Planet Linux Australia

Syndicate content
Planet Linux Australia -
Updated: 43 min 22 sec ago

Jan Schmidt: New gst-rpicamsrc features

Tue, 2015-04-28 01:26

I’ve pushed some new changes to my Raspberry Pi camera GStreamer wrapper, at

These bring the GStreamer element up to date with new features added to raspivid since I first started the project, such as adding text annotations to the video, support for the 2nd camera on the compute module, intra-refresh and others.

Where possible, you can now dynamically update any of the properties – where the firmware supports it. So you can implement digital zoom by adjusting the region-of-interest (roi) properties on the fly, or update the annotation or change video effects and colour balance, for example.

The timestamps produced are now based on the internal STC of the Raspberry Pi, so the audio video sync is tighter. Although it was never terrible, it’s now more correct and slightly less jittery.

The one major feature I haven’t enabled as yet is stereoscopic handling. Stereoscopic capture requires 2 cameras attached to a Raspberry Pi Compute Module, so at the moment I have no way to test it works.

I’m also working on GStreamer stereoscopic handling in general (which is coming along). I look forward to releasing some of that code soon.


Andrew McDonnell: Using an i2c RTC with the Carambola2 (or any OpenWRT modified router)

Mon, 2015-04-27 22:27

Using i2c with a modded router is simple enough, if you have two spare GPIO then the module package kmod-i2c-gpio-custom allows selected GPIO pins to be bound to SCL and SDA respectively when the module is loaded.

However for inexplicable reasons the ability to bind an i2c RTC module to the Linux hardware clock is disabled by default by the OpenWRT configuration mechanism for ar71xx and other consumer router architectures, and there is no way to turn it on without patching!

Regardless, here is how to use an i2c RTC with the Carambola2 or any other ar71xx architecture router (e.g. WRTnode, etc.)

  • Patch the file target/linux/ar71xx/generic/ as follows:

    -FEATURES += squashfs +FEATURES += squashfs +rtc
  • Patch the kernel configuration target/linux/ar71xx/config-3.xx where (xx depends on your version of OpenWRT) as follows:

  • Note: the kernel configuration can be modified via the kernel build system using the command make kernel_menuconfig
  • Note: add other kernel i2c RTC modules as required
  • Add the module to your image:

  • If you have previously built OpenWRT then remove the tmp/ directory, or the change ‘+rtc’ will be ignored and the DS1307 module will not be included in your image
  • Run make defconfig
  • Build your image: make -j2

If everything worked, then the the file /lib/modules/3.xx…/rtc-ds1307.ko should be in the resulting image

Following is an aggregation of information I was already able to find elsewhere on the net.

  • Ensure that i2c-tools package is installed as well. This may require the ‘oldpackages’ feed.
  • Configure the module as follows by creating a file /etc/modules.d/99gpio-i2c-rtc
  • You can also put this file into files/etc/modules.d/99gpio-i2c-rtc for it to be automatically added to your image
  • Create the following content, where in this example 18 == SDA pin id and 19 == SCL pin id

    i2c-gpio-custom bus0=0,18,19 rtc-ds1307
  • There are additional arguments controlling delays, etc.; refer to package/kernel/i2c-gpio-custom/src/i2c-gpio-custom.c
  • Create a script, /etc/init.d/rtc-driver to load the device driver and set the time.

    #!/bin/sh /etc/rc.common logger "Setup i2c RTC" echo ds1307 0x68 > '/sys/class/i2c-dev/i2c-0/device/new_device' if hwclock | grep 'Jan' | grep -q 2000 ; then logger "RTC appears to have a flat battery..." else logger "RTC set hwclock" hwclock -s fi
  • Create a symlink…

    ln -s /etc/init.d/rtc-driver /etc/rc.d/S11rtc-driver
  • Note, if you are running ntp that will take over anyway, but for system with an intermittent or no network connection, or if the network is down on boot, the RTC will provide a better time than 1 Jan 2012 or whatever…

