Re: [Dorset] Pi 5's PCIe connector for NVMe SSDs.

[Patrick Wigmore]

Hi Ralph,

That was an interesting read. I wasn't up-to-date enough to know about 
NVMe over fabrics, nor that the Pi 5 can be attached to an NVMe SSD.

On Tue, 21 May 2024 17:31:07 +0100, Ralph Corderoy wrote:
> The Linux kernel has NVMe support since 5.0; package nvme-cli drives
> it.

Linux certainly had at least some support for NVMe before version 5.0. 
I think you must be referring to a subset of the NVMe functionality 
being added in version 5.0.

The earliest Linux distribution I installed on NVMe storage was 
Kubuntu 16.04.1, using Ubuntu's 4.4.0-36-generic kernel and later 
versions. It had to be installed from a modified ISO image, since the 
standard installation media wouldn't detect the NVMe SSD.

Wikipedia says NVMe support was first added to mainline Linux in 
version 3.3.


Best wishes,

Patrick



-- 
  Next meeting: Online, Jitsi, Tuesday, 2024-06-04 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Getting programs on to the 'Application Launcher' menu

[Patrick Wigmore]

On Sat, 04 Feb 2023 17:05:16 +, Ralph Corderoy wrote:
> Hi Patrick,
> 
> Thanks for digging.
> 
> > With some experimentation, I found that the null byte comes from
> > KMail's "Add quote characters" feature.  Oh dear.  I don't think
> > it is supposed to do that.
> :
> :-)  Perhaps some off-by-one error included the terminator of a
> 
> NUL-terminated string.

It looks like the bug got fixed for newer releases in KPIMTextEdit:
https://invent.kde.org/pim/kpimtextedit/-/commit/5be92c63f3bf351eebaeab5860409873d398bce5

Sure enough, if I break from habit and include a newline character at
the end of the text selection before issuing the Add Quote Characters
command, then the null character does not appear.


Patrick



-- 
  Next meeting: Online, Jitsi, Tuesday, 2023-02-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Getting programs on to the 'Application Launcher' menu

[Patrick Wigmore]

On Sat, 04 Feb 2023 07:00:27 +, Ralph Corderoy wrote:
> You email has a byte with the value 0x80 after the semicolon in the
> Categories line, rendered as ASCII above, by the time it reaches
> here.
> 
> Is it in the .desktop file or did it get added somewhere between
> there and here?  If it's in the file, perhaps that's stopping it
> being fully processed?

The <80> is not in the file. In the file, the byte after the semicolon 
is 0x0A; a newline.

> The email has ‘Content-Transfer-Encoding: 7bit’ so that eighth bit
> did well to get here, and the software badly for letting it.  It's
> the only top-bit-set byte.

The message in my 'Sent' has 'Content-Transfer-Encoding: base64'

Decoding this, the character after the semicolon is a null byte 0x00, 
followed by the two expected newlines (0x0A). That's a bit weird.

With some experimentation, I found that the null byte comes from 
KMail's "Add quote characters" feature. Oh dear. I don't think it is 
supposed to do that.

It looks like KMail decides it can't use 7bit encoding because of the 
null byte, so it uses base64 encoding instead. Normally it defaults to 
7bit.

I don't know whether a null byte is technically valid in a base64-
encoded email, but it does seem unorthodox.

I assume the list server is receiving my base64 and turning it into 
7bit, but somehow the 0x00 becomes 0x80.


Patrick



-- 
  Next meeting: Online, Jitsi, Tuesday, 2023-02-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Getting programs on to the 'Application Launcher' menu

[Patrick Wigmore]

Re-sending this as I originally mistakenly sent it directly to Peter
(at 17:13) instead of to the list.

On Fri, 03 Feb 2023 12:25:35 +, Peter Merchant via dorset wrote:
> Tried Locate - /usr/share/applications/MicroBlocks.desktop

If you view the .desktop file as text, it should contain the command 
you need in order to run the application.

I downloaded the .deb package from their website at MicroBlocks.fun 
and opened it as an archive file to see what the .desktop file 
contains:

> [Desktop Entry]
> Name=MicroBlocks
> Comment=MicroBlocks is a graphical and dynamic blocks language for
> 32 bit microcontroller boards such as the BBC micro:bit, the
> Adafruit Circuit Playground Express, the NodeMCU and many Arduinos.
> Exec=/usr/local/bin/ublocks
> Icon=/usr/share/icons/MicroBlocks.png
> Type=Application
> Categories=Development;

This seems to show that MicroBlocks should appear in the Development 
submenu. If it doesn't, I see two possibilities:

1. The menu hasn't been "rebuilt" to take into account new .desktop
   files since MicroBlocks was installed.

2. Something is preventing the MicroBlocks.desktop file from getting
   included whenever the menu is built.

In the case of possibility no. 1, then you could try running

kbuildsycoca5

Which should result in the menu getting regenerated (among other 
things). I vaguely remember doing this in the past when an application 
wasn't showing up in my menu. It is supposed to happen automatically, 
though.

In the case of possibility no. 2, then I suppose I might suspect the 
file permissions on the desktop file to be incorrect. Or, you might 
get some useful output from kbuildsycoca5 telling you something's 
wrong with the .desktop file.

If you create a new item in the KDE Menu editor, as Terry suggested, 
then it will create a new .desktop file in ~/.local/share/applications 
containing the information you enter.

Anyway, I hope this is in some way helpful.

Patrick
-- 
  Next meeting: Online, Jitsi, Tuesday, 2023-02-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Wimborne Model Town Routing Problem

[Patrick Wigmore]

On Tue, 19 Apr 2022 09:45:02 +0100, Hamish McIntyre-Bhatty wrote:
> On 19/04/2022 07:27, Terry Coles wrote:
> > On Monday, 18 April 2022 20:26:36 BST Patrick Wigmore wrote:
> >> If there isn't a suitable route to 192.168.0.0/24 on the VPN
> >> client
> >> computer, then manually adding one temporarily might be a
> >> worthwhile experiment.
> >> 
> >> Hmmm.  I've been struggling to find the correct iptables command
> >> to do that.

> Note: iptables is a firewall, and doesn't handle routing.
> 
> You probably need to add a route with "route add" but I don't know
> what options to use after that. The only one I have used is "route
> add default gw x.x.x.x" so I will let Patrick handle this - he
> knows more Linux-specific stuff than I do here.

I would use ip route add, but I am not really 'up' on the specifics. 
It is something I would figure out by trial and error (and reading the 
manual).

But I forgot that IPSec VPNs don't present themselves as virtual 
network interfaces, which means it isn't necessarily obvious when you 
have a route that's going through the VPN, and I am not sure whether 
it is actually possible to create a route manually in the way I was 
thinking.

I was imagining that you would see a route to [something] via [a VPN 
network interface], as you would with some other types of VPN. But 
instead, you'll see something like a route to [something] via [the 
same network interface that handles your default route] and via [the 
VPN server], with the kernel knowing (somehow - I forget exactly how) 
that it needs to encrypt packets that take that route.

Looking at your ip route show output
> terry@OptiPlex:~/Useful$ ip route show
> default via 192.168.1.1 dev eno1 proto dhcp metric 100
> 169.254.0.0/16 dev eno1 scope link metric 1000
> 192.168.1.0/24 dev eno1 proto kernel scope link src 192.168.1.21
> metric 100

I think that last line is probably the route through the VPN, though I 
am not entirely certain. I've forgotten most of what I previously 
learnt about how routing works with IPSec.

Sorry for being a bit vague. This is more of a heads up that I may 
have sent you on a wild goose chase than an attempt to unpick it 
properly.

Patrick



-- 
  Next meeting: Online, Jitsi, Tuesday, 2022-05-03 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Wimborne Model Town Routing Problem

[Patrick Wigmore]

On Mon, 18 Apr 2022 10:23:19 +0100, Terry Coles wrote:
> > When a VPN client connects to the Web Server, in theory the web
> > server would see that connection coming in from a 10.1.10.0/24
> > address, not a 192.168.0.0/24 one. So, it is a given that the
> > Webserver has to be configured to accept connections from
> > 10.1.10.0/24 clients.
> So how would I do that?  I always assumed that the VPN Server
> included a router that would sort all that out.  The iptables
> output would indicate that it does.

I suppose there is some nuance here; the connection would come from a 
10.1.10.0/24 address, routed via the 192.168.0.0/24 address of the VPN 
server. So, the Webserver would see that 192.168.0. had forwarded it 
some traffic that originated from 10.1.10.x.

If the VPN server were doing NAT routing/masquerading, as opposed to 
plain old routing, then the connection would appear to come directly 
from the VPN server's 192.168.0.0/24 address. I suppose the VPN server 
*could* be doing NAT routing, but that would be a little surprising to 
me, because I am not seeing how NAT routing would be beneficial in 
this set-up.

But I only mentioned this in case you had configured the server to 
block connections that weren't from 192.168.0.0/24 addresses, so if 
you haven't done that then I can't see it being a concern.

The only other thing that comes to mind on a brief reading of your 
response to me is that, if the web server isn't accessible by IP 
address, then it certainly isn't going to be accessible via hostname.

So, as you say, the routing falls under suspicion.

The finer points of iptables configuration are perhaps a bit lost on 
me, so while I can look at the broad-strokes of your config, and I 
think it seems OK, I could easily be missing some nuances that might 
send it off the rails.

I suppose one thing to check is whether, while connected to the VPN, 
you have any other (conflicting) routes to 192.168.0.0/24. Or, indeed, 
whether there is a route to 192.168.0.0/24 at all. E.g. run

$ ip route show

on your VPN client computer and see where it thinks it should send 
traffic destined for 192.168.0.0/24.

That raises the question of how the VPN client learns which networks 
it can route to via the VPN. Presumably it does learn something, since 
you can access the various non-Webserver devices in the 192.168.0.0/24 
network. Unless that's happening by fluke.

If there isn't a suitable route to 192.168.0.0/24 on the VPN client 
computer, then manually adding one temporarily might be a worthwhile 
experiment.

It seems you've got me hooked on this puzzle, Terry. I was only going 
to write a few paragraphs here, to clarify my previous remarks!

Patrick



-- 
  Next meeting: Online, Jitsi, Tuesday, 2022-05-03 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Wimborne Model Town Routing Problem

[Patrick Wigmore]

On Sun, 17 Apr 2022 08:32:23 +0100, Terry Coles wrote:
> 10.1.10.0/24 is the network set up by
> the VPN Server to forward remote traffic on and each device on the
> WMT Network is allocated an address in that range

If I understand you correctly, I think you are saying that each device 
on the WMT Network is allocated an address in the 10.1.10.0/24 range. 
This does not make sense. Why would the WMT Network devices need 
10.1.10.0/24 addresses, in addition to their 192.168.0.0/24 ones?

More likely, the 10.1.10.0/24 range is only used for the VPN server 
and the VPN clients, and VPN clients can simply address WMT Network 
devices directly, using their 192.168.0.0/24 addresses. As you've 
shown, the VPN server is configured to route between these subnets, so 
that should be fine and dandy. This is how I remember the VPN working 
before.

This works in the same way that you can communicate to, say, a Google 
server in the range 216.58.192.0/19 from a computer that has a local 
IP address in the range 192.168.1.0/24. Clearly, Google's servers do 
not get renumbered to suit your local network. Neither are the WMT 
Network devices going to be renumbered to suit the VPN. It is not 
necessary or useful.

The VPN clients are having their IP addresses allocated by the VPN 
server. I think it uses the VPN's own protocol as opposed to DHCP to 
communicate these addresses to the clients, but I can't remember for 
sure. Either way, the VPN server is responsible.

This also means that the VPN clients will not be getting told about 
the 192.168.0.1 DNS server via DHCP, so they won't automatically use 
it. This means their traffic won't get forwarded to the web server 
automatically. If you wanted them to know about that DNS server, you 
would need to configure the VPN server to tell them about it. They 
won't discover it automatically via DHCP like an on-site network 
client would.

Be aware that VPN clients will sometimes use a VPN-provided DNS server 
for EVERYTHING, which could have the effect of intercepting DNS 
queries for traffic that has nothing to do with the VPN, which might 
break networking for things that are running on the same machine as 
the VPN client, and could cause a privacy issue. If possible, it may 
be better to configure the VPN clients so that the WMT DNS server is 
only used to query domain names that are part of the WMT network.

So, when you said:
> The VPN Server doesn't know the IP Address of the
> Webserver, but it doesn't need to because all traffic should be
> forwarded to it.

The second part of the statement was untrue. The VPN server DOES need 
to know the IP address of the Webserver (assuming you want it to tell 
its clients), because the automatic forwarding to the Webserver only 
works for DHCP clients in the local network.

It is safe to assume that on-site Visitors devices, connecting via 
WiFi, are all configured to use DHCP, both to obtain an IP address and 
to learn about a DNS server. It is not safe to assume the same for VPN 
clients. Not only have the VPN clients already got an IP address from 
the VPN server, so they won't be looking for another one, but DHCP 
works using broadcast messages, which are only received by devices in 
the same subnet.

So, given that they have 10.1.10.0/24 addresses, the VPN clients 
cannot make use of the 192.168.0.1 DHCP server. They should, however, 
be able to make use of the 192.168.0.1 *DNS* server, provided that 
they are told about it.

> The DNS Server does not work for clients logged into the VPN Network
> via VPN.

Do you mean that it does not work automatically, or do you mean that 
clients logged in via the VPN cannot query this server at all. What 
happens if you say explicitly which server to query, by doing:

$ dig @192.168.0.1 [webserver domain name]

or

$ nslookup [webserver domain name] 192.168.0.1

on a device that is connected via the VPN?

> The Webserver is inaccessible to clients logged into the VPN Network
> via VPN unless an intermediate device is used as a 'stepping
> stone'. (eg, log into another Pi and then log in to the Webserver
> from there.

Based on all of the above, I would expect that VPN clients cannot 
access the Webserver using its domain name, but they can do using its 
IP address. Is this true, or is it inaccessible even by IP address?

If the Webserver is inaccessible even by IP address, what happens if 
you try to ping it?

When a VPN client connects to the Web Server, in theory the web server 
would see that connection coming in from a 10.1.10.0/24 address, not a 
192.168.0.0/24 one. So, it is a given that the Webserver has to be 
configured to accept connections from 10.1.10.0/24 clients.

With that all said, that is far from the only way to configure IP 
addressing on an IPSec VPN. I'm relying on the fact I've used the WMT 
VPN in the past to fill in some of the blanks, and it is possible 
things could have moved on from that. (Or I could have misremembered.) 
Anyone coming across this 

Re: [Dorset] Query about iptables

[Patrick Wigmore]

On Sun, 27 Mar 2022 16:13:49 +0100, Terry Coles wrote:
> On Sunday, 27 March 2022 16:07:30 BST Patrick Wigmore wrote:
> > What is the IP address of the user's device, and how does it get
> > allocated to that device?
> 
> The Webserver is also a DHCP Server and a DNS Server.  The bottom
> 100 addresses are reserved for devices that a permanently
> connected, eg river system etc.  The top 100 or so addresses are
> allocated to a user (eg a Visitor) by the DHCP Server.  As soon as
> the user's device is connected to the WiFi network, nodogsplash
> routes his browser to the Webserver.
> 
> In other words, when a Visitor connects to the site WiFi he gets a
> landing page on his device which allows him to choose the content
> he wishes to view.

