Plaintext
ROBOTS LIBREOFFICE ATOM + MUCH MORE!
TWEAK
THE
KERNEL
PLAY
RETRO
SUMMER
GAMES
FOR THE
*
GENERATE
SPEECH
FROM IRC Get stuck into a bunch of Linux
and Free Software projects WRITE
INTERACTIVE
*Or winter for our antipodean friends.
PRIVACY ON ANDROID Stop your FICTION
mobile phone spying on you
OPEN DATA Government data belongs HACK 116 PAGES OF AWESOME
to the people – so use it! YOUR ALARM
RASPBERRY PI Craft a physical interface
SYSTEM
out of card and sticky-back plastic
S eptember 2015 £5.99 Printe d in the UK
GOOGLE’S GURUS EYE CANDY MOBILE LINUX
Summer of Code Desktop Ubuntu Phone
How Google is Build your The device
spreading the own bespoke that’s putting
love of code, one desktop Linux in a
project at a time environment million pockets
�� WELCOME
Flux and mutability
The September issue
Linux Voice is different.
Linux Voice is special.
Here’s why… GRAHAM MORRISON
A free software advocate
At the end of each financial and writer since the late
1
year we’ll give 50% of our 1990s, Graham is a lapsed
profits to a selection of KDE contributor and author
organisations that support free of the Meeq MIDI step
software, decided by a vote among sequencer.
our readers (that’s you).
W SUBSCRIBE
hat’s the best thing about Linux and open source? For
No later than nine months me, it’s the limitless possibilities. As soon as you finish
2
after first publication, we will
relicense all of our content under
one project, you can’t help but start thinking of ways to
make it better, or start something new. It’s like a MythTV box I spent
ON PAGE 64
the Creative Commons CC-BY-SA years configuring and fine-tuning: I built an infrared beamer to
licence, so that old content can switch channels, customised the advertising removal and
still be useful, and can live on even squeezed the PC into an old pine sailor’s chest hidden beneath the
after the magazine has come off television. But when I’d finally sit down to watch something, I’d find
the shelves. myself creeping towards the remote keyboard, wanting to make a
few changes and tweak a few settings.
We’re a small company, so To be completely honest, messing around with the configuration
3
we don’t have a board of was more fun than watching whatever I’d recorded. And it’s the
directors or a bunch of same with Linux today. The only difference is that I’ve learnt to
shareholders in the City of London embrace this as one of Linux’s great strengths. It will always keep
to keep happy. The only people evolving and changing, so we’ll never get bored. There will always
that matter to us are the readers. be something new to learn, or something new to try.
I wouldn’t want it any other way.
THE LINUX VOICE TEAM Graham Morrison
Editor Graham Morrison Editor, Linux Voice
graham@linuxvoice.com
Deputy editor Andrew Gregory
What’s hot in LV#018
andrew@linuxvoice.com
Technical editor Ben Everard
ben@linuxvoice.com
Editor at large Mike Saunders
mike@linuxvoice.com
Games editor Michel Loubet-Jambert
michel@linuxvoice.com
Creative director Stacey Black
stacey@linuxvoice.com
Malign puppetmaster Nick Veitch
nick@linuxvoice.com
Editorial contributors:
Mark Crutch, Marco Fioretti, Josette
Garcia, Juliet Kemp, Vincent Mealing, ANDREW GREGORY BEN EVERARD MIKE SAUNDERS
Simon Phipps, Les Pounder, Mayank “I can’t believe cheap commodity “Mayank’s excellent guide to “Google sometimes get a bad rap,
Sharma, Valentine Sinitsyn. hardware allows us to build and locking down your Android but its Summer of Code is a
program our own robots. But you devices is a timely reminder that brilliant example of something it’s
can, and we’ve done it.” p96 we still have control.” p30 done right.” p44
www.linuxvoice.com 3
� CONTENTS
September LV018
Our doubts are traitors, and make us lose the good we oft might win…
20 REGULARS
SUBSCRIBE News
06
ON PAGE 64 DuckDuckGo is doing well –
maybe people don’t like being
spied on?
08 Distrohopper
Time to try your new
favourite Linux distro (for the
next month, at least).
10 Gaming
We play the hell ut of the
latest RPGs, shooters and, er,
tabletop simulators.
12 Speak your brains
Vent your spleen, share your
opinions, let us know what
you’re thinking.
Hack your life better with five LV on tour
super summer projects. 16
Adventures in PosgreSQL in
London, and DjangoCon Europe
in the ‘Diff.
38 Open data
The data collected by
44 governments belongs to us
– so let’s use it!
58 Group test
Six of the best server
Google Summer distributions, for email,
websites and anything else
of Code 64
that needs to just work.
Subscribe!
Save money, get Linux Voice
The humans behind delivered to your door, and
get access to every singe one
Google’s biggest of our back issues.
philanthropic effort 66 Core technologies
Under Doctor Sinitsyn’s
microsocope today: Linux
processes.
70 FOSSpicks
The free-est, freshest
software on the internet,
corralled into six pages of
pure excellence.
110 Masterclass
Transfer files with WebDAV
and supercharge your web
30
ANDROID PRIVACY 34
BUILD A DESKTOP 42
FAQ: FIDO U2F server – also with WebDAV.
Your smartphone Craft a custom Encrypt Clever old WebDAV!
leaks information like environment that communications 114 My Linux desktop
a sieve to any and all. reflects your needs more securely than a Gaming editor’s Michel
Loubet-Jambert’s den of geek.
Sort it out and keep (and learn a little double Irish Dutch
your privacy. about Linux). sandwich.
4 www.linuxvoice.com
�TUTORIALS REVIEWS
78 80
Meizu MX4 Ubuntu Edition
FreeOTP: Easy two- Astroplay: Build a
50
Ubuntu’s march to glory
factor SSH logins physical interface continues with newer, bigger,
better phone aimed at the
Keep your sites safer than they Control your Pi with cardboard masses of the world.
would be with a password alone. and glue, Blue Peter-style.
84 88
52 Atom 1.0
Text editing has never looked
so good, with themable CSS to
Write macros for Nginx: serve pages prettify your code.
LibreOffice faster and simpler 53 Yubikey Edge
Automate tedious tasks and Try a web server that – Cheap, easy two-factor
spend more time chillaxing. amazingly – isn’t Apache! authentication to make the
internet a safer place to be.
92 96
54 NetBSD 7
The operating system that runs
on just about anything gets a
shiny new release.
55 Linux Mint 17.2
The love-in between us and
Linux Mint continues. It’s great,
and it’s available right now.
Drupal: Configure Arduino: Make a
Books We’re going futuristic
a custom CMS walking computer
56
(unfortunately DRM-crippled)
Many users and lots of content One small step for a robot, one e-reader. Bah, future!
requires Drupal. giant leap for programming.
100 Old Code: C and 104 Code Ninja: 106 Batch: Platform
the birth of Unix Objects independence
Learn the language Object-orient Code for Linux
of the Linux kernel. your world. and Windows.
www.linuxvoice.com 5
� ANALYSIS
NEWSANALYSIS
The Linux Voice view on what’s going on in the world of Free Software.
Opinion
Think of the children! Again!
The Snoopers’ Charter rises from the grave to stalk our internet.
Simon Phipps “In extremis, it has been possible to read concrete target for their hacking attempts
is ex-president of the someone’s letter, to listen to someone’s call, that, if reached, enables huge damage to
Open Source Initiative
to listen in on mobile communications.The be imposed on the country. Since use of
and a board member
of the Open Rights question remains: are we going to allow a the exploits would be secret by design,
Group and of Open means of communications where it simply these criminals could well go undetected
Source for America. is not possible to do that? My answer to that for a significant length of time.
question is: no, we must not.” Third, it means controlling the import and
export of computing systems and the
If you’ve done nothing wrong… software they use. Customs officers will
That’s magic thinking, and it’s black magic need to impound any computing
T
echno-authoritarianism continues to boot. Here are the four horsemen of equipment – including phones, games,
apace in the UK, with the steady Cameron’s digital apocalypse. USB keys, banking keypads and so on
progress of a reborn Snoopers’ First, to achieve Cameron’s dream means – that is not reliably certified as being
Charter threatening to make silent snooping an end to general-purpose computing. All broken by design so that the user cannot
on every electronic exchange the norm for the time you are free to install an control it. If that doesn’t happen, crypto
the security services. All the usual excuses operating system of your own choosing, dongles of all kinds can simply be added
are in play, including think-of-the-children or to install software that you alone into otherwise “secure” systems.
and the-terrorists-will-win. control, you’re also free to install the Fourth, it means imposing controls on
I wrote previously about the sort of means to encrypt and decrypt securely. foreign service providers, or banning the
magical thinking that demands internet That’s because strong cryptography is use of their services. That would mean
filtering be imposed so that children can’t purely algorithmic, so any Turing-complete introducing a Great British Firewall so that
read porn and extremists can’t post terror system can be used to implement it. those unwilling to have their services
videos. That magical thinking asserts the Banning strong crypto would involve compromised could be eliminated. It
objective is obviously good, so it must be banning the sale and use of computers would also mean tolerating similar
possible to attain. The fact that it’s simply that the end-user is free to program. interference by other governments in the
impossible to automatically block Second, it means implementing affairs of British businesses.
subjectively-defined content – even intentional weaknesses in any system
assuming blocking is possible – is at best that uses cryptography. That includes key … you have nothing to hide
glossed-over and at worst ignored. Magical escrow arrangements, defective security Watching for and exposing magical thinking
thinking involves either technological algorithms and secret software. In turn, is important at the best of times as it’s one
ignorance, or a poor grasp of probability, or that means preventing international of the most common failures in modern
an arrogant disregard for the rights of the collaboration around software, including discourse. But this particular madness
majority. Or maybe all three. open source, as otherwise the defects will needs facing down and challenging by every
The same class of magical thinking is get fixed somewhere outside the UK’s technically-aware citizen. Allowing political
very much in evidence when politicians call jurisdiction. It also means that the expediency to sacrifice the foundations of
for bans on encryption. Except that in this intentional weaknesses can be exploited privacy in exchange for an unreachable and
circumstance, it’s much more dangerous by others. If key length is limited, or there false security would be a tragedy.
for everyone. British Prime Minister David are intentional back-doors, or there’s a Another revealing quote from David
Cameron said: secure store of keys, criminals have a Cameron this year was the chilling: “For
too long, we have been a passively tolerant
society, saying to our citizens: as long as you
“To achieve Cameron’s dream means an end to obey the law, we will leave you alone.” Even
general-purpose computing.” if you obey the law, these measures will
interfere massively with your life. Folly.
6 www.linuxvoice.com
� ANALYSIS
Containers • DuckDuckGo • Ubuntu Phone • Kernel • CrossOver
CATCHUP Summarised: the biggest news
stories from the last month
Software containers Linux Foundation gives DuckDuckGo reaches 10
1 get standardised 2 cash to security efforts 3 million daily queries
Every man and his dog is Hoping to avoid another Privacy-centric search engine
getting on the container bandwagon, Heartbleed or Shellshock, The DuckDuckGo has now reached 10
and it’s more than just a fad. Containers Linux Foundation has announced million searches per day. It’s still a long
make it easy to ship software and $500,000 in funding for three projects way behind Google, but catching up.
dependencies in a neat encapsulated “to better support critical security www.duckduckgo.com
form, that (ideally!) will work in exactly elements of today’s global information
the same way on your home computer infrastructure”. More specifically, the
or on a massive cloud provider. Now cash will go to projects performing
Docker, CoreOS, Intel, IBM, Red Hat, automated testing, reproducible builds
Microsoft, VMware and other big (to confirm that a binary package
names have come together to make a matches the source code from which it
single standard for containers. was compiled), and fuzzing (seeing how
www.opencontainers.org software handles random data).
CrossOver to get support Kernel 4.1 released Apple open sources Swift
4 for DirectX 11 5 Version 4.1 of the Linux kernel 6 programming language
Linux is turning into an arrived at the end of June, and Whether the world needs yet
excellent gaming platform thanks to brought a boatload of improvements another programming language is open
Steam, but there are still some triple-A across the codebase. Users of laptops to debate, but Apple is pushing Swift
titles that only run on Windows. with Intel chips can expect improved as the future for iOS and Mac OS X
CodeWeavers has announced that an performance and battery life, while ACPI development. Its syntax is “concise yet
upcoming version of CrossOver, its has been added for 64-bit ARM devices. expressive” and promises apps that are
Wine-based software that lets many One of the biggest new features is “lightning fast”. In any case, Apple has
Windows programs run on Linux and filesystem-level encryptions support for announced that Swift 2.0 will be open
Mac OS X, will have support for DirectX EXT4, as developed by Google for source, and the company has said that
11. This will expand the range of Android. This will not only encrypt data it will contribute a port to Linux. Version
(especially newer) games that can run on the drive, but also filenames for extra 2.0 of the language introduces new
on our favourite platform. security. Expect kernel 4.1 in the next error handling and other features.
www.codeweavers.com round of distro releases. https://developer.apple.com/swift
New Ubuntu phone, the Google gets flak for
7 Meizu MX4, goes on sale 8 “hotword” binary blob
In the market for a new If you’re running Chromium,
smartphone? Don’t want the walled the open source version of Google’s
garden of Apple’s iOS or the lousy Chrome browser, you might think that
permissions system of Android? It your privacy is well guarded. But one
might be worth considering the Meizu Debian developer found that Chromium
MX4 Ubuntu Edition, a €299 device 43 was downloading a binary blob
with an octo-core CPU, 2GB RAM and that enabled the “OK Google” speech
16GB of onboard storage. It’s equipped recognition facility – without notifying
with a 1920x1152 5.3” screen and a 20 users. This was clearly a concern
megapixel rear-facing camera. Oh, and for many in the Linux and FOSS
it’s only 8.9mm thick and weighs 147g. community, and Google responded
Not bad going for the price. saying that Chromium is not a Google
http://tinyurl.com/nu9f7hp product but changes will be made.
www.linuxvoice.com 7
� DISTROHOPPER
DISTROHOPPER
What’s hot and happening in the world of Linux distros (and BSD!).
Mageia 5
All glory to this Mandriva fork.
W
e have fond memories of
Mandriva (formerly Mandrake
Linux), the newbie-friendly
desktop distro that brought many users into
the Linux fold. Unfortunately, the company
behind it was plagued by financial troubles
and eventually went bust, but we still have
much of the distro’s technology and features
in the form of two forks: Mageia and
OpenMandriva. The former has now issued
a new major release, Mageia 5, after more
than a year of development.
The biggest change here is UEFI support.
Many PCs and laptops built in the last few
years are supplied with UEFI instead of a
traditional BIOS to start up the computer,
and now you can install Mageia on these
boxes (albeit without secure boot).
The other great area of improvement is Mageia 5 eschews the fancy new KDE 5 in favour of the tried-and-tested 4.14 release.
Mageia 5’s configuration tools. This release
brings a preview of ManaTools, a collection ManaTools is designed to fit in with GTK, Qt goes well, we may see ManaTools as the
of utilities for managing the system – eg and Ncurses interfaces. Or if you’re SSHed default configuration suite in the next
starting and stopping services, updating into a Mageia box to do some admin work release of the distro. In any case, Mageia 5 is
packages, setting up a firewall and so forth. on it, you can use the text-mode option. If all a solid release – well done to all involved.
Devuan Alpha 2
Marching on for init freedom.
W
e must admit, we were sceptical explaining how to pronounce the distro. A
about Devuan at the beginning. more solid long-term plan has been put into
This distro got off to a bumpy place, and most importantly, you can
start, created as a reaction to Debian’s download the distro and try it out. As of the
switch to Systemd. A bunch of “veteran Unix Alpha 2 release, this is a netboot ISO: it Devuan has come a long way in the last couple
admins” decided to make a fork of the starts up Devuan, launches the installer of months – you can even install it now!
Debian that wouldn’t mandate Systemd. The (also taken from Debian), and retrieves
name left a lot to be desired, the website packages over the network. the complete removal of Systemd. Whether
was hastily thrown together, and there It’s still early days and a lot needs to be Devuan will become a fully-fledged Debian
appeared to be no concrete plan in place. done. Devuan still forces you to install fork or just fade into obscurity remains to be
Several months down the line, though, Systemd, but it’s not active – it’s merely there seen, but we’ll give credit to the team for
and things are looking a lot more because of its interdependency with udev. actually making something usable rather
respectable. The website (www.devuan.org) However, the Devuan team is working on an than just flaming Lennart Poettering (the
has been tidied up and includes an audio file alternative called vdev, which should allow creator of Systemd) on IRC.
8 www.linuxvoice.com
� DISTROHOPPER
News from the *BSD camps
What’s going on in the world of FreeBSD, NetBSD and OpenBSD.
M
any of us in the Linux and *BSD
camps spent a lot of time with
the Amiga range of computers in
the late 80s and early 90s. One of the most
notable Amiga developers was Matt Dillon,
who created the Dice C compiler among
other software. More recently, Dillon has
been working on DragonFly BSD
(www.dragonflybsd.org), a fork of FreeBSD
4.8, which has been in development for the
last decade. Dillon decided to create his own
BSD flavour after disagreements over the
direction of FreeBSD, and especially the
design decisions taken in FreeBSD 5.
One of DragonFly BSD’s most notable
features is its 64-bit B-tree-based Hammer DragonFly is a much smaller project than FreeBSD, but has plenty of its own innovations.
filesystem. This boasts snapshots,
configurable history retention and DragonFly BSD 4.2 was released at the Other changes include improved support
checksums to handle data corruption. It also end of June 2015, and brings a bunch of for Radeon and i915 graphics chips, while
supports data block deduplication – so major changes. Most notably, GCC 5 is now Sendmail has been replaced by DMA, the
chunks of data that are identical across the standard system compiler, which DragonFly Mail Agent. This isn’t a complete
multiple files are only stored once. A port of improves C++ support and therefore enables mail transfer agent, but is merely designed
Hammer to Linux is in the works, but more packages to be built on the OS. As for delivering mail locally – like cron job
currently it’s read-only, and the filesystem with FreeBSD, it’s possible to build Dragonfly reports to root. DragonFly 4.2 is available as
hasn’t been taken up by the other *BSD BSD using LLVM/Clang, although there’s no a compressed ISO or USB key image,
flavours yet. short-term plan to move to this compiler. weighing in at just over 200MB.
Alternative OS news
We’ve been keeping tabs on ReactOS (www.reactos.org), the open
source Windows clone, for many years now. It’s still a long way from
being ready for widespread production use, and there are questions
about how much Microsoft would be willing to tolerate it if it became
a major commercial success, but the project is making steady
progress. It’s capable of running many Windows programs and
hardware support is growing by the day.
But some big changes could be coming – and from Russia. The
government in Moscow is looking at alternatives to proprietary and
predominantly American software, especially as tensions rise with
the West. It makes a lot of sense, even if we all become good friends
again one day; after all, who knows what backdoors are in Windows
and Mac OS X? Governments want to feel secure with their data, and
while open source is not a silver bullet, it certainly helps.
Consequently, ReactOS has been selected by the IT ministry to
receive further support. Whether this will be direct financial support
or code submissions from government-employed developers remains
to be seen, but it’s great news for the project nevertheless.
Even if ReactOS will inevitably always lag behind recent versions
of Windows in terms of compatibility, there are huge companies
running legacy applications that could save vast sums of money by
switching to ReactOS, rather than staying on the Windows upgrade
treadmill. Give the OS a go by downloading the live CD ISO from the
website and booting it in VirtualBox or Qemu.
ReactOS is still only at version 0.3.17, but can
run a bunch of older Windows programs.
www.linuxvoice.com 9
� GAMING ON LINUX
GAMING ON LINUX
The tastiest brain candy to relax those tired neurons
ORIGINAL CONTROL
Massive Chalice
A very promising XCOM-esque strategy game that unfortunately falls short.
I
t’s incredibly frustrating when a game looks
so great on paper but then fails to deliver
certain elements. Massive Chalice is a
strategy and crisis management game inspired
by the XCOM series, with many new and
innovative mechanics thrown in; it sounds
absolutely fantastic, yet fails to deliver the
Michel Loubet-Jambert is our Games
Editor. He hasn’t had a decent night’s immersion other such games are famed for.
sleep since Steam came out on Linux. The combat and mechanics are well
executed, with a satisfying array of classes There’s a good selection of classes with innovative
P
re-orders for the much and an excellent breeding system allowing the mechanics to hone their skills.
anticipated Steam Machines, positive traits of heroes from great houses to
Steam Controllers and the
be passed on to future generations. The flaws prime example here are the houses, of which
Steam Link streaming devices began
in June, with early customers having are instead found within the storytelling and there are hundreds designed by the game’s
the ability to get these goodies on 16 narrative aspects of the game. The game gives backers, rather than a handful of well crafted
October, nearly a whole month before no real reason to care about the world and its ones with good backstories and detailed designs
the official release date. Though inhabitants or dislike the invaders since not very which could provide more immersion.
there is no information available on
much is really said about any of them. Massive Chalice is a cautious recommend,
just how many of these were put up
for sale, we do know that within four What is also apparent here is that and while the game is both fun and challenging,
days over 33% of them had been sold crowdfunding games can be a double edged it won’t leave you on the edge of your seat and
and over 80% had been sold by the sword. It does mean that such games get to be biting your fingernails like other strategy games.
end of the summer sale on 22 June made, but the need to reward its backers creates
– just 18 days after pre-orders were Website http://store.steampowered.com/
clutter in the form of needless artefacts which
announced. app/246110 Price £14.99
The Steam Machines were limited detract from the experience of other players. The
to just the Alienware and Syber
models, starting at $449 and $499
respectively (international pricing is The art looks great, but does little
not yet available), while the Steam to make the world immersive.
Controller and Steam Link were put
on sale at $49.99 (£49.99 in the UK),
the former being priced in the same
range as next-gen controllers. The
release date for the Linux-powered
consoles has been set for 10
November – also the release date for
Fallout 4, which has shown no signs
whatsoever of getting a Linux release
other than sharing this date.
The success of the pre-orders
certainly seems to be an indicator
that the Linux-powered Steam
Machines are already a hit among
existing PC gamers, which is good
news for Linux gaming all round.
However, a few niggling questions do
remain, such as how many people will
buy the hardware and then go on to
install Windows on it, and how will it
“Massive Chalice is a strategy and crisis management
fare among console gamers? game inspired by the XCOM series.”
10 www.linuxvoice.com
� GAMING ON LINUX
The Perils of Man ALSO RELEASED…
An aesthetically pleasing point-and-click game featuring time travel!
P
oint-and-click adventure games smoothly. Similarly, the puzzles are
are played for two reasons; an logical and well designed, pacing the plot
overwhelming desire to craft well and aren’t just there to pad out the
ridiculous contraptions out of unrelated completion time.
objects and to experience a good, While the game isn’t quite on par with
character-driven story without all the other Linux adventure games like Deponia
needless distractions found in more or Book of Unwritten Tales, its low price,
modern game designs. Fortunately, The charming visual presentation and The Masterplan
Perils of Man hits the mark with both. likeable female protagonist make this a This well presented top-down tactical heist
The story in this game is very well worthy addition to the libraries of point- game pulls off an immersive atmosphere in its
done, and while including time travel in and-click fans. 1970s setting. The lack of multiplayer does
stories can often be messy, leading to seem like a strange omission, though the
single-player campaign does provide many
deus ex machina or a jumbled plotline, this Website http://store.steampowered.com/
hours of gameplay. Its hand-drawn graphics
app/347710 Price £6.99
game handles it well and moves forward are also a welcome change from the pixel
graphics found in similar indie games.
http://store.steampowered.com/app/313080
While puzzles and plot are very Nightsky
well done, the outstanding visuals Nightsky is a nice little ambient puzzle-
outshine them. platformer that conveys a peaceful feeling of
solitude through its rather attractive artwork.
Its use of clever physics-based puzzles and
minimalistic silhouette visuals are worthy of
Tabletop Simulator praise and the game should please casual
gamers as well as other players looking to
relax a bit and play something a bit more
Flip tables when you lose, but without all the broken furniture. soothing… or who simply want to play a game
T
as a glass ball.
he “Simulator” suffix has become http://store.steampowered.com/app/99700
synonymous with the tonnes of
games designed to gather the
attention of online celebrities rather than
provide good gameplay, but Tabletop
Simulator is far from that. The developers
have managed to create the de facto game
of choice for gamers looking to play an
assortment of different tabletop games on Thanks to mods, the game can now transport
the PC and online against other players. players back to the year 1999.
Games ranging from checkers and Audiosurf 2
chess to poker and blackjack are featured almost endless, with users having made This music visualisation game enables you to
“ride your music” by importing your favourite
and the sandbox nature of the game also expansions ranging from Warhammer to tracks and navigating a vehicle through its
means that there are no limits in terms Risk. One user has even created a nice notes. Though it might look as if it’s only
of rules or physical pieces. Ever wanted little Tux figurine, so maybe there’s a battle designed for bassier music, it handled anything
to build a tower of cards or domino show of the FOSS mascots game on the way? we threw at it with ease; from Tchaikovsky to
but wish you could rewind time if it all What is clear is that we’ve seen only the Joy Division. The selection of courses and
game modes, as well as the ability to import
goes horribly wrong? You can do that in beginning of this highly versatile game. other players’ music, make the possibilities
Tabletop Simulator, along with much more. almost endless.
The ever-growing list of user-made Website http://store.steampowered.com/ http://store.steampowered.com/app/235800
app/286160/ Price £14.99
mods also means that the possibilities are
www.linuxvoice.com 11
� MAIL
YOUR LETTERS
Got something to say? An idea for a new magazine feature?
Or a great discovery? Email us: letters@linuxvoice.com
LINUX VOICE STAR LETTER
BUGFIXES
Please could you explain the
rationale behind Linux bugfixes?
Lots of bug reports seem to
be ignored by distribution
developers. Some may be
duplicates, some because
they are “upstream” while
other distros seem to have
fixed them. For example, I
really started getting into Linux
with Fedora and Ubuntu 8.04
(at around the same time) –
Fedora would stop presenting
its hostname on Wi-Fi after a
reboot but Ubuntu would keep
it as expected. There currently
seems to be a problem with
software RAID whereby arrays
where a virtual disk has been
removed to simulate hardware
failure hang during boot when
a new virtual disk is introduced.
In testing with VirtualBox this
seems to affect the latest
versions of Debian, OpenSUSE,
and Ubuntu 14.04.2 LTS, but not
VirtualBox has
Fedora 22 or CentOS 7, although to be expected with physical Distributions should work on virtual
improved enormously
Fedora includes software RAID hardware and are such issues machines, so even if an issue is only in recent years, but if
management tools (mdadm) in worth reporting unless tested on a present on a virtual machine, it’s you’re reporting bugs,
its emergency console, whereas real system? still a valid bug that should be fixed, they should rally be
CentOS , as far as I can see, Gareth Thomas especially for server distributions that reproducible on real
doesn’t. I’m not sure if this is a face out onto the internet. hardware.
kernel or a mdadm bug that the Ben says: Every project has its own If the problem appears to be
Fedora and CentOS developers procedure for dealing with bugs, so systemic, then you should report it
have fixed, or whether it’s just there isn’t a single answer to your through the distro. Even if it transpires
that the implementations in question. With hardware issues, it’s that the problem is ultimately with an
other distros are buggy. Please further complicated by the fact that upstream package, it’s still a bug that
could you explain the best way different distros use slightly different the distro needs to know about.
to test and report problems version of the Linux Kernel. The exact Ultimately, the best advice here is
like that? Is behaviour on differences will vary from distro to to read the bug reporting docs for the
VirtualBox/KVM likely to be a distro and reflect what the distro distro, and don’t be afraid to submit
good indicator of behaviour maintainers think is important. bug reports.
12 www.linuxvoice.com
� MAIL
NOT FIT FOR PURPOSE
I just purchased a new HP desktop but after removing the disk and Andrew says: Don’t ascribe to malice
and put my Ubuntu DVD in the rebooting my machine was a that which may be incompetence.
drive and rebooted looking to try paperweight. Thankfully I had In other words, I’m sure there are
Ubuntu live on my new machine. the foresight to create a set of people at Microsoft who are delighted
I entered the BIOS (UEFI) and system restore disks and could that the company has made it more
put the CD drive at the top of the restore it to factory settings. I am difficult to install Linux, but it’s more
list for booting and disabled fast not sure whether to dual boot or likely that the people who made the
boot but still it would not boot. replace but I intend to back up my decisions just didn’t think about their
When I went back and looked at system and seek assistance. I feel customers’ needs. It could be an idea
the boot order the CD drive was (correctly or incorrectly) this is to talk to someone at HP and let them
not even listed, although I did see another Windows effort to make it know how commercially dissatisfied
Windows Boot Manager, which I so hard to use alternate systems you are with the decision to load
am not familiar with. I then had that people stick with Windows Windows on their products. But before
Avoid the Windows
the idea to just get rid of Windows and fear Windows 10 will be the fandango by buying that, check that you’re saving the
8.1 and replace it with Ubuntu worst. Any help sure would be with Linux pre-installed, updated settings in the BIOS, probably
15.04. With a little messing around appreciated! from a vendor such as with F10 after you’ve changed the
it seemed to install correctly Steve Cox PC Specialist. boot order.
www.linuxvoice.com 13
� MAIL
SHORT AND SWEET PARTY ON!
Watch the computer error song As creators and guardians of the
on YouTube. global immune system we all need
www.youtube.com/watch?v= for planet survival, please keep
mKkLjJHwRec&feature=youtu guiding our thinking about the
be_gdata_player maker revolution and how it can
Steve Bez best influence say media, health
and infrastructure for the next five
Andrew says: I’ve been re-reading decades.
Graham Greene lately and thought You in open source and the
that this might have been an musicians in virality hold the
important message, hidden in an keys: poetry is all. Joy in neat
innocuous-looking YouTube video by code, elation in symmetry and
our man in Havana. Unfortunately syntax, leverage from rhythm and
it’s just a waste of time. Thanks for syncopation. Feynman found as
thinking of us though! much joy in bongo drumming as
in quantum physics; The Cathedral
Even when played by
and the Bazaar riffs with the best people is that they tend to have some
a great physicist such
TUX: TIME UP? economic thought precisely
because we and the author had
intellectual hinterland that informs
everything else they do, probably
as Richard Feynman,
the bongos are an
I’ve been using Linux since the tasted hubris from his code because the software is a means abomination.
days of text installers, and it’s spreading. to an end rather than an end itself.
been great to see the whole open Published or no, this is my I always feel a bit odd talking to
source software ecosystem humble appreciation of what you people who have only one obsession;
mature and get better every year. do. Please just keep aiming high Free Software, contrary to common
One thing continues to frustrate enough. perceptions, tends to produce (or
me: Tux. I love the idea of having May your tribes increase, attract) pretty rounded minds with
a penguin as a mascot, but why Anon as much interest in classical music,
does he have to be overweight sculpture, history or anything else in
and sitting on his bum? I don’t Andrew says: Well, quite. One of the addition to computing. We’re pretty
wish to denigrate anyone’s choice best things about Free Software awesome.
of lifestyle, but if we’re to offer
Linux as a fast, efficient system,
shouldn’t we have a mascot that
represents this?
FREEDOM
David I don’t read magazines. Having
never read them, I just don’t go
Andrew says: Tux is a cuddly bundle into newsagents, so don’t know
of open source love, but he’s also a much about them. It seems a little
little long in the tooth now. Perhaps odd, then, that I’m writing to a
it is time for something new. We’ll magazine’s letters’ page.
open this up to the community. What I only found out about Linux
do you think, dear readers, about our Voice a couple of months ago
portly penguin? when I saw a link to an older issue
posted on line. Since it was free, I
thought I’d give it a go. It turns out
that I really like having a monthly
dose of all things Linux. To cut
a long story short, I’m now a
Apparently, believing
subscriber. Keep up the good work! content, you reach more potential
in your content is a
Julie customers. We’re not sure why so few revolutionary act.
media companies realise this, or why
Andrew says: To us, it seems obvious mainstream media companies put
that releasing older issues for free so many restrictions on customers
(both as in speech and as in beer) is a through DRM and the like. Anyway,
Tux is beloved by many, but he’s also good thing, not just from a moral point that’s a rant for another day. We’re
a product of a different century. of view, but from a business point of glad you like it, and we will indeed
view. By exposing more people to your keep it up!
14
� MAIL
Email andrew@linuxvoice.com to advertise here
www.linuxvoice.com 15
� LUGS ON TOUR
LUGS ON TOUR
DjangoCon 2015
Josette Garcia reports on what’s new in Python or how to enjoy a bunch of friends.
F
rom 31 May to 5 June, to the programmer, discussed
Cardiff hosted DjangoCon how to spot them and told a story
Europe, six days of talks, about ModelForms.
tutorials and code. The talks The net is dark and full of terrors
were held in City Hall and other by James Bennett.James told
events were distributed in Cardiff tales of the unexpected, and
University’s main building and Bute described some alarming things
Building. that the Django team have
I got the train to Cardiff Central learned about security in the
and the reputation of Cardiff proved process over the past 10 years.
to be right: it was raining very hard
and very windy. My umbrella stayed The conference dinner took place
up for 10 seconds. The University in the National Museum of Wales –
of Wales is approximately 20 a great venue, and great food if you
minutes’ walk from the station via enjoy lamb (which, sadly, I do not
the famous Cardiff castle. Did you – except if it’s in a kebab!). Lamb is
know that Wales is said to contain the meat traditionally associated
more castles per square mile than with Welsh cooking owing to the
any other country in the world? amount of sheep farming in the
The event attracted some great country.
sponsors such as Divio, Opbeat,
Maykin, FanDuel, Pluralsight, Django welcomes you
PyCharm, Pusher, 2ndQuadrant, What I liked most about this
Reckon Digital and more. With so conference was the care that was
many sponsors, the attendees took given to the attendees. As we
home a very interesting goodie bag all know, the techie community
which also included a print from the is largely comprised of middle-
Cardiff Print Workshop, who also class, white men with very little
designed the badges, stickers and representation for people of
the programmes. Inspired by the colour, women or people of/on low
work of the artists, we were asked income. DjangoCon made a lot of
to create our own artwork and send effort to redress this imbalance by:
a photo. There will be a prize for the Opening registration for tickets
one that is liked best. and proposals to members of
Around 400 people came from under-represented groups a
all over the world to listen to some month before general registration
fantastic talks. The keynotes were opening. Cardiff Print Workshop did fine work on the design front – far
exceptional: Offering financial aid to people on better than Comic Sans in Microsoft Word.
Baptiste’s adventures in a low income with the help of the
Djangoland by Baptiste Mispelon. Django Software Foundation’s grant committee.
He described how he tackled Offering diversity supporter
burnout by travelling around tickets.
Europe, eating Welsh cakes, “Around 400 people came from Setting up a day-long Django
all over the world to listen to
pierogi and stroopwafel. Girls workshop and offering them
Into the rabbit hole by Ola a number of reduced-priced
Sendeck.Ola warned of the some fantastic talks.” tickets for the duration of the
dangers that rabbit holes present conference.
16 www.linuxvoice.com
� LUGS ON TOUR
Aneurin Bevan, Bonnie
DjangoCon set the highest Induction loops for hearing original national emblem of Wales
Tyler, Hannibal Lecter,
standards for accessibility by Joe Calzaghe and aid users were provided and was the leek (cenhinen)? Over the
ensuring that: Brains beer are among simultaneous speech-to-text years this was often confused with
All venues were wheelchair Wales’ gifts to the world transcription was available. a very similar Welsh word cehhinen
accessible. – and now DjangoCon A crèche was provided. bedr, meaning “daffodils”, so the
People with visual impairment Europe. Has DjangoCon set the daffodil was adopted as the second
were looked after with assistive standards for future conferences? emblem of Wales.
technology and guide dogs were I cannot finish this article without Hwyl fawr am y tro!*
welcome. asking – did you know that the *Bye for now!
PGDay UK 2015
Josette Garcia looks forward/back to some top speakers at the PostgreSQL user conference.
T
he UK’s only dedicated PostgreSQL is growing, predicting According to Simon Riggs,
PostgreSQL user event has what the future will hold. Database “PGDay UK is the must-attend
announced an impressive technologist David Kennaway will event for PostgreSQL users,
line up of technology and database talk about how PostgreSQL is being developers, fans or even if you’re
software experts to inform and used at investment bank Goldman simply investigating the best open
educate delegates. Sachs, while 2ndQuadrant’s CTO source database for the first time.
PGDay takes place on 7 July Simon Riggs will be tackling Delegates will learn about features
at 30 Euston Square in London PostgreSQL Futures. added to version 9.4, projects
and is being organised by the UK Other topics covered include a under development and the future
PostgreSQL User Group. look the next version of PostgreSQL direction of the world’s most
Her Majesty’s government’s (9.5), the Axle project (Advanced advanced open source database.”
chief technology officer, Liam Analytics for Extremely Large For more information about
Maxwell, tops the bill, and will be European Databases), and backup PGDay UK 2015 please see www.
speaking about how awareness of and recovery. postgresqlusergroup.org.uk.
www.linuxvoice.com 17
�Linux Voice wants your ideas for tutorials, guides, how-tos and insights from
the hacker world. If you’ve found something you want to tell the world about,
let us know
What material is Linux Voice interested in?
Most of the time we’re more interested in what you can do with software X,
rather than singing the praises of software X itself. Clever software is good
but useful software is better. Proprietary software that works on Linux is
acceptable, but what we’re most interested in is Free Software.
What don’t you want?
We sometime get submissions that go like “I’ve been using Linux for X years;
can I write for you?”. This isn’t very helpful, to us, because what we want to
see is that you:
Have an idea
Can explain it clearly
If you can point us to examples of something you’ve written, please do
– we’re not looking for Shakespeare; we value clear communication and
enthusiasm above all else.
What do you want?
Tutorials. We want tutorials, of around 3,300 words in length usually. We pay
money! All tutorials should have a clearly stated aim, so readers know at
first glance why they should follow it. “Get started with XX software” doesn’t
tell you anything; “Build a weather tracker with Python” is much more active
and informative.
These are common reasons why we reject ideas:
Something which has been covered repeatedly on Linux Voice
and/or elsewhere
Material not obviously related to Free Software
Incoherent writing
Email ben@linuxvoice.com
to write for Linux Voice
� A PROGRAM IS
FREE SOFTWARE
IF THE PROGRAM’S USERS HAVE
THE FOUR ESSENTIAL FREEDOMS:
0) THE FREEDOM TO
RUN THE PROGRAM
AS YOU WISH, FOR
ANY PURPOSE.
1) THE FREEDOM TO STUDY HOW
CHANGE IT SO IT DOES YOUR
THE PROGRAM WORKS, AND
COMPUTING AS YOU WISH.
2) THE FREEDOM
3) THE FREEDOM TO
DISTRIBUTE COPIES
OF YOUR MODIFIED
TO REDISTRIBUTE
VERSIONS TO
COPIES SO YOU
OTHERS.
CAN HELP YOUR
NEIGHBOR.
�HACKS
SUMMER PROJECTS
SUMMER
FOR THE
Grab a glass of lemonade, take your laptop into the garden, and do some
very awesome (and hacky) things with Linux. Summer starts here!
W
ithout a doubt, GNU/Linux is the ultimate geekiest of Linux users do, but it’s actually a great way
plaything. Sure, it’s a serious OS and to customise your system and learn more about the
businesses around the world depend on it, core component of the OS.
but it’s also endlessly fascinating as a technical toy. Then we look at interactive fiction, and how to make
You can take it apart, (try to) put it back together, and your own adventure game. This is a lot easier than
see how it all works. You can study its code, recompile it sounds, thanks to the Inform 7 language, which
it, and share your modifications with the rest of the lets you create virtual worlds without lots of code.
world. Of all the things we like to tinker with – such as Following this we’ll be making an IRC bot that uses
electronics, cars, and speech synthesis to
model aircraft – Linux talk to you, and turning
has the most to keep us “Few hobbies offer such long- a Raspberry Pi into a
all busy for many years. term enjoyment as Linux, and very cool retro gaming
Even those of us who’ve machine. If you have a
been using Linux for best of all, it’s totally free!” Pi sitting around doing
decades still discover nothing, give it a go! And
new tips, tricks and secrets to explore, and we love lastly we delve into hacking your house alarm and
learning more. Few hobbies offer such long-term make use of the data that it gathers up throughout
enjoyment, and best of all, it’s totally free! the day.
So with summer starting, we decided to put As a final note, some of the projects in this feature,
together a compendium of fun (and quick) projects as with many of the articles in the magazine, are
that you can do on a sunny evening – or indeed, get based on suggestions from you, our readers. If
the kids to do during the holidays. Whether you’re up there’s anything you’d like us to cover in future issues,
for some gaming, some coding or some hardware just drop us a line and we’ll explore it in depth. Or
hacking, or just a bit of everything, there’s something if there’s something about which you’re especially
for you in the next nine pages. knowledgeable, and you’d like to explain it to other
We kick off with compiling your own kernel, a task Linux Voice readers, send us a pitch and we may ask
that may seem daunting and something that only the you to write it up for the magazine!
20 www.linuxvoice.com
� SUMMER PROJECTS
Recompile your kernel
Customise your system by rebuilding its very heart.
P
robably the geekiest thing you can do
with Linux is recompile the kernel.
These days, there’s rarely any need to
unless you’re hacking on the kernel code, but
the process will help you learn a little more
about what’s going on at the lowest level of
your Linux system. We’ll be going through
the process for Ubuntu-based distros, but
much of the process is similar for other
distros. The kernel build system is quite
powerful, and there are several different
ways of doing each task.
The first thing you need to decide is which
kernel to use. There’s the vanilla Linux kernel,
a long-term support version, and most major
distros maintain their own kernel trees as
well. If you’re grabbing the latest kernel to
access some new features, then the vanilla
kernel may be best. If you just want to have
a play around with the options, it may be
a better option to use your distro’s kernel.
Bear in mind that if you’re building a different
kernel version than the one you’re currently Kernel.org is the keeper of the true kernel, and offers supported versions going back to 2.6.32.
using, any proprietary drivers (such as
graphics card drivers) may stop working. You just created, you should find the file debian. Once you’ve made your changes, you
can grab the official Ubuntu version with: master/changelog. In here, you can change need to prepare the build with:
git clone git://kernel.ubuntu.com/ubuntu/ubuntu- the first line to add an identifier to the chmod a+x debian/scripts/*
<release name>.git version number. For example, we added chmod a+x debian/scripts/misc/*
Or the vanilla version from kernel.org with: -ben to create the line: fakeroot debian/rules clean
git clone git://git.kernel.org/pub/scm/linux/kernel/ linux (3.13.0-56.93-ben) trusty; urgency=low By default, your kernel will be built using the
git/torvalds/linux.git linux-git configuration your distro has selected.