You can test the above out before scripting it by booting the system and manually stepping through:

modprobe i2c-gpio-custom bus0=0,18,19 i2cdetect -l modprobe rtc-ds1307 echo ds1307 0x68 > '/sys/class/i2c-dev/i2c-0/device/new_device' hwclock


PS Dont forget pullup presistors, and take care interfacing between 5V and 3.3V systems and peripherals…

Ben Martin: Unbrick the NUC

Mon, 2015-04-27 21:14
It seems there are many folks with the suspend of death on the NUC. When you suspend to RAM you can't get back. When you disconnect power for a while you can't turn it on again. Welcome to brickland, population: you. I found that following the advice on the forums if I disconnect the CMOS battery for a bit then I could turn on the NUC again.

The downside is that the CMOS battery is installed under the motherboard, so you have to remove the motherboard which is no easy task the first time. Then each subsequent time that the NUC bricks you have to take it apart again to such a great extent.

Luckily I found these extension leads which let me bring out the battery from the case. So hopefully now a debrick isn't going to involve a system teardown anymore.

Linux Users of Victoria (LUV) Announce: LUV Main May 2015 Meeting: Performance Co-Pilot / Android Privacy 101

Mon, 2015-04-27 20:29
Start: May 5 2015 19:00 End: May 5 2015 21:00 Start: May 5 2015 19:00 End: May 5 2015 21:00 Location: 

The Buzzard Lecture Theatre. Evan Burge Building, Trinity College, Melbourne University Main Campus, Parkville.



• Nathan Scott: Performance Co-Pilot

• Paul Fenwick: Android Privacy 101

The Buzzard Lecture Theatre, Evan Burge Building, Trinity College Main Campus Parkville Melways Map: 2B C5

Notes: Trinity College's Main Campus is located off Royal Parade. The Evan Burge Building is located near the Tennis Courts. See our Map of Trinity College. Additional maps of Trinity and the surrounding area (including its relation to the city) can be found at

Parking can be found along or near Royal Parade, Grattan Street, Swanston Street and College Crescent. Parking within Trinity College is unfortunately only available to staff.

For those coming via Public Transport, the number 19 tram (North Coburg - City) passes by the main entrance of Trinity College (Get off at Morrah St, Stop 12). This tram departs from the Elizabeth Street tram terminus (Flinders Street end) and goes past Melbourne Central Timetables can be found on-line at:

Before and/or after each meeting those who are interested are welcome to join other members for dinner. We are open to suggestions for a good place to eat near our venue. Maria's on Peel Street in North Melbourne is currently the most popular place to eat after meetings.

LUV would like to acknowledge Red Hat for their help in obtaining the Buzzard Lecture Theatre venue and VPAC for hosting.

Linux Users of Victoria Inc. is an incorporated association, registration number A0040056C.

May 5, 2015 - 19:00

read more

Sridhar Dhanapalan: Twitter posts: 2015-04-20 to 2015-04-26

Mon, 2015-04-27 00:26

Russell Coker: Anti-Systemd People

Sun, 2015-04-26 22:26
For the Technical People

This post isn’t really about technology, I’ll cover the technology briefly skip to the next section if you aren’t interested in Linux programming or system administration.

I’ve been using the Systemd init system for a long time, I first tested it in 2010 [1]. I use Systemd on most of my systems that run Debian/Wheezy (which means most of the Linux systems I run which aren’t embedded systems). Currently the only systems where I’m not running Systemd are some systems on which I don’t have console access, while Systemd works reasonably well it wasn’t a standard init system for Debian/Wheezy so I don’t run it everywhere. That said I haven’t had any problems with Systemd in Wheezy, so I might have been too paranoid.

I recently wrote a blog post about systemd, just some basic information on how to use it and why it’s not a big deal [2]. I’ve been playing with Systemd for almost 5 years and using it in production for almost 2 years and it’s performed well. The most serious bug I’ve found in systemd is Bug #774153 which causes a Wheezy->Jessie upgrade to hang until you run “systemctl daemon-reexec” [3].

