23 Mar 2018

feedPlanet Debian

Uwe Kleine-König: Using the switch on Turris Omnia with Debian

After installing Debian on Turris Omnia there are a few more steps needed to make use of the network switch.

The Armada 385 CPU provides three network interfaces. Two are connected to the switch (but only one of them is used to "talk" to the switch), and one is routed directly to the WAN port.

After booting you might have to issue the following commands to make the devices representing the five external ports of the switch appear and functional:

# ip link set eth1 up
# modprobe mv88e6xxx

After that you can use the network devices lan0 to lan4 like normal network devices. To make them actually behave as you would expect from a network switch you have to put them into a bridge. The driver then offloads forwarding between the ports to the switch hardware such that the cpu doesn't need to bother for each single packet.

To automate setup of the bridged ports I used systemd-networkd as follows:

# echo mv88e6xxx > /etc/modules-load.d/switch.conf
# printf '[Match]\nPath=platform-f1030000.ethernet\n[Link]\n#MACAddress=...\nName=eth1\n' > /etc/systemd/network/00-platform-f1030000-eth1.link
# printf '[NetDev]\nName=brlan\nKind=bridge\n' > /etc/systemd/network/brlan.netdev
# printf '[Match]\nName=brlan\n\n[Network]\nLinkLocalAddressing=ipv6\n' > /etc/systemd/network/brlan.network
# printf '[Match]\nName=lan[01234]\n\n[Network]\nBridge=brlan\nBindCarrier=eth1\n' > /etc/systemd/network/lanX.network
# printf '[Match]\nName=eth1\n' > /etc/systemd/network/eth1.network
# systemctl enable --now systemd-networkd.service

You also might want to mask NetworkManager and/or ifupdown to not interfere with the above setup. And obviously you might want to add some more options to brlan.network to configure the addresses used there. See systemd.network(1).

23 Mar 2018 9:29pm GMT

Aigars Mahinovs: Automation of embedded development

I am wondering if there is a standard solution to a problem that I am facing. Say you are developing an embedded Debian Linux device. You want to have a "test farm" - a bunch of copies of your target hardware running a lot of tests, while the development is ongoing. For this to work automatically, your automation setup needs to have a way to fully re-flash the device, even if the image previously flashed to it does not boot. How would that be usually achieved?

I'd imagine some sort of option in the initial bootloader that would look at some hardware switch (that your test host could trip programmatically) and if that is set, then boot into a very minimal and very stable "emergency" Linux system, then you could ssh into that, mount the target partitions and rewrite their contents with the new image to be tested.

Are there ready-made solutions that do such a thing? Generically or even just for some specific development boards? Do people solve this problem in a completely different way? Was unable to find any good info online.

23 Mar 2018 1:35pm GMT

feedPlanet Grep

Xavier Mertens: [SANS ISC] Extending Hunting Capabilities in Your Network

I published the following diary on isc.sans.org: "Extending Hunting Capabilities in Your Network":

Today's diary is an extension to the one I posted yesterday about hunting for malicious files crossing your network. Searching for new IOCs is nice but there are risks of missing important pieces of information! Indeed, the first recipe could miss some malicious files in the following scenarios… [Read more]

[The post [SANS ISC] Extending Hunting Capabilities in Your Network has been first published on /dev/random]

23 Mar 2018 11:46am GMT

feedPlanet Debian

Renata D'Avila: Pushing a commit to a different repo

Photo taken from the top of a hill, overlooking light green ocean beaches

View from the Barra-Galheta beach trail, in Florianopolis, Brazil

My Outreachy internship with Debian is over. I'm still going to write an article about it, to let everyone know what I worked on towards the ending, but I simply didn't have the time yet to sit down and compile all the information.

As you might or might not have noticed, right after my last Outreachy activity, I sort of took a week off in the beach. \o/

Renata's picture, a white woman sitting on the grass, overlooking the beach below. She pets a brown stray that sits next to her

Mila, a cute stray dog that accompanied us during a whole trail

For the past weeks, I've also been involved in the organization of three events (one of them was a Debian Women meeting in Curitiba that took place two Saturdays ago and another one is Django Girls Porto Alegre, which starts tonight). Because of this last one, I was reviewing their Brazilian Portuguese tutorial and adding some small fixes to the language. After all, we are talking to women who read the tutorial during the workshop, so why all the mentions to programmers and hackers and such should mention the male counterpart in Portuguese? Women program, too!

When I was going to commit my fixes, though, I got an error:

remote: error: GH006: Protected branch update failed for refs/heads/master.
To https://github.com/DjangoGirls/tutorial
! [remote rejected]   master -> master (protected branch hook declined)


Yup, as it so happens more often than not, I forgot to fork the repository before starting to change the files! I just did 'git clone' straight to Django Girls' tutorial repository. But, since I had already done all the steps towards the commit, what could I do to avoid losing the changes? Could I just push this commit to another repository of my own and try and open a Pull Request to DjangoGirls/tutorial?

