Linux Format - April 2017

REVIEWED: Pi comPutE moDulE 3
67 Pages of
tutorials
and features
File sharing with Ubuntu
Stay hidden & safe online
Create a fast Pi webserver
Coding Academy: AngularJS
Get into Linux today! basics, Python terminal tools
Harness the full power of the command line

and bring balance to your open source skills
For freedom!
When the EU brought in its Robotics with
Privacy Directive, it was the most MicroPython
lobbied directive in European history How to build remote
Cory Doctorow on the fight for freedom from DRM control battle bots!
Webservers Interfaces
Inside Nginx Tiling managers
Get more from the speedy Windows, windows
open source web server everywhere, but not for long
Welcome
Get into Linux today!
What we do
We support the open source community
by providing a resource of information, and
a forum for debate.
We help all readers get more from Linux with our
tutorials section – we’ve something for everyone!
We license all the source code we print in our
tutorials section under the GNU GPL v3.
We give you the most accurate, unbiased and
up-to-date information on all things Linux.
Who we are
This issue we asked our experts: We’re Jedi The Terminal Man
mastering the terminal, what’s your most useful/
favourite command line tool or trick that It’s one of those issues where we’ve had to sneak the
main feature past management to get it into the
everyone should master?
magazine. But using the terminal is so core to Linux
day-to-day life we were way overdue a decent look at the
Jonni Bidwell subject. Over the last year of Linux Format we’ve been slowly
Ctrl-R is much more useful than using the pecking away at the terminal with a regular tutorial section, but
cursor keys to search your Bash history.
Then there are the laconic curly brace like the clichéd guided horse there’s no reason that someone
expansions. It would be nice to understand might try it unless they’re forced to!
the effect of putting slashes at the end of
directory names in an rsync command too, So we’re forcing you by dedicating our cover feature to
but this is a secret that mere mortals mastering the Linux terminal. We’ve been inspired by the Linux
cannot behold. Foundation LFS101 course you can try at edx.org for free. If
you’re at all interested in boosting your Linux skills we’d
encourage to take a look, as it’ll take you even further.
Neil Bothwick But in an age of highly advanced GUIs, touchscreens and
Without a doubt it’s a terminal multiplexer
like tmux or screen. Until you have tried ultra high-definition displays why even consider the
using one of these, and got over the initial 80-character wide text-only terminal option? Control and
learning hump, you will never want to do
without them. While I find that screen is the universality. The ability to administer every aspect of a system
best known multiplexer, I find tmux is more is attractive enough, but when you realise these skills are
capable and no harder to learn, so why not transferable in one guise or another across – not perhaps the
give it a try.
entire Unix world – but a large chunk, surely you can see the
advantage? Nevermind the remote administration features it
Les Pounder opens up for servers too. Your Terminal master will be the wise
For me it’s the handy && conditional and knowledgeable Mayank Sharma (see p30).
operator. It means that if the first We’re also kicking off a new series on running your own
command completes correctly, then a
further command can be chained to it. For server; from some awesome reader feedback it seems people
example sudo apt update && sudo apt want advice and tutorials on setting up, maintaining, enhancing
upgrade will update the repos, and then and generally fiddling with home and remote severs. We kick
show all the upgrades for my system,
prompting me to install them. things off with creating a base Debian server. We delve into
open-source filesharing, tiling windows managers, the Nginx
webserver on and off the Raspberry Pi, assess the state of
Mayank Sharma privacy distros and loads more! As always, enjoy.
There really is no end to the awesomeness
that one can achieve with the sed utility
and awk programming language. If you
intend to spend time working in the
terminal, mastering these two is as
important as learning to make sense of
dmesg, and identifying devices with
commands such as lsusb and lspci.
Neil Mohr Editor
neil.mohr@futurenet.com
Alexandar Tolstoy
There are so many to choose from. It’s hard
to know where to begin. But if I must, one
of my favourite bookmarked commands is
Subscribe & save!

$ cat content.xml | perl -p -e
“s/<[^>]*>/ /g;s/\n/ /g;s/ +/ /;.
This little puppy enables me to read an
unzipped ODT file in those situations where
I don’t have LibreOffice to hand.
On digital and print, see p28
www.techradar.com/pro April 2017 LXF222 3

Contents
“One of the unsung freedoms that go with a free press is the freedom not to read it.” – Ferdinand Mount
Reviews
Master the
Terminal
Intel Pentium 4600G.........15
Something amazing has happened, Intel has
released a budget processor that’s capable
of stunning performance! Is this your next
best CPU upgrade? Go find out!
Click, click, click. Dump the GUI, embrace
the dark side of Linux and discover the true
power of the command line. Do it now on p30.
The Pentium name has been reborn

in a better package, so this is good! Roundup:
Intel Core i3 7350K ...........16 Privacy distros p22
An unlocked Core i3 Kaby Lake CPU hits the
shelves. Promising Core i5 speed but from a
budget line, something has to be too good to
be true, we investigate…
Chapeau 24 ........................ 17
Look, a distro that’s not based on Ubuntu or
Debian but is built from Fedora, looks
amazing and is bundled with all the essential
desktop tools you’d want.
Peppermint 7 .....................18
Alexander Tolstoy is a big fan of low
resource tools and distros, so he thinks
you’re going to love this Ubuntu 16.04 LTS
spin that uses the LXDE.
FreeDOS 1.2.......................19
A new version of FreeDOS was released at
the end of 2016, four-years after the previous
update. Alexander Tolstoy digs in the DOS
to see what’s new.
Dirt Rally ........................... 20

Get your motor running, head out on the
freeway, lookin’ for adventure and whatever
comes our way. Probably traffic jams.
Interview
The reason GCHQ’s spying
is so out of control, is that no
The latest update to TuxRacer looks
one thought it should be better.
amazing! Sorry, what was that?
Cory Doctorow on fighting for digital freedom! p38
4 LXF222 April 2017 www.linuxformat.com

On your FREE DVD
Mint 18.1 Cinnamon 64-bit
Mint 18.1 MATE 32-bit
Scientific Linux 7 64-bit
Only the best distros every month

Plus HotPicks, code and library Subscribe
p96 & save! p28
Raspberry Pi User In-depth...
Pi news................................... 58 The ultimate server ............. 44
Google is adding machine learning and artificial Read the first in our exciting series of features
intelligence tools to the Pi, DIY robot arm kits on setting up the ultimate home server.
incoming and the Asus Tinker board is delayed.
Compute Module 3 .............. 59

Les Pounder goes hands on with another slice of
Pi that’s packed with quad-core power!
Pi Digital Assistant............... 60
Les Pounder builds a digital assistant with some
Python libraries and an open data API.
Build a Pi web server ........... 62

Sean Conway guides you through setting up
the Nginx server then configuring your own
CMS of choice for a custom web server.
Coding Academy Tutorials

File sharing
Apps in AngularJS ............... 84
Kent Elchuk explains how to build AngularJS Open source sharing......68
applications for the web in no time at all and Alexander Tolstoy helps you become a
feel like you’re launching your very own dot leecher, a peer and host to a small pile of
com business. We’re old aren’t we? precious encrypted files.
Build the wc command ....... 88 Windows

Mihalis Tsoukalos shows you what you need Tiling managers ..............72
to know to develop a handy system tool in Mats Tage takes you through the different
Python 3 that will make your life easier, as we window managers available to you and
recreate the wc tool in our own image. shows the pros and cons for each.
Regulars at a glance
News............................. 6 Subscriptions ...........28 Overseas subs ..........66
Is Munich about to end its love affair All other subscriptions are fake, you We ship Linux Format all around the
with open source? GitLab loses a won’t believe how yugely fake they globe, even the USA, get a sub now!
shedload of data and the days of are. Get your true subscription here!
32-bit distros are numbered. Next month ...............98
Sysadmin...................48 Time to get your maker face on and Windows, windows everywhere.
User groups.............. 10 We wave goodbye to Mr. Brown who combine Linux, Python and the new Embedded
Les Pounder gets excited about a puts the last of his Azure credits to Pi to create secure IoT devices and Micro:bit robots............... 76
Makefest in Manchester. good use finishing off his Datacentre try out open source CAD app s. Les Pounder shows us how to use two
Operating System overview. BBC micro:bits and some MicroPython
to build radio-controlled robots for our
Mailserver...................12 own wireless robot battles!
Readers keep breaking our PDFs and HotPicks .................... 52
we ask: are there any female experts Alexander Tolstoy is too busy to Webservers
keen to write for the mag? have back channel conversations, Inside Nginx .................... 80
he’s engrossed in FOSS gems like: If you’ve set up your own webserver now’s
Roundup .................... 22 RawTherapee, Qtf Flif Plugin, Babe- your change to tweak and improve its
performance as we dive inside the Nginx
Mayank Sharma won’t tell us what Qt, Neofetch, QtPass, KDE Connect,
project for faster web pages.
the Roundup is about, but we think QStardict, Air Combat, Operation Our subscription team
it’s privacy distros. Nautak, RCloneBrowser and Marble. is waiting for your call.

This issUE: Microsoft Munich GitLab failure Goodbye 32-bit Kodi crackdown
Open sOurce Outrage
Munich may drop Linux

The mayor of Munich favours Microsoft and has pushed through a review.
t
he City of Munich was often
highlighted as a great example
of a government ditching its
reliance on closed source, and
predominantly Microsoft-made,
software. However, there are recent
rumours that suggest the Munich City
Council, which over a decade ago
ditched Windows for the Ubuntu-based
LiMux, is now considering moving back
to Windows.
Despite the scale of the open source
migrate all those years ago, which saw
around 15,000 PCs move to Linux,
there have been wobbles with Munch’s
embrace of Linux and open source
software in the past. One of the biggest
hurdles was the arrival of the Social
Democratic Party’s Dieter Reiter as lord
mayor in 2014, who has publicly
announced his admiration of Microsoft
and asked for a report (which can be
Munich was
read here http://bit.ly/ Munich) and pointed out some aspects Moving so many people on to Linux
once heralded
LXF2222munich, as long as you don’t of the report that contradict Munich as an example of and open source software was always
mind wading through 450 pages and council’s rush back to closed source. local government going to bring up some problems,
can speak German) on Munich’s IT “According to the report, only a minor embracing open especially for people who are only used
infrastructure. percentage of users (between 18% and source—but that to Microsoft’s way of doing things, but
The report was created by 28%, based on different applications) may change. we’re disappointed that Munich
Accenture, which as many people have had severe issues related to software, appears to be taking a step backwards
pointed out, is a Microsoft partner. which could be solved by migrating by going back to Microsoft. Not only
Accenture polled a number of staff and these users to Windows and Microsoft does that mean Munich loses its
IT workers, as well as analysing Office. Incidentally, 15% of users vendor-independence, which was such
documents, and claimed that there was acknowledged severe issues related to a key argument to the city council
dissatisfaction with using software to Microsoft Office.” switching to open source in the first
print, view and edit documents, place, but as the Document Foundation
program instability and poor user
friendliness. A previous survey in 2016 “the report was created notes, going back to Microsoft Office
most likely means a return to
found 85% of Munich employees
surveyed saying that software problems
by accenture, which is proprietary documents that lack
interoperability and transparency,
interfered with their work at least once a Microsoft partner.” putting it at odds with the move to open
a month. However, Mayor Reiter’s document standards by a number of
previous statements and Accenture’s However, at the time of writing it countries, such as the UK and France.
ties to Microsoft have led many people appears the wheels have already been The costs of moving back to Microsoft
to worry about the impartiality of this set in motion, with Munich City Council will also be steep, with many viewing
report. In February, The Document discussing a proposal to install the €66m estimate in Accenture’s
Foundation released an announcement Windows 10 and Microsoft Office 2016 report as being too low and, of course,
(http://bit.ly/DocFoundationOn on all workstations by 2020. it will be paid by Munich’s tax payers.