I know that some people have had problems with systemd, but any piece of significant software will cause problems for some people, there are bugs in all software that is complex enough to be useful. However the fact that it has worked so well for me on so many systems suggests that it’s not going to cause huge problems, it should be covered in the routine testing that is needed for a significant deployment of any new version of a distribution.

I’ve been using Debian for a long time. The transitions from libc4 to libc5 and then libc6 were complex but didn’t break much. The use of devfs in Debian caused some issues and then the removal of devfs caused other issues. The introduction of udev probably caused problems for some people too. Doing major updates to Debian systems isn’t something that is new or which will necessarily cause significant problems, I don’t think that the change to systemd by default compares to changing from a.out binaries to ELF binaries (which required replacing all shared objects and executables).

The Social Issue of the Default Init

Recently the Debian technical committee determined that Systemd was the best choice for the default init system in Debian/Jessie (the next release of Debian which will come out soon). Decisions about which programs should be in the default install are made periodically and it’s usually not a big deal. Even when the choice is between options that directly involve the user (such as the KDE and GNOME desktop environments) it’s not really a big deal because you can just install a non-default option.

One of the strengths of Debian has always been the fact that any Debian Developer (DD) can just add any new package to the archive if they maintain it to a suitable technical standard and if copyright and all other relevant laws are respected. Any DD who doesn’t like any of the current init systems can just package a new one and upload it. Obviously the default option will get more testing, so the non-default options will need more testing by the maintainer. This is particularly difficult for programs that have significant interaction with other parts of the system, I’ve had difficulties with this over the course of 14 years of SE Linux development but I’ve also found that it’s not an impossible problem to solve.

It’s generally accepted that making demands of other people’s volunteer work is a bad thing, which to some extent is a reasonable position. There is a problem when this is taken to extremes, Debian has over 1000 developers who have to work together so sometimes it’s a question of who gets to do the extra work to make the parts of the distribution fit together. The issue of who gets to do the work is often based on what parts are the defaults or most commonly used options. For my work on SE Linux I often have to do a lot of extra work because it’s not part of the default install and I have to make my requests for changes to other packages be as small and simple as possible.

So part of the decision to make Systemd be the default init is essentially a decision to impose slightly more development effort on the people who maintain SysVInit if they are to provide the same level of support – of course given the lack of overall development on SysVInit the level of support provided may decrease. It also means slightly less development effort for the people who maintain Systemd as developers of daemon packages MUST make them work with it. Another part of this issue is the fact that DDs who maintain daemon packages need to maintain init.d scripts (for SysVInit) and systemd scripts, presumably most DDs will have a preference for one init system and do less testing for the other one. Therefore the choice of systemd as the default means that slightly less developer effort will go into init.d scripts. On average this will slightly increase the amount of sysadmin effort that will be required to run systems with SysVInit as the scripts will on average be less well tested. This isn’t going to be a problem in the short term as the current scripts are working reasonably well, but over the course of years bugs may creep in and a proposed solution to this is to have SysVInit scripts generated from systemd config files.

We did have a long debate within Debian about the issue of default init systems and many Debian Developers disagree about this. But there is a big difference between volunteers debating about their work and external people who don’t contribute but believe that they are entitled to tell us what to do. Especially when the non-contributors abuse the people who do the work.

The Crowd Reaction

In a world filled with reasonable people who aren’t assholes there wouldn’t be any more reaction to this than there has been to decisions such as which desktop environment should be the default (which has caused some debate but nothing serious). The issue of which desktop environment (or which version of a desktop environment) to support has a significant affect on users that can’t be avoided, I could understand people being a little upset about that. But the init system isn’t something that most users will notice – apart from the boot time.

