Petter Reinholdtsen

I dag kom det en fascinerende artikkel i Aftenposten om hva Microsoft har foreslått at foreldre går med på for å la ungene delta på Lær kidsa koding på skolen. De ber foreldrene om å få bruke bilder og video av ungene kommersielt og gratis i all fremtid, hvilket var så drøyt at Arbeiderpartiets bystyrerepresentant Per Anders Torvik Langerød tok opp saken opp under bystyrets muntlige spørretime onsdag. Resultatet av dette er at Microsoft har trukket tilbake teksten i samtykkeerklæringen og kommunikasjonsdirektør Christine Korme i Microsoft sier i artikkelen at «Vi vil presentere en ny erklæring som gjør det helt klart i hvilken forbindelse materialet skal brukes, altså ikke-kommersielt», hvilket jo er fint. Jeg lurer virkelig på hvordan teksten kunne slippe ut til foreldrene i første omgang. Her har noen på skolen ikke fulgt med i timen, eller mangler grunnleggende personverntrening.

Men bildet av samtykkeerklæringen inneholder også en annen problematisk klausul, som ikke omtales overhodet i Aftenposten-artikkelen. Neste punkt i erklæringen lyder:

«Du aksepterer ikke å bruke eller videreformidle til en tredjepart noen hemmelige eller fortrolige opplysninger som gis av Microsoft i løpet av elevens deltagelse.»

Mener Microsoft virkelig at foreldre og barn skal ta ansvar for at Microsoft ikke klarer å holde hemmelig og fortrolig informasjon for seg selv når de besøker en offentlig norsk skole? Jeg ville nektet plent å signert på en avtale med en slik klausul, da det er Microsofts ansvar å holde på sine hemmeligheter, og ikke noe mine barn og min familie tar på oss erstatningsansvar for hvis de kommer på avveie.

Jeg lurer på om noen har fått se den nye samtykkeerklæringen? Inneholder den fortsatt klausul om hemmelighold? Hvor mange er det som hittil har signert på den gamle samtykkeerklæringen? Hvor har den vært brukt? Savnet svar på disse spørsmålene i artikkelen, da de som har signert på den gamle vel vil være bundet av den selv om ingen flere signerer på den.

Lær kidsa koding er et glimrende initiativ, og jeg skulle ønske noen av foreningen NUUGs medlemmer hadde kapasitet til å delta i initiativet på NUUGs vegne. Selv tar jobb, familie og eksisterende prosjekter allerede all tid. Slik Microsoft tydeligvis holder på er det behov for noen med et annet syn på livet som bidragsyter her.

For noen dager siden annonserte Nasjonalbiblioteket gladnyheten om at de i sine arkiver hadde funnet et nitratfilm-eksemplar av en 87 år gammel Disney-film ved navn Empty Socks, en film som tidligere var antatt tapt og der det i følge nyhetsmeldinger var kun ca. 25 sekunder bevart for ettertiden. Nasjonalbiblioteket hadde 5 minutter og 30 sekunder av filmen i sitt magasin. Dette er flott for bevaringen av verdens kulturarv. 5,5 minutter mindre tapt enn vi trodde av vår felles historie.

Men hvordan kunne filmen gå tapt, når arkivlovene i USA krevde at publiserte filmer på den tiden ble deponert i bibliotek? Forklaringen har jeg fra Lawrence Lessig og boken Free Culture, som jeg holder på å oversette til norsk:

Dette er delvis på grunn av loven. Opphavsrettseiere var tidlig i amerikansk opphavsrettslov nødt til å deponere kopier av sine verk i biblioteker. Disse kopiene skulle både sikre spredning av kunnskap, og sikre at det fantes en kopi av verket tilgjengelig når vernetiden utløp, slik at andre kunne få tilgang til og kopiere verket.

