Planet Linux Australia

Syndicate content
Planet Linux Australia - http://planet.linux.org.au
Updated: 25 min 46 sec ago

Trent Lloyd: Feel Like Home (feat. Styles Of Beyond) - Fort Minor

Mon, 2014-08-25 01:25
Well, I made it through my first day in Melbourne for linux.conf.au 2008



Due to horrible travel planning, I arrived in Melbourne at 6am but was unable to check-in to Trinity College until 1PM. Thus I had to wast a couple hours then met some of the organisers and helped shuffle boxes of conference bags out of one room, into cars to then be unpacked down at the venue.



Following that I spent some time folding up t-shirts and finally I was able to register and check in at the college.



Having taken the midnight flight over, I hadn't slept and so I carked it from 4PM to 8PM. This is going to really throw my sleeping out! But oh well..



Following on from my lazing, I located the Trinity common area, with semi-working wireless (some rogue client is handing out DHCP leases that are useless, so you have to refresh 30 times)



So far I have ran into lots of people I know from work and past LCAs.. I'll certainly miss some but they include.. Stuart Young, Stuart Smith, Colin Charles, Giuseppe Maxia, James Iseppi, Arjen Lentz, Joel Stanley, Leon Brooks, Donna Benjamin, Daniel Stone, Grant Diffey, Michael Kedzierski(sp?), Ryan Verner, Tim Ansell.. there are a few people who escape me at the moment!



As wireless is only available in the common area, my 2GB of 3G data with three is certainly proving helpful :)



Until tomorrow... (or well, today)

Trent Lloyd: Veronicas - Hook Me Up

Mon, 2014-08-25 01:25
Heading off shortly to Linux.conf.au 2008 in Melbourne, Victoria.



I've got the red-eye, so I'll be landing in at 6AM Melbourne time - for any other LCAers i'll be staying at the Trinity college.



I'm giving a talk at the MySQL Mini-conf @ 1:30PM on Tuesday - it will be about my experiences as a MySQL Support Engineer and the common sorts of problems that people run into and how to avoid them!



Should be a good week for the conference, and maybe I can lose^H^H^H^Hwin a few dollars at the Crown with my handy dandy poker skills :)



Anyone up for a game? Unfortunately I've misplaced my small, portable and travel-friendly chipset - I really must find that.

Trent Lloyd: Anika-Robert Picardo-Extreme Bob-More Parodies, Travesties & Anomalies

Mon, 2014-08-25 01:25
Thanks to work, I spent this week in Cupertino, CA. Having never been anywhere in the USA before, it was somewhat exciting to be staying literally up the road from the Apple Campus.





Me @ 1 Infinite Loop



I was also able to goto Google in Mountain View, to attend the Silicon Valley MySQL Users Group at the Visitors Center. Unfortunately I didn't come accross any large google logos to take my photo with, but I did find building number 42







I also spotted the offices of Symantec, Trend Micro, Packeteer, Solid, Microsoft, Borland and MySQL (Surprise!) along the way. Certainly "exciting" for someone thats never been to the bay area.



I had hoped to make it up to San Francisco, and do a little site-seeing of the Golden Gate Bridge and some other stuff, but was too tired to do it this afternoon, and I am attending BarCampBlock today in Palo Alto from early until I fly out tonight - so unfortunately I am going to miss out this trip. Hopefully work will send me back this way again sometime next year.

Trent Lloyd: GUADEC 2007

Mon, 2014-08-25 01:25
So, thanks to GUADEC 2007 kindly accepting my talk & paying for my travel expenses, and I had a good time.



I think my Avahi talk went well... we had a good 15+ minute talk about future possibilities, which is what I was hoping.

Lennart's Pulseaudio talk was also very good, it has advanced quite some since his talk @ LCA so it's good to see progress.



I got to meet Sjoerd, and generally the entire Collabora team which was pretty cool - I've fixed some bugs in Avahi so they can progress with the Salut support for OLPC which is good.



I have uploaded my photo collection to flickr, so you can check them out here.



Heres some of my favourites..



I managed to crash the in-flight entertainment system, apparently it uses svgalib..





I love these power transformers that point out all sides, as much as I'm sure they are safe, it just irk's me slightly ;)





Primitive mapping technology...





Walkabout - the Australian Bar - Dude in a kangaroo suit





Me with an iFailPhone





Dress code... no football tops.... exceed england.





www.wtfisthisgame.com





All in all, it was a good trip :)

Trent Lloyd: Weird Al Yankovic - Pancreas

Mon, 2014-08-25 01:25
Just over 18 months ago, I started working at HostAway, initially starting out doing some casual 2-week phone support they needed at the time, my role became permanent and I quickly expanded into both Network & Systems Administration (while still doing a lot of day to day customer support, small organizations tend to demand wider skill ranges :)



None the less I felt, for various reasons, it was time to move on.  As such, I have just completed my first week working MySQL AB as a Support Engineer.



