and hardware for
3188 making it easy for non-technical people to host their data and
3189 communication at home, and being able to communicate with their
3190 friends and family encrypted and away from prying eyes. It has been
3191 going on for a while, and is slowly progressing towards a new test
3192 release (
0.2).
</p
>
3194 <p
>And what day could be better than the Pi day to announce that the
3195 new version will provide
"hard drive
" / SD card / USB stick images for
3196 Dreamplug, Raspberry Pi and VirtualBox (or any other virtualization
3197 system), and can also be installed using a Debian installer preseed
3198 file. The Debian based Freedombox is now based on Debian Jessie,
3199 where most of the needed packages used are already present. Only one,
3200 the freedombox-setup package, is missing. To try to build your own
3201 boot image to test the current status, fetch the freedom-maker scripts
3203 <a href=
"http://packages.qa.debian.org/vmdebootstrap
">vmdebootstrap
</a
>
3204 with a user with sudo access to become root:
3207 git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \
3209 sudo apt-get install git vmdebootstrap mercurial python-docutils \
3210 mktorrent extlinux virtualbox qemu-user-static binfmt-support \
3212 make -C freedom-maker dreamplug-image raspberry-image virtualbox-image
3215 <p
>Root access is needed to run debootstrap and mount loopback
3216 devices. See the README for more details on the build. If you do not
3217 want all three images, trim the make line. But note that thanks to
<a
3218 href=
"https://bugs.debian.org/
741407">a race condition in
3219 vmdebootstrap
</a
>, the build might fail without the patch to the
3220 kpartx call.
</p
>
3222 <p
>If you instead want to install using a Debian CD and the preseed
3223 method, boot a Debian Wheezy ISO and use this boot argument to load
3224 the preseed values:
</p
>
3227 url=
<a href=
"http://www.reinholdtsen.name/freedombox/preseed-jessie.dat
">http://www.reinholdtsen.name/freedombox/preseed-jessie.dat
</a
>
3230 <p
>But note that due to
<a href=
"https://bugs.debian.org/
740673">a
3231 recently introduced bug in apt in Jessie
</a
>, the installer will
3232 currently hang while setting up APT sources. Killing the
3233 '<tt
>apt-cdrom ident
</tt
>' process when it hang a few times during the
3234 installation will get the installation going. This affect all
3235 installations in Jessie, and I expect it will be fixed soon.
</p
>
3237 <p
>Give it a go and let us know how it goes on the mailing list, and help
3238 us get the new release published. :) Please join us on
3239 <a href=
"irc://irc.debian.org:
6667/%
23freedombox
">IRC (#freedombox on
3240 irc.debian.org)
</a
> and
3241 <a href=
"http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
">the
3242 mailing list
</a
> if you want to help make this vision come true.
</p
>
3247 <title>New home and release
1.0 for netgroup and innetgr (aka ng-utils)
</title>
3248 <link>http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html
</link>
3249 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html
</guid>
3250 <pubDate>Sat,
22 Feb
2014 21:
45:
00 +
0100</pubDate>
3251 <description><p
>Many years ago, I wrote a GPL licensed version of the netgroup and
3252 innetgr tools, because I needed them in
3253 <a href=
"http://www.skolelinux.org/
">Skolelinux
</a
>. I called the project
3254 ng-utils, and it has served me well. I placed the project under the
3255 <a href=
"http://www.hungry.com/
">Hungry Programmer
</a
> umbrella, and it was maintained in our CVS
3256 repository. But many years ago, the CVS repository was dropped (lost,
3257 not migrated to new hardware, not sure), and the project have lacked a
3258 proper home since then.
</p
>
3260 <p
>Last summer, I had a look at the package and made a new release
3261 fixing a irritating crash bug, but was unable to store the changes in
3262 a proper source control system. I applied for a project on
3263 <a href=
"https://alioth.debian.org/
">Alioth
</a
>, but did not have time
3264 to follow up on it. Until today. :)
</p
>
3266 <p
>After many hours of cleaning and migration, the ng-utils project
3267 now have a new home, and a git repository with the highlight of the
3268 history of the project. I published all release tarballs and imported
3269 them into the git repository. As the project is really stable and not
3270 expected to gain new features any time soon, I decided to make a new
3271 release and call it
1.0. Visit the new project home on
3272 <a href=
"https://alioth.debian.org/projects/ng-utils/
">https://alioth.debian.org/projects/ng-utils/
</a
>
3273 if you want to check it out. The new version is also uploaded into
3274 <a href=
"http://packages.qa.debian.org/n/ng-utils.html
">Debian Unstable
</a
>.
</p
>
3279 <title>Testing sysvinit from experimental in Debian Hurd
</title>
3280 <link>http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html
</link>
3281 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html
</guid>
3282 <pubDate>Mon,
3 Feb
2014 13:
40:
00 +
0100</pubDate>
3283 <description><p
>A few days ago I decided to try to help the Hurd people to get
3284 their changes into sysvinit, to allow them to use the normal sysvinit
3285 boot system instead of their old one. This follow up on the
3286 <a href=
"https://teythoon.cryptobitch.de//categories/gsoc.html
">great
3287 Google Summer of Code work
</a
> done last summer by Justus Winter to
3288 get Debian on Hurd working more like Debian on Linux. To get started,
3289 I downloaded a prebuilt hard disk image from
3290 <a href=
"http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz
">http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz
</a
>,
3291 and started it using virt-manager.
</p
>
3293 <p
>The first think I had to do after logging in (root without any
3294 password) was to get the network operational. I followed
3295 <a href=
"https://www.debian.org/ports/hurd/hurd-install
">the
3296 instructions on the Debian GNU/Hurd ports page
</a
> and ran these
3297 commands as root to get the machine to accept a IP address from the
3298 kvm internal DHCP server:
</p
>
3300 <p
><blockquote
><pre
>
3301 settrans -fgap /dev/netdde /hurd/netdde
3302 kill $(ps -ef|awk
'/[p]finet/ { print $
2}
')
3303 kill $(ps -ef|awk
'/[d]evnode/ { print $
2}
')
3305 </pre
></blockquote
></p
>
3307 <p
>After this, the machine had internet connectivity, and I could
3308 upgrade it and install the sysvinit packages from experimental and
3309 enable it as the default boot system in Hurd.
</p
>
3311 <p
>But before I did that, I set a password on the root user, as ssh is
3312 running on the machine it for ssh login to work a password need to be
3313 set. Also, note that a bug somewhere in openssh on Hurd block
3314 compression from working. Remember to turn that off on the client
3317 <p
>Run these commands as root to upgrade and test the new sysvinit
3320 <p
><blockquote
><pre
>
3321 cat
> /etc/apt/sources.list.d/experimental.list
&lt;
&lt;EOF
3322 deb http://http.debian.net/debian/ experimental main
3325 apt-get dist-upgrade
3326 apt-get install -t experimental initscripts sysv-rc sysvinit \
3327 sysvinit-core sysvinit-utils
3328 update-alternatives --config runsystem
3329 </pre
></blockquote
></p
>
3331 <p
>To reboot after switching boot system, you have to use
3332 <tt
>reboot-hurd
</tt
> instead of just
<tt
>reboot
</tt
>, as there is not
3333 yet a sysvinit process able to receive the signals from the normal
3334 'reboot
' command. After switching to sysvinit as the boot system,
3335 upgrading every package and rebooting, the network come up with DHCP
3336 after boot as it should, and the settrans/pkill hack mentioned at the
3337 start is no longer needed. But for some strange reason, there are no
3338 longer any login prompt in the virtual console, so I logged in using
3341 <p
>Note that there are some race conditions in Hurd making the boot
3342 fail some times. No idea what the cause is, but hope the Hurd porters
3343 figure it out. At least Justus said on IRC (#debian-hurd on
3344 irc.debian.org) that they are aware of the problem. A way to reduce
3345 the impact is to upgrade to the Hurd packages built by Justus by
3346 adding this repository to the machine:
</p
>
3348 <p
><blockquote
><pre
>
3349 cat
> /etc/apt/sources.list.d/hurd-ci.list
&lt;
&lt;EOF
3350 deb http://darnassus.sceen.net/~teythoon/hurd-ci/ sid main
3352 </pre
></blockquote
></p
>
3354 <p
>At the moment the prebuilt virtual machine get some packages from
3355 http://ftp.debian-ports.org/debian, because some of the packages in
3356 unstable do not yet include the required patches that are lingering in
3357 BTS. This is the completely list of
"unofficial
" packages installed:
</p
>
3359 <p
><blockquote
><pre
>
3360 # aptitude search
'?narrow(?version(CURRENT),?origin(Debian Ports))
'
3361 i emacs - GNU Emacs editor (metapackage)
3362 i gdb - GNU Debugger
3363 i hurd-recommended - Miscellaneous translators
3364 i isc-dhcp-client - ISC DHCP client
3365 i isc-dhcp-common - common files used by all the isc-dhcp* packages
3366 i libc-bin - Embedded GNU C Library: Binaries
3367 i libc-dev-bin - Embedded GNU C Library: Development binaries
3368 i libc0.3 - Embedded GNU C Library: Shared libraries
3369 i A libc0.3-dbg - Embedded GNU C Library: detached debugging symbols
3370 i libc0.3-dev - Embedded GNU C Library: Development Libraries and Hea
3371 i multiarch-support - Transitional package to ensure multiarch compatibilit
3372 i A x11-common - X Window System (X.Org) infrastructure
3373 i xorg - X.Org X Window System
3374 i A xserver-xorg - X.Org X server
3375 i A xserver-xorg-input-all - X.Org X server -- input driver metapackage
3377 </pre
></blockquote
></p
>
3379 <p
>All in all, testing hurd has been an interesting experience. :)
3380 X.org did not work out of the box and I never took the time to follow
3381 the porters instructions to fix it. This time I was interested in the
3382 command line stuff.
<p
>
3387 <title>New chrpath release
0.16</title>
3388 <link>http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html
</link>
3389 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html
</guid>
3390 <pubDate>Tue,
14 Jan
2014 11:
00:
00 +
0100</pubDate>
3391 <description><p
><a href=
"http://www.coverity.com/
">Coverity
</a
> is a nice tool to
3392 find problems in C, C++ and Java code using static source code
3393 analysis. It can detect a lot of different problems, and is very
3394 useful to find memory and locking bugs in the error handling part of
3395 the source. The company behind it provide
3396 <a href=
"https://scan.coverity.com/
">check of free software projects as
3397 a community service
</a
>, and many hundred free software projects are
3398 already checked. A few days ago I decided to have a closer look at
3399 the Coverity system, and discovered that the
3400 <a href=
"http://www.gnu.org/software/gnash/
">gnash
</a
> and
3401 <a href=
"http://sourceforge.net/projects/ipmitool/
">ipmitool
</a
>
3402 projects I am involved with was already registered. But these are
3403 fairly big, and I would also like to have a small and easy project to
3404 check, and decided to
<a href=
"http://scan.coverity.com/projects/
1179">request
3405 checking of the chrpath project
</a
>. It was
3406 added to the checker and discovered seven potential defects. Six of
3407 these were real, mostly resource
"leak
" when the program detected an
3408 error. Nothing serious, as the resources would be released a fraction
3409 of a second later when the program exited because of the error, but it
3410 is nice to do it right in case the source of the program some time in
3411 the future end up in a library. Having fixed all defects and added
3412 <a href=
"https://lists.alioth.debian.org/mailman/listinfo/chrpath-devel
">a
3413 mailing list for the chrpath developers
</a
>, I decided it was time to
3414 publish a new release. These are the release notes:
</p
>
3416 <p
>New in
0.16 released
2014-
01-
14:
</p
>
3420 <li
>Fixed all minor bugs discovered by Coverity.
</li
>
3421 <li
>Updated config.sub and config.guess from the GNU project.
</li
>
3422 <li
>Mention new project mailing list in the documentation.
</li
>
3427 <a href=
"https://alioth.debian.org/frs/?group_id=
31052">download the
3428 new version
0.16 from alioth
</a
>. Please let us know via the Alioth
3429 project if something is wrong with the new release. The test suite
3430 did not discover any old errors, so if you find a new one, please also
3431 include a test suite check.
</p
>
3436 <title>New chrpath release
0.15</title>
3437 <link>http://people.skolelinux.org/pere/blog/New_chrpath_release_0_15.html
</link>
3438 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_chrpath_release_0_15.html
</guid>
3439 <pubDate>Sun,
24 Nov
2013 09:
30:
00 +
0100</pubDate>
3440 <description><p
>After many years break from the package and a vain hope that
3441 development would be continued by someone else, I finally pulled my
3442 acts together this morning and wrapped up a new release of chrpath,
3443 the command line tool to modify the rpath and runpath of already
3444 compiled ELF programs. The update was triggered by the persistence of
3445 Isha Vishnoi at IBM, which needed a new config.guess file to get
3446 support for the ppc64le architecture (powerpc
64-bit Little Endian) he
3447 is working on. I checked the
3448 <a href=
"http://packages.qa.debian.org/chrpath
">Debian
</a
>,
3449 <a href=
"https://launchpad.net/ubuntu/+source/chrpath
">Ubuntu
</a
> and
3450 <a href=
"https://admin.fedoraproject.org/pkgdb/acls/name/chrpath
">Fedora
</a
>
3451 packages for interesting patches (failed to find the source from
3452 OpenSUSE and Mandriva packages), and found quite a few nice fixes.
3453 These are the release notes:
</p
>
3455 <p
>New in
0.15 released
2013-
11-
24:
</p
>
3459 <li
>Updated config.sub and config.guess from the GNU project to work
3460 with newer architectures. Thanks to isha vishnoi for the heads
3463 <li
>Updated README with current URLs.
</li
>
3465 <li
>Added byteswap fix found in Ubuntu, credited Jeremy Kerr and
3466 Matthias Klose.
</li
>
3468 <li
>Added missing help for -k|--keepgoing option, using patch by
3469 Petr Machata found in Fedora.
</li
>
3471 <li
>Rewrite removal of RPATH/RUNPATH to make sure the entry in
3472 .dynamic is a NULL terminated string. Based on patch found in
3473 Fedora credited Axel Thimm and Christian Krause.
</li
>
3478 <a href=
"https://alioth.debian.org/frs/?group_id=
31052">download the
3479 new version
0.15 from alioth
</a
>. Please let us know via the Alioth
3480 project if something is wrong with the new release. The test suite
3481 did not discover any old errors, so if you find a new one, please also
3482 include a testsuite check.
</p
>
3487 <title>Debian init.d boot script example for rsyslog
</title>
3488 <link>http://people.skolelinux.org/pere/blog/Debian_init_d_boot_script_example_for_rsyslog.html
</link>
3489 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_init_d_boot_script_example_for_rsyslog.html
</guid>
3490 <pubDate>Sat,
2 Nov
2013 22:
40:
00 +
0100</pubDate>
3491 <description><p
>If one of the points of switching to a new init system in Debian is
3492 <a href=
"http://thomas.goirand.fr/blog/?p=
147">to get rid of huge
3493 init.d scripts
</a
>, I doubt we need to switch away from sysvinit and
3494 init.d scripts at all. Here is an example init.d script, ie a rewrite
3495 of /etc/init.d/rsyslog:
</p
>
3497 <p
><pre
>
3498 #!/lib/init/init-d-script
3501 # Required-Start: $remote_fs $time
3502 # Required-Stop: umountnfs $time
3503 # X-Stop-After: sendsigs
3504 # Default-Start:
2 3 4 5
3505 # Default-Stop:
0 1 6
3506 # Short-Description: enhanced syslogd
3507 # Description: Rsyslog is an enhanced multi-threaded syslogd.
3508 # It is quite compatible to stock sysklogd and can be
3509 # used as a drop-in replacement.
3511 DESC=
"enhanced syslogd
"
3512 DAEMON=/usr/sbin/rsyslogd
3513 </pre
></p
>
3515 <p
>Pretty minimalistic to me... For the record, the original sysv-rc
3516 script was
137 lines, and the above is just
15 lines, most of it meta
3517 info/comments.
</p
>
3519 <p
>How to do this, you ask? Well, one create a new script
3520 /lib/init/init-d-script looking something like this:
3522 <p
><pre
>
3525 # Define LSB log_* functions.
3526 # Depend on lsb-base (
>=
3.2-
14) to ensure that this file is present
3527 # and status_of_proc is working.
3528 . /lib/lsb/init-functions
3531 # Function that starts the daemon/service
3537 #
0 if daemon has been started
3538 #
1 if daemon was already running
3539 #
2 if daemon could not be started
3540 start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test
> /dev/null \
3542 start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
3545 # Add code here, if necessary, that waits for the process to be ready
3546 # to handle requests from services started subsequently which depend
3547 # on this one. As a last resort, sleep for some time.
3551 # Function that stops the daemon/service
3556 #
0 if daemon has been stopped
3557 #
1 if daemon was already stopped
3558 #
2 if daemon could not be stopped
3559 # other if a failure occurred
3560 start-stop-daemon --stop --quiet --retry=TERM/
30/KILL/
5 --pidfile $PIDFILE --name $NAME
3561 RETVAL=
"$?
"
3562 [
"$RETVAL
" =
2 ]
&& return
2
3563 # Wait for children to finish too if this is a daemon that forks
3564 # and if the daemon is only ever run from this initscript.
3565 # If the above conditions are not satisfied then add some other code
3566 # that waits for the process to drop all resources that could be
3567 # needed by services started subsequently. A last resort is to
3568 # sleep for some time.
3569 start-stop-daemon --stop --quiet --oknodo --retry=
0/
30/KILL/
5 --exec $DAEMON
3570 [
"$?
" =
2 ]
&& return
2
3571 # Many daemons don
't delete their pidfiles when they exit.
3573 return
"$RETVAL
"
3577 # Function that sends a SIGHUP to the daemon/service
3581 # If the daemon can reload its configuration without
3582 # restarting (for example, when it is sent a SIGHUP),
3583 # then implement that here.
3585 start-stop-daemon --stop --signal
1 --quiet --pidfile $PIDFILE --name $NAME
3590 scriptbasename=
"$(basename $
1)
"
3591 echo
"SN: $scriptbasename
"
3592 if [
"$scriptbasename
" !=
"init-d-library
" ] ; then
3593 script=
"$
1"
3600 NAME=$(basename $DAEMON)
3601 PIDFILE=/var/run/$NAME.pid
3603 # Exit if the package is not installed
3604 #[ -x
"$DAEMON
" ] || exit
0
3606 # Read configuration variable file if it is present
3607 [ -r /etc/default/$NAME ]
&& . /etc/default/$NAME
3609 # Load the VERBOSE setting and other rcS variables
3612 case
"$
1" in
3614 [
"$VERBOSE
" != no ]
&& log_daemon_msg
"Starting $DESC
" "$NAME
"
3616 case
"$?
" in
3617 0|
1) [
"$VERBOSE
" != no ]
&& log_end_msg
0 ;;
3618 2) [
"$VERBOSE
" != no ]
&& log_end_msg
1 ;;
3622 [
"$VERBOSE
" != no ]
&& log_daemon_msg
"Stopping $DESC
" "$NAME
"
3624 case
"$?
" in
3625 0|
1) [
"$VERBOSE
" != no ]
&& log_end_msg
0 ;;
3626 2) [
"$VERBOSE
" != no ]
&& log_end_msg
1 ;;
3630 status_of_proc
"$DAEMON
" "$NAME
" && exit
0 || exit $?
3632 #reload|force-reload)
3634 # If do_reload() is not implemented then leave this commented out
3635 # and leave
'force-reload
' as an alias for
'restart
'.
3637 #log_daemon_msg
"Reloading $DESC
" "$NAME
"
3641 restart|force-reload)
3643 # If the
"reload
" option is implemented then remove the
3644 #
'force-reload
' alias
3646 log_daemon_msg
"Restarting $DESC
" "$NAME
"
3648 case
"$?
" in
3651 case
"$?
" in
3653 1) log_end_msg
1 ;; # Old process is still running
3654 *) log_end_msg
1 ;; # Failed to start
3664 echo
"Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}
" >&2
3670 </pre
></p
>
3672 <p
>It is based on /etc/init.d/skeleton, and could be improved quite a
3673 lot. I did not really polish the approach, so it might not always
3674 work out of the box, but you get the idea. I did not try very hard to
3675 optimize it nor make it more robust either.
</p
>
3677 <p
>A better argument for switching init system in Debian than reducing
3678 the size of init scripts (which is a good thing to do anyway), is to
3679 get boot system that is able to handle the kernel events sensibly and
3680 robustly, and do not depend on the boot to run sequentially. The boot
3681 and the kernel have not behaved sequentially in years.
</p
>
3686 <title>Browser plugin for SPICE (spice-xpi) uploaded to Debian
</title>
3687 <link>http://people.skolelinux.org/pere/blog/Browser_plugin_for_SPICE__spice_xpi__uploaded_to_Debian.html
</link>
3688 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Browser_plugin_for_SPICE__spice_xpi__uploaded_to_Debian.html
</guid>
3689 <pubDate>Fri,
1 Nov
2013 11:
00:
00 +
0100</pubDate>
3690 <description><p
><a href=
"http://www.spice-space.org/
">The SPICE protocol
</a
> for
3691 remote display access is the preferred solution with oVirt and RedHat
3692 Enterprise Virtualization, and I was sad to discover the other day
3693 that the browser plugin needed to use these systems seamlessly was
3694 missing in Debian. The
<a href=
"http://bugs.debian.org/
668284">request
3695 for a package
</a
> was from
2012-
04-
10 with no progress since
3696 2013-
04-
01, so I decided to wrap up a package based on the great work
3697 from Cajus Pollmeier and put it in a collab-maint maintained git
3698 repository to get a package I could use. I would very much like
3699 others to help me maintain the package (or just take over, I do not
3700 mind), but as no-one had volunteered so far, I just uploaded it to
3701 NEW. I hope it will be available in Debian in a few days.
</p
>
3703 <p
>The source is now available from
3704 <a href=
"http://anonscm.debian.org/gitweb/?p=collab-maint/spice-xpi.git;a=summary
">http://anonscm.debian.org/gitweb/?p=collab-maint/spice-xpi.git;a=summary
</a
>.
</p
>
3709 <title>Teaching vmdebootstrap to create Raspberry Pi SD card images
</title>
3710 <link>http://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html
</link>
3711 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html
</guid>
3712 <pubDate>Sun,
27 Oct
2013 17:
00:
00 +
0100</pubDate>
3713 <description><p
>The
3714 <a href=
"http://packages.qa.debian.org/v/vmdebootstrap.html
">vmdebootstrap
</a
>
3715 program is a a very nice system to create virtual machine images. It
3716 create a image file, add a partition table, mount it and run
3717 debootstrap in the mounted directory to create a Debian system on a
3718 stick. Yesterday, I decided to try to teach it how to make images for
3719 <a href=
"https://wiki.debian.org/RaspberryPi
">Raspberry Pi
</a
>, as part
3720 of a plan to simplify the build system for
3721 <a href=
"https://wiki.debian.org/FreedomBox
">the FreedomBox
3722 project
</a
>. The FreedomBox project already uses vmdebootstrap for
3723 the virtualbox images, but its current build system made multistrap
3724 based system for Dreamplug images, and it is lacking support for
3725 Raspberry Pi.
</p
>
3727 <p
>Armed with the knowledge on how to build
"foreign
" (aka non-native
3728 architecture) chroots for Raspberry Pi, I dived into the vmdebootstrap
3729 code and adjusted it to be able to build armel images on my amd64
3730 Debian laptop. I ended up giving vmdebootstrap five new options,
3731 allowing me to replicate the image creation process I use to make
3732 <a href=
"http://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html
">Debian
3733 Jessie based mesh node images for the Raspberry Pi
</a
>. First, the
3734 <tt
>--foreign /path/to/binfm_handler
</tt
> option tell vmdebootstrap to
3735 call debootstrap with --foreign and to copy the handler into the
3736 generated chroot before running the second stage. This allow
3737 vmdebootstrap to create armel images on an amd64 host. Next I added
3738 two new options
<tt
>--bootsize size
</tt
> and
<tt
>--boottype
3739 fstype
</tt
> to teach it to create a separate /boot/ partition with the
3740 given file system type, allowing me to create an image with a vfat
3741 partition for the /boot/ stuff. I also added a
<tt
>--variant
3742 variant
</tt
> option to allow me to create smaller images without the
3743 Debian base system packages installed. Finally, I added an option
3744 <tt
>--no-extlinux
</tt
> to tell vmdebootstrap to not install extlinux
3745 as a boot loader. It is not needed on the Raspberry Pi and probably
3746 most other non-x86 architectures. The changes were accepted by the
3747 upstream author of vmdebootstrap yesterday and today, and is now
3749 <a href=
"http://git.liw.fi/cgi-bin/cgit/cgit.cgi/vmdebootstrap/
">the
3750 upstream project page
</a
>.
</p
>
3752 <p
>To use it to build a Raspberry Pi image using Debian Jessie, first
3753 create a small script (the customize script) to add the non-free
3754 binary blob needed to boot the Raspberry Pi and the APT source
3757 <p
><pre
>
3759 set -e # Exit on first error
3760 rootdir=
"$
1"
3761 cd
"$rootdir
"
3762 cat
&lt;
&lt;EOF
> etc/apt/sources.list
3763 deb http://http.debian.net/debian/ jessie main contrib non-free
3765 # Install non-free binary blob needed to boot Raspberry Pi. This
3766 # install a kernel somewhere too.
3767 wget https://raw.github.com/Hexxeh/rpi-update/master/rpi-update \
3768 -O $rootdir/usr/bin/rpi-update
3769 chmod a+x $rootdir/usr/bin/rpi-update
3770 mkdir -p $rootdir/lib/modules
3771 touch $rootdir/boot/start.elf
3772 chroot $rootdir rpi-update
3773 </pre
></p
>
3775 <p
>Next, fetch the latest vmdebootstrap script and call it like this
3776 to build the image:
</p
>
3779 sudo ./vmdebootstrap \
3782 --distribution jessie \
3783 --mirror http://http.debian.net/debian \
3792 --root-password raspberry \
3793 --hostname raspberrypi \
3794 --foreign /usr/bin/qemu-arm-static \
3795 --customize `pwd`/customize \
3797 --package git-core \
3798 --package binutils \
3799 --package ca-certificates \
3802 </pre
></p
>
3804 <p
>The list of packages being installed are the ones needed by
3805 rpi-update to make the image bootable on the Raspberry Pi, with the
3806 exception of netbase, which is needed by debootstrap to find
3807 /etc/hosts with the minbase variant. I really wish there was a way to
3808 set up an Raspberry Pi using only packages in the Debian archive, but
3809 that is not possible as far as I know, because it boots from the GPU
3810 using a non-free binary blob.
</p
>
3812 <p
>The build host need debootstrap, kpartx and qemu-user-static and
3813 probably a few others installed. I have not checked the complete
3814 build dependency list.
</p
>
3816 <p
>The resulting image will not use the hardware floating point unit
3817 on the Raspberry PI, because the armel architecture in Debian is not
3818 optimized for that use. So the images created will be a bit slower
3819 than
<a href=
"http://www.raspbian.org/
">Raspbian
</a
> based images.
</p
>
3824 <title>Good causes: Debian Outreach Program for Women, EFF documenting the spying and Open access in Norway
</title>
3825 <link>http://people.skolelinux.org/pere/blog/Good_causes__Debian_Outreach_Program_for_Women__EFF_documenting_the_spying_and_Open_access_in_Norway.html
</link>
3826 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Good_causes__Debian_Outreach_Program_for_Women__EFF_documenting_the_spying_and_Open_access_in_Norway.html
</guid>
3827 <pubDate>Tue,
15 Oct
2013 21:
30:
00 +
0200</pubDate>
3828 <description><p
>The last few days I came across a few good causes that should get
3829 wider attention. I recommend signing and donating to each one of
3832 <p
>Via
<a href=
"http://www.debian.org/News/weekly/
2013/
18/
">Debian
3833 Project News for
2013-
10-
14</a
> I came across the Outreach Program for
3834 Women program which is a Google Summer of Code like initiative to get
3835 more women involved in free software. One debian sponsor has offered
3836 to match
<a href=
"http://debian.ch/opw2013
">any donation done to Debian
3837 earmarked
</a
> for this initiative. I donated a few minutes ago, and
3838 hope you will to. :)
</p
>
3840 <p
>And the Electronic Frontier Foundation just announced plans to
3841 create
<a href=
"https://supporters.eff.org/donate/nsa-videos
">video
3842 documentaries about the excessive spying
</a
> on every Internet user that
3843 take place these days, and their need to fund the work. I
've already
3844 donated. Are you next?
</p
>
3846 <p
>For my Norwegian audience, the organisation Studentenes og
3847 Akademikernes Internasjonale Hjelpefond is collecting signatures for a
3848 statement under the heading
3849 <a href=
"http://saih.no/Bloggers_United/
">Bloggers United for Open
3850 Access
</a
> for those of us asking for more focus on open access in the
3851 Norwegian government. So far
499 signatures. I hope you will sign it
3857 <title>Videos about the Freedombox project - for inspiration and learning
</title>
3858 <link>http://people.skolelinux.org/pere/blog/Videos_about_the_Freedombox_project___for_inspiration_and_learning.html
</link>
3859 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Videos_about_the_Freedombox_project___for_inspiration_and_learning.html
</guid>
3860 <pubDate>Fri,
27 Sep
2013 14:
10:
00 +
0200</pubDate>
3861 <description><p
>The
<a href=
"http://www.freedomboxfoundation.org/
">Freedombox
3862 project
</a
> have been going on for a while, and have presented the
3863 vision, ideas and solution several places. Here is a little
3864 collection of videos of talks and presentation of the project.
</p
>
3868 <li
><a href=
"http://www.youtube.com/watch?v=ukvUz5taxvA
">FreedomBox -
3869 2,
5 minute marketing film
</a
> (Youtube)
</li
>
3871 <li
><a href=
"http://www.youtube.com/watch?v=SzW25QTVWsE
">Eben Moglen
3872 discusses the Freedombox on CBS news
2011</a
> (Youtube)
</li
>
3874 <li
><a href=
"http://www.youtube.com/watch?v=Ae8SZbxfE0g
">Eben Moglen -
3875 Freedom in the Cloud - Software Freedom, Privacy and and Security for
3876 Web
2.0 and Cloud computing at ISOC-NY Public Meeting
2010</a
>
3877 (Youtube)
</li
>
3879 <li
><a href=
"http://www.youtube.com/watch?v=vNaIji_3xBE
">Fosdem
2011
3880 Keynote by Eben Moglen presenting the Freedombox
</a
> (Youtube)
</li
>
3882 <li
><a href=
"http://www.youtube.com/watch?v=
9bDDUyJSQ9s
">Presentation of
3883 the Freedombox by James Vasile at Elevate in Gratz
2011</a
> (Youtube)
</li
>
3885 <li
><a href=
"http://www.youtube.com/watch?v=zQTmnk27g9s
"> Freedombox -
3886 Discovery, Identity, and Trust by Nick Daly at Freedombox Hackfest New
3887 York City in
2012</a
> (Youtube)
</li
>
3889 <li
><a href=
"http://www.youtube.com/watch?v=tkbSB4Ba7Ck
">Introduction
3890 to the Freedombox at Freedombox Hackfest New York City in
2012</a
>
3891 (Youtube)
</li
>
3893 <li
><a href=
"http://www.youtube.com/watch?v=z-P2Jaeg0aQ
">Freedom, Out
3894 of the Box! by Bdale Garbee at linux.conf.au Ballarat,
2012</a
> (Youtube)
</li
>
3896 <li
><a href=
"https://archive.fosdem.org/
2013/schedule/event/freedombox/
">Freedombox
3897 1.0 by Eben Moglen and Bdale Garbee at Fosdem
2013</a
> (FOSDEM)
</li
>
3899 <li
><a href=
"http://www.youtube.com/watch?v=e1LpYX2zVYg
">What is the
3900 FreedomBox today by Bdale Garbee at Debconf13 in Vaumarcus
3901 2013</a
> (Youtube)
</li
>
3905 <p
>A larger list is available from
3906 <a href=
"https://wiki.debian.org/FreedomBox/TalksAndPresentations
">the
3907 Freedombox Wiki
</a
>.
</p
>
3909 <p
>On other news, I am happy to report that Freedombox based on Debian
3910 Jessie is coming along quite well, and soon both Owncloud and using
3911 Tor should be available for testers of the Freedombox solution. :) In
3912 a few weeks I hope everything needed to test it is included in Debian.
3913 The withsqlite package is already in Debian, and the plinth package is
3914 pending in NEW. The third and vital part of that puzzle is the
3915 metapackage/setup framework, which is still pending an upload. Join
3916 us on
<a href=
"irc://irc.debian.org:
6667/%
23freedombox
">IRC
3917 (#freedombox on irc.debian.org)
</a
> and
3918 <a href=
"http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
">the
3919 mailing list
</a
> if you want to help make this vision come true.
</p
>
3924 <title>Recipe to test the Freedombox project on amd64 or Raspberry Pi
</title>
3925 <link>http://people.skolelinux.org/pere/blog/Recipe_to_test_the_Freedombox_project_on_amd64_or_Raspberry_Pi.html
</link>
3926 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Recipe_to_test_the_Freedombox_project_on_amd64_or_Raspberry_Pi.html
</guid>
3927 <pubDate>Tue,
10 Sep
2013 14:
20:
00 +
0200</pubDate>
3928 <description><p
>I was introduced to the
3929 <a href=
"http://www.freedomboxfoundation.org/
">Freedombox project
</a
>
3930 in
2010, when Eben Moglen presented his vision about serving the need
3931 of non-technical people to keep their personal information private and
3932 within the legal protection of their own homes. The idea is to give
3933 people back the power over their network and machines, and return
3934 Internet back to its intended peer-to-peer architecture. Instead of
3935 depending on a central service, the Freedombox will give everyone
3936 control over their own basic infrastructure.
</p
>
3938 <p
>I
've intended to join the effort since then, but other tasks have
3939 taken priority. But this summers nasty news about the misuse of trust
3940 and privilege exercised by the
"western
" intelligence gathering
3941 communities increased my eagerness to contribute to a point where I
3942 actually started working on the project a while back.
</p
>
3944 <p
>The
<a href=
"https://alioth.debian.org/projects/freedombox/
">initial
3945 Debian initiative
</a
> based on the vision from Eben Moglen, is to
3946 create a simple and cheap Debian based appliance that anyone can hook
3947 up in their home and get access to secure and private services and
3948 communication. The initial deployment platform have been the
3949 <a href=
"http://www.globalscaletechnologies.com/t-dreamplugdetails.aspx
">Dreamplug
</a
>,
3950 which is a piece of hardware I do not own. So to be able to test what
3951 the current Freedombox setup look like, I had to come up with a way to install
3952 it on some hardware I do have access to. I have rewritten the
3953 <a href=
"https://github.com/NickDaly/freedom-maker
">freedom-maker
</a
>
3954 image build framework to use .deb packages instead of only copying
3955 setup into the boot images, and thanks to this rewrite I am able to
3956 set up any machine supported by Debian Wheezy as a Freedombox, using
3957 the previously mentioned deb (and a few support debs for packages
3958 missing in Debian).
</p
>
3960 <p
>The current Freedombox setup consist of a set of bootstrapping
3962 (
<a href=
"https://github.com/petterreinholdtsen/freedombox-setup
">freedombox-setup
</a
>),
3963 and a administrative web interface
3964 (
<a href=
"https://github.com/NickDaly/Plinth
">plinth
</a
> + exmachina +
3965 withsqlite), as well as a privacy enhancing proxy based on
3966 <a href=
"http://packages.qa.debian.org/privoxy
">privoxy
</a
>
3967 (freedombox-privoxy). There is also a web/javascript based XMPP
3968 client (
<a href=
"http://packages.qa.debian.org/jwchat
">jwchat
</a
>)
3969 trying (unsuccessfully so far) to talk to the XMPP server
3970 (
<a href=
"http://packages.qa.debian.org/ejabberd
">ejabberd
</a
>). The
3971 web interface is pluggable, and the goal is to use it to enable OpenID
3972 services, mesh network connectivity, use of TOR, etc, etc. Not much of
3973 this is really working yet, see
3974 <a href=
"https://github.com/NickDaly/freedombox-todos/blob/master/TODO
">the
3975 project TODO
</a
> for links to GIT repositories. Most of the code is
3976 on github at the moment. The HTTP proxy is operational out of the
3977 box, and the admin web interface can be used to add/remove plinth
3978 users. I
've not been able to do anything else with it so far, but
3979 know there are several branches spread around github and other places
3980 with lots of half baked features.
</p
>
3982 <p
>Anyway, if you want to have a look at the current state, the
3983 following recipes should work to give you a test machine to poke
3986 <p
><strong
>Debian Wheezy amd64
</strong
></p
>
3990 <li
>Fetch normal Debian Wheezy installation ISO.
</li
>
3991 <li
>Boot from it, either as CD or USB stick.
</li
>
3992 <li
><p
>Press [tab] on the boot prompt and add this as a boot argument
3993 to the Debian installer:
<p
>
3994 <pre
>url=
<a href=
"http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat
">http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat
</a
></pre
></li
>
3996 <li
>Answer the few language/region/password questions and pick disk to
3997 install on.
</li
>
3999 <li
>When the installation is finished and the machine have rebooted a
4000 few times, your Freedombox is ready for testing.
</li
>
4004 <p
><strong
>Raspberry Pi Raspbian
</strong
></p
>
4008 <li
>Fetch a Raspbian SD card image, create SD card.
</li
>
4009 <li
>Boot from SD card, extend file system to fill the card completely.
</li
>
4010 <li
><p
>Log in and add this to /etc/sources.list:
</p
>
4012 deb
<a href=
"http://www.reinholdtsen.name/freedombox/
">http://www.reinholdtsen.name/freedombox
</a
> wheezy main
4013 </pre
></li
>
4014 <li
><p
>Run this as root:
</p
>
4016 wget -O - http://www.reinholdtsen.name/freedombox/BE1A583D.asc | \
4019 apt-get install freedombox-setup
4020 /usr/lib/freedombox/setup
4021 </pre
></li
>
4022 <li
>Reboot into your freshly created Freedombox.
