Plaintext
PROUDLY INDEPENDENT SINCE 2013
Raspberry Pi
Control a Pi with
an RFID chip
and a bit of
November 2016 www.linuxvoice.com Python
Stop the man from spying on you
– thanks to Free Software!
BURSTING
IRC Code a robot to shout into the void automatically WITH AWESOME
DOCKER Spin up container images on Linux the hard way
UBUNTU SNAPPY Finally, there’s one package format to rule them all
TUTORIALS!
YOU’VE COME A LONG WAY LINUX DISTRO
Nove mb e r 2016 £5.9 9 Pr inte d in the UK
LINUX EVERYWHERE ELEMENTARY OS
Linux isn’t just on servers Pretty isn’t just a feature
– it’s kicking arse in – it’s a way of life for
space and in science this superb system
OPENBSD › ARDOUR › WIRESHARK & MORE!
�The only Linux magazine available
as DRM-free PDFs and ePub
shop.linuxvoice.com
� ISSUE 32 WELCOME
FREE SOFTWARE AHEAD
The November issue What’s hot in LV#032
ANDREW GREGORY
I hated Gnome 3 when it first
came out, but it’s matured into a
really nice desktop. Looking into
the useability testing, I can now
see that this is the result of hard
work, not just random chance.
BEN EVERARD p32
Long-term Linux user and
best-selling author Ben is GRAHAM MORRISON
usually found knee-deep in Mike’s IRC tutorial has inspired
either Python code or a me to take on a new project
tangle of wires. using a bot to link IRC servers up
to a synthesiser. Whatever is the
W
most typed letter (A–G) each
e are the generation that will get to decide what digital beat, it’ll play.
privacy is. Whatever laws are passed or whatever norms p84
are established in the next five to ten years will become
hard to deviate from in the future. If that means a complete erosion MIKE SAUNDERS
of any form of online privacy where your personal data is for sale to This month we look at Snappy
the highest bidder, then future generations will have to put up with and Docker: two container
that. If that means legal protections for our digital rights, then these technologies. I’m starting to
too will be hard to change even for large multinational corporations wonder if I should move with the
with huge war chests. times and add containers to my
Those of us who believe in digital privacy aren’t just campaigning own operating system, MikeOS.
p38 & 84
for our own rights, but those of all the digital citizens who will follow
us. It’s a matter of profound importance and we shouldn’t let it be
decided by those who seek to profit from it.
Ben Everard
Editor, Linux Voice
Linux Voice is different.
THE LINUX VOICE TEAM
Linux Voice is special. SUBSCRIBE
Editor Ben Everard
ben@linuxvoice.com Here’s why… ON PAGE 60
Deputy editor Andrew Gregory
1 At the end of each financial year we’ll
andrew@linuxvoice.com
give 50% of our profits to a selection of
Editor in hiding Graham Morrison organisations that support free
graham@linuxvoice.com software, decided by a vote among our
Editor at large Mike Saunders readers (that’s you).
mike@linuxvoice.com
Games editor Michel Loubet-Jambert 2 No later than nine months after first
michel@linuxvoice.com publication, we will relicense all of our
Creative director Stacey Black content under the Creative Commons
stacey@linuxvoice.com CC-BY-SA licence, so that old content
can still be useful, and can live on even
Malign puppetmaster Nick Veitch
after the magazine has come off the
nick@linuxvoice.com
shelves
Editorial contributors:
Vincent Mealing, Mark Crutch, Jim 3 We’re a small company, so we don’t
Hall, Renata Gegaj, Simon Phipps, Les have a board of directors or a bunch of
Pounder, Amit Saha, Mayank Sharma, shareholders in the City of London to
John Lane and Valentine Sinitsyn keep happy. The only people that matter
to us are the readers.
www.linuxvoice.com 3
� CONTENTS ISSUE 32 NOVEMBER 2016
Contents
CONTENTS ISSUE 32 NOVEMBER 2016
News
Regulars
Contents
Because you need to be prepared when the Internet of Things gains sentience.
Cover Feature
Because you need to be prepared when the Internet of Things gains sentience.
PC-BSD has become something different;
06
14
Vim 8 is finally upon us (after 10 years in
Regulars Cover Feature
PROTECT YOUR
development) and the Raspberry Pi has now
sold over 10 million units.
News 06
PRIVACY
PC-BSD
A new
Vim
has become something different; 08
Distrohopper
8 isrelease
finallyof Zonrin
upon OS is upon
us (after us, and
10 years in 14
PROTECT YOUR
once again, it’sand
development) an excellent introduction
the Raspberry Pi has nowto
Linuxover
sold for users of Other
10 million Systems. Plus we
units.
look fondly back on Rebecca Black OS…
PRIVACY
Distrohopper 08
Speak
A of Zonrin OS is upon us, and10
your brains
new release
Why we’re
once again,wrong,
it’s an why we’reintroduction
excellent awesome and to
what you
Linux think we
for users should
of Other do morePlus
Systems. of, plus
we
the now-obligatory
look fondly back onpriaseRebeccafor Black
Linux Mint.
OS…
Subscribe!
Speak your brains 12/62
10
Neverwe’re
Why misswrong,
another issue!
why Save
we’re moneyand
awesome on
shop prices!
what Getwe
you think LVshould
delivered to your
do more of,door/
plus
inbox
the every month! priase for Linux Mint.
now-obligatory
Online privacy needn’t be a contractiction in terms. Follow Ben Everard’s
FOSSPicks
Subscribe! 64
12/62 guide to privacy software on Linux and protect yourself from The Man.
We persuade
Never Graham
miss another to put
issue! his money
Save sythesizer
on
downprices!
shop for longGet
enough to test to
LV delivered some
yourofdoor/
the
finest every
inbox Free Software
month! that money can buy. If Interview
Online Feature
privacy needn’t be a contractiction in terms. Follow Ben Everard’s
it cost money, that is.
FOSSPicks 64 guide to privacy software on Linux and protect yourself from The Man.
Tech Graham to put his sythesizer94
Corepersuade
We
Find out
down forwhat
long makes
enoughyour Linux
to test somemachine
of the 40 22
tick with
finest a bona-fide
Free doctor
Software that – thiscan
money month,
buy. If Interview Feature
itit’scost
job money,
scheduling
thatwith
is. Cron and Anacron.
Geek Tech
Core Desktop 98
94
Rheumy-eyed
Find out what Nick
makespullyour
up Linux
his favourite
machine 40 22
chairwith
tick andatells us a story,
bona-fide doctorplus: there’s
– this Linux
month,
in them
it’s thar routers.
job scheduling with Cron and Anacron.
Geek Desktop 98
Rheumy-eyed Nick pull up his favourite
chair and tells us a story, plus: there’s Linux Rachel Roumeliotis Linux everywhere
SUBSCRIBE
in them thar routers. The puppetmaster in charge of OSCON Robots, rockets, sub-atomic particle accelerators – Linux is
ON PAGE 60 spills the beans on the move to London. everywhere, and it’s doing a grand job.
Rachel
FAQ Roumeliotis Linux
Group Test everywhere
SUBSCRIBE The puppetmaster in charge of OSCON Robots, rockets, sub-atomic particle accelerators – Linux is
ON PAGE 60 spills
Ubuntu theSnappy
beans on the move to 38
Packaging in Linux could be
London. everywhere,
Hosted storage serversand it’s doing
Why let Google Drive look after
54 a grand job.
better – let’s get behind the latest your precious cat videos when
FAQ
standard and unite the clans!
Group Test
you can do it yourself?
Ubuntu Snappy 38 Hosted storage SEC RETS OF NE54
servers XTCLOUD
26
4 Packaging in Linuxwww.linuxvoice.com
could be Why let Google Drive look after E
TUR N TO PAG
better – let’s get behind the latest your precious cat videos when
standard and unite the clans! you can do it yourself?
� ISSUE 32 NOVEMBER 2016 CONTENTS
Feature Tutorials
28
Kindle Fire 70
Replace the OS on Amazon’s budget device
to get a fully functional Linux tablet for
under £50. Massive win!
Ye Olde Linux
Delve into the archives to see what Linux used to look like – we’ve come a long way in 25 years.
Reviews
Raspberry Pi and RFID 74
Learn all about RFID key fobs (or cards)
Wireshark 46
that contain a small aerial and chip that can
wirelessly interact with readers.
Keep tabs on everything Docker 78
to do with your network Package a basic Python Flask application
(including files being – including all of its dependencies – into a
transferred over USB container image using the power of Docker.
keys) with the most
comprehensive network
analyser we know of.
Coding
OpenBSD 6.0 47 Elementary OS: Loki 48 Ardour 5.4 49
A Unix derivative for the security Custom apps, chosen for form This great audio editor is now
conscious – try it if your kitten and function, all wrapped up in a available for users Windows –
videos are ultra-precious. coherent look and feel. Finally! they were getting jealous of us…
Coding: IRC bots 84
Build a robots to provide updates on
services running on your machines.
Gaming on Linux 50 Books 52
A bumper crop this month of quirky physics, Still the best way to get information into your soft, Coding: Crystal 88
updated nostalgia, and Life Is Strange – a gripping spongy brain; at least, it is until they invent a way to Explore a general-purpose language that
story with twists and turns a-plenty. upload knowledge Matrix-style. has a syntax very similar to that of Ruby.
www.linuxvoice.com 5
� NEWS ANALYSIS
NEWSANALYSIS
The Linux Voice view on what’s going on in the world of Free Software.
Opinion
Not neutrality
The powers that be want to control how we access information – we need to fight back!
Simon Phipps
is ex-president of the Right now any actual or perceived crisis
Open Source Initiative
and a board member makes politicians think any measure
of the Open Rights
Group and of Open attacking net neutrality is acceptable
Source for America.
“net neutrality” according to a particulat There are no circumstances when it’s OK
definition of the term. for the traffic passed to me to differ from
The argument is important, but misses what was sent to me by the information
A
n important political debate about the most crucial dimension. Ultimately, the source at my request? Any interception and
technology concerns net neutrality. net neutrality debate serves corporate, not manipulation is a breach of net neutrality,
It’s a complicated concept that can citizen interests. There’s plenty of discussion and even if it’s permitted it should only be as
be interpreted in several ways. The key of preferential access to connection speeds an opt-in case.
question is about if, when and how internet and interception of traffic for commercial Why does the net neutrality discussion
service providers (including mobile) should purposes. But there’s a dimension of net not consider the kind that is actually critical
be permitted to prioritise traffic. Some say neutrality that’s far more significant. to democracy rather than just arbitration
that ISPs should be allowed to prioritise between commercial competitors? Part of
traffic according to their business priorities, Cui bono? the problem may be that any policy still has
creating for-fee fast lanes for certain kinds Would it be OK for a commercial provider to to respect the need for court orders and the
of traffic. Others say this prioritisiation intercept traffic, analyse it and insert like. That’s reasonable, but a proper policy
should be limited to certain classes of traffic, advertising for a commercial product at the would raise a high threshold of proof and
such as live video streams or emergency behest of a client? If not, why is it OK for a need for actions leading to loss of net
information, and that everything else should commercial provider to intercept traffic, neutrality. It would offer notification that
be treated the same. Others assert that analyse it and insert different content at the interception had occurred and offer recourse
every kind of traffic should get great service behest of a government agency? Would it be to have it removed. It would allow use of
but some kinds of traffic, such as partner OK for a commercial provider to identify all unfiltered sources, such as Google’s 8.8.8.8
content, should get even better service (yes, DNS requests and resolve them with the DNS, by those willing to accept the risk of
a marketing respin of an earlier argument!). address of the service most likely to pay legal consequences themselves.
Some say no traffic should ever be artificially them fees for the referral? If not, why would Right now any actual or perceived crisis
degraded or enhanced. it be OK for an ISP to intercept DNS requests makes politicians think any measure
Overlaid on all these arguments are and refuse to resolve addresses alleged to attacking net neutrality is acceptable, as
questions of capacity management, infringe a certain political or moral norm? there are no consequences for them of the
bandwidth caps, national interest, copyright That’s exactly what mandatory filtering is loss of freedom they cause all citizens (and
licensing and more. It is a profoundly about. Describing it as “for your benefit and not just the ones they want to target). A net
complex space, and I have heard parties protection” is no different to the language neutrality policy has to make it costly to
supporting every one of those classes of used to describe advertising – “we will send attack net freedoms. It’s time to push back
argument claim to be the ones supporting you great offers you’ll find interesting”. against mandatory filters, DNS interception,
Internet Connection Records and all the
Describing filtering as “for your benefit and other ill-advised mechanisms our
governments are proposing. If net neutrality
protection” is no different to the language is a principle that’s good enough for
used to describe advertising commercial interests, it’s one that applies to
citizen engagements as well.
6 www.linuxvoice.com
� ANALYSIS NEWS
10,000,000 Pis • Adobe Flash • Vim 8 • Powershell • PC-BSD • LibreOffice
CATCHUP Summarised: the biggest news
stories from the last month
Raspberry Pi breaks 10m Adobe Flash lives on in PC-BSD evolves into
1 sales point 2 Linux… sort-of 3 TrueOS
Even with our mighty Linux A few years ago, Adobe PC-BSD was an effort to
Voice crystal ball, we never would have decided to stop shipping standalone make FreeBSD more palatable on the
guessed that the Pi would become so Flash packages for Linux, but now the desktop, offering a shiny graphical
staggeringly popular. Sure, from the company has gone back on this (not installer and super-simple package
start it had all the right ingredients for that anybody missed it): “In the past, management system. But it’s no more
a great little hacking machine – cheap, we communicated that NPAPI Linux – future releases will appear under the
silent, no moving parts, and running releases would stop in 2017. This TrueOS brand. See www.trueos.org for
GNU/Linux – but ten million sales is is no longer the case, and once we all the details.
just mind-boggling. Of course, this have performed sufficient testing and
continues the Pi’s success as the most received community feedback, we will
popular British computer ever made. release both NPAPI and PPAPi Linux
Now, if only the Pi Zero were a bit easier builds with their major version numbers
to get hold of… in sync.” http://tinyurl.com/j8mp6wr.
Vim 8 released, after 10 92.3% of kernel PowerShell gets open
4 years in development 5 developers are 6 sourced and runs on Linux
In recent years, progress professionals Talking about Microsoft, how
on the Vim text editor/cult/way of life Back in the 1990s, people laughed about this for news: the company’s
appeared to have stalled. The codebase if you said there was money to be command line shell has now been
was seen as old and full of cruft, while made in developing free software. made open source and runs on Linux.
the new Neovim fork was doing all the But a recent statistic has shown that, That’s right, if you want to administer
cool work and removing ancient code. there’s plenty of dough in FOSS. Over your Debian box the Microsoft way (for
Many expected Neovim to become 92% of kernel developers are paid whatever reason), it’s possible. In a blog
the “standard”, but it encouraged the for their contributions – ie they work post, Jeffrey Snover from the company
Vim team to do major work on their for companies that base products talks about how Microsoft really does
own codebase, so now we have Vim or services on Linux, such as Red love Linux, and this is another example.
8. See www.vim.org for a link to the Hat. Only 7.7% are part-time hobbyist Read the full announcement on the
full announcement, and of course the contributors. So much for Linux being Microsoft Azure blog at http://tinyurl.
downloads for various platforms. “anti-American”, eh Microsoft? com/hvocafu.
LibreOffice Conference linuxscreenshots.org
7 held in Brno 8 closes its doors
Every year, the LibreOffice Want to see how Mageia
community gets together to discuss has been looking in recent releases?
progress in the project and plan new Struggling to remember the theme used
features. This year the event took place by Ubuntu 6.10? One great internet
in Brno, Czech Republic, with over resource for finding screenshots of
100 attendees from around the globe. Linux distribution screenshots was the
Many talks were given on development, aptly named linuxscreenshots.org.
marketing, translations, UI design and Sadly, this site has announced that it’s
other aspects of the project. closing its doors, but the maintainers
A full report will be posted on have made all images freely available.
http://blog.documentfoundation.org – Be warned, though – if you want to
keep an eye on it for news of upcoming download them all, you need almost
LibreOffice releases as well. 50GB of space on your hard drive!
www.linuxvoice.com 7
� DISTROHOPPER LINUX DISTROS
DISTROHOPPER
What’s hot and happening in the world of Linux distros (and BSD!).
Bedrock Linux
Addressing distro fragmentation.
W
ant a bit Arch, a bit of Ubuntu and
a bit of Gentoo in one distro?
That’s what Bedrock Linux aims
to do, not through new package managers
or virtual machines, but rather through the
use of a virtual filesystem arrangement
which enables the different distros’
programs to be installed and run alongside
one another. The distro is still highly
experimental and in heavy development, and
if its aims weren’t already ambitious enough,
Bedrock is written mostly from scratch, not
based on any existing distro.
Currently, while taming this multi-distro The bedrock one-distro solution to distro fragmentation has advantages, but it’s a bit messy.
distro is possible, it’s no easy feat. Installing
the distro is something that should not be rather to solve real issues further down the provided by Bedrock, but the solution it
attempted by regular users, with the process line when it has matured. The solution has provides is still not a wasted effort.
involving the compilation of the Bedrock significant advantages over using VMs given Distro fragmentation has been with Linux
userland from scratch, then installing other the lower overhead from distros interacting almost since its inception, and a variety of
distros individually. You can check out the directly, also overcoming some of the solutions have been proposed. With free
install instructions here: tinyurl.com/jjlupgj. complexities of using container layers. software adopting and forking different
Nevertheless, the project clearly states With the likes of Snappy, things are projects, even if the Bedrock solution does
that it’s “not intended as an academic moving in a direction where containers may not become widespread, it’s likely that it will
exercise or a purely research project,” but soon have a similar behaviour to that crop up in one form or another down the line.
Zorin OS
Making a big splash.
T
his distro has been one of little chance of an entry-level newcomer
Distrowatch’s fastest climbers in knowing what a “proprietary multimedia
recent months, having reached 8th codec” is. Not understanding why Flash
place on the website. So what’s all the fuss media isn’t playing on the browser would be Zorin is appealing to existing Linux users,
about? The goal of Zorin is to appeal to enough to make many everyday users though the Compiz effects are a bit silly.
Windows and OS X users considering dismiss Linux before they even give it a
jumping ship. Built atop an Ubuntu base chance, so this seems like a good decision. great FOSS alternative to everything,
with KDE Plasma providing a “familiar Among Zorin’s exclusive software is a nice expecting an entry-level user to ditch the
Windows-7 like interface,” Zorin really goes theme and layout manager which enables likes of Photoshop in favour of learning Gimp
out of its way to be inviting to potential Linux easy switching between more familiar styles from scratch seems unrealistic, especially
converts. As such, it does some big FOSS like “Windows XP,” “Mac OS X” and “Windows when most tend to have at least one such
no-nos such as including proprietary 7.” The main problem with “Windows “must have” application. That said, Zorin
software by default, but then there’s also transition” distros is that while there is a does a lot better than most.
8 www.linuxvoice.com
� LINUX DISTROS DISTROHOPPER
News from the *BSD camps
What’s going on in the world of FreeBSD, NetBSD and OpenBSD.
W
ith a slew of bugfixes, FreeBSD
has pushed out its first Release
Candidate for the much
anticipated version 11. On the less positive
side of things, FreeBSD experienced a
number of potential security vulnerabilities
in freebsd-update, portsnap, libarchive, and
bspatch after an anonymous post on GitHub
made the developers aware of the exploits.
These are being ironed out with some
patches already available, and the team is
recommending that users apply them
manually if they don’t feel comfortable using
the affected freebsd-update.
Also in the FreeBSD space, PC-BSD’s
Lumina Desktop Environment has hit
version 1.0 after four years of development.
The lightweight plugin-based desktop
environment is also available for other BSDs, MidnightBSD aims to focus on usability and stability to appeal more to beginners.
as well as Linux. Likewise, the FreeBSD fork
MidnightBSD has released version 0.8, Accelerated video has been improved on many people used. In the OpenBSD camp,
marking the ninth release of the system, both Intel and AMD, with the Radeon driver the Enlightenment desktop environment has
which has been around since 2006. brought up to the version found on Linux been ported. While there are still a few bugs
DragonFly BSD has seen the release of 3.18. Other changes include improved SMP to work out, most of the work has been done
version 4.6, bringing many new changes. performance and better networking and OpenBSD users are able to install the
These include updates to the i915 driver to performance under heavy loads. The last jazzy user interface. The system has also
bring it up to the version found on Linux 4.4, bits of Linux emulation have now gone from disabled the tmpfs filesystem due to lack of
adding improved stability for the Broadwell DragonFly BSD, clearing out some 15–20 maintenance, only three years after it arrived
and Skylake architectures in particular. thousand lines of code which apparently not on OpenBSD.
Satirical Linux distros
Linux is mostly used for pretty serious stuff, from doing your
everyday work to calculating the likelihood of asteroids crashing
into earth on supercomputers. However, it can also be used to do
very silly things due to the sheer number of distros out there. Not
many of these are in active development, but their legacy still has
the power to make us laugh (or roll our eyes).
Hannah Montana Linux (basically Ubuntu 9.04, but purple –
way ahead of Canonical there) is pretty well known among the
Linux community, but there’s also a number of other distros like
this. Rebecca Black OS (named after the star of the 2011 viral
video ‘Friday’) is also pretty well known, but it may surprise many
to know that it’s still in active development and was one of the
first distributions to include a Wayland server. There’s also
Biebian, whose project tagline is “It may be Justin Bieber Linux,
but it still beats Windows and Mac” – part of the joke is that it’s
not even based on Debian, but rather Puppy Linux.
Aside from Rebecca Black OS, none of these really provide
anything other than some questionable aesthetic choices.
However, one fascinating case is Suicide Linux, which plays a kind
of twisted game with the user. It uses the Bash autocorrect feature
(which normally resolves incorrect commands) to automatically
resolve any incorrect command to rm -rf / thus wiping the user’s
drive. Awesome. The aim of the game is thus to see how long you
can go before you lose absolutely everything. Joke Linux distros – we tell you about them so you never have to install them.
www.linuxvoice.com 9
� MAIL YOUR LETTERS
YOUR LETTERS
Got an idea for the magazine? Or a great discovery? Email us: letters@linuxvoice.com
SOME POINTERS
I was reading your four selling points for Linux in the Linux with LibreOffice, and the other one with
newbie guide, but in my opinion some of them are no Microsoft Office, the layout will probably
selling points at all. Let’s look at them one by one. be broken. Unless your document just
STAR 1
It saves you money Not really. If you buy a new PC, you contains text. So that you could use a
LETTER also get a configured operating system. So if you install plain text file as well. Oh wait,
Linux, or just use the OS that’s already there, there is no notepad.exe still does not
difference in cost. Even worse, if you want to install recognise Linux line endings,
Linux, you might need to find someone else to do it for does it? But I am optimistic about
you, because you probably have to create a bootable this. Give it some more years, and
USB stick. And I am not sure how easy it is these days office suites might be obsolete, and replaced by web
to boot your PC from a USB stick, with secure boot and based tools. In that case, the problem with office
UEFI around. But to be fair: if you want to give an old PC documents will be gone. Finally :-)
a second life, it is cheaper to use Linux. Because you 5
You forgot a selling point If you want Linux, you need to
probably don’t have a Windows licence lying around do a fresh install. And this way, you don’t have
that you can use to do a fresh Windows install. crapware. As it happens, I just removed all crapware
2
It’s open for everyone That is a good selling point. You from a new Windows PC that my wife bought. It took
are not stuck with a certain company. If you don’t like me more than an hour. If I just wiped the OS and
the support of company A, just go to company B. And if installed some Linux distro, it would have saved me a
you don’t trust companies, you can review the source lot of time.
code yourself, if you want to do that. So, these are the points I wanted to make. But I also
3
It’s super reliable Yeah probably. But I dare to say that want to thank you for making this great magazine. I
other OSes are reliable as well these days. I think today recently upgraded my digital subscription to a paper one;
Linux tends to crash more, because hardware suppliers it is really worth it.
don’t care about Linux support; you might end up with johanv
dodgy drivers to get your hardware running.
4
It works with your files Hmmm. I have to admit that I Andrew says: Hmm. We use Linux every day, so
did not try this for a couple of years, but I’m pretty sure we’re not blind to its faults. But I think you’re being
that if you work together on an office document, you a little harsh there (I agree about the crapware…).
PAGING DR SINITSYN
You’ve probably had loads of people getting in touch to tell
you this, but LV030 has a mistake in the pagination –
pages 92 and 93 are repeated on pages 94 and 95, so
sysadmin is missing the first two pages.
Other than that, it’s a top-class issue.
Regards, George Webber
Andrew says: Yes, we did have a fair few emails
about that – for anyone who hasn’t already seen,
here’s a link to a PDF of the unmolested Core
Tech pages: www.linuxvoice.com/wp-content/
uploads/2016/08/LV30-Core-Tech.pdf.
We’re genuinely baffled as to what went wrong
with issue 30. I suspect it was Mike’s fault.
10
� YOUR LETTERS MAIL
I LOVE LAMP
I read Sean Dwyer’s letter in LV31’s letters page, asking for oriented approach.
help with LAMP on Linux. Ian Bruntlett
Well, I’m not an expert but I’ve dabbled with LAMP on
Ubuntu and wrote up my experiences for the ACCU’s CVu Andrew says: Thanks a lot Ian,
magazine. I assumed I’d uploaded it to my scribbles you’ve saved us a job there. The
website but found out that I’d forgotten to upload it. See journey from dabbler to expert
the file CVu-Lamp-on-Ubuntu.pdf at the bottom of is nowhere near as arduous as
https://sites.google.com/site/ianbruntlett/home/ that from beginner to dabbler,
information-technology. so I hope Sean heeds and learns
I’m currently studying Ruby at the moment. When I from your scribbles. And many
wrote that article, PHP 5.x was in use. These days PHP 7.x thanks to you for pointing out
is in use, something to do with moving to an object- the link to your scribbles! ACCU’s members get this fine publication.
MY MATE MATE
Thanks for the recent review of Ubuntu Mate, and the
interview with the project helmsman this month. I was
horrified that you were drinking Red Barrel in a Watney’s
establishment until I noticed the editor had been
punishing a pint of Sharp’s Doom Bar.
Ubuntu Mate was impressive enough to cause me to
send some coin in the direction of the maintainers. It
installed nicely on several machines, but baulked when I
tried to load it on an Asus eePC 703, complaining that 2GB
was insufficient memory.
I upgraded my mentee’s netbook with Mate, which he
liked better than KDE. He returned to his third year instructions recommend a fast SD memory card as it Mint: better
computer engineering at the uni clutching a B-model RPi shares the USB bus and can become a data bottleneck than Watney’s
and a PocketCHIP to go with the refurbished netbook. with slower versions. Red Barrel
The Raspberry Pi version of Mate works very well on an Andrew Shead (apparently).
RPi3 that I got with the intention of donating resources to
new projects like MaidSafe and ZeroNet. There’s enough Andrew says: I think we’re all too young to
on-board electrical power to run the USB keyboard, remember Watneys, but if it were put in front of
mouse, and 3TB external disk drive. The Mate installation him, I’m sure Ben would drink it regardless.
www.linuxvoice.com 11
� SUBSCRIBE
Subscribe
shop.linuxvoice.com
Get your regular dose
of Linux Voice, the
magazine that:
Gives 50% of its profits
back to Free Software
Licenses its content
SUBSCRIBE TO CC-BY-SA within 9 months
US/Canada subs prices
TODAY! 1-year print & digital: £95
12-month digital only: £38
Get many pages Access our Save money on
of tutorials, rapidly growing the shop price
features, interviews back-issues archive and get each issue
and reviews – all DRM-free and delivered to
every month ready to download your door
Payment is in Pounds Sterling. 12-month subscribers will receive 12 issues of Linux Voice a year. 7-month
subscribers will receive 7 issue of Linux Voice. If you are dissatisfied in any way you can write to us to cancel your
subscription at subscriptions@linuxvoice.com and we will refund you for all unmailed issues.
12 www.linuxvoice.com
� SUBSCRIBE
All subscribers get access to every
single digital back issue –
that’s about 1,000,000 words of
tutorials, reviews and free software
hackery at your fingertips
Overseas subs prices
12-month print & digital:
Europe: £85
US/Canada: £95
Rest of world: £99 DIGITAL
SUBSCRIPTION*
ONLY
*
£38
WHEREVER IN THE WORLD YOU
ARE – IT’S DIGITAL, SO THERE ARE
NO POSTAGE COSTS
www.linuxvoice.com 13
�PRIVACY
FEATURE LINUX PRIVACY SOFTWARE
ON LINUX
Online privacy isn’t a contradiction in terms
if you follow Ben Everard’s guide.
P
rivacy is all about having the ability to decide defended the erosion of privacy by saying: “If you
what personal information you want to share, have something that you don’t want anyone to know,
and who you want to share it with. Before the maybe you shouldn’t be doing it in the first place.” This
internet, it was you who controlled access to sentiment is often summed up in the phrase “If you
information about you – if you told someone, they have nothing to hide, you have nothing to fear.”
knew and if you chose not to, they didn’t. That’s no Here at Linux Voice we vehemently disagree with
longer the case. Personal information is valuable to Mr Schmidt. We think that people still have a right
advertisers and marketers who try to sell more to a private life and that information about us is
products and to intelligence agencies who are building personal property, not just data to be harvested for
up profiles of people who have done no wrong. a profit. Controlling access to personal information
Unsurprisingly, those who profit from mass isn’t just about hiding wrongdoing, but about creating
invasions of privacy don’t see this change as a a personal space where we can live our lives without
problem. Google chief executive Eric Schmidt fear of intrusion.
Information about us is personal property,
not just data to be harvested for a profit
14 www.linuxvoice.com
� LINUX PRIVACY SOFTWARE FEATURE
YOU ARE BEING WATCHED
They lurk behind cookies and web beacons to follow your every step…
Some of the world’s largest companies
make money by giving their products
away for free. That may sound like an
oxymoron, and in a way it is. Let’s
consider the cases of Google, Facebook
and Twitter – they’re all hugely valuable
global companies that have made
many millionaires and a few billionaires,
yet almost everyone who uses them
does so without paying a penny. This is
all possible because these companies
use the data you give them to target
adverts at you. Google builds up a
profile of you based on your web
browsing, while Facebook and Twitter
work out what products you’re likely to
buy based on what you post online.
Through their free services, they’ve
become far more efficient at parting
people with their money than traditional
marketers that don’t spy on people. The Lightbeam add-on for Firefox reveals the truly scary number of web trackers out there.
It’s not just search engines and social
networks – there are many little-known countries), and much more that we As well as government agencies
companies that provide services to web consider deeply private. Once these overstepping their remit, the system
hosts in return for placing tracking code trackers have sucked up your personal provides an attractive target for
on their sites. These services then build data, you have no control over what hackers. In late 2015, hackers broke
up huge amounts of data as they follow it’s used for, how it’s processed or who into internet provider TalkTalk’s data
us around the web, and this data is then
It’s only a matter of time before an
sold to anyone willing to pay.
Somebody’s watching me
You can get an idea of just how ISP falls victim to hackers again
prevalent this tracking is by using the
Lightbeam plugin with Firefox. This it’s sold to. Your most personal details centre and stole data from over
plugin keeps track of all the different become a tradeable commodity that 150,000 users. It’s only a matter of time
services that monitor you via the can be aquired by anyone who can before an ISP falls victim to hackers
websites you visit. In a simple test, we think of a way to monetise them. again and the more information they
visited eight popular websites and were Your internet service provider is also store about their customers, the more
tracked by 161 different services. amassing a trove of information about there is to steal.