newsdesk
Newsdesk
DeveLOpMent news
newsbytes
GitLab catastrophic error Kodi is a very popular piece of
open source media playing
software, and while it’s easy and free
Developers and companies that rely on GitLab to download and install Kodi on a large
number of devices, including the
are left without data after a serious failure. Raspberry Pi, there is also a growing
market for set top boxes that are sold
g
itLab is a popular and important resource Around an hour with Kodi pre-installed. The problem
for many companies and developers, later a third incident is, there are many third party add-ons
such as Intel and Red Hat, so when at the occurred, where that aren’t endorsed by the Kodi team,
end of January 2017 the service went offline for backups were failing. and are primarily used by people to
what the GitLab Status Twitter account called Unfortunately, an stream and download subscription
and pirated media for free. Boxes with
‘emergency database maintenance’, many people employee accidently GitLab ran into a series
Kodi and these add-ons pre-installed
were understandably concerned. A later tweet removed a directory on of problems that most of
are being subject to a crackdown, and
offered more clarification about the problem: “We the wrong database to us dread would happen
a shopkeeper from Middlesbrough is
accidentally deleted production data and might try to fix the problem, to us—let’s just hope
pleading not guilty in a landmark case
have to restore from backup.” Not a terribly leading to more data lessons were learnt.
that could determine the legality of
reassuring message and, after six hours of loss. At this point selling ‘fully loaded’ Kodi boxes in the
downtime and concerns over data loss, a better GitLab was taken offline. UK. The trial begins in May.
picture of what happened started to emerge. This unfortunate combination of hackers, http://bit.ly/LXF222kodi
A detailed blog post by GitLab (http://bit.ly/ software problems and human error turned into a Mesa 17, the latest release of the
GitLabDBincident) explained that the first rather alarming problem, and wasn’t helped by open source graphics driver for
incident occurred on January 31 at 6pm, when a the fact that snapshots and backups are only Linux, has been released after a short
number of spammers began attacking the taken once every 24 hours. While some of the delay, but the latest benchmark
database by creating snippets and making the data was recovered, GitLab learned some harsh results prove that the wait was well
worth it. It brings OpenGL 4.5 support
database unstable. Troubleshooting began in lessons—and ones we can all learn from. Make
for Intel Haswell processors, better
earnest, but three hours later the attacks backups regularly, keep those backups safe and
performance for many recent games,
escalated, causing a lockup on writes to the try not to let overworked and tired engineers try especially on AMD cards, and
database, causing it to go down. An hour later, a to fix any problems. To GitLab’s credit, it was noticeably improved Vulkan
second incident occurred, as although spammers transparent about what was going on, both with performance. For a full run down of
had been blocked, the database replication was its in-depth blog post detailing what happened, as the benchmark results and
lagging too far behind, essentially stopping due to well as regular Twitter updates during the incident improvements in performance, visit
a spike in writes. that kept its users informed. http://bit.ly/Mesa17Vulkan
Benchmarks.
Fancy building your own open
harDware news source laptop? If so, the TERES 1
laptop is the machine for you and
Microarchitecture drop everything you need to build it yourself

is now available, including the building
instructions (found at http://bit.ly/
TEREsiPDF). Meanwhile the
If you’re running a 32-bit CPU, your options are shrinking. hardware CAD files and Linux build
scripts are available on GitHub
(https://github.com/OLiMEX/DiY-
w
hile 64-bit processors are becoming between the 64-bit Linux kernel that it uses and LAPTOP), and as the creators, OliMex
ever more popular, there’s still a 32-bit software. LTD, explain on its website (http://
number of us who use 32-bit Meanwhile, the February update of Arch Linux bit.ly/TEREsiDiY), the idea is that
hardware and while there will always be distros has been revealed to be the last that will include a anyone can view, edit, modify and
available that support older and legacy hardware, download option for 32-bit hardware, with an create their own versions of the
laptop. If you don’t want to start
there have also been some recent announcement (http://bit.ly/ArchDropsi686)
completely from scratch, you can buy
announcements that make finding a distro to run stating that “Due to the decreasing popularity of
kits for €225 from https://www.
on 32-bit software much more difficult. i686 among the developers and the community, we olimex.com/Products/DiY%20
For example, it has been announced that Tails have decided to phase out the support of this Laptop/KiTs, though at the time of
3.0 will require a 64-bit x86-64 processor, with architecture”. 32-bit users won’t be left in the lurch writing both kits are sold out.
support for 32-bit ending on June 13, 2017. As the completely as people with 32-bit installs will
Tails project mentions in its announcement of the continue to receive upgraded packages for a
news, only 4% of Tails users use a 32-bit ‘depreciation period’, but by November 2017 32-bit
computer. While it’s not good news for support will be completely dropped.
that small minority, the team behind While we’re sad to see distros ditch 32-bit
Tails say that the move to support, we can see their arguments. Thankfully,
64-bit only will benefit its Linux is such a broad church that there will always
users, thanks to improved be the likes of TinyCore, Absolute Linux and Linux
security features and Lite that will make sure people with 32-bit and older Build your own laptop with TEREs 1.
greater compatibility hardware still have access to an operating system.

Newsdesk
comment
Distro watch
Linux breaks new What’s behind the free software sofa?
ground in China
Angela Brown DeFt 2017.1 ZerO
DEFT (Digital Evidence & Forensic download the live CD at www.
Toolkit), a customised version of the deftlinux.net/2017/02/13/deft-
The infinitely Ubuntu live CD, is back after a hiatus zero-2017-1-ready-for-download.
of two years with version 2017.1, also
customisable
known as ‘Zero’. Specially designed
nature of
as a lightweight tool for performing
Linux has resulted in its forensic acquisition of digital
expanding footprint across industry sectors evidence, the new version supports
and world regions. Beyond the internet and NVMExpress memory (found in the
data centres, it’s now found in devices such as 2015 MacBook), eMMC and UEFI.
Kindles, smart TVs, and even Tesla cars. It can be run entirely in RAM (as
long as you have over 400MB) and it
Geography-wise, China is a country that has
is based on Lubuntu 14.04.02 LTS.
witnessed tremendous increase in Linux use.
DEFT Zero will be updated and
According to the 2012 IDC Worldwide Quarterly developed alongside the full version DEFT Zero is back from the dead,
Server Tracker, Linux server market growth in of DEFT. You can find out more and and with no calories either.
China surged from 9.2 to 33.2% between 2002
and 2012—a rate surpassing the global average.
cruX 3.3
And there are other telling signs. Tencent, one
of the biggest tech companies in China and the Crux is a lightweight distro that found at https://crux.nu/Main/
doesn’t rely on systemd and is aimed ReleaseNotes3-3, and it can be
world, was among the first to use the
squarely at experienced Linux users. downloaded from https://crux.nu/
OpenDaylight Project’s Software Defined A new version of Crux, 3.3, has Main/Download.
Networking controllers to manage its massive now been released —the first stable
data flows. The Chinese government has even release for 15 months and comes
developed Ubuntu Kylin, a national Linux distro with the Linux kernel 4.9.6, and
which, as of 2015, comes pre-installed on 40% includes glibc 2.24, GCC 6.3.0 and
of all Dell computers sold within the country. Binutils 2.27, as well as X.Org 7.7 and
X.Org Server 1.19.1.
Responding to China’s growing interest and
You can download and install the
demand for Linux knowhow, two open source
ISO image onto either a blank CD or
technology events have been organised here USB stick (thanks to isohybrid) and
previously – Cloud Foundry Summit Asia 2015 UEFI support is available. For more The lightweight distro Crux has
and MesosCon Asia 2016 – both of which were information, the release notes can be been updated and released.
very well-received.
This year, we decided to take things one step nethserver 7.3
further. From June 19-20, three flagship Linux
NethServer is a CentOS-based distro more with the release announcement
conferences – LinuxCon, ContainerCon, and
for servers, featuring a modular at www.nethserver.org/nethserver-
CloudOpen – will be taking place in China for design and web-based 7-final-released.
the very first time. Known as LC3, this landmark administrative controls for easy
event will cover the most exciting topics in open access and maintenance.
source, such as open networking, Blockchain, The latest version, 7.3, now acts as
microservices, and compliance issues. a Samba Active Directory Controller,
Our ultimate aim is to help foster local leaders which can replace a Microsoft Active
Directory Domain controller. It’s
in open source communities around the world.
compatible with native Microsoft
We hope that LC3 will serve as a springboard tools, making it easier to bring
for further such projects in China. workstations over to NethServer.
Further information on this and other Linux Version 7.3 also includes
Foundation events can be found at http:// centralised account management, a
events.linuxfoundation.org. new firewall with deep packet if you want to move on from
inspection, a new interface for traffic Microsoft Active Directory,
Angela Brown manages the Linux Foundation’s
shaping and a lot more. Find out Nethserver has you covered.
global conferences as VP of Events.

Newsdesk
comment
Mesa 17 &
OpenGL 4.5
DnF 2.1.0 Guy Lunardi
DNF, also known as ‘Dandified Yum’ list of DNF-1 and DNF-2 incompatible
is a version of the Yellowdog Updater, changes, head over to http://dnf.
Modified (more often known as baseurl.org. Mesa 17.0, the
yum), which is a package manager
latest release
for RPM-based distros. Most
of the open
famously, it’s been the default
package manager for Fedora since source 3D
version 22, and the next major graphics library was made available
version has been released. This this February 2017.
brings a host of major user With nearly 2,500 commits from over 120
experience improvements, better developers, Mesa 17.0 is without a doubt a hefty
help invoking and over 60 fixes for
upgrade over the previous development
various bugs. It also focuses on
release. It also brings a new versioning scheme
improving yum compatibility –
though it is not fully compatible with reflecting the release year
Want an improved yum? DNF is the
DNF-1. For more information, and a package manager for you. For the first time an open source driver meets
all the latest conformance test suites for
OpenGL, OpenGL ES and now Vulkan, a feat
tOaruOs 1.0
achieved through significant investments in
New distro alert! ToaruOS is a hobby making. Find out more at http:// Mesa over the years.
kernel and userspace made by Kevin toaruos.org.
Key features of this latest release include
Lange and, while it’s been in
development since 2010, it is now
OpenGL 4.5 support for Intel Haswell, Open GL
finally released in a ‘user-ready’ state. 4.3 support for NVIDIA Maxwell, support for
According to the release statement multiple devices with the Radeon Vulkan driver
(https://github.com/klange/ (RADV), and Float64 support as well as
toaruos/releases/tag/v1.0.0), it tessellation shader support with the Intel
uses a 32-bit monolithic (et modular) Vulkan driver (ANV).
Unix-like kernel that ‘supports
The RadeonSi driver received Polaris 12
processes, threads, shared memory,
support as well as dozens of performance
files, pipes, TTYs, packet-based IPC,
and basic IPv4 networking’. While you improvements. The Gallium 3D driver received
probably won’t want to use ToaruOS ToaruOs 1.0 is a labour of love, and
numerous fixes and updates also. The Mesa
1.0 for your day-to-day OS, it’s great it’s always good to see hobby Oses core is receiving lots of work regarding the
to see the progress the project is entering the scene. GLSL Shader Cache.
Also noteworthy is the arrival of etnaviv, the
ghOstBsD 11.0 aLpha 1 Gallium3D community-written, open source
driver for Vivante GPU IP.
A new test release of GhostBSD, you’re running an earlier version of
which is based on FreeBSD 11, has GhostBSD 11, you’ll see the update
“Mesa 17.0 presents a major jump in more
been released. This new alpha pushed through the update manager. than just the version number. It is the first
includes up-to-date proprietary For more information visit the release release to feature a render-only GPU driver”
Nvidia video drivers, as well as the announcement at http://ghostbsd. says Emil Velikov, Mesa release manager.
Whisker Menu as the default org/news/11.0_ALPhA1. This is indeed an exciting upgrade that will be
application menu for the Xfce particularly appreciated by gamers.
desktop environment. The
Mesa 17 support will be available in the
MATE desktop is also
available, and GhostBSD
coming months on a number of Linux
comes with a number of fixes distributions, including Arch Linux, Debian,
for the Xfce desktop, as well Fedora, OpenSUSE Tumbleweed and Ubuntu.
as the ZFS filesystem. Interested in getting the latest release? Head
You can download a hybrid on over to mesa3d.org.
ISO that can be installed on GhostBsD 11.0 has now reached Alpha 1 –
either disc or USB, and if download it to see what’s new
Guy Lunardi, Vice President,
Business Development at Collabora Ltd.

