Plaintext
INSIDE: 8 REASONS LIBREOFFICE ROCKS
BLENDER CREATE
3D JENGA BLOCKS
SUSE STUDIO BUILD
YOUR OWN DISTRO
WRITE A GAME
WITH GODOT
November 2015 www.linuxvoice.com
BEST LINUX
DESKTOP
2015
Discover the best eye candy known to mankind – and it’s all
right here on your humble Linux machine
SYNCTHING Share files and folders across machines without Dropbox
PICADE The Pi-powered arcade machine that fits on your desk 32 PAGES OF TUTORIALS
YUBIKEY Two-factor authentication for the masses
FREE=SECURE LOAD NEW COMMANDER?
MATTHEW GARRETT FREE GAMES
November 2015 £5.99 Printe d in the UK
Meet the geneticist Waste time playing
turned software guru games without
keeping an eye on our spending a single penny
digital freedoms at the Steam store
PYTHON › RASPBERRY PI › HTTP › VULKAN & MORE!
�� WELCOME
Try something different
The November issue
Linux Voice is different.
Linux Voice is special.
Here’s why… GRAHAM MORRISON
A free software advocate
At the end of each financial and writer since the late
1
year we’ll give 50% of our 1990s, Graham is a lapsed
profits to a selection of KDE contributor and author
organisations that support free of the Meeq MIDI step
software, decided by a vote among sequencer.
our readers (that’s you).
I SUBSCRIBE
f you’re new to Linux, the idea that you need to decide which
No later than nine months desktop to use before you can start using Linux must seem
2
after first publication, we will
relicense all of our content under
counterproductive. Most people want to dive in and start
clicking on things straight away. It’s also an idea that must appear
ON PAGE 60
the Creative Commons CC-BY-SA completely alien to users of Apple’s OS X or Microsoft Windows, or
licence, so that old content can even iPhones and Android. Computing has become a world where
still be useful, and can live on even you have no choice, with even updates becoming mandatory. But
after the magazine has come off what might appear an initial hurdle - choosing a desktop - is
the shelves. actually the perfect initiation. Choice is what makes Linux and Free
Software so powerful.
We’re a small company, so The best antidote to feeling overwhelmed is to give something a
3
we don’t have a board of try. Different desktops appeal to different kinds of people, just like
directors or a bunch of different operating systems or styles of music. In a world where
shareholders in the City of London computing is becoming more homogenous than ever before, a
to keep happy. The only people world where we’re fighting for the ability to control our own
that matter to us are the readers. hardware and our own data, open source means you will never
again not have a choice, and that’s worth celebrating.
THE LINUX VOICE TEAM Graham Morrison
Editor Graham Morrison Editor, Linux Voice
graham@linuxvoice.com
Deputy editor Andrew Gregory
What’s hot in LV#020
andrew@linuxvoice.com
Technical editor Ben Everard
ben@linuxvoice.com
Editor at large Mike Saunders
mike@linuxvoice.com
Games editor Michel Loubet-Jambert
michel@linuxvoice.com
Creative director Stacey Black
stacey@linuxvoice.com
Malign puppetmaster Nick Veitch
nick@linuxvoice.com
Editorial contributors:
Mark Crutch, Andrew Conway, Juliet
Kemp, Vincent Mealing, Travis ‘TT’ ANDREW GREGORY BEN EVERARD MIKE SAUNDERS
Mooney, Simon Phipps, Les Pounder, “LibreOffice is full of so many “Matthew Garrett’s responses “It’s been 25 years since Monkey
Mayank Sharma, Valentine Sinitsyn. great features, it’s difficult to to the challenges Free Software Island. Ben’s ace tutorial on game
know which to highlight. faces are full of insight and just design means you could be the
Somehow, we managed it.” p30 a little urgency.” p40 next Ron Gilbert .” p84
www.linuxvoice.com 3
� CONTENTS
November LV020
It was a bright cold day in September, and the clocks were striking Thursday…
SUBSCRIBE
REGULARS 18
ON PAGE 60
06
News
Just like the News at Ten but with
less doom-mongering and more
Linux happenings.
08
Distrohopper
Quick! Grab the latest and greatest
distro before it’s superseded by the
next big thing.
10
Gaming
Summer’s over. Prepare for the
long, dark winter months with the
latest Linux games.
12
Speak your brains
Enhance your Linux experience with the best
Vent your spleen, share your environment open source has to offer.
opinions, let us know what you’ve
been thinking.
30
Secrets of LibreOffice Calc 40
Spreadsheets are for more than just
Mathew Garrett:
tables and graphs. Find out how to
unlock the full power of Calc.
36
LinuxCon
Linux, cloud computing and
geek, hacker,
containers come together for three
sleepless days in Seatle.
good guy
54
Group test
We look beyond Linux and BSD into
Linux Voice chats
the wider world of free software CoreOS, security,
operating systems and find some
surprisingly good alternatives. ethics and philosophy.
60
Subscribe!
Save money, get Linux Voice
delivered to your door, and get
access to every singe one of our
back issues.
62
FOSSpicks
The free-est, freshest software on
the internet, corralled into six pages
of pure excellence. 26
DISTRO CREATION 32
GAMES GALORE 38
FAQ: VULKAN
98
My Linux desktop Fed up with Fedora? Like games but hate 3D graphics drivers
Matthew Garrett is the latest mega Stymied by SUSE? proprietary software? are getting a
geek to show us inside their coding Upset with Ubuntu? We check out the makeover and it’s
fortress of solitude.
Spin your very own best games that nothing to do with
Linux the easy way! respect your freedom. Spock.
4 www.linuxvoice.com
�TUTORIALS REVIEWS
70 Share your
files using
Syncthing
Keep your files
up to date on all
your computers
without having
48 KDE Plasma 5.4
The latest shiny desktop from
to hand your the KDE project is prettier than
data over to a a puppy with a bow on its head,
spy agency or and twice as useful.
an advertising
company.
72 76
49 Cyberfox 40.0
Firefox isn’t the speedy, lean
web browser it once was – so
Scan barcodes for virtual 3D physics and beautiful some developers have forked it
to go back to its roots.
supremacy graphics in Blender
Python + Raspberry Pi + camera = Inflict the tyranny of gravity on
90s-style entertainment. your virtual worlds.
80 84
50 Picade
A miniaturised arcade machine
with a heart of Pi brings retro
gaming joy to your desktop or
kitchen table.
Upgrade your security Make games using the
with YubiKey Godot engine 52 Books Everthing the aspiring
programmer needs to know
Frustrate hackers with easy Point, click and type your way to inscribed on cellulose.
two-factor security. an interactive masterpiece.
88 HTTP by hand 90 Smalltalk
Learn to speak the protocol of Idle chatter about the original
the
Xxxxweb so you
xx xxx can converse
xxxxx general-purpose
Xxxx xx xxx xxxxx Xxxx object
xx xxx xxxxx
with
xxxx browsers and servers.
xxxxxx xxxx xxxx xxxxxx orientated
xxxx language.
xxxx xxxxxx xxxx
www.linuxvoice.com 5
� ANALYSIS
NEWSANALYSIS
The Linux Voice view on what’s going on in the world of Free Software.
Opinion
On the software that masquerades as Free
Good intentions are all very well, but the only way to protect software is to make it open source.
Simon Phipps database startup FoundationDB That’s true; they can. They have the liberty
is ex-president of the mysteriously vanished at the start of the to choose a business model that denies you
Open Source Initiative
year (www.infoworld.com/article/2901704/ yours. But if you care about the flexibility of
and a board member
of the Open Rights database/whats-behind-nosql-maker- your business, you’ll also want to protect
Group and of Open foundationdbs-disappearing-act.html), with your liberty. Open source does not inherently
Source for America. the downloads of its proprietary database need monetising; choosing to do so is only
and its open source projects disappearing. one of the options open to developers. It is
Apparently, Apple bought the technology for possible to release substantial open source
internal use. When Forbes initially discussed code in full without reserving special
the purchase (www.forbes.com/sites/ privileges. Facebook and Twitter do it all the
W
hat happens when a software benkepes/2015/03/25/a-cautionary-open- time, for example.
company is acquired by a source-tale-apple-buys-and-shutters- The lesson to draw, in my view, is that
corporate behemoth that doesn’t foundationdb) it made a mistake because it companies like FoundationDB that “wrap
actually need their software? It happens all thought FoundationDB was all open source. themselves in the flag” but actually have no
the time, and when the software that’s It was an easy mistake to make; the intention of delivering the four freedoms
involved is proprietary there’s no recourse company used the language of developer should be avoided at all costs. It’s really
for anyone (apart maybe from a lawsuit). communities in many places, and many of important to check that the liberties that
But when the software is open source, us assume “open” when we hear deliver customer flexibility are actually
things are different. I learned this from “community”, because open source is so present, every time. By contrast, genuinely
personal experience. When Oracle acquired much the default these days. open source code — even when delivered
Sun Microsystems, it simply walked away questionably — can always be forked and
from a number of projects they didn’t think Quasi-open sustained, like Forgerock did with Sun’s
would be profitable. But in many cases, the But the only open source code it offered, as identity middleware. It’s good for it to
fact the code was out in public under an is clear from its (now deleted) FAQ, was additionally be managed by an independent
OSI-approved licence meant that it endured. helper code mainly intended to draw you community entity – a “Foundation” – but
The identity middleware products were into the FoundationDB sphere of influence. If what matters first is having the full source
picked up very successfully by ForgeRock; you used that code for your own project, you code to the entire project under an OSI-
the code in OpenSolaris lives on in products can carry on doing so as long as you kept a approved copyright licence.
from Nexenta, Joyent and others, co- copy, but the central repository is gone.
ordinated through the Illumos project; This is all by way of explaining why Semi-open
OpenOffice.org has flourished at The “open-washing” is a problem. It happens While I remain a proponent of anchoring
Document Foundation as LibreOffice. when companies offer things like “free open source communities in not-for-profit,
There are more examples, some showing versions”, “gradual opening”, “community community-accountable entities, it’s not a
good practice and some bad. Good practice projects” and “open source parts” but don’t Foundation that protects code; it’s being
was demonstrated around Etherpad. Google actually deliver open source code for the fully, genuinely open source. The role of a
didn’t need the Etherpad project to continue whole offering. All these practices have their Foundation is then to sustain the protection
when it acquired the team behind it to work defenders. Businesses have to make money, under the direction of the community
on Google Drive, but graciously enabled the after all. “It’s their code, they can do what benefiting from it. When Apple walked away,
community to carry on. As for bad practice, they want”, people add. we found that FoundationDB was not flawed
because it was in a for-profit entity; it was
flawed because it delivered at best partial
“Google didn’t need the Etherpad project, but it software freedom. And as it turns out,
graciously enabled the community to carry on.” software freedom is your best guarantee of
business value.
6 www.linuxvoice.com
� ANALYSIS
Kernel • Online privacy • LLVM • Systemd • Ubuntu • Firefox
CATCHUP Summarised: the biggest news
stories from the last month
Linux kernel 4.2 released EFF’s Privacy Badger LLVM/Clang 3.7 is here
1 with bags of goodies 2 takes on spying websites 3 Competition for GCC: new
Some kernel versions are Advertising on the web may features include OpenMP 3.1
rather boring, with little more than be a necessary evil so that we can all support, an On Request Compilation JIT
bugfixes and driver tweaks, but Linux continue to enjoy “free” content, but the API, control flow integrity checks, and
4.2 brings loads to the table. Many amount of tracking that ad companies more optimisations. www.llvm.org
new ARM boards and system-on-chips do is alarming. So the Electronic
are supported, there’s a new random Frontier Foundation has launched
number generator based on CPU Privacy Badger, a browser extension that
execution time jitter, the AMDGPU “stops advertisers and other third-party
DRM driver is now included, and per-file trackers from secretly tracking where
encryption has been added to the F2FS you go and what pages you look at
flash filesystem. For a detailed list of on the web”. It’s similar to Ghostery,
the changes, see Linux Kernel Newbies: Disconnect, and related extensions.
http://kernelnewbies.org/Linux_4.2. www.eff.org/privacybadger
Ubuntu by far the most Systemd gets new Lilo bootloader says
4 popular cloud OS 5 “su”-like functionality 6 farewell to the world
According to a report by Systemd, the init and base Lilo, the “Linux Loader” and
Cloud Market, which looks at operating system attempting to replace the “bag for many years the default bootloader
system usage on Amazon’s EC2 of bits” in the lower levels of Linux, now in Linux distributions, has done a
(Elastic Computer Cloud) platform, has its own “su”-like feature. Using the stellar job. We have fond memories of
Ubuntu has an enormous lead. machinectl shell command, users can hacking its config files to set up dual-
Currently there are around 135,000 create a privileged session that’s fully boot systems back in the days of Red
instances of Ubuntu on EC2, followed isolated from the original session. Hat Linux 5.2. But Grub is pretty much
by 54,000 for Amazon’s own Linux Systemd developer Lennart Poettering ubiquitous now, so Lilo’s lead developer
distro, then Windows with 17,500 and describes “su” as a “broken concept”, in has said that he’ll be handing in the
CentOS with 8,500. Canonical has been that it starts a session with an ill-defined towel at the end of the year, unless
pushing Ubuntu in the cloud for the last mixture of old and new execution another developer steps up and decides
few years, so it looks like the investment context parameters (UID, ENV, cgroup to keep hacking on the code.
has really paid off. etc). http://tinyurl.com/ot2b9zk. http://lilo.alioth.debian.org
Former Mozillians fork Firefox 42 and later to
7 Firefox OS into H5OS 8 require signed extensions
Well, that didn’t take long. Upcoming versions of Firefox
While Firefox OS is struggling to get will require that all extensions are
established in the smartphone market, signed via AMO (addons.mozilla.org),
a bunch of ex-Mozilla employees have with no way to disable this feature.
set up a new company, Acadine, to The goal? To stop users from installing
develop a fork called H5OS. Very little is rogue extensions from other sources
known about the fork yet, but Acadine that contain spyware, malware or other
has managed to secure a healthy nefarious code. We understand the
$100 million in funding from Tsinghua intention, but it all sounds rather Apple-
Unigroup International, a Chinese esque “walled garden”, especially with
state-controlled company that’s no option to switch it off…
based in Hong Kong. https://wiki.mozilla.org/Addons/
www.acadine.com/en-US/index.html Extension_Signing
www.linuxvoice.com 7
� DISTROHOPPER
DISTROHOPPER
What’s hot and happening in the world of Linux distros (and BSD!).
Ubuntu 15.10 Beta 1
October is coming…
W
e don’t normally cover in-
development and beta releases
in Distrohopper, but with Ubuntu
and its various respins still being the most
prominent distributions out there, we
thought we’d look at what’s to come in
Ubuntu 15.10.
Kubuntu features the Plasma 5.4 beta
desktop, along with KDE Applications 15.05
and some non-KDE programs including
LibreOffice 4.4 and Firefox 38. We can expect
LibreOffice 5.0 to be included in the final
release of Kubuntu 15.10, however.
Ubuntu Gnome includes Gnome Shell
3.16 and most of the Gnome 3.16 release;
Gnome Music is now included and Shotwell
has been replaced by Gnome Photos. Over in
the Ubuntu Mate world, their 15.10 beta
includes the Mate 1.10 desktop, better
multi-monitor support, an extension Mate, the continuation of the Gnome 2 codebase, is coming on in leaps and bounds.
manager for the Caja file manager, and
many bugfixes and plugs for memory leaks. Finally, the biggest change in Xubuntu is beta for these distros is due on 24
Of all the Ubuntu flavours in beta, this one is the replacement of Gnumeric and AbiWord September, with a release candidate
making the most rapid progress. with LibreOffice Calc and Writer. The next following on 15 October.
Quirky 7.1
Mini distro puts on weight to support Android app developers.
R
emember Puppy Linux? It was a enormously, so that it’s now a 1GB
lightweight distro geared towards download, but the goal is to have an
older machines, but with enough all-encompassing Android development
useful software to make it suitable for daily platform that requires no extra packages.
computing. Quirky is a spin-off of Puppy, a And it’s designed for all kinds of Get started with Android app development with
“plaything” and avenue to try out new ideas, developers, from beginners to long-time Quirky 7.1 “Appril”.
as its developer puts it. Starting with version hackers. App Inventor lets non-coders create
7.0, Quirky releases are known as the “April” apps using visual building blocks, whereas Appril is a great idea and we’d like to see
series, and now we have “Appril 7.1” [sic]. those who prefer to get their hands dirty in more distros focused on a particular
This release is targeted at Android app real source code can fire up Android Studio developer audience. For more information
developers, and to this end it includes the and start hacking. An image is available for and download links, visit the blog of Barry
Android SDK, Android Studio, App Inventor, 16GB SD cards or USB sticks, while it’s also Kauler, the lead developer of Quirky (and
Oracle JDK and LiveCode out of the box. possible to install to a drive or partition using Puppy) at www.bkhome.org.
This has increased the size of the distro the installquirky.x86 executable. news/?viewDetailed=00236.
8 www.linuxvoice.com
� DISTROHOPPER
News from the *BSD camps
What’s going on in the world of FreeBSD, NetBSD and OpenBSD.
F
reeBSD 10.2 was released in
mid-August, and was a fairly
conservative release with few major
features to shout about. The Linux
compatibility layer was updated to work with
CentOS 6 binaries, while DRM code from
Linux has also been imported enabling
multiple X servers to run simultaneously.
Improvements have been made to ARM
support, while in filesystem terms, ZFS is
faster and more reliable. If a file called
/firstboot exists when the system boots, the
root filesystem will expand to fill the device.
Not long after, PC-BSD, the desktop-
friendly spin-off of FreeBSD, issued its 10.2
release. Along with all the updates in
FreeBSD, PC-BSD 10.2 also sports a Fancy trying a BSD flavour? Want an easy introduction? PC-BSD (www.pcbsd.org) is your best bet.
CD-sized network installation medium,
installed fixes (making it easier to create project leader Theo de Raadt has dismissed without security holes.” However, he has
dual-boot setups), and better support for virtualisation as a means to better security, more recently stated that OpenBSD should
HiDPI displays. PC-BSD ships with Firefox 40, stating: “You are absolutely deluded, if not step up to the “virtualisation challenge”, and
Chromium 44, Gnome 3.16 and its native stupid, if you think that a worldwide Larkin’s work is already capable of booting
Lumina desktop version 0.8.6. collection of software engineers who can’t an OpenBSD kernel. Incidentally, this work
Over in the OpenBSD camp, developer write operating systems or applications was funded by the OpenBSD Foundation
Mike Larkin has started working on a native without security holes, can then turn around – to which Microsoft recently contributed!
hypervisor for the OS. In the past, OpenBSD and suddenly write virtualisation layers What a time to be alive...
Linux turns 24
How time flies. On 25 August 1991, a budding hacker called Linus
Benedict Torvalds visited the comp.os.minix newsgroup (see our Group
Test on page 54 for more information on Minix). Torvalds posted the
following message:
“I’m doing a (free) operating system (just a hobby, won’t be big and
professional like GNU) for 386(486) AT clones. This has been brewing
since April, and is starting to get ready. I’d like any feedback on things
people like/dislike in Minix, as my OS resembles it somewhat (same
physical layout of the file-system (due to practical reasons) among other
things). I’ve currently ported Bash (1.08) and GCC (1.40), and things seem
to work. This implies that I’ll get something practical within a few months,
and I’d like to know what features most people would want. Any
suggestions are welcome, but I won’t promise I’ll implement them :-)”
Note the reference to the GNU project at the start. Back in 1991, it was
generally assumed that GNU would finish its own kernel and develop into a
complete operating system, far more advanced than what Torvalds was
working on. You can see that Torvalds had also ported some GNU
programs such as Bash and GCC to run on his kernel as well.
In the end, however, the Linux kernel paired so well with the GNU
project that GNU/Linux was born, and Torvalds’s work did indeed develop
into something “big and professional”, especially as large companies such
as IBM, Intel, Red Hat and Google started contributing code. Oh, and a bit
of trivia: originally Linux was known as Freax, but an admin of the FTP site
hosting the kernel convinced Torvalds to rename it. Thankfully!
This wee laddie wrote the kernel that made GNU/Linux complete,
and the rest is (very awesome) history. (Photo: Lars Wirzenius)
www.linuxvoice.com 9
� GAMING ON LINUX
GAMING ON LINUX
The tastiest brain candy to relax those tired neurons
DIVISIVE DRIVERS
Dirt Showdown
Finally a big-title racing game on Linux!
R
acing games on Linux are in short
supply, but Dirt Showdown should satisfy
some cravings. While the realistic racing
simulator gap is not filled by this game, it does
very well at providing a fairly casual arcade racer.
That said, traditional racing is only one aspect,
with game modes varying from demolition derby
Michel Loubet-Jambert is our Games
Editor. He hasn’t had a decent night’s to drifting and elimination racing.
sleep since Steam came out on Linux. The two major annoyances with Dirt are
the way in which it bombards the player with DiRT Showdown focuses less on realism and more
G
raphics hardware has been far advertisements and product placement, and on car-smashing fun.
more divisive for Linux how it goes to cringeworthy lengths to be cool.
gamers than it has been on
The soundtrack seems like it is designed to get unplayable and crashes aren’t unheard of.
other operating systems. On one
hand we have Nvidia, whose pensioners shaking their fists in disapproval, Though performance is mostly very good, the
proprietary drivers are on par with while the game’s announcer seems almost odd problem should be expected.
those on Windows; however the desperate to conveying how “extreme” the game Overall, the game is a great deal of fun and
Nouveau open source drivers make is to the player with words like “carnage” and with its issues aside, it is certainly worth the
hardly any use of the hardware. On
“mayhem” repeated on loop. The advertising is price. It’s one of those games that can sit in your
the other is AMD, whose proprietary
drivers have been criticised for also as in-your-face as the announcer. library for a while, being visited whenever a dose
having lower performance than those It’s worth remembering that the game is not of mindless fun is required, of which
on Windows, while the open source a straight port, but uses a compatibility layer Dirt Showdown provides plenty.
Radeon drivers are making serious like that used in Bioshock Infinite and The Witcher
performance advances. On Linux, the Website http://store.steampowered.com/
II. More often than not the game does feel like
drivers, rather than the hardware, app/201700 Price £9.99
often seem to be the deciding factor a straight port, some settings make the game
in choosing graphics cards.
Unsurprisingly, this shows up in a
couple of surveys where the hardware
of Linux users differs from Windows
users. This is exacerbated now that
lack of support for AMD cards has
unfortunately been the rule rather
than the exception lately with AAA
games landing on Linux. Graphics
drivers as a whole have been a major
source of complaint from developers
working with Linux, particularly with
many distributions shipping with
dated drivers by default.
The replacement of OpenGL by
Vulkan should improve things
somewhat, given the lower driver The game’s tracks and
overhead, as should the steady vehicles are varied, providing
advance of integrated graphics something for everyone.
technology and recent moves by
distributions like Ubuntu which have
made it easier to update drivers.
However, for now, the situation serves
as a reminder that Linux gaming is
“Dirt Showdown’s game modes vary from demolition
still in its infancy. derby to drifting and elimination racing.”
10 www.linuxvoice.com
� GAMING ON LINUX
Shadowrun: Hong Kong ALSO RELEASED…
A very solid (but somewhat wordy) futuristic cRPG.
F
ollowing the success of Shadowrun game. Like the other Shadowruns, it
Returns and Shadowrun Dragonfall, features a great soundtrack, tactical
the revamped series has returned combat and an intricate and intriguing
for another installment. Right off the world where a high-tech society functions
bat, the game throws the player into alongside magic, though we’d prefer a few
a dystopian futuristic Hong Kong more cutscenes and a little less text.
Free Enterprise Zone, ruled by mega- Fans of story-driven cRPG games and
corporations, corrupt government officials the Shadowrun series should certainly OlliOlli2: Welcome to Olliwood
and a dark underworld. pick this one up, though those without the The sequel to the hit indie skateboarding game
Those who played the previous two patience to go through pages and pages adds a lot to the original. It feels far more
games will find themselves in familiar of dialogue should think twice. polished, while gameplay is still tons of fun.
territory, with the gameplay and graphics The fast-paced side scrolling is very appealing,
while local multiplayer support with controllers
essentially the same, though the new Website http://store.steampowered.com/
makes this one of the few games beginning to
app/346940 Price £14.99
story and setting do warrant a standalone break with the PC’s antisocial past. Its
addictive nature makes this a great game for
split-screen sessions with friends.
http://store.steampowered.com/app/365660
The pre-rendered
backgrounds are excellent Fallen: A2P Protocol
This post-apocalyptic RPG with XCOM-like
and bursting with detail.
tactical turn-based combat is a little rough
around the edges, but should please fans of
the original Fallout and XCOM games.
Cradle
Resources are scarce, and scavenging for
ammo and weapons is a big part of the game.
Unfortunately, it does still feel like it’s in Early
Access, so those looking for a more polished
A quirky and minimalistic exploration-adventure game. experience may want to keep an eye on it and
T
wait for patches.
his sci-fi exploration-adventure http://store.steampowered.com/app/325790
game puts the player in a yurt
on the Mongolian steppes in the
year 2076, the challenge being to make
sense of it all and piece together the
protagonist’s memories. It is clear from
the start that Cradle takes inspiration from
dystopian classics such as Brave New
World, adopting many of the undertones of Much of the game’s story develops through
a society led astray by technology. rebuilding a mysterious female android.
Like other such games, it rewards the
curious player. Those who take the time to a limited field of view, particularly in Beyond Eyes
Beyond Eyes takes the player through the
examine objects, read notes and engage platforming parts of the game. Similarly, journey of a Rae, blind girl looking for her
in additional dialogue will find a far richer the lack of clear instructions can cause missing cat. The game looks stunning and
experience than that provided through the confusion at times. Nonetheless, if you uses some quirky mechanics in that the world
ambient storytelling and dialogue. like a game which isn’t afraid of pushing seen by Rae can often differ from reality and
However, Cradle has its flaws. The boundaries and doesn’t hold your hand, requires extra effort to explore. It’s hugely
immersive and aided greatly by its soundtrack.
main issue is gameplay, which can be it’s worth picking up. This is one of the more creative titles out there
infuriating at times, mostly because it and is thus highly recommended.
feels as though it should be a third-person Website http://store.steampowered.com/ http://store.steampowered.com/app/356050
app/361550 Price £9.99
game or in the very least not have such
www.linuxvoice.com 11
� MAIL
YOUR LETTERS
Got something to say? An idea for a new magazine feature?
Or a great discovery? Email us: letters@linuxvoice.com
LINUX VOICE STAR LETTER
WINDOWS 10
Now that Windows 10 is out a secure distro like Tails when it
and rolling I have to wonder how will not boot on the newer UEFI
many of those who upgraded are and Secure Boot systems?
having problems with their dual Steve Cox
boot systems? I also wonder if
there is any experience on how to Graham says: This is a very good
dual boot Windows 10 and Linux? question, and it’s one that Matthew
I know this is compounded with Garrett partly tackles in this
UEFI and Secure Boot, which issue’s interview (see page 40),
adds more to solve. I abandoned Our experience is that you can still
two installs of Linux because of disable Secure Boot and even bypass
these problems and am giving UEFI if you need to, and we’ve had
Windows 10 a shot. I think we no problem dual/triple/quad booting
are headed towards only getting alongside Windows 10 (really!). But
Linux if you build or buy a specific we have heard from a couple of Microsoft isn’t going out of its way to make things easier for
computer for that purpose. As an readers who have had problems, so Linux users; however, we should be grateful that it’s getting
additional thought, what good is we’re currently investigating. easier to buy a PC without Windows pre-installed.
DIGITAL PANIC!!! For too long, we have
been a passively
Before I retired I worked for a many other terrorist groups. One tolerant society, saying
to our citizens: as long
manufacturing company, where further thought: there are now
as you obey the law, we
we talked a lot about getting a very large number of people
will leave you alone…
to the root cause of a problem, engaged in gathering information
about cause and effect, and about about others. Never again will
critical paths. To me the internet someone who has arranged for an
is just another tool: if there is a job incriminating email to go missing,
to do, you use the most effective be sure that a copy will not re-
or convenient tool available; if this surface. And whose information is
tool is not available you use the worth the most, David Cameron’s
next most effective or convenient and other people in the public eye
tool, and so on. The important of course. David, you have created
bottom line being that human a monster and you are nearest to Snowden leaks was that it would have
ingenuity will always ensure that its teeth. been impossible to steal/liberate
the job is done no matter what John Bourne that amount of data if it were stored
tools are or are not available. on paper files like in the olden days,
So why is David Cameron (and Andrew says: Fair points all, though so digital files’ ease of duplication
others) getting so fixated on the I do think that files are always going is already having the effect you
internet? As far as terrorism is to be much easier to reproduce than describe. It’ll only take a couple of
concerned the IRA managed quite physical discs. One of the things generations of politicians before they
well without the internet, as did that struck me about the Edward cotton on to this!
12 www.linuxvoice.com
� MAIL
PIPELIGHT AND TELEVISION LIBREOFFICE
I just tried to watch a documentary any of the previous 18 issues of LV. The short answer to Ms Mckie’s
I missed on Channel 5. I found my Topic for an article perhaps? post on getting more out of
way to the episode I wanted at David Tarrant LibreOffice is that there is a very
channel5.com/demand5 and got good series of tutorials at
a notification that I needed Adobe Andrew says: Installing software via www.libreoffice.org, but it
Flash 16. I’m using Firefox on PPAs isn’t ideal, but the ability to is well hidden. Once at the
Ubuntu 14.04 LTS, so I googled for install Pipelight through from your website “Get Help” followed by
more information. distro’s package manager isn’t idea “Documentation”. The documents
To my horror I uncovered a either: what we really want is for can be downloaded or can be
viper’s nest of suggestions to Flash to go away for ever, so we won’t bought on paper. I hope this of
install PPAs, HAL, Pipelight and need to install any more potentially help.
a custom version of Wine. What leaky plugins in order to watch TV. J Brian Slinger
a mess! Sounded like a major And while we can tolerate using Wine PS for Andrew
security vulnerability to me. occasionally when there’s something It could be that a database
Needless to say I didn’t attempt that we really need to use, there are approach might be better than
any of this. Instead I wondered plenty of native video formats that spreadsheets?
what Linux Voice might have to Channel 5 could have chosen (and
say on the subject. I don’t recall plenty of other channels to watch than Andrew: The LibreOffice docs are
you ever mentioning Pipelight in Channel 5). indeed detailed, but anything that
runs to 389 pages can not in any way
reasonably describe itself as a getting
started guide. And that was Sarah’s
point; the information is out there,
but there’s far, far to much of it. And
if I can’t handle the complexity of a
spreadsheet, I doubt that a database
would make things any easier.
Pipelight provides a wrapper for Windows plugins – but come on Netflix, your So much power, so much
customers deserve better than that. documentation, so mcuh confusion.
www.linuxvoice.com 13
� SUBSCRIBE
SUBSCRIBE shop.linuxvoice.com
Get your regular dose
of Linux Voice, the
magazine that:
Gives 50% of its profits
back to Free Software
Licenses its content
SUBSCRIBE TO CC-BY-SA within 9 months
US/Canada subs prices
TODAY! 1-year print & digital: £95
12-month digital only: £38
Get many pages Access our Save money on
of tutorials, rapidly growing the shop price
features, interviews back-issues archive and get each issue
and reviews – all DRM-free and delivered to
every month ready to download your door
Payment is in Pounds Sterling. 12-month subscribers will receive 12 issues of Linux Voice a year. 7-month
subscribers will receive 7 issue of Linux Voice. If you are dissatisfied in any way you can write to us to cancel your
subscription at subscriptions@linuxvoice.com and we will refund you for all unmailed issues.
14 www.linuxvoice.com
� SUBSCRIBE
All subscribers get access to every
single digital back issue –
that’s about 1,000,000 words of
tutorials, reviews and free software
hackery at your fingertips
Overseas subs prices
12-month print & digital:
Europe: £85
US/Canada: £95
Rest of world: £99 DIGITAL
SUBSCRIPTION*
ONLY
*
£38
WHEREVER IN THE WORLD YOU
ARE – IT’S DIGITAL, SO THERE ARE
NO POSTAGE COSTS
www.linuxvoice.com 15
� LINUX CONFERENCE
Last year’s SUSECon was held in Orlando,
and included talks about up-and-coming
technologies such as Docker.
Developers and partners get the chance
to put their questions to the SUSE team.
Distro vendor SUSE is holding its big yearly conference
in early November. And you can attend by winning a
2015
free ticket worth €895!
L
inux wouldn’t be possible without the internet. work – and for customers, partners and the press
The ability of tens of thousands of developers to delve deeper into the latest developments. Linux
to work together on free software, without Voice will be there, of course, and you can join too
having to be in the same room, has made the world of by registering at www.susecon.com. You even have
desktops, distros and software repositories a reality. a chance to attend for free by winning a conference
But still, sometimes it’s good to put faces to names, pass – but more on that in a moment!
meet up with other Linux users and developers, learn
about upcoming trends and technologies, and grab a Location and schedule
beer at the end of the day. That’s why Linux and open SUSECon 2015 will be held in the Beurs van Berlage
source conferences are mightily useful for the building (www.beursvanberlage.nl/en), an imposing
software we all use. former commodity
SUSE, the creator
of SUSE Enterprise “It’s good to put faces to names, exchange just a few
hundred meters from
Linux, OpenSUSE, Yast learn about upcoming trends and Amsterdam’s central
and other well-known
software, is gearing grab a beer at the end of the day.” train station, so it’s easy
to get to the event from
up to hold its yearly the city’s main airport
conference. This year, it will take place from 2–6 (Schiphol). If you’re looking for accommodation, the
November in Amsterdam. SUSE describes the event Beurs van Berlage staff provides assistance via this
as “the annual global technical conference for SUSE page: www.bvbroomkit.nl/susecon15.
customers, partners and community enthusiasts, If you arrive on Monday 2 November, you can
geared to the needs of the enterprise IT consumer”. register and attend some of the pre-conference
It’s a place for the SUSE team to show off its latest workshops looking at SUSE OpenStack Cloud and
16 www.linuxvoice.com
� LINUX CONFERENCE
SUSE Linux Enterprise Server 12. These
sessions run from 8.30am through to 5.30pm.
The main part of the conference kicks off on
Tuesday with the opening keynote, followed
by breakout sessions, technology showcase,
and a conference party in the evening. The
following two days feature more sessions
and technology showcases, and the event
officially closes on Thursday 5 November with
a keynote at 4.30pm. Note that there will be
some final breakout sessions on Friday, along
with Certification Testing for those doing
the Certified Linux Administrator or Certified
Linux Professional courses.