The fundamental problem is that this what you do online. This information All this is going on right now with little
data is intensely personal. Someone is ostensibly to help the government or no oversight. If you want to keep any
looking at our browsing could reliably track the most dangerous criminals; semblance of privacy, you can’t expect
deduce our medical history, mental however, the safeguards in place in it to happen automatically. Unless you
state, sexual preferences (which can most countries are not enough to take steps to protect your privacy, you
have legal repercussions in many prevent abuse. won’t have any.
SOCIAL NETWORKS
Even if you care about your privacy, it can children, employer, future girlfriend or boyfriend them. If you would be prepared to announce the
be tempting to use social networks to stay and anyone else who might take a passing information loudly in a public place in front of
in contact with people and to find out about interest in you. Despite the fact that most your friends and family, it’s fine to post online.
social events. The golden rule is to assume social networks have privacy settings, they’re If the thought of everyone you know finding
that whatever you put on a social network often obfuscated and prone to change with something out makes you feel uncomfortable,
can be seen by the entire world: your parents, little or no warning, so it’s not prudent to rely on save it for more private methods of sharing.
www.linuxvoice.com 15
� FEATURE LINUX PRIVACY SOFTWARE
WEB PRIVACY
Three options to regain a little personal space.
xxx
The HTTPSEverywhere plugin is a simple way to increase your privacy without any negative impact on the rest of your browsing.
Privacy online really comes down to a better target adverts at you. Intelligence information as possible in order to
couple of things: protecting your IP agencies also perform similar actions serve the most appropriate adverts.
address and stopping tracking between and use your web browsing to build up This is performed by advertising
websites. Tracking between websites profiles about global citizens. Visiting companies placing code in other
will be well known to most web users. the website of some Linux magazines websites that constantly alert the ad
For example, if you look at a product on is enough to get you labelled as an server of websites you visit.
a web shop, it’s common to then see extremist by the NSA!
adverts for this product on other sites There’s no way of getting around the Ad blocking
you visit. This is an obvious case, but fact that if you want any semblance The simplest thing that you can
there are far more situations where of privacy online you need to block do to protect your privacy is block
online advertisers are constantly adverts. Almost the entire online adverts (and other tracking data used
monitoring your web surfing to try and advertising industry is built around by advertisers). You can do this in
build up a profile of who you are to tracking users to find out as much most web browsers using plugins or
CENSORSHIP RESILIENCE
Privacy protection goes hand-in-hand with addresses. This is obviously useful in states Tor to bypass the UK government’s block on
overcoming online censorship. The Tor Network that heavily censor the web, but can also Torrent sites to access downloads of unusual
enables users to get around their country’s be necessary elsewhere. In the course of Linux distributions and investigate download
web blockers as a side effect of masking IP producing this magazine we’ve needed to use statistics of different pieces of software.
16 www.linuxvoice.com
� LINUX PRIVACY SOFTWARE FEATURE
extensions (see boxout), but perhaps
the simplest way of blocking adverts
is to use a web browser that does
this by default: Brave. Within the main
menu of this web brower, you can
select common-sense and easily
understandable options to increase
your privacy: Block ads, Block 3rd Party
Cookies, Use HTTPS Everywhere and
Block Phishing and Malware. Bringing
these options into one place makes
Brave by far the easiest browser to set
up for privacy. As an added advantage,
these options will speed up your web
browsing, as adverts can contribute to
a significant proportion of web page
load time.
Blocking adverts will stop the most
egregious affronts on your online
privacy, but it’s not perfect. The ad
blocker is unlikely to be 100% effective,
and it doesn’t do anything to stop
people intruding on your privacy at a
network level. For example, anyone
on your local network can see which
web servers you’re visiting even if you When you first start the Tor Browser, it will go green to confirm that you’re correctly connected to the
use HTTPS encryption. If you don’t anonymising network
use HTTPS, then they can also see all
the details of whatever pages you’re three separate proxy servers before it sending to the web), and the third proxy
viewing. Your internet provider can gets to the public web. There are three knows who the second proxy is but not
also see this information, and in many layers of encryption (one for each who you are or who the first proxy is.
countries, they’re required to store this proxy server) so that only the first proxy This network design means that
and pass it on to the government. knows who you are (but not what you’re even if one of the proxies is spying
There is one browser that really
The Tor network keeps your
stands out as the best option for
getting a high degree of online privacy:
The Tor Browser Bundle. This is a single
download that contains everything you physical location secret
need to connect to the Tor Network
and run a private web browser. The Tor sending to the web), the second proxy on you, there’s no way for it to work
network keeps your physical location only knows who the other proxies are out both who you are and what you’re
secret by passing your data through (but not who you are or what you’re doing online.
BUILD YOUR OWN PRIVATE BROWSER
There’s no perfect solution to online privacy, but • Block cookies Cookies are bits of data that better (though the web server you’re visiting is
you can customise your browser to make the web servers can store on your computer and still visible). Some sites are available in both
right trade-offs that increase your privacy at retrieve at a later time. There are several HTTPS and HTTP, and the HTTPS Everywhere
the expense of decreasing the amount you can legitimate uses for cookies (such as websites extension ensures your browser always uses
do online. First you’ll need to start with either remembering your login sessions), but they’re the HTTPS version where possible.
Firefox or Chromium (Chome is too integrated also used by web trackers. We recommend • Block scripts JavaScipt allows websites to
into Google to make this really possible), then blocking third-party cookies, as this only run bits of code in your web browser.
consider the following changes: allows cookies from the domain of the website Mostly this is harmless, and indeed can
• Ad blocker It’s absolutely essential to block you’re on and not any tracking code from third make browsing the web a more interactive
ads if you want online privacy. There are party services. If you want a stronger privacy experience. However, some scripts try to
several options for all browsers, but not all are protection, block all cookies. This is possible maliciously identify your browsing. The
equal, because some ad blockers themselves in the Options menu of all major web browsers. NoScript browser extension enables you to
spy on you and sell that data to advertisers. • HTTPS Everywhere Anything you send over control which sites can run scripts and which
We recommend uBlock (available for Firefox plain HTTP is readable by anyone on the ones can’t. Be aware that some sites won’t
and Chromium) as it’s open source and runs same network as you, and by your ISP. HTTPS work without scripts (but you can enable them
efficiently in our experience. encrypts this and makes the situation a little on a per-site basis).
www.linuxvoice.com 17
� FEATURE LINUX PRIVACY SOFTWARE
PRIVACY DISTROS
Preconfigured to keep you safe.
The two Whonix virtual machines (here running in VirtualBox) enable you to keep the configuration of Tor separate from the software you want to run.
Using a private web browser will help for an intrusive regime to intercept applications that you may need if you’re
you stay safe online, but, it isn’t a the download and replace it with one trying to stay private online, including a
guarantee of ultimate privacy. If you that doesn’t provide the same level of Bitcoin wallet, The IceDove email client
want to make sure that you aren’t privacy. While this may seem extreme (and the OpenPGP applet for encrypting
monitored when using the web, you in many western countries, it’s a emails both here and in the browser)
need a distro that’s built for privacy. sensible precaution in some parts of and Pidgen (with support for OTR).
The Anonymous Incognito Live the world. Even when it does seem Basically, if you want the simplest
System (Tails) is a distro that’s over the top, it’s prudent to have more way of setting up a secure computer
designed entirely to help you stay safe security than you need. with Tor, then Tails is the best bet. The
by using the Tor Network (see previous biggest problem with Tails is that it’s
page). Tails is used by journalists, Tails: the anonymising distro designed to be locked down to a single
activists and other people persecuted As the name suggests, Tails is a live way of working. If you want more
around the world. In many countries, system. When you boot it, you’re flexibility (which means you have to
it’s actively under attack by the regimes presented with a series of options that have the knowledge to protect yourself),
from which it seeks to provide privacy, enable you to set up the system for then there are a couple of other options
and protection from this is built into the circumstances you need. You can you could consider.
the way it works. This protection starts spoof the MAC address (as this could If you need to ensure your privacy
with the moment you try to download be used to identify you), or use one of from a powerful adversary, it’s
the distro. Rather than just having a the specialised methods of connecting important to ensure that all your
file that you save to disk, downloading to the Tor Network. network traffic goes through an
Tails requires you to either install a Tails hides anything that doesn’t anonymising network such as Tor. It
Firefox add-on that will verify that the need the user’s attention. If you follow can be a little tricky to ensure this as
file has downloaded correctly, or use the recommended boot options, you’ll Linux (or any other popular operating
the BitTorrent download (which will be connected to the Tor Network system) isn’t really designed to force
automatically verify the integrity of and have access to the web via the all traffic to go through a proxy.
the file). This way it’s much harder Tor Browser. There are a few more Instead, you have to make sure that
18 www.linuxvoice.com
� LINUX PRIVACY SOFTWARE FEATURE
JonDo lets you choose between connecting to the internet directly or via an anonymising network such as Tor or JohnDo.
each individual application is behaving advantage of Whonix over Tails is that to 50Kbps; only lets you use HTTP and
properly. An alternative option is to it enables you to use all your standard HTTPS ports; and only puts your data
configure this through your network. tools – even if they’re scripts you’ve through two mixer proxies (compared
The Whonix distribution has two written yourself – and still get the with Tor’s three). The premium service
separate parts, a workstation and protection of Tor. The biggest downside removes the bandwidth and ports limits
a gateway. Thanks to virtualisation to Whonix is that while the theory is and lets you use up to three proxies.
technology these can both be run on sound, it’s less well tested than Tails. The JonDo network is much smaller
the same physical machine. It’s also a little more complex to install, than Tor, which would make it easier
The Gateway enables you to though this shouldn’t be a challenge for to fingerprint the traffic, and the Tor
configure how you want to connect most moderately technical people. protocol has come under more scrutiny,
to the Tor Network (including any Both Tails and Whonix are based so we’re more convinced of its security.
firewall rules you want to enforce), and on the Tor network. This provides the That said, JonDo is a viable alternative
this creates a virtual network to ferry best privacy guarantees, but it is a little if you’re willing to pay for faster speeds
all the traffic into the anonymising slow. If you still want privacy, but need (the free tier, in our opinion, doesn’t offer
network. The Workstation then
To simply set up a secure computer
connects to this virtual network, and
so all the network data goes via Tor. In
theory, this setup is more robust and
enables you to perform more actions with Tor, Tails is the best bet
on the Workstation without risking
disclosing your identity. There is still speed, the JonDo network may be a any advantages over Tor).
the Tor browser, because this provides better option. Like Tor, this relies of You can connect to the JonDo
more protection than a regular web forwarding your data through a series network without using the distro, as
browser (thanks to script blockers and of proxies that obfuscate where the clients are available for regular Linux
other privacy-enhancing features), data came from. Unlike Tor, JonDo is distros; however, the live distro offers
but even with a normal web browser, a commercial platform. The free tier is the best way of trying the service and is
you’ll be running over Tor. The biggest publicly available but limits your speed a more secure way of using the system.
www.linuxvoice.com 19
� FEATURE LINUX PRIVACY SOFTWARE
ONLINE CHAT
Messages are for friends, not snoopers.
You can chat securely using OTR without installing anything by going to https://otr.to and creating a chatroom.
As well as our web browsing, we reveal the privacy implications of chatting provide encryption but doesn’t always).
much about ourselves when we chat online. The next best scenario is where the
online. This was once a niche activity The worst possible case is where connection between your chat client
that took place on internet relay chat nothing is encrypted: you send your and the chat server is encrypted. This
way, no third party can eavesdrop on
Signal can bring best-in-class
your chats, but the chat server can see
your conversation as it has to decrypt
privacy to non-technical people it to be able to pass it on to the person
you’re chatting with – this is what most
online chat systems do when they
(IRC) and bulletin boards, but it’s messages over the network and claim to be encrypted. Given that many
increasingly becoming a common way anyone can read them, from the people companies providing online chat make
to stay in touch. you share your network with to your money by data-mining their users, it’s
There are two key things that we ISP, to the people running the chat prudent to assume that your chats are
need to know about any messaging server. Fortunately there aren’t many feeding into their information-gathering
system: is it encrypted, and is it systems like this any more, but it’s still systems.
end-to-end encrypted. The difference something to be aware of if you use an
between these is key to understanding older protocol such as IRC (which can End-to-end encryption
The best scenario is where each
message is encrypted on your client
and can only be decrypted by the
ENCRYPTED EMAIL person you’re chatting with. This is
known as end-to-end encryption, and if
You can use PGP to encrypt and sign emails. PGP is an excellent technology that is
doomed to a lifetime on the sidelines unless you wish to retain your online privacy,
PGP is old technology that’s never caught on,
no doubt in part because it’s a little complex to major email providers decide to support it and you should be using a chat system
set up. When Edward Snowden first contacted enable it by default. Given that several major that provides this style of security. For
Glenn Greenwald to report on his trove of NSA email providers make the majority of their a long time, end-to-end encryption was
documents, the reporter was unable to reply income through advertising, this is unlikely
only available on a few esoteric chat
because he couldn’t work out how to install the to happen. If you need end-to-end encrypted
emails, PGP can provide that – just be aware systems that were the preserve of
necessary software. Fortunately, Laura Poitras
was able to help and the documents could that few people will be able to correctly receive geeks, but recent moves have brought
change hands in the end. your mails. strong privacy to the masses.
20 www.linuxvoice.com
� LINUX PRIVACY SOFTWARE FEATURE
WEB SEARCH
When browsing the web, the search engine you
pick has a huge bearing on how you’re tracked.
Google may be convenient and provide good
results, but it also heavily tracks users. Our
two favourite search engines that don’t spy on
users are:
• Duckduckgo.com As well as respecting your
privacy, Duckduckgo is also a supporter of
Free Software and donates to several major
open source projects.
• Startpage.com If you want Google results
without the tracking, this is the option for
you. Startpage returns the search results
from Google but doesn’t pass on any of your
personal details, so your privacy remains
intact.
WhatsApp, one of the world’s most
popular online chat applications, now
features end-to-end encryption by
default. This development is possibly
the largest single step towards online
privacy ever, because although there
have been encrypted chat tools around
for decades, they have always been
tricky to set up and use and have
never become mainstream. With over
a billion users, WhatsApp is definitely To make sure you have end-to-end encryption in WhatsApp, go to Settings > Account >
mainstream, and as long as you’re Security and you should have this message.
using the latest version of the software,
your messages are secure from prying app for Android and iOS is a highly system – it’s a text-based encryption
eyes – even WhatsApp’s makers can’t secure private messaging app. Its big system that can run on top of any
access your messages. advantage over WhatsApp is that it’s instant messaging protocol. It’s most
While WhatsApp’s move to end-to- open source, while its big disadvantage commonly used alongside Jabber,
end encryption is excellent, there are a is that it has far fewer users. since this is an open source system
couple of drawbacks to it: it’s mobile- that enables users to register with one
centric with no desktop Linux client, Privacy for dummies of many servers rather than relying on
and it’s closed source, so we can’t verify The focus on making it easy to use a single company or organisation that
that it really does what it claims. You means that Signal really can bring best- could be profiting from users’ data.
can access the WhatsApp web client via in-class privacy to people who aren’t If ultimate privacy is important to
Linux, but you can’t create an account technical. Edward Snowden’s advice on you, Off The Record is the chat system
unless you have a smartphone. private communication is “Use anything you should use. However, WhatsApp
Security campaigner Moxie Marlinspike by Open Whisper Systems.” If you want provides a good level of privacy and is
helped develop the encryption, and to check for yourself that everything’s widely used, so if you want to contact
while no endorsement can give the secure, Signal is open source, so you someone, there’s a much better chance
same guarantees as access to the can look for anything improper in the that you’ll be able to reach them on
source code, Moxie is a highly regarded code, or compile from source to make WhatsApp than OTR. Signal, on the other
encryption expert. sure that no backdoors are added to hand, provides strong privacy, and while
Also from Moxie Marlinspike (and the code before it’s released. it isn’t widely used, it is easier to get
Open Whisper Systems), the Signal Off The Record (OTR) isn’t itself a chat started with than OTR.
BEWARE UNTESTED ENCRYPTION
Creating secure encryption is hard. It requires operations to implement it securely. On top of the best option is to use well-known encryption
detailed knowledge Of complex mathematics this, it has to run efficiently for it to be widely algorithms implemented by well-tested open-
to design an algorithm and detailed knowledge used without slowing down the computer or source libraries. Any other option runs a high
of the implications of low-level computing draining the battery on a mobile device. By far chance of not providing adequate security.
www.linuxvoice.com 21
� FEATURE LINUX EVERYWHERE
LINUX
EVERYWHERE
Linux isn’t just dominant in the server and mobile space – it’s doing the grunt work
all over the planet. Linux Voice investigates!
I
n a weird turn of events, Linux is the servers, cloud infrastructure, mobile devices And it goes on… It’s more than just about
most successful computer operating and much more. Linux can be found in the technology – the perception that Linux
system in every market except for the almost every industry you can name. is suitable for real-world usage, and with
one for which it was originally developed. commercial companies providing support, is
Linus Torvalds started his kernel in the early Look around you invaluable to its success.
1990s so that he could have a Unix-like But why is this? Obviously we can run We thought we’d look at areas where
operating system on his home desktop – he through the usual benefits: Linux is Free and Linux is being used beyond the usual areas.
wasn’t thinking about the server and open source software; it has a solid design In many cases, the people and companies
mainframe markets at the time. No, he just and architecture; it’s portable; it has stable using Linux don’t
wanted something much better than DOS, leadership; and it has a very good security advertise this
Windows or Minix, that didn’t cost anything track record. Those are all key components fact, but when
and that could be shared around easily. in success, but there’s one thing we believe you start digging
Fast forward 25 years, and Linux isn’t is often forgotten: Linux legitimised the idea you see that our
the massive success story on the desktop of Free Software in “serious” business. penguin-powered
that many of us had hoped. Not When internet service providers – OS is actually in
that we’re complaining especially the smaller ones every nook and
– it’s still an excellent – started adopting Linux cranny. So let’s
desktop operating in the late ’90s for their start noseying…
system and far better infrastructure, they
than the alternatives One thing that demonstrated
in our opinion. But gets forgotten that the OS
the momentum was capable of
is that Linux
and mindshare of handling heavy
Windows would legitimised the idea network traffic.
always be difficult of Free Software in When Linux got
to overcome. On “serious” business. established in
the other hand, outside the server market, it
of the desktop, Linux showed it could deal with
pretty much dominates: lots of data and storage.
22 www.linuxvoice.com
� LINUX EVERYWHERE FEATURE
LINUX IN SCIENCE
Discovering the mysteries of the universe with FOSS.
The Large Hadron Collider at CERN is, in geek terms, probably the single coolest machine on the planet. (Image: CERN)
We think we have a pretty good grasp of us is the involvement of Linux. Yes, Linux Another distro with a particular
physics, at least when you imagine particles is very heavily employed in the LHC, and is scientific theme is Bio-Linux (http://
as billiard balls with smaller balls going responsible for processing mind-boggling environmentalomics.org/bio-linux-
round them, and a few forces at play. But amounts of data. In 2011 alone, the collider download). As the name suggests, this
once you go down to the subatomic level, generated a whopping 23 petabytes of distro ships with a bunch of software
things start to get rather odd. Quantum data; that’s plenty to deal with for CERN, the relating to bioinfomatics, such as genome
mechanics is a fascinating topic – albeit operator of the LHC, but when hundreds of viewers and tools for searching DNA and
extremely complicated – and Linux is other scientists want access to the whole protein databases. It’s based on an older
helping to answer some of the questions data set, it’s a big job to shift it all around. version of Ubuntu (14.04), so it’s hardly
that it poses. cutting-edge, but still useful for scientists in
Take the Large Hadron Collider (LHC), for Scientific Linux that field.
instance. It’s the biggest and most powerful Indeed, Linux is so popular among research
particle accelerator on the planet, straddling institutions that an entire distribution has
the border between France and Switzerland. been developed: Scientific Linux.
The LHC is a 27km-long tunnel that took Sponsored by the American Fermi
a decade to build with the involvement of National Accelerator Laboratory,
scientists from over 100 countries, and Scientific Linux wasn’t created
since it started operation it has been used from the ground-up but is
to develop theories in particle physics. essentially a rebuild of Red Hat
Specifically, it looks at what happens when Enterprise Linux.
certain particles are smashed together at Meanwhile, Scientific Linux
insanely high speeds. offers the same benefits of
Now, some particles are extremely hard CentOS/RHEL – namely well-tested
to detect; many have been proposed but packages and a very long support
never directly observed in action. One such lifespan – but with a focus on the
particle is the Higgs boson, which was scientific community. To that end the
originally described in the 1960s, but it was distro makes it easier to install cutting-
an LHC experiment in 2012 that suggested edge research software, and an active A Higgs boson, and other elementary particles
that the particle actually exists. So that’s all community. See the project’s website at in its class. Linux has been instrumental in
good and well – but what really interests www.scientificlinux.org for all the details. (probably) discovering it.
www.linuxvoice.com 23
� FEATURE LINUX EVERYWHERE
LINUX IN SPACE
Free software powers the ISS and SpaceX’s reusable rockets.
The International Space Station (ISS) is a Prior to 2013, Windows XP was used on with arms and fingers. The idea behind
tremendously complicated contraption, with the ThinkPad laptops scattered around the R2 is to explore how a robot can work
many different modules from different the various modules of the ISS – but this alongside astronauts, using more dexterity
space agencies with different technologies was changed to Linux because the station and precision than a simple machine. Don’t
plugged together to make a just-about- “needed an operating system that was worry about some kind of robotic take-over
working whole. (We’re not against the ISS – stable and reliable”. in space, though – it’s nowhere near enough
but given that five of the six astronauts to develop advanced artificial intelligence.
onboard are now just maintaining it and Debian in orbit We hope…
fixing old systems, leaving only one to do The version of Linux used is Debian, which For geeks, arguably the most exciting
real science, we do wonder if it’s time to be is fitting as it’s hardly cutting edge but one company in the world at the moment is
replaced. Look up Bigelow Aerospace for of the most well-tested distros out there. SpaceX. Founded by Elon Musk, who made
future options there…) (As an aside, some of the other systems on megabucks from PayPal, SpaceX produces
But anyway. As the most expensive the ISS run VxWorks, a proprietary real-time rockets and capsules with the goal of
“thing” ever produced, the ISS needs to operating system from Wind River (now drastically reducing the cost of going to
work reliably, so the choice of software is Intel) that has built up a reputation for being
absolutely critical. You don’t want Windows extremely robust. The Curiosity Mars rover
Update to pop up and runs VxWorks, for instance.)
ask you to wait during But Linux isn’t just powering
a critical re-boost the computers – it’s also
manoeuvre to avoid running a robot as well.
burning up in the Earth’s The Robonaut R2
atmosphere. For this
Linux helps guide was delivered
reason, Linux is the Falcon 9 into to the ISS by a
used throughout space, deliver the Space Shuttle
the ISS, primarily payload into orbit, mission in 2011,
on laptops used and land the first and it’s essentially ThinkPads running Linux are the laptops of
by the astronauts. a robotic torso choice for astronauts on board the ISS.
stage back on Earth
The International Space Station project has gone on for longer
than expected – and Linux keeps it chugging along.
24 www.linuxvoice.com
� LINUX EVERYWHERE FEATURE
SpaceX makes money delivery satellites
for customers (and cargo for NASA), and
uses that to fund a programme of reusable
spacecraft to one day take us to Mars.
space. Right now, a single seat on a Russian into a stable orbit. Once the rocket has done costs are as low as hoped, this will be an
Soyuz craft (the only way to get to the ISS) is its work, it’s out of fuel and falls back into the enormous breakthrough in spaceflight. A
around $70,000,000 – not cheap. sea, pretty much completely destroyed. brand-new SpaceX rocket costs around
So why is space so ridiculously SpaceX is working hard to make a $60m, yet the fuel for a mission is only
expensive? Well, primarily, it’s because we reusable rocket, and in December 2015 around $300,000. So if SpaceX can start
throw rockets away after each launch. it landed the first stage (main part) of a reusing its rockets, maybe 10 or 20 times for
Because of Earth’s gravity, and our available rocket after performing a successful orbital each one, it will be able to bring the prices
propulsion methods, a rocket can typically mission to get some satellites into orbit. down substantially.
get only 2–4% of its overall weight into orbit. So far, SpaceX has landed several rockets;
So around 97% of the rocket is just fuel, none have been re-flown yet, but this is due To Linux and beyond
metal and other bits to get the tiny payload before the end of 2016. And if refurbishment Linux is a key component in SpaceX’s
strategy. Whereas “oldspace” companies
Here’s a SpaceX Falcon 9 rocket landing on would typically contract out the building of a
a ship in the middle of the Atlantic Ocean rocket to many different companies, adding
in 2016 – bear in mind that it’s 45m tall. complexity and costs, SpaceX strives to do
Nothing like this had ever been done before. everything in-house with off-the-shelf
components and technologies. So its
rockets don’t run highly customised OSes
and software stacks – they use Linux and
C++, on triple-redundant computers. Linux
helps to guide the Falcon 9 rocket into
space, deliver the payload into orbit, and land
the first stage back on Earth.
And this is just the beginning. SpaceX has
grand plans to establish a colony on Mars in
the 2020s, using giant reusable rockets and
spaceships – and we can safely assume
they’ll be running Linux. Yes, our favourite
OS will play a key part in the next step of
human evolution, going multi-planetary. How
awesome is that?
www.linuxvoice.com 25
� SECRETS NEXTCLOUD
SECRETS OF
NEXTCLOUD
Keep your data under control with the newest open source cloud computing offering.
M
ore and more computing is taking place in the web Fortunately, there is a way of getting all the benefits of web based
browser. Email, file storage, calendars, and even office software without the downside of losing your privacy: self-hosted
suites are now often built in HTML and can be accessed cloud services. The newest of these is NextCloud, a fork of OwnCloud
from anywhere on the internet. For users, this means that they are with a focus on making development more open with the
no longer tied to a single computer, but if you’re using software community. Here are our favourite features of NextCloud that can
running on other people’s servers, that means you no longer control help you get all the benefits of a web-based collaboration system
your own data. while still retaining control over how your data is handled.
01 02
works better with complex formatting
and also enables you to work with
spreadsheets and presentations.
03
Collaboration
When there’s a group of
people collaborating on a
set of documents, it can be useful to
know who’s done what and when.
01
Calendar and email other mail client (allbeit web based) NextCloud helps with this in a few ways.
After storing files, calendar rather than a full mail server. Firstly, there’s the Activity app that
and email are the most shows you the most recent changes
02
useful cloud applications. The Calendar Documents made to all the documents you have
app in NextCloud enables you to keep While NextCloud is most access to. Secondly there’s a versioning
track of your schedule, share it with famous for storing and system that enables you to view and
others and link with other online sharing files, you can also edit them roll-back any changes to documents.
calendars (via CalDav) so you can see directly in the web browser. The Thirdly there’s a comments system
appointments even if they aren’t in your Documents plug-in enables you to where you can discuss a file without
calendar. The Email app doesn’t include create and alter ODT, DOC and DOCX changing its contents.
mail servers, but enables you to format files. If you need more editing
04
connect to them via the normal power, you can also integrate the Snap
protocols. In this way, it’s more like any Collabora Online office suite, which As a web app, installing
NextCloud takes a little
The Calendar app in NextCloud enables you more effort to get running than most
software. You’ll need a web browser,
to keep track of your schedule, share it with database and all the associated things
– quite a lot if you just want to test it
others and link with other online calendars out, and this is enough to put a lot of
26 www.linuxvoice.com
� NEXTCLOUD SECRETS
03 04
06
05
07
people off. Fortunately, it’s been comes from its ability to help you share
packaged up as a Snap, so you can get information with other people. With
a working NextCloud install with just: NextCloud, you can share on a per-file or
sudo snap install nextcloud per-directory basis with named people,
Once this is done, point your web the public at large or with a password-
browser to localhost and you’ll be able protected link.
to create an admin account to Federation enables you to join
complete setup. The Snap is
considered beta quality, so it’s best to
instances of NextCloud together. When
two instances are linked, you can share
08
only use it to test out NextCloud or for information and folders between users
small personal setups. on different systems as though they
were on the same NextCloud server.
05
External storage
07
NextCloud enables users to Mobile
store, modify and upload The days when software
files, and all this can end up using a lot only had to run on desktop
of disk space. You can manage this in computers are well behind us. The
the same way you would with any other ability to access applications on the go every internet-connected device.
Linux software – get a larger hard drive via mobile apps is essential in the However, there are times when the
– but NextCloud also allows you to tie in modern world, and NextCloud makes standard interface just isn’t the best
other forms of storage to the NextCloud this easy. You can obviously use the option for users, such as when you’re
interface. This storage could be on web interface on a mobile phone if you creating a customised mobile app or
servers you own through Samba, SFTP wish, but there are also native apps for embedding some NextCloud features
or WebDav, alternatively, it could be Android and iOS that offer a better into a different website. For this, there’s
storage from third parties such as mobile experience. an external API that conforms to the
Dropbox, Amazon S3 or Google Drive. Open Collaboration Services
08
Open collaboration specification, which enables you to get
06
Sharing and federation The web browser is a data from NextCloud in XML or JSON
The power of a universal interface that format so you can process it in almost
collaboration platform makes NextCloud accessible on almost any programming language.
www.linuxvoice.com 27
� FEATURE OLD SCHOOL COOL
Mike Saunders looks back at some classic moments in Linux history.
And if you’re a newbie: yes, Linux used to come in boxes…
I
f, like many of us, you got into Linux in the late
1990s or early 2000s, you may have a certain Corel Linux was a short-lived distribution that
nostalgia for the “good old days”. Actually, they arrived in 1999. We had high hopes for it back
then, as it had the backing of a company known
weren’t very good at all – Microsoft was a bullying for producing polished end-user software. Corel
monopolist trying to destroy Linux with FUD at every Linux was pitched directly as an alternative to
corner, hardware support was iffy, and the desktop Windows 9x and Mac OS…
had countless rough edges that need to be ironed
out. The only serious web browser we had was … and here’s its desktop. We recall the distro
Netscape 4.x, which was a horrendously clunky lump being unbearably slow on our test machines at
that was famous for locking up, thrashing your hard the time – sure, they only had 64MB of RAM,
but that was still plenty for the SUSE and Red
drive for 30 seconds, and finally giving up the ghost Hat versions that were doing the rounds back
with the totally useless message of “Bus error”. then. So in all, it’s not a distro we really miss.
Yet some things had their own charm. For many
of us on dialup internet connections, we relied on
chunky boxed sets to get Linux onto our machines.
(Kids these days with their pacman -Syu, eh! They
don’t know they’re born.) We remember placing
orders with the old Linux Emporium shop, and
twiddling our thumbs waiting for a big lump of SUSE
or Red Hat to arrive from the postie a few days later.
Yes, even with six CDs the number of packages
back then pales in comparison to what’s available
in repositories today, but it felt completely different
– you could really sense the vast range of Free and
open source software at your fingertips.
So this issue we thought we’d take a trip down
memory lane and look at some of the distros and
desktops that the Linux Voice team got started with.
If you’re a long time Linuxer, prepare for a mighty
dose of nostalgia – and if you’ve only recently
converted to the FOSS way, you’ll see just what we
old ’uns went through to get our Linux fix…
28 www.linuxvoice.com
� OLD SCHOOL COOL FEATURE
Another distro that aimed to tackle the desktop market,
Linspire was originally known as Lindows. Microsoft sued
Lindows, Inc. which resulted in a change of name to Linspire,
but the distro never really achieved any widespread success.
Red Hat’s installer back in the late 90s was a text-based tool,
but it used dialogs and menus sufficiently that most people
could get it installed with a bit of prior knowledge.