The job is home based, and I am currently working the hours of 5AM-1PM local time.  Now you may think "wow, you're crazy" for working those hours, but I have discovered that so far I am actually quite enjoying it, I feel I am getting a lot more out of my day at the moment because I seem more awake longer, getting up earlier in the day (Usually about 4:30AM).



I do have the option to start working at 7AM on most days, and given I have no travel time this doesn't put me very far behind a "normal" job as far as messing up the daily schedule.



Being a free software 'person', working for a company with heavy involvement in the free software world is pretty exciting for me.  I guess time will tell how it goes, but if this week is anything to go by I think I should be happy in the long term.



In other news, I have discovered that listening to Weird Al Yankovic continually is horrible for your sanity, mostly because he picks alot of very catchy songs to parody, which proceed to persistently circle around inside my head for the next week...

Trent Lloyd: The bird that really likes my carport..

Mon, 2014-08-25 01:25
So yesterday I came home to this bird, in my carport







From some googling I *think* it is a pigeon, maybe a dove, but I didnt' check very hard, so I'm far from even moderately sure :)  The tag on it's foot says "AUST 2006" and some other stuff I couldn't make out.



It was there all yesterday afternoon, I managed to get quite close to take the above photo, but it did flinch when I tried to get any closer.



This morning, it was still there, and this afternoon when I go thome, it was still there although now its finding its way around the floor.



I do wonder why it likes my carport so much, It doesn't *seem* hurt, and it managed to get up here





So I assume that it can fly somewhat, I guess I'll wait and see if it's there tomorrow... If anyone knows anything feel free to leave a comment :)



I turned on the sprinklers and it was right at the very edge of the big double door out to the world drinking the water splashing in, so it's not stuck in or anything.



Weird!

Trent Lloyd: Green Day - Boulevard of Broken Dreams

Mon, 2014-08-25 01:25
[for the freedom lovers out there, this it totally and completely unrelated to anything freedom :)]



how the hell did I just lose the following poker hand



I pull pocket sixes, and then flop Ace-6-Ace, i.e. 6's full of Ace's full house, after some serious betting and deceiving I go all in.



HAND



(my hand, circled in black - 6H, 6C, 6S, AH, AS, opponents hand - circled in Red, AH, AD, AH, AS, 6S)

He beat me with 4 of a kind aces.



Opponent Before:





Opponent After:





Note the completely evil look on his face! A conspiracy I tell you...



This after a long string of really stupid pair and occasionally two-pair wins, sheesh!

Trent Lloyd: GNOME in Jericho

Mon, 2014-08-25 01:25
Watching Jericho S01E14, noticed this...







Looks suspiciously like GNOME 1.4 to me :)

Trent Lloyd: Avahi Scalability: "Is it good or is it bad?"

Mon, 2014-08-25 01:25
Lennart rightfully pointed out that I didn't really make any conclusion as to the results of my little test, the reason for this is really, "I'm not sure"



Certainly, It seems to be OK, the number of transmitted packets by my rough calculation, make sense, I would be interested to see what the realistic practical throughput of multicast on wireless is when you have many hosts transmitting at once, I know in 802.11b multicast is transmitted at "basic rate" of 1 or 2 mbit (or so I beleive), I'm not sure if 802.11g changes this.



My generally quick gut feeling is "I think this would work" (on wireless), I have no doubt this is fine on a wired network.



More testing to be done...

Trent Lloyd: Some random non-scientific Avahi "scaling" figures

Mon, 2014-08-25 01:25
Talking to sjoerd and others on IRC, (for the benefit of the OLPC project), I decided to attempt to get some kind of an idea of the amount of traffic Avahi generates on a large network.



I booted up 80 UMLs, running 2.6.20.2, on my AMD Athlon64 X2 4200+ (O/C to 2.5GHz per core), with 2GB of ram.



Each was running with 16M ram, a base debian etch install with Avahi 0.6.16.



Interestingly with 80 VMs running my memory usage looked like this:

Mem: 2076124k total, 2012064k used, 64060k free, 18436k buffers

Swap: 996020k total, 8k used, 996012k free, 1476504k cached






I configured a 'UML Switch' with a tap device on the host attached (tun1) and told each VM to come up and use avahi-autoipd to obtain a link-local IP.