So in total that’s over 120 hands-on,
tutorial, case study, future outlook and
business overview sessions – plenty to see
and do. Some of the highlights include:
Hands on session on Docker Everything
you need to know to start using Docker
productively.
Software Defined Everything -
Management, Cloud, Containers and Storage The
latest advances in data centre virtualisation and the filesystems (btrfs, ext4, xfs), and parameters which
management tools needed to deploy, monitor and should be considered when doing performance SUSECon 2015 will
maintain an increasingly complex environment. comparisons. be held in the Beurs
Linux Kernel Audit Framework How to use the SUSE Linux Enterprise Server 12 A one-day class van Berlage, a
Linux audit framework for compliance and security. designed for SUSE Linux Enterprise Administrators former commodity
SUSE Virtualisation Technologies Roadmap A who are new to the technology changes released in exchange.
high-level look at the virtualisation technologies SUSE Linux Enterprise Server 12. It combines
available in SUSE Linux Enterprise Server, including lectures and hands-on learning, and covers the
KVM, Xen, LXC, and Docker. installation, initialisation, services, filesystems,
Industry Efforts To Make Open Source More software management and desktop changes.
Secure See what the open source ecosystem and Best Practices in Monitoring Keeping an eye on all
industry consortium are doing to help prevent devices and services inside your infrastructure is
similar incidences in the future and see what steps critical. This talk gives an overview about a
you should take to minimise your risk. high-availability monitoring setup that helps
A comparison of filesystems This presentation administrators better understand their environment.
provides an overview about the “big” Linux For a full list see https://susecon2015.
smarteventscloud.com/connect/search.ww, and
for the complete agenda visit www.susecon.com/
Ever fancied a trip to Amsterdam? agenda.html. In addition to all these sessions, there
Now’s your chance! are 14 hours of time for “networking with peers
and partners” – in other words, meeting other
developers, admins and users – plus the ability to
do the certification exams as mentioned before.
Additionally, SUSE will hand out six awards for its
best customers and partners of 2015. So in all,
there’s a huge amount to see and do.
Attend for free!
If you’re interested in attending, and register before
1 November, you can do so for €895 at
www.susecon.com. But! Linux Voice is also
offering three free conference passes as part of a
prize draw, so if you’d love to go but you or your
company don’t have the funds, there’s still a
chance to attend the sessions and get hands-on
with new tech. For a chance to win, visit:
www.linuxvoice.com/susecon15/
www.linuxvoice.com 17
� THE BEST DESKTOP 2015
BEST LINUX
DESKTOP
2015
Ben Everard searches for the perfect software to
meld human and machine in perfect harmony.
D
esktop environments yet at the same time it shouldn’t more familiar with the concepts
provide the bridge between overly tax the limited capacity of involved. For most computer
our soft, fleshy minds and the CPU in the box. users, moving a mouse is as
the cold, hard logic of the familiar as moving a pen across a
computer. It’s the difference of Back to the future piece of paper.
these two processing units that This seemingly intractable Despite all these advances,
makes them hard to design well: contradiction isn’t as dire as it’s still not completely clear how
our gooey brains like elegant it may seem, though. It’s been the perfect desktop environment
graphics, and can struggle to almost 50 years since Douglas should operate. Some people like
remember complex operations; the Engelbart revealed mouse-driven a keyboard-driven interface, others
silicon brain inside the computer, window-based computing to the prefer to use the mouse; some
on the other hand, don’t care a jot world in a presentation at the Fall people like big, chunky icons,
for this and just want to be told Joint Computer Conference that’s others smaller unobtrusive ones;
what to do. become known as The Mother some people like graphical effects,
A good desktop environment Of All Demos. While we may still others prefer simplicity.
should appease both sides. They operate in the same graphical Fortunately, Linux enables
shouldn’t overly tax our minds paradigm almost half a century us to use different desktop
and should help to keep us calm later, we’ve refined the system environments depending on our
and relaxed even after an eight- immeasurably. The software preferences. So, this leaves every
hour day of staring at confusing and hardware is now better user with the question, what’s
symbols on a bright LCD screen, suited to the tasks, and we’re all the right desktop for me? We’re
going to look at the software from
“Linux enables us to use different desktops four different angles: lightweight,
traditional, touchable and
depending on our preferences – this raises the tweakable, and see which desktop
question: what’s the best desktop for me?” best fits the bill in each area. Read
on to find out our favourites…
18 www.linuxvoice.com
� THE BEST DESKTOP 2015
LIGHTWEIGHT DESKTOPS
The best interfaces for computers with limited resources.
W
e’ll start our look at desktops with the
lightweight contenders. This is, perhaps,
the hardest of all the categories, because
we’re looking for a desktop that has all the features we
want, looks good, but at the same time doesn’t tax
resources. A good lightweight desktop should run
quickly on anything from an ageing laptop to a
Raspberry Pi.
We started by shortlisting our three favourite
lightweight desktops: Moksha, Xfce and LXDE.
Moksha is a fork of the discontinued E17 desktop
by the team behind Bodhi Linux. As the E17 project
moved on to E18 and E19, the Bodhi team found that
the desktop lost the key features that made it great:
stability and lightness. Rather than give up on the
project altogether, they decided to go back the last
version they liked (E17), and continue to maintain the
code that the original project had given up on.
LXDE with PCManFM
Low-fat, lean meat more to it than that. LXDE is simple and easy to use,
and Leafpad: lightweight
The first version of Xfce came out in 1996, making but lacks some of the configurability and graphical perfection.
it one of the oldest Linux desktops. In that time niceties of the other two in this category.
it’s changed significantly from a clone of the Unix For us, LXDE is the perfect balance of features and
Common Desktop Environment (CDE), which had elegance. Everything in the desktop serves a purpose,
a series of drawers along the bottom and windows so we feel like every CPU cycle and megabyte of
minimised to the desktop (the term “desktop” was memory is being put to good use. Xfce has a bit more
taken more literally in those days), to a more standard power and a few more configuration options, but we
environment based on panels, task managers and don’t feel that these add sufficiently to the desktop
applications menus. experience to justify their inclusion in a lightweight
LXDE is probably the most standard of the three desktop. Moksha packs an impressive amount of
desktops we’ve looked at here. By default, it comes graphical niceties into a lightweight desktop, and it’s
with a panel along the bottom and an applications worth considering if you like animations and other
menu in the bottom-left corner. There’s not too much visual effects but have limited processing power.
Lightweight desktop environments at a glance
LXDE No frills, no wasted CPU cycles Xfce Lightweight needn’t mean simple Moksha Graphics galore
This desktop is balanced for simplicity rather than Lighter than most, but customisable enough to really Great-looking graphics and light weight are two
features, but is still powerful enough for most needs. let you take control of the desktop, Xfce is the most qualities that rarely go together, but they do in
Along with being one of the lightest desktops around, tweakable desktop in the lightweight category. You Moksha. The animations and transitions make this
LXDE is also one of the easiest to use. LXDE is also can customise almost everything and not bog down desktop easy on tired eyes. Could this fork finally take
the default environment on Raspian, and therefore the your CPU or graphics card. The Xfce applications are the spirit of Enlightenment mainstream?
first desktop a generation of Linux users will try. also built with heavy use in mind. Try on: Bodhi
Try on: Lubuntu, Raspbian Try on: Xubuntu, Debian Best for: Graphics on limited hardware
Best for: Running with minimal drain on resources Best for: Frugal power users Avoid if: You want applications and desktop to
Avoid if: You like graphical effects Avoid if: You need to run on very limited hardware form a cohesive whole
www.linuxvoice.com 19
� THE BEST DESKTOP 2015
TOUCHABLE DESKTOPS
Desktops so good they leave smears on your screen.
W
hen we talk about touchable interfaces, we windows and combines the window decoration,
don’t mean phones: we’re talking about the menu and toolbar into a single widget. Combined with
new breed of desktop interfaces that the clean interface of Gnome Shell, this leads to a
eschew the traditional desktop paradigm and seek to minimalist experience that is still powerful when you
find a more effective way of interacting between man poke below the surface.
and machine. We’re looking for desktops suitable for The idea behind Ubuntu’s Unity interface is to create
general-purpose computing, which should also work a single interface that’s equally at home on a desktop,
well with a mouse on non-touchable computers. The phone, tablet, TV, or any other device with a graphical
three contenders for best touchable desktop are interface. However, at the moment, only the desktop
Gnome 3, Unity and Android. version has any real traction. There are phones
Gnome 3 took a lot of criticism when it first came running Unity available, but these aren’t yet common.
out. The previous version was well known and loved
by a huge proportion of Linux users, and Gnome 3 Unity – a brave new world
threw out this popular software and started again Unity introduces a few concepts that aren’t in other
in a very different manner. Early versions of Gnome desktops, so they can take some time to become
3 also performed badly, familiar with. Most of the action happens in the Dash,
ALSO CONSIDER had some odd design which is a menu that pops up when you click on the
• KDE Plasma Mobile (previously known as KDE Plasma decisions (such as Ubuntu button in the top left-hand corner of the
Active) is the touch-based desktop from KDE. As the name removing the shutdown screen. This menu enables you to search for things
suggests, it’s primarily designed with phones in mind, option) and broke both on your computer and on the wider internet.
but also works well on anything with a touchscreen, from
tablets to laptops and desktops. The interface looks great, useful features between Inside the Dash you can uses scopes to search for a
but isn’t yet widely adopted. releases (this was particular type of item (for example, the applications
particularly problematic scope and the images scope both work as you’d
for extensions that many expect). Canonical, the parent company behind
people relied upon). The desktop of Gnome 3 (Gnome Ubuntu, came under heavy criticism from the
Shell) came out before many of the applications had Electronic Frontier Foundation and others for
moved over to the newer style of working, so users including a shopping scope in the default scope, as
were left with a new (and unintuitive) desktop with the this meant that private desktop searches were being
same applications. sent to remote servers (this feature can be disabled).
Since its first release in 2011, Gnome 3 has In addition to scopes, you can use lenses to focus
matured significantly. The newer software feels more in on the results produced by a search. These can be
at home on the desktop as the new GTK 3 applications used to make the results returned in a dash search
now use the header bar, which sanitises the top of more interactive. In practice, there is some overlap
Touchable desktop environments at a glance
Unity Can you master the Dash? Gnome 3 Big, bold and beautiful Android From phones to desktops
From the company that brought you Linux for The latest incarnation of Gnome is rapidly improving, Android is the master of maximising the value of
Human beings, Unity is a reimagining of the desktop though not everyone appreciates the direction it’s a small screen and touch input. Perhaps, though,
interface for every device from phones to desktops. going in. Big icons, powerful header bars and hidden it’s best to leave it to phones, as it doesn’t have the
That’s a huge task, but one that Unity accomplishes complexity come together to create a visually power of desktop interfaces designed for desktop
impressively. impressive desktop that’s designed to focus the user computers.
Try on: Ubuntu to the current task. Try on: Nexus devices
Best for: Trend setters with a penchant for orange Try on: Fedora Best for: Making phone calls
and purple Best for: Maximising the use of screen space Avoid if: You need proper multitasking or a wide
Avoid if: You don’t like a panel on the left-hand side Avoid if: You like a tweakable desktop range of applications
20 www.linuxvoice.com
� THE BEST DESKTOP 2015
THE UNITY INTERFACE
The all-powerful Dash is Scopes in the Dash enable you to search a The launcher and task Early versions of Unity always placed
the way of controlling the particular type of data, which could be on manager are combined the menu bar at the top of the screen
OS. Learn to use it well, the computer or on a remote site. If you into a single applet. rather than on the window, but this is now
and it’s a hugely powerful don’t like the default setup, you can add Arrows next to icons customisable, and you can change the
interface. and remove scopes to fit the data you want. indicate open windows. menu position with the flick of a switch.
The panel is fixed to the left-hand side of The orange and purple Lenses give you more information about Unity utilises some Gnome
the screen, and this isn’t changeable. This colour scheme that’s the the results returned by a search, and can applications, including
can feel a little strange if you’re used to top default on Ubuntu looks display content. When combined with Nautilus as a file manager,
or bottom panels, but works well with the great on Unity. Other scopes, they enable you to instantly analyse though with some custom
square icons. distros use other colours. the results of your search. patches.
between lenses and scopes, and this can lead to closed source and much
confusion about what’s going on. Scopes can be of it ships with adverts. ADVANTAGES OF TOUCHABLE DESKTOPS
useful on the desktop, but they really shine on mobile. • Big, chunky icons are the defining feature of touchable
Scopes can be used to play music, collate all your And the winner is… desktops.
messages from various different apps, find nearby We can’t recommend • These newer desktops are designed for modern users.
attractions and many other things. Android for serious
LIMITATIONS
Our final consideration, Android, often isn’t computing purely
• Touchable desktops are all radically different from the
considered a desktop environment, but it is. It’s most because of the lack of desktops that came before. They can feel uncomfortable
used on phones and tablets, but can also work on free software options for and strange to some people.
desktops and can handle mouse and keyboard input many major computing
as well as touch. HP and Lenovo (among others) sell tasks, and while Gnome
laptops with Android running on them. 3 has come on in leaps and bounds, Unity wins this
Although the interface is different from other Linux category because it manages to blend the best of old
desktop environments, the biggest difference with and new desktop paradigms, and it works well across
Android is that there’s a completely separate set of a range of devices. The concept of scopes can be
software. Very few of the usual desktop programs confusing, but when it’s properly set up, it makes the
that we’ve come to know and love will run on Android, Dash searches incredibly powerful and gives you a
and most software that is available on Android is single portal to all the data you need.
www.linuxvoice.com 21
� THE BEST DESKTOP 2015
TRADITIONAL DESKTOPS
We haven’t changed, so why should our desktops?
O
f all the desktops here, the entries in the of users took the code, rebranded it Mate (pronounced
traditional category are the strongest. This is Mah-tay), and kept the spirit of Gnome 2 alive. The
largely because this style of desktop has change in developers has injected new life into the
matured for longer than the others. The current style Mate/Gnome 2 project and although the bulk of the
of bottom panel was first popularised in Windows 95, code is the same, the newer graphics give the project
though even this borrows heavily from earlier a modern look. The new project has not just
environments such as RISC OS. A desktop in this maintained the old code, but continues to improve it.
category should be instantly familiar to just about any By version 1.10, Mate could be built against both GTK
computer user. 2 and 3, so the project will be able to incorporate
When Gnome 3 came out and shifted away from features from newer versions of the GTK tookit.
the traditional desktop, the Linux Mint project The outsider in this category is the Budgie desktop.
developed a set of extensions known as the Mint It’s built specifically for SolusOS, which has had a
Gnome Shell Extensions. These were designed to tricky few years. The original developer of the project,
convert the desktop back to a more familiar layout. Ikey Doherty, left the project and shut down SolusOS
Over time, the required changes became too big for in October 2013. Ikey then started a new distro named
extensions, and the Linux Evolve OS in December of the same year. This point
ALSO CONSIDER Mint team forked Gnome also marked the start of development of the Budgie
• LXDE. It’s lightweight, but also traditional in style. Perfect 3 to create Cinnamon. desktop. The distro then rebranded to SolusOS in May
for users who like unfussy environments. This desktop environment 2015, and it’s this new SolusOS that is the basis for
• KDE. Depending on how you tweak it, KDE can be very used all the newer our testing of Budgie.
traditional. technologies of Gnome 3
• Pantheon. Not quite as traditional as most, but Elementary that created great Enter, stranger…
OS’s desktop still follows the same basic principals.
graphical effects, but with Out of the three desktops in this category, Budgie is
a more traditional desktop definitely the least traditional. There are elements of
layout. This good-looking but familiar desktop helped Gnome 3 (such as the window styling with header
make Linux Mint the go-to distro for people seeking bars) and Unity (the abundant use of square icons
respite from the new world of desktops pushed with rounded corners). Despite these modern touches,
forward by Unity and Gnome 3. Budgie is ultimately still a traditional interface with a
The Mate project is a continuation of Gnome 2. The panel and an application menu. Budgie is far younger
Gnome project moved on to version 3, but the source than the others in this category, but this is as much of
code for version 2 remained available. Despite an advantage as a disadvantage: the modern look will
developers moving on, Gnome 2 remained popular appeal to many people too young to remember the
and many people weren’t yet ready to let it go. A group origins of the traditional desktop.
Traditional desktop environments at a glance
Mate The brand-new old desktop Cinnamon A desktop with spice Budgie Where traditional meets modern
We loved Gnome 2, and we still love Mate. Even Linux Mint’s flagship desktop has attracted a lot The new desktop developed for SolusOS stretches the
though we sometimes leave this safe haven for newer of fans for good reason. It rose up to provide a definition of traditional a bit as it fuses new and old
desktops, it still feels great to come back. Some haven of traditional interface as others we turning style interfaces. We love Budgie, but it does break a
people always search for new desktops, but why modern. Cinnamon now has more competition, but little from the pure traditional look. We’re excited to
bother when the old ones are this good? nothing else can match its combination of looks and see how it develops.
Try on: Ubuntu, Linux Mint, Arch Linux. comfortable, familiar style. Try on: SolusOS
Best for: People who want a desktop environment Try on: Linux Mint Best for: Cutting-edge junkies always looking for
that just works Best for: Looking good in a familiar setting the next greatest thing
Avoid if: You’re addicted to graphical effects Avoid if: You’re running on older hardware Avoid if: You’re a stanch traditionalist
20
22 www.linuxvoice.com
� THE BEST DESKTOP 2015
All the entrants are good, and there’s no bad choice can leave a little to be
in this category. However, there has to be a winner, desired. That said, it ADVANTAGES OF TRADITIONAL DESKTOPS
and for us, Mate just nudges ahead of its rivals. There should run without • The panel-and-apps-menu design is tried, tested and
isn’t a killer feature to push it into first place, it’s just problems on any machine familiar to most computer users.
slightly better in a lot of areas. All three are available from the past five years • Why change something that works well?
on a wide range of distros, though perhaps Mate or so. LIMITATIONS
leads the field in this regard, as not being tied to a Budgie is shaping up to
• Traditional desktops only work well with mouse or
particular distro give Mate a wider range of developers be a really good-looking trackball input. Keyboard- or touch-driven devices need a
working on the project. Mate is also a bit kinder to desktop. At this stage, it’s different approach.
older machines as it isn’t so resource heavy. It runs still a little hard to say
happily even on the limited resources of the humble exactly how it will pan out,
Raspberry Pi. but our early impressions are that it will be best suited
If you’re keen on graphical niceties, you may find to light and moderate computer users; power users
that you prefer Cinnamon. This desktop makes good may be better served by one of the other options. The
use of the additional graphical features in GTK 3 to clean, well-thought-out desktop means that Budgie
enhance the look. The biggest downside of this could seriously contend with Mate for the top spot in
desktop is its performance on older machines, which this category in a few years’ time.
THE MATE DESKTOP
Pluma, the text editor The name Mate comes from a type of tea Caja, the fork of Nautilus Mate doesn’t overly tax your computer and
forked from Gedit is popular in South America and parts of the used in Mate, retains many runs well even on modest machines. This
powerful enough for Middle East. A cup of Mate is often shared of the older features that is why Ubuntu Mate is the first desktop
basic programming and between a group of people. Unfortunately, newer versions of Nautilus version of Ubuntu to run on the Raspberry
configuration tasks. biscuits are not typically dunked. have shed. Pi (version 2 only).
You can set the desktop Thanks to its heritage, there are a wide Mate has a range of The applications menu is the heart of every
wallpaper to be any image variety of themes available for Mate if you layout options including traditional desktop. They should be simple,
you like, and most distros don’t like the one that comes in your distro. the single bottom panel functional and easy to use. Mate’s is a
come with a wide variety The default Ubuntu Mate theme is shown in (shown here), and the classic and allows you to find and launch
for you to choose from. this picture. classic Gnome 2 look. programs with ease.
www.linuxvoice.com 23
� THE BEST DESKTOP 2015
TWEAKABLE DESKTOPS
The desktop environments that put you in control
T
his is the category for people who want also run it on its own. After all, what is a window
ultimate control over their desktop. The manager if not an extremely customisable desktop
options are all a little different. environment?
KDE is quite close to a traditional desktop, however Starting from scratch with just a window manager
it’s far more configurable than any of the other like Openbox can take quite a bit of effort to reach a
desktops in the traditional category. For the purposes usable desktop, so another option (at least initially)
of this competition, we’re looking at KDE 5 rather than is to use a distro that comes with Openbox pre-
version 4 despite the fact that not all distros have configured. Traditionally, the best choice for this is
upgraded to this latest version yet. CrunchBang, but development of this distro has come
We’ve always felt that while KDE can create a to an end. The spirit of CrunchBang, however, lives
wonderful desktop, the default settings leave quite on in other distros. CrunchBang++, ArchBang, and
a lot to be desired. The newest version does a lot to the soon-to-be-released product of the CrunchBang
improve that, and now KDE looks good out of the box community, Bunsen. All of these feature a minimal
in most instances. Openbox-based desktop with lightweight apps pilfered
Depending on your from other desktop environments.
ALSO CONSIDER point of view, the range of Like Openbox, i3 is a window manager, though
• Xfce isn’t as customisable as some options, but does have configuration options in i3 is a little more complete than Openbox in that
a lot of scope for modification. KDE could be described you can install it and run it without any additional
• You can start your customisation quest with any other as comprehensive or configuration. While Openbox is probably run more
window managers rather than Openbox.
excessive. There are a lot frequently as part of a larger desktop environment,
• AwesomeWM is another option for tweakers who like i3’s
keyboard-driven tiled interface. of possibilities that we i3 is almost solely run as a standalone desktop. The
can’t imagine anyone ever one thing that really distinguishes i3 from the other
wanting, such as using desktops we’ve looked at here is that it’s a tiling
your mouse wheel to change the opacity of a window. window manager that’s primarily keyboard driven. It
Still, this range of options is the point of KDE. It’s the is also highly customisable, hence its inclusion in this
desktop that doesn’t try to force you into a particular category.
way of working; instead, it adapts to your processes.
Some people may argue that Openbox on its own And the winner is
isn’t a desktop environment, but a window manager. Given how different the entrants in this category are, it
It doesn’t have all the extra bits that run alongside it may seem a little churlish to pick a winner. They’re all
to make it as powerful as some of the entrants here. great options, but very different, and will suit different
You can run Openbox inside one of the other desktops people. However, the category is Tweakable, so we
here (this is especially popular in LXDE), but you can used that to guide our decision. We’re going with KDE
Tweakable Desktops at a glance
KDE Everything you need Openbox A blank slate i3 Keyboard-driven customisation
The archetypical tweakable desktop, KDE includes all Rather than starting with a complete desktop you If keyboard-driven interfaces are your thing, then
the components you need, but each one is tweakable can start your quest for the ultimate personalised i3 lets you customise a tiled-window interface in
to the extreme so you can bend the desktop to almost desktop with a window manager, like Openbox, and innumerable ways. There’s not much in the way
any look or method of working. With a bit of effort, build upwards from there. This method gives you a of graphics, but i3 is all about taking ultimate
you can make KDE as plain or as complex as you want complete choice of what goes in, but can be a lot of control of your desktop, and to help you do this, the
it to be. work to get everything just right. configuration possibilities are almost endless.
Try on: OpenSUSE, Mandriva, Kubuntu Try on: CrunchBang ++ Try on: Arch
Best for: People who like to adjust everything Best For: Tweakers with limited hardware Best for: Keyboard lovers
Avoid if: You have limited processing power Avoid if: You don’t like configuration files Avoid if: You like graphics or mouse-driven apps
20
24 www.linuxvoice.com
� THE BEST DESKTOP 2015
THE KDE DESKTOP
The cashew button has gone in KDE 5, but There are heaps of widgets in KDE, which There are many options to This shows the default
the menu remains, this time behind an can be used to display information (such add graphical effects, but Kubuntu desktop. Other
obscure icon with three lines. The menus as RSS readers and weather forcasters), or use these with caution as versions could be tweaked
is the powerhouse of KDE and is used to be productivity-sapping distractions. The they can slow down your so much that they aren’t
control the desktop, widgets and activities. choice is yours. machine’s performance. recognisable.
All KDE’sapplications Activities enable you to create specific The KDE menu doesn’t suit KDE includes a wide entirety of software
are highly configurable desktop setups for specific purposes. While everyone, but it’s easily including a web browser (Rekonq) and
including Dolphin (the file they are quite powerful, we find it hard to changeable, so you should an office suite (Calligra). Part of KDE’s
manager) and Kate (the set them up in a way that really improves find a look that works for tweakability is the option to leave out parts
text editor). the desktop experience. you. that you don’t want.
as it is, in our view, the ultimate tinkerer’s desktop. mouse with i3 , though
Almost everything can be tuned to the user’s desires. if that’s your preferred ADVANTAGES
It wasn’t really a fair fight because KDE contains way of working, you’re • Tweakable desktops can be moulded to your particular
much more than the other two options, and by virtue probably better off with working style and graphical taste.
of this, has more to configure. a different desktop. The • You can tailor the graphical effects to your hardware.
All three of these desktops suit power users, though reliance on the keyboard
LIMITATIONS
not all power users are the same. Openbox enables means that i3 is most
• Finding exactly the right look and feel for you can take
you, with a little effort, to create a very sleek desktop efficient for people who time. Sometimes it’s easier to let the desktop’s developers
that’s tailored to exactly your use, and this is probably mostly use keyboard- do the hard work for you.
more efficient than KDE when you use it for a narrow driven apps. Sysadmins
range of tasks. running tasks over SSH
A desktop based on the i3 window manager is and programmers using Vim are the most likely
definitely one for keyboard fans. You can use a contenders here.
OVER TO YOU
The ability to choose your own desktop have the same range available. As a Linux user, environment. There are also plenty of websites that
environment is something that sets Linux aside it’s well worth taking full advantage of this to find that help people share ideas about setups online
from all other popular operating systems – even the one that’s right for you. Don’t be afraid to step (such as www.reddit.com/r/unixporn). Go forth and
other open source OSes such as the BSDs don’t outside the mainstream in your pursuit of the right find your perfect desktop environment!
www.linuxvoice.com 25
� FEATURE BUILD YOUR OWN DISTRO
BUILD YOUR OWN DISTRO
THE NEWBIE EDITION
Greenhorns rejoice! Mayank Sharma has found a way for
you to spin your very own distro without much fuss.
O
ver the years there have been several excellent these templates. To begin with it’s a good idea to
tools that’ll help you build a customised distro. select a template from within the current OpenSUSE
None however, is, as intuitive as SUSE Studio. 13.2 release. There are four base templates
The tool creates custom images based on both the underneath every release.
community supported OpenSUSE distro and its The Just Enough OS (JeOS) template is ideal for
suit-wearing cousin SUSE Linux Enterprise (SLES). building a minimalistic system. Then there’s the
What makes it especially endearing to first-time Server template, which helps you build text-only
customisers is the lack of a build environment. All you server distros. Finally there are templates that help
need is a web browser and bandwidth to download customise a Gnome 3 or KDE 4-based desktop distro.
your creation. SUSE Studio takes care of the rest. The Round off the process by selecting a processor
service has an easy-to-navigate tabbed interface that architecture (32-bit or 64-bit) for your distro at
helps you define several aspects of your distro. When the bottom of the page. Use 32-bit for maximum
PRO TIP you’re done, the service will spin your distro and even compatibility and 64-bit for optimised performance on
If a package conflicts lets you test it on its own remote virtual machines. It newer machines. Then alter the name for your distro,
with an existing one,
you’ll get options to really doesn’t get simpler than this. or just go with the default value for the time being, and
resolve the issue by To get started, fire up the web browser head to press the Create Appliance button.
removing one of the two. www.susestudio.com and log in with an existing
account on one of the supported OpenID services Be the change
or create a new one. Once you’re signed in, click on The service then takes you to the main dashboard,
‘Create New Appliance’ under Actions. In SUSE Studio from where you can customise the different aspects
everything is an appliance even if you’re designing the of the distro using the various tabs on the page. First
distro for use on physical hardware. up is the Software tab, which lets you add apps to
You’ll then have to select a base distro for your your distro from different sources. The primary source
customised one. The service supports the current is the group of official distro repositories that provide
and previous versions of OpenSUSE (13.2 and 12.3 software based on the base template. In case the
The SUSE Studio
Dashboard lists all your respectively). There are also templates that use software you wish to add isn’t in the default
images along with basic various current and stable SLES release, but you’ll repositories, you can also add additional repos, either
information about each. need to have a licence to use the distros created with from the OpenSUSE Build Service or a third-party, with
the Add Repositories option. Once added, these
repositories will be listed under the Software tab and
you can search for packages inside them.
Once you’ve set up the sources, use the Find box
on the page to look for packages in the repositories.
When you find what you’re looking for, just hit the
corresponding +add button, which will auto-resolve
dependencies and include it in your distro. Finally, you
can also upload an RPM or bunch multiple RPMs in a
compressed archive.
When you are done adding software, switch to the
Configuration tab to tweak the different aspects of
your distros. Head to the General tab to localise the
distro and select the default language and keyboard
layout and your timezone. On this page you can also
configure the network, enable the firewall and open
26 www.linuxvoice.com
� BUILD YOUR OWN DISTRO FEATURE
The SUSE Studio interface lacks any ‘Save’ buttons – the changes you If you have an appliance that’s based on an older version of OpenSUSE,
make are saved automatically. you can upgrade the underlying base with a single click.
the SSH and HTTP ports for remote access, and add and don’t need the live environment. These disk
users and groups. images are wrapped in a simple bootable installer and
Next, switch to the Personalise section to choose you only need to point them to a target hard disk for
the artwork for your distro. You can either select one installation, which is ideal for deploying servers.
of the listed ones or upload your own. SUSE Studio In order to create a traditional installation image, PRO TIP
will use these and show a preview of how your select the live CD/DVD option from the pull-down From the Server tab
you can add data from
appliance will appear at various stages such as at the menu. You can also get your distro in more formats an existing database
Grub bootloader screen, and at the login screen. by selecting additional formats using the checkbox. by uploading its SQL
The Startup tab determines the runlevel of the After you’ve selected the formats, hit the Build dump and adding users
and defining their
distro. By default it’s set to Runlevel 5, which means button to create your distro, which will only take a permissions.
your distro will boot to a graphical login screen. You few minutes. The SUSE Studio service also assigns
can select a different runlevel by using the pull-down a version number to your distro. Every time you
menu, which briefly describes each of the available modify the distro, it
runlevel options. You can also use this page to insert a
EULA, which will be shown on your distro’s initial boot.
will increment the
version number
“With SUSE Studio,all you need is
The user must agree to the EULA to be able to use and automatically a web browser and bandwidth to
your distro. You can safely ignore this section.
First-time users and those setting up a distro for
generate a
changelog that’ll
download your creation.”
desktops should head to the Desktop tab, from where list all the changes
you can select any of the users added via the General since the last version. Once the image in the default
tab to automatically log in and also specify programs format selected from the pull-down menu has
that you want to auto-start when they log in. been created you can click on the Build additional PRO TIP
Finally, round off the customisation process by button to ask the service to build images in the other Advanced users can
take a look at the Scripts
switching to the Files tab. From this page you can selected formats as well. Every build image has three section under the Startup
optionally add either single files or an archive of files to corresponding links. The Testdrive link will launch a tab to point to custom
your custom distro. In addition to uploading files from flash-based VNC session and boot your distro inside scripts that run every
time the distro boots up.
your computer, you can also add files by specifying a the web browser. The service also has instructions,
URL. All files are added to the root directory. However, under the Networking tab inside the Testdrive, for
once they have been uploaded you can select the files connecting to the test drive via a regular desktop VNC
and move them into other locations. For example, if client or through an SSH connection. All testdrive
you wish to include a file on the Desktop it should be sessions remain active for an hour.
placed under /etc/skel/Desktop. After you’ve fiddled with your customised distro and
are satisfied with your creation, use the Download link
Ready for production to grab the image in the corresponding format. Once
That takes care of the customisation steps. Now it’s you have the image, you can use it as you would any
time to ask SUSE Studio to convert it into a usable other distro image. You can also share your distro
distro. You can build your distro in several formats by with other SUSE Studio users by heading to the Share
switching to the Build tab. You can, for example, tab. Once your distro is listed in SUSE Studio’s gallery,
create a live ISO image of your distro meant for optical other users can clone your image and use it as a base
drives as well as live images for USB and images for to build their own custom distros. Similarly, if you like
virtually every virtualisation software available, someone’s image in the gallery, click on the Clone
including KVM, VirtualBox, VMware, Xen and more. The button to create a replica under your account. You can
Preload ISO option comes in handy if you are planning now modify the cloned image just as you would any
to do installations of your distro on physical machines of the other images you’ve created from scratch.
www.linuxvoice.com 27
� FEATURE BUILD YOUR OWN DISTRO
BUILD YOUR OWN DISTRO
THE EXPERT EDITION
For experienced campaigners who need more
control and flexibility.
F
ancy something more robust and malleable you stick with the Stable branch. You can then use the
than SUSE Studio? Then let’s switch gears, --config option to select the default desktop
along with the base distro, and build environment for your distro.
customised spins of the venerable Debian distro. The The --cgipackages.list.chroot field is used for
Debian Live Systems project is responsible for specifying any particular packages that you wish to
maintaining the tools and components required to be available straight out-of-the-box in your distro. Use
build all types of live Debian images, including the the field to write the exact names of the packages
official live images themselves. However, in addition to separated by a space, such as vnc sudo iceweasel
the command-line tools, the Live Systems project also gnupg. Make sure you correctly spell the names of the
hosts a web-based builder that lets you create packages or the build might fail.
everything from basic netbook images to hybrid ISO That takes care of the basic options. Let’s expand
images that can boot from USB disks. the sections marked Advanced, which give us some
To get started, point your web browser to http:// more important customisation settings.
live-systems.org. Here, click on the Build tab in the The Advanced Bootstrap Options is a fairly simple
top bar and select the Debian option to view the web- section that lets you decide the architecture of your
PRO TIP based interface of the Live Systems project. Enter custom distro. By default it’ll spit out i386 images
If you install the live- your email address in the first field and select the type that are more universal and will work on old and new
build package on a of image you wish to build. The default iso-hybrid computers. But for optimised performance on newer
Debian install, the build
lists are available under option creates an ISO image that you can use to boot machines it’s best to create 64-bit (amd64) images.