For some reason the men in the Linux community who hate women the most seem to have taken a dislike to systemd. I understand that being “conservative” might mean not wanting changes to software as well as not wanting changes to inequality in society but even so this surprised me. My last blog post about systemd has probably set a personal record for the amount of misogynistic and homophobic abuse I received in the comments. More gender and sexuality related abuse than I usually receive when posting about the issues of gender and sexuality in the context of the FOSS community! For the record this doesn’t bother me, when I get such abuse I’m just going to write more about the topic in question.

While the issue of which init system to use by default in Debian was being discussed we had a lot of hostility from unimportant people who for some reason thought that they might get their way by being abusive and threatening people. As expected that didn’t give the result they desired, but it did result in a small trend towards people who are less concerned about the reactions of users taking on development work related to init systems.

The next thing that they did was to announce a “fork” of Debian. Forking software means maintaining a separate version due to a serious disagreement about how it should be maintained. Doing that requires a significant amount of work in compiling all the source code and testing the results. The sensible option would be to just maintain a separate repository of modified packages as has been done many times before. One of the most well known repositories was the Debian Multimedia repository, it was controversial due to flouting legal issues (the developer produced code that was legal where they lived) and due to confusion among users. But it demonstrated that you can make a repository containing many modified packages. In my work on SE Linux I’ve always had a repository of packages containing changes that haven’t been accepted into Debian, which included changes to SysVInit in about 2001.

The latest news on the fork-Debian front seems to be the call for donations [4]. Apparently most of the money that was spent went to accounting fees and buying a laptop for a developer. The amount of money involved is fairly small, Forbes has an article about how awful people can use “controversy” to get crowd-funding windfalls [5].

MikeeUSA is an evil person who hates systemd [6]. This isn’t any sort of evidence that systemd is great (I’m sure that evil people make reasonable choices about software on occasion). But it is a significant factor in support for non-systemd variants of Debian (and other Linux distributions). Decent people don’t want to be associated with people like MikeeUSA, the fact that the anti-systemd people seem happy to associate with him isn’t going to help their cause.


Forking Debian is not the correct technical solution to any problem you might have with a few packages. Filing bug reports and possibly forking those packages in an external repository is the right thing to do.

Sending homophobic and sexist abuse is going to make you as popular as the GamerGate and people. It’s not going to convince anyone to change their mind about technical decisions.

Abusing volunteers who might consider donating some of their time to projects that you like is generally a bad idea. If you abuse them enough you might get them to volunteer less of their time, but the most likely result is that they just don’t volunteer on anything associated with you.

Abusing people who write technical blog posts isn’t going to convince them that they made an error. Abuse is evidence of the absence of technical errors.

Related posts:

  1. systemd – a Replacement for init etc The systemd projecct is an interesting concept for replacing init...
  2. Systemd Notes A few months ago I gave a lecture about systemd...
  3. more on anti-spam In response to my last entry about anti-spam measures and...

Chris Samuel: The True Meaning of Myki

Sat, 2015-04-25 18:26

Those around Victoria will be familiar with our public transport payment system called “Myki” which has had, shall we say, some teething troubles. It appears this was well known to the Vikings over 1,000 years ago as this list of Old Norse words that made it into English has:

muck – myki (cow dung)

So there you go, Myki is actually Old Norse for bullshit.

This item originally posted here:

The True Meaning of Myki

Michael Still: Tuggeranong Trig (again)

Sat, 2015-04-25 11:29
The cubs at my local scout group are interested in walking to a trig, but have some interesting constraints around mobility for a couple of their members. I therefore offered to re-walk Tuggeranong Trig in Oxley with an eye out for terrain. I think this walk would be very doable for cubs -- its 650 meters with only about 25 meters of vertical change. The path is also ok for a wheelchair I think.


Interactive map for this route.

Tags for this post: blog pictures 20150415-tuggeranong_trig photo canberra bushwalk trig_point

Related posts: Goodwin trig; Big Monks; Narrabundah trig and 16 geocaches; Cooleman and Arawang Trigs; One Tree and Painter; A walk around Mount Stranger


Donna Benjamin: Peace and Freedom

Sat, 2015-04-25 09:26
Saturday, April 25, 2015 - 09:02

It's ANZAC day.

