MontanaLinux: Using Fedora 21 (pre-beta)


Fedora 21 pre-beta LightDMFedora 21 pre-beta LightDMI've been following the development of Fedora 21 since a little before the alpha release. Getting my MontanaLinux remix to build was actually quite easy and the fact that rpmfusion has a rawhide repo means all of the multimedia codecs / applications were good to go as well. I've done few dozen installs as KVM virtual machines and thought it was time to try physical hardware.

Hardware Problems?

First I installed it on my Acer netbook that is 32-bit only and about 5 years old now. The battery in it is shot and smartd has been telling me for over a year that the hard drive has been getting more and more bad sectors... which is a fairly good indicator that the hard drive is going bad. Doing the install from a LiveUSB it took a while because the installer was finding some of the bad spots on the drive. For whatever reason during the install the progress bar immediately said 100% and I knew that was wrong... so I kept switching over to a text console to periodically do a df -h to see how much had been written to the hard drive. Oddly whenever I'd switch over to the text console, the green illuminated power button would go amber and the screen would go blank... which to me meant it was suspending to RAM or something. At that point I'd have to hit a few keys on the keyboard and it would wake back up. For whatever reason it did this at least a dozen times during the install. I really wasn't expecting a good install given the flaws in my hardware and how they were manifesting themselves during the install process... but being patient paid off... and it actually was successful... and seems be working just fine post-install.

Installing it on my Optiplex 9010 desktop at work was also more complicated than I was expecting. For whatever reason (maybe a BIOS setting?) I could NOT get my machine too display the bootloader menu from a LiveUSB although other Dell models at work seemed to work fine. So I burned a DVD with the burner in the Optiplex 9010. Oddly the same drive that wrote the DVD seems unable to read it about 19 out of 20 tries. That meant that I couldn't get it to boot from the DVD either. I finally decided to try something different... and I got an external / USB optical drive and plugged it into the USB port and I was able to get it to successfully read the DVD and the bootloader to appear. With a functioning bootloader I was able to boot the DVD and the live system worked great... and the installer went flawlessly.

Fedora 21 pre-beta actually seems quite stable. As you may recall I have all of the desktop environments installed as part of my remix so I can check them all out... but I primarily use KDE. On both of my machines I have /home as a separate partition so my personal data is retained across installs. I also backup /etc and /root to /home/backups/ so any of my previous configurations (stuff like ssh keys) can be retrieved and used if desired.

Some Notes

I picked lightdm as the default login manager. In the past I've mainly used kdm but KDE is in the process of transitioning to sddm which seems a bit buggy still.

One of the main features in Fedora 21 I'm wanting to play with actually is provided by the rpmfusion repos... ffmpeg 2.3.3. I'm wanting to do some testing with the newer ffmpeg that does a reasonable job at webm encoding with vp9 and opus. I'd also like to try out GNOME 3 under the Wayland display server... which is supposedly working fairly well in Fedora 21... but I haven't tried it yet.

One weird glitch I ran into was with the Google-provided google-chrome-stable package. I'm not much of a Google Chrome user but I do occasionally use it for (legacy) sites that require Adobe Flash. I use Firefox the vast majority of the time... but I've decided to no longer install the Adobe provided flash-plugin package (at version 11.x). As you probably know Google has taken over maintenance of newer Flash versions (currently 15.x) on Linux and include it as part of Google Chrome. As a result, whenever there is a Flash update from Adobe, there is a Google Chrome update that soon follows. Anyway, very early in the Fedora 21 development cycle (pre-alpha), the Google Chrome package refused to install because Fedora 21 had a much newer version of some library (I don't recall which one) and it wanted the older version. A few Google Chrome package updates later... and it is happy with regards to dependencies... but installing it with rpm... it gets stuck on the post-install and just sits there. I had to ^c rpm (which you generally don't want to do) because it wasn't going to finish... and just to be safe I did an rpm --rebuilddb and everything seems fine. The google-chrome-stable package verifies just fine (rpm -V google-chrome-stable) and the package works as expected.