/usr/share/live/build/ from optical drives as well as USB disks. An important extension to the --architectures field
lists/. Here’s an example: in the Advanced Bootstrap section is the --linux-
http://debian.pastebin.
com/7qgpdBSz. Lay the foundation flavours field in the Advanced Chroot Options
Next you have to pick a base distro for creating your section. Using this option you can specify a sub-
custom ISO. You can select between Debian’s architecture for your distro to further optimise it for
Unstable branch, called Sid, and the Stable branch, the target machine. If you selected amd64 earlier,
which is currently dubbed Jessie. Unless you know then make sure you select the amd64 option here as
what you’re doing, for maximum stability it’s best if well. However if you’ve selected i386 in the previous
section, the --linux-flavours field gives you several
options to choose from. For example, you can select
486 to make sure the image works on really older
machines, while the 686-pae option ensures it can
properly use the available RAM on the computer.
The section also houses the --chroot-filesystem
field, which determines the root filesystem of the
image. It defaults to SquashFS, which is what you
should stick to.
Where geeks dare
Next up is the Advanced binary options section, which
further tailors your distro for your intended use. For
the initial few builds it’s best to leave these at their
default values until you get familiar with the process.
First up is the --bootappend-live field, which you can
The --cgipackages.list.chroot textbox will only take up to 255 characters. use to add any extra boot options to the distro you’re
28 www.linuxvoice.com
� BUILD YOUR OWN DISTRO FEATURE
The default username and password for the Live distros are user:live. Images are deleted after 24 hours.
creating, such as the default locale and keyboard The last section, titled Advanced Source Options is
language (for example, locales=en_GB keyboard- another minuscule one. It lists options that determine
layouts=gb). For a complete list of valid keyboard whether or not you’ll have source code inside your
options look at the /usr/share/X11/xkb/rules/base. live image and in what form. By default the --source
lst file inside any Debian-based Linux distro. parameter is set to false, which means that you won’t
Next up is the --bootloader field. The default option have any source code in your distro. But if you toggle
is Syslinux, which is the standard bootloader for live it to true, the --source-images parameter determines
distros. However you can instead switch to the Grub the format of the source code. By default, your distro PRO TIP
bootloader if you need the additional options and will include a .tar file with the source code of the distro. You can use your custom
flexibility that come with it. Unless your use case live CD as a base for
further customisations.
demands the use of Grub, Syslinux is the safe choice. It’s alive!
Then there’s the --debian-installer field, which That’s it. Run through all the options again and make
determines whether or not you can install your sure they’re in order, since an incorrect option can
custom distro and how. It offers three choices. The result in a failed
default false option doesn’t bundle the installer and build process.
boots straight into the distro. The live option is almost When you’re “You can deploy your custom ISO on
always the better option, since it enables you to use satisfied, click the intended machine or use it as a
the distro and then install without rebooting. the Submit
The iso-application, iso-preparer, iso-publisher, button to ask the base for further customisation.”
and iso-volume options are all for just labelling the system to build
resulting ISO. You can leave these to their suggested your images on the remote Debian build machine. As
values or change them if you plan to create multiple your image enters the build queue, you’ll be taken to a
PRO TIP
versions and want some extra info to be in there to page which lists a couple of URLs. You can use the
If you’re going to do
distinguish them. The --iso-volume defines the name first to check on the progress of the build, while the multiple builds of Debian
of the actual ISO file. You can also set a few extra other is link to the build directory that’ll house the Live, make sure you
options, such as whether or not the memtest memory generated ISO along with its md5 checksum. spend some time and set
up an apt-cacher server
diagnostic tool is included in the ISO or not. The build process can take anywhere from five to churn out builds faster
minutes to an hour and it varies depending on the and also ease the load on
time of the day and the number of builds in the queue. the Debian mirrors.
Further customisations
You’ll get an email when the system has generated
The developer of a minimalist Debian-based distro called your distro along with the result of the build. If the
Star Linux (http://linnix.sourceforge.net) has created a
status is ‘maybe-successful’ then you can click on the
live-build development environment that simplifies the
process of using the Live-Build tools. He has documented link in the email to download the image. However, if
the process of using his build environment on the forums the status is ‘maybe-failed’ the link will not list the ISO
of CrunchBang Linux (http://crunchbang.org/forums/ image. In such a case read through the build and log
viewtopic.php?id=39907). files to figure out the reason for failure and try again.
Among other things, you can use the build environment
After downloading your image, fire it up in VirtualBox
to configure the live user account, place files inside the
Live environment and install all kinds of packages. The and make sure it contains the customisations that
environment consists of three directories. You make you specified using the web-based form. You can
your modifications in the diy-source directory, then run also use a command line and graphical installer from
the setup script, which creates a diy-build directory. If the boot menu if you want to skip live boot. Once
you make any modifications to the diy-source directory,
you’ve checked your custom ISO you can deploy it on
use the update script to make changes to the diy-build
directory. Once you’ve made all changes, run the build the intended machine or use it as a base for further
script to create the custom iso. customisations.
www.linuxvoice.com 29
� SECRETS OF LIBREOFFICE CALC
SECRETS OF
LIBREOFFICE CALC
The popular spreadsheet is more than just a tool for making tables.
L
ibreOffice is familiar to most Linux users as the default office Spreadsheets, for example, are probably the quickest way of
suite in most distros. It’s easy to use, but also hugely analysing data if you know how to use them properly, so to save
powerful. If you spend a little time to get to know LibreOffice, time/effort/sanity, here are some of the most useful features of
office tasks become quicker, easier and more interesting. LibreOffice’s Calc spreadsheet that you may have missed.
01 02
01 04
Conditional Formatting aggregate the data into an easy-to-read Auto Filter
You probably know how to table. For example, if you have a list of The simplest way to
assign formatting to cells to sales by salesman, item and amount, a explore tables of data is
change the typeface, colour, pivot table can show you the amount through the Auto Filter tool. Just
background, etc. However, a useful per item per salesman. highlight the data (or the whole sheet),
feature that’s got a lot of attention over and go to Data > Filter > Auto Filter. This
03
the last few years is the ability to alter Macros will add dropdowns to the title row, and
this formatting depending on the LibreOffice includes its own in these dropdowns are options to filter
contents of the cell. Want negative programming setup in the and sort the data in any way you wish.
values in red? Large values in bold? No form of the Macro IDE. This enables you Using the Standard Filter option, you
problem. You can even turn your cells to write programs that interact with the can define the filter in almost any way
into mini bar chats (as shown in the main application. Unfortunately, this you wish.
image). To set up conditional hasn’t had much attention in recent
05
formatting, go to Format > Conditional years, so it can be a bit buggy. Don’t be Android
Formatting. too discouraged though, macros do still Need to view a document
run, and there are loads of resources on the go? LibreOffice runs
02
Pivot Tables online for writing code in LibreOffice on Android as well as Linux, OS X and
If you have a list of data Basic (which is the same as OpenOffice Windows. The ability to run on this
that includes multiple Basic). Take a look at our tutorial in mobile OS is a recent addition, so at the
columns, but with some values issue 19 for more details. Other moment, it’s quite basic, but it should
repeated, pivot tables enable you to languages are supported. improve in future versions. For more
34
30 www.linuxvoice.com
� SECRETS OF LIBREOFFICE CALC
03 04
05
07
06
07
office on the go, there’s a cloud-based Templates
version of the office suite in the works You don’t need to start
that will enable you to access and edit
your documents from any internet-
every project from a blank
sheet. Instead, you can use a template 08
connected device. You’ll be able to to set the document up before you even
access your date everywhere! start it. You can either create these
templates yourself (useful if you do the
06
Extensions same task many times, or you need
Do you find that you really other people to fill out a spreadsheet to
need a feature that’s just your specifications), or download an
not in Calc? Well you might still be in existing sheet from http://templates.
luck, as there’s an extensions system to libreoffice.org/template-center.
enable you to add extra capabilities.
08
You can create your own, or head to Image Editor
http://extensions.libreoffice.org/ No, we’re not joking!
extension-center to find ones that Libreoffice Calc includes an
other people have created. We can’t image editor. It can’t do much more
promise you that it will solve every than resize, crop and compress images,
problem, but there are a boatload of but this is still useful enough to allow
useful features there to make Calc even you to make many of your image
more powerful than it normally is. changes from within the application.
www.linuxvoice.com 31
� FEATURE FOSS FUN
Thought gaming on Linux was all about Steam? Think again –
there are many great FOSS gems, as Mike Saunders discovers.
I
n the space of a few years, Linux’s image in the source alternatives as well. And there are some
gaming world has been completely transformed. absolute gems out there; sure, they’re often not quite
Beforehand, it was seen as a geeky operating as polished as their commercial counterparts, but
system with a few quirky text-mode adventure what they may lack in spit-shine, they make up in
games, and the possibility to run some “real” titles depth, challenge and replayability.
with the Wine emulator. Today – and largely thanks We thought we’d gather a compilation of the best
to Steam – Linux is an FOSS games and
excellent platform for “There are some old classics show you why they’re
gaming, and arguably worth trying out. If
better than Windows. that will get a tear of nostalgia you’re a hard-core
After all, it’s easier to rolling down your cheek.” gamer, you’ll find
customise (so you can plenty here to whet
remove cruft you your appetite – many
don’t want), it’s secure, and it’s not leaking of the puzzles and strategy games may interest you.
everything you do to a giant corporation. And then there are some fantastic remakes of old
We’ve covered a lot of games classics that will get a tear of nostalgia rolling down
provided through Steam in our regular your cheek… By and large, these games are available
Gaming on Linux section, but we’ve in the package repositories of most major distros, so
also had requests from readers to you should be able to download them quickly
cover purely free software and open and easily.
32 www.linuxvoice.com
� FOSS FUN FEATURE
TORCS SuperTux
http://torcs.sourceforge.net https://supertux.github.io
TORCS (The Open Racing Car Simulator) is actually two programs No collection of games would be complete without a 2D
in one: it can be enjoyed as a traditional racing game, battling platformer, and in the FOSS world, nothing beats SuperTux. This
other cars on a variety of courses in single races or championship Mario-inspired cutesy run-and-jumper has over 50 levels to explore
modes. A huge amount of attention has been paid to the physics, and plenty of slippy-slidey action in ice worlds. As with Super Mario
with wheel types, suspension stiffness and aerodynamics all Bros 3 (and later games), SuperTux has a top-down overworld view
playing a part in how the cars behave. for switching between levels. When you’re dropped into a level,
Developers can create AI drivers in C++ in C++ (see www.berniw. you’re put in control of Tux, the Linux penguin mascot, and your
org/tutorials/robot for an introduction), which has led to TORCS job is to collect coins, bash blocks, and reach the level’s exit. We
being the base of several projects at the yearly IEEE Conference don’t think any game will ever beat SNES Mario World as
on Computational Intelligence and Games. The program has also the pinnacle of 2D platforming, but SuperTux
been used to study algorithmic generation of tracks. puts in a darn good effort.
FlightGear Hedgewars
www.flightgear.org www.hedgewars.org
Like TORCS, FlightGear is much more than a game. Its developers Worms was a huge success in the glory days of the Amiga, and
describe it as “an open flight simulator framework for use in spawned a number of playalikes. Hedgewars is our favourite of
research or academic environments, pilot training, as an industry these, combining cute graphics with terrific weaponry and game
engineering tool, and last but a fun, realistic, and challenging modes. It’s a turn-based action game, in which you control a group
desktop flight simulator”. It’s a vast and incredibly detailed piece of pink hedgehogs on a 2D side-on-view map. Your goal is to
of software with over 20,000 airports, multiple flight dynamics destroy enemy hedgehogs using a variety of weapons – but you
models, and a huge range of aircraft to explore. have to be careful when launching certain weapons, as they can
If you’ve ever tried to play a flight simulator, you’ll know that they destroy the ground on which you’re standing, leading to death.
have exceptionally steep learning curves. Sadly, FlightGear’s wiki You can play against other humans or CPU opponents, and
was down as we wrote this, but the full (and very detailed) manual while 48 pre-made maps are included, there’s also a random map
is available at http://mapserver.flightgear.org/getstart. generator for effectively infinite variations in design.
www.linuxvoice.com 33
� FEATURE FOSS FUN
X-Moto
http://xmoto.tuxfamily.org
Side-scrolling motorbike games are as old as the hills. Some of X-Moto is all about physics; in order to reach the strawberries,
you may remember Kickstart on the ZX Spectrum, or Motocross you have to perform some delicate manoeuvres. Using the up and
Maniacs on the Game Boy. X-Moto shares many similarities with down arrow keys to accelerate and break respectively, and the left
these, but here the objective isn’t to reach the goal as quickly as and right keys to rotate the bike, you can use bumps and hills to
possible. Instead, you have to collect strawberries (don’t ask us get lift for your motorbike and grab difficult-to-reach fruit. X-Moto
why) which are scattered across a course – a job that’s made has thousands of user-created levels available online, and you can
rather more difficult by various obstacles and jumps in the way. even download replays to watch your fellow riders do tricks.
Frozen Bubble Freeciv
www.frozen-bubble.org www.freeciv.org
Frozen Bubble is one of those action puzzle games that looks Avid gamers of the 1990s may recall Civilization, a turn-based
deceptively simple from the outside, but is hugely taxing and strategy game in which you guide a group of people from
addictive. You fire coloured balls from the bottom of the screen, prehistory onwards and help them develop new technologies
which stick together in the well at the top – and if three or more of throughout the ages. Freeciv is inspired by various games in the
the same colour touch, they explode and are removed. Civ series, but in particular Civilization II, and has a huge amount of
You can move your weapon left and right before firing the ball, flexibility (eg whether or not there should be computer controlled
and then another one (usually of a different colour) gets loaded. If players, how continents are developed and so forth).
you waste time, more balls are added to the well at the top, and the It’s a hugely engrossing game with very modest system
whole kaboodle gets closer and closer to your weapon before you requirements. It’s even possible to play it in a web browser,
run out of space and lose. Frozen Bubble requires a combination of thanks to Freeciv-web, a HTML 5 implementation, so you don’t
skills: good aim, good timing, and good planning. even need to install anything –see https://play.freeciv.org.
34 www.linuxvoice.com
� FOSS FUN FEATURE
SuperTuxKart Oolite
http://supertuxkart.sourceforge.net www.oolite.org
Imagine Nintendo’s famous Mario Kart franchise, but with our Elite is arguably the most impressive game ever written. Released
favourite Tux penguin mascot (and other characters from the in 1984, it boasted 3D graphics, spaceships, trading, dogfighting
FOSS world). You race around a number of tracks, competing and a large galaxy to explore – all in just 32k of RAM. Oolite is
against other drivers – or against your own best times. You essentially an open source spin-off of Elite, with much of the same
can also play against the person next to you with a split-screen gameplay, but vastly improved graphics and more to do.
multiplayer mode. SuperTuxKart features over 20 courses and Well, that’s when you spruce it up with some add-ons. Out
a variety of gameplay modes. The kart handling feels solid, the of the box, Oolite is rather plain, but you can expand the game
graphics are generally very slick, and overall it’s a great racing enormously: fancy textures, extra missions, and much more. As
game. It doesn’t take itself seriously like TORCS, but if you’re with the original Elite, it takes a while to master the controls and
looking for something based around power-ups rather than lap understand how the game works, but it’s well worth it (see
times, especially to play with the kids, SuperTuxKart is superb fun. www.oolite.org/starting).
NetHack
www.nethack.org
been playing NetHack for
decades, but still haven’t
completed it.
So what’s it all about?
Essentially, NetHack
is a dungeon romping
game. You explore
your surroundings,
collect items, upgrade
your abilities and
fight enemies. That’s all
there really is to it – but
NetHack’s magic lies in its
complexity. The dungeon
is designed randomly
If there’s one game you could spend the rest of your life each time you play, and
playing (and indeed in the afterlife, if that’s there are many thousands of combinations of items, monsters
your belief), it’s NetHack. This text-mode and manoeuvres. No two games are the same, and you can spend
command-driven game looks incredibly several weeks in a single game, even if you play an hour
primitive by today’s standards – like every evening.
something whipped up by a 13-year-old The biggest downside to NetHack is that it has a monumentally
over a couple of weekends. But NetHack steep learning curve. But it’s well worth learning to play, so read
is very special, very deep, and takes a our feature from issue 5 to get started with the game, or check it
lifetime to master. Many people have out here: www.linuxvoice.com/nethack.
www.linuxvoice.com 35
� SHOW REPORT LINUXCON
For those that couldn’t make it to Seattle, there are
slides available at http://events.linuxfoundation.org/
events/linuxcon-north-america/program/slides.
The next LinuxCon event is LinuxCon Europe in
Dublin, Ireland, 6–7 October 2015 (http://events.
linuxfoundation.org/events/linuxcon-europe).
LinuxCon
(and CloudOpen, and
ContainerCon)
Travis ‘TT’ Mooney packs his plaid shirt and Singles soundtrack
for this year’s North American Linux Conference.
L
inuxCon, combined with CloudOpen and have contributed to the kernel recently. Unless that is
ContainerCon, took over the Seattle Sheraton exactly the reason it’s easier. As Linux Foundation
on 16–19 August 2015. Home of grunge, head honcho Jim Zemlin pointed out in his keynote
Starbucks, and the fish-throwing fishmongers of Pike address, the real story behind Linux (and the
Place Market, the Emerald City is a hub of technology, Foundation) could be that it’s the first collaborative
with Amazon occupying more than 13% of the city’s development project at scale. And, with 23 projects
total office space, Microsoft just up the road in currently under the banner of the Linux Foundation,
Redmond, and O’Reilly and the Linux Foundation not and 400 member organisations, he is probably
far south in Portland. allowed an opinion along those lines.
From 10,000 to 19 million lines of code, the Linux Attendees in search of a pure Linux conference
kernel is a complex software project, which isn’t made weren’t going to find it here. Like Cerberus, the
easier by the fact that more than 4,000 developers conference was three-headed: Linux, the Cloud, and
36 www.linuxvoice.com
� LINUXCON SHOW REPORT
New members supporting the Linux
Foundation include Alibaba, DCHQ Inc,
MediaTek Inc, PayPal and Wuhan Deepin
Technology Co. Ltd.
Containers all shared top billing. With a marked lack
of Linus Torvalds on days one and two, a one-on-one
in place of the regular kernel panel, and a
programme that added a full schedule of container
talks, some attendees felt that Linux was under-
represented at its own show.
But they needn’t have feared. IBM, a stalwart of
the Linux world, came through with a new
hardware offering to spice things up: Linux-only
mainframes in the form of LinuxOne systems.
Adding LinuxOne to OpenPower, IBM is continuing
to reduce its reliance on internal proprietary
operating systems in zOS and AIX, respectively,
while harnessing the power of systems that scale
beyond x86. And while OpenPower was a
pure-play open specification from last-year’s about funding projects that are important, but
The Linux
Images courtesy of Linux Foundation.
LinuxCon, which is already in products you can buy, perhaps not quite sexy enough to attract direct
Foundation
the mainframe will take longer to unravel, and will be funding. In addition to the new security badge
announced a new
done by the Open Mainframe Project, which as you programme, it announced support for the network project, IO Visor,
might have guessed will be administered by the Linux time protocol daemon. And it’s a measure of the designed to help
Foundation. maturity of the Linux developers enable
Digging a little Foundation that it is a new way to
turned up some “We learned that containers, able to do so, with innovate, develop
other hardware currently the hotness of the devops other grants to and share IO and
networking
topics, from Red Hat OpenSSL, Frama-C,
talking about the world, don’t really interest Linus.” OpenSSH, GnuPG
functions.
enterprise-isation of and Debian
ARM Linux (coming soon, really), to a clean-room (and Reproducible Builds, and the Fuzzing Project.
patent-free) open hardware project that is cloning the
SuperH processor (they have the sh2 working, as Where was Linus?
found in the Sega Saturn, and next year will tackle the Dogs, like some technology aficionados, have a
sh4, which was featured in the Dreamcast), and an limited concept of persistence, and don’t understand
discussion of what exactly we can use our idle TPM that when people aren’t right in front of them. When I
modules for (the answer: lots of keying and hardware come home, perhaps from LinuxCon, my dog jumps
encryption). With Linux powering so much of the and carries on like she hasn’t seen me for years. And
infrastructure that makes up the cloud, there was also when Linus showed up on day three of the conference
plenty on the devops side, including extensive there was a similar whooping and hollering from a
coverage of OpenStack and Containers (Docker, crowd of devotees. From his one-on-one session with
Docker, seems to be everywhere). There were also Jim Zemlin, we learned that containers, currently the
talks on Mesosphere, Packer, Container security, and a hotness of the devops world, don’t really interest Linus
run-down of the Sony hack by security specialist all that much. They’re neat, but he is really only
Bruce Schneier — supporting the Core Infrastructure concerned about the kernel. Along with recent
Initiative’s new security badge programme. comments he’s publicly made about being a manager,
There was lots of important non-Linux stuff, too. not a coder, and how Linux will survive him, it’s fair to
The Core Infrastructure Initiative — founded in the say that although Linux was an amazing effort by one
aftermath of the Heartbleed OpenSSL bug — is all man, Linux is not Linus, nor vice-versa, anymore.
www.linuxvoice.com 37
� FAQ VULKAN
Vulkan The final frontier of computer graphics APIs.
screen, work out which bits of it from the same hardware, but otherwise
BEN EVERARD correspond to the triangle you wish to it will work more or less the same. The
draw, then set them to the value you exact improvement in Vulkan will
want them to be. A graphics API may depend a lot on the specific load.
I know this one! It’s the name give you the ability to just call a single From the developer’s perspective,
of a planet and the alien race function with the details of the triangle, things are very different. Each graphics
from there are emotionless beings and the API will take care of everything card contains many processing units
who follow only logic and reason. else for you. that are very efficient at processing the
Hang on, that’s Vulcan. Vulkan is sort of data that you get in 3D models.
the new graphics API from Isn’t that what my graphics When you write a program using
Khronos (the people behind OpenGL). card does? OpenGL, you also have to write a
Sort of. Your graphics card driver program that runs on these processors
Ah. My years as a trekkie implements a standard API. At so that the data you send to the card is
haven’t taught me much about the moment, this is probably OpenGL, handled correctly. These programs are
this. What’s an API, and why do I but in the future it will be Vulkan. The called shaders. When you write your
want one for graphics? specific implementation in the driver is program, you don’t know what
API stands for Application designed to do as much of the hardware it’s going to run on, and
Programmer’s Interface. The idea processing as possible on the graphics different graphics cards have different
behind an API is that it allows people card and do as little as possible on the architectures. This means you can’t
writing software to easily perform CPU. This means that the person compile the shaders. Instead, the
complex actions by calling pre-existing writing the software can just program shaders are written in GL Shader
functions rather than having to do using this standard API and the Language (GLSL), and the source code
everything from scratch. For example, software will work on whatever to the shader is included along with the
suppose you wanted to draw a triangle graphics hardware the user has. program. When you first start a
on the screen. To do this from scratch, program that uses OpenGL, the
you’d have to find the piece of memory So, what’s special about graphics driver compiles this shader
that stores the data that’s sent to the Vulkan? for the particular graphics hardware
From a user’s perspective, there’s being used.
not much different between Vulkan works in a different way.
“Vulkan will enable developers OpenGL and Vulkan. You’ll still be able
to use a graphics card to generate 2D
Instead of specifying a language that
shaders have to be written in, it
to create better graphics from or 3D graphics without putting much specifies a binary format that the
the same hardware.” load on your CPU. Hopefully, Vulkan will
enable you to create better graphics
shaders have to be compiled to when
the program is written. This is known as
38 www.linuxvoice.com
� VULKAN FAQ
Standard Portable Intermediate
Representation Five, or SPIR-V. As the
name suggests, SPIR-V is an
intermediate representation that’s a
halfway house in the process of
compiling software. It should be quite
close to fully compiled code, so the task
of the driver in converting this SPIR-V
binary code into executable code for
the hardware is much simpler than
compiling GLSL from scratch. SPIR-V
code can, in theory at least, be compiled
from any language provided that
someone create a compiler for it. This
means that developers can write their
shaders in the language of their choice. Intel’s Vulkan demo shows that we may be about to get a 50% speedup in our Linux
Vulkan is also more efficient at games (you can watch the benchmark at www.youtube.com/watch?v=GzcTUG8RT-M).
splitting up any code that does have to
run on the CPU across multiple cores. other people modelling large systems at least one developer (Pierre Moreau)
This can make a dramatic difference on and not too applicable to everyday working on Vulkan support for the open
systems with low-power processors computer users. source Nouveau driver for Nvidia cards.
such as embedded devices. Vulkan itself won’t change the way
either OpenCL or CUDA work, however, My phone uses OpenGL ES.
Graphics cards can also be OpenCL is a product of Khronos just as How does this fit into things?
used for more general purpose OpenGL and Vulkan are, so there are ES stands for Embedded
computing as well. How does Vulkan some links between the two. Systems. OpenGL ES is a
fit in with OpenCL and CUDA? stripped-down version of OpenGL
As we said earlier, a graphics card Will I need to get a new designed for low-power devices such
contains a lot of processors that graphics card to use Vulkan? as phones and just about anything else
are very efficient at processing the sort Not necessarily. It will be possible using an ARM processor (including the
of data needed for 3D graphics. In for the hardware manufacturers Raspberry Pi). Vulkan will run across all
simple terms, they’re very good at to create new drivers that will support devices so there will be only one version
applying the same numerical Vulkan provided that the graphics card for both embedded systems as
operations to large quantities of data. has the right features (any card that desktops. Google has announced that
There are a couple of methods for currently supports OpenGL 3.1 or newer Android will support Vulkan (although
doing general-purpose computing on should). Of course, this will be up to the at the time of writing, it hasn’t said
graphics cards: OpenCL and CUDA. The manufacturer and they may not do this which version of Android this will start
first of these is hardware agnostic and for all their hardware. with). As with PCs, it will be up to the
the latter is Nvidia specific. These tend At the time of writing, there is a driver hardware manufacturer to provide new
to be most useful for scientists and for Intel integrated graphics, and there’s graphics drivers to support Vulkan, so it
may not work on all existing phones.
Faster graphics, easier
development, more device
support; where can I get started?
Well the specification for Vulkan
isn’t yet finalised, so don’t expect
to see and hardware or drivers officially
released for Vulkan yet. If you want to
keep tabs on development, check out
the Vulkan section of the Khronos
website (www.khronos.org/vulkan).
If you’re a game developer and want
to take advantage of the newer
features, you’ll just have to wait for your
game engine to include support for the
API. Valve has confirmed that the
Source 2 engine will support Vulkan
Valve has demonstrated Dota 2 running on Vulkan, although at the time of writing, the general public and we expect other engines to follow
can’t get drivers to play this. suit. Live long and prosper!
www.linuxvoice.com 39
� INTERVIEW MATTHEW GARRETT
MATTHEW
GARRETT
Graham Morrison meets outspoken ex-kernel
contributor, staunch defender of Secure Boot and
recipient of the FSF’s Free Software Award.
S
oftware is complex, keeping at the Free Software Foundation, a
that complexity secure takes fierce advocate for Free Software, and
this complexity to a whole new a developer who isn’t afraid to call out
level. This is the domain of Matthew hypocrisy when he sees it. All of which
Garret. A former member of the Ubuntu makes Matthew one of our favourite
Technical Board and now working on people, which is why it was such a
security for container super-startup, great pleasure to meet him again and
CoreOS, he’s a one-time contributor
to Gnome, the Linux kernel, Debian,
ask him about his new job, Secure Boot,
and how we fight against ignorance for
“We might assume that
Ubuntu and Red Hat. He’s a director control of our own hardware. government is good, but
history has shown us that
What is it you’re doing at checked, and then written to disk, and we can’t always trust that
CoreOS? then you immediately reboot into the
our governments will
remain good.”
Matthew Garrett: I’m working on new version of CoreOS. So all our
security, which has been my thing for a upgrades are atomic. There’s no
while. CoreOS has always been piecemeal upgrade. There’s no risk that
designed with security in mind. One of you’re still running the older version of a
the distinctions between the appc piece of software. But that was all in
container format and the Docker format place before I got there. I’ve been there policy they want, who they want to
was that appc was designed to be a little over three months now and I’ve trust. If they want their hardware to only
cryptographically verifiable, so you can been working on securing the boot boot CoreOS, that’s something they can
make sure that the containers you process. do. They can configure their system
receive are the containers that you such that CoreOS will boot and nothing
thought you were going to be running. Is this still around the Grub else will. But if they want their systems
You can choose who to trust; there’s no bootloader? to boot both CoreOS and Windows, or
blanket. It came from here, it must be MG: Yes. I’ve been implementing UEFI any other Linux distribution, again that’s
trustworthy. It’s signed with a key I’ve boot support for CoreOS so we can also completely fine. But once we’ve
explicitly said is trustworthy. now build images that are signed, that booted the operating system, you still
have a completely verified boot have the problem of, well how do you
How much of a challenge is process. Which means that, even if secure the rest of user space? Rocket [a
that? someone does manage to break out of runtime app container alternative to
MG: It’s something that needs to be a container, there’s no way that they Docker’s] verifies all the keys, but what
considered from the beginning. Once can persistently get at your system. stops someone from gaining root and
you’ve made the decision to have that then modifying Rocket?
kind of verifiable format, it’s not too So this is why you’ve said in
difficult to do it. But it’s quite difficult to the past that Secure Boot is a And skips the key check…
go back and add it later. good thing? MG: Right! Or that it does the key
MG: Absolutely. This is a case where check but if it’s a specific key it’s a
Yes, because it becomes kind our customers are in control of the special case. If there’s a single bit set, a
of immutable as soon as you secure boot keys that they trust, which single key is much harder to find. What
set the container in stone. means that they are still completely in we’re using is the dm-verity code from
MG: Right. Our aim has always been to control of what their system runs. We Google’s Chrome OS, which means that
handle that. The CoreOS update don’t want to define a policy ourselves every block that is read from the hard
processes, again, the images are signed around that, we want our customers to drive is verified against a cryptographic
and verifiable, they are pulled down, be able to choose what kind of security action. If it matches then it just behaves
40 www.linuxvoice.com
� MATTHEW GARRETT INTERVIEW
This is where we start getting into the
use of TPMs (Trusted Platform Module,
an on-board crypto processor for
embedding keys into a device). Ten
years ago, we were very concerned that
TPMs were going to be used to lock
systems down, that TPMs were going
to be used against you. These days, that
hasn’t ended up happening and it turns
out it’s very very difficult for people to
use TPMs to restrict users. There are
some special cases where you can do
it, but it terms of general-purpose
computers, you can’t. It’s also, it turns
out, far too easy to surf around those
restrictions using a TPM, so the media
industry didn’t end up doing it. But what
has then happened in the past ten years
was that we discovered that while, yes,
the media industry is an enemy of user
freedom, in many cases, criminals and
intelligence organisations are perhaps
much more of a threat to user freedom.
So we have bigger problems now, and
we can use the TPMs to verify the state
of the system. We can use TPMs to say
the firmware has not been modified.
There are some subtleties involved in
doing that. You have to somehow
determine that you’re talking to the TPM
and verify that the TPM is giving you
correct information back.
And if the firmware has been
root hash is embedded within the kernel modified, the firmware could modify
“We want our customers to be and the kernel is signed and verified by
the firmware as part of the secure boot
your operating system. The traditional
approach with TPM was to do remote
able to choose what kind of process. So you know that the key was attestation, where a remote server
security policy they want.” good, and you know that everything communicates with your TPM and then
else chains back to that and it’s correct. there’s a cryptographically verifiable
So that makes the entire process from communication between the two, so
exactly as it should. the point where the firmware hands the remote server can tell that it’s
Is that at the filesystem level? over control to Grub, every single part of talking to the real TPM. And then the
MG: It’s underneath the the boot process is now TPM hands back some data that only
filesystem. The filesystem ends up cryptographically verified, all the way up the TPM would know, and then you can
being read only. There’s a series of to when you run Rocket, which is say I’m talking to the TPM, I’m not
hashes that go down to a single boot cryptographically verified against again talking to the operating system
hash and you verify that every block virty, and then Rocket verifies your pretending to be a TPM. That’s not
then has a hash. When the kernel reads containers. particularly convenient for most users
that block, it can hash that block and So you can have a policy where every because of the privacy and, even now,
verify that it matches. So there’s a small single part of the process is verified. there isn’t always a network available,
amount of CPU overhead with this, but And the next step is, like I said, so how do you perform that
on the other hand, even an SSD isn’t everything is verified from when the verification? Do you use your phone as
fast compared to the speed of CPUs. firmware hands over control to the boot a verification device?
The amount of data you’re pulling off loader. A big question is, can you trust
there is not large. And this is only used your firmware? And this is something Yeah, I use FreeOTP.
for applications and operating system- I’m going to be talking about in my MG: Right! So what I’ve come up
level data: it’s not used for container presentation [at OSCON], but it’s also with was a technology to basically
images. So it’s when you launch something that I’m very interested in encrypt the TOTP secret with the TPM
applications from the filesystem, then working on the wider scale, so not just and configure it such that the TPM will
those end up being verified. Then the in CoreOS but in my other interests. only decrypt that secret if the firmware
www.linuxvoice.com 41
� INTERVIEW MATTHEW GARRETT
One of these men has a PhD
in genetics (clue – it’s not
Graham).
hasn’t been tampered with. that you’ve got a good Grub, but you customers, the NSA have intercepted
That’s really good. couldn’t verify that your kernel and initrd those shipments and modified the
MG: So you run this and it just hadn’t been tampered with. So I’ve just systems. In some cases by adding
prints a QR code, you stamp the QR finished adding support to Grub for this extra hardware, in some cases by
code and on every boot a number TPM integration code and I’ll see if we modifying the firmware. Just because
comes up before you type. So you have can get that upstream. I really hope that you’re an enterprise customer, it doesn’t
your disk decryption prompt and there’s distributions show interest in this kind mean that this isn’t something that
a number there, and you just look at of work. In making it more should concern you. We’ve also seen
your phone and you verify that the two straightforward for Linux to be used as cases where malware has been used to
numbers are the same, and if they are a trustworthy operating system, for it to take advantage of security
then you know that you can type in your be much more difficult for attackers to vulnerabilities in system firmware and
passphrase. So that’s not obviously subvert your systems. then modify the firmware and inject
practical for CoreOS. We’ll probably be itself there. So that, even if you replace
using the more traditional remote Which has now become a very the hard drive, you can still be infected.
access station approach, so as each real threat.