I had each VM set to advertise 3 services, via the static service advertisement files



  • _olpc_presence._tcp
  • _activity._tcp (subtype _RSSActivity._sub._activity._tcp)
  • _activity._tcp (subtype _WebActivity._sub._activity._tcp)


plus it was configured with Avahi defaults so it would announce a workstation service (the default 'ssh' service was however NOT present) and the magic services that indicate what kind of services are being announced



So I started Wireshark and IPTRAF and started booting 80 VMs, at a pace of 1 every 10 seconds, after roughly 10-15 minutes the following numbers of packets were seen on the host tun1 interface



704 UDP (56.3%)

390 ARP (21.2%)

156 OTHER (12.5%)




The ARPs are for avahi-autoipd and the UDP packets are for avahi-daemon to speak mDNS, iptraf reported



Incoming Bytes: 417,391



I then gave my local machine an IP which bumped the packet count to 712, 395 and 157.



I then started 'avahi-browse _activity._tcp', this would result in 2 services from each machine being returned, following that tidying up the packet count was at



935 UDP

Incoming Bytes: 496,901

Outgoing Bytes: 28,787 (30 packets according to iptraf)




Now this *really* gave me machine a heart attack, as many 'linux' processes we're eating 20% CPU as possible, and took a good 10+ seconds for my machine to start responding again, I suspect if i was running the SKAS3 patch it might be a little less harsh.



I then after cancelling that, run avahi-browse -r _activity._tcp which causes Avahi to resolve each of the services, following that run



UDP 1287

Incoming Bytes: 570,000 packets 1384

Outgoing Bytes: 185,000 packets 227




In this case most of the services were cached and I just had to resolve each one.



I forgot to watch for traffic counts, so I re-ran the above test and iptraf claimed 165kbits/second at peak for 1 5 second interval. In this time I noticed a bunch of the service resolution queries timed out, I suspect this may have to do with it causing my machine to lock hard for a bit while it does it's magic... ;)



So that's the end of my very simple basic run of basically doing some real (rather than theoretical) tests of the number of packets seen flying around with 80 hosts on a network with Avahi with a few services, and the impact of people running a browse/resolve on a popular service type.



I'm going to try comandeer some more hardware to run some faster tests and collect some more useful data.

Trent Lloyd: �X��(�

Mon, 2014-08-25 01:25
So I was fiddling around with my new phone (Sony Ericcson k800i) and I noticed I could play videos as a ringtone, I was interesting how that worked...



So I downloaded a Music Video of "The Veronicas - When it all falls apart" from the Three Music store, which is at a cost of $3.00 (Which, BTW, came down at 30K/s, not bad for mobile data...)



Once my phone had downloaded it, I had two options "View" (which works fine) and the other was "Ringtone", having selected this the phone stated "This video is restricted against that kind of use"



Sigh.



I wonder what three would say if I asked for a refund ;)

Trent Lloyd: DOA - Dead or Alive (The Movie): Featuring: Partial linux source

Mon, 2014-08-25 01:25
I was watching the movie "Dead or Alive" this afternoon, and I was curious to see the source code scrolling past was from the linux kernel







Interestingly they have blotched out bits and pieces, notably the copyright declaration. They also appear to lack the ability to render tabs.



You can compare to arch/alpha/kernel/err_impl.h (taken from Ubuntu's linux-source-2.6.19), I'll include the excerpt pictured above here:





*

* linux/arch/alpha/kernel/err_impl.h

*

* Copyright (C) 2000 Jeff Wiedemeier (Compaq Computer Corporation)

*

* Contains declarations and macros to support Alpha error handling

* implementations.

*/



union el_timestamp;

struct el_subpacket;

struct ev7_lf_subpackets;



struct el_subpacket_annotation {

struct el_subpacket_annotation *next;

u16 class;

u16 type;

u16 revision;

char *description;

char **annotation;

};





I'm not sure how legal or anything this is, but interesting none the less...

Sridhar Dhanapalan: Twitter posts: 2014-08-18 to 2014-08-24

Mon, 2014-08-25 00:27

Chris Smart: Creating certs and keys for services using FreeIPA (Dogtag)

Sun, 2014-08-24 19:28

The default installation of FreeIPA includes the Dogtag certificate management system, a Certificate Authority for your network. It manages expiration of certificates and can automatically renew them. Any client machines on your network will trust the services you provide (you may need to import the IPA CA cert).

There are a number of ways to make certificates. You can generate a certificate signing request or you can have Dogtag manage the whole process for you. You can also create individual cert and key files or put them into a nss database. My preferred method is to use individual files and have Dogtag do the work for me.