Linux user groups
United Linux!
The intrepid Les Pounder brings you the latest community and LUG news.
Find and join a LUG Makefest returns

Alpinux, le LUG de Savoie Head to Liverpool for a great, free family day out.
Meet on the 1st and 3rd Thursday of the month at the
A
Maison des Associations de Chambéry new event entered into the including sessions on 3D printing,
www.alpinux.org already crowded Maker learning to code, photography.
Bristol Hackspace Studio G11, 37 Philip calendar in 2015. Makefest is a We’ve been to the past two Makefest
Street, Bedminster, Bristol, UK, BS3 4EA one-day event that offers something for events and been truly blown away at
http://bristol.hackspace.org.uk everyone. From art, electronics, prop how family friendly the event is. We
making, make-up and visual effects, loved seeing the children hacking their
Cheltenham Hackspace The Runnings
there’s a plethora of interesting topics own vehicles with Lego and a few
trading estate, Cheltenham. Thursday night from 7pm.
to keep everyone entertained. Taking motors, then watching families paint
www.cheltenhamhackspace.org
place on June 24 in the city of using conductive paints to draw circuits
Lancaster and Morecambe Makers Liverpool’s Central Library, this event on a piece of paper which are then
Unit 5, Sharpes Mill, White Cross, Lancaster, Open will once again welcome over 3,000 connected to a Raspberry Pi and LEDs
Night on Wednesday evening 18:30pm till late. people through its doors. Spanning the to produce custom circuits.
www.lamm.space entire library, which is a beautiful But why should you go to this event?
Huddersfield Raspberry Jam Meet every modern building offering great facilities. Quite simply, it’s a free day out that will
4th Saturday of the month at Huddersfield Library. Over the course of the day there will inform and entertain the whole family.
Huddersfieldraspberryjam.co.uk be over 100 stalls across the venue, Take a picnic and prepare to enter a
Hull Raspberry Jam showing off the latest projects using world full of technological wonder!
Every other month at Malet Lambert School, Hull. equipment such as the Raspberry Pi, https://lpoolmakefest.org LXF
https://twitter.com/hullraspjam Arduino, micro:bit and
Codebug. You can get
North Kent Raspberry Pi User Group
hands on with these
Every two weeks at Medway Makers, 12 Dunlin Drive,
projects and meet the
St Mary’s Island, Chatham ME4 3JE
makers behind them. If you
https://nkrpug.wordpress.com/
need a little retail therapy,
Preston Hackspace Open night 2nd Monday there will be stalls offering
of the month from 7pm. 28A Good St, PR2 8UX. kits and projects to suit
http://prestonhackspace.org.uk every pocket.
Surrey and Hampshire Makerspace If you want to get your
Open evenings Tues and Fri at the Boileroom Guildford. hands dirty then there will
www.shmakerspace.org be workshops and lessons Liverpool Makefest makes use of every square
throughout the day inch of the Central Library.
Community events news

September, which spans 10 conference covers the latest compositions, and hacking
days! There will be the Open technical developments in the useless objects just for fun,
Source Hardware Camp GNOME desktop environment, OpenTech is an informal event
including soldering classes and as well as talks, workshops and that focuses on low cost to
talks from notable speakers. panel discussions. Conferences ensure everyone can access the
There’s also a talk on embedded such as this are a great place to event. It may not be a big shiny
system designs from transistors kick start new ideas, learn from corporate conference, but you
to the Linux user space. experts and become more will see big names such as the
Wuthering Bytes 2017 http://bit.ly/WutheringBytes involved with the project. Open Rights Group, the BBC and
Hebden Bridge is deep within the https://2017.guadec.org MPs rubbing shoulders with
UK’s ‘Maker Belt’ that stretches GUADEC 2017 hackers, developers and makers
across from Liverpool to Hull. The GNOME conference, OpenTech 2017 of all abilities. This year the event
Every year this quiet town plays otherwise known as GUADEC From away days for developers is in London on May 13, costing
host to a series of tech-related comes to Manchester, UK from to hone their skills, to using open just £5 on the door.
talks and workshops on 1 28 July to 2 August. The data to create random musical http://www.opentech.org.uk

Mailserver
Write to us at Linux Format, Future Publishing, Quay House, The Ambury, Bath BA1 1UA or lxf.letters@futurenet.com.
Broken PDFs too. So I’m pretty sure this is a Neil says: This is what tends to
I have subscribed to LXF for problem on your end. happen. Entroware contacted me
several years and often read the back in 2015 asking about reviews,
PDF version when looking for a Entrowon’t I obviously jumped at the chance,
specific past item. I have noticed LXF218 has arrived, with its gave them all the required details
that issues 213 and 214 appear Roundup of Chromebooks. to submit a machine for review
with no text content—I assume Although this brought about a and heard nothing back. It’s free
the PDF’s are broken… yawn (sorry, I know some people publicity targeted directly at
Graham Andrews love them), it has reminded me its core audience, so
Jonni says: I’ve just checked that while we are treated to the you’d think it’d
those PDFs and they appear to be occasional laptop review, we’ve want to get
OK. They work in Firefox’s built-in not yet seen Entroware’s range something
viewer on my Linux install and of six Linux laptops and three sent in for
they work in macOS’s preview on desktops reviewed. Surely this review. I should
my Mac. Which PDF viewer are UK-based supplier of pre- probably prod them again
you using? We often get people installed Linux machines is over it. You can check out the
writing in with difficulties when worthy of your attention? range over at www.entroware.
Send us your Linux laptops and
using old versions of Evince I do enjoy your monthly take com. See we’re nice really!
we will review them!
(Gnome’s PDF viewer), but I’m on your subscription team.
assured it works in newer There are months when you hit Enthusiastic
versions. In fact, I’ve just tested it the nail right on the head! Had to write in after reading with computing it’s the only
in the latest one and it’s fine there Graham Gough December’s edition [LXF218]. option. Throw in the fun that you
Bought a CTC Reprap 3D can have with maker kits, plus
Printer Kit. coding and there’s endless
Saw the coding, bought a experimentation and learning to
Raspberry Pi (as a project) be had. While many companies
Bought Linux Format. are busily trying to lock down
Totally hooked. every aspect of their own
Installing Linux variants on all operating systems and hardware,
my old computers. at least x86 and a good portion of
Other half thinks I’m mad. Linux-based devices do remain
I retire within three years. open. Have fun!
I’m really looking forward.
Great mag, btw. Messed up Mint
I’m 63. I followed your instructions
Bruce Foster, via email under Minted [Mailserver, p13
Neil says: I’m glad you’ve found LXF217], including refreshing
Linux to be so much fun. For the APT cache using ‘Refresh’ in
This is how your PDF should look, if there’s corrupt text try a people that want to play, tinker the Update Manager until I got
different reader as that’s usually the issue. and generally get their hands dirty the ‘Your system is up to date’
shane_collinge@yahoo.com

Letter of the month
No women?
R
ecently, I was reading your Geography teacher. Who knows if lack of female interviews and we got to talk to
Raspberry Pi section with my female role models was a the cause! some incredibly talented women in
daughter (age 9, wants to be a Maybe other issues have a more technology. When Les Pounder covers an
programmer when she grows representative gender balance? I hope so. event he’ll try to include female attendees—
up), and she noticed an interesting thing If we want to make a difference to girls in his MozFest 2016 coverage there were
about your magazine that we thought we’d interested in computing, then being two women interviewed.
share with you. ‘gender blind’ – especially if the editorial My explanation for this (and you might
Throughout the whole magazine team are all men – is no longer enough. recognise it) is that women historically and
women/girls are represented just seven Joanna and Nancy Mellor still today are not encouraged to pursue
times – two pictures of Rose from Dr Who, Neil says: Many thanks for your letter on STEM (Science Technology Engineering and
the woman in the cartoon, a woman in an such an important topic and if I can Mathematics) subjects. This manifests itself
advert, two mentions of (nameless) wives reassure you it is something we do take to as a 50% dropout rate (outside of all-girl
and one of a mother. My apologies if we heart, with us all here having daughters, schools) when selecting courses at each
missed anything or if any of the names sisters, wives and mums. qualification stage. So at GCSE there’s
that are unclear (e.g. Geordiejedi) are Let me say I’d love to have more female almost 50% female class members, A-level
women! No contributors, as far as I can contributors, but we’re limited by the people 20% and at degree level 12% or less, see
tell, are women. that actually approach us to become http://bit.ly/LXF222stem. So that’s bad
I realise that you want the best contributors. In my time as editor (now just enough, but when it comes to open source
contributors, but it is a huge issue to over three years) not one person that’s development things are even worse. Just
young people—there is the saying, ‘if they inquired about writing has been female. 6% of open source devs are reported to be
don’t see it, they won’t be it’. When I was a We could do more to encourage women female, contrast that to 29% at proprietary
9-year-old, I was a keen Basic to write but there are practical limits. Now, software companies such as Microsoft and
programmer, attending tech exhibitions, where we can we do cover women in an average of around 19% in the general
and reading Acorn User magazine. I lost technology; our last OSCON US trip we IT workforce, see http://bit.ly/
interest as a teenager and ended up as a ensured we had a 50/50 split on male/ LXF222women.
message but failed. Here are lumbering dolt [what was that?!— Hope that helps, and best of luck
the results: Ed]. The mintupgrade tool is only with the upgrade! LXF
/ $ apt install mintupgrade available on Mint 17.3, so your
Reading package lists... Done upgrade path will look like 17.1 >
Building dependency tree 17.3 > 18. It may be simpler to just
Reading state information... Done back up your user data and do a
E: Unable to locate package clean installation of Mint 18.
mintupgrade If that’s not what you want then
I am running Mint 17.1 we’d still recommend backing up
Rebecca with Kernel Linux before attempting the upgrades.
3.13.0.24-generic on a Once that’s done open the Update
Lenovo-G710. I would be most Manager, go to Edit > Upgrade to
grateful for any suggestions that Linux Mint 17.3 Rosa.
you have, please. After a lot of activity and a
Lyn, Glamorgan reboot, you should be on 17.3, at
Jonni says: Apologies, this has which point the mintupgrade Us, make a mistake?
been filed under Neil is a package should be installable. Surely not?
Write to us
Do you have a burning Linux-
related issue you want to discuss?
Want to let us know what issue
made you throw you gaming
laptop out the window or just want
to suggest future content? Write
to us at Linux Format, Future
Publishing, Quay House, The
Ambury, Bath, BA1 1UA or
lxf.letters@futurenet.com.

The home of technology
techradar.com
All the latest software and hardware reviewed and rated by our experts
Intel Pentium G4600

Who expected a budget Kaby Lake to appear packing hyper-threading?
Jeremy Laird, that’s who!
T
he end of Intel’s CPU strategy HD Graphics 630 GPU, at
In brief... as we know it seems very likely. the top-end of the smaller
We don’t mean that in an of the two graphics cores
Socket: 1151 apocalyptic sense. Intel isn’t about to Intel is sticking in its Kaby
Cache: 3MB suffer an existential calamity. But AMD’s Lake chips. It has 24
Type: 64-bit Ryzen processor is coming, and we’re execution units to the 48
SSE: 4.1/4.2 confident it’s going to shake things up. of the Iris Plus cores.
Process: 14nm That’s the context into which Intel’s So, even by integrated
Cores: 2 Pentium G4600 arrives. Based on the standards, it’s nothing
Threads: 4 latest Kaby Lake microarchitecture, it’s special. But for £81,
very much a child of the last five years you aren’t getting
Clock: 3.6GHz
or so, when Intel ruled on the high seas, special. What you are
TDP: 51W
across the land and up in the air. Within getting is very good
Max memory:
64GB DDR4
that narrative, the fact that Intel has single-threaded
bequeathed the G4600, plus two other performance.
Channels: 2
(ECC) new Kaby Lake Pentiums, with Hyper- The G4600
GPU: Intel HD threading capability constitutes news. cranks out 151
Graphics 630 Hyper-threading is the ability for points in Cinebench
Clock: 350MHz each CPU core to process two software R15 (via Wine) in
Max: 1.1GHz threads in parallel. And it’s been baked single-threaded mode. The Core
Units: 24
into every Intel Core processor since i7-7700K [see Reviews, p15, LXF221]
Nehalem in 2008. Actually, it’s manages 182. Put another way, if all you Its multi-threading means it’s the
OpenGL: 4.4
rumoured that it was also in the Core 2 were interested in was single-threaded best budget processor available.
Displays: 3
Duo, just not enabled. And, of course, it performance, and overclocking wasn’t
Virtual: VT-x,
was first seen in the Pentium 4 Netburst in your vocabulary, there would be little
VT-d, EPT
chip way back in 2000. reason to spend more than 82 bucks on current reality, then, the G4600 is
The point is that it’s always in any a G4600. appealing. But change is in the air, and
desktop CPU model you buy from Intel; the measure by which CPU value is
it’s just enabled or disabled to help cook Zippy performance assessed could be very different within
up a few different chip models. It’s the Flick the multi-threading switch, on the just a few weeks. LXF
sort of ruse you can get away with when other hand, and those numbers jump to
Verdict
you have little to no competition—a 385 and 970. The 7700K is only a quad-
situation that prevails today, but isn’t core chip, of course. The 10-core Core
going to last. i7-6950X monster will spew out about
The Pentium G4600 slots in at £81, 1,750 points in Cinebench. Then again, Intel Pentium G4600
and offers up two hyper-threading it costs about 15 times as much. Developer: Intel
Web: www.intel.com
enabled 3.6GHz cores, supported by Arguably, then, what matters is that for Price: £81
3MB of cache memory. And that’s general-purpose computing, the
Features 8/10
pretty much it for the CPU side of G4600 gets the job done. It feels
Performance 9/10
things. There’s no turbo mode and the perfectly zippy for web browsing, Ease of use 9/10
CPU multiplier is locked, so playing back HD video content and Value 9/10
overclocking is essentially a non-starter. most anything else you’re likely to do
The best value Intel CPU and currently
Like all mainstream desktop CPUs, day to day. the best budget option on the market,
the processor cores are only half the It even turns in decent numbers in but for how long? (hint: AMD Ryzen).
story—literally, as integrated graphics
make up almost half of the G4600’s
14nm CPU die. In this case, it’s an Intel
games, showing that the age-old
problem of coding games to scale
beyond a few cores remains. In the
Rating 9/10
Reviews Processor
Intel Core i3 7350K