Alternatively, you can browse “Recompiling your kernel will However, if you want to change this (or
www.kernel.org to find other versions. just take a look at the available options),
Once you’ve got the code, you can help you learn a little more you can run the following.
make any changes you want. The about what’s going on.” fakeroot debian/rules editconfigs
first thing to do is make sure you can At this point, everything is prepared,
easily identify the kernel you’ve built. so you can build your kernel. Be warned
Inside the directory that the git command This version number will appear on the though, this make take some time. Start the
kernel you build. build with:
fakeroot debian/rules binary-headers binary-generic
Kernel packages
Kernel patches This will create a series of Deb files in the
If you want to try out a different kernel, but don’t You don’t have to stick with the kernel directory above the build directory. In order
want to go through the hassle of compiling it you’ve downloaded: some people maintain to run your new kernel, you need to install all
yourself, you can install it from a package. Most extra features that can be added. These are of these with:
popular distros have a few different prebuilt
known as patch sets, and they’re changes to sudo dpkg -i linux*.deb
kernels available. For example, there are
versions of the vanilla Linux kernel packaged the source code that you can apply before When you restart, you should then get
for Ubuntu at https://wiki.ubuntu.com/Kernel/ you compile the code. To apply a patch set, the option to boot into your newly created
MainlineBuilds. You can also find details of unzip it into the root directory of the kernel kernel. Depending on the version of Ubuntu
Fedora packages at https://fedoraproject.org/ source and run: you’re using, this may either be in the
wiki/Kernel_Vanilla_Repositories.
patch -p1 < <patch-file> Grub screen, or there may be a menu for
If you’re keen to play with different versions
of the Linux Kernel, Arch is a good distro Unless you have very specific Advanced Options. You should be able to
to use, as the Arch User Repository (AUR) requirements, it’s unlikely that you’ll notice recognise your build from the text appended
contains several packages to automatically much difference in the performance when to the kernel number. If you have any
build different versions of the kernel almost using a different patch set, but it can make problems, you can use this to switch back to
automatically.
an interesting experiment. a previous version.
www.linuxvoice.com 21
� SUMMER PROJECTS
Interactive Fiction
Write the next great novel the geeky way.
T
he summer is the perfect time to
retire to a quiet place and write a
great story. Of course, a story
doesn’t have to be a linear and start at one
point, continuing in the same line until the
end. It can be more interactive, where the
reader makes choices that alter the final
outcome. This is interactive fiction. It blurs
the line between a story and a game, but we
don’t have to get bogged down in etymology:
we can just enjoy the process of writing and
consuming it.
There are many ways of writing interactive
fiction. You can use a regular programming
language, and some have libraries or
modules to help. For example, Python has
the tale module. However, we’re going to use
the Inform 7 language, which is designed
specifically for writing interactive fiction.
The two most important things to know
about Inform 7 is that it’s declarative
and that it’s natural language-like. Being
declarative means that you don’t write code
step-by-step as you do in most languages;
instead you describe what you want the The two-pane view in Inform 7 enables you to view the output and the code to perfect your work.
program to do, and let the compiler figure
out the details of how to implement it. The say “Congratulations. You have reached the
language is almost English, but Inform 7 The barren wasteland contains a sign. arbitrary end of our short adventure. Go forth and
can’t understand arbitrary sentences. They program more.”;
have to be in a format that it understands. A description of the sign is “Abandon all hope ye who end the story finally
Let’s take a look at what this means. head south, east be bad and should be avoided. The
“testIF” by “ben” wise should travel west and take protection.” All art is quite useless
To play, open Inform 7, create a new project,
LinuxVoice Towers is a room. “The office window Hell is south and east of the barren wasteland. “A and put the above code into the source
looks over central Bristol.” sulphur air fills your nostrils so you can’t breath. The (you’ll find the code at https://github.com/
land heats up and bursts into flames. You have linux-voice/issue18-inform if you don’t
LinuxVoice Towers contains a stack of magazines. In entered the domain of the dark lord himself”. want to type it yourself). Then press Go to
the stack is a collection of dog eared copies of start. You can then use instructions such
LinuxVoice. The stack is scenery After going to hell: as open bag’, ‘take key’, ‘unlock door’, ‘go
end the story finally; south’, ‘examine sign’, ‘take broad sword’
LinuxVoice Towers contains a bag of coffee. In the say “ A sulphur air fills your nostrils so you can’t and ‘go west’. This series of instructions will
bag is a golden key. The bag is closed and openable. breath. The land heats up and bursts into flames. You complete the game.
have entered the domain of the dark lord himself. In Inform, the player moves through
The office door is south of LinuxVoice Towers and You die a painful death.” rooms (rooms don’t actually have to be
north of a barren wasteland. It is a door and scenery. rooms; they’re anything that the user can
The office door is lockable and locked. The matching A small mountain is west of the barren wasteland. move through, such as a barren wasteland
key is the golden key. and a small mountain). These can contain
Before going to the small mountain: items, and are located though compass
A description of the barren wasteland is “Nothing but unless player holds broad sword: directions from each other. As well as rooms
bare land and rocks. It looks nothing like the view say “an Ogre appears from behind a rock and and items, you can create rules (such as the
out of the office window. You appear to have shouts, ‘Did you not read the sign?’ before slaying final code block in the example). These can
travelled through some form of portal. There are you with a single blow.”; be used to control the world.
roads going south east and west.” end the story finally You’ll find a complete language manual
and a recipe book on the project website at
The barren wasteland contains a broad sword. After going to the small mountain: www.inform7.com.
22 www.linuxvoice.com
� SUMMER PROJECTS
Speech synthesised IRC
Make your chat channels talk to you – with real voices!
O
ne of Linux’s great strengths is the
ability to combine individual tools
and programming languages to
make something awesome. In this project
we’re going to create a program that logs
into an IRC channel and speaks out
messages that the users type. The first thing
we need is a speech synthesis tool – that is,
the program that actually converts text into
human-esque sounds – and one of the best
is eSpeak (http://espeak.sf.net). This is
available in most distros; in Debian/
Ubuntu-distros you can get it via the espeak
and espeak-data packages, so dive into
your package manager and grab them.
Once you have eSpeak installed, try it from
a terminal window like so:
espeak “Hello world!”
eSpeak is highly customisable, and you
can change the pitch (0 to 99, default 50)
and speed (words per minute, default 160)
like so: New to the joys of Internet Relay Chat (IRC)? Visit www.irchelp.org for a getting-started guide, then
espeak -p 80 -s 120 “Hello world!” join us in #linuxvoice on chat.freenode.net!
This produces a higher and slower voice,
which may work better in some cases. the first two lines tell Python that we want
If you’re going to be using non-English to use the eSpeak and time modules, then def on_message(connection, event):
content, you can get a list of alternative we use the synth routine of eSpeak and espeak.synth(event.arguments[0])
voices with espeak --voices (for instance, provide some text. We also tell Python to
espeak -v de “Hallo Welt” for German). pause (sleep) for three seconds, to deal reactor = irc.client.Reactor()
So, we have our speech engine installed. with any latency issues (without this line, we c = reactor.server().connect(“chat.freenode.net”,
The next thing to do is to incorporate it into could only hear the first syllable on our test 6667, “SomeRandomName12345”)
some code that interacts with an c.add_global_handler(“welcome”, on_connect)
IRC channel, and here we’re going to
use Python. As a Linux Voice reader
“Our speech synthesizer can read c.add_global_handler(“pubmsg”, on_message)
reactor.process_forever()
you’ve probably picked up some out all sorts of gibberish to us in Here we connect to the chat.
Python already, but don’t worry if
not – we won’t be doing anything too
a friendly computerised voice.” freenode.net IRC server on port 6667
as user SomeRandomName12345
complicated, and it’s a very readable (change that to something else that’s
and newbie-friendly programming language. machine). unlikely to be in use). When the IRC server
We can also change the pitch and speed responds with a “welcome” message, we
Mind the gap (aka rate) settings by adding these lines run our on_connect function which joins the
The Python module to link the language with before the espeak.synth line: #linuxvoice channel.
eSpeak is, funnily enough, Python-eSpeak. espeak.set_parameter(espeak.Parameter.Pitch, 80) And whenever there’s a public message
You can get this via the python3-espeak espeak.set_parameter(espeak.Parameter.Rate, 120) in that channel, we run the on_message
package. After installation, create the Next, we need to add some code to log in function, which uses eSpeak to read out the
following text file as test.py and save it in to IRC and watch for messages. As root, run message (the first element of the event.
your home directory: pip install irc to add an IRC module to your arguments[] list).
from espeak import espeak Python installation, and then replace the So there you have it – speech synthesised
import time contents of test.py with this: IRC in just a few lines of code! Our speech
from espeak import espeak synthesizer can read out all sorts of
espeak.synth(“Python is speaking!”) import irc.client gibberish to us in a friendly computerised
time.sleep(3) import jaraco.logging voice. You can add the set_parameter lines
Run this from a terminal with python3 to tweak the voice style, and hit Ctrl+C to
test.py and you’ll hear the words “Python def on_connect(connection, event): quit. You could even expand it to respond to
is speaking”. This program is very simple: connection.join(“#linuxvoice”) other types of IRC event. Have fun!
www.linuxvoice.com 23
� SUMMER PROJECTS
Raspberry Pi retro gaming centre
Play NES, SNES, Game Boy and Mega Drive games on your big-screen TV.
T
he Raspberry Pi is an acceptable
general-purpose computer –
especially with the power-boosted Pi
2 – but it really shines when doing a specific
job. There are millions of Pis around the
world sharing up files, running network
proxies and operating robots, and they’re
ideal for these tasks: there are no moving
parts, so they’re hard to break, and even if
something does go wrong, you can just pop
out the SD card and drop it into another Pi.
For all these reasons, the Pi makes for a
superb retro gaming centre as well.
Sure, you can configure emulators on
your desktop Linux machine (see p54 of
issue 15) but it can be a tricky job, and
entails the usual fiddling associated with a
desktop operating system. Similarly, you can Emulation Station provides a gorgeous front-end for various console and computer emulators.
customise a standard Raspbian installation
to set up emulators and front-ends – but
again, this takes time and requires lots of Genesis) plus some home computers and So, once you’ve grabbed it you should
manual work. There is a solution though: lesser-known machines. To get it working, have a compressed file called retropie-
RetroPie. This is a special version of you’ll need your Raspberry Pi (1 and 2 are v3.0beta4-rpi1.img.gz (or similar) in your
Raspbian with a razor-sharp focus on retro supported), a spare SD card (minimum Downloads directory. Open a terminal
gaming. Everything unrelated to games has 4GB), a USB keyboard, a USB joypad window and enter the following to extract it:
been cut out, and the end result is a flavour (generic models are available from Amazon cd Downloads
of Linux that boots up to an attractive for $/£5) and a HDMI cable. Your first job is gunzip retropie-v3.0beta4-rpi1.img.gz
launcher, in which you choose your games to grab the latest SD card image from http:// Change the filename to a newer version if
with the joypad and begin playing them on blog.petrockblock.com/retropie/retropie- necessary. Now we need to write this image
your TV. Simple as that! downloads – at the time of writing, this was to the SD card; you can do this like any other
RetroPie emulates all the classic 8-bit version 3.0 Beta 4, but there may be a newer Raspbian image, by following the official
and 16-bit consoles (NES, SNES, Game Boy, Beta (or indeed the final release of 3.0) by Raspberry Pi instructions at http://tinyurl.
Game Gear, Master System, Mega Drive/ the time you read this. com/pisdcardlinux. Here’s a quick way to do
it: insert the SD card into your PC or laptop,
and if its icon appears on the desktop, right-
click it and choose unmount.
Go back to the future
Now, in the terminal window, enter dmesg
to see a list of recent system messages.
Look at the last few lines, and you should
see information about the SD card that you
plugged in. For instance, on our machine
(with a 16GB card) we see this line:
[15703.335628] sd 1:0:0:0: [sdb] 30881792 512-byte
logical blocks: (15.8 GB/14.7 GiB)
The sdb bit here is important – it’s Linux’s
name for the card. Hopefully your card will
be easy to spot, but if not, ask on our forums
(http://forums.linuxvoice.com) and paste
the last few lines of your dmesg output into
your message.
Once you’re sure about the right name (it’s
usually sdb or sdc), you’ll need to write the
On first boot, you’ll be asked to configure your USB joypad. image to the card as the root (admin) user.
24 www.linuxvoice.com
� SUMMER PROJECTS
In many distros this is:
sudo dd bs=4M if=retropie-v3.0beta4-rpi1.img of=/
dev/sdb
(If this doesn’t work, change sudo to su
-c.) Also change the filename of the image
and the sdb accordingly. This writes the
image data directly to the SD card, so it may
take a while – go and grab a cuppa or a
lovely Weißbier.
Now you’re playing with power
RetroPie on its own is all nice and pretty, but
it doesn’t do much if you don’t have any
games to play on it. (For more on acquiring
games, see the “Where do I get ROMs?”
box.) So, assuming you have some games
ready, remove the SD card and then plug it
back in to your PC or laptop to make it
automatically mount again. You’ll see that
there are two partitions on the SD card now,
BOOT and retropie – go into the latter in
your file manager.
You’ll see that it’s very much like a regular
Linux installation, with /etc, /usr and so
forth. And indeed it is a Raspbian installation
as mentioned, just with most of the usual
Linux desktop components stripped out. Go
into the /home/pi/RetroPie/roms directory Here’s Mega Drive Sonic the Hedgehog being played with a SNES joypad connected via a USB
and you’ll see a big list of folders with names adaptor to a Raspberry Pi running RetroPie. What a time to be alive.
like amiga, c64, gb and so forth. These are
the places to copy your games over. So, if say it has recognised your USB joypad and joypad to choose between the emulated
you have the Tetris.gb Game Boy ROM, for you should press a button to configure it. consoles and computers. So, choose a
instance, copy this into the gb folder. If you Press the buttons to match the ones listed machine for which you added games earlier,
have NES games, put them inside hit the A button on your joypad, and
nes, and so forth.
Once you’re done copying your
“Emulation Station is the front-end begin playing! To quit out of a game
and return to the Emulation Station
games over, unmount the SD card launcher and configuration tool for menu, press Start and Select on your
partitions on your desktop or via
your file manager, and remove the
various console emulators.” joypad at the same time.
Because RetroPie only uses a
SD card. Pop it into your Pi, attach chunk of the SD card, you’ll want
the USB keyboard and joypad, connect it to on screen, or press and hold a button if to expand its installation to fill the card.
your TV with a HDMI cable, and power it on. there’s an emulated button you don’t want Otherwise you’re limited to how many ROMs
After a few moments, Emulation Station to use (for example, you won’t need all the you can add to the SD card – around 92MB.
will appear: this is the front-end launcher analogue stick inputs if you’re emulating If you’ve installed RetroPie onto an 8GB or
and configuration tool for the various 8-bit consoles). Once this configuration step 16GB card, that’s a lot of wasted space!
console emulators. In this first boot, it will is done, you can press left and right on the To fix this hit F4 in Emulation Station to
switch to a text screen, and F4 again to get a
Where do I get ROMs? command line prompt. Enter:
sudo raspi-config
Short answer: we won’t say. Longer answer: it’s depriving the game makers of any money. Some Choose “Expand Filesystem” to fill out the
a very messy topic in legal terms. Countless say that it’s still copyright violation, and the only installation to the whole SD card and provide
websites offer ROMs – that is, files representing safe way is to buy a special piece of hardware, plug
extra space. If you’ve found performance
game cartridges – for download. And occasionally, your original games into it, and get the ROMs out
Nintendo and the other major players go after that way (like the Retrode). Others claim that such a bit stuttery with some of your games,
these sites and have them closed down. After all, an act is illegal too. especially with the more demanding
these sites are distributing copyrighted material, In late 2014, it became legal in the UK to make emulators, you can also overclock your Pi
so there’s no ambiguity there. It’s against the law. personal backup copies of CDs and DVDs – but in this menu. It’s best not to go overboard
But there’s also a lot of confusion about it’s not clear whether that applies to video game
– just knock it up a notch, reboot and see if
“personal” ROMs. Some argue that it’s perfectly cartridges as well. So ultimately, we won’t give any
acceptable to download ROMs for games you legal advice or tell you where to get ROMs. Just be it makes performance smoother. Above all,
already own in physical format, as you’re not careful out there, and if in doubt, do nowt. enjoy and bask in the awesome retrostalgic
goodness of the 80s and 90s!
www.linuxvoice.com 25
� SUMMER PROJECTS
Reactions game
Take a first foray into the world of physical computing and check your reaction time.
P
hysical computing is the process of
creating some way for your
computer to interact with the real To input pin
To ground
world. It encompasses everything from To positive
voltage
home control to robotics, and much in
between. It can require a whole new set of
skills for anyone who’s only worked with
normal computers before, but it’s a fun
branch of computing, and it’s easier than
ever before to get started.
The first thing you need is some
method of inputting and outputting from
your computer. On a Raspberry Pi, you
can use the GPIO headers, but as most
computers don’t come with these, you’ll
need an extra bit of hardware. We’re going
to use an Arduino Uno (though most other The exact values of the resistors don’t matter, but the one connected to the positive voltage should
Arduino boards would also work). These be at least 330Ω, and the one connected to the ground should be larger. We used 330Ω and 6.2KΩ.
are microcontrollers that contain a very
simple processor and memory that you can
program, and a series of headers that you The Uno does have a built-in LED on pin Increment the score by one for every
can program to be inputs or outputs. 13, so we can use that for output by just millisecond delay there is before the user
The Arduino project has its own setting pin 13 to high (for on) or low for off. presses the button.
development environment that you should Now the hardware’s sorted, we just need Print the score to the serial port.
find in your distro’s repositories. It’s quite to write the code to control it all. There Turn the LED off.
a simple IDE with just a text area and a are three important parts to an Arduino Wait a random amount of time before
few buttons for the important tasks like program: declaring
compiling (the tick icon), and uploading to
the board (the arrow that points right). For
the variables; the
setup; and the “Physical computing requires a whole
the upload to work, you’ll need to connect loop. Variables are new set of skills for anyone who’s only
your Arduino to the computer via the USB
port. It doesn’t need any additional power.
declared at the start
of the program. We worked with normal computers.”
Our project will be a simple reactions only need one in
game that will turn on a light and then see which to store the score. Declare it as an restarting the loop.
how long it takes you to press a push-button integer with the line: This is done with the code:
switch to turn the light off. int score; void loop() {
The setup is a function that’s run once digitalWrite(13, HIGH);
Building circuits when the Arduino is first booted. It’s used to score = 0;
Buttons (also known as momentary set up the hardware and software. We need while (digitalRead(12) != HIGH){
switches) require a little circuitry to make to tell the Arduino which pins we want to use delay(1);
sure they work properly. There are two parts for input and output, prepare the random score++;
to this: firstly they need a resistor that number generator, and connect back to the }
makes sure that there isn’t too much current computer’s serial port to output the scores. Serial.println(score);
This is done with the following code: digitalWrite(13, LOW);
void setup() { delay(random(1000, 10000));
“The Arduino project has a pinMode(13, OUTPUT); }
simple IDE with just a text pinMode(12, INPUT);
randomSeed(analogRead(0));
Bring all this together into the Arduino
IDE and click upload. If your hardware’s set
area and a few buttons.” Serial.begin(9600); up properly, you should now be able to play
} the reactions game. However, you can’t yet
The loop is the bit of code that keeps see your scores. In the Arduino IDE, press
flowing when the button is pressed; then running for as long as the Arduino is Ctrl+Shift+M to bring up the serial monitor,
they need a resistor that connects the pin to powered on. Our loop will do the following: and you should now get the output from
the ground when the button isn’t pressed. Turn the light on. the board to let you know how good your
This is shown above. Set the score to 1. reaction times are.
26 www.linuxvoice.com
� SUMMER PROJECTS
Hack your house alarm
Take control of a little-used sensor system to turn your house into a palace of data.
Step 1 Background info
WHAT YOU’LL NEED Over the last couple of
• A home alarm years, we’ve often
system mentioned passive
• Engineer codes to infrared sensors, aka
your alarm PIR sensors.
• Or your own PIR These devices
sensor array
measure changes in
• Multimeter
infrared light and are
most commonly used to detect when
something with a higher temperature moves
across a lower temperature background.
Usually, that means detecting the
movements of animals and humans. They’re
also very easy to hook up to something like
a Raspberry Pi, as the detectors require very
little power and send a simple HIGH/LOW
signal when the sensor is triggered. With
just a couple of resistors to safeguard
currents, this signal can be connected
directly to the GPIO pins on a Raspberry Pi
and manipulated using simple Python
commands. It’s the perfect low-cost portable
detection system.
The biggest problem is getting these
sensors into somewhere physically
meaningful. A one-off installation for
detecting badgers in your back yard is easy
enough, but if you want to try something
more ambitious – such as wiring up your
entire house for lighting and heating hacks,
that’s going to take some serious planning Every panel is going to be different, but it should still be obvious where the sensors enter and
and disruption. What you need is a system which wires hold the alarm circuit.
that’s already discretely connected to your
house that you can subvert and hack into These systems are often thought of as Interference with these systems can also
something more useful. And there is – black boxes, untouchable by us mortals, and affect your home insurance.
your house alarm! The backbone of many to an extent this is true. For an alarm system But equally, in our experience, many of us
domestic alarm systems is the humble to be beneficial, it needs to be regularly live in homes where a previous owner fitted
PIR sensor. You’ve seen them, hugging the serviced and maintained by an engineer. Any an alarm system but it no-longer performs a
corners of rooms and corridors, perhaps non-authorised interference will trigger the critical service, or is being used to its fullest
winking their red LEDs when activated. alarm and maybe alert a monitoring station. extent. These installations are ripe for a little
modification, and that’s exactly what we’re
going to do here. We’re going to interface
Danger! Disclaimer! Danger!
a standard Raspberry Pi with a few wires
This project is going to need more disclaimers than insurance while wrecking a perfectly serviceable and resistors to a home alarm system while
usual; it’s a hack in the true sense of the word. It’s home security system. This is definitely a project maintaining the alarm’s functionality. Like
experimental and may not be safe for long-term for those who know what they’re doing and know
an alien parasite, our Pi will piggy back the
use. Please don’t try this if you rely on your alarm how to take the necessary precautions. This is
system, or know nothing about electronics and important because our solution is going to need signals being sent from the various sensors
electricity. It’s likely you’ll need to open a closed some adaption for your own configuration, which around the house and enable us to monitor
unit that could contain live wires. At worst, there’s is very unlikely to be the same as ours. Having their activity and create our own detection
a very real risk of death if you happen to touch said all that, there’s nothing intrinsically difficult or system, whether we use that to turn off
your alarm system’s electricity supply. At best, specialised about what we’re attempting, and we
the heating in the kitchen or initiate a Dalek
you might break a local law or nullify your home think the end results are worth it.
voice when an intruder is detected.
www.linuxvoice.com 27
� SUMMER PROJECTS
Step 2 Find the control box
The control panel is the brains of the alarm
system, and is usually secreted somewhere
difficult to reach. We need to install our
Raspberry Pi close to this location, so you’ll
need to find a way to both power and
connect the Pi to your local network. Luckily
for us, the location of our panel was close to
a power socket, which we used for both
power and network connectivity, thanks to a
powerline adaptor.
The panel will require power too, but this is
usually hidden or, or in our case, wired
directly into a fuse box. It’s also highly likely
that the panel itself, along with all the other
sensors, is protected by a tamper circuit that
will trigger your alarm if the circuit is broken.
Tampering will include opening the panel
– our next step – so you must have access
to an engineer’s code, entered through the
keypad, to be able to disable or reset the
system. If you don’t have this, be prepared to
call out a specialist because even if you cut You should be able to find the engineer’s manual to your house alarm with a quick search.
the power, alarms are designed to continue
thanks to a rechargeable battery hidden which are the two wires for the detection You may also need to connect the power
within the panel’s case. circuit and we’re ready for the next step. back to the panel, so be careful. Watch the
We had the engineer’s manual, which multimeter as you get someone to trigger
Panel data helped, but the tamper wires were the sensor – assuming you know which is
With the panel located we now need to open combined with the those from the other which. If not, you’ll need to go through each
it up to get access to the sensor circuits and the power distribution was sensor and work it out.
connections and we’d highly recommend obvious, so finding the two we needed was As with our own system, the majority of
disabling the power to the panel before straightforward without it. Both four- and the sensors we’ve checked output 5V on
opening. This will trigger a warning as the alarm circuit, and this is a little too
the alarm will think there’s a power cut, much for the standard GPIO hardware
so you’ll need to be able to disable this. “We need to open up the panel to handle. The input should be no more
And as backup power will likely still be
running, albeit at a likely 12V from a
in order to get access to the than 3.3V, for example, and all the pins
combined have a 50mA current limit.
battery, you’ll need to disable the alarm sensor conections.” The simplest option is to augment your
after you remove the front. Raspberry Pi with a cheap expansion
You now need to find where all the board that protects those pins with
various wired from all your various sensors seven-wire configurations are also common, a few diodes. Something like RasPIO’s
enter and are attached to the panel. You and it should be relatively straightforward Breakout Pro protects each input with a
need to count the number of wires coming to find the alarm circuit. Another possible 330Ω resistor and a 3.3V Zener diode.
from each sensor, and then work out what alternative is that rather than separate You then need to graft a connect between
each of those wires does and where they inputs for your sensors, the sensors are each of the positive sensor inputs on the
connect. The easiest solution is to find the wired in series to the detection inputs on the control panel and the GPIO inputs on your Pi.
engineer’s manual for your hardware. This panel. This chains a series of sensors into a We butchered a spare CAT5 network cable
will obviously provide plenty of extra zone rather than an individual input. as these usually contain four twisted pairs
information on voltage and protocols, as We now need to work out what the of wires that can be unravelled to provide
well as the routines you’ll need to go through voltage is across the detection circuit when eight connections – our alarm has seven
when resetting your alarm system after the one of the sensors is triggered. The value sensors and you need to attach a final wire
tamper circuit has been triggered. But it of this will affect the way we protect our to a common ground terminal on the panel.
should also show exactly what wires need to Raspberry Pi. The simplest method is to This connects to the GND on the Raspberry
be connected and where you can find them. connect a multimeter to the positive and Pi. On the Pi end we soldered a simple
Our sensors use a six-wire system that’s negative sides of the detection circuit. You header that could be easily connected to the
eminently hackable. Two wires for power, don’t have to disconnect the cables, just Pi, while on the alarm panel side we simply
two wires for the tamper circuit and two for make sure the multimeter touches the metal connected each wire to the same terminal
the detection circuit. We need to determine contact where the circuit ends on the panel. as the positive sensor connectors.
28 www.linuxvoice.com
� SUMMER PROJECTS
Step 3 Code it up
Now that all of the connections are out of connected to the panel, but this will very
the way you can safely close the alarm panel much depend on your Pi and where you’ve
and re-instate power (after you know the connected the sensors:
connections are working). There are several GPIO.setmode(GPIO.BCM)
DIY alarm applications you can have a look We’re now getting to the logic of our code.
at – there’s one specifically for the We set up two lists/arrays for convenience,
Raspberry Pi, for example, called the first having the locations for our sensors
PrivateEyePi. Unfortunately this requires the and the second the GPIO of each input in the
use of an external server without source same order as the names list:
code. Instead, we’re going to create our own NAMES = [“SENSOR: Landing”,”SENSOR:
system to show you how simple it can be, all Lounge”,”SENSOR: Dining”, “SENSOR: Hall”]
with just 20 lines of Python code. GPIOPORTS = [17,21,22,24]
All you need is a recent version of We need a single function to handle what
Raspbian installed on your Raspberry Pi and happens when one of the GPIO inputs is
either a local screen and keyboard or a triggered. It takes a single argument –
working SSH connection. Fire up a text channel – which holds the pin number that’s
editor and enter the following opening triggered the alarm circuit. We look up the
stanza, which imports a few modules we’ll position of this pin in the GPIOPORTS list We’ve found that a CAT5 cable is perfect for
need later. Most important is RPi.GPIO, a and use this to find the name for the sensor, getting the detection cables from the panel
brilliant module that removes all the pain which we then print after adding the date to your Pi as they contain four paired wires –
from working with the Raspberry Pi’s inputs and time of the event. enough for seven GPIO inputs and one for GND.
and outputs: def alarm_triggered(channel):
import RPi.GPIO as GPIO detected = GPIOPORTS.index(channel) there’s no voltage on our alarm circuits until
import time now = datetime.datetime.now() the alarm is triggered. The final line here
import datetime print now.strftime(“%Y-%m-%d %H:%M:%S.%f uses the GPIO module’s threaded callback
We next need to tell the the GPIO module “), NAMES[detected] system to automatically call the alarm_
how we’re going to address each of the pins. Each GPIO port needs to be initialised, triggered function when it detects an input,
As you might already know, this can be a which we do in a simple for loop that goes or a rising edge. The bouncetime is to make
nightmare, because the pin numbers on the through the port numbers and configures sure switches don’t trigger more than once:
PCB and they way they’re accessed from the them as GPIO.IN and pull_up_down=GPIO. for PORT in GPIOPORTS:
CPU have changed several times since the PUD_UP. The second argument activates GPIO.setup(PORT,GPIO.IN, pull_up_down=GPIO.
Pi launched. We’re going to use the numbers a resistor on the Raspberry Pi that can be PUD_UP)
assigned by the CPU (Broadcom, or BSM), used to detect a signal when there’s no direct GPIO.add_event_detect(PORT, GPIO.RISING,
because these are labelled on our header connection to a voltage, which is needed as callback=alarm_triggered, bouncetime=500)
Here’s the final section, which will
instantiate our code and wait for the small
script to be escaped with the Ctrl+C key
combination:
try:
print “Ready!”
while True:
time.sleep(0.1)
except KeyboardInterrupt:
print “ Quit”
GPIO.cleanup()
All that’s now left to do is run the above
by typing sudo python script.py, replacing
script.py with your own filename. With a
bit of luck you’ll see the ‘Ready’ prompt and
a notification any time you trigger one of
the sensors in your house, and you can do
almost anything with the data it produces.
Let us know if you come up with any of your
own neat solutions, and watch out for a
followup tutorial in a couple of months with
Here’s our alarm system in action. It simply outputs the date and location of a sensor when it’s a more comprehensive script for zones,
triggered. notifications and alerts.
www.linuxvoice.com 29
� FEATURE PRIVACY ON ANDROID
PRIVACY ON ANDROID
Step out of the Faraday cage and take off the tin hat
as Mayank Sharma shows you tools to prevent your
smartphone from spying on you.
T
he smartphone in your pockets is a private the Play Store (because it blocks ads) and you’ll have
citizen’s worst privacy nightmare. It holds your to sideload it after downloading its APK from the
email addresses and phone numbers from project’s website at https://disconnect.me/mal. The
your contacts, calendar appointments, photos, and app blocks malware and malicious website and ads
probably even personal financial information. To top it by creating a VPN connection between your device
all, it can continually track your location to build a and its servers. Disconnect assures users that it
detailed profile of your whereabouts as it rides your doesn’t route any browsing data over this connection
pockets from your office to your bedroom. and only uses it to parse the list of known malware.
A critical component of your Android smartphone Disconnect (the company) also develops the
is the permissions system. When you install an app, Disconnect Search app that you can use to search
it notifies you of what it would like to gain access to. popular search engines without passing any of your
You can then install the app, or not. Unfortunately, personal information. Usually when you submit a
this system puts a lot of responsibility on the users to query to search engines like Google, Bing or Yahoo,
know whether these access requests are appropriate. the query also sends along various bits of identifying
BitDefender’s free Clueful app helps you identify what information. Disconnect Search acts as a proxy and
an app is doing, and what it should be doing. Once relays the query to the search engine of your choice
installed Clueful will after stripping out any
scan your apps and
categorise them as High
“The smartphonephone in your personal information. The
app ships with a widget
Risk, Moderate Risk, pocket is a private citizen’s that you can add to your
and Low Risk. You can
browse each list and
worst privacy nightmare.” device’s home screen
instead of the Google
click on an app to find search widget.
out the feature it can access. You should uninstall any In addition to preventing the apps from leaking
High Risk apps, as they might be pinching passwords info, you should also minimise the personal data
or reading emails. you put out there, even when sharing something as
Then there’s Malwarebytes’ Anti-Malware mobile app, innocuous as images. Sharing images taken from
which also includes a privacy manager. It scans apps your smartphone reveal a lot of information about
and divides them into categories based on the phone you thanks to the EXIF data attached to them,
feature they have access to, such as Access Calendar so if you take an image with a GPS-
and Access Storage. The app comes in handy when, enabled camera or a smartphone, it
for example, you wish to view all the apps that can can reveal your location, the time it
track your location or access text messages. was taken as well as the unique
ID of the device. To strip EXIF
Shield yourself information from pictures
To keep your device malware-free while traversing the before sharing them you
internet from your mobile device, use the anti-malware can use the EZ UnEXIF
app from Disconnect.me. The app isn’t available in app, which has an ad-
30 www.linuxvoice.com
� PRIVACY ON ANDROID FEATURE
Apps for rooted devices
If you have a rooted Android device there get the same level of control on traffic and
are several apps that’ll give you access apps as on the desktop. The app tracks
to advanced privacy controls. You should your mobile broadband usage and can block
definitely install the XPrivacy app, which Internet access to selected apps.
is available as a module for the Xposed Finally there’s the Cryptfs Password app
framework. With XPrivacy you can control that lets you specify a password for the data
specific permissions for all installed encryption that’s different from the device
apps. The best bit is that once you revoke unlock password. The encryption option
a particular permission, say, access to in the stock Android install requires the
contacts, XPrivacy will shield the real data encryption password to be the same as the
and instead feed a list of bogus contacts to lock password, which forces users to choose
any app that requests them. a simple password since they have to unlock
Then there’s the AFWall+ app for the device several time during the day. With
experienced Linux users who can use it to the app you can disconnect the two and
manipulate the Linux iptables firewall and define a complicated encryption password.
If you want anonymity, you should switch to the
Orweb browser, which is preconfigured to help you
browse the web anonymously. It’s also loaded with
plugins to disguise your device, gives you control over
cookies, prevents loading of Flash content and keeps
no browsing history. The Orweb browser requires the
Orbot app to work its magic.
The Orbot app enables Android devices to connect
to the Tor network. On initial launch, Orbot runs
Use Wickr to exchange end-to-end encrypted, self- through a quick setup wizard. If you are using a stock
destructing messages. Android phone toggle the ‘I understand and would
like to continue without Superuser’ option when
supported free version. Using the app to strip EXIF presented. The app will then explain that it’ll only
information from the images is pretty straightforward. anonymise traffic for apps that are designed to work
After selecting the images you wish to rinse, the app with Orbot, followed by a screen which lists such apps
gives you the option to either save a new EXIF-free including the Orweb browser. On the other hand, users
version of the image or replace the original. with a rooted phone can enable transparent proxying,
which enables all network apps to automatically run
A safer web through the Tor network.
You’re probably registered in more websites than you
can remember unique passwords for. So you’re either
repeating passwords on a couple of them, or worse
still, have trusted your phone to remember your
credentials. The privacy conscious should instead
trust their authentication information to an encrypted
password manager. KeePassX has been a mainstay
on the Linux desktop for a while now, and you can
extend the same benefits to your Android device with
the KeePassDroid app.
The app will create a database file on first launch
that you can encrypt with a password or with a key
file, just like the desktop version. In fact you can even
import the encrypted database password from the
desktop client; just tap on the .kdb file and it’ll be
imported by KeePassDroid. Using the app is also very
intuitive once you’ve imported or created records for
all your online services and websites. When you tap
on a record, you get two new entries in the notification
list; one to copy the username and the other to copy
the password to the clipboard. You can then switch Sideload the F-Droid app
to the app or website on which you want to use the store, which lists only free
credentials and tap on the notification icons to paste and open source Android
over the username and password. apps.
www.linuxvoice.com 31
� FEATURE PRIVACY ON ANDROID
Communicate securely
Shut out the eavesdroppers.
T
he key to securing your phone against any
sort of surveillance is end-to-end encryption,
and GNU Privacy Guard (GPG) is the de facto
standard for implementing it. To extend the same
benefits to your Android device, you need the Android
Privacy Guard (APG) app. Using the app you can sign
and encrypt email messages on your mobile device.
You’ll also need the K-9 email app, which integrates
seamlessly with APG. To use these apps, first launch
K-9 and configure it to connect to your email server.
Then launch APG and tap the menu button, which Head to tracemyshadow.org to see what traces you leave
brings up the option to manage private keys and online, and explore ways to mitigate them.
public keys. You can export these keys from the
desktop and import them into APG. Once the keys are ChatSecure gives you the option to set a master
imported, K-9 will display the option to sign and password to prevent access to your contacts and
encrypt messages when you write a new email. messages. You can then hook it up to your existing
Conversely it will let you decrypt emails when you Google account, or any existing Jabber/XMPP server.
receive a new encrypted message. If you have the Bonjour/Zeroconf service running on
If you need a secure email provider, request an the network you can even add users on the same
account with the Riseup service (https://riseup. Wi-Fi network and exchange messages with them
net). It doesn’t offer GBs of without the internet. The app also helps you create
storage space and instead anonymous one-time only disposable chat accounts
“One of the most popular advises you to download using Tor via the Orbot app. You can send invites to
VoIP apps that uses the your email using any of your contacts to add them to the service or you can
the popular email clients. also manually add accounts by scanning QR codes.
ZRTP protocol is RedPhone.” However, Riseup offers Another form of text-based communication that
several privacy strengthening is on a steady decline but still prefered by many
features such as end-to-end encryption. The service over internet-based communications is SMS. To
also doesn’t include your IP address in the emails you exchange encrypted SMS messages you should
send, nor does it keep a log of it. use the TextSecure app, which can even encrypt
messages stored locally on the phone. However, to
Tinker tailor soldier spy send encrypted messages over the air, the recipient
To use end-to-end encryption for instant messaging, must also have TextSecure or they’ll continue receiving
use the ChatSecure app. The app uses the Off The unencrypted messages. When you run the app first
Record (OTR) protocol to enable secure chat sessions time, it gives you the option to create encrypted
over XMPP accounts. Using the app you can have versions of all local messages. Although it doesn’t
secure chats with your friends over popular networks touch the original unencrypted SMS messages, it’s
including Google Talk on any OTR-compatible client advisable to delete them after creating encrypted
including Pidgin, Adium and Jitsi. On first launch versions. TextSecure interfaces seamlessly with an
Hide messages in pictures
Steganography is the art of concealing a stream of by clicking one from within the app. Then type your
data inside another seemingly harmless message message in the textbox shown in the second step and
or image. The most common mechanism for press the padlock icon to set a password. PixelKnot
implementing it is by replacing unused data in will then analyse the image and embed your message
regular computer files with bits of information that inside it. When it’s done, you can share the resulting
aren’t visible when viewing the original piece of image from within PixelKnot itself. The image will
data. Steganography is mostly used to complement look like an ordinary image, until it’s opened with the
encryption. If you hide a message within another PixelKnot app, in which case the app will prompt you
encrypted message, then even if this message is for the password before it extracts and displays the
decrypted, the hidden message remains a secret. hidden image.
The freely available PixelKnot app from the
Guardian Project enables you to hide text messages
inside images. Using the app is a three-step process. PixelKnot uses the F5 steganography algorithm
Begin by selecting an image either from the gallery or designed for hiding messages inside JPEG.
32 www.linuxvoice.com
� PRIVACY ON ANDROID FEATURE
existing text-message system and automatically Clueful will assess any new
picks out users who use the app as well. app you install and notify
you about their privacy
Hide in plain sight risks.
The standard methodology for making voice and
video calls over the internet is Voice over IP (VoIP).
Since the calls are relayed over the open internet, Phil
Zimmerman, the creator of PGP, developed the ZRTP
protocol to ensure the privacy of the connected
parties. This protocol is responsible for negotiating
keys between the connected peers and establishes an
SRTP connection between them which does the
actual encryption. The GNU ZRTP library implements
most of the features. To prevent man-in-the-middle
attacks, ZRTP uses a mechanism called Short
Authentication String or SAS. At the start of the secure
call the parties exchange simple verbal keys, and can
then terminate the call if the software generates
mismatched keys. It’s good practice for one party to
read the first two characters of the string while the
other reads the last two, and then repeat the process BlackPhone handsets, which are engineered from the
at reasonable intervals during the call. ground-up with privacy in mind. The company has a
One of the most popular VoIP apps that uses the subscription-based model with plans starting at $10.
ZRTP protocol is RedPhone. You’ll have to register your The major limitation of both these solutions is that
mobile number with RedPhone’s server when you first they require the person at the other end of the line to
launch the app. Once your phone has been verified be using the same app. Also, both the apps from Open
you can make secure calls to other contacts who use Whisper Systems connect via the developer’s servers.
RedPhone. The app won’t let you call someone who The Ostel project is working on solving this problem.
isn’t using RedPhone, but does ask you for permission It has created a standard known as Open Source
to invite them to use RedPhone by sending a SMS. Telephony Network (OSTN) that uses ZRTP and other
There’s also the Silent Phone app from Phil open source protocols to create end-to-end encrypted
Zimmerman’s Silent Circle enterprise. Besides apps communication channels over the popular SIP service.
for secure communication, the company also sells the
Speak softly
The best thing about this arrangement is that you
can connect with any user on any platform (desktop
and mobile) as long as they are using an app that
supports SIP and ZRTP. There’s the CSipSimple app
for Android, Acrobits for iPhone users, PrivateGSM for
BlackBerry users and the cross-platform Jitsi desktop
app for Linux, Windows and Mac users.
Before you can make calls via OSTN you need to
register with a SIP server. While it’ll work with virtually
every SIP service, for best results you should register
an account with Ostel.co. This SIP service provider
was formerly funded and supported by the Guardian
Project, which develops many of the privacy-centric
apps mentioned in this feature including Orbot and
ChatSecure. Calls made via Ostel are end-to-end
encrypted with ZRTP. The service uses SIP over TLS
for signaling encryption and the TLS certificates are
based on the standard Root CA trust model.
Once you’ve registered wih Ostel.co you can use
the CSipSimple app to make secure audio calls. The
app launches with a wizard that lets you add details
about your Ostel.co account (or any other SIP
provider). After it connects with the service provider
you can call any of your contacts that are registered
Use the App Permission Watcher app to detect apps with with any SIP provider like Ostel. When connected, the
suspicious permissions. app will display a four-character long SAS.
www.linuxvoice.com 33
� FEATURE CUSTOM-BUILT DESKTOP
BUILD YOUR OWN
DESKTOP
ENVIRONMENT
What to do if KDE, Gnome and Xfce don’t float your boat?
Build your own desktop, of course! Mike Saunders explains all.