And is this borne out in the testing? Does the Visitor's device get 
issued with an address in the expected range under both the working 
and non-working scenarios? Does it also get told about the same DNS 
server and default gateway (if any) in each case?

Does the Visitor's device obtain any unintended Internet access at 
all?

Patrick



-- 
  Next meeting: Online, Jitsi, Tuesday, 2022-05-04 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Query about iptables

[Patrick Wigmore]

On Sun, 27 Mar 2022 10:48:00 +0100, Terry Coles wrote:
> Recently, we discovered a problem with the Webserver; it no longer
> served up Webpages!  I brought the Webserver hardware home and
> connected it to a reference model of the VPN Server and a
> representative site WiFi Antenna with a couple of switches.  I've
> posted a diagram at:
> 
> https://hadrian-way.co.uk/Misc/VPN_Network_Configuration.p
> df
> 
> What I have discovered is that the system works if I disconnect the
> VPN Server from the 5-port switch at the server, but not if I
> disconnect the Webserver from the 5-port Switch.  I think that is
> because when the user uses his device to connect to the WiFi
> Antenna, nodogsplash detects this and that obviously needs a
> connection to the Antenna.

What is the IP address of the user's device, and how does it get 
allocated to that device?

Patrick



-- 
  Next meeting: Online, Jitsi, Tuesday, 2022-05-04 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Cannot Set the Volume Using amixer under bullseye

[Patrick Wigmore]

On Fri, 31 Dec 2021 16:21:34 +, Terry Coles wrote:
> I need the volume to be controllable from my Python program, so I
> set it once at the beginning when the program is launched, eg:
> 
> amixer -c 0 set PCM 100

This looks like it should be a valid command, based on the 
configuration you listed and according to the amixer man page that's 
in the Debian bullseye alsa-utils package.

That form of command works fine with amixer 1.1.8 on my laptop.

Are you saying that the "amixer: Invalid command!" error is produced 
when you run that amixer command directly?

In other words, have you ruled out the possibility that the Python 
program has somehow begun to pass unexpected arguments to amixer?

Patrick



-- 
  Next meeting: Online, Jitsi, Tuesday, 2022-01-04 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Python Problem in MQTT subscriber program

[Patrick Wigmore]

On Fri, 27 Aug 2021 14:02:19 +0100, PeterMerchant wrote:
> Patrick, I am most grateful for your comments. You obviously know a
> lot more about MQTT than I.

I wouldn't say I know a lot about MQTT, and I did not mean to imply 
that I do. I have a fairly basic high-level understanding of it, but 
I've forgotten most of the lower-level details I previously had a 
light grasp of!

I haven't looked at paho-mqtt or Arduino MQTT before, so for my own 
understanding I had to go back over the basics that you are probably 
used to dealing with. I may well have learnt more from trying to find 
the problem in your code than you will have learnt from me!

I didn't want to make any assumptions about what kind of data your 
system was sending and how it was packaging it up and unpackaging it, 
because there is potentially more than one MQTT client library for 
Python, and there is certainly more than one way to encode an MQTT 
payload.

For example, some people might use Google's Protocol Buffers or 
another serialisation scheme to encode program objects into bytes and 
then stuff those into an MQTT payload. Others might define a scheme of 
their own. In your case, it is ASCII text (a perfectly valid option).

Just in case it was unclear to anyone: when I said the payload is 
bytes, rather than a text string, what I meant was that it is not a 
Python text string object, and MQTT does not require it to encode a 
text string. However, in this particular program it does encode an 
ASCII text string, so in that sense it IS very much a text string, and 
Python makes it easy to treat it as one.

Patrick



-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-09-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Python Problem in MQTT subscriber program

[Patrick Wigmore]

Hmm. I don't think I'm able to solve this.

Referring to the full MQTT subscriber/car control program you sent me 
off-list, this is some of the context I was missing:

It is using paho-mqtt, f.k.a. Mosquitto, and message is a MQTTMessage 
object, with message.payload being arbitrary bytes. It looks like this 
payload is indeed the unadulterated MQTT payload, as sent over the 
network.

So, the payload is bytes, rather than a text string, and there isn't 
any intervening code that's not shown and does additional encoding of 
the payload.

on_message is run by paho-mqtt as an on_message callback function when 
an MQTT PUBLISH message is received in a subscribed topic, which I 
believe is what you intend.

The publisher is using the Arduino MQTT Client, which wraps lwmqtt.

This much is probably obvious if you've been immersed in it for a 
while.

So, regardless of the payload contents:

* Given that message.payload is a Python Bytes object, which it should
  be, print(message.payload) should always work. Bytes that don't
  encode printable characters print as hexadecimal within an escape
  sequence.

* Testing whether the payload equals some specific bytes should at
  least not cause a crash, even if the test doesn't evaluate to True/
  False as expected.

* The if/elif/else structure looks fine.

So, unless I'm missing a syntax error or typo somewhere, I don't think 
there's anything wrong with your non-working on_message!

Just to confirm to myself how Python's print handles unprintable 
bytes:
>>> print(b'\x00\x00hello\xff\x68\x65\x6c\x6c\x6f')
b'\x00\x00hello\xffhello'

I'll assume that all the functions that do the GPIO (e.g. motorleft) 
are correct. That could be a wrong assumption, but I'll assume it 
anyway because it seems likely.

Given that you were interpreting the same bytes (b'Pot-left' and 
b'Pot-rt') successfully before, all I can think is that the code at 
the publishing end must have changed too, to get it to send different 
bytes.

Since the subscriber crashes, there must be something about the way 
the publishing code was changed that causes it to send messages that 
paho-mqtt can't handle.

Because paho-mqtt shouldn't care about the contents of the payload, 
this would seem to suggest that there is a mistake in the way the MQTT 
packets are being constructed at the publisher.

I'm having a hard time imagining that you would have intentionally 
significantly altered the code at the publishing end, though, so it is 
probably something quite subtle; perhaps an issue that was already 
there but is only tripped up by something else that changed.

But I feel like I'm probably missing something obvious here. Normally 
when I try to make these kinds of deductions on the list, someone 
comes along and points out a glaring error in my logic, so no doubt I 
am making a similar error right now!

Patrick



-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-09-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Python Problem in MQTT subscriber program

[Patrick Wigmore]

On Thu, 26 Aug 2021 14:10:31 +0100, PeterMerchant wrote:
> Problem sorted, though I don't know why.
> I took out the hyphens in the Pot-Left & Right strings, and made
> them Pleft and Pright. and it does not crash.
> 
> Peter.

I don't know whether you are still interested in getting to the bottom 
of this now that you've got it working.

I've just had a look at your original message with the code excerpts 
and I could not see anything that stood out to me as obviously wrong. 
But I am missing a lot of context.

Here are some questions and suppositions I might put to myself if I 
was trying to get to the root of why this was happening:

When does it crash? i.e. what part of the program is it executing when 
it crashes. I'm guessing it crashes when the subscriber receives a new 
message, rather than as soon as you try to run the program, but does 
it crash for _any_ message, or only messages with particular payloads?

What (if any) traceback do you get when it crashes? That's probably 
useful information.

I don't know what kind of object 'message' is, or what calls these 
functions you've posted. That might be relevant.

It could be that whatever code in the subscriber is creating the 
message object is not handling the hyphens properly, or it is not 
encoding the strings into exactly the format you expected.

Maybe the hyphens are being converted into some other character 
*before* getting sent over the message bus, or perhaps the byte 
encoding is coming directly from the publisher and is not 100% 
compatible with the encoding that the subscriber is expecting.

Are both the publisher and the subscriber written in Python? Does the 
underlying CPU architecture affect the binary format for either one, 
or is that all abstracted away for us?

Maybe more messages than expected are being sent and received. Perhaps 
motorleft(), motorright(), etc, can't handle being called too 
frequently.

No worries if you are not going to dig any further into this.

Patrick



-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-09-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Inadequate Level of Security??

[Patrick Wigmore]

On Wed, 16 Jun 2021 23:25:59 +0100, Tim wrote:
> Hi All, when I went to use my laptop the other morning I was
> presented with this in the reading pane of my Thunderbird, it was
> working the night before

> The web site tried to negotiate an inadequate level of security.
> 
> live.thunderbird.net uses security
> technology that is outdated and vulnerable to attack.

It looks as though, whatever live.thunderbird.net is supposed to do, 
they had to pull it offline for some reason. It is currently serving 
up an Apache HTTP Server Test Page, of the kind you would expect to 
see after first installing the Apache web server. It says:
> The website you just visited is either experiencing problems or is
> undergoing routine maintenance.

Patrick



-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-07-06 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Chromium no Longer Stores Passwords on Kubuntu

[Patrick Wigmore]

I've just tried to reproduce the bug using the Chromium snap package, 
version 91.0.4472.77.

I was able to save a new username/password, close the browser, open 
the browser, then access the username/password.

In other words, I could not reproduce the issue.

My profile directory was

~/snap/chromium/common/chromium/Profile 4

(But usually it would be Default instead of Profile 4.)


Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-07-06 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Chromium no Longer Stores Passwords on Kubuntu

[Patrick Wigmore]

On Fri, 04 Jun 2021 12:22:42 +0100, Terry Coles wrote:
> I was unable to find that directory or the one mentioned by the Mac
> user that  you referred to.

If you go to chrome://version/ in Chromium, then it should tell you
your current Profile Path; the directory where you would find the
Login Data file.

(Source: 
https://chromium.googlesource.com/chromium/src/+/refs/heads/main/docs/user_data_dir.md#Current-Location
 )

Apparently the default Profile location for the snap version is

~/snap/chromium/common/chromium/Default/

(Source: https://superuser.com/a/1325741 )

> Unless someone else has the same problem, I'm left with two choices;
> post a bug on Launchpad or abandon Chromium.

I would call it a bug, even if there does turn out to be a workaround.

This might be the same bug:
https://bugs.chromium.org/p/chromium/issues/detail?id=1177314


Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-07-06 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Chromium no Longer Stores Passwords on Kubuntu

[Patrick Wigmore]

On Fri, 04 Jun 2021 09:38:03 +0100, Terry Coles wrote:
> Anyone else noticed this?  I upgraded to Kubuntu 21.04 a few days
> ago and now Chromium doesn't store passwords.  The offer is made,
> and clcking OK is accepted, but opening 'Settings - Passwords'
> shows that no passwords have been stored.

> Anyone got any ideas?

It looks like Chromium stores passwords in its own configuration 
directory, encrypted using a key that's stored in a supported OS-
specific keyring/wallet, such as KWallet. It does not appear to store 
the passwords directly in KWallet any more.

I'm pretty sure Chromium used to store passwords directly in KWallet. 
I don't know when that changed, but it could easily have been years 
ago for all I know. I guess they decided not to delete the passwords 
that were already stored there.

I don't really use Chromium, but I just tested saving a password and, 
sure enough, it did not appear in KWalletManager, but it did appear in 
Chromium's Settings and persists after restarting the browser. This is 
in Chromium 90.0.4430.72.

In my case, I found the plain-text URL and username for the saved 
login stored in:

~/.config/chromium/Profile 4/Login Data

Which is a SQLite database.* I'm not sure why I'm on "Profile 4". (I 
think the default is "Default".)

On recent Ubuntus, I think Chromium is a 'Snap', so that might mean 
the profile is stored somewhere else on those.

The password field in the Login Data database contains encrypted data, 
which presumably gets decrypted using the key Chromium has stored in 
my KWallet under "Chromium Keys", though I haven't bothered to test 
this.

I'm not sure if any of that is at all useful to know, or whether it 
helps with trying to unpick what the problem might be. But it does 
mean that your Chromium profile in ~/.config/chromium goes hand-in-
hand with a key from your KWallet, and vice-versa.

It looks like someone had almost the same problem as you, but in 
Chrome on Mac OS rather than Chromium on Linux, and solved it by 
removing the Login Data file from their Chrome profile:
http://plasmasturm.org/log/chromepwstore/


* You can read SQLite database files using the GUI program 
sqlitebrowser. (Which is a tool that always makes me feel a little bit 
nervous, because if you accidentally edit the data, the changes will 
immediately be written straight to disk with no opportunity to "undo" 
and no way to "close without saving"!)



Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-07-06 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Monitor Pings on WiFi Interface

[Patrick Wigmore]

On Fri, 28 May 2021 12:17:38 +0100, Terry Coles wrote:
> I'm coming to believe that I can only capture packets between two
> devices on a  network if I am actually running the tool from a
> device on that network rather than from a remote device over
> VPN.  None of the Pis on the WMT network are running X.
> 
> I could of course run wireshark from the command line on one of the
> devices on  the WMT network, so I'm wondering if Smokeping somehow
> gets round the problem and allows me to monitor data from my PC.

The thing to bear in mind is that networks tend to avoid sending 
packets where they are not needed. Switches do that based on MAC 
addresses and routers do it based on IP addresses. (Things like VPN 
servers, VPN clients, and some WiFi access points can also be regarded 
as routers if you look at them through this lens.)

In principle you could reconfigure the network to send all the packets 
via your home computer, and capture them that way, but you don't want 
to do that.

Is there any reason why you can't just log the output of your ping 
script into a file? That should give you all the information you're 
looking for.

Alternatively, capturing packets on the Pi should work.

tcpdump seems to be the usual command for capturing packets without a 
GUI. (If I remember correctly, the name is misleading and it isn't 
limited to just TCP.)

Wireshark can open tcpdump capture files if you prefer to review them 
using a GUI.

Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-06-01 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Failure of wireless connections again.

[Patrick Wigmore]

On Thu, 11 Mar 2021 17:48:20 +, CA Wills wrote:
> To my mind that means that the router must have had an 
> upgrade remotely.

To my mind it seems more likely that router's Wi-Fi hardware, firmware 
or software has always contained the possibility of getting stuck in a 
partially non-working state sometimes, and rebooting can get it out of 
that state.

We had an old Belkin router that did that sometimes, and it usually 
only affected a subset of the connected devices. After rebooting, it 
could go for weeks or months before it happened again. That thing 
never got any updates, which was probably half the problem.

Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-04-06 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] On Second Entry to MP3 Player Function Program Stops Responding to External Commands

[Patrick Wigmore]

On Mon, 15 Feb 2021 17:13:12 +, Terry Coles wrote:
>  When the button is pressed, the Webserver generates a message 
> which it sends to the Music program.  There is a cron job, triggerd
> by  apscheduler which parses the message and in this case calls the
> next_playlist() function.

Ah, I think that changes things. Triggering a cron job is going to 
have an effect similar to starting a new thread. (Indeed, that might 
be precisely why you are using a cron job.) In which case, my 
hypothesis could well be completely wrong.

I have a feeling you did explain this arrangement before, so I 
probably should have remembered.