</li
>
4026 <p
>You can test it on other architectures too, but because the
4027 freedombox-privoxy package is binary, it will only work as intended on
4028 the architectures where I have had time to build the binary and put it
4029 in my APT repository. But do not let this stop you. It is only a
4030 short
"<tt
>apt-get source -b freedombox-privoxy
</tt
>" away. :)
</p
>
4032 <p
>Note that by default Freedombox is a DHCP server on the
4033 192.168.1.0/
24 subnet, so if this is your subnet be careful and turn
4034 off the DHCP server by running
"<tt
>update-rc.d isc-dhcp-server
4035 disable
</tt
>" as root.
</p
>
4037 <p
>Please let me know if this works for you, or if you have any
4038 problems. We gather on the IRC channel
4039 <a href=
"irc://irc.debian.org:
6667/%
23freedombox
">#freedombox
</a
> on
4040 irc.debian.org and the
4041 <a href=
"http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
">project
4042 mailing list
</a
>.
</p
>
4044 <p
>Once you get your freedombox operational, you can visit
4045 <tt
>http://your-host-name:
8001/
</tt
> to see the state of the plint
4046 welcome screen (dead end - do not be surprised if you are unable to
4047 get past it), and next visit
<tt
>http://your-host-name:
8001/help/
</tt
>
4048 to look at the rest of plinth. The default user is
'admin
' and the
4049 default password is
'secret
'.
</p
>
4054 <title>Intel
180 SSD disk with Lenovo firmware can not use Intel firmware
</title>
4055 <link>http://people.skolelinux.org/pere/blog/Intel_180_SSD_disk_with_Lenovo_firmware_can_not_use_Intel_firmware.html
</link>
4056 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Intel_180_SSD_disk_with_Lenovo_firmware_can_not_use_Intel_firmware.html
</guid>
4057 <pubDate>Sun,
18 Aug
2013 14:
00:
00 +
0200</pubDate>
4058 <description><p
>Earlier, I reported about
4059 <a href=
"http://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html
">my
4060 problems using an Intel SSD
520 Series
180 GB disk
</a
>. Friday I was
4061 told by IBM that the original disk should be thrown away. And as
4062 there no longer was a problem if I bricked the firmware, I decided
4063 today to try to install Intel firmware to replace the Lenovo firmware
4064 currently on the disk.
</p
>
4066 <p
>I searched the Intel site for firmware, and found
4067 <a href=
"https://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y
&ProdId=
3472&DwnldID=
18363&ProductFamily=Solid-State+Drives+and+Caching
&ProductLine=Intel%c2%ae+High+Performance+Solid-State+Drive
&ProductProduct=Intel%c2%ae+SSD+
520+Series+(
180GB%
2c+
2.5in+SATA+
6Gb%
2fs%
2c+
25nm%
2c+MLC)
&lang=eng
">issdfut_2.0
.4.iso
</a
>
4068 (aka Intel SATA Solid-State Drive Firmware Update Tool) which
4069 according to the site should contain the latest firmware for SSD
4070 disks. I inserted the broken disk in one of my spare laptops and
4071 booted the ISO from a USB stick. The disk was recognized, but the
4072 program claimed the newest firmware already were installed and refused
4073 to insert any Intel firmware. So no change, and the disk is still
4074 unable to handle write load. :( I guess the only way to get them
4075 working would be if Lenovo releases new firmware. No idea how likely
4076 that is. Anyway, just blogging about this test for completeness. I
4077 got a working Samsung disk, and see no point in spending more time on
4078 the broken disks.
</p
>
4083 <title>How to fix a Thinkpad X230 with a broken
180 GB SSD disk
</title>
4084 <link>http://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html
</link>
4085 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_fix_a_Thinkpad_X230_with_a_broken_180_GB_SSD_disk.html
</guid>
4086 <pubDate>Wed,
17 Jul
2013 23:
50:
00 +
0200</pubDate>
4087 <description><p
>Today I switched to
4088 <a href=
"http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html
">my
4089 new laptop
</a
>. I
've previously written about the problems I had with
4090 my new Thinkpad X230, which was delivered with an
4091 <a href=
"http://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html
">180
4092 GB Intel SSD disk with Lenovo firmware
</a
> that did not handle
4093 sustained writes. My hardware supplier have been very forthcoming in
4094 trying to find a solution, and after first trying with another
4095 identical
180 GB disks they decided to send me a
256 GB Samsung SSD
4096 disk instead to fix it once and for all. The Samsung disk survived
4097 the installation of Debian with encrypted disks (filling the disk with
4098 random data during installation killed the first two), and I thus
4099 decided to trust it with my data. I have installed it as a Debian Edu
4100 Wheezy roaming workstation hooked up with my Debian Edu Squeeze main
4101 server at home using Kerberos and LDAP, and will use it as my work
4102 station from now on.
</p
>
4104 <p
>As this is a solid state disk with no moving parts, I believe the
4105 Debian Wheezy default installation need to be tuned a bit to increase
4106 performance and increase life time of the disk. The Linux kernel and
4107 user space applications do not yet adjust automatically to such
4108 environment. To make it easier for my self, I created a draft Debian
4109 package
<tt
>ssd-setup
</tt
> to handle this tuning. The
4110 <a href=
"http://anonscm.debian.org/gitweb/?p=collab-maint/ssd-setup.git
">source
4111 for the ssd-setup package
</a
> is available from collab-maint, and it
4112 is set up to adjust the setup of the machine by just installing the
4113 package. If there is any non-SSD disk in the machine, the package
4114 will refuse to install, as I did not try to write any logic to sort
4115 file systems in SSD and non-SSD file systems.
</p
>
4117 <p
>I consider the package a draft, as I am a bit unsure how to best
4118 set up Debian Wheezy with an SSD. It is adjusted to my use case,
4119 where I set up the machine with one large encrypted partition (in
4120 addition to /boot), put LVM on top of this and set up partitions on
4121 top of this again. See the README file in the package source for the
4122 references I used to pick the settings. At the moment these
4123 parameters are tuned:
</p
>
4127 <li
>Set up cryptsetup to pass TRIM commands to the physical disk
4128 (adding discard to /etc/crypttab)
</li
>
4130 <li
>Set up LVM to pass on TRIM commands to the underlying device (in
4131 this case a cryptsetup partition) by changing issue_discards from
4132 0 to
1 in /etc/lvm/lvm.conf.
</li
>
4134 <li
>Set relatime as a file system option for ext3 and ext4 file
4137 <li
>Tell swap to use TRIM commands by adding
'discard
' to
4138 /etc/fstab.
</li
>
4140 <li
>Change I/O scheduler from cfq to deadline using a udev rule.
</li
>
4142 <li
>Run fstrim on every ext3 and ext4 file system every night (from
4143 cron.daily).
</li
>
4145 <li
>Adjust sysctl values vm.swappiness to
1 and vm.vfs_cache_pressure
4146 to
50 to reduce the kernel eagerness to swap out processes.
</li
>
4150 <p
>During installation, I cancelled the part where the installer fill
4151 the disk with random data, as this would kill the SSD performance for
4152 little gain. My goal with the encrypted file system is to ensure
4153 those stealing my laptop end up with a brick and not a working
4154 computer. I have no hope in keeping the really resourceful people
4155 from getting the data on the disk (see
4156 <a href=
"http://xkcd.com/
538/
">XKCD #
538</a
> for an explanation why).
4157 Thus I concluded that adding the discard option to crypttab is the
4158 right thing to do.
</p
>
4160 <p
>I considered using the noop I/O scheduler, as several recommended
4161 it for SSD, but others recommended deadline and a benchmark I found
4162 indicated that deadline might be better for interactive use.
</p
>
4164 <p
>I also considered using the
'discard
' file system option for ext3
4165 and ext4, but read that it would give a performance hit ever time a
4166 file is removed, and thought it best to that that slowdown once a day
4167 instead of during my work.
</p
>
4169 <p
>My package do not set up tmpfs on /var/run, /var/lock and /tmp, as
4170 this is already done by Debian Edu.
</p
>
4172 <p
>I have not yet started on the user space tuning. I expect
4173 iceweasel need some tuning, and perhaps other applications too, but
4174 have not yet had time to investigate those parts.
</p
>
4176 <p
>The package should work on Ubuntu too, but I have not yet tested it
4179 <p
>As for the answer to the question in the title of this blog post,
4180 as far as I know, the only solution I know about is to replace the
4181 disk. It might be possible to flash it with Intel firmware instead of
4182 the Lenovo firmware. But I have not tried and did not want to do so
4183 without approval from Lenovo as I wanted to keep the warranty on the
4184 disk until a solution was found and they wanted the broken disks
4190 <title>Intel SSD
520 Series
180 GB with Lenovo firmware still lock up from sustained writes
</title>
4191 <link>http://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html
</link>
4192 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Intel_SSD_520_Series_180_GB_with_Lenovo_firmware_still_lock_up_from_sustained_writes.html
</guid>
4193 <pubDate>Wed,
10 Jul
2013 13:
30:
00 +
0200</pubDate>
4194 <description><p
>A few days ago, I wrote about
4195 <a href=
"http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html
">the
4196 problems I experienced with my new X230 and its SSD disk
</a
>, which
4197 was dying during installation because it is unable to cope with
4198 sustained write. My supplier is in contact with
4199 <a href=
"http://www.lenovo.com/
">Lenovo
</a
>, and they wanted to send a
4200 replacement disk to try to fix the problem. They decided to send an
4201 identical model, so my hopes for a permanent fix was slim.
</p
>
4203 <p
>Anyway, today I got the replacement disk and tried to install
4204 Debian Edu Wheezy with encrypted disk on it. The new disk have the
4205 same firmware version as the original. This time my hope raised
4206 slightly as the installation progressed, as the original disk used to
4207 die after
4-
7% of the disk was written to, while this time it kept
4208 going past
10%,
20%,
40% and even past
50%. But around
60%, the disk
4209 died again and I was back on square one. I still do not have a new
4210 laptop with a disk I can trust. I can not live with a disk that might
4211 lock up when I download a new
4212 <a href=
"http://www.skolelinux.org/
">Debian Edu / Skolelinux
</a
> ISO or
4213 other large files. I look forward to hearing from my supplier with
4214 the next proposal from Lenovo.
</p
>
4216 <p
>The original disk is marked Intel SSD
520 Series
180 GB,
4217 11S0C38722Z1ZNME35X1TR, ISN: CVCV321407HB180EGN, SA: G57560302, FW:
4218 LF1i,
29MAY2013, PBA: G39779-
300, LBA
351,
651,
888, LI P/N:
0C38722,
4219 Pb-free
2LI, LC P/N:
16-
200366, WWN:
55CD2E40002756C4, Model:
4220 SSDSC2BW180A3L
2.5" 6Gb/s SATA SSD
180G
5V
1A, ASM P/N
0C38732, FRU
4221 P/N
45N8295, P0C38732.
</p
>
4223 <p
>The replacement disk is marked Intel SSD
520 Series
180 GB,
4224 11S0C38722Z1ZNDE34N0L0, ISN: CVCV315306RK180EGN, SA: G57560-
302, FW:
4225 LF1i,
22APR2013, PBA: G39779-
300, LBA
351,
651,
888, LI P/N:
0C38722,
4226 Pb-free
2LI, LC P/N:
16-
200366, WWN:
55CD2E40000AB69E, Model:
4227 SSDSC2BW180A3L
2.5" 6Gb/s SATA SSD
180G
5V
1A, ASM P/N
0C38732, FRU
4228 P/N
45N8295, P0C38732.
</p
>
4230 <p
>The only difference is in the first number (serial number?), ISN,
4231 SA, date and WNPP values. Mentioning all the details here in case
4232 someone is able to use the information to find a way to identify the
4233 failing disk among working ones (if any such working disk actually
4239 <title>July
13th: Debian/Ubuntu BSP and Skolelinux/Debian Edu developer gathering in Oslo
</title>
4240 <link>http://people.skolelinux.org/pere/blog/July_13th__Debian_Ubuntu_BSP_and_Skolelinux_Debian_Edu_developer_gathering_in_Oslo.html
</link>
4241 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/July_13th__Debian_Ubuntu_BSP_and_Skolelinux_Debian_Edu_developer_gathering_in_Oslo.html
</guid>
4242 <pubDate>Tue,
9 Jul
2013 10:
40:
00 +
0200</pubDate>
4243 <description><p
>The upcoming Saturday,
2013-
07-
13, we are organising a combined
4244 Debian Edu developer gathering and Debian and Ubuntu bug squashing
4245 party in Oslo. It is organised by
<a href=
"http://www.nuug.no/
">the
4246 member assosiation NUUG
</a
> and
4247 <a href=
"http://www.skolelinux.org/
">the Debian Edu / Skolelinux
4248 project
</a
> together with
<a href=
"http://bitraf.no/
">the hack space
4249 Bitraf
</a
>.
</p
>
4251 <p
>It starts
10:
00 and continue until late evening. Everyone is
4252 welcome, and there is no fee to participate. There is on the other
4253 hand limited space, and only room for
30 people. Please put your name
4254 on
<a href=
"http://wiki.debian.org/BSP/
2013/
07/
13/no/Oslo
">the event
4255 wiki page
</a
> if you plan to join us.
</p
>
4260 <title>The Thinkpad is dead, long live the Thinkpad X230?
</title>
4261 <link>http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html
</link>
4262 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230_.html
</guid>
4263 <pubDate>Fri,
5 Jul
2013 08:
30:
00 +
0200</pubDate>
4264 <description><p
>Half a year ago, I reported that I had to find a
4265 <a href=
"http://people.skolelinux.org/pere/blog/Thank_you_Thinkpad_X41__for_your_long_and_trustworthy_service.html
">replacement
4266 for my trusty old Thinkpad X41
</a
>. Unfortunately I did not have much
4267 time to spend on it, and it took a while to find a model I believe
4268 will do the job, but two days ago the replacement finally arrived. I
4270 <a href=
"http://www.linlap.com/lenovo_thinkpad_x230
">Thinkpad X230
</a
>
4271 with SSD disk (NZDAJMN). I first test installed Debian Edu Wheezy as
4272 a roaming workstation, and it seemed to work flawlessly. But my
4273 second installation with encrypted disk was not as successful. More
4274 on that below.
</p
>
4276 <p
>I had a hard time trying to track down a good laptop, as my most
4277 important requirements (robust and with a good keyboard) are never
4278 listed in the feature list. But I did get good help from the search
4279 feature at
<a href=
"http://www.prisjakt.no/
">Prisjakt
</a
>, which
4280 allowed me to limit the list of interesting laptops based on my other
4281 requirements. A bit surprising that SSD disk are not disks according
4282 to that search interface, so I had to drop specifying the number of
4283 disks from my search parameters. I also asked around among friends to
4284 get their impression on keyboards and robustness.
</p
>
4286 <p
>So the new laptop arrived, and it is quite a lot wider than the
4287 X41. I am not quite convinced about the keyboard, as it is
4288 significantly wider than my old keyboard, and I have to stretch my
4289 hand a lot more to reach the edges. But the key response is fairly
4290 good and the individual key shape is fairly easy to handle, so I hope
4291 I will get used to it. My old X40 was starting to fail, and I really
4292 needed a new laptop now. :)
</p
>
4294 <p
>Turning off the touch pad was simple. All it took was a quick
4295 visit to the BIOS during boot it disable it.
</p
>
4297 <p
>But there is a fatal problem with the laptop. The
180 GB SSD disk
4298 lock up during load. And this happen when installing Debian Wheezy
4299 with encrypted disk, while the disk is being filled with random data.
4300 I also tested to install Ubuntu Raring, and it happen there too if I
4301 reenable the code to fill the disk with random data (it is disabled by
4302 default in Ubuntu). And the bug with is already known. It was
4303 reported to Debian as
<a href=
"http://bugs.debian.org/
691427">BTS
4304 report #
691427 2012-
10-
25</a
> (journal commit I/O error on brand-new
4305 Thinkpad T430s ext4 on lvm on SSD). It is also reported to the Linux
4306 kernel developers as
4307 <a href=
"https://bugzilla.kernel.org/show_bug.cgi?id=
51861">Kernel bugzilla
4308 report #
51861 2012-
12-
20</a
> (Intel SSD
520 stops working under load
4309 (SSDSC2BW180A3L in Lenovo ThinkPad T430s)). It is also reported on the
4310 Lenovo forums, both for
4311 <a href=
"http://forums.lenovo.com/t5/T400-T500-and-newer-T-series/T430s-Intel-SSD-
520-
180GB-issue/m-p/
1070549">T430
4312 2012-
11-
10</a
> and for
4313 <a href=
"http://forums.lenovo.com/t5/X-Series-ThinkPad-Laptops/x230-SATA-errors-with-
180GB-Intel-
520-SSD-under-heavy-write-load/m-p/
1068147">X230
4314 03-
20-
2013</a
>. The problem do not only affect installation. The
4315 reports state that the disk lock up during use if many writes are done
4316 on the disk, so it is much no use to work around the installation
4317 problem and end up with a computer that can lock up at any moment.
4319 <a href=
"https://git.efficios.com/?p=test-ssd.git
">small C program
4320 available
</a
> that will lock up the hard drive after running a few
4321 minutes by writing to a file.
</p
>
4323 <p
>I
've contacted my supplier and asked how to handle this, and after
4324 contacting PCHELP Norway (request
01D1FDP) which handle support
4325 requests for Lenovo, his first suggestion was to upgrade the disk
4326 firmware. Unfortunately there is no newer firmware available from
4327 Lenovo, as my disk already have the most recent one (version LF1i). I
4328 hope to hear more from him today and hope the problem can be
4334 <title>The Thinkpad is dead, long live the Thinkpad X230
</title>
4335 <link>http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230.html
</link>
4336 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/The_Thinkpad_is_dead__long_live_the_Thinkpad_X230.html
</guid>
4337 <pubDate>Thu,
4 Jul
2013 09:
20:
00 +
0200</pubDate>
4338 <description><p
>Half a year ago, I reported that I had to find a replacement for my
4339 trusty old Thinkpad X41. Unfortunately I did not have much time to
4340 spend on it, but today the replacement finally arrived. I ended up
4341 picking a
<a href=
"http://www.linlap.com/lenovo_thinkpad_x230
">Thinkpad
4342 X230
</a
> with SSD disk (NZDAJMN). I first test installed Debian Edu
4343 Wheezy as a roaming workstation, and it worked flawlessly. As I write
4344 this, it is installing what I hope will be a more final installation,
4345 with a encrypted hard drive to ensure any dope head stealing it end up
4346 with an expencive door stop.
</p
>
4348 <p
>I had a hard time trying to track down a good laptop, as my most
4349 important requirements (robust and with a good keyboard) are never
4350 listed in the feature list. But I did get good help from the search
4351 feature at
<ahref=
"http://www.prisjakt.no/
">Prisjakt
</a
>, which
4352 allowed me to limit the list of interesting laptops based on my other
4353 requirements. A bit surprising that SSD disk are not disks, so I had
4354 to drop number of disks from my search parameters.
</p
>
4356 <p
>I am not quite convinced about the keyboard, as it is significantly
4357 wider than my old keyboard, and I have to stretch my hand a lot more
4358 to reach the edges. But the key response is fairly good and the
4359 individual key shape is fairly easy to handle, so I hope I will get
4360 used to it. My old X40 was starting to fail, and I really needed a
4361 new laptop now. :)
</p
>
4363 <p
>I look forward to figuring out how to turn off the touch pad.
</p
>
4368 <title>Automatically locate and install required firmware packages on Debian (Isenkram
0.4)
</title>
4369 <link>http://people.skolelinux.org/pere/blog/Automatically_locate_and_install_required_firmware_packages_on_Debian__Isenkram_0_4_.html
</link>
4370 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Automatically_locate_and_install_required_firmware_packages_on_Debian__Isenkram_0_4_.html
</guid>
4371 <pubDate>Tue,
25 Jun
2013 11:
50:
00 +
0200</pubDate>
4372 <description><p
>It annoys me when the computer fail to do automatically what it is
4373 perfectly capable of, and I have to do it manually to get things
4374 working. One such task is to find out what firmware packages are
4375 needed to get the hardware on my computer working. Most often this
4376 affect the wifi card, but some times it even affect the RAID
4377 controller or the ethernet card. Today I pushed version
0.4 of the
4378 <a href=
"http://packages.qa.debian.org/isenkram
">Isenkram package
</a
>
4379 including a new script isenkram-autoinstall-firmware handling the
4380 process of asking all the loaded kernel modules what firmware files
4381 they want, find debian packages providing these files and install the
4382 debian packages. Here is a test run on my laptop:
</p
>
4384 <p
><pre
>
4385 # isenkram-autoinstall-firmware
4386 info: kernel drivers requested extra firmware: ipw2200-bss.fw ipw2200-ibss.fw ipw2200-sniffer.fw
4387 info: fetching http://http.debian.net/debian/dists/squeeze/Contents-i386.gz
4388 info: locating packages with the requested firmware files
4389 info: Updating APT sources after adding non-free APT source
4390 info: trying to install firmware-ipw2x00
4393 Preconfiguring packages ...
4394 Selecting previously deselected package firmware-ipw2x00.
4395 (Reading database ...
259727 files and directories currently installed.)
4396 Unpacking firmware-ipw2x00 (from .../firmware-ipw2x00_0.28+squeeze1_all.deb) ...
4397 Setting up firmware-ipw2x00 (
0.28+squeeze1) ...
4399 </pre
></p
>
4401 <p
>When all the requested firmware is present, a simple message is
4402 printed instead:
</p
>
4404 <p
><pre
>
4405 # isenkram-autoinstall-firmware
4406 info: did not find any firmware files requested by loaded kernel modules. exiting
4408 </pre
></p
>
4410 <p
>It could use some polish, but it is already working well and saving
4411 me some time when setting up new machines. :)
</p
>
4413 <p
>So, how does it work? It look at the set of currently loaded
4414 kernel modules, and look up each one of them using modinfo, to find
4415 the firmware files listed in the module meta-information. Next, it
4416 download the Contents file from a nearby APT mirror, and search for
4417 the firmware files in this file to locate the package with the
4418 requested firmware file. If the package is in the non-free section, a
4419 non-free APT source is added and the package is installed using
4420 <tt
>apt-get install
</tt
>. The end result is a slightly better working
4423 <p
>I hope someone find time to implement a more polished version of
4424 this script as part of the hw-detect debian-installer module, to
4425 finally fix
<a href=
"http://bugs.debian.org/
655507">BTS report
4426 #
655507</a
>. There really is no need to insert USB sticks with
4427 firmware during a PXE install when the packages already are available
4428 from the nearby Debian mirror.
</p
>
4433 <title>Fixing the Linux black screen of death on machines with Intel HD video
</title>
4434 <link>http://people.skolelinux.org/pere/blog/Fixing_the_Linux_black_screen_of_death_on_machines_with_Intel_HD_video.html
</link>
4435 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Fixing_the_Linux_black_screen_of_death_on_machines_with_Intel_HD_video.html
</guid>
4436 <pubDate>Tue,
11 Jun
2013 11:
00:
00 +
0200</pubDate>
4437 <description><p
>When installing RedHat, Fedora, Debian and Ubuntu on some machines,
4438 the screen just turn black when Linux boot, either during installation
4439 or on first boot from the hard disk. I
've seen it once in a while the
4440 last few years, but only recently understood the cause. I
've seen it
4441 on HP laptops, and on my latest acquaintance the Packard Bell laptop.
4442 The reason seem to be in the wiring of some laptops. The system to
4443 control the screen background light is inverted, so when Linux try to
4444 turn the brightness fully on, it end up turning it off instead. I do
4445 not know which Linux drivers are affected, but this post is about the
4446 i915 driver used by the
4447 <a href=
"http://www.linlap.com/packard_bell_easynote_lv
">Packard Bell
4448 EasyNote LV
</a
>, Thinkpad X40 and many other laptops.
</p
>
4450 <p
>The problem can be worked around two ways. Either by adding
4451 i915.invert_brightness=
1 as a kernel option, or by adding a file in
4452 /etc/modprobe.d/ to tell modprobe to add the invert_brightness=
1
4453 option when it load the i915 kernel module. On Debian and Ubuntu, it
4454 can be done by running these commands as root:
</p
>
4457 echo options i915 invert_brightness=
1 | tee /etc/modprobe.d/i915.conf
4458 update-initramfs -u -k all
4461 <p
>Since March
2012 there is
4462 <a href=
"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=
4dca20efb1a9c2efefc28ad2867e5d6c3f5e1955
">a
4463 mechanism in the Linux kernel
</a
> to tell the i915 driver which
4464 hardware have this problem, and get the driver to invert the
4465 brightness setting automatically. To use it, one need to add a row in
4466 <a href=
"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/drivers/gpu/drm/i915/intel_display.c
">the
4467 intel_quirks array
</a
> in the driver source
4468 <tt
>drivers/gpu/drm/i915/intel_display.c
</tt
> (look for
"<tt
>static
4469 struct intel_quirk intel_quirks
</tt
>"), specifying the PCI device
4470 number (vendor number
8086 is assumed) and subdevice vendor and device
4473 <p
>My Packard Bell EasyNote LV got this output from
<tt
>lspci
4474 -vvnn
</tt
> for the video card in question:
</p
>
4476 <p
><pre
>
4477 00:
02.0 VGA compatible controller [
0300]: Intel Corporation \
4478 3rd Gen Core processor Graphics Controller [
8086:
0156] \
4479 (rev
09) (prog-if
00 [VGA controller])
4480 Subsystem: Acer Incorporated [ALI] Device [
1025:
0688]
4481 Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- \
4482 ParErr- Stepping- SE RR- FastB2B- DisINTx+
4483 Status: Cap+
66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast
>TAbort- \
4484 <TAbort-
<MAbort-
>SERR-
<PERR- INTx-
4486 Interrupt: pin A routed to IRQ
42
4487 Region
0: Memory at c2000000 (
64-bit, non-prefetchable) [size=
4M]
4488 Region
2: Memory at b0000000 (
64-bit, prefetchable) [size=
256M]
4489 Region
4: I/O ports at
4000 [size=
64]
4490 Expansion ROM at
<unassigned
> [disabled]
4491 Capabilities:
<access denied
>
4492 Kernel driver in use: i915
4493 </pre
></p
>
4495 <p
>The resulting intel_quirks entry would then look like this:
</p
>
4497 <p
><pre
>
4498 struct intel_quirk intel_quirks[] = {
4500 /* Packard Bell EasyNote LV11HC needs invert brightness quirk */
4501 {
0x0156,
0x1025,
0x0688, quirk_invert_brightness },
4504 </pre
></p
>
4506 <p
>According to the kernel module instructions (as seen using
4507 <tt
>modinfo i915
</tt
>), information about hardware needing the
4508 invert_brightness flag should be sent to the
4509 <a href=
"http://lists.freedesktop.org/mailman/listinfo/dri-devel
">dri-devel
4510 (at) lists.freedesktop.org
</a
> mailing list to reach the kernel
4511 developers. But my email about the laptop sent
2013-
06-
03 have not
4513 <a href=
"http://lists.freedesktop.org/archives/dri-devel/
2013-June/thread.html
">the
4514 web archive for the mailing list
</a
>, so I suspect they do not accept
4515 emails from non-subscribers. Because of this, I sent my patch also to
4516 the Debian bug tracking system instead as
4517 <a href=
"http://bugs.debian.org/
710938">BTS report #
710938</a
>, to make
4518 sure the patch is not lost.
</p
>
4520 <p
>Unfortunately, it is not enough to fix the kernel to get Laptops
4521 with this problem working properly with Linux. If you use Gnome, your
4522 worries should be over at this point. But if you use KDE, there is
4523 something in KDE ignoring the invert_brightness setting and turning on
4524 the screen during login. I
've reported it to Debian as
4525 <a href=
"http://bugs.debian.org/
711237">BTS report #
711237</a
>, and
4526 have no idea yet how to figure out exactly what subsystem is doing
4527 this. Perhaps you can help? Perhaps you know what the Gnome
4528 developers did to handle this, and this can give a clue to the KDE
4529 developers? Or you know where in KDE the screen brightness is changed
4530 during login? If so, please update the BTS report (or get in touch if
4531 you do not know how to update BTS).
</p
>
4533 <p
>Update
2013-
07-
19: The correct fix for this machine seem to be
4534 acpi_backlight=vendor, to disable ACPI backlight support completely,
4535 as the ACPI information on the machine is trash and it is better to
4536 leave it to the intel video driver to control the screen
4537 backlight.
</p
>
4542 <title>How to install Linux on a Packard Bell Easynote LV preinstalled with Windows
8</title>
4543 <link>http://people.skolelinux.org/pere/blog/How_to_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8.html
</link>
4544 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8.html
</guid>
4545 <pubDate>Mon,
27 May
2013 15:
20:
00 +
0200</pubDate>
4546 <description><p
>Two days ago, I asked
4547 <a href=
"http://people.skolelinux.org/pere/blog/How_can_I_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8_.html
">how
4548 I could install Linux on a Packard Bell EasyNote LV computer
4549 preinstalled with Windows
8</a
>. I found a solution, but am horrified
4550 with the obstacles put in the way of Linux users on a laptop with UEFI
4551 and Windows
8.
</p
>
4553 <p
>I never found out if the cause of my problems were the use of UEFI
4554 secure booting or fast boot. I suspect fast boot was the problem,
4555 causing the firmware to boot directly from HD without considering any
4556 key presses and alternative devices, but do not know UEFI settings
4557 enough to tell.
</p
>
4559 <p
>There is no way to install Linux on the machine in question without
4560 opening the box and disconnecting the hard drive! This is as far as I
4561 can tell, the only way to get access to the firmware setup menu
4562 without accepting the Windows
8 license agreement. I am told (and
4563 found description on how to) that it is possible to configure the
4564 firmware setup once booted into Windows
8. But as I believe the terms
4565 of that agreement are completely unacceptable, accepting the license
4566 was never an alternative. I do not enter agreements I do not intend
4567 to follow.
</p
>
4569 <p
>I feared I had to return the laptops and ask for a refund, and
4570 waste many hours on this, but luckily there was a way to get it to
4571 work. But I would not recommend it to anyone planning to run Linux on
4572 it, and I have become sceptical to Windows
8 certified laptops. Is
4573 this the way Linux will be forced out of the market place, by making
4574 it close to impossible for
"normal
" users to install Linux without
4575 accepting the Microsoft Windows license terms? Or at least not
4576 without risking to loose the warranty?
</p
>
4578 <p
>I
've updated the
4579 <a href=
"http://www.linlap.com/packard_bell_easynote_lv
">Linux Laptop
4580 wiki page for Packard Bell EasyNote LV
</a
>, to ensure the next person
4581 do not have to struggle as much as I did to get Linux into the
4584 <p
>Thanks to Bob Rosbag, Florian Weimer, Philipp Kern, Ben Hutching,
4585 Michael Tokarev and others for feedback and ideas.
</p
>
4590 <title>How can I install Linux on a Packard Bell Easynote LV preinstalled with Windows
8?
</title>
4591 <link>http://people.skolelinux.org/pere/blog/How_can_I_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8_.html
</link>
4592 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_can_I_install_Linux_on_a_Packard_Bell_Easynote_LV_preinstalled_with_Windows_8_.html
</guid>
4593 <pubDate>Sat,
25 May
2013 18:
20:
00 +
0200</pubDate>
4594 <description><p
>I
've run into quite a problem the last few days. I bought three
4595 new laptops for my parents and a few others. I bought Packard Bell
4596 Easynote LV to run Kubuntu on and use as their home computer. But I
4597 am completely unable to figure out how to install Linux on it. The
4598 computer is preinstalled with Windows
8, and I suspect it uses UEFI
4599 instead of a BIOS to boot.
</p
>
4601 <p
>The problem is that I am unable to get it to PXE boot, and unable
4602 to get it to boot the Linux installer from my USB stick. I have yet
4603 to try the DVD install, and still hope it will work. when I turn on
4604 the computer, there is no information on what buttons to press to get
4605 the normal boot menu. I expect to get some boot menu to select PXE or
4606 USB stick booting. When booting, it first ask for the language to
4607 use, then for some regional settings, and finally if I will accept the
4608 Windows
8 terms of use. As these terms are completely unacceptable to
4609 me, I have no other choice but to turn off the computer and try again
4610 to get it to boot the Linux installer.
</p
>
4612 <p
>I have gathered my findings so far on a Linlap page about the
4613 <a href=
"http://www.linlap.com/packard_bell_easynote_lv
">Packard Bell
4614 EasyNote LV
</a
> model. If you have any idea how to get Linux
4615 installed on this machine, please get in touch or update that wiki
4616 page. If I can
't find a way to install Linux, I will have to return
4617 the laptop to the seller and find another machine for my parents.
</p
>
4619 <p
>I wonder, is this the way Linux will be forced out of the market
4620 using UEFI and
"secure boot
" by making it impossible to install Linux
4621 on new Laptops?
</p
>
4626 <title>How to transform a Debian based system to a Debian Edu installation
</title>
4627 <link>http://people.skolelinux.org/pere/blog/How_to_transform_a_Debian_based_system_to_a_Debian_Edu_installation.html
</link>
4628 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_transform_a_Debian_based_system_to_a_Debian_Edu_installation.html
</guid>
4629 <pubDate>Fri,
17 May
2013 11:
50:
00 +
0200</pubDate>
4630 <description><p
><a href=
"http://www.skolelinux.org/
">Debian Edu / Skolelinux
</a
> is
4631 an operating system based on Debian intended for use in schools. It
4632 contain a turn-key solution for the computer network provided to
4633 pupils in the primary schools. It provide both the central server,
4634 network boot servers and desktop environments with heaps of
4635 educational software. The project was founded almost
12 years ago,
4636 2001-
07-
02. If you want to support the project, which is in need for
4637 cash to fund developer gatherings and other project related activity,
4638 <a href=
"http://www.linuxiskolen.no/slxdebianlabs/donations.html
">please
4639 donate some money
</a
>.
4641 <p
>A topic that come up again and again on the Debian Edu mailing
4642 lists and elsewhere, is the question on how to transform a Debian or
4643 Ubuntu installation into a Debian Edu installation. It isn
't very
4644 hard, and last week I wrote a script to replicate the steps done by
4645 the Debian Edu installer.
</p
>
4647 <p
>The script,
4648 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/branches/wheezy/debian-edu-config/share/debian-edu-config/tools/debian-edu-bless?view=markup
">debian-edu-bless
<a/
>
4649 in the debian-edu-config package, will go through these six steps and
4650 transform an existing Debian Wheezy or Ubuntu (untested) installation
4651 into a Debian Edu Workstation:
</p
>
4655 <li
>Add skolelinux related APT sources.
</li
>
4656 <li
>Create /etc/debian-edu/config with the wanted configuration.
</li
>
4657 <li
>Install debian-edu-install to load preseeding values and pull in
4658 our configuration.
</li
>
4659 <li
>Preseed debconf database with profile setup in
4660 /etc/debian-edu/config, and run tasksel to install packages
4661 according to the profile specified in the config above,
4662 overriding some of the Debian automation machinery.
</li
>
4663 <li
>Run debian-edu-cfengine-D installation to configure everything
4664 that could not be done using preseeding.
</li
>
4665 <li
>Ask for a reboot to enable all the configuration changes.
</li
>
4669 <p
>There are some steps in the Debian Edu installation that can not be
4670 replicated like this. Disk partitioning and LVM setup, for example.
4671 So this script just assume there is enough disk space to install all
4672 the needed packages.
</p
>
4674 <p
>The script was created to help a Debian Edu student working on
4675 setting up
<a href=
"http://www.raspberrypi.org
">Raspberry Pi
</a
> as a
4676 Debian Edu client, and using it he can take the existing
4677 <a href=
"http://www.raspbian.org/FrontPage
">Raspbian
</a
> installation and
4678 transform it into a fully functioning Debian Edu Workstation (or
4679 Roaming Workstation, or whatever :).
</p
>
4681 <p
>The default setting in the script is to create a KDE Workstation.
4682 If a LXDE based Roaming workstation is wanted instead, modify the
4683 PROFILE and DESKTOP values at the top to look like this instead:
</p
>
4685 <p
><pre
>
4686 PROFILE=
"Roaming-Workstation
"
4687 DESKTOP=
"lxde
"
4688 </pre
></p
>
4690 <p
>The script could even become useful to set up Debian Edu servers in
4691 the cloud, by starting with a virtual Debian installation at some
4692 virtual hosting service and setting up all the services on first
4698 <title>Debian, the Linux distribution of choice for LEGO designers?