Can an unlocked Intel Core i3 really take the world by storm? Jarred Walton
weighs up that tricky balancing act of price and performance.
O
ur first impression when we
Specs heard Intel was planning on
such a part was intrigue—how
Socket: 1151 fast would it be compared to the more
Cache: 4MB expensive offerings? In particular, how
Type: 64-bit would it fare when going up against the
SSE: 4.1/4.2, Core i5-6600K and Core i5-7600K? We
AVX 2.0 must admit we had high hopes…
Process: 14nm Let’s get the elephant in the corner
Cores: 2 out of the way: There’s no good reason
Threads: 4 to go out and spend this much money
Clock:4.2GHz on the i3-7350K. At £185 the value is
Turbo: N/A highly dubious, the Core i5-7400
TDP: 60W
immediately stands out as a better
overall choice. The problem as usual
Max memory:
64GB DDR4 comes down to core counts. The Core i3
Channels: 2 (No line packs two physical cores and adds
ECC) hyper-threading (aka SMT), while the At this price it’s worth waiting to see what AMD’s Ryzen can offer.
GPU: Intel HD Core i5 parts have four physical cores
Graphics 630 but no hyper-threading. Clock speeds running at stock. That’s not a bad result There’s still AMD’s Ryzen to contend
Clock: 350MHz do favour the i3-7350K, but dual-core by any means, but we are talking about with, where all the models will be
Max: 1.15GHz and quad-core processors have been a six-year-old CPU and the difference in multiplier unlocked. The current
Units: 24 around long enough that our software launch price is still only about £40. rumours suggest AMD will officially
OpenGL: 4.4
actually does benefit in meaningful ways You would have to be using very old unveil the Ryzen models at GDC by the
from the Core i5 approach. hardware for the 7350K to be a time you read this, with 4-core/8-
Displays: 3
This is definitely a new class of significant upgrade in performance. thread, 8-core/8-thread, and 8-core/16-
Virtual: VT-x,
VT-d, EPT processor, as previously the only way thread parts. As with the i7-7700K and
you could overclock Core i3 was via Ryzen to the challenge i5-7600K, at this point Ryzen is so close
BCLK adjustments, which didn’t always Moving over to gaming, things become that there’s no harm in waiting to see
work so well. We’re not sure if Intel has a bit more exciting. Games tend to scale how the chips actually perform and how
properly locked down the other CPUs much better with clock speeds and much they’ll cost.
this round. efficient CPU architectures rather than Budget processors can be
Kaby Lake makes the most sense core counts. Here, even the stock interesting, but they need to be budget
when you’re building a new PC—we i3-7350K easily wins out over AMD’s parts. The Core i3-7350K is more
wouldn’t recommend upgrading from current best processor, the FX-8370. expensive than AMD’s current fastest
Skylake to Kaby Lake, or even from This is why AMD CPUs haven’t been APUs and CPUs. If you’re able to afford
Haswell/Broadwell. If you’re looking at recommended as the best gaming an i3-7350K, do yourself a favour and
older Intel CPUs, the i3-7350K is solution for quite some time. Even pick up a Core i5 part instead. Or wait
roughly equivalent to an i5-2500K, both games that scale a bit better with for Ryzen. LXF
higher core counts favour Core i3 over
Verdict
the FX series.
Features at a glance The Core i3-7350K ends up as quite
of a perplexing chip. Performance is
reasonably good for a dual-core Intel Core i3 7350K
processor and in games it comes Developer: Intel
Web: www.intel.com
relatively close to more expensive Price: £185
CPUs… but it’s not really that much
Features 7/10
cheaper, especially if you factor in the
Performance 7/10
cost of a Z270 motherboard. In this Ease of use 9/10
instance, it feels like Intel is reaching on Value 4/10
this one and attempting to find an
There’s nothing wrong with this i3,
HD Graphics Unlocked, m’K? untapped market but refusing to offer but for the same price you could have
Intel integrated graphics The ‘K’ means that this too much CPU at too low of a price. the full power of four true cores.
Rating 6/10
are good enough these CPU is unlocked and can Simply put, just as we suspected, there
days for reasonable 1080p be freely overclocked to
are better processors to choose from in
gaming of many titles. almost 5GHz.
this price bracket.

Linux distribution Reviews
Chapeau 24
Alexander Tolstoy investigates a Fedora-based spin off with a composed,
smooth and refined feel that we’re inclined to tip our hats to.
C
hapeau is a remixed version of
In brief... Fedora, the iconic Linux
distribution (distro) made
Chapeau is a under Red Hat patronage. We decided
Fedora-based to take a closer look at Chapeau 24, the
Linux distro,
which is friendly latest release. As the name suggests,
for novice users this system has been derived from
thanks to its clean Fedora 24 and feature full software
and practical compatibility with its parent. The
Gnome desktop. It
codename of the new Chapeau release
comes packed
with codes, media is ‘Cancellara’, after the Swiss road bike
and popular third- racer Fabian Cancellara.
party applications, Chapeau can be found in the list of
including many recognised Fedora respins, where each
with proprietary
licenses. participant struggles to develop its own
identity but retain the desired
compatibility with Fedora repositories
(repos). Chapeau isn’t an exception Chapeau adds green tones to the light and fast Gnome Shell 3.20.
here, and for many users who are just
going to glance over it, Chapeau will Chapeau focuses solely on the Gnome of release upgrades, but Chapeau devs
probably feel like a tweaked, version adding a beautiful Moka icon could have missed it. The upgrade
customised and enriched version of set on top. There are several other process went fine and after rebooting
Fedora with extra applications. But it tweaks here and there, like the Caffeine we got the shiny new Gnome 3.22
gave us a very positive impression and a shell extension for manually triggering instead of 3.20 and the Details section
much better out-of-the-box experience. the screensaver, the list view in Nautilus in Settings told us that we were now
Chapeau has a more relaxed licensing by default or a tighter font scaling factor running Fedora 25.
policy and already includes some that makes the UI feel more like macOS. This doesn’t change the fact that in
proprietary codecs, Gstreamer plug-ins Chapeau is minimalist; there are all other situations Chapeau performed
and extra software, such as virtually no over-customised features very well and passed all of our common
PlayOnLinux, Adobe Flash Player and that force you to spend extra time tests, including MTP support
the Dropbox desktop client. If you’ve disabling various design settings or (connecting a phone) and working with
been following our distro reviews and bloated Gnome Shell extensions. a rare Realtek-based Wi-Fi dongle.
read the Korora 25 [see Reviews, p19 Chapeau is also light, very fast and Despite the fact that the Chapeau sticks
LXF220], you may have noticed that really good-looking with sensible to the previous Fedora release, it has
Chapeau and Korora, which are both defaults and a wide selection of many vital updates, including kernel 4.9
Fedora respins, are very similar. But software. From the very first boot to the and modern versions of many
here’s what makes Chapeau different. installed system you can fire up Yumex- productivity applications. But again, it
First, instead of offering a bunch of DNF and add extra applications from would be good to know, if or when the
desktops (replicating the Fedora spins), the already enabled Rpmfusion repo. official Chapeau 25 will be out. LXF
It’s a pleasant and smooth experience,
Verdict
with no hiccups.
Features at a glance Questionable parts
Although we were very happy with the Chapeau 24
level of comfort and usability that Developer: Vince Pooley
Web: http://chapeaulinux.org
Chapeau offers for immediate use, Licence: Various
there were a few odd things that
Features 8/10
revealed themselves after a few days of
Performance 9/10
real-life usage. The main complaint is Ease of use 9/10
that weren’t sure that the Chapeau Documentation 6/10
developer actually controlled their own
Fast, smooth and packed with
Tweaked UI Extra apps distro. This became apparent when applications. Although appears to be
The distro sports the Most goodies are already Gnome Software offered the upgrade maintained sporadically.
Rating 8/10
beautiful Moka theme, installed, others (such as path to the latest and greatest Fedora
smaller fonts and different VirtualBox) are just few
25. Yes, we know that Fedora’s default
defaults in Nautilus. clicks away.
software manager has become capable

Reviews Linux distribution
Peppermint 7
Alexander Tolstoy is happy to have his head in the clouds thanks to some
remarkable features of the Peppermint OS.
T
aking an Ubuntu-based Linux
In brief... distribution (distro) for a spin
tends to return very predictable
A lightweight results in most cases, but with
and robust cloud- Peppermint OS things are more
based distro that
brings together interesting—in a good way. Peppermint
the stability and is a well-established project that’s been
huge software delivering a lightweight and visually
choice of Ubuntu attractive Linux distro for as long as
family with many
seven years. The latest version is
modern web
applications. Peppermint 7, released last summer but
A fast internet frequently updated afterwards with
connection is a fresh ‘re-spins’. For this review, we’re
must have for testing the ISO that was released at the
squeezing the
best out it. end of November 2016 and Peppermint
Mixing elements from various GTK-based desktops produces a smooth result.
7 is based on Ubuntu 16.04, which
gives it a solid foundation with a long
term support. theme is dark and it plays nicely with for example, by adding a solid state
The user interface implements the modern flat circular icons. However, the drive. Peppermint will help you save the
classic desktop paradigm, with bottom unique identity of Peppermint is not in drive in the long run by off loading many
panel, Start menu and a desktop that its fast and responsive desktop, even operations online.
you can populate with your files or though we can firmly recommend this Of course, this fast and smart Linux
folders. After a closer look, it becomes distro for low-end machines. distro isn’t necessarily everyone’s cup of
evident that the GUI is a mixture of tea, simply because you don’t have to
specific components derived from Cloud desktop rely on image editors or word processors
various desktop environments, such as Right from the early days, when that are actually run by a third party. But
Cinnamon, LXDE, Xfce and Mate. Peppermint had just forked away from the more evident obstacle is the
We have the Xfce panel with the Lubuntu, the team had positioned its dependency on your internet connection.
Whisker menu, Nemo file manager, system as ‘cloud-based’. According to More than that, each wrapped web
Pluma text editor, the clone of Linux the project’s website and the very application uses its own web browser
Mint installer and so on, but as long as decent and extensive documentation, profile, which simply will not work very
every application is based on the GTK Peppermint merges traditional desktop well if you access the web through a
toolkit, there’s virtually nothing out of apps with cloud services (or web apps, proxy. According to the Peppermint
place. However, Peppermint tops it with if you like). Browsing the Whisker menu forums, this is a known issue and also
its home-grown terminal emulator and categories quickly makes you notice another reason to learn how to change
settings panel. entries such as Editor by Pixlr, Google global variables used by Chromium or
The interface is very consistent Drive or Gmail. These are the links to Firefox. Regardless, this doesn’t spoil the
throughout the desktop, thanks to the the respective services, each being party, and the OS leaves a positive and
original ‘Peppermint’ styling. The default wrapped into a web browser window bright impression. LXF
without any panels or plug-ins.
Verdict
The Peppermint team maintains Ice,
Features at a glance a tool for managing such desktop
entries. Using Ice you can create or edit
custom web application shortcuts; Peppermint 7
choose whether you want it to be Developer: Peppermint OS project
Web: https://peppermintos.com
powered by Mozilla Firefox (default), Licence: Various
Google Chrome or Chromium; set up
Features 8/10
icons and choose menu subcategories.
Performance 10/10
Integrating web applications into the Ease of use 9/10
convenient desktop helps keep the Documentation 9/10
system lightweight in terms of the hard
A fast distro that brings the web to
Great control Web apps disk footprint. In fact, we’d say that your desktop, even if it can run on
The distro offers Ditch bookmarks in Peppermint is probably a better very outdated hardware.
Rating 9/10
easy access to many favour of web applications alternative to other ‘light’ Linux distros
settings and is great that look like convenient
when you want to breath new life into a
for customisation. desktop apps.
decade-old PC that you can speed up,