Disse reglene gjaldt også for filmer. Men i 1915 gjorde kongressbiblioteket et unntak for film. Filmer kunne bli opphavsrettsbeskyttet så lenge det ble gjort slik deponering. Men filmskaperne fikk så lov til å låne tilbake de deponerte filmene - så lenge de ville uten noe kostnad. Bare i 1915 var det mer enn 5475 filmer deponert og “lånt tilbake”. Dermed var det ikke noe eksemplar i noe bibliotek når vernetiden til filmen utløp. Eksemplaret eksisterer - hvis den finnes i det hele tatt - i arkivbiblioteket til filmselskapet.

Nyheten gjorde meg nysgjerrig på om filmen kunne være falt i det fri. En 87 år gammel film kunne jo tenkes å ha blitt en del av allemannseiet, slik at vi alle kan bruke den til å bygge videre på vår felles kultur uten å måtte be om tillatelse - slik Walt Disney gjorde det i starten av sin karriere. Jeg spurte nasjonalbiblioteket, og de sa nei. Hvordan kan det ha seg med en så gammel film? Jeg besteme meg for å undersøke nærmere. En kan finne informasjon om den norske vernetiden på Lovdata og Wikipedia. Her er et relevant utsnitt fra siden om opphavsrett i den norske Wikipedia:

Ifølge åndsverkloven §§ 40-41 utløper vernetiden for et åndsverk 70 år etter utløpet av opphavspersonens dødsår. [...] For filmverk gjelder særlige regler: Her kommer ikke alle mulige opphavspersoner i betraktning, men kun hovedregissøren, manusforfatteren, dialogforfatteren og komponisten av filmmusikken. Vernetiden begynner å løpe etter utgangen av dødsåret til den lengstlevende av disse. [...] Der opphavspersonen er ukjent, utløper opphavsretten 70 år etter første kjente offentliggjørelse av verket. Det er kun de økonomiske rettighetene som faller bort i det vernetiden er utløpt. De ideelle rettighetene må fortsatt respekteres, noe som blant annet innebærer at man plikter å navngi opphavspersonen ved tilgjengeliggjøring.

I følge nettstedet The Encyclopedia of Disney Animated Shorts er følgende personer gitt æren for denne kortfilmen:

Regissør

Walt Disney (1901-12-05 – 1966-12-15) +70 år = 2037

Animasjon

Ub Iwerks (1901-03-24 – 1971-07-07) +70 år = 2042
Rollin "Ham" Hamilton (1898-10-28 - 1951-06-03) +70 år = 2022
Hugh Harman (1903-08-31 – 1982-11-25) +70 år = 2053

Kamera

Mike Marcus (?-?)

Alle fødsels- og dødsdatoene er fra engelske Wikipedia. Det er ikke oppgitt navn på manusforfatter, dialogforfatter og komponist, men jeg mistenker at tegnerne vil få opphavsrettigheter på tegnefilmer her i Norge, og tar derfor med disse. Kameramannen vil ikke få noen rettigheter så vidt jeg forstår, og er derfor ignorert her.

Slik jeg forstår den norske opphavsretten vil dermed dette filmverket bli allemannseie (også kalt å falle i det fri) i 2053, 126 år etter at det ble utgitt. Hvis kun regissørens rettigheter er relevante, vil det skje i 2037, 110 år etter at det ble utgitt. Etter det vil enhver kunne dele det med alle de har lyst til, fremføre det offentlig eller klippe og lime i det for å lage sin egen film basert på det - helt uten å måtte spørre noen om lov.

Måtte så Nasjonalbiblioteket spørre om lov før de kunne kopiere sitt nitrat-eksemplar over på mer varig format? Nei, heldigvis. Åndsverklovens § 16 sier at arkiv, bibliotek, museer og undervisnings- og forskningsinstitusjoner har rett til å fremstille eksemplar av verk for konserverings- og sikringsformål og andre særskilte formål.

By now, it is well known that Debian Jessie will not be using sysvinit as its boot system by default. But how can one keep using sysvinit in Jessie? It is fairly easy, and here are a few recipes, courtesy of Erich Schubert and Simon McVittie.

If you already are using Wheezy and want to upgrade to Jessie and keep sysvinit as your boot system, create a file /etc/apt/preferences.d/use-sysvinit with this content before you upgrade:

Package: systemd-sysv
Pin: release o=Debian
Pin-Priority: -1

This file content will tell apt and aptitude to not consider installing systemd-sysv as part of any installation and upgrade solution when resolving dependencies, and thus tell it to avoid systemd as a default boot system. The end result should be that the upgraded system keep using sysvinit.

