Generated.

[homepage.git] / blog / index.html

diff --git a/blog/index.html b/blog/index.html
index c6a6e99b8fc94e9f082cea7f8f6206f77876d5d0..268cb064b6dcc69675012a5fc0665c74ddd9980f 100644 (file)
--- a/blog/index.html
+++ b/blog/index.html
@@ -19,6 +19,62 @@
 
 
     
 
 
     

+    <div class="entry">
+      <div class="title"><a href="https://people.skolelinux.org/pere/blog/OpenSnitch_available_in_Debian_Sid_and_Bookworm.html">OpenSnitch available in Debian Sid and Bookworm</a></div>
+      <div class="date">25th February 2023</div>
+      <div class="body"><p>Thanks to the efforts of the OpenSnitch lead developer Gustavo
+Iñiguez Goya allowing me to sponsor the upload,
+<a href="https://tracker.debian.org/pkg/opensnitch">the interactive
+application firewall OpenSnitch</a> is now available in Debian
+Testing, soon to become the next stable release of Debian.</p>
+
+<p>This is a package which set up a network firewall on one or more
+machines, which is controlled by a graphical user interface that will
+ask the user if a program should be allowed to connect to the local
+network or the Internet.  If some background daemon is trying to dial
+home, it can be blocked from doing so with a simple mouse click, or by
+default simply by not doing anything when the GUI question dialog pop
+up.  A list of all programs discovered using the network is provided
+in the GUI, giving the user an overview of how the machine(s) programs
+use the network.</p>
+
+<p>OpenSnitch was uploaded for NEW processing about a month ago, and I
+had little hope of it getting accepted and shaping up in time for the
+package freeze, but the Debian ftpmasters proved to be amazingly quick
+at checking out the package and it was accepted into the archive about
+week after the first upload.  It is now team maintained under the Go
+language team umbrella.  A few fixes to the default setup is only in
+Sid, and should migrate to Testing/Bookworm in a week.</p>
+
+<p>During testing I ran into an
+<a href="https://github.com/evilsocket/opensnitch/issues/813">issue
+with Minecraft server broadcasts disappearing</a>, which was quickly
+resolved by the developer with a patch and a proposed configuration
+change.  I've been told this was caused by the Debian packages default
+use if /proc/ information to track down kernel status, instead of the
+newer eBPF module that can be used.  The reason is simply that
+upstream and I have failed to find a way to build the eBPF modules for
+OpenSnitch without a complete configured Linux kernel source tree,
+which as far as we can tell is unavailable as a build dependency in
+Debian.  We tried unsuccessfully so far to use the kernel-headers
+package.  It would be great if someone could provide some clues how to
+build eBPF modules on build daemons in Debian, possibly without the full
+kernel source.</p>
+ 
+<p>As usual, if you use Bitcoin and want to show your support of my
+activities, please send Bitcoin donations to my address
+<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
+</div>
+      <div class="tags">
+        
+        
+        Tags: <a href="https://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="https://people.skolelinux.org/pere/blog/tags/english">english</a>. 
+        
+        
+      </div>
+    </div>
+    <div class="padding"></div>
+    

     <div class="entry">
       <div class="title"><a href="https://people.skolelinux.org/pere/blog/Is_the_desktop_recommending_your_program_for_opening_its_files_.html">Is the desktop recommending your program for opening its files?</a></div>
       <div class="date">29th January 2023</div>
     <div class="entry">
       <div class="title"><a href="https://people.skolelinux.org/pere/blog/Is_the_desktop_recommending_your_program_for_opening_its_files_.html">Is the desktop recommending your program for opening its files?</a></div>
       <div class="date">29th January 2023</div>


@@ -689,43 +745,6 @@ activities, please send Bitcoin donations to my address
     </div>
     <div class="padding"></div>
     
