UK Linux User Groups

Thanks to infernix who contributed this tip on how to use libguestfs to access Ceph (and in theory, sheepdog, gluster, iscsi and more) devices.

If you apply this small patch to libguestfs you can use these distributed filesystems straight away by doing:

$ guestfish ><fs> set-attach-method appliance ><fs> add-drive /dev/null ><fs> config -set drive.hd0.file=rbd:pool/volume ><fs> run

… followed by usual guestfish commands.

This is a temporary hack, until we properly model Ceph (etc) through the libguestfs stable API. Nevertheless it works as follows:

1. The add-drive /dev/null adds a drive, known to libguestfs.
2. Implicitly this means that libguestfs adds a -drive option when it runs qemu.
3. The custom qemu -set drive.hd0.file=... parameter modifies the preceding -drive option added by libguestfs so that the file is changed from /dev/null to whatever you want. In this case, to a Ceph rbd:... path.

At long last, Blizzard has unleashed the next chapter of StarCraft, with the release of StarCraft II: Heart of the Swarm (959 days since StarCraft II: Wings of Liberty, and not a day too soon).

As I was slightly disorganised, I only got around to buying it last night, when I hopped onto amazon.co.uk and ordered the physical media. It cost me £26, with free expedited delivery (hurrah for Amazon Prime).

In preparation, I logged in to battle.net, and was horrified to see the “Upgrade now!” button in the middle of the screen. Maybe I could have got a digital copy earlier, and paid less money? Not so much … Blizzard are charging £32.99 for an online upgrade, a premium of £6.99 over the physical media that Amazon are shipping to me:

I guess those download servers are expensive to run?

Curious, I decided to compare prices elsewhere. Asda, Game, PC World, Play, Sainsburys, Tesco, who will be cheapest? Here’s what I found:

• Asda: £26.97
• Game: £27.99
• PC World: £26.99
• Play: £27.89
• Sainsburys: £25.99 (+50 nectar points, worth ~ 25p)
• Tesco: £26

And the kick in the teeth? Amazon are now selling it for £25.27, a whole 73 pence cheaper than just 12 hours ago when I bought it for £26:

So the cheapest is still Amazon (leveraging their offshore “we pay no taxes” advantage to beat “every little helps“?), and the most expensive (other than Blizzard’s digital upgrade) was Game. Are we surprised that Game is a struggling retailer, that halved in size last year? The mean purchase price: £26.64 … so I guess my hasty purchase last night was still a bargain.

Right, it’s time to go and wait impatiently beside the letterbox.

 

Hi,

https://nazar.karan.org/ services are going to be partially down as I migrate services over to a faster, more memory, lesser power consuming, many more cores machine. Everything should be back to production by midday Mar 12th, 2013. Services impacted include:

• git repos
• Reimzul's irc interface
• Alt.Bsys triggers

There is a backup instance running, so if anyone needs to get to some specific data in a rush, ping me on irc and we can get access setup.

- KB

A couple of weeks ago I saw Katy Manning in a tour of Agatha Christie’s “A Murder is Announced.” It’s a very traditional production: A single set and a cast of eleven, with scene changes covered by blackouts and music. Unusual in this day and age, but pleasant for it. Katy portrayed the central character of the piece and delivered a strong, confident performance. Some of the other cast members appeared to be playing well out of their age range: One character supposedly in her dotage was clearly played by a much younger actress (though Katy corrected me later on that point), and Dean Gaffney playing a student was stretching credulity somewhat! Overall the production was enjoyable and it was great to see Katy in action.

This weekend was the third of the BFI’s monthly Doctor Who screenings. “The Mind of Evil” was shown in colour for the first time in forty-two years in the UK, following a painstaking colour recovery process. I am even more convinced now that Doctor Who is at its best when watched with five hundred other fans in a cinema! The humour (intentional and otherwise) is emphasised, the action enhanced and the performances sparkle.

The panel afterwards comprised Timothy Combe (director), Terrance Dicks (script editor), Richard Franklin (Mike Yates), John Levene (Sgt. Benton) and, that’s right, Katy Manning (Jo Grant). The panel had a great energy, with several very vocal contributors.