</title>
4699 <link>http://people.skolelinux.org/pere/blog/Debian__the_Linux_distribution_of_choice_for_LEGO_designers_.html
</link>
4700 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian__the_Linux_distribution_of_choice_for_LEGO_designers_.html
</guid>
4701 <pubDate>Sat,
11 May
2013 20:
30:
00 +
0200</pubDate>
4702 <description><P
>In January,
4703 <a href=
"http://people.skolelinux.org/pere/blog/New_IRC_channel_for_LEGO_designers_using_Debian.html
">I
4704 announced a
</a
> new
<a href=
"irc://irc.debian.org/%
23debian-lego
">IRC
4705 channel #debian-lego
</a
>, for those of us in the Debian and Linux
4706 community interested in
<a href=
"http://www.lego.com/
">LEGO
</a
>, the
4707 marvellous construction system from Denmark. We also created
4708 <a href=
"http://wiki.debian.org/LegoDesigners
">a wiki page
</a
> to have
4709 a place to take notes and write down our plans and hopes. And several
4710 people showed up to help. I was very happy to see the effect of my
4711 call. Since the small start, we have a debtags tag
4712 <a href=
"http://debtags.debian.net/search/bytag?wl=hardware::hobby:lego
">hardware::hobby:lego
</a
>
4713 tag for LEGO related packages, and now count
10 packages related to
4714 LEGO and
<a href=
"http://mindstorms.lego.com/
">Mindstorms
</a
>:
</p
>
4716 <p
><table
>
4717 <tr
><td
><a href=
"http://packages.qa.debian.org/brickos
">brickos
</a
></td
><td
>alternative OS for LEGO Mindstorms RCX. Supports development in C/C++
</td
></tr
>
4718 <tr
><td
><a href=
"http://packages.qa.debian.org/leocad
">leocad
</a
></td
><td
>virtual brick CAD software
</td
></tr
>
4719 <tr
><td
><a href=
"http://packages.qa.debian.org/libnxt
">libnxt
</a
></td
><td
>utility library for talking to the LEGO Mindstorms NX
</td
></tr
>
4720 <tr
><td
><a href=
"http://packages.qa.debian.org/lnpd
">lnpd
</a
></td
><td
>daemon for LNP communication with BrickOS
</td
></tr
>
4721 <tr
><td
><a href=
"http://packages.qa.debian.org/nbc
">nbc
</a
></td
><td
>compiler for LEGO Mindstorms NXT bricks
</td
></tr
>
4722 <tr
><td
><a href=
"http://packages.qa.debian.org/nqc
">nqc
</a
></td
><td
>Not Quite C compiler for LEGO Mindstorms RCX
</td
></tr
>
4723 <tr
><td
><a href=
"http://packages.qa.debian.org/python-nxt
">python-nxt
</a
></td
><td
>python driver/interface/wrapper for the Lego Mindstorms NXT robot
</td
></tr
>
4724 <tr
><td
><a href=
"http://packages.qa.debian.org/python-nxt-filer
">python-nxt-filer
</a
></td
><td
>simple GUI to manage files on a LEGO Mindstorms NXT
</td
></tr
>
4725 <tr
><td
><a href=
"http://packages.qa.debian.org/scratch
">scratch
</a
></td
><td
>easy to use programming environment for ages
8 and up
</td
></tr
>
4726 <tr
><td
><a href=
"http://packages.qa.debian.org/t2n
">t2n
</a
></td
><td
>simple command-line tool for Lego NXT
</td
></tr
>
4727 </table
></p
>
4729 <p
>Some of these are available in Wheezy, and all but one are
4730 currently available in Jessie/testing. leocad is so far only
4731 available in experimental.
</p
>
4733 <p
>If you care about LEGO in Debian, please join us on IRC and help
4734 adding the rest of the great free software tools available on Linux
4735 for LEGO designers.
</p
>
4740 <title>Debian Wheezy is out - and Debian Edu / Skolelinux should soon follow! #newinwheezy
</title>
4741 <link>http://people.skolelinux.org/pere/blog/Debian_Wheezy_is_out___and_Debian_Edu___Skolelinux_should_soon_follow___newinwheezy.html
</link>
4742 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_Wheezy_is_out___and_Debian_Edu___Skolelinux_should_soon_follow___newinwheezy.html
</guid>
4743 <pubDate>Sun,
5 May
2013 07:
40:
00 +
0200</pubDate>
4744 <description><p
>When I woke up this morning, I was very happy to see that the
4745 <a href=
"http://www.debian.org/News/
2013/
20130504">release announcement
4746 for Debian Wheezy
</a
> was waiting in my mail box. This is a great
4747 Debian release, and I expect to move my machines at home over to it fairly
4750 <p
>The new debian release contain heaps of new stuff, and one program
4751 in particular make me very happy to see included. The
4752 <a href=
"http://scratch.mit.edu/
">Scratch
</a
> program, made famous by
4753 the
<a href=
"http://www.code.org/
">Teach kids code
</a
> movement, is
4754 included for the first time. Alongside similar programs like
4755 <a href=
"http://edu.kde.org/kturtle/
">kturtle
</a
> and
4756 <a href=
"http://wiki.sugarlabs.org/go/Activities/Turtle_Art
">turtleart
</a
>,
4757 it allow for visual programming where syntax errors can not happen,
4758 and a friendly programming environment for learning to control the
4759 computer. Scratch will also be included in the next release of Debian
4762 <p
>And now that Wheezy is wrapped up, we can wrap up the next Debian
4763 Edu/Skolelinux release too. The
4764 <a href=
"http://lists.debian.org/debian-edu/
2013/
04/msg00132.html
">first
4765 alpha release
</a
> went out last week, and the next should soon
4771 <title>Isenkram
0.2 finally in the Debian archive
</title>
4772 <link>http://people.skolelinux.org/pere/blog/Isenkram_0_2_finally_in_the_Debian_archive.html
</link>
4773 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Isenkram_0_2_finally_in_the_Debian_archive.html
</guid>
4774 <pubDate>Wed,
3 Apr
2013 23:
40:
00 +
0200</pubDate>
4775 <description><p
>Today the
<a href=
"http://packages.qa.debian.org/isenkram
">Isenkram
4776 package
</a
> finally made it into the archive, after lingering in NEW
4777 for many months. I uploaded it to the Debian experimental suite
4778 2013-
01-
27, and today it was accepted into the archive.
</p
>
4780 <p
>Isenkram is a system for suggesting to users what packages to
4781 install to work with a pluggable hardware device. The suggestion pop
4782 up when the device is plugged in. For example if a Lego Mindstorm NXT
4783 is inserted, it will suggest to install the program needed to program
4784 the NXT controller. Give it a go, and report bugs and suggestions to
4790 <title>Bitcoin GUI now available from Debian/unstable (and Ubuntu/raring)
</title>
4791 <link>http://people.skolelinux.org/pere/blog/Bitcoin_GUI_now_available_from_Debian_unstable__and_Ubuntu_raring_.html
</link>
4792 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Bitcoin_GUI_now_available_from_Debian_unstable__and_Ubuntu_raring_.html
</guid>
4793 <pubDate>Sat,
2 Feb
2013 09:
00:
00 +
0100</pubDate>
4794 <description><p
>My
4795 <a href=
"http://people.skolelinux.org/pere/blog/How_to_backport_bitcoin_qt_version_0_7_2_2_to_Debian_Squeeze.html
">last
4796 bitcoin related blog post
</a
> mentioned that the new
4797 <a href=
"http://packages.qa.debian.org/bitcoin
">bitcoin package
</a
> for
4798 Debian was waiting in NEW. It was accepted by the Debian ftp-masters
4799 2013-
01-
19, and have been available in unstable since then. It was
4800 automatically copied to Ubuntu, and is available in their Raring
4801 version too.
</p
>
4803 <p
>But there is a strange problem with the build that block this new
4804 version from being available on the i386 and kfreebsd-i386
4805 architectures. For some strange reason, the autobuilders in Debian
4806 for these architectures fail to run the test suite on these
4807 architectures (
<a href=
"http://bugs.debian.org/
672524">BTS #
672524</a
>).
4808 We are so far unable to reproduce it when building it manually, and
4809 no-one have been able to propose a fix. If you got an idea what is
4810 failing, please let us know via the BTS.
</p
>
4812 <p
>One feature that is annoying me with of the bitcoin client, because
4813 I often run low on disk space, is the fact that the client will exit
4814 if it run short on space (
<a href=
"http://bugs.debian.org/
696715">BTS
4815 #
696715</a
>). So make sure you have enough disk space when you run
4818 <p
>As usual, if you use bitcoin and want to show your support of my
4819 activities, please send Bitcoin donations to my address
4820 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
&label=PetterReinholdtsenBlog
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
4825 <title>Welcome to the world, Isenkram!
</title>
4826 <link>http://people.skolelinux.org/pere/blog/Welcome_to_the_world__Isenkram_.html
</link>
4827 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Welcome_to_the_world__Isenkram_.html
</guid>
4828 <pubDate>Tue,
22 Jan
2013 22:
00:
00 +
0100</pubDate>
4829 <description><p
>Yesterday, I
4830 <a href=
"http://people.skolelinux.org/pere/blog/First_prototype_ready_making_hardware_easier_to_use_in_Debian.html
">asked
4831 for testers
</a
> for my prototype for making Debian better at handling
4832 pluggable hardware devices, which I
4833 <a href=
"http://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
">set
4834 out to create
</a
> earlier this month. Several valuable testers showed
4835 up, and caused me to really want to to open up the development to more
4836 people. But before I did this, I want to come up with a sensible name
4837 for this project. Today I finally decided on a new name, and I have
4838 renamed the project from hw-support-handler to this new name. In the
4839 process, I moved the source to git and made it available as a
4840 <a href=
"http://anonscm.debian.org/gitweb/?p=collab-maint/isenkram.git
">collab-maint
</a
>
4841 repository in Debian. The new name? It is
<strong
>Isenkram
</strong
>.
4842 To fetch and build the latest version of the source, use
</p
>
4845 git clone http://anonscm.debian.org/git/collab-maint/isenkram.git
4846 cd isenkram
&& git-buildpackage -us -uc
4849 <p
>I have not yet adjusted all files to use the new name yet. If you
4850 want to hack on the source or improve the package, please go ahead.
4851 But please talk to me first on IRC or via email before you do major
4852 changes, to make sure we do not step on each others toes. :)
</p
>
4854 <p
>If you wonder what
'isenkram
' is, it is a Norwegian word for iron
4855 stuff, typically meaning tools, nails, screws, etc. Typical hardware
4856 stuff, in other words. I
've been told it is the Norwegian variant of
4857 the German word eisenkram, for those that are familiar with that
4860 <p
><strong
>Update
2013-
01-
26</strong
>: Added -us -us to build
4861 instructions, to avoid confusing people with an error from the signing
4864 <p
><strong
>Update
2013-
01-
27</strong
>: Switch to HTTP URL for the git
4865 clone argument to avoid the need for authentication.
</p
>
4870 <title>First prototype ready making hardware easier to use in Debian
</title>
4871 <link>http://people.skolelinux.org/pere/blog/First_prototype_ready_making_hardware_easier_to_use_in_Debian.html
</link>
4872 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/First_prototype_ready_making_hardware_easier_to_use_in_Debian.html
</guid>
4873 <pubDate>Mon,
21 Jan
2013 12:
00:
00 +
0100</pubDate>
4874 <description><p
>Early this month I set out to try to
4875 <a href=
"http://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
">improve
4876 the Debian support for pluggable hardware devices
</a
>. Now my
4877 prototype is working, and it is ready for a larger audience. To test
4879 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/
">source
4880 from the Debian Edu subversion repository
</a
>, build and install the
4881 package. You might have to log out and in again activate the
4882 autostart script.
</p
>
4884 <p
>The design is simple:
</p
>
4888 <li
>Add desktop entry in /usr/share/autostart/ causing a program
4889 hw-support-handlerd to start when the user log in.
</li
>
4891 <li
>This program listen for kernel events about new hardware (directly
4892 from the kernel like udev does), not using HAL dbus events as I
4893 initially did.
</li
>
4895 <li
>When new hardware is inserted, look up the hardware modalias in
4896 the APT database, a database
4897 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/modaliases?view=markup
">available
4898 via HTTP
</a
> and a database available as part of the package.
</li
>
4900 <li
>If a package is mapped to the hardware in question, the package
4901 isn
't installed yet and this is the first time the hardware was
4902 plugged in, show a desktop notification suggesting to install the
4903 package or packages.
</li
>
4905 <li
>If the user click on the
'install package now
' button, ask
4906 aptdaemon via the PackageKit API to install the requrired package.
</li
>
4908 <li
>aptdaemon ask for root password or sudo password, and install the
4909 package while showing progress information in a window.
</li
>
4913 <p
>I still need to come up with a better name for the system. Here
4914 are some screen shots showing the prototype in action. First the
4915 notification, then the password request, and finally the request to
4916 approve all the dependencies. Sorry for the Norwegian Bokmål GUI.
</p
>
4918 <p
><img src=
"http://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
1-notification.png
">
4919 <br
><img src=
"http://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
2-password.png
">
4920 <br
><img src=
"http://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
3-dependencies.png
">
4921 <br
><img src=
"http://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
4-installing.png
">
4922 <br
><img src=
"http://people.skolelinux.org/pere/blog/images/
2013-
01-
21-hw-support-
5-installing-details.png
" width=
"70%
"></p
>
4924 <p
>The prototype still need to be improved with longer timeouts, but
4925 is already useful. The database of hardware to package mappings also
4926 need more work. It is currently compatible with the Ubuntu way of
4927 storing such information in the package control file, but could be
4928 changed to use other formats instead or in addition to the current
4929 method. I
've dropped the use of discover for this mapping, as the
4930 modalias approach is more flexible and easier to use on Linux as long
4931 as the Linux kernel expose its modalias strings directly.
</p
>
4933 <p
><strong
>Update
2013-
01-
21 16:
50</strong
>: Due to popular demand,
4934 here is the command required to check out and build the source: Use
4935 '<tt
>svn checkout
4936 svn://svn.debian.org/debian-edu/trunk/src/hw-support-handler/; cd
4937 hw-support-handler; debuild
</tt
>'. If you lack debuild, install the
4938 devscripts package.
</p
>
4940 <p
><strong
>Update
2013-
01-
23 12:
00</strong
>: The project is now
4941 renamed to Isenkram and the source moved from the Debian Edu
4942 subversion repository to a Debian collab-maint git repository. See
4943 <a href=
"http://people.skolelinux.org/pere/blog/Welcome_to_the_world__Isenkram_.html
">build
4944 instructions
</a
> for details.
</p
>
4949 <title>Thank you Thinkpad X41, for your long and trustworthy service
</title>
4950 <link>http://people.skolelinux.org/pere/blog/Thank_you_Thinkpad_X41__for_your_long_and_trustworthy_service.html
</link>
4951 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Thank_you_Thinkpad_X41__for_your_long_and_trustworthy_service.html
</guid>
4952 <pubDate>Sat,
19 Jan
2013 09:
20:
00 +
0100</pubDate>
4953 <description><p
>This Christmas my trusty old laptop died. It died quietly and
4954 suddenly in bed. With a quiet whimper, it went completely quiet and
4955 black. The power button was no longer able to turn it on. It was a
4956 IBM Thinkpad X41, and the best laptop I ever had. Better than both
4957 Thinkpads X30, X31, X40, X60, X61 and X61S. Far better than the
4958 Compaq I had before that. Now I need to find a replacement. To keep
4959 going during Christmas, I moved the one year old SSD disk to my old
4960 X40 where it fitted (only one I had left that could use it), but it is
4961 not a durable solution.
4963 <p
>My laptop needs are fairly modest. This is my wishlist from when I
4964 got a new one more than
10 years ago. It still holds true.:)
</p
>
4968 <li
>Lightweight (around
1 kg) and small volume (preferably smaller
4969 than A4).
</li
>
4970 <li
>Robust, it will be in my backpack every day.
</li
>
4971 <li
>Three button mouse and a mouse pin instead of touch pad.
</li
>
4972 <li
>Long battery life time. Preferable a week.
</li
>
4973 <li
>Internal WIFI network card.
</li
>
4974 <li
>Internal Twisted Pair network card.
</li
>
4975 <li
>Some USB slots (
2-
3 is plenty)
</li
>
4976 <li
>Good keyboard - similar to the Thinkpad.
</li
>
4977 <li
>Video resolution at least
1024x768, with size around
12" (A4 paper
4979 <li
>Hardware supported by Debian Stable, ie the default kernel and
4980 X.org packages.
</li
>
4981 <li
>Quiet, preferably fan free (or at least not using the fan most of
4986 <p
>You will notice that there are no RAM and CPU requirements in the
4987 list. The reason is simply that the specifications on laptops the
4988 last
10-
15 years have been sufficient for my needs, and I have to look
4989 at other features to choose my laptop. But are there still made as
4990 robust laptops as my X41? The Thinkpad X60/X61 proved to be less
4991 robust, and Thinkpads seem to be heading in the wrong direction since
4992 Lenovo took over. But I
've been told that X220 and X1 Carbon might
4993 still be useful.
</p
>
4995 <p
>Perhaps I should rethink my needs, and look for a pad with an
4996 external keyboard? I
'll have to check the
4997 <a href=
"http://www.linux-laptop.net/
">Linux Laptops site
</a
> for
4998 well-supported laptops, or perhaps just buy one preinstalled from one
4999 of the vendors listed on the
<a href=
"http://linuxpreloaded.com/
">Linux
5000 Pre-loaded site
</a
>.
</p
>
5005 <title>How to find a browser plugin supporting a given MIME type
</title>
5006 <link>http://people.skolelinux.org/pere/blog/How_to_find_a_browser_plugin_supporting_a_given_MIME_type.html
</link>
5007 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_find_a_browser_plugin_supporting_a_given_MIME_type.html
</guid>
5008 <pubDate>Fri,
18 Jan
2013 10:
40:
00 +
0100</pubDate>
5009 <description><p
>Some times I try to figure out which Iceweasel browser plugin to
5010 install to get support for a given MIME type. Thanks to
5011 <a href=
"https://wiki.ubuntu.com/MozillaTeam/Plugins
">specifications
5012 done by Ubuntu
</a
> and Mozilla, it is possible to do this in Debian.
5013 Unfortunately, not very many packages provide the needed meta
5014 information, Anyway, here is a small script to look up all browser
5015 plugin packages announcing ther MIME support using this specification:
</p
>
5021 def pkgs_handling_mimetype(mimetype):
5026 version = pkg.candidate
5028 version = pkg.installed
5031 record = version.record
5032 if not record.has_key(
'Npp-MimeType
'):
5034 mime_types = record[
'Npp-MimeType
'].split(
',
')
5035 for t in mime_types:
5036 t = t.rstrip().strip()
5038 thepkgs.append(pkg.name)
5040 mimetype =
"audio/ogg
"
5041 if
1 < len(sys.argv):
5042 mimetype = sys.argv[
1]
5043 print
"Browser plugin packages supporting %s:
" % mimetype
5044 for pkg in pkgs_handling_mimetype(mimetype):
5045 print
" %s
" %pkg
5048 <p
>It can be used like this to look up a given MIME type:
</p
>
5051 % ./apt-find-browserplug-for-mimetype
5052 Browser plugin packages supporting audio/ogg:
5054 % ./apt-find-browserplug-for-mimetype application/x-shockwave-flash
5055 Browser plugin packages supporting application/x-shockwave-flash:
5056 browser-plugin-gnash
5060 <p
>In Ubuntu this mechanism is combined with support in the browser
5061 itself to query for plugins and propose to install the needed
5062 packages. It would be great if Debian supported such feature too. Is
5063 anyone working on adding it?
</p
>
5065 <p
><strong
>Update
2013-
01-
18 14:
20</strong
>: The Debian BTS
5066 request for icweasel support for this feature is
5067 <a href=
"http://bugs.debian.org/
484010">#
484010</a
> from
2008 (and
5068 <a href=
"http://bugs.debian.org/
698426">#
698426</a
> from today). Lack
5069 of manpower and wish for a different design is the reason thus feature
5070 is not yet in iceweasel from Debian.
</p
>
5075 <title>What is the most supported MIME type in Debian?
</title>
5076 <link>http://people.skolelinux.org/pere/blog/What_is_the_most_supported_MIME_type_in_Debian_.html
</link>
5077 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/What_is_the_most_supported_MIME_type_in_Debian_.html
</guid>
5078 <pubDate>Wed,
16 Jan
2013 10:
10:
00 +
0100</pubDate>
5079 <description><p
>The
<a href=
"http://wiki.debian.org/AppStreamDebianProposal
">DEP-
11
5080 proposal to add AppStream information to the Debian archive
</a
>, is a
5081 proposal to make it possible for a Desktop application to propose to
5082 the user some package to install to gain support for a given MIME
5083 type, font, library etc. that is currently missing. With such
5084 mechanism in place, it would be possible for the desktop to
5085 automatically propose and install leocad if some LDraw file is
5086 downloaded by the browser.
</p
>
5088 <p
>To get some idea about the current content of the archive, I decided
5089 to write a simple program to extract all .desktop files from the
5090 Debian archive and look up the claimed MIME support there. The result
5092 <a href=
"http://ftp.skolelinux.org/pub/AppStreamTest
">Skolelinux FTP
5093 site
</a
>. Using the collected information, it become possible to
5094 answer the question in the title. Here are the
20 most supported MIME
5095 types in Debian stable (Squeeze), testing (Wheezy) and unstable (Sid).
5096 The complete list is available from the link above.
</p
>
5098 <p
><strong
>Debian Stable:
</strong
></p
>
5102 ----- -----------------------
5118 18 application/x-ogg
5125 <p
><strong
>Debian Testing:
</strong
></p
>
5129 ----- -----------------------
5145 18 application/x-ogg
5152 <p
><strong
>Debian Unstable:
</strong
></p
>
5156 ----- -----------------------
5173 18 application/x-ogg
5179 <p
>I am told that PackageKit can provide an API to access the kind of
5180 information mentioned in DEP-
11. I have not yet had time to look at
5181 it, but hope the PackageKit people in Debian are on top of these
5184 <p
><strong
>Update
2013-
01-
16 13:
35</strong
>: Updated numbers after
5185 discovering a typo in my script.
</p
>
5190 <title>Using modalias info to find packages handling my hardware
</title>
5191 <link>http://people.skolelinux.org/pere/blog/Using_modalias_info_to_find_packages_handling_my_hardware.html
</link>
5192 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Using_modalias_info_to_find_packages_handling_my_hardware.html
</guid>
5193 <pubDate>Tue,
15 Jan
2013 08:
00:
00 +
0100</pubDate>
5194 <description><p
>Yesterday, I wrote about the
5195 <a href=
"http://people.skolelinux.org/pere/blog/Modalias_strings___a_practical_way_to_map__stuff__to_hardware.html
">modalias
5196 values provided by the Linux kernel
</a
> following my hope for
5197 <a href=
"http://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
">better
5198 dongle support in Debian
</a
>. Using this knowledge, I have tested how
5199 modalias values attached to package names can be used to map packages
5200 to hardware. This allow the system to look up and suggest relevant
5201 packages when I plug in some new hardware into my machine, and replace
5202 discover and discover-data as the database used to map hardware to
5205 <p
>I create a modaliases file with entries like the following,
5206 containing package name, kernel module name (if relevant, otherwise
5207 the package name) and globs matching the relevant hardware
5210 <p
><blockquote
>
5211 Package: package-name
5212 <br
>Modaliases: module(modaliasglob, modaliasglob, modaliasglob)
</p
>
5213 </blockquote
></p
>
5215 <p
>It is fairly trivial to write code to find the relevant packages
5216 for a given modalias value using this file.
</p
>
5218 <p
>An entry like this would suggest the video and picture application
5219 cheese for many USB web cameras (interface bus class
0E01):
</p
>
5221 <p
><blockquote
>
5223 <br
>Modaliases: cheese(usb:v*p*d*dc*dsc*dp*ic0Eisc01ip*)
</p
>
5224 </blockquote
></p
>
5226 <p
>An entry like this would suggest the pcmciautils package when a
5227 CardBus bridge (bus class
0607) PCI device is present:
</p
>
5229 <p
><blockquote
>
5230 Package: pcmciautils
5231 <br
>Modaliases: pcmciautils(pci:v*d*sv*sd*bc06sc07i*)
5232 </blockquote
></p
>
5234 <p
>An entry like this would suggest the package colorhug-client when
5235 plugging in a ColorHug with USB IDs
04D8:F8DA:
</p
>
5237 <p
><blockquote
>
5238 Package: colorhug-client
5239 <br
>Modaliases: colorhug-client(usb:v04D8pF8DAd*)
</p
>
5240 </blockquote
></p
>
5242 <p
>I believe the format is compatible with the format of the Packages
5243 file in the Debian archive. Ubuntu already uses their Packages file
5244 to store their mappings from packages to hardware.
</p
>
5246 <p
>By adding a XB-Modaliases: header in debian/control, any .deb can
5247 announce the hardware it support in a way my prototype understand.
5248 This allow those publishing packages in an APT source outside the
5249 Debian archive as well as those backporting packages to make sure the
5250 hardware mapping are included in the package meta information. I
've
5251 tested such header in the pymissile package, and its modalias mapping
5252 is working as it should with my prototype. It even made it to Ubuntu
5255 <p
>To test if it was possible to look up supported hardware using only
5256 the shell tools available in the Debian installer, I wrote a shell
5257 implementation of the lookup code. The idea is to create files for
5258 each modalias and let the shell do the matching. Please check out and
5260 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/hw-support-lookup?view=co
">hw-support-lookup
</a
>
5261 shell script. It run without any extra dependencies and fetch the
5262 hardware mappings from the Debian archive and the subversion
5263 repository where I currently work on my prototype.
</p
>
5265 <p
>When I use it on a machine with a yubikey inserted, it suggest to
5266 install yubikey-personalization:
</p
>
5268 <p
><blockquote
>
5269 % ./hw-support-lookup
5270 <br
>yubikey-personalization
5272 </blockquote
></p
>
5274 <p
>When I run it on my Thinkpad X40 with a PCMCIA/CardBus slot, it
5275 propose to install the pcmciautils package:
</p
>
5277 <p
><blockquote
>
5278 % ./hw-support-lookup
5279 <br
>pcmciautils
5281 </blockquote
></p
>
5283 <p
>If you know of any hardware-package mapping that should be added to
5284 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/modaliases?view=co
">my
5285 database
</a
>, please tell me about it.
</p
>
5287 <p
>It could be possible to generate several of the mappings between
5288 packages and hardware. One source would be to look at packages with
5289 kernel modules, ie packages with *.ko files in /lib/modules/, and
5290 extract their modalias information. Another would be to look at
5291 packages with udev rules, ie packages with files in
5292 /lib/udev/rules.d/, and extract their vendor/model information to
5293 generate a modalias matching rule. I have not tested any of these to
5294 see if it work.
</p
>
5296 <p
>If you want to help implementing a system to let us propose what
5297 packages to install when new hardware is plugged into a Debian
5298 machine, please send me an email or talk to me on
5299 <a href=
"irc://irc.debian.org/%
23debian-devel
">#debian-devel
</a
>.
</p
>
5304 <title>Modalias strings - a practical way to map
"stuff
" to hardware
</title>
5305 <link>http://people.skolelinux.org/pere/blog/Modalias_strings___a_practical_way_to_map__stuff__to_hardware.html
</link>
5306 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Modalias_strings___a_practical_way_to_map__stuff__to_hardware.html
</guid>
5307 <pubDate>Mon,
14 Jan
2013 11:
20:
00 +
0100</pubDate>
5308 <description><p
>While looking into how to look up Debian packages based on hardware
5309 information, to find the packages that support a given piece of
5310 hardware, I refreshed my memory regarding modalias values, and decided
5311 to document the details. Here are my findings so far, also available
5313 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/
">the
5314 Debian Edu subversion repository
</a
>:
5316 <p
><strong
>Modalias decoded
</strong
></p
>
5318 <p
>This document try to explain what the different types of modalias
5319 values stands for. It is in part based on information from
5320 &lt;URL:
<a href=
"https://wiki.archlinux.org/index.php/Modalias
">https://wiki.archlinux.org/index.php/Modalias
</a
> &gt;,
5321 &lt;URL:
<a href=
"http://unix.stackexchange.com/questions/
26132/how-to-assign-usb-driver-to-device
">http://unix.stackexchange.com/questions/
26132/how-to-assign-usb-driver-to-device
</a
> &gt;,
5322 &lt;URL:
<a href=
"http://code.metager.de/source/history/linux/stable/scripts/mod/file2alias.c
">http://code.metager.de/source/history/linux/stable/scripts/mod/file2alias.c
</a
> &gt; and
5323 &lt;URL:
<a href=
"http://cvs.savannah.gnu.org/viewvc/dmidecode/dmidecode.c?root=dmidecode
&view=markup
">http://cvs.savannah.gnu.org/viewvc/dmidecode/dmidecode.c?root=dmidecode
&view=markup
</a
> &gt;.
5325 <p
>The modalias entries for a given Linux machine can be found using
5326 this shell script:
</p
>
5329 find /sys -name modalias -print0 | xargs -
0 cat | sort -u
5332 <p
>The supported modalias globs for a given kernel module can be found
5333 using modinfo:
</p
>
5336 % /sbin/modinfo psmouse | grep alias:
5337 alias: serio:ty05pr*id*ex*
5338 alias: serio:ty01pr*id*ex*
5342 <p
><strong
>PCI subtype
</strong
></p
>
5344 <p
>A typical PCI entry can look like this. This is an Intel Host
5345 Bridge memory controller:
</p
>
5347 <p
><blockquote
>
5348 pci:v00008086d00002770sv00001028sd000001ADbc06sc00i00
5349 </blockquote
></p
>
5351 <p
>This represent these values:
</p
>
5356 sv
00001028 (subvendor)
5357 sd
000001AD (subdevice)
5359 sc
00 (bus subclass)
5363 <p
>The vendor/device values are the same values outputted from
'lspci
5364 -n
' as
8086:
2770. The bus class/subclass is also shown by lspci as
5365 0600. The
0600 class is a host bridge. Other useful bus values are
5366 0300 (VGA compatible card) and
0200 (Ethernet controller).
</p
>
5368 <p
>Not sure how to figure out the interface value, nor what it
5371 <p
><strong
>USB subtype
</strong
></p
>
5373 <p
>Some typical USB entries can look like this. This is an internal
5374 USB hub in a laptop:
</p
>
5376 <p
><blockquote
>
5377 usb:v1D6Bp0001d0206dc09dsc00dp00ic09isc00ip00
5378 </blockquote
></p
>
5380 <p
>Here is the values included in this alias:
</p
>
5383 v
1D6B (device vendor)
5384 p
0001 (device product)
5386 dc
09 (device class)
5387 dsc
00 (device subclass)
5388 dp
00 (device protocol)
5389 ic
09 (interface class)
5390 isc
00 (interface subclass)
5391 ip
00 (interface protocol)
5394 <p
>The
0900 device class/subclass means hub. Some times the relevant
5395 class is in the interface class section. For a simple USB web camera,
5396 these alias entries show up:
</p
>
5398 <p
><blockquote
>
5399 usb:v0AC8p3420d5000dcEFdsc02dp01ic01isc01ip00
5400 <br
>usb:v0AC8p3420d5000dcEFdsc02dp01ic01isc02ip00
5401 <br
>usb:v0AC8p3420d5000dcEFdsc02dp01ic0Eisc01ip00
5402 <br
>usb:v0AC8p3420d5000dcEFdsc02dp01ic0Eisc02ip00
5403 </blockquote
></p
>
5405 <p
>Interface class
0E01 is video control,
0E02 is video streaming (aka
5406 camera),
0101 is audio control device and
0102 is audio streaming (aka
5407 microphone). Thus this is a camera with microphone included.
</p
>
5409 <p
><strong
>ACPI subtype
</strong
></p
>
5411 <p
>The ACPI type is used for several non-PCI/USB stuff. This is an IR
5412 receiver in a Thinkpad X40:
</p
>
5414 <p
><blockquote
>
5415 acpi:IBM0071:PNP0511:
5416 </blockquote
></p
>
5418 <p
>The values between the colons are IDs.
</p
>
5420 <p
><strong
>DMI subtype
</strong
></p
>
5422 <p
>The DMI table contain lots of information about the computer case
5423 and model. This is an entry for a IBM Thinkpad X40, fetched from
5424 /sys/devices/virtual/dmi/id/modalias:
</p
>
5426 <p
><blockquote
>
5427 dmi:bvnIBM:bvr1UETB6WW(
1.66):bd06/
15/
2005:svnIBM:pn2371H4G:pvrThinkPadX40:rvnIBM:rn2371H4G:rvrNotAvailable:cvnIBM:ct10:cvrNotAvailable:
5428 </blockquote
></p
>
5430 <p
>The values present are
</p
>
5433 bvn IBM (BIOS vendor)
5434 bvr
1UETB
6WW(
1.66) (BIOS version)
5435 bd
06/
15/
2005 (BIOS date)
5436 svn IBM (system vendor)
5437 pn
2371H4G (product name)
5438 pvr ThinkPadX40 (product version)
5439 rvn IBM (board vendor)
5440 rn
2371H4G (board name)
5441 rvr NotAvailable (board version)
5442 cvn IBM (chassis vendor)
5443 ct
10 (chassis type)
5444 cvr NotAvailable (chassis version)
5447 <p
>The chassis type
10 is Notebook. Other interesting values can be
5448 found in the dmidecode source:
</p
>
5452 4 Low Profile Desktop
5465 17 Main Server Chassis
5466 18 Expansion Chassis
5468 20 Bus Expansion Chassis
5469 21 Peripheral Chassis
5471 23 Rack Mount Chassis
5480 <p
>The chassis type values are not always accurately set in the DMI
5481 table. For example my home server is a tower, but the DMI modalias
5482 claim it is a desktop.
</p
>
5484 <p
><strong
>SerIO subtype
</strong
></p
>
5486 <p
>This type is used for PS/
2 mouse plugs. One example is from my
5487 test machine:
</p
>
5489 <p
><blockquote
>
5490 serio:ty01pr00id00ex00
5491 </blockquote
></p
>
5493 <p
>The values present are
</p
>
5502 <p
>This type is supported by the psmouse driver. I am not sure what
5503 the valid values are.
</p
>
5505 <p
><strong
>Other subtypes
</strong
></p
>
5507 <p
>There are heaps of other modalias subtypes according to
5508 file2alias.c. There is the rest of the list from that source: amba,
5509 ap, bcma, ccw, css, eisa, hid, i2c, ieee1394, input, ipack, isapnp,
5510 mdio, of, parisc, pcmcia, platform, scsi, sdio, spi, ssb, vio, virtio,
5511 vmbus, x86cpu and zorro. I did not spend time documenting all of
5512 these, as they do not seem relevant for my intended use with mapping
5513 hardware to packages when new stuff is inserted during run time.
</p
>
5515 <p
><strong
>Looking up kernel modules using modalias values
</strong
></p
>
5517 <p
>To check which kernel modules provide support for a given modalias,
5518 one can use the following shell script:
</p
>
5521 for id in $(find /sys -name modalias -print0 | xargs -
0 cat | sort -u); do \
5522 echo
"$id
" ; \
5523 /sbin/modprobe --show-depends
"$id
"|sed
's/^/ /
' ; \
5527 <p
>The output can look like this (only the first few entries as the
5528 list is very long on my test machine):
</p
>
5532 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/acpi/ac.ko
5534 FATAL: Module acpi:device: not found.
5536 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/char/nvram.ko
5537 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/leds/led-class.ko
5538 insmod /lib/modules/
2.6.32-
5-
686/kernel/net/rfkill/rfkill.ko
5539 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/platform/x86/thinkpad_acpi.ko
5540 acpi:IBM0071:PNP0511:
5541 insmod /lib/modules/
2.6.32-
5-
686/kernel/lib/crc-ccitt.ko
5542 insmod /lib/modules/
2.6.32-
5-
686/kernel/net/irda/irda.ko
5543 insmod /lib/modules/
2.6.32-
5-
686/kernel/drivers/net/irda/nsc-ircc.ko
5547 <p
>If you want to help implementing a system to let us propose what
5548 packages to install when new hardware is plugged into a Debian
5549 machine, please send me an email or talk to me on
5550 <a href=
"irc://irc.debian.org/%
23debian-devel
">#debian-devel
</a
>.
</p
>
5552 <p
><strong
>Update
2013-
01-
15:
</strong
> Rewrite
"cat $(find ...)
" to
5553 "find ... -print0 | xargs -
0 cat
" to make sure it handle directories
5554 in /sys/ with space in them.
</p
>
5559 <title>Moved the pymissile Debian packaging to collab-maint
</title>
5560 <link>http://people.skolelinux.org/pere/blog/Moved_the_pymissile_Debian_packaging_to_collab_maint.html
</link>
5561 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Moved_the_pymissile_Debian_packaging_to_collab_maint.html
</guid>
5562 <pubDate>Thu,
10 Jan
2013 20:
40:
00 +
0100</pubDate>
5563 <description><p
>As part of my investigation on how to improve the support in Debian
5564 for hardware dongles, I dug up my old Mark and Spencer USB Rocket
5565 Launcher and updated the Debian package
5566 <a href=
"http://packages.qa.debian.org/pymissile
">pymissile
</a
> to make
5567 sure udev will fix the device permissions when it is plugged in. I
5568 also added a
"Modaliases
" header to test it in the Debian archive and
5569 hopefully make the package be proposed by jockey in Ubuntu when a user
5570 plug in his rocket launcher. In the process I moved the source to a
5571 git repository under collab-maint, to make it easier for any DD to
5572 contribute.
<a href=
"http://code.google.com/p/pymissile/
">Upstream
</a
>
5573 is not very active, but the software still work for me even after five
5574 years of relative silence. The new git repository is not listed in
5575 the uploaded package yet, because I want to test the other changes a
5576 bit more before I upload the new version. If you want to check out
5577 the new version with a .desktop file included, visit the
5578 <a href=
"http://anonscm.debian.org/gitweb/?p=collab-maint/pymissile.git
">gitweb
5579 view
</a
> or use
"<tt
>git clone
5580 git://anonscm.debian.org/collab-maint/pymissile.git
</tt
>".
</p
>
5585 <title>Lets make hardware dongles easier to use in Debian
</title>
5586 <link>http://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
</link>
5587 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Lets_make_hardware_dongles_easier_to_use_in_Debian.html
</guid>
5588 <pubDate>Wed,
9 Jan
2013 15:
40:
00 +
0100</pubDate>
5589 <description><p
>One thing that annoys me with Debian and Linux distributions in
5590 general, is that there is a great package management system with the
5591 ability to automatically install software packages by downloading them
5592 from the distribution mirrors, but no way to get it to automatically
5593 install the packages I need to use the hardware I plug into my
5594 machine. Even if the package to use it is easily available from the
5595 Linux distribution. When I plug in a LEGO Mindstorms NXT, it could
5596 suggest to automatically install the python-nxt, nbc and t2n packages
5597 I need to talk to it. When I plug in a Yubikey, it could propose the
5598 yubikey-personalization package. The information required to do this
5599 is available, but no-one have pulled all the pieces together.