W
hat’s the best thing about Linux? Security, custom setup and have levelled up on the journey to
stability, performance or freedom? It does Linux enlightenment.
a cracking job in all of those areas, but
another feature we’d highlight is its modularity. As an What is a desktop environment?
operating system deeply influenced by Unix, GNU/ Fire up your regular desktop and look around: there
Linux is designed to be easy to pull apart – and, all are probably panels, notification areas, window
being well, easy to put back together again. Major titlebars and other bits of furniture. These are all
parts of the system are built up from smaller things that the desktop environment (from here
components that can be omitted or replaced, which is onwards, DE) provides, but if we look deeper, we can
one of the reasons why we have so many different find other functionality as well. The DE also handles
Linux distributions. keyboard shortcuts for switching between
This modularity adds complexity at times. But it applications and closing them, along with desktop
also adds reliability, as components are designed to wallpaper, applets (such as CPU monitors) and fancy
work independently, window effects.
and if one crashes,
the other parts “It’s a great learning experience to These features are
provided by a bunch
will (ideally) keep create a desktop environment from of programs. In Xfce,
chugging along. So
you can replace Bash scratch, so that’s what we’ll do.” for instance, running
ps ax | grep xfce in
with another shell, or a terminal shows all
switch to an alternative SSL library, or even replace processes that have “xfce” in their name – and there’s
your entire init system – as we’ve seen with the quite a lot of them. Most of the names are obvious,
migration of major distros to Systemd. so you can see that xfce4-panel provides the panels
But what about desktop environments? Aren’t KDE, that sit around the screen edges, while xfce4-power-
Gnome and Xfce giant, monolithic projects? Not really. manager monitors your battery and handles power
They’re built up of smaller programs and libraries that events (such as closing the lid).
are highly dependent on one another, but it’s possible It might be tempting to create some kind of
to strip out certain components or replace them with insanely awesome hybrid desktop by using individual
alternatives. And taking this even further, it’s possible components from each desktop and mixing them
to create a desktop environment entirely from scratch, together, but the end result won’t be very pretty. The
by cherry-picking a selection of programs, tying them programs in each DE are designed to work together,
together and making them run simultaneously. so if you use a panel from KDE, a power manager
It’s a great learning experience to create a desktop from Xfce and a window manager from Gnome, you’ll
environment from scratch, so that’s what we’ll do end up with libraries and other processes from each
over the next few pages. You’ll be able to choose DE loaded, so it’ll be like running all three at the same
the components that fit your workflow, and the end time, chewing up your RAM banks.
result will be considerably lighter and faster than the No thanks. What we’ll do is choose small and
heavyweights of Gnome and KDE. Plus, you can brag memory-friendly standalone components that don’t
to your friends at the next Linux User Group meeting rely on anything else, but work well together. As usual
that you don’t use some generic pre-packaged in free software, there’s a huge range to choose from,
desktop environment, but you created your own so let’s look at some of the top contenders.
34 www.linuxvoice.com
� CUSTOM-BUILT DESKTOP FEATURE
Choosing a window manager
E
ven though we’ll be using individual and
standalone programs to make up our custom
desktop environment, there are some
standards in the X Window System (the base
graphical layer of the desktop) that ensure they work
together correctly. First off, let’s look at some window
manager options.
Openbox www.openbox.org
Designed to be small and fast, Openbox is arguably the
best all-round standalone window manager. It’s
perfectly possible to use it on its own, but typically it’s
combined with other tools. Take LXDE for instance:
this is a lightweight desktop environment that uses
Openbox to manage windows, and is the desktop of
the popular Lubuntu distribution. Openbox is also the
Cairo-Dock is loaded
default window manager in the now-defunct
with pretty effects and
CrunchBang distro (which is coming back to life as windows occupying the top and bottom sections of apes Mac OS X rather
CrunchBang++), and also ArchBang. It’s even possible the right-hand side. If you have a large screen, you’ll closely.
to use Openbox inside Gnome or KDE. Openbox is find that the tiling approach works really well.
available in almost every major distro’s repositories,
and can be started from a script with the command Awesome http://awesome.naquadah.org
crunchbang (as we’ll see later on). Awesome is another lightweight window manager
that’s designed with keyboard usage in mind. It also
i3 http://i3wm.org aims to be compatible with various X standards, and
While Openbox is a traditional mouse-operated is extensible via the Lua scripting language. The
window manager, i3 is all about keyboard shortcuts. developers describe it as a “framework window
This makes it a bit hard to grasp early on, as you have manager” – in other words, a base on which you can
to spend a bit of time with the documentation to get build a more powerful window manager with Lua
used to it, but once you have the keystrokes customisations and other add-ons.
memorised, you could be hooked. i3 is popular among
coders who want to keep their hands on the keyboard JWM www.joewing.net/projects/jwm
– and not keep reaching for the mouse. JWM is written in plain C and uses the base X libraries,
Additionally, i3 is a tiling window manager. Instead so it has very few dependencies and is easy to
of a traditional window manager, where you have compile. It’s designed to get the most out of older
windows scattered around the screen, some computers with limited RAM, but is a good choice
overlapping others, in i3 you organise windows into when you just want something that gets out of your
varying sized tiles (areas) on the screen. So on a way. JWM includes its own simple panel, but you may
widescreen monitor, you could have Firefox occupying want something more configurable and pretty, as we’ll
exactly 50% on the left-hand side, with two terminal explore in a moment…
Write your own window manager!
If none of the window managers we’ve looked at resize its window. In X, a window manager is just
appeal to you, you could always roll up your sleeves, like any other program, but it adds titlebars and Application Application
fire up a text editor, and write your own. This isn’t keyboard operations to windows, so that you can
the easiest programming task in the world – but move them around. Window GUI GUI
nor is it especially hard when you understand how You can find an excellent introduction to the inner Manager Framework Framework
the X Window System (aka X) works. Essentially, workings of X window managers at http://tinyurl.
X is the intermediate layer between your graphical com/writeawm, and if you want to be inspired by
X Server
programs and your graphics card. It provides a level some code, take a look at https://github.com/
of abstraction, so a program (or graphical toolkit mackstann/tinywm. This is a “ridiculously tiny”
such as GTK) can say to X: “Draw a line from A to B” window manager that provides all of the basics Video Card Mouse Keyboard
and X does the grunt work. (move, resize and raise windows to the top) in
Now, you can run X without a window manager, around 200 lines of commented C, so you can step
although you won’t get very far. If you manage to through the code and see how it all works. It doesn’t The X Window System provides a layer of
launch a program, it will appear in the top-left corner do a great deal, but it does shows you how to abstraction between the graphics layer and
at its default size, and you won’t be able to move or perform the most important operations. your application – it’s there to make life easier.
www.linuxvoice.com 35
� FEATURE CUSTOM-BUILT DESKTOP
Panels, file managers and extras
O
nce you’ve chosen a window manager, you’ll
want to spruce it up with some extras such as
a pretty panel (for launching and managing
programs), along with a file manager. If you’re an
experienced Linux user you may be happy with doing
all your file work in a terminal, but we’ll still look at a
couple of options.
Cairo-Dock http://glx-dock.org
Cairo-Dock provides a panel that looks rather like Mac
OS X’s dock – at least, before the flattening that
arrived in 10.10 (Yosemite). Its “3D Plane” mode looks
gorgeous, with smooth icons sitting on a glass tray,
and as you mouse over the icons they grow slightly in
XFE is a solid little file
size. By right-clicking an icon you can customise it, or manager that doesn’t
choose the ever-present Cairo-Dock submenu, which does 99% of the jobs look super flashy but
lets you configure the panel as a whole. By default, you need. It also doesn’t gets the job done.
Cairo-Dock presents icons for the most popular FOSS try to be too avant-
programs (providing you have them installed): Firefox, garde with its design,
Thunderbird and so forth. opting for a familiar layout that anyone can get to
If you’re going to test your custom desktop in a grips with very quickly. Plus, it’s pretty much
virtual machine, note that on first startup, Cairo-Dock ubiquitous and so is available in all major Linux
will ask if you want distributions.
“Docky is polished and snazzy, to use OpenGL.
This is useful on XFE http://roland65.free.fr/xfe
and is capable of producing the real hardware and This isn’t related to Xfce; rather, it’s a very lightweight
OS X-esque 3D look.” makes the dock’s
effects smoother,
file manager that uses the Fox graphical toolkit
(www.fox-toolkit.org). Its developers describe it as
but inside VirtualBox the “file manager of choice for all light thinking Unix
it can cause trouble so it’s best to leave it disabled. addicts”, and while it doesn’t offer a great deal of
features over other similarly low-resource programs, it
Docky http://wiki.go-docky.com has one benefit: it’s still in development. Consequently,
Docky is very similar to Cairo-Dock, although it uses the it’s not hard to compile or find in mainstream Linux
Mono language, which adds a bit of extra overhead. distributions.
But it’s also very polished and snazzy, and is capable
of the aforementioned OS X-esque 3D look. Docky is Extras: compositor, background and more
available in all major distros, and after installation you It’s possible to add spit-shine to some of the window
can start it simply by entering docky at the command managers we’ve mentioned (such as Openbox) using
prompt. Its default configuration is rather minimal; themes, but if you really want lots of eye candy to
you’ll see an anchor icon for configuring Docky, along drool over, it’s worth adding a compositing manager.
with icons for running programs. You can, however, This enables effects such as drop shadows and
turn these icons into launchers by right-clicking them subtle animations when windows appear, and one of
and choosing to pin them to the dock. Then they will the best is Compton (https://github.com/chjj/
remain even when the programs are not running. compton). It’s really easy to use as well: just start your
With Docky it’s also possible to add extras like window manager, and then start Compton to turn on
weather applets and battery monitors – click the the special effects.
anchor icon to bring up the configuration box, and Another thing to consider is your desktop wallpaper.
then choose the Docklets tab for a list. Find one you Most lightweight window managers don’t provide a
like and then click the plus (+) button to add it to the way to do this directly, so you’ll need to find another
right-hand side of the dock. tool to do it. One especially useful tool for this purpose
is Feh (http://feh.finalrewind.org), a command-
PCManFM http://wiki.lxde.org/en/PCManFM line driven image viewer that can also set the “root
File managers are ten-a-penny in the Linux world, and window” image. Yes, this is another use of “root” in
most of them provide very little functionality. Unix parlance, along with the super-admin user and
PCManFM, as used in the LXDE desktop, is one of the top level of the filesystem. In X terms, the root window
most notable: it’s lighter than the heavyweights used is effectively the background, so if you apply an image
in Gnome and KDE, but still packs plenty of punch and to it you set the desktop wallpaper.
36 www.linuxvoice.com
� CUSTOM-BUILT DESKTOP FEATURE
Putting it all together
S
o, let’s do the fun part! We’re now going to turn
this collection of components into a fully
functioning desktop environment. In this case,
we’ll use Openbox as the window manager, Docky as
the panel, PCManFM as the file manager, and throw in
a bit of Compton and Feh to make it look pretty.
Because these are all separate programs, we need
to create a script to run them all in the correct order.
Create a text file in /usr/local/bin/mydesk as root, eg:
sudo nano -w /usr/local/bin/mydesk
Enter the following contents, and use Ctrl+O to
save, followed by Ctrl+X to exit the Nano editor.
#!/bin/sh
docky &
pcmanfm &
feh --bg-fill /home/user/desktop.jpg
compton -c --shadow-exclude ‘n:e:Docky’ &
openbox
You’ll also need to make this file executable, with
sudo chmod +x /usr/local/bin/mydesk. This script Once you’ve created
a startup script and
starts a bunch of programs, starting with Docky and Type=XSession
.desktop file for your
PCManFM. The & symbol after those programs says Now log out of your current desktop, and at the login
session, it will appear in
that we want to run them in the background, and screen, choose MyDesk as your session. Enter your the login manager.
not have the script wait for each one to close. With username and password, and voilà – your custom
Feh, you’ll want to change the location of the desktop desktop environment will appear! See the example
image to match a picture in your home directory, and screenshot: in this case, we’ve clicked on the anchor
note that the Compton line excludes drawing shadows icon in the bottom-left, chosen “Panel Mode” in the
on Docky windows (because they already have their options (to make it use up the full width of the screen),
own special effects). and applied the Matte theme. We’ve also added a
Now, in a normal Linux desktop session we can’t workspace switcher Docklet to the right-hand side.
just run this script and expect everything to work,
because we already have a window manager, panel Time to test
and other things running. Instead, we need to tell Note that Docky doesn’t include a traditional “Start”
the login manager (the screen where you enter your menu of programs; instead, you can right-click on the
username and password) that our script starts its desktop and choose Terminal to open a command
own desktop environment, which we’ll call MyDesk. line window. Enter a program you want to add to the
As root, create the text file /usr/share/xsessions/ panel (eg firefox), and when the program starts, its
mydesk.desktop with the following contents: icon will appear on the panel. Right-click it and choose
[Desktop Entry] Pin to keep the launcher there even when the program
Name=MyDesk is not running. And to log out of your custom desktop,
Comment=Custom desktop right-click anywhere on the desktop and choose Exit.
Exec=/usr/local/bin/mydesk And that’s just the beginning! This is merely one
TryExec=/usr/local/bin/mydesk example of a desktop that you can create. You could
try running cairo-dock & instead of docky & in the
/usr/local/bin/mydesk script to try another dock,
or change the window manager. It’s important that
the window manager is the last line in the script and
doesn’t end with an & symbol, so that when you exit
the window manager, it also exits the entire session
and returns you to the login screen.
Have fun experimenting with different combinations
of window manager, panel, file manager and other
tools, and if you create something spectacular, pop
by our forums at http://forums.linuxvoice.com
and share your screenshots with the world. Who
And here’s our custom desktop in all its
knows, maybe there’ll be a whole Ubuntu spin-off
glory! Openbox, Docky, PCManFM and
Compton doing a fine job together. based around your desktop one day…
www.linuxvoice.com 37
� FEATURE OPEN DATA
A free world needs everything to be open, not just source code.
Ben Everard mines gold from free data.
O
pen data follows the same principals as open Open data helps the economy in a few ways.
source: that people should be able to remix It can help businesses run more efficiently, and
and reshare content. However, instead of consumers make smarter choices. It can also create
software (which is remixed by editing source code), opportunities that new companies spring up to
open data is provided in CSV, JSON or XML files that take advantage of. A 2013 study by consulting firm
can be analysed or McKinsey estimated the
combined to provide
new insights.
“A 2013 study estimated the value of open data to
the world economy at
Most open value of open data to the world between three and five
data comes from
governments. Public
economy at 3–5 trillion dollars.” trillion US dollars.
It can be hard to track
organisations tend exactly where this value
to have large data sets that can be useful, and unlike comes from, but in some areas it’s easier than others.
companies, they have no economic incentive to keep Better access to transport information has resulted
them closed – on the contrary, there is an economic in very tangible benefits for commuters, for example.
incentive for governments to open data. Transport for London (TfL) opened its data on train
38 www.linuxvoice.com
� OPEN DATA FEATURE
Zero cost vs open Not everything that’s free is free
Providing data for free isn’t the same as data provided by most governments. With
providing open data. For data to be open, data such as this, users are free to do
it has to come with a licence that enables almost anything with the data. A trivial
users to manipulate and re-release it as they example is that with open map data, users
see fit. A good example of this is in maps. can download as much data as they want
There are several online maps services (such to use offline, while most proprietary online
as Google Maps or Bing Maps) that enable maps only allow very limited downloading.
you to overlay data onto their map tiles. The open data sources also allow a much
However, crucially, users can’t access the larger range of visualisation options because
The UK government provides 25,548 open datasets map data directly, so they can’t host their they’re limited only by the developer’s skill.
through its data portal at data.gov.uk own versions of the maps, or combine the Many businesses provide free access to
map data with other data except in the few closed data sets, even getting people to build
and bus times as well as information on the current ways specifically allowed by the map vendor. their closed data sets (such as review sites).
The alternative is an open store of map These services can have a value, but they’re
state of the roads, for instance. This meant people
data, such as OpenStreetMap, or boundary not as important as the open data revolution.
could build services that used the data to help people
move around more efficiently. For example, you can
see all the trains in real time at http://traintimes. Surgeons, told the Guardian, ““All of medicine should
org.uk/map/tube or live information on the state take note of the findings that full audit has not
of the traffic in the capital with www.londontraffic. resulted in risk-averse behaviour.”
org. This better information means people can travel
more efficiently, and by wasting less time travelling, Open data worldwide
they have more work or leisure time. A study by The UK government helps citizens access open data
consultants Deloitte for the Department for Business, through the data portal at http://data.gov.uk, but this
Innovations and Skills in May 2013 estimated the country isn’t alone in releasing data. The European
annual value of time saved to customers through TfL’s Commission highlighted the EU’s advocacy of this
open data at up to £58m – and that’s only for travel approach in a 2011 communication entitled “Open
within a single city. Data: An Engine For Innovation, Growth And
Transparent Governance”. In this, the Commission
Sunlight is the best disinfectant urged member states to act based on the economic,
Opening up data can pay off in unusual ways. The social and scientific impact of opening data. On the
increased transparency can force a department to other side of the pond, the US government maintains
improve its performance. Perhaps the best known its own data portal, www.data.gov, and following the
example of this is in heart surgery data. In the UK, the Open Government Directive of 2009, all government
Guardian newspaper used the Freedom Of Information agencies are required to share their data there. For
Act to access data on the survival rates following global information, you can access data from the UN,
cardiac surgery, and published the results. Following IMF and World Bank at https://data.un.org, http://
this opening of the data, death rates from cardiac elibrary-data.imf.org and http://data.worldbank.org
surgeries dropped dramatically (by as much as 30% respectively. To put it another way, there’s enough
for some surgeries). open data available to satisfy all but the most ardent
The exact cause of this improvement isn’t known, data fanatics, and it’s all just a few clicks in a web
but it possible that the increased transparency forced browser away.
surgeons to improve. Initially, there was some concern With government spending very much under
that it could push some surgeons to avoid risky pressure at the moment, opening data is proving to be
procedures, but this doesn’t appear to have happened. a cheap way of improving services, so expect to see
John Black, the president of the Royal College of more and more open data in the future.
Licences Know your rights
Different governments open their data under different very similar to the creative commons by attribution (CC-BY)
conditions. For example, the US government releases most license. Note that this does permit commercial, closed source,
documents into the public domain. This means that they usage as long as it’s properly attributed. Full details are in the
forego the usual privileges granted under copyright, and national archives at http://www.nationalarchives.gov.uk/doc/
anyone can do whatever they wish with the data. Other open-government-licence/version/3.
governments have a slightly different process. The EU data portal uses a licence roughly similar to the
When the UK government first started sharing open data, OGL, but individual EU member states are free to adopt
it required users to register for a licence to use the data. their own licences. Other governments may have different
Fortunately, sense has prevailed, and it now uses a far more restrictions on how their data is used, so be sure to check
liberal licence called the Open Government Licence (OGL). OGL exactly what you’re allowed to do with it before starting a
states that you can use the information in any way you wish project – you shouldn’t assume that you are permitted to use
as long as you attribute the data to the appropriate place. It’s data you want just because you can access it.
www.linuxvoice.com 39
� FEATURE OPEN DATA
Smart cities
When open data goes into overdrive.
W
hile almost all cities in developed countries
collect a large amount of data, there’s a
growing trend towards so-called smart
cities. These are cities that put data use at the heart of
city planning. By harnessing this data, planners, city
workers and ordinary citizens can find ways to make
their city a more pleasant place to live. Not all smart
cities make their data open, but given that many
countries have legislation or government guidance on
making most data open, many do.
Chicago is one of the leading smart cities. Not
only has it made the data open, but it has a GitHub
account where it hosts many of the tools used to
analyse it (https://github.com/Chicago). You can RouteRisks.co.uk uses open data on UK road safety to
contribute to the source code for the city, though you highlight the dangerous parts of any road journey.
will have to sign a contributor licensing agreement
before your pull requests are accepted. created an interactive database that enabled
The vast amount of open data for the city of Chicagoans to find out if they were among the
Chicago has enabled a community to develop to incorrectly charged (http://apps.chicagotribune.com/
make sure this data is fully utilised. Chi Hack Night is news/local/red-light-camera-tickets).
a weekly event at which data geeks gather to share All the talks from Chi Hack Night are available to
what they’ve done with all the open data available view online for anyone who want to see how a smart
about Chicago. In May 2015 some staff from the city can benefit the inhabitants (http://chihacknight.
City of Chicago demonstrated a model they’d built org/events/index.html).
for predicting
the results of Back in Blighty
“The vast amount of open data for food hygiene Chicago is the poster child of how a smart city can
the city of Chicago has enabled a inspections. The
model itself is on
use open data to make life better for the people who
live there, and the approach it has taken has
community to develop.” GitHub at https:// encouraged other cities to go down the same path.
github.com/ Here in the UK, Bristol is embarking on its own smart
chicago/food- adventure. Since the 90s, Bristol City Council has been
inspections-evaluation. Using this model, hygiene developing a network of fibre optic cable that
inspectors can focus their efforts on establishments encompasses much of the city centre. This enables
that are most likely to have hygiene problems, and as very high speed data transfer within the city centre,
the model is open source, people can improve upon it and the connectivity is being expanded with a wireless
and enable other cities to modify it to suit their needs. mesh network build using streetlights. The project
Another project presented at Chi Hack Night (run in conjunction with the University of Bristol) is
followed an investigation from a local newspaper looking into ways to use this infrastructure to
showing that on occasion, the city’s traffic cameras maximise the benefits to the people of the city.
were incorrectly issuing tickets. The newspaper
Playable City The world’s largest games machines.
Much of the time, smart cities generate game enables people to send text messages
data that can then be used to improve the to inanimate objects (such as post boxes
city, but that’s not the only way of using and lamp posts) and they would respond.
the processing power and connectivity of In 2014, the Shadowing game invited
a smart city. Another option is to turn the participants to try to find secret lamp posts
entire city into one giant games console and create shadows that were then recorded
and enable citizens to interact with it for no and played back. 2015’s winner (which will
purpose other than pure enjoyment. These be implemented in September and October)
projects are known as playable cities. will see people searching out street art,
Since 20013, the Watershed in Bristol which will be interactive.
has held an annual competition for playable Unfortunately, playable cities rarely use Every train on the London Underground at the time of
city projects. In 2013, the Hello Lamp Post open source code or produce open data. writing. Thanks to apps like this, thousands of man hours
are saved every year due to more efficient transportation.
40 www.linuxvoice.com
� OPEN DATA FEATURE
Working with open data
How to make sense of the vast amounts of open data.
M
anipulating data is easier than ever, and
there’s more data than ever to manipulate.
The only thing missing are the people to do
the manipulating. Fortunately there’s a growing crowd
of data geeks that are only too willing to get stuck in
and help. Why not join them?
There are a whole host of ways to manipulate open
data. Generally, the data will come in CSV, XML or
JSON format, each of which has different advantages
and disadvantages. Occasionally, some government
official will try to pass off a PDF file (often containing
tables of information) as open data, but this is often
fairly useless.
CSV files can be used with spreadsheets. Although
programmers often look down on the humble
Like many smart cities,
spreadsheet, with a few formulae, functions and pivot The project that started out as iPython now works
Bristol provides much of
tables, you can often extract useful information. The with more languages, and R stands out among them its data in a web app that
charting functions are also very good for prototyping as a language that’s built from the ground up as an enables you to perform
graphs to see what is useful and what is not. environment for statistical analysis and data mining. simple analyses in your
While they’re good for simple manipulations, If you’re serious about understanding data, then browser. Here we made a
spreadsheets do have their limitations. The range of learning R is a great place to start. chart showing river water
graphs possible is often quite limited with few (if any) quality in Ashton Vale.
interactive or geographical options. They can’t deal Sharing your discoveries
with really big data sets, and complex manipulations Once you’ve poked and prodded the data until it’s
can require an unmaintainable tangle of formulae (and released all its information, you then need to find
sometimes macros). Spreadsheets also can’t handle some way of sharing your discoveries with the world.
custom XML or JSON data. A picture, as they say, is worth a thousand words,
If you’re serious about open data, you’ll need to and a good chart can be the thing that makes people
use a real programming language. The NumPy and take notice of your analysis. All major languages have
SciPy Python modules can perform just about any some form of graphing library or module. In Python,
manipulation you care to think of (including complex the most popular option is MatPlotLib, while R has
procedures with machine learning), and they’re highly built-in capabilities. Bash scripts can use Gnuplot.
optimised so don’t incur the performance penalty In today’s always-online world where everything
of pure Python programs. iPython is one of the best seems to be provided as a service, there are some
IDEs for interactive manipulation, and ideally suited to great options for hosted web charts into which you
working with open data. This can be a very different just have to feed your data. Google Charts and Plotly
process from programming, since you don’t always are a couple of popular choices that both work well.
have an end goal in mind when you start. Instead, you Plotly in particular has a huge range of options and
explore the data to find out what secrets it holds. bindings for many languages that make generating
online charts easy. However, like most online services,
both Plotly and Google Charts are closed source, so
aren’t ideal if you want to keep your project open.
To get around this you can host your own online
charts with a bit of JavaScript magic. This is a little
more involved than using a hosted option, but there
are a few libraries that make it fairly straightforward
for anyone familiar with JavaScript. The best library
for you will depend very much on the data you want to
visualise, but some useful options are chart.js (www.
chartjs.org), PykCharts (http://pykcharts.com) and
dygraphs (http://dygraphs.com)
If you really need the ultimate control over your
image, web browsers enable you to interact directly
PykCharts has a range of chart styles to suit most data with SVG images from JavaScript. Using this, you can
visualisation needs. create endlessly varied charts.
www.linuxvoice.com 41
� FAQ FIDO U2F
FIDO U2F Mark Crutch looks at an emerging authentication standard.
your Google account and another for passwords. There are already many
MARK CRUTCH PayPal, you should eventually be able to other second factor authentication
use a single device across a large systems available, but this is the first to
number of sites. have backing from so many high-profile
My Aunt Doris had a guard dog companies.
named Fido. It means Back up a bit there… what’s a
“faithful”, right? second factor device? So I need to buy a new device
In this case it’s an acronym for Authentication systems can be of some sort?
Fast IDentification Online and split into three classes, or Not necessarily. The U2F
refers to the Fido Alliance, a group of “factors”. The first is “what you know”, specification is just based on
over 150 companies trying to improve and typically refers to passwords or protocols over a normal web
online security and authentication. The memorable questions about your aunt’s connection, so could potentially be
member list includes hardware dog’s name. Your username or email implemented via some software on
companies, such as ARM, Intel and address also falls into this category. your phone or computer.
Samsung; software companies such as The second is “who you are”, and
Google and Microsoft; and financial covers biometric data such as So how does this protocol
organisations including PayPal, fingerprints or retinal scans. The third work?
MasterCard and Visa. factor is “what you have”, and describes When setting up an account on a
an object that you own, such as your website, or when you first enable
What about the “U2F” part? mobile phone or a USB device that you U2F on an existing account, you’ll be
Don’t tell me Bono’s involved! keep on your keyring. prompted to register your second-
Thankfully this isn’t another Most websites authenticate you with factor device – by plugging it into a
attempt to force an unwanted U2 a username or email address, and a USB port and pressing a button, for
album onto innocent bystanders. password. That’s two things from the example. The device generates a
Rather “U2F” is an abbreviation for same class, so only one “authentication private/public keypair, and sends the
“Universal Second Factor”, one of factor” is used. Best security practice is public key and an identifying “key
FIDO’s standards. “Universal” refers to to use two or even all three factors, handle” to the website. The key handle
the idea that it’s independent of the though. That way, even if your also encodes information about the
websites and hardware vendors that username and password fell into the website’s address.
will support it, so rather than requiring wrong hands your accounts would be Later, when logging in to the website,
one type of second factor device for safe unless the criminals also acquired you’ll first be asked for a username and
your phone and fingerprints, or USB password as usual. The website uses
device and eyeball. In that case you’ve this information to retrieve your key
“If someone finds your device got bigger things to worry about!
The Fido U2F specification defines a
handle from its database, and this will
be sent back to your browser, together
there’s no way to tell what protocol to allow a “what you have” with a “challenge” - a unique text string.
sites it has been used on.” device to talk to a website, providing a
second factor over just usernames and
The browser then prompts you to insert
and activate your U2F device.
42 www.linuxvoice.com
� FIDO U2F FAQ
At this point the U2F device will
confirm that it created the key handle,
and that the address encoded in the
handle matches the one that is
requesting authentication. This helps to
protect against man-in-the-middle
attacks. Next, the device uses the
private key to sign the challenge, and
returns the result to the website. The
website can validate this signature
using the public key it stored during
registration, confirming that it was
produced by the same U2F device that
you originally registered.
What if a site is hacked, and
their database of user
credentials is stolen?
The key handle and public key are With slogans like this, someone’s bound to mistake the FIDO website for a dogs’ home!
uniquely generated for each
separate website. Stealing one set Can a U2F device be used to Rails, with authentication libraries
won’t allow an attacker to impersonate track my movements online? available for common server-side
your U2F device on any other site. The No, that shouldn’t be possible. languages, including PHP, Ruby and
attacker will have your username and Remember that the website only Python. That list should grow over time
password, but that shouldn’t be a receives your public key and your as developers produce libraries and
problem, because no reader of Linux generated key handle – and both of plugins allowing more sites to easily
Voice is foolish enough to use the same these are different for every site. There’s add support.
password on multiple websites... right? no unique device ID exposed to the
website that could be used to track you. So provided I use Google
What if I lose my U2F device? Chrome, a U2F device will
Am I locked out forever? You keep mentioning websites work across platforms, right?
If someone finds your device on and browsers. Will this work The USB keys that are currently
the street there’s no way to tell with Lynx? available are intended to work
what sites it has been used on, or with Erm… no. To use U2F on a cross-platform, but you’ll need to add a
which accounts. So unless it’s been website requires your browser to udev rule for the device to work on a
stolen by someone who also has your talk directly to your device. Currently Linux box. Check out the website of
usernames and passwords, your only Chrome (and Chromium) has the your device manufacturer for the
accounts should be safe. necessary code built in, but there is an details. As these devices become more
Nevertheless, you should probably open bug about adding it to Firefox. widespread it’s likely that these rules will
revoke the device on each website Yubico, a U2F device vendor, has even be present by default in future distros.
you’ve authenticated with. But without donated 200 USB keys to Firefox
the device how do you log in, in order to Nightly users to help test the code. Where can I get more
revoke it? That will vary from site to site, Outside of the browser there is a information?
and may entail a confirmation email to PAM module that lets you use U2F to The Fido Alliance website is a
your registered address, or answering a secure terminal logins, and Microsoft good place to go for a general
question about your aunt’s dog. has announced Fido support for overview of the protocol, or to
Another possibility is that sites may Windows 10 – though it’s not clear if download the specifications with all the
let you register more than one U2F that will work with current U2F devices. gory technical details:
device to an account, so you can log in https://fidoalliance.org.
with the second device in order to And what about website Yubico also has a lot of good
revoke the first one. Because the U2F support? information on its site, as well as links
design specifically allows for sharing a Right now not many sites work to plugins, libraries and even a BSD-
single device among multiple users, you with U2F, but a notable one that licensed validation server:
could get together with a friend to each does is Google. You can add U2F as a https://yubico.com. And if you just
register your keys against the other’s second factor authentication option to want to buy a U2F device, head to
accounts. Without your username and help secure your Google account Amazon. That’s the main outlet for
password your friend won’t be able log against unauthorised access to Gmail, Yubico’s products, but it also sells other
into your account, but if you lose your Google Drive and so on. vendors’ devices starting from only £5,
key you would be able to borrow theirs There are also plugins available for which is a small price to pay for extra
to log in and revoke the missing device. WordPress, Joomla, Django and Ruby on security on your Google account.
www.linuxvoice.com 43
� INTERVIEW CAROL SMITH & CAT ALLMAN
SUMMER OF CODE:
GOOGLE’S
CAROL SMITH &
CAT ALLMAN
Graham Morrison meets the small team behind
Google’s hugely successful open source
mentoring project.
I
t’s been 10 years since Google has gone from strength to strength.
started its Summer of Code Over the last decade, Summer of Code
project. Back then, 419 students has made a huge contribution to the
were selected to be mentored by software many of us use every day.
leaders in a wide variety of open And with more than 1,000 students,
source projects, working on significant Google’s 11th Summer of Code in
chunks of code during what’s 2015 is going to be no different. We “We look for healthy,
traditionally a summer hiatus in the
northern hemisphere. The results
met the project’s program manager,
Carol Smith (pictured here on the functional communities that
weren’t always successful, especially right), along with Cat Allman of are going to teach students
in that first year, but the idea gained
momentum, and Summer of Code
Google’s open source team as they
were celebrating their 10th GSoC. not just good coding
practices, but how to
There’s a huge rage of software face of their project. They went from behave as responsible
that benefits from Summer of being small to feeling like they were citizens on the internet.”
Code. Is it roughly the same group really established in the open source
of mentors every year, or do you get community – I’ve heard that from a few
a turnover? organisations.
Carol Smith: Give or take, it’s the Cat Allman: The OpenMRS guys have so we kind of have the organisations
same. One of the things that we do gone on to say that without Google’s sort of ebb and flow with that. The last
every year with the program is that we Summer of Code, the project really couple of years, for example, we’ve
focus on trying to accept at least a wouldn’t have taken off and become seen a lot of organisations applying in
good portion of organisations that have something at all. Which I actually find the bio-informatics/biology field.
never participated before, that are either hard to believe. I don’t think they’re CA: More civic organisations...
small, or new burgeoning organisations, giving themselves enough credit! CS: Yeah, open government, ...
someone in a niche space, people doing CS: And we also have organisations CA: People trying to build out open
stuff on the fringes of things, to try and that started out a few years ago source applications to help their
get a lot of diversity among our mentoring a couple of students and community, sometimes disaster relief,
organisations. Having said that, we do they now have more contributors, more sometimes, economic development.
have organisations that have mentors and they’re now mentoring CS: Two years ago we had an
participated all 10 years in a row. But more students and they’ve gotten organisation in New Orleans that just
we also try to get new faces as well. bigger. That’s certainly happened to wanted some students to work on their
quite a few organisations. levee system, which is open source. We
With the 10-year emphasis, also have an organisation in
how do you think the original Have the types of projects Bloomington, Indiana, that has
vision for the project has changed? changed in the last 10 years? participated the last couple of years. In
CS: We’ve definitely heard from a few CS: In some ways, we’ve had the same. other civic stuff, we’ve had Code for
organisations – OpenMRS comes to For example, we’ve had the Apache America participate.
mind [a software platform for the Software Foundation in the program
creation of open medical records]. the whole time. One of the things I’ve And none of these
We’ve heard from a few organisations seen is that we have trends in open organisations existed 10 years
who have felt GSoC really changed the source that seem to ebb and flow, and ago – there was very little open
44 www.linuxvoice.com
� CAROL SMITH & CAT ALLMAN INTERVIEW
a Google project but it became an open
source project that other folks outside
used, which is basically all LED
monitors that they can outfit with map
software, for example, so you can do a
3D tour of the ocean, or of Barcelona, or
whatever. But they don’t expect the
students to buy all the LED monitors,
obviously, so they just have the
students work entirely on the software.
We’ve managed to do it, but it’s
definitely one of those things like we
can’t expect a student in Sri Lanka to
buy open hardware to work on your
particular project all the time.
Do you have any editorial remit
when guiding the selection of
student applicants?
CS: We focus so heavily on being very
careful which organisations we accept.
We spend a week sequestered in a
conference room reviewing all of the
applications and we’re very diligent
about it and so we take a bit of a leap of
faith. Basically, if you’re accepted into
Google Summer of Code as a
mentoring organisation, we believe that
you’ve met a certain calibre of
organisation and the students that you
accept are going to put a lot of diligence
into which students you accept. We
sort of say, “Do a good job!”
CA: And we do, not just the project, not
just that the code has to be good, but
we look for healthy, functional
data, no immediate responses via working on open source DJ software, communities that are going to teach
social networks. But we’ve also there’s an open lighting project that’s students not just good coding practices
looked for data on projects hosted basically all of the lighting for concert but how to behave as a responsible
by Debian, for instance, but can’t venues, which is all open source. citizen on the internet. And I’m not
find that information. CA: We try and accept a wide enough going to tell you who it was but we have
CS: We have a lot of what we call variety so that kids who are particularly kicked an organisation out of a program
umbrella organisations that either end interested in open source DJ software because they were encouraging
up mentoring many different kinds of have the opportunity to work on it. unethical behaviour.
Something that we… struggle is too CA: But once an organisation is
“The OpenMRS guys have said
strong a word, but with the whole open accepted into Summer of Code, they’re
hardware movement, that’s such a grey the best arbiter of what projects are
that without GSoC, the project area. You can’t really do much of going to work best for them. We try not
wouldn’t have taken off.”
anything without software, but we’re to decide about that process for them.
not set up to make sure that students We assume that if you think that this is
have the hardware they would need to a project that’s really important, and
students or they’ll even mentor many participte for an organisation that’s you think that this student fits really
subprojects within their organisation, about open source hardware. well for this project, then we trust you to
and so Apache might fit into one CS: BeagleBoard has participated, and make that decision.
category but they’re ‘umbrella-ing’ many Catroid [now called Catrobat – visual
and varied. And then a lot of programming for tablets], which is Has it always been that
organisations pivot. They might have actually like open source Android stuff. hands-off when it comes to
started out in one field and become They focus on having the students projects and students?
another. We certainly see a lot of work on the software. And there’s Liquid CA: It’s a remarkably effective, original
diversity. We have folks participating Galaxy as well. Liquid Galaxy used to be idea. I started in 2007 – the project
www.linuxvoice.com 45
� INTERVIEW CAROL SMITH & CAT ALLMAN
started in 2005 – but my of divvy out the work to the
understanding is that the original germ organisations.
of the idea continues to be successful.
Because there’s just 1.5 of
And that came from Google’s you?
founders? CS: Basically, yes. It’s pretty much my
CS: The apocryphal story is that Chris 80% job and then my colleagues
[diBona, the Director of open source at obviously help quite a bit, but then our
Google] and I think Larry [Page] sat in a whole team is the four of us and then
room and said basically, I think, we’re we kind of sort it out.
seeing so many of the same faces at
conferences and we want to keep It sounds to us sort of like an
supporting open source software, why altruistic project, but do you
don’t we do something with university ever get cynical comments?
students to encourage them to work in CS: Oh, yes! But it’s not just ‘sort of’ an
open source. I think Chris took the idea altruistic project. It is philanthropic. It is
and ran with it. entirely designed to get more students
CA: I had actually heard it was more working in open source software
Students who successfully
casual than that. Larry saw Chris in the development.
complete their Summer of
hall and said, “Hey, Chris, what about CA: If you squint and stare off into the
Code project are funded to the
these students that have to take the distance you could say that Google tune of $5,500.
summer off from coding to work for a exists because the internet exists and
living. Why don’t we come up with the internet exists because of Free and
something so that they stay coding and
get more involved in open source.”
open source software. By encouraging
more people to get involved in Free “I believe that open source can
Software, that furthers the health of the be a positive force in the world,
above and beyond technology.”
Flipping bits instead of flipping internet which in turn furthers the
burgers? health of Google. But it’s not exactly a
CA: Exactly. Either way, it’s a good story direct one-to-one money in/money out
and so far it has worked. We do, from situation. It’s a longer-term thing. Whereas now, open source is
my perspective, we maintain that kind CS: And Google has a lot of efforts like accepted.
of hands-off attitude towards picking that. We don’t necessarily have to see CA: My first open source job was in the
the students and projects specifically one-to-one correlation to know that early 80s before the term came about
because the program works because of these are good initiatives to have. It’s one of those 30-year overnight
the orgs and all of the volunteers. successes.
CS: And the reason we’re able to accept Has Google’s attitude towards CS: I think many things have changed
1,200–1,300 students a year is open source changed over the with regard to the way open source is
because we select 190 organisations last 10 years? 10 years ago, viewed in society overall in those last
and then they select the students, and perhaps, something needed to be ten years. One of the nice things, one
so that’s one of the reasons why it can done for open source to help keep it thing in a very large ecosystem, is that I
be so large and international. We sort going, and to help momentum. think Summer of Code has helped.
CA: I’m going to wax poetic. I really
believe that open source can be a
positive force in the world, above and
beyond technology. I was so tickled to
see an article in Al Jazeera – it was an
article criticising the US government’s
trade embargoes against Iran. But one
example they used of how economic
opportunity was stifled for young
people was that students in that
country couldn’t participate in Summer
of Code.
We don’t think Summer of
Code gets much publicity at
Summer of Code students live
all, considering its age and what it’s
all over the world, including
been able to achieve.
Singapore, Brazil, Poland, India
and the good old UK. CA:CS: We agree, thank you!
CS: I was at South by Southwest [Carol
46 www.linuxvoice.com
� CAROL SMITH & CAT ALLMAN INTERVIEW
1,051 sudents have been
accepted onto the 2015
program, and will be mentored
at 137 organisations.
is referring specifically to the 2014 winter time. We pull from the same project itself. And you not only want the
conference on emerging technology] organisations for both things and, code, you have to want the developer
and I realised that no one I talked to granted, we do have a wider variety of who comes out the other side having
there had heard of either of our organisations that apply for Summer of had three months’ experience with your
programs, either Summer of Code or Code, but I can understand if you’re a organisation to say, “Not only do I have
our program for high school students 10-person open source project and this great project, but now I want to
[Google Code-in]. Which made me really you’re mentoring five students in GSoC keep contributing to your organisation.”
glad I was there, but talking to 3,000 and you immediately go into mentoring CA: That is really the prize for the orgs,
people who are directly in education on a whole bunch of high school students is new contributors. We, every year,
the ground – why haven’t people heard in winter. After a while, it’s going to start have orgs that say, “We don’t want the
about these programs? wearing down on you. money, but we want to participate in
Mentorship is hard. This is not just the program so that more people will
Why haven’t people heard sitting at a computer and hacking out learn about our project and we’ll get
about these programs? code. You have to walk people through new contributors.”
CS: I think part of the reason is that the program and a lot of the
you’re looking at the team [gesturing to organisations have weekly meetings Has that worked?
both herself and Cat], and we can’t be in with their students. You have to help CA: Somewhat. We’re very light
all places at once. One of the things these students out. It’s a lot of work. weight in terms of the information that
that we’ve relied upon for the program we collect because a) we’re very
is word of mouth. And we rely on the But many of the things these concerned about people’s privacy, and
students to talk to their universities and people are working on are b) because it’s a lot of work.
say, “Hey, I participated in this program,” features that people have been CS: On the other hand, I have heard a
and to do meetups in their areas. asking for for years. Most people lot of organisations say that the student
would assume that’s the prize. finished their Summer of Code project,
The most important part is that CS: Every year we have applicants, we went back to school, and then they
the code is being written and have organisations that apply that ended up coming back either after they
the projects are being supported. really, really have their hearts in the right graduated or in later Summer of Code
You’re not having any difficulty place. They really think Summer of projects. But they’re anecdotes. We
finding projects or mentors. Code is an awesome program. But they hear anecdotes that organisations have
CS: We’ve started hearing that we’re really don’t understand that it’s not just, grown because of their participation in
getting a little bit of mentor burnout, the “Oh, we’re accepted into the Summer of the Summer of Code.
last couple of years I think. Well, the last Code,” and then three months later this CA: My personal favourite is the guy
couple of years we’ve been running two project appears. You have to spend who’s with the Blender project. And in
programs simultaneously. We run three months really hands-on with this 2005 he was one of our first students
Google Summer of Code in the person and you’re probably going to and in 2013 he got an Academy Award
Northern hemisphere summertime and spend more time mentoring a project for work that he started as a Summer
then we run Google Code in in the than it would for you to just make that of Code student.
www.linuxvoice.com 47
� LISTEN TO THE PODCAST
WWW.LINUXVOICE.COM
BUY MUGS AND T-SHIRTS!
shop.linuxvoice.com
� INTRO REVIEWS
REVIEWS
The latest software and hardware for your Linux box, reviewed
and rated by the most experienced writers in the business
On test this issue...