It's the 100 year anniversary of a particularly bad battle in Turkey, that has somehow come to represent the apex of Australian and NewZealand glorification of war. Sure, we say it's not glorifying war - but seriously how is this wall to wall coverage not glorification? The coverage in all media over the past week has numbed my senses. Not made me reflect on sacrifice.

All our focus on this one stupid battle? I'd like to put some focus on those efforts to stop the slaughter.

Gallipolli was ultimately a battle lost for the ANZACs.

So too was the attempt by over 1000 women who came together in 1915 to try to stop war. To call for resolutions for peace. To identify and disarm the causes of conflict. If only we could reflect more on that effort.

The Women's International League for Peace and Freedom -

Image: Screengrab from

Text in the image says:

As the British army, including Anzacs, is invading Turkey more than 1000 women from both warring and neutral nations meet in The Hague for the International Congress of Women. They set out resolutions for ending all war and resolve to take them immediately to all heads of state in Europe and the USA. They name themselves the International Committee of Women for Permanent Peace.

"I know that the idea that lasting peace can be gained through war is nonsense" - Eleanor Moore

Andrew McDonnell: Why is the Arduino IDE so stupid?

Thu, 2015-04-23 22:26

If I perform the following actions:

  • File, New

    Opens a new editor window. Reasonable enough, although I would have preferred a default single-window GUI model like QtCreator or even gedit.
  • File, Save

    Opens a save as dialog. In spite of the Arduino ‘sketchbook’ directory, it opens in my home directory.
  • New Folder

    Creates a directory New Folder, but doesn’t shift the focus to it, leaving you confused when this is done in a directory with a lot of files…
  • Click on ‘New Folder’ and rename it, say, Test123
  • Navigate into Test123/
  • Type in a filename for the project, say, TestTest1
  • Hit save.

    So now Arduino IDE dutifully ignores what I typed and proceeds to create a tab called ‘Test123′.

    It will even do this if ‘Test123/’ already existed.

  • File, Save As.

    It forgets where you where in the hierarchy and starts in the home directory again(!)
  • Navigate to Test123/ intending to use it as a container for multiple projects
  • Type in a filename, say Hello, then hit Save
  • The sketch is _still_ called Test123.


So insanely enough, it seems you essentially create a director and thats where the sketch gets its name.  Within that directory it creates a file with the same name with the extension ‘.ino’

Lets try something else:

  • From the shell, create a directory, Test456 and create a readme.txt file, and a directory Test456a and a file Test456a/readme2.txt
  • File New
  • File save
  • Navigate into Test456
  • Type in helloworld for the name
  • Again, the project gets called Test456
  • But take a look in the directory Test456: the contents are now gone (all, including the sub directory Test456a) and replaced with Test123.ino


Luckily I discovered this in a directory in a git working copy with no modifications so I didn’t lose anything important.

Testing done using Arduino1.5.8 amd64 for Digispark. So its a little out of date but not exactly the oldest either.

I have used Arduino before and to be honest I don’t recall it being this stupid, but maybe I just got lucky.

One difference is this time I got sick of the massive latency opening the windows and tried a few different Java JRE (openjdk6, openjdk7, gcc4.7-jre) before discovering that with gcc4.7-jre the menus are as snappy as the openbox right click menu, or even a (*sharp intake of breath*) brand new Windows 7 corporate desktop… maybe there is some API implementation difference between the JRE’s that affects the file save dialog functionality.

I don’t seem to have any issues opening projects.

So my workflow for creating a new project now consists of:

  • From the shell, create a directory in the relevant part of the git working copy I am using
  • Create a new empty .ino text file with the same name as the directory (or copy a template I made)
  • Open it with the IDE and start working


Sridhar Dhanapalan: Twitter posts: 2015-04-13 to 2015-04-19

Mon, 2015-04-20 00:26

James Purser: A letter sent, a disappointment received.