If you so desire, you can join your servers to the realm in just the same manner as a desktop client. However, even if they are not joined to the realm you can still create certs for them! You will need to run a few additional steps though, namely creating DNS records and adding the machine manually.

Let’s create a certificate for a web server on www.test.lan (192.168.0.100) which is has not joined our realm.

SSH onto your IPA server and get a kerberos ticket.

[user@machine ~]# ssh root@ipa-server.test.lan

[root@ipa-server ~]# kinit admin

If the host is not already in the realm, create DNS entries and add the host.

[root@ipa-server ~]# ipa dnsrecord-add test.lan www --a-rec 192.168.0.100

[root@ipa-server ~]# ipa dnsrecord-add 0.168.192.in-addr.arpa. 100 --ptr-rec www.test.lan.

[root@ipa-server ~]# ipa host-add www.test.lan

Add a web service for the www machine.

[root@ipa-server ~]# ipa service-add HTTP/www.test.lan

Only the target machine can create a certificate (IPA uses the host kerberos ticket) by default, so to be able to create the certificate on your IPA server you need to allow it to manage the web service for the www host.

[root@ipa-server ~]# ipa service-add-host --hosts=ipa-server.test.lan HTTP/www.test.lan

Now create the cert and key.

[root@ipa-server ~]# ipa-getcert request -r -f /etc/pki/tls/certs/www.test.lan.crt -k

/etc/pki/tls/private/www.test.lan.key -N CN=www.test.lan -D

www.test.lan -K HTTP/www.test.lan

Now copy that key and certificate to your web server host and configure apache as required.

[root@ipa-server ~]# rsync -P /etc/pki/tls/certs/www.test.lan.crt /etc/pki/tls/private/www.test.lan.key root@www.test.lan:

You can also easily delete keys so that they aren’t tracked and renewed any more, first get the request id.

[root@ipa-server ~]# ipa-getcert list

Take note of the id for the certificate you want to delete.

[root@ipa-server ~]# getcert stop-tracking -i [request id]

A CRL (certificate revocation list) is automatically maintained and published on the IPA server at ​https://ipa-server.test.lan/ipa/crl/MasterCRL.bin

Andrew McDonnell: Raspberry Pi Virtual Machine Automation

Sat, 2014-08-23 20:27
Several months ago now I was doing some development for Raspberry Pi. I guess that shows how busy with life things have been. (I have a backlog of lots of things I would like to blog about that didn’t get blogged yet, pardon my grammar!) Now the Pi runs on an SD card and it […]

linux.conf.au News: Papers Committee weekend - who will be presenting at LCAuckland

Sat, 2014-08-23 19:28

This weekend is the Papers Committee weekend, and Steven (Ellis) is now on his way over to Sydney to join our revered Papers Committee for a fun-packed weekend deciding which of the many submitted presentations to chose from for our conference next year.

It’s a very important job, crucial, even! I don't envy them, trying to foresee what is going to be at the top of everyone’s must-see list, predicting what will be trending in 6 month’s time, and what will have died a sad, lonely death or sputtered out after a brief burst of glory in the meantime.

Then there’s the programme... Who fits together? Who shouldn’t be opposite whom? And on it goes. It will be hard work! After speaking with the Chairs of the committee (Michael Davies and Michael Still) we've learned that this is traditionally a passionately fought process with each and every person focussed intently on ensuring that our delegates have access to the best presentations currently and soon-to-be available.

“The Michaels” know the conference and its audience and the rest of the committee is made up of past organisers, some FOSS celebrities and past presenters - most of whom have done this job many times now. Steve has been sent with some strict instructions about the presentations our team wants to see and the format of the conference itself that has some new, exciting ideas.

To those in the Papers Committee gathering together this weekend to make these important decisions - we wish you all a safe journey there and back again, and we say Stand Your Ground!

To those of you who have submitted a presentation we say "Good Luck - you are all wonderful in our eyes!

All the best

The LCA 2015 team

David Rowe: Do Anti-Depressants work?

Sat, 2014-08-23 16:29

In the middle of 2013 I had a nasty bout of depression and was prescribed anti-depressant drugs. Although undiagnosed, I think I may have suffered low level depression for a few years, but had avoided anti-depressants and indeed other treatment for a couple of reasons:

  • I am a man, and men are bad at looking after their own health.
  • The stigma around mental health. It’s tough to face it and do something about it. Consider how you react to these two statements “I broke my leg and took 6 months to recover”, and ” I broke my mind and took 6 months to recover”.
  • The opinion of people influential in my life at that time. My GP friend Michael presented a statistic that anti-depressants were only marginally better that placebos (75% versus 70%) in treating depression. I was also in a close relationship with a person who held an “all drugs are bad”, anti-western medicine mentality. At the time I lacked the confidence to make health choices that were right for me.