Open Source DOS Reviews
FreeDOS 1.2
Alexander Tolstoy discovers the freshly released open source clone of the
once famous DOS operating system and gets all nostalgic.
R
eviewing FreeDOS greatly
In brief... differs from playing with any of
numerous Linux distribution
A robust and (distros). For instance, we cannot
compact OS for discuss styling or an icon theme (there
running historic
programs or using are no such things in DOS), neither can
for embedded we estimate hardware compatibility—
systems. It’s not FreeDOS runs on every x86-based
UNIX-like and has device with the exception of some very
no GUI by design,
old machines (that were probably
but adds support
for modern released in the early 1980s).
interfaces to DOS. Still there are reasons why using
FreeDOS can be justified. You may need
to run old applications that are
somehow tied to a specific business
process that can’t be updated to use
modern technology or you simply want
to play retro games. We think that FreeDOS will run faster on your Chromebook than Google’s
OEM vendors often ship notebooks Chrome OS, but this is hardly surprising…
without Windows and install FreeDOS
as a placeholder. FreeDOS comes as a Many people may get stuck at this definitely not for general daily use.
ZIP archive with a main image and a stage, because it’s not evident what to However, it’s the best possible DOS
VMDK link file. There’s little sense in do next. Luckily, the FreeDOS project implementation in the modern world,
installing the system on real hardware, has superb (although concise) but despite support for mouse, USB,
so the easiest way to try it out is documentation that has clear and printing and networking it still remains a
VirtualBox. FreeDOS boots into a practical instructions. You can start the niche OS. FreeDOS can bring to life very
friendly installer, which is a brand-new FreeDOS package manager fdimples to low end PC-compatible machines, but
addition in the 1.2 release. The installer install lots of additional software, since you can use Linux for that too, we
guides you through the setup process including games, development tools, think that the only real benefit of
and transfers the basic system to the text editors, network utilities and more. FreeDOS is historic applications. Apart
newly formatted C:\ drive (you’re from old games, you can run such
supposed to create another VirtualBox DOS with bells things as Microsoft Word 5.5 for DOS,
drive to have the installation target). With regards to the venerable age of which has been officially recognised as
Within a minute or so the installer DOS, the choice of applications is abandonware by Redmond. It reads and
reboots your machine and after running impressive. There are some titles that writes RTF, the format which is still used
autoexec.bat you will see an old DOS make use of graphical mode with a and supported in up-to-date office
prompt. It looks like a runlevel 3 in Unix- mouse pointer, e.g. the FancyMines suites. Needless to say, you can run
based systems, but without any escape game. Although the graphical mode can FreeDOS comfortably with a teeny
to a GUI. be a bit slow, you may find yourself weeny amount of RAM. LXF
working in a fully fledged OS in some
Verdict
applications. In other regards, FreeDOS
Features at a glance wants you to learn commands that
differ from what you might get used to
in Linux. But that’s for the legacy DOS FreeDOS 1.2
part, because FreeDOS adds some Developer: The FreeDOS project
Web: www.freedos.org
open source Unix tools as well, such as Licence: GPL
grep and tee. You can also make your
Features 3/10
workplace more intuitive by installing
Performance 9/10
and running the Dos Navigator file Ease of use 2/10
manager—a feature-rich free clone of Documentation 8/10
Norton Commander. It’s a twin-panel
Never shall those born to crawl,
The real DOS Productivity apps Swiss Army knife, that can deal with learn to fly and sadly this is true for
A fully compatible Many real-world office networking tasks and even has a built-in this DOS-on-steroids project.
Rating 4/10
implementation of the and productivity apps are Tetris game!
original Microsoft DOS bundled with it, including
We were generally pleased with the
with many extras. a decent file manager.
quality of FreeDOS, although the OS is

Reviews Linux games
Dirt Rally
You don’t have to be a loud-mouthed, producer-punching, overly-tall Amazon
employee to enjoy driving cars, but it does help.
T
he DiRT series fell into freefall
Specs after shedding the Colin McRae
name, padding its content with
Minimum: ‘cool’ dialogue, x-game events, fireworks
OS: Ubuntu and pomp. It was time to reset. With no
16.04 64-bit,
Steam OS 2.0 buildup, no fuss, Codemasters
64-bit announced and released DiRT Rally into
CPU: AMD FX early access.
series, Intel Core i3 For release, the content has been
series added to significantly. There are 40+
RAM: 8GB cars available including icons, such as a
GPU: Nvidia 1960s Mini Cooper, 1970s Stratos,
GT430 series 1980’s Group B Quattro, modern
HDD: 50GB Imprezas, Fiestas, Peugeot Hillclimbers
Recommended: and more. As so often is the case
CPU: AMD though, including such a breadth of
FX-8150, Intel Core
content comes with its own problems.
i5 46xx
The cars look different, sound
GPU: Nvidia
GTX780 different, but they feel incredibly similar If you’re a racing sim fan, be warned that Rally DiRT lacks driving fidelity.
and lack any real, unique character. This
lack of fidelity extends into other areas,
keeping DiRT Rally at arms length from drop hundreds of pounds into goes towards repairs however, so each
any sort of sim status. With all assists equipment—this is the most crash will put that new Lancia further
off, an invisible hand will still gently help comprehensive pure-rally offering there and further away.
keep the rear-end of your car in check. has been for years. The car and stage DiRT Rally, then, has a bold title. It’s
The in-car wheel is locked to 180°; the selection is broad, and while physics a statement. It’s explicitly a rally game.
gearbox modelling is laughable and suffer, driving concepts like racing lines, A rally game where everyone takes it
stamping on the brakes is perfectly throttle control and oversteer still apply seriously, and in this it succeeds.
acceptable. Mud, ice and gravel feel without being overly punishing. Driving Unfortunately, though, in physics and
incredibly similar and the amount of the cars is exciting, it’s just a bit simple. handling detail, it is a little flat. The lack
traction control is ridiculous. None of of any sort of precarious feel when
this means that it’s bad per se it just Rally not a sim flying over ice and mud is an absolute
means we are firmly in ‘game’ rather Three event types are available—rally, shame, and the amount of forced
than ‘sim’ territory. hillclimb and RallyX. Racing directly assistance is a disappointment. Anyone
Much like Codemasters F1 games, against AI in RallyX is a fun distraction— waiting for a new Richard Burns will
if you have an interest in the sport the AI is aggressive but fair, while need to carry on waiting. If you’re after
without necessarily having the desire to avoiding feeling too artificial. Hillclimb a successor to the old Colin McRae
and normal rallying are really the focus games or RalliSport Challenge though,
though, with events taking you over DiRT Rally is a strong offering. LXF
Swedish snow and ice, Greek dirt, Welsh
Verdict
mud, long stretches of German
farmland, through Monaco’s frozen
tunnels and over America’s Pikes Peak.
Each rally is built up with stages and Dirt Rally
each stage is roughly a two to ten Developer: Feral Interactive
Web: www.feralinteractive.com
minute long point-to-point time trial. Price: £40
Car degradation from each stage is
Gameplay 8/10
persistent, with you having to allocate
Graphics 9/10
time for repairs between stages. It Longevity 8/10
means a trade off between going balls- Value 7/10
to-the wall fast and easing off to get
It may not be a full on sim, but it
your car through in one piece. offers enough thrill, detail and spirit to
The career mode stretches this fill to bursting ravenous driving fans.
Rating 8/10
concept out. As you complete events
you accumulate cash to spend on cars
and upgrades. That same money pot

M re e o
g nt3.c
c tt
o a n m
a
o
r t t
e
Get fit fast in 2016
with the very best tech
for runninG,
cycLinG and more…
Life’s better with t3

www.myfavouritemagazines.co.uk/t3
Roundup
Roundup Privacy distributions
Every month we compare tons

of stuff so you don’t have to!
Privacy distros
Mayank Sharma doesn’t have a cloaking device, but he is seeking a distro
that will enable him to tip-toe around the internet without leaving footprints.
How we tested...
We’ve covered some of the
distributions in this Roundup before.
A few from earlier Roundups have
fallen by the wayside which is why
we’ll rate the ones on test here
based on their release schedules.
We’ll also look at their mechanisms
for ensuring privacy and rate them
depending on the different aspects
of computing they safeguard, e.g. a
distro that only protects privacy
leaks while you’re online will be rated
lower than the one that also protects
your privacy offline. Also, support
avenues and documentation will go
a long way in ensuring such a
specialised distro’s uptake as will
their ease of deployment, both of
which will also be tested. Finally,
since the objective is to use these
privacy distros as a regular desktop,
we’ll also test their feasibility as an
everyday distro that you can use for
your daily computing needs.
P “Crafted specifically to equip you

rivacy is one of the topics
that’s always on our radar. In
fact, you’ve read about
privacy fortifying distributions
with the means to defend your
(distros) on these very pages in at least privacy and prevent leaks.”
two past issues [see Roundup, p26,
LXF124 and Roundup, p28, LXF196]. are champing at the bit to track all our approaches and each comes with their
Our And here we are at it again. Our online excursions and we have to be own traits and benefits. Some rely on
selection obsession with the topic is along the proactive and employ every resource routing your web traffic via well-known
same lines as Bob Marley who showed available to thwart their attempts at anonymising networks such as Tor,
Linux Kodachi
up to perform at a concert two days intruding our privacy. while others use novel approaches such
Subgraph OS2
Tails
after being shot and famously The distros in this Roundup have all as security by compartmentalisation.
Trusted End remarked: “The people who are trying been crafted specifically to equip you Also, since anonymity and security tend
Node Security to make this world worse are not taking with the means to defend your privacy to go hand in hand, using these distros
(TENS)
Whonix
the day off. Why should I?” In the same and prevent any inadvertent leaks. The will help you protect your computer
vein, there’s no dearth of entities that distributions may follow different from digital assailants.

Protection
What mechanisms do they use?
T
rusted End Node Security, like its Next, there’s Whonix which is built
peers uses a modified kernel on the concept of security by isolation.
along with other tools such as The distro comes in the form of two
DNS Crypt to prevent DNS spoofing by virtual machines. The idea behind this
authenticating communications delivery is to isolate the environment
between the computer and the DNS you work in from the internet access In addition to Tor, you can also ask Tails to route internet
resolver. It also includes an application point. On top of this, Whonix routes all traffic through the Invisible Internet Project popularly
to encrypt and decrypt individual files internet traffic through Tor. Thanks to known as the I2P anonymising network.
and complete directories, and works this setup, even if one of the machines
with DoD-issued Common Access Card
(CAC) and Personal Identity Verification
is compromised, it would be impossible
to find out your real IP. first routes all connections to the Verdict
(PIV) smartcards for accessing Subgraph OS bills itself as “an internet through a VPN before passing
Linux Kodachi
restricted government websites. adversary resistant computing them to the Tor network. Kodachi also HHHHH
Tails (The Amnesiac Incognito Live platform”. It too anonymises all your bundles a collection of tools to easily Subgraph OS
System) is built around Tor, which is an Internet traffic by routing it via the Tor change identifying information such as HHHHH
open network of anonymous servers network. The distribution ships with a the Tor exit country as well as reset your Tails
that attempts to prevent your kernel hardened with patches from the DNS servers and more—all with a
HHHHH
TENS
identification. The Tails distro also Grsecurity project that makes the single click. The distro also encrypts the HHHHH
includes tools that help set up the Subgraph OS more resistant to security connection to the DNS resolver and Whonix
network and a web browser with vulnerabilities. To top it all, the distro includes well-known cryptographic and HHHHH
privacy-enhancing extensions with a runs many desktop applications inside privacy tools to encrypt all your offline Kodachi and
proven track record. Additionally, a security sandbox to limit their risk in files, emails and instant messaging. Subgraph trump
the others and
Tails includes a couple of useful case of a breach. When you are done using it, Kodachi
go further to
cryptographic tools to encrypt disks You’ll find the same level of all-round also removes traces of its use from the ensure privacy.
and online communication. protection in Linux Kodachi as well as it computer during shutdown.
Deployment flexibility
Interaction with physical disks.
P
ersistence storage and privacy The only exception is TENS which installation script to help anchor the
don’t blend well together. While simply cannot be installed. There’s also distro to the hard disk like any regular
all distros in this Roundup take no installation mechanism for Whonix. Linux distro. However the installer is
special care not to interact with the The project offers several deployments very rudimentary and uses GParted
hard disks on the computer, some do mechanisms, the most convenient of for slicing the disk. You also can’t
let you anchor them if you decide that which is to grab the virtual machines change the default username else
the benefits of persistence outweigh which function like any other installed many of the custom scripts won’t
the downsides. distro. Linux Kodachi includes an function post-installation.
Tails takes special care to not use
the computer’s hard disks, even if there
is some swap space on them. But it
does include an installer to create a Verdict
persistent partition either on the same
Linux Kodachi
USB stick that you boot from, or HHHHH
another USB storage device. The Subgraph OS
installer enables you to choose the type HHHHH
of data you’d like to preserve with Tails
HHHHH
options such as SSH keys, Pidgin
TENS
settings, Icedove configuration and HHHHH
emails, APT packages and more. Whonix
You also get the option to create a folder HHHHH
to store any personal documents. Even It’s best to use
if you’ve created a persistent volume, an encrypted
partition just like
Tails gives you the option to boot into a Subgraph, so
Subgraph OS uses a modified Debian installer, but unlike any of the other pristine environment if you don’t need this distro wins.
distros it helps you set up encrypted LVM volumes during installation. access to your personal data.