Once again, James from The Doctor Who Podcast recorded our thoughts after the screening, which will be available from their Facebook page soon. (You can still download February’s “Tomb of the Cybermen” special episode.)

Finally, a massive thank you to everyone who responded to last week’s blog post. It’s been touching seeing some familiar names on the Sam Shaw Appeal page. The appeal has nearly reached 3% of the target. It’s a big target and that 3% represents an amazing contribution from a lot of people in a short time. Please give something if you can.

Pin It

Watched “Intouchables” last night. Absolutely brilliant movie; thoroughly recommended: imdb.com/title/tt167543…

Free download of @jonathanstark‘s PhoneGap training module available for a limited time bit.ly/PlV7iH

I’m getting bored of the number of media outlets who are taking the slightest of comments that someone makes about the upcoming Doctor Who anniversary special and spinning it into a story packed full of completely unsubstantiated nonsense. Headlines like “No Doctors To Return For 50th Special” which, when you read them turn out to be based on the fact that Colin Baker hasn’t had a phone call from Steven Moffat.

Obviously it’s good for the show that it gets all of this publicity and I don’t, for one second, expect the production team to do anything to put a stop to it. They’ll tell us what they want us to know when they want us to know it. Not a moment sooner.

But in the meantime, anyone who has ever appeared in Doctor Who has to watch what they say for fear of it being overhead by a tabloid journalist and being used to reinforce what ever story the journalist wants to write.

In an attempt to counter this, I’ve set up whonews.tv. The plan is that I’ll read these stories, extract the actual facts that they are based on and explain what we can actually believe based on those facts. Forensic analysis of entertainment news, I suppose.

I’ve also got a page where I list the best current information we have about what is actually happening for the show’s 50th anniversary. I’ll try to keep that up to date as more details emerge over the coming months.

Oh, and there’s at Twitter account too – WhoNews50. You might want to follow that.

Let me know if you find it useful.

Related Posts:

• Doctor Who Series 7
• Watching the Press – Notes
• Web Site Links
• Gullible
• Neil Gaiman Explains Doctor Who

Heheh yellow snow #infanthumour RT @metofficeSEEng: Yellow Alert of Snow for London & South East England : Wed 13 Mar bit.ly/14JhoJ1

I've been a fan of nullmailer for some years now, so much so that I took ownership of the nullmailer package for Arch Linux.

> nullmailer is a sendmail/qmail/etc replacement MTA for hosts which > relay to a fixed set of smart relays. It is designed to be simple to > configure, secure, and easily extendable.

The other advantage nullmailer has compared to similar tools is that is queues email until it is able to deliver it upstream.

Install nullmailer as follows.

packer -S --noedit --noconfirm nullmailer

Configuring nullmailer to relay via Gmail can be achieved using SMTPS or MSA. nullmailer has had these capabilies since 1.10. The following provides some useful clues /usr/lib/nullmailer/smtp --help.

While these examples are specific to relaying via Gmail, you can sse it is trivial to adapt them to any other mail host.

Relay via Gmail using MSA

Add to following to /etc/nullmailer/remotes. I prefer this technique.

smtp.gmail.com smtp --port=587 --auth-login --user=you@gmail.com --pass=Yourpassword --starttls Relay via Gmail using SMTPS

Add to following to /etc/nullmailer/remotes.

smtp.gmail.com smtp --port=465 --auth-login --user=you@gmail.com --pass=Yourpassword --ssl

Once you've got /etc/nullmailer/remotes configured start the nullmailer service.

sudo systemctl start nullmailer

To test nullmailer can relay email correctly do the following.

echo "Test 1" | mailx -s "Test One" me@example.org

You can see what nullmailer is up to by checking the systemd journal or syslog (if you've syslog enabled systemd). This is how to get the logs from the systemd journal.

journalctl _SYSTEMD_UNIT=nullmailer.service

Or via syslog.

sudo grep nullmailer /var/log/daemon.log

When you're happy nullmailer is working enable the systemd unit.

sudo systemctl enable nullmailer

Email will now flow as required.