If you are installing Jessie for the first time, there is no way to get sysvinit installed by default (debootstrap used by debian-installer have no option for this), but one can tell the installer to switch to sysvinit before the first boot. Either by using a kernel argument to the installer, or by adding a line to the preseed file used. First, the kernel command line argument:

preseed/late_command="in-target apt-get install --purge -y sysvinit-core"

Next, the line to use in a preseed file:

d-i preseed/late_command string in-target apt-get install -y sysvinit-core

One can of course also do this after the first boot by installing the sysvinit-core package.

I recommend only using sysvinit if you really need it, as the sysvinit boot sequence in Debian have several hardware specific bugs on Linux caused by the fact that it is unpredictable when hardware devices show up during boot. But on the other hand, the new default boot system still have a few rough edges I hope will be fixed before Jessie is released.

Update 2014-11-26: Inspired by a blog post by Torsten Glaser, added --purge to the preseed line.

For en stund tilbake spurte jeg Fornyingsdepartementet om hvilke juridiske vurderinger rundt patentproblemstillingen som var gjort da H.264 ble tatt inn i statens referansekatalog over standarder. Stig Hornnes i FAD tipset meg om følgende som står i oppsumeringen til høringen om referansekatalogen versjon 2.0, som jeg siden ved hjelp av en innsynsforespørsel fikk tak i PDF-utgaven av datert 2009-06-03 (saksnummer 200803291, saksbehandler Henrik Linnestad).

Der står det følgende om problemstillingen:

4.4 Patentproblematikk

NUUG og Opera ser det som særlig viktig at forslagene knyttet til lyd og video baserer seg på de royalty-frie standardene Vorbis, Theora og FLAC.

Kommentarene relaterer seg til at enkelte standarder er åpne, men inneholder tekniske prosedyrer som det i USA (og noen andre land som Japan) er gitt patentrettigheter til. I vårt tilfelle berører dette spesielt standardene Mp3 og H.264, selv om Politidirektoratet peker på at det muligens kan være tilsvarende problematikk også for Theora og Vorbis. Dette medfører at det i USA kan kreves royalties for bruk av tekniske løsninger knyttet til standardene, et krav som også håndheves. Patenter kan imidlertid bare hevdes i de landene hvor patentet er gitt, så amerikanske patenter gjelder ikke andre steder enn USA.

Spesielt for utvikling av fri programvare er patenter problematisk. GPL, en "grunnleggende" lisens for distribusjon av fri programvare, avviser at programvare kan distribueres under denne lisensen hvis det inneholder referanser til patenterte rutiner som utløser krav om royalties. Det er imidlertid uproblematisk å distribuere fri programvareløsninger under GPL som benytter de aktuelle standardene innen eller mellom land som ikke anerkjenner patentene. Derfor finner vi også flere implementeringer av Mp3 og H.264 som er fri programvare, lisensiert under GPL.

I Norge og EU er patentlovgivningen langt mer restriktiv enn i USA, men det er også her mulig å få patentert metoder for løsning av et problem som relaterer seg til databehandling. Det er AIF bekjent ikke relevante patenter i EU eller Norge hva gjelder H.264 og Mp3, men muligheten for at det finnes patenter uten at det er gjort krav om royalties eller at det senere vil gis slike patenter kan ikke helt avvises.

AIF mener det er et behov for å gi offentlige virksomheter mulighet til å benytte antatt royaltyfrie åpne standarder som et likeverdig alternativ eller i tillegg til de markedsledende åpne standardene.

Det ser dermed ikke ut til at de har vurdert patentspørsmålet i sammenheng med opphavsrettsvilkår slik de er formulert for f.eks. Apple Final Cut Pro, Adobe Premiere Pro, Avid og Sorenson-verktøyene, der det kreves brukstillatelse for patenter som ikke er gyldige i Norge for å bruke disse verktøyene til annet en personlig og ikke kommersiell aktivitet når det gjelder H.264-video. Jeg må nok lete videre etter svar på det spørsmålet.