Ease of use
Does using them require special skill?
P
rivacy and anonymity are two different Being anonymous while maintaining your password policy, e.g. for locking your login
concepts that are often confused. privacy on the internet requires compromise. details or encrypting your files. All this
Privacy is the ability to keep some First, you can expect slower browsing speeds shouldn’t compromise a comfortable web
things to yourself; in contrast, anonymity is as the data packets are routed all over the browsing or computing experience. we’ll be on
when you want people to see what you do, just world before arriving at your computer. the lookout for the ones that supply the most
not that it’s you doing it. Second, some distros will enforce a stronger safeguards with minimum disruptions.
Linux Kodachi HHHHH

The distro boots into a heavily modified Xfce desktop environment that
displays useful information about the system directly on the desktop,
including the status and IP address of the VPN, the Mac address, Tor IP,
CPU usage, memory and traffic data. Once Kodachi is connected to the
internet, you can start the Kodachi VPN which will automatically initiate
the Tor connection as well. Advanced users can also easily connect via
their own VPN. The distro also enables you to choose exit nodes by
country using the Tor tools option in the dock. The dock has all the
applications and tools you’ll use frequently, such as Tor browser, VPN
tools, DNS tools, and security applications. The dock entry labelled Pain
Room supplies access to some useful privacy tools, such as the ability to
generate a new MAC address, Wipe the RAM and wipe free space.
Subgraph OS HHHHH
Ease of use is one of the design goals of the distro particularly for its
privacy tools without compromising their effectiveness. To this end it
uses the Gnome 3 desktop. As soon as it’s connected to the internet, the
distro establishes a connection to the Tor network. Once connected you
can launch the Tor browser from the Activities Overview. Subgraph
doesn’t include the Tor browser by default but will download it when you
launch it for the first time. At first glance, the distro appears like any
other Gnome-based desktop. However, the default bundled applications
give away its true intentions. Instead of the regular communication
applications, Subgraph bundles privacy-fortifying alternatives that route
communications via the Tor network. The other major change is that the
different applications run inside isolated sandboxes and you can track
them using the sandbox icon in the status menu in the top bar.
Documentation & support

When the inevitable happens. Verdict
H
Linux Kodachi
elpful documentation and aware of common issues related to Kodachi too has all the information you
HHHHH
active support avenues play an privacy and the importance of need to get started with the distro Subgraph OS
important role in the uptake of encryption. There’s even an XMPP chat including an installation guide and HHHHH
any software. This is especially true for room, a support mailing list and a form some useful notes on usage. Tails
privacy-enhancing distros that can to request features. The Subgraph OS website explains HHHHH
TENS
often be frustrating and involve a Whonix won’t let you down either the various privacy-centric features in HHHHH
learning curve even for people familiar with its wiki containing detailed detail and there’s also a well-illustrated Whonix
with Linux. documentation. The distro also offers handbook in both ODF and HTML HHHHHH
Tails offers in-depth end-user several support options and has a very format. On the downside however, Even if you
documentation in multiple languages active forum. To assist new users, TENS, Kodachi and Subgraph have no don’t use Whonix,
its wiki is worth
with general information, first steps, TENS’ s website contains several official means of support—no forum
reading for the
commonly asked questions and thorough FAQs as well as a Quick Start boards and no IRC. That said, it’s still privacy content.
detailed explanations to make you guide and a user’s manual. Linux early days for Subgraph.

Tails HHHHH
Tails displays a greeter when you fire up the distro. You can choose to
use Tails without making any changes. But if you do, the greeter enables
you to specify a password for the root user and disable MAC address
spoofing which on some computers causes trouble connecting to the
internet. As soon as you’re online, Tails automatically connects to the Tor
network. You can click on the Tor icon in the status bar to view the
circuits and streams. Once connected you can use the Tor browser.
Another anonymising network that’s occasionally pitted against Tor is
I2P (Invisible Internet Project). You can access I2P from Tails by passing
the i2p boot parameter on bootup. The distro will connect to the I2P
network in the background. When it’s done, fire up the bundled I2P
Browser, which will take you to I2P’s browser-based control panel.
Trusted End Node Security HHHHH

On booting, TENS first asks you to agree to the licence agreement
before it brings up the desktop. Although the distro uses the Xfce 4
desktop, it’s made to resemble Windows XP. Everything from the
desktop’s layout, complete with the Windows’s Start button to the
window decorations have been designed to ape the proprietary OS.
Using TENS is fairly intuitive. One of the hallmarks of the distro is the
Encryption Wizard application. When launched you can drag and drop
files and specify the password to lock them. The files are then all
encrypted and can be emailed using Thunderbird and Davmail, which
are accessible under the Secure Email option in the applications menu.
The menu is also modified to group apps according to their function
such as Security and Configuration, which is helpful for first time users.
Whonix HHHHH
As we’ve noted earlier, Whonix is a pair of Debian-based virtual
appliances that you must run simultaneously in two separate virtual
machines. The iptables rules on the Whonix-Workstation force it to only
connect to the virtual internet LAN and redirect all traffic to the Whonix-
Gateway. This scheme prevents applications from ever knowing the
user’s real IP address or accessing any information on the physical
hardware. At first launch, both appliances take you through a brief set up
wizard to familiarise you with the project and set up some components,
such as the repository. The distro has an icon for the Tor browser but
doesn’t ship with it by default; instead the icon brings up a script to
download one from a list of stable, new and hardened releases. Finally,
WhonixCheck scans the current installation and tests the Tor connection.
Development state
How actively are they maintained? Verdict
A
Linux Kodachi
bitter truth of the open source distros in this Roundup. After all it’s releases. Similarly, Linux Kodachi which
HHHHH
development model is that imperative that the distro you choose is developed by a professional IT Subgraph OS
projects lose steam and die. keeps pace with the ever evolving security service provider was first HHHHH
The same holds true for security and nature of threats to your online and released in 2013 but had been in Tails
privacy-centric distros as well and there offline privacy. hibernation until 2016 and is now HHHHH
TENS
have been several worthy contenders If you’re wary of new projects you seeing releases and updates at regular HHHHH
that have either perished or continue to may want to stay clear of Subgraph, intervals. Whonix has been churning Whonix
exist with their development in a state despite its amazing set of feature, since out releases very actively since it began HHHHH
of suspended animation. the project is in the very early phase of in 2012 and receives updates every few One of the
While we don’t usually rate development. TENS, which was months. Then there’s Tails which is one reasons for
Tails’ popularity
specialised distros according to their previously known as Lightweight of the best-maintained security distros,
is its consistent
development state, it plays an Portable Security, is updated regularly, with a fast pace of development and release policy.
important role while comparing the typically with quarterly maintenance new releases every few months.

Bundled apps & manager
Can you use the distro as an everyday desktop?
T
ENS supplies the user with a PDF as the regular release aside from It also bundles the Synaptic package
reader and a bunch of remote including LibreOffice and Adobe Reader. manager for fleshing out the distro.
desktop software, including the However, more important than included Similarly, Subgraph OS bundles all
Citrix Receiver and VMware View. These software TENS has no package the applications you need for daily
are complemented by a smattering of manager to help flesh out the distro. desktop use, many with the added
applications, such as a barebones text With Tails you get the usual cocktail privacy protection. There’s LibreOffice,
editor and an image viewer. The of software that you’ll find on many Video Player and Debian’s Icedove that
developers also produces a Deluxe Linux distros, such as LibreOffice, GIMP, are all wrapped by Oz, the sandboxing
edition of the distro which is the same Scribus, Pidgin, Audacity and PiTiVi . system. The distro can fetch packages
from its own custom repository and
that of Debian Testing.
Whonix too has more or less the
same mix of applications with a few
exceptions. It doesn’t have LibreOffice Verdict
(for a change) but includes VLC. There’s
Linux Kodachi
also KGpg for managing keys and many HHHHH
of its applications are tuned for Subgraph OS
guaranteeing privacy. The distro has a HHHHH
bunch of repos and you’ll have to Tails
choose one while setting up the distro.
HHHHH
TENS
Linux Kodachi scores over the HHHHH
others and includes the widest set of Whonix
applications. The distro caters to all HHHHH
kinds of users and includes VLC, Linux Kodachi
Audacity, LibreOffice, VirtualBox and is the most
usable distro
Whonix doesn’t includes a graphical package manager but you can use the Komodo Edit. It too is based on Debian
straight out of
WhonixCheck script to search for any available updates and then upgrade the and includes the Synaptic package the box.
distro from the command line. manager to pull in additional apps.
Protection applications
How do they safeguard the user?
T
ENS has tools that enable you to and includes MAT. It uses
authenticate with smartcards the anonymous peer-to-peer
issued by the US Department of IM, Ricochet and the privacy
Defense and includes the public edition friendly email client combo
of the Encryption Wizard created by the of Thunderbird with TorBirdy.
US Air Force Research Laboratory to However, Whonix is much
encrypt documents and directories. less amnesiac than Tails and
Besides Tor, Tails has AppArmor for
application isolation; PWGen for
the distro doesn’t take any
special measures to limit
Verdict
generating strong passwords; what is written to disk and
Linux Kodachi
KeePassX for managing them and doesn’t encrypt saved HHHHH
AirCrackNG for auditing wireless documents by default. Subgraph OS
networks. There’s also Electrum Bitcoin Linux Kodachi includes a The Encryption Wizard application in TENS HHHHH
wallet, Nautilus Wipe to securely delete suite of privacy protection encrypts files with 128-bit keys. You specify two Tails
sets of passwords in case you forget one. HHHHH
files and MAT for zapping metadata tools and besides Tor and TENS
information from files. The Pidgin VPN, there’s DNSCrypt, HHHHH
instant messenger is equipped with the VeraCrypt, Peer Guardian, tools to wipe OnionShare, which is an anonymous, Whonix
Off-The-Record (OTR) plugin and the RAM, Enigmail, Pidgin OTR and more. peer-to-peer file sharing application. HHHHH
distro uses scripts to wipe your RAM on Subgraph OS runs many desktop Then there’s Subgraph Firewall which Apps for
messaging and
reboot or shutdown to protect against applications in the Oz security sandbox. applies filtering policies to outgoing
filesharing over
forensic recovery techniques. The distro includes CoyIM to encrypt connections on a per-application basis Tor in included
Whonix also uses Tor to hide your IP Jabber chats end-to-end using OTR. and is useful for monitoring unexpected in Subgraph.
address and circumvent censorship Subgraph uses Ricochet and connections from applications.

Verdict: Privacy distros
The verdict
U
p until the Edward Snowden of its peers such as Tails, which is one of
leaks, the proponents of the best-known distros for anonymity
privacy attacks were and privacy. It’s built around the Tor
considered digital outlaws on the wrong network, is regularly updated and
side of the law by the mainstream. equips you with the right tools for
However, it’s now been recognised that covering your tracks online.
we’re in the midst of an information age However, both Linux Kodachi and
where invading our privacy is not only a Subgraph OS overshadow the rest in
popular business model but state- terms of the privacy protection they
sponsored practice. both offer. They both use sandboxed
Given the US government’s track environments to isolate applications
Kodachi includes Firejail to run commonly used
record when it comes to ensuring from each other and limit the footprint
applications inside limited sandboxed environments.
privacy, it’s difficult to recommend the on a system, which makes them some
TENS distro, even more so when there of the best means to shield yourself and Technology Fund. Despite its early
are far better alternatives on offer. One your data. Both distros are also built developmental status, Subgraph works
of these is Whonix, which uses a unique around the Tor network but Subgraph well but isn’t the winner since its own
compartmentalised approach to edges Kodachi in terms of the software developers don’t yet recommend it for
ensuring privacy. While we can imagine bundles that it offers. production use.
experienced privacy campaigners Subgraph OS is steered by a team of This leaves Linux Kodachi which is
putting in the effort required to set it up, developers that have a proven track our recommendation. The distro isn’t
we don’t expect the same from new record of developing security-centric easy to install but its bundled apps and
users who probably don’t fully grasp apps and it’s even endorsed by use of routing the traffic via VPN before
the issues involved. It is the distros’s Snowden. Furthermore, Subgraph passing it through the Tor network adds
technical superiority which puts it at recently received 12 months of an extra layer of protection, and helps
odds with the usability offered by some development support from the Open tilt the scales in its favour.
1st Linux Kodachi HHHHH 4th Whonix HHHHH

Web: http://bit.ly/Kodachi Licence: Apache License v2.0 Version: 3.7 Web: www.whonix.org Licence: GPL and others Version: 13.0.0.1.4
A very usable distro that goes the extra mile to protect your privacy. A wonderful option that works best for experienced privacy campaigners.
2nd Subgraph OS HHHHH 5th TENS HHHHH

Web: https://subgraph.com Licence: GPL v3+ Version: Alpha Release 3 Web: http://bit.ly/TENSDistro Licence: GPL and others Version: 1.7.0
Loses out just because its developers don’t deem it production ready. Doesn’t offer anything uniquely different that’s not available elsewhere.
3rd Tails HHHHHHHH Over to you...

