Froscon 2013, a Mini Review

This weekend I had the pleasure of attending Froscon, a weekend event held Bonn annually. This was the 2nd time Ive been able to attend but each time only on the 2nd day. Froscon is your typical Open Source event, with organised talks, a vendor area and an exhibition.

As  I was only able to attend the second day, I made sure I was there nice and early, so as not to miss anything. The standard ticket price is 5 Euros for the weekend, although there are other tarifs available. I planned to spend the morning section in a workshop and the rest of the day exploring the rest of the event. As I had arrived early, I decided to pop in and take a look at the Fedora booth and have a chat with the guys on the stand there. This year the Fedora booth was complete with a 3D printer, utilising the new 3D Printing Support in Fedora 19.

After checking out the Fedora booth, it was time for me to get over to the Workshop. The workshop was an introduction to Hadoop, run by a guy called Uwe Seiler from Codecentric. He had prepared a VM image for us to use during the workshop. It was available as a VMware image or a Virtual Box image.  While I has used to like Virtual Box I had recently removed it from my laptop. So I could either re-install it OR try and get it to work with KVM.

I started off just importing the .vmdk file and telling KVM that it was a vmdk file, but whileI did see grub, once the system started booting, I was getting lots of disk errors. I decided to convert the vmdk file to qcow2 using the following command

qemu-img convert -O qcow2 <sourcefilename>.vmdk <destinationFilename>.qcow2

Unfortunately this took the file from 2.4G to just over 7G but it did mean that it booted perfectly, with no errors. In retrospect, I realise that it was because I missed the compression option off. Doing the following, means the filesize stays as 2.4G

qemu-img convert  -c -O qcow2 <sourcefilename>.vmdk <destinationFilename>.qcow2

The image had been setup with some tutorials included, so you could work at your own pace and ask Uwe if you needed assistance.

After a couple of hours there I decided to go and investigate the exhibitors area a little more. One of the stands I walked past was the Piwik stand. I had run Piwik in the past but not for quite a while. I was impressed with how good it was looking these days, so I decided it was high time I installed it again. Now that I host my website in OpenShift I was wondering how I would be able to add Piwik. It turns out that someone has made an Open Shift Piwik application cartridge, so it was very simple to get a Piwik instance up and running.

Next I went to a talk in the Fedora room, about OpenScad. I hadent heard of it before but I was very quickly impressed with just how simple it was to use. Using it is like writing a bash script and you get instant results. There are some well documented examples over here

Next up I went to take a look at Freifunk which lets you, via alternate firmware on your router, setup up a mess network and offer free internet access to all. Its a great concept and I think mess is a very important next step in the evolution of networking, especially in light of recent revelations about wide scale internet snooping. At anytime you can see realtime stats of your local area – mine looks like this

The final talk for me was a quick overview of the new features/changes that will be in the next version of Fedora (Fedora 20). These are far too  numerous to list but can be found here.  I think Fedora 20 looks like being an excellent release

In other news, this weekend I also had a first look at OpenShift Origins (via an all in one VM). I have really come to like OpenShift, I have to admit, at first I wasnt too interested in PaaS as Im more of an IaaS person, but OpenShift has totally won me over.

All in all, it was a great geeky weekend, hope yours was too

OSG

Dropbox and SELinux

OK, so Dropbox isnt 100% Open Source but Im a pragmatic kinda guy and I do love Dropbox. However it (Dropbox) doent seem to like SELinux it seems.

I know its so tempting to reach for the “turn off SELinux” switch but wait, its actually very simple to make SELinux allow Dropbox to work.

It turns out that Dropbox tries to do some naughty stuff that SELinux is there to protect us from – namely executing out of the memory buffer. This type of thing is usually done by programs trying to do malicious things on the system and happily SELinux protects us from this – but that prevents Drop from running.

How to Fix It

There is a nice and simple way to fix this and no I dont mean disable SELinux 😉

There is a boolean that you could flip that turns off this protection – namely allow_execstack

sudo setsebool allow_execstack 1

However this is going way to far as you all now allowing any process to execute from stack, which isnt a good idea.