The right to communicate with your friends and family in private, without anyone snooping, is a right every citicen have in a liberal democracy. But this right is under serious attack these days.

A while back it occurred to me that one way to make the dragnet surveillance conducted by NSA, GCHQ, FRA and others (and confirmed by the whisleblower Snowden) more expensive for Internet email, is to deliver all email using SMTP via Tor. Such SMTP option would be a nice addition to the FreedomBox project if we could send email between FreedomBox machines without leaking metadata about the emails to the people peeking on the wire. I proposed this on the FreedomBox project mailing list in October and got a lot of useful feedback and suggestions. It also became obvious to me that this was not a novel idea, as the same idea was tested and documented by Johannes Berg as early as 2006, and both the Mailpile and the Cables systems propose a similar method / protocol to pass emails between users.

To implement such system one need to set up a Tor hidden service providing the SMTP protocol on port 25, and use email addresses looking like username@hidden-service-name.onion. With such addresses the connections to port 25 on hidden-service-name.onion using Tor will go to the correct SMTP server. To do this, one need to configure the Tor daemon to provide the hidden service and the mail server to accept emails for this .onion domain. To learn more about Exim configuration in Debian and test the design provided by Johannes Berg in his FAQ, I set out yesterday to create a Debian package for making it trivial to set up such SMTP over Tor service based on Debian. Getting it to work were fairly easy, and the source code for the Debian package is available from github. I plan to move it into Debian if further testing prove this to be a useful approach.

If you want to test this, set up a blank Debian machine without any mail system installed (or run apt-get purge exim4-config to get rid of exim4). Install tor, clone the git repository mentioned above, build the deb and install it on the machine. Next, run /usr/lib/exim4-smtorp/setup-exim-hidden-service and follow the instructions to get the service up and running. Restart tor and exim when it is done, and test mail delivery using swaks like this:

torsocks swaks --server dutlqrrmjhtfa3vp.onion \
  --to fbx@dutlqrrmjhtfa3vp.onion

This will test the SMTP delivery using tor. Replace the email address with your own address to test your server. :)

The setup procedure is still to complex, and I hope it can be made easier and more automatic. Especially the tor setup need more work. Also, the package include a tor-smtp tool written in C, but its task should probably be rewritten in some script language to make the deb architecture independent. It would probably also make the code easier to review. The tor-smtp tool currently need to listen on a socket for exim to talk to it and is started using xinetd. It would be better if no daemon and no socket is needed. I suspect it is possible to get exim to run a command line tool for delivery instead of talking to a socket, and hope to figure out how in a future version of this system.

Until I wipe my test machine, I can be reached using the fbx@dutlqrrmjhtfa3vp.onion mail address, deliverable over SMTorP. :)

I am happy to report that I on behalf of the Debian Edu team just sent out this announcement:

The Debian Edu Team is pleased to announce the release of Debian Edu
Jessie 8.0+edu0~alpha0

Debian Edu is a complete operating system for schools. Through its
various installation profiles you can install servers, workstations
and laptops which will work together on the school network. With
Debian Edu, the teachers themselves or their technical support can
roll out a complete multi-user multi-machine study environment within
hours or a few days. Debian Edu comes with hundreds of applications
pre-installed, but you can always add more packages from Debian.

For those who want to give Debian Edu Jessie a try, download and
installation instructions are available, including detailed
instructions in the manual[1] explaining the first steps, such as
setting up a network or adding users. Please note that the password
for the user your prompted for during installation must have a length
of at least 5 characters!

 [1] <URL: https://wiki.debian.org/DebianEdu/Documentation/Jessie >

Would you like to give your school's computer a longer life? Are you
tired of sneaker administration, running from computer to computer
reinstalling the operating system? Would you like to administrate all
the computers in your school using only a couple of hours every week?
Check out Debian Edu Jessie!

Skolelinux is used by at least two hundred schools all over the world,
mostly in Germany and Norway.