50 52
Andrew Gregory
Wow, the Human Rights First logo is familiar.
Can’t think from where…
F
rom Germany comes the tragic
news that a factory worker has Meizu MX4 Ubuntu Atom 1.0
been killed by a robot. Is this the The third Ubuntu phone to pass though Ben Everard hates working with CSS and
beginning of the end? Thankfully, no: Graham Morrison’s grasp is a huge HTML – which makes it ironic that he
the BBC reports that “human error” was upgrade – we just wish there were one likes this CSS-themable text editor so
most likely to blame. Thanks for equally good for less techie users. very much.
clearing that up, BBC.
I can almost imagine people sitting at
home, worrying about the rise of 53 54 55
artificial intelligence, not realising that
robots do what they’re programmed to
do and nothing more. I wonder whether
the robot in question was programmed
with open source software? It would
certainly make it easier to find out what
went wrong. Maybe the ultimate
Yubikey Edge NetBSD 7 Linux Mint 17.2
takeover of Free Software in the Mark Crutch examines a It runs on a thousand and The best Linux ever created
internet of things won’t be brought two-factor authentication one platforms, but with X86 for normal, non-computer
about by the makers, but by insurance solution for people who like unassailably dominant, obsessed people?
departments keen to shield themselves cheapness, security and Mike Saunders wonders Ben Everard thinks so. Or
from blame after programming failures. convenience. what the point is of NetBSD. does he? Find out on p55!
Computer says whatever
You’ll still hear people using the phrase BOOKS AND GROUP TEST
“the computer does it all”, or a variation
If you’re running essential services – which you
thereon, even though all that a
should be, rather than relying on Google for
computer does is process instructions. everything – you need a proper distro on which to
It would be nice to think that in a few run your website/email server/calendar. You could
years, when schools start churning out do this on any old Linux distro, but Free Software is
kids who know that programming all about using the best tool for the job, so we
present a bunch of he best server distros.
exists, this kind of thinking will fade and
In the world of books there’s Home Automation
we’ll realise that every error is a human with Raspberry Pi and Arduino, which is full of fun
error, and every brilliant service comes things to do after you’ve finished with this issue’s
from human brilliance. cover feature of summer projects.
andrew@linuxvoice.com
www.linuxvoice.com 49
� REVIEWS MEIZU MX4 UBUNTU EDITION
Meizu MX4 Ubuntu Edition
Graham Morrison gets his hands on Canonical’s third Ubuntu phone.
B
uilding a mobile operating system to carve a aluminium surround gives the phone a high-quality
DATA chunk out of Android and iOS dominance is rigidity, and while the back is plastic, it’s nicely textured
Web
going to take courage and time. But one of the and non-slip. The screen in particular is perfectly
www.meizu.com/en/ ways we’ve theorised that Canonical’s Ubuntu Phone suited to Ubuntu’s operating system, as there’s barely
ubuntu platform could become successful is if Canonical is any bevel at the edges. This makes it easier and more
Developer able to find some partnership with a Chinese intuitive when perfuming Ubuntu’s essential sliding
Meizu manufacturer and somehow tap into the ginormous gestures from the edge.
Price
€299
Chinese market. This new phone isn’t that. But it could
be the beginning of the beginning of that. Meizu is one Software purity
of China’s biggest smartphone manufacturers, and Meizu is very controlling with its own software, and it’s
the Ubuntu Edition of its MX4 handset is the first time impressive that Canonical has been able to negotiate
the company has ventured outside its geographical terms for installing Ubuntu unhindered on its devices.
comfort zone (the Ubuntu MX4 is only available in the In one way this is good. If you’d bought this device
EU) and its own Android-based ecosystem. with Android, for example, you’d still be limited to the
The original MX4 was released in September 2014, base 4.4 version (although there are alpha versions of
and while it was quickly superseded by the MX4 Pro, 5 available), and a version of Android hidden behind
increasing its screen DPI and upping the RAM from Meizu’s Flyme OS skin.
2GB to 3GB, we’d still consider this old MX4 an But the lack of any input from Meizu is also a bad
upper-middle class device. It’s light (147g), powerful thing. There’s nothing we can find in the operating
(Quad-core 2.2 GHz Cortex-A17 plus a quad-core 1.7 system that’s specific for this device, other than the
GHz Cortex-A7) and oversized – the screen is 1152 x now-lost capacitive button support. You can’t reduce
1920 pixels spread across 5.36 inches, giving it a DPI the size of the icons or fonts because the screen is
of around 418. The rear camera boasts a 5248 х 3936 now bigger, and the recovery partition is non-existent.
resolution and dual-tone LED flash. It’s a huge upgrade This means you’re going to be stuck if an upgrade
The design and over the original Ubuntu Phone, which we looked at in breaks your phone. You should theoretically be able to
performance of the MX4 is issue 15, and is available for €299, only €130 more. install a new version using Android’s fastboot, which
a significant upgrade over Despite being large when used in one hand, the remains functional, but we couldn’t get this to work at
the BQ Aquarus E4.5 MX4 feels fantastic. Gorilla Glass and a substantial the time of writing. To be fair, this problem seemed to
be the lack of builds rather than the device itself, so it’s
likely this will work in future. But these are reminders
that using these devices remains the domain of
enthusiasts rather than a mainstream audience.
Performance appraisal
In hardware, the MX4 is an excellent upgrade over the
BQ E4.5. The all-but-essential side-swipes to switch
between scopes are 95% smooth, compared to 80%
smooth on the BQ (we’ve just invented this metric).
Apps are quicker to load, input is faster and the screen
size feels a more natural home when interacting with
the on-screen keyboard or the gestures input. There’s
a huge battery in the MX4 (3100mAh, non-
removeable, but it looks easily hackable with the back
off) and we had the phone with us through two days
of moderate use before having to charge.
A couple of neat features in the Meizu’s Flyme
OS version are the ability to turn the phone off
overnight and to turn the phone on and off with touch
gestures. It would be great to see some of Meizu’s
ideas make it into their incarnation of the Ubuntu
Phone, but we can understand why Canonical wants
to keep the phone restricted to a single, standard
operating system.
50 www.linuxvoice.com
� MEIZU MX4 UBUNTU EDITION REVIEWS
Updates to Ubuntu Touch
There’s plenty to like in Ubuntu We’re also still very excited by the
Touch – scopes are a unique idea convergence idea. Turn your phone
that genuinely frame the Ubuntu around, turn on a Bluetooth keyboard,
experience, and we love the use of and the display turns into a window
gestures and the on-screen visuals. manager. Connect your phone to a
The app store itself is still lacking, screen and you’ve got a PC. It would
both in the interface and in what you be a great way of getting real work
can install. The interface often mixes done with a single device – and we’ve
languages, and the return results can seen demos of this running, but the
be random. A search for ‘screenshot’ update has yet to materialise. We’re
returns ‘tsu’, for example. There slightly disappointed that the MX4
has been a trickle of new apps, but lacks both the SD card upgrade and
nowhere near enough, and many are a micro-HDMI connector for an
little more than HTML5 wrappers external display, so it’s still not going
around a webpage. However, one to be the best convergence device,
obstacle to web apps feeling more even if its performance is more than
native is going to improve soon, with up to the task.
the implementation of the W3C Push
API. This will enable web apps to send
system notifications just like your We like scopes a lot, and the user
native apps, and a release of this is interface shows great promise.
reportedly near. But it lacks apps.
Camera performance is a big upgrade over the BQ of the back panel, but depending on how you use
E4.5 too, but it’s not as great as the pixel count would storage, this could become a deal breaker.
suggest. Ubuntu isn’t to blame here, as we were able In an ideal world, at least while Ubuntu phones
to compare photos taken with the same hardware on become established, we’d like to be able to dual-boot
Android. Brightly lit images are colourful and detailed, with Android. We understand why this is unlikely to
whereas even with the flash, low-light images can happen officially, but we do wish Canonical would
lack clarity. This is unlike the Nexus 5, for example, attempt to persuade Meizu to open up its platform.
where its much more modest sensor is capable of There isn’t the same commitment to open source that
generating fantastic looking photos. We also miss we can see with BQ, for example, and if you head into
the dual-sim capabilities of the BQ E4.5 – excellent uncharted territory to
when travelling – but even more importantly, there’s try to partition and flash
no SD card expansion on the MX4. That means you’re your phone, there’s “The MX 4 is such a huge step
stuck with the storage soldered into the device, and isn’t any information up that we have no hesitation
for consumer units, that’s a measly 16GB. We’ve been that hasn’t been
sent a 32GB version, which also differs in the colour reverse engineered recommending it.”
from an Android ROM.
Unlike many MX4 devices, our bootloader/fastboot
was unlocked, which meant we could theoretically
dual-boot or install Android – and we did get Meizu’s
recovery.img booting live from fastboot,which would
allow you to install Flyme OS if Ubuntu got the better
of you. But each step could brick your phone, and
without access to an official recovery partition or
scatter files (similar to a partition table description),
we can’t recommend this strategy for anyone other
than confident Android hackers. However, if you
are an enthusiast and you’re looking for a new kind
of Linux phone, the MX4 is such a huge step up
over the original BQ that we’d have no hesitation in
recommending it. Just keep your old phone handy.
LINUX VOICE VERDICT
Fabulous hardware for a decent price.
Just don’t expect Ubuntu’s OS to
compete with Android just yet.
The camera in the MX4 works brilliantly when the scene is
well lit, but it’s not so great in the dark.
www.linuxvoice.com 51
� REVIEWS ATOM 1.0
Atom 1.0
Ben Everard’s hair is beautiful – as is this lovely text editor.
G
itHub primarily concerns itself with project
DATA hosting, so it came as a bit of a surprise to us
when the project released a text editor.
Web
atom.io According to the Atom release announcement, Atom
Developer exists because GitHub cofounder Chris Wanstrath
GitHub wanted a text editor built using modern programming
Licence techniques, “His dream was to use web technologies
MIT
to build something as customisable as Emacs and
give a new generation of developers total control over
their editor.”
There are some undeniably cool web technologies
available, but are they really suited to creating a text
editor to run locally as a desktop application? We The inbuilt package manager allows you to turn Atom into
downloaded version 1.0 to find out. a powerful development tool.
Atom is built on Electron, which is a JavaScript
platform made by combining the Chromium rendering be done without lifting your hands off the keyboard.
engine with the io.js back-end. The result is a really Outside of text editing, Atom has (as you may expect)
good looking interface that’s completely customisable good integration with Git, but that’s about it. There
through CSS (which can be bundled into themes). The aren’t many features that allow anything other than
downside of this architecture is that it is a little slower text editing – there’s not even a terminal pane.
than compiled code. This However, while the core editor of Atom may be limited,
“Atom has a good-looking is an area that the developers
have dedicated time to
it does have a saving grace: packages. These enable
third-party developers to extend the functionality of
interface that’s completely improving, and while we the core editor. Despite the fact that version 1 has only
customisable through CSS.” found that it wasn’t quite
as snappy as a fast native
just been released, there are already a wide range of
packages available on http://atom.io. These can be
text editor, it didn’t feel installed both in the editor or via a command line tool
particularly slow at any point. (apm, the Atom Package Manager).
As well as looking really good, Atom has most of the
text-editing features that you’d expect in a God times ahead
programmer’s text editor. Syntax highlighting Looking at the available packages, it seems Python
automatically detects the language you’re using, and and JavaScript are the most popular languages for
By default, Atom comes code-folding can be used to wrap portions of your Atom developers, and there are linters, debuggers and
with a dark theme, but
code so that it’s easier to read. One feature we other tools for these languages. In time, there will
there are a number of
particularly liked is the ability to use multiple cursors probably be more packages to support programmers
others including the
Solarized Light theme at once. If you Ctrl+click at several points in a file, using less common languages.
(shown). You can also Atom will place multiple carets, and any typing you do We’re still skeptical of the modern trend to build
customise the CSS to will go to all of these simultaneously. There’s also a everything using web tech rather than native toolkits,
whatever you want. good set of keyboard shortcuts, so most editing can but this technological choice hasn’t detracted from
this text editor Ultimately, Atom is a good basic text
editor, but it needs a good selection of quality
packages in order to elevate itself enough to compete
with the range of excellent editors that are already
available. So far, the range of packages is already
good for popular languages, and expanding for less
common options. If this continues, Atom will soon
become an essential part of the modern
programmer’s toolbox.
LINUX VOICE VERDICT
A promising program that could mature
into a great text editor.
52 www.linuxvoice.com
� YUBIKEY EDGE REVIEWS
Yubikey Edge
Mark Crutch tries to improve the security on several cloud services
with just one handy little device.
S
ites get hacked and password databases
stolen, so it’s wise to take additional steps to
secure your logins with “second factor”
authentication wherever you can. The trouble is that
there are a wealth of second factor options available,
and you need to make sure you have the right one for
the site you’re using. The Yubikey Edge is one such
option, and it has some limited configurability that
might enable it to do the job of several other devices.
Physically the Edge looks like a slimline USB
memory stick. It’s a couple of millimetres thick, but
with enough rigidity to survive life alongside keys and
coins in an average purse or pocket. There’s a small
touch-sensitive panel on one side, which acts as a
button to trigger its operations.
The Edge has two software “slots” for holding
different authentication protocols, and comes
preconfigured with Yubico’s proprietary OTP (one-time
password) authentication system in Slot 1. This works
After two years’ use, the
on a limited number of sites, most notably LastPass. use Yubico’s authentication servers for your projects,
worst scratches on our
com (provided you subscribe to its Premium tier Yubico has a GitHub repository containing the source classic Yubikey (left) came
for $12 per year). In this mode the Edge behaves for a BSD-licensed authentication server. from removing the keyring
like a USB keyboard, so it works across operating A graphical configuration tool is used to set either for this photo!
systems without the need for drivers. After supplying slot to support Yubico’s one-time password, a static
your username and password you’re prompted to password, OATH or a challenge–response protocol.
touch the button on the device, at which point a Note that some of these modes require support
DATA
one-time password is “typed” into the computer and applications to be installed on your machine, which
authenticated against Yubico’s servers. isn’t always as simple as it should be. Nevertheless, Web
having a choice of protocols means that the Edge can www.yubico.com
Developer
Secure your own site be used across many more websites than a single-
Yubico Inc.
Several plugins and libraries are available that can be protocol device. Installing the configuration tool was Price
used to add support to other sites, including those easy on Linux Mint, thanks to Yubico’s use of a PPA £25
built on Django, Drupal and WordPress. There’s also a for Ubuntu-based machines, but the tool is perhaps a
PAM module that can be used to add an extra layer of little too comprehensive, and could do with a simpler
login security to your computer – ideal if you expose “Wizard” mode to step through the setup for some
an SSH connection to the world. If you don’t want to mainstream websites.
All these features are also available on the classic
Yubikey at a lower price, but the Edge offers one more
protocol that doesn’t occupy either of the two slots:
Fido U2F. You can read more on p42, but suffice to
say that you can already use it with Google accounts.
In a world of cloud services it makes sense to use
two-factor authentication when you can. With support
for two protocols plus U2F there’s bound to be some
way in which the Yubikey Edge can be used to help
secure the computers or websites you use.
LINUX VOICE VERDICT
For Google and LastPass this works
brilliantly, but for other sites it’s more
complex than it should be.
The configuration tool is powerful, but presents too many
options for most users.
www.linuxvoice.com 53
� REVIEWS OPERATING SYSTEM
NetBSD 7
Mike Saunders tries an operating system that will run on just about anything.
I
n a world dominated by x86-64 and ARM doesn’t try to hold your hand and makes you pay
DATA processors, NetBSD’s portability may not be attention instead, but it could all be smoother.
Web
something to shout from the rooftops. Sure, it After installation NetBSD boots quickly, the
www.netbsd.org runs on a whopping 57 platforms, from generic documentation is superb, and it’s not hard to spruce
Developer white-box PCs and the Raspberry Pi through to it up into a more usable desktop or server system.
NetBSD Project Amigas and fridge-like VAX beasts from the 1980s. Point the PKG_PATH environment variable at an FTP
Licence But what does all this matter when 99% of users are package mirror, run pkg_add xfce4, and you have
FOSS licences
running x86 or ARM boxes? a good-looking desktop environment. The usual
Well, porting code to other architectures often favourites are available too in the repository of over
makes it easier to find subtle bugs and security 15,000 packages (x86-64): Firefox 38, LibreOffice
issues. The OpenBSD team maintains ports for some 4.4, KDE 4.14 and almost any open source desktop,
rather old and obsolete hardware for this purpose. development or server program you can name.
But NetBSD is also positioning itself as a research
project – a place to try new innovations. Running Shiny new toys
Linux on a home PC is great, So, what’s new in NetBSD 7? Desktop users will
“NetBSD is positioning itself but it doesn’t win as many
geek points as writing driver
welcome improved support for recent Intel and
Radeon graphics chips, thanks to a port of the Linux
as a research project – a code in Lua inside NetBSD DRM/KMS drivers. X.Org has been updated as well.
place to try new innovations.” running on the same SGI
computers used to render
NetBSD lags behind Linux and FreeBSD when it
comes to PC hardware support and performance, but
bad guy in Terminator 2. with the right kit it makes a usable workstation OS, so
But anyway: NetBSD 7 just hit release candidate this is another good step forward.
stage, after three years of development, and brings As you’d expect from a much-ported OS, this
various new goodies. Its installer hasn’t changed release also brings support for the myriad ARM
much since previous releases, being a text-mode boards that have cropped up in the last couple of
menu-driven tool that’s somewhat easier to use than years. NetBSD 7 not only works on the Raspberry
OpenBSD’s entirely command-line installer, but not Pi (including version 2), but also the Odroid-C1,
quite as versatile as BSDInstall (as used in FreeBSD). Banana Pi, Cubieboard 2 and various models of
Our main gripe with NetBSD’s installer is the lack the BeagleBone. Meanwhile, Lua scripting support
of time-saving options. Sure, this operating system has been added to the kernel – something of a
Pretty much every open
isn’t designed for newbies, but if the installer asked a controversial move, but the goal is to make it easier
source program you can
name runs on NetBSD, few extra questions (eg what hostname to use, and to prototype new features and drivers before writing
including Xfce. On desktop whether you want to enable DHCP on boot) it’d save them in C for better performance. Improvements
PCs you’re better off with a lot of fiddling around with the (admittedly excellent) have been made to the USB stack on multiprocessor
FreeBSD, though. ‘afterboot’ manual page. Yes, it’s good that NetBSD platforms, along with the network packet filter, and the
base system is built with GCC 4.8.4.
Is there any reason to use NetBSD over the other
*BSD flavours, or indeed Linux? If you’re running
standard x86 PC hardware, the answer is: not really.
FreeBSD and OpenBSD (especially on ThinkPads)
do a better job there. But if you have some really old
or obscure hardware that you’d like to revive, like an
ancient Acorn box, it’s your only choice. Plus, the in-
kernel scripting is a daring move, and we’d like to see
NetBSD position itself as an experimental OS which
doesn’t shy away from innovations that more “reliable”
OSes turn down.
LINUX VOICE VERDICT
Some bold changes and much broader
support for ARM boards make NetBSD
7 a worthy release.
54 www.linuxvoice.com
� LINUX MINT REVIEWS
Linux Mint 17.2 aka Rafaela
Ben Everard looks for some cool refreshment to counteract the fiery
heat of the British summer.
I
n May 2014, the Linux Mint project changed the
way it builds its distro. Previously, it had released a
version every six months, and each distro was
built upon the latest version of Ubuntu. Since Mint
came out around a month after the Ubuntu release,
and the majority of Ubuntu releases are only
supported for nine months, most Mint releases only
got support for eight months. Both Ubuntu and Mint
released a Long Term Support version once every two
years, but this only received security updates.
Starting with version 17, Linux Mint bases all its
releases on the previous Ubuntu LTS. This means that
17.2 is based on Ubuntu 14.04, which was already
well over a year old at the time of Mint’s release.
Rafaela (as 17.2 is known) is the third release in the
The Cinnamon (shown
17.x series, all based on the same version of Ubuntu. computer users – the sort of users who doesn’t
here) and Mate versions of
There will be one more release in the 17.x line before take great pleasure in frantically grabbing the latest 17.2 came out in time to be
development switches to a more recent base. After software as soon as it comes out, and the sort of user first, followed by KDE and
this, 17.x won’t be abandoned, but will continue to get who doesn’t care too much about endlessly tweaking Xfce versions.
security updates until 2019. This should mean that their machine.
updates go much more smoothly both from previous
installs in the 17 line, and to the next release. Considerate refinement
A little more is changing at the lowest level than we These regular users will also appreciate the
DATA
were expecting. Rafaela comes with kernel version redesigned system settings that make it easier to
3.16 rather than 3.13 (which powered 17.1). This is find and change the basic properties of the operating Web
still quite a bit behind the most recent kernel, but it system. There are also some other tweaks and www.linuxmint.com
Developer
should give some improvements for newer hardware. performance improvements, but for most people, the
Clement Lefebvre
Rafaela comes with new versions of most of the biggest advantage of this release will be the newer and the Linux Mint
key pieces of software. LibreOffice 4.4, Cinnamon 2.6 software that comes with it. community
and Firefox 38 all feature in the latest release. Less Of course, if you’re reading this, there’s a good Licence
common pieces of software don’t get updated, and chance you’re a tinkerer who likes to have control of Various
will still be the version from a year ago. the heart of the system. For people like this, Mint’s
The new release process and the focus on providing slick exterior can present a bit of a road block, and
up-to-date software is A Very Good Thing for regular the slow updates to the core could be frustrating.
However, if you think these are problems, then you’re
not the sort of person targeted by Linux Mint.
Previously, Mint has done a great job of building
software to target ordinary computer users, but
has been forced to follow the release pattern of its
parent distro. By loosening the ties with Ubuntu, it
has been able to focus its whole system on the key
demographic, and has created a distro with a long,
slow release cycle that has built up into a slick release
that has both the stability of a long-term release and
the latest software of faster releases. The result is
probably the best version of Linux for regular users
that’s ever been created.
LINUX VOICE VERDICT
If you want a stable, easy-to-use sytem,
Linux Mint 17.2 is the distro for you.
The new settings application is better than its
predecessor, but isn’t a game-altering change.
www.linuxvoice.com 55
� REVIEWS BOOKS
Fire In The Valley: The Birth and Death
of the Personal Computer (3rd Edition)
Ben Everard dons his pink spectacles and tie-dyed t-shirt and travels in time.
F
ire in the Valley purports to be a By skirting round the computing
book on the history of the personal revolution that was happening around the
computer (hence the sub title). world, Fire In The Valley tells only half the
It’s not. It’s a book on the history of the story of the personal computer. It does,
personal computer told through the myopic however, tell that half of the story quite well.
viewpoints of American technologists. While Swaine and Freiberger have take the time to
Silicon Valley plays an important role in the speak with many of the people who made
history of the computer, many important Silicon Valley what it is. If only it looked a
parts of the story happened elsewhere. Take, little further afield, this could have been a
for example, the part played by Acorn and great book on the computer.
ARM in the UK. While these may not have
been huge players on the world stage during LINUX VOICE VERDICT
their first act in the 90s, the technology that Author Michael Swaine and Paul Freiberger
started with British computers came back Page
to form the heart of most mobile systems. Publisher Pragmatic Bookshelf
Price $34.00
Likewise, the story of the smartphone is told ISBN 978-1937785765
from the perspective of Apple and Steve
Excellent coverage of half the story of the
Jobs, but in reality RIM’s BlackBerry created personal computing revolution.
the mobile computing revolution long before The third edition brings the book up-to-date
the iPhone came out. with the latest trends in computing.
Raspberry Pi Home Automation
with Arduino (second edition)
Ben Everard fears the day that his house will be more intelligent than him.
T
he problem with home automation If you’re looking for a book on sensing the
is that it’s hard. Not the sensors or environment, and providing a web interface
the processing side of things, but the to this data, then you should find Raspberry
part that actually enables you to make some Pi Home Automation with Arduino a good
difference in your house. The first project in read. It’s a well-written and engaging book,
this book, for example, is about monitoring but won’t help you build the house of the
and controlling temperature. However, future. In some projects, the author uses the
interacting with a heating or aircon system Cooking Pi addon to allow Arduino shields
is difficult. This project neatly sidesteps this to connect to the Pi, but this could easily be
by turning a fan on or off. This makes the replaced by just using an Arduino Uno.
hardware far easier to control, but at the
same time means it’s not really very useful LINUX VOICE VERDICT
for most people’s home automation. Author Andrew K Dennis
Thus the book goes on with projects that Publisher Packt
are interesting in their own right, but that Price £18.99
ISBN 9781784399207
don’t provide any meaningful automation for
Good information on sensing and reporting the
your home (you’ll get an email when a parcel environment, but little about home automation.
is delivered or if the level of damp in your Be very afraid – a giant CPU is trying to devour
shed rises too much). your home.
56 www.linuxvoice.com
� REVIEWS BOOKS
Amazon Kindle Paperwhite 2015 ALSO RELEASED…
Graham Morrison just can’t resist the force of the dark side .
W
e know. This is a book review
section and this isn’t a book.
Also, Amazon is one of
the worst offenders when it comes to
binding its digital books with DRM. But This book
we love reading, and its Paperwhite range contains nothing
The battery lasts
of e-readers are some of the best in a the god of
weeks, even with
shrinking market. They’re light, good value, biomechanics
the excellent
long lasting, and most importantly, very wouldn’t let you
and subtle LED
into heaven for.
comfortable to read from – light years backlighting.
ahead of glossy tablets and smartphones. Bioinformatics Data Skills
The latest version is also a very worthwhile epubs into Kindle’s specific formatting, Blade Runner’s Roy Batty has an incept date of
upgrade. The screen is now 300dpi, removing our major issue with Amazon’s 8th January 2016, so we’d better get our
making the text very close to print, and locked-in hardware. If you’re happy to live skates on if we’re going to upgrade our Nexus
5s in time. This is the book that’s going to help,
more impressively for us, the new font, with this compromise, it’s brilliant.
providing data skills that turn large datasets
word spacing and kerning algorithms fix into reproducible biological findings.
Kindle’s longstanding rendering flaws. LINUX VOICE VERDICT
We’re also happy to report that we Author Amazon
tested the latest device with the awesome Manucturer Amazon
Calibre application, which we use to Price from £109.99
ISBN na
manage our collection of ebooks. We were
If it weren’t for the DRM, we’d give Amazon’s
able to remove DRM and migrate our e-reader 5/5. It’s perfect for avid readers.
reading list to the new device, and Calibre
did a great job converting Linux Voice
Learn all the
essential
Python in Education keyowrds.
After splashing out on a Kindle, Graham Morrison finds books for free Hadoop Application Architectures
Keeping it in the realm of large data sets,
I
Hadoop is one of those technologies that can
f you’re willing to spend some time add serious kudos to your CV, and there aren’t
looking, there are vast libraries of that many books that tackle the subject. This
free books available. Of course, is a huge volume with some excellent authors
there’s the huge range of out-of-copyright that should give you the job interview edge.
classics curated by Project Gutenberg,
but there are also sources you might
not expect. O’Reilly, for example, makes
out-of-print titles available for free, as well
as hosting The Cathedral and the Bazaar
and Stallman’s Free as in Freedom. It also
regularly releases transcriptions and other
content as ebooks, such as Tim O’Reilly’s
recent conversation with Cory Doctorow.
Python in Education is one such title. Learn how to
We’ve picked it out because it’s a brilliant, It’s a little on the short side, but it’s excellent. write a game
slow-paced non-technical primer that will in Python!
help to get people interested in LINUX VOICE VERDICT Python Games Development
programming, whether they’re in education Author Nicholas H Tollervey There are few things more enjoyable than
or not. It’s only short, but it’s the part of a Publisher O’Reilly writing your own game, and the combination of
Price $0 Python and PyGame makes it easier than ever.
programming book that’s often omitted.
ISBN 978-1-491-92462-4 This is the second edition of a book that
And because it’s free, it’s perfect for
Perfect for programmers, teachers and promises to help beginners tap into their
sharing or sending to people you think students who need a good primer. gaming potential.
may be interested, but don’t know how or
where to start.
www.linuxvoice.com 57
� GROUP TEST SERVER DISTROS
SERVER GROUP TEST
DISTROS Mayank Sharma is on the lookout for an easy-to-deploy server to
manage his small home office.
On test Server distros
T
hanks to the loaded large companies, we are looking for
CentOS software repositories of the server distros for non-critical setups
URL www.centos.org popular Linux distros, you that can be managed by someone
VERSION 7.1 can easily convert a standard with good enough network
LICENCE GPL and others desktop distro into a server distro in management skills.
How does the popular no-frills distro no time. While these might serve
stack up against the competition?
well for a limited time or a limited One stop shop
number of users, they cannot This is why we’ll be keeping an
ClearOS replace a dedicated server distro. eye out for distros that are easy
URL www.clearos.com These specialised distributions are to deploy, configure and manage.
VERSION 6.6 designed from the ground up with a We have on test distros with a
LICENCE GPL and others rock-solid foundation to cover all proven track record as far as
Can the CentOS-based distro beat the the infrastructure requirements of stability is concerned and the only
master at its own game? a network. distinguishing element between
Between the single-use web them is their ease of configuration.
Fedora Server server and a prolific data centre
lies a huge segment of users and
Although configuring a server distro
isn’t for the faint of heart, some go
URL www.getfedora.org
use cases that require a server to the extra mile to help you tweak
VERSION 22
LICENCE Various free software licenses manage and allocate resources and the various components to your
A bleeding-edge server? Really? services to its workforce. These satisfaction without mucking about
setups need a well-integrated with configuration files.
solution to manage their network Configuration aside, managing
services, such as internet access, and monitoring a server distro is an
NethServer network security, network ongoing process. While it’s possible
URL www.nethserver.org infrastructure monitoring and share to install tools that will help you
VERSION 6.6 resources among its users. keep an eye on your server, distros
LICENCE GPL
While the idea of running all that come with these tools pre-
Will this relately unknown contender
services on a single server is a installed are rated higher than those
prove to be a darkhorse?
hair-raising thought for admins of that aren’t.
Ubuntu Server
URL www.ubuntu.com/server “We’re testing distros with a proven track
VERSION 14.04 LTS
LICENCE GPL and others record as far as stability is concerned.”
Can it replicate the success of its
desktop sibling on the server?
The Raspberry Pi server
Zentyal The Raspberry Pi has always been
popular as a single-purpose home server
a lightweight web server like lighttpd
instead of Apache. You can even use
URL www.zentyal.org due to its minuscule size and power distros like DietPi that install a minimal
VERSION 4.1 requirements. The new Pi v2 with base that you can then flesh out as a
LICENCE GPL and others fleshed-out specs makes even more seed box, a FTP server, a media
Does this popular alternative to sense for home servers that serve a streaming server and more. There’s also
Windows Server still have what it takes? limited number of users. Many people the upcoming ArkOS distro that converts
use the Pi as a personal web server with the Pi into your own secure cloud.
58 www.linuxvoice.com
� SERVER DISTROS GROUP TEST
One job servers
For specialised deployments.
I
n addition to the server platforms you from the internet, firewall distros are Several commercial options are available
covered in this group test there are designed to set up a secure gateway as well including the Debian-based Untangle
several specialised flavours of Linux that between the internet and their home or distro. It supports pluggable modules for
serve a single purpose. These distros are office machines. IPFire is one of the most network applications such as spam blocker,
aimed at providing a specific functionality popular firewall distros that’s quite easy web filter, virus blocker, bandwidth control
and are not intended to be used on the to configure and deploy. Another popular and more. You can install all of these from
desktop or as a multi-purpose server. choice is Smoothwall Express, which the browser-based interface with a single
While most Linux distros let you configure offers a web-based GUI and doesn’t require click. The default configuration for these
iptables to setup firewalls and protect familiarity with Linux to set up. apps should suffice for most users.
CentOS
Worth every cent.
C
entOS delivers the promise of an
enterprise-grade operating system
without any cost. Over the years the
distro, built using open source SRPMs from
the Red Hat Enterprise Linux distribution,
has become popular with hosting
companies and businesses that have
in-house Linux expertise and don’t want to
pay for RHEL support. The project backs up
the software with 10 years of support, which
makes CentOS particularly attractive for any
kind of server rollouts.
From the installation up to the desktop, Once they start delivering, the Special Interest Groups releases will help break the massive CentOS
CentOS mimics RHEL, as the CentOS project into easily deployable chunks.
developers only strip RHEL-specific branding
and artwork, and strive to maintain 100% CentOS repositories. Besides the primary to the project target use cases that haven’t
binary compatibility with the upstream repositories the project provides several been addressed by the CentOS project till
release. The distro uses the Anaconda additional repositories, and you can also date. There’s also a Simplified Linux Server
installer and can be used with Kickstart to use the EPEL (Extra Packages for Enterprise SIG awaiting approval.
run installations across multiple machines. Linux) repository, which includes several The server distro is one of the few popular
During installation you can customise additional third-party apps to flesh out the ones that doesn’t have a formal paid support
the package selection and pick one of installation as an enterprise desktop. structure yet, although there are a number of
the predefined server types including CentOS tracks the development of RHEL companies that support CentOS. Thanks to
infrastructure server, web server, file and and its releases are influenced by the its mature community the project has loads
print server, and even a server with a GUI. release schedule of the upstream distro. The of documentation to help you assemble
distro has received some flak in the past your own server, besides the regular
All about choice for delays, but last year’s partnership with avenues of interaction and troubleshooting,
Each category of server has customisable Red Hat, which now has some key CentOS such as forums, mailing lists and IRC. Also,
add-ons that you can install. For example, developers on its payroll, will negate that while the distro is 100% binary compatible
the Infrastructure server option offers a factor and bring some formal structure to with RHEL and should work on all hardware
Backup Server option as well as a File and the project. that’s certified by Red Hat, as of CentOS v7
Storage server. One useful option is the One of the key developments has been the project only puts out releases for the
‘Compatibility Libraries’ that help you run the formation of special interest groups x86-64 architecture.
apps built for previous versions of CentOS. (SIGs) that focus on particular projects
Aside from the normal install-only within CentOS. Although these SIGs haven’t VERDICT
images, the project also occasionally released any variants as of now, there are One of the best open
source server platforms
releases special ISO images including an some interesting ones that have been that offers stability at the
installable live CD. You’ll find all popular open approved. Of note are the Cloud instance expense of ease of use.
source server software under the official SIG and the Atomic SIG, which according
www.linuxvoice.com 59
� GROUP TEST SERVER DISTROS
Fedora Server
A hat trick.
S
tarting with Fedora 21, the that stand out in Fedora Server is
project has split its offerings into the Cockpit server management
three separate releases, with one application. The app enables an admin
dedicated to crafting servers. Unlike to manage and administer Fedora
usual server distros with long term Server deployments via a web browser.
release cycles and stable software, Using Cockpit you can inspect the
Fedora Server bucks the trend by filesystem and manage services, like
putting out releases every six months a small-scale version of Red Hat’s
with bleeding-edge software. Spacewalk server management effort.
Installing Fedora Server isn’t much The other standout feature of the
different from installing a regular release is the rolekit daemon, which Use Cockpit to manage the Fedora deployment with ease.
Fedora Workstation release. You do enables the server to easily spin up
however get the option to choose a service or an application on top of PostgreSQL-based database server role.
the kind of server you wish to roll out. the base server offering. As of Fedora The Fedora family of releases also
The install offers four broad-base Server 22, the distro only supports includes a Fedora Cloud product that’s
environments for the server including two roles: a FreeIPA-based domain available in two flavours; a base version
a minimal server and an infrastructure controller that interoperates with and an Atomic version optimised for
server. You can also optionally install MS Windows environments; and a Docker container deployment.
add-on servers for the selected
environment such as a directory server,
an FTP server, a load balancer and a lot “Fedora Server puts out VERDICT
more. The latest release, Fedora Server releases every six months
with bleeding-edge software.”
The newest entrant that’s
22, defaults to the XFS filesystem. still finding its feet.
One of the two components
Ubuntu Server
Coming up a cloud.
A
t first glance, Ubuntu Server years. While it can function as a
just looks like a streamlined standalone infrastructure server,
version of the desktop version. Ubuntu Server has made a name
It uses the same repositories as the for itself for building and managing
desktop offering, doesn’t ship a OpenStack-based cloud computing
graphical desktop and uses a text- platforms. Canonical also has
mode installer instead of a graphical specialised tools such as Juju for
one. But the distro starts to come into managing OpenStack installations.
its own during installation. Ubuntu Server images are published
If you’ve got Ubuntu’s Metal as a directly into AWS, though it’s certified
Service (Maas) controller you can as a guest on other cloud computing Ubuntu Server is also popularly used for deployment on
provision Ubuntu Server on multiple platforms as well, including Microsoft Amazon’s Elastic Computing Cloud (EC2) service.
computers at once. During installation, Azure, Joyent, IBM and HP Cloud.
the server displays a software selection With Landscape you can automate
screen that lets you install various Paid-for support updates and manage physical, virtual
servers including OpenSSH Server, Canonical also offers commercial and cloud-based systems. The project
DNS Server, LAMP Server, Mail Server, support services around Ubuntu Server also works with hardware vendors and
PostgreSQL Server, Tomcat Java as part of its Ubuntu Advantage has a list of certified hardware on its
Server, Virtual Machine host and more. program, which caters to both website.
If you want more control, the installer standalone and cloud deployments.
also lets you select packages manually. The support package includes technical VERDICT
A popular platform for
Ubuntu Server is released every support as well as its Landscape deployment on certified
two years along with the Long Term system management and monitoring cloud platforms.
Releases and is supported for five tool and a library of technical articles.
60 www.linuxvoice.com
� SERVER DISTROS GROUP TEST
NethServer Ye olde server
Point-and-click deployments.
distros
For servers, older is very
often better.
S
tability is the most celebrated and
sought-after quality when hunting for a
server distro. There are some distros,
like Debian and Slackware, which have
established themselves as incredibly stable
since time immemorial. While Debian has
made considerable effort over the past several
releases to be also seen as a competent
desktop distro, the two old hands of the Linux
community remain the ideal choice for hosting
servers for most experienced administrators.
Package management and the densely
Use NethServer’s Software Centre to flesh out your server. populated software repositories are another
reason for Debian’s enormous popularity. The
A
lthough server deployments Once you’ve installed a module, you debian-security repository ships critical
require a certain level of expertise can browse through and install any updates and ensures maximum uptime for
and understanding of the base of its optional modules. The Software Debian-powered servers.
technologies, sometimes you need to Centre also keeps tracks of any updates Rolling release distros aren’t everyone’s
deploy servers in a snap. Setting up the available for the installed modules, which first choice for a server distro. This is because
popular server platforms is an involved will only be installed after you explicitly even a single update can break a rolling-
process and involves pulling server ask them to. In addition to the various release distro. And yet Arch and Gentoo, two
software and manually editing the servers, NethServer also lets you install of the most robust rolling-release distros
configuration files in a text editor. While localisation strings for popular languages on offer today, are also popular choices for
there are deployments that require this which makes the server accessible to non- hosting Linux servers. This is because these
kind of meticulous involvement, most can English speaking users as well. two distros provide users a huge degree
use some level of automation. of control over what runs on their system.
The NethServer distro started as a fork Hut-two-three-four Their minimalist credentials and ability to
of SME Server with the goal of easing the The web interface also gives you access be moulded to serve any use case makes
configuration of the servers. The distro is to the tools to manage your NethServer them a popular choice for administrators
based on CentOS and helps you roll out all installation, such as the dashboard, which who are dissatisfied with the default software
kinds of servers without mucking about gives you an overview of various selection on most server distros. With the
with configuration files. You can deploy parameters including disk usage. Then powerful Portage and Pacman tools, Gentoo
and configure just about every aspect of there’s the Log Viewer that lists log files and Arch respectively enable experienced
your deployed servers through a browser- for all installed services. You can also administrators to flesh out their installations
based interface. tweak several aspects of the server with ease.
Like CentOS, NethServer is available including its network settings from under
only for 64-bit machines as an the Configuration section of the interface.
installable ISO. After going through its NethServer is developed by Nethesis,
straightforward installation process which offers commercial services and
you’re left with a base system. From support packages for the server. It also
here on you’ll have to log into its web has a very active engagement with its
interface to flesh out the installation. community of users. The next version
The distro’s Software Centre lists all the of the distro will be based on CentOS 7
supported servers. This list can be filtered and will including support for Docker and
by category, such as ‘base system’ and several new modules including one on the
‘firewall’. Using the Software Centre you Asterisk open source PBX.
can easily convert the base NethServer
installation into a file server, an email VERDICT
Includes essential servers If you need configurability, try Arch as a server
server, a XMPP-based instant messaging in an easily deployable distro (read the wiki first!).
server, an OwnCloud server, an Apache package.
web server and more in a couple of clicks.
www.linuxvoice.com 61
� GROUP TEST SERVER DISTROS
ClearOS vs Zentyal
Servers in a jiffy.
C
learOS and Zentyal are two
distros that have made a name
for themselves among users
who’d rather defer the complexities of
setting up a server to an expert and
swap the nuances for the convenience
of a point-and-click interface and the
promise of quick deployment.
Both offer no-cost freely
downloadable community-supported
editions, and also offer commercial
services based on their products.
The projects also have ample
documentation, user manuals and
support options, and both distros let
you test their commercial offerings for
30 days.
While there are many similarities
between the two, both stem from You can buy individual modules or take out a support subscription which includes all paid modules.
different underpinnings. ClearOS is
based on the CentOS distribution, and certificates. Once installed, you can be used inside a protected network
Zentyal uses Ubuntu Server as its base. configure these services from the web (like an office), in a publicly accessible
Like most server distros, setting interface itself. The components are network (like a hotspot or a data center)
up Zentyal and ClearOS is a rather nicely integrated: for example, if you or as a Gateway server. Also, unlike
straightforward affair. Once installed install the OpenVPN server and go Zentyal, ClearOS requires you to create
Zentyal boots to a minimal graphical straight ahead to configure it, you’ll be an account and register your installation
desktop, and if you have a headless asked to first create a CA certificate with ClearOS HQ before you can access
server, you can also bring up Zentyal’s using the certification module that its server apps and services.
web interface on any computer and was installed automatically. You can ClearOS supports over 82 free
configure the server remotely. also use Zentyal to host other kinds of services for various roles including a
You can easily convert a base servers, such as the Apache web server. network server, a gateway server, a
Zentyal installation into a domain cloud server and more. In addition to
controller and file sharing server, a mail The clear advantage common servers such as a directory
and groupware server, a DNS server, a One of the biggest advantages of server, database server, mail server,
DHCP server or a Firewall server. You ClearOS is its larger repository of web server, FTP server, content filter
can also use this server to filter email, supported server software. During and more, you can use the installation
scan for viruses, manage printers, installation, you’ll be asked to select as a seedbox and a Plex Media Server.