Ahh, Linux Mandrake –
arguably the first truly popular
newbie distro. This French
distro, which came to life in
1998, was little more than
a modified Red Hat, but
with time it gained its own
custom features and was
one of the first to sport a
fully graphical installation
process. Mandrake later
became Mandriva, and is now
mostly used in its community
supported spin-offs Mageia
and OpenMandriva.
Here’s Red Hat Linux 5.0,
featuring the FVWM95 window
manager in its AnotherLevel
configuration. Yes, it’s mightily
ugly by today’s standards,
and a lot of fiddling with
XF86Setup (shudder) was
required just to get a usable
desktop. And even once we
had this set up, we still needed
to recompile our kernel to
get sound. (Image credit:
toastytech.com)
www.linuxvoice.com 29
� FEATURE OLD SCHOOL COOL
SUSE’s European HQ in
Nuremburg has a selection of
boxed sets on display. SUSE
Most of us associate Turbolinux with Japan, was one of the first distros to
but the distribution originally started as a really push its big boxed sets
Red Hat spinoff created by developers in as selling points, bulging with
Utah, USA. In 2002, Turbolinux was bought CDs and manuals. Here’s the
up by a Japanese company which focused German version of release 4.2,
the distro on its local market. back when the distro was called
S.u.S.E. Note how the CD case
proudly announces that it uses
the ELF format…
By SUSE 6.1, the boxed sets were
more polished and the manuals even
bigger (they were a superb resource of
information on all things Linux at the
time, even if they did talk about very
And here’s a shot of SUSE 9.0’s desktop – KDE 3.1. Historically, SUSE was one of the best SUSE-specific ways of doing things).
champions of KDE, adding lots of fine touches to the desktop to really make it shine. While This release included StarOffice, not so
KDE was available in other distros like Red Hat, it was often seen as a second-class citizen, long before it morphed into the fully open
whereas in SUSE it was the default for many releases. source office suite OpenOffice.org.
30 www.linuxvoice.com
� OLD SCHOOL COOL FEATURE
On the subject of really old
distros, here’s Soft Landing
System, which started in
1992 – just one year after
Linus Torvalds announced
his very basic kernel. Soft
Landing System established
the concept of a distribution,
including some useful
software beyond the bare
basics required to get a GNU/
Linux system up and running.
Here’s a screenshot from Mike’s old archives. This shows a Java-
based development environment for old Nokia phones in action,
which is running a phone emulator, which in turn is running a
Telnet client, which (bear with us) is in turn logging back in to the
same Linux box host. Phew…
In the early days of Ubuntu, the distro’s developers
were somewhat more daring with their marketing
materials. Here’s one login screen concept, which
attempts to highlight the “humanity” in Ubuntu
(both in terms of the distro and in the name as a
whole). For us, it just gives us vertigo if we look at
it for too long.
Slackware is the longest-running Linux distro, and
still a favourite among power users who just want
a Linux flavour that leaves them alone to do their
work. Here’s the box for version 4.0 from 1999,
gleefully shouting that it includes multiprocessor
support and the latest version of XFree86. (Image
credit: http://blog.nielshorn.net).
We’ve come a lomg way – think of the olden days
when you next power on your Linux box!
www.linuxvoice.com 31
� FEATURE GNOME USABILITY TESTING
GNOME
USABILITY
TESTING
Jim Hall and Renata Gegaj reveal the ways in which the Gnome team is making its
software more usable for real-life human beings.
WHY USABILITY TESTING?
Usability in any program is important if you want other At the same time, it can be difficult for open source
people to use it. Applications need to be easy to use. If software developers to create programs that have
an application is too difficult to use, people may good usability. As the authors of our own software, we
switch away from that application and use another know how to access all of the program’s functionality,
similar piece of software that’s easier and more and we know how all the menu items work. But can
obvious. In the sphere of open source software, if an someone else figure out your menus? Can an average
Below: Most testers were
open source software program is too difficult to use, user with average knowledge use your software to do
aged 15–35.
Below right: Gender was people may stop using it and use a proprietary their work in a reasonable amount of time? That’s the
about equally divided, with software program instead. So if we want people to essence of good usability.
slightly more men than keep using open source software, it’s important to get Usability testing involves watching real people
women. open source software usability right. use the product to accomplish real tasks, giving you
Age Gender
32 www.linuxvoice.com
� GNOME USABILITY TESTING FEATURE
Computer usage Gnome usage
Above left: Almost all
live feedback from users. By doing this iteratively – looking at a new design and want to see how users testers used a computer
creating a design, testing it, tweaking the design, then will like it, you can do a usability test using a paper daily or frequently.
testing it again – you can make your program easy for prototype and ask testers to walk through the Above: Most testers had
everyone to use. interface as they respond to different tasks. But if you never used Gnome before.
Usability testing doesn’t require any particular have already developed a user interface, a more
expertise. Anyone can do usability testing with only a traditional usability test might be more helpful.
little preparation. Let’s walk through my usability test My usability test was a traditional usability test,
as an example. looking at areas of ongoing development in Gnome
Photos and Gnome Calendar. I found 10 volunteers,
PREPARING YOUR USABILITY TEST representing a mix of genders (slightly more men than
During Summer 2016, as part of an internship through women) and ages (ages fifteen to sixty-five).
the Outreachy programme, I [Renata] worked with the All participants used a computer on a daily basis,
Gnome design team to examine the usability of and self-identified their computer expertise in a range
Gnome. Outreachy helps people from from “I don’t know a lot, I am not a frequent user” to
underrepresented groups get involved in free and “I am better than most,” although most claimed “I am
open source software. Jim Hall, Allan Day and Jakub not a frequent user” or “I know some things.” Most
Steiner from the Gnome Design Team coached me on testers had not used Gnome before; three testers
test design and analysis. You can do usability testing used Gnome on a daily basis, while a few others had
using a variety of methods; there is no “one true heard about Gnome previously but did not use it. For
method” to usability testing. For example, if you’re most testers, this was their first time using Gnome.
SCENARIO TASKS
The key to a good usability test is carefully writing size. If the menu item to do this is labelled “Font,” you that picture, in order to access it more easily later on.
the tasks that you ask your testers to do. These are should use some other word than “font” to describe
3
While looking through all the photos, you notice
called “scenario tasks” and need to represent what the task. One way to write this scenario task is “You that two of the photos look very similar. Please delete
real users would actually do as part of their work. don’t have your glasses with you, so it’s hard to read one of them.
Writing these scenario tasks takes some effort. Start the text on the web page. Please make the text bigger
by thinking about what types of people are most on the web page.” Here are some of the scenario Calendar
likely to use the software, then consider how these tasks from my usability test:
1
You want to have all your work-related activities in
users are most likely to use the software to do real your calendar but you don’t want them to be mixed
work. From that assumption, you can write your own Photos with other activities, since you have a lot going on
scenario tasks: short assignments you give to each 1
You just got back from your trip to Thailand. You lately. To keep your events organised, you decide to
tester, so everyone is doing the same thing during want to show your friends all the pictures that you put all your work activities on the same calendar.
the test. took there but you notice that they are all mixed with Make a new calendar, call it “Work,” and make the
Scenario tasks should set a brief context, then the other pictures that were previously in Gnome activities appear in purple.
ask the tester to do something specific. Be careful Photos. To avoid confusion, you decide to collect the
2
You have a meeting with your boss today. Create
when writing the scenario tasks; you should not pictures from your trip. Create a group of these an item named “Meeting for work” that starts at
accidentally provide hints or clues to how to photos and name it “Thailand trip.” 2.00pm and goes until 4.00pm. Put it in the “Work”
complete the task. 2
As you are showing the pictures of the album you calendar that you created earlier.
For example, a scenario task for a web browser just created, you notice a picture that you’d like to
3
Set a reminder 10 minutes before the meeting
might ask the tester to change the web page’s font share on your social media accounts. Please “like” starts, so you don’t forget that meeting.
www.linuxvoice.com 33
� FEATURE GNOME USABILITY TESTING
Marking a photo as a “Favourite” from selection mode in
Photos.
Using the star icon (here highlighted in the top-right) to
mark a photo as a “Favourite” in Photos.
A heat map is a quick
Testers used a dedicated laptop running Fedora To conduct our test,weI presented each tester with
way to show usability test
results. 24 with Gnome 3.20, without any modifications or 16 scenario tasks, which they completed in less than
extensions. I used the stock Gnome 3.20 to test 50 minutes. Throughout the test, we observed and
Gnome Photos, but used the in-development Gnome took notes. Afterwards, we thanked them for their
Continuous Image (running on Gnome Boxes) to test time and followed up with a few questions.
Gnome Calendar. Each tester executed their tests
using a separate guest account that had been pre- ANALYSING THE RESULTS
loaded with sample files. An easy way to summarise usability test results is
with a “heat map.” This is a coloured grid that
represents each tester in a separate column and each
task on a separate row. A coloured cell represents
how easy or difficult it was for the participant to
accomplish a certain task.
Generally speaking, participants accomplished
most of the tasks without difficulties. These tasks
included editing a picture, changing the colour,
enhancing, and applying a filter in Photos; and setting
an alarm and searching for an event in Calendar.
Participants encountered the most difficulties in
creating an album in Photos, adding a new calendar in
Calendar, and adding a new online account in Calendar.
Two testers were unable to complete two of the tasks,
which is a small number considering the number of
other tasks that they completed successfully.
Looking at the heat map, you can easily spot the
“cool” rows with lots of green and yellow, indicating
tasks that the testers found easy to do. You can
also identify several “hot” rows with orange and
red, representing tasks where testers encountered
difficulty. To understand the results, we need to dig
deeper than just the heat map. Referring to the notes I
The “Crop photo” menu. captured while observing the testers, we can uncover
34 www.linuxvoice.com
� GNOME USABILITY TESTING FEATURE
what happened during the usability test and why
testers reacted the way they did. Let’s examine several
tasks that worked well and others that our testers
found more difficult.
WHAT WORKED WELL
Photos
Favourite a picture (task 2): As you are showing the
pictures of the album you just created, you notice a
picture that you’d like to share on your social media
accounts. Please “like” that picture, in order to access it
more easily later on.
This task was pretty easy for almost all testers to
accomplish. Testers noted that the star icon was very
easy to find, which helped them complete the task.
The header bar menu in
You can “Favourite” a photo in several different ways task, testers quickly found a way to set a reminder. No
Photos.
in Photos; some participants marked the photo as participant encountered difficulties on this task.
a Favourite from selection mode, while others used Search for an event (task 5): You have already
the star icon while viewing a photo to mark it as a created an event named “GUADEC” for the GUADEC
Favourite. conference you are attending next month but you forgot
Edit a picture (task 4): After showing your friends all the exact date. Can you please search for it and then tell
the pictures of the “Thailand trip” album, you revisit your me the date.
“favourite” picture since you want to edit it before sharing
on social media. Users assumed that they could edit the
This task turned out to be straightforward and
intuitive for all the participants. Testers commented picture using only the rations in the
that the “pencil” icon used to edit a photo seemed
obvious and familiar to them from other photo editing sidebar, so were initially confused
applications that use a similar icon.
Crop a picture (task 5): You start by cropping the This task was also intuitive for all the participants.
picture to make it look smaller. Again, notice all green blocks for this row in the heat
Most testers completed this task very easily. You may map. All testers completed this task without difficulty.
notice a few yellow boxes on this row in the heat map, Afterwards, testers noted they found the “magnifying
showing some testers who experienced a little glass” search icon to be very familiar, which helped
difficulty. When these few participants went into the them in the task.
Crop action, they first assumed that they could edit
the picture using only the ratios in the sidebar, so were WHAT WERE THE CHALLENGES?
initially confused; these testers quickly discovered Photos
they could uncheck the Lock Aspect Ratio option to Create a new album (task 1): You just got back from your
crop the photo the way they wanted. trip to Thailand. You want to show your friends all the
pictures that you took there but you notice that they are
Calendar all mixed with the other pictures that were previously in
Set an alarm (task 3): Set a reminder 10 minutes before Gnome Photos. To avoid confusion, you decide to collect
the meeting starts, so you don’t forget that meeting with the pictures from your trip. Create a group of these
your boss. photos and name it “Thailand trip.”
This test was easy for all participants to complete. This task was definitely the most challenging for
Correspondingly, you should notice all green blocks testers to accomplish! Note in the heat map that this
for that row on the heat map. When working on the is a “hot” row, with more orange, red, and black boxes,
representing difficulty and frustration in attempting
the task. All participants went through similar steps to
complete this one. First, they clicked “Albums” on the
view switcher. Finding an empty album, testers then
clicked “Name Your First Album,” thinking this option
would create a new album. However, the “Name Your
First Album” text is not a button; instead, it is meant as
a hint to the user. Testers found this unclear.
When that didn’t work, testers tried to right-click
in the screen to bring up a menu, but that didn’t do
The empty “Albums” view in Photos. anything either. After that, testers looked for a “Create
www.linuxvoice.com 35
� FEATURE GNOME USABILITY TESTING
Renaming a calendar in Calendar.
“Add A New Calendar” or “Create A New Calendar” in
the menus. Testers expected to find an option like
“Add a new Calendar” in the application menu and
not under “Calendar Settings.” Some participants
even created a new event instead of a new calendar.
Almost all testers were unsure which option to choose
for adding a new calendar.
Testers also expected additional feedback after
they named the calendar. They complained about not
The Calendar Settings
An Album” option in the Gnome “Application” menu having an “Apply” button, since they were not quite
menu in Calendar.
but could not find it. Some participants also searched sure if they added the new album.
for “Create An Album” in the search bar. Look for a specific date (task 4): You plan to throw a big
Finally, testers right-clicked on “Photos” and found celebration party for your birthday next year. You want to
the “Add To Album” option on the bottom of the check what day of the week will your birthday be, while
screen. wishing for Friday so everyone can show up! Check the
Delete a picture (task 3): While looking through all calendar and tell me what day of the week your birthday
the photos, you notice that two of the photos look very will be in 2017.
similar. Please delete one of them. Not many testers used the view switcher to skip
and ahead to a specific date or year. Instead, most testers
Set a background picture (task 10): You really like the used the arrows to change the displayed date in
way that the picture turned out and you decide to set it as Calendar while others tried to scroll through the
a “Background picture”. months.
These tasks were somewhat confusing for many Add an online account (task 6): You don’t want to move
testers, as represented in the heat map with yellow across different calendars, creating same events multiple
and orange boxes. For both of these tasks, most times. So, you try to connect this calendar with Google
testers right-clicked on the photo and expected to get Calendar (or any other online account you use).
a menu where they could delete the photo or set it as
a wallpaper image. Testers claimed that it would have
made more sense to have a special menu that they
could use to act on the picture instead of using the
header bar menu.
Calendar
Add a new calendar (task 1): You want to have all your
work-related activities in your calendar but you don’t want
them to be mixed with other activities, since you have a
lot going on lately. To keep your events organized, you
decide to put all your work activities on the same
calendar. Make a new calendar, call it “Work,” and make
the activities appear in purple.
This proved to be the most difficult task in Calendar. Using the arrows to change the displayed date in Gnome
In general, all participants were confused by the term Calendar – our users had no trouble performing this task.
36 www.linuxvoice.com
� GNOME USABILITY TESTING FEATURE
This was a difficult task for several testers. The first
thing testers often attempted was the “Synchronise”
Above left: The
option on header bar menu. These are the scenario tasks that you can use for your
Synchronise option in
After the testers found a way to add an online usability test. Gnome Calendar.
account and finished this task successfully, they When you have your scenario tasks, ask a few Above: Adding and
wanted to remove the account. However, the people to sit down with you to do a usability test. Ask removing an online
testers were confused by the “+” and “-” signs, and each tester to do the scenario tasks, one task at a account in Gnome
commented that their meaning wasn’t clear. When time. Watch them, and take note of what they do. It’s Calendar.
testers figured out that the “+” and “-” buttons added surprising how much you can learn just by watching a
and removed online accounts, testers said they would few testers use your software. With a few volunteers,
instead prefer more obvious labels such as “Add An you can quickly see what areas of the interface work
Account” and “Remove An Account.”
TESTING USABILITY IN YOUR OWN PROJECTS It’s surprising how much you can learn
As this test demonstrates, usability testing is simple.
Anyone can do it! This usability test of Photos and
just by watching a few testers use your
Calendar shows how working with a few testers, and software – watch them and make notes
watching them use the software to do real tasks, can
yield useful results.
You can apply usability testing to your own well, and what parts of the program need more work
software projects very easily. Start by thinking to become easier to use.
about who uses your software, and consider why They key to usability testing is to do it iteratively.
these people use your software. From this set of Create your design, test it, update your design based
assumptions, jot down a representative sample of on that feedback, then test it again. At each iteration,
tasks that give a good idea of how your users would your program will become easier to use, so anyone
actually use the software in a real-world situation. can use it. With good usability, everyone wins!
HOW TO CREATE A HEAT MAP
The traditional way to present usability test results When creating your own heat map, follow these Orange if the tester had some trouble in the task.
is to share a summary of the test itself. What worked three simple rules: For example, if the tester had to poke around the
well? What were the challenges? 1
Organise scenario tasks (from the usability test) menus for a while to find the right option, or had to
This written summary works well, and it’s in rows. hunt through toolbars and selection lists to locate the
important to report your findings accurately, but 2
Arrange test participants (for each tester) in appropriate icon, you would code the block in orange.
the summary requires a lot of reading on the part columns. Red if the tester experienced severe difficulty in
of anyone who reviews the results. And it can be completing the task.
3
Represent each tester’s difficulty in each scenario
difficult to spot problem areas. While a well-written Black if the tester was unable to figure out how to
task with a coloured block.
summary should highlight these pain points, the complete the task, and gave up.
The colour indicates the relative difficulty of each
reality is that the reader will need to dig through the The colours borrow from the standard green-
task for each tester:
report to understand where testers ran into problems, yellow-red “stop light” indicators to suggest
Green if the tester easily completed the task. For
and which areas of the software seemed to be OK. go-caution-stop. The extra orange and black colours
example, if the tester seemed to know exactly what to
When presenting my usability test results, I still provide gradation to additional difficulty.
do, what menu item to activate or which icon to click,
provide a summary of the findings. But I also include The use of colours also lend the heat map its
you would code the block in green.
a “heat map.” The heat map is a simple information name. The gradient from “cool” colours to “hot”
design tool that presents a summary of the test Yellow if the tester experienced some (but not too
much) difficulty in the task. implies increasingly difficulty.
results in a novel way.
www.linuxvoice.com 37
� FAQ SNAPPY
Snappy Is distro fragmentation set to be a thing of the past? Let’s find out.
MICHEL LOUBET JAMBERT are making their way to other distros as traditional package managers is that
well. Originally, the installation of with a Snap package, everything is self
I’ve seen that name cropping packages was only possible from the contained. Unlike apt, for example,
up everywhere, but what terminal, but this later became available rather than installing a package then all
actually is snappy? What has it got on the Software Centre (or rather, its the different dependencies separately, a
to do with Ubuntu Core? Gnome replacement) for those with Snap has everything contained within
Loosely speaking, Snappy is a xenial-proposed enabled. For now, the one package. This means that if
package management system, there’s a far more limited range of you have a distro with an older version
while Snap is the format of the software available than through the of a library installed than the one
packages. More precisely, Snappy traditional means, but this is quickly needed by the application you wish to
refers to a broader variety of things, changing with the likes of VLC and install, rather than updating everything
including the aforementioned snap LibreOffice jumping on board. and risking the stability of your system
packages, package management (if the dependencies are even
system, as well as Ubuntu Core, the Wait, we already have far too compatible), the application installs its
stripped-down multi-purpose version of many package managers, why own newer version in a self-contained
Ubuntu. Snappy and Ubuntu Core tend another one? And one with fewer way. Having this kind of isolation design
to be used interchangeably by applications for that matter? has the added benefit of increased
Canonical as “Snappy Ubuntu Core,” The lack of software would security, since it prevents cross-
which causes some confusion. Other change overnight if even just one contamination, as long as the sources
than the packages being designed major distro decided to adopt it fully, are trusted, which could be an issue
originally for use on the distro, they but many applications are already since there’s potential for users
aren’t one and the same – one is a providing Snap packages anyway. downloading Snaps from pretty much
distribution which aims to be used for Snappy is very different from most, but anywhere. At the same time, it prevents
cloud computing, among other things, not all of these. It’s an attempt at fragmentation with different version
while the other is a package creating a cross-platform, self- numbers of the same distro, as Snaps
management system. We’ll be focusing contained (sandbox) orientated themselves can be rolled back easily
on the latter. package manager, rather than the (preventing downtime) and allow
After Ubuntu Core, Snappy appeared single-platform and dependency installing multiple versions of the same
in Ubuntu 16.04, and now the packages centred ones. The main difference over program on one system.
I’m sold. Are there any more
Snappy is an attempt to create a cross-platform, advantages to this?
If you’ve been using Linux for a
self-contained package manager, rather than while, then you could probably
think of a few off the top of your head,
dependency-centred ones such as developers being able to
38 www.linuxvoice.com
� SNAPPY FAQ
control their updates more easily and
quickly since there are no repositories
in between. One positive implication
could be the benefits to developers
trying to bring their software over to
Linux, but who might have limited
experience with the operating system.
A good example here would be games,
with developers often encountering
things like dependency issues and not
Snappy’s logo and
understanding why a game might work name are descriptive
perfectly well on their test systems, but of what it does.
why something like controller support
doesn’t work on another. Packaging a
game in a Snap would do away with
many of these kinds of issues and
ensure that distro fragmentation (and
associated higher support and porting
costs) need no longer be barriers
towards developing for the OS.
This of course applies to a slew of
other areas, and even with FOSS
projects, it can simply save a lot of time slightly different aims, AppImage and differ in some key areas, like Snappy
not having to do as much maintenance, OrbitalApps are also projects being able to download changes to an
bugfixing and testing. Overhyped “year attempting to do similar things, so application when updating, rather than
of the Linux desktop” predictions aside, Snappy is far from alone. Snap downloading the whole thing.
something like Snappy has the packages also don’t conflict with
potential to seriously affect Linux existing package managers, so for the I understand about Snappy
adoption and development, not just time being, it is likely that Snappy will working alongside other
from the easier and cheaper coexist with other package managers package managers, but are Apt and
development, but also the larger on distros as an additional form in Yum done for in the long run?
amount of software available across which to install software or software Hold your horses. These things
distros. The distro developers versions which are otherwise not don’t happen overnight, and even
themselves could also focus more time supported. If this ended up being the if the big distros start adopting Snappy
on core development, rather than case though, but with just one or two of (or alternatives) there would still be
application packaging. the cross-platform package managers plenty of others to hang on to the
adopted alongside RPM et al, then the traditional package managers for
Hurray! The end of distro situation would probably still be rosier whatever reason. At the same time,
fragmentation, right? since there would still be increased even if Snaps replace other packages
Err… not quite. While it looks like compatibility. Whatever the case, there on the application layer, the systems
the time of package managers are big implications. themselves would still be built without
being tied to distros might soon be using Snaps, and even Ubuntu Core is
coming to an end, along with the large Wait, aren’t there other built using Debs. Also, X.org is a good
number of competing ones, if you’re a solutions apart from these? example of something that has stuck
bit of a pessimist, this could also just be Well yes, there are. One of them around for years even when Wayland
the start of a new era where we have a has been covered in has seemed imminent, due to a number
lot of competing cross-platform DistroHopper, that being the method of factors. Multi-distro package
package managers rather than used by Bedrock Linux, which installs managers are an exciting prospect, but
single-platform ones. Basically, it might different distros on virtual drives that it’s best not to make bold predictions,
be the beginning of the end for one of are accessed by one central Linux though if Snappy does gain ground,
the causes of distro fragmentation distro. There are various advantages there would be a snowball effect.
(there are still other things such as and disadvantages to these solutions, For the time being, Snappy has to be
display servers), but we might see the but on the surface, a package manager installed through traditional means on
start of a new type of fragmentation or like Snappy seems like the most the distros it supports, but once
just a load of new package managers elegant and doesn’t mean users installed, it allows the exact same Snap
added to the existing pile. Flatpak installing an unfamiliar distro since the package to be installed and to run on
(covered here in issue 30) is one such advantages can be experienced across any distro. If you’re eager to try it for
standard competing with Snappy, and different ones. Then there are container yourself, it’s already available on a
Autopackage was also an attempt at solutions like Docker of course, which number of distros, so check if yours has
cross-platform packages. Though with have a lot of overlap with Snappy but it and give it a spin.
www.linuxvoice.com 39
� INTERVIEW RACHEL ROUMELIOTIS
40 www.linuxvoice.com
� RACHEL ROUMELIOTIS INTERVIEW
“
Many of the developers who
are new to the community
now look at open source
as a standard part of
software development.
That is a big shift.
RACHEL
ROUMELIOTIS
Thinking of organising your own conference? We get some tips from the
programme chair of one of the biggest – OSCON.
W
e often write about OSCON, we all rely on. Last year, OSCON split current programming chair for OSCON.
O’Reilly’s Open Source into two, with one event being held in That means she’s responsible for putting
Convention. It’s a conference Austin, Texas, and another in Europe. Last together the various sessions, tutorials,
that for a long time took place in Portland, year’s European adventure was held in keynotes and talks that make up the event,
Oregon, in the north west of the United Amsterdam, and this year it’s being held in a process that starts almost as soon as
States. It was always an expensive London between 17 and 20 October. the previous year’s conference stops. We
conference to take part in, especially for Rachel Roumeliotis is a strategic got a chance to ask her about how she’s
Europeans, but it was also one of the content director at O’Reilly Media, been putting together this year’s event, and
best places for meeting people at the top where she edits and curates words on how things have been going in general for
of their game, and often, the people who everything from enterprise to emerging OSCON now that it’s no longer bound to
helped create many of the technologies programming languages. She’s also the North America nor a single event a year.
How did the move to Austin go great years in Portland (I’m sure we will be part of an up-and-coming tech hub again.
this year? back at some point) and had a hand in We definitely had a lot of new voices mixed
Rachel Roumeliotis: Moving to Austin building up Portland’s open source with OSCON favourites, and I expect this
was a great adventure. We had so many community, so it is fun to be able to be a year to be more of the same.
www.linuxvoice.com 41
� INTERVIEW RACHEL ROUMELIOTIS
“We want as many different
perspectives as possible” – that’s
why OSCON is on the move again.
Karen Sandler’s OSCON report years? Do you think they reflect the RR: Cloud-based innovation is core to
(https://sfconservancy.org/ state of open source development? the changing world that the software
blog/2016/may/28/oscon-2016/) RR: I’ve spoken to many different developer finds herself in and so it
mentioned how important local developers about open source and would follow that OSCON as a
outreach had been to the what I’ve found to be the biggest reflection of the community would find
conference’s success. How do you change over the better part of two it at its core as well.
balance outreach – perhaps the true decades is how developers come to be Could it have been predicted? Maybe
origins of OSCON – with the needs a part of the open source community, if one were to have looked at the
of corporate sponsors and proposals or rather how open source becomes a economics of owning infrastructure
from people who are leaders in part of their lives. and the emergence of scores of
their fields? Individuals who attended the first startups. Over the last decade or so the
RR: Good question. It all comes down OSCON were often introduced to open choice of tools from software
to one main focus – how do we create source via Linux, which was a revelation frameworks to servers and now
an outstanding event for attendees? letting developers peek under the hood. ‘Whatever you need as a service’ has
Everyone from the individual who is Many of the developers new to the shown that there is a lot of room for the
working on her first proposal to a well community now look at open source as different types of computing needs
known community leader to an a standard part of software across all businesses now that all
enterprise that has five different development. That is a big shift. What businesses are software businesses.
employees submitting and a giant has stayed consistent is that our And maybe the fact that all businesses
booth all really want the same thing attendees are committed to open are now software businesses is the
– engagement with the audience. The source. Open source needs tending and indicator that we are going to see
job of the chairs and committee is really that hasn’t changed since its inception. strong cloud computing growth for the
more one of course correction than next few decades.
balancing. We guide our proposers via What do you think the term
our CFP (Call For Participation) towards ‘open source’ means today? Like Austin and
what we want the program to look like, RR: Today ‘open source’ means equally
and on occasion to ensure that content innovative and quality software Amsterdam, we needed
is focused on thought leadership and
‘how-to’ suggest modifications to a
development. Open source allows for
many individuals to contribute, which
to learn about London
proposal. Getting out in front of the helps move software forward.
entire audience from community to How does organising a
enterprise and being clear with our It feels to us that cloud-based conference in London differ
intent for the conference really allows innovation has always been a from Austin, or Amsterdam?
for the program to balance out quite big part of OSCON, even before RR: As I mentioned, each OSCON is
nicely by itself. cloud was a thing. Do you think the steeped in the community where it is
current state of cloud-computing located, so like Austin and Amsterdam,
How do you think attendees could have been predicted and we needed to learn about London and
have changed over the last 17 where do you think it’s headed? what software communities were
42 www.linuxvoice.com
� RACHEL ROUMELIOTIS INTERVIEW
If you can get your employer to
pay for it, go to OSCON – nowhere
else has the same buzz of
knowledge and opportunity.
focused on in that city. We took into looking forward to in London (I know information that a person needs; how
consideration the financial sector, the this is probably an impossible do you push instead of pull genuinely
larger-than-normal Java community, question to answer). needed info to an audience so that it is
and that fact that the big data industry RR: For our London event, I’m actually appreciated and not pushed back?
is strong in London when organizing quite interested in how the UK Some of that is simple curation, but we
the program. government has incorporated open are in the middle of figuring out how to
source throughout, and we have a few be a constant resource that is always
Do you think the locale of a sessions and keynotes highlighting there with the right answer rather than
conference affects the type of aspects of that evolution. a pile of answers one would need to
proposals and how you edit a search through for minutes or hours.
conference’s content? Do you think technology is
RR: Somewhat. We generally get a lot changing the role of publishing How do you think edited
of proposals from the local area, so as I in ways more subtle than how content can best fight for its
mentioned you will see more content is delivered? I’m thinking of position against social media
prominently the trends of London in a the power of ‘search’, where opinion and self-publishing?
CFP for a London event. knowledge is delivered directly and RR: I do think that working with a
perhaps only recalled for long publisher or editor helps to make the
How do you ensure a enough to implement an idea or content as succinct and clear as
conference has an overall answer a question. But also, the possible among all the noise.
coherence when including huge nature of reading off a screen is
numbers of subjects? changing the way we take in Do you think print publishing
RR: It is hard. With the connective information [see https://www. can learn anything from the
tissue being open source the content theguardian.com/books/2014/ mistakes made by the music
can go far and wide. Choices have to be aug/19/readers-absorb-less- recording industry?
made about topics, levelling needs to kindles-paper-study-plot-ereader- RR: One way we can learn is by
be considered, and it’s a constant digitisation]. listening to our customers and offering
balancing act to ensure that there are RR: Ebooks mimic paper books, so as a variety of different ways in which to
enough specifics vs overarching much of an evolution as they were, we intake content; the music industry
conceptual talks. are really in the same place in many seemed to listen too late and then put
ways. To this point both digital and print all its eggs in one basket for a while.
What areas of cutting-edge media are generally linear and a reader
development or technology are needs to seek them out. You mention Do you think it’s now easier or
you most excited by? search as an innovation in learning more difficult to find good
RR: In open source, AI is certainly of – this is true and has changed the writers than perhaps 10 years ago?
interest, as is the blockchain; both are nature of reference books. Do you need RR: Good question. Honestly, the same,
seeing lots of action due to the core bits a reference book when all knowledge is there are many good technologists,
of technology being open source. online? The answer is it depends on the engineers, architects, and developers
question and the answer. but to find one who can also express
Are there any talks/sessions/ What is now becoming the central how to do what she does is an added
keynotes you’re particularly question is how do you curate the gift and as rare as always.
www.linuxvoice.com 43
�MUGS AND T-SHIRTS!