Sat, 2015-04-18 21:30

While I was distracted from the whole blogging thing, something did actually get me hacking at the keyboard on something that wasn't code. That was the metadata laws and the actions of the Labor party in allowing them to pass through with a few amendments that in the long run are going to be meaningless.

So I hacked out an email to my local federal member Stephen Jones (which I've included below).

I didn't actually receive a response from Stephen Jones until after the legislation passed through the Senate, and I have to say that I was seriously disappointed. I don't expect a lot from my representatives, but what I would like is something that actually addresses the points that I set out in the original email. What I got was the stock standard "we need to do this because [INSERT SOMETHING ABOUT TERRISMS HERE]".


Dear Stephen Jones,

I've always found you to be a decent person and someone who cares for his electorate. However I am deeply concerned at the fact that you and Labor seem to have allowed the governments Data Retention Legislation to pass without either looking at the amendments or in fact seriously considering whether it is needed at all.

Leaving aside the near Orwellian prospect of the entire nations communications being tracked for a rolling period of two years. There are a huge number of problems that seem to have been overlooked in the name of "national security".

- No warrants. There is no judicial oversight of the access to this data. I cannot believe that this is a thing that is supported. Why do we now think that it's not possible for police and other services to misuse their powers? Checks and balances exist for a reason and any move to water them down is dangerous.

- The actual data to be retained still has not been defined. In fact the legislation with amendments requires the ISP's to determine what "type" of communication it is, which means that the ISP will need to look at the content of the packet. This is not just "envelope" stuff, this is looking inside the envelope and working out what the letter you're mailing is about. This is bad.

- There doesn't appear to actually be a need for it. What problem does it solve that hasn't already been solved? The police and intelligence services seem to be operating quite well already, arresting those who would do us harm and relying on targetted communicates intercepts.

- The possibilities for abuse are through the roof. Not only for official abuse but you've just created a massive honeypot for every script kiddie and cracker around.

- What safeguards are there against using this information retrospectively? Say a new government comes into power and decides that something should be illegal and it should be illegal retrospectively? What's to stop them using this great store of data to start prosecuting people?

Labor and the government have both just told the Australian public that they are now suspect. That their every action needs to be tracked, just in case they may do something wrong. This is not something I am comfortable with, and frankly neither should you be.


Blog Catagories: Politics

James Purser: Dare Devil

Thu, 2015-04-16 23:30

So we've been watching Dare Devil over the last couple of nights, we're up to episode 3 and I have to say I'm really impressed.

I've never been a big fan of Dare Devil the character, and dear god the movie was complete shite (up there with the first Hulk movie featuring Eric Bana for badness), but this series has really sucked me in.

For episode 3 what really brought it home for me was Ben Urich. A journalist for the Daily Bugle in the comics, Urich represents the every man and is often used to tell the story of the normal people caught up in the semi regular destruction rained down upon New York (which has included the Hulk taking over, everyone in Manhatten being turned into Spider creatures, the almost annual flooding by Namor and of course an alien invasion or two).

I'm really liking the shorter series formats for the Marvel shows as well (well leaving aside Agents of Shield). They carry the comic book story arc feel much better than trying to drag things out for 23 episodes. Agent Carter proved that and now so is Dare Devil.

All in I'm pretty happy with the state of Marvels Cinematic Universe, and am looking forward to seeing the next tranche.

Blog Catagories: mediamarvel

Leon Brooks

Tue, 2015-04-14 21:05
Imagine a roadblock which is a wall of perfectly transparent AeroGel.

Here you are, barrelling down a highway at the speed limit, when suddenly you realise that you have come to a halt, so gently that you weren’t aware of as much as having slowed down.

Viola! You now have some idea of what is like to have been Gaslighted for over 5000 days by a person who is an emotional vampire: their goal is not to kill you, it’s to keep sucking away your self in order to present a façade of having a self themselves.