VPNs, and issue and manage secure whether your ClearOS installation will There are also several system and
network management tools for creating
backups, managing bandwidth,
RAIDs, access control lists and more.
New admins who aren’t sure of the
components they should install can
use the Feature Wizard, which helps
pick services depending on the type of
server they wish to roll out. Like Zentyal,
the components are tightly integrated
and direct you to configure other
services they depend on.
VERDICT
ZENTYAL Delivers CLEAROS Packs a
everything it promises. wide range of servers
in an easily accessible
interface.
Zentyal’s dashboard is made up of several widgets that you can move as per your needs.
62 www.linuxvoice.com
� SERVER DISTROS GROUP TEST
OUR VERDICT
Server distros
P
icking the best server distro your Yum package management ClearCenter offers support options starting from $60, including the
isn’t as simple or skills), the new SIGs initiative ability to back up your configuration to its remote servers.
straightforward as picking will help churn out fine-tuned
the best desktop distro. That’s versions of the distro for particular 1st ClearOS
because a server can mean purposes. Similarly, while you
Licence GPL and others Version 6.6
different things to different people. can use Ubuntu Server for any
For some it could be as simple as a kind of server deployment, the www.clearos.com
file sharing server that’s used by a distro’s infrastructure is focused Offers the most number of servers but has some peculiarities
dorm full of students, while for on supporting rollouts on cloud such as mandatory registration.
others it could be a complex platforms. The latest entrant to
combination of email and instant the list is Fedora Server, which 2nd NetServer
messaging server for a building full offers the opportunity to roll out Licence GPL Version 6.6
of white collar workers. Also, unlike special-purpose servers, pretty
www.nethserver.org
other tools and distros we really much like CentOS. However, its Offers the most common and popular servers for a SOHO
couldn’t properly shakedown a implementation too is still in early deployment.
server distro (let alone six) in the stages and only offers limited
limited time we have between deployment targets. 3rd Zentyal
“The real fight for the top spot is between
Licence GPL and others Version 4.1
Zentyal, ClearOS and NethServer.”
www.zentyal.org
An easy-to-manage distro that works great as a gateway server.
issues – it takes months to get The real fight for the top spot 4th CentOS
under the skin of a server distro if is between Zentyal, ClearOS and Licence GPL and others Version 7.1
you do it properly. NethServer, because of their lower
www.centos.org
Some old school admins who entry barriers and the expansive
Designed for environments that value stability more than
still prefer to build their servers list of supported servers. Since anything else.
from the ground up wouldn’t be too they are all equally easy to use, it
impressed by the conveniences really comes down to the number
of servers and services they offers.
5th Ubuntu Server
offered by the likes of Zentyal,
Licence GPL and others Version 14.04 LTS
ClearOS and NethServer. However, Zentyal comes at the bottom for
using these distros you can roll offering the fewest server options, www.ubuntu.com/server
out complex server solutions in a followed by NethServer and topped Makes sense on the cloud with its commercial deployment and
fraction of the time it requires to set by our winner, ClearOS. While management tools.
them up by hand. ClearOS does offer the maximum
That said, although CentOS number of possibilities for fleshing 6th Fedora Server
doesn’t include any GUI tools to out the base installation, it isn’t Licence Various free software licences Version 22
help you set up the server (and suitable for all – most notably
www.getfedora.org
you’ll have to be comfortable with OwnCloud, which is best rolled out
A new release designed for setups that need the newest features.
the command line and brush up on top of NethServer.
Ease of setup/rollout Management tools Release cycle Paid services
CentOS Involved N Follows upstream N
ClearOS Easy Y Follows upstream Y
Fedora Server Involved N Every 6 months N
NethServer Easy Y Follows upstream Y
Ubuntu Server Involved N Every 24 months Y
Zentyal Easy Y Every 3 months Y
www.linuxvoice.com 63
� SUBSCRIBE
SUBSCRIBE shop.linuxvoice.com
Introducing Linux Voice,
the magazine that:
Gives 50% of its profits
back to Free Software
Licenses its content
CC-BY-SA within 9 months
12-month subs prices
UK – £55
Europe – £85
US/Canada – £95
ROW – £99
7-month subs prices DIGITAL
UK – £38 SUBSCRIPTION
Europe – £53
US/Canada – £57
ONLY £38
ROW – £60
Get 114 pages Access our Save money on
of tutorials, rapidly growing the shop price
features, interviews back-issues archive and get each issue
and reviews – all DRM-free and delivered to
every month ready to download your door
Payment is in Pounds Sterling. 12-month subscribers will receive 12 issues of Linux Voice a year. 7-month
subscribers will receive 7 issue of Linux Voice. If you are dissatisfied in any way you can write to us to cancel your
subscription at subscriptions@linuxvoice.com and we will refund you for all unmailed issues.
64 www.linuxvoice.com
� NEXT MONTH
NEXT MONTH IN
ON SALE EVEN MORE AWESOME!
THURSDAY
Physics in Blender
20 AUGUST Make things fall,
bounce and collide
with the most
powerful (and most
SCIENCE
complicated) 3D
rendering suite you’ll
ever need.
Inside ORG
The Open Rights
Group does good
things on our behalf;
lobbying politicians,
campaigning and
fighting the good
fight. Here’s what
they’re up to now.
WordPress
SCIENCE IS AWESOME! The power behind
Kanye West’s blog
can be in your
From the ISS up in space to the Large hands. All you need
Hadron Collider under Switzerland, Free to supply is the
inspired talent to fill
Software is used in all the best projects. Find it with the greatest
out how and why scientists love Linux. content in the world.
LINUX VOICE IS BROUGHT TO YOU BY
Editor Graham Morrison Editorial consultant Nick Veitch through the use of advice in this magazine. Copyright Linux is a trademark of Linus
graham@linuxvoice.com nick@linuxvoice.com Experiment with Linux at your own risk! Torvalds, and is used with permission.
Deputy editor Andrew Gregory Distributed by Marketforce (UK) Ltd, Blue Anything in this magazine may not be
andrew@linuxvoice.com All code printed in this magazine is licensed Fin Building, 110 Southwark Street, London, reproduced without permission of the editor,
Technical editor Ben Everard under the GNU GPLv3 SE1 0SU until April 2016 when all content (including
ben@linuxvoice.com Tel: +44 (0) 20 3148 3300 our images) is re-licensed CC-BY-SA.
Editor at large Mike Saunders Printed in the UK by ©Linux Voice Ltd 2015
mike@linuxvoice.com Acorn Web Offset Ltd Circulation Marketing by Intermedia Brand ISSN 2054-3778
Creative director Stacey Black Marketing Ltd, registered office North Quay
stacey@linuxvoice.com Disclaimer We accept no liability for any House, Sutton Harbour, Plymouth PL4 0RA Subscribe: shop.linuxvoice.com
loss of data or damage to your hardware Tel: 01737 852166 subscriptions@linuxvoice.com
www.linuxvoice.com
� CORETECHNOLOGY
CORE
Valentine Sinitsyn develops
high-loaded services and
teaches students completely
unrelated subjects. He also has
a KDE developer account that
TECHNOLOGY
he’s never really used. Prise the back off Linux and find out what really makes it tick.
Anatomy of a Linux process
If Linux were a living body, processes would be its cells. Prepare yourself for some cyberbiology!
B
eing Linux users, we often spawn speaking, Unix processes are born in what’s Consider a simple command, say, pwd(1).
process in their dozens without really called “forking”: a parent process does a Usually, it is implemented by /bin/pwd (on
noticing it. An innocent command fork(2) system call to create an exact but an embedded system, it could be a BusyBox
like cat /var/log/file | grep something independent copy of itself. Process symlink). What can we learn about it?
creates two, and the Ubuntu laptop on which identifiers (or PIDs) for the parent and its $ readelf -h /bin/pwd
I’m typing these words runs about 150 newborn child are different, and Linux is ELF Header:
concurrent processes. Processes in Linux smart enough not to copy process memory Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00
are a commodity we rarely think about. Yet (which could be costly) unless absolutely 00 00
they are fundamental OS entities, and how necessary. Later, the child process can Class: ELF64
well the kernel handles them directly affects do exec(2) to run a new executable code Data: 2’s complement, little endian
how we work. inside itself. Version: 1 (current)
It’s time to get to know processes better, Linux (and most Unices) store compiled OS/ABI: UNIX - System V
and this Core Tech we’ll glimpse how they binary programs in ELF, which stands for ABI Version: 0
look from inside. It’s not solely about gaining “Executable and Linking Format”. It derives Type: EXEC (Executable file)
brownie points: with new tools and tricks in from the older Common Object File Format Machine: Advanced Micro Devices
your arsenal, you could troubleshoot many (COFF) and is thus a cousin to the Portable X86-64
systems problems much faster. Executive (PE) format, which Windows uses Entry point address: 0x401917
for its .exe/.dll files. ELF is ubiquitous: the What you see is an ELF file header.
Elves of Linuthlorian object files that compilers create, shared You can already say it’s x86 64-bit binary
If I ask: “How do you create a process?”, libraries, and even the Linux kernel itself and executable (EXEC). (Dynamic shared
most of you will probably answer: “I just start its modules are ELF binaries. As a result, libraries have a type of DYN, and kernel
a program”. That’s true, however not all there are many tools (and libraries) to work modules or object files manifest themselves
processes begin at the disk. Strictly with ELF. Here, we’ll stick to one: readelf(1). as REL (relocatable)). The entry point is
where the system starts executing the
program. By the way, it’s not the main()
C function, as you may think, but some
common code residing in a C runtime library.
Internally, an ELF file consists of
“sections”. Sections may contain program
instructions, data, or even trickier stuff
like symbols (see below). You can dump
sections with readelf --sections /bin/
pwd. This will produce a lot of output, so
piping it to less is feasible. Section names
usually begin with a dot. Say, .text stores
a program’s code, and .data is, well, data.
There’s also a .rodata section that stores
constant values. .bss is a placeholder for
your program’s non-initialised data, like
htop(1) is a very powerful process viewer. Note how avahi-deamon changes its name (argv[0]). global variables. It occupies no space on
Everything below the selected entry is a kernel-mode thread. disk and is zero-initialised in memory.
66 www.linuxvoice.com
� CORETECHNOLOGY
Symbols are just names for given have a .interp section. “Interp” is short for
Highest addresses
locations. They are very useful at the “interpreter”, so ld-linux-x86-64.so.2 is
link stage but are usually discarded (or technically an interpreter for dynamic ELF Kernel space
“stripped”, see strip(1)) from the resulting binaries. Don’t confuse it with high-level (here be dragons)
binary. One exception is symbols that come language interpreters, like Python or Perl
from dynamic libraries and are resolved in (see the boxout). Program name
runtime. They live in .dynsym, and you can The dynamic linker is mostly invisible, Environment strings
Command-line arguments
dump them with: but you can influence its operation with ...
Stack
$ readelf --symbols /bin/pwd environment variables. Perhaps the most envp pointers
popular of these is LD_LIBRARY_PATH, argv pointers
argc
Symbol table ‘.dynsym’ contains 70 entries: which contains colon-separated names
Num: Value Size Type Bind Vis Ndx of directories in which to search shared Dynamic Linker
Memmap
Name libraries. Another noteworthy thing is LD_ Some library
Memory-mapped file
... PRELOAD: the linker will look for symbols
3: 0000000000000000 0 FUNC GLOBAL in the library you list here first, before Heap
DEFAULT UND free@GLIBC_2.2.5 (2) proceeding to the usual ones. This way, you
BSS
... can write a custom library to intercept, say, Data
41: 0000000000000000 0 FUNC GLOBAL socket operations, and force the application Program text
DEFAULT UND malloc@GLIBC_2.2.5 (2) to use a proxy. It’s a so called “LD_PRELOAD
You see that even a simple command like trick”; www.inet.no has a real-world Lowest addresses
pwd references several dozens of symbols. example. Finally, let’s mention LD_BIND_
They come from GNU libc library (glibc). The NOW. By default, the linker resolves symbols A typical address space layout for a Linux
listing shows malloc(3) and free(3), which lazily, only when your program accesses process. The arrows show which direction the
are standard ways to allocate and release them. However, if this variable is set, all area grows. Accesses to empty space results in
memory in C programs. Note that symbol symbols are resolved on the program’s a segmentation fault.
values are zero as they are resolved in startup. It takes longer to launch, but after
runtime. With a C++ program, the output will that is more predictable to run (every structure for you:
look slightly different: function call has the same overhead). $ readelf --segments /bin/pwd
$ readelf --symbols hellocpp How do you know if the binary is dynamic ...
and which libraries it uses? Run ldd: Section to Segment mapping:
Symbol table ‘.dynsym’ contains 35 entries: $ ldd /bin/pwd Segment Sections...
Num: Value Size Type Bind Vis Ndx linux-vdso.so.1 (0x00007ffed147d000) 00
Name libc.so.6 => /usr/lib/libc.so.6 01 .interp
... (0x00007f7678c2e000) 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.
18: 0000000000000000 0 FUNC GLOBAL /lib64/ld-linux-x86-64.so.2 hash .dynsym .dynstr .gnu.version .gnu.version_r .
DEFAULT UND _ZNSsC1EPKcRKSaIcE@GLIBCXX_3.4 (0x00007f7678fd0000) rela.dyn .rela.plt .init .plt .text .fini .rodata .eh_
(2) This shows libraries, the actual files that frame_hdr .eh_frame
19: 0000000000601780 272 OBJECT GLOBAL the linker has found on your system, and ...
DEFAULT 25 _ZSt4cout@GLIBCXX_3.4 (2) also load addresses (see next section). As you see, section to segment mappings
Note the names. They don’t look If some library wasn’t found, it will be are far from being one-to-one. Segments
human readable due to the we discuss here are not to be
name mangling that C++
uses to implement function
“Linux processes are organised in confused with x86 ones, like CS
or DS as seen in assembler. The
overloading and other segments; each segment encompasses segments you’ll encounter most
language features. Pipe the
output to c++filt to “decode”
one or more ELF sections.” often are text, data and stack. The
first one stores a program’s code;
the names. data is for global program data;
You may also note sections like .got reported, so you can easily guess what your and stack is used to store local variables
(Global Offset Table) or .plt (Procedure program is missing. For static executables, and to return from function calls.
Linkage Table). They are also used in ldd will simply complain: “not a dynamic Each segment has an associated
dynamic linking: .got stores offsets to executable”. set of permissions. For example, text is
external locations (like library-defined usually mapped read-only, as there are few
functions or variables) and .plt contains Picturing their memories legitimate reasons to modify a program’s
code to lazily bind and call them. Now, when we know how the programs we code on the fly. As the kernel knows text is
Where does the dynamic linker come use daily are organised on disk, let’s see read-only, it can keep only one physical copy
from? (Usually, it’s /lib/ld-linux-x86-64. what they look like in memory. of a shared library in memory, and simply
so.2 in 64-bit Linux.) The .interp section Linux processes are organised in map this single instance to all processes
references it. The kernel notices this fact segments. Each segment encompasses requiring the library.
when doing exec(2) and maps the linker one or more ELF sections. By the way, On the other hand, data and stack are
before your code. Static binaries don’t readelf can already dump the segments usually mapped as non-executable. This
www.linuxvoice.com 67
� CORETECHNOLOGY
006f9000-006ff000 rw-p 00000000 00:00 0
01fc5000-023b3000 rw-p 00000000 00:00 0
[heap]
...
/proc/self is a symlink that refers to the
calling processes entry in /proc. As you
can see, the first “inhabitant’ here is text
[segment]. Note the permissions: text
is read-only and executable. On x86-64
systems, program code is usually mapped
at address 0x400000; 32-bit x86 systems
use 0x08048000.
The non-executable segment of /bin/
bash is read-only data (constants), and the
writable one is simply global data (including
BSS). Then follows the heap: an area where
dynamic memory is allocated when Bash
does malloc(3) (which is again imported
from glibc). There are several different
memory allocators in existence, but the
classical way is to do the brk(2) system call
when you need the heap increased (it grows
pmap(1) prints exhaustive information on the memory map of a selected process.
bottom-up).
Now, please take some time to see
makes common vulnerabilities – such as name, command line arguments and the how different processes on your system
buffer overflows – harder to exploit. It’s still environment are stored. Your program’s organise their virtual memory space. Simply
possible though, so other mechanisms are main() function receives pointers to these dump /proc/<PID>/maps for the process
deployed to keep our systems safe. strings that the kernel also puts on the of interest, but keep in mind you’ll need
One such mechanism is Address Space stack. Officially, main() has the following root permissions to do it for the process
Layout Randomisation, or ALSR. All Linux prototype: main(int argc, char **argv, char not owned by your current user. To make
processes have a predictable memory **envp) – and I bet you never encountered similarities bolder, consider disabling ASLR
layout that we’ll discuss shortly. Knowing it with the third argument. By convention, temporarily. To do this system-wide, run
that, for instance, the stack bottom is at argv[0] is treated as the program name. So if echo 0 > /proc/sys/kernel/randomize_
0xbfffffff, a cracker can make an exploit you carefully strncpy() anything there, ps(1) va_space. You can also disable ASLR per
simpler and more reliable. So, starting and similar will show your process under a process, if you run it as setarch $(uname
with Linux 2.6.12, the kernel adds -m) -R program. Don’t forget to
random offsets to these positions.
Again, this measure alone doesn’t
“Take some time to see how different enable it back when you’ll be done.
The /proc filesystem has much
make vulnerabilities impossible to processes on your system organise more information on running
exploit, but it reduces the risk.
Process address space is split
their virtual memory space.” processes: you can see opened
files, command-line arguments, or
between userspace and kernel the environment, to name just few
space. 32-bit x86 systems use a so-called different name. things. All of this is accessible under the
3/1 split: out of 4GB available, 3GB is left The next area is knows as “memmap”, and /proc/<PID> directory, and is described well
for the user and 1GB (shared between it’s where mmap(2) puts anonymous and in proc(5) manpage.
processes) is for the kernel. Kernel memory file-backed memory maps, including shared
is inaccessible to user code for security libraries. It grows either top-down (default Watching in the wild
reasons. This means that no valid pointer in on x86-64) or bottom-up. As you know, the So far we discussed static views of
userspace code can store addresses above program interpreter (or dynamic linker) is executable files. All these things are worth
0xc000000. On 64-bit x86 systems, address usually mapped first, so you typically see knowing, but there are times you need to
space is split evenly. Both userspace and it at the end of this area. Now, let’s look at peek into processes live.
kernel space are 128TB in size, and kernel the lower part. This is better done on an Consider the following scenario. You’ve
memory starts at 0xffff800000000000. example. Open the terminal and run: got some third-party application, maybe
Now, you can see the userspace part of $ cat /proc/self/maps even as prebuilt binary image. When you try
a process’s virtual memory layout in the 00400000-004ef000 r-xp 00000000 08:02 7212425 to run it, the only thing you get is a vague
diagram. Stack occupies the top of address /bin/bash message like “The program made a boo
space (the highest addresses) and grows 006ef000-006f0000 r--p 000ef000 08:02 7212425 boo” – then it terminates with exit code 1.
down. The default stack size is 8MB, but you /bin/bash You suspect it can’t locate some data or
can adjust this with ulimit -s <new value>. 006f0000-006f9000 rw-p 000f0000 08:02 7212425 configuration file, but how do you know
At the bottom of the stack, the program’s /bin/bash what exactly it is looking for?
68 www.linuxvoice.com
� CORETECHNOLOGY
There are two main tools that may
help. They are similar both in naming and Sharp + Bang = Shebang
operation. The first one is strace (LV016), Today, many applications are written in high- bin/cat is probably one of the shortest programs
and it traces system calls that the program level interpreted languages like Python or Ruby. that prints itself. Dennis Ritchie, “the father of
makes. The second is ltrace, which traces Still, you can execute them the same way as ELF Unix”, introduced the shebang back in 1980. Note
dynamic library calls. binaries. You may type /usr/bin/soffice to start that # denotes a comment for many interpreters,
LibreOffice without even noticing that it’s a shell so shebang doesn’t prevent scripts from being
Both tools rely on a single tracing
script. How does the kernel know to call the right executed directly, like python script.py.
mechanism, ptrace(2), which is also the interpreter in such cases? Different systems may have interpreters
main workhorse behind debuggers like GDB. Shebang is the answer. The shebang is `#!`, installed at different locations, so you often
strace instructs it to trigger on a system call. and if an executable starts with these two encounter a #!/usr/bin/env python construct that
ltrace is a bit trickier. It installs breakpoints in characters, the kernel knows it should really run achieves portability, at least in Linux. The shebang
the program whose absolute path follows them, is in virtually every Unix, but not in the POSIX
the .plt section. Calls to functions in shared
passing the name of the script as a command-line standard: www.in-ulm.de/~mascheck/various/
libraries are dispatched via .plt, so next time argument. This is not limited to interpreters: #!/ shebang summarises existing portability issues.
it happens, ltrace has a chance to intervene.
It is possible to start the process you need
to trace, or attach any of these tools to the call arguments and will print them as $ ltrace /bin/pwd
running one (root permissions required). hexadecimal numbers. We introduced getenv(“POSIXLY_CORRECT”) = nil
When the call is trapped, strace and strace as our Command of the Month back strrchr(“/bin/pwd”, ‘/’) = “/pwd”
ltrace need to decode it before printing in LV016, so let us concentrate on ltrace setlocale(LC_ALL, “”) = “LC_CTYPE=ru_
anything back to you. System calls have today. With the -S command line switch, it RU.utf8;LC_NUMERIC=r”...
known signatures, so it’s tedious but rather can also trap system calls, so you get best bindtextdomain(“coreutils”, “/usr/share/locale”) = “/
straightforward. For an arbitrary third- of both worlds. It can also demangle C++ usr/share/locale”
party library, a special configuration file names with the -C switch. Let’s use it to textdomain(“coreutils”) = “coreutils”
(usually /etc/ltrace.conf) is recommended. see how our guinea-pig, pwd, is doing under getopt_long(1, 0x7ffe40024088, “LP”, 0x404fc0, nil)
Otherwise ltrace won’t be able to decode microscope: = -1
getcwd(0, 0) = “”
puts(“/home/val”) = 10
free(0x1cbc100) = <void>
exit(0 <unfinished ...>
(Functions including underscores are glibc
service routines, and we omitted most them
for brevity.) There’s nothing too surprising
here: pwd(1) calls getcwd(3) and puts the
result on the console. However, with the -S
argument you’ll get much more elaborate
output. It’s lengthy and we won’t reproduce it
here, so please try it yourself. System calls
begin with the SYS_ prefix. You may note
how localisations are mapped (check that
they are really in /proc/<PID>/maps), and
how the heap is extended via brk(2). All
these actions are done in glibc, so you can
program without worrying about low-level
Even GUI debuggers like the one in Qt Creator rely on ptrace(2) for their core functionality. details too much.
Command of the month: objdump & pmap
This issue, we discuss on-disk and in- demangle C++ names (-C) or disassembly and the default one. The latter is much
memory structures. So it feels natural to sections contents. If the program was like /proc/<PID>/maps pretty printer, but
nominate two commands that cover both compiled with debugging information, and it already shows anonymous maps (ie
aspects. you have the sources ready, it will even show areas present but not baked by any file)
Let’s start with objdump. This tool was which line each bit of assembly comes from explicitly. Extended view (pmap -x) shows
originally intended for compiler developers, (-S). how big each mapping is, and which pages
but appears to be also useful for the rest Our second nominee is pmap. It dumps are currently resident in memory (ie not
of us. In this Core Tech context, objdump memory map for the selected process, but swapped out). The device view (pmap -d)
can be seen as an advanced version of does it smarter than mere cat /proc/<PID>/ dumps file offsets and device numbers
readelf. It reads symbols (-t), sections (-h) maps. You can switch between three for the file backing the mapping. pmap -X
or segments (-p) from ELF, but it can also different views: extended view, device view, <PID> brings the best of two worlds.
www.linuxvoice.com 69
� FOSSPICKS
FOSSpicks Sparkling gems and new
releases from the world of
Free and Open Source Software
Our editor Graham Morrison is a fearless explorer of the internet – look,
he’s found some excellent Free Software on his travels!
People mapping
Social Network Visualizer 1.8
D
espite us being a little can teach you about modern ones
cynical about social too, and it’s a mature and polished
networks, especially when it application built on the latest
comes to the wanton abandonment version of Qt.
of privacy they promote, their rise You might start by mapping your
is an incredible phenomenon. Social contacts, creating nodes for people
Network Visualizer isn’t a tool that’s linked together by their
going to help you use either of interrelationships. Social Network
these services. It’s a step back in Visualizer not only enables you to
time from both the implementation visualise these, it can give you all
and the scale of these modern kinds of stats and mathematical
networks, back to when social properties about the distance,
network analytics was about clusterability, connectivity and
dissecting a network’s topography prominence of these connections.
and constituent parts. Social
Network Visualizer is for these PROJECT WEBSITE SocNetV, as it’s known, maps social networks and gets all kinds of
http://socnetv.sourceforge.net
researchers rather than users, but it cool statistics from the spacing between the relationships.
Music player
Lollypop 0.9.37
I
t wouldn’t be FOSSPicks if we playback. But there’s also an
didn’t have at least one kind of emphasis on dynamic and
music player. contextually generated playlists. It’s
This month it’s the turn of the a little like how other services
neatly named Lollypop, and it shares suggest music you may be
some of the same ideas as interested in by analysing your
Tomahawk. This is primarily in the listening or purchase history.
way it presents your music Rather than the advanced
collection. In the olden days, music heuristics of Amazon, Lollypop
players would be an interface to achieves a similar effect using
your music collection, which was album, artist, genre and playlist
As soon as you start
itself either a huge blob of files or a metadata to create this context. copying new music to may like. And as the playlist is filled
well organised system of files and Rather than the static list of your filesystem you get with music you’ve already collected,
folders. Either way, you’d navigate albums, a contextual playlist fills up a notification that it’s a great way of listening to your
to whatever you wanted to listen to with songs that Lollypop thinks you Lollypop is updating. music in a different context. We
just as you would in a record shop also have to give it extra point for
– through an alphabetical list, an looking so lovely.
artist category or browsing by “We have to give Lollypop an extra
genre. Lollypop works this way too,
and it’s a great option for regular
point for looking so lovely.” PROJECT WEBSITE
http://gnumdk.github.io/lollypop
70 www.linuxvoice.com
� FOSSPICKS
Web browser
Qutebrowswer (git 23/06/2015)
F
or open source and open command prompt, and one of the
standard advocates, both best things about Qutebrowser is
Firefox and Chromium had a the tab completion. This makes
contentious few months in early finding and using the commands it
2015. Firefox furthered its supports really easy.
commitment to harvesting
advertising revenue with targeted Intuitive keyboard action
ads and blog posts that wept The help system is also a great way
phrases like “build better to find out about commands, and
personalised experiences”, because all options list their default
“focusing on engagement” and values alongside those you change,
“value exchange”. At the same time, it’s easy to experiment and change
Chromium was discovered secretly your browsing experience as you go
downloading a binary blob created along. You can then save these
by Google that listened to the input settings – or any session – with
from your microphone. another couple of commands. You We’ve put a cheat sheet master, even without Vim
These and similar events left can set the default zoom, for of commands inside the experience. While in command
back cover. Despite
many of us looking for alternatives example, change all the fonts and mode, press O to open a link and
being designed for
to our humble web browser, and sizes, execute shell scripts and view either choose from the history, type
keyboard-only control,
Qutebrowser is our current favourite. a page’s source code. Pressing I for you can still use a a URL or a search term – the
What makes Qutebrowser unique is insert mode lets you interact with mouse to navigate the browser defaults to DuckDuckGo.
that it’s designed to be interacted forms on a page, and there’s an web. Press F to display quick shortcuts
with purely through key commands, option to automatically trigger this to all the links visible, and these can
many of which are the same as when an appropriate pages loads. be switched between letter and
those used in the Vim text editor. Thanks to the Qt 5 API and its numbers with an option. Shift+J
You can search through a page WebKit web rendering engine, and Shift+K switch tabs and D
with the ‘/’ key, for example, move to Qutebrowser looks fantastic. The closes the current one. Double
the top and bottom with ‘gg’ and ‘G’ vast majority of sites render exactly tabbing the square brackets will
and copy URLs with Y . Many of the as they do in Firefox or Chromium, even emulate selecting ‘previous’
other shortcuts are similarly based and you can easily change the user and ‘next’. It took us only a few
on Vim’s equivalents. agent to help with compatibility. hours to become proficient, and
Also like Vim, there’s a normal/ Navigation itself is easy enough to consequently, totally hooked.
command mode and an insert
mode. In normal mode, you
navigate about the web using either “Qutebrowser is designed to be PROJECT WEBSITE
https//qutebrowser.org
your mouse or the keyboard
shortcuts. Pressing ‘:’ opens the
interacted with purely through.”
How it works: Navigating with Qutebrowser
Press ‘:’ to enter command mode and change Pressing F displays shortcuts that can be Typing two keys can add new keybindings (SK),
1 the font size for the hints that enable you to
2 pressed to follow a link. Shift+F will open links
3 download a link (;D) move tabs (GM) and even
navigate the web. in a new tab. open a web inspector (WI).
www.linuxvoice.com 71
� FOSSPICKS
Word processor
Focuswriter 1.5.4
T
here are more writing tools This is why so-called distraction-
to choose between than free text editors have become so
almost any other category popular – they allow you to focus
of application. This is probably on the art of putting one word after
because there’s no common another, rather than gorging
approach to writing. We all have a yourself on cute cat videos. They’re
different processes and inspiration, the modern equivalent to the
from Roald Dahl’s old wing-back humble typewriter.
chair and chocolate wrappings And our absolute favourite is this,
silver ball to Dylan Thomas’ FocusWriter. FocusWriter is brilliant
boathouse. And it’s no different in because it focuses on what’s
the computer age, whether you take important and nothing more. Font FocusWriter is another application built atop the latest version of
your inspiration from Emacs or rendering is exceptional. Text input Qt. This lends it excellent font rendering and scalability, making it
LibreOffice, your writing tool and its and editing is noticeably faster than beautiful to look at and use.
arrangement reflects your purpose with LibreOffice. Real-time spell
and personality. checking with red underlined in the remainder of what
For example, we know that some highlighting is quick and FocusWriter offers.
of our contributors write everything unobtrusive, if you want it, and the You have oodles of control over
in a simple command line, tapping editor can grey-out sentences and layout, from the font and margins
without soft word wrap, spell check paragraphs the further away they used to display the text, to the
or word count. Can we blame them are from the cursor (we don’t use it, border and colouring. This really
for the typos? At the other end of but it might help some writers.) does help, as everyone will have a
the scale, a quick straw-poll Another feature that falls into a different preference. And like
suggests most of our contributors similar category is the option to terminal appearances, these can be
prefer the luxury of an application enable ‘typewriter’ sounds. This can switched between according to
like LibreOffice precisely because it add a genuine hipster feel to your mood or what you’re typing on. The
does all those things for you, typing, but it’s not especially application is also designed to be
complete with decent font authentic. There’s some dynamism run full-screen, and the menus and
rendering with copy and paste that in the character sounds, but the the status bar hide themselves
actually makes sense. occasional bad sample and while you’re typing. We still prefer
line-printer output of the carriage the windowed mode, but we know
Fjord focus return breaks the effect, diminishing this goes against the mantra of
But fully fledged office applications slightly the general professionalism distraction-free writing.
are themselves an added Either way, all you see are your
distraction when all you need to do words without comprising the
is write some words. None of us “You have oodles of control over ability to tab between multiple open
need the address or date support,
the styles, illustrations and 3D text.
FocusWriter’s layout.” documents or the regular menu
structure you’d expect from a word
processor. Additionally, you can set
yourself writing targets. These
appear when you mouse over the
lower part of the screen or window.
Documents are saved as ODT, and
after a couple of years of use, we
can attest to its stability and ability
to recover unsaved documents.
We’ve never had a problem using
FocusWriter, which is why it
The theme engine
remains, for writing content at least,
allows you to change
our editor of choice.
almost any aspect of
the user-interface, and
switch between your
PROJECT WEBSITE
configurations quickly
http://gottcode.org/focuswriter
and easily.
72 www.linuxvoice.com
� FOSSPICKS
Non-linear video editor
Flowblade 1.0
W
e wrote about a couple Flowblade is a GTK-based non
of video editors last linear editor with a great looking
month and made the grey design and layout. It doesn’t
comment that we had never has so work too well on high DPI displays,
many to choose between. Perhaps but you can still work within its
it’s because we’re all recording our interface. Its design doesn’t diverge
lives through a smartphone, or too far from the trinity of clip bin
perhaps the average laptop has panel in the top left, video preview in
become powerful enough. Either the top-right, and video timeline
way, video editors are becoming beneath both of these. This means
popular and we’re grateful to have if you’ve used Adobe Premiere or
the choice. Apple’s Aftershot Pro, you’ll be able
Powerful trimming and
Flowblade has been in to start editing quickly. final render. There’s also a good
clip positioning make
development for a couple of years, What we really like about the Flowblade another ‘bread and butter’ selection of blend
but the project has been brave editing is that you can move the awesome video editor effects and basic fading – more
enough to label its 14 June 2015 start and end point points of clips for Linux. than enough to get you started. The
release with the milestone 1.0 very effectively, much like Aftershot only problem we found was stability
version number. This puts it ahead Pro, which we find a more intuitive as despite this being a 1.0 release
of projects like Mame (because way of editing shots together into a we did have a few problems with
there will always be more arcade instant crashes and huge memory
games) and behind less (at version and CPU consumption over time.
471 on our desktop), but it’s still a “You can move the start and end
significant indication that a piece of
software is ready for general use.
points very effectively.” PROJECT WEBSITE
https://github.com/jliljebl/flowblade
Text editor
Atom 1.0
I
f you spend time coding, you’ll has ambitions to be used with
have a close working almost any other language. Core to
relationship with the tools you its usability is its own
use to enter your code. Many programmability, despite its simple
Whether it’s making your code look user interface and beautiful font
pretty or catching mistakes before rendering. This puts it into the same
a compile, the editor has become league as commercial editors, such
the gateway to coding success. as TextMate for OS X, which we’ve
Atom is one of these editors with a used and loved. If you need
rather special provenance – it’s something done a specific way, the
been developed by GitHub Inc., the ability to code your own hooks into
company behind the world’s most an editor is fundamental.
popular code hosting and
management service, after a staffer Your hair is beautiful
There are many themes
initially started work on the project But Atom also succeeds as an and easy to navigate code after.
and addons that can be
in 2008. editor. The themes and syntax installed within Atom, And befitting its sponsor, it’s also
Proving that it’s a small world highlighting are the best we’ve seen, just as you might with got great integration with GitHub.
after all, Atom is based on code and many other editors have the Chromium web It’s likely that Atom will only grow
from the Chomium browser, attempted to copy the feel of Atom browser. Atom is into more of a fully fledged IDE as
hopefully devoid of microphone since it first appeared. So too is the important enough to get the editor’s prowess spreads.
snooping, which makes it ideal for code completion, powered by its our review treatment on
web-centric languages like ‘autocomplete-plug’ engine, with page 52. PROJECT WEBSITE
https://atom.io
JavaScript with Node.js, but it also hints before you select a template
www.linuxvoice.com 73
� FOSSPICKS
Web browser
Inox 43.0.2357
Y
ou’ve tried the awesome conversations. It’s for this reason
keyboard-driven that Inox is called a ‘spinoff’ rather
Qutebrowser from the than a fork.
second page of FOSSPicks, right? It accomplishes this trick by
It’s brilliant. OK, we accept that implementing a carefully selected
interacting with a web browser brace of patches and enabling or
using keyboard commands alone in disabling compile-only flags, such
the age of touchy/feely as the spookily named ‘Google’s
smartphones isn’t for everyone. So Instant Extended API’, ‘Cloud
here’s another alternative. Messaging status check’ and our
If you’re still concerned about favourite ‘EnableHyperLinkAuditing’.
your privacy and you’re looking for a The end result is an excellent,
fast, intuitive alternative to Chrome/ ultra-fast and compatible browser Inox is a synonym for
Chromium, Inox is a good choice. without any nefarious spying stainless steel. See need to trust the single developer
Primarily because it is Chrome/ potential. We found no real what they’ve done who’s putting it all together, but at
Chromium, only with the naughty discernible difference between Inox there? least the patches are easy to view
bits taken out. However, this isn’t a and Chromium when we tried it out and there’s already been plenty of
fork. The developer wants the – even down to plugins and feedback. If you’re running Arch,
source to remain primarily the themes. Of course, this means you there’s even a binary package,
same as Chomium’s and easily which is helpful as Chromium takes
patcheable to accommodate half a lifetime to build manually.
security patches and new features, “An excellent browser without any
notwithstanding the binary blobs
that listen to your private
nefarious spying potential.” PROJECT WEBSITE
https://aur4.archlinux.org/inox.git
Secure video and messaging
uTox 0.3.2
T
here can’t be many authentication and encryption is
messaging applications handled by public and private keys,
that can trace their roots to which are generated when you first
a discussion on the infamously run the client. You can use the
anarchical 4chan. But this is exactly same keys on multiple clients too,
where Tox started after Edward which is handy, as alongside the
Snowden revealed the extent of the command line and GUI Linux
NSA’s activities and raised the ire of clients, there’s also an excellent app
4chan’s proactive tech subculture. for Android. Messaging also works
Tox has since left its roots behind, across Tor IPv6 and Tor, so it really
gaining semi-respectable status does give you the best chance to
thanks to Google’s sponsorship stay secure.
There’s a minimal and a
through 2014 and 2015’s Summer You don’t need an account or Qt app for Linux, and an of you have accepted each other as
of Code, and a wider acceptance even a name to start chatting; you F-Droid repository for a contact, communication is just as
that we all need to be more simply share your public key with Android installation. you’d expect. Voice, video and
proactive about privacy and your contact. There’s a DNS search binary exchange is also supported
security. Tox itself refers to the function if you need to find people and works well. Assuming you can
protocol, and the clever part – the through the internet, and after both trust its developers and their source
part you’d expect with a client code, Tox is an excellent option for
birthed at 4chan – is that there’s no those of us who value our privacy.
central server for anyone to hack or “Tox is an excellent option for those
subvert. This is peer-to-peer
messaging, and the vital
of us who value our privacy.” PROJECT WEBSITE
http://utox.org
74 www.linuxvoice.com
� FOSSPICKS
FOSSPICKS Old Games
https://launchpad.net/pybik/
Update of an 1980s classic
Free Sentinel GL
E
ven in the pantheon of complete in April 2015. The game is
famous bedroom games a series of procedurally generated
programmers from the three dimensional landscapes from
1980s, there are few to compete which your avatar has to escape.
with Geoff Crammond. With The floor of each landscape is a
1983’s Aviator, he was one of the chequerboard of squares arranged
first to master vector graphics, at different heights, littered with
creating a new realm of trees and summits.
mathematical complexity while At the highest point stands the
the majority of his peers were still sentinel, a sinister force that looks a
pushing pixels. little like Supreme Chancellor
Using vectors enables the Palpatine. The sentinel looks in one
Currently only available
screen to represent the player’s direction with a narrow field of view, as source code, new avatar to start on. Only when
eye view, and his early and if it spies the platform on which Free Sentinel GL takes you’re above the sentinel’s square
masterpiece, 1984’s Revs, put the your avatar is standing, or a boulder around 45 minutes to can you absorb it and transfer to
player directly behind the steering (which you can generate after build. The only its location, completing the level.
wheel of a Formula Three racing absorbing the energy of two trees), prerequisite is Qt 5.4. What makes the game so
car. This was revolutionary for the sentinel starts absorbing your compelling is the malevolent
home computers, and his energy. Every few seconds, the presence of the sentinel. It’s
obsession with racing eventually sentinel moves its gaze a few more always turning and always
led him to create the hugely degrees in one direction. looking. In later levels, its joined
successful F1GP franchise. by one or more lower lieutenants,
Crammond created a couple of Anger is an energy or meanies that attempt to suck
other classics that weren’t Energy is your life force, and you your energy when the sentinel
shackled to the realism of accumulate it by absorbing the can only see part of you. Coming
simulation. Stunt Car Racer is one; trees when you can see the squares up with a strategy to move
but the one that completely they’re standing on. Run out of across and up a landscape while
defies genre or definition is The energy and you die. You move by remaining out of sight is hugely
Sentinel, from 1986. This has transferring your avatar to any challenging, and we’re overjoyed
been recreated as Free Sentinel square you can see, and you slowly to see Geoff Crammond’s classic
GL in glorious OpenGL by Markus- climb from your starting position by brought into the 21st Century.
Hermann Koch, using textures first surveying your surroundings
from smartphone photos and and absorbing any trees, and then PROJECT WEBSITE
http://tinyurl.com/p4jtpde
taking less than a month to placing a boulder or two for your
How to play
Use your mouse to look around and Decide on where you want to climb, point the Transfer to the new avatar by pressing Q and
1 point your cursor at a square with a tree/
2 cursor at a blank square and place one or
3 quickly turn around with U and re-absorb your
mushroom/monolith (this depends on planet more boulders by pressing B. Create a new old avatar. Now make your way to the highest
type). Press A to absorb its energy. avatar by pressing R. point and absorb the sentinel.
www.linuxvoice.com 75
�� TUTORIALS INTRO
TUTORIALS
Dip your toe into a pool full of Linux knowledge with eight
tutorials lovingly crafted to expand your Linux consciousness
In this issue…
78 80 84
Ben Everard
is dreaming of a freer world.
Two-factor auth Pi input Macros in Calc
T
his month, I took a look at Atom, Graham Morrison doesn’t The world can be your Build a game in a
a new text editor from GitHub. trust anyone, and neither input device. Les Pounder spreadsheet and pretend
It’s just one in a long line of open should you. Get double creates a custom interface that you’re working. Just
source releases from major tech protection on your sever with the contents of an arts don’t blame Ben Everard if
companies in 2015 including big with FreeOTP. and crafts box. you get caught.
released from Microsoft (.Net) and
Apple (Swift). These three releases, you
may note, are all bits of code that target
88 92 96
programmers.