</p
>
5601 <p
>Some years ago, I proposed to
5602 <a href=
"http://lists.debian.org/debian-devel/
2010/
05/msg01206.html
">use
5603 the discover subsystem to implement this
</a
>. The idea is fairly
5608 <li
>Add a desktop entry in /usr/share/autostart/ pointing to a program
5609 starting when a user log in.
</li
>
5611 <li
>Set this program up to listen for kernel events emitted when new
5612 hardware is inserted into the computer.
</li
>
5614 <li
>When new hardware is inserted, look up the hardware ID in a
5615 database mapping to packages, and take note of any non-installed
5616 packages.
</li
>
5618 <li
>Show a message to the user proposing to install the discovered
5619 package, and make it easy to install it.
</li
>
5623 <p
>I am not sure what the best way to implement this is, but my
5624 initial idea was to use dbus events to discover new hardware, the
5625 discover database to find packages and
5626 <a href=
"http://www.packagekit.org/
">PackageKit
</a
> to install
5629 <p
>Yesterday, I found time to try to implement this idea, and the
5630 draft package is now checked into
5631 <a href=
"http://anonscm.debian.org/viewvc/debian-edu/trunk/src/hw-support-handler/
">the
5632 Debian Edu subversion repository
</a
>. In the process, I updated the
5633 <a href=
"http://packages.qa.debian.org/d/discover-data.html
">discover-data
</a
>
5634 package to map the USB ids of LEGO Mindstorms and Yubikey devices to
5635 the relevant packages in Debian, and uploaded a new version
5636 2.2013.01.09 to unstable. I also discovered that the current
5637 <a href=
"http://packages.qa.debian.org/d/discover.html
">discover
</a
>
5638 package in Debian no longer discovered any USB devices, because
5639 /proc/bus/usb/devices is no longer present. I ported it to use
5640 libusb as a fall back option to get it working. The fixed package
5641 version
2.1.2-
6 is now in experimental (didn
't upload it to unstable
5642 because of the freeze).
</p
>
5644 <p
>With this prototype in place, I can insert my Yubikey, and get this
5645 desktop notification to show up (only once, the first time it is
5646 inserted):
</p
>
5648 <p align=
"center
"><img src=
"http://people.skolelinux.org/pere/blog/images/
2013-
01-
09-hw-autoinstall.png
"></p
>
5650 <p
>For this prototype to be really useful, some way to automatically
5651 install the proposed packages by pressing the
"Please install
5652 program(s)
" button should to be implemented.
</p
>
5654 <p
>If this idea seem useful to you, and you want to help make it
5655 happen, please help me update the discover-data database with mappings
5656 from hardware to Debian packages. Check if
'discover-pkginstall -l
'
5657 list the package you would like to have installed when a given
5658 hardware device is inserted into your computer, and report bugs using
5659 reportbug if it isn
't. Or, if you know of a better way to provide
5660 such mapping, please let me know.
</p
>
5662 <p
>This prototype need more work, and there are several questions that
5663 should be considered before it is ready for production use. Is dbus
5664 the correct way to detect new hardware? At the moment I look for HAL
5665 dbus events on the system bus, because that is the events I could see
5666 on my Debian Squeeze KDE desktop. Are there better events to use?
5667 How should the user be notified? Is the desktop notification
5668 mechanism the best option, or should the background daemon raise a
5669 popup instead? How should packages be installed? When should they
5670 not be installed?
</p
>
5672 <p
>If you want to help getting such feature implemented in Debian,
5673 please send me an email. :)
</p
>
5678 <title>New IRC channel for LEGO designers using Debian
</title>
5679 <link>http://people.skolelinux.org/pere/blog/New_IRC_channel_for_LEGO_designers_using_Debian.html
</link>
5680 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_IRC_channel_for_LEGO_designers_using_Debian.html
</guid>
5681 <pubDate>Wed,
2 Jan
2013 15:
40:
00 +
0100</pubDate>
5682 <description><p
>During Christmas, I have worked a bit on the Debian support for
5683 <a href=
"http://mindstorms.lego.com/en-us/Default.aspx
">LEGO Mindstorm
5684 NXT
</a
>. My son and I have played a bit with my NXT set, and I
5685 discovered I had to build all the tools myself because none were
5686 already in Debian Squeeze. If Debian support for LEGO is something
5687 you care about, please join me on the IRC channel
5688 <a href=
"irc://irc.debian.org/%
23debian-lego
">#debian-lego
</a
> (server
5689 irc.debian.org). There is a lot that could be done to improve the
5690 Debian support for LEGO designers. For example both CAD software
5691 and Mindstorm compilers are missing. :)
</p
>
5693 <p
>Update
2012-
01-
03: A
5694 <a href=
"http://wiki.debian.org/LegoDesigners
">project page
</a
>
5695 including links to Lego related packages is now available.
</p
>
5700 <title>How to backport bitcoin-qt version
0.7.2-
2 to Debian Squeeze
</title>
5701 <link>http://people.skolelinux.org/pere/blog/How_to_backport_bitcoin_qt_version_0_7_2_2_to_Debian_Squeeze.html
</link>
5702 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_backport_bitcoin_qt_version_0_7_2_2_to_Debian_Squeeze.html
</guid>
5703 <pubDate>Tue,
25 Dec
2012 20:
50:
00 +
0100</pubDate>
5704 <description><p
>Let me start by wishing you all marry Christmas and a happy new
5705 year! I hope next year will prove to be a good year.
</p
>
5707 <p
><a href=
"http://www.bitcoin.org/
">Bitcoin
</a
>, the digital
5708 decentralised
"currency
" that allow people to transfer bitcoins
5709 between each other with minimal overhead, is a very interesting
5710 experiment. And as I wrote a few days ago, the bitcoin situation in
5711 <a href=
"http://www.debian.org/
">Debian
</a
> is about to improve a bit.
5712 The
<a href=
"http://packages.qa.debian.org/bitcoin
">new debian source
5713 package
</a
> (version
0.7.2-
2) was uploaded yesterday, and is waiting
5714 in
<a href=
"http://ftp-master.debian.org/new.html
">the NEW queue
</A
>
5715 for one of the ftpmasters to approve the new bitcoin-qt package
5718 <p
>And thanks to the great work of Jonas and the rest of the bitcoin
5719 team in Debian, you can easily test the package in Debian Squeeze
5720 using the following steps to get a set of working packages:
</p
>
5722 <blockquote
><pre
>
5723 git clone git://git.debian.org/git/collab-maint/bitcoin
5725 DEB_MAINTAINER_MODE=
1 DEB_BUILD_OPTIONS=noupnp fakeroot debian/rules clean
5726 DEB_BUILD_OPTIONS=noupnp git-buildpackage --git-ignore-new
5727 </pre
></blockquote
>
5729 <p
>You might have to install some build dependencies as well. The
5730 list of commands should give you two packages, bitcoind and
5731 bitcoin-qt, ready for use in a Squeeze environment. Note that the
5732 client will download the complete set of bitcoin
"blocks
", which need
5733 around
5.6 GiB of data on my machine at the moment. Make sure your
5734 ~/.bitcoin/ directory have lots of spare room if you want to download
5735 all the blocks. The client will warn if the disk is getting full, so
5736 there is not really a problem if you got too little room, but you will
5737 not be able to get all the features out of the client.
</p
>
5739 <p
>As usual, if you use bitcoin and want to show your support of my
5740 activities, please send Bitcoin donations to my address
5741 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
&label=PetterReinholdtsenBlog
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
5746 <title>A word on bitcoin support in Debian
</title>
5747 <link>http://people.skolelinux.org/pere/blog/A_word_on_bitcoin_support_in_Debian.html
</link>
5748 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/A_word_on_bitcoin_support_in_Debian.html
</guid>
5749 <pubDate>Fri,
21 Dec
2012 23:
59:
00 +
0100</pubDate>
5750 <description><p
>It has been a while since I wrote about
5751 <a href=
"http://www.bitcoin.org/
">bitcoin
</a
>, the decentralised
5752 peer-to-peer based crypto-currency, and the reason is simply that I
5753 have been busy elsewhere. But two days ago, I started looking at the
5754 state of
<a href=
"http://packages.qa.debian.org/bitcoin
">bitcoin in
5755 Debian
</a
> again to try to recover my old bitcoin wallet. The package
5756 is now maintained by a
5757 <a href=
"https://alioth.debian.org/projects/pkg-bitcoin/
">team of
5758 people
</a
>, and the grunt work had already been done by this team. We
5759 owe a huge thank you to all these team members. :)
5760 But I was sad to discover that the bitcoin client is missing in
5761 Wheezy. It is only available in Sid (and an outdated client from
5762 backports). The client had several RC bugs registered in BTS blocking
5763 it from entering testing. To try to help the team and improve the
5764 situation, I spent some time providing patches and triaging the bug
5765 reports. I also had a look at the bitcoin package available from Matt
5767 <a href=
"https://launchpad.net/~bitcoin/+archive/bitcoin
">PPA for
5768 Ubuntu
</a
>, and moved the useful pieces from that version into the
5769 Debian package.
</p
>
5771 <p
>After checking with the main package maintainer Jonas Smedegaard on
5772 IRC, I pushed several patches into the collab-maint git repository to
5773 improve the package. It now contains fixes for the RC issues (not from
5774 me, but fixed by Scott Howard), build rules for a Qt GUI client
5775 package, konqueror support for the bitcoin: URI and bash completion
5776 setup. As I work on Debian Squeeze, I also created
5777 <a href=
"http://lists.alioth.debian.org/pipermail/pkg-bitcoin-devel/Week-of-Mon-
20121217/
000041.html
">a
5778 patch to backport
</a
> the latest version. Jonas is going to look at
5779 it and try to integrate it into the git repository before uploading a
5780 new version to unstable.
5782 <p
>I would very much like bitcoin to succeed, to get rid of the
5783 centralized control currently exercised in the monetary system. I
5784 find it completely unacceptable that the USA government is collecting
5785 transaction data for almost all international money transfers (most are done in USD and transaction logs shipped to the spooks), and
5786 that the major credit card companies can block legal money
5787 transactions to Wikileaks. But for bitcoin to succeed, more people
5788 need to use bitcoins, and more people need to accept bitcoins when
5789 they sell products and services. Improving the bitcoin support in
5790 Debian is a small step in the right direction, but not enough.
5791 Unfortunately the user experience when browsing the web and wanting to
5792 pay with bitcoin is still not very good. The bitcoin: URI is a step
5793 in the right direction, but need to work in most or every browser in
5794 use. Also the bitcoin-qt client is too heavy to fire up to do a
5795 quick transaction. I believe there are other clients available, but
5796 have not tested them.
</p
>
5799 <a href=
"http://people.skolelinux.org/pere/blog/Now_accepting_bitcoins___anonymous_and_distributed_p2p_crypto_money.html
">experiment
5800 with bitcoins
</a
> showed that at least some of my readers use bitcoin.
5801 I received
20.15 BTC so far on the address I provided in my blog two
5802 years ago, as can be
5803 <a href=
"http://blockexplorer.com/address/
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">seen
5804 on the blockexplorer service
</a
>. Thank you everyone for your
5805 donation. The blockexplorer service demonstrates quite well that
5806 bitcoin is not quite anonymous and untracked. :) I wonder if the
5807 number of users have gone up since then. If you use bitcoin and want
5808 to show your support of my activity, please send Bitcoin donations to
5809 the same address as last time,
5810 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
&label=PetterReinholdtsenBlog
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
5815 <title>Git repository for song book for Computer Scientists
</title>
5816 <link>http://people.skolelinux.org/pere/blog/Git_repository_for_song_book_for_Computer_Scientists.html
</link>
5817 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Git_repository_for_song_book_for_Computer_Scientists.html
</guid>
5818 <pubDate>Fri,
7 Sep
2012 13:
50:
00 +
0200</pubDate>
5819 <description><p
>As I
5820 <a href=
"http://people.skolelinux.org/pere/blog/Song_book_for_Computer_Scientists.html
">mentioned
5821 this summer
</a
>, I have created a Computer Science song book a few
5822 years ago, and today I finally found time to create a public
5823 <a href=
"https://gitorious.org/pere-cs-songbook/pere-cs-songbook
">Gitorious
5824 repository for the project
</a
>.
</p
>
5826 <p
>If you want to help out, please clone the source and submit patches
5827 to the HTML version. To generate the PDF and PostScript version,
5828 please use prince XML, or let me know about a useful free software
5829 processor capable of creating a good looking PDF from the HTML.
</p
>
5831 <p
>Want to sing? You can still find the song book in HTML, PDF and
5832 PostScript formats at
5833 <a href=
"http://www.hungry.com/~pere/cs-songbook/
">Petter
's Computer
5834 Science Songbook
</a
>.
</p
>
5839 <title>Gratulerer med
19-årsdagen, Debian!
</title>
5840 <link>http://people.skolelinux.org/pere/blog/Gratulerer_med_19__rsdagen__Debian_.html
</link>
5841 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Gratulerer_med_19__rsdagen__Debian_.html
</guid>
5842 <pubDate>Thu,
16 Aug
2012 11:
20:
00 +
0200</pubDate>
5843 <description><p
>I dag fyller
5844 <a href=
"http://www.debian.org/News/
2012/
20120813">Debian-prosjektet
19
5845 år
</a
>. Jeg har fulgt det de siste
12 årene, og er veldig glad for å kunne
5846 si gratulerer med dagen, Debian!
</p
>
5851 <title>Song book for Computer Scientists
</title>
5852 <link>http://people.skolelinux.org/pere/blog/Song_book_for_Computer_Scientists.html
</link>
5853 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Song_book_for_Computer_Scientists.html
</guid>
5854 <pubDate>Sun,
24 Jun
2012 13:
30:
00 +
0200</pubDate>
5855 <description><p
>Many years ago, while studying Computer Science at the
5856 <a href=
"http://www.uit.no/
">University of Tromsø
</a
>, I started
5857 collecting computer related songs for use at parties. The original
5858 version was written in LaTeX, but a few years ago I got help from
5859 Håkon W. Lie, one of the inventors of W3C CSS, to convert it to HTML
5860 while keeping the ability to create a nice book in PDF format. I have
5861 not had time to maintain the book for a while now, and guess I should
5862 put it up on some public version control repository where others can
5863 help me extend and update the book. If anyone is volunteering to help
5864 me with this, send me an email. Also let me know if there are songs
5865 missing in my book.
</p
>
5867 <p
>I have not mentioned the book on my blog so far, and it occured to
5868 me today that I really should let all my readers share the joys of
5869 singing out load about programming, computers and computer networks.
5870 Especially now that
<a href=
"http://debconf12.debconf.org/
">Debconf
5871 12</a
> is about to start (and I am not going). Want to sing? Check
5872 out
<a href=
"http://www.hungry.com/~pere/cs-songbook/
">Petter
's
5873 Computer Science Songbook
</a
>.
5878 <title>Automatically upgrading server firmware on Dell PowerEdge
</title>
5879 <link>http://people.skolelinux.org/pere/blog/Automatically_upgrading_server_firmware_on_Dell_PowerEdge.html
</link>
5880 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Automatically_upgrading_server_firmware_on_Dell_PowerEdge.html
</guid>
5881 <pubDate>Mon,
21 Nov
2011 12:
00:
00 +
0100</pubDate>
5882 <description><p
>At work we have heaps of servers. I believe the total count is
5883 around
1000 at the moment. To be able to get help from the vendors
5884 when something go wrong, we want to keep the firmware on the servers
5885 up to date. If the firmware isn
't the latest and greatest, the
5886 vendors typically refuse to start debugging any problems until the
5887 firmware is upgraded. So before every reboot, we want to upgrade the
5888 firmware, and we would really like everyone handling servers at the
5889 university to do this themselves when they plan to reboot a machine.
5890 For that to happen we at the unix server admin group need to provide
5891 the tools to do so.
</p
>
5893 <p
>To make firmware upgrading easier, I am working on a script to
5894 fetch and install the latest firmware for the servers we got. Most of
5895 our hardware are from Dell and HP, so I have focused on these servers
5896 so far. This blog post is about the Dell part.
</P
>
5898 <p
>On the Dell FTP site I was lucky enough to find
5899 <a href=
"ftp://ftp.us.dell.com/catalog/Catalog.xml.gz
">an XML file
</a
>
5900 with firmware information for all
11th generation servers, listing
5901 which firmware should be used on a given model and where on the FTP
5902 site I can find it. Using a simple perl XML parser I can then
5903 download the shell scripts Dell provides to do firmware upgrades from
5904 within Linux and reboot when all the firmware is primed and ready to
5905 be activated on the first reboot.
</p
>
5907 <p
>This is the Dell related fragment of the perl code I am working on.
5908 Are there anyone working on similar tools for firmware upgrading all
5909 servers at a site? Please get in touch and lets share resources.
</p
>
5911 <p
><pre
>
5915 use File::Temp qw(tempdir);
5917 # Install needed RHEL packages if missing
5919 'XML::Simple
' =
> 'perl-XML-Simple
',
5921 for my $module (keys %rhelmodules) {
5922 eval
"use $module;
";
5924 my $pkg = $rhelmodules{$module};
5925 system(
"yum install -y $pkg
");
5926 eval
"use $module;
";
5930 my $errorsto =
'pere@hungry.com
';
5936 sub run_firmware_script {
5937 my ($opts, $script) = @_;
5939 print STDERR
"fail: missing script name\n
";
5942 print STDERR
"Running $script\n\n
";
5944 if (
0 == system(
"sh $script $opts
")) { # FIXME correct exit code handling
5945 print STDERR
"success: firmware script ran succcessfully\n
";
5947 print STDERR
"fail: firmware script returned error\n
";
5951 sub run_firmware_scripts {
5952 my ($opts, @dirs) = @_;
5953 # Run firmware packages
5954 for my $dir (@dirs) {
5955 print STDERR
"info: Running scripts in $dir\n
";
5956 opendir(my $dh, $dir) or die
"Unable to open directory $dir: $!
";
5957 while (my $s = readdir $dh) {
5958 next if $s =~ m/^\.\.?/;
5959 run_firmware_script($opts,
"$dir/$s
");
5967 print STDERR
"info: Downloading $url\n
";
5968 system(
"wget --quiet \
"$url\
"");
5973 my $product = `dmidecode -s system-product-name`;
5976 if ($product =~ m/PowerEdge/) {
5978 # on RHEL, these pacakges are needed by the firwmare upgrade scripts
5979 system(
'yum install -y compat-libstdc++-
33.i686 libstdc++.i686 libxml2.i686 procmail
');
5981 my $tmpdir = tempdir(
5985 fetch_dell_fw(
'catalog/Catalog.xml.gz
');
5986 system(
'gunzip Catalog.xml.gz
');
5987 my @paths = fetch_dell_fw_list(
'Catalog.xml
');
5988 # -q is quiet, disabling interactivity and reducing console output
5989 my $fwopts =
"-q
";
5991 for my $url (@paths) {
5992 fetch_dell_fw($url);
5994 run_firmware_scripts($fwopts, $tmpdir);
5996 print STDERR
"error: Unsupported Dell model
'$product
'.\n
";
5997 print STDERR
"error: Please report to $errorsto.\n
";
6001 print STDERR
"error: Unsupported Dell model
'$product
'.\n
";
6002 print STDERR
"error: Please report to $errorsto.\n
";
6008 my $url =
"ftp://ftp.us.dell.com/$path
";
6012 # Using ftp://ftp.us.dell.com/catalog/Catalog.xml.gz, figure out which
6013 # firmware packages to download from Dell. Only work for Linux
6014 # machines and
11th generation Dell servers.
6015 sub fetch_dell_fw_list {
6016 my $filename = shift;
6018 my $product = `dmidecode -s system-product-name`;
6020 my ($mybrand, $mymodel) = split(/\s+/, $product);
6022 print STDERR
"Finding firmware bundles for $mybrand $mymodel\n
";
6024 my $xml = XMLin($filename);
6026 for my $bundle (@{$xml-
>{SoftwareBundle}}) {
6027 my $brand = $bundle-
>{TargetSystems}-
>{Brand}-
>{Display}-
>{content};
6028 my $model = $bundle-
>{TargetSystems}-
>{Brand}-
>{Model}-
>{Display}-
>{content};
6030 if (
"ARRAY
" eq ref $bundle-
>{TargetOSes}-
>{OperatingSystem}) {
6031 $oscode = $bundle-
>{TargetOSes}-
>{OperatingSystem}[
0]-
>{osCode};
6033 $oscode = $bundle-
>{TargetOSes}-
>{OperatingSystem}-
>{osCode};
6035 if ($mybrand eq $brand
&& $mymodel eq $model
&& "LIN
" eq $oscode)
6037 @paths = map { $_-
>{path} } @{$bundle-
>{Contents}-
>{Package}};
6040 for my $component (@{$xml-
>{SoftwareComponent}}) {
6041 my $componenttype = $component-
>{ComponentType}-
>{value};
6043 # Drop application packages, only firmware and BIOS
6044 next if
'APAC
' eq $componenttype;
6046 my $cpath = $component-
>{path};
6047 for my $path (@paths) {
6048 if ($cpath =~ m%/$path$%) {
6049 push(@paths, $cpath);
6057 <p
>The code is only tested on RedHat Enterprise Linux, but I suspect
6058 it could work on other platforms with some tweaking. Anyone know a
6059 index like Catalog.xml is available from HP for HP servers? At the
6060 moment I maintain a similar list manually and it is quickly getting
6066 <title>How is booting into runlevel
1 different from single user boots?
</title>
6067 <link>http://people.skolelinux.org/pere/blog/How_is_booting_into_runlevel_1_different_from_single_user_boots_.html
</link>
6068 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_is_booting_into_runlevel_1_different_from_single_user_boots_.html
</guid>
6069 <pubDate>Thu,
4 Aug
2011 12:
40:
00 +
0200</pubDate>
6070 <description><p
>Wouter Verhelst have some
6071 <a href=
"http://grep.be/blog/en/retorts/pere_kubuntu_boot
">interesting
6072 comments and opinions
</a
> on my blog post on
6073 <a href=
"http://people.skolelinux.org/pere/blog/What_should_start_from__etc_rcS_d__in_Debian____almost_nothing.html
">the
6074 need to clean up /etc/rcS.d/ in Debian
</a
> and my blog post about
6075 <a href=
"http://people.skolelinux.org/pere/blog/What_is_missing_in_the_Debian_desktop__or_why_my_parents_use_Kubuntu.html
">the
6076 default KDE desktop in Debian
</a
>. I only have time to address one
6077 small piece of his comment now, and though it best to address the
6078 misunderstanding he bring forward:
</p
>
6080 <p
><blockquote
>
6081 Currently, a system admin has four options: [...] boot to a
6082 single-user system (by adding
'single
' to the kernel command line;
6083 this runs rcS and rc1 scripts)
6084 </blockquote
></p
>
6086 <p
>This make me believe Wouter believe booting into single user mode
6087 and booting into runlevel
1 is the same. I am not surprised he
6088 believe this, because it would make sense and is a quite sensible
6089 thing to believe. But because the boot in Debian is slightly broken,
6090 runlevel
1 do not work properly and it isn
't the same as single user
6091 mode. I
'll try to explain what is actually happing, but it is a bit
6092 hard to explain.
</p
>
6094 <p
>Single user mode is defined like this in /etc/inittab:
6095 "<tt
>~~:S:wait:/sbin/sulogin
</tt
>". This means the only thing that is
6096 executed in single user mode is sulogin. Single user mode is a boot
6097 state
"between
" the runlevels, and when booting into single user mode,
6098 only the scripts in /etc/rcS.d/ are executed before the init process
6099 enters the single user state. When switching to runlevel
1, the state
6100 is in fact not ending in runlevel
1, but it passes through runlevel
1
6101 and end up in the single user mode (see /etc/rc1.d/S03single, which
6102 runs
"init -t1 S
" to switch to single user mode at the end of runlevel
6103 1. It is confusing that the
'S
' (single user) init mode is not the
6104 mode enabled by /etc/rcS.d/ (which is more like the initial boot
6107 <p
>This summary might make it clearer. When booting for the first
6108 time into single user mode, the following commands are executed:
6109 "<tt
>/etc/init.d/rc S; /sbin/sulogin
</tt
>". When booting into
6110 runlevel
1, the following commands are executed:
"<tt
>/etc/init.d/rc
6111 S; /etc/init.d/rc
1; /sbin/sulogin
</tt
>". A problem show up when
6112 trying to continue after visiting single user mode. Not all services
6113 are started again as they should, causing the machine to end up in an
6114 unpredicatble state. This is why Debian admins recommend rebooting
6115 after visiting single user mode.
</p
>
6117 <p
>A similar problem with runlevel
1 is caused by the amount of
6118 scripts executed from /etc/rcS.d/. When switching from say runlevel
2
6119 to runlevel
1, the services started from /etc/rcS.d/ are not properly
6120 stopped when passing through the scripts in /etc/rc1.d/, and not
6121 started again when switching away from runlevel
1 to the runlevels
6122 2-
5. I believe the problem is best fixed by moving all the scripts
6123 out of /etc/rcS.d/ that are not
<strong
>required
</strong
> to get a
6124 functioning single user mode during boot.
</p
>
6126 <p
>I have spent several years investigating the Debian boot system,
6127 and discovered this problem a few years ago. I suspect it originates
6128 from when sysvinit was introduced into Debian, a long time ago.
</p
>
6133 <title>What should start from /etc/rcS.d/ in Debian? - almost nothing
</title>
6134 <link>http://people.skolelinux.org/pere/blog/What_should_start_from__etc_rcS_d__in_Debian____almost_nothing.html
</link>
6135 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/What_should_start_from__etc_rcS_d__in_Debian____almost_nothing.html
</guid>
6136 <pubDate>Sat,
30 Jul
2011 14:
00:
00 +
0200</pubDate>
6137 <description><p
>In the Debian boot system, several packages include scripts that
6138 are started from /etc/rcS.d/. In fact, there is a bite more of them
6139 than make sense, and this causes a few problems. What kind of
6140 problems, you might ask. There are at least two problems. The first
6141 is that it is not possible to recover a machine after switching to
6142 runlevel
1. One need to actually reboot to get the machine back to
6143 the expected state. The other is that single user boot will sometimes
6144 run into problems because some of the subsystems are activated before
6145 the root login is presented, causing problems when trying to recover a
6146 machine from a problem in that subsystem. A minor additional point is
6147 that moving more scripts out of rcS.d/ and into the other rc#.d/
6148 directories will increase the amount of scripts that can run in
6149 parallel during boot, and thus decrease the boot time.
</p
>
6151 <p
>So, which scripts should start from rcS.d/. In short, only the
6152 scripts that _have_ to execute before the root login prompt is
6153 presented during a single user boot should go there. Everything else
6154 should go into the numeric runlevels. This means things like
6155 lm-sensors, fuse and x11-common should not run from rcS.d, but from
6156 the numeric runlevels. Today in Debian, there are around
115 init.d
6157 scripts that are started from rcS.d/, and most of them should be moved
6158 out. Do your package have one of them? Please help us make single
6159 user and runlevel
1 better by moving it.
</p
>
6161 <p
>Scripts setting up the screen, keyboard, system partitions
6162 etc. should still be started from rcS.d/, but there is for example no
6163 need to have the network enabled before the single user login prompt
6164 is presented.
</p
>
6166 <p
>As always, things are not so easy to fix as they sound. To keep
6167 Debian systems working while scripts migrate and during upgrades, the
6168 scripts need to be moved from rcS.d/ to rc2.d/ in reverse dependency
6169 order, ie the scripts that nothing in rcS.d/ depend on can be moved,
6170 and the next ones can only be moved when their dependencies have been
6171 moved first. This migration must be done sequentially while we ensure
6172 that the package system upgrade packages in the right order to keep
6173 the system state correct. This will require some coordination when it
6174 comes to network related packages, but most of the packages with
6175 scripts that should migrate do not have anything in rcS.d/ depending
6176 on them. Some packages have already been updated, like the sudo
6177 package, while others are still left to do. I wish I had time to work
6178 on this myself, but real live constrains make it unlikely that I will
6179 find time to push this forward.
</p
>
6184 <title>What is missing in the Debian desktop, or why my parents use Kubuntu
</title>
6185 <link>http://people.skolelinux.org/pere/blog/What_is_missing_in_the_Debian_desktop__or_why_my_parents_use_Kubuntu.html
</link>
6186 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/What_is_missing_in_the_Debian_desktop__or_why_my_parents_use_Kubuntu.html
</guid>
6187 <pubDate>Fri,
29 Jul
2011 08:
10:
00 +
0200</pubDate>
6188 <description><p
>While at Debconf11, I have several times during discussions
6189 mentioned the issues I believe should be improved in Debian for its
6190 desktop to be useful for more people. The use case for this is my
6191 parents, which are currently running Kubuntu which solve the
6194 <p
>I suspect these four missing features are not very hard to
6195 implement. After all, they are present in Ubuntu, so if we wanted to
6196 do this in Debian we would have a source.
</p
>
6200 <li
><strong
>Simple GUI based upgrade of packages.
</strong
> When there
6201 are new packages available for upgrades, a icon in the KDE status bar
6202 indicate this, and clicking on it will activate the simple upgrade
6203 tool to handle it. I have no problem guiding both of my parents
6204 through the process over the phone. If a kernel reboot is required,
6205 this too is indicated by the status bars and the upgrade tool. Last
6206 time I checked, nothing with the same features was working in KDE in
6209 <li
><strong
>Simple handling of missing Firefox browser
6210 plugins.
</strong
> When the browser encounter a MIME type it do not
6211 currently have a handler for, it will ask the user if the system
6212 should search for a package that would add support for this MIME type,
6213 and if the user say yes, the APT sources will be searched for packages
6214 advertising the MIME type in their control file (visible in the
6215 Packages file in the APT archive). If one or more packages are found,
6216 it is a simple click of the mouse to add support for the missing mime
6217 type. If the package require the user to accept some non-free
6218 license, this is explained to the user. The entire process make it
6219 more clear to the user why something do not work in the browser, and
6220 make the chances higher for the user to blame the web page authors and
6221 not the browser for any missing features.
</li
>
6223 <li
><strong
>Simple handling of missing multimedia codec/format
6224 handlers.
</strong
> When the media players encounter a format or codec
6225 it is not supporting, a dialog pop up asking the user if the system
6226 should search for a package that would add support for it. This
6227 happen with things like MP3, Windows Media or H
.264. The selection
6228 and installation procedure is very similar to the Firefox browser
6229 plugin handling. This is as far as I know implemented using a
6230 gstreamer hook. The end result is that the user easily get access to
6231 the codecs that are present from the APT archives available, while
6232 explaining more on why a given format is unsupported by Ubuntu.
</li
>
6234 <li
><strong
>Better browser handling of some MIME types.
</strong
> When
6235 displaying a text/plain file in my Debian browser, it will propose to
6236 start emacs to show it. If I remember correctly, when doing the same
6237 in Kunbutu it show the file as a text file in the browser. At least I
6238 know Opera will show text files within the browser. I much prefer the
6239 latter behaviour.
</li
>
6243 <p
>There are other nice features as well, like the simplified suite
6244 upgrader, but given that I am the one mostly doing the dist-upgrade,
6245 it do not matter much.
</p
>
6247 <p
>I really hope we could get these features in place for the next
6248 Debian release. It would require the coordinated effort of several
6249 maintainers, but would make the end user experience a lot better.
</p
>
6254 <title>Perl modules used by FixMyStreet which are missing in Debian/Squeeze
</title>
6255 <link>http://people.skolelinux.org/pere/blog/Perl_modules_used_by_FixMyStreet_which_are_missing_in_Debian_Squeeze.html
</link>
6256 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Perl_modules_used_by_FixMyStreet_which_are_missing_in_Debian_Squeeze.html
</guid>
6257 <pubDate>Tue,
26 Jul
2011 12:
25:
00 +
0200</pubDate>
6258 <description><p
>The Norwegian
<a href=
"http://www.fiksgatami.no/
">FiksGataMi
</A
>
6259 site is build on Debian/Squeeze, and this platform was chosen because
6260 I am most familiar with Debian (being a Debian Developer for around
10
6261 years) because it is the latest stable Debian release which should get
6262 security support for a few years.
</p
>
6264 <p
>The web service is written in Perl, and depend on some perl modules
6265 that are missing in Debian at the moment. It would be great if these
6266 modules were added to the Debian archive, allowing anyone to set up
6267 their own
<a href=
"http://www.fixmystreet.com
">FixMyStreet
</a
> clone
6268 in their own country using only Debian packages. The list of modules
6269 missing in Debian/Squeeze isn
't very long, and I hope the perl group
6270 will find time to package the
12 modules Catalyst::Plugin::SmartURI,
6271 Catalyst::Plugin::Unicode::Encoding, Catalyst::View::TT, Devel::Hide,
6272 Sort::Key, Statistics::Distributions, Template::Plugin::Comma,
6273 Template::Plugin::DateTime::Format, Term::Size::Any, Term::Size::Perl,
6274 URI::SmartURI and Web::Scraper to make the maintenance of FixMyStreet
6275 easier in the future.
</p
>
6277 <p
>Thanks to the great tools in Debian, getting the missing modules
6278 installed on my server was a simple call to
'cpan2deb Module::Name
'
6279 and
'dpkg -i
' to install the resulting package. But this leave me
6280 with the responsibility of tracking security problems, which I really
6281 do not have time for.
</p
>
6286 <title>A Norwegian FixMyStreet have kept me busy the last few weeks
</title>
6287 <link>http://people.skolelinux.org/pere/blog/A_Norwegian_FixMyStreet_have_kept_me_busy_the_last_few_weeks.html
</link>
6288 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/A_Norwegian_FixMyStreet_have_kept_me_busy_the_last_few_weeks.html
</guid>
6289 <pubDate>Sun,
3 Apr
2011 22:
50:
00 +
0200</pubDate>
6290 <description><p
>Here is a small update for my English readers. Most of my blog
6291 posts have been in Norwegian the last few weeks, so here is a short
6292 update in English.
</p
>
6294 <p
>The kids still keep me too busy to get much free software work
6295 done, but I did manage to organise a project to get a Norwegian port
6296 of the British service
6297 <a href=
"http://www.fixmystreet.com/
">FixMyStreet
</a
> up and running,
6298 and it has been running for a month now. The entire project has been
6299 organised by me and two others. Around Christmas we gathered sponsors
6300 to fund the development work. In January I drafted a contract with
6301 <a href=
"http://www.mysociety.org/
">mySociety
</a
> on what to develop,
6302 and in February the development took place. Most of it involved
6303 converting the source to use GPS coordinates instead of British
6304 easting/northing, and the resulting code should be a lot easier to get
6305 running in any country by now. The Norwegian
6306 <a href=
"http://www.fiksgatami.no/
">FiksGataMi
</a
> is using
6307 <a href=
"http://www.openstreetmap.org/
">OpenStreetmap
</a
> as the map
6308 source and the source for administrative borders in Norway, and
6309 support for this had to be added/fixed.
</p
>
6311 <p
>The Norwegian version went live March
3th, and we spent the weekend
6312 polishing the system before we announced it March
7th. The system is
6313 running on a KVM instance of Debian/Squeeze, and has seen almost
3000
6314 problem reports in a few weeks. Soon we hope to announce the Android
6315 and iPhone versions making it even easier to report problems with the
6316 public infrastructure.
</p
>
6318 <p
>Perhaps something to consider for those of you in countries without
6319 such service?
</p
>
6324 <title>Using NVD and CPE to track CVEs in locally maintained software
</title>
6325 <link>http://people.skolelinux.org/pere/blog/Using_NVD_and_CPE_to_track_CVEs_in_locally_maintained_software.html
</link>
6326 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Using_NVD_and_CPE_to_track_CVEs_in_locally_maintained_software.html
</guid>
6327 <pubDate>Fri,
28 Jan
2011 15:
40:
00 +
0100</pubDate>
6328 <description><p
>The last few days I have looked at ways to track open security
6329 issues here at my work with the University of Oslo. My idea is that
6330 it should be possible to use the information about security issues
6331 available on the Internet, and check our locally
6332 maintained/distributed software against this information. It should
6333 allow us to verify that no known security issues are forgotten. The
6334 CVE database listing vulnerabilities seem like a great central point,
6335 and by using the package lists from Debian mapped to CVEs provided by
6336 the testing security team, I believed it should be possible to figure
6337 out which security holes were present in our free software
6338 collection.
</p
>
6340 <p
>After reading up on the topic, it became obvious that the first
6341 building block is to be able to name software packages in a unique and
6342 consistent way across data sources. I considered several ways to do
6343 this, for example coming up with my own naming scheme like using URLs
6344 to project home pages or URLs to the Freshmeat entries, or using some
6345 existing naming scheme. And it seem like I am not the first one to
6346 come across this problem, as MITRE already proposed and implemented a
6347 solution. Enter the
<a href=
"http://cpe.mitre.org/index.html
">Common
6348 Platform Enumeration
</a
> dictionary, a vocabulary for referring to
6349 software, hardware and other platform components. The CPE ids are
6350 mapped to CVEs in the
<a href=
"http://web.nvd.nist.gov/
">National
6351 Vulnerability Database
</a
>, allowing me to look up know security
6352 issues for any CPE name. With this in place, all I need to do is to
6353 locate the CPE id for the software packages we use at the university.
6354 This is fairly trivial (I google for
'cve cpe $package
' and check the
6355 NVD entry if a CVE for the package exist).
</p
>
6357 <p
>To give you an example. The GNU gzip source package have the CPE
6358 name cpe:/a:gnu:gzip. If the old version
1.3.3 was the package to
6359 check out, one could look up
6360 <a href=
"http://web.nvd.nist.gov/view/vuln/search?cpe=cpe%
3A%
2Fa%
3Agnu%
3Agzip:
1.3.3">cpe:/a:gnu:gzip:
1.3.3
6361 in NVD
</a
> and get a list of
6 security holes with public CVE entries.
