Planet Linux Australia

Syndicate content
Planet Linux Australia -
Updated: 5 min 37 sec ago

Peter Hardy: Rostok 3D Printer Build

Thu, 2015-01-29 23:25

I’ve put off starting a 3D printer for a long time, mostly because I couldn’t think of anything particularly useful to do with it. But over the past year or so I’ve run off a few parts, and the list of things I’d like to have has gotten longer. So for my birthday a couple weeks ago, in a fit of delinquent irresponsibility I pulled the trigger on a Rostok Mini delta printer kit from 3d Printer Czar. Took just over a week from order to the delivery arriving, and it’s been taking up most of my free time since Tuesday afternoon.

Part 1: mechanical build

I managed to complete the basic mechanical build in 3–4 hours in one evening. The directions online are a little rough in parts, but mostly pretty thorough. The kit includes most tools needed, which was nice. But a hex key for the M8 bolts on the top belt bearings was missing, and my hands were very glad to have decent-sized pliers.

First minor issue I had was with bolting things to the printed parts. It’s important not to over-tighten these — I managed to crack one part slightly along the print grain tightening it a little too much. I’m not too concerned about it because it has other bolts nearby to take up the strain, but I was much more cautious after that one.

Second was with the two printed parts attached to the hotend. One seemed to warp slightly inserting the hotend, leaving the end tilted slightly to one side. Not really a showstopper, and worst case I’d be able to print a replacement part, possibly with a slightly wider insert for the hotend..

I only had one major problem after the build was finished. The build instructions don’t place anywhere near enough emphasis on how important it is to make sure the carbon fibre delta arms are the same length. Following the directions to the letter I eyeballed the rods to make sure they were about the same length, cut strips from a leftover screw baggie, wrapped them around the lead screws on my u-joints, and jammed them in to the ends of my rods. That left me with a central effector platform that was visibly a few degrees off level. And shortly afterwards I discovered that the rods were also pretty fragile — the u-joints liable to pull out of the rods with too much force.

I suppose this could be improved by packing the lead screws with thicker plastic, and then I’d be able to match the lengths of the rods more carefully by screwing the u-joints in and out. But decided to scrap that idea, and go with a more permanent solution. I’d build a jig to hold the rods in place and glue them.

Part 2: fixing the arms

Yesterday I unscrewed the arms and measured the rods more carefully. Found a good 1.5mm difference between the shortest and longest arms, which in hindsight is pretty ridiculous. With the effector plate in my hand though I was able to realise that the bolts holding it together were still barely finger-tight. Tightening them up held the whole structure together properly and straightened up the hotend nicely.

Building a jig to hold my arms while they were glued was simple enough. I took the length of the longest arm, added 34mm for the two Traxxas 5349 u-joints (they’re 22mm long and 10mm wide, so it seemed logical that the centre of the hole would be 17mm from the end), and an extra mm for luck. From there one could probably bang a couple of nails in to a block of wood and use that to make a series of arms the same length, but I started to overengineer a little. Starting with LibreCAD I quickly drew up a block with six pairs of screw holes the right distance (uh, 187mm for my arms).

This evening I wandered down to Robots and Dinosaurs, a pretty great maker space in Sydney, and used the laser cutter to cut a chunk of 8mm acrylic to shape. Then added longish bolts and fixed them in place to make my jig. Filed the insides of the carbon fibre rods a little, then used extra strong, slow setting Araldite epoxy to glue the u-joints to the rods. Placed the joints on to the rods, fixed them down with another set of nuts, and then looped rubber bands over the ends to make sure everything stayed together.

I gave the glue a few hours to set, then took the arms off and tested them all on the same pair of bolts to make sure I hadn’t done anything too stupid. Not sure why, because I don’t know what I’d do if the arms were different lengths at this point. But they all slid over the bolts with the same amount of play, so I’m pretty confident I’ve got them accurate enough, and right now I’m pretty pleased with how well it worked.

So, next is to leave the arms overnight to fully cure. Tomorrow I’ll reassemble everything then get back to work on the wiring and electronics.