CoreOS node comes up, if it’s MG: It certainly has! I know several It’s a bit like the Lenovo
configured properly, it’ll be able to call people who have had their computers machines with subverted and
back to the central management server taken away from them when they’ve replaced parts of Windows.
and say, “Hi, I’ve just booted and this is crossed international borders. And, at MG: Have you seen any of the stuff
me proving that I’m a legitimate device.” the moment, they have no real way of
“We can’t allow the threat of
verifying that they haven’t been
What firmware would those tampered with. Sure they could x-ray
nodes by running? them. I know a couple of people who do
terrorism to be sufficient to
destroy our freedoms.”
MG: The firmware would be whatever in fact x-ray their systems to make sure
the vendor has installed. no additional hardware has been added,
but that won’t show you if the
Can desktop/laptop/server firmware’s been tampered with. That’s coming out of the Hacking Team leaks?
Linux users have this kind of the kind of issue we have to deal with. Yes, we have.
two-factor authentication? MG: One of the ways they had for
MG: Yes, just use it. As long as you’ve This is really important. deploying that was an exploit that they
got a TPM, then that’s it. The UEFI MG: I’m interested in this could insert into system firmware. Now
firmware or the BIOS that’s in the because of the user freedom aspect, their method for deploying this involved
system already supports all the but it’s also something that’s really having physical access to the system,
management code for this. What was important in the data centre. In that being able to dump the firmware, being
missing was that Grub didn’t support case, again we’ve seen cases when able to modify it and then being able to
the measurements. So you could verify systems are being shipped to reflash it. Now that’s not something
42 www.linuxvoice.com
� MATTHEW GARRETT INTERVIEW
that could have been used as an we’ll be able to look at what the pressure.
automated attack factor, but that manufacturer provides and say yes, this MG: Right. If you go back to at least the
meant that when the system started it matches this or no, this firmware mid 90s, there was the clipper chip,
would mount the Windows system claims it’s this version but has the which was going to be a graphics
partition because it targeted Windows, wrong hash so that’s something we accelerator that would have a backdoor
they included a read/write NTFS driver should be concerned about. that the government would always be
in this firmware module so they could I think, over the next few years, there’s able to use. And there was fear that it
mount the filesystem and then drop going to be a lot of interest from would be the only permitted crypto in
their malware into the filesystem, enterprise users for that kind of the US. Then obviously we had the RIPA
modify the registry so that it would be functionality. Almost undetectable in the UK and the fear initially that we
started on boot and then unmap the firmware malware is something you would have forfeit keys if you used
filesystem and boot. And this took less have very little defence against. CoreOS cryptography – you would have to give
than a second, and there is no visible is designed to be as secure, as a copy of your key to the government.
trace. verifiable, as possible and this is the And things didn’t end up that badly.
kind of work we’re going to be doing to But the analogy that she made in this
You’re never gonna realise with integrate this into the product in the article was that, yeah cryptography
Windows anyway. future protect customers. does make the job of police more
MG: (laughs) So we assume that it may difficult, but being able to whisper
well have been used by governments or How do you think we can makes it more difficult for law
by law enforcement agencies against educate politicians who are enforcement to do their job, and we
people. Once you see people that are completely ignorant of encryption, don’t outlaw whispering. Locking doors,
doing this then, realistically, organised for example in the UK, and whether meeting in private, curtains, all of these
crime is also going to be doing this. citizens should have access to things make it harder for law
And the worst thing is that if a end-to-end encryption? enforcement to see what we’re doing
server’s been compromised in this way MG: Sarah Jeong wrote an excellent but we don’t argue that they have to be
at some point in the past, there’s no short article in Forbes last week (end of made illegal, because the greater social
straightforward way of cleaning it. You July, 2015) on this topic. We have US good for all of these outweighs the cost
may reformat the drive, you may newspapers calling for encryption to law enforcement. And it’s going to be
repurpose it for something else, you experts and IT companies to develop possible for people to do bad things
may never notice that this has golden keys that the US government with cryptography. That’s an inevitability.
happened. So the long-term thing is can then use to always decrypt The risk of forbidding all the good
obviously for us to work with anything they want to. People have things cryptography allows is so much
manufacturers to good lists of all the wanted this for a long time. worse. The lack of reassurance – you
firmware measurements so we can say can look at this from an economic
this is a legitimate firmware image. And Yes, PGP was under the same perspective: if people can’t trust crypto
then people are not going to do
business online. Either they’ll go
somewhere that they can or they’ll fall
back to putting information into tamper-
evident envelopes, just anything that
makes it more difficult for people to do
this. There’ll be a huge cost to that, but
it will be seen as a better than the
alternative. But you also don’t want a
situation where, right now, we might
assume that government is good, but
history has shown us that we can’t
always trust that our governments will
remain good. And there are many
countries where the governments have,
for periods, behaved in a way that is not
in the benefit of the majority of the
population. And we don’t want to hand
over this stuff to a government and say,
“OK, we trust you at the moment,” and
then discover, in 15 years time, that the
Both of these men have ability to decrypt this is now used to
installed Linux on an Amiga –
assault some undesirable section of
only one of them has worked for
Ubuntu and Red Hat. the community, who, 15 years
afterwards, we think of as a terrible
www.linuxvoice.com 43
� INTERVIEW MATTHEW GARRETT
tragedy that this was allowed to
happen. There’s a strong incentive for
us to fight back against this, and we
can’t allow the threat of terrorism to be
sufficient to destroy our freedoms.
There seems to be a significant
move from copyleft to
permissive licensing, which worries
us. How do we make the case for
copyleft beneficial and not political?
MG: I think I’d slightly disagree with
your premise. Percentage-wise certainly
copyleft is a smaller percentage of the
free software market, compared to
permissive licences, than it was in the
past. But I think all the numbers show
that the quantity of copylefted code is
continuing to increase. It’s just that, as
a percentage of the market, the market
is growing so much faster. And some of
that is because companies are coming
in and are releasing stuff under
permissive licences because that’s in
their corporate interests, they want to
encourage this.
CoreOS being a case in point.
MG: Yeah. A lot of the ecosystem
around the work we’re doing is
Apache-esque permissive licences and
According to Matthew, the GPL makes
we don’t step outside the community
vertain things easier for the bad guys –
bounds. But we also work on a number
and it makes things easier for the good
of copylefted projects and we guys too.
participate enthusiastically in that. We
have code for the Linux kernel and we
have code for Grub, and we work with bad ones. We still see people habitually understands open source.
the communities that exist. Part of it is infringing the GPL. MG: Google’s generally good. But when
just that companies come in and use And we don’t have the you’re dealing with other
permissive licences because, that way, resources to fight it. manufacturers, things become much
if anyone else contributes back, they MG: But the fact that the Linux kernel is less positive there. But something else
can still use that code in open-core type under the GPL and the fact that there that I think was important, again going
things, they can still build proprietary are people working on enforcing the back to the Hacking Team leaks, many
services and products around that. So GPL… of the mobiles that they were shipping
the shift in demographics is one thing were in fact using GPLed code. And
but there are so many people coming But only around 40 people in some people found their code in this
into this community that it makes total! and were very angry that their software
sense that people have grown up with MG: …is the entire reason why we have was being used to do bad things, to
source code being available, and have such a vibrant Android modding make it possible for evil governments to
always grown up being able to use that community. It’s the sole reason why hunt down pro-democracy activists and
source code as they see fit. And GPL, in people who have had phones imprison them. And that’s horrifying. So
some ways, stands against that. abandoned by their manufacturers are people are now starting to think, well
still able to get updates and security should I have used a licence that had
The GPL is more complicated updates. If we didn’t have that kind of some type of ‘don’t be evil’ clause.
than permissive licenses. enforcement, there would be many
MG: It adds a barrier. And it is more useless phones in the world than But the Hacking Team don’t
absolutely true that it adds a barrier for there actually are. care about licences.
the good guys. But the entire point is MG: Well that’s the point. They chose to
that it does add a barrier for the good But Android’s owner, Google, ignore this because they thought
guys, but it also adds a barrier for the can be good. Chris DiBona nobody was ever going to notice. But
44 www.linuxvoice.com
� MATTHEW GARRETT INTERVIEW
Matthew doesn’t contribute patches to
Intel’s code any more, after that company
pulled its advertising from the Gamasutra
website over the gamergate failfest.
make the source code available to me it much more difficult for someone to
“If you want to use GPL code or you violate the licence. And if I have
the code then I can look at that code
take those freedoms away from me.
And that has always been the
for evil you have to violate and I can determine whether this meaningful difference and that will
the licence in the process.” software is in my best interests or not,
and if it’s not, then I can modify it or pay
continue to be the meaningful
difference, and we need to argue on
someone to modify it and then replace that front.
the problem we face now is that, sure, it on my device or choose to stop using Should we be setting the best
we can argue about whether they that device. example that we can?
breached any European laws – they So obviously, if you want to use GPL MG: I think so, yeah.
probably did – but they’ll probably get code for evil then you have to violate
away with it because it’s embarrassed the licence in the process and that Because that’s not always
too many governments too afraid to leaves you open to legal recourse. And I done.
talk about this. think that’s actually an important part MG: Not at all. But we’ve pretty much
But on the other hand, they engaged of this that we’ve ignored: the licence just missed having this discussion.
in massive copyright infringement, you choose for your software is not just We’re concerned about user privacy.
sufficiently so that if copyright holders about what kind of businesses can use We’re very concerned about user
care to, they could probably now be it, it’s not just about which kind of security. And we’re terrified that these
sued out of existence, purely on the developers can use it, it’s about what people are able to do this evil things.
grounds of copyright infringement. level of freedom you want and what But we’re not doing any of the things
Without the GPL, we would have no rights you want to ensure are passed that we could do to make that more
recourse against that. The GPL is down to the recipient of the software. difficult for them. It’s worth doing a
intended, not just to benefit developers We often lose that in these better job of security on our side.
who are then able to participate in the arguments because we’re developers So, releasing software under licences
wider ecosystem because people talking to developers, we’re not users that make it more difficult for people to
continue publishing their code, it’s talking to users. For users, the GPL is behave in ways that hurt users. And I
designed to benefit the recipient of the an ambiguous whip and we need to do think that’s a strong argument. It’s an
software. And that makes it much more a better job of talking about it from that argument that people can understand. I
difficult for that software to be used in perspective again. Given the choice of think that’s an argument that we need
ways you disagree with. being given some code under a to make clearly and loudly and as often
If I receive a copy of some GPL code, BSD-type licence or some code under as possible while this is still something
then you have two choices: you either the GPL, the GPL is the one that makes people are worried about.
www.linuxvoice.com 45
� LISTEN TO THE PODCAST
WWW.LINUXVOICE.COM
BUY MUGS AND T-SHIRTS!
shop.linuxvoice.com
� INTRO REVIEWS
REVIEWS
The latest software and hardware for your Linux box, reviewed
and rated by the most experienced writers in the business
On test this issue...
48 49
Andrew Gregory
Wise man say, done is better than perfect. But I
bet Keats never had that defeatist attitude.
A
s we were working on this
issue, Linux passed its 24th KDE Plasma 5.4 Cyberfox 40.0
birthday. Since 25 August 1991 We’ve devoted eight pages to desktops Tired of the cruft that Firefox keeps
it’s gone from a student project to an this issue, but Graham Morrison reckons accumulating, Mike Saunders tries a
enabler of an enormous ecosystem of there is only one: the beautiful KDE 5.4. stripped-down alternative.
free software, the way that coral
provides a substrate for the rest of the
little fishies that live on the reef. Well 50
done to Mr Torvalds, and well done to
anyone who’s ever submitted a bug,
introduced a friend to Linux, developed
software that runs on Linux, or just
chooses to use it. We’ve all played our
part, however small.
With maturity comes great
usefulness. Linux is everywhere, quietly
and modestly, powering phones,
routers, televisions – everything except Pimoroni Picade
the vast majority of home PCs, which Les Pounder isn’t allowed to get a full-sized
still overwhelmingly use some version arcade cabinet, so it’s lucky for him that this tiny
of Windows. alternative exists for authentic 80s thrills.
Tomorrow belongs to us!
It’s been a couple of years since I saw BOOKS AND GROUP TEST
the words “Will 20XX be the year of
Monocultures are unhealthy, so let’s cross-fertilise
Linux on the desktop” written in the gene pool of Linux development with a bit of
anything other than jest, probably inspiration derived from some of the other free
because we just don’t care any more. software desktops out there on the internet. We can
But the more people get used to all learn from the OSes in this Group test – or maybe
you just want to be able to boast that you use an
Android in their pockets, the more alien
industrial-strength OS written for medical hardware
Windows will appear on their desktop. powering your bog-standard Dell box?
It’s inevitable, and when it happens, the In a similar vein, why not implant some new ideas
masses will wonder why they resisted into your soft squidgy brain? We find a good way to
the true path for so long. do this is by reading books, so we’ve reviewed some
on page 52.
andrew@linuxvoice.com
www.linuxvoice.com 47
� REVIEWS KDE PLASMA 5.4
KDE Plasma 5.4
The otherwise ever-professional Graham Morrison fails to remain impartial while
reviewing his favourite desktop environment.
K
DE Plasma 5.4, which most other desktops
DATA would refer to as the KDE desktop, has solved
Web
the problem with Linux and high-DPI displays.
www.kde.org These displays were expensive and unique just a
Developer couple of years ago. Even then, however, we were
KDE Team worried that unlike Windows and OS X, Linux desktops
Licence were ill prepared for 200+ pixels per inch. When your
GPL
13-inch display is 2560 pixels wide, fonts, windows,
icons and toolbars that were designed for screens
that stretched 1024 pixels across a 15- or 17-inch
screen looked tiny. The only solution was to manually
increase the size of everything, from fonts to icons. KDE is considering using EGL (rather than GLX), for
But this was an ugly kludge, and rarely worked across accelerated graphics rendering, and Plasma 5.4 even
toolkits and different desktop includes experimental Wayland support.
“KDE has been making environments. Now that even mobile
phones are starting to appear with 4K for applications that aren’t specific to KDE, such as
phenomanal progress screens, Plasma’s new scaling slider Firefox and LibreOffice.
with recent releases.” can’t come soon enough. It goes from a
scale factor of 1:1 (no scaling) through Kool for Kats
to 1:3, with 0.1 increments that put the For the last couple of years, Plasma has been playing
crude granularity of Apple’s OS X to shame. with the idea of a touch-based full-screen application
It doesn’t solve the problem of other toolkits (only launcher, but with this release, it becomes a fully
working with applications using KDE’s native Qt implemented idea. Like Gnome 3 or Unity, launching
toolkit) and desktops, and you’ll still need to configure the launcher takes over your screen, presenting you
Firefox manually, for example, but it’s the simplest with a list of installed applications and documents
and easiest solution we’ve seen, and it works. The that can be filtered as you type. Finding this feature
KDE display team seem to have had a productive is a little unintuitive – it’s a widget that needs to be
few months, as they’ve also added a new colour added to your panel or background, but it can then be
calibration tool alongside the scaling, although assigned a shortcut or easily clicked on to activate.
for serious work we’d like it to be compatible with We used it to replace the traditional Start-like launch
common profile formats. menu and gave it a keyboard shortcut of Alt+Space. In
For those of us who appreciate lovely graphics, fact, we were surprised that the application launcher
there’s also a new vector-drawn network monitor, a didn’t use KRunner’s command interpreter for adding
new audio volume and on-screen display that works useful functionality like the calculator, web searches
natively with PulseAudio, and 1,400 new icons, many and dictionary definitions. That would make the
launcher closer to Unity in functionality.
There are always going to be Linux users who don’t
get along with KDE. Perhaps the desktop feels too
corporate, or flat. Or there are just too many options to
contend with. Whatever their reasons, there’s nothing
wrong with disliking KDE. Choice is our friend, and we
all need to embrace it. But it’s also a minor tragedy,
because KDE has been making phenomenal progress
with recent releases, and Plasma 5.4 really delivers
on its promises. It’s stable, looks incredible, tentatively
runs on Wayland and is rapidly developing.
LINUX VOICE VERDICT
The new full-screen Fast, stable and full of important
application launcher additions. Combined with the new
makes it easy to see and applications, KDE is becoming brilliant.
start your applications or
edit your documents.
48 www.linuxvoice.com
� WEB BROWSER REVIEWS
Cyberfox 40.0
This Firefox spin-off promises better performance and a return to the classic layout.
Mike Saunders checks out the hype.
T
he Mozilla Foundation, and specifically its
Firefox web browser, has been going through a
rough time recently. Its market share is falling
(as Google Chrome continues to flourish, and Microsoft
is winning some converts with Edge). Many long-time
users have been frustrated by changes in recent
releases, such as the Australis theme, removal of
options, and the upcoming “walled garden” policy
where only signed extensions will be allowed. And
Firefox OS is hardly taking the world by storm either.
So several readers have asked us to look at Firefox
spin-offs, based on the Firefox codebase but with
optimisations and tweaks to make the browser more
appealing to power users. One name that has come
up a few times is Cyberfox, from 8pecxstudios in
Australia. The developers describe it as a browser that
“takes over where Mozilla left off, working to make a
fast, stable and reliable 64-bit web browser accessible
to all”.
Installation is fairly simple: once you’ve downloaded
See that tiny Firefox icon
the .tar.bz2 tarball, extract it, jump into the Cyberfox another Settings button at the bottom (yes, settings
to the left of the back
directory and run ./Cyberfox. The browser stores its for the settings), choose Classic Preset, and then button? That’s how you
settings and separately to Firefox, in ~/.8pecxstudios, restart the browser. None of this was obvious when switch themes in Cyberfox.
so you can run it both browsers safely alongside each we started Cyberfox – it’s all hacked together in a
other. By default, Cyberfox shares a similar design and rather ugly fashion.
layout with Firefox – although there’s an add-on bar at Next, let’s look at the performance gains that
the bottom enabled by default. 8pecxstudios have made from recompiling the code DATA
with extra optimisations. With only the Web
World of confusion www.linuxvoice.com website open, Cyberfox https://cyberfox.8pecx
Now, how do you switch to the classic theme? Go to consumes 213MB of RAM, whereas a stock Firefox studios.com
Menu > Add-ons > Appearance, right? Nope. Instead, installation uses 231MB. So it’s a small but significant Developer
8pecxstudios
you have to click the Firefox icon to the left of the back improvement, which adds up when you have multiple
Licence
button (which is rather ironic, given that this browser tabs open. We ran the Browsermark benchmark from Mozilla Public Licence
tries to remove all Firefox branding) which opens a http://web.basemark.com, which performs multiple
menu of options. Go to Customise Cyberfox, which tests such as CSS transforms, and Cyberfox came
presents a huge number of settings for tweaking out 4% faster than Firefox. So again, a relatively small
the browser’s appearance and behaviour. Then click boost but helpful over long browsing sessions.
Ultimately, Cyberfox is a promising project and that
delivers on being (slightly) faster and lighter than
Firefox, while providing more customisation ability. It
could turn out to be a valuable alternative to Firefox if
the Mozilla team spends more time on side-projects
such as Pocket integration rather than the browser
itself. However, the software’s presentation needs a
lot of work, with decent English on the website, some
documentation, and a more defined interface.
LINUX VOICE VERDICT
A tad zippier than Firefox, and friendlier
to your RAM banks – but rough around
the edges and in need of some polish.
The Customise Cyberfox window has hundreds of settings
to tweak, and then its own settings dialog too. Fear it.
www.linuxvoice.com 49
� REVIEWS MINI ARCADE
Pimoroni Picade
Les Pounder finds out if he’s still any good at Street Fighter 2.
F
rom the late 1970s to the early 2000s, the
DATA humble arcade was a cacophony of sounds
Web
and flashing lights designed to entice you to
http://shop.pimoroni. play the latest game. Since this golden age we have
com/products/picade seen arcades close across the world, with online
Developer gaming now becoming the norm. But the enthusiasts
Pimoroni of old are now restoring cabinets and reliving their
Price
£180
past thanks to emulation – the only problem being the
size, condition and cost of cabinets.
In December 2012, the original Picade became
the UK’s first Kickstarter and offered a solution for
enthusiasts, and in August 2015 we see the latest
version of this project. Picade is a tabletop arcade Picade is a smart table-top cabinet that offers an
cabinet that comes as a kit, measuring 27.6cm in authentic gaming experience in a compact size.
width, 39.2cm tall and 28.1cm deep.
What really makes a true arcade experience are contains a 3W amplifier for the two speakers attached
the controls, and Picade comes with a Zippyy brand to the inside of the cabinet, and the sound quality is
joystick that delivers a true microswitch-powered clear with plenty of bass for explosive gaming action.
experience, with each click
bringing back a childhood Pi power
“Picade is unbeatable for memory. The controls and Powering Picade is rather simple thanks to the
those wishing to dip their artwork are sandwiched
between MDF and acrylic
Raspberry Pi. Power is supplied to the Pi and from
there the Picade PCB and the screen are powered via
toe into arcade emulation.” protecting the artwork from the USB ports on the Pi. In our tests we tried to power
sweaty palms. a Wi-Fi dongle, but this resulted in the screen shutting
Building Picade takes around three hours and is off, so it’s worth investing in the official Raspberry Pi
a relatively painless undertaking with the trickiest power supply as it can provide a consistent 2 Amps.
part, the wiring of the controls, taking the most time. Picade works with all models of Raspberry Pi, but
All of the buttons and the joystick are wired into a for the best experience it’s worth buying a Raspberry
specially designed Arduino-type board powered by Pi 2 as it is significantly more powerful. Picade also
an Atmel MEGA32U4 microcontroller, the same that works with Beaglebone boards and has space for a
is found in the Arduino Leonardo, and using this chip Mini ITX-powered computer. The operating system
A good control setup
makes any gaming session the Picade PCB (Printed Circuit Board) can emulate a for Picade is RetroPie. Rather than a traditional
better and Picade comes USB keyboard. So when we press one of the buttons desktop environment, RetroPie uses a front-end called
with the classic arcade the Picade PCB interprets this and sends a keyboard Emulation Station, which offers a joystick-friendly
setup. press to the Raspberry Pi. The Picade PCB also method of input. From the 1970s to the Playstation
The Picade PCB is an Arduino-compatible board that
handles input from the controls and the audio.
50 www.linuxvoice.com
� MINI ARCADE REVIEWS
Picade: what’s in the box?
1
5
3
2
6
3
6
4
1 Picade’s frame is made of powder-coated MDF panels bolted together. and sends the appropriate keyboard sequence to your Raspberry Pi.
2 The controls are classic arcade components that use microswitches rather 5 Two speakers provide an authentic and bassy sound to your gaming
than analog inputs to simulate the controls of that era. sessions. They connect to the Picade PCB via screw terminals and are powered
3 Picade comes with its own artwork, but there are templates on the Pimoroni by a 3W amplifier.
website to design your own custom artwork. 6 Picade can work with two sizes of screen: an 8-inch 800x600 screen or a
4 The Picade PCB is the heart of the build; it interprets the input of the user 12-inch screen with a resolution of 1024x768, available separately.
era there were many systems and each can be As a starter-to-intermediate package Picade
emulated using RetroPie, and all you need to do is is unbeatable for those wishing to dip their toe.
provide a ROM image for the game. Solid build quality, great hardware and the ability to
Use the discount
Picade works beautifully with RetroPie and during customise Picade using off-the-shelf components code LINUXVOICE to get
our tests we successfully played a few rounds of make Picade one of a kind. The flexibility to use 10% off everything at
Street Fighter 2 and Sonic The Hedgehog. The joystick hardware other than the Raspberry Pi is a welcome Pimoroni’s wonderful
and buttons for each emulator required configuration addition as mini ITX computers running Linux are swag palace
before we could play, which was straightforward. exceptionally powerful for their size. https://shop.pimoroni.com
Picade comes in a few configurations. For this
review we built the £180 cabinet, but there are versions
at £135 (where you supply your own screen) and £90
(which is just the controller and PCB). The Picade
PCB can also be bought for £22 for those who wish
to build a system from scratch. All of the components
are provided and instructions are available from the
Pimoroni website. Even at £180 Picade is a cost-
effective entry into building an arcade cabinet.
LINUX VOICE VERDICT
A solid platform for beginner and
intermediate hackers looking to build
their own arcade experience.
The Picade frame is marked with the positions of major
components such as the PCB, Raspberry Pi and controls.
www.linuxvoice.com 51
� REVIEWS BOOKS
Seven Databases in Seven Weeks
Ben Everard now knows how to store anything, but has nothing to store.
O
ver the last decade there’s been an be completed over a long weekend (the
explosion in options for storing data authors don’t offer advice on how a reader is
driven by both demand for big data supposed to get seven long weekends).
solutions and websites needing data stores Though you don’t need to be an expert
that can cope with very high demand. Where to use this book, the reader is expected
as once databases were synonymous with to be familiar with the basic concept of
SQL, newer databases have eschewed a database and be able to program. The
the traditional relational approach and are information is tightly packed in, but there are
adhering to new approaches collectively plenty of exercises you can use to practise
known as noSQL. your new-found knowledge. If you make it
Thanks in part to the mobile/tablet and to the end, you’ll have a good knowledge of
smartphone revolution, noSQL is now how to best store your data and use modern
probably used in more places than those software to its best effect.
databases of old. That means that even if
you’re not planning to implement a database LINUX VOICE VERDICT
under the new regime, understanding what Author Eric Redmond and Jim R Wilson
it’s capable of is still a good strategy. noSQL Publisher Pragmatic Bookshelf
Seven Databases in Seven Weeks goes Price £23.50
ISBN 978-1934356920
through all of the popular database styles
This book is an excellent introduction to the
(relational, key-value, document, graph and current state of database technology, but don’t
columnar) and looks at how they differ. The expect to become an expert in each one.
book is structured into seven sections each Struggling to fill your CV? Add seven bullet
one is designed to take three days so it can points in under two months.
Effective Modern C++
Graham Morrison finds an antidote to his worst programming habit:
he writes C++ code just like it’s verbose C.
W
e suspect that many of us are C you’re already an experienced C++
and C++ programmers because programmer. While the text is often
that’s what you had to do to write lighthearted and the examples short, the
applications at a certain time. For us, this book deals with the finer nuances of a
started with C in the late 80s and became language that many beginners will find
C++ when the idea of object orientation took confusing, and may perhaps (rightly?) put
hold. It has meant that while we’ve used them off programming C++ for life.
many of the newer features to be found in For us, though, this book is an excellent
C++, such as threading in C++11, we’ve never primer for the new bits of C++ we’ve been
properly re-studied what C++ has become ignoring, and while it may not change our
and its best practices for modern usage. style or approach, we feel better for being
Effective Modern C++ is pitched exactly properly informed.
right for us, going into exhaustive detail and
providing examples for many of the newer LINUX VOICE VERDICT
aspects to be found in C++, aspects that Author Scott Meyers
we’ve avoided or glossed over for the last ten Publisher O’Reilly
years. There’s a great chapter on smart Price £33.50
ISBN 978-1491903995
pointers, for example, and another on the
If you write C++ code for a living, we’re sure
concurrency API. And we finally learnt how you’ve already got this book.
to use constexpr. In a world where Python is becoming the
You’ll get the most out of this book if default, C++ is still reassuringly complicated.
52 www.linuxvoice.com
� REVIEWS BOOKS
IQ84 (Trilogy) ALSO RELEASED…
Graham Morrison dares to enter the world of Haruki Murakami.
T
his is an oldish work of fiction,
with the final part of the trilogy
being translated to English (from
Japanese) in 2011. But as we’ve just
finished reading it, and as it has left a
lasting impression, we wanted to cover it Be the next
here in case you were looking for a break Lavabit by taking
from books about systemd or mazes. privacy seriously.
Murikami always writes about fractured This isn’t the 1984 of Then see what
versions of the world as he sees it. His George Orwell. happens.
passion for jazz is one of the few elements The Architecture of Privacy
of his worlds that remains unchanged, hold onto it like your gin and tonic on a This is a rather grandiose title for a book, but
and IQ84 is no different. It’s a surreal vision flight through a hurricane. Its enough to we approve of the subject. Privacy needs to be
of a story set in 1984, where the acts of sustain the reader and enough to warrant taken more seriously. This is a book aimed at
engineers who new to the issue, hopefully
a religious cult splits reality into two. The it’s inclusion here.
doing enough to convince a few more
overarching premise is that you can’t developers to create better solutions.
count on your senses, or even logic, to LINUX VOICE VERDICT
reveal the truth. At some point, you’ve got Author Haruki Murakami
to simply believe. Publisher Vintage
What we liked most was that there’s Price £12.99
ISBN 978-0099578079
a simple story at the heart of the trilogy.
A surreal and fractured dose of story telling
Murikami mostly follows this thread that only Murakami could write.
without putting it through his Kandinsky
reality distortion field, and that means you
Lego is now
a protoyping
environment
Mazes for Programmers for Minecraft.
Ben Everard learns the best algorithms to find the babe. Beautiful Lego: Wild.
We love the idea that you can now say, “If you
G
like Minecraft, you should try Lego.” And if
enerating and solving mazes may you’re looking for inspiration, this new book
seem like too specialised an area could be a great Christmas present for nature
for its own book. Perhaps it is. lovers, featuring lots of designs for both
This book is about more than just creating wildlife and scenery.
mazes, it’s about using algorithms to solve
problems. Those problems just happen to
be maze-based. Mazes for Programmers
is a good follow on from an introduction
to programming book. Once you’ve
mastered the basics, it’s good to have
some practise putting programming skills
into action. Mazes are actually a good
area for this because the data structures Visual algorithms help you grasp the
you’re manipulating are visual so it’s easy principles of computing. Gaff had been
to get a feel for what’s going on. there, and let
The examples in this book are in the LINUX VOICE VERDICT her live.
Ruby programming language, but it would Author Jamis Buck Jump Start Git
be fairly easy to follow the book using Publisher Pragmatic Bookshelf Git has become almost as fundamental to
Price £25.50
a different language (indeed, this might development as Linux has. Two remarkable
ISBN 978-1680500554
even be a better option to help you work achievements from the same person, and we
Some interesting problems to help should all take some time learning about how
on your coding skills), however you will intermediate-level programmers develop it works. As a short getting started guide with
need to be familiar with object-orientated their skills.
origami on the cover, this looks good.
programming.
www.linuxvoice.com 53
� GROUP TEST ALTERNATIVE OPERATING SYSTEMS
ALTERNATIVE GROUP TEST
OPERATING We all love Linux, but there’s plenty going on with other free software
SYSTEMS operating systems. Mike Saunders checks them out.
On test Alternative OSes
G
NU/Linux is our bread and that aren’t based on Linux. It’s
Haiku butter. It runs on our somewhat hard to compare these
URL www.haiku-os.org desktops, our servers, and head-to-head, as they all have
LICENCE MIT on our phones. It’s by far the most different goals and target users,
LATEST RELEASE Alpha 4 successful open source operating but one way we can judge them is
Snappy and lightweight desktop OS system out there, and we’d even how ready they are for daily usage.
originally inspired by the BeOS.
argue that it’s the most important Compared to Linux, the operating
software project in the world. systems we’re examining here have
KolibriOS But it’s just one of many OSes very small development teams, so
URL www.kolibrios.org in development. While we tend we accept that development moves
LICENCE GPL to focus on Linux distributions in more slowly and the of features are
LATEST RELEASE Daily builds this magazine (which is hardly often limited in comparison.
Written entirely in assembly language, this surprising, given the name), we On the other hand, some of these
OS is tiny and blazingly fast. do keep a canny eye on other free OSes offer features and benefits
software operating systems as that could be useful in Linux as
Plan 9 well. Some of them share a lot of
code with Linux, especially when
well. And while we’re very happy to
see Linux flourish as the dominant
URL http://plan9.bell-labs.com/plan9
it comes to drivers, while others FOSS platform for years to come,
LICENCE Lucent Public Licence
LATEST RELEASE Fourth edition have been written completely monocultures are best avoided, so
The successor to Unix, with unique from scratch, and take radically it’s good if other operating systems
features and an adorable bunny mascot. different approaches to design and develop interest and support. So
implementation than the Unix way we’ve chosen six OSes with unique
we’re all used to. backgrounds and featuresets – and
RISC OS So for this month’s Group Test, you can download them and try
URL www.riscosopen.org we thought we’d look at some of them out straight away. So, without
LICENCE Shared Source the most promising up-and-coming further ado, let’s boot up the first
LATEST RELEASE 5.22
open source operating systems and see what it can do!
Originally written for Acorn machines,
“We’ve chosen six operating systems with
now sort-of open and runs on the Pi.
AROS unique backgrounds and featuresets.”
URL http://aros.sourceforge.net
LICENCE AROS Public Licence
LATEST RELEASE 1.2 (Icaros) Where are the BSDs?
The Amiga lives! Well, sort of. AROS is
You may have noticed that we haven’t But ultimately, they’re all rather
like a modern version of AmigaOS for
included any of the BSD flavours in similar to Linux due to their Unix
PCs. this month’s Group Test. We don’t heritage. In this Group Test, we wanted
Minix have anything against them: FreeBSD
is a great alternative to GNU/Linux,
to look further afield at open source
operating systems with unique designs
URL www.minix3.org especially on servers, while OpenBSD and histories – OSes which take
LICENCE BSD excels with its security features and different approaches and have their own
LATEST RELEASE 3.3.0 NetBSD is ideal for running on your sets of strengths and weaknesses. After
Microkernel-based OS, used by Linus toaster. Then there’s DragonFly BSD, the all, nobody’s perfect and maybe we in
Torvalds in the development of Linux. FreeBSD spin-off created by ace former- the Linux world can learn something
Amiga-coder Matt Dillon. from them too.
54 www.linuxvoice.com
� ALTERNATIVE OPERATING SYSTEMS GROUP TEST
Finding the future
How to hunt down the operating systems of tomorrow.
T
he OSes on test here are fairly well http://forum.osdev.org. Specifically, check you’ll see that someone is starting a new OS
known, at least among free software out the Announcements subforum – new project, either based on an existing kernel
fans, and they’ve been in projects and developers looking for help pop or written completely from scratch using an
development for a while. But there’s a whole up very often there. in-vogue language like Go or Rust. And for
bunch of new projects cropping up that, Another good source for fledgling an example of the latter, check out Rustboot
while still in the very early stages of projects is Hacker News at https://news. (https://github.com/pczarn/rustboot).
development right now, could be worthy of ycombinator.com. This is a fast-moving If you decide to start your own OS project,
attention in the future. A good place to start news feed and stories don’t stay on the it’s worth posting on those sites to get other
OS hunting is the OSDev Forum at front page for very long, but periodically developers involved.