6362 The most recent one is
6363 <a href=
"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-
2010-
0001">CVE-
2010-
0001</a
>,
6364 and at the bottom of the NVD page for this vulnerability the complete
6365 list of affected versions is provided.
</p
>
6367 <p
>The NVD database of CVEs is also available as a XML dump, allowing
6368 for offline processing of issues. Using this dump, I
've written a
6369 small script taking a list of CPEs as input and list all CVEs
6370 affecting the packages represented by these CPEs. One give it CPEs
6371 with version numbers as specified above and get a list of open
6372 security issues out.
</p
>
6374 <p
>Of course for this approach to be useful, the quality of the NVD
6375 information need to be high. For that to happen, I believe as many as
6376 possible need to use and contribute to the NVD database. I notice
6378 <a href=
"https://www.redhat.com/security/data/metrics/rhsamapcpe.txt
">a
6379 map from CVE to CPE
</a
>, indicating that they are using the CPE
6380 information. I
'm not aware of Debian and Ubuntu doing the same.
</p
>
6382 <p
>To get an idea about the quality for free software, I spent some
6383 time making it possible to compare the CVE database from Debian with
6384 the CVE database in NVD. The result look fairly good, but there are
6385 some inconsistencies in NVD (same software package having several
6386 CPEs), and some inaccuracies (NVD not mentioning buggy packages that
6387 Debian believe are affected by a CVE). Hope to find time to improve
6388 the quality of NVD, but that require being able to get in touch with
6389 someone maintaining it. So far my three emails with questions and
6390 corrections have not seen any reply, but I hope contact can be
6391 established soon.
</p
>
6393 <p
>An interesting application for CPEs is cross platform package
6394 mapping. It would be useful to know which packages in for example
6395 RHEL, OpenSuSe and Mandriva are missing from Debian and Ubuntu, and
6396 this would be trivial if all linux distributions provided CPE entries
6397 for their packages.
</p
>
6402 <title>Which module is loaded for a given PCI and USB device?
</title>
6403 <link>http://people.skolelinux.org/pere/blog/Which_module_is_loaded_for_a_given_PCI_and_USB_device_.html
</link>
6404 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Which_module_is_loaded_for_a_given_PCI_and_USB_device_.html
</guid>
6405 <pubDate>Sun,
23 Jan
2011 00:
20:
00 +
0100</pubDate>
6406 <description><p
>In the
6407 <a href=
"http://packages.qa.debian.org/discover-data
">discover-data
</a
>
6408 package in Debian, there is a script to report useful information
6409 about the running hardware for use when people report missing
6410 information. One part of this script that I find very useful when
6411 debugging hardware problems, is the part mapping loaded kernel module
6412 to the PCI device it claims. It allow me to quickly see if the kernel
6413 module I expect is driving the hardware I am struggling with. To see
6414 the output, make sure discover-data is installed and run
6415 <tt
>/usr/share/bug/discover-data
3>&1</tt
>. The relevant output on
6416 one of my machines like this:
</p
>
6420 10de:
03eb i2c_nforce2
6423 10de:
03f0 snd_hda_intel
6432 <p
>The code in question look like this, slightly modified for
6433 readability and to drop the output to file descriptor
3:
</p
>
6436 if [ -d /sys/bus/pci/devices/ ] ; then
6437 echo loaded pci modules:
6439 cd /sys/bus/pci/devices/
6440 for address in * ; do
6441 if [ -d
"$address/driver/module
" ] ; then
6442 module=`cd $address/driver/module ; pwd -P | xargs basename`
6443 if grep -q
"^$module
" /proc/modules ; then
6444 address=$(echo $address |sed s/
0000://)
6445 id=`lspci -n -s $address | tail -n
1 | awk
'{print $
3}
'`
6446 echo
"$id $module
"
6455 <p
>Similar code could be used to extract USB device module
6459 if [ -d /sys/bus/usb/devices/ ] ; then
6460 echo loaded usb modules:
6462 cd /sys/bus/usb/devices/
6463 for address in * ; do
6464 if [ -d
"$address/driver/module
" ] ; then
6465 module=`cd $address/driver/module ; pwd -P | xargs basename`
6466 if grep -q
"^$module
" /proc/modules ; then
6467 address=$(echo $address |sed s/
0000://)
6468 id=$(lsusb -s $address | tail -n
1 | awk
'{print $
6}
')
6469 if [
"$id
" ] ; then
6470 echo
"$id $module
"
6480 <p
>This might perhaps be something to include in other tools as
6486 <title>How to test if a laptop is working with Linux
</title>
6487 <link>http://people.skolelinux.org/pere/blog/How_to_test_if_a_laptop_is_working_with_Linux.html
</link>
6488 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_test_if_a_laptop_is_working_with_Linux.html
</guid>
6489 <pubDate>Wed,
22 Dec
2010 14:
55:
00 +
0100</pubDate>
6490 <description><p
>The last few days I have spent at work here at the
<a
6491 href=
"http://www.uio.no/
">University of Oslo
</a
> testing if the new
6492 batch of computers will work with Linux. Every year for the last few
6493 years the university have organised shared bid of a few thousand
6494 computers, and this year HP won the bid. Two different desktops and
6495 five different laptops are on the list this year. We in the UNIX
6496 group want to know which one of these computers work well with RHEL
6497 and Ubuntu, the two Linux distributions we currently handle at the
6498 university.
</p
>
6500 <p
>My test method is simple, and I share it here to get feedback and
6501 perhaps inspire others to test hardware as well. To test, I PXE
6502 install the OS version of choice, and log in as my normal user and run
6503 a few applications and plug in selected pieces of hardware. When
6504 something fail, I make a note about this in the test matrix and move
6505 on. If I have some spare time I try to report the bug to the OS
6506 vendor, but as I only have the machines for a short time, I rarely
6507 have the time to do this for all the problems I find.
</p
>
6509 <p
>Anyway, to get to the point of this post. Here is the simple tests
6510 I perform on a new model.
</p
>
6514 <li
>Is PXE installation working? I
'm testing with RHEL6, Ubuntu Lucid
6515 and Ubuntu Maverik at the moment. If I feel like it, I also test with
6516 RHEL5 and Debian Edu/Squeeze.
</li
>
6518 <li
>Is X.org working? If the graphical login screen show up after
6519 installation, X.org is working.
</li
>
6521 <li
>Is hardware accelerated OpenGL working? Running glxgears (in
6522 package mesa-utils on Ubuntu) and writing down the frames per second
6523 reported by the program.
</li
>
6525 <li
>Is sound working? With Gnome and KDE, a sound is played when
6526 logging in, and if I can hear this the test is successful. If there
6527 are several audio exits on the machine, I try them all and check if
6528 the Gnome/KDE audio mixer can control where to send the sound. I
6529 normally test this by playing
6530 <a href=
"http://www.nuug.no/aktiviteter/
20101012-chef/
">a HTML5
6531 video
</a
> in Firefox/Iceweasel.
</li
>
6533 <li
>Is the USB subsystem working? I test this by plugging in a USB
6534 memory stick and see if Gnome/KDE notices this.
</li
>
6536 <li
>Is the CD/DVD player working? I test this by inserting any CD/DVD
6537 I have lying around, and see if Gnome/KDE notices this.
</li
>
6539 <li
>Is any built in camera working? Test using cheese, and see if a
6540 picture from the v4l device show up.
</li
>
6542 <li
>Is bluetooth working? Use the Gnome/KDE browsing tool to see if
6543 any bluetooth devices are discovered. In my office, I normally see a
6546 <li
>For laptops, is the SD or Compaq Flash reader working. I have
6547 memory modules lying around, and stick them in and see if Gnome/KDE
6548 notice this.
</li
>
6550 <li
>For laptops, is suspend/hibernate working? I
'm testing if the
6551 special button work, and if the laptop continue to work after
6554 <li
>For laptops, is the extra buttons working, like audio level,
6555 adjusting background light, switching on/off external video output,
6556 switching on/off wifi, bluetooth, etc? The set of buttons differ from
6557 laptop to laptop, so I just write down which are working and which are
6560 <li
>Some laptops have smart card readers, finger print readers,
6561 acceleration sensors etc. I rarely test these, as I do not know how
6562 to quickly test if they are working or not, so I only document their
6563 existence.
</li
>
6567 <p
>By now I suspect you are really curious what the test results are
6568 for the HP machines I am testing. I
'm not done yet, so I will report
6569 the test results later. For now I can report that HP
8100 Elite work
6570 fine, and hibernation fail with HP EliteBook
8440p on Ubuntu Lucid,
6571 and audio fail on RHEL6. Ubuntu Maverik worked with
8440p. As you
6572 can see, I have most machines left to test. One interesting
6573 observation is that Ubuntu Lucid has almost twice the frame rate than
6574 RHEL6 with glxgears. No idea why.
</p
>
6579 <title>Some thoughts on BitCoins
</title>
6580 <link>http://people.skolelinux.org/pere/blog/Some_thoughts_on_BitCoins.html
</link>
6581 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Some_thoughts_on_BitCoins.html
</guid>
6582 <pubDate>Sat,
11 Dec
2010 15:
10:
00 +
0100</pubDate>
6583 <description><p
>As I continue to explore
6584 <a href=
"http://www.bitcoin.org/
">BitCoin
</a
>, I
've starting to wonder
6585 what properties the system have, and how it will be affected by laws
6586 and regulations here in Norway. Here are some random notes.
</p
>
6588 <p
>One interesting thing to note is that since the transactions are
6589 verified using a peer to peer network, all details about a transaction
6590 is known to everyone. This means that if a BitCoin address has been
6591 published like I did with mine in my initial post about BitCoin, it is
6592 possible for everyone to see how many BitCoins have been transfered to
6593 that address. There is even a web service to look at the details for
6594 all transactions. There I can see that my address
6595 <a href=
"http://blockexplorer.com/address/
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
>
6596 have received
16.06 Bitcoin, the
6597 <a href=
"http://blockexplorer.com/address/
1LfdGnGuWkpSJgbQySxxCWhv
8MHqvwst
3">1LfdGnGuWkpSJgbQySxxCWhv
8MHqvwst
3</a
>
6598 address of Simon Phipps have received
181.97 BitCoin and the address
6599 <a href=
"http://blockexplorer.com/address/
1MCwBbhNGp5hRm5rC1Aims2YFRe2SXPYKt
">1MCwBbhNGp5hRm5rC1Aims2YFRe2SXPYKt
</A
>
6600 of EFF have received
2447.38 BitCoins so far. Thank you to each and
6601 every one of you that donated bitcoins to support my activity. The
6602 fact that anyone can see how much money was transfered to a given
6603 address make it more obvious why the BitCoin community recommend to
6604 generate and hand out a new address for each transaction. I
'm told
6605 there is no way to track which addresses belong to a given person or
6606 organisation without the person or organisation revealing it
6607 themselves, as Simon, EFF and I have done.
</p
>
6609 <p
>In Norway, and in most other countries, there are laws and
6610 regulations limiting how much money one can transfer across the border
6611 without declaring it. There are money laundering, tax and accounting
6612 laws and regulations I would expect to apply to the use of BitCoin.
6613 If the Skolelinux foundation
6614 (
<a href=
"http://linuxiskolen.no/slxdebianlabs/donations.html
">SLX
6615 Debian Labs
</a
>) were to accept donations in BitCoin in addition to
6616 normal bank transfers like EFF is doing, how should this be accounted?
6617 Given that it is impossible to know if money can cross the border or
6618 not, should everything or nothing be declared? What exchange rate
6619 should be used when calculating taxes? Would receivers have to pay
6620 income tax if the foundation were to pay Skolelinux contributors in
6621 BitCoin? I have no idea, but it would be interesting to know.
</p
>
6623 <p
>For a currency to be useful and successful, it must be trusted and
6624 accepted by a lot of users. It must be possible to get easy access to
6625 the currency (as a wage or using currency exchanges), and it must be
6626 easy to spend it. At the moment BitCoin seem fairly easy to get
6627 access to, but there are very few places to spend it. I am not really
6628 a regular user of any of the vendor types currently accepting BitCoin,
6629 so I wonder when my kind of shop would start accepting BitCoins. I
6630 would like to buy electronics, travels and subway tickets, not herbs
6631 and books. :) The currency is young, and this will improve over time
6632 if it become popular, but I suspect regular banks will start to lobby
6633 to get BitCoin declared illegal if it become popular. I
'm sure they
6634 will claim it is helping fund terrorism and money laundering (which
6635 probably would be true, as is any currency in existence), but I
6636 believe the problems should be solved elsewhere and not by blaming
6637 currencies.
</p
>
6639 <p
>The process of creating new BitCoins is called mining, and it is
6640 CPU intensive process that depend on a bit of luck as well (as one is
6641 competing against all the other miners currently spending CPU cycles
6642 to see which one get the next lump of cash). The
"winner
" get
50
6643 BitCoin when this happen. Yesterday I came across the obvious way to
6644 join forces to increase ones changes of getting at least some coins,
6645 by coordinating the work on mining BitCoins across several machines
6646 and people, and sharing the result if one is lucky and get the
50
6648 <a href=
"http://www.bluishcoder.co.nz/bitcoin-pool/
">BitCoin Pool
</a
>
6649 if this sounds interesting. I have not had time to try to set up a
6650 machine to participate there yet, but have seen that running on ones
6651 own for a few days have not yield any BitCoins througth mining
6654 <p
>Update
2010-
12-
15: Found an
<a
6655 href=
"http://inertia.posterous.com/reply-to-the-underground-economist-why-bitcoi
">interesting
6656 criticism
</a
> of bitcoin. Not quite sure how valid it is, but thought
6657 it was interesting to read. The arguments presented seem to be
6658 equally valid for gold, which was used as a currency for many years.
</p
>
6663 <title>Now accepting bitcoins - anonymous and distributed p2p crypto-money
</title>
6664 <link>http://people.skolelinux.org/pere/blog/Now_accepting_bitcoins___anonymous_and_distributed_p2p_crypto_money.html
</link>
6665 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Now_accepting_bitcoins___anonymous_and_distributed_p2p_crypto_money.html
</guid>
6666 <pubDate>Fri,
10 Dec
2010 08:
20:
00 +
0100</pubDate>
6667 <description><p
>With this weeks lawless
6668 <a href=
"http://www.salon.com/news/opinion/glenn_greenwald/
2010/
12/
06/wikileaks/index.html
">governmental
6669 attacks
</a
> on Wikileak and
6670 <a href=
"http://www.salon.com/technology/dan_gillmor/
2010/
12/
06/war_on_speech
">free
6671 speech
</a
>, it has become obvious that PayPal, visa and mastercard can
6672 not be trusted to handle money transactions.
6674 <a href=
"http://webmink.com/
2010/
12/
06/now-accepting-bitcoin/
">Simon
6675 Phipps on bitcoin
</a
> reminded me about a project that a friend of
6676 mine mentioned earlier. I decided to follow Simon
's example, and get
6677 involved with
<a href=
"http://www.bitcoin.org/
">BitCoin
</a
>. I got
6678 some help from my friend to get it all running, and he even handed me
6679 some bitcoins to get started. I even donated a few bitcoins to Simon
6680 for helping me remember BitCoin.
</p
>
6682 <p
>So, what is bitcoins, you probably wonder? It is a digital
6683 crypto-currency, decentralised and handled using peer-to-peer
6684 networks. It allows anonymous transactions and prohibits central
6685 control over the transactions, making it impossible for governments
6686 and companies alike to block donations and other transactions. The
6687 source is free software, and while the key dependency wxWidgets
2.9
6688 for the graphical user interface is missing in Debian, the command
6689 line client builds just fine. Hopefully Jonas
6690 <a href=
"http://bugs.debian.org/
578157">will get the package into
6691 Debian
</a
> soon.
</p
>
6693 <p
>Bitcoins can be converted to other currencies, like USD and EUR.
6694 There are
<a href=
"http://www.bitcoin.org/trade
">companies accepting
6695 bitcoins
</a
> when selling services and goods, and there are even
6696 currency
"stock
" markets where the exchange rate is decided. There
6697 are not many users so far, but the concept seems promising. If you
6698 want to get started and lack a friend with any bitcoins to spare,
6700 <a href=
"https://freebitcoins.appspot.com/
">some for free
</a
> (
0.05
6701 bitcoin at the time of writing). Use
6702 <a href=
"http://www.bitcoinwatch.com/
">BitcoinWatch
</a
> to keep an eye
6703 on the current exchange rates.
</p
>
6705 <p
>As an experiment, I have decided to set up bitcoind on one of my
6706 machines. If you want to support my activity, please send Bitcoin
6707 donations to the address
6708 <b
>15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</b
>. Thank you!
</p
>
6713 <title>Why isn
't Debian Edu using VLC?
</title>
6714 <link>http://people.skolelinux.org/pere/blog/Why_isn_t_Debian_Edu_using_VLC_.html
</link>
6715 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Why_isn_t_Debian_Edu_using_VLC_.html
</guid>
6716 <pubDate>Sat,
27 Nov
2010 11:
30:
00 +
0100</pubDate>
6717 <description><p
>In the latest issue of Linux Journal, the readers choices were
6718 presented, and the winner among the multimedia player were VLC.
6719 Personally, I like VLC, and it is my player of choice when I first try
6720 to play a video file or stream. Only if VLC fail will I drag out
6721 gmplayer to see if it can do better. The reason is mostly the failure
6722 model and trust. When VLC fail, it normally pop up a error message
6723 reporting the problem. When mplayer fail, it normally segfault or
6724 just hangs. The latter failure mode drain my trust in the program.
<p
>
6726 <p
>But even if VLC is my player of choice, we have choosen to use
6727 mplayer in
<a href=
"http://www.skolelinux.org/
">Debian
6728 Edu/Skolelinux
</a
>. The reason is simple. We need a good browser
6729 plugin to play web videos seamlessly, and the VLC browser plugin is
6730 not very good. For example, it lack in-line control buttons, so there
6731 is no way for the user to pause the video. Also, when I
6732 <a href=
"http://wiki.debian.org/DebianEdu/BrowserMultimedia
">last
6733 tested the browser plugins
</a
> available in Debian, the VLC plugin
6734 failed on several video pages where mplayer based plugins worked. If
6735 the browser plugin for VLC was as good as the gecko-mediaplayer
6736 package (which uses mplayer), we would switch.
</P
>
6738 <p
>While VLC is a good player, its user interface is slightly
6739 annoying. The most annoying feature is its inconsistent use of
6740 keyboard shortcuts. When the player is in full screen mode, its
6741 shortcuts are different from when it is playing the video in a window.
6742 For example, space only work as pause when in full screen mode. I
6743 wish it had consisten shortcuts and that space also would work when in
6744 window mode. Another nice shortcut in gmplayer is [enter] to restart
6745 the current video. It is very nice when playing short videos from the
6746 web and want to restart it when new people arrive to have a look at
6747 what is going on.
</p
>
6752 <title>Lenny-
>Squeeze upgrades of the Gnome and KDE desktop, now with apt-get autoremove
</title>
6753 <link>http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades_of_the_Gnome_and_KDE_desktop__now_with_apt_get_autoremove.html
</link>
6754 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades_of_the_Gnome_and_KDE_desktop__now_with_apt_get_autoremove.html
</guid>
6755 <pubDate>Mon,
22 Nov
2010 14:
15:
00 +
0100</pubDate>
6756 <description><p
>Michael Biebl suggested to me on IRC, that I changed my automated
6757 upgrade testing of the
6758 <a href=
"http://people.skolelinux.org/~pere/debian-upgrade-testing/
">Lenny
6759 Gnome and KDE Desktop
</a
> to do
<tt
>apt-get autoremove
</tt
> when using apt-get.
6760 This seem like a very good idea, so I adjusted by test scripts and
6761 can now present the updated result from today:
</p
>
6763 <p
>This is for Gnome:
</p
>
6765 <p
>Installed using apt-get, missing with aptitude
</p
>
6767 <blockquote
><p
>
6772 browser-plugin-gnash
6779 freedesktop-sound-theme
6781 gconf-defaults-service
6796 gnome-desktop-environment
6800 gnome-session-canberra
6805 gstreamer0.10-fluendo-mp3
6811 libapache2-mod-dnssd
6814 libaprutil1-dbd-sqlite3
6817 libboost-date-time1.42
.0
6818 libboost-python1.42
.0
6819 libboost-thread1.42
.0
6821 libchamplain-gtk-
0.4-
0
6823 libclutter-gtk-
0.10-
0
6830 libfreerdp-plugins-standard
6845 libgnomepanel2.24-cil
6850 libgtksourceview2.0-common
6851 libmono-addins-gui0.2-cil
6852 libmono-addins0.2-cil
6853 libmono-cairo2.0-cil
6854 libmono-corlib2.0-cil
6855 libmono-i18n-west2.0-cil
6856 libmono-posix2.0-cil
6857 libmono-security2.0-cil
6858 libmono-sharpzip2.84-cil
6859 libmono-system2.0-cil
6862 libndesk-dbus-glib1.0-cil
6863 libndesk-dbus1.0-cil
6873 libtelepathy-farsight0
6882 nautilus-sendto-empathy
6886 python-aptdaemon-gtk
6888 python-beautifulsoup
6903 python-gtksourceview2
6914 python-pkg-resources
6921 python-twisted-conch
6927 python-zope.interface
6932 rhythmbox-plugin-cdrecorder
6939 system-config-printer-udev
6941 telepathy-mission-control-
5
6952 </p
></blockquote
>
6954 <p
>Installed using apt-get, removed with aptitude
</p
>
6956 <blockquote
><p
>
6962 fast-user-switch-applet
6981 libgtksourceview2.0-
0
6983 libsdl1.2debian-alsa
6989 system-config-printer
6994 </p
></blockquote
>
6996 <p
>Installed using aptitude, missing with apt-get
</p
>
6998 <blockquote
><p
>
6999 gstreamer0.10-gnomevfs
7000 </p
></blockquote
>
7002 <p
>Installed using aptitude, removed with apt-get
</p
>
7004 <blockquote
><p
>
7006 </p
></blockquote
>
7008 <p
>This is for KDE:
</p
>
7010 <p
>Installed using apt-get, missing with aptitude
</p
>
7012 <blockquote
><p
>
7014 </p
></blockquote
>
7016 <p
>Installed using apt-get, removed with aptitude
</p
>
7018 <blockquote
><p
>
7021 </p
></blockquote
>
7023 <p
>Installed using aptitude, missing with apt-get
</p
>
7025 <blockquote
><p
>
7039 kdeartwork-emoticons
7041 kdeartwork-theme-icon
7045 kdebase-workspace-bin
7046 kdebase-workspace-data
7060 kscreensaver-xsavers
7075 plasma-dataengines-workspace
7077 plasma-desktopthemes-artwork
7078 plasma-runners-addons
7079 plasma-scriptengine-googlegadgets
7080 plasma-scriptengine-python
7081 plasma-scriptengine-qedje
7082 plasma-scriptengine-ruby
7083 plasma-scriptengine-webkit
7084 plasma-scriptengines
7085 plasma-wallpapers-addons
7086 plasma-widget-folderview
7087 plasma-widget-networkmanagement
7091 xscreensaver-data-extra
7093 xscreensaver-gl-extra
7094 xscreensaver-screensaver-bsod
7095 </p
></blockquote
>
7097 <p
>Installed using aptitude, removed with apt-get
</p
>
7099 <blockquote
><p
>
7101 google-gadgets-common
7119 libggadget-qt-
1.0-
0b
7124 libkonqsidebarplugin4a
7133 libplasma-geolocation-interface4
7135 libplasmagenericshell4
7149 libsmokeknewstuff2-
3
7150 libsmokeknewstuff3-
3
7152 libsmokektexteditor3
7160 libsmokeqtnetwork4-
3
7166 libsmokeqtuitools4-
3
7178 plasma-dataengines-addons
7179 plasma-scriptengine-superkaramba
7180 plasma-widget-lancelot
7181 plasma-widgets-addons
7182 plasma-widgets-workspace
7186 update-notifier-common
7187 </p
></blockquote
>
7189 <p
>Running apt-get autoremove made the results using apt-get and
7190 aptitude a bit more similar, but there are still quite a lott of
7191 differences. I have no idea what packages should be installed after
7192 the upgrade, but hope those that do can have a look.
</p
>
7197 <title>Migrating Xen virtual machines using LVM to KVM using disk images
</title>
7198 <link>http://people.skolelinux.org/pere/blog/Migrating_Xen_virtual_machines_using_LVM_to_KVM_using_disk_images.html
</link>
7199 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Migrating_Xen_virtual_machines_using_LVM_to_KVM_using_disk_images.html
</guid>
7200 <pubDate>Mon,
22 Nov
2010 11:
20:
00 +
0100</pubDate>
7201 <description><p
>Most of the computers in use by the
7202 <a href=
"http://www.skolelinux.org/
">Debian Edu/Skolelinux project
</a
>
7203 are virtual machines. And they have been Xen machines running on a
7204 fairly old IBM eserver xseries
345 machine, and we wanted to migrate
7205 them to KVM on a newer Dell PowerEdge
2950 host machine. This was a
7206 bit harder that it could have been, because we set up the Xen virtual
7207 machines to get the virtual partitions from LVM, which as far as I
7208 know is not supported by KVM. So to migrate, we had to convert
7209 several LVM logical volumes to partitions on a virtual disk file.
</p
>
7212 <a href=
"http://searchnetworking.techtarget.com.au/articles/
35011-Six-steps-for-migrating-Xen-virtual-machines-to-KVM
">a
7213 nice recipe
</a
> to do this, and wrote the following script to do the
7214 migration. It uses qemu-img from the qemu package to make the disk
7215 image, parted to partition it, losetup and kpartx to present the disk
7216 image partions as devices, and dd to copy the data. I NFS mounted the
7217 new servers storage area on the old server to do the migration.
</p
>
7223 # http://searchnetworking.techtarget.com.au/articles/
35011-Six-steps-for-migrating-Xen-virtual-machines-to-KVM
7228 if [ -z
"$
1" ] ; then
7229 echo
"Usage: $
0 &lt;hostname
&gt;
"
7235 if [ ! -e /dev/vg_data/$host-disk ] ; then
7236 echo
"error: unable to find LVM volume for $host
"
7240 # Partitions need to be a bit bigger than the LVM LVs. not sure why.
7241 disksize=$( lvs --units m | grep $host-disk | awk
'{sum = sum + $
4} END { print int(sum *
1.05) }
')
7242 swapsize=$( lvs --units m | grep $host-swap | awk
'{sum = sum + $
4} END { print int(sum *
1.05) }
')
7243 totalsize=$(( ( $disksize + $swapsize ) ))
7246 #dd if=/dev/zero of=$img bs=
1M count=$(( $disksize + $swapsize ))
7247 qemu-img create $img ${totalsize}MMaking room on the Debian Edu/Sqeeze DVD
7249 parted $img mklabel msdos
7250 parted $img mkpart primary linux-swap
0 $disksize
7251 parted $img mkpart primary ext2 $disksize $totalsize
7252 parted $img set
1 boot on
7255 losetup /dev/loop0 $img
7256 kpartx -a /dev/loop0
7258 dd if=/dev/vg_data/$host-disk of=/dev/mapper/loop0p1 bs=
1M
7259 fsck.ext3 -f /dev/mapper/loop0p1 || true
7260 mkswap /dev/mapper/loop0p2
7262 kpartx -d /dev/loop0
7263 losetup -d /dev/loop0
7266 <p
>The script is perhaps so simple that it is not copyrightable, but
7267 if it is, it is licenced using GPL v2 or later at your discretion.
</p
>
7269 <p
>After doing this, I booted a Debian CD in rescue mode in KVM with
7270 the new disk image attached, installed grub-pc and linux-image-
686 and
7271 set up grub to boot from the disk image. After this, the KVM machines
7272 seem to work just fine.
</p
>
7277 <title>Lenny-
>Squeeze upgrades, apt vs aptitude with the Gnome and KDE desktop
</title>
7278 <link>http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__apt_vs_aptitude_with_the_Gnome_and_KDE_desktop.html
</link>
7279 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__apt_vs_aptitude_with_the_Gnome_and_KDE_desktop.html
</guid>
7280 <pubDate>Sat,
20 Nov
2010 22:
50:
00 +
0100</pubDate>
7281 <description><p
>I
'm still running upgrade testing of the
7282 <a href=
"http://people.skolelinux.org/~pere/debian-upgrade-testing/
">Lenny
7283 Gnome and KDE Desktop
</a
>, but have not had time to spend on reporting the
7284 status. Here is a short update based on a test I ran
20101118.
</p
>
7286 <p
>I still do not know what a correct migration should look like, so I
7287 report any differences between apt and aptitude and hope someone else
7288 can see if anything should be changed.
</p
>
7290 <p
>This is for Gnome:
</p
>
7292 <p
>Installed using apt-get, missing with aptitude
</p
>
7294 <blockquote
><p
>
7295 apache2.2-bin aptdaemon at-spi baobab binfmt-support
7296 browser-plugin-gnash cheese-common cli-common cpp-
4.3 cups-pk-helper
7297 dmz-cursor-theme empathy empathy-common finger
7298 freedesktop-sound-theme freeglut3 gconf-defaults-service gdm-themes
7299 gedit-plugins geoclue geoclue-hostip geoclue-localnet geoclue-manual
7300 geoclue-yahoo gnash gnash-common gnome gnome-backgrounds
7301 gnome-cards-data gnome-codec-install gnome-core
7302 gnome-desktop-environment gnome-disk-utility gnome-screenshot
7303 gnome-search-tool gnome-session-canberra gnome-spell
7304 gnome-system-log gnome-themes-extras gnome-themes-more
7305 gnome-user-share gs-common gstreamer0.10-fluendo-mp3
7306 gstreamer0.10-tools gtk2-engines gtk2-engines-pixbuf
7307 gtk2-engines-smooth hal-info hamster-applet libapache2-mod-dnssd
7308 libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap
7309 libart2.0-cil libatspi1.0-
0 libboost-date-time1.42
.0
7310 libboost-python1.42
.0 libboost-thread1.42
.0 libchamplain-
0.4-
0
7311 libchamplain-gtk-
0.4-
0 libcheese-gtk18 libclutter-gtk-
0.10-
0
7312 libcryptui0 libcupsys2 libdiscid0 libeel2-data libelf1 libepc-
1.0-
2
7313 libepc-common libepc-ui-
1.0-
2 libfreerdp-plugins-standard
7314 libfreerdp0 libgail-common libgconf2.0-cil libgdata-common libgdata7
7315 libgdl-
1-common libgdu-gtk0 libgee2 libgeoclue0 libgexiv2-
0 libgif4
7316 libglade2.0-cil libglib2.0-cil libgmime2.4-cil libgnome-vfs2.0-cil
7317 libgnome2.24-cil libgnomepanel2.24-cil libgnomeprint2.2-data
7318 libgnomeprintui2.2-common libgnomevfs2-bin libgpod-common libgpod4
7319 libgtk2.0-cil libgtkglext1 libgtksourceview-common
7320 libgtksourceview2.0-common libmono-addins-gui0.2-cil
7321 libmono-addins0.2-cil libmono-cairo2.0-cil libmono-corlib2.0-cil
7322 libmono-i18n-west2.0-cil libmono-posix2.0-cil
7323 libmono-security2.0-cil libmono-sharpzip2.84-cil
7324 libmono-system2.0-cil libmtp8 libmusicbrainz3-
6
7325 libndesk-dbus-glib1.0-cil libndesk-dbus1.0-cil libopal3.6
.8
7326 libpolkit-gtk-
1-
0 libpt-
1.10.10-plugins-alsa
7327 libpt-
1.10.10-plugins-v4l libpt2.6
.7 libpython2.6 librpm1 librpmio1
7328 libsdl1.2debian libservlet2.4-java libsrtp0 libssh-
4
7329 libtelepathy-farsight0 libtelepathy-glib0 libtidy-
0.99-
0
7330 libxalan2-java libxerces2-java media-player-info mesa-utils
7331 mono-
2.0-gac mono-gac mono-runtime nautilus-sendto
7332 nautilus-sendto-empathy openoffice.org-writer2latex
7333 openssl-blacklist p7zip p7zip-full pkg-config python-
4suite-xml
7334 python-aptdaemon python-aptdaemon-gtk python-axiom
7335 python-beautifulsoup python-bugbuddy python-clientform
7336 python-coherence python-configobj python-crypto python-cupshelpers
7337 python-cupsutils python-eggtrayicon python-elementtree
7338 python-epsilon python-evolution python-feedparser python-gdata
7339 python-gdbm python-gst0.10 python-gtkglext1 python-gtkmozembed
7340 python-gtksourceview2 python-httplib2 python-louie python-mako
7341 python-markupsafe python-mechanize python-nevow python-notify
7342 python-opengl python-openssl python-pam python-pkg-resources
7343 python-pyasn1 python-pysqlite2 python-rdflib python-serial
7344 python-tagpy python-twisted-bin python-twisted-conch
7345 python-twisted-core python-twisted-web python-utidylib python-webkit
7346 python-xdg python-zope.interface remmina remmina-plugin-data
7347 remmina-plugin-rdp remmina-plugin-vnc rhythmbox-plugin-cdrecorder
7348 rhythmbox-plugins rpm-common rpm2cpio seahorse-plugins shotwell
7349 software-center svgalibg1 system-config-printer-udev
7350 telepathy-gabble telepathy-mission-control-
5 telepathy-salut tomboy
7351 totem totem-coherence totem-mozilla totem-plugins
7352 transmission-common xdg-user-dirs xdg-user-dirs-gtk xserver-xephyr
7354 </p
></blockquote
>
7356 Installed using apt-get, removed with aptitude
7358 <blockquote
><p
>
7359 arj bluez-utils cheese dhcdbd djvulibre-desktop ekiga eog
7360 epiphany-extensions epiphany-gecko evolution-exchange
7361 fast-user-switch-applet file-roller gcalctool gconf-editor gdm gedit
7362 gedit-common gnome-app-install gnome-games gnome-games-data
7363 gnome-nettool gnome-system-tools gnome-themes gnome-utils
7364 gnome-vfs-obexftp gnome-volume-manager gnuchess gucharmap
7365 guile-
1.8-libs hal libavahi-compat-libdnssd1 libavahi-core5
7366 libavahi-ui0 libbind9-
50 libbluetooth2 libcamel1.2-
11 libcdio7
7367 libcucul0 libcurl3 libdirectfb-
1.0-
0 libdmx1 libdvdread3
7368 libedata-cal1.2-
6 libedataserver1.2-
9 libeel2-
2.20 libepc-
1.0-
1
7369 libepc-ui-
1.0-
1 libexchange-storage1.2-
3 libfaad0 libgadu3
7370 libgalago3 libgd2-noxpm libgda3-
3 libgda3-common libggz2 libggzcore9
7371 libggzmod4 libgksu1.2-
0 libgksuui1.0-
1 libgmyth0 libgnome-desktop-
2
7372 libgnome-pilot2 libgnomecups1.0-
1 libgnomeprint2.2-
0
7373 libgnomeprintui2.2-
0 libgpod3 libgraphviz4 libgtk-vnc-
1.0-
0
7374 libgtkhtml2-
0 libgtksourceview1.0-
0 libgtksourceview2.0-
0
7375 libgucharmap6 libhesiod0 libicu38 libisccc50 libisccfg50 libiw29
7376 libjaxp1.3-java-gcj libkpathsea4 liblircclient0 libltdl3 liblwres50
7377 libmagick++
10 libmagick10 libmalaga7 libmozjs1d libmpfr1ldbl libmtp7
7378 libmysqlclient15off libnautilus-burn4 libneon27 libnm-glib0
7379 libnm-util0 libopal-
2.2 libosp5 libparted1.8-
10 libpisock9
7380 libpisync1 libpoppler-glib3 libpoppler3 libpt-
1.10.10 libraw1394-
8
7381 libsdl1.2debian-alsa libsensors3 libsexy2 libsmbios2 libsoup2.2-
8
7382 libspeexdsp1 libssh2-
1 libsuitesparse-
3.1.0 libsvga1
7383 libswfdec-
0.6-
90 libtalloc1 libtotem-plparser10 libtrackerclient0
7384 libvoikko1 libxalan2-java-gcj libxerces2-java-gcj libxklavier12
7385 libxtrap6 libxxf86misc1 libzephyr3 mysql-common rhythmbox seahorse
7386 sound-juicer swfdec-gnome system-config-printer totem-common
7387 totem-gstreamer transmission-gtk vinagre vino w3c-dtd-xhtml wodim
7388 </p
></blockquote
>
7390 <p
>Installed using aptitude, missing with apt-get
</p
>
7392 <blockquote
><p
>
7393 gstreamer0.10-gnomevfs
7394 </p
></blockquote
>
7396 <p
>Installed using aptitude, removed with apt-get
</p
>
7398 <blockquote
><p
>
7400 </p
></blockquote
>
7402 <p
>This is for KDE:
</p
>
7404 <p
>Installed using apt-get, missing with aptitude
</p
>
7406 <blockquote
><p
>
7407 autopoint bomber bovo cantor cantor-backend-kalgebra cpp-
4.3 dcoprss
7408 edict espeak espeak-data eyesapplet fifteenapplet finger gettext
7409 ghostscript-x git gnome-audio gnugo granatier gs-common
7410 gstreamer0.10-pulseaudio indi kaddressbook-plugins kalgebra
7411 kalzium-data kanjidic kapman kate-plugins kblocks kbreakout kbstate
7412 kde-icons-mono kdeaccessibility kdeaddons-kfile-plugins
7413 kdeadmin-kfile-plugins kdeartwork-misc kdeartwork-theme-window
7414 kdeedu kdeedu-data kdeedu-kvtml-data kdegames kdegames-card-data
7415 kdegames-mahjongg-data kdegraphics-kfile-plugins kdelirc
7416 kdemultimedia-kfile-plugins kdenetwork-kfile-plugins
7417 kdepim-kfile-plugins kdepim-kio-plugins kdessh kdetoys kdewebdev
7418 kdiamond kdnssd kfilereplace kfourinline kgeography-data kigo
7419 killbots kiriki klettres-data kmoon kmrml knewsticker-scripts
7420 kollision kpf krosspython ksirk ksmserver ksquares kstars-data
7421 ksudoku kubrick kweather libasound2-plugins libboost-python1.42
.0
7422 libcfitsio3 libconvert-binhex-perl libcrypt-ssleay-perl libdb4.6++
7423 libdjvulibre-text libdotconf1.0 liberror-perl libespeak1
7424 libfinance-quote-perl libgail-common libgsl0ldbl libhtml-parser-perl
7425 libhtml-tableextract-perl libhtml-tagset-perl libhtml-tree-perl
7426 libio-stringy-perl libkdeedu4 libkdegames5 libkiten4 libkpathsea5
7427 libkrossui4 libmailtools-perl libmime-tools-perl
7428 libnews-nntpclient-perl libopenbabel3 libportaudio2 libpulse-browse0
7429 libservlet2.4-java libspeechd2 libtiff-tools libtimedate-perl
7430 libunistring0 liburi-perl libwww-perl libxalan2-java libxerces2-java
7431 lirc luatex marble networkstatus noatun-plugins
7432 openoffice.org-writer2latex palapeli palapeli-data parley
7433 parley-data poster psutils pulseaudio pulseaudio-esound-compat
7434 pulseaudio-module-x11 pulseaudio-utils quanta-data rocs rsync
7435 speech-dispatcher step svgalibg1 texlive-binaries texlive-luatex
7437 </p
></blockquote
>
7439 <p
>Installed using apt-get, removed with aptitude
</p
>
7441 <blockquote
><p
>
7442 amor artsbuilder atlantik atlantikdesigner blinken bluez-utils cvs
7443 dhcdbd djvulibre-desktop imlib-base imlib11 kalzium kanagram kandy
7444 kasteroids katomic kbackgammon kbattleship kblackbox kbounce kbruch
7445 kcron kdat kdemultimedia-kappfinder-data kdeprint kdict kdvi kedit
7446 keduca kenolaba kfax kfaxview kfouleggs kgeography kghostview
7447 kgoldrunner khangman khexedit kiconedit kig kimagemapeditor
7448 kitchensync kiten kjumpingcube klatin klettres klickety klines
7449 klinkstatus kmag kmahjongg kmailcvt kmenuedit kmid kmilo kmines
7450 kmousetool kmouth kmplot knetwalk kodo kolf kommander konquest kooka
7451 kpager kpat kpdf kpercentage kpilot kpoker kpovmodeler krec
7452 kregexpeditor kreversi ksame ksayit kshisen ksig ksim ksirc ksirtet
7453 ksmiletris ksnake ksokoban kspaceduel kstars ksvg ksysv kteatime
7454 ktip ktnef ktouch ktron kttsd ktuberling kturtle ktux kuickshow
7455 kverbos kview kviewshell kvoctrain kwifimanager kwin kwin4 kwordquiz
7456 kworldclock kxsldbg libakode2 libarts1-akode libarts1-audiofile
7457 libarts1-mpeglib libarts1-xine libavahi-compat-libdnssd1
7458 libavahi-core5 libavc1394-
0 libbind9-
50 libbluetooth2
7459 libboost-python1.34
.1 libcucul0 libcurl3 libcvsservice0
7460 libdirectfb-
1.0-
0 libdjvulibre21 libdvdread3 libfaad0 libfreebob0
7461 libgd2-noxpm libgraphviz4 libgsmme1c2a libgtkhtml2-
0 libicu38
7462 libiec61883-
0 libindex0 libisccc50 libisccfg50 libiw29
7463 libjaxp1.3-java-gcj libk3b3 libkcal2b libkcddb1 libkdeedu3
7464 libkdegames1 libkdepim1a libkgantt0 libkleopatra1 libkmime2
7465 libkpathsea4 libkpimexchange1 libkpimidentities1 libkscan1
7466 libksieve0 libktnef1 liblockdev1 libltdl3 liblwres50 libmagick10
7467 libmimelib1c2a libmodplug0c2 libmozjs1d libmpcdec3 libmpfr1ldbl
7468 libneon27 libnm-util0 libopensync0 libpisock9 libpoppler-glib3
7469 libpoppler-qt2 libpoppler3 libraw1394-
8 librss1 libsensors3
7470 libsmbios2 libssh2-
1 libsuitesparse-
3.1.0 libswfdec-
0.6-
90
7471 libtalloc1 libxalan2-java-gcj libxerces2-java-gcj libxtrap6 lskat
7472 mpeglib network-manager-kde noatun pmount tex-common texlive-base
7473 texlive-common texlive-doc-base texlive-fonts-recommended tidy
7474 ttf-dustin ttf-kochi-gothic ttf-sjfonts
7475 </p
></blockquote
>
7477 <p
>Installed using aptitude, missing with apt-get
</p
>
7479 <blockquote
><p
>
7480 dolphin kde-core kde-plasma-desktop kde-standard kde-window-manager
7481 kdeartwork kdebase kdebase-apps kdebase-workspace
7482 kdebase-workspace-bin kdebase-workspace-data kdeutils kscreensaver
7483 kscreensaver-xsavers libgle3 libkonq5 libkonq5-templates libnetpbm10
7484 netpbm plasma-widget-folderview plasma-widget-networkmanagement
7485 xscreensaver-data-extra xscreensaver-gl xscreensaver-gl-extra
7486 xscreensaver-screensaver-bsod
7487 </p
></blockquote
>
7489 <p
>Installed using aptitude, removed with apt-get
</p
>
7491 <blockquote
><p
>
7492 kdebase-bin konq-plugins konqueror
7493 </p
></blockquote
>
7498 <title>Gnash buildbot slave and Debian kfreebsd
</title>
7499 <link>http://people.skolelinux.org/pere/blog/Gnash_buildbot_slave_and_Debian_kfreebsd.html
</link>
7500 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Gnash_buildbot_slave_and_Debian_kfreebsd.html
</guid>
7501 <pubDate>Sat,
20 Nov
2010 07:
20:
00 +
0100</pubDate>
7502 <description><p
>Answering
7503 <a href=
"http://www.listware.net/
201011/gnash-dev/
67431-gnash-dev-buildbot-looking-for-slaves.html
">the
7504 call from the Gnash project
</a
> for
7505 <a href=
"http://www.gnashdev.org:
8010">buildbot
</a
> slaves to test the
7506 current source, I have set up a virtual KVM machine on the Debian
7507 Edu/Skolelinux virtualization host to test the git source on
7508 Debian/Squeeze. I hope this can help the developers in getting new
7509 releases out more often.