Web: https://tails.boum.org Licence: GNU GPL v3 Version: 2.10 Have you tried any of these distros to protect your privacy or would
Experience the best of two anonymising networks and a host of tools. you recommend another? Let us know at lxf.letters@futurenet.com
Also consider...
In the previous iteration of this Roundup, we off from one another. Each virtual machine we covered before is Ubuntu Privacy Remix.
included Qubes OS in the mix as well. While it only has access to the services that it needs to It’s now called Discreete Linux and is currently
is an interesting Linux distribution it’s more perform the designated function, thus limiting in the early stages of development. One
geared towards security conscious users the potential security threat. You can, if you so notable feature of the distro is that it
rather than privacy advocates. The distro desired, deploy Whonix over a Qubes automatically converts the free space left on
divides the computer into a series of virtual installation to get the best of both worlds. the boot disk into an encrypted silo that you
machines or domains using Xen that are cut- Another distro that’s worth looking at and that can use to house any files. LXF

Subscribe to
Choose the perfect package for you!

Get the print edition Get the diGital edition
On iOS &
Android!
Every issue comes with a 4GB DVD The cheapest way to get Linux Format.
packed full of the hottest distros, Instant access on your iPad, iPhone
apps, games and loads more! and Android device.
Only £14 Only £11.25

Every 3 months by Direct Debit Every 3 months by Direct Debit

Get the
bundLe deAL
Get both the print & digital
editions for one low price!
SAVE
£18 Every 3 months by Direct Debit
36%
PLUS: Exclusive access to the Linux
Format subs area—1,000s of DRM-free
issues, tutorials, features and reviews.
Subscribe online today…

myfavouritemagazines.co.uk/LINsubs17
Or Call: 0344 848 2852
Prices and savings quoted are compared to buying full-priced UK print and digital issues. You will receive 13 issues in a year. You can write to
us or call us to cancel your subscription within 14 days of purchase. Your subscription is for the minimum term specified and will expire at the
end of the current term. Payment is non-refundable after the 14 day cancellation period unless exceptional circumstances apply.
Your statutory rights are not affected. Prices correct at time of print and subject to change. UK calls will cost the same as other standard
fixed line numbers (starting 01 or 02) and are included as part of any inclusive or free minutes allowances (if offered by your phone tariff).
For full terms and conditions please visit: bit.ly/magtandc. Offer ends 30/04/2017

Master the Terminal
Journey, you must, into the

often feared land of the shell with
Mayank Sharma and discover the
firepower of a fully armed and
operational command line!
D
espite the leaps and bounds configure your network or tweak other it’s a good idea to embrace this mature
that Linux desktops system settings, you can do it from the and powerful interface and get familiar
environments have made over terminal. In fact, the graphical front-end with its ways.
the years, there are still applications use these command-line We’ve compiled a set of commands
moments when accomplishing a task tools to get things done. Still, as you might that you should be familiar with to work
requires you to fire up a terminal. Since have noticed, we often ask you to switch more efficiently with your Linux install.
none of the other mainstream There’s obviously a learning
operating systems rely on the
Command Line Interface (CLI)
“while the graphical tools have curve to using the terminal to
compose your own
in the same way as Linux, it’s
often quite intimidating for
made the CLI optional, most commands and over the next
few pages we’ll handhold you
new users. Fear of the CLI is only expose a small subset.” through the CLI and help you
simply not acceptable to realise the true potential of
anyone at LXF towers. to the command line to complete a task. this interface. Once you get comfortable,
The command line is a powerful portal to That’s because that while the graphical you’ll notice its speed and efficiency for
some amazing tools that makes it possible tools have made the CLI optional, most common admin tasks. The skills you learn
to accomplish tasks much more quickly only expose a small subset of the features over the next few pages will also elevate
than you could with graphical tools. offered by their command-line equivalents. your Linux competence and help you join
Whether you want to install software, Since there’s no escaping the Linux CLI, the ranks of experienced campaigners.

Master the Terminal
Easing into a CLI

How to break terminal velocity and not your leg.
A
terminal emulator is one of the core applications
that’s bundled with every Linux desktop environment.
Gnome has the gnome-terminal while KDE uses
konsole though they are usually simply labelled as ‘Terminal’
in the application menu, When you fire up a terminal you get a
prompt like bodhi@epoch: ~ $ . While it may vary in
appearance somewhat depending on the distribution (distro),
it’s usually made up of your username@machinename,
followed by the current working directory and a dollar sign.
Note that the last character changes from $ to # when the
terminal session has superuser privileges.
Let’s begin our terminal travels by learning to navigate the
Linux file system. Files under Linux are organised in a
hierarchical directory structure that you can think of as an You can add options to most commands. Some consist of single characters
inverted tree-like pattern. The top most directory is called the preceded by a dash, (e.g. -l), but many are longer (e.g. --human-readable).
root directory which contains files and subdirectories that
further contain more files and subdirectories and so on. In the can use the cd command to change the current working
Top Tip:
shell you are always inside a directory. To display the current directory. By entering cd without any attributes, this will Shift+PgUp/
working directory, we use the pwd (print working directory) return you to your home directory. To change to another PgDown: Use these
key combinations to
command, such as: directory you’ll have to append its pathname as an attribute. scroll the command-
bodhi@epoch: ~ $ pwd A pathname can be understood as the route taken along the line interface.
/home/bodhi filesystem tree to get to a desired directory.
By default the terminal session sets the current working
directory to your home directory. As you are probably aware, Move around
every user who has an account on your distribution gets their There are two distinct mechanisms for specifying pathnames:
own home directory. You can list the contents of a directory absolute pathnames and relative pathnames. An absolute
with the ls command which can also be used to display pathname begins with the root directory and follows the tree
various attributes about the files and folders, such as: one from branch to branch until it reaches the desired
bodhi@epoch: ~ $ ls -l location. For example, the pathname to get to the directory
total 196 that apps and various utilities use to house their logs is /var/
-rw-rw-r-- 1 bodhi bodhi 5701 Feb 4 18:20 example-text-file. log. The leading / represents the root directory under which
txt there is a directory named var that further contains the log
-rw-rw-r-- 1 bodhi bodhi 16405 Dec 13 08:45 chart.ods directory. Type cd /var/log to move into that directory. Notice Top Tip:
-rw-rw-r-- 1 bodhi bodhi 23339 Dec 13 08:47 an-ebook.pdf the change in the shell prompt that now displays the Ctrl+R: Use
this key combo and
drwxr-xr-x 3 bodhi bodhi 4096 Feb 4 12:32 Desktop pathname of the current working directory. type any keyword to
drwxr-xr-x 10 bodhi bodhi 20480 Feb 6 15:17 Documents In contrast to absolute pathnames, a relative pathname search for matching
…. traces its steps to the destination directory with respect to commands in
the history.
We’ll equip you with the skills to make sense of this output the current working directory. To this end it uses a couple of
over the next few pages. The Linux shell also keeps a log of all special notations, a single dot (.) and two dots (..). The single
the commands you’ve executed on the shell. You can press dot notation represents the current directory while the double
the Up arrow key to bring up the previous command. This list dot represents its parent, e.g. if you wish to move to the /var
of commands is kept in a hidden file named .bash_history directory from the /var/log directory, you can type cd ..
under your home directory. To navigate the filesystem you instead of the absolute pathname which is cd /var .
The CLI flows through Linux

The Linux command line offers various options Similarly, most command-line utilities also that’s usually enough to gauge the purpose of
to help you be more productive and find your bundle a formal piece of documentation known an unfamiliar utility. Then there’s apropos that
way around the unfamiliar environment. as the manual page and usually referred to as looks for a string inside a man page’s name and
For instance, many commands and utilities its man page. description sections. It comes in handy when
support a --help option that displays The command man mkdir will bring up the you can’t remember the right command for a
information about its supported options. man page for the mkdir utility. There are also a particular task. For example, apropos "split a
For example, the rm --help command will print couple of helpful utilities that can extract brief zip file" will point you to the zipsplit utility that
the various options supported by the rm information from a man page. For example, the helps you split a ZIP file into smaller ZIP files.
command along with their description and brief whatis command displays a very brief You can then read through its man page to get
usage instructions. description of a command from its manual page familiar with its syntax and usage.

Master the Terminal
Users and permissions

Crowd control from the blank void of the dark terminal.
T
ypically most desktop Linux distros only create a The command usermod --expiredate 2017-05-21 mayank will
single user during installation. But Linux is a disable logins into the account post 21 May 2017. In the same
multiuser system that can be used by multiple vein, you can also delete a user account with the userdel
users at the same time (as we’ll learn later in the feature). command. For example, userdel --remove mayank will delete
There are a number of command-line tools that help you the mayank user along with its home directory and all the
create and maintain users and groups, such as: files residing within.
Top Tip: $ useradd mayank
split: chop a file
into pieces, e.g. $ passwd mayank Change identities
split <FILE> The first command creates a new user account called As you get familiar with the command line utilities your distro
--bytes=1000 splits
<FILE> into 1,000
mayank that’s locked until you assign a password to it with has to offer you’ll often run into some that require superuser
byte files. the second command. When a new user account is created, privileges. This is especially true of most commands that help
Linux will also create a home directory for the account with carry out some administrative task. The two main commands
the username, such as /home/mayank. The user account that help you take on escalated identities are su and sudo .
will have a bunch of hidden files that’ll provide the Some distros include one of the two commands while others
environment variables for the user’s session. The command include both.
also creates a group with the same name as the new user. The su command enables you to assume the identity of
Once you’ve added an account, you can edit it with the another user and gives you the option to either initiate a new
usermod command. So for example, the command shell session or only issue a single command as that user.
usermod --append --groups sudo,vboxusers mayank The command su mayank will prompt you for the password
adds the user mayank to the comma separated list of for the mayank user and after successful authentication
groups. If you issue this command without the --append change the working environment from the existing user to
option, the user will be added to the specified groups but that of the mayank user. If you don’t specify a username with
removed from any other groups it already belongs to. A useful the su command, it’ll assume you wish to log in as the
security option is to set an expiry date for an account. superuser and prompt you for the password of the root user.
Any command you enter now will run with the privileges of
the root user. Type exit when you wish to terminate the
session and return to your own shell.
It is also possible to execute a single command rather
than starting a new interactive shell with the -c switch.
For example, su -c "ls -l /root/" will first prompt you for the
password of the root user and then run the command
between the quotes with superuser privileges.
The sudo command, on the other hand, allows an
administrator to set up a configuration file called /etc/
sudoers, and define specific commands that particular users
are permitted to execute with superuser privileges. Another
important difference is that the use of sudo doesn’t require
access to the password of the root user and you instead
authenticate using your own password. These differences
make sudo the preferred mechanism of the two. So you can
list the contents of the root directory with sudo ls -l /root/
The commands whoami, who, w and last help you track user activity. after authenticating with the password for your account.
The power of permissions

Each file in Linux has a set of user and group The first character indicates whether the reads rwxrw-r-- , which means the user has
permissions, and you can use ls -l to see a corresponding item is a directory or a file with a read, write and execute permissions, while
file’s full set of permissions and attributes. The directory marked with a d character and a other members of the group have read and
output begins with the permission flags like regular file marked with a hyphen ( - ). The next write permissions and everyone else can only
this drwxr-xr-x that has four components: nine characters are broken up into sets of three read the file.
$ ls -l characters each, which indicate permissions for Sometimes the permissions are represented
-rwxrw-r-- 1 bodhi bodhi 23339 Dec 13 08:47 the user, group and everyone else respectively. with a numerical notation. Read permissions
some-document.pdf The r denotes read permission, w is for write weigh in at 4, write is 2 and execute is 1. So the
drwxr-xr-x 3 bodhi bodhi 4096 Feb 4 12:32 permissions and x points to execute permission rwxr-x--x can be presented as
Desktop permissions. The first entry in the example (4+2+1)(4+0+1)(0+0+1) or 751.