Haiku OS
Based on the BeOS.
A
lthough the Linux kernel has been in
development since 1991, and the
GNU project many years before
that, it was only in the late 90s that it really
started to gain serious mindshare. But it
wasn’t the only operating system battling
against Microsoft’s staggering dominance
of the time: BeOS, a multimedia-oriented OS
built from the ground up for the desktop,
was also starting to win some small-scale
popularity.
However, Microsoft made life difficult
for the newcomer. In 2002, the makers
of BeOS took Microsoft to court, claiming
that the Redmond giant had strong-armed
companies such as Compaq and Hitachi Haiku’s desktop isn’t jazzed up with eye candy, but it’s clean, simple and very fast to work with.
into not selling PCs with BeOS pre-installed.
Ultimately, Microsoft paid $23m to settle out the file manager, and everything else. The capable WebKit-based web browser, an email
of court and avoid any admission of guilt – end result is an OS that feels remarkably client and a media player. You can even fire
but by that point, BeOS’s fate was sealed. well engineered and put together, rather up a terminal and start Bash – but note that
On a happier note, the FOSS community than being a collection of bits and bobs while Haiku has some POSIX compatibility
had also started work on an open source from various scattered projects, like we and can run a few FOSS command line
clone around that time, and today Haiku sometimes get in Linux distros. programs, it’s not a flavour of Unix.
OS is at version alpha 4: usable for day-to- There’s not much native software for
day tasks, but with features missing and Seventeen on Haiku, and this poses a problem. Some
bugs to be expected. It’s available as a USB Haiku is extremely snappy, booting up in developers are tempted to port GTK or Qt to
flash key image or a CD ISO, and its system a few seconds (even in live mode from Haiku to bring loads of big-name FOSS apps
requirements are impressively slim, with the CD), and the desktop and supplied to the platform, but if you end up running all
128MB of RAM and a Pentium II 400MHz applications react very swiftly. To explore sorts of other libraries and toolkits on top of
CPU sufficing for basic tasks. the included software, click the leaf icon Haiku, you might as well just run Linux/BSD
in the top-right, and then delve into the in the first place. Haiku needs native apps
Unique benefits Applications, Demos and Preferences that integrate tightly with the OS and its
So, what makes Haiku notable? Like BeOS, subfolders that appear. Beneath the leaf is features – then it can really take off.
it’s fully focused on desktop computing, and a system tray-like area containing a clock
doesn’t strive to be a good server or mobile and some status icons, beneath which sit VERDICT
platform as well. So everything is designed buttons to switch between programs. Tantalisingly close to
being a great slimline
accordingly: the 64-bit journalling filesystem Along with the usual desktop utilities desktop OS, but lacking
with extended metadata, the object-oriented such as a text editor, calculator and sound triple-A native apps.
API and toolkit, the window management, recorder, Haiku is bundled with a fairly
www.linuxvoice.com 55
� GROUP TEST ALTERNATIVE OPERATING SYSTEMS
KolibriOS
Written in assembly language and insanely fast.
O
perating systems were once KolibriOS boots in just a few seconds,
written entirely in assembly and it’s insanely responsive. Sure, it’s
language, in order to squeeze not doing anywhere near as much work
the maximum performance out of the as a fully-fledged desktop operating
computers at the time (and often system like Ubuntu or Fedora, but
because high-level languages simply nonetheless the speed makes you rub
weren’t available). Today, you’d have to your eyes.
be stark raving bonkers to write an
entire desktop OS in assembly: sure, Just enough
you might save a few CPU cycles here The included programs – text editor,
and there, but the downsides (non- assembler, very primitive web browser,
portable code, much harder to video player and games – are limited in
maintain) mean it’s not worth it in the terms of features, but the pre-emptive It makes you wonder why modern OSes need gigabytes of
long run. multitasking kernel has support for space, when KolibriOS does all this on a floppy disk.
Still, this hasn’t stopped the KolibriOS USB, TCP/IP, multiple filesystems,
team from giving it a go. A fork of and popular (mostly older) hardware something charmingly minimal and
MenuetOS, KolibriOS is written in devices, so KolibriOS is more usable pure about it, especially when you know
100% assembly language – including than just a tech demo. There’s it’s not being crufted up with multiple
the kernel, desktop and included levels of abstraction.
applications. As such, it manages to
fit onto a 1.44MB floppy disk, and is “KolibriOS is an almighty VERDICT
an almighty demonstration of what demonstration of what Not suitable as a daily
programmers can acheive.”
desktop OS, but a
programmers can achieve when they’re phenomenal achievement.
thinking about every single bit and byte.
AROS
Because the Amiga never died in our hearts.
L
inux Voice and the Amiga range AROS has USB support and a TCP/
of computers have a very special IP stack, along with drivers for various
connection, as many of us on video cards and other devices. It runs
the team were huge Amiga fans in the at a blazing pace and for the most
early to mid 90s. We’ve all long since part looks and feels like AmigaOS, with
put our A1200s and A4000s in the similar utilities, shell and filesystem
cupboard – and we’re not even sure if layout. While you can download AROS
they work any more – but some nightlies from the main site, it’s a
die-hard fans have tried to keep its spirit much better idea to get a fine-tuned
going one way or another. distribution such as Icaros Desktop Live
AROS, which originally meant the (www.icarosdesktop.org). This lets you
Amiga Research Operating System (but try it out in live mode without installing
is now a recursive acronym, with AROS to see what it’s capable of.
replacing Amiga) is an open source
reimplementation of AmigaOS 3.1, the Back in time! AROS has a souped-up Workbench-like desktop with extra
last release before Commodore went Although AROS is an incredibly niche panels and buttons to prod.
down the pan after agonising years of project, the Icaros distro shows that
terrible decisions and lame marketing. there are still plenty of people writing stayed up all night playing the Amiga
AROS is designed to run on modern kit AmigaOS software, and it’s actually a version of Frontier.
such as x86 PCs and the Raspberry Pi, usable desktop OS if you don’t mind
but still maintain compatibility with the the limitations (such as the lack of VERDICT
Surprisingly feature-
original AmigaOS, so that (in theory) proper memory protection). For us, it’s a packed, but getting crusty
programs only need to be recompiled to grin-generating trip down memory lane around the edges.
work on it. and a reminder of the times when we
56 www.linuxvoice.com
� ALTERNATIVE OPERATING SYSTEMS GROUP TEST
RISC OS Open source
Given new life thanks to the Raspberry Pi.
clones
Efforts to revive OS/2,
VMS and others.
R
emember OS/2, IBM’s attempt to be
the dominant PC operating system
before Microsoft Windows budged
it out of the way? It’s being kept on a life
support machine in the form of eComStation
(www.ecomstation.com), but it hardly has the
most promising future. There is, however, an
open source clone in development called
osFree (www.osfree.org). Currently this is in
the very early stages of development, with
version 0.0.4.7 being the most recent release,
and it can’t do much aside from booting a
simple kernel and running rudimentary
text-mode OS/2 programs. If you were a fan of
OS/2 back in the day, and you’re looking for a
project to sink your teeth into, the osFree team
Because RISC OS was designed for low-res displays, it works well on a Pi connected to a TV. would appreciate your contributions.
VMS, meanwhile, is doing somewhat better
I
n last issue’s cover feature, we talked ARM-based computer arrived. Millions of in the form of OpenVMS (which isn’t actually
about technology that was born and them were sold, primarily to run Linux. But open source, despite its name). This operating
bred in the UK. One of the biggest some developers started work on porting system is now owned by HP and sees use
British contributions to the computing RISC OS to this gizmo, the Raspberry in the medical industry and other areas that
world is the ARM chip, which originally Pi, and suddenly its outlook was vastly require high uptime. An open source clone
powered Acorn Archimedes computers in more positive. Anyone could go out and called FreeVMS (www.freevms.net) has
the 80s and 90s and turned out to be such buy a mass-produced RISC OS-capable been doing the rounds for many years, but
a good design that it’s now used in computer for around £35 – rather than development is very slow and the chances of it
millions of (predominantly mobile) devices struggling on with old hardware or hitting 1.0 any time soon are practically nil. It’s
today. But while everyone knows about spending megabucks on machines made a shame, as VMS has an interesting heritage
ARM, not so many have spent time with for a tiny group of people. and inspired the design of Windows NT – but
RISC OS, the operating system originally as a relatively obscure platform, it’s not hugely
written for it. Take a RISC surprising that few developers want to work
RISC OS had some innovative features But why would you want to run RISC OS on a FOSS version. Who knows, perhaps HP
for its time, such as anti-aliasing, textured instead of Linux? What advantages does it will open up some of the OpenVMS code one
UI elements, and an interface driven by offer? To be honest, not a great deal: Linux day, and it can be given a new lease of life in
context menus and a three-button mouse. has more software, more documentation, the FreeVMS project…
It also provided a certain amount of and a bigger supporting community on
backward compatibility with BBC BASIC the internet. But RISC OS has some plus
programs – the ones that many of us points though, in that it’s very lightweight
used to type in from magazines, back in and swift (even compared to the LXDE
the day. Ultimately, Acorn followed up the desktop), it can run some older and
Archimedes line with the RiscPC, but the specialised Archimedes/RiscPC software,
market for RISC OS severely dwindled and it can boot straight up into BASIC, like
and Acorn was snapped up by another the old 8-bit computers. Which is very nice
company. Some hardcore RISC OS if you fancy a bit of nostalgia, or want to
fans battled on through the 2000s, and show the kids what computing was like in
occasionally a new RISC OS machine the glory days.
(such as the very expensive £1,249 Iyonix)
appeared, but the future looked bleak. VERDICT
Fast, quaint and full of
And then something bizarre happened goodness. It really needs That’s not a fridge – VMS ran primarily on VAX
– an almighty coincidence. In February modernising, though. computers in the 70s and 80s.
2012, a new, small and extremely cheap
www.linuxvoice.com 57
� GROUP TEST ALTERNATIVE OPERATING SYSTEMS
Plan 9 vs Minix
Two attempts to modernise Unix.
T
here’s a lot of talk at the running Plan 9 to share these resources
moment about the “Unix simply and efficiently. Additionally,
philosophy”, especially as Plan 9 was designed from the start
Systemd is becoming the norm in to run a windowing system, Rio, in
almost every major Linux distribution. contrast to Unix, where graphics were
For some, this philosophy is all about added on later.
small tools working together to create a Plan 9 is fascinating to explore and
greater whole – which Systemd learn about, but the last release was
arguably does. For others, it’s about back in 2002 and it’s rather fiddly to
using and piping text around the get working in Qemu or VirtualBox.
system, something Systemd eschews A more modern fork called 9Front
in favour of binary logging. In any case, (http://9front.org) sees regular code
there are lots of opinions on it, and even updates, but the website is so bizarre
more on how Linux and Unix in general and full of geek humour that you might
should develop in the future. just go mad exploring it.
In the 1980s, some of the developers
that had worked on Unix and the C Minix
programming languages at Bell Labs Minix, meanwhile, is the most Unixy
in the USA decided to make a new of the operating systems on test
operating system called Plan. It would here. It started as a simple and tidy
take the best elements of Unix and Unix clone, written from scratch and
update them to make use of new well documented, in order to teach
hardware – specifically, networked university students how an OS works.
environments where users had Linus Torvalds used Minix during his This is Glenda, the Plan 9 mascot. In some
graphical displays. (Remember that studies, but became frustrated with its respects it’s very cute; in others it deeply
Unix was developed in the days when design (and had a big online flamewar disturbs us.
teletype terminals were the norm.) with its author) which prompted him to
So in Plan 9, the Unix concept of create the Linux kernel – and the rest, as regular “user mode” processes (just
“everything is a file” was expanded as they say, is history. like normal software such as Apache
considerably. So even resources like Minix’s kernel is a microkernel, which and Firefox). This means that these
network connections can be accessed means that many hardware drivers, drivers and features are more isolated
as part of the filesystem, and a network filesystem drivers, network stacks and and can’t easily take down the whole
protocol called 9P was developed, other features don’t actually run inside OS, but there’s a context switch penalty
which allows multiple machines the kernel itself, but are separated out when the OS has to regularly jump
between kernel and user modes.
So for performance, most big-name
Unix flavours such as Linux and
FreeBSD opt for monolithic kernels
where everything runs in the same
space. Minix version 3 is pushing the
boundaries with microkernels, however,
and it’s now capable of running several
thousand applications thanks to
support for NetBSD’s pkgsrc software
build system. Minix isn’t going to pose a
big challenge to Linux or the BSDs any
time soon, but it’s still an ideal platform
for doing research into operating
system development.
VERDICT
PLAN 9 Takes Unix in MINIX Goes all out for
an intriguing new reliability with its
direction, but fiddly to kernel, and the NetBSD
get working. packages are a bonus.
For the most part, Minix works like a regular Unix flavour – its biggest differences are under the hood.
58 www.linuxvoice.com
� ALTERNATIVE OPERATING SYSTEMS GROUP TEST
OUR VERDICT
Alternative OSes
S
o, what have we learnt from and design, along with developing
looking at these operating new features.
systems? One thing is clear: Then we have RISC OS, which
they all lag behind Linux when it suffers from setbacks in its
comes to daily usability. cooperative multitasking and lack Haiku still has a long way to go, but it’s on the right track. We hope
But while these OSes may not of full memory protection, but still the team can get R1, the first proper release, out of the door some
be bursting with features, they’ve has plenty of apps and a highly time next year.
all carved out their own little niches loyal userbase. AROS is very similar
and are well worth exploring.
We’re putting Haiku in first place
in that it’s not bleeding-edge tech,
and provides some retro respite
1st Haiku
Killer feature: desktop simplicity
this month as it’s the project with for those of us who remember the
the most potential to provide a 90s, while KolibriOS shows what’s www.haiku-os.org
first-rate alternative to Linux on possible when you master the art of We look forward to reviving our old netbooks with this when it
the desktop. It needs some polish, assembly language. (finally) hits R1.
more drivers, and above all more Finally there’s Plan 9, an intriguing
native applications, but when it’s project that’s worthy of a lot more
ready it will be a finely-tuned and attention, but falls down the list
2nd Minix
well engineered platform especially here simply due to the lack of Killer feature: maximum reliability
“Haiku has the most potential to provide
www.minix3.org
We’re still not sure if microkernels are the future, but Minix is a
a first-rate alternative to Linux.”
great technology demo.
suited to low-spec machines. development activity. 3rd RISC OS
Minix is a lot more mature than Kudos to the Haiku team for Killer feature: booting to BASIC
Haiku, and its microkernel approach inching ever closer to the first
www.riscosopen.org
makes it stand out among the release, and to the developers of Old tech meets an insanely popular £35 computer and brings
usual crowd of Unix-like OSes, even the other open source OSes. Even if back memories of typing in code.
if it doesn’t have the oomph and you don’t have many users, drivers
long-term support to battle the or apps, you’re still contributing
likes of Debian and CentOS. It gets something back to the FOSS 4th AROS
second place for being an OS that’s ecosystem and giving us plenty of Killer feature: tears of nostalgic joy
ideal for studying its source code variety and innovation to explore.
http://aros.sourceforge.net
Everything we loved (and hated) about the Amiga, rewritten to
Windows and DOS work on modern PCs.
We’ve covered ReactOS (www.reactos. running legacy applications instead of
org) a few times in Linux Voice already “real” Windows?
so we didn’t want to give it a full page We in the FOSS world also have an 5th KolibriOS
here, but it’s worth giving it a quick open source MS-DOS clone in the form
mention for those who’ve never heard of FreeDOS (www.freedos.org). This is
Killer feature: crazy performance
of it. This is a free software clone of very mature at version 1.1, but that’s not
www.kolibrios.org
Windows, so it’s much more than just surprising given that cloning DOS is a
In a world of bloatware and wasted CPU cycles, KolibriOS is
Wine: it has its own bootloader and much easier job than Windows or BeOS.
refreshingly minimal and to-the-point.
kernel, and aims to be compatible with FreeDOS is useful for running old DOS
Windows drivers as well as applications. applications and games, and it’s often
Currently it’s at version 0.3.17, and used by PC vendors to install BIOS and
can run an impressive range of older firmware updates. If you’re looking for 6th Plan 9
Windows programs, although it’s not the quickest way to play some classic Killer feature: fixing up Unix
stable enough for daily use. There are DOS games, however, we recommend
some legal questions in its future too – DOSBox (www.dosbox.com). You can http://plan9.bell-labs.com/plan9
it’s not big enough to be on Microsoft’s mount any directory in your Linux Hasn’t been updated in donkeys’ years, but packed with features
radar yet, but who knows if it gets closer installation as the C: drive, switch to it in that Linux could consider borrowing.
to 1.0 and companies consider it for DOSBox, and launch your games.
www.linuxvoice.com 59
� SUBSCRIBE
SUBSCRIBE shop.linuxvoice.com
Introducing Linux Voice,
the magazine that:
Gives 50% of its profits
back to Free Software
Licenses its content
CC-BY-SA within 9 months
12-month subs prices
UK – £55
Europe – £85
US/Canada – £95
ROW – £99
7-month subs prices DIGITAL
UK – £38 SUBSCRIPTION
Europe – £53
US/Canada – £57
ONLY £38
ROW – £60
Get many pages Access our Save money on
of tutorials, rapidly growing the shop price
features, interviews back-issues archive and get each issue
and reviews – all DRM-free and delivered to
every month ready to download your door
Payment is in Pounds Sterling. 12-month subscribers will receive 12 issues of Linux Voice a year. 7-month
subscribers will receive 7 issue of Linux Voice. If you are dissatisfied in any way you can write to us to cancel your
subscription at subscriptions@linuxvoice.com and we will refund you for all unmailed issues.
60 www.linuxvoice.com
� NEXT MONTH
NEXT MONTH IN
ON SALE EVEN MORE AWESOME!
THURSDAY
Allison Randal
22 OCTOBER Prepare your mind
for a tale of
linguistics, the flow
of language, threats
to software freedom
and her new job as
the president of the
OSI.
Software for kids
Freedom means
control, and control
means you can give
a laptop to your kids
without fear that
they’ll stumble upon
the horrors of the
Daily Mail website.
Bug hunting
TOTAL FREEDOM Find bugs, report
them properly, get
them fixed. It’s the
Purge your PC of proprietary software! circle of life, and it’s
how free software
Get complete privacy and security! gets better. Here’s
Be free as Richard Stallman intended! how you join in and
help heal the world.
LINUX VOICE IS BROUGHT TO YOU BY
Editor Graham Morrison Editorial consultant Nick Veitch through the use of advice in this magazine. Copyright Linux is a trademark of Linus
graham@linuxvoice.com nick@linuxvoice.com Experiment with Linux at your own risk! Torvalds, and is used with permission.
Deputy editor Andrew Gregory Distributed by Marketforce (UK) Ltd, 2nd Anything in this magazine may not be
andrew@linuxvoice.com All code printed in this magazine is licensed Floor, 5 Churchill Place, Canary Wharf, reproduced without permission of the editor,
Technical editor Ben Everard under the GNU GPLv3 London, E14 5HU until June 2016 when all content (including
ben@linuxvoice.com Tel: +44 (0) 20 3148 3300 our images) is re-licensed CC-BY-SA.
Editor at large Mike Saunders Printed in the UK by ©Linux Voice Ltd 2015
mike@linuxvoice.com Acorn Web Offset Ltd Circulation Marketing by Intermedia Brand ISSN 2054-3778
Creative director Stacey Black Marketing Ltd, registered office North Quay
stacey@linuxvoice.com Disclaimer We accept no liability for any House, Sutton Harbour, Plymouth PL4 0RA Subscribe: shop.linuxvoice.com
loss of data or damage to your hardware Tel: 01737 852166 subscriptions@linuxvoice.com
www.linuxvoice.com
� FOSSPICKS
FOSSpicks Sparkling gems and new
releases from the world of
Free and Open Source Software
Our editor Graham Morrison is a fearless explorer of the internet – look,
he’s found some excellent Free Software on his travels!
Algebra system
Maxima 5.37
W
e like maths. The calculate exact integers, fractions
apparent order in and work with high-precision
numbers and the floating point numbers. 2D and 3D
patterns they exhibit seem to hint at plotting are also supported if you’ve
a deeper resonance connected to got GNUplot installed. For us,
the nature of our perceived Maxima works best when combined
universe. And as computers with a graphical front-end. Of
themselves owe their existence to course, to get anything out of
mathematics, they’re the perfect Maxima you need some
laboratory and testing platform. mathematical insight. But it works
The proprietary and costly great as a simple calculator too, so
(unless you’ve got a Raspberry Pi) you can start with simple functions
Mathematica is the best-known and work your way towards
toolkit for mathematicians, but cracking the secrets of the universe.
there are plenty of open source
alternatives too. Maxima is one of PROJECT WEBSITE Forget the HP 48G, render your superior intellect directly into an
http://maxima.sourceforge.net
those. It can solve equations, anti-aliased PDF.
Curve calculator
Kartesio 1.0
S
kipping happily onward from points plotted, Kartesio can perform
the fabric of time to the lots of tricks for drawing those lines,
construction of perfect but the complex magic comes from
curves, Kartesio is an application neural network analysis, thanks to
designed to take a set of points and the ZorbaNeuralNetwork library. We
draw the best fitting curve that cuts had a lot of fun looking at curves
a swathe through those points. generated by data downloaded
These are the curves you see on from gov.uk (there were 81,232
election nights, or when the latest property sales in June, ranging in
set of house sales figures are value from £6,000 to £40,300,000)
released. They enable you to see and trying to make some sense of
Kartesio’s author, Luca
how the data is evolving, especially the world. Tringali, used the curves from the author-provided deb and
when matches against existing With just a couple of for his chemistry study RPM binaries. Hopefully, it won’t be
curves whose properties are better dependencies, Kartesio is easy after finding office too long until this excellent piece of
understood. enough to install from source, or suites lacking. software makes it into your local
To perform this magic, it needs distribution’s repository.
Maxima (see above) to solve the
analysis equations, and a dataset, “Kartesio is designed to take a set PROJECT WEBSITE
which you can type in manually or
import via a CSV file. With the
of points and draw the best curve.” https://github.com/zorbaproject/
kartesio
62 www.linuxvoice.com
� FOSSPICKS
Synthesizer
Helm 0.4.1
H
elm is one of the finest as aggressive as some synths, it’s started afresh with the start of each
examples of a software full of character. The unusual new note.
synthesizer we’ve seen. It’s addition of shelf filters sounded Defining how the LFOs modulate
beautifully designed and it’s great too, and are another way that parameters reveals Helm’s most
powerful, whether standalone or as Helm differentiates itself from more powerful feature - its ability to
a LADSPA plugin. traditional designs. The effect of the modulate almost any parameter
The raw sound starts with two filter can be controlled both with any other parameter. This is
oscillators, each with 12 different negatively and positively by a semi-modular synth territory, where
waveforms. These waveforms can second envelope before the final you use a patch cable to take the
be overdriven and cross modulated classic element that goes into signal from one part of the
so that the output from one making the sounds; low-frequency synthesizer and patch that into
oscillator can be used to modulate oscillators (LFOs). These can be another part. In Helm, this is done
the shape of the other, often used to change (modulate) by clicking on the spanner icon next
creating additional harmonics or parameter values such as the to each section. This turns every
random textures. You can even fold frequency of the filter or the attack patchable parameter green and
back the output from the oscillators time of an envelope. There are two you simply click and drag the
back into the oscillators – a trick as monophonic LFOs and one destination to both select it and to
old as the Minimoog. polyphonic LFO, each with the define how much you want that
Yet this updated version allows same selection from before along parameter to be changed. Add to
you to adjust the pitch and the with two additional sample-and- this delay and reverb effects, an
saturation of the return signal, hold waveforms. The difference arpeggiator with random mode, a
resulting is much more dramatic between monophonic and step-sequencer and a formant filter,
changes in timbre. There’s also a polyphonic is that when you’re and you’ve got what we think is the
sub oscillator for adding bass playing more than one note at a best sounding Free Software synth
Helm really is incredibly
frequencies from waveforms that time, the monophonic LFOs will be powerful, flexible for Linux. It’s utterly refreshing.
can be ‘shuffled’, which seems to synchronised against every note, software, as you can
mean the waveform’s cycle is cut performing the same action at the PROJECT WEBSITE
see from a glance it its http://tytel.org/helm
into chunks and randomised. The same time. The polyphonic LFO is knob-tastic interface.
effect is a thick muddying of the 1 Presets Save and categorise your creations. 2 Display See parameter names. 3 Oscilloscope View the shape of your
sound in the lower octaves, which is
sounds. 4 Oscillators 2 x 12 waveforms. 5 Sub-oscillator Add some serious bass. 6 Envelopes Control amplitude and
perfect for that classic cover of filter over time. 7 LFOs Modulate parameters. 8 Filter 7 different types. 9 Step sequencer More modulation. 10
Tangerine Dream’s Rubycon. Arpeggiator Auto-generate note data. 11 Effects Delay, reverb and filter effects. 12 Keyboard control QWERTY or MIDI.
Helm’s deep
The sound travels out of the 1
oscillator section and into the 2 3 10
amplitude envelope. This is of the
classic ‘ADSR’ type – attack, decay, 4
sustain and release, and shapes the
volume of the sound over time. It’s
capable of both ultra-fast 11
percussive attacks and slow
evolving string and ‘pad’ sounds, 5 8
and uncommonly, it uses
logarithmic curves in the transition
between each level to create a very
smooth sound. From the envelope 6
the audio enters perhaps the most
important part of any synthesizer,
the filter. Helm offers seven 12
different types, from the classic
7 9
low-pass to a band shelf. It does
vintage sounds incredibly well, and
while the low pass isn’t as steep or
www.linuxvoice.com 63
� FOSSPICKS
Music player
Qmmp 0.8.8
B
ack in the late 1990s, when the spirit of XMMS is still alive,
relatively ordinary humans especially in a modern
started to use the Linux interpretation called Qmmp.
desktop, the music player of choice As you’d expect from something
for most was XMMS. It looked like beginning with ‘Q’, this is a Qt-based
the product of the demo-scene – a recreation of XMMS that does far
pixel-painted Winamp clone, and it more than you’d expect of any
Party like it’s 1999, with
didn’t take too many pixels from our reanimated music player. On modern screens, it takes a tiny
an updated Qt re-spin of
1024x768 displays either. Depending on which supported XMMS. amount of screen real-estate, which
While packing essential features libraries you have installed, Qmmp is a good thing, although a better
like a parametric equalizer, playlist supports any audio sub-system you scaling algorithm would help for
and plugin system, XMMS remained can throw at it, including PulseAudio HiDPI. The plugin system is great,
kind on your system’s resources. and Jack, and plays back nearly all and includes audio visualisation
This was fundamental to its the popular audio formats. It’s great and processing. There’s even the
success because, at the time, to see support for Ogg Opus, Flac option to add LADSPA effects to the
single-core CPUs needed every and Musepack, for example, and in audio output. It’s perfect for a
cycle just to decode an MP3 during hat tip to its XMMS heritage, there’s low-powered system, or low
playback. XMMS is still available in support for lots of old-school game resolution screen, and left us
most package repositories, but it music and demo formats too. wondering why we use a much
hasn’t been updated for many larger, more complex tools to
years, and the emergence of huge achieve identical results.
libraries and desktop integration “The spirit of XMMS is still alive in
has led many of us to more
application-style music players. But
this modern interpretation .” PROJECT WEBSITE
http://qmmp.ylsoftware.com
File sync
OwnCloud Client 2.0
W
e couldn’t make this GitHub source. By the time you read
magazine without this the stable version should be
OwnCloud. We use it to easily downloadable without
store and share the documents compiling anything.
we’re all working on, in all their
various states of progress. Winning new feature
Most of us use the web interface, You can now use more than one
which enables us to install web OwnCloud account with the client.
applications and do things like That means, for example, we can
collaborative document editing. But sync with both the Linux Voice
the native client is also essential, server and our own personal
syncing working folders from our servers, all without any complex
Version 2 of the client
computers to our servers (kindly reconfiguration or user juggling. understand and use. Additionally,
adds the much
provided by Bytemark – thanks When adding a new account, you anticipated support for another great new feature is that
Bytemark!). Over the last few get to choose a new folder for local syncing with more than the client will confirm the size of a
months, we’ve noticed the standard synchronisation as well as add the one OwnCloud account. folder before you decide to sync it,
client becoming more stable, and new server credentials. which is also very useful, making
specifically, taking less of our After that, the client will happily 2.0 the best release yet for a project
system resources when it’s been watch for changes and upload or that gets better ever month.
running for a long time. So this download to the correct account
release of version 2.0 is a accordingly. It all worked perfectly
significant milestone. We tested the for us, and the tabbed pages for PROJECT WEBSITE
https://owncloud.org
first release candidate, built from its different accounts were easy to
64 www.linuxvoice.com
� FOSSPICKS
Guitar effects
Guitarix 0.33.0
E
lectric guitars. They’re (such as fuzz, reverb, distortion et
awesome. But the effects al), which you drag and drop from
and techniques that turn the the categorised list on the left of the
twang of the naked strings into the main window. Each effect has its
sound of planets colliding can be own design, a set of effect-specific
costly and complicated. They controls and a preset library. All of
typically involve acres of foot- these effects also appear
pedals connected to a stack of separately to LADSPA hosts such
amplifiers and speakers that as Qtractor, and you can even add
stretch from the floor to the moon. external LADSPA effects to your
This is where Guitarix comes in. It own Guitarix rack.
recreates this stack in software, When you’ve created your own
Commercial guitar
turning any humble Free Software stack by dragging and dropping the audio hardware, as you’ll need a
effects software can
advocate into Jimmy Page. Guitarix various modules, changing their cost a small fortune. decent configuration to limit the
is an audio plugin that can be order and adjusting their Guitarix is free and time it takes for sound to enter your
inserted into any application that parameters, you can save the entire spectacular. computer and then leave after
supports LADSPA, such as Qtractor ensemble as a global preset. The being processed (aka audio
or Ardour, or it can be run against quality of the output is exceptional latency), but as you’ve just saved
Jack so that you can connect the – the only limit is likely to be your hundreds of pounds in audio
inputs and outputs with anything effects, you can now afford a
else in your Jack configuration. decent USB audio interface.
The sound travels first through “Guitarix recreates the stack of
the amp simulator and then
through any number of effects
amps and effects in software.” PROJECT WEBSITE
http://guitarix.org
Command-line Google
google-cli (git)
T
his is a small but useful want quick access to the wisdom
command-line tool that of the hive mind by switching to
does what you’d expect command mode.
from its name: it lets you search Clicking on a link will still load the
Google from your terminal. result in your default browser. It
Recently resurrected by Arun also means you can Google from a
Prakash Jana after the old project remote server, free of your local
had been left languishing for seven cookies and search history. If that
years, google-cli still has an server is in a different country, even
important role to play. better, as you’ll get the same results
Searching from the command you would were you running
Pretend the web never
line is a surprisingly decent upgrade through a VPN, and the results can stories containing the word
happened by turning
to your workflow, whether you’re a be easily opened or even Google into a gopher- ‘interview’ from the last 2 months,
terminal-only person or someone incorporated into your own macros alike command-driven returning 5 results. Adding -j will
who only types occasionally. When or scripts. search engine. open the first result in your browser
you’ve no desktop available, such for that ‘I Feel Lucky’ effect that’s
as when your graphical interface is Keys not clicks also great for scripts. You can even
refusing to boot, a quick search is The latest version supports HTTPS search for specific file types with -f
better than launching a terminal for encryption and a good variety of and page through results with the N
web browser, especially when the different search types. Typing and P keys.
results are displayed so neatly. The google -n 5 -t m2 interview
same is also true if you’re using site:linuxvoice.com, for example, PROJECT WEBSITE
https://github.com/jarun/google-cli
screen or tmux, or even Emacs, and will search linuxvoice.com for
www.linuxvoice.com 65
� FOSSPICKS
Audio production
Qtractor 0.7.0
W
hen it comes to and flexible while remaining
recording and editing powerful enough to perform nearly
audio multiple tracks of all tasks you need to take a musical
audio files, Linux has some idea and create a recording. It’s also
fantastic software, and much of it is great for MIDI editing and for a
open source. Ardour is the best foundation for running software
known, but its considerable learning synthesizers.
curve does little to make audio
production easy or spontaneous. Join up with Jack
With support for lots of
It’s perhaps most suitable for audio The only hitch is that Qtractor uses multitrack recoders. You simply add
effect and instrument
engineers rather than musicians, as Jack, the audio connection layer formats and even new tracks, decide whether those
it gives you control over configuring that requires direct access to the audio-clip time tracks should contain audio or MIDI
a recording, capturing sound, and ALSA drivers for your audio stretching, Qtractor is data, and then start importing or
mixing and mastering the audio hardware. Jack needs to be running one of the best music recording. There’s also a great
into its final output. before you can run Qtractor. This production applications loop-recording mode, activated via
The typical musician-friendly means you need to pause or for Linux. the General options page, which
approach is to limit your editing and disable the PulseAudio system, used enables you to record one take after
production to an arrangement view, by most distributions for desktop another without having to touch
where the audio and MIDI tracks audio, and use a Jack front-end your computer.
are laid out vertically and blocks of such as QJackCtl (version 4 is just When tracks are recorded, you
audio and note data horizontally. out – to start and maintain the can then edit them without
Most audio production jackd process. PulseAudio can be affecting the original data. Blocks
environments do this, and Ardour paused by changing the jackd can be trimmed, copied, pasted and
also works in this way. But Ardour’s command to pasuspender -- jackd, dragged into other tracks. You can
flexibility makes the task much but it’s still a hurdle too far for many lock their movement to the time
harder. Alternatives such as Muse people who just want something signature and edit the MIDI notes
and Rosegarden use a more simple for creating music – Ardour and velocities with the MIDI editor.
The bus and plugin
traditional audio application layout, did away with the Jack requirement Qtractor has a long history, and
system is incredibly
much more like the applications in version 4.0. flexible, and almost each new release is packed with
you’ll find running on Windows or With Jack running and the every kind of virtual features, including time-stretching
OS X, but it’s Qtractor that’s our application launched, Qtractor effect and instrument is pitch shifting, support for LADSPA,
current favourite. Qtractor is fast operates just like many other audio supported natively. DSSI, VSTi and LV2 plugins and
excellent automation control, so
that synth and effect parameters
can be adjusted over time. New for
this release is MIDI controller
mapping for all the main menu
commands, so you can use your
remote keyboard or controller to
manage a recording session, much
as you would in a studio.