Ben Martin: libferris on osx

Thu, 2015-01-29 22:43
So libferris is now compiled and installed thanks to some of my handy work on Portfiles and macports doing the heavy lifting. I've put the Portfile into the distribution for many of the repositories; ferrisloki, ferrisstreams, stldb4, ferris, fampp2. And moved the source control over to the github --

It's still a bit of a bumpy compile for ferris itself. Using clang instead of gcc, using the different stdc++ lib, the lack of some API calls on osx relative to Linux and the assumptions I'd made that IPC, advising the kernel on IO patterns, memory mapping and again advising on page patterns, would all be available APIs and contants. I have a patch from the compile which I need to feedback into the main libferris repo, making sure it still works fine on Linux too.

So now I can dig into xml files from the command line on osx too. I have to test out the more advanced stuff and the web services. The later use some of the 'Q' magic dust, qjson, qoauth, qtnetwork et al so they should be fairly robust after the port.

I should also update the primary file:// handler in libferris to use some of the osx apis for file monitoring etc to be a friendlier citizen on that platform. But going from no ferris on osx to some ferris is a great first move. A bundle would be the ultimate goal, /Applications/Ferris install in a single drag and drop.

Clinton Roy: clintonroy

Thu, 2015-01-29 20:28

Work. How is it not Friday yet?

Another day, another late leave time after another late finding bug.

I’ve started updating the pycon 2015 landing page, will get that finished for the weekend.

Filed under: diary

Clinton Roy: clintonroy

Thu, 2015-01-29 20:28


Spent a fair chunk of today dealing with the ghost CVE. Although our upstream provided updates, do to the somewhat unique way our machines are installed and configured, the upgrade wasn’t a piece of cake. There’s something about doing security patches that drain all the energy out of me to boot.

I did end up booking some accommodation for my Melbourne trip, centrally located to everyone I want to see.

Filed under: diary

Clinton Roy: clintonroy

Thu, 2015-01-29 20:28

Back to work day.

Not much to report.

I did start a twitter account for Humbug, BrisbaneUnix. yay? :)

I also booked flights for a lightning Melbourne trip, call it a birthday present to myself.

Filed under: diary

David Rowe: SM1000 Part 10 – First Over the Air Tests

Thu, 2015-01-29 16:29

Last night I visited Matt, VK5ZM, with a SM1000 Beta. He configured the SM1000 to interface to his IC706 using the CN12 connector patch socket. This allowed an RJ45 cable from the SM1000 to connect to the RJ45 mic/audio connector on the IC706. A few level adjustments and he was using FreeDV to talk to Andy, VK5AKH on 40m! It all went very smoothly.

Here is Matt in action, using the SM1000 in the hand-held mic configuration. He also tried a Heilsound headset, which also worked well.

Here is the audio received by Andy:

I was monitoring Matt’s FreeDV signal using FT817 and FreeDV on a laptop. I did notice a slope to the spectrum, and a cross shape to the scatter diagram (screenshot below). This suggests some of the carriers are at a lower level than others. This is bad news as these carriers will hit the noise floor sooner, causing bit errors and poor speech quality. I really need to look into this carefully, testing a selection of radios with a carefully crafted test signal to measure the tx transmit spectrum slope and flatness. This may explain why people running Flex Radios and SDRs get consistently good performance with FreeDV.

SM1000 Progress Update

Since the last post Rick has been doing some fine work on the enclosure. My beta PCB works well so we are happy with the electronics and firmware. Once we have checked the next revision of the enclosure we plan to start manufacturing the Beta units after the Chinese New Year holiday. I’ll start taking pre-orders shortly.

BlueHackers: Rat Park drug experiment cartoon – Stuart McMillen comics

Thu, 2015-01-29 13:02

Comic about a classic experiment into drug addiction science: Rat Park.

Would rats choose to take drugs if given a stimulating environment and company?

Read and learn.

Stuart McMillen is an awesome Australian based young artist.

Russell Coker: SE Linux Play Machine Over Tor

Wed, 2015-01-28 18:26

I work on SE Linux to improve security for all computer users. I think that my work has gone reasonably well in that regard in terms of directly improving security of computers and helping developers find and fix certain types of security flaws in apps. But a large part of the security problems we have at the moment are related to subversion of Internet infrastructure. The Tor project is a significant step towards addressing such problems. So to achieve my goals in improving computer security I have to support the Tor project. So I decided to put my latest SE Linux Play Machine online as a Tor hidden service. There is no real need for it to be hidden (for the record it’s in my bedroom), but it’s a learning experience for me and for everyone who logs in.