About Debian Edu and Skolelinux
===============================

Debian Edu, also known as Skolelinux[2], is a Linux distribution based
on Debian providing an out-of-the box environment of a completely
configured school network. Immediately after installation a school
server running all services needed for a school network is set up just
waiting for users and machines being added via GOsa², a comfortable
Web-UI. A netbooting environment is prepared using PXE, so after
initial installation of the main server from CD or USB stick all other
machines can be installed via the network.  The provided school server
provides LDAP database and Kerberos authentication service,
centralized home directories, DHCP server, web proxy and many other
services.  The desktop contains more than 60 educational software
packages[3] and more are available from the Debian archive, and
schools can choose between KDE, Gnome, LXDE, Xfce and MATE desktop
environment.

 [2] <URL: http://www.skolelinux.org/ >
 [3] <URL: http://people.skolelinux.org/pere/blog/Educational_applications_included_in_Debian_Edu___Skolelinux__the_screenshot_collection____.html >

Full release notes and manual
=============================

Below the download URLs there is a list of some of the new features
and bugfixes of Debian Edu 8.0+edu0~alpha0 Codename Jessie. The full
list is part of the manual. (See the feature list in the manual[4] for
the English version.) For some languages manual translations are
available, see the manual translation overview[5].

 [4] <URL: https://wiki.debian.org/DebianEdu/Documentation/Jessie/Features >
 [5] <URL: http://maintainer.skolelinux.org/debian-edu-doc/ >

Where to get it
---------------

To download the multiarch netinstall CD release (624 MiB) you can use

 * ftp://ftp.skolelinux.org/skolelinux-cd/debian-edu-8.0+edu0~alpha0-CD.iso
 * http://ftp.skolelinux.org/skolelinux-cd/debian-edu-8.0+edu0~alpha0-CD.iso
 * rsync -avzP ftp.skolelinux.org::skolelinux-cd/debian-edu-8.0+edu0~alpha0-CD.iso .

The SHA1SUM of this image is: 361188818e036ce67280a572f757de82ebfeb095

New features for Debian Edu 8.0+edu0~alpha0 Codename Jessie released 2014-10-27
===============================================================================


Installation changes
--------------------

 * PXE installation now installs firmware automatically for the hardware present.

Software updates
----------------

Everything which is new in Debian Jessie 8.0, eg:

 * Linux kernel 3.16.x
 * Desktop environments KDE "Plasma" 4.11.12, GNOME 3.14, Xfce 4.10,
   LXDE 0.5.6 and MATE 1.8 (KDE "Plasma" is installed by default; to
   choose one of the others see manual.)
 * the browsers Iceweasel 31 ESR and Chromium 38 
 * !LibreOffice 4.3.3
 * GOsa 2.7.4
 * LTSP 5.5.4
 * CUPS print system 1.7.5
 * new boot framework: systemd
 * Educational toolbox GCompris 14.07 
 * Music creator Rosegarden 14.02
 * Image editor Gimp 2.8.14
 * Virtual stargazer Stellarium 0.13.0
 * golearn 0.9
 * tuxpaint 0.9.22
 * New version of debian-installer from Debian Jessie.
 * Debian Jessie includes about 42000 packages available for
   installation.
 * More information about Debian Jessie 8.0 is provided in the release
   notes[6] and the installation manual[7].

 [6] <URL: http://www.debian.org/releases/jessie/releasenotes >
 [7] <URL: http://www.debian.org/releases/jessie/installmanual >

Fixed bugs
----------

 * Inserting incorrect DNS information in Gosa will no longer break
   DNS completely, but instead stop DNS updates until the incorrect
   information is corrected (Debian bug #710362)
 * and many others.

Documentation and translation updates
------------------------------------- 

 * The Debian Edu Jessie Manual is fully translated to German, French,
   Italian, Danish and Dutch. Partly translated versions exist for
   Norwegian Bokmal and Spanish.

Other changes
-------------

 * Due to new Squid settings, powering off or rebooting the main
   server takes more time.
 * To manage printers localhost:631 has to be used, currently www:631
   doesn't work.