And when your track is finished,
there’s almost as much control as
Ardour for custom busses and
routing before output to almost any
open audio format. If you like
tinkering with music and need
something that’s straighforward
and powerful, we Qtractor is highly
recommended.
PROJECT WEBSITE
http://qtractor.sourceforge.net/
qtractor-index.html
66 www.linuxvoice.com
� FOSSPICKS
FOSSPICKS Brain Relaxers
https://launchpad.net/pybik/
Starship simulator
Space Nerds in Space
W
e have to thank their own computer and views
Ioangogo on our IRC another shared screen or desktop
channel (#linuxvoice that acts as the management
Freenode) for this discovery. They interface view of the ship.
let us know about this brilliant It is possible to run all the
game when we asked for ‘Finds’ stations and the server on a single
for series 3, episode 13 of our machine, but the game only really
podcast. Space Nerds in Space is makes sense with a group of
a remarkable labour of love for its people. One can even act like a
developer, Stephen Cameron, and Dungeon Master, injecting new Argh. I’m givin’ her all update even adds the ability to
it’s a game quite unlike any other. threats and objects into the gaming she’s got, Captain! mine asteroids using the ship’s
It’s a multiplayer starship environment. The vector-style used little autonomous robots. If
simulator where you and a few by each station gives a lovely retro you’ve got a few friends who have
friends can live out your Star Trek feeling to the game, from the perhaps enjoyed Kerbal Space
fantasies. It does this by globules of data in the science Program and want to try
simulating the computers for module to the vector text of the something equally geeky but
each station on the bridge of a communications station. The cooperative, Space Nerds in Space
single ship, such as navigation, outside views look fabulous too, is definitely worth the compilation
weapons or engineering, and with 3D semi-realistic rendering of time.
linking those stations to a central the galaxy, local planets and the
server for managing the outside various effects, such as the warp PROJECT WEBSITE
universe. The idea is that each drive or the twinkle of the https://smcameron.github.io/
space-nerds-in-space/
friend runs a different station on background stars. The latest
Playstation 2 emulator
PCSX2 1.3.1 (git)
S
ony’s Playstation 2 became and allowing you to ramp up the
the biggest selling games quality of the graphics output.
console of all time, As with most emulators,
pushing more than 155 million copyright governs what you can
units. The 3D graphics looked and cannot do. Helpfully, if you’ve
fabulous at the time, often still got a PS2 stuck in the attic,
enhanced by digital surround PCSX2 provides a tool for ripping
sound and the RGB video output. the BIOS out of your own console,
The passage of time means rather than having to resort to
we can now emulate what was legally dubious sources. You’ll need
Modern shaders and
once cutting-edge with an access to the original games too, It’s worth using a USB adaptor
resolutions can
everyday GPU. Even better, in an and while PCSX2 can read an transform old PS2 to connect a controller, and
era when old classics are being optical drive directly (PS2 games games – even without a defining its buttons in the pad
remade and sold as reincarnated came on normal CDs and DVDs), costly HD remake! module. After that, browse to your
‘HD’ versions, modern GPUs are you get far better results by disc image and select the fast
often capable of upgrading old creating an ISO of the game with reboot. The game will load much
resolutions and textures, making something like Brasero first. quicker than it did on the old
those classic games look far console, and look much better.
better than they did on the Welcome to PS2 heaven!
original console. That’s exactly “We can emulate what was once
what PCSX2 does – emulating
old Playstation 2 components
cutting-edge with an everyday GPU.” PROJECT WEBSITE
http://pcsx2.net
www.linuxvoice.com 67
�� TUTORIALS INTRO
TUTORIALS
Dip your toe into a pool full of Linux knowledge with seven
tutorials lovingly crafted to expand your Linux consciousness
In this issue…
70 72
Ben Everard
Is on a misson to find a new mascot to replace
that blasted penguin.
A Syncthing Barcode Battles
s we prepared this issue, tech
giant Google revealed to the
world a new logo. This new logo Graham Morrison protects his privacy and Les Pounder brings together a Raspberry
featured sans-serif type that, to my his data, and you should too. Share files Pi a camera and some Python code to
eyes, looked like something from Toys between computers without handing them create a 90s-influenced game for fighting
’r’ Us. My dislike of the new logo isn’t to third parties using Syncthing. using supermarket produce.
something that I want to focus on here
though. Companies change their logo
76 80 84
from time to time. This occasional
refreshing of the image helps a brand
feel modern and relevant
Open Source projects, however, very
rarely change their logo. Whatever
image first became associated with a
project usually stays regardless of
whether it’s any good. Tux, for example,
Blender Jenga YubiKey Godot Games
has stirred a debate on our letters page Follow Graham Morrison as On a quest for ever greater Learn to program the fun
with may people thinking that an he delves into the world of security? Mark Crutch way by making games
overweight penguin is no longer the ridged body physics using shows you how to add two- you can play. Ben Everard
best image for Linux. Blender 3D models. Games factor authentication using wastes time productively
I’m firmly in the anti-Tux camp. He’s and movies await! additional hardware. with Godot.
cute and loveable but comes from a
time when Linux was a small project.
He doesn’t represent what makes Linux PROGRAMMING
great today. We need an icon to
emphasise community cooperation, HTTP by hand Smalltalk
technical superiority and ethical purity. 88 The web is the most popular communication 90 Journey back in time to see the language that
medium that’s ever been created. We do created modern programming. Smalltalk was
Something that manufacturers are
business on it, watch TV on it, chat with friends on it, the first general-purpose object-orientated language,
proud to put on their machines and even get magazines from it. Surely, then, it must be and the first to feature an Integrated Development
software vendors want to showcase on underpinned by a complex protocol to handle all Environment (IDE). These two things are now so
their websites. these different use cases? Nope. HTTP, the protocol heavily ingrained in programming that it’s hard to
It’s time to re-brand Linux, but let’s behind it all, is simple and text-based. Discover just imagine a time before they existed. Not only is
how simple it is by writing raw HTTP by hand on Smalltalk historically important, it’s still being used
not make it look like a child’s plaything
the fly, and do so by talking directly with web servers today. One of its modern incarnations, Squeak, still
in the process. and browsers. attracts developers and keeps moving forward.
ben@linuxvoice.com
www.linuxvoice.com 69
� TUTORIAL SYNCTHING
ACCESS YOUR FILES FROM
TUTORIAL
ANYWHERE WITH SYNCTHING
Replace proprietary Dropbox or BitTorrent Sync with an open
GRAHAM MORRISON
source upgrade that puts your security and privacy first.
D
ropbox is a fantastic service. It allows you to and privacy of your data, we think that hosting your
WHY DO THIS?
easily access your files from anywhere, keep own open source solution is a much better option.
• Replace proprietary
them up-to-date, and share selected files and And there are lots of options to choose between. One
software like Dropbox
folders with other people. With clients for almost every is OwnCloud, for instance, the comprehensive server
• Take control of your own
privacy and security computing platform, ubiquity and convenience have suite that enables online document editing, cloud
• Brilliant for syncing conspired to make Dropbox a huge success. But it’s applications and file syncing. However, OwnCloud can
encrypted passwords also proprietary. be overkill if all you need is the file synchronisation
• Remove data storage Regardless of the assurances of Dropbox, Inc., you’ll part. Which is where Syncthing makes sense. It’s a
limits and charges
never know how secure your data is, or whether your small, brilliant, cross-platform, open source file
files have been compromised. Dropbox has no synchronisation tool that’s easy to install and easy
obligation to tell you. If you care about the security to use.
Step by step: Set up Syncthing
1
Core installation 2
First run
You can run Syncthing on almost any computer, To run the core back-end, you just need to run the
including Windows, OS X, Solaris, BSD and Android syncthing executable. For most Linux users, this is
(and of course, Linux), and you can share files and best done from the command line by simply typing
folders as and when you need them. But as there’s syncthing. The reason for this is that you’ll get to see
neither a central server providing access to your data, the output as the core initiates itself, first by
nor a management server for pointing clients in the generating its own RSA key and certificate, then by
direction of where your data is stored, Syncthing works generating a unique identification code before
best when you can install one instance on a machine launching the web interface. Finally, the process
that’s going to be available all of the time. This could attempts to discover your network configuration so
be a PC you leave powered on and connected, or a that it can use UPNP to dynamically set firewall
cheap hosted low-end box online you can use to permissions to allow access to your new instance
access and store content. from outside your local network.
Installation of the core back-end should be easy, as You can see which ports are assigned to the
there are packages for most distributions. There’s an syncthing process in the port mapping information
official Debian repository, but you might also want to update. If you need to configure a firewall manually,
install the GTK 3 GUI and separate notifier, if these are Syncthing uses port 22000 on TCP, and 21025 UDP.
available. If you’re used to the Dropbox client, these The web portal uses porst 8384, but if this is needed
can make Syncthing feel similar from your desktop. outside your LAN, we’d recommend tunnelling it via
SSH or a VPN.
70 www.linuxvoice.com
� SYNCTHING TUTORIAL
3
Open the web interface 4
Sharing a folders
If a web browser doesn’t open the correct page, you To share a folder, click on ‘Add Folder’. You’ll then need
can manually access the admin interface by entering to enter a few details into the pop-up window that
http://localhost:8384 as the URL in any browser appears. The first asks for a unique name for this
running on the same machine you’ve run the core on. share. This could be as simple as the folder name, but
The web interface shows what system resources your if you’re planning to have two separate folders called
Synthing process is using, including CPU and RAM ‘photos’, you’ll need to differentiate between them
utilisation, as well as upload and download bandwidth. here. The second field asks for the path, and will
With a fresh installation, you won’t be sharing files or auto-complete as you navigate the filesystem. You
folders, so you need to add a the folder you wish to be can enter ~ to quickly move to your home folder. The
synchronised. Just as OwnCloud or Dropbox does only other option you might want to enable is File
automatically, it’s often better to create a folder Versioning. We’d recommend enabling the Trash Can
specifically for sharing. Synthing will automatically option, as this will temporarily store deleted files from
create a new folder called Sync and add this to the any synced device in the .stversions folder
local configuration so you can use it immediately.
5
Access from another device 6
Sync files across devices
You can now install Syncthing onto your second Before you can finally share files across devices, you
machine. When the browser opens this time, the need to edit the share you want to synchronise. To
global discovery process should detect a second add the second machine to the share we created
Syncthing on the network, but you’ll still have to add previously, or the default ‘Sync’ folder, click on Edit on
the device manually. On the second machine, click on the first machine’s share. You should find the new
Add Device. On the first machine, click on Actions > machine is now listed beneath ‘Share With Devices’,
Show ID. Don’t worry, despite this being a large and you just need to enable this. Syncthing will then
unwieldy code, you don’t have to manually copy this ask to be restarted to launch the new configuration,
over: on the second machine, cursor down and the and when it comes back online, the status view
code appears. Just make sure they’re the same. should update to reflect the new files that have been
Clicking on Add Device will prompt the first machine added and synced to the second machine. It will also
to ask whether this is something you really want to do state whether a device is up to date with the latest
– select Add to make it so. You’ll now see the new changes, which is a great way of checking whether
machine and the old machine listed as new devices, your mobile has got the updates keyfiles you’ve just
although they’ll also say Unused for now. added, for instance.
www.linuxvoice.com 71
� TUTORIAL EDUCATION
RASPBERRY PI:
TUTORIAL
BATTLING WITH BARCODES
Can a tin of beans grant you unlimited power? Les Pounder raids
LES POUNDER
the store cupboard for powerful artefacts.
T
he humble barcode is all around us. Initially processes the data. To install ZBar, open a terminal
WHY DO THIS?
developed as a means to enable a quick and type the following.
• Use different forms of experience at the checkout, the barcode has sudo apt-get update
input
become a data cataloging system for many different sudo apt-get install python-zbar
• Learn Python and
Pygame types of products and services. In 1991 a Japanese After a few moments ZBar will be installed and ready
• Create an algorithm company, Epoch, released a handheld console that for use.
used barcodes as a means of generating player The latest Raspbian image comes with the Pygame
statistics. The barcodes were used in an algorithm to set of Python modules pre-installed, but if you're using
TOOLS REQUIRED simulate a fight between the player and randomly an older version you'll need to install Pygame via this
generated enemies. command in the terminal.
• A Raspberry Pi 2
In this project we shall create our own version of sudo apt-get install python-pygame
• An internet connection
this retro oddity and along the way learn how to input To code this project we'll be using Python 2. To
• A webcam or official Pi
camera barcode data and manipulate it for use in the game. launch Python 2, go to the Programming menu in the
• Lots of barcodes We're using the latest version of the Raspbian top-left of the screen, and select Python 2.
• A print of our warrior distribution on our Raspberry Pi 2. To install it on your
card Raspberry Pi, head over to https://www.raspberrypi. Our game
org/downloads. To scan barcodes we shall use a Our game uses QR codes to generate a player with a
webcam rather than the official Pi camera. In our tests random number of health points. Weapons and
we found that using a webcam yielded better results equipment are selected by scanning any barcoded
due to it having an auto focus unlike the Raspberry products. So let’s get into the code.
Pi camera, which has a fixed focus. To test that our from sys import argv
webcam works with Raspbian we need to install import zbar, random, pygame, time
fswebcam, a small webcan application for Linux. To We start by importing a number of external
do so, open a terminal and type the following: modules. First we import the argv function from sys,
sudo apt-get install fswebcam this is a list of command line arguments passed to
Once this is installed, type the following in the same our script. We use this to work with the Linux terminal
terminal to test your webcam: via Python. The second line imports the zbar, random,
sudo fswebcam /dev/video0 test.jpg pygame and time modules, which all form major
Your webcam will come to life and take one picture, parts of our project.
Our warriors are our very
which you can view using the file manager. pygame.init()
own Linux Voice team
members. Each has a With our webcam connected and working, our pygame.mixer.init()
QR code, which is used focus shifts to setting up the software that will handle In order to use Pygame we must first initialise it, and
to choose them as the scanning barcodes. For this, we're going to use ZBar, because we're using two parts of Pygame, we also
player's avatar. which uses a webcam to scan barcodes and then have to initialise the audio mixer Pygame element.
We now create a series of variables, but these are a
little different. In order to use our variables both inside
and out of the functions that we shall create later, we
must set them to be a global variable, otherwise we
cannot reference them from inside our functions. Here
we create variables for our player and enemy names,
health points for both, weapons and equipment for
the player and finally the code generated by scanning
a barcode.
global player, HP, enemyHP, enemy_name, weapon, equip, code
In the next section of code we create a number of
functions to compartmentalise the code that handles
each of the actions in our project.
def picture(img,w,h):
pic = pygame.image.load(img)
72 www.linuxvoice.com
� EDUCATION TUTORIAL
Webcams
In this tutorial we used a Microsoft LifeCam webcam rather
than the official Raspberry Pi camera. The reason for this
was autofocus. The official Pi camera has a fixed focal
length, so would require the barcode to be scanned from a
fixed distance. Using a webcam with an autofocus enabled
the camera to adjust and capture the barcode successfully.
There's a great resource for webcams at http://elinux.org/
RPi_USB_Webcams. It is best practice to check that your
webcam is supported before you buy.
The official Raspberry Pi camera can be used with ZBar,
but it will require a software modification that involves
loading a new module into the kernel.
To enable an adjustable focus on the Raspberry Pi
Camera you can hack the camera hardware, but this is
delicate work. The guide for this hack can be found in the
bird box project resources on the Raspberry Pi website
https://www.raspberrypi.org/learning/infrared-bird-box. Testing our webcam using
device has been found correctly. Next we initialise
fswebcam enables us to
the camera and then launch a preview window. We make sure that we do not
instruct ZBar to scan one code before closing the have a hardware fault. In
background = (0, 0, 0) preview window. A for loop finally handles the code this pic we can see a slight
screen = pygame.display.set_mode((w,h)) that has been discovered by ZBar. issue but nothing to worry
screen.fill((background)) def scanner(): about.
screen.blit(pic,(0,0)) global code
pygame.display.flip() proc = zbar.Processor()
time.sleep(3) proc.parse_config('enable')
pygame.display.quit() device = '/dev/video1'
Our first function handles displaying an image; if len(argv) > 1:
you can see that the function is called picture and device = argv[1]
has three arguments that we can pass, these are the proc.init(device)
filename, the width and the height.) proc.visible = True
We then use the pic variable to store the output proc.process_one()
of loading the image into Pygame, then we use the proc.visible = False
background variable to store the RGB colour code for symbol in proc.results:
0,0,0 which refers to black. We then set the Pygame code = symbol.data
screen to match the resolution of the image, passed The next function handles creating a player based
via the arguments w and h. To display the image on upon scanning a QR code via the scanner function.
screen we must “blit” the image into memory, and We simply compare the information stored in the code
then flip the image to ultimately show the image. This variable against the values hard coded. If the code
is then shown for three seconds before the image is scanned matches the string “Andrew” we print the
removed and the function ends. response to the Python shell for debugging purposes.
The HP variable is updated with a random integer
Scanner sounds between 10 and 100, this range can be changed to Scanning a barcode
Using Pygame we can also play audio files. We create make the game easier or harder. The player variable presents a preview window
the audio function with an argument, which will be the is updated to contain the name of the player. We then which helps to aim your
filename of the audio file. We ensure that the Pygame print the player name and their health points, note that camera to the barcode.
audio mixer is active, then load the audio file ready
for playback. Finally we play the audio file with the
(1) value identifying the number of times to play the
audio.
def audio(music):
pygame.mixer.init()
pygame.mixer.music.load(music)
pygame.mixer.music.play(1)
To use ZBar in our project we create a function
called scanner. We use the global variable code in
this function. We start ZBar by calling its processor
function, then we enable the webcam with ZBar. We
next create a variable called device, which stores the
location of our camera, which in this case is /dev/
video0. We now use an if condition to check that the
www.linuxvoice.com 73
� TUTORIAL EDUCATION
global weapon
scanner()
print(code)
value = int(code) / 13000000000 / random.
randint(1,10)
if value > 0 and value < 39:
print("You have a basic wooden sword")
weapon = ("wooden_sword")
audio("wood_sword.mp3")
picture("bokken.png",800,354)
...
The next function, equip, is used to give the player
The webcam captures a special item based upon a barcode scanned. This
the barcode with great to print an integer inside a string we must convert the is handled via an identical means to the weapon
accuracy but the framerate integer to a string using the str() function. function. You can see the function in the full code
is rather slow, at around def player(): listing, details of which are at the end of this tutorial.
5–10 frames per second. global code,player,HP def player_attack():
if code == "Andrew": global enemy_name
print("Andrew is your warrior") global enemyHP
HP = random.randint(10,100) chance = ["attack","miss"]
player = "Andrew" chance = random.choice(chance)
print(player+" has "+str(HP)+" HP") if chance != "miss":
elif code == "Ben": damage = random.randint(0,10)
... enemyHP = enemyHP - damage
For our enemy we use the global variables created elif HP < 1:
earlier. We then create a list of possible enemies print("YOU'RE DEAD")
and then update the enemy_name variable with a game_over()
randomly chosen enemy. An if loop is then used to else:
play an audio file announcing the enemy just before print("Player misses the opponent")
its image is displayed on screen. For debugging Our next function handles the player attacking
purposes the shell outputs the HP of our enemy. For the enemy. We use a list called chance from which
each enemy we repeat the code via a series of else..if we make a random choice, so a player can miss the
statements, which are visible in the full code. enemy. If the chance does not equal a miss then we
def enemy(): hit the enemy with a random amount of damage from
global enemy_name a range of 1 to 10. We then update the enemyHP
global enemyHP variable to show the damage. An else if condition
enemy_names = ["Windows10","MegaDave","Open handles what happens if the player HP drops below
Sourcerer"] zero, and an else condition is used to handle missing
enemy_name = random.choice(enemy_names) the enemy.
... The enemy_attack function is similar to the player_
if enemy_name == "OpenSourcerer": attack function, but it refers to the player's HP for any
audio("os.mp3")
picture("wizard-penguin.png",616,800)
print("They have "+str(enemyHP)+" HP")
Our player needs a weapon, and this is generated
by scanning a barcode and doing a little maths. We
start by scanning a barcode and storing the value
as a variable, code. We then convert the code into
an integer and perform some basic maths to give
us a realistically usable score. Barcodes are large
numbers, so to make them easier to work with we
reduce their value using division and include a random
integer between 1 and 10 as a final divider. An if..
else if condition is then used to compare the integer
stored in value against a series of ranges. So if your
score is between 0 and 39 you will be equipped with
a basic wooden sword and an image and audio file is
displayed to inform the player. Our webcam is a Microsoft LifeCam HD, which has
def weapon(): a maximum resolution of 1280 x 720, but we set the
global code resolution to its lowest to gain more speed.
74 www.linuxvoice.com
� EDUCATION TUTORIAL
damage taken by the player. We used a number of
def prepare(): images and audio files
red = 255 from online resources,
green = 255 all of which are Creative
blue = 255
Commons. In the project
downloads you can find our
pygame.font.init()
attribution to the original
screen = pygame.display.set_mode( (800,600) ) authors – this wizard is by
for i in range(127): https://openclipart.org/
red -= 2 user-detail/Moini.
green -= 2
blue -= 2
screen.fill( (red,green,blue) )
myfont = pygame.font.Font(None, 60)
info1 = myfont.render("PREPARE FOR
BATTLE",1,(0,0,0))
screen.blit(info1, (150,300))
pygame.display.flip()
#pygame.display.flip()
pygame.time.delay(32)
pygame.display.quit()
The prepare function handles a gentle fade
animation that readies our players for battle. Using
three variables for the background colour, we initiate
a display of 800 by 600 pixels and use a for loop screen.blit(warriorpower, (0,200))
to change the colour mix from white to black by screen.blit(enemypower, (0, 400))
subtracting 2 from the r,g,b values each time the loop pygame.display.flip()
is run. We also display the PREPARE FOR BATTLE pygame.time.delay(32)
text using the Pygame font function. The code in this time.sleep(2)
function is reused for the warrior function. pygame.display.quit()
def battle_graphics(): Our final function, battle_graphics handles the
global enemyHP, HP, player, enemy_name battle itself and is a reuse of the prepare for battle
pygame.font.init() function but with the fade animation removed.
screen = pygame.display.set_mode( (800,600) ) Now we need to thread these functions together
screen.fill( (255,255,255) ) into a sequence to form the main body of code. We
myfont = pygame.font.Font(None, 60) start by playing the title music, followed by the Linux
warriorpower = myfont.render(player+" has Voice logo. After pausing for 15 seconds we play
"+str(HP)+"HP",1,(0,0,0)) the audio file and display the characters available.
enemypower = myfont.render(enemy_name+(" has Our webcam scanner is activated and we can scan
")+str(enemyHP)+"HP",1,(0,0,0)) the QR code from a printed sheet of characters. The
player function is run followed by the warrior function
announcing the choice. The next function chooses
Barcodes an enemy for our player then pauses for five seconds
Barcodes are all around us, from tins of beans to before running the weapon and equip functions for
televisions, and what was once used as a method to our player. We are then prepared for battle, which is a
catalogue an inventory has now been adapted for other simple if..else condition wrapped in a while True loop.
uses. Take for example the humble QR code, which can be The battle is run until either combatant reaches zero
found on many products. It has been used for inventory/
HP – when this occurs the winner is announced and
asset tags and as a means to deliver content to mobile
devices by encoding a URL, which can be scanned by many the game ends.
different devices. So with the code completed. Save your work, plug in
QR codes, along with barcodes, are an excellent method your webcam and build your own epic battle between
to introduce new methods of input to children, so how can good and evil. Click on Run > Run Module to play.
we make our own? One site is www.barcode-generator.
All of the code for this project can be found at
org, which can generate barcodes of many different
specifications, from the simple code 39 barcode that we our GitHub repository https://github.com/lesp/
see on beans to industrial standards. What's handy for LinuxVoice_Issue_20, and you can download the
QR codes is that we can specify the type of content they project as a Zip file from https://github.com/lesp/
contain. So we can encode a URL to direct a user to our LinuxVoice_Issue_20/archive/master.zip.
website, a Vcard that contains our contact information
in a digital business card, or we can even encode an SMS
Les Pounder divides his time between tinkering with
message into a QR code to instruct a user's mobile device
hardware and travelling the United Kingdom training teachers
to send an SMS to a specific number.
in the new IT curriculum.
www.linuxvoice.com 75
� TUTORIAL BLENDER
BLENDER: BUILD AND BREAK A
TUTORIAL
TOWER OF BLOCKS
GRAHAM MORRISON
Play with 3D-modelled cubes and rigid body physics to create a
collapsing tower of fun.
B
lender is an incredible piece of open source interaction of rigid bodies as they collide and move.
WHY DO THIS?
software. It’s enormously powerful, but can do It’s been part of Blender since version 2.66 and there
• Learn the basics of so may things so well that our tiny human are two things about it that make it brilliant: it’s easy to
Blender
minds find it difficult to pick up its nuances. But as use and incredibly fun to play with. It gives you a
• Playing with physics is
lots of fun Mary Poppins sang, a spoonful of sugar helps the reason to learn how Blender works – to learn the
medicine go down. For us, that spoon full of sugar is shortcuts, for example, as you spend hours messing
something called ‘rigid body dynamics’. This is one of with an infinite tower of bricks, which is exactly what
Blender’s physics models, used to calculate the we’re going to do over the next few pages.
Blender Overview
2
4
1
3
8
5
8
7
6
1 Tool Shelf Press T to toggle the tool shelf. Many of its functions can be 5 Properties This area is usually used to display context-dependent properties.
found in context menus, or are commonly performed as keyboard shortcuts. In our screenshot, these properties are for the final output render, which can be
2 Menus/Layouts The top menu is not really there. It’s just another pane created by pressing F12.
switched to ‘info’ for access to screensets and view modes. All panes behave in 6 Timeline When animating your scene, a cursor will scroll to illustrate which
the same way. frame you’re viewing, as well as the location of cached renders and key frames.
3 Viewport The 3D window into your scene can be split and changed. It’s best 7 Interaction mode Most commonly switched between object and edit mode
to use NumPad shortcuts for navigation: front(1), top(7) and side(3) views, with the Tab key, this menu changes how the cursor interacts with objects in
rotation(2,4,6,8) and perspective switch (5). your scene.
4 Outliner/Scene list This is a list of objects in your scene, enabling you to 8 Tool properties This will change depending on the current action. It will show
select individual components without clicking on them in the main view. the coordinates of a transformation (T), the angles of a rotation (R) or the
Objects can be hidden to improve preview speed and legibility. extent of the scale (S), for instance, and lets you enter the numbers manually.
76 www.linuxvoice.com
� BLENDER TUTORIAL
1
Use the views 2
Blank the slate
Before we get started, it’s worth taking some time to The default scene includes a few objects, such as a
familiarise yourself with the user interface. One of the cube, a light and the camera, but we’re going to
problems people have with Blender is that it assumes remove everything so that nothing gets in the way.
some knowledge of how 3D modelling and rendering Press A to select everything. The 3D view will paint a
applications work. That assumption is visible in the border around the select objects. Now press X. The
default user interface, which will be overwhelming if delete menu will appear and you need to press Return
the closest you’ve come to 3D graphics is the to remove the selected items.
perspective tool in Gimp, especially as almost every The first object we’ll now create is going to act as
aspect of Blender can be re-configured, dragged, the ground, which will stop various blocks falling into
adjusted and saved as a screen preset. infinity. Press Shift+C to centre the view and move the
Every element in Blender is selected from the editor cursor to the middle of the scene. Now press Shift+A. PRO TIP
type list. The top menu is the Info pane, for example, This brings up the ‘Add’ menu, which is perhaps the Blender has an excellent
hover-over help system.
while the viewport is the 3D editor – its menu is most common menu you’ll access. From here, select Just rest the cursor over
beneath rather than above the view area, and you can ‘Mesh’ then ‘Plane’. You should see the small square something you want to
see the location of the other editors by looking for the of the floor appear in the 3D view. We want to make know about and a small
window will appear with
same types of drop-down icon menus. Most people this larger, and you can do this easily by pressing S to the details.
use keyboard shortcuts, and so will we. enable the scale transformation and ‘16’ to make the
plane 16 times the size of the original.
3
Enable physics 4
Adding a cube
While the floor plane is selected, click on the ‘Physics’ Back to the 3D view. Press A to deselect everything.
view in the property pane (it’s the right-most icon). You Now press Shift+A again and add a Mesh > Cube.
should see that ‘Plane’ is selected and appears as a Because its centre is at the cursor, the lower half will
word just below the icons for the various property appear below the ground. Press Z to toggle between
types. Names for your objects can be changed with a wireframe and solid fill to see what we mean. We now
right-click and ‘rename’ on the object in the Outliner need to move the cube to a corner of the floor. Press G
pane. As we’ve already mentioned, we’re going to use to enter grab and move mode. As you move the
the ‘rigid body’ model. When we start the simulation, cursor, you’ll see that the cube will follow. To restrict
we obviously want the floor plan to remain static. The movement to a single axis, press X, Y, or Z. There’s a
easiest way to do this within Blender is to make the handy axis guide in the bottom-left of the view if you
floor plane ‘passive’. This will make it visible to the need to see which direction is which. To snap
other elements of the simulation, but it won’t be movement to the grid and or other objects, press
controlled by it, effectively leaving it in place without Shift+Tab. Pressing Escape will revert the cube to its
causing too much additional processor overhead. original position, and you can always undo.
www.linuxvoice.com 77
� TUTORIAL BLENDER
5
Make more cubes 6
Separate the cubes
Our building blocks of destruction are going to be To turn our array into a batch of separate cubes, make
cubes. The easiest way to create lots more cubes in sure you’re in ‘Edit’ mode and that the cube is selected,
Blender, just like in programming, is to use an array. and press P. This will open the separation menu, and
With the cube selected, click on the spanner icon to you want to select ‘By Loose Parts.’ This may take a
open the Modifier pane. Click on the Add Modifier little while, depending on the number of cubes you’ve
drop-down list, and select Generate Array. Change the made and the speed of your machine. The cubes will
amount to 7 and see our cube stretch into a block now appear in the Outliner and you should be able to
across the x axis. This is really 7 cubes joined select them within the view. With all the cubes
together, and we need to add a little separation, both selected, go back to the ‘Rigid Body’ pane and ensure
to see them and for the rigid body model to work. they’re both Active (rather than the floor’s Passive),
You can do this by increasing x’s relative offset to a then reduce the mass of each cube to 0.005.
figure like 1.020. Now click on ‘Copy’ to create another To make sure they all have the same settings, select
array modifier, and in this one change the ‘x’ relative ‘Physics’ on the left-hand panel and click ‘Copy From
offset to ‘0’ and the ‘y’ to 1.020. Finally, do the same Active’. Finally, we need to move the origin point for
for ‘z’ to create a cube of cubes. You may want to have the collection of cubes, which is currently centred on
more ‘z’ pieces to create a tower. Click on ‘apply’ in the first cube we made. To do this, press Ctrl+Shift+
each modifier pane when you’re happy with the view. Alt+C and select the origin to geometry option.
7
Let’s get physical 8
Bigger cube
We’re almost ready to add some destruction. If you To turn the falling motion of the sphere into sideways
want to test your tower of cubes to make sure it holds, motion that will hit our tower of cubes we’re going to
press Alt+A to start the animation. If the cubes start to create a simple ramp out of a large cube. Place the
fall, you might want to reduce the gap between them cursor as we did before and use the Add menu to
or make sure all cubes have a central origin point. create a mesh > cube. This will need to be scaled with
How you destroy your tower is up to you: you could the S key and also rotated around the y axis using the
create a cannon, for example. We’re going to start by R key. You can lock rotation axes in the same way you
dropping a sphere into a cube that’s been angled to can lock the movement axes. Keep using the Alt+A
direct the sphere at our tower. To create the sphere, combination to test your animation and to make sure
we first need to position the cursor so the sphere will everything is being calculated as you’d expect it to be.
appear in the best position. This is best achieved To speed up the rendering, don’t forget you can switch
using the side (1) and top views (7) to position the between wireframe and solid previews with the Z key.
PRO TIP
sphere into the correct z and x positions. Apply the If you need your animation to last longer, change the
Many view controls are
on the NumPad of a
rigid body model to the sphere and increase its mass. end frame to something like 1,000 in the timeline pane
keyboard. If you’re using The heavier it is, the more destructive it will be. at the bottom of the window.
a laptop or a keyboard
without one, open
the User Preferences
pane, switch to Input
and enable ‘Emulate’
Numpad’. Numbers will
now act like the NumPad.
78 www.linuxvoice.com
� BLENDER TUTORIAL
9
Add a camera 10
Let there be light
Hopefully, your ball will now fall and hit the cube Just like the planes, cubes and the camera, light
before rolling with some speed into your tower of sources are added to the scene by pressing Shift+A.If
cubes, which will then artistically collapse and tumble you imagine lighting a real scene, you can create and
all over the place. The next step is going to turn this place lamps to light up areas of shadow and dark for
sequence of destruction into a properly rendered best effect through your frame. As you might imagine,
video you can share. At the moment, it exists within Blender has several types of light source, and these
Blender purely as a scene. We need add a camera and create different kinds of light. Five types are listed
adequate lighting before Blender can number crunch from the ‘add’ menu, along with a brief description of
the values in the scene to create some output. what makes them different. Rendering engines work
Use the ‘add’ pop-up menu to add the camera. It differently too. The ‘cycles’ engine, for example, is
can be manipulated just like any other object, and you generally more photo-realistic. This can be selected
will want to move and rotate it to capture the drama. from the top bar where it currently says ‘Blender
Pressing ‘0’ on the NumPad will show you the framed Render’. For our project we’ve opted to use a single
view from the camera, and you can make all the same lamp configured as ‘sun’ and to use the cycling
adjustments while looking through the virtual lens. rendering engine. It takes longer to make the
Move and angle the view until you can see all the calculations necessary to render a scene but we think
action through this window. You can press F12 for a the results are work it. Test it out by pressing F12 or
final render, but you’ll see the output will be too dark. using the ‘Render’ properties page.
PRO TIP
By default, only 250
frames of rigid body
calculations are created.