A Play Machine is what I call a system with root as the guest account with only SE Linux to restrict access.

Running a Hidden Service

A Hidden Service in TOR is just a cryptographically protected address that forwards to a regular TCP port. It’s not difficult to setup and the Tor project has good documentation [1]. For Debian the file to edit is /etc/tor/torrc.

I added the following 3 lines to my torrc to create a hidden service for SSH. I forwarded port 80 for test purposes because web browsers are easier to configure for SOCKS proxying than ssh.

HiddenServiceDir /var/lib/tor/hidden_service/

HiddenServicePort 22

HiddenServicePort 80

Generally when setting up a hidden service you want to avoid using an IP address that gives anything away. So it’s a good idea to run a hidden service on a virtual machine that is well isolated from any public network. My Play machine is hidden in that manner not for secrecy but to prevent it being used for attacking other systems.

SSH over Tor

Howtoforge has a good article on setting up SSH with Tor [2]. That has everything you need for setting up Tor for a regular ssh connection, but the tor-resolve program only works for connecting to services on the public Internet. By design the .onion addresses used by Hidden Services have no mapping to anything that reswemble IP addresses and tor-resolve breaks it. I believe that the fact that tor-resolve breaks thins in this situation is a bug, I have filed Debian bug report #776454 requesting that tor-resolve allow such things to just work [3].

Host *.onion

ProxyCommand connect -5 -S localhost:9050 %h %p

I use the above ssh configuration (which can go in ~/.ssh/config or /etc/ssh/ssh_config) to tell the ssh client how to deal with .onion addresses. I also had to install the connect-proxy package which provides the connect program.

ssh root@zp7zwyd5t3aju57m.onion

The authenticity of host ‘zp7zwyd5t3aju57m.onion ()

ECDSA key fingerprint is 3c:17:2f:7b:e2:f6:c0:c2:66:f5:c9:ab:4e:02:45:74.

Are you sure you want to continue connecting (yes/no)?

I now get the above message when I connect, the ssh developers have dealt with connecting via a proxy that doesn’t have an IP address.

Also see the general information page about my Play Machine, that information page has the root password [4].

Related posts:

  1. Trust and My SE Linux Play Machine When discussing the machine there are two common comments I...
  2. New SE Linux Play Machine Online After over a year I have finally got a SE...
  3. Play Machine Online Again I have returned from the US and my SE Linux...

Francois Marier: Using unattended-upgrades on Rackspace's Debian and Ubuntu servers

Tue, 2015-01-27 20:47

I install the unattended-upgrades package on almost all of my Debian and Ubuntu servers in order to ensure that security updates are automatically applied. It works quite well except that I still need to login manually to upgrade my Rackspace servers whenever a new rackspace-monitoring-agent is released because it comes from a separate repository that's not covered by unattended-upgrades.

It turns out that unattended-upgrades can be configured to automatically upgrade packages outside of the standard security repositories but it's not very well documented and the few relevant answers you can find online are still using the old whitelist syntax.

Initial setup

The first thing to do is to install the package if it's not already done:

apt-get install unattended-upgrades

and to answer yes to the automatic stable update question.

If you don't see the question (because your debconf threshold is too low -- change it with dpkg-reconfigure debconf), you can always trigger the question manually:

dpkg-reconfigure -plow unattended-upgrades

Once you've got that installed, the configuration file you need to look at is /etc/apt/apt.conf.d/50unattended-upgrades.

Whitelist matching criteria

Looking at the unattended-upgrades source code, I found the list of things that can be used to match on in the whitelist:

  • origin (shortcut: o)
  • label (shortcut: l)
  • archive (shortcut: a)
  • suite (which is the same as archive)
  • component (shortcut: c)
  • site (no shortcut)

You can find the value for each of these fields in the appropriate _Release file under /var/lib/apt/lists/.

Note that the value of site is the hostname of the package repository, also present in the first part these *_Release filenames ( in the example below).