Regressions / known problems
----------------------------

 * Installing LTSP chroot fails with a bug related to eatmydata about
   exim4-config failing to run its postinst (see Debian bug #765694
   and Debian bug #762103).
 * Munin collection is not properly configured on clients (Debian bug
   #764594).  The fix is available in a newer version of munin-node.
 * PXE setup for Main Server and Thin Client Server setup does not
   work when installing on a machine without direct Internet access.
   Will be fixed when Debian bug #766960 is fixed in Jessie.

See the status page[8] for the complete list.

 [8] <URL: https://wiki.debian.org/DebianEdu/Status/Jessie >

How to report bugs
------------------

<URL: http://wiki.debian.org/DebianEdu/HowTo/ReportBugs >

About Debian
============

The Debian Project was founded in 1993 by Ian Murdock to be a truly
free community project. Since then the project has grown to be one of
the largest and most influential open source projects. Thousands of
volunteers from all over the world work together to create and
maintain Debian software. Available in 70 languages, and supporting a
huge range of computer types, Debian calls itself the universal
operating system.

Contact Information
For further information, please visit the Debian web pages[9] or send
mail to press@debian.org.

 [9] <URL: http://www.debian.org/ >

I spent last weekend at Makercon Nordic, a great conference and workshop for makers in Norway and the surrounding countries. I had volunteered on behalf of the Norwegian Unix Users Group (NUUG) to video record the talks, and we had a great and exhausting time recording the entire day, two days in a row. There were only two of us, Hans-Petter and me, and we used the regular video equipment for NUUG, with a dvswitch, a camera and a VGA to DV convert box, and mixed video and slides live.

Hans-Petter did the post-processing, consisting of uploading the around 180 GiB of raw video to Youtube, and the result is now becoming public on the MakerConNordic account. The videos have the license NUUG always use on our recordings, which is Creative Commons Navngivelse-Del på samme vilkår 3.0 Norge. Many great talks available. Check it out! :)

If you ever had to moderate a mailman list, like the ones on alioth.debian.org, you know the web interface is fairly slow to operate. First you visit one web page, enter the moderation password and get a new page shown with a list of all the messages to moderate and various options for each email address. This take a while for every list you moderate, and you need to do it regularly to do a good job as a list moderator. But there is a quick alternative, the listadmin program. It allow you to check lists for new messages to moderate in a fraction of a second. Here is a test run on two lists I recently took over:

% time listadmin xiph
fetching data for pkg-xiph-commits@lists.alioth.debian.org ... nothing in queue
fetching data for pkg-xiph-maint@lists.alioth.debian.org ... nothing in queue

real    0m1.709s
user    0m0.232s
sys     0m0.012s
%

In 1.7 seconds I had checked two mailing lists and confirmed that there are no message in the moderation queue. Every morning I currently moderate 68 mailman lists, and it normally take around two minutes. When I took over the two pkg-xiph lists above a few days ago, there were 400 emails waiting in the moderator queue. It took me less than 15 minutes to process them all using the listadmin program.

If you install the listadmin package from Debian and create a file ~/.listadmin.ini with content like this, the moderation task is a breeze:

username username@example.org
spamlevel 23
default discard
discard_if_reason "Posting restricted to members only. Remove us from your mail list."

password secret
adminurl https://{domain}/mailman/admindb/{list}
mailman-list@lists.example.com

password hidden
other-list@otherserver.example.org

There are other options to set as well. Check the manual page to learn the details.

If you are forced to moderate lists on a mailman installation where the SSL certificate is self signed or not properly signed by a generally accepted signing authority, you can set a environment variable when calling listadmin to disable SSL verification:

PERL_LWP_SSL_VERIFY_HOSTNAME=0 listadmin

If you want to moderate a subset of the lists you take care of, you can provide an argument to the listadmin script like I do in the initial screen dump (the xiph argument). Using an argument, only lists matching the argument string will be processed. This make it quick to accept messages if you notice the moderation request in your email.

Without the listadmin program, I would never be the moderator of 68 mailing lists, as I simply do not have time to spend on that if the process was any slower. The listadmin program have saved me hours of time I could spend elsewhere over the years. It truly is nice free software.