</p
>
7511 <p
>As the developers want less main-stream build platforms tested to,
7512 I have considered setting up a
<a
7513 href=
"http://www.debian.org/ports/kfreebsd-gnu/
">Debian/kfreebsd
</a
>
7514 machine as well. I have also considered using the kfreebsd
7515 architecture in Debian as a file server in NUUG to get access to the
5
7516 TB zfs volume we currently use to store DV video. Because of this, I
7517 finally got around to do a test installation of Debian/Squeeze with
7518 kfreebsd. Installation went fairly smooth, thought I noticed some
7519 visual glitches in the cdebconf dialogs (black cursor left on the
7520 screen at random locations). Have not gotten very far with the
7521 testing. Noticed cfdisk did not work, but fdisk did so it was not a
7522 fatal problem. Have to spend some more time on it to see if it is
7523 useful as a file server for NUUG. Will try to find time to set up a
7524 gnash buildbot slave on the Debian Edu/Skolelinux this weekend.
</p
>
7529 <title>Debian in
3D
</title>
7530 <link>http://people.skolelinux.org/pere/blog/Debian_in_3D.html
</link>
7531 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_in_3D.html
</guid>
7532 <pubDate>Tue,
9 Nov
2010 16:
10:
00 +
0100</pubDate>
7533 <description><p
><img src=
"http://thingiverse-production.s3.amazonaws.com/renders/
23/e0/c4/f9/
2b/debswagtdose_preview_medium.jpg
"></p
>
7535 <p
>3D printing is just great. I just came across this Debian logo in
7537 <a href=
"http://blog.thingiverse.com/
2010/
11/
09/participatory-branding/
">the
7538 thingiverse blog
</a
>.
</p
>
7543 <title>Software updates
2010-
10-
24</title>
7544 <link>http://people.skolelinux.org/pere/blog/Software_updates_2010_10_24.html
</link>
7545 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Software_updates_2010_10_24.html
</guid>
7546 <pubDate>Sun,
24 Oct
2010 22:
45:
00 +
0200</pubDate>
7547 <description><p
>Some updates.
</p
>
7549 <p
>My
<a href=
"http://pledgebank.com/gnash-avm2
">gnash pledge
</a
> to
7550 raise money for the project is going well. The lower limit of
10
7551 signers was reached in
24 hours, and so far
13 people have signed it.
7552 More signers and more funding is most welcome, and I am really curious
7553 how far we can get before the time limit of December
24 is reached.
7556 <p
>On the #gnash IRC channel on irc.freenode.net, I was just tipped
7557 about what appear to be a great code coverage tool capable of
7558 generating code coverage stats without any changes to the source code.
7560 <a href=
"http://simonkagstrom.github.com/kcov/index.html
">kcov
</a
>,
7561 and can be used using
<tt
>kcov
&lt;directory
&gt;
&lt;binary
&gt;
</tt
>.
7562 It is missing in Debian, but the git source built just fine in Squeeze
7563 after I installed libelf-dev, libdwarf-dev, pkg-config and
7564 libglib2.0-dev. Failed to build in Lenny, but suspect that is
7565 solvable. I hope kcov make it into Debian soon.
</p
>
7567 <p
>Finally found time to wrap up the release notes for
<a
7568 href=
"http://lists.debian.org/debian-edu-announce/
2010/
10/msg00002.html
">a
7569 new alpha release of Debian Edu
</a
>, and just published the second
7570 alpha test release of the Squeeze based Debian Edu /
7571 <a href=
"http://www.skolelinux.org/
">Skolelinux
</a
>
7572 release. Give it a try if you need a complete linux solution for your
7573 school, including central infrastructure server, workstations, thin
7574 client servers and diskless workstations. A nice touch added
7575 yesterday is RDP support on the thin client servers, for windows
7576 clients to get a Linux desktop on request.
</p
>
7581 <title>Some notes on Flash in Debian and Debian Edu
</title>
7582 <link>http://people.skolelinux.org/pere/blog/Some_notes_on_Flash_in_Debian_and_Debian_Edu.html
</link>
7583 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Some_notes_on_Flash_in_Debian_and_Debian_Edu.html
</guid>
7584 <pubDate>Sat,
4 Sep
2010 10:
10:
00 +
0200</pubDate>
7585 <description><p
>In the
<a href=
"http://popcon.debian.org/unknown/by_vote
">Debian
7586 popularity-contest numbers
</a
>, the adobe-flashplugin package the
7587 second most popular used package that is missing in Debian. The sixth
7588 most popular is flashplayer-mozilla. This is a clear indication that
7589 working flash is important for Debian users. Around
10 percent of the
7590 users submitting data to popcon.debian.org have this package
7591 installed.
</p
>
7593 <p
>In the report written by Lars Risan in August
2008
7594 («
<a href=
"http://wiki.skolelinux.no/Dokumentasjon/Rapporter?action=AttachFile
&do=view
&target=Skolelinux_i_bruk_rapport_1.0.pdf
">Skolelinux
7595 i bruk – Rapport for Hurum kommune, Universitetet i Agder og
7596 stiftelsen SLX Debian Labs
</a
>»), one of the most important problems
7597 schools experienced with
<a href=
"http://www.skolelinux.org/
">Debian
7598 Edu/Skolelinux
</a
> was the lack of working Flash. A lot of educational
7599 web sites require Flash to work, and lacking working Flash support in
7600 the web browser and the problems with installing it was perceived as a
7601 good reason to stay with Windows.
</p
>
7603 <p
>I once saw a funny and sad comment in a web forum, where Linux was
7604 said to be the retarded cousin that did not really understand
7605 everything you told him but could work fairly well. This was a
7606 comment regarding the problems Linux have with proprietary formats and
7607 non-standard web pages, and is sad because it exposes a fairly common
7608 understanding of whose fault it is if web pages that only work in for
7609 example Internet Explorer
6 fail to work on Firefox, and funny because
7610 it explain very well how annoying it is for users when Linux
7611 distributions do not work with the documents they receive or the web
7612 pages they want to visit.
</p
>
7614 <p
>This is part of the reason why I believe it is important for Debian
7615 and Debian Edu to have a well working Flash implementation in the
7616 distribution, to get at least popular sites as Youtube and Google
7617 Video to working out of the box. For Squeeze, Debian have the chance
7618 to include the latest version of Gnash that will make this happen, as
7619 the new release
0.8.8 was published a few weeks ago and is resting in
7620 unstable. The new version work with more sites that version
0.8.7.
7621 The Gnash maintainers have asked for a freeze exception, but the
7622 release team have not had time to reply to it yet. I hope they agree
7623 with me that Flash is important for the Debian desktop users, and thus
7624 accept the new package into Squeeze.
</p
>
7629 <title>Circular package dependencies harms apt recovery
</title>
7630 <link>http://people.skolelinux.org/pere/blog/Circular_package_dependencies_harms_apt_recovery.html
</link>
7631 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Circular_package_dependencies_harms_apt_recovery.html
</guid>
7632 <pubDate>Tue,
27 Jul
2010 23:
50:
00 +
0200</pubDate>
7633 <description><p
>I discovered this while doing
7634 <a href=
"http://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html
">automated
7635 testing of upgrades from Debian Lenny to Squeeze
</a
>. A few packages
7636 in Debian still got circular dependencies, and it is often claimed
7637 that apt and aptitude should be able to handle this just fine, but
7638 some times these dependency loops causes apt to fail.
</p
>
7640 <p
>An example is from todays
7641 <a href=
"http://people.skolelinux.org/~pere/debian-upgrade-testing//test-
20100727-lenny-squeeze-kde-aptitude.txt
">upgrade
7642 of KDE using aptitude
</a
>. In it, a bug in kdebase-workspace-data
7643 causes perl-modules to fail to upgrade. The cause is simple. If a
7644 package fail to unpack, then only part of packages with the circular
7645 dependency might end up being unpacked when unpacking aborts, and the
7646 ones already unpacked will fail to configure in the recovery phase
7647 because its dependencies are unavailable.
</p
>
7649 <p
>In this log, the problem manifest itself with this error:
</p
>
7651 <blockquote
><pre
>
7652 dpkg: dependency problems prevent configuration of perl-modules:
7653 perl-modules depends on perl (
>=
5.10.1-
1); however:
7654 Version of perl on system is
5.10.0-
19lenny
2.
7655 dpkg: error processing perl-modules (--configure):
7656 dependency problems - leaving unconfigured
7657 </pre
></blockquote
>
7659 <p
>The perl/perl-modules circular dependency is already
7660 <a href=
"http://bugs.debian.org/
527917">reported as a bug
</a
>, and will
7661 hopefully be solved as soon as possible, but it is not the only one,
7662 and each one of these loops in the dependency tree can cause similar
7663 failures. Of course, they only occur when there are bugs in other
7664 packages causing the unpacking to fail, but it is rather nasty when
7665 the failure of one package causes the problem to become worse because
7666 of dependency loops.
</p
>
7669 <a href=
"http://lists.debian.org/debian-devel/
2010/
06/msg00116.html
">the
7670 tireless effort by Bill Allombert
</a
>, the number of circular
7672 <a href=
"http://debian.semistable.com/debgraph.out.html
">left in Debian
7673 is dropping
</a
>, and perhaps it will reach zero one day. :)
</p
>
7675 <p
>Todays testing also exposed a bug in
7676 <a href=
"http://bugs.debian.org/
590605">update-notifier
</a
> and
7677 <a href=
"http://bugs.debian.org/
590604">different behaviour
</a
> between
7678 apt-get and aptitude, the latter possibly caused by some circular
7679 dependency. Reported both to BTS to try to get someone to look at
7685 <title>What are they searching for - PowerDNS and ISC DHCP in LDAP
</title>
7686 <link>http://people.skolelinux.org/pere/blog/What_are_they_searching_for___PowerDNS_and_ISC_DHCP_in_LDAP.html
</link>
7687 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/What_are_they_searching_for___PowerDNS_and_ISC_DHCP_in_LDAP.html
</guid>
7688 <pubDate>Sat,
17 Jul
2010 21:
00:
00 +
0200</pubDate>
7689 <description><p
>This is a
7690 <a href=
"http://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
">followup
</a
>
7692 <a href=
"http://people.skolelinux.org/pere/blog/Idea_for_a_change_to_LDAP_schemas_allowing_DNS_and_DHCP_info_to_be_combined_into_one_object.html
">previous
7694 <a href=
"http://people.skolelinux.org/pere/blog/Combining_PowerDNS_and_ISC_DHCP_LDAP_objects.html
">merging
7695 all
</a
> the computer related LDAP objects in Debian Edu.
</p
>
7697 <p
>As a step to try to see if it possible to merge the DNS and DHCP
7698 LDAP objects, I have had a look at how the packages pdns-backend-ldap
7699 and dhcp3-server-ldap in Debian use the LDAP server. The two
7700 implementations are quite different in how they use LDAP.
</p
>
7702 To get this information, I started slapd with debugging enabled and
7703 dumped the debug output to a file to get the LDAP searches performed
7704 on a Debian Edu main-server. Here is a summary.
7706 <p
><strong
>powerdns
</strong
></p
>
7708 <a href=
"http://www.linuxnetworks.de/doc/index.php/PowerDNS_LDAP_Backend
">Clues
7709 on how to
</a
> set up PowerDNS to use a LDAP backend is available on
7712 <p
>PowerDNS have two modes of operation using LDAP as its backend.
7713 One
"strict
" mode where the forward and reverse DNS lookups are done
7714 using the same LDAP objects, and a
"tree
" mode where the forward and
7715 reverse entries are in two different subtrees in LDAP with a structure
7716 based on the DNS names, as in tjener.intern and
7717 2.2.0.10.in-addr.arpa.
</p
>
7719 <p
>In tree mode, the server is set up to use a LDAP subtree as its
7720 base, and uses a
"base
" scoped search for the DNS name by adding
7721 "dc=tjener,dc=intern,
" to the base with a filter for
7722 "(associateddomain=tjener.intern)
" for the forward entry and
7723 "dc=
2,dc=
2,dc=
0,dc=
10,dc=in-addr,dc=arpa,
" with a filter for
7724 "(associateddomain=
2.2.0.10.in-addr.arpa)
" for the reverse entry. For
7725 forward entries, it is looking for attributes named dnsttl, arecord,
7726 nsrecord, cnamerecord, soarecord, ptrrecord, hinforecord, mxrecord,
7727 txtrecord, rprecord, afsdbrecord, keyrecord, aaaarecord, locrecord,
7728 srvrecord, naptrrecord, kxrecord, certrecord, dsrecord, sshfprecord,
7729 ipseckeyrecord, rrsigrecord, nsecrecord, dnskeyrecord, dhcidrecord,
7730 spfrecord and modifytimestamp. For reverse entries it is looking for
7731 the attributes dnsttl, arecord, nsrecord, cnamerecord, soarecord,
7732 ptrrecord, hinforecord, mxrecord, txtrecord, rprecord, aaaarecord,
7733 locrecord, srvrecord, naptrrecord and modifytimestamp. The equivalent
7734 ldapsearch commands could look like this:
</p
>
7736 <blockquote
><pre
>
7737 ldapsearch -h ldap \
7738 -b dc=tjener,dc=intern,ou=hosts,dc=skole,dc=skolelinux,dc=no \
7739 -s base -x
'(associateddomain=tjener.intern)
' dNSTTL aRecord nSRecord \
7740 cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord \
7741 rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord \
7742 nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord \
7743 rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp
7745 ldapsearch -h ldap \
7746 -b dc=
2,dc=
2,dc=
0,dc=
10,dc=in-addr,dc=arpa,ou=hosts,dc=skole,dc=skolelinux,dc=no \
7747 -s base -x
'(associateddomain=
2.2.0.10.in-addr.arpa)
'
7748 dnsttl, arecord, nsrecord, cnamerecord soarecord ptrrecord \
7749 hinforecord mxrecord txtrecord rprecord aaaarecord locrecord \
7750 srvrecord naptrrecord modifytimestamp
7751 </pre
></blockquote
>
7753 <p
>In Debian Edu/Lenny, the PowerDNS tree mode is used with
7754 ou=hosts,dc=skole,dc=skolelinux,dc=no as the base, and these are two
7755 example LDAP objects used there. In addition to these objects, the
7756 parent objects all th way up to ou=hosts,dc=skole,dc=skolelinux,dc=no
7757 also exist.
</p
>
7759 <blockquote
><pre
>
7760 dn: dc=tjener,dc=intern,ou=hosts,dc=skole,dc=skolelinux,dc=no
7762 objectclass: dnsdomain
7763 objectclass: domainrelatedobject
7766 associateddomain: tjener.intern
7768 dn: dc=
2,dc=
2,dc=
0,dc=
10,dc=in-addr,dc=arpa,ou=hosts,dc=skole,dc=skolelinux,dc=no
7770 objectclass: dnsdomain2
7771 objectclass: domainrelatedobject
7773 ptrrecord: tjener.intern
7774 associateddomain:
2.2.0.10.in-addr.arpa
7775 </pre
></blockquote
>
7777 <p
>In strict mode, the server behaves differently. When looking for
7778 forward DNS entries, it is doing a
"subtree
" scoped search with the
7779 same base as in the tree mode for a object with filter
7780 "(associateddomain=tjener.intern)
" and requests the attributes dnsttl,
7781 arecord, nsrecord, cnamerecord, soarecord, ptrrecord, hinforecord,
7782 mxrecord, txtrecord, rprecord, aaaarecord, locrecord, srvrecord,
7783 naptrrecord and modifytimestamp. For reverse entires it also do a
7784 subtree scoped search but this time the filter is
"(arecord=
10.0.2.2)
"
7785 and the requested attributes are associateddomain, dnsttl and
7786 modifytimestamp. In short, in strict mode the objects with ptrrecord
7787 go away, and the arecord attribute in the forward object is used
7790 <p
>The forward and reverse searches can be simulated using ldapsearch
7791 like this:
</p
>
7793 <blockquote
><pre
>
7794 ldapsearch -h ldap -b ou=hosts,dc=skole,dc=skolelinux,dc=no -s sub -x \
7795 '(associateddomain=tjener.intern)
' dNSTTL aRecord nSRecord \
7796 cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord \
7797 rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord \
7798 nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord \
7799 rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp
7801 ldapsearch -h ldap -b ou=hosts,dc=skole,dc=skolelinux,dc=no -s sub -x \
7802 '(arecord=
10.0.2.2)
' associateddomain dnsttl modifytimestamp
7803 </pre
></blockquote
>
7805 <p
>In addition to the forward and reverse searches , there is also a
7806 search for SOA records, which behave similar to the forward and
7807 reverse lookups.
</p
>
7809 <p
>A thing to note with the PowerDNS behaviour is that it do not
7810 specify any objectclass names, and instead look for the attributes it
7811 need to generate a DNS reply. This make it able to work with any
7812 objectclass that provide the needed attributes.
</p
>
7814 <p
>The attributes are normally provided in the cosine (RFC
1274) and
7815 dnsdomain2 schemas. The latter is used for reverse entries like
7816 ptrrecord and recent DNS additions like aaaarecord and srvrecord.
</p
>
7818 <p
>In Debian Edu, we have created DNS objects using the object classes
7819 dcobject (for dc), dnsdomain or dnsdomain2 (structural, for the DNS
7820 attributes) and domainrelatedobject (for associatedDomain). The use
7821 of structural object classes make it impossible to combine these
7822 classes with the object classes used by DHCP.
</p
>
7824 <p
>There are other schemas that could be used too, for example the
7825 dnszone structural object class used by Gosa and bind-sdb for the DNS
7826 attributes combined with the domainrelatedobject object class, but in
7827 this case some unused attributes would have to be included as well
7828 (zonename and relativedomainname).
</p
>
7830 <p
>My proposal for Debian Edu would be to switch PowerDNS to strict
7831 mode and not use any of the existing objectclasses (dnsdomain,
7832 dnsdomain2 and dnszone) when one want to combine the DNS information
7833 with DHCP information, and instead create a auxiliary object class
7834 defined something like this (using the attributes defined for
7835 dnsdomain and dnsdomain2 or dnszone):
</p
>
7837 <blockquote
><pre
>
7838 objectclass ( some-oid NAME
'dnsDomainAux
'
7841 MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord $ CNAMERecord $
7842 DNSTTL $ DNSClass $ PTRRecord $ HINFORecord $ MINFORecord $
7843 TXTRecord $ SIGRecord $ KEYRecord $ AAAARecord $ LOCRecord $
7844 NXTRecord $ SRVRecord $ NAPTRRecord $ KXRecord $ CERTRecord $
7845 A6Record $ DNAMERecord
7847 </pre
></blockquote
>
7849 <p
>This will allow any object to become a DNS entry when combined with
7850 the domainrelatedobject object class, and allow any entity to include
7851 all the attributes PowerDNS wants. I
've sent an email to the PowerDNS
7852 developers asking for their view on this schema and if they are
7853 interested in providing such schema with PowerDNS, and I hope my
7854 message will be accepted into their mailing list soon.
</p
>
7856 <p
><strong
>ISC dhcp
</strong
></p
>
7858 <p
>The DHCP server searches for specific objectclass and requests all
7859 the object attributes, and then uses the attributes it want. This
7860 make it harder to figure out exactly what attributes are used, but
7861 thanks to the working example in Debian Edu I can at least get an idea
7862 what is needed without having to read the source code.
</p
>
7864 <p
>In the DHCP server configuration, the LDAP base to use and the
7865 search filter to use to locate the correct dhcpServer entity is
7866 stored. These are the relevant entries from
7867 /etc/dhcp3/dhcpd.conf:
</p
>
7869 <blockquote
><pre
>
7870 ldap-base-dn
"dc=skole,dc=skolelinux,dc=no
";
7871 ldap-dhcp-server-cn
"dhcp
";
7872 </pre
></blockquote
>
7874 <p
>The DHCP server uses this information to nest all the DHCP
7875 configuration it need. The cn
"dhcp
" is located using the given LDAP
7876 base and the filter
"(
&(objectClass=dhcpServer)(cn=dhcp))
". The
7877 search result is this entry:
</p
>
7879 <blockquote
><pre
>
7880 dn: cn=dhcp,dc=skole,dc=skolelinux,dc=no
7883 objectClass: dhcpServer
7884 dhcpServiceDN: cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
7885 </pre
></blockquote
>
7887 <p
>The content of the dhcpServiceDN attribute is next used to locate the
7888 subtree with DHCP configuration. The DHCP configuration subtree base
7889 is located using a base scope search with base
"cn=DHCP
7890 Config,dc=skole,dc=skolelinux,dc=no
" and filter
7891 "(
&(objectClass=dhcpService)(|(dhcpPrimaryDN=cn=dhcp,dc=skole,dc=skolelinux,dc=no)(dhcpSecondaryDN=cn=dhcp,dc=skole,dc=skolelinux,dc=no)))
".
7892 The search result is this entry:
</p
>
7894 <blockquote
><pre
>
7895 dn: cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
7898 objectClass: dhcpService
7899 objectClass: dhcpOptions
7900 dhcpPrimaryDN: cn=dhcp, dc=skole,dc=skolelinux,dc=no
7901 dhcpStatements: ddns-update-style none
7902 dhcpStatements: authoritative
7903 dhcpOption: smtp-server code
69 = array of ip-address
7904 dhcpOption: www-server code
72 = array of ip-address
7905 dhcpOption: wpad-url code
252 = text
7906 </pre
></blockquote
>
7908 <p
>Next, the entire subtree is processed, one level at the time. When
7909 all the DHCP configuration is loaded, it is ready to receive requests.
7910 The subtree in Debian Edu contain objects with object classes
7911 top/dhcpService/dhcpOptions, top/dhcpSharedNetwork/dhcpOptions,
7912 top/dhcpSubnet, top/dhcpGroup and top/dhcpHost. These provide options
7913 and information about netmasks, dynamic range etc. Leaving out the
7914 details here because it is not relevant for the focus of my
7915 investigation, which is to see if it is possible to merge dns and dhcp
7916 related computer objects.
</p
>
7918 <p
>When a DHCP request come in, LDAP is searched for the MAC address
7919 of the client (
00:
00:
00:
00:
00:
00 in this example), using a subtree
7920 scoped search with
"cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
" as
7921 the base and
"(
&(objectClass=dhcpHost)(dhcpHWAddress=ethernet
7922 00:
00:
00:
00:
00:
00))
" as the filter. This is what a host object look
7925 <blockquote
><pre
>
7926 dn: cn=hostname,cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
7929 objectClass: dhcpHost
7930 dhcpHWAddress: ethernet
00:
00:
00:
00:
00:
00
7931 dhcpStatements: fixed-address hostname
7932 </pre
></blockquote
>
7934 <p
>There is less flexiblity in the way LDAP searches are done here.
7935 The object classes need to have fixed names, and the configuration
7936 need to be stored in a fairly specific LDAP structure. On the
7937 positive side, the invidiual dhcpHost entires can be anywhere without
7938 the DN pointed to by the dhcpServer entries. The latter should make
7939 it possible to group all host entries in a subtree next to the
7940 configuration entries, and this subtree can also be shared with the
7941 DNS server if the schema proposed above is combined with the dhcpHost
7942 structural object class.
7944 <p
><strong
>Conclusion
</strong
></p
>
7946 <p
>The PowerDNS implementation seem to be very flexible when it come
7947 to which LDAP schemas to use. While its
"tree
" mode is rigid when it
7948 come to the the LDAP structure, the
"strict
" mode is very flexible,
7949 allowing DNS objects to be stored anywhere under the base cn specified
7950 in the configuration.
</p
>
7952 <p
>The DHCP implementation on the other hand is very inflexible, both
7953 regarding which LDAP schemas to use and which LDAP structure to use.
7954 I guess one could implement ones own schema, as long as the
7955 objectclasses and attributes have the names used, but this do not
7956 really help when the DHCP subtree need to have a fairly fixed
7957 structure.
</p
>
7959 <p
>Based on the observed behaviour, I suspect a LDAP structure like
7960 this might work for Debian Edu:
</p
>
7962 <blockquote
><pre
>
7964 cn=machine-info (dhcpService) - dhcpServiceDN points here
7965 cn=dhcp (dhcpServer)
7966 cn=dhcp-internal (dhcpSharedNetwork/dhcpOptions)
7967 cn=
10.0.2.0 (dhcpSubnet)
7968 cn=group1 (dhcpGroup/dhcpOptions)
7969 cn=dhcp-thinclients (dhcpSharedNetwork/dhcpOptions)
7970 cn=
192.168.0.0 (dhcpSubnet)
7971 cn=group1 (dhcpGroup/dhcpOptions)
7972 ou=machines - PowerDNS base points here
7973 cn=hostname (dhcpHost/domainrelatedobject/dnsDomainAux)
7974 </pre
></blockquote
>
7976 <P
>This is not tested yet. If the DHCP server require the dhcpHost
7977 entries to be in the dhcpGroup subtrees, the entries can be stored
7978 there instead of a common machines subtree, and the PowerDNS base
7979 would have to be moved one level up to the machine-info subtree.
</p
>
7981 <p
>The combined object under the machines subtree would look something
7982 like this:
</p
>
7984 <blockquote
><pre
>
7985 dn: dc=hostname,ou=machines,cn=machine-info,dc=skole,dc=skolelinux,dc=no
7988 objectClass: dhcpHost
7989 objectclass: domainrelatedobject
7990 objectclass: dnsDomainAux
7991 associateddomain: hostname.intern
7992 arecord:
10.11.12.13
7993 dhcpHWAddress: ethernet
00:
00:
00:
00:
00:
00
7994 dhcpStatements: fixed-address hostname.intern
7995 </pre
></blockquote
>
7997 </p
>One could even add the LTSP configuration associated with a given
7998 machine, as long as the required attributes are available in a
7999 auxiliary object class.
</p
>
8004 <title>Combining PowerDNS and ISC DHCP LDAP objects
</title>
8005 <link>http://people.skolelinux.org/pere/blog/Combining_PowerDNS_and_ISC_DHCP_LDAP_objects.html
</link>
8006 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Combining_PowerDNS_and_ISC_DHCP_LDAP_objects.html
</guid>
8007 <pubDate>Wed,
14 Jul
2010 23:
45:
00 +
0200</pubDate>
8008 <description><p
>For a while now, I have wanted to find a way to change the DNS and
8009 DHCP services in Debian Edu to use the same LDAP objects for a given
8010 computer, to avoid the possibility of having a inconsistent state for
8011 a computer in LDAP (as in DHCP but no DNS entry or the other way
8012 around) and make it easier to add computers to LDAP.
</p
>
8014 <p
>I
've looked at how powerdns and dhcpd is using LDAP, and using this
8015 information finally found a solution that seem to work.
</p
>
8017 <p
>The old setup required three LDAP objects for a given computer.
8018 One forward DNS entry, one reverse DNS entry and one DHCP entry. If
8019 we switch powerdns to use its strict LDAP method (ldap-method=strict
8020 in pdns-debian-edu.conf), the forward and reverse DNS entries are
8021 merged into one while making it impossible to transfer the reverse map
8022 to a slave DNS server.
</p
>
8024 <p
>If we also replace the object class used to get the DNS related
8025 attributes to one allowing these attributes to be combined with the
8026 dhcphost object class, we can merge the DNS and DHCP entries into one.
8027 I
've written such object class in the dnsdomainaux.schema file (need
8028 proper OIDs, but that is a minor issue), and tested the setup. It
8029 seem to work.
</p
>
8031 <p
>With this test setup in place, we can get away with one LDAP object
8032 for both DNS and DHCP, and even the LTSP configuration I suggested in
8033 an earlier email. The combined LDAP object will look something like
8036 <blockquote
><pre
>
8037 dn: cn=hostname,cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
8039 objectClass: dhcphost
8040 objectclass: domainrelatedobject
8041 objectclass: dnsdomainaux
8042 associateddomain: hostname.intern
8043 arecord:
10.11.12.13
8044 dhcphwaddress: ethernet
00:
00:
00:
00:
00:
00
8045 dhcpstatements: fixed-address hostname
8047 </pre
></blockquote
>
8049 <p
>The DNS server uses the associateddomain and arecord entries, while
8050 the DHCP server uses the dhcphwaddress and dhcpstatements entries
8051 before asking DNS to resolve the fixed-adddress. LTSP will use
8052 dhcphwaddress or associateddomain and the ldapconfig* attributes.
</p
>
8054 <p
>I am not yet sure if I can get the DHCP server to look for its
8055 dhcphost in a different location, to allow us to put the objects
8056 outside the
"DHCP Config
" subtree, but hope to figure out a way to do
8057 that. If I can
't figure out a way to do that, we can still get rid of
8058 the hosts subtree and move all its content into the DHCP Config tree
8059 (which probably should be renamed to be more related to the new
8060 content. I suspect cn=dnsdhcp,ou=services or something like that
8061 might be a good place to put it.
</p
>
8063 <p
>If you want to help out with implementing this for Debian Edu,
8064 please contact us on debian-edu@lists.debian.org.
</p
>
8069 <title>Idea for storing LTSP configuration in LDAP
</title>
8070 <link>http://people.skolelinux.org/pere/blog/Idea_for_storing_LTSP_configuration_in_LDAP.html
</link>
8071 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Idea_for_storing_LTSP_configuration_in_LDAP.html
</guid>
8072 <pubDate>Sun,
11 Jul
2010 22:
00:
00 +
0200</pubDate>
8073 <description><p
>Vagrant mentioned on IRC today that ltsp_config now support
8074 sourcing files from /usr/share/ltsp/ltsp_config.d/ on the thin
8075 clients, and that this can be used to fetch configuration from LDAP if
8076 Debian Edu choose to store configuration there.
</p
>
8078 <p
>Armed with this information, I got inspired and wrote a test module
8079 to get configuration from LDAP. The idea is to look up the MAC
8080 address of the client in LDAP, and look for attributes on the form
8081 ltspconfigsetting=value, and use this to export SETTING=value to the
8082 LTSP clients.
</p
>
8084 <p
>The goal is to be able to store the LTSP configuration attributes
8085 in a
"computer
" LDAP object used by both DNS and DHCP, and thus
8086 allowing us to store all information about a computer in one place.
</p
>
8088 <p
>This is a untested draft implementation, and I welcome feedback on
8089 this approach. A real LDAP schema for the ltspClientAux objectclass
8090 need to be written. Comments, suggestions, etc?
</p
>
8092 <blockquote
><pre
>
8093 # Store in /opt/ltsp/$arch/usr/share/ltsp/ltsp_config.d/ldap-config
8095 # Fetch LTSP client settings from LDAP based on MAC address
8097 # Uses ethernet address as stored in the dhcpHost objectclass using
8098 # the dhcpHWAddress attribute or ethernet address stored in the
8099 # ieee802Device objectclass with the macAddress attribute.
8101 # This module is written to be schema agnostic, and only depend on the
8102 # existence of attribute names.
8104 # The LTSP configuration variables are saved directly using a
8105 # ltspConfig prefix and uppercasing the rest of the attribute name.
8106 # To set the SERVER variable, set the ltspConfigServer attribute.