The best way is to tell SELinux that you just want Dropbox to be able to do this and nothing else. The way that you do this is you label the executable file, in this case /usr/bin/dropbox, as type execmem_exec_t

You can do this with a quick chcon, but thats not the best way to do it, the following two lines will fix Dropbox to work with SELinux

sudo semanage fcontext -a -t unconfined_execmem_exec_t /usr/bin/dropbox
sudo restorecon -v /usr/bin/dropbox

Now if you take a look at the SELinux contetxt of the file, you can see its got the right label

ls -lZ /usr/bin/dropbox
-rwxr-xr-x. root root system_u:object_r:execmem_exec_t:s0 /usr/bin/dropbox

If you spend a little time to understand the basics of SELinux (file contexts and booleans) you will find it is quite straight forward to work on a system with SELinux turned on

If you are interested in learning more about this stuff, check out the Dan Walsh blog

OSG

FOSDEM 2010

We I have just returned from my anual trip to FOSDEM, held in Brussels. FOSDEM is one of my favourite conferences, there are so many interesting tracks and the, already large, conference seems to grow bigger each year. FOSDEM is entirely free and exists on a combination of donations and sponsorship, a model which clearly seems to work.

Like all good conferences you are inevitably faced with with the problem that there are multiple talks that you would like to see but the are being held at the same time. Some of the talks inevitably make it online and this years is now exception. They are available here

Of course, like most conferences, its not all about the tech. FOSDEM is the conference where I see the most socialising. I guess the fact the Belgium has some of the finest beers in the world helps this no end 🙂

Each year I come away from FOSDEM itching to get my hands on some of technologies that I have heard about, and this year is no differnt. Spacewalk is a project Ive been interested in for about 6 months now and it seems to have had some really nice features added soon. Im just waiting for them to break the need to use Oracle before I really dive back into it. PostgreSQL is on the roadmap and should be here soon.

There was an interesting talk by Linsay Holmwood about Flapjack, Cucumber Nagios & Visage, both of which Id like to have a play with. Another very interesting talk was give by a couple of Guys from Facebook. They were talking about how they have scaled Facebook with Open Source tools and the additional tools that Facebook have created and Open Sourced. Full marks have to go to Facebook for this, nice to see a company contributing back to Open Source so much. You can go to facebook.com/opensource to find out about this.

I have also come away from FOSDEM ready to give OpsView another try, @dotwaffle extoled its virtues, so I certainly need to take a look at that. I have to say it was a real priviledge to listen to Andrew Tanembaum talk about Minix as well, I had no idea about some of the cool technologies included in it such as the reincarnation service. He was an entertaining speaker also which always helps.

I mentioned that FOSDEM seems to grow each year and take on more and more talks, inevitably this leads to some talks being put in rooms that are too small for the level of interest. I really wanted to take a look at some of the Coreboot talks but the room seemed to be at capacity right from the start. I guess I need to use those online videos I mentioned above.

Each year there also the usual swag available and this year was no different. I came away with a new TShirt and Max Spevak (Fedora Community guy) had brought over some excellent “powered by Fedora” case stickers. Spreaking of which, Max had also organised a Fedora Activity Day on the Friday afternoon, which was a nice way of starting off the weekend, a kind of pre-con. It was great to see so many Fedora Ambassadors at FOSDEM again this year.

All in all I had a great time there, a time that always seems to be over too quickly. It would be great to seem then extend the conference by a day or two. There were over 200 lectures given over the space of two short days, so Im sure there is enough content. I guess it depends if they could secure use of the University on weekdays that may be the limiting factor.

Anyway, a *very* big thanks to the organisers, the sponsors and the people who volunteer their time to make sure that the conference runs so smoothly. If you have never been to a FOSDEM, please make sure to see if you can go next February – watch the site for the exact date.

Other Conferences
While Im talking about conferences, please be sure to check out
LOAD www.loadays.org April, Antwerp BE
OGGCamp oggcamp.org March, Liverpool UK

WordPress comes to Android

For a while now I have been quite jealous of the SquareSpace iPhone app that let’s you manage you site right from your smart phone.

Well now, if you have a WordPress blog and an Android phone you too can have this functionality. WordPress is now in the Android app store, and what’s more its totally free.

Thanks to readwriteweb for the headsup.

Note: This post was done from my phone, alhtough the above link was impossible to do and categories also seem to be broken at the moment but this is a 1.0.0 version.

Im a very happy geek now!

Give Google a Break

Google are developing a new operating system, aimed squarely at the netbook market. The ethos behind it, like with most things at Google in the last 12 months, is speed – they want it to take no more than 7 seconds to boot.