In my case, I was looking at the following inside /var/lib/apt/lists/stable.packages.cloudmonitoring.rackspace.com_debian-wheezy-x86%5f64_dists_cloudmonitoring_Release:

Origin: Rackspace Codename: cloudmonitoring Date: Fri, 23 Jan 2015 18:58:49 UTC Architectures: i386 amd64 Components: main ...

which means that, in addition to site, the only things I could match on were origin and component since there are no Suite or Label fields in the Release file.

This is the line I ended up adding to my /etc/apt/apt.conf.d/50unattended-upgrades:

Unattended-Upgrade::Origins-Pattern { // Archive or Suite based matching: // Note that this will silently match a different release after // migration to the specified archive (e.g. testing becomes the // new stable). // "o=Debian,a=stable"; // "o=Debian,a=stable-updates"; // "o=Debian,a=proposed-updates"; "origin=Debian,archive=stable,label=Debian-Security"; "origin=Debian,archive=oldstable,label=Debian-Security"; + "origin=Rackspace,component=main"; }; Testing

To ensure that the config is right and that unattended-upgrades will pick up rackspace-monitoring-agent the next time it runs, I used:

unattended-upgrade --dry-run --debug

which should output something like this:

Initial blacklisted packages: Starting unattended upgrades script Allowed origins are: ['origin=Debian,archive=stable,label=Debian-Security', 'origin=Debian,archive=oldstable,label=Debian-Security', 'origin=Rackspace,component=main'] Checking: rackspace-monitoring-agent (["<Origin component:'main' archive:'' origin:'Rackspace' label:'' site:'' isTrusted:True>"]) pkgs that look like they should be upgraded: rackspace-monitoring-agent ... Option --dry-run given, *not* performing real actions Packages that are upgraded: rackspace-monitoring-agent Making sure that automatic updates are happening

In order to make sure that all of this is working and that updates are actually happening, I always install apticron on all of the servers I maintain. It runs once a day and emails me a list of packages that need to be updated and it keeps doing that until the system is fully up-to-date.

The only thing missing from this is getting a reminder whenever a package update (usually the kernel) requires a reboot to take effect. That's where the update-notifier-common package comes in.

Because that package will add a hook that will create the /var/run/reboot-required file whenever a kernel update has been installed, all you need to do is create a cronjob like this in /etc/cron.daily/reboot-required:

#!/bin/sh cat /var/run/reboot-required 2> /dev/null || true

assuming of course that you are already receiving emails sent to the root user (if not, add the appropriate alias in /etc/aliases and run newaliases).

Andrew McDonnell: 2015 catchup #1

Mon, 2015-01-26 21:27

At the conference in Auckland I had two presentations.

For the first time I managed to get a main conference talk accepted, actually it was a tutorial which goes for 90 minutes! It was a bit daunting beforehand, but after I finished, I realised I prefer the tutorial format over having to deliver a talk. I enjoy the interaction with the audience and the sharing of knowledge, and also not being the sole focus (and not having to remember exactly what to say so much!)

My tutorial was on Reverse Engineering with Radare2; the video (Youtube) and slides are linked from the conference presentation, and have the slides up on my personal landing page as well. Thanks to James for helping with a final practice run, its always good to have a typical candidate audience perspective beforehand.

I also did a shorter talk at the Open Hardware mini-conference, on hardening embedded Linux, using OpenWRT on devices like the carambola2 as an example. The video of the mini-conferences is a bit less polished due to resourcing, here I am on about 2/3 the way through. I was somewhat more flustered in my delivery due to late changes to some slides (see earlier blog article) and a problem with my laptop deciding to have thermal issues an hour before the talk. I managed to resolve these (thanks AndyK for your help!) but it put me off my mojo a bit unfortunately. The live demo I was quite happy with, it worked without issue, so perhaps the demo gods were appeased by my earlier mishaps… The final slides are here.

Tim Serong: A Brief Exercise in Shameless Self Promotion

Mon, 2015-01-26 19:28

At the other week, a friend asked if I’d ever considered a career writing a web comic. I forget exactly how it came up, but it might have had something to do with the STONTIH Deathmatch t-shirt I was wearing at the time, or may have been due to someone mentioning the talk Florian Haas and I gave at LCA 2011 with the live cartooning.