Sysadmins’ distaste for existing
proprietary solutions forced many
server rooms to move over to open
source software in the late 90s and
early 2000s, and these days, most new
server rooms are completely open
source. Since then, we’ve seen some
Nginx Drupal CMS Robots that walk
smaller areas of software go open Need a high performance Create a powerful web Ben Everard fulfils a
source: most web browsers have been web server? Ditch Apache platform the easy way. boyhood dream of making
based on open source code since the and use Nginx instead. Get Marco Fioretti takes you a computer walks. With
mid 2000s, and most smartphones started wit Marco Fioretti’s through the basics of an Arduino, a chassis and
have been based on open source since detailed guide. Drupal. some code, you can too!
the early 2010s. While these have been
important precedents, they’ve been
driven by the quality of the products on PROGRAMMING
offer, not a desire for software freedom.
If developers’ pressure to use open C Objects Scripts
source products can force behemoths 100 The language of the kernel 104 A computer programming 106 Shell scripts are usually
like Apple and Microsoft to release their holds a special place in the technique invented by a only designed to work on
heart of many Linux users, but its bunch of psychologists may Linux. Some people design them
code, then users can force other
association with Unix goes back sound like a recipe for disaster, to run on other Unixes as well, but
companies to go open if we act much further. The history of the but when used properly, objects not many people expect more than
together. We just need to speak out language is inextricably linked can make code easier to read, that. It needn’t be this way. Follow
with one voice. If companies want our with the history of Unix. It may not easier to maintain and easier to us down the road to cross-
business, they need to provide us with be as popular as it once was, but share. Perhaps those head- platform utopia as we write one
for low-level programming, there’s shrinkers can come up with the script that runs successfully on
the code.
no better option. odd good idea after all. both Linux and Windows.
ben@linuxvoice.com
www.linuxvoice.com 77
� TUTORIAL TWO-FACTOR AUTHENTICATION
GOOGLE AUTHENTICATOR:
TUTORIAL
EASY TWO-FACTOR SSH LOGINS
Passwords are never enough. But there’s an easy way to super-
GRAHAM MORRISON
secure your systems with a little hacking and a mobile app.
P
asswords are intrinsically insecure. Not only services this way since 2010. The power behind
WHY DO THIS?
are the vast majority far too simple, making Google’s authentication was the appropriately named
• Add two-factor
them easy to brute-force or guess, they’re easy Google Authenticator, a project that Google open
authentication to SSH
to copy and steal. One excellent solution is two-factor sourced and subsequently abandoned. But like any
• Instantly make your
system secure authentication. This provides an additional security open source project worth its salt, Google
• Then start using it on check, meaning that any intruder will need to break Authenticator lives on (thanks Red Hat!). We’re going
other sites both to get access. Banks commonly use two-factor to use it to secure SSH, the essential remote terminal
authentication, asking you for both an item of that runs on everything from a Raspberry Pi to a
personal information and a pin from a digital key. server. It’s often the only service you might run that’s
Google too has long taken two-factor authentication visible from the internet, making this additional
seriously, and you’ve been able to log in to many of its authentication an essential upgrade.
Step by step: Install and configure Google Authenticator
1
Install the authenticator 2
Configure PAM
We’re going to install a PAM module on the machine With the new module installed, we now need to tell
you want to protect. PAM, Pluggable Authentication both PAM and SSH to use it. If you’re doing this
Modules, is responsible for granting and denying through SSH, don’t allow that connection to quit. You’ll
access to your system. It’s used by almost everything, be able to make all the changes needed and even
including your login manager and SSH, and these restart the SSH service without losing this connection
modules can enable extra security such as fingerprint and it will continue to work in the state you had before
scanners or extra passwords. They need to be making any changes. This is important, especially if
installed and configured before they become effective, you’re working on a remote server, because it’s the
so that’s what we’re going to do first. only way you’ll be able to fix something if it goes
On a Debian-based system, like Raspbian or wrong – you don’t want to be left unable to log in. To
Ubuntu, you can install Google Authenticator by typing add the module to SSH’s PAM configuration, type
sudo apt-get install libpam-google-authenticator. sudo nano /etc/pam.d/sshd and add the following to
The authenticator will never connect to anything the bottom of the file:
directly; instead it shares a common key that auth required pam_google_authenticator.so
generates a secret value against the current time. For All this line is basically saying is that the Google
that reason, it’s also important that any devices you Authenticator module will become a requirement for
use have clocks that are reasonably synchronised, so all successful logins through SSH. By making this
you might want to look into enabling NTP (Network module required, rather than sufficient, we’re saying
Time Protocol) on your distribution too. the user needs to satisfy this requirement.
78 www.linuxvoice.com
� TWO-FACTOR AUTHENTICATION TUTORIAL
3
Configure SSH 4
Run Google Authenticator
We now need to make a similar change to the SSH We’re now going to run Google Authenticator to
configuration. Save and close the edited PAM generate the keys that are going to be needed by the
configuration file and type the following to open the app so that both the PAM module and the app that
configuration file for the SSH daemon: runs on your phone can be synchronised and generate
sudo nano /etc/ssh/sshd_config working authentication. This needs to be done from
Search for a line that says ChallengeResponse the user account you’re going to use to connect via
Authentication no and change the no to yes. SSH, and you’ll need to do this for any other users who
ChallengeResponse is an additional authentication may want to connect to. From the command prompt,
system where the valid answer is authenticated by an type google-authenticator. The first thing you’ll see is
external system. For our configuration, this is going that the terminal is filled with a large QR code. This is
to be the Google Authenticator module we’ve loaded just a way to transfer the secret key to the app you’ll
into PAM. Save the config file and restart SSH. On an install on your phone. When the Android app has the
older Debian system or a Raspberry Pi, you can do key it will be able to generate working tokens. Finally,
this by typing sudo service ssh restart. On everything answer ‘Y’ to restrict multiple uses of the same
else, this can be done through systemd by typing sudo authentication token, to keep the time limit at 30
systemctl reload sshd. seconds and to limit login attempts to three.
5
Install the app 6
Login with FreeOTP
After Google moved to proprietary development, the Don’t close the original SSH connection yet. We need
community created an open source app that could be to make sure the new connection regime is going to
used in its place. The result is FreeOTP, which is work first. Open a new terminal and SSH to your
compatible with both the TOTP or HOTP protocols. server normally. You’ll first be asked for your regular
TOTP and HOTP are used by many different sites and SSH password.
systems and the app can manage all of these After entering the password successfully, you’ll be
credentials and provide authentication tokens for each prompted for a verification code. Pick up your phone,
connection. Before this will work, we need to add the launch the FreeOTP app and click on the entry for your
key that we generated previously, and the easiest way server. A six-digit numerical code will appear alongside
to do this is to launch the app, click on the QR icon in a 30-second timer to indicate how long this code will
the top border and point your device’s camera at the remain valid. Enter this code into the SSH terminal
screen. The secret key should be immediately added and, with a bit of luck, you should find yourself
and listed in the app. connected. If not, refresh the token and make sure the
times and dates on both your phone and computer
are correct. Before you close the SSH connection,
make a note of the scratch codes – ideally by printing
them out. They’re also saved on the server in the
~/.google_authenticator file, just in case.
www.linuxvoice.com 79
� TUTORIAL EDUCATION
ASTROPLAY – BUILD A CUSTOM
TUTORIAL
INTERFACE
Forget swishy Minority Report gestures – create your own
LES POUNDER
interface to the Raspberry Pi using cardboard, glue and paper clips.
S
pace… the final frontier. These are the voyages
WHY DO THIS?
of the USS Raspberry Pi. Right now the folks at
• Learn about new types the Raspberry Pi Foundation has gone space
of inputs
crazy with its AstroPi Sense HAT. They are sending
• Build your own interface
two of these boards, along with two of the Raspberry
Pi Model B+, up to the International Space Station
where European Space Agency (ESA) astronaut Tim
TOOLS REQUIRED Peake will conduct experiments written by children in
• A Raspberry Pi Model Pi the United Kingdom.
2 or B+ But how can we fuel children's interest for space?
• Raspbian operating Typically in class we would use a wall board full of
system
pictures and information that children curate and build
• 4 x paperclips
as a class project, but what if we made it interactive Our playmat depicts the adventures to be found in space
• 4 x male to female
jumper cable with videos, audio and images? Using a Raspberry and costs less than £10 to build.
• 4 x female to female Pi and some cost-effective tinkering we can make
jumper cable our very own wall board interface that uses content an electrically conductive contact on to which we can
• Arts and crafts from ESA and NASA to engage pupils. We will use attach a female-to-female jumper cable. So at one end
materials components such as wires, paperclips and foil to of each object we have the paperclip, and at the other
• Tin foil create a low-cost circuit that can be easily removed end we attach the female connection to a GPIO
• Blutack/glue ready for the next class project. This project is not (General Purpose Input Output) pin. In this tutorial we
limited to space; it can be themed to meet the needs have used pins 14,15 and 18 (Broadcom pin layout). It
of your class projects, perhaps even demonstrate the is advised that any connections to the GPIO should be
components of a computer using a similar style wall made while the power is off, as a short circuit, where
interface. You can see a video demo of our project at pins are connected incorrectly, could cause your Pi to
http://bit.ly/LV18-AstroPlayVideo. reboot or as a worst case scenario it could damage
the pins of your Pi. The paperclip for each object
Setting up the user interface should be easy to reach and not obscured by layers of
Our interface for this project is a playmat that has card or plastic, as this will act as an insulator and
three objects to interact with: the Earth, the prevent a clean connection.
Connecting a paperclip to International Space Station and the planet Mars. Each With our planets and space station built and
the female jumper cable is of these objects is constructed from coloured card. connected to the GPIO our attention shifts to the
easy – they simply push on On to each of our objects we need to attach a rocket that will boldly take us on our journey to the
with a gentle click. paperclip; this will fit in a discreet manner and provide stars. The rocket is constructed using card and glue
and uses the same paperclip and female-to-female
header wire as our objects, but it's connected to a
Ground pin on the GPIO. In order to increase our
chances of making a good contact we stuck a strip
of aluminium foil and ensured that the paperclip and
the foil have good contact. We used a few blobs of
blutack to help position the strip correctly.
Setting up the software
For this project we have used the very latest Raspbian
image, dated 5-5-2015. This comes with the
improvements to the user interface, such as a Wi-Fi
applet in the taskbar and volume control and output
selection. It also includes Pygame for Python 3,
enabling us to move away from Python 2 and move
forward with Python 3.
80 www.linuxvoice.com
� EDUCATION TUTORIAL
The software for this project is mainly a Python 3
script that will constantly look for input via the
physical hardware, and when triggered it will play a
media file using the Pygame library. To write our
Python code we shall use the Idle editor, but we will
need to use it with root access, as only root can use
the GPIO pins of the Raspberry Pi. To open Idle with
these powers you will need to open a terminal; you
can find the icon for which in the taskbar at the
top-left of the screen for versions of the Raspbian
distribution from December 2014 onwards.
With the terminal open type in the following
command and press Enter at the end of the line. It
will launch Idle 3, the Python 3 editor, and put the
command into background freeing up the terminal for
further use, if we wish.
sudo idle3 &
NASA provides its
With Idle open we are immediately presented with the sleep function from the time library, and lastly
resources for free under
a Python shell. The shell is where logic and code can we import the RPi.GPIO library and rename it to the the standard YouTube
be tested in an interactive environment that provides easier to use GPIO. licence. You can download
an immediate response. For this project we do not GPIO.setmode(GPIO.BCM) their videos using
need to use the shell, and we should click on File > GPIO.setup(14, GPIO.IN, GPIO.PUD_UP) youtube-dl, a terminal tool
New Window to open an editor window. In the editor GPIO.setup(15, GPIO.IN, GPIO.PUD_UP) in Raspbian.
window we can create large projects, but in order to GPIO.setup(18, GPIO.IN, GPIO.PUD_UP)
run them we first need to save them. As good practice Our next block of code uses the GPIO library and
you should instantly save your work as space.py by sets up the GPIO pins to use the Broadcom pin
clicking on File and Save. With your work saved you're mapping (BCM); this is the Raspberry Pi Foundation's
free to run your code when complete by clicking on supported configuration. We then set up three GPIO
Run > Run Module from the menu. At this stage in pins (14,15 and 18) to be inputs and set their state to
the project we do not need to run the code, but it is be pulled high, with power flowing to the pin, so when
advisable to save your work often to minimise any we later briefly touch this pin with a Ground pin, our
data loss. rocket, it will pull the pin low, changing its state and
import pygame triggering the media to play.
import os, sys def player():
from time import sleep os.system('omxplayer -o local Pioneering.mp4')
import RPi.GPIO as GPIO We next define a function that will handle the
We start the code by importing a number of playback of video media in this project. We give the
libraries. Libraries are collections of pre-written code function a name for reference, and we can trigger
that help you develop larger projects in an easy-to-use the function to run by calling that name. Our function
manner. Python comes with a number of libraries has only one line, and uses the OS library to make a
installed, but to install more libraries you can use system call to the Raspbian OS. It will ask to open
Pip, the Python package manager. In this project the Omxplayer video player application and open the
we import the Pygame library to handle our media Pioneering.mp4 file.
playback, which is much simpler than writing our def picture(img,w,h):
own code to handle this activity. We then import the pic = pygame.image.load(img)
os and sys libraries to enable our Python script to background = (255, 64, 64)
interact with the underlying Linux OS. We then import screen = pygame.display.set_mode((w,h))
Pygame
Pygame is a library of modules that were designed to enable use but jam-packed full of functionality. Take, for example,
Python to be used in the creation of video games. It was first constructing the visuals for a game. In this tutorial we used
released in 2000 by Pete Shinners and was written to replace blitting to rapidly update the screen. This is a common
PySDL, a previous game creation library written by Shinners. method used in 2D platforms and fast-paced shooter games
Pygame provides a rich resource that coders can utilise where we have a large number of identical enemy sprites on
in their games. The library is multi-platform, so it can be screen. Pygame has grown to incorporate the tools that game
used on many different operating systems. Pygame handles designers need for their work and now we see excellent games
media such as video, audio and images. It can also capture such as Frets on Fire (http://fretsonfire.sourceforge.net),
user input in the form of keyboard, mouse and joystick input. which uses Pygame to create a Guitar Hero-style game played
But where Pygame excels is in the way that it is easy to with a conventional computer keyboard.
www.linuxvoice.com 81
� TUTORIAL EDUCATION
that we may come across. To update the screen
we first have to load the data into memory, and for
that we use a blitting technique to rapidly update
the contents of memory with the image data. This
has been used in the games industry to update the
screen for shoot 'em ups such as R-Type and Midnight
Resistance. We then use the flip function to complete
the screen update before waiting 10 seconds and
then close the window and our pygame session is
removed from memory.
def picture_with_audio(img,w,h,audio):
pygame.mixer.init()
pygame.font.init()
pygame.mixer.music.load(audio)
pygame.mixer.music.play(1)
screen = pygame.display.set_mode((w,h))
pic = pygame.image.load(img).convert()
Our rocket is really
screen.fill((background)) background = (0, 0, 0)
a hidden link to the
Raspberry Pi GPIO ground screen.blit(pic,(0,0)) screen.fill((background))
pin, which when connected pygame.display.flip() myfont = pygame.font.Font(None, 15)
to a pin that is high will sleep(10) Our third and final function is an extension of the
pull that pin low, changing pygame.display.quit() previous picture function, in that we now add an
its state. pygame.quit() audio argument to enable audio playback. In order to
Our second function handles displaying images on playback audio with Pygame we first must initialise
the screen. Unlike our first function, this has a number the audio mixer. Our next line is similar to initialising
of arguments inside of its brackets. These arguments the audio mixer, but this time we initialise the use of
are used to pass information to the function; in this fonts. With the audio mixer initialised we now load the
case we pass the filename of the image via img and audio file, which has been passed as an argument via
the width and height of the image via w and h. Moving the function. With the audio ready to play we trigger
inside the function we next create a variable into it to play once. We repeat the screen variable we saw
which we store the output from loading the image in the picture function and use it once again to set up
into pygame. Next we set the background colour the screen to match the size of the image used. We
of the screen using three values of 0 to 255 each. then load the image ready for use and then set the
These values represent the red, green and blue mix background colour to 0,0,0, which represents black.
of colours, so 255,0,0 would be a bright red. We use a With the screen set up we move to the pygame.font
mix of full red and 25% of green and blue respectively functions. We instruct Pygame to use its default font
to produce a subtle shade of raspberry. Next we and set the size to 15pt.
create a variable called screen and use that to store info1 = myfont.render("The International Space Station (ISS)
the display properties of our screen (in this case, the is a space station,",1,(0,255,0))
Pygame can render text
resolution of the image that we will be displaying). We next create six variables and into each of them
and images into a window
on the desktop. This We then use the screen variable along with the fill we store text taken from the Wikipedia entry for the
window can be any size function to change the background colour of the International Space Station. Again we use the RGB
and scaled to meet the window. It's unlikely that we will ever see this on colour values to set the colour of the first five entries
needs of the application. screen, but it is there to hide any image display errors to 0,255,0 which is bright green; our sixth variable is
used to store the source of the information and is
coloured blue 0,0,255 to highlight this.
screen.blit(info1, (0,0))
screen.blit(info2, (0,20))
screen.blit(info3, (0,40))
We then use the blit function to update the
information to memory, which we do for each of the
six lines of information. We start at the top-left of the
screen (0,0) and then move down 20 lines (0,20) each
time to provide sufficient spacing.
pygame.display.flip()
sleep(10)
screen.blit(pic,(0,0))
pygame.display.flip()
We repeat the use of the flip function to update the
contents of the screen before waiting 10 seconds
82 www.linuxvoice.com
� EDUCATION TUTORIAL
to enable the user to read the screen. When the 10
seconds is up the screen is updated to show a picture Ground: this attaches
of the ISS in orbit above Earth. to your rocket
sleep(5)
pygame.display.quit() Input 14: connects to
pygame.mixer.music.stop() planet Earth
We again display the image for a short length of
time before quitting the Pygame display, effectively Input 15: connects to
closing the screen, and we then stop the playback of the ISS
the audio. With our functions defined we now move
on to the main body of code that will control the flow Input 18: connects to
of the project. Mars
while True:
if GPIO.input(14) == False:
player()
elif GPIO.input(15) == False:
print("ISS Chosen")
picture_with_audio('./iss.jpg',640,421,'./eva.mp3')
Our planets, rocket and
elif GPIO.input(18) == False: ISS. Triggering the Mars object will set pin 18 low and
space station attach to the
picture('./mars.jpg', 1280,720) display an image of NASA's Mars project. The very GPIO as per this diagram, a
pygame.quit() final line is used to quit the Pygame library if needed. larger version of which can
We use a while True loop to constantly run an if.. With the code complete save it as space.py. Ensure be downloaded from our
elseif...else conditional statement, which looks for that all the media referenced in your code is in the resources.
a change in state on one of our three inputs. Input same directory as where you save this code. If you've
14 is attached to planet Earth and has its GPIO pin downloaded the code from our GitHub repository then
pulled high, meaning that it has been turned on. If we this will already be the case. If you would like to source
touch the rocket, which is connected to a ground pin, your own media, ensure that you update the files
onto any of the inputs, their state will change from referenced in this tutorial with your own.
high to low and will register False. If that is the case With the code saved and your AstroPlay mat
then the corresponding pin will trigger the execution constructed, click on Run > Run Module to start your
of one of the functions that we created earlier. So for project. Once ready, land your rocket on to one of the
planet Earth it will trigger the player() function and destinations and learn more about NASA and their
play a video of NASA's quest to explore space. The ISS space missions.
connected to pin 15 will play an audio excerpt from
the station, along with some Wikipedia text describing So what have we created?
the purpose of the station, followed by a picture of the We have built an interactive wall board that engages
with children and enables them to illustrate their class
projects in new and inventive ways. By completing
Adding extra libraries
this project the class have learned.
Python comes with a number of libraries installed, but what How to connect components to the Pi's GPIO pins.
if the library that you want to install is not among them? How to modularise an abstract by de-constructing
Well Python has its own software package manager in the the project into stages.
form of Pip.
Pip handles the installation of libraries and any
How to use a loop.
dependencies that they may have. Pip for Python 2 can be How to use conditional statements and
installed via the terminal by typing: comparisons.
sudo apt-get install python-pip How to import extra libraries of code.
You can then search for libraries by using the syntax: How to create functions with arguments.
sudo pip search NAME OF LIBRARY
sudo pip install NAME OF LIBRARY
How to use Pygame to handle media.
Pip comes pre-installed with Python 3 onwards and can How to use the OS library to execute shell
be used from the terminal as follows: applications.
sudo pip3 search NAME OF LIBRARY All of the code for this project along with the media
sudo pip3 install NAME OF LIBRARY
files and a high-resolution circuit diagram can be
Also note that pip3 can also be referred to as pip3.2 on
certain operating systems so a top tip is to type Pip into
found at our GitHub repository: https://github.com/
your terminal and press the Tab key to show the versions of lesp/LV_Issue18_Education and you can download
Pip installed for your system. the project as a Zip file from https://github.com/lesp/
Not every library that is available in Python 2 has been LV_Issue18_Education/archive/master.zip.
ported to 3, so if your project depends on a key library then
you may have to base your project on Python 2 and perhaps
Les Pounder divides his time between tinkering with
make a request to the library owner to update their code for
hardware and travelling the United Kingdom training teachers
Python 3.
in the new IT curriculum.
www.linuxvoice.com 83
� TUTORIAL LIBREOFFICE MACROS
CREATE A GAME WITH
TUTORIAL
LIBREOFFICE MACROS
When everyone in the office thinks you’re sorting out the accounts,
BEN EVERARD
you can actually be playing games. Games 1, Accounts 0!
T
here are precisely two reasons for using
WHY DO THIS?
LibreOffice Calc to write a game: to learn
• Master the office suite LibreOffice BASIC, or to hide the fact that you’re
and make it do your
bidding. playing games when you should be working. Both are
• Discover the weird world perfectly good reasons, and if you’re an accountant
of cellular automaton. who spends all your day elbows-deep in spreadsheets,
• Play games while we won’t judge you for taking a little time off.
pretending to work. Conway’s Game Of Life isn’t like other games.
There’s no winning or losing. There’s not really any
playing, just a series of shapes shifting about on the
screen, but despite that, it’s incredibly addictive.
The game takes place on a square grid where each The LibreOffice macro development environment has
square can either be empty or alive. At the start of many more features, including breakpoints and the ability
the game, the player sets any squares they want to to watch values as the code executes.
be alive, and then the game progresses through a
series of iterations where the state of the squares are The game first appeared in the October 1970 issue
determined by the state of its neighbours (vertical, of Scientific American in the ‘Mathematical Games’
horizontal and diagonal) in the previous iteration: Column. It grabbed the attention of mathematically
If a square has fewer than two alive neighbours, it minded scientists and many people in the new field
dies of loneliness. of computing. The computers of the time were
“You can write LibreOffice If a square has the ideal test-bed for the game. It’s fairly simple
two or three alive from a computational point of view, so can run in
macros is a variety of languages neighbours, then it environments with limited resources, and it provides
including JavaScript and Python.” stays alive if it’s interesting graphics even on systems with very limited
currently alive. output capabilities.
If a square has three alive neighbours and is empty,
then it becomes alive due to reproduction. Make macros fun
If a square has more than three alive neighbours The very aspects that drew programmers to the game
then it dies due to overcrowding. of life in the 70s make it attractive to macro
By applying these three simple rules, surprisingly programmers today. The grid-based layout is ideal for
complex patterns emerge over time. It’s even been spreadsheets, and macros aren’t the most efficient
shown that, with a very complex starting pattern, you programming languages, so the simplicity works well.
can build a Turing-complete computer in Conway’s You can write LibreOffice macros in a variety of
Game of Life. languages including JavaScript and Python. However,
BASIC is the best documented and easiest to get
Other Game of Life implementations started with. It’s very heavily based on Visual Basic for
Applications (VBA), the macro language for Microsoft
Programming the Game of Life in LibreOffice is a great way
Office; however, the links between the office suite and
of learning about macros, but it’s not the most efficient
way of running the game. In fact it’s a very slow way to run the programming language are a little different, so
the Game of Life. For basic exploration, the easiest way of VBA macros usually won’t run without modification.
getting started is with the JavaScript implementation at Macros can run in all the programs in the LibreOffice
pmav.eu/stuff/javascript-game-of-life-v3.1.1. This runs suite, but we’ve found that they’re usually most
much faster than our implementation, is easier to adjust,
useful in spreadsheets, so we’ll be using Calc for this
and comes with some pre-set patterns.
If you want to explore the Game of Life (and the general tutorial. Let’s start in the normal place with a simple
area of cellular automata, which are systems like the Game hello world. Create a new macro by going to Tools
of Life but with different rules), then Golly (http://golly. > Macros > Organise Macros. This will open a new
sourceforge.net) is a far more capable program. It runs dialog where you need to expand the list items for My
quickly, and is more powerful than the JavaScript version,
Macros, then click on Standard and press the New
though at the same time, it’s a bit more complex to use.
button. This will create a new macro called Macro1
84 www.linuxvoice.com
� LIBREOFFICE MACROS TUTORIAL
Drawing pretty patterns Some starting grids have unusual properties
Patterns where every live
cell has two or three live
neighbours will stay exactly
the same through multiple
generations.
Blinkers are patterns that
alternate between two or more
states, but will always return to
their initial state at some point.
These patterns are known as
gliders, and they move through
the grid.
and open the editor where you can enter this code: for the cell at the given coordinates. We can use this
Sub Macro1 to set the text in the cell with the following:
REM Hello World! Sub Macro2
print “Hello World” dim xSheet, i
End Sub xSheet = ThisComponent.Sheets(0)
This will look familiar to anyone who’s used any for i = 0 to 9
form of BASIC before. Lines that start with REM xSheet.getCellByPosition(0,i).String = “Hello World”
are ignored by LibreOffice, so you can use them to next I
add comments to your code. Sub is short for Sub End Sub
Procedure and is used to group code into blocks. As you can see, the cell object has a property
When you run a particular macro, LibreOffice will named String that can be used to set the contents
execute everything between the Sub line and End of a cell. There’s also a property named Value, which
Sub. In this case, that’s just the line with the print we’ll use later on to give a cell a numerical value.
statement. If you’re familiar with spreadsheets, you may be
Once you’ve entered this, and saved it, go back to wondering what the point of macros is. After all, most
the main Calc window. You can run this macro by spreadsheets allow for quite complex functions to be
going to Tools > Macros > Run Macros, then finding put into cells without the need for macros. Conway’s
Macro1 in the list. You should find that you get a Game of Life, however, can’t be calculated with
popup with ‘Hello World’. functions, because it requires us to calculate the next
state based on the current state, then change to the
Hello all the worlds next state. Spreadsheet functions alone can’t handle
LibreOffice Basic contains most of the features you’d this form of iteration. Macros, however, have no
expect in a programming language. In the next problem with it. To code this game, we’ll use two sets
example, we’ll use variables, for loops and objects. of for loops. The first will populate an array with the
We’ll use these to interact with the Calc spreadsheet values of the neighbours, and the second will rebuild
to display the phrase ‘hello world’ on 10 cells. In order the grid with the new values. The basic structure of
to do this, we to interact with Calc. our code is:
This is done by first getting the object for the first sub gameoflife
sheet in the spreadsheet by calling ThisComponent. dim xSize, ySize, total, xSheet
Sheets(0). The object this returns has a function xSize = 50
called getCellByPosition(x,y) that returns an object ySize = 50
www.linuxvoice.com 85
� TUTORIAL LIBREOFFICE MACROS
if total = 3 then
outArray(x,y) = 1
endif
if total > 3 then
outArray(x,y) = 0
endif
This sets the value of outArray based on the rules
given at the start of this tutorial.
It’s easiest to view this if you adjust your
spreadsheet so that the first 50 columns are all quite
narrow. Once you’ve written this macro, you can enter
some 1’s into the play area (ie the square grid between
the (2,2) cell and (50,50), then run the macro. This
will run a single iteration of the game. You can run
multiple iterations to see how your life evolves. It can
be tiresome to keep running the macro like this, so
let’s make it easier to run multiple generations at once.
Time… to die
By adjusting the layout of
dim outArray(xSize, ySize) We’ve given ourselves a two-cell buffer around the
your spreadsheet, you can
make it much easier to edge of the game to enable us to add some text. We
watch the game unfold. total = 0 can use this to both provide details to the macro, and
xSheet = ThisComponent.Sheets(0) add an extra bit of information. Specifically, we’ll use it
to tell the macro how many iterations of the game we
for x = 2 to xSize want to play, and we’ll also use it to let the macro tell
for y = 2 to ySize us what iteration it’s currently displaying. This is
REM [1] calculate outArray(x, y) depending on neighbours simply a case of wrapping an extra for loop around
next y the above.
next x dim xSize, ySize, total, xSheet
xSize = 50
For x = 2 to xSize ySize = 50
for y = 2 to ySize dim outArray(xSize, ySize)
xSheet.getCellByPosition(x,y).value = outArray(x,y)
next y
next x
This creates a 48 by 48 grid that starts at the cell Uno A unified interface for many languages
B2 (leaving a two-cell perimeter to enable us to add
In the macros we’ve looked at in this tutorial, we’ve
values around the grid without skewing the results). interacted with Calc using the properties of objects, but
This is a bit wasteful of memory, since the array that’s not the only way. Uno, or Universal Network Objects,
outArray is a little bigger than needed, but it leaves the is a language-agnostic way of interacting with the office
code simpler and less prone to mistakes. suite. There are bindings for Python, JavaScript and many
To finish the program, we need some code to other languages as well as BASIC. Uno works by creating
a service that can then be used to execute actions. As a
replace the REM [1] line: simple example, here’s the 10 times hello world from the
total = xSheet.getCellByPosition(x-1,y).value + xSheet. main tutorial using Uno. This macro is a little different
getCellByPosition(x-1,y-1).value + xSheet.getCellByPosition(x- because it enters Hello World in the 10 cells below the
1,y+1).value + xSheet.getCellByPosition(x,y-1).value + xSheet. currently selected cell, not a pre-determined range.
sub test3
getCellByPosition(x,y+1).value + xSheet.
dim document , dispatcher, i
getCellByPosition(x+1,y+1).value + xSheet.
dim args1(0) as new com.sun.star.beans.PropertyValue
getCellByPosition(x+1,y).value + xSheet. document = ThisComponent.CurrentController.Frame
getCellByPosition(x+1,y-1).value dispatcher = createUnoService(“com.sun.star.frame.
DispatchHelper”)
for i = 1 to 10
if total < 2 then
args1(0).Name = “StringName”
outArray(x,y) = 0
args1(0).Value =”Hello World”
endif dispatcher.executeDispatch(document,”.uno:EnterString”,””, 0,
args1())
if total = 2 and xSheet.getCellByPosition(x,y).value = 1 then dispatcher.executeDispatch(document,”.uno:JumpToNextCell”,””,
0, Array())
outArray(x,y) = 1
next I
endif
end sub
86 www.linuxvoice.com
� LIBREOFFICE MACROS TUTORIAL
total = 0
xSheet = ThisComponent.Sheets(0) Recording macros Programming without programming
for z = 0 to xSheet.getCellByPosition(1,0).value
xSheet.getCellByPosition(3,0).value = z LibreOffice enables you to record macros. experimental in the options dialog. Despite
That means you don’t program anything, its poor accuracy, the ability to record
REM Both of the for loops from previous code section
but start recording, perform a sequence macros can be useful. For example, if you
next z of actions in the office suite, then stop want to know how to perform a particular
This will now run the for as many times as you recording. It will convert the series of actions action using a macro, and can’t find out how
enter into cell B1, and output the current iteration in you’ve performed into a macro that you can to do it, you can record yourself doing it, and
cell D1. We haven’t put a delay or any form of timer run again and again – at least, that’s the then take a look at the macro that’s produced
idea. We’ve found that the macro recording (which will be in LibreOffice Basic).
in there, so this will run as fast as it can. However,
facility is quite poor, and the recorded macro If you want to make use of this, you’ll
LibreOffice macros aren’t particularly efficient, so you isn’t the same as the sequence of actions first need to enable support. This is done
shouldn’t find this is a problem. that you performed. Usually, there are steps by opening the options dialog by going to
missed out, which can lead to radically Tools > Options then going to LibreOffice >
Looks are everything different results. Advanced and checking the Enable Macro
We shouldn’t complain too much Recording check box. Once you’ve done this,
If you’ve been following along, you’ll find that you now
about this, because the ability to record you’ll see a Record Macro option in the Tools
have a grid of 1’s and 0’s that move about. This does macros is disabled by default and listed as > Macros menu.
show what’s going on, but it’s not very easy to watch
because our eyes don’t naturally see groups of 1’s and
0’s. We can solve this problem without any changes to
the macro at all by using the conditional formatting
feature in LibreOffice. if outArray(x,y) > 0 then
To use this, highlight the region in which the Game if xSheet.getCellByPosition(x,y).value <> 1 then
of Life is playing, and go to Format > Conditional xSheet.getCellByPosition(x,y).value = 1
Formatting > Add. This will open a dialog box in which endif
you can adjust the conditional formatting rules. You’ll else
need to create two. First set Condition 1 to “Cell Value if xSheet.getCellByPosition(x,y).value <> 0 then
is equal to 0”, then click on the style drop-down and xSheet.getCellByPosition(x,y).value = 0
scroll to new style, and in the new dialog set the endif
background colour to white. Once you’ve set this, click endif
on Add to create a new rule, and set the condition to
“Cell Value is equal to 1”. This time, set the background This now runs better, but it’s not perfect. There’s
colour to black. still a rolling shutter effect that happens as the macro
When you run the macro now, you should find it updates the screen one cell at a time rather than all
much easier to see what’s going on. However, there’s in one go. We can fix this by locking updates to the
a problem. The performance, which was a little slow screen while the macro is calculating the results, and
before, will now have ground to a halt. This is because only unlocking it once everything has been calculated.
LibreOffice has to calculate the conditional format for This has the double effect of both stopping the rolling-
every cell as it updates. However, most of the time, shutter effect, and improving performance. This is
only a few of the cells will actually change value. We done by adding the following line immediately below
can optimise our macro to only write a value to the the Sub gameoflife declaration:
cell if its content actually changes. myDoc = ThisComponent
To do this, change the contents of the second for The locks can be applied at the start of the main for
loop to: loop by adding the following immediately below the
for z line:
myDoc.lockControllers()
myDoc.addActionLock()
The lock also needs to be removed to enable the
screen to update with the following lines immediately
before the next z line:
myDoc.removeActionLock()
myDoc.unlockControllers()
This completes our game of life, although there are
plenty of extra features you could add if you want.
Better timing control, multiple generations in a single
screen update and improved performance are all
potential enhancements.
The Gosper glider gun is a starting pattern that will Ben Everard is the best-selling co-author of the best-selling
Learning Python with Raspberry Pi
produce gliders as it runs through the generations.
www.linuxvoice.com 87
� TUTORIAL NGINX
SERVE WEB PAGES FASTER
TUTORIAL
WITH NGINX
MARCO FIORETTI
Content management systems such as Drupal are great, but to
serve up the pages, you need an HTTP server.
N
ginx is the second most used open source
WHY DO THIS?
HTTP server after Apache. It can wear several MASTER PROCESS
• Improve the hats: for example, Nginx can serve as an
performance of your
self-hosted websites email proxy server, but we only cover its HTTP usage Child Processes
• Simple websites, here. The main reason for using Nginx rather than
especially static copies Apache is encapsulated in this quote by Chris Lea: Shared memory is used for cache, session persistence, rate limits, session log
of closed websites, have “Apache is like Microsoft Word: it has a million options
a simpler configuration
but you only need six. Nginx does those six things, and CM CL W W W W
than Apache
it does five of them 50 times faster than Apache”. Cache Manager Cache Loader Worker processes handle HTTP
and other network traffic
Nginx uses less disk space and memory than
Apache, and is appreciably faster (some say up
This section of the official Nginx infographic shows all the
to 50%) both when serving static content and in main, low-level components of Nginx: a master process
several, common CMS scenarios. Besides, Nginx that coordinates everything, two cache managers (on the
performances, from speed to memory consumption, left, and one or more “workers” that actually handle the
change much less than those of Apache when the HTTP connections.
load increases. All this makes Nginx a great choice
wherever hardware resources the total time spent at the table. Wonderful customer
“Nginx uses less disk space are scarce, from embedded
systems to entry-level Virtual
service for sure, but also a huge waste of resources,
that may eventually bankrupt the owner. Nginx,
and memory than Apache, Private Servers, especially if instead, would be a restaurant where all waiters do
and is appreciably faster.” the HTTP administrator and
the webmaster(s) are the
the only thing that 99% of patrons really care about:
“Just bring what I ordered, quick, then go away to earn
same person. On the down the rest of your salary by somebody else”.
side, Nginx makes it harder than Apache to writing Nginx uses four different kinds of processes: the
third-party extensions and to shared hosting to master one loads the configuration and starts the
“customers” who want to configure and run their own other processes as needed. Two of them take care of
websites all by themselves. the on-disk Nginx cache: one just loads it at startup,
then exits; the other makes sure that the cache size
Here’s how Nginx loads Under the hood of Nginx never exceeds the predefined threshold.
configuration updates
If HTTP servers were restaurants, Apache would be a The Nginx “worker” processes do all the actual
without even restarting:
place where each party (browser) gets not only its HTTP work: they wait for socket events that signal
just type nginx-s at the
prompt, and a new master own reserved table (connection) but also a reserved new incoming connections, or new data from already
will step in, its workers waiter (process), who cannot serve any other table established ones, and react accordingly, fetching the
gradually taking over all until that party leaves – even if it needs to interact requirement documents from disk or other servers
the new connections. with him, as it always happens, no more than 5% of (more on this later), or writing logs. Just like its Apache
equivalents, an Nginx worker is a practically monolithic
software object that intrinsically consumes much
more CPU cycles and memory than the software
object representing one HTTP connection. The big
difference is that an Nginx worker operates in a non-
blocking fashion. Each single event (like “I’d also need
this other file as soon as possible, please”) from each
connection is handled by itself, as soon as it happens,
obviously taking into account the previous status of
that connection. But as soon as any event has been
processed, the worker jumps to the next one in line,
regardless of which connection it belongs to.
This event-driven architecture is the reason why
Nginx can handle a thousand simultaneous requests
88 www.linuxvoice.com
� NGINX TUTORIAL
at more or less the same speed that serves just one.
This approach also eliminates the need for context
switches. In fact, by default Nginx runs only one
Browser Requests www.example.com/contacts.php
worker process per CPU core, even when it has plenty Nginx
of RAM available: if it used two or more, they would
waste time jumping on and off the processor that
could be spent handling more events.
Fast CGI protocol
Configuration
Nginx runs following directives written in its
configuration file(s). With the exception of those that
apply to the whole server, directives are normally contacts.php PHP-FPM server
partitioned in a hierarchy of logical blocks. Common source file
sense, and the way Nginx is packaged by various
distributions, lead to split blocks and directives across on server PHP interpreter
different files, as in the example of here:
1
This is nginx.conf (the main file)
2
Yes, everything after a # is a comment Most dynamic Content
3
All server-level directives go here Line 2 means that all files should be compressed Management Systems
4
Include mime.types; before sending them to a browser, to save bandwidth. these days, especially the
5
Include fastcgi.conf; Each domain, or group of related subdomains, is Free Software ones, use
6
Include sites/*.conf; described in one server block. PHP as their scripting
After the first three, self-explaining lines, we find Lines 5 to 7 tell Nginx to answer all requests for all language. To make them
run under Nginx, you
the first (meta) directive of Nginx: include just loads domains ending in example.com (www.example.com,
must install the PHP-FPM
and executes all the directives contained in the file, or blog.example.com, archive.example.com, etc), using auxiliary server, which will
files, that follow it. Our sample Nginx first loads MIME encrypted (SSL) connections on TCP port 443 and / process all the PHP source
types, then FastCGI configuration, and finally website- var/www/html/example/ as the “home” directory files and pass the result to
specific directives. In Listing 1, they will be found, one (that is, a request for the web page www.example. Nginx.
set per domain, in the files inside the sites folder. com/info/contacts.html should get the file
Let’s describe a website. An example Nginx /var/www/html/example/info/contacts.html.
configuration for a website, listing 2, is shown below: Besides, Nginx should log all the visits to these
1
http { websites to /var/log/example.log.
2
gzip on; Any time a section of a website requires custom
3
server { treatment, you can put the corresponding directives
4
server_name *.example.com; inside a “location” block, which may itself contain
5
listen 443 ssl; other location blocks for more specific configuration.
6
root /var/www/html/example Line 9 means that a browser asking, for example, to
7
access_log /var/log/example.log; see the image www.example.com/images/logo.jpg
8
location /images/ { should not receive the file /var/www/html/example/
9
alias /var/www/html/images/; images/logo.jpg (even if it exists!), but the one at
10
gzip off; /var/www/html/images/logo.jpg.
11
error_page 404 /image_404.html; Directives defined in one block automatically apply
12
access_log off; inside all the blocks that it contains, recursively. When
it is necessary, you can turn off this behaviour, called
“inheritance”, as you see in line 10: no compression PRO TIP
Installation and updates/upgrades There still is a lot of
for anything inside the images folder, where it would
(non-official!) Nginx
Nginx can be installed from binary packages on all the be useless because almost all graphic file formats documentation based
major Linux distributions, unless you need the most recent are already compressed. Finally, lines 11 and 12 set a on if statements. Don’t
version, or some non-standard module that must be go that route unless you
compiled from sources. Nginx configuration updates and
different error notice file (image_404.html) to send to
are sure there really is
software upgrades are as smooth as they can get. There’s browsers that request non-existant images and turn no other way. Solutions
no restart and consequent downtime; not in the usual sense off logging for the images folder. based on try_files are
anyway. Whenever you run the nginx –s command, the Here’s a tip: when you build your first Nginx almost always more
master process first tells all the active worker processes robust and better
configuration, verify any major change you make by performing.
to exit as soon as they have finished with the connections
active when the order came. Then it starts new workers to
running the command nginx -t, which will tell you if
take care of new connections, using the new configuration. you made any mistake.
Software upgrades work in a similar way, again without
any service interruption. A new Nginx master process Rewriting the world wide web
starts alongside the original one, and takes all the new
Continuous, ubiquitous, on-the-fly rewriting of URLs is
connections for its own workers, until it remains the only
master running. what makes the modern web work. Why do two
different users, or even the same user coming back
www.linuxvoice.com 89
� TUTORIAL NGINX
Don’t install any PHP- requested URI as an argument (we’ll see how to
based CMS until your “execute” PHP files under Nginx later).
Nginx and PHP-FPM An alternative (but suboptimal) way to achieve the
configuration has passed same result in Nginx is combining several if, set and
the simple test described rewrite directives as follows:
in the tutorial: create a if (!-f $request_filename) { set $check “A”;}
test.php page that shows if (!-d $request_filename) { set $check “${check}B”; }
the variables passed by
if ($check = “AB”) { rewrite . /index.php last; }
Nginx and load it!