You can drink
coffee, tea or
champagne.
It’s all about
choice.
This mug
respects your
freedom. Look,
it even says
GNU/Linux!
shop.linuxvoice.com
� INTRO REVIEWS
REVIEWS
The latest software and hardware, rigorously bashed against a wall by our crack team.
On test this issue . . .
Wireshark 2.2 46 OpenBSD 6.0 47
Keep your electric eye on what’s passing over your Linux is secure, but this Unix derivative (and the
Andrew Gregory network. And by network we mean everything! home of OpenSSH) is utterly bomb-proof.
Found his first answer on Stack Overflow the
other day. A portal has been opened…
M
ore FUD reaches us this
month, brought to light
thanks to the leader of HM
Opposition, Jeremy Corbyn and his
‘Digital Democracy Manifesto’. Some of
the ideas therein are already
government policy (great – when Elementary OS: Loki 48 Ardour 5.4 49
parties agree on using open formats, Pretty is a feature for some; for Elementary it’s an Now with Windows support, a cleaner interface, and
there must be some merit in the idea, ethos. Newbies, try it today and fall in love. loads more features for audio geeks to play with.
right?). Some parts are a bit wishy-
washy (I’ve no idea how a digital bill of
rights differs from an analogue one
– free expression is free expression in
my bok, regardless of the medium).
Group test and books
Some bits are refreshingly common
sense; such as the recommendation
that the UK Government uses more
open source. Common sense to those
in the know perhaps, but to The Sun
newspaper, the UK using open source
would “let foreign spooks rob UK“,
elaborating that “Cyber-criminals and
foreign intelligence agencies would
have a field day.” Of course, The Sun’s
own website runs on Wordpress, that
well known North Korean spy package.
Fear, uncertainty, doubt; rabid Booooooooooooooks!!!! 52 Group test – Online file storage 54
xenophobia and ignorance – everything In which Ben Everard wonders what kinds of WIth OwnCloud’s fork, there’s suddenly a plethora of
we expect from that filthy rag. Carry on! science don’t use data, and benefits from the platforms all fighting to get hold of your bits. Find
andrew@linuxvoice.com narrow focus of a DevOps case study. the best/most convenient/easiest one for you.
www.linuxvoice.com 45
� REVIEWS NETWORK TRAFFIC ANALYSER
Wireshark 2.2
Thalassophobic Ben Everard now fears large marine animals in cat-5 cables.
W
Web https://www.wireshark.org ireshark is our tool of choice for The real power of Wireshark isn’t that it collects
Developer Gerald Combs and the investigating anything relating to data on a network data – there area loads of tools that do this
Wireshark team
network. When capturing, it hoovers up – but that it can analyse almost any network protocol
Licence GPL
every piece of data that passes through your network to see what’s actually being sent. If your networked
interfaces and displays them in a list. When we say application is simply giving an error like “can’t
network, we mean every form of data going into or out connect”, Wireshark will be able to hunt down exactly
of your computer. That includes Ethernet, as you may where the connection problem is happening. We’ve
expect, but also interfaces not commonly thought of also found Wireshark useful for finding out exactly
as networks, such as USB and Bluetooth. This can what data is being sent from an application. If you’re
having performance problems with your network, the
The power of Wireshark is that it can analysis tools in Wireshark can help you track down
exactly where this is originating.
analyse almost any network protocol Version 2.2 comes with the ability to export directly
into Elasticsearch-compatible JSON, which means
to see what’s actually being sent that you can take advantage of the visualising power
of the Kibana data visualisation tool to provide
make it useful for diagnosing bugs in peripheral interactive real-time graphing of your networking.
connections as well as on networks. There’s a There’s also improved SSL capabilities and a whole
command line version (Tshark), and graphical versions bunch more protocols supported.
for both GTK (the toolkit used to build the Gnome
desktop) and Qt (the toolkit used in KDE), so there’s a Data overload
version to fit in with almost every Linux environment. While it’s a hugely powerful tool, Wireshark isn’t for the
Despite the different user interfaces, they all work in faint-hearted. Unless you understand how the
the same way. different communication protocols relate to one
another, you’ll struggle to make sense out of the data
it’s showing you. That said, if you’re interested in
learning more about how network protocols work,
investigating them with Wireshark is a great way to
find out more about what’s going on.
While version 2.2 may not be the biggest upgrade,
Wireshark remains our tool of choice for working with
The protocol hierarchy
statistics show how many network packets.
packets there are at each The best tool for investigating network issues.
level of protocol running
across the network.
46 www.linuxvoice.com
� OPERATING SYSTEM REVIEWS
OpenBSD 6.0
Ultra-secure Mike Saunders investigates the performance of this Unix derivative.
B
it rot is a common problem in software Web www.openbsd.org
Platforms x86, amd64, SPARC,
development. You may run an awesome Free ARM, PowerPC
Software project, and be tempted to roll in License BSD (some parts GPL)
every patch you receive, but who’s going to maintain
the code in the long run? Sometimes the things you
leave out – or indeed the code you remove – is as
important as the new features you add. And this is
true of the latest release of OpenBSD, the security- OpenBSD’s installer is a
focused Unix flavour that’s also the home of OpenSSH plain text affair, but gets
and other well-known tools. the job done quickly.
OpenBSD 6.0 drops support for the ancient VAX
architecture (you know, those big white machines that like extra hassle, but OpenBSD isn’t there to make your
are easy to confuse with fridges), along with support life easy – it’s to make you secure.
for running Linux binaries by translating system calls. Then there have been improvements to SMP, aka
Pretty much nobody used the former feature, while multi-processor support. OpenBSD has historically
the latter was unmaintained and suffering from the been weak in this area, especially when compared to
aforementioned bit rot. As the OpenBSD team is so Linux or FreeBSD, but progress is being made. The
heavily focused on security, removing any old and network stack has been improved and for desktop
dust-ridden code is part of the process of a release. users, web browsing is now a tad smoother.
We use Linux for most things, but we love the
Selective improvements strong focus, the attention to detail, and the tools that
But what’s actually new in this version? Well, W^X OpenBSD produces for all OSes. We just hope to see
(write-or-execute) is enabled by default for the base some kind of official binary update system in the next
system. This is a security measure that says that a few years.
chunk of memory can be written to, or executed, but
not both – limiting the attack surface of the OS. If you A spoonful of extra security and a nice glass of
need to run a program that won’t work with W^X performance improvements to wash it down.
The release songs are good too.
enabled, you can set a flag and mount the filesystem
that contains it in a specific manner. This may sound
www.linuxvoice.com 47
� REVIEWS LINUX DISTRO
Elementary OS: Loki
Creating a beautiful distro? It’s [gratuitous pun redacted] my dear Ben Everard.
A
Web https://elementary.io well designed tool is a joy to use, whether it’s a browser. Epiphany is a good browser, but it’s not in the
Developers The Elementary physical item like a perfectly weighted and same league as Firefox or Chrome.
Team
sharpened chef’s knife or a text editor that The designers have made good use of the new
Licence Various open source
licences feels like an extension of your brain. The better the features in GTK 3 particularly the Header Bars that
design, the closer the link between your intention and enable developers to put more tools in the top bar of
the tool’s action. Good user interfaces present the user the window. It would be easy to overdo this and end
with all the information they need to use the software, up with cluttered windows, but by focusing on the
but not be overwhelming. They should also look good, core uses of the application, the Elementary team
but this is secondary to ease of use. Elementary OS have made the basic functions easy to access.
claims to be a design-oriented Linux-based OS, so it’s
this standard that we will judge them by. Unity is strength
The attention to detail in the design of Elementary The look and feel of Elementary permeates all of the
will definitely help new users. For example, open the default applications – this means that if you want to
Music or Photos application and you’ll be greeted with use, for example, a different music player or email
the same message telling you how to add your files. application, you quickly lose the smooth feel that
This consistency comes from design of the OS as a comes from having the full Elementary experience. If
whole, not just individual components. Our only you’re set in your ways about which applications you
quibble with the default applications is the web like to use for which tasks, you won’t really get the
benefits of this distro, but then you’re not really the
target either – 75% of the downloads of Elementary
come from proprietary operating systems, and for
these people, new to Linux, Elementary OS is a
fantastic introduction to what Linux can do.
The similarity between the
The design focus has built the most graphically-
pictures and music
coherent Linux distribution that looks good and
applications reduces the is easy to use.
amount that a new user
has to learn.
48 www.linuxvoice.com
� DIGITAL AUDIO WORKSTATION REVIEWS
Ardour 5.3
Graham Morrison goes gaga over the latest update from Paul Davis.
A
rdour 5 is the biggest update to our favourite Web https://ardour.org
Platforms Paul Davis
audio workstation software we’ve seen. Its Licence GPLv2
biggest new feature is support for Microsoft
Windows. This might not seem so important to us
Linux users, but it will result in more people using
Ardour, and consequently, more support and
development going into future releases for all
platforms. This is what happened when OS X support
was added, and it’s the cross-platform nature of A major update to Ardour’s
Ardour that’s been able to help its creator, Paul Davis, user interface is the ability
fund Ardour’s new features, such as the new tabbed to tab between mixer and
interface. You can now switch between the Editor, editor views.
Mixer and Preferences views while keeping the top
panel in place, which makes the application feel more help if you were building your own studio, for example,
more like a professional DAW (Digital Audio or wanted to incorporate esoteric touch panels, knobs
Workstation) on other platforms. and sliders into your recordings. Finally, there are five
new themes for Ardour’s excellent theming engine,
Oh L’Amour helping the application fit into your desktop.
Equally important, and something we’ve been asking All of which makes this the best update and release
for for years, is the inclusion of some basic plugins. of Ardour we’ve seen. If you find Ardour as brilliant as
Previously, you needed to install your own plugins we do, don’t forget that it’s an open source application
before you could do anything with Ardour. But the new funded by users who subscribe to updates, and we’d
4-band parametric EQ, side-chain compressor, delay, highly recommend doing this if you’d otherwise be
reverb and filter effects fit the task perfectly, and will buying a costing proprietary application, as it will
perform 90% of your day-to-day editing duties. mean more updates like this in the future.
Another major update is a completely revised OSC
(Open Sound Control) interface, making it much easier
Awesome.
to remotely control Ardour, or create profiles for
Android tablets and hardware controllers. This would
www.linuxvoice.com 49
� REVIEWS GAMING
GAMING ON LINUX
The tastiest brain candy to relax those tired neurons
O TEMPORA! O MORES! Life Is Strange
A gripping story with twists, turns and mystery.
Web http://store.steampowered.com/app/319630
Price £15.99 (all 5 episodes)
This incredibly story-rich episodic adventure
game has now made its way onto Linux, being
one of the first of the big series of this type get
ported. For those not aware, these kinds of
Michel Loubet-Jambert is our Games
Editor. He hasn’t had a decent night’s episodic story games are a fairly recent
sleep since Steam came out on Linux. phenomenon and are somewhat comparable to
the high-budget television miniseries which have
O
ne ongoing trend in the world become increasingly popular over the years. Through Max, the player can examine every nook
of games development is that Their role is to tell a gripping story, using the and cranny of Arcadia bay.
Linux ports that have been
medium of video games to their advantage, such
promised are just not getting made.
Some of the major casualties include as player choice and exploration to do things not in a dignified and mature manner. If you like story
Project CARS and Batman: Arkham possible in front of the television. Life Is Strange in games, it’s hard to pick too many holes in Life
Knight, though the latter of these does just that, delivering an excellent story, Is Strange, with the only obvious caveat being
may also be due to the negative memorable characters and great voice acting that turning back time and seeing possible
critical reception it received. Though
which helps further the immersion. outcomes tends to detract from the tension that
there isn’t a huge deal to be done
about market share (one of the The game puts the player in the shoes of Max, comes from having less control over a situation.
factors to which we can attribute the an 18-year-old photography student who can That said, it is still a rollercoaster of a story with a
lack of developer take-up), with turn back time. The main premise is that, by replay value not found in linear narratives.
porting we can hope that in an using these abilities, she can stop or alter Rather than spoil the story, it’s best to try it out
increasingly multi-platform world,
unfortunate events that are going on around her. for yourself given that the first episode is now
developers will plan their work
around that from the start. As such, the game deals with some pretty heavy free, which should hook most people into buying
There’s more news on the Vulkan themes, though manages to do so the other four – all of which are available now.
API as it continues to expand, with a
few open source projects now
adopting it. The original Quake is
one such game to get the Vulkan
treatment. There are still some
things missing, but it should be up
and running for those who want to
try it. The same goes for the
Dolphin emulator, which enables
running Gamecube and Wii games on
desktop systems. In this case, Vulkan
performance is slightly better
for Nvidia cards than on
OpenGL, and around 25%
faster on AMD cards.
Some more nice news is
the release of Godot 2.1, with
the game engine focusing on
improving the editor to make
game development more
user-friendly. More languages
have also been added, opening
up development to more people The game’s characters feel
who wish to make games entirely very human, each with their
on open source software.
own agendas or issues.
50 www.linuxvoice.com
� GAMING REVIEWS
Stardew Valley ALSO RELEASED…
Like Harvest Moon, but bigger and better.
Web http://store.steampowered.com/app/413150 soulless corporation before embarking on
Price £10.99
a new life full of village folk and cabbages.
The farm begins abandoned and the
Harvest Moon is a game many rank player slowly builds it up, following a
among their favourites, but the series lost mesmerising routine, with side-stories and
its way when it made the transition to 3D. intrigue thrown in.
Stardew Valley addresses that, by providing Though the formula remains similar,
a spiritual successor which brings the some aspects have been seriously refined.
Human: Fall Flat
series back to its roots. Simply holding a turnip above your head This very stylish third person puzzle-
The game follows the usual story of and giving it to your love interest every day platformer combines its wobbly physics and
inheriting a farm from a relative, but now until they give up and marry you doesn’t mesmerising dream world to provide an
with the added backstory of the work anymore, since superior AI makes extremely pleasant and minimalistic
protagonist wasting their life away in a things trickier and a lot more rewarding. experience with a charming aesthetic appeal.
The controls are extremely unorthodox (even
occasionally annoying) and add challenge to
the otherwise straightforward, mostly
physics-based puzzles.
http://store.steampowered.com/app/477160
Stardew Valley makes getting
up at 6am every morning to do Doorways: Holy Mountains of Flesh
manual labour incredibly fun! The latest installment of the Doorways horror
game series has come out of Early Access. Set
in the Argentine province of Salta, the game is
full to the brim of atmosphere through the
Starbound
clever use of sound, ambience and music. It
focuses on psychological horror over cheap
jump scares (though there are a few) and has a
A point-and-click classic brought back to life. decent story, which is enhanced by playing the
previous games in the series.
http://store.steampowered.com/app/383930
Web http://store.steampowered.com/app/211820
Price £11.99
After being in Early Access for just over
three years, Starbound has now hit 1.0,
offering a feature-complete and stable
game for those who haven’t picked it up.
The sandbox/survival/crafting game
revolves around a space traveller who has Starbound’s 16-bit graphics feel out of place
become lost and must land on different at times, but still work well.
planets to gather fuel and supplies for
Overlord I & II
their ship in order to continue the journey given that it has it all: a fleshed-out
The Overlord series has made its way onto
through space. There’s a good dose of universe with different races and lore, a Linux with both the original games and the
exploration and some brutal Rogue-like satisfying story, retro side-scrolling Raising Hell expansion. The series turns the
elements. combat, and the freedom associated with fantasy genre around as the player controls the
A lot has changed since it launched sandbox games. Overlord, a sort of Sauron-like figure who
releases his minions to unleash havoc on and
around the same time as Steam came to Where Starbound sets itself apart from
destroy an otherwise peaceful kingdom.
Linux, so for those who liked it before, other sandbox games is with the story Overlord II is the better game, but both are
chances are you’ll like it even more now. and lore, giving a much longer shelf life worth the price for a good dose of silly fun.
For potential newcomers, it’s hard to think and replay value to a genre that often gets http://store.steampowered.com/app/12810
of those who Starbound wouldn’t please stale quickly.
www.linuxvoice.com 51
� REVIEWS BOOKS
Data Science Essentials In Python
Ben Everard is still trying to work out what sort of science doesn’t use data.
Author Dmitry Zinoviev
Publisher O′Reilly
Price £22.38
ISBN 978-1680501841
D
ata science – the process of what techniques you should apply and when
squeezing meaning from large you should apply them. If you don’t already
amounts of uncooperative data – understand the mathematics behind data
became a tech buzzword shortly after Big science, all this book will teach you is how
Data entered the business lexicon. to generate graphs. Likewise, this book
Data Science Essentials In Python goes only covers the extra bits of Python that
through most of the Python features you’ll apply to Data Science that regular Python
need if you want to analyse data. You’ll learn programmers may not know, such as how
about text processing, working with large to use analytic modules. None of this should
amounts of data, tools for manipulating be taken as a criticism – far from it – by
data, ways of making it look pretty and focusing on one aspect, Dmitry Zinoviev
modules that help with statistical analysis. has made a book that is not just a useful
Rather than look at what this book does introduction, but a useful reference guide to
cover, it’s perhaps more instructive to look flick back to as you’re working with data.
at two things it doesn’t: Data science and Pythons only need to eat four or five times per
Python programming. This book takes Get to grips with the Python you need for
data science. year. This means they can spend almost all
you through how to apply data science their time analysing data rather than hunting
techniques in Python. It doesn’t teach you for wild pigs.
DevOps in Practice
Ben Everard feels DevOps should be renamed DevTOps. Testing is important too!
Author Danilo Sato
Publisher Casa do Código
Price £13.99
ISBN none
A
t the intersection of development maintaining a production server of a non-
and operations lies a brave group trivial example (the Broadleaf e-commerce
of men and women trying to please platform). The entire book is built around
two opposing sides: operations want this case study, which means that it gives
servers to keep running smoothly without a thorough investigation of this problem
interruptions; developers want to push out and it becomes easy to understand how
new code that may or may not break the everything fits together, so if you’re looking
production environment. DevOps achieves for a book to introduce you to the technical
this squaring of the circle by carefully side of this field, DevOps In Practice does a
applying continuous integration, monitoring great job of showing the end-to-end process.
and automated provisioning and build The downside of this is that it focuses quite
systems. heavily on these specific tools, so if they’re
There are a wide range of tools and not the ones that your organisation uses, a
utilities out there to help, none of which has different book might suit you better.
yet established itself as a de facto standard.
DevOps In Practice selects one chain of tools A case study that shows how DevOps can help an
organisation manage its production environment.
(Vagrant, Jenkins, Nagios and Puppet), and Strapping code to a rocket and firing it off into
shows the entire process of setting up and space is an example of what’s not DevOps.
52 www.linuxvoice.com
� ELIXIR CODING
www.linuxvoice.com 53
� GROUP TEST HOSTED STORAGE SERVERS
GROUP TEST
Not willing to trust his collection of cat videos to remote storage silos,
Mayank Sharma looks at options to set up his own.
On test Hosted storage servers
O
nline storage services such confines of your computer (or more
Cozy as Dropbox offer a accurately your home network) and
URL https://cozy.io convenient option for yet is accessible through any device
Licence MIT/X11 accessing and sharing data connected to the Internet. Many
Latest release 2.5+ anywhere on the planet. Yet the hosted services also offer sync
Can it manage your personal convenience comes at a cost, and clients for various mobile devices
data comfortably? the very idea of transferring our files and desktop platforms.
to a remote server, outside of our You can use the hosted services
NextCloud jurisdiction, seems quaint in the
post-Snowden era.
to share all kinds of data, including
photos and videos without worrying
URL https://nextcloud.com Then there’s the matter of cost about the costs of uploading
Licence AGPL v3 as well. While many cloud services additional data. In a professional
Latest release 9.0.53
provide a free basic account, they setup, you can also use these tools
Is this newly forked project any good?
usually come with limited storage to collaborate on documents and
space and only offer a minimum of use their in-built version control
OwnCloud Community Edition services. If you want to go beyond features to track changes and revert
these you’ll usually have to sign up to older versions.
URL www.owncloud.org
for a paid subscription, the costs of In this group test, we’ll look at
Licence AGPL v3
Latest release 9.1 which can mount up. some of the most popular tools
Can it survive past the fork? This is where personal cloud for hosting your data and sharing
storage software step in. These it with others on your terms. Most
tools offer all the conveniences of an home users can easily repurpose an
Pydio omnipresent storage service while old unused computer as the server
URL https://pydio.com keeping you in charge of your private and some tools even put out server
Licence AGPL data. The data never leaves the images for the Raspberry Pi.
Latest release 6.4.2
It advertises the users of its Enterprise
edition, but is the freely-available edition
Most home users can easily
any good? repurpose an old unused computer
as the server, or even a Raspbperry Pi
Seafile Community Edition
URL www.seafile.com Essential features
Licence GPL v2
Latest release 5.1.4 Some of our hosted storage solutions are setting up your own storage server. We’ll
Another option that presents a easier to set up, some offer fine grained look for the servers that help you bring
access controls, while others pay more back accidentally deleted files, and we’ll
feature-restricted community edition.
attention to security. However, there are reward the options that offer controls
some features that are common to all to share and collaborate over the stored
SparkleShare
solutions on test and we’ll pay special data. Tools that offer mobile clients will
attention to these when evaluating also be rated higher than those that only
URL www.sparkleshare.org the available options. Data encryption offer desktop clients. While scalability
Licence GPL v3 together with security and access control is difficult to evaluate without extensive
helps you keep the data under your use, we’ll make note of solutions that
Latest release 1.5.0
control. Together they are the foremost cater to a large number of users just as
It’s based on Git, but does it get it
reason for going through the trouble of easily as they can serve a handful.
any advantage?
54 www.linuxvoice.com
� HOSTED STORAGE SERVERS GROUP TEST
Make way
Access your storage server from the internet.
By default your storage server will only be accessible script to reverse tunnel from your computer to a curl -s https://pagekite.net/pk/ | sudo bash
from computers within the network it’s set up on. subdomain.pagekite.me address. The service uses a Now assuming your storage server is running on
But that’s not to say that you can’t access it from pay-what-you-want model. The minimum payment of port 80, put it on the internet with
the internet. The trickier solution is to either get a $4 (about £3.00) gets you 2GB of transfer quota for a pagekite.py 80 mypicturesofkittens.pagekite.me
static IP or use a dynamic DNS service and then month. Pay more to get more bandwidth for a longer That’s it. Your private server is now publicly
poke holes in your router’s firewall to allow traffic duration and the ability to create additional .pagekite accessible on https://mypicturesofkittens.pagekite.
from the internet. The smarter way though is to use a addresses. To use PageKite, fire up a terminal and me. Remember to replace mypicturesofkittens with
tunnelling service such as PageKite. It uses a Python install the PageKite software with any name.
Seafile
Community
Edition
Sea-full of features.
Setting up Seafile doesn’t take much effort.
It can use various databases depending on
the number of users it’ll serve. Simple
deployments can use the SQLite database,
while others can deploy it with existing
MySQL/PostgreSQL database installations
and web servers such as Nginx or Apache. Head to https://seacloud.cc to test drive a live Seafile installation.
After creating the database you’ll need to
manually start the Seafile service and the displays notifications for sync operations. groups and enable read-write or read-only
Seahub administration interface. The first Seafile also has clients for Android and access to different libraries. Members can
time you start Seahub, the script will prompt iOS. The Android client supports client-side easily upload, download and edit files online
you to create an admin account for the encryption for encrypted libraries and the or even download the whole libraries from
Seafile Server. new two-factor authentication feature. the cloud. Using the web interface you can
Seafile’s web interface is very verbose. see which files are shared with other users.
You begin by creating a library, which can Designed for collaboration Seafile’s web interface includes a simple
optionally be encrypted, and then add files Seafile users on the network can download editor that converts plain text into valid
to it from your computer. The service offers and create libraries with the client and XHTML documents. It also lets users
flexible sharing options to share libraries or even share any folders on their desktop collaborate on documents and generates a
even individual files with individual users or by uploading its contents into a shared new version of a file after every modification.
groups of users. While sharing files you can library. Furthermore, once a library has been This helps track changes and also lets you
lock them with a password and even set an downloaded to a client, after any changes, restore the file to a previous version easily.
expiration date for the share. You can also the latest version will be uploaded to the You can view several document types from
transfer ownership to another user. server and then be synced with everyone’s within the Seafile web interface including
You need a client to interact with the computers. The service also includes a fsck LibreOffice files, PDF files, JPEGs and PNGs,
server. (Along with Debs and RPMs, Seafile tool to check the integrity of files. and various source code formats. You can
has clients for Windows and Mac OS X Seafile also has version control, and also optionally enable a wiki module.
as well.) Every Seafile desktop client has although it keeps a full history by default, While Seafile is very intuitive to operate,
a unique private key. When a client and a you can specify for each library a period of it does have detailed documentation on
server connect, they exchange the public key time for which you want to keep old files. its website to handhold you through all its
and negotiate a session key. This session You can browse the history of a file and features and tasks.
key is then used to encrypt the data transfer. restore the file contents to an old version.
Easy to roll out and works pretty much like
You can also create an encrypted library, As the admin, you can also add users and Dropbox.
which is encrypted with AES 256. The organise them into groups. Users can then
desktop client sits in the system tray and share a library with specific contacts or
www.linuxvoice.com 55
� GROUP TEST HOSTED STORAGE SERVERS
SparkleShare
All that glitters ain’t gold.
SparkleShare is one of the easiest and server’s public SSH key, so you’ll have
most straightforward solutions to to figure out how to pass them along to
install: all that’s required to install the remote clients.
service is to download and run a script.
Developers will like the SparkleShare A simple plan
service, since it uses the Git version SparkleShare only offers file sharing
control system under the hood. Besides services – nothing else, though you
the server you’ll also need to configure can use it to back up and share data
clients and hook them up to the server. with other users. The service transfers
You can connect multiple clients to the data over SSH channels and you can
same SparkleShare server instance. optionally create encrypted shares
However, sharing a directory with as well. But unlike other services, you The SparkleShare client can connect to the server as well
SparkleShare takes some doing. When don’t get a web-based user interface as other hosting sites including GitHub and BitBucket.
you create a project SparkleShare spits for administering the service and it’s all
out the SSH address of the host and done from the command line. large binary files that change often, like
the location to the shared directory, The service has a desktop client with video editing projects. Finally, since it’s
which is created under its own /home/ limited features and no mobile client. based on Git, SparkleShare has version
storage user directory. You need to give The desktop client sits in the system control built-in. Non-seasoned Git users
these to any client you wish to sync tray and displays notifications about will also have trouble hunting for help,
with the server. the sync operations as well as a list of which is only dispensed via IRC.
You can install the client from your changes across all shared directories.
Easy to set up but offers limited features
distro’s repository or compile it yourself Additionally, the developers themselves and flexibility.
following instructions on the website. admit that SparkleShare isn’t great for
When you add clients they’ll ask for the storing photos, music collections and
Pydio
Space-age file sharing.
You can install Pydio after adding its can password-protect a share and
repository to your distro. The server’s also set an auto-expiration for the
first-run wizard lets you select the link either by date or after a specified
database you wish to use depending on number of downloads. You can
the number of users it’ll serve. Pydio also set the access permissions for
focuses solely on file hosting, and the the shares. Similarly you can share
platform is geared towards complete folders either as independent
collaborative environments. workspaces or as a public link. When
It has a feature-rich and intuitive web sharing folders you can also specify
interface. Files are divided between a layout for the share depending on
workspaces that can be kept private or the content. For example, if the shared One of the best features of Pydio is that you can set alerts
shared with other users. The interface folder contains images you can make it on files to see when they have been modified or viewed.
shows a detailed preview of the appear as a Film Strip.
selected file. You can search for files Pydio as per your needs. Pydio has a
within workspaces, change the Store of value smart modular design and provides
appearance of the files and preview Pydio has desktop and mobile apps additional functionality via several
several types of documents including for all platforms, which help access dozen plugins. For example, you can
text, PDF, images, and more. You can and sync documents from the devices add LDAP support, Bitly URL shortener,
also download files and add bookmarks to the Pydio server. The desktop an antivirus scanner, a HTML 5 video
to quickly access files. app keeps files synchronised across player, and more.
To share a file you can generate a all computers and the mobile app
Ideal platform for collaborating and
link and invite collaborators to work can stream audio and video directly sharing files with a group of users.
on the document. Pydio offers several from the Pydio server. Besides the
options to secure your shares. You built-in features you can also extend
56 www.linuxvoice.com
� HOSTED STORAGE SERVERS GROUP TEST
Cozy Tahoe-LAFS:
Get comfy with your data.
A fault-tolerant
data store
RAID on steroids.
The Tahoe Least-Authority File System (LAFS) is an
open source storage system that pays special attention
to the security and redundancy of the data it houses.
Unlike other systems that use a single server, Tahoe-
LAFS uses a RAID-like mechanism to store files across
multiple storage servers. When you tell your client
to store a file, it will encrypt the file and then break it
up into multiple pieces before spreading them out to
multiple servers. Later when you retrieve the file, Tahoe-
LAFS will find the necessary pieces, reassemble them
before finally decrypting them.
Setting up a Tahoe-LAFS system doesn’t take much
Once you’ve connected Cozy to your various accounts, use the KYou app to setup a dashboard effort, as it’s available in the official repositories of
that visualises the different kinds of data stored within Cozy. several distributions. On an Ubuntu Server installation,
sudo apt-get install tahoe-lafs
Cozy is available through a dedicated favourites, rotate them, and view them as will fetch the required components.
You’ll then need to create an introducer component
software repository for Debian and a slideshow. You can pick photos from the
that communicates with the storage nodes and the
Ubuntu and the project also produces Files app and add them to an album in the client. Type
images for the Raspberry Pi 2 as well as Photos app. tahoe create-introducer ~/.introducer
for VirtualBox. Cozy installs all its required to create the introducer and
components, including the CouchDB More than just files tahoe start ~/.introducer
to bring it online. The introducer has a unique address
database and the Nginx web server, and A default Cozy installation also includes a
listed in the ~/.introducer/private/introducer.furl file
generates its own self-signed SSL Calendar app, which supports CalDAV for that you need to copy in each of the storage nodes’
certificate (but gives you the option to get syncing calendar data across multiple configuration file (~/.tahoe/tahoe.cfg) after creating the
one via letsencrypt.org as well). A first-run devices and platforms. It offers all storage node with
tahoe create-node
wizard creates the admin user and gives essential features for managing events
You’ll also need to uncomment the shares.needed
you the option to synchronise your Gmail and appointments. Similarly, the Contacts
and shares.total parameters, which by default will
account and import calendar, contacts app supports CardDAV and includes divide the files into 10 shares and any three can be
and photos from Google. features to help manage large address used to recreate the file. Then save the file and start the
To store files on your Cozy server, you books. Of note is the Email app, which server with
tahoe start
can upload them to the Files app. Cozy keeps local copies of all email messages
has apps for the desktop, using which as backup and lets you add multiple email
you can sync files between your Linux accounts via IMAP.
installation and the Cozy server. Similarly Cozy comes with its own store, which
the mobile app can sync data between you can use to browse and install over
the Cozy server and your Android device. a dozen useful third-party apps. Some
Cozy lets you assign tags to files for easier useful apps are the Ghost app for rolling
management. You can share individual out a personal blog; the Music app, which
files or complete folders with others by streams music stored on the Cozy server;
generating links. In addition to sending Kresus, for managing personal finances;
the links manually, you can also share the and Frost for archiving web pages in Cozy.
file or folder with specific users by adding Cozy also features a set of connectors
their email addresses in the Sharing for pulling data from external sources
dialog, where you can also define access – these can collect a wide range of
rights for individual email addresses. If data such as your tweets from Twitter,
you’ve allowed contacts to add files to contacts from LinkedIN and Google,
the share, you can ask Cozy to notify you events from Facebook, and even invoices
when a contact adds a file to the folder. from services like Uber and Virgin Mobile. Head to port 3456 on the Tahoe-LAFS server to
The default Cozy installation also manage the installation. You’ll need to spend
Wonderful platform to centrally manage all
includes a Photos app that’s designed for kinds of files and data. some time with the documentation before you
publishing and sharing photos. From the can operate it.
app you can share photos, mark them as
www.linuxvoice.com 57
� GROUP TEST HOSTED STORAGE SERVERS
OwnCloud vs NextCloud
Luke, I am your father.