-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-03-02 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] On Second Entry to MP3 Player Function Program Stops Responding to External Commands

[Patrick Wigmore]

On Mon, 15 Feb 2021 15:02:23 +, Terry Coles wrote:
> I just realised that things aren't quite as I thought.  If I start
> the program with the Plylist Number set to zero, the Music Player
> doesn't start, as is expected.  If I then call next_playlist():
> 
> def next_playlist():
> global playlists, playlist_index
> 
> playlist_index += 1  # Select
> the next Playlist Number
> if playlist_index > len(playlists):
> playlist_index = 1
> 
> Status[9] = str(playlist_index)
> 
> mp3_player_start()
> 
>  then the software behaves as if the player has already been run and
> freezes.

Sorry, I didn't see this before replying. My response did not take any 
of this into account.

I'm left wondering:
"Where are you calling next_playlist()?"
"What do you mean by 'freezes'?"

If you are calling next_playlist from an interrupt handler and if, by 
'freezes', you mean 'seems to stop handling interrupts', then this 
could just be another manifestation of the same issue.

Otherwise, I'm less sure.


Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-03-02 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] On Second Entry to MP3 Player Function Program Stops Responding to External Commands

[Patrick Wigmore]

On Mon, 15 Feb 2021 12:53:24 +, Terry Coles wrote:
> To me it seems that the software suddenly starts ignoring interrupts

This makes me think the code that handled the previous interrupt might 
still be running. Having the previous interrupt handler still running 
is likely to block further interrupts from being handled.

Taking a look at the code:

mp3_player_start() contains a while loop, and it looks like that is 
not supposed to terminate until playlist_index == 0.

If your interrupt handler calls restartmp3(), and restartmp3() calls 
mp3_player_start(), then the interrupt handler will not terminate 
until playlist_index == 0 and both functions return. So, I think that 
might be the problem.

I don't think you've posted enough code to know for sure, but if this 
is what's going on, then I think I would try having the interrupt 
handler run mp3_player_start() in a new thread. That way, the 
interrupt handler should terminate as soon as it has set the thread 
going, leaving mp3_player_start() to carry on on its own.

e.g.

threading.Thread(target=mp3_player_start).start()


Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-03-02 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Wireless dropping out

[Patrick Wigmore]

On Fri, 12 Feb 2021 15:39:13 +, Ralph Corderoy wrote:
> So I suspect either the laptop or router have changed something
> related to password access around the time it stopped
> working.  Given your Android tablet doesn't have problems, this
> suggests the laptop's configuration.

I am inclined to agree that this seems to be a problem with the laptop 
itself.

One test you could do is try running a live Linux distribution on the 
laptop and see if the WiFi works in that.

If you can get the WiFi to work properly in any live distro, then you 
know there's most likely a problem with the software on the laptop, 
and not a problem with the router or a problem with the laptop's 
hardware.

If you cannot get the WiFi to work in a live distro, then the result 
is less conclusive, because it could just be a problem with the live 
distro. Certainly if the problem is worse in the live distro than it 
is normally, then I would not be jumping to conclusions about the 
laptop.

Now a couple of associations I made in my mind about this:

1. You would get these symptoms if your laptop's WiFi adapter was 
being blocked by a MAC address filter on the router. (That is, either 
the WiFi adapter's MAC address is on a list of ones to block, or it is 
not on a list of ones to allow.)

2. Sometimes, wires that pass through the hinges of laptops can become 
damaged by the hinge motion over time. WiFi coax cables usually go 
through the hinges, and if one of those got damaged, it might cause 
the symptoms of being able to see networks but not connect to any 
them. It probably wouldn't cause problems with just one specific 
network, although it might cause problems with a specific WiFi 
channel.

I'm not saying these are likely causes. In fact, neither of them seems 
very likely. But they came into my mind, and maybe they remind someone 
of something else.



Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-03-02 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Problem using Chromium to log in to Web Page Secured with flask-httpauth

[Patrick Wigmore]

On Tue, 26 Jan 2021 14:42:22 +, Terry Coles wrote:
> Oh.  OK.  I understand that is the code the Flask method and not the
> code for  the Flask Development Server, but surely it's the server
> that sets the cookie?

The term 'server' can become a bit muddled here. If you look at it 
from a browser or HTTP protocol point of view, then the web server and 
any frameworks that run in it or alongside it, and any code you write 
that runs in the framework, are taken together to comprise a server.

That is how I meant the word "server" in my previous response to this 
thread, when I said as much as it was the server's prerogative to 
decide whether a session cookie corresponded to a valid session.

If I look at it that way, then I can say "yes, the server sets the 
cookie".

But that doesn't answer your question, because I think you are looking 
at it from a more server-internal point of view, where Flask, and the 
Flask code you write, is treated as being a separate thing and not as 
part of the 'server'. I would say that this is a valid way to use the 
word 'server'.

Looking at it that way, then I would say that, yes, the server sets 
the cookie, but that is only half the story, because Flask and your 
code can be the reason why the server ends up setting a cookie. If you 
were having Flask manage sessions for you, then it would be Flask 
telling the server to set a cookie.

But Ralph is right; the code for flask-httpauth doesn't appear to use 
sessions or cookies in its implementation of HTTPBasicAuth. So, the 
fact that clearing browsing data seemed to clear the active log-in has 
probably been a bit of a red herring, and I have been guilty of being 
insufficiently curious.

I am now given to assume that Chromium is caching the authentication 
credentials in a manner that survives browser restarts, or perhaps 
Chromium is not really being fully shut down when you close the 
browser, and that is why the authentication persists.

Maybe when you cleared the browsing data, it was not the clearing of 
the cookies but the clearing the cache(s) that de-authenticated you.

Sorry for any confusion I may have injected.

Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-02-02 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Problem using Chromium to log in to Web Page Secured with flask-httpauth

[Patrick Wigmore]

On Mon, 25 Jan 2021 13:41:57 +, Terry Coles wrote:
> Since we can't force anyone to clear their cookies, I guess this
> comes back to  my original query; how unsafe is this?  I can see
> Hamish's point, the session cookie is only going to be stored on
> the user's device, so if he keeps it safe, things should be OK.

To large extent, it is the user's prerogative whether they keep the 
session cookie indefinitely.

However, it is the web server's prerogative whether it will continue 
to accept the same session cookie indefinitely. A session cookie will 
only let you in for as long as the server thinks it corresponds to a 
valid session.

This means you can have a server-side time-out on the session, after 
which the user's session cookie is worthless and they have to get a 
new one by logging in anew.

You can also have a log-out option on the web page, which will 
instruct the server to terminate the session.

This is applicable to the Web in general. I am afraid I don't know how 
you would implement a time-out or log-out feature in Flask 
specifically.

It is possible there might already be a session time-out enabled by 
default in your server, but it could be many days long.

So the question is whether long-lasting sessions are a risk or not, 
and that depends on the application. In this case, I'd guess the 
chances and consequences of someone using the session cookie to gain 
unauthorised access will be relatively limited.

Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-02-02 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Recommendations for webcam?

[Patrick Wigmore]

On Tue, 19 Jan 2021 18:06:34 +, Hamish McIntyre-Bhatty wrote:
> It seemed to work okay for Jitsi though, so that's good

Yes it seemed fine to me. Jitsi was limiting the resolution to 360p, 
but the image was nice and clear.

-- 
  Next meeting: Online, Jitsi, Tuesday, 2021-02-02 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Paths relative to a current working directory whose path contains symbolic links

[Patrick Wigmore]

Thank you so much for that informative response, Ralph.

So much interesting history!

On Mon, 09 Nov 2020 15:00:55 +, Ralph Corderoy wrote:
> The program can't know which.  It shouldn't try and
> guess but instead just pass the argument to open(2), etc.

That was pretty much my conclusion. It was interesting to look for a 
way to do it, but I didn't really like the idea of writing a long-
winded workaround that bypassed well-trodden standard functions.

If programs can't resolve relative paths in the same way that the 
shell does, then I might have expected the shell to turn the relative 
paths into absolute ones before passing them as arguments to programs.

But that opens up a can of worms too. The shell (probably) can't know 
whether I intend a string that looks like a relative path to be 
treated as a reference to a file, or as a literal string that just 
happens to look like a path, or as a path relative to something else 
that the program is going to know about!

> If that bites the user, e.g. by trampling the wrong file, then the 
> user will have learnt symlinks are a bad idea and alternatives
> should be sought where possible.  :-)

I have symbolic links to give the effect of selectively placing some 
of the subdirectories of my home directory on an HDD. The rest of the 
home directory is on an SSD. It has worked "well enough" for quite a 
while now, but I suppose bind mounts might be a better idea.


Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-12-01 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Paths relative to a current working directory whose path contains symbolic links

[Patrick Wigmore]

On Mon, 09 Nov 2020 13:46:25 +, Keith Edmunds wrote:
> One way (which may or may not be convenient) is to run this from the
> shell:
> 
> $ cd $(realpath .)

Thanks Keith. A useful tip.

In my case, it was necessary to add some quotes, since the path 
returned by realpath contained some spaces:

$ cd "$(realpath .)"

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-12-01 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

[Dorset] Paths relative to a current working directory whose path contains symbolic links

[Patrick Wigmore]

Hi all,

I was writing a script that took file paths as arguments, and stumbled 
upon a phenomenon that I wasn't previously aware of, but which I'm 
guessing is probably quite well known.

There is a difference between the way the current working directory is 
understood by the bash shell and the way it is understood by Python.

Suppose, when I run the script, my shell says I am in:

/some/path/to/a/directory

Further suppose that, in that path, 'a' is a symbolic link:

/some/path/to/a -> /some/other/path/to/a

If I give my Python script the following relative path as an argument 
on the command line:

../../../that/points/to/a/file

I would expect it to point to

/some/path/that/points/to/a/file

And, indeed, my shell would make the same assumption and I could use 
tab-completion to fill in the path based on that assumption.


But if my Python script runs that relative path through 
os.path.abspath(), the result is actually:

/some/other/path/that/points/to/a/file

Which may or may not exist, but is certainly not the path I intended!

This is because Python's understanding of the current working 
directory has all symbolic links followed, so as far as Python is 
concerned, I am not, and can never be, in:

/some/path/to/a/directory

Because it contains a symbolic link. Instead, I must be in:

/some/other/path/to/a/directory

As far as I can tell, this is by design and not entirely unique to 
Python. (e.g. the program 'optipng' seems to have the same issue).

In Python, it seems as though the way to eliminate the discrepancy 
while maintaining cross-platform compatibility is to add a check to 
see whether the program is running under a shell that sets $PWD (see 
bash(1)), or on a system that has pwd(1), and, if it is, then resolve 
any relative paths relative to $PWD or the output of pwd, rather than 
relative to os.getcwd().

Or, if adding all that platform-specific complexity would double the 
length of your simple script, document it as a limitation and tell 
your users they're holding the script wrong when they run into it.

Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-12-01 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] KDE - How to Disable Plasma Widgets

[Patrick Wigmore]

> Unfortunately, these just confirm what I already knew; you can get
> rid of Notes if you disable the middle mouse click behaviour (which
> I use all the time) or uninstall the plasma-widgets-addons Package
> which gets rid of a lot of stuff that I do use.


> I *want* the paste; I probably use that more often than right-click.

For me, removing the middle-click action from the Desktop Settings 
only seems to affect this exact feature; the pasting of new notes, 
where the note didn't exist until the paste occurred.

I can still middle-click to paste anywhere else (including into text 
fields in widgets that are on the desktop). It just stops it from 
pasting anything if I middle click on a region of empty desktop.

What kind of pasting are you unable to do when you change the 
settings? (Maybe you are pasting into files on the desktop?)

Admittedly I am using an older version of the software than you are, 
but I would be surprised (but perhaps not *too* surprised) if they had 
so significantly changed the meaning of the settings.

> Unfortunately, the widgets lock functionality seems to have been
> removed in 5.18.5.

Oh dear. I'll have to brace myself for that change.

I found a discussion which seems to confirm that there is no longer a 
"lock widgets" in 5.18. It mentions the accidental pasting of notes as 
one of the disadvantages:

https://www.reddit.com/r/kde/comments/ez4s32/how_to_lock_widgets_in_plasma_518_beta/

I'm surprised nobody foresaw the downsides to removing this 
functionality, but I suppose it might result in fewer bugs in the 
long-run, if nobody can work around them by locking widgets.

It looks like the ability to lock widgets is still present, but it is 
no longer exposed in the GUI. The thread contains information about 
other ways to trigger it.

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-11-03 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] KDE - How to Disable Plasma Widgets

[Patrick Wigmore]

On Fri, 23 Oct 2020 12:36:19 +0100, Ralph Corderoy wrote:
> Hi Patrick,
> 
> > I think the key word for finding this information was "paste".
> 
> I used ‘disable plasma notes’.

My full search query was 'plasma paste notes'.

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-11-03 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] KDE - How to Disable Plasma Widgets

[Patrick Wigmore]

Good afternoon Terry,

Ralph Corderoy wrote:
> > (Notes) that randomly drops Post-its on my desktop:
> I've obviously no idea what any of that is, but Google came up with
> links like these which look helpful.
> 
>
> https://superuser.com/questions/1116231/completely-disable-desktop-> 
> notes-kde-plasma-5
> https://www.reddit.com/r/kde/comments/cpmhns/how_to_uninstall_kde_n
> otes/ https://forum.kde.org/viewtopic.php?f=67=123508

Here's another link, which agrees with parts of those:
https://userbase.kde.org/Plasma/Tips#disable-middle-click-paste-notes-widget

I think the key word for finding this information was "paste".

I constantly use middle click to paste things, but it never would have 
occurred to me that pasting text onto the desktop might have this 
effect.

It turns out that this note-pasting "feature" is present in (four-
year-old) plasmashell 5.5.5, but only when I have my widgets unlocked. 
If the widgets are locked, then it doesn't create the new notes 
widget. I suppose that makes some sense, because you can't normally 
add or remove a widget when the widgets are locked, so it would be odd 
to make an exception for post-it notes.

I never encountered the note-pasting feature before, because I leave 
the widgets locked after I have got them set up the way I like.

Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-11-03 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Loss of OS during upgrade

[Patrick Wigmore]

On Sun, 27 Sep 2020 14:35:39 +0100, Ralph Corderoy wrote:
> > Otherwise, you can verify the physical disc in the same way you
> > would verify the ISO file.
> 
> True, though I think I recall, back when CD and DVD burning was
> common, you had to be careful the block device didn't return a few
> more bytes than were in the ISO, e.g. the ISO was an odd number of
> KiB and the block device added 1 KiB of zero bytes when reading it
> back to make a whole 2 KiB block.  Perhaps that wasn't with an ISO
> but something else. Anyway, the point remains: if the digests
> differ then the number of bytes consumed is of interest.

A rather good point. I must have got lucky with the number of bytes, 
unless the behaviour of the block device has changed. Whoops!

> When both are to hand then cmp(1) has the advantage of stopping as
> soon as they deviate, rather than reading both to the end, and
> indicating how far in that is for further investigation.