8108 # Some LDAP schema should be created with all the relevant
8109 # configuration settings. Something like this should work:
8111 # objectclass (
1.1.2.2 NAME
'ltspClientAux
'
8114 # MAY ( ltspConfigServer $ ltsConfigSound $ ... )
8116 LDAPSERVER=$(debian-edu-ldapserver)
8117 if [
"$LDAPSERVER
" ] ; then
8118 LDAPBASE=$(debian-edu-ldapserver -b)
8119 for MAC in $(LANG=C ifconfig |grep -i hwaddr| awk
'{print $
5}
'|sort -u) ; do
8120 filter=
"(|(dhcpHWAddress=ethernet $MAC)(macAddress=$MAC))
"
8121 ldapsearch -h
"$LDAPSERVER
" -b
"$LDAPBASE
" -v -x
"$filter
" | \
8122 grep
'^ltspConfig
' | while read attr value ; do
8123 # Remove prefix and convert to upper case
8124 attr=$(echo $attr | sed
's/^ltspConfig//i
' | tr a-z A-Z)
8125 # bass value on to clients
8126 eval
"$attr=$value; export $attr
"
8130 </pre
></blockquote
>
8132 <p
>I
'm not sure this shell construction will work, because I suspect
8133 the while block might end up in a subshell causing the variables set
8134 there to not show up in ltsp-config, but if that is the case I am sure
8135 the code can be restructured to make sure the variables are passed on.
8136 I expect that can be solved with some testing. :)
</p
>
8138 <p
>If you want to help out with implementing this for Debian Edu,
8139 please contact us on debian-edu@lists.debian.org.
</p
>
8141 <p
>Update
2010-
07-
17: I am aware of another effort to store LTSP
8142 configuration in LDAP that was created around year
2000 by
8143 <a href=
"http://www.pcxperience.com/thinclient/documentation/ldap.html
">PC
8144 Xperience, Inc.,
2000</a
>. I found its
8145 <a href=
"http://people.redhat.com/alikins/ltsp/ldap/
">files
</a
> on a
8146 personal home page over at redhat.com.
</p
>
8151 <title>jXplorer, a very nice LDAP GUI
</title>
8152 <link>http://people.skolelinux.org/pere/blog/jXplorer__a_very_nice_LDAP_GUI.html
</link>
8153 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/jXplorer__a_very_nice_LDAP_GUI.html
</guid>
8154 <pubDate>Fri,
9 Jul
2010 12:
55:
00 +
0200</pubDate>
8155 <description><p
>Since
8156 <a href=
"http://people.skolelinux.org/pere/blog/LUMA__a_very_nice_LDAP_GUI.html
">my
8157 last post
</a
> about available LDAP tools in Debian, I was told about a
8158 LDAP GUI that is even better than luma. The java application
8159 <a href=
"http://jxplorer.org/
">jXplorer
</a
> is claimed to be capable of
8160 moving LDAP objects and subtrees using drag-and-drop, and can
8161 authenticate using Kerberos. I have only tested the Kerberos
8162 authentication, but do not have a LDAP setup allowing me to rewrite
8163 LDAP with my test user yet. It is
8164 <a href=
"http://packages.qa.debian.org/j/jxplorer.html
">available in
8165 Debian
</a
> testing and unstable at the moment. The only problem I
8166 have with it is how it handle errors. If something go wrong, its
8167 non-intuitive behaviour require me to go through some query work list
8168 and remove the failing query. Nothing big, but very annoying.
</p
>
8173 <title>Lenny-
>Squeeze upgrades, apt vs aptitude with the Gnome desktop
</title>
8174 <link>http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__apt_vs_aptitude_with_the_Gnome_desktop.html
</link>
8175 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__apt_vs_aptitude_with_the_Gnome_desktop.html
</guid>
8176 <pubDate>Sat,
3 Jul
2010 23:
55:
00 +
0200</pubDate>
8177 <description><p
>Here is a short update on my
<a
8178 href=
"http://people.skolelinux.org/~pere/debian-upgrade-testing/
">my
8179 Debian Lenny-
>Squeeze upgrade testing
</a
>. Here is a summary of the
8180 difference for Gnome when it is upgraded by apt-get and aptitude. I
'm
8181 not reporting the status for KDE, because the upgrade crashes when
8182 aptitude try because of missing conflicts
8183 (
<a href=
"http://bugs.debian.org/
584861">#
584861</a
> and
8184 <a href=
"http://bugs.debian.org/
585716">#
585716</a
>).
</p
>
8186 <p
>At the end of the upgrade test script, dpkg -l is executed to get a
8187 complete list of the installed packages. Based on this I see these
8188 differences when I did a test run today. As usual, I do not really
8189 know what the correct set of packages would be, but thought it best to
8190 publish the difference.
</p
>
8192 <p
>Installed using apt-get, missing with aptitude
</p
>
8194 <blockquote
><p
>
8195 at-spi cpp-
4.3 finger gnome-spell gstreamer0.10-gnomevfs
8196 libatspi1.0-
0 libcupsys2 libeel2-data libgail-common libgdl-
1-common
8197 libgnomeprint2.2-data libgnomeprintui2.2-common libgnomevfs2-bin
8198 libgtksourceview-common libpt-
1.10.10-plugins-alsa
8199 libpt-
1.10.10-plugins-v4l libservlet2.4-java libxalan2-java
8200 libxerces2-java openoffice.org-writer2latex openssl-blacklist p7zip
8201 python-
4suite-xml python-eggtrayicon python-gtkhtml2
8202 python-gtkmozembed svgalibg1 xserver-xephyr zip
8203 </p
></blockquote
>
8205 <p
>Installed using apt-get, removed with aptitude
</p
>
8207 <blockquote
><p
>
8208 bluez-utils dhcdbd djvulibre-desktop epiphany-gecko
8209 gnome-app-install gnome-mount gnome-vfs-obexftp gnome-volume-manager
8210 libao2 libavahi-compat-libdnssd1 libavahi-core5 libbind9-
50
8211 libbluetooth2 libcamel1.2-
11 libcdio7 libcucul0 libcurl3
8212 libdirectfb-
1.0-
0 libdvdread3 libedata-cal1.2-
6 libedataserver1.2-
9
8213 libeel2-
2.20 libepc-
1.0-
1 libepc-ui-
1.0-
1 libexchange-storage1.2-
3
8214 libfaad0 libgd2-noxpm libgda3-
3 libgda3-common libggz2 libggzcore9
8215 libggzmod4 libgksu1.2-
0 libgksuui1.0-
1 libgmyth0 libgnome-desktop-
2
8216 libgnome-pilot2 libgnomecups1.0-
1 libgnomeprint2.2-
0
8217 libgnomeprintui2.2-
0 libgpod3 libgraphviz4 libgtkhtml2-
0
8218 libgtksourceview1.0-
0 libgucharmap6 libhesiod0 libicu38 libisccc50
8219 libisccfg50 libiw29 libkpathsea4 libltdl3 liblwres50 libmagick++
10
8220 libmagick10 libmalaga7 libmtp7 libmysqlclient15off libnautilus-burn4
8221 libneon27 libnm-glib0 libnm-util0 libopal-
2.2 libosp5
8222 libparted1.8-
10 libpisock9 libpisync1 libpoppler-glib3 libpoppler3
8223 libpt-
1.10.10 libraw1394-
8 libsensors3 libsmbios2 libsoup2.2-
8
8224 libssh2-
1 libsuitesparse-
3.1.0 libswfdec-
0.6-
90 libtalloc1
8225 libtotem-plparser10 libtrackerclient0 libvoikko1 libxalan2-java-gcj
8226 libxerces2-java-gcj libxklavier12 libxtrap6 libxxf86misc1 libzephyr3
8227 mysql-common swfdec-gnome totem-gstreamer wodim
8228 </p
></blockquote
>
8230 <p
>Installed using aptitude, missing with apt-get
</p
>
8232 <blockquote
><p
>
8233 gnome gnome-desktop-environment hamster-applet python-gnomeapplet
8234 python-gnomekeyring python-wnck rhythmbox-plugins xorg
8235 xserver-xorg-input-all xserver-xorg-input-evdev
8236 xserver-xorg-input-kbd xserver-xorg-input-mouse
8237 xserver-xorg-input-synaptics xserver-xorg-video-all
8238 xserver-xorg-video-apm xserver-xorg-video-ark xserver-xorg-video-ati
8239 xserver-xorg-video-chips xserver-xorg-video-cirrus
8240 xserver-xorg-video-dummy xserver-xorg-video-fbdev
8241 xserver-xorg-video-glint xserver-xorg-video-i128
8242 xserver-xorg-video-i740 xserver-xorg-video-mach64
8243 xserver-xorg-video-mga xserver-xorg-video-neomagic
8244 xserver-xorg-video-nouveau xserver-xorg-video-nv
8245 xserver-xorg-video-r128 xserver-xorg-video-radeon
8246 xserver-xorg-video-radeonhd xserver-xorg-video-rendition
8247 xserver-xorg-video-s3 xserver-xorg-video-s3virge
8248 xserver-xorg-video-savage xserver-xorg-video-siliconmotion
8249 xserver-xorg-video-sis xserver-xorg-video-sisusb
8250 xserver-xorg-video-tdfx xserver-xorg-video-tga
8251 xserver-xorg-video-trident xserver-xorg-video-tseng
8252 xserver-xorg-video-vesa xserver-xorg-video-vmware
8253 xserver-xorg-video-voodoo
8254 </p
></blockquote
>
8256 <p
>Installed using aptitude, removed with apt-get
</p
>
8258 <blockquote
><p
>
8259 deskbar-applet xserver-xorg xserver-xorg-core
8260 xserver-xorg-input-wacom xserver-xorg-video-intel
8261 xserver-xorg-video-openchrome
8262 </p
></blockquote
>
8264 <p
>I was told on IRC that the xorg-xserver package was
8265 <a href=
"http://git.debian.org/?p=pkg-xorg/xserver/xorg-server.git;a=commit;h=
9c8080d06c457932d3bfec021c69ac000aa60120
">changed
8266 in git
</a
> today to try to get apt-get to not remove xorg completely.
8267 No idea when it hits Squeeze, but when it does I hope it will reduce
8268 the difference somewhat.
8273 <title>LUMA, a very nice LDAP GUI
</title>
8274 <link>http://people.skolelinux.org/pere/blog/LUMA__a_very_nice_LDAP_GUI.html
</link>
8275 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/LUMA__a_very_nice_LDAP_GUI.html
</guid>
8276 <pubDate>Mon,
28 Jun
2010 00:
30:
00 +
0200</pubDate>
8277 <description><p
>The last few days I have been looking into the status of the LDAP
8278 directory in Debian Edu, and in the process I started to miss a GUI
8279 tool to browse the LDAP tree. The only one I was able to find in
8280 Debian/Squeeze and Lenny is
8281 <a href=
"http://luma.sourceforge.net/
">LUMA
</a
>, which has proved to
8282 be a great tool to get a overview of the current LDAP directory
8283 populated by default in Skolelinux. Thanks to it, I have been able to
8284 find empty and obsolete subtrees, misplaced objects and duplicate
8285 objects. It will be installed by default in Debian/Squeeze. If you
8286 are working with LDAP, give it a go. :)
</p
>
8288 <p
>I did notice one problem with it I have not had time to report to
8289 the BTS yet. There is no .desktop file in the package, so the tool do
8290 not show up in the Gnome and KDE menus, but only deep down in in the
8291 Debian submenu in KDE. I hope that can be fixed before Squeeze is
8294 <p
>I have not yet been able to get it to modify the tree yet. I would
8295 like to move objects and remove subtrees directly in the GUI, but have
8296 not found a way to do that with LUMA yet. So in the mean time, I use
8297 <a href=
"http://www.lichteblau.com/ldapvi/
">ldapvi
</a
> for that.
</p
>
8299 <p
>If you have tips on other GUI tools for LDAP that might be useful
8300 in Debian Edu, please contact us on debian-edu@lists.debian.org.
</p
>
8302 <p
>Update
2010-
06-
29: Ross Reedstrom tipped us about the
8303 <a href=
"http://packages.qa.debian.org/g/gq.html
">gq
</a
> package as a
8304 useful GUI alternative. It seem like a good tool, but is unmaintained
8305 in Debian and got a RC bug keeping it out of Squeeze. Unless that
8306 changes, it will not be an option for Debian Edu based on Squeeze.
</p
>
8311 <title>Idea for a change to LDAP schemas allowing DNS and DHCP info to be combined into one object
</title>
8312 <link>http://people.skolelinux.org/pere/blog/Idea_for_a_change_to_LDAP_schemas_allowing_DNS_and_DHCP_info_to_be_combined_into_one_object.html
</link>
8313 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Idea_for_a_change_to_LDAP_schemas_allowing_DNS_and_DHCP_info_to_be_combined_into_one_object.html
</guid>
8314 <pubDate>Thu,
24 Jun
2010 00:
35:
00 +
0200</pubDate>
8315 <description><p
>A while back, I
8316 <a href=
"http://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
">complained
8317 about the fact
</a
> that it is not possible with the provided schemas
8318 for storing DNS and DHCP information in LDAP to combine the two sets
8319 of information into one LDAP object representing a computer.
</p
>
8321 <p
>In the mean time, I discovered that a simple fix would be to make
8322 the dhcpHost object class auxiliary, to allow it to be combined with
8323 the dNSDomain object class, and thus forming one object for one
8324 computer when storing both DHCP and DNS information in LDAP.
</p
>
8326 <p
>If I understand this correctly, it is not safe to do this change
8327 without also changing the assigned number for the object class, and I
8328 do not know enough about LDAP schema design to do that properly for
8329 Debian Edu.
</p
>
8331 <p
>Anyway, for future reference, this is how I believe we could change
8333 <a href=
"http://tools.ietf.org/html/draft-ietf-dhc-ldap-schema-
00">DHCP
8334 schema
</a
> to solve at least part of the problem with the LDAP schemas
8335 available today from IETF.
</p
>
8338 --- dhcp.schema (revision
65192)
8339 +++ dhcp.schema (working copy)
8341 objectclass (
2.16.840.1.113719.1.203.6.6
8342 NAME
'dhcpHost
'
8343 DESC
'This represents information about a particular client
'
8347 MAY (dhcpLeaseDN $ dhcpHWAddress $ dhcpOptionsDN $ dhcpStatements $ dhcpComments $ dhcpOption)
8348 X-NDS_CONTAINMENT (
'dhcpService
' 'dhcpSubnet
' 'dhcpGroup
') )
8351 <p
>I very much welcome clues on how to do this properly for Debian
8352 Edu/Squeeze. We provide the DHCP schema in our debian-edu-config
8353 package, and should thus be free to rewrite it as we see fit.
</p
>
8355 <p
>If you want to help out with implementing this for Debian Edu,
8356 please contact us on debian-edu@lists.debian.org.
</p
>
8361 <title>Calling tasksel like the installer, while still getting useful output
</title>
8362 <link>http://people.skolelinux.org/pere/blog/Calling_tasksel_like_the_installer__while_still_getting_useful_output.html
</link>
8363 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Calling_tasksel_like_the_installer__while_still_getting_useful_output.html
</guid>
8364 <pubDate>Wed,
16 Jun
2010 14:
55:
00 +
0200</pubDate>
8365 <description><p
>A few times I have had the need to simulate the way tasksel
8366 installs packages during the normal debian-installer run. Until now,
8367 I have ended up letting tasksel do the work, with the annoying problem
8368 of not getting any feedback at all when something fails (like a
8369 conffile question from dpkg or a download that fails), using code like
8372 <blockquote
><pre
>
8373 export DEBIAN_FRONTEND=noninteractive
8374 tasksel --new-install
8375 </pre
></blockquote
>
8377 This would invoke tasksel, let its automatic task selection pick the
8378 tasks to install, and continue to install the requested tasks without
8379 any output what so ever.
8381 Recently I revisited this problem while working on the automatic
8382 package upgrade testing, because tasksel would some times hang without
8383 any useful feedback, and I want to see what is going on when it
8384 happen. Then it occured to me, I can parse the output from tasksel
8385 when asked to run in test mode, and use that aptitude command line
8386 printed by tasksel then to simulate the tasksel run. I ended up using
8389 <blockquote
><pre
>
8390 export DEBIAN_FRONTEND=noninteractive
8391 cmd=
"$(in_target tasksel -t --new-install | sed
's/debconf-apt-progress -- //
')
"
8393 </pre
></blockquote
>
8395 <p
>The content of $cmd is typically something like
"<tt
>aptitude -q
8396 --without-recommends -o APT::Install-Recommends=no -y install
8397 ~t^desktop$ ~t^gnome-desktop$ ~t^laptop$ ~pstandard ~prequired
8398 ~pimportant
</tt
>", which will install the gnome desktop task, the
8399 laptop task and all packages with priority standard , required and
8400 important, just like tasksel would have done it during
8401 installation.
</p
>
8403 <p
>A better approach is probably to extend tasksel to be able to
8404 install packages without using debconf-apt-progress, for use cases
8405 like this.
</p
>
8410 <title>Lenny-
>Squeeze upgrades, removals by apt and aptitude
</title>
8411 <link>http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__removals_by_apt_and_aptitude.html
</link>
8412 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__removals_by_apt_and_aptitude.html
</guid>
8413 <pubDate>Sun,
13 Jun
2010 09:
05:
00 +
0200</pubDate>
8414 <description><p
>My
8415 <a href=
"http://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html
">testing
8416 of Debian upgrades
</a
> from Lenny to Squeeze continues, and I
've
8417 finally made the upgrade logs available from
8418 <a href=
"http://people.skolelinux.org/pere/debian-upgrade-testing/
">http://people.skolelinux.org/pere/debian-upgrade-testing/
</a
>.
8419 I am now testing dist-upgrade of Gnome and KDE in a chroot using both
8420 apt and aptitude, and found their differences interesting. This time
8421 I will only focus on their removal plans.
</p
>
8423 <p
>After installing a Gnome desktop and the laptop task, apt-get wants
8424 to remove
72 packages when dist-upgrading from Lenny to Squeeze. The
8425 surprising part is that it want to remove xorg and all
8426 xserver-xorg-video* drivers. Clearly not a good choice, but I am not
8427 sure why. When asking aptitude to do the same, it want to remove
129
8428 packages, but most of them are library packages I suspect are no
8429 longer needed. Both of them want to remove bluetooth packages, which
8430 I do not know. Perhaps these bluetooth packages are obsolete?
</p
>
8432 <p
>For KDE, apt-get want to remove
82 packages, among them kdebase
8433 which seem like a bad idea and xorg the same way as with Gnome. Asking
8434 aptitude for the same, it wants to remove
192 packages, none which are
8435 too surprising.
</p
>
8437 <p
>I guess the removal of xorg during upgrades should be investigated
8438 and avoided, and perhaps others as well. Here are the complete list
8439 of planned removals. The complete logs is available from the URL
8440 above. Note if you want to repeat these tests, that the upgrade test
8441 for kde+apt-get hung in the tasksel setup because of dpkg asking
8442 conffile questions. No idea why. I worked around it by using
8443 '<tt
>echo
>> /proc/
<em
>pidofdpkg
</em
>/fd/
0</tt
>' to tell dpkg to
8446 <p
><b
>apt-get gnome
72</b
>
8447 <br
>bluez-gnome cupsddk-drivers deskbar-applet gnome
8448 gnome-desktop-environment gnome-network-admin gtkhtml3.14
8449 iceweasel-gnome-support libavcodec51 libdatrie0 libgdl-
1-
0
8450 libgnomekbd2 libgnomekbdui2 libmetacity0 libslab0 libxcb-xlib0
8451 nautilus-cd-burner python-gnome2-desktop python-gnome2-extras
8452 serpentine swfdec-mozilla update-manager xorg xserver-xorg
8453 xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-evdev
8454 xserver-xorg-input-kbd xserver-xorg-input-mouse
8455 xserver-xorg-input-synaptics xserver-xorg-input-wacom
8456 xserver-xorg-video-all xserver-xorg-video-apm xserver-xorg-video-ark
8457 xserver-xorg-video-ati xserver-xorg-video-chips
8458 xserver-xorg-video-cirrus xserver-xorg-video-cyrix
8459 xserver-xorg-video-dummy xserver-xorg-video-fbdev
8460 xserver-xorg-video-glint xserver-xorg-video-i128
8461 xserver-xorg-video-i740 xserver-xorg-video-imstt
8462 xserver-xorg-video-intel xserver-xorg-video-mach64
8463 xserver-xorg-video-mga xserver-xorg-video-neomagic
8464 xserver-xorg-video-nsc xserver-xorg-video-nv
8465 xserver-xorg-video-openchrome xserver-xorg-video-r128
8466 xserver-xorg-video-radeon xserver-xorg-video-radeonhd
8467 xserver-xorg-video-rendition xserver-xorg-video-s3
8468 xserver-xorg-video-s3virge xserver-xorg-video-savage
8469 xserver-xorg-video-siliconmotion xserver-xorg-video-sis
8470 xserver-xorg-video-sisusb xserver-xorg-video-tdfx
8471 xserver-xorg-video-tga xserver-xorg-video-trident
8472 xserver-xorg-video-tseng xserver-xorg-video-v4l
8473 xserver-xorg-video-vesa xserver-xorg-video-vga
8474 xserver-xorg-video-vmware xserver-xorg-video-voodoo xulrunner-
1.9
8475 xulrunner-
1.9-gnome-support
</p
>
8477 <p
><b
>aptitude gnome
129</b
>
8479 <br
>bluez-gnome bluez-utils cpp-
4.3 cupsddk-drivers dhcdbd
8480 djvulibre-desktop finger gnome-app-install gnome-mount
8481 gnome-network-admin gnome-spell gnome-vfs-obexftp
8482 gnome-volume-manager gstreamer0.10-gnomevfs gtkhtml3.14 libao2
8483 libavahi-compat-libdnssd1 libavahi-core5 libavcodec51 libbluetooth2
8484 libcamel1.2-
11 libcdio7 libcucul0 libcupsys2 libcurl3 libdatrie0
8485 libdirectfb-
1.0-
0 libdvdread3 libedataserver1.2-
9 libeel2-
2.20
8486 libeel2-data libepc-
1.0-
1 libepc-ui-
1.0-
1 libfaad0 libgail-common
8487 libgd2-noxpm libgda3-
3 libgda3-common libgdl-
1-
0 libgdl-
1-common
8488 libggz2 libggzcore9 libggzmod4 libgksu1.2-
0 libgksuui1.0-
1 libgmyth0
8489 libgnomecups1.0-
1 libgnomekbd2 libgnomekbdui2 libgnomeprint2.2-
0
8490 libgnomeprint2.2-data libgnomeprintui2.2-
0 libgnomeprintui2.2-common
8491 libgnomevfs2-bin libgpod3 libgraphviz4 libgtkhtml2-
0
8492 libgtksourceview-common libgtksourceview1.0-
0 libgucharmap6
8493 libhesiod0 libicu38 libiw29 libkpathsea4 libltdl3 libmagick++
10
8494 libmagick10 libmalaga7 libmetacity0 libmtp7 libmysqlclient15off
8495 libnautilus-burn4 libneon27 libnm-glib0 libnm-util0 libopal-
2.2
8496 libosp5 libparted1.8-
10 libpoppler-glib3 libpoppler3 libpt-
1.10.10
8497 libpt-
1.10.10-plugins-alsa libpt-
1.10.10-plugins-v4l libraw1394-
8
8498 libsensors3 libslab0 libsmbios2 libsoup2.2-
8 libssh2-
1
8499 libsuitesparse-
3.1.0 libswfdec-
0.6-
90 libtalloc1 libtotem-plparser10
8500 libtrackerclient0 libxalan2-java libxalan2-java-gcj libxcb-xlib0
8501 libxerces2-java libxerces2-java-gcj libxklavier12 libxtrap6
8502 libxxf86misc1 libzephyr3 mysql-common nautilus-cd-burner
8503 openoffice.org-writer2latex openssl-blacklist p7zip
8504 python-
4suite-xml python-eggtrayicon python-gnome2-desktop
8505 python-gnome2-extras python-gtkhtml2 python-gtkmozembed
8506 python-numeric python-sexy serpentine svgalibg1 swfdec-gnome
8507 swfdec-mozilla totem-gstreamer update-manager wodim
8508 xserver-xorg-video-cyrix xserver-xorg-video-imstt
8509 xserver-xorg-video-nsc xserver-xorg-video-v4l xserver-xorg-video-vga
8512 <p
><b
>apt-get kde
82</b
>
8514 <br
>cupsddk-drivers karm kaudiocreator kcoloredit kcontrol kde kde-core
8515 kdeaddons kdeartwork kdebase kdebase-bin kdebase-bin-kde3
8516 kdebase-kio-plugins kdesktop kdeutils khelpcenter kicker
8517 kicker-applets knewsticker kolourpaint konq-plugins konqueror korn
8518 kpersonalizer kscreensaver ksplash libavcodec51 libdatrie0 libkiten1
8519 libxcb-xlib0 quanta superkaramba texlive-base-bin xorg xserver-xorg
8520 xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-evdev
8521 xserver-xorg-input-kbd xserver-xorg-input-mouse
8522 xserver-xorg-input-synaptics xserver-xorg-input-wacom
8523 xserver-xorg-video-all xserver-xorg-video-apm xserver-xorg-video-ark
8524 xserver-xorg-video-ati xserver-xorg-video-chips
8525 xserver-xorg-video-cirrus xserver-xorg-video-cyrix
8526 xserver-xorg-video-dummy xserver-xorg-video-fbdev
8527 xserver-xorg-video-glint xserver-xorg-video-i128
8528 xserver-xorg-video-i740 xserver-xorg-video-imstt
8529 xserver-xorg-video-intel xserver-xorg-video-mach64
8530 xserver-xorg-video-mga xserver-xorg-video-neomagic
8531 xserver-xorg-video-nsc xserver-xorg-video-nv
8532 xserver-xorg-video-openchrome xserver-xorg-video-r128
8533 xserver-xorg-video-radeon xserver-xorg-video-radeonhd
8534 xserver-xorg-video-rendition xserver-xorg-video-s3
8535 xserver-xorg-video-s3virge xserver-xorg-video-savage
8536 xserver-xorg-video-siliconmotion xserver-xorg-video-sis
8537 xserver-xorg-video-sisusb xserver-xorg-video-tdfx
8538 xserver-xorg-video-tga xserver-xorg-video-trident
8539 xserver-xorg-video-tseng xserver-xorg-video-v4l
8540 xserver-xorg-video-vesa xserver-xorg-video-vga
8541 xserver-xorg-video-vmware xserver-xorg-video-voodoo xulrunner-
1.9</p
>
8543 <p
><b
>aptitude kde
192</b
>
8544 <br
>bluez-utils cpp-
4.3 cupsddk-drivers cvs dcoprss dhcdbd
8545 djvulibre-desktop dosfstools eyesapplet fifteenapplet finger gettext
8546 ghostscript-x imlib-base imlib11 indi kandy karm kasteroids
8547 kaudiocreator kbackgammon kbstate kcoloredit kcontrol kcron kdat
8548 kdeadmin-kfile-plugins kdeartwork-misc kdeartwork-theme-window
8549 kdebase-bin-kde3 kdebase-kio-plugins kdeedu-data
8550 kdegraphics-kfile-plugins kdelirc kdemultimedia-kappfinder-data
8551 kdemultimedia-kfile-plugins kdenetwork-kfile-plugins
8552 kdepim-kfile-plugins kdepim-kio-plugins kdeprint kdesktop kdessh
8553 kdict kdnssd kdvi kedit keduca kenolaba kfax kfaxview kfouleggs
8554 kghostview khelpcenter khexedit kiconedit kitchensync klatin
8555 klickety kmailcvt kmenuedit kmid kmilo kmoon kmrml kodo kolourpaint
8556 kooka korn kpager kpdf kpercentage kpf kpilot kpoker kpovmodeler
8557 krec kregexpeditor ksayit ksim ksirc ksirtet ksmiletris ksmserver
8558 ksnake ksokoban ksplash ksvg ksysv ktip ktnef kuickshow kverbos
8559 kview kviewshell kvoctrain kwifimanager kwin kwin4 kworldclock
8560 kxsldbg libakode2 libao2 libarts1-akode libarts1-audiofile
8561 libarts1-mpeglib libarts1-xine libavahi-compat-libdnssd1
8562 libavahi-core5 libavc1394-
0 libavcodec51 libbluetooth2
8563 libboost-python1.34
.1 libcucul0 libcurl3 libcvsservice0 libdatrie0
8564 libdirectfb-
1.0-
0 libdjvulibre21 libdvdread3 libfaad0 libfreebob0
8565 libgail-common libgd2-noxpm libgraphviz4 libgsmme1c2a libgtkhtml2-
0
8566 libicu38 libiec61883-
0 libindex0 libiw29 libk3b3 libkcal2b libkcddb1
8567 libkdeedu3 libkdepim1a libkgantt0 libkiten1 libkleopatra1 libkmime2
8568 libkpathsea4 libkpimexchange1 libkpimidentities1 libkscan1
8569 libksieve0 libktnef1 liblockdev1 libltdl3 libmagick10 libmimelib1c2a
8570 libmozjs1d libmpcdec3 libneon27 libnm-util0 libopensync0 libpisock9
8571 libpoppler-glib3 libpoppler-qt2 libpoppler3 libraw1394-
8 libsmbios2
8572 libssh2-
1 libsuitesparse-
3.1.0 libtalloc1 libtiff-tools
8573 libxalan2-java libxalan2-java-gcj libxcb-xlib0 libxerces2-java
8574 libxerces2-java-gcj libxtrap6 mpeglib networkstatus
8575 openoffice.org-writer2latex pmount poster psutils quanta quanta-data
8576 superkaramba svgalibg1 tex-common texlive-base texlive-base-bin
8577 texlive-common texlive-doc-base texlive-fonts-recommended
8578 xserver-xorg-video-cyrix xserver-xorg-video-imstt
8579 xserver-xorg-video-nsc xserver-xorg-video-v4l xserver-xorg-video-vga
8580 xulrunner-
1.9</p
>
8586 <title>Automatic upgrade testing from Lenny to Squeeze
</title>
8587 <link>http://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html
</link>
8588 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html
</guid>
8589 <pubDate>Fri,
11 Jun
2010 22:
50:
00 +
0200</pubDate>
8590 <description><p
>The last few days I have done some upgrade testing in Debian, to
8591 see if the upgrade from Lenny to Squeeze will go smoothly. A few bugs
8592 have been discovered and reported in the process
8593 (
<a href=
"http://bugs.debian.org/
585410">#
585410</a
> in nagios3-cgi,
8594 <a href=
"http://bugs.debian.org/
584879">#
584879</a
> already fixed in
8595 enscript and
<a href=
"http://bugs.debian.org/
584861">#
584861</a
> in
8596 kdebase-workspace-data), and to get a more regular testing going on, I
8597 am working on a script to automate the test.
</p
>
8599 <p
>The idea is to create a Lenny chroot and use tasksel to install a
8600 Gnome or KDE desktop installation inside the chroot before upgrading
8601 it. To ensure no services are started in the chroot, a policy-rc.d
8602 script is inserted. To make sure tasksel believe it is to install a
8603 desktop on a laptop, the tasksel tests are replaced in the chroot
8604 (only acceptable because this is a throw-away chroot).
</p
>
8606 <p
>A naive upgrade from Lenny to Squeeze using aptitude dist-upgrade
8607 currently always fail because udev refuses to upgrade with the kernel
8608 in Lenny, so to avoid that problem the file /etc/udev/kernel-upgrade
8609 is created. The bug report
8610 <a href=
"http://bugs.debian.org/
566000">#
566000</a
> make me suspect
8611 this problem do not trigger in a chroot, but I touch the file anyway
8612 to make sure the upgrade go well. Testing on virtual and real
8613 hardware have failed me because of udev so far, and creating this file
8614 do the trick in such settings anyway. This is a
8615 <a href=
"http://www.linuxquestions.org/questions/debian-
26/failed-dist-upgrade-due-to-udev-config_sysfs_deprecated-nonsense-
804130/
">known
8616 issue
</a
> and the current udev behaviour is intended by the udev
8617 maintainer because he lack the resources to rewrite udev to keep
8618 working with old kernels or something like that. I really wish the
8619 udev upstream would keep udev backwards compatible, to avoid such
8620 upgrade problem, but given that they fail to do so, I guess
8621 documenting the way out of this mess is the best option we got for
8622 Debian Squeeze.
</p
>
8624 <p
>Anyway, back to the task at hand, testing upgrades. This test
8625 script, which I call
<tt
>upgrade-test
</tt
> for now, is doing the
8628 <blockquote
><pre
>
8632 if [
"$
1" ] ; then
8641 exec
&lt; /dev/null
8643 mirror=http://ftp.skolelinux.org/debian
8644 tmpdir=chroot-$from-upgrade-$to-$desktop
8646 debootstrap $from $tmpdir $mirror
8647 chroot $tmpdir aptitude update
8648 cat
> $tmpdir/usr/sbin/policy-rc.d
&lt;
&lt;EOF
8652 chmod a+rx $tmpdir/usr/sbin/policy-rc.d
8656 mount -t proc proc $tmpdir/proc
8657 # Make sure proc is unmounted also on failure
8658 trap exit_cleanup EXIT INT
8660 chroot $tmpdir aptitude -y install debconf-utils
8662 # Make sure tasksel autoselection trigger. It need the test scripts
8663 # to return the correct answers.
8664 echo tasksel tasksel/desktop multiselect $desktop | \
8665 chroot $tmpdir debconf-set-selections
8667 # Include the desktop and laptop task
8668 for test in desktop laptop ; do
8669 echo
> $tmpdir/usr/lib/tasksel/tests/$test
&lt;
&lt;EOF
8673 chmod a+rx $tmpdir/usr/lib/tasksel/tests/$test
8676 DEBIAN_FRONTEND=noninteractive
8677 DEBIAN_PRIORITY=critical
8678 export DEBIAN_FRONTEND DEBIAN_PRIORITY
8679 chroot $tmpdir tasksel --new-install
8681 echo deb $mirror $to main
> $tmpdir/etc/apt/sources.list
8682 chroot $tmpdir aptitude update
8683 touch $tmpdir/etc/udev/kernel-upgrade
8684 chroot $tmpdir aptitude -y dist-upgrade
8686 </pre
></blockquote
>
8688 <p
>I suspect it would be useful to test upgrades with both apt-get and
8689 with aptitude, but I have not had time to look at how they behave
8690 differently so far. I hope to get a cron job running to do the test
8691 regularly and post the result on the web. The Gnome upgrade currently
8692 work, while the KDE upgrade fail because of the bug in
8693 kdebase-workspace-data
</p
>
8695 <p
>I am not quite sure what kind of extract from the huge upgrade logs
8696 (KDE
167 KiB, Gnome
516 KiB) it make sense to include in this blog
8697 post, so I will refrain from trying. I can report that for Gnome,
8698 aptitude report
760 packages upgraded,
448 newly installed,
129 to
8699 remove and
1 not upgraded and
1024MB need to be downloaded while for
8700 KDE the same numbers are
702 packages upgraded,
507 newly installed,
8701 193 to remove and
0 not upgraded and
1117MB need to be downloaded
</p
>
8703 <p
>I am very happy to notice that the Gnome desktop + laptop upgrade
8704 is able to migrate to dependency based boot sequencing and parallel
8705 booting without a hitch. Was unsure if there were still bugs with
8706 packages failing to clean up their obsolete init.d script during
8707 upgrades, and no such problem seem to affect the Gnome desktop+laptop
8713 <title>Upstart or sysvinit - as init.d scripts see it
</title>
8714 <link>http://people.skolelinux.org/pere/blog/Upstart_or_sysvinit___as_init_d_scripts_see_it.html
</link>
8715 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Upstart_or_sysvinit___as_init_d_scripts_see_it.html
</guid>
8716 <pubDate>Sun,
6 Jun
2010 23:
55:
00 +
0200</pubDate>
8717 <description><p
>If Debian is to migrate to upstart on Linux, I expect some init.d
8718 scripts to migrate (some of) their operations to upstart job while
8719 keeping the init.d for hurd and kfreebsd. The packages with such
8720 needs will need a way to get their init.d scripts to behave
8721 differently when used with sysvinit and with upstart. Because of
8722 this, I had a look at the environment variables set when a init.d
8723 script is running under upstart, and when it is not.
</p
>
8725 <p
>With upstart, I notice these environment variables are set when a
8726 script is started from rcS.d/ (ignoring some irrelevant ones like
8729 <blockquote
><pre
>
8735 UPSTART_EVENTS=startup
8737 UPSTART_JOB=rc-sysinit
8738 </pre
></blockquote
>
8740 <p
>With sysvinit, these environment variables are set for the same
8743 <blockquote
><pre
>
8744 INIT_VERSION=sysvinit-
2.88
8749 </pre
></blockquote
>
8751 <p
>The RUNLEVEL and PREVLEVEL environment variables passed on from
8752 sysvinit are not set by upstart. Not sure if it is intentional or not
8753 to not be compatible with sysvinit in this regard.
</p
>
8755 <p
>For scripts needing to behave differently when upstart is used,
8756 looking for the UPSTART_JOB environment variable seem to be a good
8762 <title>A manual for standards wars...
</title>
8763 <link>http://people.skolelinux.org/pere/blog/A_manual_for_standards_wars___.html
</link>
8764 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/A_manual_for_standards_wars___.html
</guid>
8765 <pubDate>Sun,
6 Jun
2010 14:
15:
00 +
0200</pubDate>
8766 <description><p
>Via the
8767 <a href=
"http://feedproxy.google.com/~r/robweir/antic-atom/~
3/QzU4RgoAGMg/weekly-links-
10.html
">blog
8768 of Rob Weir
</a
> I came across the very interesting essay named
8769 <a href=
"http://faculty.haas.berkeley.edu/shapiro/wars.pdf
">The Art of
8770 Standards Wars
</a
> (PDF
25 pages). I recommend it for everyone
8771 following the standards wars of today.