Combined, these factors cost me 18 months of rocky mental health.

When my health collapsed the mental health care professionals recommend the combination of anti-depressants and counselling with a psychologist or psychiatrist. The good news is that this treatment, combined with a lot of hard work, and putting positive, supportive, relationships around me, is working. I came off the bottom quite quickly (a few months), and have continued to improve. I am currently weaning myself off the anti-depressants, and life is good, and getting better, as I “re-wire” my thought process.

That’s the difficult, personal bit out of the way. Lets talk about anti-depressants and science.

Did Anti-deps help me?

Due to Michael’s statistic above (anti-deps only 5% better than placebo) I was left with lingering doubts about anti-depressants. Could I be fooling myself, using something that didn’t work? This was too much for the scientist in me, so I felt compelled to check the evidence myself!

Now, the fact that I “got better” is not good enough. I may have improved from the counselling alone. Or through the “natural history” of disease, just like we automatically heal in 1-2 weeks from a common cold.

The health care professionals I worked with are confident anti-depressants function as advertised, based on their training and years of experience. This has some weight, but the causes and effects in mental health are complex. Professionals can hold mistaken beliefs. Indeed a wise professional will adapt as medical science advances and new therapies are replaced by old. They are not immune to unconscious bias. So the views of professionals, even based on years of experience, is not proof.

Trust Me. I’m a Doctor

I am a “Dr”, but not a medical one. I have a PhD in Electronic Engineering. I don’t know much about medicine, but I do know something about research. In a PhD you create a tiny piece of new knowledge, something human kind didn’t know before. It’s hard, and takes years, and even then the “contribution” you make is usually minor and left to gather dust on a shelf in a university library.

But you do learn how to find out what is real and what is not. How to separate facts from bullshit. You learn about scientific rigour. You do that by performing “research and disappointment” for four years, and finding out just how wrong you can be so many times before finally you get to to core of something real. You learn that what you want to believe, that your opinion, means nothing when it gets tested against the laws of nature.

So with the help of Michael and a great (and very funny) book on how medical trials work called Snake Oil Science, I did a little research of my own.

Drilling into a few studies

What I was looking for were “quality” studies, which have been carefully designed to sort out what’s true from what’s not. So my approach was to look into a few studies that supported the negative hypothesis. Get beyond the headlines.

One high quality study with the widely presented conclusion “anti-deps useless for mild and moderate depression” was (JAMA 2010). This paper and it’s conclusion has been debunked here. Briefly, they used the results from 3 studies of just one SSRI (Paxil) and used that under-representation to draw impossibly broad conclusions.

Ben Goldacre is campaigning against publication bias. This is the tendency for journals only to publish positive results. This is a real problem and I support Ben’s work. Unfortunately, it also feeds alt-med conspiracy theories about big pharma.

Ben has a great TED Talk on the problem of publication bias in drug trials. To lend credibility he cites a journal paper (NEJM 358 Turner). Ben presents numbers from this paper that suggest anti-depressants don’t work, due to selective publishing of only positive trials.

Here a couple of frames from Ben’s TED talk (at the 7:30 mark). Big pharma supplied the FDA with these results to get their nasty western meds approved:

However here are the real results with all trials included:

Looks like a damning case against anti-deps, and big pharma. Nope. I took the simple step of reading the paper, rather than accepting the argument from authority that comes from a physician quoting a journal paper, in A TED talk. Here is a direct quote from the paper Ben cited:

“We wish to clarify that non-significance in a single trial does not necessarily indicate lack of efficacy. Each drug, when subjected to meta-analysis, was shown to be superior to placebo. On the other hand, the true magnitude of each drug’s superiority to placebo was less than a diligent literature review would indicate.”

Just to summarise: Every drug. Superior to a placebo. This means they work.

The paper continues. By averaging all the data the overall mean effect size over all studies (published and not, all drugs) was 32% over a placebo. That’s actually quite positive.

So while Ben’s argument of publication bias is valid, his dramatic implication that anti-deps don’t work is wrong, at least from this study.

Yes publication bias is a big problem and needs to be addressed. However science is at work, self correcting, and it’s good to see guys like Ben working on it. It’s a classic trick used by alt-med as well: just quote good results, and ignore the results that show the alt-med therapies to be ineffective. This is Bad Science.

However this doesn’t discredit science, and shouldn’t make us abandon high quality trials and fall back on even poorer science like anecdotes and personal experience.