I went for sha256sum because that's what you would have to use to 
compare against Mint 20's published checksums, but you are quite right 
that there is no point in calculating a digest if you are comparing 
the physical disc against a known-good ISO file. (And, for the 
example, I did have an ISO file.)

I would normally have reached for diff(1) for a direct comparision 
between two files, out of familiarity. (When all you have is a hammer, 
etc.) But cmp(1) (new to me) is clearly a better tool for this job.

cmp also solves the extra-bytes problem, because it will tell you "EOF 
on whatever.iso" if the physical disc is identical to the ISO except 
for having padding at the end. (Not to be confused with
"EOF on /dev/cdrom", which would mean the physical disc was 
incomplete.)

Thanks for cluing me in to b2sum. (I don't have it here, but it will 
probably come with my next OS upgrade.)

Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-10-06 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Loss of OS during upgrade

[Patrick Wigmore]

On Sun, 27 Sep 2020 11:12:38 +0100, Ralph Corderoy wrote:
> Didn't common distros
>   add some option soon after the media boots to check the rest of
> the media, e.g. read the DVD all the way through to the end of the
> image?

I believe that is true.

Otherwise, you can verify the physical disc in the same way you
would verify the ISO file.

For example, using the first disc on my pile of old discs:

$ sha256sum -b Fedora-11-x86_64-Live-KDE.iso 
4fdf952afb0d27887639140f6921ff58ba74f8d633b14414b095eb54b55df405 
*Fedora-11-x86_64-Live-KDE.iso

$ sha256sum -b /dev/cdrom
4fdf952afb0d27887639140f6921ff58ba74f8d633b14414b095eb54b55df405 */dev/cdrom


I have tended to burn optical media using K3B, which has a "Verify
written data" option that does much the same thing immediately
after writing the disc.

Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-10-06 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] How to Cancel Existing systemd.timer(5) OnCalendar Values.

[Patrick Wigmore]

Is it intentional that OnCalender= has a different spelling of 
Calend[a,e]r than OnCalendar=20:12?

Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-10-06 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Making iptables Entries Persistent

[Patrick Wigmore]

On Sat, 18 Jul 2020 18:17:38 +0100, Terry Coles wrote:
> Hi,
> 
> It has been suggested that I add an iptables rule into some devices
> and make it persistent by adding the rule to /etc/rc.local.
> 
> I naively thought that iptables rules were persistent, but a quick
> google throws up the idea of using iptables-save/iptables-restore
> but also iptables- persistent.
> 
> Is there a right way?

I wanted to know the answer to this a while ago, and I concluded that 
it doesn't matter enormously. As far as I could tell, it's a bring-
your-own-persistence party and there is no one best way of doing it.

It seems as though iptables-based firewall utilities are as numerous 
as text editors and desktop environments.

Fundamentally, you've just got to make sure that, at some sensible 
moment during start-up, some commands; none in particular; will get 
run that will create the rule for you. iptables-restore is one way to 
do that, which might be helpful, so is iptables-persistent. Or, you 
could just as well run the commands that you originally used to create 
the rule.

My solution was to write an init script that created my iptables 
rules, with the rules I wanted hard-coded into the script in a manner 
that was easily-editable. I thought that was a relatively neat way of 
doing it, but it's certainly not the only way. I might not have done 
it that way if I only wanted to load one simple rule.

(For systemd, I suppose you would write a systemd unit instead.)

If you were going to invest a lot of time in writing rules or scripts, 
nftables might be more futureproof than iptables. But for quick, 
simple rules, I wouldn't worry about that too much.

Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-08-04 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Matrix: Open Network for Decentralised Communication.

[Patrick Wigmore]

On Sun, 21 Jun 2020 14:29:13 +0100, Ralph Corderoy wrote:
> Has anyone here on the list had experience of https://matrix.org ?
> After a quick skim, it looks interesting. 

I've only heard of it because it's the underlying protocol/network for 
Librem One Chat
https://librem.one/

which serves as an important accompaniment to the Librem 5 phone
https://puri.sm/products/librem-5/

So, it has some backing there. They use Mastodon for "Social"
https://joinmastodon.org/

so from that I take it that Matrix serves a sufficiently different use 
case than Mastodon to justify running two separate applications.

I haven't tried Matrix myself, but the Purism community forum is 
probably not an unreasonable place to look for people discussing it. 
E.g.:
https://forums.puri.sm/search?q=matrix

Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-07-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Internet Access Using Tethering

[Patrick Wigmore]

On Sat, 20 Jun 2020 17:22:02 +0100, Terry Coles wrote:
> On Saturday, 20 June 2020 15:21:40 BST Terry Coles wrote:
> > What's the minimum needed to get something up on the Internet that
> > would respond to a query of some kind?  I've looked at various
> > Tutorials and they all seem to be a fair bit of work.  I have
> > another Pi which could be used in place of the one running the
> > two servers, so is there something quick and dirty just to do
> > this test?
> 
> I just tried traceroute to see if the Home Router could be reached. 
> It does look as if using my phone's hotspot could be the problem
> because although traceroute 8.8.8.8 completed in 14 hops after ~68
> ms, traceroute  never completed after 64 hops. 
> There was a lot of stuff happening between hops 11 and 17 with
> multiple IP Addresses being listed, but no sign of my Router's
> address.
> 
> Have I interpreted this correctly?  It would appear to me that the
> packets never arrive for some reason.

That's a good idea. (Running traceroute.)

I would interpret that result to mean that the network knows a route 
to the Home Router, but beyond a certain point along the route, no 
response packets are returned, for whatever reason. Probably the Home 
Router is ignoring the packets, but the same result would occur if a 
router along the way was blocking either the requests or the 
responses.

Or, it could mean that there are more than 64 hops between the laptop 
connected to the hotspot and your Home Router, but that seems pretty 
unlikely.

I just tried pinging my own home router over a mobile network.

  $ traceroute 

doesn't complete after 64 hops, but

  $ traceroute -I 

completes after 18 hops. The -I option is to 'Use ICMP ECHO as probe.'

In both cases, the same set of IP addresses is listed for the earlier 
hops (i.e. the same route is used).

When I configure the router to not respond to pings, the traceroute 
never completes, regardless of whether -I is used.

Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-07-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Internet Access Using Tethering

[Patrick Wigmore]

On Sat, 20 Jun 2020 15:21:40 +0100, Terry Coles wrote:
> > Personally my next step would be to temporarily stick some
> > relatively easy-to-configure server of some kind online via the
> > home router. E.g. a web server serving a unique web page, and
> > then try to connect to that via the phone hotspot. That would at
> > least prove whether you can connect to the home router from the
> > Hotspot, which seems to be your aim with pinging it.
> 
> I could try that, although I could end up doing a lot of work only
> to learn that there's nothing wrong.  I already have the Pi running
> the VPN Server and nginx, but the webserver is only accessible from
> the internal (private) network.
> 
> What's the minimum needed to get something up on the Internet that
> would respond to a query of some kind?  I've looked at various
> Tutorials and they all seem to be a fair bit of work.  I have
> another Pi which could be used in place of the one running the two
> servers, so is there something quick and dirty just to do this
> test?

You could use Python 3's http.server module, which you probably 
already have installed.

Running

$ python -m http.server 8000

will serve the contents of the current directory. It runs in the 
foreground until you exit from it.

It's documented here:
https://docs.python.org/3/library/http.server.html#http-server-cli

So, e.g.

$ mkdir httptest
$ cd httptest
$ echo "Some somewhat unique text" > file.txt
$ python -m http.server 8000

Obviously you can use a different port if it's more convenient.

If `python` points to Python 2 rather than Python 3, then you may need 
to do

$ python3 -m http.server 8000

instead. Alternatively, the python 2 equivalent is

$ python -m SimpleHTTPServer 8000

Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-07-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Internet Access Using Tethering

[Patrick Wigmore]

On Sat, 20 Jun 2020 10:53:14 +0100, Terry Coles wrote:
> I'm trying to test my Raspberry Pi VPN Server which is currently
> installed in my workroom.  It has Internet access on one side via
> my Home Router and access to my Pi network on the other.  I have
> successfully tested this setup from inside my home network using
> the IP Address of the server in the Cert settings, so I know the
> system basically works.

Could you elaborate on what you mean by the Cert settings? Is that 
something to do with the VPN software? Which VPN software did you end 
up choosing anyway?! I don't remember you saying. :)

> However, I can't ping my Home Router's WAN address.  if I disable
> the hotspot, I can ping it successfully from my Android phone.

I've heard of mobile networks faking ping responses for whatever 
reason. Maybe in hotspot mode it disables that "feature", or enables 
one that blocks all pings. Either way, I wouldn't trust the mobile 
network not to be tricking you with regard to pings.

Personally my next step would be to temporarily stick some relatively 
easy-to-configure server of some kind online via the home router. E.g. 
a web server serving a unique web page, and then try to connect to 
that via the phone hotspot. That would at least prove whether you can 
connect to the home router from the Hotspot, which seems to be your 
aim with pinging it.

Patrick

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-07-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Filesystem in a LUKS volume unmounts randomly on Raspberry Pi

[Patrick Wigmore]

On Fri, 19 Jun 2020 09:25:28 +0100, Hamish McIntyre-Bhatty wrote:
> - /dev/sda3 is a 200GB LUKS container (/dev/dm-0) with an EXT4
> partition inside, which I use for syncing files between my laptop
> and desktop with Nextcloud.
> 
> This is generally very quick and reliable, but the EXT4 filesystem
> inside the LUKS container randomly (can be an hour, can be 3 weeks)
> unmounts, and there don't seem to be any errors in /var/log/messages
> pertaining to this. The other filesystems always stay mounted
> though.

> Any ideas?

I wonder if it makes a difference what tools you use to unlock and 
mount the LUKS container and partition. E.g. cryptsetup, mount, 
udisksctl, some GUI tool (which might depend on udisks2), or something 
else.

The most similar thing I've recently encountered was having a USB 
flash drive get unmounted and re-enumerated (from /dev/sda to
/dev/sdb) during an out-of-memory event (while running ffmpeg on a BT 
Home Hub).

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-07-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Selling GPL software with different price points.

[Patrick Wigmore]

On Wed, 10 Jun 2020 15:56:41 +0100, Ralph Corderoy wrote:
> Hamish could distinguish the sold editions with ‘Personal Edition’
> and ‘Business Edition’ though, e.g. title bars, or About dialogue
> windows? This wouldn't be a restriction, just an indication of
> which binary was bought?

That seems like a fairly reasonable interpretation. I was mostly 
perturbed by the exact wording "Personal Use".

"Personal Edition" and "Business Edition" seem OK to me, along with 
things like "Golf Edition", "Canine Edition" and "Astrophysics 
Edition". (I have no idea what kind of software this is.)

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-07-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Selling GPL software with different price points.

[Patrick Wigmore]

On Mon, 08 Jun 2020 15:43:32 +0100, Hamish McIntyre-Bhatty wrote:
> I don't think I have a way of enforcing that people buy the correct
> version for business, but I could always just have a "Personal Use"
> notice in the title bar or something.

I don't think you can place a restriction like "personal use only" on 
how the GPL-licensed software is used. GPL is GPL.

You could in principle distribute a different version of the software 
depending on which fee is paid, but I think it would be invalid to 
distribute a version with a notice saying "Personal Use", because that 
implies a restriction that's not in the license. At best it's 
misleading.

If you want to apply limitations, then I think you might have to 
distribute the business version of the software, or some components of 
it that don't appear in the "personal" version, under a different 
license. Doing so may or may not be allowed, depending on any 
restrictions you may have agreed with third parties. (e.g. code 
contributors, library authors, others?)

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-07-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Hibernate in (K)Ubuntu

[Patrick Wigmore]

On Wed, 06 May 2020 13:09:58 +0100, Terry Coles wrote:
> I haven't encrypted my laptop because it rarely leaves the house (my
> wife uses  it mostly).

> I have never felt it necessary to encrypt my desktop.

I thought as much, but it was such a low hanging fruit of an answer 
that I thought it was worth picking it.

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-05-05 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Hibernate in (K)Ubuntu

[Patrick Wigmore]

It's probably worth mentioning that hibernate is (usually) 
incompatible with encrypted swap, which you would normally have if you 
are using any kind of disk encryption.

When (K)Ubuntu first started offering encrypted home directories as a 
standard feature, I did not immediately make the connection that 
enabling that feature was the reason why I'd lost the ability to 
hibernate my laptop. If you think about it, it makes perfect sense, 
but I didn't think about it!

I did find this, however:
https://help.ubuntu.com/community/EnableHibernateWithEncryptedSwap

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-05-05 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Jitsi Security

[Patrick Wigmore]

On Fri, 10 Apr 2020 11:44:03 +0100, Terry Coles wrote:
> > What appends the ‘[1]’ at the end of the URL?  The terminal here
> > thinks it's part of it, as shown by the underline drawn on hover,
> > and passes it to The Grauniad.
> 
> That's KMail

That always catches me out!

(The trick is to remember to use the URL in the footer, rather than 
the one inline.)

I'm using KMail too, but I didn't realise it had this feature.

It looks like it does it if you edit the mail in rich text mode and 
then convert it to plain text with markup.

Normally I just edit in plain text mode directly, so I never encounter 
it.

For a hyperlink of the text 'example' to the url 'https://
example.com/', the result is example[1].

However, if you insert the URL as both the 'Link text' and the 'Link 
URL', you will instead get https://example.com/[1], which causes the 
problem.

(I notice it will only refer the first instance of a given URL to the 
footnote, annotating subsequent instances with _underline_ markup 
instead, so this email of mine, containing two references to the same 
footnote, could only have been written some edits in plain text mode.)


[1] https://example.com/


-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-05-05 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] BOINC Statistics

[Patrick Wigmore]

I just read this document about Science United:
https://scienceunited.org/doc/implementation.pdf

Comparing BOINC's credit system to Science United's, it provides some 
insight into another reason why credit for BOINC tasks may not appear 
instantly:
> BOINC has a sophisticated credit system for estimating the FLOPs
> performed by a completed job.  It is fairly “cheat-proof”: it is
> difficult to get credit for computation not actually performed. 
> However, this is based in part on job replication, meaning that
> credit for a job may not be granted until the companion job is
> completed, which could take weeks.


Meanwhile, it looks the Rosetta@home job queue has run completely dry 
and my machine has run out of jobs to process, though over a million 
jobs are still being processed by other clients.

-- 
  Next meeting: BEC, Bournemouth, Tuesday, post-lurgi 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Next Meeting - COVID-19 Situation

[Patrick Wigmore]

On Mon, 30 Mar 2020 14:11:44 +0100, Ralph Corderoy wrote:
> The open-source issue is why I mentioned Jitsi.

I like the sound of Jitsi for that reason.

On Mon, 30 Mar 2020 14:48:37 +0100, t...@ls83.eclipse.co.uk wrote:
> I would guess that quite a few of us have a tablet or smartphone
> with Skype installed too

I used to do that and the Skype account is probably still active, but 
I'd have to set the tablet back up again. It's stuck on an outdated 
version of iOS now, so it might not be compatible with the latest 
Skype app.