Once logged in you will only have access to a web browser – the browser will be Googles Chrome Browser, as you may expect. There will be no desktop or other apps, everything will be done from the browser. They are going to build in functionality for  working offline, for when you are not connected to the net.

Many people, even in the Linux world, seemed to be opposed to this but I can only see it as a good thing. Under the hood its based on Linux, Google have said they have been working with Ubuntu in this respect. Google have stated that Chrome OS will be Open Source and released the current dev version on Chromium.org. From my point of view I think its going to be good for the Linux platform. The improvement in boot speed and hardware drivers alone can only be good.

I really dont know why Google seem to have so much opposition. I understand peoples concerns about a company that knows so much about its users but they are the only company to have a “do no evil” moto. Whats more Google are also a very transparent company, the information that they have on you can easily be found and deleted if you so wish. For example, if you want to view or delete your web history, just go here and do so.

I do wonder how many people know about the Data Liberation Front, a team of Google engineers who work solely on making sure that you can easily get your data in or out of as many Google products as possible, as simply as possible.

I really do feel that Google are a friend of open source. Their Android phone OS is Open Source and while I know there was some concern over their reation to the Cyanogen mod, when you read into it, you can understand their point of view – plus they worked with the Cyanogen guy to come up with a work arround.

Also, lets not forget the Google Summer of Code. Each year they make this great contribution to Open Source. Im sure its not entirely altruistic but never the less it is a very valuable contribution.

Recenlty Google seemed to cause some more negative ripples with their aquistion of the Etherpad Project. I think anyone who has tried both Wave and EtherPad will understand why Google wanted Etherpad. Etherpads real time document editing is much better than the current Google Wave client. So the Etherpad team have been pulled off Etherpad and put to work on Wave. The controvesy was not so much about this but that the fact they closed Etherpad, a product that many people use and find invaluable. They gave people about a months notice to trasition away from it. The thing I will say about this is that as soon as they became aware of the communities concern, they re-examined the decision and have re-opened EtherPad – in a matter of days. They then said, in a very open way “what were we thinking”.

UPDATE: They have also released the sourcecode for Etherpad under the Apache Licence

This brings me on to Google Wave.I know that people who have been able to try this out are not that overwhelmed with it. What I will say is that its very early days in this products development. I would also so that Wave is all about the protocol underneath that lets you collaborate on document editing and the current Wave client is just the first implementation of a client – there will be other clients. In other words, think of Wave as SMTP and the current client as Outlook Express. There will be better clients

My main point about Wave though is how Google have gone about this. They said, from the outset, that they wanted to create an open protocol, just like SMTP. They also built federation in and they have also desinged it to be extensible, so that people can develope their own plugins. This shows that they are a company that just seem to get it. The understand why Openess is important.

So whats the point of this article, well what Im really saying is give Google a break. Yes they have a lot of information about us and its right to be concerned but their every action to date seems to have been honorable. Lets save the paranoia for companies that treat us and our data appallingly on a daily basis

I’d love to hear your opinion of this subject, please leave a comment or use the contact form

OSG

WordPress Auto Upgrade

Recent versions of WordPress have the ability to upgrade themselves at the click of a button. This has never seemed to work for me, instead it just asks for FTP credentials. I was told this was a permissions thing, that this is what happens if it permissions arent correct. So today I decided to look into it. Its really quite simple.

On a web server, the service runs under an account context – in my case the account is apache. Now all the files in the root of my WordPress folder are owned by root, and only root can write to them. So this is why auto-upgrade doesnt work. Changing the ownership of these files to be Apache would fix it. However, this means that if ever Apache is attacked and breaks giving the user access as the apache user, he would have read-right access. Its a pretty unlikely scenario I know but hey, call me paranoid

If you want your WordPress to be autoupgradable, you simple need to change the ownership of the wordpress files to apache so that the webserver has read/write access.