Anyway, the answer was “no, not really”, largely because I sincerely enjoy my gig at SUSE (we’re hiring ATM, BTW), but also partly because I honestly don’t come up with enough interesting stuff often enough, and consider it unlikely I’ll ever make a living off it. Still, I have put a handful of bits and pieces up on Redbubble over the last few years, so I thought I’d engage in a bit of narcissism and promote it shamelessly and obviously. In chronological order then, from oldest to newest, I have produced:

Michael Still: First jog, and a walk to Los Altos

Mon, 2015-01-26 15:28
Today was a busy day, not only did I foolishly go for a jog 5 minutes after sunrise...

Interactive map for this route. ...but then I went for a walk with James in the afternoon as well.

Interactive map for this route. Let's just say my fitbit is very impressed with me.

Tags for this post: blog walk california running

Related posts: Walking to work; Did I mention it's hot here?; Summing up Santa Monica; Noisy neighbours at Central Park in Mountain View; So, how am I getting to the US?; VTA station for the Santa Clara Convention Center


Clinton Roy: clintonroy

Mon, 2015-01-26 14:27

Notwork, due to Australia day. Spending an inordinate amount of time trying to find some aircon so I don’t sweat all day long. I did get to pre-poll vote in the morning, so not all aircon hunting time was wasted.

My headphones have died in one ear, time for another set of consumables. The wirleless in the library is hopeless. This combination is making me very unproductive at both tasks I set myself for today.

Filed under: Uncategorized

Michael Still: A walk in the San Mateo historic red woods

Mon, 2015-01-26 01:28
James, Tony and I went for a little post long haul flight walk this afternoon in some red woods. Very nice.


Interactive map for this route.

Tags for this post: blog pictures 20150124-san_mateo photo california bushwalk sunset

Related posts: First jog, and a walk to Los Altos; Did I mention it's hot here?; Big Monks; Summing up Santa Monica; Geocaching; Confessions of a middle aged orienteering marker


Sridhar Dhanapalan: Twitter posts: 2015-01-19 to 2015-01-25

Mon, 2015-01-26 00:27

Clinton Roy: clintonroy

Sun, 2015-01-25 15:27

Finished the Learning to Learn MOOC course. I missed a few of the deadlines due to lca2015, so I’m not not bothering to do the written parts, which does make me feel rather like I haven’t finished the course. It’ll be interesting to see if I can apply the techniques going forward. I’m pretty sure I’ll chase up their book at some point as well.

Filed under: diary

Craige McWhirter: Craige McWhirter: A Little Vim Hack For Go

Sat, 2015-01-24 20:28

After LCA2015 I've starting playing with Go (I blame Sven Dowideit). If you already use VIM-YouCompleteMe) then you should be right for most things Go. However I tinker in a few languages and you'll never guess that they have different rules around style and formatting of code.

Go is one out for me requiring settings unique to Go among the languages I tinker in. I made the below changes to my ~/.vimrc to suit Go:

function! GoSettings() set tabstop=7 set shiftwidth=7 set noexpandtab endfunction autocmd BufNewFile,BufFilePre,BufRead *.go :call GoSettings()

Now when I edit a file with the .go extension, my Vim session will be formatting the file correctly from the start.

You can also configure Vim to run gofmt but I preferred this approach.

Clinton Roy: clintonroy

Sat, 2015-01-24 16:27

Caught up with a friend in the morning.

Booked the local bowling place for my birthday celebration.

Caught up on the ‘learning to learn’ mooc. I’ve missed the deadline on the quiz and the written material, but I’m continuing through with everything else. I should be able to get through the final week of content tomorrow.

Watching more LCA2015 videos.

Filed under: diary

Clinton Roy: clintonroy

Sat, 2015-01-24 16:27


A very wet day, I was drenched only about fifty metres from home.

Watching and noting on more lca2015 videos.

Filed under: diary

Clinton Roy: clintonroy

Sat, 2015-01-24 16:27


Finished typing up my hand written LCA2015 notes into the humbug wiki. I’ve now started the videos of the talks that I’ve missed.

Went and saw the move “Birdman” and I felt like I was back at BIFF, what a lovely little film, that covers a range of themes, without being complicated.

Home at midnight though, which made for a short night’s sleep.

Filed under: diary