On the other hand, I do not enjoy video conferences/calls in general. 
I think it must be something to do with not being able to tell who 
else might be listening in or watching, just out of frame, and the 
general bombardment of visual information and inability to tell who's 
paying attention to who.

I'm reminded of time spent playing around with VLC Media Player back 
when I first had broadband internet access. A friend and I used to 
stream webcam video two ways for the novelty of it. You could surpass 
the video quality of MSN Messenger, which was my main point of 
reference. I don't think we talked about very much over the stream; it 
was really just for the novelty of being able to do it!

Of course, without a central host to handle duplication and 
distribution, that doesn't scale well to many-to-many conferences; 
people would quickly run out of upload bandwidth if they had to serve 
a unicast stream to every other participant directly. Plus there's no 
authentication or encryption, but maybe that makes it more pub-like. 
:)

-- 
  Next meeting: BEC, Bournemouth, Tuesday, post-lurgi 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Donating computing power

[Patrick Wigmore]

On Mon, 30 Mar 2020 09:51:20 +0100, Tim Waugh wrote:
> Nice article here, folding@home the main focus, which mentions
> back-offs when requesting new work

Back-offs were what I was seeing on my machine with the Core 2 Duo 
T7250. It was assigned work to do, but in 24 hours it was never able 
to download any of it, so I gave up because it was hogging space in 
the dining room doing nothing, and it has always had the most annoying 
fan whine under practically all load conditions. (An embarrassing 
laptop to bring into a library quiet study room.)

I thought I'd told it to abort the current tasks before shutting it 
down, but I've since found they sitll show as "In progress" on my 
Rosetta account. Unfortunately there doesn't seem to be any way to 
release them so they can be assigned to some other machine, except by 
aborting them from the instance of BOINC that was processing them. I 
can't do that because I already re-formatted the USB stick that had 
the root filesystem on it, thinking I was done with it. I guess the 
tasks will get reassigned once they exceed their deadline. I hope none 
of them contains the key to curing COVID-19!

-- 
  Next meeting: BEC, Bournemouth, Tuesday, post-lurgi 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] BOINC Statistics

[Patrick Wigmore]

On Sun, 29 Mar 2020 11:53:27 +0100, Patrick Wigmore wrote:
> it seems it requests the latest statistics *before* telling the
> server about the work it has just completed
Or, possibly, it requests the statistics after telling the server 
about the work done, but the server hasn't updated the statistics at 
that point. I'm speculating and haven't actually analysed the traffic 
between the client and server!

-- 
  Next meeting: BEC, Bournemouth, Tuesday, post-lurgi 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] BOINC Statistics

[Patrick Wigmore]

Hi Terry

On Sun, 29 Mar 2020 10:26:46 +0100, Terry Coles wrote:
> For several days the 'Work done for this project' read 0 because the
> first  Task was yet to complete.  Yesterday morning I was informed
> that the work done was 1, as expected, but I definitely didn't
> expect to log in this morning and be told that the work done was
> now 762!

As best I can tell by looking at my own figures, the "Work done for 
this project" figure shown in your screenshot corresponds to the total 
amount of credit awarded to your user account. The terms "work done" 
and "credit" seem to be interchangeable. There are two sources of 
delay in this figure:

1. Credit is only awarded after an individual work unit/task has been
   completed, not during the processing.

2. The actual statistics display is infrequently updated. The client
   is not in constant contact with the server. It seems the statistics
   are only updated when the client completes work and requests more
   work to download, but it seems it requests the latest statistics
   *before* telling the server about the work it has just completed,
   so that that work doesn't get reflected in the statistics until the
   *next* update, many hours later!

Under "Project Commands", there is an "Update" command, which, among 
other things, brings in the latest statistics if you really must have 
them, but I get the impression it might be best not to bother the 
server too much by pressing it a lot.

You can also see the most up-to-date figures (but not a graph) on your 
online account in a Web browser.

Patrick

-- 
  Next meeting: BEC, Bournemouth, Tuesday, post-lurgi 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Using ZOOM on Linus

[Patrick Wigmore]

On Thu, 26 Mar 2020 11:38:48 +, C Wills wrote:
> Linux Mint 19.08 has it in the repository but comments something
> about  it being a wrapper only.
> Does Zoom work and is there any problem with it please?

I assume Zoom has a non-Free software license. (Free as in freedom.)

Because of that, I think the "wrapper only" comment probably means the 
package only contains code that grabs the software from elsewhere, 
rather than including the software in the package itself.

The same thing that's often done with other packages, like Adobe Flash 
and the Microsoft core fonts for the Web, as a workaround for 
restrictions on distribution.

I can't say whether it works or not, as I've never come across it 
before.

I would probably try the .deb directly from their download page. It 
claims compatibility with Linux Mint 17.1+.

https://zoom.us/download#client_4meeting


Patrick

-- 
  Next meeting: BEC, Bournemouth, Tuesday, post-lurgi 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Strange hard disk

[Patrick Wigmore]

On Fri, 28 Feb 2020 10:17:03 +, Hamish McIntyre-Bhatty wrote:
> we'd need a power brick and an adaptor to plug it in to USB. I have 
a power brick I can bring if needed.

I might as well bring a USB/SATA adaptor, a power adaptor and a short 
extension lead. The more the merrier!

-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2020-02-04 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Meaning of ‘DT File’ in Schematic/PCB/Simulation Context.

[Patrick Wigmore]

On Sun, 23 Feb 2020 11:38:04 +, Ralph Corderoy wrote:
> A test plan that can be executed?

That was my first thought, but I'm not aware of any kind of testing 
that might use the abbreviation "DT".

On second thoughts, I wonder if they could be talking about generating 
a "device tree".

At the end of the question, the speaker agrees with someone by saying 
"you would need a lot of SFC awareness"; perhaps another relevant 
search term (I couldn't find anything quickly with that though).

-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2020-02-04 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Dual Boot W10/Linux partition problem

[Patrick Wigmore]

On Sun, 22 Dec 2019 10:22:01 +, Terry Coles wrote:
> Normally a typical 
> Windows installation would only use two; the 'C:' Drive and, in
> later  installations, the Recovery Partition.  If it's a newish
> laptop there will also be a UEFI partition, but what the fourth one
> for?

I was surprised to hear from my Dad, who was trying to make a recovery 
USB drive, that Windows 10 can apparently not only have more than one 
Recovery Partition, but that it can automatically expand a recovery 
partition backwards into space formerly occupied by the "C: drive" 
partition, without user intervention!

I think there might also be another kind of partition that Windows 
uses, but I'm not really au fait with that.


-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2020-01-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] SMTP Hosting Sought.

[Patrick Wigmore]

On Sat, 14 Dec 2019 16:42:06 +, Ralph Corderoy wrote:
> Hi,
> 
> I'm looking for recommendations for SMTP hosting:
> 
> - Accept incoming email for one or more domains and hold it until
>   accessed with IMAP or POP3.
> - Accept outbound emails as a smart-host that sends to any
> recipient. - Optionally run SpamAssassin, etc., with ham/spam
> feedback just from my account.
> 
> - I don't mind paying.
> - It's a handful of domains, not dozens.
> - Web-site hosting, etc., is not required so I'd rather a hosting
>   service that specialises in just email.
> - Web-mail access, calendar synchronisation, etc., is all fluff.
> - Not bothered about extreme privacy, e.g. servers in a Swiss castle
> admitting access to only a court order, as most parties I
> communicate with won't be that level and copies of the emails will
> exist elsewhere.

I've been using Zoho for personal email. Cost was a deciding factor. 
They charge per user rather than per domain, and have affordable 
rates.

I've been pleasantly surprised by how up-together and feature complete 
it is. There hasn't really been anything that's severely violated my 
expectations about how things should work. It doesn't get in my way 
too much by trying to guess what I want.

It does have what you call 'fluff' features, but they're not shoved in 
your face, except that you have to use the webmail application to 
configure things. (No SSH. or anything like that.)

You can't use it as a general purpose smart host unless you configure 
the addresses you want to send 'From' in advance. I'm not sure whether 
this suits you.

My use is pretty light, so I wouldn't necessarily be affected by 
downtime, but so far the service seems reliable.

There's spam filtering. Some but not all messages come through with an
X-Spam-Status header added, and an X-Spam-Checker-Version header 
stating a version of SpamAssassin, though it's not entirely clear what 
criteria determine the presence of those headers. Addresses I send 
mail to seem to appear in the spam filter whitelist.


-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2020-01-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Anyone with a 3D Printer

[Patrick Wigmore]

Hi James,

On Sat, 07 Dec 2019 13:01:35 +, James Blake wrote:
> I need to get a specific design of a button replicated for a jacket
> I own.  Has anyone got a 3D printer?

I have a 3D printer, but the print quality is not great at the moment. 
(I need to do some work on it at some point, but it's low on my list 
of priorities.) Therefore, I won't offer to print anything for you, 
because otherwise I will get frustrated by my printer and you will get 
disappointed by the results!

Printer notwithstanding, if you want to send me a photo of the button 
(off-list) then I will tell you if I think I could model it for you.

I get the impression your button might be quite finely detailed, since 
you said it has text on it and buttons are usually not very big. 
Common or garden 3D printers, using an FDM process (fused deposition 
modelling), are not *fantastic* at fine detail, so your button might 
require quite a high-resolution 3D printer.

I think the best results might come from making a good old fashioned 
mould of the original; in silicone or latex; and then making a replica 
casting from that in an appropriate colour of resin. The original 
would need to be removed from the jacket to do that, though (unless 
you want to ruin the jacket).

The smallest legible text I can get out of my 3D printer is about 4mm 
high, but that's a blobby mess. The text needs to be around twice that 
size if I want the font to be recognisable, and even bigger if it's a 
serif font! I'm sure other people's printers are capable of better 
results, but there are limits to the FDM process.

There are other 3D printing processes. For example, the last I knew, 
the institution that is now known as the Arts University Bournemouth 
had a binder jetting 3D printer, which could do fine detail in full 
colour, but produced objects of limited mechanical strength. They used 
to have a website offering 3D printing services, but that seems to be 
gone now.

https://web.archive.org/web/20130130144934/http://www.aucbcam.com/

(I notice that Edward Ward seems to be connected with both AUCBCAM 
https://twitter.com/aucbcam and Make Bournemouth.)

Resin polymerisation printers are also popular (e.g. SLA or DLP 
printers). Those can do fairly fine detail and they produce stronger 
prints than a binder jetting printer does.

There seem to be a few local 3D printing services with SLA and DLP 
printers, if you search for them.


Patrick.


-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2020-01-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Cannot get into KWallet after copying my Home directory from an old Spinning Rust Drive to a new SSD

[Patrick Wigmore]

On Wed, 27 Nov 2019 19:24:45 +, D-LUG wrote:
> I discovered that the drive in the USB caddy had read errors.

On Thu, 28 Nov 2019 17:59:09 +, Ralph Corderoy wrote:
> Also, caddy interfaces can be flaky compared to having the drive
> installed properly.

I own a particularly cheap and flaky USB-to-SATA drive enclosure that 
causes disk read/write errors. I think it also damaged one of my disks 
once, but that could have been coincidence. I stopped using it, but I 
should have known it was no good when I saw that it required a USB 
Type A to Type A cable (supplied in box).

I don't know how prevalent this sort of failure is, but it taught me 
never to fully trust a USB-to-SATA interface when troubleshooting disk 
problems.


Patrick


-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2019-12-03 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Discovering unfamiliar utilities

[Patrick Wigmore]

On Sat, 06 Jul 2019 09:33:15 +0100, Ralph Corderoy wrote:
> Well, I was wondering how it could be done and like solving the
> puzzle; keeps my hand in.

A good habit, for sure.

> The university used to have staff and students interested in Unix
> and ran Solaris or a descendant so there could be quite a few good
> books from those times.

I remember (or misremember) seeing a publicity shot of a Solaris lab 
at the university, probably about ten years ago. The lab was bathed in 
golden yellow light, which seems appropriate if the photo was taken in 
its sunset years. (And also because it was Sun.)

I think they had labs of PCs dual-booting Linux and Windows when I 
attended an open day a few years ago, and a room with all the walls 
decorated with shell scripts, penguins and the like.

Thank you for yet more book recommendations.

Patrick

-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2019-08-06 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Discovering unfamiliar utilities

[Patrick Wigmore]

On Fri, 05 Jul 2019 12:14:03 +0100, Patrick Wigmore wrote:
> the short description of size(1) does not make any mention of object
> files:
>
> $ man -f size
> size (1) - list section sizes and total size.

On Fri, 05 Jul 2019 13:33:21 +0100, Ralph Corderoy wrote:
> This is a bug that you may like to report

The latest version 2.32 contains the same description, so I reported 
Bug 24777 against binutils.
https://sourceware.org/bugzilla/show_bug.cgi?id=24777

-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2019-08-06 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Discovering unfamiliar utilities

[Patrick Wigmore]

On Fri, 05 Jul 2019 13:33:21 +0100, Ralph Corderoy wrote:
> For a one-off quick task, automating it would be more tedious.

But you did it anyway, even though you didn't need the results!
(Don't change, your code snippets are great.)

> I learnt by reading books.  Pre-Internet.  The authors back then
> typically put a lot of effort into providing a coherent progression
> through the subject.

That's exactly why I think books (and courses) are valuable. I don't 
see them as a thing of the past. Other resources can sometimes provide 
quick answers, or an overview of current thinking, but I tend to turn 
to books when I want a solid, baseline understanding of a well-
developed topic.

The main difficulty I have with books is discovering the right ones, 
and I suppose I was fishing for a book recommendation, so thank you 
for recommending 'The Unix Programming Environment'.

There seems to be a copy of it in the library at Bournemouth 
University.
https://capitadiscovery.co.uk/bournemouth-ac/items/91529

At some point I will head over there to have a read and see what's 
nearby on the shelves; that usually turns up something good. (If I can 
figure out how to navigate the ever-changing maze of new buildings on 
their campus.)

> This is a bug that you may like to report

Good point. I'll see about doing that later.


On Fri, 05 Jul 2019 14:05:30 +0100, Bob Dunlop wrote:
> The command was simply "ldd /usr/bin/nvi" which shows the list of
> object dependencies, then cut and paste library names I'm interested
> in into the size command.

That makes sense. I thought there might have been a magic one-liner 
that knew which ones to omit, but in hindsight I suppose you need 
quite a bit of context to decide which libraries are relevant, so it's 
not as plausible as I thought.


On Fri, 05 Jul 2019 14:44:22 +0100, John Carlyle-Clarke wrote:
> You reminded me that a few days ago I listed the files in a core
> package on a server (looking for a missing utility) and saw a few
> things in the list that I didn't immediately recognise. I thought
> at the time, "That would be a good way to learn about utilities
> that I don't know exist".

That's true. Package management is a good way to find things, and 
there is usually some kind of categorisation in place as well. 
Certainly a useful tool to keep at hand.