Of course I had to go and search for that. Isn't that what all programmers do? Go and find someone else who already had the same problem they have to try and find a solution?

Quick guide to the solution I've found:

[master 4d314550] Small fixes for pt-br version

The branch is: master

The id is: 4d314550

git push URL_FOR_THE_NEW_REPO commit_id:branch

Example with my repo:

git push https://github.com/rsip22/tutorial 4d314550:master

And this was yet another article for future reference.

23 Mar 2018 3:49am GMT

22 Mar 2018

feedPlanet Grep

Johan Van de Wauw: Easily testing the latest version of GDAL

GDAL is one of the cornerstones of the open source geospatial stack (and actually of many of the proprietary systems as well).
If you want to use or test the latest features this can be done quite easily by setting a few environment variables:

I save this commands in a file new_gdal.sh. After running

source new_gdal.sh

You will be able to use all the latest gdal tools.

johan@x1:~$ source ~/latest_gdal.sh 
johan@x1:~$ gdalinfo --version
GDAL 2.3.0dev, released 2017/99/99

Actually if you use this command, also tools dynamically linked to gdal will be using this latest version.

johan@x1:~$ saga_cmd io_gdal

##### ## ##### ##
### ### ## ###
### # ## ## #### # ##
### ##### ## # #####
##### # ## ##### # ##

SAGA Version: 6.4.0

Library: GDAL/OGR
Category: Import/Export
File: /usr/local/lib/saga/libio_gdal.so
Interface to Frank Warmerdam's Geospatial Data Abstraction Library (GDAL).
Version 2.3.0dev

Note that this will work well for packages dynamically linked to the C api. If packages are linked to the C++ api, they may need recompilation.

If you are on windows, you could have a look at SDKShell.bat (part of the builds from Tamas Szekeres).

Note: I actually wrote this blogpost because in his presentation on FOSDEM Jeremy Mayeres recommended using Docker for using the latest version of GDAL. I think that solution is overkill for desktop usage, and using environment variables is easier.

22 Mar 2018 4:17pm GMT

Xavier Mertens: [SANS ISC] Automatic Hunting for Malicious Files Crossing your Network

I published the following diary on isc.sans.org: "Automatic Hunting for Malicious Files Crossing your Network":

If classic security controls remain mandatory (antivirus, IDS, etc), it is always useful to increase your capacity to detect suspicious activities occurring in your networks.

Here is a quick recipe that I'm using to detect malicious files crossing my networks. The different components are… [Read more]

[The post [SANS ISC] Automatic Hunting for Malicious Files Crossing your Network has been first published on /dev/random]

22 Mar 2018 11:42am GMT

08 Nov 2011

feedfosdem - Google Blog Search

papupapu39 (papupapu39)'s status on Tuesday, 08-Nov-11 00:28 ...

papupapu39 · http://identi.ca/url/56409795 #fosdem #freeknowledge #usamabinladen · about a day ago from web. Help · About · FAQ · TOS · Privacy · Source · Version · Contact. Identi.ca is a microblogging service brought to you by Status.net. ...

08 Nov 2011 12:28am GMT

05 Nov 2011

feedfosdem - Google Blog Search

Write and Submit your first Linux kernel Patch | HowLinux.Tk ...

FOSDEM (Free and Open Source Development European Meeting) is a European event centered around Free and Open Source software development. It is aimed at developers and all interested in the Free and Open Source news in the world. ...

05 Nov 2011 1:19am GMT

03 Nov 2011

feedfosdem - Google Blog Search

Silicon Valley Linux Users Group – Kernel Walkthrough | Digital Tux

FOSDEM (Free and Open Source Development European Meeting) is a European event centered around Free and Open Source software development. It is aimed at developers and all interested in the Free and Open Source news in the ...

03 Nov 2011 3:45pm GMT

26 Jul 2008

feedFOSDEM - Free and Open Source Software Developers' European Meeting

Update your RSS link

If you see this message in your RSS reader, please correct your RSS link to the following URL: http://fosdem.org/rss.xml.

26 Jul 2008 5:55am GMT

25 Jul 2008

feedFOSDEM - Free and Open Source Software Developers' European Meeting

Archive of FOSDEM 2008

These pages have been archived.
For information about the latest FOSDEM edition please check this url: http://fosdem.org

25 Jul 2008 4:43pm GMT

09 Mar 2008

feedFOSDEM - Free and Open Source Software Developers' European Meeting

Slides and videos online

Two weeks after FOSDEM and we are proud to publish most of the slides and videos from this year's edition.

All of the material from the Lightning Talks has been put online. We are still missing some slides and videos from the Main Tracks but we are working hard on getting those completed too.

We would like to thank our mirrors: HEAnet (IE) and Unixheads (US) for hosting our videos, and NamurLUG for quick recording and encoding.

The videos from the Janson room were live-streamed during the event and are also online on the Linux Magazin site.

We are having some synchronisation issues with Belnet (BE) at the moment. We're working to sort these out.

09 Mar 2008 3:12pm GMT