If you have been “told,” tens of thousands of times in indirect ways (never directly: you only become aware of an increasing number of knives accumulating in your back over a span of time), that you cannot succeed, that establishes just such an emotional roadblock.

Right now, teaching a Raspberry Pi to sing is not happening. I know what needs to be done. The resources to discover exactly how to do it are freely available. It simply does not happen. Welcome to the AeroGel roadblock.

The self-righteous Psychopath who spent so much time installing this roadblock in my mind can do no wrong in their own eyes. To actually imply that their integrity is less than complete inspires a rage attack (which is not the same as anger: there is no control at all). Deprogramming each of these blocks will not take place instantly.

Tim Serong: Get off my Lawn

Tue, 2015-04-14 02:28

When I was about the right age to first think that taking compromising photos of myself might be good for a lark, technology was a little different. Mobile phones that weren’t actually bricks anymore could show maybe two lines of pixelated text on an unpleasantly glowing background, terrible quality digital cameras were barely affordable, and connecting to the internet actually had a sound – kind of like KSShhh-aaa-KWEO-pung-pung-drhdrhdrhd-KHH, but it went for longer than that. Or maybe it was: mobile phones only existed in gangster movies where they were installed as part of a car, digital cameras didn’t exist, and I only had access to a few local BBSes. I forget the specifics, but that’s not the point – the point is that when I was in my teens, technology was shit, and nobody had any of it. Now, technology is excellent, everybody has all of it, it’s really easy to use, and the ways in which we interact with our technology shape the ways we expect our technology to work.

If I write an email to someone, I’m thinking “I will type my message in this box here, hit SEND, and then they will receive the message and read it”. I am not thinking “I will type my message in here, hit SEND, then it will be transmitted in plain text across a vast network of computer systems, through a number of mail servers, possibly be recorded by several government agencies in case I’m a terrorist, be stored for a little while in a mail spool and possibly backed up by some ISP, before eventually being downloaded and read by the intended recipient”.

Same with photos: “I will take a picture and share it with my wife” is a distinctly personal experience (regardless of what it’s a photo of), and that’s what I’m thinking at the time. I am not thinking “I will take a picture with my phone which will then be uploaded across that same vast network to a cloud system somewhere and stored for Eris-only-knows how long in some other jurisdiction which can probably be hacked by script kiddies”.

Technology now is all about communicating with people, and about sharing our experiences, and that we can do this without having any idea what’s actually going on is fantastic. The price though is that with each service we use, we give up a certain amount of privacy, and what privacy we give up is not necessarily obvious.

To go back to the compromising photo example: When all I had was a little film camera, nobody I knew ever took photos they wouldn’t be happy for random strangers to see, because we all knew that we had to take the film to get processed – the mechanics of how the technology worked were at least somewhat obvious to the people using the technology. As far as I am aware, there are no nude photos in existence of my teenage self and partners, because we didn’t want those perverts in the photo shop to see them.

I want a world where user experience accurately reflects potential privacy – not “sharing to circles”, or allegedly private “private messages”, but where any share that could conceivably result in non-private communication is preceded by a dialog that states “I hope you know that this will go down on your permanent record”. Because privacy is important – as Bruce Schneier said: “Privacy is not about something to hide. Privacy is about human dignity. Privacy is about individuality. Privacy is about being able to decide when and how we show ourselves to other people.”

Dave Hall: Managing Variables in Drupal 7

Mon, 2015-04-13 23:30

A couple of times recently the issue of managing variables in Drupal 7 has come up in conversation with other developers. This post outlines the various ways of managing variables in Drupal sites. The three things this guide ensures:

  • Sensitive data is kept secure
  • Variables are correct in each environment
  • You are able to track your variables (and when they changed)
The Variables Table

The most common place you'll find configuration variables is in Drupal's variable table (aka {variable}). The values in this table are often managed via admin forms that use system_settings_form(). Users enter the values click "Save configuration" and the data is stored in the database.