Patrick

-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2019-08-06 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Very slow Desktop startup problem

[Patrick Wigmore]

On Fri, 5 Jul 2019 at 08:44, Ralph Corderoy  wrote:
> (yada yada) |& curl -sSF 'f:1=<-' ix.io

On Fri, 05 Jul 2019 11:42:22 +0100, Victor Churchill wrote:
> I was puzzled to see the '&' in your command above. I'd have thought that
> saying
> (yada yada) | curl -sSF 'f:1=<-' ix.io
> would do the trick

In bash(1), |& is one operator, not two.

From the manual:
> If |& is used, command's standard error, in addition to its standard
> output, is connected to command2's standard input through the pipe; it
> is shorthand for 2>&1 |.

On Fri, 05 Jul 2019 11:42:22 +0100, Victor Churchill wrote:
> [I'd have thought that] adding the ampersand would, if anything, cause
> it to break: "pipe this lot to nothing, and while you're about it
> run this curl with no stdin"

I think that would be the meaning if you were to put a space between | and &:

(yada yada) | & curl -sSF 'f:1=<-' ix.io

But that form produces a syntax error.

$ echo "dogs" | & cat
bash: syntax error near unexpected token `&'
   

Patrick
-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2019-08-06 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

[Dorset] Discovering unfamiliar utilities

[Patrick Wigmore]

On Thu, 04 Jul 2019 10:37:35 +0100, Bob Dunlop wrote:
> nvi
>textdata bss dec hex filename
>   270612048 256   2936572b5 /usr/bin/nvi
>  442019   18688 144  460851   70833 /usr/lib64/libvi.so.0
>  430302   176282552  450482   6dfb2 /lib64/libncursesw.so.6

This type of output was not something I was familiar with. I can see 
that size(1) produces output in this format, given a list of object 
files, but what method did you use to produce the list of files, 
excluding common operating system libraries?

More generally, this highlighted to me a gap in my knowledge about how 
to discover utilities that fill a particular need without first 
knowing their names. I had already forgotten the route I took to 
discovering size(1) within minutes of discovering it. It began with a 
web search for the column headings in the output and ended with some 
poking around on the local system.

I discovered ldd(1) in a similarly poorly remembered fashion, but it's 
clearly not the whole solution.

I was inspired to read man(1)'s manual page and to belatedly try out
man -k and man -K. However, it is difficult to devise keywords that 
are specific enough to select the right manual pages and generic 
enough to appear in their short descriptions.

For example, the short description of size(1) does not make any 
mention of object files:

$ man -f size
size (1) - list section sizes and total size.

Even if it did mention object files, that would need to be the 
terminology that came to mind if I wanted to find size(1) using:

$ apropos -a object size

(It seems to me that man -k has no direct equivalent to the -a option 
of apropos.)

So, I still feel in want of a good categorised summary of well-known 
commands, or at least a search technique that can expand my search to 
include conceptually-related terms.

Patrick

-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2019-08-06 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Links from 2019-07-02's Pub Meet.

[Patrick Wigmore]

On Wed, 03 Jul 2019 10:50:44 +0100, Tim Waugh wrote:
> Yes, thinking around the problem of wanting to seamlessly use more
> storage than is available locally on e.g. a laptop, backed by
> network storage (perhaps a local file server, perhaps as a cache
> for cloud storage).

Tim's problem reminded me about [IPFS](https://ipfs.io/), a protocol 
with ambitions of being a distributed replacement for some 
applications of HTTP. I think it is more of a public-Web thing than a 
personal-file-storage thing.

-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2019-08-06 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Next Meeting - One Week tonight

[Patrick Wigmore]

On Fri, 28 Jun 2019 17:14:09 +0100, Terry Coles wrote:
> There have been no more suggestions, so I guess we stick with next
> Tuesday at the BEC and hope for the best.

I will make an effort to show up this time.

I'm fine with either date. Exclude me from the decision.


On Fri, 28 Jun 2019 14:49:00 +0100, Terry Coles wrote:
> On Friday, 28 June 2019 14:08:23 BST PeterMerchant via dorset wrote:
> > Do they have an outside garden/picnic area? Barring rain that
> > would do as it is still light until late.
> 
> I couldn't see one on Google Maps

Are these picnic benches any good?

https://www.google.co.uk/maps/place/50%C2%B045'19.2%22N+1%C2%B051'28.8%22W/@50.755328,-1.8585352,177m/data=!3m2!1e3!4b1!4m6!3m5!1s0x0:0x0!7e2!8m2!3d50.7553284!4d-1.8579879


Patrick

-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2019-07-02 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] KMail "ghost" messages after deleting from IMAP folders

[Patrick Wigmore]

On Fri, 12 Apr 2019 12:12:38 +0100, Ralph Corderoy wrote:
> > In KMail, it seems, the setting I needed was "Automatically
> > compact
> > folders (expunges deleted messages)" under the "Advanced" tab of
> > the settings for each relevant IMAP account.
> 
> Is there a means to manually compact, i.e. issue an IMAP `expunge',
> for when that setting isn't ticked?

I can't find one. Automatic is what I wanted.

-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2019-05-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] KMail "ghost" messages after deleting from IMAP folders

[Patrick Wigmore]

On Fri, 12 Apr 2019 11:10:58 +, Hamish MB wrote:
> Interesting, cos thunderbird does this as well - I'll see if I can
> find  an option for that in there too.

On my travels, I found this article which speaks of a
mail.imap.expunge_after_delete about:config option in Thunderbird.

https://news.softpedia.com/news/thunderbird-imap-expunge-or-how-to-really-delete-emails-from-the-server-492525.shtml

-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2019-05-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

[Dorset] KMail "ghost" messages after deleting from IMAP folders

[Patrick Wigmore]

Hi List,

For many years, I had a problem where, after deleting a message from 
an IMAP folder in KMail, or moving a message from one folder to 
another, it would at first appear to be deleted/moved, but then, the 
next time the folder was refreshed to show what was on the server, a 
"ghost" of the removed message would reappear in its original 
location. The ghost could not be viewed or interacted with like a 
normal message. If I logged into the webmail for the affected account, 
the ghost messages would look just like normal messages.

This problem occurred with pretty much any IMAP account from any email 
service provider.

I was going to post to ask advice about this, but I finally figured 
out what the issue is.

In IMAP, it turns out, "delete" just means something like "flag this 
message for deletion during the next expunge", where "expunge" is 
another operation the client can ask to be performed. The "ghost" 
messages I'd been seeing were messages that were marked for deletion 
but not expunged.

In KMail, it seems, the setting I needed was "Automatically compact 
folders (expunges deleted messages)" under the "Advanced" tab of the 
settings for each relevant IMAP account. This causes KMail to expunge 
the deleted messages pretty much straight away, eliminating the ghost 
messages.

I would not be surprised if "Automatically compact folders" is the 
default and I mistakenly deselected it at some point.

Hopefully this information will help one or two other KMail users with 
the same problem.



Patrick

-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2019-05-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Slightly Off-Topic - Reasonable Miniature HDMI Monitor

[Patrick Wigmore]

Hi Terry,

On Thu, 14 Mar 2019 13:27:44 +, Terry Coles wrote:
> However, this morning I realised that the thing I hadn't tried was
> to create a program to run automatically on boot up of the Pi, run
> minicom and then  and login in the normal way.  Lo and behold,
> there was my executing program!
> 
> So I don't need to disable getty, I just need to do things properly!
>  I can even start minicom when the Pi has been running for some
> time and I can still see what is being written to the screen as my
> program executes; just what I needed!

Could you elaborate on what was involved to 'do things properly'?

I don't think I understand what enabled you to see the output from 
your program after logging in.

I would not expect the output of a running program to appear on a 
terminal without some specific configuration or incantations to tell 
it to do that, especially if you want it to only show up after logging 
in on the terminal. This might be a mistaken assumption on my part.

How does getty trigger this program that started on boot to output on 
the terminal after you log in?

Patrick


-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Redistributing binary firmware with a custom live disk

[Patrick Wigmore]

Hi Hamish,

On Thu, 14 Mar 2019 10:04:55 +, Hamish MB wrote:
> I am unsure how to license the final disk image, or what license
> statement to use if any - most of the software is GPL.
If the disk image is to contain software with incompatible licenses, 
then clearly you cannot use one license to cover the entire image. It 
would either violate the license for the proprietary display drivers 
by being too permissive, or it would violate the GPL by being too 
restrictive.

So, I think the solution must entail a listing of multiple licenses 
with an indication that each applies to a particular subset of the 
distribution.

IANAL. This is not legal advice!

Patrick

-- 
  Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Monitoring Internet Connectivity.

[Patrick Wigmore]

On Sun, 10 Mar 2019 09:57:56 +, Ralph Corderoy wrote:
> So RADIUS knows how to Authenticate.  It then Authorises
I have made the old mistake of conflating Authentication and 
Authorisation.

--
  Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Monitoring Internet Connectivity.

[Patrick Wigmore]

On Sat, 09 Mar 2019 17:58:26 +, t...@ls83.eclipse.co.uk wrote:
> Yes, not only that but I'm hoping that CC#2, by trying to beat the
> system, will learn a bit about networking rather than just using
> it.
:-)

> As someone who hasn't come across RADIUS before, could you explain
> how it could help in this situation (i.e. preventing someone from
> connecting to the network with an arbitrary IP address)?
My experience of RADIUS is limited to being a sometime user of 
[eduroam][1], which uses it.

I don't really know much about how it works, but I'll take the
opportunity to improve my understanding by trying to explain it.

My understanding is that RADIUS is a protocol for services that
provide authentication for one or more different network access
mechanisms. So, on its own, RADIUS is not really a solution at all,
just part of a solution.

In the context of a WiFi network, I imagine RADIUS will most likely be
integrated with WPA2, using [EAP][2].

Alternatively, RADIUS could be linked to a web-page-based captive
portal.

A third option might be to provide WiFi access only to a VPN server or
some other portal/proxy/gateway server, which uses RADIUS to
authenticate users and then provides access to the network proper.

Of these, I don't think the captive portal option will help. By not
using WiFi encryption, it leaves the door open for a client to imitate
another client to take advantage of its greater privilege.

Using the WPA2 option, I believe the authentication occurs before the 
client device is connected to the network by the access point. I 
suppose the access point is therefore the arbiter of what kinds of 
connections are possible, under the instruction of the RADIUS server.
(I suppose the access point fulfils the "Network Access Server" role.)

So the RADIUS server might, in effect, tell the access point which 
VLAN to tag an authenticated client's traffic with, for example, or it 
might tell it which IP addresses the client can use. These are 
certainly just guesses on my part: the sorts of outcomes that would
make sense to me.

If the client can be reliably forced into a particular VLAN or a
particular IP address by the access point on the basis of the client's
authenticated identity, then it is going to be easy for a router/
firewall to control what the client can access and when.

The access point can also send the RADIUS server updates about whether 
the client is still connected, to enable the accounting feature.

The RADIUS server could itself have any kind of back-end, potentially
integrating with a wider system of user accounts.

I'm surprised, but probably shouldn't be, to learn that the
[hostapd][3] daemon is not only capable of using a RADIUS server, but
also capable of being a RADIUS server itself.


> > One 'cheaper' option for authentication would be to just have more
> > than one WiFi SSID.
> 
> Yes, that's a possibility, as the Draytek has multiple SSIDs with
> scheduling. But fairly quickly the unscheduled SSID passwords will
> be compromised.
If the compromise is by means of extracting credentials from other 
devices, then I suppose the same risk could apply to a solution using 
RADIUS.


Patrick


[1]: https://www.eduroam.org/
[2]: https://en.wikipedia.org/wiki/Extensible_Authentication_Protocol
[3]: https://w1.fi/hostapd/


--
  Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Monitoring Internet Connectivity.

[Patrick Wigmore]

On Fri, 08 Mar 2019 16:23:55 +, Ralph Corderoy wrote:
> I've not used it, and don't fully understand its operation, but I
> wonder if RADIUS is well suited to the `authentication and
> authorisation' of clients to the home network.

I have got the impression from these messages that Tim might be quite 
enjoying the cat and mouse game, and so going straight for the 
'nuclear option' of RADIUS might spoil the fun! Having said that, 
perhaps I am underestimating the adversary.

One 'cheaper' option for authentication would be to just have more 
than one WiFi SSID.

--
  Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] OpenWRT

[Patrick Wigmore]

On Sun, 10 Feb 2019 13:23:38 +, Tim wrote:
> First, I found the passphrase for my wifi stored on the router in
> plain text format
It's certainly not the first router operating system to do that. I
found a feature request asking for Ubiquity access points to stop storing
WiFi passwords in plain text:
https://community.ubnt.com/t5/UniFi-Feature-Requests/Hashing-the-remaining-passwords-do-not-store-in-plain-text/idi-p/1590658#comments

Someone please correct me if I'm wrong, but my understanding is that the
mutual authentication feature of WPA2-PSK means that the access point must
store either the plain text passphrase or the plain text secret that gets
computed from it, either of which can be used to authenticate to the
network if stolen. It seems to me that the best defence is therefore to
avoid using the passphrase for anything except that one WiFi network, or
else to use WPA2 Enterprise instead (which does not rely on a pre-shared
key).

> Secondly, when you login into the router via ssh you do so as root
It is definitely possible to change that. You can add a less privileged
user, enable key-based authentication for SSH and install sudo.

I wonder if the default was a compromise made in order to limit the
amount of software included in the base installation, due to the limited
amount of flash memory found in router hardware.

> to be fair when you login into the router via the web interface you
> also do so as root.
I never really liked that, especially since HTTPS is not enabled by
default. I don't so much mind having to authenticate as root to perform
administrative actions, but it does seem poor form to run the entire web
server as root.

Patrick

--
  Next meeting: BEC, Bournemouth, Tuesday, 2019-03-05 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] OpenWRT

[Patrick Wigmore]

On Mon, 14 Jan 2019 17:59:30 +, Tim wrote:
> If anybody has any stories regarding OpenWRT I would interested to
> hear them

On Sat, 26 Jan 2019 13:13:02 +, Ralph Corderoy wrote:
> Every time I'm in the market for a new broadband modem, like now,
> I consider buying one supported by OpenWRT, but never manage it.

The last I checked, the only available ADSL or VDSL modem that OpenWRT 
appeared to actually have a driver for was the one inside the BT Home 
Hub 5 type A (a.k.a. Plusnet Hub One or BT Business Hub 5).

It is not a badly specified device given how cheaply available they 
are. 802.11ac, 128MB RAM, 128MB flash, 500MHz CPU. I bought one and 
put OpenWRT on it. The main downsides I see are:

* Though it has gigabit network interfaces, it is not capable of
  actually routing traffic at gigabit speeds. (I don't care about
  that: it's fast enough for me.)

* It is too easy to press the prominently-located restart button while
  handling the device, causing an unwanted reboot. Presumably the
  stock firmware requires regular rebooting so they decided to make a
  feature out of it.

* It makes a quiet ticking noise like a laptop hard drive when it is
  transceiving WiFi traffic. (This seems to be the power supply
  circuitry responding to the varying load, because connecting a USB-
  powered device that uses PWM to fade some LEDs up and down causes
  the Home Hub to provide an audible rendition of the PWM signal,
  providing many minutes of entertainment.)