To increase this, open the
scene properties page,
11
Render the output 12
Extra credit open ‘Rigid Body Cache’
and change the ‘End’
The render page is used to get your final output. You Our next step should be to add some texture and value to the number of
need to make sure you’ve run through the animation colour to the various elements within the scene. This frames you need.
to the end point so that the cache contains the is accomplished through Blender’s use of materials. To
physical interactions between the various objects. If change the colour of a cube, for example, make sure
you’re happy with the physics, you can fix them into it’s selected and use the Materials property to create a
your project by ‘baking’ the animation. You can set a new material and adjust its properties. You might also
start and end frame for the animation and either want to animate other aspects of the scene, such as
define the output size and quality using the drop-down moving the camera. This is accomplished by using
presets or by entering your own values. By default, keyframes. These are basically a snapshot you make
each frame of the animation will be saved as a single of the camera, or any other object, at a different frame
PNG image at the location specified in the ‘Output’ within an animation. Blender will tween the movement
section. Use the drop-down list here to change this to between the snapshots to create a smooth animation,
a video format such as H.264. letting you take that step closer to Stanley Kubrik.
www.linuxvoice.com 79
� TUTORIAL YUBIKEY AND U2F
YUBIKEY AND U2F: LOCK DOWN
TUTORIAL
YOUR LOGINS
MARK CRUTCH
Add second-factor authentication to your logins with a USB
hardware device.
I
n issue 18 we reviewed the YubiKey Edge – an U2F logins, however, you can use any U2F key,
WHY DO THIS?
authentication device that plugs into a USB port including the super-cheap £5 model from Happlink
• Secure your SSH and supports a variety of different protocols. While (formerly Plug-Up, with devices still being sold under
connections
it’s an interesting product if you already use web- that name).
• Stop the kids using sudo
based services that support it, we noted that it can be We’ll need to add a source for the Yubico support
• Learn more about PAM
made even more useful by adding an extra level of software, which is all in its GitHub repository and PPA.
protection to your Linux logins. In this tutorial we’ll As we’re using Mint, the PPA will do the job nicely.
show you three ways to set up such a system. sudo add-apt-repository ppa:yubico/stable
The machine we’ll be using is running Linux Mint sudo apt-get update
17 and these instructions should work on Ubuntu The PAM modules we’ll use in this tutorial have a
and Debian derivatives with very little tweaking. The debug option. This requires a specific world-writeable
applications and libraries we’ll use are also available debug file to be created, otherwise the messages
as BSD-licensed source files, hosted at Yubico’s are sent to the screen, leading to valuable diagnostic
comprehensive GitHub repository (https://github. information getting lost too easily.
com/Yubico), so you can build them yourself if you touch /var/run/pam-debug.log
prefer. chmod go+w /var/run/pam-debug.log
To hook the This file may not persist through reboots, so if you
“Make sure you have a recovery YubiKey into our login start to see a lot of debugging information sent to the
plan in place before you begin system we’ll use screen when trying to log in, you’ll have to create the
PAM – an acronym file again. With the prerequisites in place, let’s secure
editing files, just in case.” for “Pluggable our console…
Authentication
Modules”. Messing with login authentication could Method 1: Yubico OTP
result in you being locked out of your machine entirely, The first method we’ll try uses Yubico’s proprietary
so we’ll add the YubiKey requirement to just the one-time password (OTP) protocol. For this to work
console at first, ensuring we always have a working you must have one of the slots configured to use the
fallback to log in graphically or via SSH if things go Yubico OTP protocol, with the credentials uploaded to
wrong. In the event that they go really, really badly, the Yubico servers. Keys are delivered with slot 1
though, booting from a live CD or USB key should already pre-configured in this manner, so this should
enable you to change the files back to a working state. only be a concern if you’ve modified your device’s
Make sure you have a recovery plan in place before settings. To use this method you’ll also need an API
you begin editing files, just in case. key, which can be obtained from here:
The main prerequisite for this project is that you https://upgrade.yubico.com/getapikey/
have a suitable authentication device. For the first You’ll have to provide an email address, and use
Yubico OTP strings contain two parts of this tutorial you’ll need a YubiKey that your YubiKey to supply a Yubico OTP. The page will
the key ID as the first 12 supports programmable “slots” – essentially any generate a Client ID and a Secret Key, which you’ll
characters. recent device except the blue U2F-only model. For need to copy into a file somewhere. Note that the key
80 www.linuxvoice.com
� YUBIKEY AND U2F TUTORIAL
includes the terminating = character – it’s easy to lose
track of that when using the key in a config file that
also uses the equals character in other ways.
Next we’ll install the PAM module itself:
sudo apt-get install libpam-yubico
Now we’re ready to edit /etc/pam.d/login and, as
you might expect, it requires superuser access to
modify it. Open the file in a text editor (eg sudo nano
-w /etc/pam.d/login), and add the following, all on
one line, replacing the id and key values with your own
Client ID and Secret Key, respectively:
auth required pam_yubico.so id=123456 key=afibsdrhwRRkZ5wr
inKVrTJCA9Y= urllist=https://api.yubico.com/wsapi/2.0/verify
debug
Where in the file should this line be added? That
depends on the PAM stack you want to end up with,
but a good rule of thumb is to insert the new line just
after the standard Unix password prompt. On our
Yubico OTP logins even
Mint installation that means just after the @include device, touch the button for a second or two, and you
work via the popular
common-auth directive. should be successfully logged in. If not, double-check Windows SSH client, Putty.
Although PAM is now set up to authenticate using that your API Client ID and Secret Key are correct,
YubiKeys in general, we still need to tell it which confirm the mapping in the authorized_yubikeys
particular key is ours. We’ll need the unique ID code file, and make sure you’ve got a connection to the
that the key exposes as part of its one-time password. internet so that the PAM module can contact Yubico’s
Open a text editor, insert your YubiKey, and touch the authentication servers. The log file you created earlier
button for a couple of seconds. The key should “type” may give you some clues as to what has gone wrong,
a long OTP into the text editor. We just need the first as could any general PAM log file on your system
12 characters, which constitute the key’s ID. This has (/var/log/auth.log on our box).
to be associated with your user account by creating Once you’re happy that console logins are working, PRO TIP
a simple configuration file in your home directory, check that they’re also stopped if you don’t have the The Happlink U2F key has
replacing USERNAME with your username, and the right key. Then it’s time to tidy up and think about no button on it. Instead
key ID (cccccceflluj) with the one you obtained from expanding your ambitions. First of all, log out of the it will authenticate only
once after it powers up.
the OTP: console and switch back to the graphical screen To authenticate again,
mkdir ~/.yubico (probably using Ctrl+Alt+F7 or F8). Then edit the PAM remove and reinsert it.
echo ‘USERNAME:cccccceflluj’ > ~/.yubico/authorized_yubikeys login file again, to remove the debug parameter. Save
If you wish to add multiple YubiKeys to your the file and check that everything’s still working.
account, so that you can also authenticate with a If you take a look in the /etc/pam.d/ directory, you’ll
backup key, edit this file and add the extra IDs to the find a number of files that define how PAM should
end of the line, separated by colons. deal with different services. For our purposes the
With this file in place, press Ctrl+Alt+F1 and try to most interesting ones are sshd, su, sudo and the login
log in. You should be prompted for your username file we’ve been working with so far. By copying the
and password, then for your YubiKey. Insert the new configuration line to one or more of these other
U2F: Not quite plug-and-play
Although U2F is sold as being cross platform, that doesn’t replaced with any group you’re a member of – use the groups
mean you can plug a USB device into your Linux box and have command to get a list):
it work immediately. At least, not yet. Until Linux distros start SUBSYSTEMS==”usb”, ATTRS{idVendor}==”2581”,
to include U2F support by default, you’ll need to add a udev ATTRS{idProduct}==”f1d0”, MODE=”0660”, GROUP=”plugdev”
rule in order for your device to be recognised. For Yubico’s You can copy and paste this code from the FAQ section of
U2F-enabled keys you need to save the following into http://sk.happlink.com/plugup/en – although at the time of
/etc/udev/rules.d/70-u2f.rules: writing the accompanying description is in French.
# this udev file should be used with udev 188 and newer Finally you have to get udev to notice the change. Yubico
ACTION!=”add|change”, GOTO=”u2f_end” suggests rebooting the machine, but in our experience running
KERNEL==”hidraw*”, SUBSYSTEM==”hidraw”, sudo udevadm trigger usually does the job.
ATTRS{idVendor}==”1050”, ATTRS{idProdu If you have both types of device, just change the middle of
ct}==”0113|0114|0115|0116|0120|0402|0403|0406|0407|0410”, the filename for one of them (eg 70-u2f-yubikey.rules). For
TAG+=”uaccess” any other device, check the vendor’s website for details.
LABEL=”u2f_end” The easiest way to test that everything is working is to
You can copy and paste this from https://github.com/ use Chrome or Chromium to visit Yubico’s demo site (which
Yubico/libu2f-host/blob/master/70-u2f.rules. For Happlink/ also works with non-Yubico U2F keys): https://demo.yubico.
Plug-Up devices, the rule is this (where plugdev should be com/u2f.
www.linuxvoice.com 81
� TUTORIAL YUBIKEY AND U2F
but it’s a rather involved process if all you want to do is
stop the kids using sudo.
An associated issue is the requirement for an
internet connection to make the authentication
request. What happens if your network goes down, or
you’re using a laptop without a network connection?
Finding yourself unable to log in without a working
network is an obvious limitation to this approach.
As an alternative, you can use the YubiKey in
challenge-response mode. In this case the computer
sends a random string to the key, which responds by
encrypting it and returning the result. If the response
matches the one that the computer is expecting, the
authentication succeeds. There are no other machines
involved, and no need for a network connection.
To use this method, we’ll activate challenge-
response mode on slot 2 of the YubiKey. This is done
via a configuration tool that allows you to control a
wide variety of options on your key. There are both
graphical and command-line versions in the PPA we
added previously. We’ll install both, but you can just
use one or the other if you prefer.
You can use the GUI
files you can ensure that a hardware key is required to sudo apt-get install yubikey-personalization yubikey-
Personalisation Tool
to configure challenge- make an ssh connection, or to gain superuser rights. personalization-gui
response mode on a If you want to add YubiKey support to your graphical If you use the GUI, launch the application then insert
YubiKey. login the file you’ll need to modify will depend on the your YubiKey and wait for its details to appear in the
X display manager you use, but will likely be gdm, right of the window. Select Challenge-Response from
kdm, mdm, lightdm the top of the application, then click the HMAC-SHA1
– or some other file button. Choose Slot 2 and leave the Require User
“A small amount of information ending in “dm”. Input option unchecked. Click the Generate button to
leakage is worth the trade-off for To get this
working with the
create a secret key for your device. Finally, click on the
Write Configuration button. If you prefer to use the
the extra security it adds.” OpenSSH server, command line, this will do the same job:
you’ll also need to ykpersonalize -2 -ochal-resp -ochal-hmac -ohmac-lt64
modify your /etc/ssh/sshd_config file, setting the -oserial-api-visible
ChallengeResponseAuthentication parameter to yes. Now you can record an initial random challenge,
While changes to the PAM files don’t require anything and the response that the key should produce. If you
to be restarted, modifying sshd_config won’t have already have a .yubico directory from trying Method 1,
any effect until you restart the SSH daemon. Once it’s you can skip the first line.
set up, however, the great thing about Yubico’s OTP mkdir ~/.yubico
implementation is that the YubiKey just acts like a ykpamcfg -2 -v
keyboard. There are no drivers to install, regardless of A file will be created called challenge-0123456
OS, and it even works with “foreign” SSH clients, such where the numbers correspond to the serial number
as PuTTY on Windows. of your YubiKey. If you’ve configured your key to hide
PRO TIP
its serial number, or you want to use a system-wide
You can make a cheap
U2F key feel less flimsy
Method 2: Challenge–response directory for storing the challenge-response files
by using Sugru to mould a Unfortunately there’s a rather large elephant in the (required if your home directory is encrypted), things
more robust body. room. Once you enable Yubico OTP, every time you log are slightly different. Take a look at the docs on
in using your YubiKey a request is sent to Yubico’s GitHub, or the ykpamcfg man page, for more details.
servers to authenticate you. This means that they It’s time to edit /etc/pam.d/login once again.
know when you logged in, and the public-facing IP Comment out your line from Method 1, if you have
address of the machine you logged into. They can’t tell one, by putting a # in front of it, then add this below it:
why you’re authenticating: it could be an SSH auth required pam_yubico.so mode=challenge-response debug
connection, a local login, or even a WordPress Switch to the console, insert your YubiKey, and log
installation that has nothing to do with PAM. They in. You shouldn’t see any additional YubiKey prompt
also can’t tell the IP address of the client machine this time, as the challenge-response communication
you’re using SSH on. Nevertheless, many of our all happens in the background, with the PAM module
readers will be rightly concerned about leaking any talking directly to your key. In fact it talks to the
additional information to a third party. You can run key twice – first to confirm the current challenge-
your own private authentication server to avoid this, response, then once it knows the device is the
82 www.linuxvoice.com
� YUBIKEY AND U2F TUTORIAL
The pros and cons
Yubico OTP Challenge-Response U2F
Local authentication ✔ ✔ ✔
(console, GUI, sudo)
SSH authentication ✔ ✘ ✘
Uses a 3rd party server, requres network ✔ ✘ ✘
Uses up a slot on the Yubikey ✔ ✔ ✘
Requires Yubikey to be reconfigured ✘ ✔ ✘
(compared with default configuration)
Cross-vendor open standard ✘ ✘ ✔
Minimum hardware price £21 (YubiKey Standard) £21 (YubiKey Standard) £5 (Happlink/Plug-Up)
£13 (Yubico U2F Key
right one it issues a new challenge and records its the credentials for multiple users in a single common
response, in preparation for the next login. That’s the file and, again, this is essential if your home directory
reason for not enabling the Require User Input option is encrypted. See the pam-u2f documentation on
– you end up having to press the button for each GitHub for more details, as well as for other options
conversation, which can lead to confusion and failed that you might want to use in your PAM configuration.
logins if you don’t get the timing right. You’re now ready to log in. Switch to a console
screen, insert your U2F key, and enter your username
Method 3: U2F and password. If you’re using a YubiKey, touch the PRO TIP
We covered U2F in our FAQ in issue 18. Suffice to say panel when the LED starts to flash. Hopefully you’ve For an alternative
that it’s a cross-vendor protocol intended primarily for logged in successfully. Log out, try it without the key, take on second-factor
authentication with PAM,
use as a second factor on the internet. In practice, and confirm that everything’s working as expected, see our FreeOTP tutorial
however, it’s really just another variant of challenge- then remove the debug option from the PAM config in issue 18.
response, with a few extra protections thrown in. As and copy the line to other files to secure su, sudo, your
such, it can be used in a similar way to Method 2, for display manager or screensaver.
completely offline authentication.
First you’ll need to ensure that your device is Which should I choose?
working on your Linux machine. The U2F PAM With our own YubiKey Edge we’ve opted to use Yubico
module is in a separate package to the general Yubico OTP for SSH connections, and U2F for local
module, so run the following to add it to your system, authentication. If our network is down the fact that we
together with the configuration tool you’ll need to can’t use OTP is irrelevant, as we won’t be able to get
initially generate the cryptographic data: an SSH connection in the first place. And we feel that PRO TIP
sudo apt-get install libpam-u2f pamu2fcfg a small amount of minor information leakage is worth YubiKeys can also be
configured for a static
Then it’s back to editing /etc/pam.d/login. Once the trade-off for the extra security it adds. For local password, or OATH-HOTP
again, you should comment out any previous lines logins, though, either U2F or challenge-response are and TOTP (with a support
you’ve added then put this one in place: better options, with U2F slightly edging ahead by not application), giving them
plenty of uses beyond
auth required pam_u2f.so debug using up a slot on the YubiKey. PAM logins.
As with the other two methods, you now have to But that’s just how we’re using this technology, and
associate a particular key with your user account. This there are plenty of other combinations to consider. For
goes into a different directory than the credentials example, you could issue your kids with cheap U2F
we’ve used previously. Replacing USERNAME with devices for logging in, but configure su and sudo to
your local username, run the following: use challenge-response mode: everyone’s logins are
mkdir ~/.config/Yubico protected, but only the holder of the Edge can gain
pamu2fcfg -uUSERNAME > ~/.config/Yubico/u2f_keys superuser rights.
If you want to allow more than one U2F device However you use it, adding second-factor
for a single account, you’ll need to run pamu2cfg -n authentication to PAM via a relatively cheap hardware
and append the output to the end of the line in the device is a simple way to ensure that access to your
u2f_keys file. Make sure you’re using a text editor computer is made substantially more secure.
that allows for very long lines with no word wrap, as
the whole series of key credentials needs to be on
a single line, whether you use one key or twenty! As Mark Crutch has a computer secured with multiple hardware
devices. If only he could remember where he put his keys…
you might expect by now, it’s also possible to store
www.linuxvoice.com 83
� TUTORIAL GODOT
GODOT: BUILD A GRAPHICAL
TUTORIAL
GAME WITH AN OPEN ENGINE
BEN EVERARD
Games ain’t what they used to be – so let’s recreate an 80s classic
with sprites, graphics and a little code.
A
useful games engine should, broadly block (which takes up the entire left-hand side of the
WHY DO THIS?
speaking, make it easy for a user to add screen) is the designer. Here you’ll be able to move
• Games are cool graphics to a program and move the graphics the different parts of your game around. On the top
therefore people who
create games are cool. about. Usually, there’ll be support for collision of the right-hand side is the Scene, in which you’ll add
Following this tutorial detection, and possibly some form of physics model the various parts that will come together to make your
could be the first step as well. The game engine we’ll use this tutorial, Godot, game. Below this is the properties editor where you
towards acquiring a
legion of fans has all of these and more, though we’ll only use a can fine-tune the components.
• Because someone needs small amount of its power in this tutorial. Godot
to make Grand Theft contains everything from the development Somebody set us up the bomb!
Penguin and it may as environment to the libraries to the runtime for its own There are also a few useful controls at the top of
well be you
language (GDScript). We’ll get onto all these in due the screen including the play and stop buttons for
course, but first of all, you’ll need to install the launching your game, and the Scene menu, where the
software. If it’s not in your distro’s repositories, you save function and game preferences are.
can grab Godot from www.godotengine.org/wp/ Games in Godot are comprised of a tree of nodes.
download. Every part of the game is included as a node that’s
When you first start Godot, you’ll need to create a branched off the root node. Our game is very simple,
The Godot engine is used new project and associated directory. We called ours and will only have a few of these nodes, but if you
in commercial games such SpaceRunner and stored it in ~/games/SpaceRunner. start to use Godot more, you’ll learn how to wield the
as Dog Mendonça and Pizza With the project created, you’ll see the main different node types to create complex scenes. The
Boy by Okam Studio. interface, which consists of three parts. The largest root node for our game (and for most 2D games) is a
84 www.linuxvoice.com
� GODOT TUTORIAL
Node2D. To add this to game, go to the Scene tab at
the top right-hand side of the screen and click the Add
button (with the rectangular icon). In the popup, you
will find Node2D in the list; highlight it and click Create.
This will add the node to the scene list and the
design pane. We want this node to take up the whole
of the screen, so in the design pane, resize it so that it
fills the blue rectangle. You can change the name of
nodes by double clicking on their entry in the scene
list. You should change them to something more
memorable than the generic names they’re given. The
Node2D is the container for the whole game, so we
called ours wholeGame.
Now you have the main game node, you need to
add sub nodes for the items in the game. Different
nodes have different properties that you can use. We’ll
keep things simple and just add sprites that are used
Figure 1. This is how your
to display images on the screen. tools, but we prefer to grab open source artwork from
game should look with the
The game we’re going to create is a simple space opengameart.org. There’s a load of graphics on there asteroids and spaceship
flight game. The aim is to pilot a spaceship through if you want to search for your own, but we went with laid out. You can change
a field of asteroids without hitting any of them. The the yellow spaceship from http://opengameart.org/ the sizes to make the game
longer you go without hitting any, the faster the content/spaceship-fighter-ipod1, and the asteroid harder or easier.
asteroids will come at you and the harder it will get. from http://opengameart.org/content/asteroids. The
Therefore we’ll need sprites for the ship and the latter of those links downloads a Zip file, and we used
asteroids. For now, we’ll just add one asteroid but we’ll the image medium/a0001.png, though you could use
clone this later to create more. others if you wish.
These sprites need to be created directly under the
main Node2D node, so with that highlighted, click on For great justice…
the Add Node icon again and select Sprite. You’ll need These images need to be copied into the game folder
to do this twice to create both sprites. If you’ve done that you selected
this correctly, the wholeGame node will now have an when you first
arrow next to it to collapse and expand the list. If any created the project. “The aim is to pilot a spaceship
of the other nodes have arrows next to them, then
you’ve added a node at the wrong level and you’ll
Once they’re there,
you can add them
through a field of asteroids
have to delete it and start again, making sure that the to the sprite. First without hitting any of them.”
wholeGame node is highlighted before you click on highlight the sprite
the Add Node icon. Once you’re created the sprites, in the Scene list, then in the Properties pane, use
rename them Ship and Asteroid0. the dropdown on the Textures property to select
The main property the sprites need is the images Load File. This will open a dialog box where you can
they’ll display (we need one to have a spaceship icon select the appropriate image. Once you’ve done this
and one to have an asteroid icon). You could create for both sprites, resize them in the design pane to
these yourself if you’re handy with digital drawing the appropriate size for the game. You can also add
Features of Godot Everything you need to create a AAA masterpiece
When you’ve created your first project, you can go a little
deeper into the Godot game engine. There are a wide variety of
features that we haven’t covered here, including:
Animated Sprites The simplest way to give your images a
little more interest is to make them move.
Parallax backgrounds Move the background at different
speeds to give the illusion of depth in 2D games.
Physics engine Our game has an incredibly simple physics
rule where everything just gets faster until you hit
something. Most games will need a more complex
approach, and Godot has everything you need built in.
Import Blender models You can bring in assets from most
popular 3D tools.
Skeleton deforms Give your 3D models realistic movements
by building them around an interconnected rigid structure.
User interface builder Help your users get the best out of You can download a set of demos from the Godot website
your games with a custom-made GUI. that demonstrate the features of the engine.
www.linuxvoice.com 85
� TUTORIAL GODOT
The script editor is a text editor with syntax
highlighting and code completion. The blank script will
extend the Node2D class and have a function called
_ready(). The structure of our code will be:
extends Node2D
#setup variables
func _ready():
#initialise data
func _process(delta):
#move ship
#for each asteroid
#move asteroid
#check if asteroid has hit ship.
#speed up
Each of the comment lines (which start with a
hash) will be replaced in our final program with a block
of code. Like Python, GDScript uses indentation levels
to determine which block a particular line of code is in,
so it’s important to keep consistent in your use of tabs
or spaces when following this tutorial.
Godot is well documented
more asteroids by highlighting the asteroid sprite and First we need to set up the variables. In GDScript,
on the project’s GitHub
wiki at https://github.com/ pressing Ctrl+D. You should spread the asteroids out variables need to be declared using the var keyword,
okamstudio/godot/wiki. across the scene, and place the spaceship sprite near but only global variables need to be declared at the
the bottom edge. It should all look like figure 1. start. Local variables (as you will see) can be declared
As well as controlling graphics, a game engine as and when they’re needed. To define the global
should usually help you get input from the user. In variables we’ll use, change the #setup variables line to:
Godot this is done with named controls. This enables var ship_size
you to create a specific action that you want the user var ship_speed = 20
to be able to perform, then easily link it to different var rock_speed = 20
input methods such as a keypress or joystick The two speed variables can be tweaked to change
movement. Our simple game has just two controls: the gameplay if you like. The ship_size variable holds
left and right spaceship movements. To create these the size of the ship, and we’ll use it later on when
controls go to Scene working out the interactions with the asteroids. It’s
> Project Setting > calculated in the _ready function, which is also used
“Like Python, GDScript uses Input Map. In the to start the _process running. Once this is set, Godot
indentation levels to determine action box, enter will continue to loop through the function until it’s
move_left, then click stopped. The ready function is:
which block a line of code is in.” Add. This will add an func _ready():
entry to the actions ship_size = get_node(“ship”).get_texture().get_size()
list. Click on the plus icon next to the new action, * get_node(“ship”).get_scale()
select key input and then press the key you want to set_process(true)
use to move the ship left. Once this is set up, repeat As you can see, GDScript can interact with the
the procedure to create the move_right action. nodes in the game using functions and methods to
get particular pieces of information. This can be used
All your sprites are belong to us to grab any of the properties of the node. In this case,
This is everything set up for our game. We just need to we just need the size and scale of the ship sprite.
write the code to bring everything together. The last bit of our code is the _process function.
GDScript is a dynamically-typed interpreted Each time this runs, it gets passed a single parameter,
language loosely based on Python. You can use it to which is the time it took to run the previous iteration
create scripts attached to nodes that run as callbacks of the loop. We call this delta, and it’s used to calculate
when things happen, which means that the typical how far to move the sprites. By using this value, we
game will be made up of many small scripts rather can ensure that we keep moving at a fixed speed (in
than one large one. Our game, though, is so basic terms of pixels per second) regardless of how fast the
that it’ll just be a single simple script, attached to particular computer runs at.
the Node2D node called wholeGame. To create it, The _process function will hold most of our game
highlight the wholeGame node in the scene list and logic, but let’s just start with moving the ship. All we
click on the script icon (the stylised S on the right- do in this bit of code is get the current position of
hand side of the toolbar). In the popup, you’ll need the code, check that the ship isn’t on the edge of the
to enter a path (this can be the same as the game screen and that the input button is pressed (based on
directory) then click on Create. the actions we set up earlier). If this is the case, then
86 www.linuxvoice.com
� GODOT TUTORIAL
we move it by the appropriate distance based on the
speed and the delta value. The code to do this is:
func _process(delta):
var ship_pos = get_node(“ship”).get_pos()
if (ship_pos.x > -30 and Input.is_action_
pressed(“move_left”)):
ship_pos.x+=-ship_speed*delta
if (ship_pos.x < 30 and Input.is_action_
pressed(“move_right”)):
ship_pos.x+=ship_speed*delta
get_node(“ship”).set_pos(ship_pos)
#move asteroid group
This code is now complete enough to run (although
the program won’t do anything other than move the
ship). First you need to save the scene by going to
Scene > Save and giving the file a name. Once it’s var rock_pos = rock.get_pos()
The code editor is powerful
saved, you need to tell the game engine that this is the rock_pos.y = rock_pos.y + rock_
enough for most purposes,
first scene you want the program to run. Go to Scene speed*delta but you can edit the GD file
> Project Settings > General and edit the Main Scene if (rock_pos.y > 35): in the text editor of your
attribute to the file you’ve just saved. With this all in rock_pos.y = -35 choice if you prefer a more
place, you can press the Run icon at the top of the rock_pos.x = randf()*60-30 customised programming
main window to run the game. You can stop the game rock.set_pos(rock_pos) experience.
by either pressing the Stop icon or closing the game #check for collisions
window. This moves the asteroid downwards, then checks if
it’s moved off the bottom of the screen. If it has, the
Asteroids! code moves the asteroid back to the top of the screen
With the ship now animated, the next task is to make and sets it to a random position across the width of
the asteroids move. The easiest way to do this is the screen (so that the pattern doesn’t just repeat).
to loop through all the asteroids, and in order to do The ship and asteroids now move, but nothing
that, we need a way to select all the asteroid nodes. actually happens if one of the asteroids hits the ship.
Godot enables us to do this by adding all the asteroid In order to make the game work, we need some
nodes to a group. Go to the Scene tab, select the first method of identifying whether a collision has taken
asteroid and click on the group icon (two intersecting place. There are loads of ways of doing this, but we’re
circles). In the new dialog, you can enter a new going to use a simple approximation. If the centre of
group name and click on Add (we called the group an asteroid is inside the rectangle around the ship,
asteroids). Repeat this for each of the asteroid sprites. we’ll consider it a collision. This means that there can
The group enables us to iterate through the be a small overlap between the two and the ship will
asteroids using a for loop as shown in this code: survive the near miss.
#move asteroid group Another thing we have to decide here is what
for rock in get_tree().get_nodes_in_ happens if the ship hits an asteroid. In other words,
group(“asteroids”): what is the gameplay? We decided to make the game
work by gradually speeding up the asteroids, making
it harder and harder to avoid them. Hitting one of the
Deployment Share your creation asteroids returns the speed to the initial speed.
This is done with two bits of code. The first to reset
If you wish to share your games (or even sell them), Godot the speed after a collision:
can help. First, you need to make sure all the components
#check for collisions
you’ve used are licensed for re-use in the way you plan
to share your game. Godot itself is BSD licensed, so you if (ship_rect.has_point(rock_pos)):
can do whatever you want with games made using this rock_speed = 20
toolkit. Any graphics and other artefacts you use may have The second goes at the end of the _process
licences that restrict their use in some way. function and increases rock_speed slightly each time
Providing everything is OK, you can then export your
it runs:
game for a wide variety of platforms (Linux, Windows, Mac
OS X, HTML 5, iOS or Android). You need to get the export #speed up
templates from www.godotengine.org/wp/download, and rock_speed+=0.02
incorporate them into Godot by going to Settings > Install That’s it! A fully functional, graphical space game in
Export Templates. With this done, you can export the game just 26 lines of simple GDScript.
by pressing the Export button on the main screen. There’s
some help on how to export on the Godot wiki: Ben Everard wrote a book about programming Python on the
https://github.com/okamstudio/godot/wiki/export. Raspberry Pi once, and now he won’t shut up about it.
www.linuxvoice.com 87
� CODING NINJA
CODE NINJA:
TUTORIAL
BECOME A WEB SERVER
Delve deep into the heart of the web – and understand how it
BEN EVERARD
works – by writing raw HTTP requests.
T
he Hyper Text Transport Protocol, or HTTP as distribution’s package manager if it’s not already in
WHY DO THIS? it’s commonly known, is one of the most there by default.
• Gain a better widely used protocols. Almost every time you TCP, like HTTP, is client–server. This means that one
understanding of how
the web works visit a website, you start by entering HTTP which machine (the server) must be set up to wait for a
• Learn to use Netcat, the signals that you’re trying to get a document via this communication while the other machine (the client)
Swiss Army knife of TCP protocol. HTTP is so ubiquitous that even if you don’t must initiate the communication. When you’re
connections type this into your browser’s address bar, you’ll default browsing the web, you are the client and the various
• Strike up a conversation to this protocol. websites you visit are the servers. To use Netcat to get
with web servers around
the world One of the factors in HTTP becoming so popular is content from a website, we must first establish a TCP
its simplicity. It’s incredibly easy to add HTTP support connection with the server. You can do that with the
to your software. These days, that almost universally following command:
comes from incorporating a library that handles nc www.linuxvoice.com 80
details of the protocol, but even before there were The number 80 at the end of the command refers
quality libraries available, it was simple to add HTTP. to port 80. TCP uses ports to allow a single server to
We’ll take a look at how to interact with the protocol host content on many different protocols. Ports are a
using just common command line tools. little like the flat or apartment number in a postal
HTTP itself runs on top of Transmission Control address. The domain name tells nc which machine to
Protocol (TCP), which is a method for connecting two connect to just like an address tells a postman which
machines together over a network and providing a building to go to. The port number tells nc what to
two-way data stream between them. We won’t get connect to on that machine just like the flat number
into the nitty-gritty of TCP here; instead we’ll use a tells a postman which place to deliver the letter. The
program that can create a TCP connection and enable sysadmin can put any piece of software they like at
us to use it from the Linux command line. Netcat (nc) any port, just like the building manager can put
is the easiest option for this and should be in your anyone in any flat.
Pass the port
HTTP servers usually listen on port 80, while (for
example) SSH servers usually listen on port 22.
There’s nothing special about these numbers other
than the convention. You can start an HTTP server on
any other port if you wish to (and we’ll see how this
works a little later).
Running the command won’t do anything obvious.
In the terminal you should just see a blank line appear
under the text. In the background, nc has made a TCP
connection to port 80 on linuxvoice.com. Since HTTP
is client–server based, the server is still waiting for us
(the client) to tell it what we want. HTTP is a text-
based protocol which is human readable, so we can
type commands into this session. The following will
get the main page from the Linux Voice website:
GET / HTTP/1.1
Host: www.linuxvoice.com
GET is the HTTP verb. It tells the server that we
want information. You can also send information to
the server using the POST verb, which is what
If you open developer tools in Firefox and click on Console, you can see all the HTTP happens usually when you submit a form online. The
requests that have been used to render the page. Clicking on one of the entries in the list forward slash after the GET is the content that we
will open the details of the request and response headers. want (in this case, the main page). We then tell the
88 www.linuxvoice.com
� NINJA CODING
server that we’re talking to version 1.1 of the HTTP
protocol. In this version of HTTP, the Host parameter
is mandatory, so on the next line, we set that to the
host we’re querying. This might seem odd since we’re
connecting to this host; however, it’s common
practice to host more than one domain on a single
machine, so this makes sure that the web server
knows which domain we’re requesting.
This is called the HTTP request header. It’s all the
details that you send to the server. In the real world,
headers are usually more complex than this. They can
include, for example, cookie values and details of
which compression algorithms the browser accepts.
After you’ve typed this, press Enter twice and you
should then get a response from the server. The first
part of this response will be the HTTP response
header, which contains all the details about the
information being sent back. It should be something
like the following:
HTTP/1.1 200 OK HTTP 2 can run much faster than HTTP 1.x. Put the two protocols to the test yourself at
Date: Tue, 01 Sep 2015 12:38:02 GMT http://www.http2demo.io.
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked what port to use. Once this is done, you’ll see the
Connection: keep-alive request header appear in the Netcat session.
Last-Modified: Tue, 01 Sep 2015 12:28:03 GMT There are two crucial elements in the response
ETag: W/”22407c-be87-51eaeae6bdac0” header: the response code and the content type. After
Cache-Control: max-age=3, must-revalidate the header, there is a blank line, then the content itself.
Expires: Tue, 01 Sep 2015 12:28:45 GMT HTTP/1.1 200 OK
Vary: Accept-Encoding,Cookie Content-type: text/html
Server: cloudflare-nginx
CF-RAY: 21f107aae1290a90-LHR <h1>Hello World!<h1>
The first line includes the status code for the After pressing
response. 200 means that the server has processed
the response correctly; anything else is an error code.
Return on the final line,
hit Ctrl+C to kill the
“The manual approach to HTTP
404 (content not found) is the most famous HTTP TCP connection, and can be useful for debugging
error code, but there are others. Much of the rest of
the response header gives details about how the page
this will let the browser
know that the full page
errors in web servers.”
was served by the server. Below this, you’ll see the has loaded so it can be
content of the web page. Note that a single request rendered.
will only receive a single response so it’s up to the web This manual approach to HTTP isn’t just an
browser to make additional requests for images, CSS, academic exercise: it can also be useful for debugging
scripts, etc. errors in web servers. Going down this route, you have
much more visibility of what’s going on, and subtle
Switching roles errors can be more obvious.