Jetlazzzzzzzzzzzzzzzzzz

Dear @HBO: please let me give you money (say ~ £30) for digital Game of Thrones. I don’t want physical media. I want to watch on TV & iPad.

Start: 2013-03-09 11:00 End: 2013-03-09 17:00

This month we are at LiNCORE offices (part of the ReigateHub) in Reigate on 9th March. Our thanks go to Jay Bennie for hosting us.

Bring a 'box', bring a notebook/netbook, bring anything that might run Linux, or just bring yourself and enjoy socialising, learning, teaching or simply chilling out!

New members are very welcome. We're not a cliquey bunch, so you won't feel out of place! Usually between 15 and 30 people come along.

While migrating one of my VPS servers to Arch Linux I deployed Uncomplicated Firewall (UFW) to handle basic firewalling duties. I like ufw as it provides simple host-based firewall management and, in my opinion, one of the better projects to come out of the Ubuntu camp.

Install ufw as follows.

sudo pacman -Syy -noconfirm --needed ufw

Configuring ufw is simple but make sure you have console access to the host you are configuring just in case you lock yourself out.

NOTE! When enabling ufw the chains are flushed and connections may be dropped. You can add rules to the firewall before enabling it however, so if you are testing ufw on a remote machine it is recommended you perform...

ufw allow ssh/tcp

...before running sudo ufw enable. Once the firewall is enabled, adding and removing rules will not flush the firewall, although modifying an existing rule will.

Set the default behaviour to deny all incoming connections.

sudo ufw default deny

Open up TCP port 22 but with rate limiting enabled which will deny connections from an IP address that has attempted to initiate 6 or more connections in the last 30 seconds. Ideal for protecting sshd but you should conisder other SSH brute force defense techniques as well.

sudo ufw limit tcp/22

I'm hosting a few websites on my VPS so I open http and https.

sudo ufw allow 80/tcp sudo ufw allow 443/tcp

I have a static IP address at home so I allow unfiltered access to the VPS from that IP. I've used a bogus IP address in the example below.

sudo ufw allow from 10.0.0.0/32

Enable the ufw systemd unit.

sudo systemctl enable ufw sudo systemctl start ufw

However, ufw is not enabled at this point. To enable the firewall you also have to do the following.

sudo ufw enable

You can see the status of the firewall using sudo ufw status.

On low-end servers it might be beneficial to disable logging.

sudo ufw logging off

At this point you should have a basic firewall configured and ufw help or the references below will assist you.

References

• https://wiki.archlinux.org/index.php/Uncomplicated_Firewall
• https://wiki.ubuntu.com/UncomplicatedFirewall
• https://launchpad.net/ufw

Impatient to get home! (@ Gate E20) 4sq.com/ZmKrPo

Collective Motion of Moshers at Heavy Metal Concerts. I love that this exists. j.mp/XY4ZAY via Danny Yee’s blog.

I've decide to migrate one of my servers to Arch Linux. I'm not sure that a rolling release distro really suits servers but I've enjoyed using Arch Linux over the last year on my workstations and the only way to assess it's suitability on a server is to try it. So, I've decide to migrate my blog to an Arch Linux server.

This blog post describes how to install Nikola on Arch Linux. Nikola is a static site and blog generator written in Python that I've been using for a few months.

First you'll need Python and virtualenvwrapper so read my Python and virtualenv on Arch Linux and Ubuntu blog post and get yourself equiped.

Install the Nikola 5.4.2 dependencies.

sudo pacman -S --noconfirm --needed freetype2 libxslt libxml2 sudo packer -S --noconfirm --noedit libjpeg6

Create a virtualenv for Nikola.

mkvirtualenv -p python2.7 --use-distribute nikola-542

You will notice your shell prompt has changed to indicate that the nikola-542 virtualenv is now active. Install Nikola and the optional libraries I use.

pip install http://nikola-generator.googlecode.com/files/nikola-5.4.2.zip pip install bbcode markdown requests webassets peewee feedparser

Nikola is now installed. nikola help and the Nikola Handbook will assist you from here on.