Ive decided to come up with two scripts, one that is run before the upgrade, that changes the ownership to apache and one that runs after the upgrade to change the ownership back. Its really very simple, so here they are

Before upgrade

chown apache:apache /var/www/html
chown apache:apache /var/www/html/readme.html
chown apache:apache /var/www/html/index.php
chown apache:apache /var/www/html/license.txt
chown apache:apache /var/www/html/xmlrpc.php
chown -R  apache:apache /var/www/html/wp-content/
chown -R  apache:apache /var/www/html/wp-includes/
chown -R  apache:apache /var/www/html/wp-admin/
chown apache:apache /var/www/html/wp-*

chown root:root /var/www/html
chown root:root /var/www/html/readme.html
chown root:root /var/www/html/index.php
chown root:root /var/www/html/license.txt
chown root:root /var/www/html/xmlrpc.php
chown -R  root:root /var/www/html/wp-content/
chown -R  root:root /var/www/html/wp-includes/
chown -R  root:root /var/www/html/wp-admin/
chown root:root /var/www/html/wp-*
Post upgrade

chown root:root /var/www/html
chown root:root /var/www/html/readme.html
chown root:root /var/www/html/index.php
chown root:root /var/www/html/license.txt
chown root:root /var/www/html/xmlrpc.php
chown -R  root:root /var/www/html/wp-content/
chown -R  root:root /var/www/html/wp-includes/
chown -R  root:root /var/www/html/wp-admin/
chown root:root /var/www/html/wp-*

Its probably not really necessary but it feels better this way 🙂

Please note, my WordPress files are in the root folder, not in “wordpress” or “blog”, so you will need to adapt the above for your own case

OSG

VMware Left Me

Was it me? I dont know, I was loyal, but they left me anyway – well thats how it feels

Long Time Fan
Ive been a long time (read 2000/2001) fan of VMware – they were the first and, you could argue, still are the best in their space. Im a Linux fan, have been for a while and one of the reasons that I liked VMware was because the software I bought from them (yes I paid for Workstation and upgrades) was available for my OS of choice. Whats more they took the time to make sure that the windows worked with GTK2 looks. This to me meant that they liked their Linux users, they gave a crap about us.

I was so disappointed when I moved my home server from VMware Server 1 to VMware server 2 as the Linux client had gone. At least its been replaced with a web interface, that seems like a good idea – then all operating systems can manage the server. The interface came in for some criticism but it did everything I needed it to for the most part and I could manage my home VM server while out and about.

Times change and VMWare came out with their free version of ESX – namely ESXi. Now while ESX also had a decent web interface, ESXi did not. Your only choice of a graphical interface now meant you had to run Windows. So I stayed with Server 2.0

Recently I became aware of “VMWare Go” which was a “new web interface of ESXi users”. Yay I thought, good times! Alas no, when I went to log in I was prompted with a message that said “Your broswer must be at least Firefox 3 or higher, or IE v7 or v8 to use this site”. Thats odd I thought as I am running 3.5.5. What I very quickly realised is that this wasn’t to do with browser, it was to do with OS. I tried the site from my dual boot laptop (the only place I have Windows left these days) and I was able to get in with Firefox 3.5.5 on Windows but running the wizard prompts you to download components like the .net framework and other such single platform technology. How utterly disappointing

End of the Road
What did we do VMware? Why did you abandon us? Well anyway, I guess its the end of the road then old friend. Be happy.

Im off to migrate my stuff to Xen or KVM. Im not sure which yet, Xen has Amazon using it and Citrix seem committed to open source. In fact Ian Pratt was on FLOSS Weekly earlier in the year, so they seem to have the right mindset. On the other hand the Redhat road map points to KVM.

Anyway, watch this space. Im going to take my time to decide which to chose – i am on the rebound after all 🙂

OSG

Open Source Music on Hold

I have been working on a new project for work that I thought I would share with you. At work our Music on Hold devices (the things that provide music when you are put on hold) have been going faulty regularly. The device we currently use is a Fortune 2000 MOH from Rocom. It retails for about £260 If you are considering one of these devices, please read on.

Faulty by Design
The Rocom devices seem to last about 12-18 months before going faulty. I suspect that its the flash cartridge but being a proprietary design means its not easily replaceable.

Requirements
Ideally the device will have no moving parts; we did away with the original devices (which were literally CD players) because they were unreliable and not remotley manageable.

All we really need it to do is

  • play music on a loop
  • automatically start after power interuption
  • be remotely managable

Open source
The continued failure of device after device (we have about 70 of them accross EMEA) got me thinking, there must be a better way. I looked at Shuttle PCs but they failed the moving parts criteria (well there are ways but it didnt seem a good fit). Then my mind we to a very small fanless PC that i bought a couple of years back from Aleutia. So I took a look at the website to see if it was viable. The original device has now become the Aleutia T1

While the original device ran Puppy Linux but all the current ones run Ubuntu. Great, so the device is small, fanless and runs a very good, open source, operating system, and has a network port. So far so good.