Breathless Headlines

This article from CBC News. No references to clinical studies, some leading questions, and a few personal opinions. So it’s just a hypothesis – but no more that that. A lack of understanding of the chemical functionality of a drug doesn’t invalidate it’s use. This isn’t the first time an effective drug’s function wasn’t well understood. For example Paracetamol isn’t completely understood even today.

As usual, a little digging reveals a very different slant that’s makes the CBC article look misleading. The author of the book is quoted in Wikipedia:

“Whitaker acknowledges that psychiatric medications do sometimes work but believes that they must be used in a ‘selective, cautious manner’. It should be understood that they’re not fixing any chemical imbalances. And honestly, they should be used on a short-term basis.”

I am attracted to the short term approach, and it is the approach suggested by the mental health care professionals that has helped me. Like a bandage or cast, anti-deps can support one while other mental health repairs are going on.

In contrast, the CBC article (first para):

“But people are questioning whether these drugs are the appropriate treatment for depression, and if they could even be causing harm.”

Poor journalism and cherry picking.

My Conclusions

My little investigation is by no means comprehensive. However the high quality journal papers I’ve studied so far support the hypothesis that anti-deps work and debunk the “anti-depressants are not effective compared to placebo” argument to my satisfaction.

I would like to read more studies of the combination of psycho-therapy and SSRIs – if anyone has any references to high quality journal papers on these subjects please let me know. The mental health nurse that treated me last year suggested recovery was about “40% SSRIs + 60% therapy”. I can visualise this treatment as a couple of normal distribution curves overlapping, with the means added together to be your mental health.

Medicine and Engineering

I was initially aghast at some of the crappy science even I can pick up in these “journal” papers. “This would never happen in engineering” I thought. However I bet some similar tricks are at play. There are pressures to “publish, patent” etc that would encourage bad science there too. For example signal processing papers rarely publish their source code, so it’s very hard to reproduce a competing algorithm. All you have is a few of the core equations. If I make a bug while simulating a competitors algorithm, it gives me the “right” answer – Oh look mine is better!

In my research: Some people using Codec 2 say it sounds bad and doesn’t work well for HF comms. Other people are saying it’s great and much better than the legacy analog technology. Huh? Well, I could average them out in a meta study and say “it’s about the same as analog”. Or use my internal bias and self esteem to simply conclude Codec 2 is awesome.

But what I am actually doing is saying “Hmm, that’s interesting – why can two groups of sensible people have the opposite results? Lets look into that”. Turns out different microphones make Codec 2 behave in different ways. This is leading me to investigate the effect of the input speech filtering. So through this apparent conflict we are learning more and improving Codec 2. What an awesome result!

I suspect it’s the same with anti-deps. Other factors are at play and we need better study design. Frustrating – we all want definitive answers. But no one said Science was easy. Just that it’s self correcting.

That’s why IFL Science.

Glen Turner: Raspberry Pi and 802.11 wireless (WiFi) networks

Fri, 2014-08-22 22:02

A note to readers

There are a many ways to configure wireless networking on Debian. Far too many. What is described here is the simplest option which uses the programs and configurations which ship in an unaltered Raspbian distribution. This lets people bring up wireless networking to their home access point with a minimum of fuss. More advanced configurations may be more easily done with other tools, such as NetworkManager. Now back to your originally programmed channel…

The RaspberryPi does not come with wireless onboard. But it's simple enough to buy a small USB wireless dongle. Element14 sell them for A$9.31. It's unlikely you'll see them in shops for such a low price so it is well work ordering a WiFi dongle with your RPi.

Raspbian already comes with the necessary software installed. Let's say our home wireless network has a SSID of example and a pre-shared key (aka password) of TGAB…Klsh. Edit /etc/wpa_supplicant/wpa_supplicant.conf. You will see some existing lines:

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev update_config=1

Now add some lines describing your wireless network:

network={ ssid="example" psk="TGABpPpabLkgX0aE2XOKIjsXTVSy2yEF0mtUgFjapmMXwNNQ3yYJmtA9pGYKlsh" scan_ssid=1 }

The parameter scan_ssid=1 allows the WiFi dongle to connect with a wireless access point which does not do SSID broadcasts.