This weird syntax is a consequence of the limited
implementation of if in the Nginx configuration
language: you cannot nest if statements, or combine
several tests in one of them.
after a few days, never see exactly the same content Where do you put rewrite rules for Nginx?
even if they always type or click on exactly the same Much of Apache’s flexibility comes from its .htaccess
URL? Because, right behind the HTTP server that gets files. These are extra configuration files that a
that request, there’s a Content Management System webmaster, especially in shared hosting scenarios,
that recreates that “same” page, (potentially) every can place in every single folder of their own website or
time. All HTTP servers make CMSes work like this by websites. The two simplest uses of these files are
means of so-called URL-rewriting rules. The same protection of some directories (website sections), with
PRO TIP mechanism is used when a page, or a whole website, dedicated passwords, and storing rewrite rules.
Before you install the is moved to some other address. As far as Apache is concerned, each folder and
Nginx files, do yourself In the Apache world, the two main directives used subfolder can have its own .htaccess file: settings are
a favour and carefully for rewriting are called RewriteCond and RewriteRule. applied in the order in which they are found, starting
run the “Pitfalls” page
at http://wiki.nginx.org/ The first specifies which URLs should be rewritten; from the document root of Apache itself.
Pitfalls. Then compare the second describes how. Some installations of Nginx cannot, unfortunately, use such a distributed
it with the current Nginx WordPress under Apache, for example, may only work configuration. First of all, you can put files with Nginx
documentation for your
Linux distribution. with “rewrite rules” similar to these: “server” or “location” blocks wherever you want, but
RewriteCond %{REQUEST_FILENAME} !-f they would have to be all explicitly “included”, by name
RewriteCond %{REQUEST_FILENAME} !-d or wildcards, in the main configuration file.
RewriteRule . /index.php Secondly, .htaccess files are automatically found
The first two lines mean “do what follows only if and used by Apache as soon as a browser actually
the requested URL does not correspond to the name requests anything below the folder they are in. In
of an actual file (!-f) or folder (!-d) in the document other words, any webmaster working under Apache
root”. The rewriting rule below says that the HTTP can update his websites independently of all the
server should call index.php (which is an executable others, whenever he wants, without asking the Apache
file), tell it which URL was requested (the REQUEST_ administrator to do anything.
FILENAME variable) and pass to the browser Nginx, instead, needs to reload its whole
whatever index.php outputs as result of that call. configuration every time something changes. And it
will fail to reload, if even one of those files contains
Rewrite, the Nginx way even one error. This is by no means an issue, if you
Rewrite rules are needed for most real-world uses of happen to be the only webmaster using your own
Nginx, both for brand-new websites, and for ones Nginx server, since in that case you can trust all your
migrating from Apache. The main tool to implement users (we hope so, at least). But this limitation is one
them are the try_files and rewrite directives, but big reason why Apache is by far the first choice when
before looking at them we need to introduce URIs. In it comes to shared hosting.
web lingo, a Uniform Resource Identifier is the path in
the local filesystem that corresponds to some When Nginx meets PHP: FASTCGI
document accessible by browsers. A directive like The try_files directive and its alternatives are how
try_files $uri $uri/ index.php tells Nginx, whenever a Nginx figures out which executable files should run,
browser asks for the document www.example.com/ and how, in order to produce certain pages, but that’s
somepage and root is set as in Listing 2: only half of the job. The other half consists of actually
If the file ($uri) /www/html/example/somepage talking to those executable files, and making them run
exists, send that; as intended.
Otherwise, if the folder ($uri/) /www/html/ Back in the 90s, the main way to serve dynamic
example/somepage/ exists, send the index file of web pages was the Common Gateway Interface
that folder; (CGI). This protocol enables an HTTP server to ask a
If neither a file nor a folder with that name actually separate application to generate a web page on the
exist, redirect the request to the executable file spot, according to data received from the browser,
/www/html/example/index.php, passing it the and then pass the result back to the same browser.
90 www.linuxvoice.com
� NGINX TUTORIAL
How Apache works
Software programs run as sets of processes (or threads, which context switching consumes a certain amount of CPU time.
are practically the same as far as we are concerned here). A Performance degrades seriously once memory is exhausted,
process is a self-contained set of instructions, running on one or when high I/O load causes too many context switches.
CPU core. A single CPU core can only handle one process at a Apache spawns several processes to listen for new
time. Different processes on the same or different computers connections from browsers on “listen sockets”. When a
can communicate in several ways, including local or, in the connection arrives, the process that gets it serves it all by
second case, network sockets. These are sorts of bidirectional itself, blocking after each step to wait for the browser’s
mailboxes, where a process can drop chunks of data to wait response. Once the transaction is finished, it waits for a little
until the other process picks them. while to see if the same browser comes back with another
Modern microprocessors pretend to “run” several programs request. Only when that “keepalive” timeout expires, the
simultaneously by continuously moving the corresponding process returns to listening for new connections.
processes in and off their cores, according to a scheduling This architecture is simple to implement and extend.
algorithm. This operation, called context switching, has a However, every active HTTP connection requires a dedicated
cost. First, each process keeps at least part of the RAM for process, which remains 100% “blocked” on that connection
itself, without sharing it with any other process. Second, each until it ends, even if it spends 90% of the total time waiting.
Under CGI, a server receiving a request for a 1
root /var/www/html/example/myblog;
PHP page such as contacts.php would run the 2
include fastcgi_params;
PHP interpreter, eg /usr/bin/php, with contacts. 3
fastcgi_pass unix:/var/run/php5-fpm.sock;
php as first argument. Of course, this would spawn 4
try_files $uri =404;
a separate PHP process for every page request, 5
fastcgi_index index.php;
leading to the same performance issues seen with 6
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_
Apache. The answer to this problem, FastCGI, was a script_name;
big improvement from many points of view. Unlike its Line 1 has the usual meaning, and line 2 simply
predecessor, FastCGI often requires an extra “server”, tells Nginx where to find all the server-wide FastCGI PRO TIP
but it’s worth it: this new protocol can connect HTTP configuration parameters. The next line says that the Test your Nginx
installation in these three
servers and scripts running on different computers, to PHP-FPM process is listening on the local Unix socket steps: first serve yourself
share the load, and above all works in the same, non- /var/run/php5-fpm.sock. The final three directives a static “Hello World”
blocking way as Nginx itself. mean, in this order: HTML page, then a PHP
test page as in Figure 4,
With the right configuration, PHP scripts could If there is no file at the requested location ($URI), and only after that try to
directly “speak” FastCGI with Nginx, or any other return the 404 HTTP response code. run WordPress, or similar
software. However, it’s much more common to use If a browser wants to see www.example.com/ CMS software.
an intermediary. The mini-server written just to handle myblog/, that is the blog index, ask PHP-FPM to run
PHP processes via FastCGI is called PHP-FPM (PHP /var/www/html/example/myblog/index.php.
FastCGI Process Manager). Requests for any other existing PHP script
In practice, this means that in order to host any (assuming for the sake of simplicity that /var/www/
Content Management System written in PHP (that html/example/myblog/ only contains such files!)
is WordPress, Drupal, Joomla, Moodle and many should make PHP-FPM use the file with the same
more), you must first install the PHP-FPM package, base name ($fastcgi_script_name). As an example,
then tell Nginx to let it handle all PHP requests, using a URL like www.example.com/myblog/contacts.
the FastCGI protocol. After installation, the second php will make PHP-FPM load /var/www/html/
step is accomplished with the directives provided example/myblog/contacts.php.
by the Nginx FastCGI module, of which we provide a You can test if your Nginx/PHP-FPM setup is correct
simplified example below: by creating a PHP page containing only this PHP
command: <pre><?php var_export($_SERVER)?></
pre> and loading in your browser. If everything is OK,
you’ll get a listing of all the PHP variables passed by
Nginx to PHP-FPM.
Online converters for Apache .htaccess files,
such as http://winginx.com/en/htaccess or www.
anilcetin.com/convert-apache-htaccess-to-nginx
are convenient starting points to migrate from Apache.
Much of the power of Nginx is in only two features –
try_files and PHP-FPM. At this point you know enough
to make the best of the extensive documentation on
those topics, especially if you start from the official
The placement and layout of the Nginx config files and wiki (http://wiki.nginx.org) and its “Pitfalls” page.
folders may change from distro to distro (this is on
Marco Fioretti is a Free Software and open data campaigner
Fedora 20). Try to stick to it, otherwise the next system
who has evangelised FOSS all over the world.
update may break your setup!
www.linuxvoice.com 91
� TUTORIAL DRUPAL
DRUPAL: CONFIGURE
TUTORIAL
A CUSTOM CMS
MARCO FIORETTI
If your site has many users, lots of content and different types of
media, you might need this mighty content management system.
M
aybe you want to build a real website, just Consequently, things that, with other CMSes, are
WHY DO THIS?
for the fun of it. Or maybe your boss jut told doable out of the box right after installation, like
• For the same reason you to build one. In both cases, by “real posting articles with embedded pictures but without
that buying a house can
make more sense than website” we mean something that is really yours: a using HTML, require initial setup in Drupal.
renting: a place that’s permanent online place where you set the rules, from If you only need a mostly “unidirectional” website,
really yours looks to permissions, and one that stays, untouched, where you or a few peers can publish stuff, with little
• Provide a fully even when Facebook disappears or goes the way of interaction with visitors, come back next month for
customised online base
to a community you Geocities, Friendster, MySpace or Posterous. a better solution. But if you want a full multi-user
belong to This tutorial is about building such a website with environment, completely multilingual if needed, with
• Acquire competence and version 7 of the Drupal software, even if you have flexible access control, content categorisation, page
skills that may be useful no former experience with Drupal, or with website configuration and integrated forums, Drupal is for you.
on the job some day
administration for that matter. We’ll cover what you
need to know to start building from scratch and Main Drupal concepts
manage, with Drupal, a website that may also be a Good CMSes keep raw content, the structure of a site
highly interactive online community for all its authors, and the look and feel of the site as independent as
editors and simple visitors. possible. Drupal applies this rule through modules,
blocks, themes, and views. Modules are sets of
Why Drupal? And when? (mostly) PHP files that provide a specific functionality.
Modern, dynamic websites are all created and Their official directory (http://drupal.org/project/
managed with Content Management Systems, or modules) lists modules for almost anything you might
CMSes for short: software that, running behind a web need, from maintenance to pictures galleries.
server, lets people create the overall structure of a Blocks are independent boxes that can contain
website, and then publish and organise content inside anything you might find on a website: menus,
it from any browser without programming or writing links, picture galleries, help text and so on. A Drupal
raw HTML. administrator can activate as many blocks as they
Drupal (http://drupal.org) is one of the most want, telling each one to appear only in certain
popular Free Software CMSes for highly structured, pages, or just to some users. Blocks may display
highly interactive community websites. It has static content, or a different one every time, maybe
A partial snippet of the hundreds of extensions, good online support and lots depending on who the user is.
Drupal control centre for of documentation. It is usable, and worth using, even Similar to blocks, but only at first sight, is the
modules. As you can see
by novice webmasters. At the same time, Drupal is functionality provided by the Drupal module “Views”,
on the right, each module
modular, to a fault. Some people say that it is not a which you really want to install: it has a narrower
can have links to separate
pages for controlling who CMS, just a framework to build one. When you “install scope than blocks, but within that scope it is
can see it (“Permissions”) Drupal”, you are only installing its core; that is, the really powerful. Blocks may contain anything from
and/or configure its smallest bunch of PHP files without which nothing anywhere, for example a YouTube clip. The Views
behaviour. would happen. interface, instead, provides commands to build both
custom queries of the Drupal internal database and
the instructions on how to display their result.
Without any coding (unless you really want it!), you
can pick any combination of fields, and then filter
and sort them as you want. You may use Views,
for example, to dynamically display all the last X
comments from user Y, sorted by modification date.
The ways to display the result of a Views query are
equally flexible: Drupal can output it as a table, list or
grid, either as a custom page, with a custom URL, or
as a block to be placed wherever you want.
Looks and layout are controlled by Drupal themes.
Just like modules, themes are small bundles of files.
92 www.linuxvoice.com
� DRUPAL TUTORIAL
Their PHP parts tell the Drupal core how to extract,
process and format the content of the database, in
order to build each page. Themes also contain CSS
files that specify colour, font and other typesetting
features of each element of a page, from titles to
background and block borders. At a higher level,
Drupal themes can implement things like drop-down
menus, but above all they partition the pages in
regions; that is, predefined areas where you can place
any available block.
Number, size and behaviour of regions, that is
whether they automatically resize to fit the screen
size, can greatly differ from theme to theme. Besides,
each block can appear in all the themes installed
by the administrator, but only once per theme. The
bottom line is that the same Drupal installation can
change look completely by simply switching theme.
Check the demos at www.drupal.org/project/project_
theme out, and you’ll see what we mean.
This is the part of the
you can create your own ones with the fields that Views interface to create a
Vocabularies and taxonomies you need. calendar view of time-
Taxonomy is “the practice of classifying things”. By User management is equally flexible: you can give sensitive content. You can
assigning taxonomy terms to your Drupal content, you each user one or more roles, each with different have several displays (the
can both index it more efficiently, and control who can privileges. By default, a fresh Drupal installation only Month/Week/etc tabs), and
see or edit it, and how. By assigning the right knows the roles of Administrators, Authenticated how they look, from the
taxonomy terms to each page, you can build custom Users and “Anonymous”. Users in the first class can order of the fields to the
URLs for each section of your website (eg mysite. do pretty much everything: create other users, delete page footer.
com/catalog/, mysite.com/employees and so on), pages, rewrite vocabularies, whatever. Authorised
and give different access rights to each of them. To users will only have lower privileges, like creating
make things easier you can create many Vocabularies or commenting on articles, and anonymous ones
– separate groups of terms, each of a different type. A may be limited to
Linux community website, for example, may have one
Vocabulary for “Distributions” (with terms like Debian,
read-only access,
or even none at
“In Drupal, each piece of content is
Ubuntu, Fedora, Centos…) and one for Use Cases all. Of course, called a node, and belongs to one
(Web Server, Desktop, Router…). Administrators can
create new user
of the available content types.”
Content and users roles, and fine-tune
In Drupal, each piece of content is called a node, and the related privileges, as they want.
belongs to one of the available content types. The
latter are sets of predefined fields (Title, Author, Date, Distributions
Content...) and management settings (formatting Just like Linux, which is only a kernel, Drupal can come PRO TIP
instructions, editing permissions and so on). The in Distributions (www.drupal.org/project/project_ All main Linux
distributions include, or
built-in content types are Articles and basic Pages, but distribution), that is bundles of Drupal core and can install with a few
clicks, a MySQL server (or
its MariaDB replacement)
LAMP and Drupal-friendly servers, AKA: where do I install Drupal? and a web server. Take
advantage of them to
All the pages of a Drupal website are generated on the fly by The second option is cheaper and requires no server-level learn and test Drupal on
PHP code, executed on a server permanently connected to maintenance by you, but also comes with limits and gotchas. your own laptop first!
the Internet and using raw data stored in a MySql database. Available RAM, that is performance, will surely be less than on
Technically speaking, both the database and the PHP code your own server, for example, and the same goes for privacy.
interpreter may run on any operating system that supports Another, potentially very annoying difference, may be
Mysql and at least one Web server. Almost everything in in the configurations of PHP and Apache. Drupal works
this tutorial is valid even on a Web server different than without problems with their default settings in most Linux
Apache and/or running on Windows. In practice, though, the distributions. Certain providers, instead, for performance and
combination which is by far the most common (and 100% Free/ other reasons, tweak those parameters in way that will confuse
Open Source software to boot!) is the so-called Lamp Stack, Drupal and waste your time, until you compensate them with
that is PHP and MySql running with an Apache Web server, on other changes in your Drupal installation.
Linux. The conclusion? If you have the skills and can afford the
You can install Drupal and everything else on a physical or price, just lease a virtual Linux server and use it. If you need
virtual, but complete, Linux server that you fully control as root, to go for a basic hosting account, that can be fine too... as
or just lease one database and one single folder for the Drupal long as you get it from a provider already well known for being
files, on the server of some commercial hosting provider. “Drupal-friendly”!
www.linuxvoice.com 93
� TUTORIAL DRUPAL
number, so that the Drupal “home” will be
something like /var/www/html/drupal-7.38 (we’ll
explain why later).
3
Inside that folder, copy the sample file called
default.settings.php to another named
settings.php.
4
Open the latter file and write inside it, as shown on
Drupal.org, your MySQL database, username and
password.
5
Tell your web server that the “home directory” of
mydrupal.example.com is /var/www/html/
drupal-7.38 and restart it.
6
Point your browser to http://mydrupal.example.
Here’s the “block region-
selected themes, modules and settings, all integrated com and follow the instructions you’ll see.
demonstration” screen that
Drupal produces to show and optimised for a specific purpose. There are, to 7
If you get some error page about access
you in how many different give just a few examples, OpenScholar, which is made permissions of files or folders, don’t worry: change
places (Highlighted, for academics and their research activities, and also them as requested, then reload the page in the
Sidebar, Footer columns…) OpenPublic (Public Administrations) and OpenPublish, browser.
you may put your blocks. for online media outlets of all sorts. During this procedure, you will also define the site
name, and create the Drupal equivalent of “root” under
The hard part: figuring out what you want Linux: the main, almighty system administrator.
Once all the concepts above are clear, it’s time to plan Later on, you may give administration powers to
what your Drupal site will need and how to put it other users, but only the first one will be the ultimate
together. Use these pages and the Drupal website as a master: use that account only when really necessary,
starting point to draw on eg for upgrading or installing modules.
paper the layout of your A useful feature of Drupal is that you can install it
“Adding more components than future website, and its just once, and then run many independent websites
you really need slows Drupal main characteristics. with it. You also want to run myotherdrupal.example.
What must it do? Should com? Then get a new MySQL database for it and
down, unless you spend more.” the theme be optimised create a folder named /var/www/html/drupal-7.38/
for mobile devices? How sites/myotherdrupal.example.com. Next put inside it
many types of content and user roles do you need? another folder, named files, and another settings.php
How do you want to index and display everything? with the new MySQL credentials and the $base_url
Which interactions are needed among users? How variable set to http://myotherdrupal.example.com.
can Drupal do each of these things? Finally, repeat the procedure above, with the new
Stick to the smallest possible number of themes parameters, starting from step 5.
and modules you can live with, even if it means
downsizing your initial wishlist a bit. Adding more Post- installation work
components than you really need slows Drupal down, Managing Drupal mainly consists of a lot of clicking
unless you spend more for the server. Besides, more through the administration interface. Drupal tutorials
PRO TIP components means more frequent updates and
Before any update or more maintenance work for you. More modules also
upgrade, make a full
backup and check its
means you increase your chances of bumping into
status. Also, write down some undocumented incompatibility. So, unless you
all the modules you had really want them, stick to modules listed at Drupal.org
installed, in order to
reactivate them all right
that have an open licence, few dependencies, active
after the update. maintainers and lots of other users.
Installation
Drupal.org describes the basic installation procedure
very well, with all the boring details: follow them all,
and everything will be fine. Assuming your website is
mydrupal.example.com, your base web folder is /var/
www/html, the web server is Apache and the Drupal
version to install is 7.38:
1
Create a MySQL database and user, if you own the
web server, or get them from your web hosting
provider.
2
Unpack the Drupal archive inside /var/www/html, This window is where you tell each block where to go,
renaming the resulting folder to reflect the version either by drag-and-drop or drop-down menus.
94 www.linuxvoice.com
� DRUPAL TUTORIAL
and forums are full of instructions like “Go to admin/
structure/taxonomy/add”, which corresponds to “log
in as administrator, then click on Structure, then on
Taxonomy, then on Add…”. Drupal does have a
command line control tool called Drush (www.drush.
org), but it’s beyond the scope of this tutorial.
Our advice is to go install or activate the WYSIWYG
editor CkEditor and the graphical file manager IMCE.
In order to install a module, unpack its compressed
archives in the sites/all/modules subfolder of your
Drupal installation. Next, browse to admin/modules:
that page will list the new module, but “disabled”.
Click on the checkbox to enable it, then on “Save
Configuration” at the bottom of the same page, and
the new module will now be running in Drupal.You
may have to click a bit more to configure its access
permissions or other parameters, but that’s it, really.
The procedure to install themes is very similar, but of
course you must put the files in sites/all/themes, and
configure them by going to admin/appearance. Standard Pages and Articles are too dull? No problem. You can create new types of
contents with all the fields you want, and rearrange them with your mouse.
Backups and updates
All kinds of software activities need regular backups, term indicates the passage from one minor version
but in our case they are a bit trickier than usual, number to another in the same major series, and
because all Drupal pages are built on the fly by mixing the second a major version change: moving from
database content, Drupal source files and images or Drupal 7.38 to Drupal 7.40 would be an update, and
other documents uploaded by users. In order to from Drupal 7.xx to Drupal 8 an upgrade. Now, do you
migrate your website to another server, or to restore it remember that we suggested you install Drupal in a
after a system crash, you need to back up all that data folder named after its version number, like /var/www/
and the related configuration. We can’t give you all the html/drupal-7.38? Here’s why. If you do that, when
details, but this means that, unless your Hosting it’s time to update (upgrades are a trickier business,
Provider takes care of everything for you, your regular see Drupal.org for them), you can “reimplement” the
backup script must collect and save, for every website official procedure as follows: PRO TIP
that you are running off your Drupal installation: 1
Log in as the master administrator and put the Can’t decide which
theme you prefer?
The whole content of its MySQL database, with the website in maintenance mode (admin/config/ Install the Switchtheme
mysqldump command. development/maintenance). module! You will get a
Its settings.php file and the whole files subfolder. 2
Change the theme to one of those included in block with a drop-down
menu containing all the
All the .htaccess files that Drupal puts in its Drupal core, and temporarily disable all non-core installed themes, that will
subfolders, for access control and other reasons. modules. let you switch to any of
The configuration file(s) of the web server that tell it 3
Unpack the new version to a whole new folder, with them, very quickly, from
any page.
to call Drupal when someone wants to visit your the new version number, eg /var/www/html/
website. (The basic Drupal files may be just drupal-7.40.
reinstalled). 4
Clone the MySQL database, that is make a perfect
As far as updates and upgrades go, the first copy of it.
5
Point the settings.php file inside the drupal-7.40
folder to that new database.
What to read next! 6
Point the web server to the drupal-7.40 folder and
The official documentation at Drupal.org does not cover restart it.
everything, but all the guides about the essential issues, 7
Point your browser to http://yoursite.example.
from installation and upgrades to module management,
are up to date and pretty thorough. Many useful tricks and com/update.php to run the actual update, and
tutorials, however, are hosted on other sites. Hopefully, follow the instructions.
with this tutorial you should now be able to quickly make See the trick? The steps from 3 to 6 can be run
sense of the guides, and also know the right search terms by a shell script in a few seconds, to minimise both
to find the tutorials you need. There are plenty of very good
downtime and risk of errors. Above all, if anything
books too, but even they will be more useful, in our opinion,
if you get them after a quick read of the online documents. goes wrong, you can just point the web server back
So get out there, and study them! Final advice: even to the old Drupal folder, and everything will return as
before installation, keep an eye on the Drupal.org forums, before, using the original database. Neat, isn’t it?
to understand both what is possible, and how to ask for
help when the moment comes: with Drupal, this is more Marco Fioretti is a Free Software and open data campaigner
necessary than with other tools. who has evangelised FOSS all over the world.
www.linuxvoice.com 95
� TUTORIAL ARDUINO ROBOTICS
ARDUINO: PROGRAM A
TUTORIAL
COMPUTER TO WALK
BEN EVERARD
At the boundary between robotics and science fiction are Androids.
We take a first step towards making one.
T
here are lots of robots that roll around on more complex the walking you can do (human legs
WHY DO THIS?
wheels and an increasing number that fly, but have about five degrees of freedom depending on
• Become the commander for those of us who grew up on science fiction, exactly what you count).
of your own robot army
these will never be as cool as robots that walk around We opted to go for a chassis with three degrees of
• Learn more about
robotics and controlling on two legs. It’s not a particularly effective method of freedom per leg (this is often expresses per chassis
servos moving, but we’re going to ignore this, and build a as 6 six degrees of freedom). Each of these degrees
• Take your QWOP two-legged walking robot for the sheer geekery of it. of freedom is controlled by a servo. These are motors
mastery to the next level Before we go too far into this, we need a note of that move in a circular motion, but enable the user to
caution. Unless you have a lot of time and money, it’s specify the exact angle they want the motor to rotate.
very unlikely that you’ll be able to create a robot that Lynx Motion is the most trusted brand of robot
can walk well on uneven ground, or even walk quickly chassis, and its Brat model has three degrees of
on flat ground. Don’t be put off though: with a modest motion per leg. It’s available from Robotshop for £153
budget and a bit of persistence, walking is possible. (www.robotshop.com/uk/lynxmotion-biped-brat-
The capabilities of a biped chassis can broadly be no-electronics-brat-blk.html). This is quite cheap
described using the number of degrees of freedom for a named-brand biped chassis (they can cost
they have. Each degree of freedom is equivalent to thousands of pounds), but it’s also quite a lot to spend
a single joint that can move in a single axis (such as if you just want something to play with. The Brat has
a knee or elbow). A joint that can move in two axes inspired a whole range of imitators that are available
(such as a hip or shoulder) counts as two degrees of directly from Chinese manufactures. We found a lot of
freedom, though these sort of joints are rarely found options on AliExpress.com (search for “robot 6dof”).
on simple robots. We bought one for just under £60.
Legs with one degree of freedom can’t really do Even a cheap chassis is likely to be fairly sturdy, but
anything except flail around. It is just about possible servos are another matter. There are a lot of cheap
The circuit showing a
to get a robot with two degrees of freedom per leg to servos on the internet, many of which are fakes (that
single servo connected.
The other five are powered walk, but it’s very slow and ungainly. is, they are real servos, but they’re not made by the
in the same way, but For something that loosely resembles human company they claim to be). The Tower Pro brand
connected to different pins walking, you’ll need at least three degrees of freedom seems to be commonly faked. Cheap servos aren’t as
on the Arduino. per leg. The more degrees of freedom you have, the accurate or as hardwearing as better manufactured
models. However, a walking robot isn’t a particularly
taxing role for a servo: accuracy isn’t as important as
it is in, say, a model airplane. The load on them isn’t
that big, and there aren’t any vibrations to damage the
internal circuitry.
Another issue is that cheap chassis may not come
with assembly instructions, so you may have to
construct it based on an image of the assembled bot.
Building brains
Once you’ve acquired and built your chassis, the next
thing you need to do is set up the control electronics.
Servos are quite easy to control. They don’t require
any complex driver circuits like regular motors.
You should find that each servo has three wires: a
positive, a negative and a control (often coloured red,
brown/black and orange/yellow respectively). The
control takes a pulsing signal, and places the motor
depending on the duration of the pulse. It can be
controlled from almost any controller board that has
GPIO pins. The two obvious options to control it are an
96 www.linuxvoice.com
� ARDUINO ROBOTICS TUTORIAL
Arduino or a Raspberry Pi, both of which have libraries Tilting at the ankles allows
to help you control the servos, and both would work one leg to come off the
well. We opted to use an Arduino Uno because it’s a ground and make a step
slightly tougher board and should cope better with
the inevitable stumbles that come with learning to
walk, and because it made it easier to control from our
laptop. You should be able to use any board with the
ability to control six servos, and that includes the Pi.
Since servos only need a pulsed signal, the circuitry
for controlling them is very simple. You just need to
connect the control wires from the servos directly
to the output pins on the Arduino. We did this by
removing the female connector that came attached to
the servo, and soldering on a length of single-core wire
that could be used as a male connector to attach to
the female headers on the Arduino.
We also connected together all the positive leads
from all the servos to a single positive connection for
the bot, and likewise with the negative leads. they may have been attached at a slightly different
orientation.
Mobile or mains power? There are a few options to do this, but a simple
Servos suck up more power than the Arduino can method is to use trial and error. You can upload code
supply, so you can’t connect these power leads to your Arduino to set the servo at a particular point
directly to the board. Different servos require different (using the pos variable in the code below), and keep
amounts of power, but 4.8–6V is common. Four trying different values until you get it right.
rechargeable AA batteries will deliver 4.8V, but as soon #include <Servo.h>
as they start to lose charge, they can drop below this, Servo myservo;
and we found that we only got around 15 minutes of int pos = 100;
power out of rechargeables. Some cheap non- void setup() {
rechargeables didn’t fair much better. C or D cells may myservo.attach(9);
work, as may Lipo or Li-ion batteries (but you’ll need }
some form of regulator to make sure the power is void loop() {
supplied at the right voltage). myservo.write(pos);
After experimenting with batteries, we opted to run delay(15);
our walking robot tethered to the mains using a 5V 2A }
adaptor, and this worked without any problems. This In our code, we created servo objects for each joint,
obviously doesn’t have the same appeal as running it and named them left_ankle_servo, right_ankle_servo,
independently, but it makes the system much easier left_knee_servo, right_knee_servo, left_hip_servo
to use, especially for testing. and right_hip_servo. We’ll store everything in variable
Whichever method you choose to power the names according to
servos, it’s best to use a separate power supply for the joint it refers to. “However you power the servos,
the control board. This is because the servos have
very variable power demands that can cause the
We could have saved
space by using arrays,
it’s best to use a separate power
power supply to fluctuate, and this can cause the but for testing at least, supply for the control board.”
Arduino to occasionally reset itself if they’re on the we found it easier
same supply. Since we were tethering the robot to the to see exactly which joint a piece of data or object
mains anyway, we powered the Arduino from a laptop relates to. Whenever you see the line in the code
USB port. However, if you’re powering the servos from //for all joints
batteries, Arduinos run well off 9V batteries. it means the previous line is repeated once for every
The final bit of circuitry needed is a connection servo.
between the Arduino’s ground pin and the negative The variable declarations are as follows:
wire from the servo power supply. This is needed #include <Servo.h>
because some of the power from the Arduino is sent int move_speed = 20;
to the servos via the signal wire. This common ground int inter_move_delay = 800;
is needed to complete the circuit. Servo left_ankle_servo;
Now you’ve got everything wired up, the first task is // for all joints
to find the mid-point of each servo. This is the position int right_knee_pin = 8; //wire 1
they need to be set to for your chassis to stand up // for all joints
perfectly straight. In an ideal world, it would be the int left_ankle_middle = 68;
same for every servo, but in reality, it won’t be because // for all joints
www.linuxvoice.com 97
� TUTORIAL ARDUINO ROBOTICS
Leaning backwards stops //any negative values are ignored.
the robot losing balance if (left_ankle_to < 0) { left_ankle_to = left_ankle_current; }
as it extends the other leg // for all joints
forwards. while (left_ankle_current != left_ankle_to |
right_ankle_current != right_ankle_to |
// for all joints
){
if (left_ankle_current < left_ankle_to) { left_ankle_
current++; }
// for all joints
if (left_ankle_current > left_ankle_to) { left_ankle_
current--; }
// for all joints
left_ankle_servo.write(left_ankle_current);
// for all joints
delay(actual_move_speed);
}
int left_ankle_current = 68; }
// for all joints As you can see, this function takes a parameter for
As well as creating servos and specifying the each joint. If the value is negative, we leave the servo
middle, this also creates a current variable for each where it is currently; if it’s a positive number, we run a
joint which holds the current position. Initially, we set loop that adjusts the position of the servo by one each
this to be the middle position, and we ensure that this time until it reaches the desired position.
is right by calling the function stand_straight in the We declared the variable move_speed as a global
setup loop: variable, but it’s passed to this function because
void setup() { there might be some movements that we want to run
left_ankle_servo.attach(left_ankle_pin); slower or faster than others.
// for all joints The hardest part of making a robot walk isn’t
stand_straight(); building the chassis or the technicalities of
delay(inter_move_delay); programming a controller board, but figuring out the
} sequence of motions that have to come together
void stand_straight(){ to actually make something walk. There are a few
left_ankle_servo.write(left_ankle_middle); different ways the sequences come together, but we
// for all joints found the best option to be:
} 1
Rock onto the correct foot.
You may also have notices two variables, inter_ 2
Balance by leaning backwards.
move_delay and move_speed. The first of these is 3
Move leg forward and put it down.
used after each movement These actions can then be repeated with the robot
“The hardest part of making to keep everything controlled. balancing on the other foot. There’s a slight problem
something walk is figuring Without this, the robot can
start to rock, or not complete
because you need to do a slightly different set of
moves to start from a standing position than you
out the series of motions.” a movement before starting need to loop through to continue walking. To solve
with another movement. The this, we have a sequence of moves to get started
second is used to control the speed of movement, as which is in the function middle_to_left(), and another
we’ll see in the next bit of code. You can play about function that can continue running in a loop which is
with these to see what works best. Some chassis and called pace_from left(). We’ve included comments
servos will be able to walk faster than others. that link to the numbers in the above list to show what
In the function stand_striaght(), we set the servos each movement is doing.
to the desired position. This means they will move as void middle_to_left_foot(){
fast as they can to that state. In this case, we had no //ensure middle
alternative because we didn’t know what position the move_to(left_ankle_middle, right_ankle_middle, left_knee_
joints were in at the start. However, from this point middle, right_knee_middle, left_hip_middle, right_hip_middle,
onwards, we can track the position of the joints, and move_speed);
using this knowledge, we can move more smoothly delay(inter_move_delay);
to the desired state by changing the position of the //1
servo in increments rather in one go. The function move_to(left_ankle_middle-20, right_ankle_middle-25,
move_to() does just this: -1,-1,-1,-1, move_speed);
void move_to(int left_ankle_to, int right_ankle_to, int left_knee_ delay(inter_move_delay);
to, int right_knee_to, int left_hip_to, int right_hip_to, int //2
actual_move_speed){ move_to(-1, -1, left_knee_middle -25, -1, -1, -1, move_speed);
98 www.linuxvoice.com
� ARDUINO ROBOTICS TUTORIAL
delay(inter_move_delay); Pivoting at both knees
} completes the stride, and
void pace_from_left() the robot is ready to rock
{ onto the other foot.
//3
move_to(-1, -1, left_knee_middle + 20, right_knee_middle-20,
left_hip_middle+15, right_hip_middle+25, move_speed);
delay(inter_move_delay);
//1
move_to(left_ankle_middle+25, right_ankle_middle+20,
-1,-1,-1,-1, move_speed);
delay(inter_move_delay);
//2
move_to(-1, -1, left_knee_middle, right_knee_middle - 25, -1,
-1, move_speed);
delay(inter_move_delay);
///3
move_to(-1, -1, left_knee_middle - 20, right_knee_middle + 30, forwards will introduce a slight rotation. The sequence
left_hip_middle-10, right_hip_middle-20, move_speed); of movements for a left turn is:
delay(inter_move_delay); 1
Rock onto left foot.
//1 2
Balance.
move_to(left_ankle_middle-20, right_ankle_middle-25, 3
Move right leg forward.
-1,-1,-1,-1, move_speed); 4
Flatten feet so resting on both of them.
delay(inter_move_delay); 5
Bring legs together.
//2 This is done with the following code:
move_to(-1, -1, left_knee_middle -25, -1, -1, -1, move_speed); void turn_left(){
delay(inter_move_delay); move_to(left_ankle_middle-20, right_ankle_middle-25,
} -1,-1,-1,-1, move_speed);
The code to walk forward 10 paces is therefore: delay(inter_move_delay);
middle_to_left(); move_to(-1, -1, left_knee_middle -25, -1, -1, -1, move_speed);
for(int i=0; i<10) i++){ delay(inter_move_delay);
pace_from_left(); move_to(-1, -1, left_knee_middle + 20, right_knee_middle-20,
} left_hip_middle+15, right_hip_middle+25, move_speed);
There’s no particular reason that we start our bot delay(inter_move_delay);
moving with the left foot. It would work equally well by move_to(left_ankle_middle, right_ankle_middle, -1,-1,-1,-1,
starting with the right foot down instead. move_speed);
delay(inter_move_delay);
Turning around move_to(left_ankle_middle, right_ankle_middle, left_knee_
The biggest flaw in robot chassis with six degrees of middle, right_knee_middle, left_hip_middle, right_hip_middle,
freedom is that they can’t turn elegantly. Humans use move_speed);
the extra flexibility in their legs and feet to spin around delay(inter_move_delay);
on the spot, but our simplified bot can’t do this. The }
cludge required is to drag the feet across the floor. Because this relies on the friction of the surface,
Pulling one foot backwards, while pushing the other this won’t make the robot turn a uniform amount.
On one surface, the robot may turn 10 degrees; on
another, 20. It may also cause the robot to stumble
Raspberry Pi A brain transplant
on uneven ground. If you want a more precise turning
You could easily use a Raspberry Pi as the brains of your system, you’ll need a robot chassis with eight or more
walking robot instead of an Arduino. The GPIOs can control degrees of freedom.
servos using a number of methods:
Servo blaster is a kernel module that enables you to
This is all the code you need to make your walking
control servos from the command line. robot move. We haven’t included any controls; it’s left
Pigpio is a C library that includes servo control as well as as an exercise for the reader to decide how you want
other GPIO manipulations. to communicate with your walker. You could leave
You can control servos by manipulating Pulse Width it as a series of pre-programmed steps, you could
Modulation duty cycles. There’s more information about
how to do this at https://learn.adafruit.com/adafruits-
hook up a joypad and use that to steer, or if you’re
raspberry-pi-lesson-8-using-a-servo-motor. ambitious, you could add some sensors and attempt
Whichever method you choose, the circuitry should be to program it to move independently.
the same, as will the process of walking, so it should be
fairly easy to translate the Arduino code to your Raspberry Ben never writes this bit, so we can make up whatever we
Pi language of choice. want. For example, he wrestles wild penguins!
www.linuxvoice.com 99
� CODING C
BUILDING BLOCKS OF UNIX: THE
TUTORIAL
C PROGRAMMING LANGUAGE
JULIET KEMP
In embedded systems and at the heart of the Linux kernel, C is the
powerhouse making it all work.
I
n an earlier tutorial in this series, we talked about
the development of Unix at Bell Labs starting
around 1968, with Ken Thompson and Dennis
Ritchie taking the lead. When, in 1970–1, the team
began porting Unix to a new machine, a PDP-11, it was
still written in assembler. Assembler can be very
efficient in that it can be tweaked closely to machine
architecture, but it’s very inefficient to write. A single
task can take many pages of code, and debugging is a
nightmare. High-level languages (where you write code
which is then compiled into assembler by the
computer) allow much faster, easier programming.
Thompson had already created a language called B, Dennis Ritchie and Brian Kernighan, Unix titans.
which they considered using to rewrite Unix, but B had
limitations… so Ritchie took on the creation of a new them across to other systems. As part of this, the type
language: C. C was based on B, but added structures, system became more stringently enforced, though
data types (loosely based on the concepts established many older programs written in a less type-safe
in Algol 68), and a set of other improvements. manner still existed; Steve Johnson produced lint to
Ritchie started work in 1972, and C evolved very help coders tidy up these older programs. Once Unix
rapidly during this first year. Operators such as && was ported to a DEC VAX 11/780, the new portability
showed up within months, and by the end of the made both Unix and C much more popular, first within
year, a big chunk of Unix (version 2, at the time) had AT&T, and then outside.
been rewritten in C. In 1973, that was extended to
include most of the Unix kernel, and an optional pre- The C bible
processor was introduced. It was the first time that You may well already have heard of the book
any operating system had been written in anything commonly known as K&R. This is The C Programming
other than assembler, and was a pretty convincing Language, by Brian Kernighan and Dennis Ritchie,
demonstration of the usefulness of C. whose first version, in 1978, created an informal
Brian Kernighan speaking In the next years, the language grew bit by bit. The specification for C. The book was intended to be
at a tribute to Dennis Unix team began to recode their utilities and tools in C, a concise, comprehensive introduction to C, and
Ritchie at Bell Labs. and then to experiment with portability, trying to move covered programming style as well as technical
information, with plenty of working-program
examples. It also introduced the “Hello, World”
program -- an ultra-basic working program, now the
common standard for introducing pretty much any
language. (See below for a real example!). The book
had an immense impact on a generation of coders,
even in minor ways like brace style.
By 1982, C had moved on enough that the first
edition no longer even described the language
accurately (it didn’t include void, for example). And
besides that, K&R C might be a de facto standard,
but it wasn’t an official one. The American National
Standards Institute (ANSI) set up a committee that
spent nearly six years (1983–1989) developing a clear
standard for C. The ANSI C standard introduced very
few real changes, but codified the existing language
more carefully. (Ritchie, in the paper mentioned above,
speaks very highly of it.) Most of this was done by
100 www.linuxvoice.com
� C CODING
1985, and writers of compilers began implementing
their recommendations; but the committee also spent C: pros and cons
the next few years designing a standard library, to As with any language, Con and not using compiler-
cover things like I/O and other interactions with the there are pros and cons to Very easy to create specific extensions.
outside world. The final standard thus wasn’t issued choosing C for a project. security problems. Weak string handling.
until 1989 (and is known as C89 or C90 as well as Pro By modern standards, Bluntly: if you don’t care
Very fast at run-time. pretty low-level as ‘high about run-time speed, and
ANSI C). The second edition of K&R covered this ANSI
Popular for fairly low-level level’ languages go, which if you’re not working on
C standard, although in practice many programs stuff: operating systems, can make it harder, and fairly low-level applications,
continued to be written in the older style while the device drivers, etc. slower, to learn and write. you probably want to find
compilers slowly caught up with the new standard. Large user base. Bad C programming can another language. If you do
Since ANSI C, there have been two further Not object-oriented. be really bad. care about run-time speed,
Can be highly portable; C Not object oriented. or you’re working on OSes
standards revisions, C99 and C11. C99 introductions
compilers are available on Portability relies on and utilities, C still reigns
included some new data types, variable length arrays, almost all platforms. sticking to the standard supreme.
and inline functions. Most of the major compilers
support C99, and it’s largely backwards compatible
with C90. C11 improves C++ compatibility and adds output; without this flag, the executable will be saved
multi-threading, anonymous structures, and better as a.out, which isn’t terribly identifiable. (It is, however,
Unicode support, among other things. Some features a link back to C’s origins: a.out referred to the output
of C11 are supported by GCC and Clang, but not yet all. of the assembler that Thompson first wrote on the
If you’re writing C today, ANSI C is considered to be PDP-7 on which Unix was first developed.) Run the
the most portable option. Different projects may have executable with ./hello and admire the output of your
different standards. I’ve used GCC C in the examples very first C program. PRO TIP
below, which includes features from C99. For a more detailed view
of the early development
Before you can write your first C program, you need Programming of C, Ritchie’s paper
to check you have a compiler, and the standard C To get a bit further into C, let’s make a basic calculator. (http://heim.ifi.uio.no/
libraries. The standard Linux compiler is GCC: This very first version just adds numbers up as you inf2270/programmer/
historien-om-C.pdf) is a
$ gcc --version enter them. Save this as calc.c: fascinating read. There’s
gcc (Debian 4.7.2-5) 4.7.2 #include <stdio.h> also a 2012 interview with
... some copyright stuff ... #include <stdlib.h> Kernighan online (www.
informit.com/articles/
If this doesn’t run, install GCC via your package /* Calculator program */ article.aspx?p=1960359).
manager (eg sudo apt-get install gcc). The C libraries
are found in libc6, again, best installed via your main()
package manager. You want both libc6 and libc6-dev {
(or your system’s equivalents). int value_mem = 50;
Once you have a compiler and the libraries, it’s time double total = 0;
for Hello World. Open up a file hello.c in your text char *value;
editor of choice and enter: value = (char *) malloc(value_mem + 1);
#include <stdio.h>
/* Hello World program */ while (getline(&value, &value_mem, stdin) > 0) {
total += atof(value);
int main() printf(“sum: %g\n”, total);
{ }
printf(“Hello World!\n”); return 0;
return 0; }
} This time we need to include two libraries: the I/O
The first line includes a standard library in your code library and the standard library. The first part of the
-- in this case, the standard I/O (input/output) library.