OwnCloud is one of the most widely
recognised hosted storage servers.
Recently, a majority of its core
developers, including the project’s
founder, forked the code and created
NextCloud. By default, both use the
SQLite database server but can also
plug into an existing MySQL database
and will also work with other web
servers including Nginx and Lighttpd.
Both projects have functional
desktop clients that can be accessed
from the status bar on your distro
and give you a summary of the recent
sync activity. You can use the clients
to throttle upload and download
bandwidth and pause and resume
transfers. The clients also let you add Besides tarballs and virtual machines, OwnCloud offers precompiled binaries and web installers.
local folders and specify patterns
for files or directories that shouldn’t protect it with a password and set an features in the latter’s community
be synced, and enable you to mount expiration date for the link. edition, it’s hard at work offering the
external cloud storage drives, such as features available in the ownCloud
Google Drive, Amazon S3, Dropbox, What’s next? Enterprise edition as well. It’s already
and more, and can seamlessly manage While it might appear that both made considerable strides in this
data on these services along with that OwnCloud and NextCloud are similar to aspect and is constantly being updated
in your private cloud. each other, there are differences to address these gaps with features
Both solutions are also equally between the two. For starters, targeted at enterprise users, including
matched in terms of security, OwnCloud has a Community edition the single sign-on capability, theming
supporting server-side encryption and that is open-sourced under the AGPLv3 functionality for custom branding,
a simple version control mechanism. licence, and an Enterprise edition with custom password policy, secure
Unlike encryption, versioning is enabled additional features available under a WebRTC conferencing, Collabora Online
by default. The versioning feature commercial licence. In contrast, Office integration and more.
ensures you never run out of space on NextCloud only has one open source Also, OwnCloud’s mobile apps
your storage server, as it automatically version and plans to generate revenue for Android and iOS aren’t available
deletes old versions according to a via support and consulting services. as free downloads, nor does it offer
well-defined routine. You can also share While NextCloud already compares an evaluation version. Here again,
a file publicly with a URL and optionally well with OwnCloud in terms of the NextCloud outscores its progenitor by
offering apps for both Android and iOS,
using which you can work with your
files stored on the storage server from
the mobile device. Furthermore, you
can find a host of add-ons that you can
use to flesh out your installation in the
NextCloud app store, which surprisingly
even at this early stage lists a few more
apps than the OwnCloud store.
OwnCloud
Offers more features than many of the
others but loses out to its fork.
NextCloud
The fork of the mature, feature-rich storage
server that scales well.
You can access your remote storage using the file manager on any OS via the WebDAV protocol.
58 www.linuxvoice.com
� HOSTED STORAGE SERVERS GROUP TEST
OUR VERDICT
Hosted storage servers
Selecting a hosted storage service service gets brownie points for making
depends on a number of factors, such a version especially for the Raspberry
as the type of data you will be syncing, Pi. However, Pydio has a much nicer
and your level of expertise working with and more intuitive user interface. It
network software on Linux. In fact, it also scores for certain administrative
isn’t uncommon for people to use features like user roles and its ability to
multiple services. For example, if you notify you when shared files are viewed Because of their shared core, you can easily update your
want a central storage server for your or modified. OwnCloud installations to NextCloud.
personal use, Cozy presents a very
viable option. It’s easy to deploy and Taking over
has useful features and apps for the Unlike the runners up, there’s no
home user. But while Cozy encrypts confusion over the top spot, which goes 1 NextCloud
passwords and connections, it doesn’t to NextCloud. It scales wonderfully and Killer feature Free app store.
encrypt the data it houses. So if you’re can be used to share files with family URL www.nextcloud.com
really concerned about the privacy of and friends just as easily as you can Offers everything you can ask for in a hosted
your data you can use SparkleShare to with colleagues across continents. storage server.
collaborate with colleagues and safely Besides the core functions you also get
pass documents related to confidential a host of additional useful apps. We
projects. The service is very secure also like its ability to connect to external 2 Pydio
since it uses SSH, but isn’t intuitive storage services. Killer feature Intuitive user interface.
enough for the average desktop user The one victim of NextCloud’s URL https://pydio.com
since connecting the clients to the success is OwnCloud. In terms of the A good option if you don’t need advanced
server is a more involved process and software, OwnCloud’s community enterprise-centric features.
you’ll have to find a way to securely edition is still better equipped than the
transfer the public SSH keys from the other options on test here, barring the
client to the host. NextCloud fork. But until it publishes 3 Seafile
It’s a close call between Pydio an updated version that’s more than a Killer feature Client-side encryption
and Seafile. Seafile has client-side bugfix release, we can’t bring ourselves URL www.seafile.com
encryption and versioning, a feature- to recommend a project that has lost The GPLed community edition offers useful
rich client for the desktop and a most of its core developers and has features for a non-Enterprise user.
functional client for the mobile. The had to curb its commercial operation.
NextCloud can be used to share files 4 Cozy
Killer feature Email backup
with friends just as easily as you can URL www.cozy.io
Easy to deploy and manage if you can live with
with colleagues across continents. its lack of support for multiple users.
Other options
Besides the storage servers we’ve tested Furthermore, Network Attached Storage
5 SparkleShare
in this feature, there are lots of options solutions are another class of tools that Killer feature Built around Git.
that help you sync data across multiple are designed for storing data and making it URL www.sparkleshare.org
computers and devices. There’s Git-annex, available across the network. Options such If you use Git professionally, you’ll enjoy using
which syncs files using Git; Resilio Sync, as OpenMediaVault, NAS4Free and FreeNAS it to sync your data.
which is a proprietary peer-to-peer file help set up a centralised data store that’s
synchronisation tool that relies on a modified adept at managing all kinds of data, and can
version of the BitTorrent protocol; and its be controlled via a remote browser-based
open source equivalent called Syncthing. graphical interface. These NAS solutions 6 OwnCloud
There’s also StackSync, which uses a hybrid provide access to the data via multiple
Killer feature Scalability.
model to store the metadata inside your protocols including Samba, NFS, FTP and
URL www.owncloud.org
network while the actual encrypted data is Rsync. You can also install a specialised
stored on a public cloud like OpenStack Swift storage solution like OwnCloud on top on an
It’s down here only because we’re not sure
or Amazon S3. OpenMediaVault NAS installation.
about its future.
www.linuxvoice.com 59
� SUBSCRIBE
Subscribe
shop.linuxvoice.com
Introducing Linux Voice,
the magazine that:
Gives 50% of its profits
back to Free Software
Licenses its content
CC-BY-SA within 9 months
12-month subs prices
UK – £55
Europe – £85
US/Canada – £95
ROW – £99
7-month subs prices DIGITAL
UK – £38 SUBSCRIPTION
Europe – £53
US/Canada – £57
ONLY £38
ROW – £60
Get 114 pages Access our Save money on
of tutorials, rapidly growing the shop price
features, interviews back-issues archive and get each issue
and reviews – all DRM-free and delivered to
every month ready to download your door
Payment is in Pounds Sterling. 12-month subscribers will receive 12 issues of Linux Voice a year. 7-month
subscribers will receive 7 issue of Linux Voice. If you are dissatisfied in any way you can write to us to cancel your
subscription at subscriptions@linuxvoice.com and we will refund you for all unmailed issues.
60 www.linuxvoice.com
� NEXT MONTH
NEXT MONTH IN
EVEN MORE AWESOME!
ON SALE
29 OCTOBER NoSQL
SQL
Let’s be honest:
databases are hard.
Which is why you
should learn all
about NoSQL – you’ll
be streets ahead of
everyone else with
only minimal effort!
KDE beast mode
You may know and
fear KDE as the grey
mess of version 4.x.
Fear no more, as
Linux Voice presents
the ultimate guide to
the Best Desktop
Environment Ever!
Ansible
Level up your Linux
NEW KIDS ON THE BLOCK
sysadmin skills with
Ansible – multi-app,
multi-level, multi-
The coolest, freshest, smartest Linux distros system software
of 2016 – try them now and find your new provisioning that’s
going to make your
favourite Linux flavour. CV look awesome.
LINUX VOICE IS BROUGHT TO YOU BY
Editor Ben Everard Editorial consultant Nick Veitch through the use of advice in this magazine. Copyright Linux is a trademark of Linus
ben@linuxvoice.com nick@linuxvoice.com Experiment with Linux at your own risk! Torvalds, and is used with permission.
Deputy editor Andrew Gregory Distributed by Marketforce (UK) Ltd, 2nd Anything in this magazine may not be
andrew@linuxvoice.com All code printed in this magazine is licensed Floor, 5 Churchill Place, Canary Wharf, reproduced without permission of the editor,
Editor at large Mike Saunders under the GNU GPLv3 London, E14 5HU until June 2017 when all content (including
mike@linuxvoice.com Tel: +44 (0) 20 3148 3300 our images) is re-licensed CC-BY-SA.
Editor in hiding Graham Morrison Printed in the UK by ©Linux Voice Ltd 2016
graham@linuxvoice.com Acorn Web Offset Ltd Circulation Marketing by Intermedia Brand ISSN 2054-3778
Creative director Stacey Black Marketing Ltd, registered office North Quay
stacey@linuxvoice.com Disclaimer We accept no liability for any House, Sutton Harbour, Plymouth PL4 0RA Subscribe: shop.linuxvoice.com
loss of data or damage to your hardware Tel: 01737 852166 subscriptions@linuxvoice.com
www.linuxvoice.com 61
� FOSSPICKS
FOSSpicks Sparkling gems and new
releases from the world of
Free and Open Source Software
Our benevolent editorial overlord Graham Morrison tears himself away
from updating Arch Linux to search for the best new free software.
Video editor
OpenShot 2.1
T
his is a major update to one which we think compares well video, and you still need to wait
of our favourite applications considering the supreme some time for many of the
in a desperately needed convenience of being to run an processes to finish, but the
genre – the humble video editor. In application from a download. application shouldn’t crash.
a first for us, we’re running the It might seem a little prosaic, but
release from an ‘AppImage’ our favourite new feature in this Box of tricks
downloaded from the OpenShot site, new version is the stability. Video There are also plenty of new
rather than via the time-consuming editors are particularly prone to features. There’s a new Properties
source code we typically build our running out of memory, or CPU pane, for instance, which works like
FOSSPicks from. This is the power, or GPU resources, usually the properties pane in OpenShot’s
distributable package format that resulting in a silent crash and lost competitors, enabling you to enter
used to be known as Klik, and you work. Previous versions of numeric-specific values or slide
simply download the binary OpenShot have been susceptible to between attributes when defining
(OpenShot is a 192MB download), this, but in our experience, this anything from the scale of a clip
add +x to its permissions and run. release has been rock solid. You still and its location, to its transparency
For comparison, the Arch binary is need a good machine if you’re and gravity. It’s perfect for creating
84MB and a 160MB installation, editing multiple channels of 720p transitions that fit exactly, and is
essential for any large project.
There’s also a new audio
waveform view, making it easy to
line up different clips of video with
the same audio, as well as being
able to physically see where edits
3
1 2 can be made. When enabled, an
audio waveform appears beneath
the clip, or on its own, and we’d love
to see this feature extracted from
OpenShot into a new audio editor.
We also found the new inline
tutorials very useful – especially as
6 one of our worst habits is diving
4 into even the most complex
7 applications and expecting to be
able to do something useful.
8
OpenShot’s very brief tutorials
5 appear when you first access a
feature, such as the main window
or the transitions page. In short, if
you’re into video editing in any way,
this latest update to OpenShot is the
1 Clip view Easily import or split longer clips for use within your project. 2 Transitions Select between simple fades and
update you’ve been waiting for.
more complex effects. 3 Video preview Press Space to play your edits from the cursor. 4 Effects Blur or adjust image
settings over time. 5 Properties Define exactly how and where your clips are located. 6 Timeline Place clips and
transitions that cut when overlapped. 7 Audio waveform See the audio amplitude either beneath a clip or on its own. Project website
8 Tutorials Mini info pages appear when you enter a new section of the application. www.openshotvideo.com
62 www.linuxvoice.com
� FOSSPICKS
Text editor
Micro 1.0.1
One of the simple philosophies that can experiment with options and
go alongside Linux and open read about how they work at the
source is that you can never have same time.
too many text editors. Many find Like similar editors, Micro relies
that the process of questioning this on keyboard shortcuts and
wisdom leads to more questions. commands typed via a special
Does Emacs running within Emacs, mode, rather than menus or
which is now possible, constitute a on-screen prompts as you find with
new text editor? Does Nano. This makes it slightly trickier
enlightenment come to those still for a beginner to pick up – but it’s
use ed? Either way, we feel it’s easier to use than Vim. It’s also very Due to its small binary size, being statically linked and available
necessary to embrace each new capable, with lots of settings and for several OSs, Micro is an ideal editor for a USB stick.
text editor, rather than question configuration options you can save,
why. And so we have Micro: a tiny, and even syntax highlighting selection and even drag-and-drop
quick and intuitive editor that runs support for over 75 languages. And implemented by a click of your
from the command line and is a joy despite being a console-based mouse. Plugins are written in the
to use. From a single 8MB editor, great mouse support makes Lua scripting language, and credit
executable with no dependencies, it feel like a desktop app, with pane should go to the help text for
you get a relatively advanced editor including the code and the hooks
with in-built help, splits and tabs,
mouse support, undo and plugins.
Micro relies on keyboard for writing your own. Download it
today (it takes about a second).
The in-built help is a great way to shortcuts and commands
get started, and opens by splitting
the view vertically. This means you typed via a special mode Project website
https://github.com/zyedidia/micro
Reddit reader
rtv
We’re reluctant to mention this more sub-reddits for things you
discovery. This is because it’s a can’t. Sub-reddits can often feel like
command line tool for accessing the early days of the pre-web
Reddit. And if you’ve yet to develop internet, like Usenet, with a group
a Reddit habit, we don’t want to be for every fetish. On the bad side,
responsible for pushing you one Reddit is as close to the end of the
step closer. Reddit is wonderful and internet that you can get without
evil in almost equal measure, with delving into its genuinely disturbing
both the good and the bad sides underworld. Actually, part of Reddit
growing in power daily, perfectly is a genuinely disturbing
If you need Reddit from
balancing themselves while at the underworld, and that’s before you brilliantly designed, simple to use,
the command line, you
same time pooling vast amounts of start reading the comments. need rtv. and makes Reddit easier to read
internet energy. One day it’s going than via a web browser, complete
to explode. Don't read the comments with user account support,
On the good side, Reddit’s Rtv is a small Python 3 application threaded comments, and voting. It’s
breadth is unequalled. This is that gives you access to this world perfect for running from the
because the commentary and from the command line. It’s terminal of your Raspberry Pi
updates are split into what are located in Nepal. Which we’d
called sub-reddits – groups
following a certain piece of
Rtv is a Python app that suggest is the only location suitable
for reading /r/monkslookingatbeer.
hardware, or musician, for example. gives you access to Reddit
There’s likely sub-reddit for
everything you can think of and from the command line Project website
https://github.com/michael-lazar/rtv
www.linuxvoice.com 63
� FOSSPICKS
File hosting
Seafile 6
Like many, we’ve been huge fans of Seafile has always been an
OwnCloud and now NextCloud for alternative that simply provides the
years. It’s been central to how we file synchronisation, and the
run the magazine since we started. combination of a major update and
It’s great for collaboration, renewed interest from Dropbox
calendars, plugins, contacts and deserters make this a good time to
sharing files, but it’s overkill if you take a look. There are some
only need the file hosting/sharing vagaries around the proprietary
files part. ‘professional’ edition of the server,
Despite this, many people still which is obviously a core part of
use NextCloud just for file hosting, Seafile Ltd’s business plan, but the If you’re not too happy that Dropbox leaked 68 million passwords,
as it’s still one of the best community edition that we’ve just try Seafile, which has just been updated to version 6.
replacements for the likes of Google installed is GPLv2, so there’s no
Drive and Dropbox (which just reason to hold back. ordinary user, and you can run the
recently admitted to leaking 64m of Installation of the server is via a server as an ordinary user, so you
its users' passwords). The very simple script that prompts you don’t need to worry about system-
convenience of running a client on to install missing packages (such wide permissions and access
your computer or mobile device as SQLite 3). This script runs as an unless you want to. But there are
that automatically uploads and plenty of dependencies still, and it
synchronises your files with a
remote server is worth the extra
Installation of Seafile is via can be difficult to get running –
especially if you’re using the client.
overhead of NextCloud’s complexity a script that prompts you to
and unused features (see page 54
for more on NextCloud et al). install missing packages Project website
https://www.seafile.com
Terminal task manager
Taskwarrior
It’s not going to be long before we followed by a description and the
imagine we’ll be able to fill this time, day or date the task is due,
entire section with new discoveries described with the due:saturday
from the command line. As a way argument, for example. You don’t
of interacting with your computer, it even need the due argument, if
seems the command line is difficult you’re simply popping to the shops
to beat, and getting more popular from some milk, but doing so will
every month. add an urgency quotient to your list
Taskwarrior is a to-do list of items, hopefully prodding you to
manager, and it’s another one of do those urgent things first.
those very neat commands that
performs the same job as many Sort your life out
GUI applications, only without many Typing task list will show you the Manage your increasingly tangled to-do list from the command
line with the wonderful Taskwarrior.
of the distractions, transitions, things that need to be done,
animations, launch screens and alongside their urgency and due
notifications, and is another good date, and you can simply tick them instance. And if you want to sync
reason to keep using Bash. off your list by entering task 1 done, your tasks across devices, you can
In particular, ‘task’ (as you type it for example. It’s simple and even install Taskserver, so that each
on the terminal), plays to the brilliantly effective, especially if client can independently update a
command line’s strengths of you’re working from the command single list and keep you up to date.
modularity and of focusing on line anyway. It’s a great way of
small jobs. To create a task, for working through a series of Project website
instance, you type task add commits or pull requests, for https://taskwarrior.org
64 www.linuxvoice.com
� FOSSPICKS
YouTube music player
mps-youtube
Yep, we still can’t escape the ahead, pause or select another
command line (nor do we want to). track just like any other playlist. You
Here’s a great little utility that totally forget that the source for all
simplifies what many of us use this music is YouTube, especially as
YouTube through a browser for you don’t have to endure the
– playing music, only without the increasingly long adverts that
distraction of the music video that YouTube has started to insert into
goes along with it. so many of its videos.
With mps-youtube installed, you You can even create your own
run mpsyt from the command line local playlists, play YouTube mix
and press H to get some help. The playlists, shuffle the playback order Forget the distractions
most important command is for the playlist and encode audio of music videos, and command line. Turning YouTube
search, and you’d use this exactly into MP3 and other formats. Music listen to the music into a distraction-free music source
as you would search YouTube in a and video can be downloaded, and instead. is a great feature, and it’s reminded
browser. Type search leonard if you’re desperate, you can watch us just how much rare and
cohen and you’d get the same the video in an external player too. If unreleased material exists online,
results, only with the opportunity to you’re even more desperate, you quite apart from the legitimate
listen in the terminal. You can page can view the comments from the audio you can subscribe to or pay
through the results and select for from the artists themselves, and
which video you’d like to hear the
audio for. After a brief delay as the
Turning YouTube into a mps-youtube is one of the best
tools we’ve found for getting to it.
file is buffered and converted, you’ll distraction-free music
hear music just like with any other
music player. You can then skip source is a great feature Project website
github.com/mps-youtube/mps-youtube
Screensaver
Electric Sheep
This is the first time that we can screensaver means that these
remember including a screensaver sheep are shared across the
in FOSSPicks. But this isn’t your network as you run the screensaver
usual piece of passive eye candy, – a form of farm rendering that
and there are two reasons why we turns into collective dreaming for
wanted to include it. The first is the computers you leave
obviously its name. It would be unattended. The animations are
impossible to ignore a piece of therefore amplified and increase in
open source software that was complexity for as long as you leave
obviously inspired by the Philip K. your computer unattended, and the
“Chew, if only you could see what I've seen with your eyes.”
Dick novel that inspired the film results are incredibly compelling if
Blade Runner. The second reason is you’re into Grateful Dead-era
obviously derived from the first, and psychedelics. output they prefer from within the
it’s the way the screensaver is You can also adjust and tinker screensaver. We just hope there’s
actually a portal to a distributed set with the sheep and the algorithms something presumably stopping
of other computers also running yourself, creating your own fractal anyone from farming bitcoins the
the same screensaver. These files, and user can vote on the same way. Either way, the results
computers are ‘dreaming’. are fantastic, and the distributed
The screensaver generates
complex fractal images that morph
The screensaver generates networking nature of this screen
saver really makes it worth a look.
and animate. Electric Sheep calls complex fractals that morph
these elements ‘sheep’, and the
networked nature of the and animate Project website
www.electricsheep.org
www.linuxvoice.com 65
� FOSSPICKS
Image conversion
Converseen 0.9.5.1
Our first memory of image right file list, change a few things in
conversion, when it meant more the Actions Panel and click on
than turning the colour of one grid Convert. The application will go off
of pixels into another colour, was and make it happen. It also offers
the proprietary ImageMagick just the right about of control,
application running on the Amiga. without overburdening the user
This was followed quickly by what with too much choice.
might be our first exposure to a
desktop open source image tool Keep Images Simple, Stupid
– Xv, also running on an Amiga You can change the resolution of
back in the mid-90s. an image, for example, or the scale, Banish complexity – Converseen is for making quick conversions,
Decades have followed, of you can rename the output or not implementing Photoshop-like levels of complexity.
course, but graphics conversion is overwrite the original, and you can
still essential, and essentially it rotate/flip and replace the other processes, such as colour or
hasn’t changed that much. The tool transparent background colour. exposure adjustments, typically
that makes conversion quickest, Converseen doesn’t do any more need human interaction.
easiest and most efficient wins. than this, but this is what we need a If you want something to quickly
Surprisingly, few still manage to get converter for 90% of the time. Most convert your holiday photos for use
close to these guiding principles. on a wiki or blog, this is exactly the
Converseen is one that gets very
close, and reminds us of the
Converseen offers the right sort of application you need for
doing so.
venerable Xv. It’s best feature is that amount of control, not giving
it’s easy to understand. You drop
photos you want to convert into the the user too much choice Project website
http://converseen.fasterland.net
Embedded web browser
Qt WebBrowser 1.0
This isn’t yet another web browser, browsing and a favourites system,
but a web browser designed for which is all you need for most
embedded devices, showing off Qt’s browsing. There’s even full-screen
rather excellent web rendering video and audio playback if you
engine. For this reason, it isn’t going compile with those options enabled.
to replace Firefox or Chromium on Perhaps more importantly, the
your desktop, but it might be able to project is a well constructed
replace your ageing browser on a example of how to access and
low-power device, especially if that code for Qt's new WebEngine API,
device is touch-based. something we can’t wait to see as
Qt WebBrowser features its own part of QuteBrowser, for example
touch keyboard, which is one of the (still our favourite browser, after
best we’ve seen. It quickly and more than six months). The small
instantly scrolls up whenever you amount of code, and the use of
need to enter some characters. You touch and WebEngine, means this Build yourself a fully fledged web browser with touch input.
can still type, but if you’re cursoring is one of the best projects to help or
around with a remote control, for get started with Qt development. Considering it will run on almost
example, it is intuitive and works anything, we can see lots of us
well. The browser itself is also cases for this, making us happy
lightning quick, thanks to being QtWebBrowser features its that Qt still adheres to GPLv3.
unburdened by any other features. own touch keyboard, which
There are multiple tabs, complete
is one of the best we've seen
Project website
with lovely QML transitions, private code.qt.io/cgit/qt-apps/qtwebbrowser.git
66 www.linuxvoice.com
� FOSSPICKS
FOSSpicks Brain Relaxers
Console emulator
Dolphin 5
This is version 5 of one of the most
popular emulators of recent years
– Dolphin. After being the first
emulator to boot Wii games, Dolphin
has blazed a development trail,
doing the seemingly impossible of
integrating Nintendo GameCube
and Wii emulation, alongside
support for some of the Wii’s
internal channels, such as WiiWare
and Virtual Console.
The great thing about Dolphin is
that it’s often better than the real
thing. The Wii only had composite
output, for instance, and lacked an
HDMI port, which means Dolphin
could be the only way of running old
games on modern resolutions, for
In this image, we’re
example, or on modern televisions. and you can adjust many different have also been rewritten, as have
running a game at over
Even on our modest laptop with aspect about the emulation. three times the the network routines, which means
Intel graphics, we were able to run Graphics can be tweaked and resolution of the you can play local games remotely
games at native resolution easily, changed, textures upgraded and original, which is one of over the internet. There’s also the
and often at three times the original modified. You can even add filtering the best reasons for aforementioned 3D support and
resolution of the Wii. and effects if your graphics using Dolphin. virtual reality.
Seeing those wonderful colourful processor has the horsepower. Dolphin is one of the best
graphics on a flat, wide screen, with The best and most esoteric examples, perhaps alongside a
no need for analogue/digital mode enables 3D. If you’ve got the project like MAME, of what can be
conversion is wonderful. It’s a total hardware, such as a 3D television, achieved by a dedicated, clever
transformation that may even lead you’ll be able to play some of community with a passion for
us to selling our beloved office Nintendo’s best games in a way achieving something. Reverse
Nintendo Wii console. Nintendo hasn’t championed since engineering, decoding, running
The original controllers even the Virtual Boy 3D headset in 1995. virtual process routines, sometimes
work, although you can use the Dolphin even has support for the even scanning the original chips
keyboard or any other controller too, new wave of headsets from Oculus themselves – this is what
and HTC. We’ve yet to try this, but emulation often involves. For this to
we can’t wait to play Metroid Prime come together into such a highly
or Super Mario Sunshine with our polished emulator that actually
heads literally ‘in the game’. works as advertised is remarkable.
We know emulation is often
Dolphin Hotel contentious, but this aspect fills us
Version 5 is a huge upgrade that with respect for the developers, and
was tested for over a year before part of us is very happy that many
release. The texture improvements of these classic games will live on,
are massive, and a major bit of long after the hardware has failed
hacking has allowed games like – much like those arcade machines
Options for tweaking the emulation Rogue Squadron II to run. The CPU of the 1970s.
include dozens of graphical effects emulation is a lot quicker, as shown
and the ability to run the emulator at by the emulator running on our Project website
greater than normal speeds. humble laptop. The audio routines https://dolphin-emu.org
www.linuxvoice.com 67
�� INTRO TUTORIALS
TUTORIALS
Warning: excessive Linux knowledge may lead to fun and more efficient computing.
In this issue . . .
Kindle Fire
70
Linux wins again! Replace
the OS on Amazon’s
low-budget tablet to get
a fully functional Android
experience for under £50.
Mike Saunders
Will one day return home to Lave Station.
I
n case you haven’t seen it yet, we
may have discovered evidence of Linux Host Kernel
alien life. OK, it’s a big “may”, but it’s
probably the best shot we’ve ever had. 74 runC
78
A star called KIC 8462852, around Root
filesystem
Volume
mount
1,500 light years from Earth, is (/myapp)
exhibiting very odd fluctuations in
brightness. So odd, in fact, that they
can’t be explained by normal Flask Web
application
astronomical processes. Stars often dip
in brightness when planets move in
front of them – but by a few percent, Build a Pi lockbox with Docker: Linux containers
not up to 20% like KIC 8462852. And
there’s no way a planet can get that big
an RFID done the hard way
to block so much light. Learn all about RFID key fobs (or cards) that Package a basic Python Flask application –
So something else is probably contain a small aerial and chip that can wirelessly including all of its dependencies – into a container
orbiting the star and causing these interact with readers. image using the power of Docker.
weird dips. A giant cloud of comets?
Hmm, maybe, but it’s still not a great
explanation. The one we all want to Coding
hear, of course, is aliens – maybe
creating a giant network of panels to
Get access to ev
generate power. It’s a long shot, and ery
Linux Voice tuto
probably not the case, but with no other rial ever
published in ou
observed stars behaving like this, it’s a r digital
library of back-i
big mystery. Telescopes are watching it ssues
available exclus
for the next dipping event, though, so ively to
subscribers – tu
we may know the truth soon. If we can rn to
page p60 to join
handle it, of course – I may need to Coding: IRC bots 84 Coding: Crystal 88 .
watch The Next Generation again to Build a community of robots Explore a general-purpose, OO
prepare my tiny mind. to provide updates on services language that has a syntax very
mike@linuxvoice.com running on your machines. similar to that of Ruby.
www.linuxvoice.com 69
� TUTORIAL AMAZON FIRE
AMAZON FIRE AND
CYANOGENMOD
Flash Amazon's low-budget adware-crippled tablet to get a fully functional Android
experience for less than 50 notes…
T
JOHN LANE he Amazon Fire tablet was released in With your Fire tablet powered-on and at its home
September 2015. It runs on Amazon's Android screen, check its firmware: swipe down from the top
Why do this? Lollipop-based Fire OS 5 that's designed to of the screen and select Settings followed by Device
• Get a 7-inch tablet provide easy access to Amazon's online features and Options and System Updates to reveal the current
with a 1024x600 suck you into its proprietary ecosystem (and, firmware version.
display, 1.3GHz therefore, lacks features usually found on Android We're using a brand-new device for this tutorial and
processor and 1GB of
RAM for only £50. such as the Google Play Store). It has a 7-inch its firmware is Fire OS 5.1.3 with a build date and time
• Install Linux (well, 1024x600 display, a 1.3GHz quad-core processor, 1GB of 01:26 on 31 March 2016. We'll assume you have a
Android) on All The of RAM, 8GB internal storage, microSD support and a firmware between 5.1.4 and 5.1.2 and that you heed
Things. 2MP camera. the following advice:
• Get rid of Amazon's If you're buying a new tablet with the intention of Firmware 5.3.1 (the latest at the time of writing)
spyware.
replacing its firmware, save yourself some money by cannot be downgraded.
opting for the "with special offers" version – it's £10 Firmwares 5.1.4, 5.1.3, 5.1.2.1 can be downgraded
cheaper and you'll be wiping the Amazon firmware to 5.1.2 but not to 5.1.1 or lower.
anyway. (The 'special offers' refers to a screensaver Attempting to downgrade lower than 5.1.2 will brick
that plies you with advertisements.) your device (render it useless).