As usual, if you use Bitcoin and want to show your support of my activities, please send Bitcoin donations to my address 15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

Update 2014-10-27: Added missing 'username' statement in configuration example. Also, I've been told that the PERL_LWP_SSL_VERIFY_HOSTNAME=0 setting do not work for everyone. Not sure why.

When PXE installing laptops with Debian, I often run into the problem that the WiFi card require some firmware to work properly. And it has been a pain to fix this using preseeding in Debian. Normally something more is needed. But thanks to my isenkram package and its recent tasksel extension, it has now become easy to do this using simple preseeding.

The isenkram-cli package provide tasksel tasks which will install firmware for the hardware found in the machine (actually, requested by the kernel modules for the hardware). (It can also install user space programs supporting the hardware detected, but that is not the focus of this story.)

To get this working in the default installation, two preeseding values are needed. First, the isenkram-cli package must be installed into the target chroot (aka the hard drive) before tasksel is executed in the pkgsel step of the debian-installer system. This is done by preseeding the base-installer/includes debconf value to include the isenkram-cli package. The package name is next passed to debootstrap for installation. With the isenkram-cli package in place, tasksel will automatically use the isenkram tasks to detect hardware specific packages for the machine being installed and install them, because isenkram-cli contain tasksel tasks.

Second, one need to enable the non-free APT repository, because most firmware unfortunately is non-free. This is done by preseeding the apt-mirror-setup step. This is unfortunate, but for a lot of hardware it is the only option in Debian.

The end result is two lines needed in your preseeding file to get firmware installed automatically by the installer:

base-installer base-installer/includes string isenkram-cli
apt-mirror-setup apt-setup/non-free boolean true

The current version of isenkram-cli in testing/jessie will install both firmware and user space packages when using this method. It also do not work well, so use version 0.15 or later. Installing both firmware and user space packages might give you a bit more than you want, so I decided to split the tasksel task in two, one for firmware and one for user space programs. The firmware task is enabled by default, while the one for user space programs is not. This split is implemented in the package currently in unstable.

If you decide to give this a go, please let me know (via email) how this recipe work for you. :)

So, I bet you are wondering, how can this work. First and foremost, it work because tasksel is modular, and driven by whatever files it find in /usr/lib/tasksel/ and /usr/share/tasksel/. So the isenkram-cli package place two files for tasksel to find. First there is the task description file (/usr/share/tasksel/descs/isenkram.desc):

Task: isenkram-packages
Section: hardware
Description: Hardware specific packages (autodetected by isenkram)
 Based on the detected hardware various hardware specific packages are
 proposed.
Test-new-install: show show
Relevance: 8
Packages: for-current-hardware

Task: isenkram-firmware
Section: hardware
Description: Hardware specific firmware packages (autodetected by isenkram)
 Based on the detected hardware various hardware specific firmware
 packages are proposed.
Test-new-install: mark show
Relevance: 8
Packages: for-current-hardware-firmware

The key parts are Test-new-install which indicate how the task should be handled and the Packages line referencing to a script in /usr/lib/tasksel/packages/. The scripts use other scripts to get a list of packages to install. The for-current-hardware-firmware script look like this to list relevant firmware for the machine:

#!/bin/sh
#
PATH=/usr/sbin:$PATH
export PATH
isenkram-autoinstall-firmware -l

With those two pieces in place, the firmware is installed by tasksel during the normal d-i run. :)

If you want to test what tasksel will install when isenkram-cli is installed, run DEBIAN_PRIORITY=critical tasksel --test --new-install to get the list of packages that tasksel would install.

Debian Edu will be pilots in testing this feature, as isenkram is used there now to install firmware, replacing the earlier scripts.

Today I came across an unexpected Ubuntu boot screen. Above the bread shelf on the ICA shop at Storo in Oslo, the grub menu of Ubuntu with Linux kernel 3.2.0-23 (ie probably version 12.04 LTS) was stuck on a screen normally showing the bread types and prizes:

If it had booted as it was supposed to, I would never had known about this hidden Linux installation. It is interesting what errors can reveal.