The core C language doesn’t have any I/O functions,
so a standard library exists to provide them. The
second line is a comment, set off with /* */.
int main() is the main function, or entry point, to your
program; where the executable will start. int refers
to the fact that it returns an integer at the end of the
function, and main() is the function name. The body of
the function calls printf() (from the stdio library), and
returns zero, indicating success. Since the function
definition says on the first line that it returns an integer, Hello, World! Note the
you have to make sure it does in fact do that. editor syntax colouring;
Now compile the code with gcc -o hello hello.c. useful in any language so
The -o hello part tells gcc what to call the compiled make sure you set it up.
www.linuxvoice.com 101
� CODING C
Adding numbers. Hit Ctrl+C and try running it.
to stop and return to the
command line. More complicated
Now let’s improve our calculator so we can specify
the required operation. We’ll enter operations as x + y
or x - y, hitting return between each element, so each
operation will have three elements to collect. Here’s
the code:
#include <stdio.h>
#include <stdlib.h>
/* Calculator program */
main()
main() function is where we set up our variables. int {
and double are fairly normal variables; value_mem int value_mem = 50;
is how many bytes we will allow for each number char *value;
entered (an integer), and total is the running total (a char type[1];
double precision variable). *value, however, is not a type[0] = ‘\0’;
character, as you might expect from the type char: double first = 0;
that * at the front makes it instead a pointer to a double second = 0;
character. See the boxout for more on pointers. double result = 0;
The next important
“C is fast, it’s flexible, and it’s line allocates a chunk
of memory to that
value = (char *) malloc(value_mem + 1);
suprisingly small for a language character pointer. while (getline(&value, &value_mem, stdin) > 0) {
with that much power.” malloc() (from
“memory allocation”)
if ((*value == ‘+’) || (*value == ‘-’)) { type[0] = *value; }
else if (type[0] == ‘\0’) { first = atof(value); }
assigns a chunk else {
of memory. It takes one argument, the size of the second = atof(value);
memory to allocate, and returns a void pointer. So if (type[0] == ‘+’) { printf(“Result: %g\n”, first + second); }
here, malloc() assigns a block of memory that is one else if (type[0] == ‘-’) { printf(“Result: %g\n”, first - second); }
byte longer than our longest allowable entry (the extra else { printf(“Something odd happened; try again\n”); }
byte is for the null at the end of the entry), and returns first = second = 0;
a void pointer to this memory block. We turn that into type[0] = ‘\0’;
a char pointer, with the (char *) cast, and assign it to }
value. (To ‘cast’ a variable is to turn it into a different }
type of variable. Not all variable types can be cast to return 0;
all other variable types.) }
Now we have a block of memory for each entry to
our calculator, and we can get to the functional part.
C compiling
getline() takes three arguments: the address of the
start of the character memory buffer, the address of There are several steps to compiling a C program, although
the size of that buffer, and where to get the input from all you really need to know is which command to issue. But
here’s what happens when you hand your file.c source code
(in this case, stdin). Then we add this integer input to
file to the compiler:
total, and print the current value of total. Note that to The preprocessor cpp runs through it. This looks for
perform the addition, we have to turn our character commands beginning with #. The most common ones are
array (string) value input into an integer, using the #define, which defines a constant, and #include, which
atof() function from the standard library. This simply includes extra function libraries. With a #define directive,
the preprocessor substitutes each example of the constant
turns strings into doubles.
name with the constant value, throughout the file. With an
Note: getline() is a very new function, introduced #include directive, the preprocessor basically pastes the
around 2010. GCC supports it, but for maximum included file at the top of your source code file.
portability you might not want to use it. There’s a The compiler compiles the pre-processed source code,
DIY getline() function in K&R (available from various by turning it into an object code file, file.o, with the binary
version of the code.
places online) if you want to have a look at it.
The linker links together your code’s object file with any
If the program didn’t end here, we might want object files required from the pre-compiled library files –
to free up the memory used by malloc() by calling such as the I/O library file. (The header files, dealt with by
free(value), but there’s no need here as all memory is the pre-processor, only have function declarations, not the
automatically freed up at the end of a program. actual function code; the library object files have the binary
code.) It links them all into a binary file, called either a.out,
Compile it with
or whatever you’ve told it on the command line.
gcc -o calc calc.c
102 www.linuxvoice.com
� C CODING
Pointers and addresses
Pointers are ubiquitous in C. Once you have the hang of int integer_b = *pointer_a;
them they’re straightforward, but they can initially be a bit int *pointer_b = pointer_a;
confusing for newbies. *pointer_a = 8;
Let’s create a variable: printf(“integer_b: %d, integer_a: %d”, integer_b, integer_a);
int my_integer; printf(“pointer_b: %d, pointer_a: %d”, pointer_b, pointer_a);
my_integer is a variable of type int, and it occupies a printf(“*pointer_b: %d, *pointer_a: %d”, *pointer_b, *pointer_a);
specific memory address. Let’s say the address is 2000. Now, If you run this, you’ll get output something like this below
let’s create a pointer: (your pointers will differ each time you run it):
int *my_pointer = &my_integer; integer_b: 6, integer_a: 8
my_pointer is a variable of type int *, which means that it is pointer_b: -1074985552, pointer_a: -1074985552
a pointer to an int. As well as declaring it, we’ve also assigned *pointer_b: 8, *pointer_a: 8
it: &my_integer means the memory address of my_integer integer_b is set to the value that pointer_a points to, which
(the & symbol is known as the address-of operator). If the at the time is 6 (the initial value of integer_a). pointer_b is
address of my_integer is 2000, the contents of my_pointer will an int pointer, and is set to the actual address contained in
be 2000. You can think of a pointer as a box, storing a Post-It pointer_a, not to what it points to. *pointer_a = 8 alters the
note which tells you where the thing it points to can be found. value at the address pointed to, which is integer_a. Since
int integer_a = 6; pointer_b and pointer_a contain the same memory address,
int *pointer_a = &integer_a; they both point to the same value, which is now 8.
As well as a character pointer for the input, our so we allocate it to first.
variables now include some new doubles, and a set- Otherwise, this must be the second number. We
length character array to contain the type of operation. allocate it to second, then we perform either an
This is 1 characters long, and we set that character addition or a subtraction as type indicates (with a
to the null character \0. Note that the character little bit of error-checking), and print the total. We
array is indexed from 0: so a single-character array reset all the variables to zero/null, and start over.
has length 1, but that single character is referred to It might be tidier to use functions to add or subtract,
with characterarray[0]. An array containing the word and pass first and second in:
HELLO would need to have length 6 (5 characters plus main()
the null character to mark the end of the string), so {
would be declared and set up like this: ...
char hello[6]; if (type[0] == ‘+’) { add(first, second); }
hello[0] = ‘H’; else if (type[0] == ‘+’) { subtract(first, second); }
hello[1] = ‘E’; ...
... }
hello[5] = ‘\0’; add(double first, double second)
The while() loop still revolves around getline(). {
This time, though, we’re expecting three elements: printf(“Result: %g\n”, first + second);
a number, an operation, and another number, in that }
order, and we need to work out which is which. This is subtract(double first, double second)
what the if/else if/else structure does: {
Check to see whether the input is + or -. In this case, printf(“Result: %g\n”, first - second);
we set type to the type of operation we want. }
Otherwise, the input is a number, and it is either the As you can see, functions in C are straightforward.
first number in the operation, or the second number If you wish to return something from a function,
in the operation. you have to start with a return, type in the function
If the type is still null, this must be the first number, header (eg int add(int first, int second) might add two
integers and return their total as an integer). Here, with
no return type, void is assumed.
If you’re used to newer, higher-level languages,
C can feel a bit daunting; but it’s still a vital part of
modern software on all sorts of hardware. It’s fast, it’s
flexible, and it’s surprisingly small for a language with
that much power. At the very least, a little knowledge
of C means you can take a look at utility and kernel
code and have some chance of working out what’s
going on; and it’s always nice to be able to take a look
at the guts of the system you’re using.
Juliet Kemp is a scary polymath, and is the author of
In the code, you’ll see some extra printf lines commented
Apress’s Linux System Administration Recipes.
out; those were for bugfixing.
www.linuxvoice.com 103
� CODING NINJA
CODE NINJA: ENCAPSULATE
TUTORIAL
YOUR CODE IN OBJECTS
Objectify your code and make it cleaner to write and read,
BEN EVERARD
easier to share and easier to maintain.
R
ather than waving our hands around trying to class Student:
WHY DO THIS? explain what objects are, we’re going to jump def __init__(self, name, scores):
• Improve the structure of right in to some example code for a student self.name = name
your code
database. It’s going to do nothing more than store self.scores = scores
• Make it easier to work
on large projects students’ results and print them out. This can be done
• Get the most out of in Python with the following code: def report(self):
object-based modules students = [[“Ben”, [[“Maths”, 80], [“Science”, 70], [“English”, print self.name
60]]], for score in self.scores:
[“Andrew”, [[“Maths”, 60], [“Science”, 70], [“English”, 80]]]] print score[0] + “: “ + str(score[1]) + “%”
def report(): students = [Student(“Ben”, [[“Maths”, 80], [“Science”, 70],
for student in students: [“English”, 60]]),
print student[0] Student(“Andrew”, [[“Maths”, 60], [“Science”, 70], [“English”,
for subject in student[1]: 80]])]
print subject[0] + “: “ + str(subject[1]) + “%”
report() for student in students:
This code contains two parts: the data (which is student.report()
defined in the first line), and an operation on it (which Here, the keyword class is used to create an object
is contained in the function report). These two bits of definition. By convention, class names always start
the program are intimately connected. The data is with a capital letter so they’re easy to distinguish. Our
useless without some function to perform an class, student, contains two methods that are defined
operation on it, and the operation is useless without in a very similar way to functions. They have to have
the data to perform it on. at least one parameter (self).
They’re also connected at a technical level. The data The class is a little like the blueprint for the object.
is set out in a particular format. It’s a list of lists. The By itself, it does nothing until an object is created from
inner list always contains two items, the first of which the blueprint. Objects are created as follows:
is the student’s name, the second is a list of his or her Student(“Ben”, [[“Maths”, 80], [“Science”, 70], [“English”, 60]])
grades. The idea behind objects is that whenever you This returns an object of the type Student (which is
Which version of the code
is this? There’s no way to have data and code that are intimately connected like similar to the way a variable may have a type of string
tell because despite the this, you should combine them to create an object. or integer). The things that can be done to this object
structural differences, they Python enables us to use objects, so we could rewrite depend on the methods that are included in the class.
all work. the above as: The __init__() method is called when the class is
created, so when you create an object with the
parameters Student(“Ben”, list), it passes “Ben” and
list to the __init__ method. Whenever you call a
method in a class, Python also passes another
parameter first that’s used to define the namespace.
We’ve called this self, and it’s used to create variables
that are local to just one object.
In this example, each Student object has two
variables that are local to just one particular instance
of the object, name and scores. If you create two
different Student objects, they will have two different
variables for name and scores. This is why, when we
call the report() method, it prints the variable self.
name, and this always prints the right name for the
student. Likewise with self.scores.
At this point, you may well be wondering what the
whole point of objects is. After all, we’ve taken a
104 www.linuxvoice.com
� NINJA CODING
simple program that was easily understandable, and
turned it into a more confusing one that’s 50% longer.
We mentioned earlier that objects enabled us to
encapsulate data and the functions that operate on
that data. When your entire program fits onto your
screen at once, there’s not that much point in
encapsulation because it’s always easy to see what’s
going on. However, as your code becomes more
complex, the structure of your program becomes
more important, and the main reason for objects is to
make your code clean, readable and easy to maintain.
The bigger your codebase, the more important this
structure is.
Adding to the database
Let’s extend our simple databases with the ability to
add a new student to the list. In the non-object version
of our code, this is done with:
students.append([“Mike”, [[“Maths”, 70], [“Science”, 70],
[“English”, 70]]])
As you can see, this requires intimate knowledge of
A good text editor (like
the data structure that’s storing the students. If this data. However, as long as methods stay the same,
Atom, shown here) allows
changes in any way, every bit of code that interacts this shouldn’t affect the rest of the program. you to roll up objects to
with students in any way will have to be rewritten. In truly object-oriented programming languages, make the code easier to
There are a few ways we could do this in the code every bit of code has to be inside an object, but read.
with objects. We could simply create a function that Python isn’t this fastidious about the use of objects.
creates a new student object, and adds it to the list, So far, we’ve only looked at interacting with objects
however, this is building more into a data structure through methods, but you
that isn’t encapsulated (the list of students). Another can also change particular
option is to encapsulate this list of students into a properties (local variables) “In truly object-oriented
new class called Student_Body:
class Student_Body:
directly. For example, we can
create the following method
languages, every bit of code
def __init__(self): in the Student_Body class to has to be inside an object.”
self.students = [] rename a student.
def rename(self, old_name, new_name):
def add(self, name, scores): for student in self.students:
self.students.append(Student(name, scores)) if student.name == old_name:
student.name = new_name
def report(self): Here, student.name is the variable name that’s local
for student in self.students: to just that instance of the Student class.
student.report()
Inescapable objects
student_body = Student_Body() If you’re using Python, you’re probably using objects
student_body.add(“Ben”, [[“Maths”, 80], [“Science”, 70], already even if you don’t realise it. The benefits of
[“English”, 60]]) encapsulation that we’ve covered are particularly
student_body.add(“Andrew”, [[“Maths”, 60], [“Science”, 70], useful in modules. For example, urllib can be used to
[“English”, 80]]) create objects that contain web pages:
student_body.report() import urllib2
page = urllib2.urlopen(“http://www.linuxvoice.com”)
Creating objects, as you can see, can require a few print page.read()
more lines of code (at least in very small programs),
but the result is code that’s far easier to read and Here, urllib2.urlopen() returns an object that we
therefore much easier to debug. store in the variable page. One of the methods of this
What’s more, by encapsulating the data and the object is read(), which returns the HTML contents of
functions, we’re presenting a clear interface to the rest the web page. Because all the data is encapsulated in
of our program. It can interact with objects through this object, we don’t have to worry about keeping track
the methods defined in our class, and it will all work. of anything other than that object, and knowing what
As we develop the program, we may decide to change the available methods are. Using objects like this
the way the class works internally, or the way it stores makes reusing code like this easy.
www.linuxvoice.com 105
� CODING CROSS-PLATFORM SCRIPTING
BATSH: WRITE PLATFORM
TUTORIAL
INDEPENDENT SCRIPTS
MIKE SAUNDERS
Write once, run anywhere – at least, on Linux and Windows
machines. Batsh does all the magic.
I
magine a scripting language that runs println(“Hello world”);
WHY DO THIS? everywhere, across all your Linux, *BSD and Here you can see that Batsh syntax is fairly similar
• Run your scripts on Windows machines. A language that’s clear, to C and related languages: println is a function that
multiple OSes
concise and gets the job done without any fluff. A takes a text string as an argument, and prints the
• Save time doing admin
chores language that saves you time, rather than having to string to the screen, followed by a newline character.
• Relive the glory (or not) deal with the foibles of each individual platform. Well, (You can use print on its own to print text without
days of .BAT files it exists! “Big deal”, you might be saying. “Python, Perl a newline.) Statements need to be terminated with
and other languages run across pretty much every semi-colon characters. If you click on the Compile To
major operating system you can name.” That’s true, Bash button you’ll see this output:
but those are not installed as standard in every OS. “echo” “-e” “Hello world”
Plus, while they’re great programming languages, for There are a few more quotation marks here than
quick admin jobs they can be overkill. you might expect, but the result is still valid code you
This is where Batsh comes in. It’s a language that can use in a Bash script in Linux. Click on Compile To
compiles to both Bash and Windows .BAT files – Windows Batch, however, and you’ll get this result:
in other words, you write your script in the Batsh @echo off
language, then a compiler generates equivalents in setlocal EnableDelayedExpansion
Bash and .BAT formats. In this way, if you need to do setlocal EnableExtensions
the same job across Linux and Windows boxes, you
only have to write one script. You don’t need to learn echo Hello world
the intricacies of Windows batch files – which is a The first three lines here are boilerplate code for
blessing, as they’re not pretty at the best of times. Windows, so you’ll see them in most .BAT scripts
Batsh has its own syntax, but it’s not especially generated by Batsh, and the action only begins
difficult to learn, and you can get started without with the echo Hello world line. (The first @echo line
having to install anything by visiting the project’s site prevents each command from being printed as it is
The Batsh website includes
some code examples at www.batsh.org. Type your code in the left-hand executed, and ensures that you only see the output of
showing how language panel, then click the buttons on the top-right to the commands.)
features such as recursion compile to Bash or Windows .BAT formats. Let’s get So creating platform-independent scripts is as
work. started with a classic: simple as that: type your code in, click the appropriate
button, and you have a usable result on the right. You
can download the compiler and run it offline, which
might help if you want to automate some things, and
we’ll look at that later. For now though, we’ll focus on
using the website version.
Juggling numbers
Let’s delve further by looking at variables and
conditionals. Here’s a Batsh program that assigns the
number 15 to the variable myvar, and then performs a
test on it. If myvar contains a number bigger than 10,
it prints myvar is followed by the value it contains – or
if it’s smaller than 10, it prints a different message:
myvar = 15;
if (myvar > 10) {
println(“myvar is”, myvar);
} else {
println(“Smaller than 10”);
}
Again, note the C-like syntax here. Code blocks are
106 www.linuxvoice.com
� CROSS-PLATFORM SCRIPTING CODING
contained within curly braces, so you could add more
lines for the if and else sections. Also, the comparison
(is myvar bigger than 10) is contained within
parenthesis. Other comparisons you can do include:
< less than.
>= greater than or equals to.
< less than or equals to.
== is the same as.
The == (same as) requires two equals signs,
because otherwise it would just be an assignment.
Let’s look at the Bash code that this generates:
myvar=$((15))
if [ $(($myvar > 10)) == 1 ]; then
“echo” “-e” “myvar is” “$myvar”
else
“echo” “-e” “Smaller than 10”
fi
If you haven’t done much Bash scripting before,
you may find the syntax rather odd – but that’s not
a problem any more, as you can use Batsh’s more
familiar syntax! Here’s the .BAT version:
.BAT files date back to
set /a myvar=15 Here we set up a three element array with a number,
the early days of MS-DOS,
if !myvar! GTR 10 ( a string, and a Boolean value inside. When we print an hence their rather clunky
echo myvar is !myvar! element, note that the index of the array starts from 0, syntax.
) else ( so in this case it prints the number 1. If we change the
echo Smaller than 10 second line to arr[1], that refers to the second element
) in the array, which means ciao is printed instead.
Arithmetic is very simple in Batsh; all of the Strings are easy to deal with, but note that you need
following are allowed: to use ++ to join them together:
a = 3; str1 = “hello”;
b = 10; str2 = “world”;
c = 999; str3 = str1 ++ str2;
println(str3);
d = a + b * c; Loops are also familiar in their syntax, and note
println(d); the use of a comment here, preceded by two forward
The result here is 9993 (10 multiplied by 999, and slash characters:
then 3 added on top.) You can use arrays in Batsh, a = 1; // Set a to one
specified by square brackets, and include multiple
data types inside them: while (a <= 10)
arr = [1, “ciao”, true]; {
println(arr[0]); println(a);
a = a + 1;
Windows: the PowerShell alternative }
This prints the numbers 1 to 10. To make your
While .BAT files are rather ugly and clumsy remnants of scripts more modular, you can create functions that
the past, they’re still occasionally useful for doing quick take numbers or strings as parameters, and return
admin jobs, as we’ve mentioned. However, if you’re forced a value back. Consider
to spend a lot of time working on Windows machines,
this example, which
it’s worth noting that there’s an alternative in the form of
PowerShell. In the early 2000s, Microsoft realised that .BAT creates a function “If you need to do the same job
files couldn’t be taken seriously for any large-scale jobs, so
the company developed a new scripting language with deep
called double, which
takes a number and
on Linux and Windows you only
hooks into the .NET framework and rest of the OS. returns back the same have to write one script.”
We won’t spend much time on it here, as this is a Linux
number multiplied by
magazine after all, but we understand that many readers
have to deal with Windows boxes in their daily work. two. Also note the use of global and local variables
PowerShell doesn’t magically fix everything and has its here – the x we create at the start is in the global
own set of problems, but for users who spend most of their scope, and therefore is not affected by the change to
time at the command line, it makes life a lot simpler. See the local x inside the function:
Microsoft’s crash course for a quick guide to the basics:
x = 10;
https://technet.microsoft.com/en-us/magazine/hh551144.
aspx.
function double(a)
www.linuxvoice.com 107
� CODING CROSS-PLATFORM SCRIPTING
let’s take Java as an example, as it works cross-
platform:
progname = “minecraft”;
call(“java”, “-jar”, progname ++ “.jar”);
Here we run the java binary, followed by a bunch of
parameters including -jar and the filename minecraft.
jar. You can add as many parameters as you need, or
omit them entirely.
Sometimes you won’t be able to avoid the
differences between platforms, however, in which
case Batsh has a neat solution. Using the bash() and
batch() routines, you can specify code that should
only appear in Bash and .BAT scripts respectively.
For instance: let’s say you want to check if the file
foo.txt exists in the current directory, and if so, delete
it. Linux and Windows use different commands and
parameters for removing files, but you can make sure
that the appropriate command for each platform is
used with:
if (exists(“foo.txt”)) {
Want to boost Batsh with
{ bash(“rm foo.txt”);
extra features? Learn a
bit of OCaml and help the x = 999; batch(“del foo.txt”);
developer out! return a * 2; }
} When you translate this to Bash, you’ll get:
if [ -e “foo.txt” ]; then
ret = double(x); rm foo.txt
println(ret); fi
So the del command isn’t executed, as it’s specific
Putting it all together to Windows. Likewise, when you convert to .BAT,
So, those are the fundamentals of the language. Batsh the del command is included in the script and the
is capable of some other things as well, such as rm is left out. With some careful coding, you can
recursion, as you can see from the examples on the create Batsh scripts where the primary logic is kept
website. But for the most part, it’s a neat and simple in platform-independent code, but the bits that are
little language to learn. very specific to Windows and Linux are encapsulated
It’s time to use them it something practical! Batsh neatly within bash() or batch() calls.
includes a handful
of routines to read Wrapping up
“We’d like to see some more lists of files from a Batsh is in the early stages of development, and there
inbuilt functions to handle specified path, check are clearly lots of things still missing, but it’s already
if a file exists, and usable enough for doing simple scripts with loops,
things like input.” execute commands conditions, tests for file existence, calls to external
accordingly. For programs, and platform-specific commands. We’d like
instance, this prints all files in the current directory, to see some more inbuilt functions to handle things
and then checks to see if foo.txt exists. If so, it prints like input and Windows’ odd use of backslashes, so if
a message: you’re looking for a programming project to sink your
files = readdir(); teeth into, you could help the developer out.
print(files); Ideally, more and more of the Windows and Linux-
specific parts could be moved into generic routines,
if (exists(“foo.txt”)) { so instead of needing separate bash() and batch()
println(“foo.txt exists”); calls for deleting files, there could be a single remove()
} call that works out the differences itself.
You can check to see if a file doesn’t exist by adding The full source for downloading Batsh (and running
an exclamation point before the call to the exists it offline) can be found on GitHub at https://github.
routine, eg !exists(“foo.txt”). Another way to go about com/BYVoid/Batsh, although it’s written in OCaml, a
this is to store the result as a Boolean variable, for language that not everyone is familiar with. Still, you’ve
instance: res = exists(“foo.txt”);. already gone to the effort to learn Batsh, so another
Of course, you’ll often need to run external language won’t do any harm!
programs as well, and this is possible with the call()
function. Obviously the method to run programs will Mike Saunders is a man with many machines. He still loves
his Amiga 1200 above everything else, though. Bless.
often differ hugely between Linux and Windows, but
108 www.linuxvoice.com
� SUBSCRIBE SUBSCRIBE
SUBSCRIBE
UK READERS!
Did you know that you can subscribe to Linux Voice from
just £10 per quarter with Direct Debit? Get every issue
straight to your mailbox (or inbox) and spread the costs!
What you get
116 pages each month
of the best tutorials,
features and interviews
Access to all back issues
in DRM-free digital formats -
over 1,500 pages
Take part in our yearly
profit donating scheme,
and help FOSS projects
Yearly Direct Debit prices
UK print subscription – £55
Digital subscription – £38
Quarterly Direct Debit prices
UK print subscription – £15
Digital subscription – £10
Go here now to subscribe!
www.linuxvoice.com/shop
Payment is in Pounds Sterling. If you are dissatisfied in any way you can cancel your subscription at any time and receive a refund for all unmailed issues.
www.linuxvoice.com 109
� MASTERCLASS WEBDAV
MASTERCLASS
Ferry files like a master with an oft-overlooked protocol that
BEN EVERARD changed the nature of the web when it debuted.
TRANSFER FILES WITH WEBDAV
The protocol can teach FTP a thing or two about file transfers.
F
rom the beginning the web was visualised as
MAYANK SHARMA both a browsable and an editable medium. In
fact when Sir Tim Berners-Lee wrote the first
web client it was intended as a tool for scientists to
collaborate and put text online and to link to each
others’ works bypassing the need for a centralised
database of any kind. To that end, the first client could
edit pages just as easily as it could display them.
However, the popularity of accessing content led to
the standardisation of a HTTP protocol that lacked
important authoring features. This changed in 1996 Popular backup apps can access and backup to a remote
when Jim Whitehead engaged the World Wide Web WebDAV share.
consortium (W3C) to discuss the problem of
distributed authoring on the World Wide Web. The changes. WebDAV solved this problem with the
discussion led the W3C to form an IETF working introduction of locks, which prevents others from
group to design a new protocol to address the lack of editing the same content you’re working on.
collaboration. Their efforts led However, the developers
to RFC 2518, which defined
the first version of the
“WebDAV includes a whole who were working on
WebDAV had goals that
WebDAV protocol in 1996. set of remote document extended beyond simple web
WebDAV, which stands for
Web-based Distributed
accessing capabilities.” page authoring. Thanks to
their efforts, many started
Authoring and Versioning, viewing WebDAV as a
builds on and extends HTTP to bring the same network filesystem suitable for the internet.
benefits to authoring that the web has already Today you can think of WebDAV as an FTP-like
brought to viewing content. protocol that you can use to remotely access and
The WebDAV protocol includes a whole set of share files over the internet. However, WebDAV offers
remote document accessing capabilities, including file several benefits over FTP. For starters, WebDAV works
storage, directory management, and support for better through firewalls and can be password-
collaborative editing. Before WebDAV it was difficult protected and encrypted. It’s also a bit faster than FTP,
for people to collaborate on web-based documents especially when transferring many small files, since it
because there was no standard way to coordinate the doesn’t need to make a data connection for each file.
Extending WebDAV
There have been several other popular extensions to
the WebDAV protocol. There’s the Calendaring
Extensions to WebDAV, popularly known as CalDAV,
using which clients can access scheduling
information on a remote server. The access protocol
OwnCloud (and other
PIMs) can import and uses the iCalendar format for the calendaring data,
export calendars and which is also supported by major apps and services
contacts via CalDAV and such as Google Calendar, Evolution and Thunderbird.
CardDAV. Then there’s the vCard Extensions to WebDAV, more
110 www.linuxvoice.com
� WEBDAV MASTERCLASS
commonly known as CardDAV. This protocol is Specialised apps let you
designed to enable users to access and share contact upload files to the WebDAV
data, stored in the vCard format, on a server. Just like share.
CalDAV, the CardDAV protocol is also supported by
virtually all popular open source and proprietary apps.
A lesser known extension of WebDAV is GroupDAV,
which is a protocol for connecting open source
groupware clients to groupware servers. It’s supported
by groupware servers such as SOGo (earlier known as
OpenGroupware.org) and Citadel as well as a host of
clients including KDE’s Kontact and Thunderbird.
Using WebDAV
One of the most popular uses of WebDAV is for taking the online backup drive in your filesystem and interact
backups. To this end, the protocol has several with it as any other local drive. You can drag-and-drop
advantages over other mechanisms designed for files into it and even save files directly inside it. The
transferring files such as FTP. WebDAV gives you biggest convenience, however, is the ability to directly
access control and the ability to extend reading and edit files on the remote drives mounted via WebDAV
editing files to a limited list of users. This is especially without downloading them first.
useful for setups that have a central repository If you’ve deployed your own file hosting service or a
accessed by several users. Also, unlike FTP backups, pooled storage server you can even access these via
using WebDAV you can back up multiple files at once. WebDAV. DIY file hosting solutions such as OwnCloud
PRO TIP
You can in fact simultaneously initiate several backup and Seafile both support WebDAV. After years of
The popular proprietary
tasks using the same WebDAV server. The biggest requests, the popular NAS server FreeNAS also now service Dropbox doesn’t
advantage however is the protocol’s ability to transfer supports WebDAV, and the Debian-based have built-in support for
data securely. WebDAV is basically an extension of OpenMediaVault server also allows WebDAV access WebDAV but you can use
the DropDAV service to
HTTP, and you can access it over HTTPS and do your via a plugin. access your content via
backups over a SSL connection. To top it all, WebDAV lets you remotely manage the protocol.
Because of these advantages, many online backup your files from any computer or smartphone, without
services support WebDAV and let you interact with downloading any software. Linux, Microsoft Windows
your online account using the protocol. Once you and Apple OS X all have built-in support for WebDAV.
enable the WebDAV extension on these services (if it You can use the file managers in these operating
isn’t already enabled by default), you can then mount systems and follow the prescribed procedure to
mount remote WebDAV shares.
For example, in Gnome-based distros, fire up the file
Mount WebDAV from the CLI manager and head to File > Connect To Server. Then
key in the location of the WebDAV drive in the Server
Use your distro’s official repositories to install DAVfs, which
Address field in the following format: davs://
is the Linux filesystem driver that enables you to mount a
WebDAV server as a disk drive. user:password@host.name/path. Similarly, in KDE
Users of Debian-based distros can use sudo apt-get fire up Dolphin and enter the WebDAV address in the
install davfs2 while Fedora-based distros can install the location bar, such as webdav://myhost.mydomain.
driver with yum install davfs2. Then create a folder to net/webdav. Even the Firefox web browser recognises
mount the WebDAV shares, such as mkdir ~/webdav. Now
WebDAV folders, and you can access them simply by
add your user to the davfs2 group with sudo usermod -a -G
davfs2 <username>. Make sure you log out and back in after entering their location in the address bar. You can do
adding yourself to the davfs2 group. Then edit /etc/fstab the same with the Android web browser as well, which
and add the following line for each user who wants to also has built-in support for WebDAV.
mount the folder: PRO TIP
That said, while you can easily access WebDAV
<WebDAV address> /home/<username>/webdav davfs You can find a list of
folders without any specialised tools and apps, using a
rw,user,noauto 0 0 online backup services on
To avoid being prompted for the password every time third party WebDAV client app has some advantages. ownCloud’s website that
you mount the remote WebDAV share, create a secrets You’ll find several WebDAV apps in the Google Play use the open source
software and allow
file with your credentials under the ~/.davfs2 directory, store offering features such as the ability to upload
access via WebDAV.
such as: images straight from the device’s gallery to the online
$ nano ~/.davfs2/secrets
drive and automatically sync files and folders as per a
<WebDAV address> <username> <password>
Save the file and ensure it belongs to your user and schedule. You’ll also need an app to sync calendars
group with and contacts list between all your devices.
udo chown <username>:<groupname> ~/davfs2/secrets Now that you’re well versed with WebDAV, go ahead
and is only writable by you with and switch all your online and offline backup and file
chmod 600 ~/.davfs2/secrets
transfer utilities to work their magic via this magical
You can now mount the remote WebDAV share with
mount ~/webdav protocol. In the next section we’ll help you set up your
own WebDAV-enabled web server.
www.linuxvoice.com 111
� MASTERCLASS WEBDAV
SUPERCHARGE YOUR
WEB SERVER
Light the LAMP with WebDAV.
I
f you are an admin and wish to extend the benefits index.html inside /var/www/webdav, which should be
MAYANK SHARMA of WebDAV to the users of your network, you can displayed when you point your web browser to http://
do so with ease. We’re assuming you’ve already webdav.local. After you’ve set up the new directory,
set up the Apache web server, which is dead simple you can enable the WebDAV module with
these days. You can then disable the default page, if sudo a2enmod dav_fs
you haven’t already, with and then restart Apache
sudo a2dissite 000-default sudo service apache2 restart
PRO TIP and then reload the web server’s configuration with This lays the groundwork for a basic WebDAV server.
Use sudo apache2 to test sudo service apache2 reload To set up a share, create a directory such as /var/
Apache’s configuration for You can then configure an Apache virtual host www/webdav/data and hand it over to Apache with
any syntax errors. called webdav.local that’ll give access to files under sudo chown www-data:www-data /var/www/webdav/data/
the /var/www/webdav directory. For this, head to Then edit the webdav.local.conf file and add the
/etc/apache2/sites-available/ and create a new site following lines to the <VirtualHost> block:
configuration file with the following content: Alias /data /var/www/webdav/data
$ sudo nano webdav.local.conf <Location /data>
<VirtualHost *:80> DAV On
Servername webdav.local </Location>
DocumentRoot /var/www/webdav The above tells Apache that the WebDAV enabled
<Directory /> directory (/var/www/webdav/data) will be accessible
Options FollowSymLinks via http://webdav.local/data. You can access this
AllowOverride None new share, after restarting Apache, from your distro’s
</Directory> file manager or even the Firefox web browser as
Alias /webdav /var/www/webdav shown in the previous section. You can also use the
<Directory /var/www/webdav/> popular Cadaver CLI client that’s available in the repos
Options Indexes FollowSymLinks MultiViews of virtually all distros. Once you’ve installed it you can
AllowOverride None access your WebDAV:
Order allow,deny $ cadaver http://webdav.local/data
allow from all dav:/svn/> put somefile.gz
</Directory> This will upload somefile.gz to your WebDAV share.
</VirtualHost>
Now create the WebDAV share with Abracadabra
sudo mkdir /var/www/webdav While it doesn’t take much effort to set up a quick and
and give it the proper permissions and ownership with dirty WebDAV share, you’ll probably want to add some
sudo chown www-data.www-data /var/www/webdav basic authentication mechanism. Again this is rather
Then enable the new website with straightforward with the htpasswd command. Begin
sudo a2ensite webdav.local by creating the WebDAV password file, like
You can test the new website by creating a simple sudo htpasswd -c /var/www/webdav/passwd.dav mayank
The command will prompt you for a password which
will then be associated with the mayank username.
We’ll use this username and password combo to
connect to the WebDAV share.
Repeat this command for creating multiple users.
The -c switch creates the file if it does not exist, so
make sure you omit it when using the command to
create more users, or it will overwrite the existing file.
When the authentication file is ready, you need to
Despite its rather morbid
name, the command line point to it by editing the WebDAV config file (/etc/
Cadaver tool is a wonderful apache2/sites-available/webdav.local.config) like so:
utility for interacting with <Location /data>
WebDAV shares. DAV On
112 www.linuxvoice.com
� WEBDAV MASTERCLASS
internet, access control may not be enough. In this
day and age, it makes sense to transfer content over
secure encrypted channels using Secure Sockets
Layer (SSL). Enabling this with Apache again doesn’t
take much effort.
Begin as usual by enabling the SSL module with
sudo a2enmod ssl
and then restart the web server. SSL requires a key
and a certificate to validate the encrypted channel.
First create a directory to house them with
sudo mkdir /etc/apache2/ssl
Then use the following command to create the key
and the certificate in one go:
$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048
-keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/
apache.crt
That’s quite a terminal full. Let’s break down the
command. Here we’re using the openssl command to
create a certificate and the key. The req -509 option
specifies that we’d like to create a self-signed
certificate. The -nodes option asks Apache not to
You can use an Android app to sync data between a secure the key file with a passphrase otherwise we’d
mobile device and the remote WebDAV share. be forced to enter a passphrase every time we bring
up the Apache web server. The -days 365 parameters
AuthType Basic define the validity period of the certificate (one year in
AuthName “webdav” this case). With -newkey rsa:2048 we ask the
PRO TIP
AuthUserFile /var/www/webdav/passwd.dav command to create us a new RSA key that’s 2048 bits
Require valid-user long. Finally we have the -keyout and -out option, If you have multiple
directories and users, you
</Location> which point to the output location and name of the can restrict access with a
From now on, whenever you try to access your key and certificate, which in this case is the directory .htaccess file under each
WebDAV server you’ll be asked to authenticate we just created. directory. But it’s safer to
put all the access rules in
yourself first. The command will prompt you for various bits of the global WebDAV
To switch to HTTP Digest Authentication rather information. Keep an eye out for the question configuration file (/etc/
than transmitting unencrypted passwords, first enable requesting the Common Name, which you should apache2/sites-enabled/
webdav.local.conf) .
the module with respond to by entering your domain name or the IP
sudo a2enmod auth_digest address of the server. Once it’s done it’ll place the keys
Now create a digest authorisation password file with and certificate in the /etc/apache2/ssl directory.
sudo htdigest -c /var/www/webdav/digestpasswd.dav Now that we have our certificate and key available,
webdavdigest mayank we can configure Apache to use these files in a virtual
The command will prompt you for the password for host file. You can either use the default SSL virtual
the mayank username. The webdavdigest option is host or create your own. Make sure to use port 443 in
the name of Authorisation Realm to which the the VirtualHost directive and include the directives to
username belongs. Remember to give the proper turn on SSL and specify the location of the certificate.
permissions to the /var/www/webdav/digestpasswd. The easiest way is to make a copy of the default-ssl
dav file so that it’s only accessible by the Apache user. virtual host file (/etc/apache2/sites-available/
Just like before, you can repeat the htdigest default-ssl.conf) and edit the names and paths as per
command to add authentication details for more your setup, namely SSLCertificateFile and
users, remembering to take out the -c option to avoid SSLCertificateKeyFile. As per our setup these should
zapping the earlier details. When you’re done, bring up point to /etc/apache2/ssl/apache.crt and /etc/
the WebDAV configuration file (/etc/apache2/ apache2/ssl/apache.key respectively.
sites-available/webdav.local.conf) and replace the Once you’ve configured the SSL-enabled virtual
earlier authentication details with this: host, enable it with
<Location /webdav> sudo a2ensite default-ssl.conf
DAV On and restart Apache to bring it online. You’re now all set
AuthType Digest to serve encrypted content using the SSL certificate
AuthName “webdavdigest” you created and can now access your site and your
AuthUserFile /var/www/webdav/digestpasswd.dav WebDAV folder over a secure https connection.
Require valid-user
</Location> Mayank Sharma has been finding productive new ways to
mess about with free software for years now.
If you’re providing access to private files over the
www.linuxvoice.com 113
� /DEV/RANDOM/
Final thoughts, musings and reflections
Nick Veitch
was the original editor
of Linux Format, a
role he played until he Steam is my digital distribution
got bored and went platform of choice.
to work at Canonical
instead. Splitter!
I
n some recent perusal of Linux-related news,
I came across an item about this Linux-
powered device (http://tracking-point.com). An official XBox 360
To save you bandwidth, it is an intelligent controller. This will Andeor SADES gaming
rifle-scope that enables you to effectively paint a go once the Steam headset. It looks a bit silly,
Controller comes out. but has great sound quality
target and track it easily, controlling the trigger and good value for money.
until you are sure of a hit. Apparently, from one of
the promotional slides: “You hold a tremendous The fridge-like
advantage over an intruder. No perpetrator can gaming case houses
an FX 6300, GTX 960,
overcome your dominant ability” 8GB RAM and an
The immediate thought that sprung to my underwhelming SSD.
mind was – “Hmm, if you attach some image
recognition to that, maybe cloud-backed (it
already has Wi-Fi/data), and some fairly primitive
robotics, you have a pretty good assassination
droid”. Granted, perhaps other people don’t think
My Linux Setup Michel Loubet-Jambert
like me. Perhaps other people think “gosh, this is
exactly what I need to combat my rabbit/crow/
Editor of our Gaming on Linux section.
immigration problem”.
Leaving aside that in a country that tried to What version of Linux are you I installed Ubuntu 8.04 back in 2008
criminalise people sharing basic security currently using? and got hooked on all those silly
software (https://goo.gl/431H9T), it is Xubuntu 15.04. An Ubuntu Compiz effects and widgets that were all
apparently OK to sell software that can help you distribution is the most practical for the rage then. The effects are gone now,
shoot things better. gaming, as it’s the only distro universally but I haven’t used another OS since.
Anyway, I can imagine some contributors to supported by game developers, along with
Linux not being overjoyed that they have SteamOS. It’s also really easy for devices What Free Software/open source
contributed in some small way to this and drivers (most of the time). can’t you live without?
development (I don’t think my own text and 3D Firefox is a pretty boring choice but
image munging software has been involved, so I And what desktop do you has to be the obvious one. I usually
will sleep like a babe), but of course, they don’t currently use? have two windows with an average of 20
get to judge. The nature of a free open source Xfce. It’s a solid workhorse of a tabs open on each and the browser
licence means you very specifically can’t tell desktop environment: very stable doesn’t slow down one bit.
someone what they can use it for, and any and not too much clutter. The only major
“non-gun-toting-Texan” clause would exclude it change I have done to it is enable What do other people love but
from OSI approval. compositing through Compton to avoid you can’t get on with?
So, my question for you all this week is: is this screen tearing in games. Wine. I don’t know if people love it,
agnosticism the price we have to pay for free, or but I never got on with it. With all the
are there some things for which freedom should What was the first Linux setup native games on Linux these days, it’s a
not be an excuse? Answers on a postcard… you ever used? relief never having to use it again.
114 www.linuxvoice.com
�Source: https://github.com/The-Compiler/qutebrowser (GPLv3)
��