Before beginning, it's worth familiarising youself Do not proceed unless you have firmware 5.1.4,
with the device. There are three buttons along the 5.1.3, 5.1.2.1 or 5.1.2.
top edge: the power on/off button is on its own on Once you know what firmware you have, press and
the right-hand side. On the left-hand side there are a hold the power button to turn the device off.
pair of buttons primarily used to raise and lower the
speaker volume, with volume down to the left and Collect the things
volume up on the right. You should also be aware of Android devices have a bootloader and a so-called
what firmware version it has, as we'll demonstrate, "Recovery" mode that can often be replaced by a
because this can affect its ability to be replaced. savvy user, and this is usually a first step towards
If your device is new and has not yet been powered running custom firmware. But in the Fire's case, both
on, you can prevent it from updating its firmware (and bootloader and recovery are locked and cannot be
avoid any unforeseen difficulties that may bring) by replaced (this wasn't the case with early firmwares up
not connecting it to Wi-Fi. to 5.0.1), and the recovery mode will only accept
After powering on for the first time, proceed through official firmware that has been signed by Amazon.
the country selection and then decline Wi-Fi. You This means that, in addition to the custom
should reach the home screen shortly afterwards. firmware, you will need root access and an alternative
utility capable of loading firmware onto the device.
We will download everything required to a convenient
Linux box, so create a directory to put them in:
$ mkdir firefiles
The XDA Developers $ cd firefiles
have done the hard work The first prerequisite is that your device has a
for you. This valuable rootable firmware (one that can be modified to make
resource should be your
root access possible), so check its version: only
first port of call when
version 5.1.2 can be rooted, but versions 5.1.2.1, 5.1.3
looking for information
about flashing your fire: and 5.1.4 can be downgraded.
forum.xda-developers. If you need to downgrade your device's firmware
com/amazon-fire/general/ (which is most likely given the Fire's desire to upgrade
index-amazon-fire-2015. automatically), and so long as its current version can
70 www.linuxvoice.com
� AMAZON FIRE TUTORIAL
be downgraded, you should download the official Get as much or as little
5.1.2 firmware directly from Amazon. This official Google as you want from
Open GApps.
image has been signed by Amazon and can be
installed using the device's standard recovery mode.
Download the 609MB image:
$ wget https://kindle-fire-updates.s3.amazonaws.com/
kacn8mJNu53VtzS1JUbcF5Oh4r/update-kindle-
global-37.5.4.2_user_542168620.bin
To be on the safe side, check the download's hash:
$ sha1sum update-kindle-global-37.5.4.2_
user_542168620.bin
66b5423725b79ceb0d5866fa32ff414a99a4b50a
Root access can be obtained relatively easily
with a tool called KingRoot (see www.kingroot.net).
Download the Android version from its website and
save it in your firefiles directory.
$ wget http://king.myapp.com/myapp/kdown/img/
NewKingrootV4.9.6_C151_B299_en_
release_2016_08_04_105203.apk amazon-fire/orig-development/rom-cm-12-1-2015-
$ sha1sum NewKingroot*apk 11-15-t3249416 where the download link is within
bd2944bf0d5d862deef6ec167c3d0c3cdf124a9f the first forum post and leads to a download page
The utility that can install custom firmware is called with several mirrors (there is no official image for the
FlashFire (see flashfire.chainfire.eu and download Amazon Fire). The site presents the MD5 hash of the
from www.apkmirror.com/apk/chainfire/flashfire). file, which should have a name similar to cm-12.1-
We downloaded version 0.5.2 which has an MD5 hash 20160710-UNOFFICIAL-ford.zip, so that you can
of 638b0ea6ec0e17f38538eee69cb99a6a. verify your download.
FlashFire expects to find a root tool called SuperSU,
so we will need to install this in place of KingRoot after CyanogenMod
it gains root access. There's a small utility to do this Custom firmwares such as CyanogenMod are based
that you can download from http://www.w0lfdroid. on the open source version of Android, which doesn't
com/2015/05/How-to-Remove-Replace-KingUser- include any of the proprietary Google applications
KingRoot-with-SuperSU.html by following the link at usually found on Android devices, but you can install
the bottom of the page. You may compare the hash of them yourself thanks to the Open GApps Project
your download with ours: (opengapps.org).
$ sha1sum Replace_Kinguser_with_SuperSU-v2.4.zip This arrangement gives you control
a16b81d71c1f55ba0ec5e7f3001e482c4dfae01f over what Google experience (if any)
The last thing you need is some new firmware and you'd like. Use the Open GApps website PRO TIP
you can choose between the various firmwares that to download an image according to There are links to the various firmwares
at http://forum.xda-developers.com/
support your device. Do your research and choose your needs. Select the ARM platform showpost.php?p=62986665.
the one you'd like. Don't worry – you can re-flash and Android version 5.1 (because these
whenever you want so you can change your mind work with the Fire tablet). The "variant"
later. You do need to make sure that the firmware determines how much (or little) Googleness you get.
image you use is for your device and this will limit your We went with "Pico" because it is designed for users
choice, restricting you to firmware based on Android who want the absolute minimum GApps installation
5.1 Lollipop. available. Use your browser to download the ZIP and
One such firmware is CyanogenMod and that's MD5 files from the website and check the hash (your
what we'll use for this tutorial. There is an unofficial filename will differ):
build of version 12.1 for the Fire 2015 tablet that $ md5sum -c open_gapps-arm-5.1-pico-20160614.zip.
you can get via http://forum.xda-developers.com/ md5
open_gapps-arm-5.1-pico-20160614.zip: OK
By now everything you need will be in your firefiles
Alternative Firmwares directory and you're ready to begin:
There are alternatives to CyanogenMod should you want Amazon 5.1.2 firmware (update-kindle-
to try a different firmware. You can look at forum.xda- global-37.5.4.2_user_542168620.bin)
developers.com/amazon-fire/orig-development, which The FlashFire APK file
has information about Nexus, Android Ice Cold Project Kingroot (eg NewKingrootV4.9.6_C151_B299_en_
(AICP), SlimLP (SlimRoms – https://slimroms.org) and
release_2016_08_04_105203.apk)
Resurrection Remix (www.resurrectionremix.com), which
contains the best from CyanogenMod and others. SuperSU (eg Replace_Kinguser_with_SuperSU-
v2.4.zip)
www.linuxvoice.com 71
� TUTORIAL AMAZON FIRE
KingRoot may take a
few attempts but should Disable FireOS OTA Updates
eventually get root access Should you decide to stick with FireOS but would prefer that
on your Fire. Amazon did not update your device without your knowledge
then you can use adb to disable Amazon's Over-the-air
updates (but you need root to do so).
$ adb shell
$ su
$ cd /system/priv-app/DeviceSoftwareOTA
$ mount -o remount,rw /system
$ mv DeviceSoftwareOTA.apk DeviceSoftwareOTA.apkx
$ exit # from su
$ reboot
CyanogenMod (eg cm-12.1-20160710- G0K0H41873351RDH sideload
UNOFFICIAL-ford.zip) You can now send the firmware to the device:
Google Apps (eg open_gapps-arm-5.1- $ sudo adb sideload update-kindle-global-37.5.4.2_
pico-20160614.zip) user_542168620.bin
But, before you do, make sure the device's battery serving: 'update-kindle-global-37.5.4.2_user_542168620.
is fully charged, because power loss while writing bin'
firmware could render your device unusable. During the upload, adb displays upload progress
and the device's screen gives additional feedback:
Over the bridge The device automatically applies the firmware once
The first step, if necessary, is to downgrade FireOS so the upload is complete and then displays the recovery
that it can be rooted. We put the device into its menu, where you should select reboot system now.
recovery mode and flash FireOS from a Linux box You can check the firmware version is the expected
using the Android Debug Bridge. This is a command- 5.1.2 after the system reboots (it will spend some time
line tool that lets you communicate with your device optimising system storage and applications). Ours
over USB; you can install it from your distro's shows a build date of 27 February 2016, 02:18.
repository on Arch this is with: With the device running FireOS 5.1.2, we can root it
$ pacman -S android-{tools,udev} and then flash CyanogenMod. We'll use adb to install
$ gpasswd -a myuser adbusers packages from Linux, so we must first enable the USB
Now boot your device into recovery mode (from Debugging option and then permit your computer to
the Fire's powered-off state, press connect. Start by testing your connection with adb
Volume Down and Power at the same (reconnect the USB cable if you unplugged it):
PRO TIP
time and hold until it starts). You'll see $ adb devices
If adb doesn't appear to work, use 'adb
kill-server' to kill its daemon. This forces
a basic text screen showing a menu List of devices attached
it to start a new one when you re-issue entitled Amazon System Recovery and a G0K0H41873351RDH unauthorized
your adb command. warning may be displayed if the battery You'll see unauthorized the first time you do this
level is too low. because your tablet must permit your computer
Select Apply Update From ADB (use to access it (a pop-up will appear on it asking you
the Volume Up/Down to navigate and Power to for this permission). You also need to permit apps
select). The display will show from unknown sources so that you can sideload
Now send the package you want to apply application packages (the option is on the Settings
to the device with "adb sideload <filename>"... screen, under Security). After all that, you'll see device
Connect a USB cable to your computer and then and you can install KingRoot:
to the device. Confirm the connection from the $ adb devices
computer (with sudo or as root to ensure sufficient List of devices attached
permissions): G0K0H41873351RDH device
$ sudo adb devices $ adb install firefiles/NewKingrootV4.9.6*.apk
6848 KB/s (13183365 bytes in 1.879s)
Success
USB debugging You can detach the USB cable and then look on
To enable USB debugging on FireOS, swipe downwards the device's home screen for the new KingRoot icon.
from the home screen and select Settings. Now choose Tap the icon to launch the app and follow the first few
Device Options and find the serial number entry. Tab that screens to start the rooting process. You will need
seven times to unlock a new Developer Options item. to enable Wi-Fi so that it can download a rooting
Choose that and set Enable ADB to ON.
strategy. The device may reboot during the process
On CynaogenMod you select 'About Tablet' and then tap
'Build number' seven times to enable the developer options, and you may need to try a few times before being
which you'll then find on the Settings screen. successful. As a precaution, disable Wi-Fi after rooting
to prevent Amazon from updating the device.
72 www.linuxvoice.com
� AMAZON FIRE TUTORIAL
FlashFire makes it possible
Without ADB to install custom firmware
Instead of using "adb" to install packages, you can use a on Amazon's locked-down
spare SD card that is sufficiently large copy the package device.
files to the device and install them, but you'll need a file
browser to access the uploaded files.
The first step is to copy the necessary files onto it and
there are two ways to do that - you can either transfer them
using a spare SD card that is large or you can use "adb" to
copy them over USB.
package file to a suitable place such as the "Download"
directory:
$ adb push firefiles/NewKingrootV4.9.6* /storage/
sdcard0/Download/
The next step is to install the SuperSU root app
that FlashFire expects to be present. For this we
once again connect the device to the computer
with the USB cable and then use the utility that we
downloaded previously: $ adb push open_gapps-arm-5.1-pico-20160614.zip /
$ cd firefiles storage/emulated/legacy/gapps.zip
$ unzip Replace_Kinguser_with_SuperSU-v2.4.zip $ adb shell
$ cd mrw shell@ford:/ $ su
$ adb shell mkdir /storage/emulated/legacy/mrw root@ford:/ # mv /storage/emulated/legacy/{cm,gapps}.
$ adb push busybox /storage/emulated/legacy/mrw/ zip /data/media/0/Download
busybox root@ford:/ # exit
$ adb push root.sh /storage/emulated/legacy/mrw/root. shell@ford:/ $ exit
sh Now we can run FlashFire and finally get rid of
$ adb push su /storage/emulated/legacy/mrw/su FireOS. Locate the FlashFire icon on the home screen
$ adb push Superuser.apk /storage/emulated/legacy/ and tap it to get started. Grant root access when
mrw/Superuser.apk requested and page through the following pop-ups
$ adb shell until the main screen appears where you configure
shell@ford:/ $ su the tasks that it should perform. Use the
root@ford:/ # sh /storage/emulated/legacy/mrw/root.sh red plus-sign icon at the bottom right-
PRO TIP
This launches the installation of SuperSU on the hand corner of the screen to add tasks
Android optimises installed apps into
device. Work through it by selecting the 'normal' install as follows: and stores them in its Dalvik Cache area
method, allowing it to uninstall other superuser apps Wipe, check system data, 3rd party so they load quicker. Dalvik is the Java
and, finally, rebooting. The command-line output may apps and Dalvik cache. Virtual Machine used by Android. The
cache should be wiped when updating or
show errors (eg No Such File Or Directory), which can Flash ZIP or OTA, select cm.zip from replacing firmware so that the cache is
be safely ignored. Download and accept the default rebuilt.
The home screen should now show a SuperSU options.
icon and the KingRoot one should have gone. You Flash ZIP or OTA, select gapps.zip
can perform a quick test from adb to acquire root from Download and accept the default options.
privileges – the device should pop up a SuperSU To complete adding each task, tap the tick-mark
screen to allow you to grant the root access: that you'll find in the top-right corner of the screen.
$ adb shell After adding the three tasks, drag the wipe task so it
shell@ford:/ $ su appears before the two flashing tasks. Then hold your
root@ford:/ # exit breath and press the big "FLASH" button.
shell@ford:/ $ exit You should see lots of command line output
Now install FlashFire: on the device's screen and, after a while, it should
$ adb install firefiles/'eu.chainfire.flash_0.52-52_ reboot. You'll see the CyanogenMod logo for a while
minAPI17(armeabi-v7a,x86)(nodpi)_apkmirror.com.apk' and, eventually, the device will show that Android is
6993 KB/s (11921938 bytes in 1.664s) starting (while it optimises apps). You'll shortly be
FlashFire will look for firmware in the device's delivered into the CyanogenMod setup screen, which
Download directory. You can use adb to push you can follow through yourself to select your country
CyanogenMod and Open GApps to the device, but and connect to Wi-Fi and your Google account
adb cannot push to the Download directory due to before being presented with the home screen.
insufficient permissions, so we must push elsewhere Congratulations, you've flashed your device!
and then move them as root:
$ adb push cm-12.1-20160710-UNOFFICIAL-ford.zip / John Lane provides technical solutions to business problems. He has
storage/emulated/legacy/cm.zip yet to find something that Linux can't solve.
www.linuxvoice.com 73
� TUTORIAL LINUX FOR LEARNERS
CREATING A LOCKBOX
USING RASPBERRY PI
Les Pounder is creates a locked box to protect his precious choccy biccies.
R
LES POUNDER FID (Radio Frequency Identification), key fobs
or cards contain a small aerial and a chip that
Why do this? can wirelessly interact with readers. They are
• Use a new input commonly used for security passes and contactless
method payment cards such as the Oyster cards used on
• Keep yourbiscuits London's public transport. Here we shall be using an
safe RFID card and reader to trigger a servo motor. The
You will need servo motor will be used as a lock for box full of stuff,
• A Raspberry Pi Zero and we'll also add an LED and a buzzer to alert us to
• An RFID-RC522 RFID intruders.
reader We used a Raspberry Pi Zero and a USB battery
• An LED pack for this project, giving us a truly small portable
• A 220Ω resistor system, and a Dremel tool to cut a hole in our plastic.
• A buzzer Our RFID reader is an RFID-RC522, which can
• Lots of female to be found on eBay for around £5. The RFID reader Our completed project resides in a clear plastic box,
female jumper wires
uses SPI, a specialist interface and protocol. On the enabling anyone to see how it works. For your version,
• A USB battery pack
Raspberry Pi some of the GPIO pins double-up as SPI transparency is optional.
pins, and we can connect our reader as follows
SDA → 24 GND → Any GND Connection
SCK → 23 RST → 22
MOSI → 19 3.3V → 1
MISO → 21 For our servo, LED and buzzer connections please
IRQ → NO CONNECTION refer to the diagram, available as a download along
with the code for this project.
Software setup
Using the Raspberry Pi Configuration tool, found in
the Preferences menu, you can easily enable the SPI
interface via the Interfaces tab. You will need to reboot
your Raspberry Pi for the changes to take effect.
Next we're going to install some software, so we
will first need to ensure that our Raspberry Pi is
connected to the internet and that the list of software
available for our Raspberry Pi, commonly referred to
as a repository, is up to date. We will then install the
Python developer tools. Open a Terminal and enter the
following:
$ sudo apt update && sudo apt upgrade -y
$ sudo apt install python-dev
Once this has been completed we shall now set up
the software that will enable our project to talk to the
SPI interface. SPI-Py is a Python library that enables
The circuit for this project
is simple, but involves a lot a connection between the SPI interface and Python.
of wiring. Take your time – To install the latest version, in a terminal type the
build and test one section following, pressing Enter to run the command:
at a time. $ git clone https://github.com/mab5vot9us9a/SPI-Py
74 www.linuxvoice.com
� LINUX FOR LEARNERS TUTORIAL
With the download complete, we now need to The RFID-RC522 is a rather
navigate into the directory and run the setup tool. old reader, but it can be
$ cd SPI-Py picked up rather cheaply
$ sudo python setup.py install
via eBay. You will need
to solder the pins to the
With the installation complete, we need to return to
board.
the Home directory and download the software that
will enable our RFID reader to talk to our project.
$ cd ..
$ git clone https://github.com/mxgxw/MFRC522-python
Once the download is complete, it prudent to reboot to
ensure that all of the changes take effect.
Once rebooted, open a terminal and navigate to the
directory containing the code for our RFID reader.
$ cd MFRC522-python
Now let's test that our reader is working correctly. In
the terminal type the following to run a read test. It will
read your RFID cards/fobs and tell you their details.
sudo python Read.py
You should now see information scrolling up the
screen, which will look similar to this.
Welcome to the MFRC522 data read example
Press Ctrl-C to stop.
Card detected
Card read UID: 133,48,217,101
Size: 8 the CPU; even numbers are nearest to the edge of the
Sector 8 [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] Pi. This numbering system is required for the RFID
We have successfully installed the RFID reader and library.
can now continue with our project. GPIO.setmode(GPIO.BOARD)
Our next section of code is to create two variables
Coding the project used to store the location of the LED and buzzer,
For this project we shall be coding in Python 2, as this which will be used to raise the alarm should an
is necessary for the libraries used to control the RFID intruder try to gain access.
reader. On the Raspbian desktop go to the main menu LED = 8
at the top-left of the screen. Navigate to Programming BUZZER = 10
and select Python 2. Once the Python 2 editor loads, Next we'll set up three GPIO pins as outputs. Our
click on File > New to open a blank document. first is pin 11, used to control the servo. Our other pins
Immediately save the new window by clicking on File are LED and BUZZER, which we created variables for.
> Save and name the file lockbox.py. Save your work GPIO.setup(11,GPIO.OUT)
to the MFRC522-python directory so that we can GPIO.setup(LED,GPIO.OUT)
use that library. Subsequent saves will now be much GPIO.setup(BUZZER,GPIO.OUT)
quicker – remember to save often! An extra configuration detail is to create an object, a
We start our code by including a special line of code variable called pwm, that will store the pin connected
that we will use to instruct Python where to look for to the servo, and also the frequency required to
our Python executable. This will enable us to call the correctly communicate with the servo.
application from the command line and use the lock pwm=GPIO.PWM(11,50)
box project as an embedded project. Next we create three more variables. The
#! /usr/bin/env python first two variables are used to store two states.
Our first major section of code is our importing a Continue_reading is an instruction to check that the
number of libraries that will extend the functionality code should still be running, which means True. The
of our project. Our first import is the GPIO library locked state that the lockbox should default to being
necessary for working with the GPIO pins. Next we locked. The third variable creates an object using the
import the MFRC522 RFID library. Finally we import MFRC522 library.
the sleep function from the time library; we shall use continue_reading = True
this to pace our project. locked = True
import RPi.GPIO as GPIO MIFAREReader = MFRC522.MFRC522()
import MFRC522 We now move to the main body of code. We start
from time import sleep by using a try...except construction. This is used to
Next we set up our GPIO to use a logical pin enable a method to exit the project cleanly should any
numbering layout. Odd numbers are the pins nearest errors occur.
www.linuxvoice.com 75
� TUTORIAL LINUX FOR LEARNERS
Mounting our components reading and if it is True, then the code will continue.
in the box is simple – while continue_reading == True:
using a drill we made holes Inside this new loop we first turn on the LED before
to hold components. A we start to scan for RFID cards or keyfobs. We then
slot on the edge is also pause for half a second to save taxing the CPU too
required for the servo lock much.
to operate. GPIO.output(LED, True)
(status,TagType) = MIFAREReader.MFRC522_
Request(MIFAREReader.PICC_REQIDL)
sleep(0.5)
Still inside our while loop, we now create a
conditional test. This test will check that the card
has been read correctly, and if so the indented code
is executed. In this case it prints to the Python shell
that a card has been detected. Then it reads the UID
(Unique Identification) number, and stores it as a
variable called uid, which we then print to the shell for
debug.
if status == MIFAREReader.MI_OK:
print("Card detected")
(status,uid) = MIFAREReader.MFRC522_Anticoll()
print(uid)
We are still inside the conditional test that checks
the card has been read correctly, and now we create
another conditional test. This time the test compares
the UID of the RFID card/fob against what we expect
the UID to be. The expected UID is a list of five
try: numbers seperated by commas. When the RFID card/
Our next line of code is indented, either one tab fob is read, the UID is stored as a list called uid, which
or four spaces. Here we ensure that our lock is in is then compared to this hard-coded list. If the card is
position by sending a pulse to instruct the servo correct, it prints that a key has been detected.
to move to the left, forcing the arm of the servo if uid == [195, 87, 55, 213, 118]:
inbetween the plastic of the case. print("KEY DETECTED")
pwm.start(5) We now use another conditional test. This test
checks the status of the lock, our servo. It works
Inside our 'while' loop we create a for both unlocking and locking the box. If the lock is
on, we change the status of the locked variable to
conditional test that will check that False, and then turn the servo to the unlock position.
The test also checks to see if the box is unlocked. If
the card has been read correctly
We next create a for loop, which shall be used to
sound our buzzer twice, indicating that the code is
working and ready to go. We use the GPIO.output
function to turn on the buzzer, then wait for 0.1
seconds, then we turn off the buzzer and sleep for a
further 0.1 seconds.
for i in range(2):
GPIO.output(BUZZER, True)
sleep(0.1)
GPIO.output(BUZZER, False)
sleep(0.1)
We now move out of the for loop, but remain inside
the main loop. In order to debug that our code is
working, we add a print function that will advise the
user to present their card to the reader.
print("Please present your RFID card to the reader -
this can only be seen in debug") Servos are really cheap on eBay, and can be picked up for
We now create a new loop inside our main loop. around £5. This type is the most common and works well
This loop checks the value of the variable continue_ for most applications.
76 www.linuxvoice.com
� LINUX FOR LEARNERS TUTORIAL
unlocked then the variable locked is changed to True Editing crontab is easy,
and the servo returns to the locked position. requiring only one extra
line be added to the end of
if locked == True:
the file, readying our Pi to
locked = False
run our code on boot.
pwm.start(5)
elif locked == False:
locked = True
pwm.ChangeDutyCycle(10)
We now come out of the conditional lock test and
return to the test that ensures the correct card has
been presented. We use an else condition, which
requires no test, which is triggered when an unknown
card is presented. So when an unknown card is for introducing a blank line before the text is written.
presented we print an alert to the Python shell, again except KeyboardInterrupt:
for debugging purposes. We next use a for loop that continue_reading = False
has a range, used to control the number of times the GPIO.cleanup()
loop will iterate for. In the for loop we turn the LED and print("\nExiting the application")
buzzer on, then wait for 0.2 seconds, before we then With the code completed, now is the time to test
turn them both off and wait for a further 0.2 seconds. before we assemble the project. In Idle ensure your
This will give us a flashing LED and beeping buzzzer. work is saved, and then click on Run > Run Module.
else: Place your RFID card/fob in front of the reader and
print("ALERT ALERT ALERT") check that it works. To stop the code, press Ctrl+C.
for i in range(3): Now that our project works, it is time for us to
GPIO.output(LED, True) enable it to run autonomously. Our first step is to
GPIO.output(BUZZER, True) make our code executable, and we can do this using a
sleep(0.2) command called chmod. On your Raspberry Pi, open
GPIO.output(LED, False) a terminal. In the terminal, navigate to where your
GPIO.output(BUZZER, False) project code is located. Type in the following code.
sleep(0.2) sudo chmod +x lockbox.py
We now exit out of all the conditional tests and In the terminal, try executing the code by typing.
return to the try..except construction that we're using ./lockbox.py
to handle exiting the application. Our except section To stop the code, press Ctrl+C.
uses a KeyboardInterrupt, in this case Ctrl+C, to exit We now have an executable Python script, but
the application by changing the continue_reading now we need to automatically run the script on boot.
variable to False; then we clean up the GPIO pins, For this we stay in the terminal and use a command
returning all of them to their original state before called crontab. Crontab is an easy-to-use editor that
we started the application. Finally we print that the enables a user to specify what code to run at a given
application is exiting. We introduce \n, which is Python time or circumstance. To launch crontab, type:
crontab -e
If you see a prompt asking you to choose an editor,
Choice of motors pick Nano, the default option.
Crontab is really a text file, so in the text file navigate
For this tutorial we used a servo motor to control the lock
of our lockbox. Servos are tricky to use, requiring the user to the bottom of the file using the arrow keys.
to perform a little maths to find the correct duty cycle in We need to add a line that instructs crontab to run
order to rotate them to the desired orientation. So what our code on reboot. So we need to tell crontab where
other motors could we have used? our code is, for example our code is in /home/pi/
A stepper motor is another highly precise motor.
MFRC522-python. Add a new line as follows
Typically stepper motors can be found in printers, scanners
and DVD drives. A stepper has multiple coils organised @reboot /home/piMFRC522-python/lockbox.py
into groups. As we provide power to each group in turn, the Next, press Ctrl+X to exit crontab. You will be
motor will move one step, slowly but with plenty of torque. prompted to save, then Enter to confirm the filename.
Each stepper motor requires six connections to the GPIO, Now we're ready to perform a final test before fitting
for power, Ground, and a GPIO pin for each group of coils.
the hardware into a box. Reboot your Raspberry Pi;
Our final motor is the humble DC motor used to power
robots. DC motors are instant-on and come in a range of you can do this in the terminal by typing.
speeds and torques. To precisely control a DC motor we sudo reboot
can use Pulse Width Modulation, PWM, which we have used Once your Pi reboots, your code should auto run –
with our servo in this project. now present your RFID card to the reader and watch
A word of caution: DC motors should not be directly
the box unlock. It's like magic!
attached to the GPIO as they can cause damage to the pins.
Instead, use a motor control board such as an L298D or
L9110S to act as a buffer to the pins. Les Pounder makes things, breaks things, and spends the rest of his
time teaching teachers about the new IT curriculum.
www.linuxvoice.com 77
� TUTORIAL CONTAINER IMAGES THE HARD WAY
DOCKER: CREATE LINUX
CONTAINER IMAGES THE
Containers are easy – so make it harder with Docker Build and learn how it's done.
I
AMIT SAHA n this article, we will package a basic Python Flask third-party dependencies we depend on, ie Flask and
application. Flask is a micro web framework for its dependencies. This is all of course in addition to
Why do this? Python, and while our application will be small, it the system shared libraries that Python itself needs to
• Easily package will be close to an application that you would usually run (Figure 1). To sum up, the first container image we
programs into self- package up as a container image. The image will have will be building will include our simple Flask application
contained operating all the dependencies that your application will need as well as everything that we need to run it.
images
and hence we should be able to essentially hand it
• Buzzwordify
yourself with Docker, over to the container runtime such as Docker or runC Building our first image
containers and runC (discussed later). In addition, we want to have two Before we do anything, let's create a new directory,
separate images – one we use for testing and the linux_voice_7 somewhere in our home directory,
other for deployment. The reason is that the image for which we will use as the working directory here. Next
testing will have additional dependencies that we we want to choose our base Linux distribution in
don't need to have in the image we use for which we will run our Flask application. I am currently
deployment. You can find the application in the on Fedora 24 and I will use Fedora 24 as the base
Linux distro too. The following command will create
a directory structure you will find similar to any Linux
The first container image we will build system, and also install Python 3 development tools
will include our Flask application and such as Python 3 itself and pip:
$ sudo dnf --installroot=`pwd`/rootfs --disablerepo=*
everything we need to run it --enablerepo=fedora --releasever=24 install python3 &&
sudo dnf --installroot=`pwd`/rootfs --enablerepo=fedora
myapp directory at https://github.com/amitsaha/ clean all
linux_voice_7. When we use the second image for Now that we have the base system for our Flask
deployment, we expect that we will have our application, let's install flask in it:
application listening for incoming HTTP requests on $ cd rootfs/usr/bin
port 5000. Now, it's worth noting that a container $ sudo ./python3 pip3 install flask
image is a self-contained Linux distro – albeit running At this stage, here's our current directory structure:
on the same kernel as the host distro. Hence, in $ pwd
addition to our Flask application, we will also need to linux_voice_7
include everything that's needed to run our $ tree -L 1
Figure 1: Bundling application. This includes the Python interpreter rootfs
software for running in a (CPython 3) and everything else that it needs to run, myapp
container. such as the entire standard Python library and the Now we have our Linux image ready that is capable
of running our Flask application. We will use this
Flask application's image Other application's image image as the root filesystem from which we will
bootstrap our Linux container. Next, we need a way
Python 3 tools X language tools to run a Linux container using our root filesystem.
(interpreter, standard library, (interpreter/compiler, standard
We will do so using runC – a Linux container runtime
etc) library, etc)
similar to Docker. It is also the Open Container
System shared libraries System shared libraries
Initiative's (OCI) reference implementation of a
software container runtime.
Installing runC
Host Linux kernel runC (https://github.com/opencontainers/runc)
is written in Golang, and next we will download the
source, build and install it.
78 www.linuxvoice.com
� CONTAINER IMAGES THE HARD WAY TUTORIAL
Figure 2: Our Flask
The steps below are tested on Fedora 24, but it Linux host kernel
application running under
should work on another distro. If you don't have the runC.
Go tools (compiler and other tools) installed, you can
either use the distro's package manager (on Fedora runC
24, you can use sudo dnf -y install golang) to install
them or download the Linux binary and follow the Root Volume
instructions on the install page at https://golang.org/ filesystem mount
doc/install. (/myapp)
Once the installation steps are completed, open
your favourite terminal emulator and type go version
and it should print a message similar to below:
$ go version
go version go1.6 linux/amd64 Flask web
application
We next need to set up our workspace. If you
already have GOPATH set up, you may skip ahead.
Create a golang directory in your home directory
(/home/<user>) and a sub-directory, src inside it.