If you prefer to manage your configuration via the command line and know the variable you wish to set you can use drush vset. This does exactly the same thing as admin form, without needing to click on a mouse.

$conf Array

While the variables table is great at storing our variables, there are times when you want to enforce a setting. This might be because you want to prevent users from changing it (accidentally or otherwise) or because you need it to be different in each environment. The $conf array in settings.php always overrides any values in the variable table.

Acquia, Pantheon and all provide environment variables so you can use different values in your $conf array depending on the environment.

Exporting Variables

In Drupal 7, the common way to export your variables is by using Strongarm with Features. I'm not going to cover how to do this as there is loads of documentation already available on this topic.

If your variable changes on a per environment basis or if it calculated on the fly, then you won't want to use strongarm+features as the exported values are static. You will need to put them in settings.php.

Note to self: I should debug and reroll my patch for adding support in alter hooks strongarm.

My settings.php is Out of Control!

This is a common problem, especially on more complex sites. To avoid this I recommend creating sites/default/settings/settings.[env].php files. Your settings.php file should check for the environment in an environment variable and then include the appropriate settings.[env].php file.

What About Sensitive Data?

You can encrypt variables on a case by case basis using the encrypt module and some custom code similar to what I recently implemented in the Acquia SDK module (see on store and on read examples). Warning: This doesn't encrypt the data if you're using drush vset.

If you are storing sensitive data in your variables table I would recommend you implement hook_sql_sync_sanitize() which will delete the sensitive data from your db when drush sql-sanitize or drush sql-sync --sanitize are run.

How to Decide?

This little code snippet should help you decide.

<?php // Don't try using this code in your Drupal site. if (!using_version_control()) { // Seriously there is no point in doing this without version control. abandon_all_hope(); drupal_exit(); } if (is_data_sensitive($var)) { $var = encrypt_var($var); if (!we_use_drush_based_workflows()) { learn_and_implement_drush_based_workflows(); // I'm serious! } } implement_hook_sql_sync_sanitize($var); } if (is_unique_per_environment($var)) { store_conf_array($var); } else { store_in_db($var); if (!we_use_features_based_workflow()) { learn_and_implement_features_based_worflows(); // I'm serious! } export_using_strongarm($var); }

Leon Brooks

Mon, 2015-04-13 19:27
Would a book entitled “I married a Psychopath” or the like sell well?

One of the risks here for even a strong Empath is that there are no “red flags” in the differences between feelings and expression of them (body-language etc), for the very simple reason that there are no feelings, so there are no differences to sense.

It must be a lonely, empty life for someone who consists only of an empty bubble of Ego. Yet they are the only person who could change that. It begins with genuine humility (which has nothing to do with acting humble). They need to think nothing of themselves.

This may not sound so difficult until you understand that they think everything of themselves, full time. Religion (including Atheism) is not possible for them, as the only person they worship is themselves.

Sridhar Dhanapalan: Twitter posts: 2015-04-06 to 2015-04-12

Mon, 2015-04-13 00:27

Tim Serong: Pigs and Bread

Sun, 2015-04-12 23:27

In farming related news, we have pigs again, and I’ve finally written up my bread recipe on our new blog at My random commentary about food and farming related matters will henceforth be posted there, while everything else I usually rattle on about at length will remain here.


Michael Still: One Tree and Painter

Sun, 2015-04-12 17:28
Paul and I set off to see two trigs today. One Tree is on the ACT border and is part of the centenary trail. Painter is a suburban trig in Belconnen. Much fun was had, I hope I didn't make Paul too late for the wedding he had to go to.


Interactive map for this route.

Interactive map for this route.

Tags for this post: blog pictures 20150412-one_tree_painter photo canberra bushwalk trig_point

Related posts: Goodwin trig; Big Monks; Narrabundah trig and 16 geocaches; Cooleman and Arawang Trigs; A walk around Mount Stranger; Forster trig