     </div>
     <div class="padding"></div>
     

-    <div class="entry">
-      <div class="title"><a href="https://people.skolelinux.org/pere/blog/geteltorito_make_CD_firmware_upgrades_a_breeze.html">geteltorito make CD firmware upgrades a breeze</a></div>
-      <div class="date">20th April 2022</div>
-      <div class="body"><p>Recently I wanted to upgrade the firmware of my thinkpad, and
-located the firmware download page from Lenovo (which annoyingly do
-not allow access via Tor, forcing me to hand them more personal
-information that I would like).  The
-<a href="https://support.lenovo.com/no/en/search?query=thinkpad firmware bios upgrade iso&SearchType=Customer search&searchLocation=Masthead">download
-from Lenovo</a> is a bootable ISO image, which is a bit of a problem
-when all I got available is a USB memory stick.  I tried booting the
-ISO as a USB stick, but this did not work.  But genisoimage came to
-the rescue.</p>
-
-<P>The geteltorito program in
-<a href="http://tracker.debian.org/cdrkit">the genisoimage binary
-package</a> is able to convert the bootable ISO image to a bootable
-USB stick using a simple command line recipe, which I then can write
-to the most recently inserted USB stick:</p>
-
-<blockquote><pre>
-geteltorito -o usbstick.img lenovo-firmware.iso
-sudo dd bs=10M if=usbstick.img of=$(ls -tr /dev/sd?|tail -1)
-</pre></blockquote>
-
-<p>This USB stick booted the firmware upgrader just fine, and in a few
-minutes my machine had the latest and greatest BIOS firmware in place.</p>
-</div>
-      <div class="tags">
-        
-        
-        Tags: <a href="https://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="https://people.skolelinux.org/pere/blog/tags/english">english</a>. 
-        
-        
-      </div>
-    </div>
-    <div class="padding"></div>
-    

     <p style="text-align: right;"><a href="index.rss"><img src="https://people.skolelinux.org/pere/blog/xml.gif" alt="RSS feed" width="36" height="14" /></a></p>
     <div id="sidebar">
       
     <p style="text-align: right;"><a href="index.rss"><img src="https://people.skolelinux.org/pere/blog/xml.gif" alt="RSS feed" width="36" height="14" /></a></p>
     <div id="sidebar">
       


@@ -739,6 +758,8 @@ minutes my machine had the latest and greatest BIOS firmware in place.</p>
 
 <li><a href="https://people.skolelinux.org/pere/blog/archive/2023/01/">January (3)</a></li>
 
 
 <li><a href="https://people.skolelinux.org/pere/blog/archive/2023/01/">January (3)</a></li>
 

+<li><a href="https://people.skolelinux.org/pere/blog/archive/2023/02/">February (1)</a></li>
+

 </ul></li>
 
 <li>2022
 </ul></li>
 
 <li>2022


@@ -1153,7 +1174,7 @@ minutes my machine had the latest and greatest BIOS firmware in place.</p>
 
  <li><a href="https://people.skolelinux.org/pere/blog/tags/chrpath">chrpath (2)</a></li>
 
 
  <li><a href="https://people.skolelinux.org/pere/blog/tags/chrpath">chrpath (2)</a></li>
 

- <li><a href="https://people.skolelinux.org/pere/blog/tags/debian">debian (187)</a></li>
+ <li><a href="https://people.skolelinux.org/pere/blog/tags/debian">debian (188)</a></li>

 
  <li><a href="https://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (159)</a></li>
 
 
  <li><a href="https://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (159)</a></li>
 


@@ -1167,7 +1188,7 @@ minutes my machine had the latest and greatest BIOS firmware in place.</p>
 
  <li><a href="https://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>
 
 
  <li><a href="https://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>
 

- <li><a href="https://people.skolelinux.org/pere/blog/tags/english">english (443)</a></li>
+ <li><a href="https://people.skolelinux.org/pere/blog/tags/english">english (444)</a></li>

 
  <li><a href="https://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (23)</a></li>
 
 
  <li><a href="https://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (23)</a></li>