Now plug the dongle in. Check dmesg that udev installed the dongle's device driver:

$ dmesg [ 3.873335] usb 1-1.4: new high-speed USB device number 5 using dwc_otg [ 4.005018] usb 1-1.4: New USB device found, idVendor=0bda, idProduct=8176 [ 4.030075] usb 1-1.4: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 4.050034] usb 1-1.4: Product: 802.11n WLAN Adapter [ 4.060398] usb 1-1.4: Manufacturer: Realtek [ 4.069904] usb 1-1.4: SerialNumber: 000000000001 [ 8.586604] usbcore: registered new interface driver rtl8192cu

A new interface will have appeared:

$ ifconfig wlan0 wlan0 Link encap:Ethernet HWaddr 00:11:22:33:44:55 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 KiB) TX bytes:0 (0.0 KiB)

IPv4's DHCP should run and your interface should be populated with addresses:

$ ifconfig wlan0 wlan0 Link encap:Ethernet HWaddr 00:11:22:33:44:55 inet addr:192.0.2.1 Bcast:192.0.2.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:100 errors:0 dropped:0 overruns:0 frame:0 TX packets:100 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 KiB) TX bytes:0 (0.0 KiB)

If you use multiple wireless networks, then add additional network={…} stanzas to wpa_supplicant.conf. wpa_supplicant will choose the correct stanza based on the SSIDs present on the wireless network.

IPv6

If you are using IPv6 (by deleting /etc/modprobe.d/ipv6.conf) then IPv6's zeroconf and SLAAC will run and you will also get a IPv6 link-local address and maybe a global address if your network has IPv6 connectivity off the subnet.

$ ifconfig wlan0 wlan0 Link encap:Ethernet HWaddr 00:11:22:33:44:55 inet addr:192.0.2.1 Bcast:192.0.2.255 Mask:255.255.255.0 inet6 addr: fe80::211:22ff:fe33:4455/64 Scope:Link inet6 addr: 2001:db8:abcd:1234:211:22ff:fe33:4455/64 Scope:Global UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:100 errors:0 dropped:0 overruns:0 frame:0 TX packets:100 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 KiB) TX bytes:0 (0.0 KiB) Commonly occurring issues

If the interface is not populated with addresses then try to restart the interface. You will need to do this if you plugged the dongle in prior to editing wpa_supplicant.conf.

$ sudo ifdown wlan0 $ sudo ifup wlan0

If you still have trouble then look at the messages in /var/log/daemon.log, especially those from wpa_supplicant. Also check dmesg, ensuring that the device driver isn't printing messages indicating misbehaviour.

Also check that the default route points to where you expect; that is, the default route line says default via … dev wlan0.

$ ip route show default via 192.168.255.254 dev wlan0 192.168.255.0/24 dev wlan0 proto kernel scope link src 192.168.255.1 $ ip -6 route show 2001:db8:abcd:1234::/64 dev wlan0 proto kernel metric 256 expires 10000sec fe80::/64 dev wlan0 proto kernel metric 256 default via fe80::1 dev wlan0 proto ra metric 1024 expires 1000sec

If you have edited /etc/network/interfaces then you may need to restore these lines to that file:

allow-hotplug wlan0 iface wlan0 inet manual wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf iface default inet dhcp Security

As this example shows, the pre-shared key should be long — up to 63 characters — and very random. The entire strength of WPA2 relies on the length and randomness of the key. If your current key is neither of these then you might want to generate a new key and configure it into the access point.

An easy way to generate a key is:

$ sudo apt-get install pwgen $ pwgen -s 63 1 TGABpPpabLkgX0aE2XOKIjsXTVSy2yEF0mtUgFjapmMXwNNQ3yYJmtA9pGYKlsh

This works even better if you use the RaspberryPi's hardware random number generator.

There is only one secure wireless protocol which you can use at home: Wireless Protected Access version two with pre-shared key, this is known as “WPA2-PSK” or as “WPA2 Personal”. The only secure encryption is CCMP -- this uses the Advanced Encryption Standard and is sometimes named “AES” in the access point configurations. The only secure authentication algorithm for use with WPA2-PSK is OPEN: this doesn't mean “open access point for use by all, so no authentication” but the reverse: “Open Systems Authentication”.

You can configure wpa_supplicant.conf to insist on these secure options as the only technology it will use with your home network.

network={ ssid="example" psk="TGABpPpabLkgX0aE2XOKIjsXTVSy2yEF0mtUgFjapmMXwNNQ3yYJmtA9pGYKlsh" scan_ssid=1 # Prevent backsliding into insecure protocols key_mgmt=WPA-PSK auth_alg=OPEN proto=WPA2 group=CCMP pairwise=CCMP }

Andrew Pollock: [life] Day 205: Rainy day play, a Brazilian Jiu-Jitsu refresher

Fri, 2014-08-22 20:25

I had grand plans of doing a 10 km run in the Minnippi Parklands, pushing Zoe in the stroller, followed by some bike riding practise for Zoe and a picnic lunch. Instead, it rained. We had a really nice day, nevertheless.