The directory tree for your workspace should look as configuration specifies, among various other things,
follows: the process that we want to run in the container. We
golang/ can generate this spec using runc spec, but it doesn't
`-- src allow any customisation and hence we will need to
The Go compiler and other tools expects the resort to hand-editing JSON files. Instead, we will
GOPATH environment variable to point to the use ocitools (https://github.com/opencontainers/
workspace directory, so set the following to your ocitools). Let's get the source, build and install it:
.bashrc or the file relevant to your shell, so that it is $ cd $GOPATH/src/github.com/opencontainers/
always set when you start a new terminal session $ git clone https://github.com/opencontainers/ocitools
(Replace <user> with your username): $ cd ocitools
export GOPATH=/home/<user>/golang $ sudo dnf -y install golang-github-cpuguy83-go-
Once you have set the above, start a new terminal md2man # this install go-md2man
session and type in go env GOPATH: $ sudo make install
$ go env GOPATH $ ocitools --version
/home/<user>/golang oci version 0.0.1
If you see your GOPATH printed correctly similar to Let's generate the configuration:
the above, we're all set to get the source for runC, build $ pwd
and install it. /home/vagrant/work/linux_voice_7
$ sudo dnf -y install libseccomp-devel # for Fedora $ ocitools generate --os=linux --bind myapp:/myapp:ro
$ mkdir -p ~/golang/github.com/opencontainers --args "python3" --args="/myapp/app.py" --output
$ cd ~/golang/github.com/opencontainers config.json
$ git clone https://github.com/opencontainers/runc.git You will now see that you have a config.json file
$ cd runc in the current working directory. We can use the jq
$ make program (JSON command line processor) to output
$ sudo make install the most interesting parts of this configuration (To
At this stage you have runc installed and accessible install jq, use sudo dnf -y install jq):
via the runc command. Just typing it in and pressing $ cat config.json | jq 'keys'
E displays all the different runc sub-commands. The [
--version flag describes the version: "hooks",
$ runc --version "hostname",
runc version 1.0.0-rc1 "linux",
commit: 99c683a84fcfb0675883dc98eaa8c0bc3311e436 "mounts",
spec: 1.0.0-rc1 "ociVersion",
The version is the version of runc; commit is the "platform",
Git commit hash that we build runc from; and spec is "process",
the version of the OCI specification that the runtime "root"
complies with. ]
The configuration has the above seven
Flask application in a container configuration keys. The hostname key specifies
Before we can run our Flask application in a the hostname for the container and defaults to
container using runC, we will have to generate a mrsdalloway; the linux key specifies the Linux specific
runC configuration or a spec for the container. This container configuration; the mounts key specifies
www.linuxvoice.com 79
� TUTORIAL CONTAINER IMAGES THE HARD WAY
Development Image We now have our Flask application running inside
the container and listening on port 5000 (Figure
Common pytest 2). However, our container runs in its own network
Deployment Image namespace, which means that to be able to access
Python 3 tools + Flask Python 3 tools + Flask our application, we must be "inside" the container
(Interpreter, Standard library, (Interpreter, Standard library, itself. Let's do that next.
etc) etc)
The argument flask-app-1 to runc run is the
System Shared Libraries System Shared Libraries container ID of our container and must be unique for
currently running containers on the system. We can
use runc list to show the currently running containers:
Figure 3: Comparison of
paths to be mounted inside the container in addition $ sudo /usr/local/sbin/runc list
the two images
to the root filesystem. This is where we also specify ID PID STATUS BUNDLE CREATED
any "bind mounts" – that is, if we want to make a flask-app-1 12101 running /home/vagrant/work/
file/directory from our host system available inside linux_voice_7 2016-09-03T10:32:12.521065663Z
the container, this is where we would do it. Note that Now, we want to execute a Bash shell inside this
when we generated the runC configuration above, we container, which we can do using the runc exec
specified --bind myapp:/myapp:ro. This meant that command from another terminal:
we want to bind mount our host directory, myapp, $ sudo /usr/local/sbin/runc exec -t flask-app-1 bash
which has our Flask application inside our container bash-4.3# python3
at /myapp and we want to mount it as read-only. If we Python 3.5.1 (default, Mar 4 2016, 15:21:15)
check the mounts key of the generated config.json, [GCC 6.0.0 20160302 (Red Hat 6.0.0-0.14)] on linux
we will see that there is an entry for this: Type "help", "copyright", "credits" or "license" for more
$ cat config.json | jq '.mounts' information.
PRO TIP
.. >>> import http.client
Think of choosing our base distro as
.. >>> conn = http.client.HTTPConnection("127.0.0.1:5000")
choosing a Docker base image that you
specify in the FROM command in the { >>> conn.request("GET", "/")
Dockerfile. "destination": "/myapp", >>> r1 = conn.getresponse()
"type": "bind", >>> r1.read()
"source": "myapp", b'Hello World!'
"options": [ >>>
"bind", The -t switch allocates a new pseudo TTY for us,
"ro" and then we start the Python 3 interpreter inside it
] and make a request to our web application running
} on port 5000. We get a "Hello World" back from our
The process key and specifically the args key inside web application as a response. We can exit out of the
it describes the process that we will run inside the container here. We can stop or kill our container and
container: our Flask application using Ctrl+C.
$ cat config.json | jq '.process.args' Before we proceed, let's move our current
[ rootfs and config.json into a new sub-directory –
"python3", deployment such that our current linux_voice_7
"/myapp/app.py" directory looks like this:
] $ tree -L 2
The root key specifies the path of the root .
filesystem, which defaults to rootfs: deployment
$ cat config.json | jq '.root' config.json
{ rootfs
"path": "rootfs" myapp
} app.py
OK, now we are all set to run our Flask application in test_app.py
a container: README.md
$ pwd We will also have to change the source for myapp
/home/vagrant/work/linux_voice_7 to "source": "../myapp", in the config.json file now.
$ tree -L 1 Now, to start a container serving our Flask application,
. we will first have to cd into the deployment directory
config.json and then execute runc run flask-app-1.
myapp
rootfs A second container image
$ sudo /usr/local/sbin/runc run flask-app-1 We have seen that our Flask application works; next
* Running on http://127.0.0.1:5000/ (Press CTRL+C to we'll want to run tests before we deploy it and of
quit) course we want our tests to be also run in a container.
80 www.linuxvoice.com
� CONTAINER IMAGES THE HARD WAY TUTORIAL
The test runner that we want to use is pytest (http://
doc.pytest.org/en/latest). This means that we will Merged directory
need to install pytest in our root filesystem before we overlayfs
run the testing container. We could create a second
image like we did the first and have two different
images on our disk. However, that means that we are Upper
literally storing two copies of the first image (Figure 3). directory Read/write
It would be better if we could use the first image as
a base image and then just have the pytest-relevant
files "applied" over it to get our second image and
start the testing container. Note that we don't want to Lower
change the first image's root filesystem in any way. Dir 1 pytest
We can do so using the Overlayfs filesystem on Linux.
Read only
The concept of Overlayfs is simple: it enables us to
have what is known as "union filesystems" ie combine Lower deployment/rootfs
one or more directories and merge them as if they Dir 2
were one giant directory (Figure 4). Let's try it out:
$ pwd
Figure 4: Demonstration of
/home/vagrant/work/linux_voice_7 words, these are the additional files that were written
Overlayfs.
$ mkdir pytest to the merged directory when we installed pytest. The
$ mkdir merged lower image (./deployment/rootfs) was not modifed.
$ mkdir workdir.overlay The key thing to note here is that the pytest directory
$ sudo mount -t overlay overlay -o lowerdir=./ now has the difference between our deployment
deployment/rootfs,upperdir=./pytest,workdir=./workdir. image and what we need to run our testing container.
overlay ./merged We will next see how we can combine them to get our
We created three sub-directories: pytest, merged second image.
and workdir.overlay. The merged directory will We will create a testing sub-directory and two new
have the merged contents of our lower and upper sub-directories in it: rootfs and rootfs.empty:
directories. The workdir.overlay directory is needed by $ pwd
Overlayfs for its own purposes. /home/vagrant/work/linux_voice_7/
Finally, we use the mount command to create an $ mkdir -p testing/rootfs -p testing/rootfs.empty
overlay filesystem specifying the lowerdir (lower Now, we'll create an overlay filesystem combining
directory), upperdir (upper directory), workdir (working the deployment root filesystem (which has Flask
directory) and finally the mount point, merged. installed) and our pytest directory (which has only
If we now cd into the merged directory, we will see pytest installed in it) to give us a new root filesystem
the contents of the ./deployment/rootfs directory: in testing/rootfs:
$ cd merged/ $ sudo mount -t overlay overlay -o lowerdir=./pytest:./
vagrant@localhost:~/work/linux_voice_7/merged $ ls deployment/rootfs,upperdir=./testing/rootfs.
total 64 empty,workdir=./workdir.overlay ./testing/rootfs
lrwxrwxrwx. 1 root root 7 Feb 4 2016 bin -> usr/bin The above command is an example of combining
dr-xr-xr-x. 2 root root 4096 Feb 4 2016 boot multiple lower filesystems using Overlayfs. When
drwxr-xr-x. 2 root root 4096 Sep 11 01:18 dev multiple directories are specified separated with
drwxr-xr-x. 25 root root 4096 Sep 11 01:18 etc a colon (:) the first directory specified will be the
... topmost layer followed by the others in order.
... At this stage the testing/rootfs now has pytest
Let's now install pytest in this merged filesystem: as well as Flask installed in it, and hence we are now
$ cd merged/usr/bin ready to configure our testing container:
$ sudo ./python3 ./pip3 install pytest $ cd testing
.. $ cp ../deployment/config.json .
Let's now unmount merged: $ pwd
$ sudo umount ./merged /home/vagrant/work/linux_voice_7/testing
Now, let's see what we have in the pytest directory, $ tree -L 1
which was originally empty: .
$ ls pytest/ config.json
total 4 rootfs
drwxr-xr-x. 4 root root 4096 Sep 11 01:18 usr rootfs.empty
$ du -sh pytest/
2.1M pytest/ 2 directories, 1 file
We see that there is a new sub-directory usr in this We modify the config.json to run pytest on startup
directory, which has the pytest package in it. In other and also change the current working directory via the
www.linuxvoice.com 81
� TUTORIAL CONTAINER IMAGES THE HARD WAY
runC runC $ cat testing/test_flask_app.sh
#!/bin/bash
set -e
Web app running Testing Container
mkdir -p rootfs rootfs.empty overlay.workdir
via uwgsi
mount -t overlay overlay -o lowerdir=./pytest:../
Overlayfs fedora-24.flask,upperdir=./rootfs.empty,workdir=./
overlay.workdir ./rootfs
uwgsi pytest /usr/local/sbin/runc run flask-app-testing
image diff image diff umount rootfs
# Clean up
rm -r rootfs rootfs.empty overlay.workdir
Fedora 24 + Flask We create the three directories – rootfs (where
(fedora-24.flask) we will have the merged filesystem), rootfs.empty
(our upper directory, which will mean the container
can write to it – temporary files for example), and
the overlay.workdir directory. Next, we create the
Figure 5: Using our
cwd key in the process object: overlay filesystem combining the pytest directory
fedora-24.flask image
as the base image for $ cat config.json | jq ".process.args,.process.cwd" from earlier with our base image and then use runC to
multiple container images. [ run the container. Once the tests are run, the rootfs is
"/usr/bin/python3", unmounted and the intermediate directories removed.
"/usr/bin/pytest", Another advantage to this approach is that our
"-p", base image, fedora-24.flask, will now be immune
"no:cacheprovider" to any accidental changes, since overlayfs mounts
] the lower directory as read-only. Now, if you want
"/myapp" to create another container image for serving your
Let's run our testing container now web application via uwsgi, you could create another
$ pwd directory, and follow an approach similar to our testing
/home/vagrant/work/linux_voice_7/testing image (Figure 5).
$ sudo /usr/local/sbin/runc run flask-app-testing
================ test session starts ================ A peak into the OCI image specification
platform linux -- Python 3.5.1, pytest-3.0.2, py-1.4.31, We wanted to build container images the hard way
pluggy-0.3.1 and we have been successful in that quest. However,
rootdir: /myapp, inifile: we have adopted a fairly ad-hoc workflow, and our
collected 1 items images don't follow any standardised image format.
test_app.py . The Open Container Initiative's Image Format project
============= 1 passed in 0.20 seconds ============== (https://github.com/opencontainers/image-spec)
Our flask-app-testing container was created and aims to standardise how container images should be
then pytest ran and found the one test we had, ran it formatted. A key component of the specification is to
and the container exited. We can unmount the rootfs specify what layers an image is made up of. This is
now using $ sudo umount ./rootfs. similar to how we built our second image.
Currently there are no tools to build a container
Generalising this approach image from scratch, which follows the specifications.
We can clean up our workflow a fair bit here by having It can be done by hand but this involved a very
our base image in the top-level directory, and then convoluted process and so we didn't attempt to do
keeping two separate directories – one for our Flask so here. However, we can briefly see what an OCI-
app container and the other for our testing container compatible image looks like by converting an existing
such that the entire directory looks as follows: container image to this format.
$ tree -L 1 Skopeo (https://github.com/projectatomic/
. skopeo) can convert existing Docker images from
deployment Docker hub to OCI-compatible images. First of all, let's
fedora-24.flask install it:
myapp $ sudo dnf -y install gpgme-devel libassuan-devel
testing $ cd $GOPATH/src/github.com
The fedora-24.flask directory above is what was $ mkdir projectatomic && cd projectatomic
our base root filesystem. Now, it's moved out of the $ git clone https://github.com/projectatomic/skopeo.git
deployment directory. The deployment and testing $ cd skopeo && make binary-local
directory each have a shell script that creates the We should have a Skopeo binary as ./skopeo. Let's
overlay filesystem making use of this base image convert the Fedora 24 Docker hub image into an OCI
and starts runC appropriately. The shell script in the image:
testing directory is as follows: $ pwd
82 www.linuxvoice.com
� CONTAINER IMAGES THE HARD WAY TUTORIAL
/home/vagrant/work/linux_voice_7 Figure 6: Converting a
Docker hub image to an
$ $GOPATH/src/github.com/projectatomic/skopeo/ Docker hub
OCI-compatible image and
skopeo copy docker://fedora:24 oci:fedora-24-oci image
then using with runC.
$ tree -L 3 fedora-24-oci/
fedora-24-oci/
blobs
sha256
0d891a5bdae9b701e4b4017ce0a56de05acf8bc828a5c Skopeo
67e53bfe086546215fd
11a5107645d4ecb36e75d933576f5cdb52358bef385
eac2c2d2a91af44ad4ad7
2bf01635e2a0f7ed3800c8cb3effc5ff46adc6b9b8
6f0e80743c956371efe553
oci-layout
OCI image
refs
bundle
latest
3 directories, 5 files
The fedora-24-oci sub-directory has our Fedora 24
image in the OCI format. In brief, the blobs/sha256
sub-directory has the operating system image itself
as gzip-compressed data, and two other specification oci-image-tool
files describing the image. One of these specifications,
the image manifest, has the layers comprising the
image:
$ cat fedora-24-oci/blobs/sha256/0d891a5bdae9b701e4b
4017ce0a56de05acf8bc828a5c67e53bfe086546215fd | jq
".layers"
[
runC runtime bundle
{
"mediaType": "application/vnd.oci.image.layer.tar+gz
ip", $ $GOPATH/src/github.com/opencontainers/image-spec/
"digest": "sha256:2bf01635e2a0f7ed3800c8cb3effc5ff4 oci-image-tool create-runtime-bundle --ref latest
6adc6b9b86f0e80743c956371efe553", fedora-24-oci/ fedora-24-runtime-bundle
"size": 72881216 $ tree -L 1 fedora-24-runtime-bundle/
} fedora-24-runtime-bundle/
] config.json
Note that these blobs are all content-addressable rootfs
blob objects – roughly meaning their filenames are We can go ahead and start a Fedora 24 container
the same as the sha256 digest of their contents. The from the runtime bundle using runC as we did earlier.
refs directory is roughly analagous to the image tags
that Docker users are familiar with and specifies the Conclusion
image manifest that it points to. The oci-layout file We hand-crafted container images in this article and
specifies the OCI layout version. then used overlayfs to implement a rudimentary layer-
What can we do with this OCI image? We can based container images solution. Overlayfs is just
convert this into a root filesystem using oci-image- one approach to implement such a mechanism as is
tool and use runC to create a container from it (Figure exemplified by the many supported Docker storage
6). First we will install the oci-image-tool (https:// drivers. We also learned about the OCI's image format
github.com/opencontainers/image-spec/tree/ standardisation efforts and used the oci-image-tool
master/cmd/oci-image-tool): to assemble layers to a single container image.
$ cd $GOPATH/src/opencontainers/ It's an exciting time for software containers, and
$ git clone https://github.com/opencontainers/image we hope this article has got you thinking about how
-spec images for software containers can be built. You can
$ cd image-spec find all the code we discussed in this article at
$ make oci-image-tool https://github.com/amitsaha/linux_voice_7 in
go build ./cmd/oci-image-tool addition to a set of resources to explore next.
Next, let's create the runtime bundle for runC:
$ pwd
Amit Saha is the author of Doing Math with Python (No Starch Press)
/home/vagrant/work/linux_voice_7 and a software engineer. He blogs at https://echorand.me, tweets
$ mkdir fedora-24-runtime-bundle @echorand and can be reached via email at amitsaha.in@gmail.com
www.linuxvoice.com 83
� CODING IRC BOT
IRC: BUILD YOUR OWN
CUSTOM CHAT BOT
Use Python to create an IRC bot to entertain yourself – or provide useful information.
H
ow worried are you about artificial commands. You could elaborate on it to make it talk
MIKE SAUNDERS
intelligence (AI) taking over the world? It all in more depth, or turn it into a practical tool to provide
sounds very sci-fi, very Skynet, but some information from remote machines. It's up to you!
Why do this? public figures with geeky backgrounds are talking First let's recap what IRC is, in case you're not
• Explore network about it. SpaceX and Tesla head honcho Elon Musk familiar with it. Internet Relay Chat is an open protocol
connections in
describes AI as "our biggest existential threat", for for text-based communication across the net. Users
Python
instance, while Steven Hawking has also said it's connect to IRC servers – many of which can be linked
• Monitor servers via
IRC channels something we need to be wary of. We at Linux Voice together to form a network – and then join "channels"
• Get your mad don't live in fear of being enslaved by our robotic that cover specific topics. For instance, you could
scientist career overlords in the near future, but with the rate of install an IRC client (such as X-Chat) via your package
started
progress, we certainly should be careful with what manager, connect to the chat.freenode.net network,
we create. and then join the #linux channel to talk about our
Now, one example of AI is a chat bot. This is a favourite operating system.
program with which you communicate by sending IRC is a simple, text-based protocol, so you don't
text. The chat bot analyses the text for information need to do a lot of grunt work to write an IRC client
and context, and responds accordingly. Really good from scratch. All you need to do is connect on a
chat bots are often hard to distinguish from real certain network port, send text messages to it, and
people – at least, when talking about very mundane respond accordingly. And that's what we'll do here
topics. In this tutorial, we'll show you how to create a – using Python. There are many specialised Python
very simple chat bot that talks on IRC and responds to chat bots that you can use and customise, offering all
kinds of advanced features, but we think it's more fun
and informative to start from the ground up, so you
can see exactly how IRC works. So let's get started!
Show me the code
For this bot we're going to use Python 2. Yes, it's an
old version of the language, but it's the default shipped
in Debian and therefore available out of the box in
Raspbian on the Raspberry Pi (which is a great little
machine for running bots – you can have bots online
24x7 without using much electricity). In true Linux
Voice fashion, we're going to show you the code and
let you try it first to see what it does, before going
through it bit-by-bit.
So, open up your favourite text editor, enter the
following code, and save it in a file called bot.py.
(Or alternatively, copy the code from our website at
www.linuxvoice.com/wp-content/uploads/2016/09/
bot.txt)
import socket
import subprocess
server = "chat.freenode.net"
channel = "#megalvtest"
Here's our code, nicely syntax highlighted in Vim. We've said it before, but it really is nickname = "megalvbot9001"
worth learning an advanced editor in depth.
84 www.linuxvoice.com
� IRC BOT CODING
irc = socket.socket(socket.AF_INET, socket.SOCK_
STREAM)
irc.connect((server, 6667))
irc.send("USER "+ nickname +" "+ nickname +" "+
nickname +" :Just testing\n")
irc.send("NICK "+ nickname +"\n")
irc.send("JOIN "+ channel +"\n")
while 1:
text = irc.recv(2040)
print text
if text.find('PING') != -1:
irc.send('PONG ' + text.split() [1] + '\r\n')
if text.find(':!uptime') != -1:
output = subprocess.check_output("uptime",
shell=True)
irc.send('PRIVMSG '+ channel +' :' + output + '\n')
So there we have it: an IRC bot in just 23 lines of
code (or even fewer if you remove the blank lines).
Not bad, eh? Note that if you're new to Python, the Here we join the #megamiketest channel, and then our bot (megamikebot9001) does
indentation added by tabs here is very important in shortly after. Then we have a jolly nice chat with it.
the language. If you try to run the code and see error
messages, make triple sure that your code is indented just common practice with IRC bots, to make it clear
just like ours. to other users in the channel that you're trying to issue
Once you have the code saved in bot.py, open your a command to a bot.) To terminate the bot, use Ctrl+C
IRC client, join the chat.freenode.net server and then in the terminal window where you're running it.
the #megalvtest channel. Unless some other Linux
Voice readers happen to be around testing their bots,
the channel should be empty. In a terminal window, IRC is a simple, text-based protocol, so
run your bot like so:
python2 bot.py
you don't need to do a lot of grunt work
After a few seconds, the bot will establish its to write an IRC client from scratch
connection to the server and join #megalvtest. You'll
notice that it doesn't say any kind of greeting when it
joins the channel, nor does it respond if you talk to it Juicy details
directly. Now, the magic that makes this happen is all in the
"Well, not much of a bot then, is it?" you may say at final three lines of this code, but the rest of it is equally
this point. Hold your horses! In the IRC channel, try important to set things up. So let's go through it in
entering !uptime in your IRC client. The bot should detail. The first two lines tell Python that we want to
respond with the output of the uptime command use some of its supplied modules for extra features:
from the machine on which it's running. Now you see import socket
what it does! (The exclamation mark at the start is import subprocess
Python on its own can't do much, but by importing
bolt-on modules into your program you can use
A quick guide to IRC
more functionality. In this case, we import the socket
If you've never used IRC before, getting started is easy.
(for network communication) and subprocess (to
Install a client like X-Chat (graphical) or Irssi (command
line) from your package manager and start it. Enter run command-line programs inside our program)
/server chat.freenode.net to join the Freenode network – modules for use in a moment.
after a few seconds, a bunch of messages will appear, and Next up, we set up three string (text) variables:
then you'll be prompted for your next action. Enter server = "chat.freenode.net"
/nick MyNickName to set your nickname – choose
channel = "#megalvtest"
something appropriate, and if you get a message saying it's
already in use, use a variant. nickname = "megalvbot9001"
Then join a channel, which is typically prefixed by a hash This is pretty obvious – they contain the server
mark, like so /join #megalvtest. You can be connected to to which the bot will connect, the channel it will
multiple IRC servers and channels at the same time, making join, and the nickname it will use. If your bot doesn't
it a very useful tool for real-time communication, especially
run correctly, maybe another Linux Voice reader is
in open source projects. For more commands, see
www.irchelp.org/irchelp/new2irc.html. also playing around with the bot, so try changing its
nickname to avoid clashes!
www.linuxvoice.com 85
� CODING IRC BOT
And then we wait to receive a bunch of data from
the IRC server. When the data arrives, we also print it
out to the terminal window, for debugging purposes:
text = irc.recv(2040)
print text
Now we need to check if the data sent by the IRC
server was the aforementioned PING request, and if
so, we send PONG back:
if text.find('PING') != -1:
irc.send('PONG ' + text.split() [1] + '\r\n')
Note the use of text.split() to pluck out the name of
the IRC server and respond directly to it. (Even though
the bot has joined the chat.freenode.net network,
it may have been redirected to another server on
Freenode like niven.freenode.net. Don't worry about
that now – it's just so you know what's going on.
Then we have the final three lines of code, which
check to see if someone has said !uptime in the
channel, and then respond accordingly:
if text.find(':!uptime') != -1:
Meanwhile, the bot spits Now the real fun begins. We establish a connection output = subprocess.check_output("uptime",
out everything it receives, to the IRC server, on port 6667: shell=True)
such as messages
irc = socket.socket(socket.AF_INET, socket.SOCK_ irc.send('PRIVMSG '+ channel +' :' + output + '\n')
from the IRC server and
STREAM) The subprocess.check_output() routine lets us
individual users.
irc.connect((server, 6667)) run any program on the Linux box that's hosting the
Note that we're not using any fancy IRC modules bot, and store its output in a string. We then send that
or libraries to do this; we're simply connecting to the output to the channel by prefacing it with PRIVMSG,
server on a specified port, so we can send textual data the channel name, and a colon – plus a newline
to it. That's the beauty and simplicity of IRC. Once character at the end.
So there we have it! If you have multiple servers to
We're not using any fancy IRC modules monitor, you could create an IRC channel, run bots
on each server, and customise them to respond to
to do this; we're simply connecting to different commands so you can see their status (RAM
the server on a specified port usage, free disk space etc) without having to SSH in to
each one.
But! We have one last trick. At the moment, anyone
the connection has been established, we tell the IRC can issue a command to the bot and it will execute
server who we are by sending it a few messages: it – the bot doesn't check to see who said the
irc.send("USER "+ nickname +" "+ nickname +" "+ command. This is obviously a potential security issue,
nickname +" :Just testing\n") so let's change the final three lines to only respond
irc.send("NICK "+ nickname +"\n") when a certain person issues the command:
irc.send("JOIN "+ channel +"\n") if text.find(':!uptime') != -1:
The "USER" information is made up of multiple if text.split()[0].find(':MyNickName!') != -1:
parts – that doesn't interest us here, so we just put output = subprocess.check_output("uptime",
the bot's nickname for everything. Then we tell the IRC shell=True)
server what nickname we want to use, followed by the irc.send('PRIVMSG '+ channel +' :' + output + '\n')
channel we want to join. Note the use of "\n" newline Here, we've added a line (the second one) that
characters at the end, to make sure the messages get searches for MyNickName (change to yours
through to the server. accordingly), surrounded by a colon and exclamation
And then we're in! Our bot is connected to the IRC mark, as that's how the nickname of a chatter is
server, has identified itself and joined a channel. But supplied in messages from the server. So in this
there's one thing it needs to do to stay alive. You see, case, the bot will only respond if MyNickName
the IRC server will periodically send a PING message says !uptime. And to be extra secure, register your
to the bot to see if it's still running – and if the bot nickname with the IRC services, add a password,
doesn't respond with a PONG message, the IRC and nobody else will be able to pretend to be you and
server will assume the connection has dropped or the control your bot!
bot has been terminated, and remove the bot from the
channel accordingly. So we set up an infinite loop: Mike Saunders is not a bot, honest. KILL ALL HUMANS... *cough*,
while 1: sorry, ignore that.
86 www.linuxvoice.com
�� CODING CRYSTAL
WRITE A WEB
APPLICATION IN CRYSTAL
Try a new-ish programming language that reads like Ruby and is as fast as C.
T
AMIT SAHA he Crystal programming language tools # hello.cr
(compiler and others) are available via a single puts "Hello from Crystal. Please enter a line of text: "
Why do this? command: crystal, with the latest release at s = gets()
• Because life's too the time of writing being 0.19. We can either download puts("You entered: #{s}")
short to specify your the pre-built binaries or install using the distro's puts("Type of input: #{typeof(s)}")
variable types
package manager. We will follow the latter approach if s
even though it involves adding a third party-repository. length = s.size
The following will install Crystal on Fedora 24: end
$ curl https://dist.crystal-lang.org/rpm/setup.sh | sudo puts("Type of length: #{typeof(length)}")
bash puts("Number of characters you entered: #{length}")
$ sudo dnf -y install crystal Let's now compile the program and execute it:
Note that if you don't have GCC installed, you will $ crystal build hello.cr
have to install it before you can compile and run $ ./hello
Crystal programs. For a complete list of installation Hello from Crystal. Please enter a line of text:
options, see the installation documentation at Hi Crystal
https://crystal-lang.org/docs/installation/index. You entered: Hi Crystal
html. Once the installation steps are completed, Type of input: (String | Nil)
open your favorite terminal emulator and type crystal Type of length: (Int32 | Nil)
version and it should print a message as below: Number of characters you entered: 11
$ crystal version The first line in the above program is a comment,
Crystal 0.19.0 [dcfb2b6] (2016-09-02) beginning with the # character. Crystal doesn't yet
Before we start to type in entire programs, let's take support multi-line comments.
a quick look at the eval command. Type in crystal The next two lines displays an input prompt and
eval, type in the code snippet below and press Ctrl+D waits for the user to enter a line of input. This input
to send the EOF signal: line is stored in the variable, s. We have to use the if
$ crystal eval condition to check whether the variable s has a non-nil
msg = "Hello World" value, since the size method is only defined for the
puts msg String type.
puts(1+2) Next, we use the puts() function and use string
The line msg = "Hello World" creates a variable, interpolation to embed the input message in the
msg and assigns it the string "Hello World". Note how output string. That is, You entered: #{s} creates a new
we didn't need to declare the variable type here. Next, string as You Entered: Hi Crystal. Next, we use the
we print this string, using puts msg. puts is a Crystal typeof expression to print the type of the input string,
method used to print to the standard output. In the s. We can see from the output that the type is (String
next line, we again call the puts method with 1+2 as | Nil). This indicates a union type in Crystal and is read
the argument. Once you press Ctrl+D above to signal as String or Nil. The Nil data type can have one value
EOF, you should see the following output: only, nil, and is used to indicate the absence of a value.