</p
>
8776 <title>Sitesummary tip: Listing computer hardware models used at site
</title>
8777 <link>http://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_computer_hardware_models_used_at_site.html
</link>
8778 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_computer_hardware_models_used_at_site.html
</guid>
8779 <pubDate>Thu,
3 Jun
2010 12:
05:
00 +
0200</pubDate>
8780 <description><p
>When using sitesummary at a site to track machines, it is possible
8781 to get a list of the machine types in use thanks to the DMI
8782 information extracted from each machine. The script to do so is
8783 included in the sitesummary package, and here is example output from
8784 the Skolelinux build servers:
</p
>
8786 <blockquote
><pre
>
8787 maintainer:~# /usr/lib/sitesummary/hardware-model-summary
8789 Dell Computer Corporation
1
8792 eserver xSeries
345 -[
8670M1X]-
1
8796 </pre
></blockquote
>
8798 <p
>The quality of the report depend on the quality of the DMI tables
8799 provided in each machine. Here there are Intel machines without model
8800 information listed with Intel as vendor and no model, and virtual Xen
8801 machines listed as [no-dmi-info]. One can add -l as a command line
8802 option to list the individual machines.
</p
>
8804 <p
>A larger list is
8805 <a href=
"http://narvikskolen.no/sitesummary/
">available from the the
8806 city of Narvik
</a
>, which uses Skolelinux on all their shools and also
8807 provide the basic sitesummary report publicly. In their report there
8808 are ~
1400 machines. I know they use both Ubuntu and Skolelinux on
8809 their machines, and as sitesummary is available in both distributions,
8810 it is trivial to get all of them to report to the same central
8811 collector.
</p
>
8816 <title>KDM fail at boot with NVidia cards - and no one try to fix it?
</title>
8817 <link>http://people.skolelinux.org/pere/blog/KDM_fail_at_boot_with_NVidia_cards___and_no_one_try_to_fix_it_.html
</link>
8818 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/KDM_fail_at_boot_with_NVidia_cards___and_no_one_try_to_fix_it_.html
</guid>
8819 <pubDate>Tue,
1 Jun
2010 17:
05:
00 +
0200</pubDate>
8820 <description><p
>It is strange to watch how a bug in Debian causing KDM to fail to
8821 start at boot when an NVidia video card is used is handled. The
8822 problem seem to be that the nvidia X.org driver uses a long time to
8823 initialize, and this duration is longer than kdm is configured to
8826 <p
>I came across two bugs related to this issue,
8827 <a href=
"http://bugs.debian.org/
583312">#
583312</a
> initially filed
8828 against initscripts and passed on to nvidia-glx when it became obvious
8829 that the nvidia drivers were involved, and
8830 <a href=
"http://bugs.debian.org/
524751">#
524751</a
> initially filed against
8831 kdm and passed on to src:nvidia-graphics-drivers for unknown reasons.
</p
>
8833 <p
>To me, it seem that no-one is interested in actually solving the
8834 problem nvidia video card owners experience and make sure the Debian
8835 distribution work out of the box for these users. The nvidia driver
8836 maintainers expect kdm to be set up to wait longer, while kdm expect
8837 the nvidia driver maintainers to fix the driver to start faster, and
8838 while they wait for each other I guess the users end up switching to a
8839 distribution that work for them. I have no idea what the solution is,
8840 but I am pretty sure that waiting for each other is not it.
</p
>
8842 <p
>I wonder why we end up handling bugs this way.
</p
>
8847 <title>Parallellized boot seem to hold up well in Debian/testing
</title>
8848 <link>http://people.skolelinux.org/pere/blog/Parallellized_boot_seem_to_hold_up_well_in_Debian_testing.html
</link>
8849 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Parallellized_boot_seem_to_hold_up_well_in_Debian_testing.html
</guid>
8850 <pubDate>Thu,
27 May
2010 23:
55:
00 +
0200</pubDate>
8851 <description><p
>A few days ago, parallel booting was enabled in Debian/testing.
8852 The feature seem to hold up pretty well, but three fairly serious
8853 issues are known and should be solved:
8857 <li
>The wicd package seen to
8858 <a href=
"http://bugs.debian.org/
508289">break NFS mounting
</a
> and
8859 <a href=
"http://bugs.debian.org/
581586">network setup
</a
> when
8860 parallel booting is enabled. No idea why, but the wicd maintainer
8861 seem to be on the case.
</li
>
8863 <li
>The nvidia X driver seem to
8864 <a href=
"http://bugs.debian.org/
583312">have a race condition
</a
>
8865 triggered more easily when parallel booting is in effect. The
8866 maintainer is on the case.
</li
>
8868 <li
>The sysv-rc package fail to properly enable dependency based boot
8869 sequencing (the shutdown is broken) when old file-rc users
8870 <a href=
"http://bugs.debian.org/
575080">try to switch back
</a
> to
8871 sysv-rc. One way to solve it would be for file-rc to create
8872 /etc/init.d/.legacy-bootordering, and another is to try to make
8873 sysv-rc more robust. Will investigate some more and probably upload a
8874 workaround in sysv-rc to help those trying to move from file-rc to
8875 sysv-rc get a working shutdown.
</li
>
8877 </ul
></p
>
8879 <p
>All in all not many surprising issues, and all of them seem
8880 solvable before Squeeze is released. In addition to these there are
8881 some packages with bugs in their dependencies and run level settings,
8882 which I expect will be fixed in a reasonable time span.
</p
>
8884 <p
>If you report any problems with dependencies in init.d scripts to
8885 the BTS, please usertag the report to get it to show up at
8886 <a href=
"http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org
">the
8887 list of usertagged bugs related to this
</a
>.
</p
>
8889 <p
>Update: Correct bug number to file-rc issue.
</p
>
8894 <title>More flexible firmware handling in debian-installer
</title>
8895 <link>http://people.skolelinux.org/pere/blog/More_flexible_firmware_handling_in_debian_installer.html
</link>
8896 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/More_flexible_firmware_handling_in_debian_installer.html
</guid>
8897 <pubDate>Sat,
22 May
2010 21:
30:
00 +
0200</pubDate>
8898 <description><p
>After a long break from debian-installer development, I finally
8899 found time today to return to the project. Having to spend less time
8900 working dependency based boot in debian, as it is almost complete now,
8901 definitely helped freeing some time.
</p
>
8903 <p
>A while back, I ran into a problem while working on Debian Edu. We
8904 include some firmware packages on the Debian Edu CDs, those needed to
8905 get disk and network controllers working. Without having these
8906 firmware packages available during installation, it is impossible to
8907 install Debian Edu on the given machine, and because our target group
8908 are non-technical people, asking them to provide firmware packages on
8909 an external medium is a support pain. Initially, I expected it to be
8910 enough to include the firmware packages on the CD to get
8911 debian-installer to find and use them. This proved to be wrong.
8912 Next, I hoped it was enough to symlink the relevant firmware packages
8913 to some useful location on the CD (tried /cdrom/ and
8914 /cdrom/firmware/). This also proved to not work, and at this point I
8915 found time to look at the debian-installer code to figure out what was
8916 going to work.
</p
>
8918 <p
>The firmware loading code is in the hw-detect package, and a closer
8919 look revealed that it would only look for firmware packages outside
8920 the installation media, so the CD was never checked for firmware
8921 packages. It would only check USB sticks, floppies and other
8922 "external
" media devices. Today I changed it to also look in the
8923 /cdrom/firmware/ directory on the mounted CD or DVD, which should
8924 solve the problem I ran into with Debian edu. I also changed it to
8925 look in /firmware/, to make sure the installer also find firmware
8926 provided in the initrd when booting the installer via PXE, to allow us
8927 to provide the same feature in the PXE setup included in Debian
8930 <p
>To make sure firmware deb packages with a license questions are not
8931 activated without asking if the license is accepted, I extended
8932 hw-detect to look for preinst scripts in the firmware packages, and
8933 run these before activating the firmware during installation. The
8934 license question is asked using debconf in the preinst, so this should
8935 solve the issue for the firmware packages I have looked at so far.
</p
>
8937 <p
>If you want to discuss the details of these features, please
8938 contact us on debian-boot@lists.debian.org.
</p
>
8943 <title>Parallellized boot is now the default in Debian/unstable
</title>
8944 <link>http://people.skolelinux.org/pere/blog/Parallellized_boot_is_now_the_default_in_Debian_unstable.html
</link>
8945 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Parallellized_boot_is_now_the_default_in_Debian_unstable.html
</guid>
8946 <pubDate>Fri,
14 May
2010 22:
40:
00 +
0200</pubDate>
8947 <description><p
>Since this evening, parallel booting is the default in
8948 Debian/unstable for machines using dependency based boot sequencing.
8949 Apparently the testing of concurrent booting has been wider than
8950 expected, if I am to believe the
8951 <a href=
"http://lists.debian.org/debian-devel/
2010/
05/msg00122.html
">input
8952 on debian-devel@
</a
>, and I concluded a few days ago to move forward
8953 with the feature this weekend, to give us some time to detect any
8954 remaining problems before Squeeze is frozen. If serious problems are
8955 detected, it is simple to change the default back to sequential boot.
8956 The upload of the new sysvinit package also activate a new upstream
8959 More information about
8960 <a href=
"http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot
">dependency
8961 based boot sequencing
</a
> is available from the Debian wiki. It is
8962 currently possible to disable parallel booting when one run into
8963 problems caused by it, by adding this line to /etc/default/rcS:
</p
>
8965 <blockquote
><pre
>
8967 </pre
></blockquote
>
8969 <p
>If you report any problems with dependencies in init.d scripts to
8970 the BTS, please usertag the report to get it to show up at
8971 <a href=
"http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org
">the
8972 list of usertagged bugs related to this
</a
>.
</p
>
8977 <title>Sitesummary tip: Listing MAC address of all clients
</title>
8978 <link>http://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_MAC_address_of_all_clients.html
</link>
8979 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_MAC_address_of_all_clients.html
</guid>
8980 <pubDate>Fri,
14 May
2010 21:
10:
00 +
0200</pubDate>
8981 <description><p
>In the recent Debian Edu versions, the
8982 <a href=
"http://wiki.debian.org/DebianEdu/HowTo/SiteSummary
">sitesummary
8983 system
</a
> is used to keep track of the machines in the school
8984 network. Each machine will automatically report its status to the
8985 central server after boot and once per night. The network setup is
8986 also reported, and using this information it is possible to get the
8987 MAC address of all network interfaces in the machines. This is useful
8988 to update the DHCP configuration.
</p
>
8990 <p
>To give some idea how to use sitesummary, here is a one-liner to
8991 ist all MAC addresses of all machines reporting to sitesummary. Run
8992 this on the collector host:
</p
>
8994 <blockquote
><pre
>
8995 perl -MSiteSummary -e
'for_all_hosts(sub { print join(
" ", get_macaddresses(shift)),
"\n
"; });
'
8996 </pre
></blockquote
>
8998 <p
>This will list all MAC addresses assosiated with all machine, one
8999 line per machine and with space between the MAC addresses.
</p
>
9001 <p
>To allow system administrators easier job at adding static DHCP
9002 addresses for hosts, it would be possible to extend this to fetch
9003 machine information from sitesummary and update the DHCP and DNS
9004 tables in LDAP using this information. Such tool is unfortunately not
9005 written yet.
</p
>
9010 <title>systemd, an interesting alternative to upstart
</title>
9011 <link>http://people.skolelinux.org/pere/blog/systemd__an_interesting_alternative_to_upstart.html
</link>
9012 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/systemd__an_interesting_alternative_to_upstart.html
</guid>
9013 <pubDate>Thu,
13 May
2010 22:
20:
00 +
0200</pubDate>
9014 <description><p
>The last few days a new boot system called
9015 <a href=
"http://www.freedesktop.org/wiki/Software/systemd
">systemd
</a
>
9017 <a href=
"http://
0pointer.de/blog/projects/systemd.html
">introduced
</a
>
9019 to the free software world. I have not yet had time to play around
9020 with it, but it seem to be a very interesting alternative to
9021 <a href=
"http://upstart.ubuntu.com/
">upstart
</a
>, and might prove to be
9022 a good alternative for Debian when we are able to switch to an event
9023 based boot system. Tollef is
9024 <a href=
"http://bugs.debian.org/
580814">in the process
</a
> of getting
9025 systemd into Debian, and I look forward to seeing how well it work. I
9026 like the fact that systemd handles init.d scripts with dependency
9027 information natively, allowing them to run in parallel where upstart
9028 at the moment do not.
</p
>
9030 <p
>Unfortunately do systemd have the same problem as upstart regarding
9031 platform support. It only work on recent Linux kernels, and also need
9032 some new kernel features enabled to function properly. This means
9033 kFreeBSD and Hurd ports of Debian will need a port or a different boot
9034 system. Not sure how that will be handled if systemd proves to be the
9035 way forward.
</p
>
9037 <p
>In the mean time, based on the
9038 <a href=
"http://lists.debian.org/debian-devel/
2010/
05/msg00122.html
">input
9039 on debian-devel@
</a
> regarding parallel booting in Debian, I have
9040 decided to enable full parallel booting as the default in Debian as
9041 soon as possible (probably this weekend or early next week), to see if
9042 there are any remaining serious bugs in the init.d dependencies. A
9043 new version of the sysvinit package implementing this change is
9044 already in experimental. If all go well, Squeeze will be released
9045 with parallel booting enabled by default.
</p
>
9050 <title>Parallellizing the boot in Debian Squeeze - ready for wider testing
</title>
9051 <link>http://people.skolelinux.org/pere/blog/Parallellizing_the_boot_in_Debian_Squeeze___ready_for_wider_testing.html
</link>
9052 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Parallellizing_the_boot_in_Debian_Squeeze___ready_for_wider_testing.html
</guid>
9053 <pubDate>Thu,
6 May
2010 23:
25:
00 +
0200</pubDate>
9054 <description><p
>These days, the init.d script dependencies in Squeeze are quite
9055 complete, so complete that it is actually possible to run all the
9056 init.d scripts in parallell based on these dependencies. If you want
9057 to test your Squeeze system, make sure
9058 <a href=
"http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot
">dependency
9059 based boot sequencing
</a
> is enabled, and add this line to
9060 /etc/default/rcS:
</p
>
9062 <blockquote
><pre
>
9063 CONCURRENCY=makefile
9064 </pre
></blockquote
>
9066 <p
>That is it. It will cause sysv-rc to use the startpar tool to run
9067 scripts in parallel using the dependency information stored in
9068 /etc/init.d/.depend.boot, /etc/init.d/.depend.start and
9069 /etc/init.d/.depend.stop to order the scripts. Startpar is configured
9070 to try to start the kdm and gdm scripts as early as possible, and will
9071 start the facilities required by kdm or gdm as early as possible to
9072 make this happen.
</p
>
9074 <p
>Give it a try, and see if you like the result. If some services
9075 fail to start properly, it is most likely because they have incomplete
9076 init.d script dependencies in their startup script (or some of their
9077 dependent scripts have incomplete dependencies). Report bugs and get
9078 the package maintainers to fix it. :)
</p
>
9080 <p
>Running scripts in parallel could be the default in Debian when we
9081 manage to get the init.d script dependencies complete and correct. I
9082 expect we will get there in Squeeze+
1, if we get manage to test and
9083 fix the remaining issues.
</p
>
9085 <p
>If you report any problems with dependencies in init.d scripts to
9086 the BTS, please usertag the report to get it to show up at
9087 <a href=
"http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org
">the
9088 list of usertagged bugs related to this
</a
>.
</p
>
9093 <title>Debian has switched to dependency based boot sequencing
</title>
9094 <link>http://people.skolelinux.org/pere/blog/Debian_has_switched_to_dependency_based_boot_sequencing.html
</link>
9095 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_has_switched_to_dependency_based_boot_sequencing.html
</guid>
9096 <pubDate>Mon,
27 Jul
2009 23:
50:
00 +
0200</pubDate>
9097 <description><p
>Since this evening, with the upload of sysvinit version
2.87dsf-
2,
9098 and the upload of insserv version
1.12.0-
10 yesterday, Debian unstable
9099 have been migrated to using dependency based boot sequencing. This
9100 conclude work me and others have been doing for the last three days.
9101 It feels great to see this finally part of the default Debian
9102 installation. Now we just need to weed out the last few problems that
9103 are bound to show up, to get everything ready for Squeeze.
</p
>
9105 <p
>The next step is migrating /sbin/init from sysvinit to upstart, and
9106 fixing the more fundamental problem of handing the event based
9107 non-predictable kernel in the early boot.
</p
>
9112 <title>Taking over sysvinit development
</title>
9113 <link>http://people.skolelinux.org/pere/blog/Taking_over_sysvinit_development.html
</link>
9114 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Taking_over_sysvinit_development.html
</guid>
9115 <pubDate>Wed,
22 Jul
2009 23:
00:
00 +
0200</pubDate>
9116 <description><p
>After several years of frustration with the lack of activity from
9117 the existing sysvinit upstream developer, I decided a few weeks ago to
9118 take over the package and become the new upstream. The number of
9119 patches to track for the Debian package was becoming a burden, and the
9120 lack of synchronization between the distribution made it hard to keep
9121 the package up to date.
</p
>
9123 <p
>On the new sysvinit team is the SuSe maintainer Dr. Werner Fink,
9124 and my Debian co-maintainer Kel Modderman. About
10 days ago, I made
9125 a new upstream tarball with version number
2.87dsf (for Debian, SuSe
9126 and Fedora), based on the patches currently in use in these
9127 distributions. We Debian maintainers plan to move to this tarball as
9128 the new upstream as soon as we find time to do the merge. Since the
9129 new tarball was created, we agreed with Werner at SuSe to make a new
9130 upstream project at
<a href=
"http://savannah.nongnu.org/
">Savannah
</a
>, and continue
9131 development there. The project is registered and currently waiting
9132 for approval by the Savannah administrators, and as soon as it is
9133 approved, we will import the old versions from svn and continue
9134 working on the future release.
</p
>
9136 <p
>It is a bit ironic that this is done now, when some of the involved
9137 distributions are moving to upstart as a syvinit replacement.
</p
>
9142 <title>Debian boots quicker and quicker
</title>
9143 <link>http://people.skolelinux.org/pere/blog/Debian_boots_quicker_and_quicker.html
</link>
9144 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_boots_quicker_and_quicker.html
</guid>
9145 <pubDate>Wed,
24 Jun
2009 21:
40:
00 +
0200</pubDate>
9146 <description><p
>I spent Monday and tuesday this week in London with a lot of the
9147 people involved in the boot system on Debian and Ubuntu, to see if we
9148 could find more ways to speed up the boot system. This was an Ubuntu
9150 <a href=
"https://wiki.ubuntu.com/FoundationsTeam/BootPerformance/DebianUbuntuSprint
">developer
9151 gathering
</a
>. It was quite productive. We also discussed the future
9152 of boot systems, and ways to handle the increasing number of boot
9153 issues introduced by the Linux kernel becoming more and more
9154 asynchronous and event base. The Ubuntu approach using udev and
9155 upstart might be a good way forward. Time will show.
</p
>
9157 <p
>Anyway, there are a few ways at the moment to speed up the boot
9158 process in Debian. All of these should be applied to get a quick
9163 <li
>Use dash as /bin/sh.
</li
>
9165 <li
>Disable the init.d/hwclock*.sh scripts and make sure the hardware
9166 clock is in UTC.
</li
>
9168 <li
>Install and activate the insserv package to enable
9169 <a href=
"http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot
">dependency
9170 based boot sequencing
</a
>, and enable concurrent booting.
</li
>
9174 These points are based on the Google summer of code work done by
9175 <a href=
"http://initscripts-ng.alioth.debian.org/soc2006-bootsystem/
">Carlos
9178 <p
>Support for makefile-style concurrency during boot was uploaded to
9179 unstable yesterday. When we tested it, we were able to cut
6 seconds
9180 from the boot sequence. It depend on very correct dependency
9181 declaration in all init.d scripts, so I expect us to find edge cases
9182 where the dependences in some scripts are slightly wrong when we start
9183 using this.
</p
>
9185 <p
>On our IRC channel for this effort, #pkg-sysvinit, a new idea was
9186 introduced by Raphael Geissert today, one that could affect the
9187 startup speed as well. Instead of starting some scripts concurrently
9188 from rcS.d/ and another set of scripts from rc2.d/, it would be
9189 possible to run a of them in the same process. A quick way to test
9190 this would be to enable insserv and run
'mv /etc/rc2.d/S* /etc/rcS.d/;
9191 insserv
'. Will need to test if that work. :)
</p
>
9196 <title>BSAs påstander om piratkopiering møter motstand
</title>
9197 <link>http://people.skolelinux.org/pere/blog/BSAs_p_stander_om_piratkopiering_m_ter_motstand.html
</link>
9198 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/BSAs_p_stander_om_piratkopiering_m_ter_motstand.html
</guid>
9199 <pubDate>Sun,
17 May
2009 23:
05:
00 +
0200</pubDate>
9200 <description><p
>Hvert år de siste årene har BSA, lobbyfronten til de store
9201 programvareselskapene som Microsoft og Apple, publisert en rapport der
9202 de gjetter på hvor mye piratkopiering påfører i tapte inntekter i
9203 ulike land rundt om i verden. Resultatene er tendensiøse. For noen
9205 <a href=
"http://global.bsa.org/globalpiracy2008/studies/globalpiracy2008.pdf
">siste
9206 rapport
</a
>, og det er flere kritiske kommentarer publisert de siste
9207 dagene. Et spesielt interessant kommentar fra Sverige,
9208 <a href=
"http://www.idg.se/
2.1085/
1.229795/bsa-hoftade-sverigesiffror
">BSA
9209 höftade Sverigesiffror
</a
>, oppsummeres slik:
</p
>
9212 I sin senaste rapport slår BSA fast att
25 procent av all mjukvara i
9213 Sverige är piratkopierad. Det utan att ha pratat med ett enda svenskt
9214 företag.
"Man bör nog kanske inte se de här siffrorna som helt
9215 exakta
", säger BSAs Sverigechef John Hugosson.
9218 <p
>Mon tro om de er like metodiske når de gjetter på andelen piratkopiering i Norge? To andre kommentarer er
<a
9219 href=
"http://www.vnunet.com/vnunet/comment/
2242134/bsa-piracy-figures-shot-reality
">BSA
9220 piracy figures need a shot of reality
</a
> og
<a
9221 href=
"http://www.michaelgeist.ca/content/view/
3958/
125/
">Does The WIPO
9222 Copyright Treaty Work?
</a
></p
>
9224 <p
>Fant lenkene via
<a
9225 href=
"http://tech.slashdot.org/article.pl?sid=
09/
05/
17/
1632242">oppslag
9226 på Slashdot
</a
>.
</p
>
9231 <title>IDG mener linux i servermarkedet vil vokse med
21% i
2009</title>
9232 <link>http://people.skolelinux.org/pere/blog/IDG_mener_linux_i_servermarkedet_vil_vokse_med_21__i_2009.html
</link>
9233 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/IDG_mener_linux_i_servermarkedet_vil_vokse_med_21__i_2009.html
</guid>
9234 <pubDate>Thu,
7 May
2009 22:
30:
00 +
0200</pubDate>
9235 <description><p
>Kom over
9236 <a href=
"http://news.cnet.com/
8301-
13505_3-
10216873-
16.html
">interessante
9237 tall
</a
> fra IDG om utviklingen av linuxservermarkedet. Fikk meg til
9238 å tenke på antall tjenermaskiner ved Universitetet i Oslo der jeg
9239 jobber til daglig. En rask opptelling forteller meg at vi har
490
9240 (
61%) fysiske unix-tjener (mest linux men også noen solaris) og
196
9241 (
25%) windowstjenere, samt
112 (
14%) virtuelle unix-tjenere. Med den
9242 bakgrunnskunnskapen kan jeg godt tro at IDG er inne på noe.
</p
>
9247 <title>Kryptert harddisk - naturligvis
</title>
9248 <link>http://people.skolelinux.org/pere/blog/Kryptert_harddisk___naturligvis.html
</link>
9249 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Kryptert_harddisk___naturligvis.html
</guid>
9250 <pubDate>Sat,
2 May
2009 15:
30:
00 +
0200</pubDate>
9251 <description><p
><a href=
"http://www.dagensit.no/trender/article1658676.ece
">Dagens
9252 IT melder
</a
> at Intel hevder at det er dyrt å miste en datamaskin,
9253 når en tar tap av arbeidstid, fortrolige dokumenter,
9254 personopplysninger og alt annet det innebærer. Det er ingen tvil om
9255 at det er en kostbar affære å miste sin datamaskin, og det er årsaken
9256 til at jeg har kryptert harddisken på både kontormaskinen og min
9257 bærbare. Begge inneholder personopplysninger jeg ikke ønsker skal
9258 komme på avveie, den første informasjon relatert til jobben min ved
9259 Universitetet i Oslo, og den andre relatert til blant annet
9260 foreningsarbeide. Kryptering av diskene gjør at det er lite
9261 sannsynlig at dophoder som kan finne på å rappe maskinene får noe ut
9262 av dem. Maskinene låses automatisk etter noen minutter uten bruk,
9263 og en reboot vil gjøre at de ber om passord før de vil starte opp.
9264 Jeg bruker Debian på begge maskinene, og installasjonssystemet der
9265 gjør det trivielt å sette opp krypterte disker. Jeg har LVM på toppen
9266 av krypterte partisjoner, slik at alt av datapartisjoner er kryptert.
9267 Jeg anbefaler alle å kryptere diskene på sine bærbare. Kostnaden når
9268 det er gjort slik jeg gjør det er minimale, og gevinstene er
9269 betydelige. En bør dog passe på passordet. Hvis det går tapt, må
9270 maskinen reinstalleres og alt er tapt.
</p
>
9272 <p
>Krypteringen vil ikke stoppe kompetente angripere som f.eks. kjøler
9273 ned minnebrikkene før maskinen rebootes med programvare for å hente ut
9274 krypteringsnøklene. Kostnaden med å forsvare seg mot slike angripere
9275 er for min del høyere enn gevinsten. Jeg tror oddsene for at
9276 f.eks. etteretningsorganisasjoner har glede av å titte på mine
9277 maskiner er minimale, og ulempene jeg ville oppnå ved å forsøke å
9278 gjøre det vanskeligere for angripere med kompetanse og ressurser er
9279 betydelige.
</p
>
9284 <title>Two projects that have improved the quality of free software a lot
</title>
9285 <link>http://people.skolelinux.org/pere/blog/Two_projects_that_have_improved_the_quality_of_free_software_a_lot.html
</link>
9286 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Two_projects_that_have_improved_the_quality_of_free_software_a_lot.html
</guid>
9287 <pubDate>Sat,
2 May
2009 15:
00:
00 +
0200</pubDate>
9288 <description><p
>There are two software projects that have had huge influence on the
9289 quality of free software, and I wanted to mention both in case someone
9290 do not yet know them.
</p
>
9292 <p
>The first one is
<a href=
"http://valgrind.org/
">valgrind
</a
>, a
9293 tool to detect and expose errors in the memory handling of programs.
9294 It is easy to use, all one need to do is to run
'valgrind program
',
9295 and it will report any problems on stdout. It is even better if the
9296 program include debug information. With debug information, it is able
9297 to report the source file name and line number where the problem
9298 occurs. It can report things like
'reading past memory block in file
9299 X line N, the memory block was allocated in file Y, line M
', and
9300 'using uninitialised value in control logic
'. This tool has made it
9301 trivial to investigate reproducible crash bugs in programs, and have
9302 reduced the number of this kind of bugs in free software a lot.
9304 <p
>The second one is
9305 <a href=
"http://en.wikipedia.org/wiki/Coverity
">Coverity
</a
> which is
9306 a source code checker. It is able to process the source of a program
9307 and find problems in the logic without running the program. It
9308 started out as the Stanford Checker and became well known when it was
9309 used to find bugs in the Linux kernel. It is now a commercial tool
9310 and the company behind it is running
9311 <a href=
"http://www.scan.coverity.com/
">a community service
</a
> for the
9312 free software community, where a lot of free software projects get
9313 their source checked for free. Several thousand defects have been
9314 found and fixed so far. It can find errors like
'lock L taken in file
9315 X line N is never released if exiting in line M
', or
'the code in file
9316 Y lines O to P can never be executed
'. The projects included in the
9317 community service project have managed to get rid of a lot of
9318 reliability problems thanks to Coverity.
</p
>
9320 <p
>I believe tools like this, that are able to automatically find
9321 errors in the source, are vital to improve the quality of software and
9322 make sure we can get rid of the crashing and failing software we are
9323 surrounded by today.
</p
>
9328 <title>No patch is not better than a useless patch
</title>
9329 <link>http://people.skolelinux.org/pere/blog/No_patch_is_not_better_than_a_useless_patch.html
</link>
9330 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/No_patch_is_not_better_than_a_useless_patch.html
</guid>
9331 <pubDate>Tue,
28 Apr
2009 09:
30:
00 +
0200</pubDate>
9332 <description><p
>Julien Blache
9333 <a href=
"http://blog.technologeek.org/
2009/
04/
12/
214">claim that no
9334 patch is better than a useless patch
</a
>. I completely disagree, as a
9335 patch allow one to discuss a concrete and proposed solution, and also
9336 prove that the issue at hand is important enough for someone to spent
9337 time on fixing it. No patch do not provide any of these positive
9338 properties.
</p
>
9343 <title>Standardize on protocols and formats, not vendors and applications
</title>
9344 <link>http://people.skolelinux.org/pere/blog/Standardize_on_protocols_and_formats__not_vendors_and_applications.html
</link>
9345 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Standardize_on_protocols_and_formats__not_vendors_and_applications.html
</guid>
9346 <pubDate>Mon,
30 Mar
2009 11:
50:
00 +
0200</pubDate>
9347 <description><p
>Where I work at the University of Oslo, one decision stand out as a
9348 very good one to form a long lived computer infrastructure. It is the
9349 simple one, lost by many in todays computer industry: Standardize on
9350 open network protocols and open exchange/storage formats, not applications.
9351 Applications come and go, while protocols and files tend to stay, and
9352 thus one want to make it easy to change application and vendor, while
9353 avoiding conversion costs and locking users to a specific platform or
9354 application.
</p
>
9356 <p
>This approach make it possible to replace the client applications
9357 independently of the server applications. One can even allow users to
9358 use several different applications as long as they handle the selected
9359 protocol and format. In the normal case, only one client application
9360 is recommended and users only get help if they choose to use this
9361 application, but those that want to deviate from the easy path are not
9362 blocked from doing so.
</p
>
9364 <p
>It also allow us to replace the server side without forcing the
9365 users to replace their applications, and thus allow us to select the
9366 best server implementation at any moment, when scale and resouce
9367 requirements change.
</p
>
9369 <p
>I strongly recommend standardizing - on open network protocols and
9370 open formats, but I would never recommend standardizing on a single
9371 application that do not use open network protocol or open formats.
</p
>
9376 <title>Returning from Skolelinux developer gathering
</title>
9377 <link>http://people.skolelinux.org/pere/blog/Returning_from_Skolelinux_developer_gathering.html
</link>
9378 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Returning_from_Skolelinux_developer_gathering.html
</guid>
9379 <pubDate>Sun,
29 Mar
2009 21:
00:
00 +
0200</pubDate>
9380 <description><p
>I
'm sitting on the train going home from this weekends Debian
9381 Edu/Skolelinux development gathering. I got a bit done tuning the
9382 desktop, and looked into the dynamic service location protocol
9383 implementation avahi. It look like it could be useful for us. Almost
9384 30 people participated, and I believe it was a great environment to
9385 get to know the Skolelinux system. Walter Bender, involved in the
9386 development of the Sugar educational platform, presented his stuff and
9387 also helped me improve my OLPC installation. He also showed me that
9388 his Turtle Art application can be used in standalone mode, and we
9389 agreed that I would help getting it packaged for Debian. As a
9390 standalone application it would be great for Debian Edu. We also
9391 tried to get the video conferencing working with two OLPCs, but that
9392 proved to be too hard for us. The application seem to need more work
9393 before it is ready for me. I look forward to getting home and relax
9399 <title>Time for new LDAP schemas replacing RFC
2307?
</title>
9400 <link>http://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
</link>
9401 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
</guid>
9402 <pubDate>Sun,
29 Mar
2009 20:
30:
00 +
0200</pubDate>
9403 <description><p
>The state of standardized LDAP schemas on Linux is far from
9404 optimal. There is RFC
2307 documenting one way to store NIS maps in
9405 LDAP, and a modified version of this normally called RFC
2307bis, with
9406 some modifications to be compatible with Active Directory. The RFC
9407 specification handle the content of a lot of system databases, but do
9408 not handle DNS zones and DHCP configuration.
</p
>
9410 <p
>In
<a href=
"http://www.skolelinux.org/
">Debian Edu/Skolelinux
</a
>,
9411 we would like to store information about users, SMB clients/hosts,
9412 filegroups, netgroups (users and hosts), DHCP and DNS configuration,
9413 and LTSP configuration in LDAP. These objects have a lot in common,
9414 but with the current LDAP schemas it is not possible to have one
9415 object per entity. For example, one need to have at least three LDAP
9416 objects for a given computer, one with the SMB related stuff, one with
9417 DNS information and another with DHCP information. The schemas
9418 provided for DNS and DHCP are impossible to combine into one LDAP
9419 object. In addition, it is impossible to implement quick queries for
9420 netgroup membership, because of the way NIS triples are implemented.
9421 It just do not scale. I believe it is time for a few RFC
9422 specifications to cleam up this mess.
</p
>
9424 <p
>I would like to have one LDAP object representing each computer in
9425 the network, and this object can then keep the SMB (ie host key), DHCP
9426 (mac address/name) and DNS (name/IP address) settings in one place.
9427 It need to be efficently stored to make sure it scale well.
</p
>
9429 <p
>I would also like to have a quick way to map from a user or
9430 computer and to the net group this user or computer is a member.
</p
>
9432 <p
>Active Directory have done a better job than unix heads like myself
9433 in this regard, and the unix side need to catch up. Time to start a
9434 new IETF work group?
</p
>
9439 <title>Endelig er Debian Lenny gitt ut
</title>
9440 <link>http://people.skolelinux.org/pere/blog/Endelig_er_Debian_Lenny_gitt_ut.html
</link>
9441 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Endelig_er_Debian_Lenny_gitt_ut.html
</guid>
9442 <pubDate>Sun,
15 Feb
2009 11:
50:
00 +
0100</pubDate>
9443 <description><p
>Endelig er
<a href=
"http://www.debian.org/
">Debian
</a
>
9444 <a href=
"http://www.debian.org/News/
2009/
20090214">Lenny
</a
> gitt ut.
9445 Et langt steg videre for Debian-prosjektet, og en rekke nye
9446 programpakker blir nå tilgjengelig for de av oss som bruker den
9447 stabile utgaven av Debian. Neste steg er nå å få
9448 <a href=
"http://www.skolelinux.org/
">Skolelinux
</a
> /
9449 <a href=
"http://wiki.debian.org/DebianEdu/
">Debian Edu
</a
> ferdig
9450 oppdatert for den nye utgaven, slik at en oppdatert versjon kan
9451 slippes løs på skolene. Takk til alle debian-utviklerne som har
9452 gjort dette mulig. Endelig er f.eks. fungerende avhengighetsstyrt
9453 bootsekvens tilgjengelig i stabil utgave, vha pakken
9454 <tt
>insserv
</tt
>.
</p
>
9459 <title>Devcamp brought us closer to the Lenny based Debian Edu release
</title>
9460 <link>http://people.skolelinux.org/pere/blog/Devcamp_brought_us_closer_to_the_Lenny_based_Debian_Edu_release.html
</link>
9461 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Devcamp_brought_us_closer_to_the_Lenny_based_Debian_Edu_release.html
</guid>
9462 <pubDate>Sun,
7 Dec
2008 12:
00:
00 +
0100</pubDate>
9463 <description><p
>This weekend we had a small developer gathering for Debian Edu in
9464 Oslo. Most of Saturday was used for the general assemly for the
9465 member organization, but the rest of the weekend I used to tune the
9466 LTSP installation. LTSP now work out of the box on the
10-network.
9467 Acer Aspire One proved to be a very nice thin client, with both
9468 screen, mouse and keybard in a small box. Was working on getting the
9469 diskless workstation setup configured out of the box, but did not
9470 finish it before the weekend was up.
</p
>
9472 <p
>Did not find time to look at the
4 VGA cards in one box we got from
9473 the Brazilian group, so that will have to wait for the next
9474 development gathering. Would love to have the Debian Edu installer
9475 automatically detect and configure a multiseat setup when it find one
9476 of these cards.
</p
>
9481 <title>The sorry state of multimedia browser plugins in Debian
</title>
9482 <link>http://people.skolelinux.org/pere/blog/The_sorry_state_of_multimedia_browser_plugins_in_Debian.html
</link>
9483 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/The_sorry_state_of_multimedia_browser_plugins_in_Debian.html
</guid>
9484 <pubDate>Tue,
25 Nov
2008 00:
10:
00 +
0100</pubDate>
9485 <description><p
>Recently I have spent some time evaluating the multimedia browser
9486 plugins available in Debian Lenny, to see which one we should use by
9487 default in Debian Edu. We need an embedded video playing plugin with
9488 control buttons to pause or stop the video, and capable of streaming
9489 all the multimedia content available on the web. The test results and
9490 notes are available on
9491 <a href=
"http://wiki.debian.org/DebianEdu/BrowserMultimedia
">the
9492 Debian wiki
</a
>. I was surprised how few of the plugins are able to
9493 fill this need. My personal video player favorite, VLC, has a really
9494 bad plugin which fail on a lot of the test pages. A lot of the MIME
9495 types I would expect to work with any free software player (like
9496 video/ogg), just do not work. And simple formats like the
9497 audio/x-mplegurl format (m3u playlists), just isn
't supported by the
9498 totem and vlc plugins. I hope the situation will improve soon. No
9499 wonder sites use the proprietary Adobe flash to play video.
</p
>
9501 <p
>For Lenny, we seem to end up with the mplayer plugin. It seem to
9502 be the only one fitting our needs. :/
</p
>
projects / homepage.git / blob