Zoe slept well again, and I woke up pretty early and was already well and truly awake when she got out of bed, so as a result we were ready to hit the road reasonably early. Since it was raining, I thought a visit to Lollipops Play Cafe would be a fun treat.

We got there about 10 minutes before the play cafe opened, so after some puddle stomping, we popped into Bunnings to get a few things, and then went to Lollipops.

Unfortunately Jason was tied up, so Megan couldn't join us. I did run into Mel, a mother from Kindergarten, who was there with her son, Matthew, and daughter. So instead of practising my knots or doing my real estate license assessment, I ended up having a chat with her , which was nice. She mentioned that she had some stuff to try and do in the afternoon, so I asked if Matthew wanted to come over for a play date for a couple of hours. He was keen for that.

So we went home, and I made some lunch for us, and then Mel dropped Matthew off at around 1pm, and they had a great time playing. I think first up they played a game of hide and seek, and then my practise rope got used for quite a bit of tug-o-war, and then we did some craft. After that I busted out the kinetic sand, and that kept them occupied for ages. They also just had a bit of a play with all the boxes on the balcony. It was a really nice play session. I like it when boys come over for a play date, as the dynamic is totally different, and Zoe and Matthew played really well together.

I dropped Matthew back home on the way to Zoe's Brazilian Jiu Jitsu class. Infinity Martial Arts was running a "please come back" promotion, where you could have two free lessons and a new uniform, so I figured, why not? I'd like to give Zoe the choice of Brazilian Jiu Jitsu again or gymnastics for Term 4, and this seemed like a good way of refreshing her memory as to what Brazilian Jiu Jitsu was. I'm hoping that Tumbletastics will do a free lesson in the school holidays as well, so Zoe will be able to make a reasonably informed choice.

Zoe's now in the "4 to 7" age group for BJJ classes, and there was just one other boy in the class today. She did really well, and the new black Gi looks really good on her. She also had the same teacher, Patrick, who she's really fond of, so it was a good afternoon all round. We stayed and watched a little bit of the 7 to 11 age group class that followed before heading back home.

We'd barely gotten home and Sarah arrived to pick up Zoe, so the day went quite quickly really, without being too hectic.

Michael Still: Juno nova mid-cycle meetup summary: conclusion

Fri, 2014-08-22 17:27
There's been a lot of content in this series about the Juno Nova mid-cycle meetup, so thanks to those who followed along with me. I've also received a lot of positive feedback about the posts, so I am thinking the exercise is worthwhile, and will try to be more organized for the next mid-cycle (and therefore get these posts out earlier). To recap quickly, here's what was covered in the series:



The first post in the series covered social issues: things like how we organized the mid-cycle meetup, how we should address core reviewer burnout, and the current state of play of the Juno release. Bug management has been an ongoing issue for Nova for a while, so we talked about bug management. We are making progress on this issue, but more needs to be done and it's going to take a lot of help for everyone to get there. There was also discussion about proposals on how to handle review workload in the Kilo release, although nothing has been finalized yet.



The second post covered the current state of play for containers in Nova, as well as our future direction. Unexpectedly, this was by far the most read post in the series if Google Analytics is to be believed. There is clear interest in support for containers in Nova. I expect this to be a hot topic at the Paris summit as well. Another new feature we're working on is the Ironic driver merge into Nova. This is progressing well, and we hope to have it fully merged by the end of the Juno release cycle.



At a superficial level the post about DB2 support in Nova is a simple tale of IBM's desire to have people use their database. However, to the skilled observer its deeper than that -- its a tale of love and loss, as well as a discussion of how to safely move our schema forward without causing undue pain for our large deployments. We also covered the state of cells support in Nova, with the main issue being that we really need cells to be feature complete. Hopefully people are working on a plan for this now. Another internal refactoring is the current scheduler work, which is important because it positions us for the future.



We also discussed the next gen Nova API, and talked through the proposed upgrade path for the transition from nova-network to neutron.



For those who are curious, there are 8,259 words (not that I am counting or anything) in this post series including this summary post. I estimate it took me about four working days to write (ED: and about two days for his trained team of technical writers to edit into mostly coherent English). I would love to get your feedback on if you found the series useful as it's a pretty big investment in time.



Tags for this post: openstack juno nova mid-cycle summary

Related posts: Juno nova mid-cycle meetup summary: nova-network to Neutron migration; Juno nova mid-cycle meetup summary: scheduler; Juno nova mid-cycle meetup summary: ironic; Juno nova mid-cycle meetup summary: DB2 support; Juno nova mid-cycle meetup summary: social issues; Juno nova mid-cycle meetup summary: slots



Comment