Let’s flip sides now and take a look at what it takes to There are lots more bits that can be used in HTTP
create a HTTP server. This time, we’ll use nc to listen (most notably compression and encryption), but at its
on a particular port and respond to a request from a heart, it’s a simple text-based protocol. While this was
web browser. When we requested a web page, we a big advantage when small amounts of data were
requested it from port 80, since that’s the port that’s being sent over networks, these days there are
usually used for HTTP. However, it’s possible that libraries to handle all the complexity and large
something’s already serving HTTP through port 80 on amounts of documents being sent. The initial trade
your machine and only one program can use a port at off of simplicity over performance is no longer seen as
a time. Just to be safe, we’ll serve our HTTP on port a good option. The latest version of the protocol,
1500, though you can use a different port if you wish. HTTP 2, is more complex and binary rather than
You can start Netcat listening on this port with the -l text-based. Simple clients and servers like the ones
flag to listen and -p1500 to set the port: we’ve used here won’t work with HTTP 2, although
nc -l -p 1500 similar things will still be happening at a lower level.
This won’t do anything until we request content. With the adoption of HTTP 2, a little bit of the
You can do this by pointing your browser to http:// readability of the web is dying, so have a chat with a
localhost:1500. The colon 1500 tells the browser web browser or server while you still can.
www.linuxvoice.com 89
� CODING SMALLTALK
SMALLTALK: THE ORIGINAL
TUTORIAL
OBJECT-ORIENTED LANGUAGE
JULIET KEMP
Meet the grandfather of the Scratch visual programming language
and remember – everything is an object.
S
malltalk, famously, was the result of a bet. Alan object-orientation as being a way of scaling things
Kay, working at Xerox PARC in the early 70s, easily: if everything is an object, you can easily create
had been thinking about Simula (the first whole virtual machines engaging with one another
object-oriented language, created for doing via messages. Kay has described objects as “real
simulations, and itself based on ALGOL 60), FLEX, and computers all the way down”, able to represent
LISP. He’d been constructing the basic ideas behind anything at any point.
Smalltalk for a while, but hadn’t actually gotten into Smalltalk stayed inside PARC for the rest of
implementing it. Kay asserted, in a discussion with the decade, evolving over the years to include a
Dan Ingalls and Ted Kaehler, that you could define “the development environment, enabling the coder to
most powerful language in the world” in “a page of browse code libraries (included in Smalltalk-76) and
code” (about the same as McCarthy’s self-describing inspect objects. This was a brand-new idea, and it
LISP interpreter). They challenged him to prove it. Kay was dependent on the existence of a GUI (graphical
set to work, from 4am to 8am daily for the next couple user interface). The Xerox PARC team had created a
of weeks. During the second week, a working version, GUI for the Xerox Alto in 1973. The majority of modern
Smalltalk 71, had emerged. And a few days after that, GUIs derive from this; and it meant that Smalltalk
Dan Ingalls had coded it up in BASIC and had it could have a visual IDE in an era when coding was
working, albeit very, very slowly; and from there, they otherwise strictly text-based. Dan Ingalls was centrally
just kept going. involved in this development of Smalltalk into a usable
The idea of message-passing is fundamental to language with a good user interface, and Alan Kay
the concept of object-oriented programming; and has written a fantastic and detailed article on its early
Smalltalk was really the first general OO language history (http://gagne.homedns.org/~tgagne/contrib/
(Simula was quite specialised), and certainly the EarlyHistoryST.html).
first popular one. In Smalltalk, everything, and I really Early projects included a text editor (which could
do mean everything is an object, and the only way also handle multimedia); data retrieval; music
to engage with an object is to exchange messages synthesiser; score capturing; and animations.
with it. (Kay, in fact, felt that the message-passing Smalltalk could do pretty much anything.
aspect was more important than the object aspect.)
Everything is of the same fundamental type, and Smalltalk in the wild
Alan Kay with a Dynabook everything communicates in the same fundamental The first Smalltalk to escape into the wider world was
mockup (image CC-BY 2.0, way. You can’t reach in and change things; you have Smalltalk-80, which was given out for implementation
Magnus Manske). to message them. It’s an elegant idea. Kay saw on non-Xerox platforms, and to get some more
feedback. An image was released more widely in
1983. After that, various versions went off in slightly
different directions. We’ll be using Squeak, an open-
source implementation derived from Smalltalk-80
version 1, firstly by a group at Apple (who produced
Apple Smalltalk), and then by the same group at Walt
Disney Imagineering. Kay has been a contributor to
the project.
It’s worth noting that Kay is on record as saying
that he thinks Smalltalk to some extent got stuck
in 1972 when they had a helpful working system at
just the point when it was most needed. He says
that improvements after that were pragmatic ones,
whereas when he was initially thinking theoretically
about Smalltalk there were many other ideas that
were abandoned. He says he doesn’t much rate any
modern language including Smalltalk; in particular,
he is disappointed that the perfectly-scaling virtual
90 www.linuxvoice.com
� SMALLTALK CODING
Kay and the Dynabook
There were a lot of ideas flying around at you can write apps for Android or iOS, but
Xerox PARC in the 70s, and Alan Kay was you have to do it on a ‘proper’ computer and
involved with many of them. One idea I found upload; you can’t fiddle directly with the code
particularly fascinating was the Dynabook: that you’re running on the device itself. Kay,
Kay’s version of the iPad, but in 1972. His in a 2010 interview (www.tomshardware.
paper is available online (www.mprove.de/ com/news/alan-kay-steve-jobs-ipad-
diplom/gui/kay72.html) and well worth a iphone,10209.html), talks a bit about this
read, but basically what he was describing and about how he feels it misses what’s
was a portable interactive device with a special about computers as tools.
network connection, which could be used Kay at one point in his paper says: “On
for writing, reading, sharing, playing games, the other hand, the computer also aids in
coding, and (most importantly for Kay) the formation of skills concerning ‘thinking’:
learning. Kay’s description of adults using strategies and tactics, planning, observation
his imagined Dynabook is intimately familiar of casual chains, debugging and refinement,
Alan Kay circa 1974 – copyright Alan Kay. -
to a 2015 owner of a smartphone or tablet. etc. Rarely does a child have a chance to
And lots of the ideas around touchscreens practice these skills in an environment that
and GUIs in use today arose from the same is patient, covert and fun!”. At their best,
internet of machine objects he was thinking of back
research projects. The Dynabook, sadly, tablets do provide exactly that for children
then never arose. never made it to development as described. (and adults!); and they’re not passive in the
The big difference – and it is an important way that TV, for example, can be. But Kay
Hello World one – between the Dynabook and a modern was right that more ability to engage directly
You may be able to install Squeak via your package tablet is that Kay described a machine that with the code would be a big improvement.
was fundamentally programmable by the You can at least get Squeak and eToys on
manager if you want to try it out, but we found it
user. Modern tablets don’t offer that. Sure, tablets now, so perhaps there is hope yet.
easier to download the all-in-one Zip file from the
website. (Debian has the squeak-vm package
available, but you need to download a Squeak image You can edit the button label by right-clicking and
from somewhere anyway to use that, and when we choosing “Change label”; you’ll see that there are also
tried it, it wanted sources too.) Unzip it, go into the other options available.
new directory, and run ./squeak.sh.
The Squeak IDE will appear: a blank screen with a Creating a to-do list
few coloured tabs around the edges and some menus We’re going to start writing a basic to-do list now, to
up top. First, create a new project, with the Projects > try out some more features of Squeak. Open up a new
New Project > Morphic Project menu option. For now, Morphic project and put this code into the Workspace:
click anywhere on the window to get a World menu. | todoList item |
Choose Workspace, then Transcript. You now have a todoList := OrderedCollection new.
Workspace window, in which you can write code, and item := ‘Finish article’.
a Transcript window in which code results and errors todoList add: item.
will appear. Transcript show: (todoList at: 1).
Type this in the Workspace window: This creates an OrderedCollection, adds a string to Hello World! There’s also
Transcript show: ‘Hello World’. it, and outputs that string to the Transcript window. a System Browser window
Squeak commands end with a full stop; use single The first line declares two temporary variables, open in the Squeak IDE.
quotes not double, as double quotes in Squeak are
used to surround comments. Right-click, choose ‘do
it’, and you’ll see the output in the Transcript window.
This demonstrates basic Squeak syntax: object
message. Here, Transcript is the object, and show:
‘Hello World’ is the message, which in this case is a
method, show, and a string argument.
Let’s try using the Objects tab to edit a button. Click
on Objects, and drag a Button onto your workspace.
Middle-click to get the halo of actions around it, and
click on the light green one. This shows the script for
this button. Click on the little square to toggle from
‘tile’ mode to ‘text’ mode, and edit the code to read:
button
Transcript show: ‘Hello World’.
Right-click and choose ‘accept’, then clicking the
button and Hello World will show in the Transcript
window. Note that you can’t revert to tile mode
without losing these changes (tile mode is more
limited than text mode).
www.linuxvoice.com 91
� CODING SMALLTALK
You can also add a comment (good practice!).
We’ve created a subclass of BorderedMorph (morphs
are graphical objects used in the Morphic graphics
system), and named it ToDoList. We’ve also added a
mouseAction instance variable (that is, a variable that
exists in each instance of the class), which allows us
to have class methods that react to mouse actions.
Right-click and click on ‘accept’ to save the changes.
Now create a method to initialise the list. Highlight
the new class, then click on ‘all’ in the next window
along. This gives you a method outline. Replace it with
this:
initialize
| item item2 |
super initialize.
itemTextList := OrderedCollection new.
itemList := OrderedCollection new.
item := ‘First thing to do’.
item2 := ‘Second thing to do’.
Trying out code in the
todoList and item. Other than that, it’s pretty itemTextList add: item; add: item2.
Workspace, and using
the System Browser for straightforward; notice that OrderedCollection is This sets up our object. The first line declares two
information. Note the indexed from 1, not from 0. To find out more about the local variables, and the second calls up to the parent
errors showing up in OrderedCollection methods, or about any other class, initialize method (almost always a good idea). We
Transcript from previous click on the workspace and open a browser to see all then set up two OrderedCollections, one to hold
tries. the available classes. You can right-click to search. a text representation of the list, and the second to
However, a better idea is to create a new class to hold the list items as objects. When you save, you’ll
hold our to do list. Open up the System Browser to need to declare these as instances. We then create
see all the available Squeak classes. Right-click on the two strings and add them to the text list (this is for
category pane (far left), and choose ‘Add item’. Name demonstration purposes and would come out in later
PRO TIP your new category (eg ToDo) and hit Accept. The stages of developing this code).
Xerox PARC, and other category is now in the list, but without any members. Next, let’s create an ‘item’ class, ToDoItem, to
ARPA-funded research The template in the bottom pane is the class editing present our items, in the same way as we created
institutions at the
time, had an impact on pane. This template describes a method that sends ToDoList:
some hugely important a subclass message to the Object class, with the SimpleButtonMorph subclass: #ToDoItem
computing developments. parameter #NameOfSubclass. This tells the Object instanceVariableNames: ‘mouseAction cellHeight’
(ARPANET was one of the
precursors of the internet, class to create a new subclass of itself with that classVariableNames: ‘’
and developed TCP/IP.) name. You can also subclass other classes if you poolDictionaries: ‘’
want to be more specific. Edit the template like this: category: ‘ToDoList’
BorderedMorph subclass: #ToDoList We also need an initialise method for this class:
instanceVariableNames: ‘mouseAction’ initialize
classVariableNames: ‘’ super initialize.
poolDictionaries: ‘’ self label: ‘’.
category: ‘ToDoList’ self borderWidth: 5.
The Squeak IDE
Smalltalk pretty much invented the IDE, so it’s not two are sometimes swapped, so experiment.
surprising that Squeak is an IDE-only language. When you start a new project, you’ll see various
(You can run ‘headless’ servers for some Smalltalk tabs on the screen edges. The Objects tab gives
versions, and it is possible to hack a Squeak image you objects (like buttons and arrows) that you can
to use from the command line, but the default drag into the screen; Tools, Widgets, and Supplies
image doesn’t allow it.) Compared to modern are specific Object subsets, which, again, can all be
IDEs, it can look and feel a little clunky, but the dragged onto the screen to instantiate them. Right-
functionality works fine. click and choosing ‘inspect’ or ‘explore’ on a new
Squeak assume that you have a three-button object will show you information about it, including
mouse, and will map key combinations as a code window at the bottom where you can try
necessary to fake this if you don’t. Left-click is used out code. This tutorial will focus on coding using
for selecting, and if you left-click on the workspace the System Browser, which enables you to add
you get a global menu. Right-click usually brings up classes and code in a more flexible (and likely more
an options menu, and middle-click (try Alt+click or familiar) way; but it’s possible to do a lot using the
Ctrl+click if you don’t have a middle button) brings Morphic graphics system, and it’s worth playing
up the ‘halo’ of buttons around an object; but these around a bit with it. The Squeak window, with the Object tab open.
92 www.linuxvoice.com
� SMALLTALK CODING
self width: 50.
self height: self cellHeight.
color := Color paleBlue.
self useSquareCorners.
Most of these methods belong to the parent class,
SimpleButtonMorph, and you can find out more
about them using the System Browser. However,
if you try to save this, you’ll get an error telling you
that Squeak doesn’t know about cellHeight. Choose
‘declare instance’ to declare this as an instance
variable, then add another new method:
cellHeight:
^50.
^value means ‘return value’. This is the
recommended way to deal with instance variables
in Squeak: create a class method to return them. It
would be a good idea to deal with the hard-coded
values for borderWidth and width similarly.
So far, we have no connection between ToDoItem
and ToDoList. Let’s go back to ToDoList and create a
List showing in top
method to fix that: setLabel has a single argument (message), and
left; note debug lines
createList uses this to set its label. It also resets the cell height in Transcript window.
| origin | as otherwise it will rescale to fit the label, and we want Squeak also has a proper
origin := 50. our cells to stack up neatly so they need to be the debugger.
itemTextList same height.
doWithIndex: [:each :i | Finally, we need a method to show the list in the
| itemCell | workspace, again in ToDoList:
itemCell := ToDoItem new. showList
itemCell setLabel: each. itemList do: [:each | each openInWorld ].
itemCell position: origin @ (origin * i). This uses do to iterate over each item in the list and
itemList add: itemCell. ] show it in the workspace using openInWorld; the code
This uses one of the standard methods for indexed structure is the same as doWithIndex.
collections, doWithIndex. It iterates over the collection, To create and show the list automatically, add a
returning each item and its index one by one (there’s couple of lines to ToDoList initialize:
also do, which just iterates over any collection without initialize
an index), and then applies the code within square ... code as before ...
brackets to each item in turn. self createList.
In the bracketed code block, we first deal with the self showList.
two variables which doWithIndex returns on each Try running it in the workspace with these lines:
iteration, labelling them [:each :i]. This section of | myList |
the code block is divided from the actual performed myList := ToDoList new.
code by a pipe (|). The first line of performed code As ever, this is just a starter, to give you the idea of
creates a new local variable, itemCell, which is a how Smalltalk works. There’s a lot more you could do
new ToDoItem. We then use each (the text returned with this project, if you want to experiment more, such
by the iterator) as the cell label, and use the index as:
to set the position. position refers to the top-left Add a mouse action to the list cells.
corner of the morph, and x @ y gives a point that is Write a method to add a new list item.
x pixels along and y down from the top-left corner of Write methods to edit and delete list items.
the whole Squeak workspace. Here we use a fixed Find out how to store the list between invocations.
value (50) to shift the list to the right, and then that Check out the excellent Squeak By Example
fixed value multiplied by the index to stack the items (available free online or as a download) for more
underneath one another. This must be the same value information on Squeak code, which could help you
as cellHeight to work properly; try editing the code to with all of the above. And if you have kids, or even if
use that value explicitly.) Finally, we add the cell to the you don’t, you can check out Etoys or Scratch, both
OrderedCollection of item objects. Smalltalk-based coding projects aimed at children.
We haven’t yet written the setLabel method in (Even two- or three-year-olds can engage with Scratch
ToDoItem. Here it is: on a tablet.) Morph on…
setLabel: text
self label: text. Juliet Kemp is a scary polymath, and is the author of
Apress’s Linux System Administration Recipes.
self height: self cellHeight.
www.linuxvoice.com 93
� CORETECHNOLOGY
CORE
Valentine Sinitsyn develops
high-loaded services and
teaches students completely
unrelated subjects. He also has
a KDE developer account that
TECHNOLOGY
he’s never really used. Prise the back off Linux and find out what really makes it tick.
Network tunnelling
Establish ad-hoc secure connections over untrusted networks with OpenSSH.
“I
nternet of Things” is your new compromised. It is also ubiquitous, and all data to remote party. So, the CRM guys
smartphone: first a toy, then a you’ll hardly find a Linux box without the generated a pair of keys and we set up a key-
convenience, and finally a necessity. sshd daemon running. based authentication (see the boxout). Then
Imagine one day you go to work and realise the customer’s administrator forwarded all
you forgot to turn the iron off. With an Down the rabbit hole SSH traffic from his NAT firewall/router to
old-style appliance, that’s a problem. With a Some years ago, I worked for a company the PBX box. Finally, the CRM box made an
smart one, you just Telnet into it from your developing a small office PBX solution. SSH connection to the PBX box, and the
smartphone and tell it to switch off. Brilliant! Naturally, we used Linux and Asterisk as a CRM software connected to a local TCP port
Well, not exactly, if the guy next to you base. The PBX was usually installed behind thinking that Asterisk was listening there. In
can switch your iron back on from his the firewall, and the Asterisk Management fact, Asterisk was running 1,000 miles away,
smartphone. And that’s essentially what Interface (AMI) socket was not accessible but it was happy to accept that the client
network tunnelling is all about. You want from the outside. However, one of our connections came from the localhost.
your internal hosts (not necessary irons!) customers used a cloud CRM solution, and There are several things to note in
accessible over public networks, but still he wanted some sort of Asterisk integration this setup. First, the port opened in the
private. There are numerous ways to get via AMI. customer’s firewall wasn’t 22/tcp. This
this in Linux. We’ll stick to OpenSSH, and That was a good use case for SSH port helps to keep away bots that scan common
for a good reason. SSH is strong enough forwarding. Port forwarding is a way to bind services like SSH, trying to brute-force
for you not to worry about privacy being SSH to a local port that securely forwards them. It’s harmless unless you use weak
passwords (you shouldn’t), but creates noise
sshd in the logs. So, forwarding a non-standard
port is a somewhat standard trick; you can
ssh -L 192.168.1.22:5038:192.168.2.2:5038 also consider tools like fail2ban to harden
Encrypted SSH channel things even further. Second, only one port
was forwarded on the firewall, but it gave the
CRM box the potential to access the whole
of the customer’s network. Sometimes you
Local network traffic
192.168.1.22:5038
Local network traffic
want just that, but in our case that was a
192.168.2.1 mostly negative side-effect.
A key to this type of “point-to-point”
tunnelling is the -L switch. A typical
invocation looks like this:
$ ssh -L 5038:127.0.0.1:5038 -f -N ssh.box
No root permissions are required unless
you bind to a privileged port. The first
number is a port to bind at the local side,
192.168.1.23 followed by the remote host’s address and
port. Note that ports do not need to be the
192.168.2.2:5038 same: -L 5555:127.0.0.1:5038 would work
fine, too.
You can also specify the local IP address
Two SSH boxes act like intermediaries for machines wanting a secure point-to-point connection. to bind to: -L 192.168.1.22:5038:127.0.
94 www.linuxvoice.com
� CORETECHNOLOGY
0.1:5038. This can be useful on a multi-
homed machine, or if you’d like to share a
tunnel with another box on a local network.
Alternatively, you can leave out the bind
address and use the -g command line
switch. In the example above, if the box
next to you (say, 192.168.1.23) connects to SOCKS Client Proxy
192.168.1.22:5038, it will be really speaking (192.168.1.2) (192.168.1.1.5.6.7.8)
to `ssh.box:5038` over a secure channel. CONNECT 1.2.3.4:21
Naturally, you’ll need to allow incoming
connections from the local network OK, use 192.168.1.1:10000 Allocate port 10000,
to 192.168.1.22, port 5038/tcp, in the connect to 1.2.3.4:21
system’s firewall first. ...FTP commands...
Finally, you can play the same trick
at the remote side. Say, if you use -L
Internet
5038:192.168.2.2:5038, SSH will forward
your connections to host 192.168.2.2, port
5038/tcp, over the remote network. With
all four pieces in place, you can easily build
a point-to-point tunnel between two hosts,
using SSH boxes as intermediates. PORT 5.6.7.8:10001
The -f and -N flags are popular
companions to -L. The former tells SSH ...FTP data...
to fork and release the terminal. The
latter prevents it from executing remote
commands, so you can use a shell-less An artificial SOCKS-proxied FTP session. SOCKS messages are in black, FTP messages are in green.
account to forward ports.
This is how you create a tunnel between chooses one and replies, then the It can also work another way around
two endpoints known a priori. But what if you authentication process occurs. In simplest with a BIND request. In this case, the
want to decide on remote party “in flight”? case, no authentication is performed. Note client informs the proxy which address
that there is also no built-in encryption. and port it will listen on. The proxy replies
Knitting socks Next, the client normally sends a with the address and port that the client
In the preceding example, sshd was CONNECT request. It specifies the should advertise to the remote party. All
effectively running as a proxy. So if there destination address (IPv4/IPv6 or even a traffic coming from the outside to a proxy-
were a way to proxy an arbitrary TCP domain name like www.linuxvoice.com) and allocated port is relayed to the client. This
connection, we’d be all set. TCP port that the client wants to connect way, SOCKS can support active-mode FTP
One solution is known as SOCKS (short through the proxy. SOCKS v5 adds UDP and alike.
for SOCK-et-S), and moreover, it’s an internet support, but won’t touch it. Then, the proxy Many popular clients applications,
standard. connects to this endpoint. If it succeeds, including the Firefox web browser (and, with
SOCKS proxies usually listen on port the client receives the reply saying which IP minor issues, Chromium), the Thunderbird
1080/tcp. A client opens a connection to address and port should be used to talk to email client, the Pidgin IM client and many
this port and sends a handshake message the desired server. Now, all traffic coming others, already come with SOCKS support.
containing the list of authentication to the proxy-allocated port is relayed to the It is also quite easy to find an anonymous
methods that it supports. The proxy remote party. SOCKS proxy in any location around the
globe. Many websites provide up-to-date
anonymous proxy lists either gratis or for
Password-less SSH
a subscription fee. You may use them to
In the simplest case, SSH uses password-based probably cat ~/.ssh/id_rsa.pub | ssh remoteuser@ improve privacy (albeit Tor would probably
authentication. However, it’s neither convenient hostname ‘cat >> ~/.ssh/authorized_keys’. Close do better) or to circumvent government/
nor very secure. Key-based authentication is the SSH session and try again - you should now
organisational restrictions, eg to access a
often a better approach. With it, your private key connect without any password prompt. If this fails,
is your identity, and you can have as many of check that the keypair files and ~/.ssh/authorized_ resource that is otherwise unavailable where
them as you want. Private keys are usually also keys have the correct permissions. The private key you are. (The legal consequences of doing
passphrase-protected, but there are workarounds should be only owner-readable, and neither file this are always on you.)
(see Command of the Month), so you can enjoy a should be group writable. Other programs may not come with
pure password-less authentication. If you have multiple identities, use ssh -i to
SOCKS support built-in. But the trick is that
First, run ssh-keygen -t rsa to generate an SSH choose the correct one. Alternatively, add this:
keypair. If you already have a default identity (~/. Host hostname
SOCKS maps well to socket API functions
ssh/id_rsa), add the -f switch to store the new User remoteuser (LV006). For example, CONNECT is
keypair under a different name. IdentityFile ~/.ssh/id_rsa_remoteuser connect(3) and BIND is bind(3). So you can
Now, transfer the *public* key to the host you to ~/.ssh/config. Now, plain ssh hostname should override these functions with their SOCKS-
are going to connect to. The simplest way is suffice.
aware counterparts via the LD_PRELOAD
www.linuxvoice.com 95
� CORETECHNOLOGY
that this is the case, run tshark or any other
sniffer of your liking and try to open a web
page. If all you see are encrypted packets
between you and the remote SSH box,
everything is fine. Occasional DNS requests
mean that Remote DNS is probably off.
This way, you can regain your privacy over
an insecure connection. But even if you are
on a trusted network, there are times you
may want to access intranet resources like
your company wiki, which are not available
from the outside. Usually, field workers use
VPNs for these purposes (and we’ll also
discuss it shortly). But if you can SSH into
your office box (running Linux – what else?),
you already have all you need.
When you’re done with the tunnel, use kill
With SSH escape sequences, you can destroy port forwardings and create new ones at run time. $(pidof ssh) to terminate it.
trick we discussed back in LV018. Dante that there is no SOCKS-level authentication Ad-hoc VPN
(www.inet.no/dante), which is a free (as in SSH. Unless you want to share the tunnel Linux has plenty of VPN solutions.
in speech) SOCKS server and client library with nearby machines (which is unlikely), A de facto standard is probably OpenVPN
implementation for Unix, comes with the bind to 127.0.0.1 and make sure it’s properly (www.openvpn.net), which is easy to deploy,
socksify script, which works just this way. firewalled. works well across NATs and is, of course,
It should be available in your distribution’s You can combine our old friends -f and -N, free. However you must still have it installed
repositories as dante or dante-client. When with -D the same way you do for -L. Given and configured at both sides before using.
it’s installed, try: all of these, a typical command line can look Generally, this is not a problem, but
$ SOCKS_SERVER=<address:port> socksify wget like this: sometimes you may want an ad hoc VPN
<url> $ ssh -f -N -D 127.0.0.1:1080 ssh.box without any additional software. For these
wget doesn’t support SOCKS natively, but Now let’s make our client applications cases, it’s good to know that OpenSSH also
this request should go via the SOCKS proxy use the tunnel. In Firefox and Thunderbird, has built-in VPN capabilities.
specified. navigate to Edit > Preferences > Advanced, This works by creating TUN/TAP
choose Network (or Network & Disk Space network interfaces on both sides of an SSH
Dynamic port forwarding in Thunderbird) and open Connection connection. TUN/TAP interfaces are virtual
Imagine you’re on a public Wi-Fi devices designed for userspace
hotspot. Such networks are usually
unencrypted, so anyone with the
“You may just be reading the news, networking; TUN is useful for IP
TUNnelling, while TAP works with
wit to use Kismet can sniff your but why tolerate a stranger looking raw Ethernet frames. Both use
traffic. You may think HTTPS
protects you, and it’s certainly true,
over your shoulder?” /dev/net/tun device: what you write
to it appears as an IP datagram in
but there are nuances. First, it tunX virtual network interface, and
doesn’t cover DNS requests. This means Settings. You should see the dialog shown vice versa. To make the ssh command open
anyone can know which sites you are in the screenshot, right. Switch to Manual a TUN/TAP device, use the -w command-line
visiting, and it’s bad for privacy. You may be Proxy Configuration, fill in the “SOCKS switch. The exact type of the device depends
just skimming news, but why tolerate a Host” with 127.0.0.1 and “Port” with 1080.
stranger reading over your shoulder? Leave the SOCKS v5 Switch option as it
A secret control panel
Again, Linux comes with the solution. is, and ensure the other proxy fields are
OpenSSH can act as a SOCKS v5 proxy, empty. Newer Firefox releases will also have Now you’d probably agree that OpenSSH has
many hidden gems. There is one more for you:
albeit feature-limited: it provides no “Remote DNS” checkbox in this dialog. Turn
escape sequences.
authentication and implements the it on, or your DNS traffic will go outside the Sometimes, an SSH session just hangs and
CONNECT method only. However, since it tunnel unencrypted (not what you want). Ctrl+C doesn’t help. When this happens, press
uses the SSH channel as a transport, it’s With Thunderbird, or older Firefox versions, Enter then type ~.. This will force a disconnect.
automatically encrypted and secure. open the Config Editor (also known as Typing ~? brings the list of supported
escape sequences. You can move SSH to the
To enable it, simply add the -D switch to about:config) and make sure ‘network.proxy.
background if you forgot the -f flag with ~^Z
the ssh command line. Officially, this feature socks_remote_dns’ is set to true. If you find or list currently forwarded connections (~#),
is called “dynamic application-level port yourself changing these settings too often, among other things. ~C opens a command line
forwarding”, so the abbreviation does make consider using one of the proxy switching where you can create new port forwards or
sense. You should also specify a port that add-ons available for Firefox. cancel current ones. The syntax is similar to
SSH itself, eg -D [bind address]:port, and you
the proxy will listen on, and (optionally) the Now you should have all your web traffic
can get a full reference with the help command.
local address it should bind to. Remember forwarded through the tunnel. To check
96 www.linuxvoice.com
� CORETECHNOLOGY
on the TunnelDevice configuration option.
For simplicity, we’ll stick to TUN, which is
the default and should work well unless you
want broadcasting or non-IP protocols. -w
accepts the interface number to create on
the local, and (optionally) the remote side;
use any if you don’t care. On the server side,
set PermitTunnel to yes in sshd_config
and make sure the user you connect as can
create TUN devices (see tunctl(8)).
To make the setup usable, you’ll also need
to configure IP addresses at both sides. This
means the -N switch is no longer suitable.
Also, as network configuration is a privileged
operation, you’ll need sudo (or similar) on
both parties. A typical command to create
an SSH-based VPN would then be:
ssh -w 0:0 -f \
-o PermitLocalCommand=yes \
-o LocalCommand=’sudo ip addr add
192.168.2.1/24 peer 192.168.2.2 dev tun0; sudo ip
link set up dev tun0’ \
user@ssh.box \
‘sudo ip addr add 192.168.2.2/24 peer 192.168.2.1
dev tun0; sudo ip link set up dev tun0’
We request tunnel device (tun0)
forwarding with -w. For this to succeed,
the tun kernel module must be loaded, and
the tun0 device shouldn’t be up at either
side. Then we override two configuration
options (PermitLocalCommand and
LocalCommand), so ssh will execute the
ip command locally upon successful
connection. This is to configure the local
tun0 interface. user@ssh.box is just a
stub; you should use real user/host name
here. Finally, a similar ip invocation occurs
at the remote side to configure the tun0
device there. TUN interfaces are assigned You may need to use the Config Editor when using Mozilla-based products with a SOCKS proxy.
addresses from the 192.168.2.0/24
network (which was chosen arbitrarily).
You may also want to add routes to similar to what we had in SOCKS case. accessing the internet through the remote
make a remote network accessible from The difference is that now there are no network, while VPNs are designed for giving
your place via OpenSSH VPN. This sounds intermediates. SOCKS works best for access to the remote network itself.
Command of the month: ssh-agent
Typing a private key passphrase each time -c or -t switches are used. These enable the beginning of a user session, from the
is annoying and undermines the very idea of confirmations and key storage timeout, xinitrc or bash_login scripts. It prints shell
password-less logins. On the other hand, respectively. To list keys (or identities) known commands to set up the environment,
ditching passphrases altogether hurts to the agent, use ssh-add -L. which are evaled. Alternatively, ssh-agent
security. ssh-agent is a small program that ssh-agent` creates a Unix domain socket can run as a session’s parent, so the
tries to resolve this. It stores your private and stores its path in the SSH_AUTH_SOCK variables are inherited.
keys in memory and services related environment variable. The socket file has With ssh -A, you can forward a local agent
operations (like signing) on ssh’s behalf. strict permissions, so only the user executed to a remote host. This is convenient (if you
You add keys manually with ssh-add, ssh-agent can access it. Later, ssh connects make a multi-hop connection) yet insecure,
which of course asks you for the passphrase. to this socket and requests the agent’s as agent forwarding creates a Unix socket
However, it does this only once unless the services. ssh-agent is usually started at on intermediate boxes.
www.linuxvoice.com 97
� /DEV/RANDOM/
Final thoughts, musings and reflections
Nick Veitch
was the original editor
of Linux Format, a
role he played until he
got bored and went
to work at Canonical
instead. Splitter!
Dell XPS 13
A pile of TPMs for Grub
W
development work
hich is more popular – Opera or
Firefox? It seems like a dumb
question. Opera all but disappeared
from the discerning desktop quite some time
ago after all, and Firefox is the browser app of
choice on the desktop of the cognoscenti. Well,
apart from those who use Chrome. And possibly
excepting the people who run something other
than Linux on their desktop. In fact, our Linux-
centric world view is at odds with the rest of
humanity.
Company branded pint
But it turns out that actually, our desktop- glass (US pint)
centric world view is at odds with humanity.
Mobile phones are the number one method by A Minnowboard Max for
which people access the web – in many parts of firmware development
the world, the cellphone network is much more
reliable and a whole lot cheaper than the
alternatives. Google recently revealed that it
serves up more search results to mobile users
than desktop users. Now you aren’t so confident My Linux Setup Matthew Garrett
in your assumptions, are you…
But never mind. it probably doesn’t matter. As CoreOS employee, security expert and FSF board member, now
it turns out, thanks to the popularity of mobile internet famous in Linux Voice.
usage, the world wide web isn’t as relevant
anyway. Who wants to browse eBay or Facebook What version of Linux are you replaced with the then just-frozen Debian
or Amazon in the browser when there is a special currently using? Slink, and everything went downhill after
(faster) app to do it? The internet may be more Fedora 22. I’ve been using Fedora that.
relevant than ever, but web browsers are not. since shortly before I started
Does it matter? Maybe. And probably to more working at Red Hat: it’s still not annoyed What Free Software/open source
folks than the ones working at Mozilla and me enough to switch. can’t you live without?
Opera. At least the WWW is a fairly transparent, Tough one. Let’s say GCC, because
open and easily examinable protocol; who knows And what desktop do you we couldn’t have the rest without it
what those apps are really doing? currently use?
[Firefox is still way ahead of Opera by a factor Stock Gnome 3.16. What do other people love but
of at least five, but due to better mobile exposure you can’t get on with?
(there are other choices than Android or iPhone!) What was the first Linux setup Tiling window managers. Ugh..
the latter is doing a lot better than you may think, you ever used?
depending on what statistics you ingest (about Suse 5.2, in the middle of 1998. It
twice as well as it was doing 5 years ago).] lasted until Halloween when it got
98 www.linuxvoice.com
�Used with permission: Claudio Ferreia Filho http://cfnarede.com.br.
��