Next I needed to work out if it would automatically start after a power outage. I dropped a quick email to the guys at Aleutia to see if this was possible and they very quickly responded to confirm that there was a BIOS setting for exactly this requirement. The final part was playing music on a loop. I was expecting it to be quite easy to acheive and I wasnt wrong.

The method of music playback I have gone for is called MPD (Music Playback Daemon), which is easily installable (its in the Ubuntu repos). I quickly installed MPD an uploaded an MP3 to the folder. Finally I added the MP3 to the playlist and set it to repeat and I was in business. Within 30 mins of unpacking the T1 I had it playing back music.

I shutdown the T1 and removed the power adaptor to test its ability to power on automatically. No sooner than I applied the power the device booted up, once the device had booted, MPD started playing the music – WIN

Final Steps
Now that I had a working device up and running, I need to think about how its supported within our company. I guess other people wouldnt be happy with SSHing into it to control it (which is really very simple actually). What I needed was a front end. Needless to say there are many front ends written for MPD. I went with a very simple web front end called MPDPlayer – its one of the many open source front ends listed on the wiki.

Ive done a little customisation of this and added a file upload button so that the whole process can be managed from the web interface.

Test Test Test
Im now in the process of testing and I do seem to have come accross a bug where playback stops after a number of days. I could just schedule a reboot of the device every night but I would prefer this to be a last resort. The MPD forums have given me some into on how to debug MPD, so I shall persue that.

Conclusion
So whats the catch? Well there doesnt seem to be one, plus this solution comes in nearly £100 cheaper than a Rocom and comes with a three year warranty rather than Rocoms 12 month one. Finally, as it uses a standard compact flash card, if it does go faulty, we can very easily replace it.

Overall Im really pleased with how easy its has been to “scracth my own itch” using existing open source projects. I intend to contribute my file upload button back to the MPDPlayer guys in the true Open Source fashion. Im also hoping that this experience will open my companies mind to using more open source solutions in future.

As ever I welcome your comments

OSG

Server Move

A few days ago I moved the server again. If you remember, after my last hosting provider was broken into by malicious hackers and I had no ETA for my server being available, I moved OSG into Amazons EC2 infrastructure.

The process was quite straight forwardand their clear pricing meant that I could be sure roughly how much it would cost. The only part I couldnt work out is the bandwith costs. Anyway I decided to leave OSG with Amazon for one month so that I could get an idea of the total cost of hosting a server instance with them.

Its been about a month now and the costs are in. The bandwith costs were tiny (probably due to the very small ammount of traffic that my site gets) and so my calcualtions were spot on.

Does it compare?

How does it compare ? Well thats not a straight forward comparison as my old server had 512megs of Ram and the smallest Amazon instance is 1.7gigs. So while the Amazon instance is more expensive, when you compare it to a server with the same amount of RAM its actually a very good price.

That said, I dont need all that extra RAM, so I have elected to move OSG back out of the Amazon cloud and back to a hosting provider.

Where did I go?

I have moved over to Linode – these guys seem to have good feedback on http://www.webhostingtalk.com/ and my experience with them has certainly been very good so far compared to my previous hosting provider.

I will no doubt do a mini write up on that in a week or two but please let me know if anything isnt working

OSG

Wave Goodbye to Email

For sometime now I have been of the opinion that email is broken. It worked at the time but now over 90% of email traversing the internet is spam. Sure, there are pretty good anti spam and anti virus systems but I honestly think we are just postponing the inevitable. I have had this conversation with friends many times and mostly they disagree but I honestly think we need something to replace email

Google Wave

Ive just watch the 80minute talk about Googles Wave and I think they really could be onto something. It combines rich interaction with very social features and its kind of an opt in model, like Facebook or Twitter, where you have to add people to your system. This means no unsolicited waves.

They have been working on this for two years and it looks really good. Dont take my word for it, go and check out the video here

Finally, and I have saved the best until last, they will be releasing it under open source so that you can set up your own Wave platform and it has federation built right in so that it will interoperate with other Wave platforms brilliantly

Lets hope this finally kills off email – it had a good innings but its time for it to go now

OSG