* Unlike the radio in my previous, lower-spec Buffalo device (also
  running OpenWRT), the WiFi radios don't seem to support operating
  simultaneously as both a client and an access point. Though, since
  it's dual band and has two radios, the unit as a whole can do this,
  provided you don't mind dedicating a whole frequency band (2.4GHz or
  5GHz) to each of these functions.

* It doesn't have many indicator LEDs (but all three are RGB, so you
  can squeeze quite a bit of information out through them).

* No option for external WiFi antennae (it works well without them,
  but some people might have a specific reason why they need or want
  them).

Its been very stable for me. The only unplanned downtime has been due 
to power failures.

I've only tried the xDSL modem itself for an hour or two, to test it. 
Therefore, I can't vouch for the xDSL modem's long-term stability, but 
I was satisfied that it would probably do the job if I wanted it to.

The modem took a loong time to make a connection on the first 
attempt: about half an hour. I put that down to the DSLAM on the other 
end of the line being surprised to see a different modem, but not 
before I went on a wild goose chase tweaking the configuration to see 
if anything would make it work. After the initial connection, it 
appeared capable of reconnecting much more quickly.


On Sat, 26 Jan 2019 13:13:02 +, Ralph Corderoy wrote:
> I realise their specialised devices, but I'm surprised that projects
> like OpenWRT don't settle on a collection of chips that they
> support very well, e.g. good quality Linux kernel drivers, and then
> see if they can crowdfund a device built around them.

If you are acquiring new hardware, it seems to me that the only 
product category where there really seems to be a lack of OpenWRT 
compatibility is modems. If you just want a router or a WiFi access 
point, there are plenty of options. I speculate that it would be 
difficult to compete with the existing choice in those categories, but 
the xDSL modem-router category would be more fertile ground for a 
crowd-funded product.

Patrick Wigmore


--
  Next meeting: BEC, Bournemouth, Tuesday, 2019-02-05 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Database with GUI Front End for Non-Database Experts

[Patrick Wigmore]

Hi Terry,

Last year, I used [Kexi](http://kexi-project.org/) to record an 
inventory of my personal hoard of electronic components.

But Kexi does not fulfil your requirements, in that the database would 
not be hosted on a website somewhere, and that it would not run on Mac 
or Windows (support for those platforms being "in development"). The 
database itself can either be a local Sqlite file, or a database 
server (MySQL or PostgreSQL). It is, however, open source and it is a 
GUI-based tool for the development and use of the database.

Kexi is limited in terms of the types of constraints you can apply to 
the tables, and I found I had to write some of the queries in SQL 
instead of using the graphical query designer. It's also somewhat 
limited in terms of what kinds of forms you can create, and 
scriptability.

I found Kexi to be at least one step above a spreadsheet and entirely 
satisfactory for my use case, but for a multi-user environment I would 
want more enforcement of constraints built into the database 
application, and more flexible and scriptable form design to improve 
usability.

I don't doubt that there might be a nice, open source, web GUI for 
designing and using database applications, but since I have not used 
such a thing I will refrain from recommending anything!

I suppose you are probably looking either for an off-the-shelf 
inventory database solution, or something broadly equivalent to 
Oracle's "APEX" software, except open source and perhaps a little 
easier to use.


Patrick.

--
  Next meeting at *new* venue:  Bournemouth, Tuesday, 2018-12-04 20:00
  Check if you're replying to the list or the author
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] Visual basic on Linux

[Patrick Wigmore]

Hi Tim,

> ...my son has been told he needs to download Visual Studio 2017 onto
> a Windows PC...

> Are there any options other than spending several hundred pounds on
> a new PC to run this bloatware for compiling programs.

MonoDevelop is probably the closest equivalent to Visual Studio on 
Linux, supporting most of the same languages and libraries (or drop in 
replacements; i.e. Mono instead of .NET).

For console programs or those using third party libraries for graphics 
(e.g. MonoGame) it's more or less equivalent. However, last I looked, 
the GUI builder in MonoDevelop only supports GTK GUIs, unlike Visual 
Studio. So, for GUI programs, you probably want to stick to one IDE or 
the other.

I've run Visual Studio on Windows 7 in VirtualBox, and it is usable 
with 4GB RAM and VT-x hardware acceleration. It is one of the slower 
applications though. It takes ages to load on real hardware too, but 
once it's going it feels a bit more responsive.

And of course if you're not booting Windows every day, the first thing 
it's going to do when you boot up your virtual machine is run Windows 
Update in the background and bog itself down for several minutes doing 
whatever it is that Windows Update does that takes so much time and 
effort.

Patrick.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-10-02 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Centering Text Using CSS

[Patrick Wigmore]

Terry,

On Thu, 12 Jul 2018 13:47:22 +0100, Patrick Wigmore wrote:
> You should probably use a  tag instead, and assign it a class:
I now see in your 13:43 message that you have done this.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Centering Text Using CSS

[Patrick Wigmore]

On Thu, 12 Jul 2018 12:26:39 +0100, Terry Coles wrote:
> Please point out my (no doubt) blindingly obvious mistake.

You seem to have created your own tag "", and the browser has 
probably defaulted to displaying it as an inline element, which can't 
have a text-align property.

You should probably use a  tag instead, and assign it a class:


To return to this Menu, please use your device's back
button


Then your css needs a dot to denote class, of course:

.msg { ...


If you particularly wanted to use a custom HTML tag, you would have to 
tell the browser it's a block element that can have text-align.

It turns out that just adding display: block to the CSS does the trick 
in Chromium.

msg {
font-family: "Arial";
text-align: center;
font-size: 5vw;
font-weight: bold;
line-height: 3vw;
color: blue;
 display: block;
}

But I don't now whether creating a "" element is considered a 
good idea. I suspeect it might not be.

A web search for "html custom elements" returns a fairly confusing 
mass of information about different standards at different points in 
history.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Patrick Wigmore]

On Thu, 12 Jul 2018 07:14:05 +0100, Terry Coles wrote:
> > Given enough time to detect the captive portal, Windows 7 pops up
> > a
> > balloon from the taskbar suggesting that "Additional log on
> > information may be required", which opens a browser when clicked.
> 
> Have you installed nodogsplash?  Just wondering how you know.

My main experience in this case is of a Three pay-as-you-go mobile 
broadband connection. When the credit runs out, the network activates 
a captive portal, which redirects to a message saying you've run out 
of credit and need to top up your account. This triggers Windows 7's 
sluggish pop-up bubble and Firefox's banner about signing in. I've 
never tried it with Android, but I'd expect it to trigger Android's 
sign-in browser too.

The same effect should occur on any captive portal, unless the captive 
portal is deliberately making itself hard to detect.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Patrick Wigmore]

On Wed, 11 Jul 2018 17:14:21 +0100, Terry Coles wrote:
> It's worse than that; I've found that every browser that I've tried
> on every device that I have access to exhibits different behaviours
> with this code:

I think this is just something that happens with captive portals. It's 
not unique to the one you've set up.

Given enough time to detect the captive portal, Windows 7 pops up a 
balloon from the taskbar suggesting that "Additional log on 
information may be required", which opens a browser when clicked.

Captive portals are a bit of a hack, and largely rely on the 
assumption that, if someone wants to use an internet connection, they 
will open a web browser and try to access a website on the internet.

On desktop browsers, if you have a home page that has to be retrieved 
from the internet, then the experience is that the sign-in page will 
appear automatically when your browser tries to load your home page.

For some years, it was easy to get away with assuming that most people 
who wanted to use a WiFi hotspot would open a browser and try to load 
a web page. Then the iPhone happened and suddenly (seemingly) everyone 
wanted to run native phone apps and POP/IMAP mail clients, which would 
(correctly) exhibit error conditions rather than displaying a captive 
portal sign-in page, because they were not web browsers. And so, 
workarounds had to be devised by which devices could detect captive 
portals and display the sign in page to users who might not open a web 
page as soon as they connected to the network.

Almost inevitably, the solutions are not standardised. (And phone and 
tablet OSes have more highly developed solutions than desktop ones.)



> Actually I had problems with the logo, the button text size and the
> background image.
Your button font size was specified in ems. So, it was specified as a 
proportion of the size that it would otherwise have defaulted to if 
you hadn't specified one. Since you hadn't specified any absolute 
sizes that were inherited by the button, the size was relative to the 
default font size for buttons, as chosen by the browser.

This is fairly sensible, provided the browser has a sensible default 
font size. It has the advantage of respecting any custom default font 
size that the end user might have set, which is good for 
accessibility. However, this approach falls down if a browser has a 
stupid default (that wasn't set by the end user).

Which leads me to wonder; could the overflow you're seeing have to do 
with the global font size settings (for menus, etc) on the Android 
device you are using? If this is set larger than default, then perhaps 
the portal sign-in browser respects that and renders everything 
larger, while other browsers ignore this setting.

If the browser is displaying things larger because you have personal 
settings that enlarge things, then you just have to bear in mind that 
that is the enlarged version, not the default, and design it to appear 
enlarged in that browser but "normal" size in the others.

If you are more concerned about whether the buttons fit on the screen 
than whether they respect the user's font size preference, it might 
make more sense to specify the font size in viewport width units (vw). 
That is a design decision more than a technical one. Personally I'd 
try a smaller em size first. (It sounds like that's what you've done.)
-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Patrick Wigmore]

On Wed, 11 Jul 2018 11:04:29 +0100, Terry Coles wrote:
> On Wednesday, 11 July 2018 10:20:49 BST Terry Coles wrote:
> > All of the pages appear different in one other respect.  Across
> > the top of the Splash Page, there is a page Title that reads
> > 'Sign in to network'. This appears at the top of all the pages. 
> > It's this hangover from the Sign In Page that makes me suspect
> > that nodogsplash is serving the content.
> This statement is actually a load of cobblers.  I just used my Linux
> Laptop and my son's Windows PC to connect to the WMT pretend AP and
> that 'page Title' doesn't appear.  On going back to the phones,
> I've realised that this is nothing more than a banner inserted by
> Android to allow users to decide whether to continue to use the
> network or not (it has the three vertical dots to indicate that a
> menu is available.  So the content is presumably being served by
> nginx but somehow Android 7.0's browser is messing with the
> content, presumably due to something being done in the Splash Page.
> 
> On the laptop and PC, I don't get the Alert that Android puts up and
> which automatically routes the user to the Sign In page when
> clicked.  Instead, the machine simply connects to the AP in the
> normal way and nothing happens until the user opens his browser. 
> This then puts up the Sign In Page and everything works fince from
> then on.

I think you've hit the nail on the head there. Android seems to have a 
special browser that appears for signing in to captive portals, and it 
doesn't render web pages quite the same way as the usual browser.

It makes sense that there should be a special browser, since users 
will not necessarily be using the main browser but might still expect 
internet access for other apps that won't show a captive portal log in 
page.

Looking at the home page HTML and CSS, I think the most likely element 
to cause overflow off the screen is the image that says Wimborne Model 
Town Banner.

The buttons have been given no specified width, so they should just 
get squashed to fit, but the image has an implicit width of 507px, 
with is inconveniently absolute. (And if the image pushes the page 
that wide, then the buttons might go off the screen too.)

Now, I'm a bit rusty on this, but I believe that most mobile browsers, 
encountering this page, with no specified viewport size, would set the 
viewport (representing the visible portion of the page) to the width 
of the widest element (the image). The browser would then scale the 
viewport so that it fits on the screen (i.e. zoom out a bit to make 
everything fit).

So, perhaps the captive portal sign-in browser does not support 
viewports in the same way that a normal mobile browser would.

One option to fix this might be to specify the max-width (as opposed 
to the width) of the image to be 100%. Then it doesn't matter how big 
or small the viewport is.

Another option might be to explicitly set the viewport to the width of 
the widest item on the page. This might be interesting from the point 
of view of seeing whether the captive portal sign-in browser actually 
supports viewports of this nature at all. I imagine this strategy is 
probably not considered best practice, since it's kind of a cheat to 
avoid having to fix the page to work with arbitrarily sized screens.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Problems with The UK Mirror Service https://www.mirrorservice.org/

[Patrick Wigmore]

On Mon, 09 Jul 2018 14:41:12 +0100, Terry Coles wrote:
> Could some of you guys try the UK Mirror Service (https://
> www.mirrorservice.org/)?

I, too, receive a domain holding page from Easyspace saying that the 
domain has expired.

They have posted about it on Twitter. It looks like the issue has been 
fixed, but we just have to wait for it to propagate to all DNS 
servers.
https://twitter.com/UKMirrorService/status/1016255918441484288


-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Setting up a URL Filter and Cascading Routers

[Patrick Wigmore]

On Fri, 15 Jun 2018 11:58:42 +0100, Terry Coles wrote:
> I think that I may have mis-understood the config file commentary (I
> haven't actually done that bit yet), but I found the following at
> line 170:
> 
> # This should be autodetected on an OpenWRT system, but if not:
> 
> # Set GatewayAddress to the IP address of the router on
> # the GatewayInterface.  This is the address that the Nodogsplash
> # server listens on.
> #
> # GatewayAddress 192.168.1.1
> 
> I assumed that this was referring to the IP address of the Internet
> side of the Pi, but see now that they are probably referring to the
> IP Address of the router.

No. In your case, it refers to the "internal" IP address of the Pi in 
its role as a router. That is to say, the IP address of the LAN-side 
interface of the Pi. I suppose this might be the IP address that you 
are serving your local website on.

It should be the same address that already appears as the gateway 
address on DHCP clients of the Pi (people's phones). (Assuming DHCP 
has been configured to specify a gateway address.)

You also have to specify the interface name (e.g. eth1), so I suppose 
the IP address could be autodetected from that, which might be a more 
robust configuration in case the address ever needs to be changed.

On an OpenWRT system, the gateway interface would typically be 
something like br-lan; a bridge across multiple physical interfaces, 
such as ethernet ports and wifi networks. On your Pi, it will likely 
be a single physical interface.

On a router running OpenWRT, there might be more than one LAN-side 
interface, so you would specify which one. For example, you might run 
both a private LAN and a guest LAN on the same router.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Firefox online payment issue issue

[Patrick Wigmore]

Tim,

It's just occurred to me you might have been talking about using 
Nationwide's online banking website to make a payment to somebody 
else's account, rather than a card payment on a third party website. 
In which case, my apologies, my reply is probably irrelevant.

Patrick

-- 
Next meeting:  Bournemouth, Tuesday, 2018-06-05 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Firefox online payment issue issue

[Patrick Wigmore]

Tim,

> I tried to make the make payments to the same two account tonight,
> but had the same issue, both payments refused. I tried using Google
> Chrome and both payments went through with out issue.

Are the payments on different websites, or the same website? Perhaps 
it is just a specific website that has problems with Firefox 59.0.2 
rather than a more general issue.


> Has anybody else had this issue with Firefox

Some time ago I had what might be described as an opposite experience, 
but only with one specific website. Payments would stall trying to 
process the "Verified By Visa" part when using Chromium, but would go 
through fine when using Firefox and would go through fine on any other 
website that handled payments.