Overall everything I've tried works fine. I like to get started with new Fedora releases as early as possible in the development cycle so I can help report any bugs I find (in Fedora provided packages) and be up-to-speed with all of the new features on release day so I can deploy to other machines immediately. I've been doing it that way for several releases now. I do really appreciate all of the work the Fedora developers put into each release.

Video: Q & A with Linus Torvalds at DebConf Portland 2014

| |

We watched this last night at the BozemanLUG meeting. I believe it was recorded last Sunday (August 31st) at the DebConf Portland 2014 event so Linus is talking to a room full of Debian true believers. This is one of the more interesting Question and Answer sessions I've seen with Linus because in it he goes into quite a few controversial topics. On a few occasions he crosses over the line and realizes it and has to walk some stuff back. Is there anyone who agrees with Linus on everything? If so, I'm not one of those people. There are about 4 or 5 things he talks about in the video that I'm on the other side of but I won't bore everyone with what those might be. I didn't go with VP9/OPUS for this one so it is webm with VP8/OGG inside. Enjoy!

Video: LinuxCon Chicaco 2014 - Linux Kernel Panel

| | | |

Here's the Linux Kernel Panel from a couple of days ago... at LinuxCon Chicago 2014

It was re-encoded in webm format with vp9 / opus and is very low bandwidth... 200kbit video and 96kbit audio. The source material wasn't HD so it really isn't a good example of what vp9/opus can do but it ain't bad. Enjoy.

Video: TedX talk - Richard Stallman

| | | |

I ran across this video recently of Richard Stallman giving a TedX talk on our favorite subject. To spice things up a bit I took the original HD version I had (in ogg format) and re-encoded it with ffmpeg 2.3.2 running on Fedora 21 pre-alpha. I've been re-encoding everything to webm for several years now but finally I can do the newer flavor of webm that uses VP9 as the video codec and OPUS as the audio codec. Oddly on my Fedora 20 desktop none of my standalone media players will play the file. Some will play just the audio, others will play just the video. On Fedora 21 the players do a better job.

How can you view it? Well, vp9/opus in a webm container have been supported by both Firefox and Google Chrome for several releases now... so enjoy it in your web browser. You are using one of those, right? I prefer Firefox because I like freedom rather than an advertising company trying to make products that help themselves out. Enjoy!

Video: Fedora mentioned on TNT's Major Crimes series


I ran across this on Monday night. Anyone else watch Major Crimes? Enjoy!

Off-Topic: Lawrence Lessig and the May Day PAC

| | |

If you are a lover of FLOSS like me you are surely aware of Lawrence Lessig... for one or more of the campaigns he has been involved with. NPR had a segment about the progress of the May Day PAC. Enjoy!

20140729_atc_lessig.ogg (1.6MB 3:54)

Off-Topic: NPR All Things Considered segment about ICBMs


As some may know, in my youth I enlisted in the United States Air Force for four years. I also did 6 years in the Montana Air National Guard. These days I look like a long-haired hippy. I came to Montana in 1986 when I was stationed at Malmstrom AFB and my career field was Electro-Mechanical Team (EMT) which was basically maintenance of the Minuteman 2 & 3 ICBM program's Launch Control Facility and Launch Facility command and control electronics. I never actually dispatched to any LF nor LCF sites because I got a job in an office that issues maintenance equipment and vehicles to those who do. It was the VECB... Vehicle and Equipment Control Branch. Enough about me.

Anyway, I ran across this segment on NPR's All Things Considered yesterday and really enjoyed it so I thought I'd share. It's in Ogg Vorbis format and should play in a compatible browser. Download link included for those with standalone media players.

20140729_atc_welcome_to_the_nuclear_command_bunker.ogg (3.1MB 7:36)

Here's these second part of the series released today:

20140730_atc_should_america_keep_its_aging_nuclear_missiles.ogg (2.2MB 5:16)

Getting the CCISS RAID controller to work on EL7

| |

As you may have gathered, I really like RHEL 7 and its clones. I have run into one problem though. In Chapter 24 of the RHEL 7 Release Notes they enumerate quite a bit of hardware that they have dropped support for. Included are about 3 pages of RAID controllers and some NICs. I have a few HP Proliant DL380 G5 servers at work that have the HP Smart Array P400 RAID Controller in them and they are no longer officially supported with the release of RHEL 7.0. They work just fine with RHEL 5 and RHEL 6. HP actually has drivers that they provide for RHEL 5 and RHEL 6 but almost no one uses them because the hardware just worked with the stock RHEL kernels. Since the G5 machines (that's generation 5 not PowerPC G5) are 6 or 7 years old now, HP has stopped providing firmeware updates nor will they be providing drivers for newer Linux distros.

Just to verify, I booted one of the servers with the RHEL 7 install DVD and nope... it says there are no hard disks available. :(

The devs over at ElRepo have saved my day. I filed a request for enhancement (RFE) in their Mantis bug tracker system asking if they could build the CCISS driver package for the EL7 kernel. I had an answer within a hour or two... and a test package within a couple of hours. If you aren't familiar with ElRepo, they are a fairly popular third-party repo for EL. Not quite as popular as the Fedora Project's EPEL repo though. One thing ElRepo specializes in is drivers.

I do recommend staying away from third-party repos and drivers as much as possible but given the fact that the stock RHEL 7 installer says my servers have no hard drives I was stuck. If you don't have any hard drives, you can't do an install. I have never had to use a driver disk with the RHEL installer but I guess such things exist. Not being familiar with them, I just took the kmod-cciss package the ElRepo dev built, copied it to my local repository, added it to the package list of my CentOS LiveDVD kickstart file. Then I used livecd-creator to build a LiveDVD. My personal respin includes GNOME, KDE, Firefox, LibreOffice, GIMP, Inkscape, virt-manager, SPICE, etc... and now the ElRepo kmod-cciss package as well. After building the ISO I burned it to DVD and booted a problem server with it. Bingo, EL7 sees the controller and the disks attached to it now.

Not having used third-party drivers much in the past I was fairly ignorant about them. There are kmod, akmod, and dkms type driver packages. Do you know the differences between them? I mean with something as important to the operation of the system as RAID controller that presents all disks to the system... you don't want it breaking when you upgrade the kernel, right? It is my understanding that kmod-based packages aren't tired to a specific build of the kernel. So the kmod-cciss package I got from ElRepo should (in theory) work with every kernel update for EL 7.0 that comes out. When EL 7.1 comes out, it'll probably be a slightly different branch... and before trying to switch to future 7.1 kernels, I'd probably need to update the kmod-cciss package... or at least that is my understanding.

Anyway, so far it is working great. We'll see if I have any regrets as time goes by. I will definitely take care to be very aware of when kernel updates get installed and always keep a known-to-work kernel around just in case.

Video: Docker Container Security

| |

Red Hat's Dan Walsh is *THE* SELinux expert. He gave a presentation on Docker container security at the recent DockerCon 14. If you have any interest in containers or Docker, this is probably worth viewing. Enjoy!

Opinion: Is online privacy lost? Forever?


I have a Barnes & Noble Nook HD+ Android-based tablet. I put a fairly recent version of CyanogenMod on it. I mainly bought it because it has fairly nice hardware specs at a fairly low price even if it is missing some features. I bought it because I felt that as an IT person that I must keep up with mobile technology and software. I sit at a computer all day at work. I have a desktop at home that I use a lot even if I'm not sitting directly in front of it. I have a netbook and I frequently use a more powerful laptop from work. I'm not really mobile very often... except when I'm either in the car or on the Streamline bus to/from work. I don't want to pay for multiple Internet access services so I don't have a data plan nor a cell phone.

What Privacy? - Another aspect of mobile devices is the software environments they run and how there is virtually no privacy offered by them. Again, I'm not really a privacy nut. No, no, really. I have my tablet that I don't use much... but I turn it on periodically so it can update a dozen or more apps. Every once in a while one or more of the apps will not auto-update because they are wanting to change their permissions. Take today for example. I charged up the tablet, turned it on... and 15 apps updated but the 16th one needed approval. It was the Google Search app... which is very much a core program provided by Google with Android. It wanted the following permissions:

1) Device and App history, 2) Identity, 3) Contacts/Calendar, 4) Location, 5) SMS, 6) Phone, 7) Photos/Media/Files, 8) Camera/Microphone, 9) Wi-Fi conneciton information, 10) Device ID and call information, and 11) Other

It turns out that Other is "Contacts data in Google accounts".

You'd think that Google would be a model citizen and an example for their third-party developers. Well they are, but in a bad way. Android created this whole permission ecosystem as a way for users to have more control over what gets shared with the software companies and their outside world. As time has passed it appears that almost no one cares what permissions an app asks for... they will grant whatever they ask for... because they want to use the application. In fact some wish the acceptance process was automated so they wouldn't even be asked.

The saying goes that some free-of-cost software (not to be confused with Free and Open Source Software) is paid for with privacy... and that is very much the truth. It is also true of much of the software people do pay for. The practical reality is that a large number of applications want access to everything just so they can have the data... not that they really need much of it to serve their application function.

Questions That Pop Into My Head - How much data is gathered on a mobile software environment user? How many overlapping, slightly different copies exist across the millions of servers around the world? How much of that data is being troved or intelligently processed for deriving additional information? How much of that is protected with reasonable use policies? How much is sold over and over again? How much of it is collected by governments either by them asking for it or them being a transmission man-in-the-middle? How many of the data collections have been hacked into by unauthorized third-parties who make their own copies or have continuous access? Yeah, lots of fairly intangible questions... that are just mind blowing and numbing at the same time.

Does I sound like I'm complaining? Does it do any good to complain? Sorry. :)

Divided and Conquered - Some people are completely oblivious to privacy concerns. Some people are somewhat aware but don't think there is anything they can do about it so they just live with it. Others think it is just the way things are and need to be if you want the benefits of intelligent software. How many don't even try to understand any of it because it is too darn complicated?

Rebels With A Cause - Yet... some... other people... are building different systems that seem to care about privacy. I saw a few blog posts on Fedora Planet today. One was entitled, Desktop Containers - The Way Forward. Another, Sandboxed applications for GNOME. And yet another, Project Atomic + Docker: A post-package world?. The main focus on those is using application containers to change how software is developed and distributed... but in the context of this blog post... how they can also provide application isolation which translates into better privacy.

Wow, someone seems to still care about privacy. Everything isn't lost... but then again... how successful will such projects be? ...and being on Linux, how much market penetration will they really get into the masses currently giving everything away with their mobile lives? I also have to wonder just how many of the developers of these projects are also mobile users giving away their own data?

Same As It Ever Was - Another sad thing about this is that the mobile world is really only following the pattern of the desktop world. Well, more precisely, the web browser world. While a web browser application on the desktop operating system may not be accessing all of the data from other programs and sharing it with the browser maker... be certain that the vast majority of web sites are trying to gather as much information about the user as possible. Tiny bits and pieces of content on each web page, most of it hosted on servers other than the one providing the main content, are analyzing the web browser environment to determine the best way to gather information. If the browser has "Do Not Track" features, then they are trying to find ways around that... and there are tons of ways. Various commercial data gathering services are busy sharing their bits with others' bits to correlate information to derive yet more information. They pretty much know what websites we visit, what files we download, what we search for... what we care about and don't care about... and some form of who we are. They don't really care about knowing us, they just want to use all the information to increase their bottom lines.

How different is desktop computing than mobile? A lot but not so much. And we just take it, don't we? Well, to some degree. There are tools out there. Some of them simple browser add-ons like AdBlock Plus, HTTPS Everywhere, Ghostery, etc... that help end users get some understanding of what is going on and offer a little better control on how they are being (ab)used. Then there is Tor, The Onion Router... and a few mini-home-router projects that are trying to make anonymity somewhat possible. And of course there are some in government who think that people who care about such things and use such products might have something to hide... and need even more scrutiny.

While I don't have (much) anything to hide, I don't like the idea of being bare naked for anyone wanting to have a peek. How about you?

What is the way forward? - Is privacy already gone forever with the war being lost... or are there still some battles that may determine better outcomes for a subset of the human population? I guess I'll just have to wait and see. In the mean time, I continue to fight off the little voice in my head that says I need a smart phone... and I try to learn more about and utilize some of the desktop tools that make me look suspicious. :) Oh, and I didn't even bring up... Ocial_Say Etworks_Nay, did I?

Syndicate content