Hello World Next, we use an if condition to check if s has a non-
3 nil value, and if so we find the number of characters
The eval command is useful for quickly verifying in the string using the size method, which we finally
snippets of code, but it's worth noting that Crystal is a print. Note that the type of the length variable is
compiled language, so even when you are using eval, another union type (Int32 | Nil).
it is compiling your code in the background and then The union type is a compilation-time property. At
executing it runtime, a variable or an expression of course has
Let's now write our first Crystal program save it into a single type. The runtime type can be found by
the file hello.cr: invoking the class method. For example:
88 www.linuxvoice.com
� CRYSTAL CODING
s = gets() Functionality of crystal
puts("Compile time type: #{typeof(s)}") eval.
puts("Runtime type: #{s.class}") $ crystal eval
When a line of input is entered, we will see that the
runtime type is reported as String:
A line of input
Compile time type: (String | Nil)
Runtime type: String
Write code into
The compile time type still remains as String|Nil. standard output
Methods
We can define a method (or function) in Crystal using
def <method-name> specifying the parameters in
parentheses. Our next program shows how we can
Signal end of input
define methods including overloaded methods:
# Example of defining method including overloaded
via Ctrl+D
methods
# method_demo.cr
def power(number)
number**1 Code is compiled and
end
def power(number, p) then executed
number ** p
end
print("Enter a number to square: ") In the above program, note how we converted the
number = gets() inputs to a floating point number and integer using the
print("Enter the power to raise it to: ") to_f and to_i methods respectively.
p = gets() Let's see what happens if we give the second input
if number (power) as a non-integer:
if p ./method_demo
p = p.to_i Enter a number to square: 3.4
result = power(number.to_f, p) Enter the power to raise it to: 1.2
else invalid Int32: 1.2
result = power(number.to_f) (ArgumentError)
end <traceback>
puts("\nResult: #{result}") The to_i method couldn't convert the string 1.2
end to an integer and prints us a traceback, which is not
We define two methods power() of the same name. how we want to report an error. We will now see an
One accepts a single parameter (a number), and the example of Crystal's exception handling and report
other accepts accepts two numbers as parameters, a friendly error message and exit. The
the second one being the power to which to raise the begin..rescue..else..end block is used PRO TIP
first number. to handle exceptions in Crystal. The In Crystal, we can pass arguments to
Then, we ask the user to input a number and the begin block has code that may raise an methods with or without parentheses. For
example, puts "Hello" and puts("Hello") are
power that we want to raise it to. If the second input exception, which we want to rescue (or both valid.
is not entered, we call the power method with just the catch) in the rescue block. We may want
first number and hence the first power method gets some code to be executed only when
called. When the power is also specified, the second there is no exception and we put that code in the else
power method gets called. This is an example of block. Below, I have shown only the part that has
overloaded methods in Crystal. changed from our previous program:
Let's compile and run the above program: # For the entire program, see method_demo_exception_
$ crystal build method_demo.cr handling.cr
$ ./method_demo if number
Enter a number to square: 2 begin
Enter the power to raise it to: number = number.to_f
Result: 2.0 rescue ex : ArgumentError
$ ./method_demo puts("Error converting number to floating point
Enter a number to square: 3.2 number: #{ex.message}")
Enter the power to raise it to: 2 exit(1)
Result: 10.24 else
www.linuxvoice.com 89
� CODING CRYSTAL
ARGV and PROGRAM_ mixed_arr = [] of Int32|String|Nil
ARGV - array of command line arguments
NAME for a Crystal binary mixed_arr << 1
program mixed_arr << "Hii!"
puts mixed_arr[0]
$./crystal-binary>arg1 arg2 .. argN puts mixed_arr[1]
puts "Size of mixed_arr: #{mixed_arr.size}"
In the above code, we declare that mixed_arr is an
array of union type Int32|String|Nil, then we append
PROGRAM_NAME
items to the array using the << operator. We can then
refer to the fifth element using mixed_arr[4] (the first
if p element has the index 0) and the size method can be
begin used to find the number of elements in the array. The
p = p.to_i output of the above code is:
rescue ex : ArgumentError 1
puts("Error converting power to integer: #{ex. Hii!
message}") Size of mixed_arr: 2
exit(1) A common operation with an array is to iterate over
else the elements and do something with each element.
result = power(number, p) We would do so using the following construct:
end mixed_arr.each{|item| puts item}
else The above code will call the puts method with item
result = power(number) where item is each element in the array.
end A common task when writing command line
puts("\nResult: #{result}") applications is to be able to do some basic command
end line argument handling. In Crystal the global array
end ARGV stores the command line arguments passed
The first begin..rescue..end block to a program when executing it. Unlike, most
PRO TIP handles the conversion of our first programming languages out there however, ARGV[0]
Crystal programs end with the ".cr" input to a floating point variable. We – that is the first element of this array is not the
extension. For the purpose of this article, specify that we want to rescue the program name, but the first command line argument.
we will put all our programs in a sub- ArgumentError exception. If we get Another global, PROGRAM_NAME stores the program
directory "linux_voice_6" under the $HOME
directory. one, we print a message and exit out name. Let's see a quick demo of these globals:
of the program with an exit status of 1. # cmdline_args_demo.cr
We do the same for the second input. puts "PROGRAM_NAME: #{PROGRAM_NAME}"
Now, if we build and run this program, we will see the puts "ARGV: #{ARGV} Size: #{ARGV.size}"
following upon bad input: If we build and run this program now passing
$ ./method_demo_exception_handling command line arguments to it, we will see:
Enter a number to square: 4 $ crystal build cmdline_args_demo.cr
Enter the power to raise it to: 2.1 $ ./cmdline_args_demo hello world
Error converting power to integer: invalid Int32: 2.1 PROGRAM_NAME: ./cmdline_args_demo
$ ./method_demo_exception_handling ARGV: ["hello", "world"] Size: 2
Enter a number to square: 1a In the GitHub repository for this article, you can see
Enter the power to raise it to: 2 a more useful example of using the command line
Error converting number to floating point number: arguments in the program basic_ls.cr.
Invalid Float64: 1a
Concurrent execution with Fibers
Arrays and command line arguments Fibers are lightweight threads (more commonly
Arrays can be used to store items of a single type, referred to as coroutines) and provide the mechanism
such as integers or multiple types such as integers via which we can have concurrent threads of
and strings. We can create an array and initialise it execution in a Crystal program. Any Crystal program
with the members as follows: runs as a fiber and its execution is managed by
mixed_arr = [1, 1.2, "Hello", nil] Crystal's own runtime scheduler. To create a fiber in
puts typeof(mixed_arr) our program and hence be able to have two
The type of mixed_array will be printed as: concurrent units of execution, we use spawn. The
Array(Float64 | Int32 | String | Nil) indicating that the next listing shows a simple example:
type is a union type. spawn do
When we want to create an array without initialising puts("I am in second fiber")
it at the same time, we have to declare the type as end
follows: puts("In main fiber")
90 www.linuxvoice.com
� CRYSTAL CODING
sleep 1.second Program with one or more
When we create a fiber using spawn, it doesn't fibers spawned
start running immediately. Our main fiber continues Crystal program starts
executing; only when we go to sleep for a second
does our secondary fiber get a chance. If we run the executing (main fiber)
code above, we will get:
./fiber_demo
In main fiber
I am in second fiber Create a secondary fiber
WebSocket powered web application with Kemal
Kemal (http://kemalcr.com) is a micro web
framework for Crystal that comes with inbuilt support
for websockets. We will use it to create our
Main fiber sleeps
websocket-based chat application.
We will first create a Crystal project skeleton using
crystal init app <name>:
$ crystal init app broadcaster
create broadcaster/.gitignore
Secondary fiber runs and
create broadcaster/LICENSE completes
create broadcaster/README.md
create broadcaster/.travis.yml
create broadcaster/shard.yml
Main fiber runs, executes
create broadcaster/src/broadcaster.cr
create broadcaster/src/broadcaster/version.cr
create broadcaster/spec/spec_helper.cr
create broadcaster/spec/broadcaster_spec.cr
& exits
Initialized empty Git repository in /home/vagrant/work/
linux_voice_6/temp/broadcaster/.git/
We have given the name of our application as get "/" do
broadcaster. Crystal generates a number of files for "Hello client, connect to /socket for websocket chat!"
us in a new subdirectory broadcaster and also makes end
the directory a Git repository. ws "/socket" do |socket|
The .travis.yml file is created for us so that we # Add to the clients array
can easily have the Travis software testing service clients << socket
build our projects (https://docs.travis-ci.com/user/ # On recieving a message from a client, echo it
languages/crystal). # back to all other clients
The shard.yml file is where we will add our third- socket.on_message do |message|
party dependency as follows: clients.each {|socket| socket.send message}
name: broadcaster end
version: 0.1.0 # If a client disconnects, delete it
dependencies: # from the array
kemal: socket.on_close do
github: sdogruyol/kemal clients.delete socket
version: 0.15.1 end
authors: end
- Amit Saha <amitsaha.in@gmail.com> Kemal.run
license: MIT Note how I have removed the module definition
We specify that our application depends on the from the generated code but have kept the first
"kemal" which we want fetched from github and we require, so that you if we decide to extend this
want the specific version 0.15.1 (the most recently application, we can add our code to a file in the
released) version. broadcaster directory and it will be automatically
Next, we will save the following code for our web available to us for use here.
application in the file broadcaster/src/broadcaster.cr: require is used to bring in type definitions, methods
require "./broadcaster/*" or essentially bring in code from other files. Here,
require "kemal" when we specify require "kemal", Crystal looks for a
# Array, clients to store the incoming file named kemal.cr in the standard library, and then in
# connections the libs/ sub-directory relative to the current working
clients = [] of HTTP::WebSocket directory. If it isn't found in any of these locations,
www.linuxvoice.com 91
� CODING CRYSTAL
Flow of events when a $ crystal build src/broadcaster.cr
client connects to our Web application Running $ ./broadcaster
web application via [development] Kemal is ready to lead at
web socket. http://0.0.0.0:3000
Incoming client connection
From another terminal, we can use curl to send a
request to the root of our application:
Client socket added to $ curl 127.0.0.1:3000
clients array Hello client, connect to /socket for websocket
chat!vagrant@localhost
Now that our web application is ready, we will now
write the websocket client to talk to it. For our client,
WebSocket Event listener we will not have to use any third-party library, as
listens for activity on the Crystal comes with inbuilt support for it in the http
client socket module. The listing below presents the client:
Message received Client disconnected # ws_client.cr
require "http"
if ARGV.size == 1
Broadcast message Client socket removed server = ARGV[0]
to all clients from clients array else
server = "ws://localhost:3000/socket"
end
crystal looks for a directory named kemal in the ws = HTTP::WebSocket.new(URI.parse(server))
present working directory that contains a file kemal. # This fiber will run concurrently waiting for a line of
cr directly underneath it. If this isn't found, a compile input
time error is reported. # and then writing to the socket
At the top of the file, we have an array, clients of spawn do
type WebSocket defined in the HTTP module. When while true
a new client connects to our web socket, we will store msg = gets()
it in this array and delete it upon disconnection. Next, if msg
we set up a handler for any GET request to the root of ws.send(msg)
the application, "/". Here, we just return a message. end
Next, we set up our WebSocket endpoint as ws "/ end
socket". We first add the incoming client connection end
socket to the clients array. Then we register a handler # Display any message we get from the server
for the on_message event. When we ws.on_message do |message|
get a message from the client, we echo puts "Got: #{message}"
PRO TIP back to all the clients, hence the name end
The standard library of Crystal uses broadcaster. We use the send method # Start the ws loop
overloaded methods extensively. One
example is the gets() method in the io.cr to send this message. ws.run
file. Next, we register the on_close handler If we build and run the client with our server
to handle client disconnections. When a still running, we can interact with our server via
client disconnects, we want to remove websockets:
its socket from the clients array, so that we don't try $ ./ws_client
to send a message to it. We do so using the delete Hello broadcaster
method. Finally, we have Kemal.run, which starts our Got: Hello broadcaster
web application. We will leave this client running and start another
Before we can run our application, we will first have client in a different window:
to install our dependency – kemal(you will need to $ ./ws_client
install the openssel-devel package): Hello, I am client 2
$ shards install Got: Hello, I am client 2
Updating https://github.com/sdogruyol/kemal.git If we go back to our first client window, we'll see this:
Updating https://github.com/luislavena/radix.git $ ./ws_client
Updating https://github.com/jeromegn/kilt.git Hello broadcaster
Installing kemal (0.15.1) Got: Hello broadcaster
Installing radix (0.3.1) Got: Hello, I am client 2
Installing kilt (0.3.3) It would be a good exercise to try our client with
We are now all set to start our web application. any WebSocket server and make any changes to
From our project directory, let's build our application it to make it into a generic command line client for
and run it: interaction with WebSockets.
92 www.linuxvoice.com
� CRYSTAL CODING
Next, we will add tests to our web application so Functionality of our
that we don't have to execute a separate command WebSocket client
line client by hand to make sure that our web Client starts up and connects
application is working as we expect it to. With a fast- to our web application
developing language like Crystal, this is even more
useful. When crystal init generated the app skeleton
for us earlier, it also created a spec directory where it If user
created two files for us: spec/broadcaster_spec.cr enters an in
and spec/spec_helper.cr. We will define our tests in Spawn a fiber
spec/broadcaster_spec.cr and put any helper code input, write
including other files in spec/spec_helper.cr. Let's run it into the
crystal spec now from the application's root directory
websocket
(ie the broadcaster directory) and see what happens WebSocket event loop waits
(Note that you have to install the libxml2 development
package before we can run this successfully – on for messages from the server
Fedora, sudo dnf -y install libxml2-devel):
$ crystal spec Message received
[development] Kemal is ready to lead at
http://0.0.0.0:3000
^CKemal is going to take a rest!
Show message
Finished in 12.55 seconds
0 examples, 0 failures, 0 errors, 0 pending
this writing, spec-kemal doesn't have any helper for
Tests for your web application testing websocket-based applications and hence,
Our web application was started because the we have copied over a part of our command line
spec code calls our application, and nothing useful client code we wrote earlier to test connecting to the
happened. I stopped the application using Ctrl+C. websocket and sending a message. Note also that we
Now, let's write our tests. We will use another third- don't check the reply from the server for simplicity.
party library, spec-kemal (https://github.com/ Finally, we will need to add the dependency to our
sdogruyol/spec-kemal), which provides helpers for shard.yml file as:
testing a Kemal web application. We will modify the spec-kemal:
spec/spec_helper.cr file as follows: github: sdogruyol/spec-kemal
$ cat spec/spec_helper.cr branch: master
require "spec-kemal" Note that here we specify the branch that we want
require "../src/broadcaster" the code from, rather than a version. Run shards
We will modify the "spec/broadcaster_spec.cr" to be install again and then we run the spec tests:
as follows: $ crystal spec --verbose
require "./spec_helper" Broadcaster
require "http" can call /
describe Broadcaster do can talk to websocket /socket
# Start our kemal web application Finished in 2.69 milliseconds
start 2 examples, 0 failures, 0 errors, 0 pending
it "can call /" do The --verbose flag tells the test scenarios being run
get "/" and we see that it succesfully ran both the tests for us
response.body.should contain "Hello client" without any failures.
end
it "can talk to websocket /socket" do Conclusion
server = "#{APP_URL}/socket" We started off with the absolute basics of the Crystal
ws = HTTP::WebSocket.new(URI.parse(server)) programming language and built a WebSocket-
ws.send("Hello from client") powered web application and a command line client
end to talk to it by the end of this. Along the way, we
# Stop our web application learned about using external packages and how to
stop write tests for our Crystal application as well. You can
end find all the code listings for this article at https://
The first test checks that sending a request to / github.com/amitsaha/linux_voice_6.
returns a friendly message and the second test just
sends a message to the web socket. The APP_URL
Amit Saha is the author of Doing Math with Python (No Starch Press)
global variable is exposed by spec-kemal to be that and a software engineer. He blogs at https://echorand.me, tweets
of the currently running server, so we use that. As of @echorand and can be reached via email at amitsaha.in@gmail.com
www.linuxvoice.com 93
� CORETECHNOLOGY EXTENDED ATTRIBUTES
CORE
Valentine Sinitsyn develops
high-loaded services and
teaches students completely
unrelated subjects. He also has
a KDE developer account that
he’s never really used.
TECHNOLOGY
Prise the back off Linux and find out what really makes it tick
Job scheduling
W
e all live in a four-dimensional world. One of V6, co-authored by Dennis Ritchie and Ken Thompson
these dimensions is time, that is, a back in the mid-seventies.
sequence of recurring events that we can In a nutshell, the cron daemon is just a slightly more
count and measure. Many things in our lives are elaborate version of the above script. It wakes up
periodic as well: we wake up and go to bed, take our once per minute and checks config files to see if it has
meds and meals, and so on. No wonder we designed anything to do. If yes, cron executes the respective
computers to operate in almost the same way. commands. Otherwise, it goes back to sleep until the
Periodic events lie at the very heart of CPU next minute.
operation, but today we'll be concerned with a higher- The main config file for cron is /etc/crontab. There
level picture. If you are a system administrator, you are also per-user crontabs, as we'll see shortly. Each
may want to check for updates once per week, and line in the crontab is either an environmental setting
rotate logs daily. On the other hand, jobs like planned or a cron command. Settings look similar to shell
maintenance usually occur at specific times. Linux variables (LV027) except no expansions are made to
comes with all sorts of tools to help you scheduling the values. The values themselves can be single- or
that, and they will be our focus today. double-quoted, and ~ works as expected, since the
shell, not cron, handles this symbol.
Crontabs explained Cron defines several environment variables
Crafting your very own periodic job in Linux is really a automatically. This includes SHELL (defaults to /bin/
piece of cake: sh), PATH `/usr/bin:/bin), HOME and LOGNAME. The
while true; do latter is the name of the user for which cron executes
# yes, do something the command. Note that the default PATH setting is
sleep $some_time often different from what you get used to in the shell:
done $ echo $PATH
Run this script in the background with nohup to /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/
make it last longer than your interactive session, and bin:/usr/games:/usr/local/games
you are set. Of course, reinventing the wheel each This is a common source of errors when you first
The FreeBSD project
time you want a recurring task is not the way things try the command in an interactive session, then copy
archive all manpages for
most versions of BSD and work in Linux. There are several daemons for this role. and paste it into the crontab. Either use full paths or
Linux on their website, so Despite the variations, often we call them just cron. set PATH appropriately.
head there to find out how The name originates from "chronous", the Greek word Another predefined setting is MAILTO. By default,
to use any version of cron for time. Rumours are that cron first appeared in Unix cron captures commands outputs and mails them
to the crontab owner. You can set MAILTO to a
comma-separated list of addresses (including local
usernames) to receive this mail instead. In real-
world deployments, cron jobs often execute under
a dedicated non-human user account, or just root.
Either case, there is no real person behind the owner's
mailbox, so MAILTO is used to redirect cron messages
to some mailing list instead.
Cron commands contain several blank-separated
fields (see the figure). They set the schedule and
the content (that is, shell commands) for the job to
execute. In the system crontab we're discussing now,
94 www.linuxvoice.com
� EXTENDED ATTRIBUTES CORETECHNOLOGY
Minute
there is usually a field in between saying the user
Hour
name to run the command as.
Day of month
The first five fields of a cron command set the Month
schedule. These fields are (in order) the minute, hour, Day of week
the day of a month, month and the day of a week. All Username
are expressed as integers; 1 means January and 0 Command
or 7 is Sunday. You can also use abbreviated English
month and day names ("Jan", "Wed" etc), which are
52 6 1 * * root run-parts --report /etc/cron.monthly
case-insensitive. For integer values, ranges (1–5) are
supported and treated as inclusive. A slash after the
The cron command
range defines the step: 0–6/3 expands to 0, 3, and 6. typical Ubuntu system:
dissected. The sixth field
Individual values come comma-separated (1,2,3), and $ ls /etc/cron.d
is only present in system
you may use an asterisk (*) as a wildcard matching anacron php5 crontabs. Fields are blank-
any value. Period names, such as `@weekly`, are also Moreover, most (if not all) distributions separated, and shouldn't
recognised; see crontab(5) for details. configure cron to execute scripts in /etc/cron. include comments.
The command itself is an ordinary shell expression, {hourly,daily,weekly,monthly} every hour, day, week or
with a few things to note. First, it should be valid for month, respectively:
whatever interpreter SHELL points to. That is, you 17 * * * * root cd / && run-parts --report /etc/cron.hourly
won't be able to use Bash constructs unless you 25 6 * * * root test -x /usr/sbin/anacron || ( cd / &&
change the defaults. Another common pattern is run-parts --report /etc/cron.daily )
to silence the standard output with >/dev/null. This ...
way, cron will mail you only if there is anything in The excerpt above comes from an Ubuntu 14.04
stderr, which presumably means that things went box. Note that hourly jobs run at the 17th minute,
wrong. A percent sign % is translated to a newline and daily ones execute at 6.25am. You may think
unless escaped (\%). Everything up to the first % is the 15th minute or 6.30am look prettier; that's true,
a command, and everything after that is fed to its and that's the reason not to use these times in your
standard input. schedules. Many people may decide to run their
jobs at the noon or at the midnight, or every quarter
Flexible schedules of an hour. So a bunch of scripts will start at once,
Now, consider this example: drawing unwelcome peaks in the system load graphs.
MAILTO=cron-messages@mydomain.tld "Randomizing" the schedule helps to keep system
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/ load more uniform.
usr/bin The run-parts tool is employed to run all executable
scripts in a directory the proper way. We'll cover
# Sample cron schedules anacron shortly. To sum up: for typical schedules, just
*/5 * * * * root logger "I'm a frequent job" wrap your job as an executable script under
0 1 * * * root logger "I'm a midnight wanderer" /etc/cron.*. For custom schedules, put crontab in
*/30 8-20 * * * root logger "I work when you do" /etc/cron.d. Either way, cron detects your changes
* * * * * root logger "You can't do without me" automatically, and there is no need for explicit reload.
Crontabs may contain blank lines and comments.
Be careful not to append comments to cron Your crontab, your way
commands, however, as they will be sent to the shell. So far we dealt with system-level crontabs. They
The first cron command runs once every 5 minutes. are good for jobs that affect the host as a whole,
The second runs once per day, at 1.00am. The third like rotating log files or fetching package updates.
runs twice per business hour (8am–8pm). The final Ordinary users (including root) may also want to
command executes at each cron iteration, or roughly have their own jobs. Imagine you run a website on
once per minute. Cron considers time relative to the shared hosting and need to aggregate some stats. It
server's time zone, and there is no way to redefine it would be a breach to grant every user in a system an
per crontab. access to /etc/{crontab,cron.d}, so Linux has another
You may want to add these lines to your system's mechanism – per-user crontabs.
crontab and see how this really works. The logger These crontabs live in /var/spool/cron/crontabs,
command (LV025) puts a message in the system and they follow the same syntax, except that cron
logs. Each log entry includes a timestamp, so you can commands have no username field, for obvious
check that the schedule works as intended. reasons. You don't edit these files directly. Instead,
In fact, there is little need to touch /etc/crontab you call the crontab tool, which runs $EDITOR of your
these days. Most packages install their own crontabs choice (that's Vim, isn't it?), validates the crontab, and
under /etc/cron.d, and cron stitches them together. stores the file in the proper place. crontab facilitates
As creating and removing files is much simpler than editing (-e), removing (-r) and listing (-l) crontab files.
editing text configs, this makes package maintenance You may also instruct it to operate on someone else's
easier. This is what you'll find in this directory on a crontab with -u. It's a good idea to use this switch
www.linuxvoice.com 95
� CORETECHNOLOGY EXTENDED ATTRIBUTES
More specifically, Anacron reads /etc/anacrontab.
This file also has a crontab-like syntax. The usual
environment settings such as LOGNAME, PATH and
MAILTO are recognised, but job descriptions are a bit
different:
1 5 cron.daily run-parts --report /etc/cron.daily
7 10 cron.weekly run-parts --report /etc/cron.weekly
@monthly 15 cron.monthly run-parts --report /etc/cron.
monthly
The first number is a job's period, measured in days.
Anacron understands some period names as well, but
what exactly it recognises depends on the flavour. In
There is no equivalent to
for your own crontabs if you run crontab via su. Of Debian, you can use @monthly and @yearly, albeit
/etc/crontab for Systemd
timers. However, systemctl course, you must be a superuser to make use of the the man page mentions the former only. Red Hat's
list-timers output is a -u switch. By the way, root may also have a per-user cronie, which also includes Anacron, adds @daily and
close analogue. crontab, and no, it's not the same as /etc/crontab. @weekly to the set.
Changes you make to per-user crontabs are applied The second field is a job's delay, measured in
automatically, and you don't have to restart the minutes. The idea is not to spawn many jobs
daemon. simultaneously, so when Anacron decides to run
You may restrict per-user crontabs with /etc/ a job, it delays execution for the given number of
cron.allow and /etc/cron.deny. Both files contain minutes. Cronie improves uniformity even further
usernames (one per line). If /etc/cron.allow exists, with the RANDOM_DELAY environment setting (see
only users explicitly listed are eligible to run crontab anacrontab(5)).
and have private cron schedules. /etc/cron.deny The next field is a job's identifier. Any non-blank
works the same way, albeit it's a blacklist, not a character except a slash is permitted. This identifier
whitelist. If both files exist, /etc/cron.allow takes is used in the messages that Anacron produces, and
precedence. That is, the user must be listed in for internal book-keeping. For instance, the anacron
/etc/cron.allow to be able to run crontab. command receives a job argument, which is an ID
(actually, a shell glob pattern) of the job to run. The
While you were sleeping final part of the line is a shell command to execute.
Cron works just fine, as long as your computer is Again, here's a run-parts invocation for daily, weekly
switched on. But in cron, there is no such thing as and monthly cron jobs. If you compare this to the
an overdue task. If a job has missed the deadline previous snippet, you'll see that cron simply offloads
for whatever reason, it has to wait until the next these jobs to Anacron if the latter is installed (test
time. Depending on nature of the job, this could be a -x /usr/sbin/anacron || ...). This is not an option for
problem. For frequent jobs, waiting for another five hourly cron jobs, as Anacron doesn't support sub-day
minutes or half an hour usually don't hurt. Missing granularities.
a daily package update is also okay, but not rotating When the system starts, init usually spawns
logs may overfill your /var partition. Anacron to handle jobs that are currently overdue.
Anacron ("anachronistic cron") was designed to Cron is also started, and it typically has Anacron
overcome this problem. It's not a daemon, but a tool somewhere in the system crontab:
which relies on something else (usually cron) to run $ cat /etc/cron.d/anacron
itself in a timely manner. Anacron tracks jobs with day- SHELL=/bin/sh
level granularities. When it runs, it checks which jobs PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/
are overdue, executes them and exits. usr/bin
Cron flavors
Cron is not a single program. Like syslog, it is more of a And this isn't a whole story. Matthew Dillon, the author
standard for which numerous implementations exist in Linux of DragonflyBSD, created dcron, and Arch Linux includes it
(and BSD). Perhaps the most popular cron variant in Linux is as well. There is also fcron (http://fcron.free.fr), which was
Vixie cron. Paul Vixie authored it for 4BSD, but now it comes designed as a Vixie cron replacement. Fcron doesn't rely on
as a standard in many Linux distributions, including Ubuntu. anything external for asynchronous job scheduling, and it
As we know, Vixie cron doesn't handle overdue tasks, so may run jobs depending on system uptime, akin to OnBootSec
Christian Schwarz introduced Anacron as a Perl script. Later, in Systemd. With fcron, one can set nice values for jobs and
Itai Tzur reimplemented it in C. In 2007, Red Hat forked Vixie inhibit running them when the system is under heavy load, as
cron as cronie (https://fedorahosted.org/cronie), adding some in at. Fcron isn't compatible with Vixie cron, and none of the
security and configuration enhancements. In 2009, cronie major Linux distributions ship it by default. However, Arch
embraced Anacron, adding cron period names (@weekly), Linux has fcron in the official repositories.
among other things. Cronie is the default cron implementation With this variety of options, you can easily find the one to
for Red Hat distributions and Arch Linux. fit your needs, especially if you are on Arch Linux.
96 www.linuxvoice.com
� EXTENDED ATTRIBUTES CORETECHNOLOGY
30 7 * * * root start -q anacron || :
If your system happens to be awake at 7.30am,
cron will spawn Anacron to run daily (and also weekly
and monthly) jobs. If not, init will do it on the next
startup. Alternatively, you could use a dedicated
@reboot schedule for the anacron command in
/etc/crontab. Such commands run only once when
the cron daemon is started.
Systemd route
Systemd is your best anything in modern Linux. No
wonder it provides its own job scheduler, which can be
fcron is an all-mighty, yet
used as a cron/Anacron surrogate. For other jobs, such as planned maintenance,
backwards-incompatible
More specifically, Systemd has a notion of "timers". you may want a real-time (wall clock) scheduling. Vixie cron replacement.
A timer is just a unit file that carries the .timer suffix. Systemd supports it via calendar events timers. The Perhaps that's the reason
Timers control service units, so for any scheduled job corresponding [Timer] section may look like this: you don't encounter it too
you'd need two unit files: one .service and one .timer. [Timer] often.
As a rule, they carry the same name (except for the OnCalendar=daily
suffix), but that's configurable. Having a separate Persistent=true
unit for a service eases debugging a bit, as you can Persistent is important for Anacron-like functionality. It
activate it manually. It is possible to bind a timer to a tells Systemd to store the last invocation's timestamp
calendar or to some other event, and Systemd can run on the disk, and fire a calendar event immediately
overdue tasks without any external tools involved. The if the timer is already overdue. For OnCalendar, all
most important section in the timer unit file is [Timer]: other period names such as weekly are recognised.
[Unit] Moreover, you may use expressions such as 2016-*-1
Description=Sample timer 17:00:00. See systemd.time(7) for details.
[Timer] While Systemd timers are similar in spirit to cron,
OnBootSec=10min they are not equivalents. There is no crontab, and
OnActiveSec=1h no out-of-the-box way to send an email about failed
RandomizedDelaySec=60 jobs. The Systemd-cron project aims to bridge both
[Install] worlds. It translates between crontabs and Systemd
WantedBy=timers.target timer units, and handles failure email notifications,
This defines a so-called "monotonic timer". It among other things. This way, you can continue using
triggers 10 minutes after the system is booted, and the crontab interface on top of Systemd, although
every hour since that, regardless of whether the Lennart would argue it's not a good idea. Details are
service was started manually or not in between. If here: https://github.com/systemd-cron/systemd-
an OnBootSec timer is overdue, it fires immediately. cron-next. Just keep in mind that nothing stops you
RandomizedDelaySec is again a way to stretch the from running original cron on any Systemd-managed
load across some activation interval. system as well.
Command of the month: at
Cron is great for recurring tasks, but what if you want supply it via at -f. Either way, at will tell you the job's
your job to run only once? You need the at command: identifier and when it is supposed to run:
$ at 00:10 job 1 at Sat Sep 10 00:10:00 2016
First, you tell at when to run a job. Time The daemon named atd is responsible for actual
specification is rather flexible, with both absolute execution. You can look what's in its queues with atq:
(16:00) and relative (now + 12 hours or 16:00 + 2 $ atq
days) specs supported. If the time specified has 1 Sat Sep 10 00:10:00 2016 a val
already passed, and no date was specified, at a is the name of the queue. a–z and A–Z are valid
assumes you meant tomorrow. queue names, and you can tell at which queue to use
If everything is OK, at opens a shell where you enter with the -q command line argument. Higher queue
commands to run. They are fed to /bin/sh, and at identifiers mean increasing nice values for the job.
mails their output back to you (press Ctrl+D to exit). Uppercase letters work as if batch, not at, was used
warning: commands will be executed using /bin/sh to place a job. The difference is that batch jobs aren't
at> ... executed if the system load is high.
at> <EOT> If you changed your mind after placing a job, use
Alternatively, you could store commands in a file and atrm to remove it by the identifier, eg atrm 1.
www.linuxvoice.com 97
� LINUX INSIDE
LINUX INSIDE:
FRITZ!BOX 7490
This router runs Fritz!OS, a specially built market. Most of the time these routers are adverts, or do almost anything else you
distribution of Linux. Actually, we could pretty locked down, but some – including want. If you want to get started unleashing
have picked from any of a huge number of the Fritz!Box – let you make changes. the full power of your router, head to
home routers where the power of the Linux If you can make judicious use of the https://www.openwrt.org, one of the most
networking stack combined with its ability often-limited hardware, this gives you an active router-hacking sites on the web. It
to run on inexpensive hardware makes it always-on Linux server at the heart of your costs more than the free router you get
the dominant operating system in the home network. It can share files, block from your ISP, but by jimminy it’s worth it.
Nick Veitch
I miss it, it really was the best of times in a no longer available. It was unmaintained, so
was the original editor
of Linux Format, a lot of ways (as well as the worst in others), I had to move to a newer fork of the original.
role he played until he but the question is moot – I can’t (until my Of course I spent about two weeks
got bored and went son completes his time-machine) go back. complaining about things being in the wrong
to work at Canonical The magazine industry is different now. place and the default config being in the
instead. Splitter!
Some things have progressed quite a way wrong place. Objectively, it is better, but like
– I used to have to sift through sacks of most humans, there is comfort in the
actual mail; moving files from place to place familiar. As the sensible chaps who host the
relied on copying them onto unreliable Linux Luddites podcast quite correctly say,
“D
idn’t you used to be famous?” is media and physically transporting it not all change is progress.
something I was asked recently (it somewhere; the list of the lost is a long one. But I persevered. I have never been afraid
depends – back in the 90s, I *was* But it has changed. of change. Change is afraid of me. Change is
in a very famous magazine). The discussion inevitable – sometimes it is good,
led on to why I no longer worked at the Misty-eyed nostalgia sometimes not so good, but in general, in
coalface of media, and didn’t I miss it etc. I was reminded of this again recently when I most things we have to hope it leads in the
The answers are, because like actual coal upgraded my distro. My old, favoured IRC right direction. Otherwise we would all still
faces, that place doesn’t exist anymore. Sure client (OK, *some* things never change) was be running CP/M.
98 www.linuxvoice.com
�This is what we’ve done in the last 24 issues.
Subscribe to the next 12 from just £38.
Every subscription includes access to every PDF, ePub and audio edition we’ve ever published.
shop.linuxvoice.com
��