My solution to that problem was to make the payments in Firefox and 
report the issue to the people running that website.

I happen to have made a payment today in Firefox 59.0.2 (with a fairly 
uncustomised profile), so there does not seem to be a problem in 
general with making payments in that version of Firefox. It must be 
down to a more specific detail.

If you have customised Firefox, perhaps you could try running Firefox 
in safe mode the next time you attempt to make a payment. If it works 
in safe mode then that would suggest it was a problem with an add-on:

$ firefox --help | grep safe
  --safe-modeDisables extensions and themes for this session.

It might also be enlightening to have the Web Console (Ctrl+Shift+K in 
Firefox) open during a failed payment attempt, to see if there are any 
informative error messages, which might narrow down the cause of the 
problem. (But it's not uncommon for warnings to appear in the Web 
Console, so they may not all be relevant.)

I suppose this could be quite expensive to debug if every test 
requires a payment to be made. :)


Patrick

-- 
Next meeting:  Bournemouth, Tuesday, 2018-06-05 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Revisited - Accessing a Local Network over a Wireless Router that is NOT Connected to the Internet

[Patrick Wigmore]

This page 
https://community.spiceworks.com/topic/1870844-wifi-connection-not-used-for-internet
leads me to the following stab in the dark:

Is your DHCP server configured to provide a gateway IP address to
clients, and, if so, would it solve the problem if you configure
it NOT to do that?

-- 
Next meeting:  Bournemouth, Tuesday, 2018-03-06 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Revisited - Accessing a Local Network over a Wireless Router that is NOT Connected to the Internet

[Patrick Wigmore]

On Sunday, 18 February 2018, at 14:35:33 GMT, Terry Coles wrote:
> I presume not because it looks like I need an SSL/TLS
> Certificate.  If so, that may be all that is wrong, since
> Google have definitely moved towards https in recent years.

Except that you shouldn't be able to get an SSL/TLS certificate 
signed by a trusted certificate authority for a domain you do not 
own! (Which is not to say that that has never happened, but it's 
certainly a shady thing to do and not a reliable strategy!)

You could try a self-signed certificate to see what happens, or 
one meant for your own domain, but I imagine it will just cause 
certificate errors on the phone.

In the code Ralph linked to (NetworkMonitor.java), it looks as 
though Android at least allows captive portals to get away with 
blocking HTTPS, so maybe that's one way to work around the issue. 
(Set up a captive portal, block (or don't accept) HTTPS and 
continue to intercept the relevant HTTP URLs.)

-- 
Next meeting:  Bournemouth, Tuesday, 2018-03-06 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] LibreOffice or Onedrive

[Patrick Wigmore]

Hi Peter

> SWMBO says that she cannot get on with LibreOffice 5 since I
> got rid of XP and Office2003, and she looks after our finances
> using the Excel equivalent. I have moved the accounts file 
> down to OneDrive so that she can use the online equivalent to
> Microsoft Excel as a trial for her.
> 
> Has anybody any similar experience? Are there any drawbacks to
> this, other than the need to be online?

I previously ran into an issue where parts of Office 365 would 
run uselessly slow and consume an unreasonable amount of CPU time 
when run in a browser that didn't send a Windows or Mac user 
agent string. The workaround was to spoof a "supported" user 
agent. However, it's been many months since I have used it for 
any significant length of time, so that particular fault may have 
been fixed. It might also have been exacerbated by the old 
hardware I was using.

For myself, I would rank Excel online below both LibreOffice 5 
for and MS Office 2003 for feature-completeness, but above them 
for multi-user editing and ease of use. I suppose it depends on 
what you are trying to use it for.


Patrick

-- 
Next meeting:  Bournemouth, Tuesday, 2017-09-05 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Exclude hidden folder in rsync

[Patrick Wigmore]

> > I want to compress my rsynced home folder, I want the video
> > folder in the final compressed file but I don't want tar to
> > try and compress it as it compresses the rest of the home
> > folder, does that make sense?
>
> Yes, but it can't be done. 

Unless you are prepared to accept two tar files as output. (One 
compressed, one uncompressed, with contents to be reunited upon 
untarring.)

Patrick

-- 
Next meeting:  Bournemouth, Tuesday, 2017-09-05 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Downloading Code from Github

[Patrick Wigmore]

On Sunday, 23 July 2017, at 16:50:40 BST, Terry Coles wrote:
> Is there a 'proper' way to grab a copy of a program from Github
> without making a Pull Request?

In git terminology, there exist both pulls and pull requests, 
which are different things.

If you issue a pull request, you are asking somebody else to 
"pull" your changes into their local repository.
Whereas, if you do a pull, that would be you pulling changes into 
your local repository.

It's confusing that these are so similarly named, if you ask me. 
Lots of students on my degree course were tripped up by that when 
first introduced to git.

My beginner's understanding is that you need to "clone" the 
repository; that is, make a local copy of the repository, which 
is then managed by the git(1) program on your machine. You would 
do this using the git-clone(1) command in a terminal, or some 
equivalent in a GUI frontend to git.

Having created your local repository, you can use it as a working 
directory for development, testing, debugging and so on, and use 
git commands to manage it and track changes locally.

I suspect that git is something that different teams and projects 
will have different ways of using. But in any case, at some point 
you will reach a stage where you or your team feel that the 
changes you've made are (a) worth keeping and (b) at some 
sensible juncture where it makes sense to record the changes. At 
this point, you would make a commit, and give it a useful 
description, using git-commit(1).

Commits represent a snapshot of the contents of the repository, 
and initially exist only locally. They derive from previous 
commits, and are in principle (somewhat) immutable, so that when 
you push them to another repository, they fit nicely into the 
existing graph that contains the commits upon which they were 
based.

Having made one or more commits locally, you can "push" them from 
your local repository to the remote repository, or "pull" them 
the other way if somebody else made a change (or sent you a pull 
request). Predictably, the commands are git-push(1) and git-
pull(1). I think of this as synchronising the graph of commits 
between the different copies of the repository, though I suspect 
there are subtleties that this mental model ignores.

git(1) doesn't inherently enforce a single, central, remote 
repository; you could just as well be pushing and pulling between 
several distributed repositories in some other topology. However, 
the commonality between the different possible topologies seems 
to be that all the repositories share the same graph of commits.

I suppose different projects probably have different policies or 
conventions for when and in what manner to push, pull, issue pull 
requests, and whatever other tricks git has up its sleeve that 
I've not yet discovered.

Other things that seem important to read the manual on include:
git-checkout(1)
git-branch(1)
git-merge(1)

My understanding of these is weak, so I won't attempt to explain 
them myself, but I recall having to read about them in order 
reach my current understanding of git.

I expect somebody with more git experience can answer your 
questions more precisely and concisely, but hopefully my 
meandering beginner's perspective is also useful.


Patrick

-- 
Next meeting:  Bournemouth, Tuesday, 2017-08-01 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] YAWMT Question

[Patrick Wigmore]

Hi Terry,

On Thursday, 22 June 2017, at 13:23:35 BST, Ralph Corderoy wrote:
> That's sounding as if you'd have a database server sitting on
> the network with all the slave and the master being its
> clients, sending SQL to modify tables.  And if the slaves are
> writing to the tables, and the master is trailing behind,
> reading them, then you're (mis-)using the database as message
> queues.  Perhaps a message queue would be a better fit.

> As Tim said, it sounds like overkill, and adds another major
> piece to understand, configure, monitoring, debug, ...  A
> message queue, like RabbitMQ, or zero.mq, also has those
> problems given your simple needs.

I think Ralph has hit the nail on the head with these two 
paragraphs. My thoughts were much the same, but not clear enough 
in my mind to be able to articulate them this well!

Patrick

-- 
Next meeting:  Bournemouth, Tuesday, 2017-07-04 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] A New Wimborne Model Town Project Query - Sensing Water Levels and Flow

[Patrick Wigmore]

On Thursday, 4 May 2017, at 11:29:27 BST, Terry Coles wrote:
> Since the system will be running largely unattended 24/7, we
> want to be able to predict the onset of a flood or drought in
> the river.  To do that we need to measure the actual depth so
> we can determine the rate of change.

I must admit, it surprises me that the river system is so 
sensitive to the weather conditions. I would have expected there 
to exist a constant pumping rate that would maintain the river 
between sensible high and low levels except in very extreme 
weather.

But then I have assumed an 'ideal' river and sponge-like bog, 
both with no leaks into the ground, and a sump tank that can 
easily hold the entire volume of water when the pump is switched 
off and the system drains down. It sounds like the reality is 
more complex.

-- 
Next meeting:  Bournemouth, Tuesday, 2017-06-06 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Can my system run out of memory if my program continuously O/Ps messages to the shell?

[Patrick Wigmore]

On Tuesday, 11 April 2017, at 12:16:44 BST, Terry Coles wrote:
> Thanks.  Now I can focus on the overheating.  We were trying to
> avoid any holes in the case for ventilation.

I don't want to jinx it, but you might find you have to drill 
some drainage holes anyway. Water is a sly opponent! I'd keep an 
eye on that.

If it's a totally sealed box, I would be inclined to at least put 
some dessicant in there to absorb the moisture that's trapped in 
the air inside, otherwise you might get condensation issues from 
the outside temperature fluctuations.

> It looks like I need to put a fan inside to help natural
> convection to shift the air from the Pi to the heatsink.

Is there a heatsink on the Pi's CPU? If there isn't, that would 
be fairly easy to add and would probably go a long way, if it is 
a thermal issue.

Patrick.

-- 
Next meeting:  Bournemouth, Tuesday, 2017-05-02 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Python Function Appears to be Entered Twice

[Patrick Wigmore]

On Thursday, 9 March 2017, at 18:01:43 GMT, Terry Coles wrote:
> > > If I uncomment the time.sleep() line, then it prints two.
> > 
> > Two `Message Played'?  Do they appear roughly together, both
> > after a two-second gap?  If you're not sure, increase the 2.
> 
> Increasing the delay increases the time between the messages
> being played, when leave the time.sleep() commented, there is
> no delay.

In your first email, you said that there was only one 'Message 
Played' text output when time.sleep() is commented.

So, does this mean that sometimes you get one 'Message Played', 
but sometimes you get two with no delay between them? Does it 
depend on whether the line to invoke the player is commented out?


Just trying to think of possiblities: Is there any kind of 
feedback loop occurring through you (the human operator), whereby 
the delay influences the way in which you operate the switch?

Does it make a difference how long you hold down the switch 
before releasing it?


Patrick.

-- 
Next meeting:  Bournemouth, Tuesday, 2017-04-04 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] SSID Hiding

[Patrick Wigmore]

On Monday, 6 February 2017, at 19:50:24 GMT, Terry Coles wrote:
> I understand what that is saying, but I'm not just relying on
> cloaking; I'm using MAC Adress filtering too (as well as WPA2
> PSK encryption).

MAC address filtering does not really add any security. Before it 
comes into play, the attacker still needs to crack your WPA2 
encryption. If that's within their capability, then they almost 
certainly know how to discover and spoof an authorised MAC 
address by eavesdropping on your network traffic.

> My main reason for using it is to reduce the chances of some
> young up and coming geek from even trying to hack me.

That is interesting to consider. I wonder how the psychology 
works out. Are hidden networks "off the radar", or do they look 
like juicier targets, because somebody is trying to hide them?

I find Ralph's suggestion of choosing a SSID that doesn't stand 
out interesting too. Are attackers even looking for SSIDs that 
stand out?

Some attackers might actually be attracted to default-sounding 
SSIDs, in the hope of finding an easy target with a weak 
password.

But, mind-games aside, at the end of the day you are still just 
relying on the WPA2 encryption. If that's broken, then the other 
measures are just ways to paper over cracks in the dam.


> 'Worse still, because a station must probe for a hidden SSID, a
> fake access point can offer a connection.'
> 
> Correct me if I'm wrong, but wouldn't that fake AP have to
> spoof the MAC Address of my Router or know what the SSID was?

Determining and spoofing the MAC address and SSID is totally 
feasible.

However (and I could be wrong about this -- I was unable to 
verify with a web search), I think WPA2-PSK uses mutual 
authentication of the client and access point. So, your devices 
would not connect to a fake access point unless the fake AP could 
prove that it knew the passphrase for your network. If the 
attacker knows the passphrase, then all bets are off.

-- 
Next meeting:  Bournemouth, Tuesday, 2017-02-07 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Sound issues

[Patrick Wigmore]

On Saturday, 4 February 2017, at 23:24:23 GMT, Tim wrote:
> ...very bassey, very distorted. If I play a CD\mp3 through
> Clementine then with the use of the inbuilt equaliser the
> output is ok.

This makes me wonder whether your sound hardware is being treated 
as surround sound hardware, and the audio jack you are using has 
been incorrectly mapped to the subwoofer channel.

If you are using PulseAudio, It might be worth checking what 
profile your sound card is set to, using pavucontrol, the KDE 
multimedia settings, or something like:

pacmd info | grep -B50 "active profile"

(Sorry, I don't know the equivalent for plain old ALSA.)

I could be barking up the wrong tree though.

-- 
Next meeting:  Bournemouth, Tuesday, 2017-02-07 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] How to configure "Reply-To" correctly for list?

[Patrick Wigmore]

On Saturday 29 Oct 2016, at 15:38:52, Ralph Corderoy wrote:
> The relevant documentation is
> https://www.gnu.org/software/mailman/mailman-admin/node11.html
> and this list's settings are
> 
> first_strip_reply_to = 0
> reply_goes_to_list = 0
> reply_to_address = ''

I was more inclined to question my own mail user agent's 
behaviour than the configuration of the list, since it seems to 
work fine for everyone else.

I had expected that somehow the default behaviour of KMail would 
be to disregard the Reply-To address when dealing with mailing 
lists. I now know that my expectation was incorrect and in fact 
"Reply-To" overrides the "List-Post" address.

Given that my Reply-To and From addresses are the same, I can 
simply remove the Reply-To. It is superfluous and I had 
configured it without understanding the implications.

-- 
Next meeting:  Bournemouth, Tuesday, 2016-11-01 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] How to configure "Reply-To" correctly for list?

[Patrick Wigmore]

On Saturday 29 Oct 2016, at 15:10:39, Patrick Wigmore wrote:
> I have "Reply-to" set to my own address in my configuration
> (As an experiment, I will remove it for this message.)

That seems to solve the problem. Apologies for any inconvenience.

Patrick

-- 
Next meeting:  Bournemouth, Tuesday, 2016-11-01 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

[Dorset] How to configure "Reply-To" correctly for list?

[Patrick Wigmore]

Hi All,

I've just noticed that my messages to this list seem to be set up 
so that replies to them by default go straight to me rather than 
the list. This seems wrong to me. Does anyone know what 
configuration I need to change in KMail so that replies go to the 
list by default?

I have "Reply-to" set to my own address in my configuration, but 
I would not expect that to apply to list emails. Do I need to 
remove that? (As an experiment, I will remove it for this 
message.)

Patrick

-- 
Next meeting:  Bournemouth, Tuesday, 2016-11-01 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR