I’ve started looking at the iptables function within the Linux kernel, and found out, that with a bit of tinkering, you can use the IBLOCK lists to do a machine-wide block based on IP. You use pipes (gotta love ‘em) to route them into ipset which allows you to create a set of IP addresses/ranges which then reference in the iptables. You can use wget or curl. If you use wget, you might need to use the quiet switch. You can use xargs to multi-download lists and concatenate. I’m tinkering with my download script at the moment.
First, create the set. Here, I have used a high maxelem number because I use a lot of IBLOCK’s lists. The “maxelem 1048576” can be omitted or the number reduced if you are only using one or a small number of IBLOCK lists.
ipset create IBLOCK hash:net maxelem 1048576
Second, download and add to the set if it doesn’t already exist. You can chain multiple lists into the wget or use xargs. For this example, I’m only using one.
Finally, add rules into the iptables to drop package to and from IP addresses that exist in the set. This means that packets coming in from external IPs that match IP addresses in the set will not be answered.
iptables -I INPUT -m set --match-set IBLOCK src -j DROP
iptables -I OUTPUT -m set --match-set IBLOCK dst -j DROP
When I tried this with my IBLOCK download script, it seemed to kill TOR functionality as well, which I suspect means that IBLOCK have included the TOR IP range in one or more of their lists, so I’ll need to determine which one(s) they are and exclude them, as I do use TOR actively.
As with most things, there’s more than one way to do this, and this is one of many ways you could implement blocking behaviour.
If the result line contains “mem”, you can use this to suspend to RAM:
sudo pm-suspend
If the result line contains “disk”, you can also use this to suspend to disk (hibernate):
sudo pm-hibernate
If you have both results, you can use this to suspend with a hibernate backup. In other words, your system will prepare for hibernation, but only suspend, not turn off. This will use a bit of power, but means that it’s faster to resume, and if your battery runs out, it’ll use the hibernate image as backup.
sudo pm-suspend-hybrid
You can pipe the hibernation into a timed job using the at command. This will hibernate in one hour from now
echo ‘pm-hibernate’ | sudo at now + 60 minutes
And you can confirm the job is present:
sudo at -l
10 Wed Jan 1 12:38:00 2014 a root
Suspend/Hibernate requires root access, hence the reason I did sudo before the at command
Had my first encounter of Linux, or specifically, a linux-like environment in a corporate environment. The IT peops were trying to setup an environment on Xenserver, and they had setup a storage space to copy a virtual machine image onto. But they kept running out of space. It took me a while to figure out what they were doing (wrong), though.
They were trying to copy onto the PV partition, and Xenserver had setup its environment to use LVM, so the PV partition was already allocated to the LVM system, and therefore had no space to copy onto.
After figuring out which LV was the one they wanted to use, I had problems mounting, with mount saying I had to specify the filesystem. After trying various switches with mount and specifying a filesystem (only NFS, ext, ext2 and ext3 were supported by Xenserver. No vfat, ntfs or btrfs. Admittedly, however, the Xenserver version the IT people were using was an older version), I soon found out that the IT people had created the storage space, but not done anything else. Therefore, that would explain why I couldn’t mount it – it hadn’t been formatted. So a simple mkfs.ext3 (remember ext4 wasn’t supported) on the block device in /dev/mapper/ meant I could mount it without specifying filesystem. scp’ing into the server and copying into the path proved it worked.
I’ve finished studying for the first of two exams for the LPIC-1 certification, and I have found some exam questions (about 600 of them), and have started to go through them.
The first thing that struck me about these questions is either I’ve not been studying all the topics, or some topics have been removed out of the exam. For example, some of the questions reference LILO, but according to the LPI page on the 101 exam, there’s no mention of LILO (but there is mention of Grub 2 and Grub Legacy). Then again LILO and Grub Legacy are quite limited by today’s standards, so it could be that they really are removed out of the exam. Guess I’ll have to take that chance.
Had a very eventful weekend, and my entire Sunday was taking up trying to figure out a weird symptom on my linux installation.
In the weeks leading up to today, I used to get strange behaviour from my Fedora box. The behaviour resulting in an error being detected by the ABRT tool, regarding a null reference. Sunday, my laptop conked out and refused to startup. I tried reinstalling Fedora, Debian, Mint, openSUSE, and even OpenMandriva – none of them could complete the installation. They either failed with error part way through, or hung completely.
I decided to try installing Windows XP over everything. That failed with an IRQ LESS THAN OR EQUAL TO blue screen. Then I tried Windows 7. That installation succeeded, and I started running updates. Then it blue screened me again. This time MEMORY_MANAGEMENT was the message. Hmmm. So, could it be that one of my memory chips was dodgy? That would account for why it was intermittent. I have 2x 2GB chips in my laptop, so I took both out and rebooted. No splash screen. Good. That’s expected.
Put in one of the chips. Booted, BIOS showed 2GB. Good, that’s OK.
Took it out and put in the other 2GB. No splash screen. Looks like that’s the dodgy one. I dug out my 1GB from when I got my laptop originally, and put that back into the other slot, so I get a 3GB installation. Checked boot. Splash screen displayed. Good. So I then ran a BIOS memory check, and all 3GB passed.
So then I decided, maybe I should try doing a restore, in case the dodgy memory was the cause of my failure to restore previously. It worked fine, so now I’m back up with my previous setup. :D
I’ve been running with Ubuntu on my desktop for a long time, even after upgrading it to 4GB RAM (it’s a really old PC). Nonetheless, Lubuntu (which is Ubuntu with LXDE) prompted me to upgrade from Raring to Saucy. I did, and as with all Ubuntu upgrades, it took absolutely ages to complete. But after a reboot, I noticed the login screen is now identical to the LXDE login screen of my Fedora box (which is also using LXDE). This is good and bad – good in that it gives users a consistent login experience regardless of distribution, but bad in the sense that the identity of Ubuntu has been slightly lost.
I passed the Linux Essentials exam, so should get the certificate in the post in the next few days. Then at least I can add it to my LinkedIn profile. Next step, LPIC-1 :)
Here’s my confirmation of passing (blanked for obvious reasons). The only thing I have trouble with was Security and File Permissions. It would be nice to know WHICH questions I got wrong so I can target specifically my revision….
I’m going to make the leap and go for my first Linux Exam this week. I’m taking the introductory exam - the Linux Essentials exam. Whilst not a mandatory requirement for the main LPIC certification, it is a recommended one. And it can’t hurt knowing more than needed. Besides, I’ve already booked a proper training (seminar/group) week next year for the LPIC-1 course. I’ll probably book the LPIC-2 course too, whilst I can still afford it. :-\
I tried to install OpenSUSE on my laptop again today, and again it came up with the error about the boot partition. So perhaps I’ll have to tweak the boot partition size the next time I try this.
Instead, I installed Fedora 19, and that went fine - no issues with installing. Next I need to update it.
I tried to install OpenSUSE today using the Network Installer. Some interesting things happened.
When installing via a Network Installer, you would expect the latest versions of packages to be used. Evidently not. I did this, and when the installer did the update (which I would expect to be quick since there's nothing to update), it took an extra 30 minutes to apply hundreds of DRPMs.
Whilst doing the update, the installer flagged up the fact that I had run out of space on my boot partition -- so the boot partition I had just created via the installer, using values the installer decided upon by itself, has now been clogged up DURING the install. Needless to say, the next thing I did was roll back to my previous Clonezilla image.
This isn't going to discourage me, though, I do want to try out OpenSUSE properly, so I think what I'll try next time, is run the installer from the CD instead of the netinstall and keep my software choices minimal until after the install is complete.
Well, I tried to install Fedora 19 on my desktop, which previously had Fedora 18 (Spherical Cow) and ran fine. Bizarrely, Fedora 19 doesn’t like my graphics card it seems and even after booting the install after using VNC, it doesn’t come up with a graphical environment, even though I had LXDE as my desktop.
It would seem Schroedinger’s Cat has been at it – my installation is both working and not working, much like the cat is both alive and dead….
So now, my installation is back on Lubuntu. Maybe I’ll install CentOS instead of Fedora. At least until the Fedora team get it working, and who knows how long that might be?
I have just tried using the network install disk (and a full DVD) and neither of them seems to start up the graphics correctly on my old PC, so after a bit of research, it turns out I can set the installer to run in text mode rather than graphics mode by changing:
vmlinuz initrd=initrd.img
to
vmlinuz initrd=initrd.img text
when starting up the installer. Then, it will run in text mode, and even offer the option of using VNC to remotely configure. Screenshot:
So ends a crazy month. We’ve broken records, we’ve been written and talked about across the world, we’ve worn out our F5 keys, and we’ve learned a lot of invaluable lessons about crowdfunding. Our bold campaign to build a visionary new device ultimately fell short, but we can take away so many positives.
We raised $12,809,906, making the Edge the world’s biggest ever fixed crowdfunding campaign. Let’s not lose sight of what an achievement that is. Close to 20,000 people believed in our vision enough to contribute hundreds of dollars for a phone months in advance, just to help make it happen. It wasn’t just individuals, either: Bloomberg LP gave $80,000 and several smaller businesses contributed $7,000 each. Thank you all for getting behind us.
Then there’s the Ubuntu community. Many of you gave your time as well as money, organising your own mailing lists, social media strategies and online ads, and successfully reaching out to your local media. We even saw entire sites created to gather information and help promote the Edge. We’ll be contacting our biggest referrers personally.
Most importantly, the big winner from this campaign is Ubuntu. While we passionately wanted to build the Edge to showcase Ubuntu on phones, the support and attention it received will still be a huge boost as other Ubuntu phones start to arrive in 2014. Thousands of you clearly want to own an Ubuntu phone and believe in our vision of convergence, and rest assured you won’t have much longer to wait.
All of the support and publicity has continued to drive our discussions with some major manufacturers, and we have many of the world’s biggest mobile networks already signed up to the Ubuntu Carrier Advisory Group. They’ll have been watching this global discussion of Ubuntu and the need for innovation very closely indeed. Watch this space!
As for crowdfunding, we believe it’s a great way to give consumers a voice and to push for more innovation and transparency in the mobile industry. And who knows, perhaps one day we’ll take everything we’ve learned from this campaign -- achievements and mistakes -- and try it all over again.
Thank you all
Mark Shuttleworth, the Ubuntu Edge team and everyone at Canonical
P.S. We’ve been assured by Paypal that all refunds will be processed within five working days.
I’ve found out that unetbootin, which is the tool of choice for most usb stick generation, does have it’s problems. I’ve just tried to setup a network install usb stick for Fedora and Debian, and both were fine setting up via unetbootin, but did not boot successfully into the installer (although the splash screen did start.) For both, the initialisation seems to want something in the cdrom drive, but even after putting a disc in there, it doesn’t boot. This also happens when using the netbootcd boot usb.
The solution? Surprisingly simple, actually. To use dd or dcfldd:
This is a very useful boot disk - it allows you to download the latest network installer from the relevant site and boot it, without having to burn or create another stick. It supports the major distributions: Ubuntu, Debian, Fedora, openSUSE, Mandriva, Scientific Linux, CentOS and Slackware.
Be warned, though, Network Installers by nature can be heavily console-based.