Master the Terminal
Files and directories

Get a choking force grip on file management from the text-only CLI.
A
nother CLI skill that will help you manage your
distro more effectively is the ability to manipulate
the filesystem from the terminal. Before we get to
the commands, first know that under Linux, everything
(including programs, directories and devices) is a file and
every file must be owned by a user. Users can only access
what they own or have been given permission to run.
Permission is granted because the user either belongs to
the file’s group or because the file is accessible to all
users. The one exception to this rule is the root user who is
allowed to access all files and programs in the system.
Many times you’ll need to change the permissions of a file
to make it accessible or inaccessible. The chmod command
helps you change the permissions or mode of a file. Be aware The less command is a program to view text files, where you use the arrow
that only the file’s owner, or the superuser, can change the keys to scroll through a text file.
mode of a file. The command chmod supports two distinct
ways of specifying mode changes: numerical number Top Tip:
representation or symbolic representation. Symbolic notation consuming process to copy all PDFs from one folder to Ctrl+Shift+C/V:
Use these key
offers the advantage of allowing you to set a single attribute another except for the ones that already exist in the combinations to copy
without disturbing any of the others and is divided into three destination folder. In the terminal however cp -u *.pdf and paste text
parts. The first part denotes whom the change will affect and destination-folder will do this without any fuss. from inside the
terminal.
is marked with a combination of the characters u, g, o, and a:
u is for user and refers to the owner of the file or directory, Manipulate files
g is for group owner. The Linux shell provides special characters called wildcards
o is short for others. that help specify a bunch of filenames. Two of the most
a is short for all or a combination of all the characters and is commonly used wildcards are * that matches any
the default value if no character is specified: characters and ? for matching a single character, e.g. d*.pdf
The second part of a symbolic notation marks which matches all files that begins with the character d and ends
operation will be performed: with .pdf while d???.pdf limits itself to PDF files that begin
Plus (‘+’) Indicates that a permission is to be added. with the character d but are followed by exactly three more
Minus (‘-’) Indicates that a permission is to be taken away. characters, such as d001.pdf and d002.pdf.
Equals (=) Indicates that only the specified permissions Equipped with this knowledge we can now comprehend
are to be applied and that all others are to be removed. the cp command. The -u option only copies files that either
The third part denotes what permission will be set and is don’t exist, or are newer than the existing corresponding files,
specified with the earlier mentioned r, w, and x characters. in the destination directory. You can also use the -r option to
Putting this into practice a u+x adds execute permission recursively copy directories and their contents, such as cp -r
for the owner, while u-x removes execute permission from the Documents/ /shared/All_files/ .
owner. Similarly, go=rw sets the group owner and anyone Similar to cp is the mv command that’s used to move Top Tip:
besides the owner to have read and write permission. Any files from the source to the destination. If the destination file Append & to a
command to run it in
previous execute permissions given to users besides the exists, it’s overwritten by the source file. Then there is the rm the background, such
owner are removed. command that’s used to delete files and directories following as [command] &. Use
While it’s easy to perform simple file manipulations with a the command, such as rm file1.txt and rm -r documents . the job ID with the fg
command.
graphical file manager, complicated tasks can be easier with However, be careful when using rm since it zaps the files
the command line programs. For example, it’ll be a time- straightaway instead of moving them to a recycle bin.
Hard and symbolic links

Links enable you to create an association By default, the ln command will create a independent file. An important thing to note
between two files or directories. This is useful hard link between these files. Hard links create about hard links is that they only work on the
for maintaining multiple versions of a file or an identical copy of the linked file on disk that current file system. You can’t create a hard link
directory without the overhead of additional gets updated automatically as the source file to a file on a different file system. Also, hard
disk space for storing multiple copies. Links gets updated. While the content of the two files links don’t work for directories. You can
can either be hard or symbolic and we can use are linked, if the source file gets deleted, the however overcome these issues by using the -s
ln to create a link between two files. target file will continue to exist as an switch to create a symbolic link.

Master the Terminal
Handling filesystems
This may seem like plug and pray but it’s not too complicated.
T
he filesystem layout of a Linux system is as per the duplicator) that helps copy blocks of data from one place to
Filesystem Hierarchy Standard. The table (see another. While dd can be used for a variety of purposes, you’ll
bottom right) lists some of the important mostly encounter this command when dealing with ISO
directories though there may be slight differences images. Virtually all distros put out new releases in the form of
depending on your distro. Unlike Windows, Linux maintains ISO images that you can either burn onto an optical media or
Top Tip: a single filesystem tree and even external devices attach transfer to USB disk with the use of dd, such as:
mkdir: creates
directories, mkdir to it at various points. $ sudo umount /dev/sdd
all_documents/ The first step in managing a storage device is attaching it $ sudo dd if=/path/to/fedora.iso of=/dev/sdd bs=4M
all_images/ creates to the filesystem tree. This process is called mounting. A file $ sync
two directories.
named /etc/fstab lists the devices that will be mounted at In these set of commands, we’ve first unmounted the USB
boot. Read through fstab’s man page ( man fstab ) for an drive connected to /dev/sdd before asking dd to copy the
explanation of each of the fields in the file. ISO file to the USB disk in chunks of four megabytes. The
The mount command is used to mount file systems. operation will take some time to complete but before yanking
Entering the command without arguments will display a list of the disk issue the sync command to make sure all data has
the filesystem’s currently mounted. There are two main been transferred to the disk.
components to mounting a device. The first is the actual You can also use the mount command to mount an ISO
name of the device file associated with the physical device. image while it’s still on the hard disk:
The Linux kernel treats all disk-like devices, such as SATA $ sudo mkdir /mnt/iso_image
hard disks and USB drives as SCSI disks with names such as $ sudo mount -t iso9660 -o loop image.iso /mnt/iso_image
/dev/sdaX. The X is replaced with a number that represents Here we’ve first created a mount point named /mnt/iso_
the partition number. However, many distros associate a image and mounted the image file at that mount point which
device with a text label that can be either a simple text or a is now a loop device. A loop device is a pseudo-device that
randomly generated UUID (Universally Unique Identifier). The makes a file accessible as a block device. After the image is
second component is the mount point, which is the directory mounted, it can be treated just as though it were a real
where the device is attached to the filesystem tree. CD-ROM or DVD. Remember to unmount the image when it’s
Virtually all distros will automatically mount a removable no longer needed.
Top Tip: disk and you can find its mount point with the mount
netstat displays
loads of network
command. However, when you’re done writing to a USB disk, Remote operations
stats: netstat -ap |
make sure you first unmount it before yanking it from the Linux is well-known for its networking dexterity. Its popular
grep [name] to see USB port, e.g. umount /dev/sda1 unmounts the device graphical tools and applications derive their power from
an app’s ports. associated with /dev/sda1. The unmounting process makes feature-rich command line utilities that you can use directly
sure all data destined for the device has been transferred. for more control over network operations. Two of the most
Data as we encounter it every day is in the form of files popular commands used for debugging network-related
organised into structures that we can comprehend. However, issues are ping and traceroute . For instance, the command
in reality data exists in the form of blocks and there are times ping linuxformat.com will send a packet called an ICMP
when you’ll need to move it around in its raw form. For this ECHO_REQUEST to the specified host. Most web servers are
purpose the Linux shell includes the dd utility (short for data configured to reply to this packet, which enables you to verify
Keep files in order

The shell has various mechanisms to effectively a compressed version of the original. The directories on the same PC, on two different
create compressed archives and backup files. corresponding gunzip program is used to computers on the same network or on
Archiving is the process of gathering up many restore compressed files to their original, machines thousands of miles apart over the
files and bundling them together into a single uncompressed form. The bzip2 program is internet, e.g. This command will sync a single file
large file. The tar program is the classic tool for similar to gzip, but uses a different compression (backup.tar) on a local machine from one
archiving files, e.g. the command tar cvf algorithm that achieves higher levels of location to another location (/tmp/backups/):
documents.tar Documents/ would archive the compression at the cost of compression speed. $ rsync -vh backup.tar /tmp/backups/
whole Documents directory inside a single file A file compressed with bzip2 has the extension The v option increases verbosity and h
called documents.tar. Conversely, tar xvf / .bz2, e.g. the command bzip2 documents.tar prints numbers in a human-readable format.
path/to/documents.tar will extract the contents would replace the documents.tar file with the You can as easily sync the file to a remote PC:
of the archive under the current directory. documents.tar.bz2 file. $ rsync -zvh --progress backup.tar
Once you’ve created an archive, you can also Once you’ve rolled your files into an archive, pi@192.168.3.101:/home/pi/backups/
compress it before backing it up. The gzip you can use rsync to back them up to a different The z option compresses the files before
program is used to compress one or more files. location. Rsync does more than make copies of ferrying them and saves you bandwidth and
When executed, it replaces the original file with your files. You can use it to sync files on two time and --progress helps you track the transfer.

Master the Terminal
the connection. The command prints performance statistics

after it is interrupted by pressing Ctrl+C. A properly
functioning network will have no packet loss. You can also use
the traceroute program which displays a listing of all the hops
the network traffic takes to get from your local system to a
specified host, e.g. type traceroute techradar.com to see the
route taken by packets flowing from your computer to
techradar.com’s web server.
The Linux CLI offers several options for sending files over
the network. A popular command-line program for file
downloading is wget. It is useful for downloading content from
both web and FTP sites. The utility can download everything
from single files and multiple files to even entire sites. You’ll
most often use it to fetch ISO images:
$ wget -c http://releases.ubuntu.com/16.04.1/ubuntu-16.04.1-
desktop-amd64.iso The command python -m SimpleHTTPServer uses Python’s built-in HTTP
The -c option asks wget to grab a partially-downloaded server to show the current directory in a web browser on localhost:8000.
file and is useful for resuming interrupted downloads.
It’s often useful to verify the integrity of an ISO image that source or destination pathnames also include the name of a
you have downloaded. In most cases, a distributor of an remote host. For example, to copy a file named document.txt
image will also supply a checksum file which contains a string from our home directory to the remote Pi, we could do this:
of alphanumeric characters that have been calculated from $ scp ~/document.txt pi@192.168.3.101:/home/pi/
image. If the contents of the image file changes by even one Documents/
bit, the resulting checksum will be very different. Checksums To copy files from a remote system down to a local
are most commonly generated by the md5sum program. machine, the order of the scp command just needs to be
Top Tip:
After downloading an image, you should run md5sum against reversed so that the first, or source, argument is the remote file: use the file
the image and compare the results with the md5sum value system and the second, or destination, argument is a command to
determine a file’s
supplied by the publisher: directory on the local system. To illustrate, the following we’ll type. It prints
$ md5sum downloaded-image.iso copy an ISO image in the Downloads directory on the remote details of the file’s
85f43dc4c4ceb007661a3044845g243c downloaded-image. Pi into the current directory on the local machine: contents.
iso $ scp pi@192.168.3.101:/home/pi/Downloads/distro.iso .
Secure transfers
The first generation of tools that were designed to access Important directories inside your distro
remote computers conducted their business in cleartext.
Later, a protocol called SSH was written to securely Directory Purpose
communicate with the remote machine. Virtually all Linux / The root directory of everything.
distros ship with an implementation of SSH which is called /boot Contains the Linux kernel and the boot loader.
OpenSSH. You can use this to run a secure terminal session
Contains essential programs that must be present for the
over the network. All traffic passing over the session is /bin
system to boot and run.
encrypted Including passwords. A SSH setup includes an
This is where the kernel maintains a list of all the devices that
SSH server that runs on the remote host and listens for /dev
it understands.
incoming connections on port 22 and an SSH client that’s
used on the local system to communicate with the remote /etc Houses all of the system-wide configuration files.
server. You’ll find various tutorials about SSH in previous Each user is given a directory under /home which is the only
/home
issues of Linux Format issues. place they can write files without escalated permissions.
The most common use for SSH these days is to remotely Contains shared library files used by the core system programs.
access a Raspberry Pi. Assuming the IP address of the Pi is /lib Your installation will also have /lib32 and /lib64 that contain
192.168.3.101, you can access it via SSH with: architecture-specific shared libraries.
$ sudo ssh pi@192.168.3.101 Contains the mount points for removable media, such as
This SSH client will connect to the SSH server running on /media USB drives and DVDs, and other partitions that are mounted
automatically at insertion.
the Raspberry Pi and prompt you for the password of the pi
user. The first time a connection is attempted, you’ll have to /opt This is used to install some software, such as VirtualBox.
accept the credentials of the remote host. Once This is a virtual file system maintained by the Linux kernel that
/proc
authenticated, you’ll get the shell prompt of the remote doesn’t contain real files but rather system information.
Raspberry Pi host. Any commands you enter now will be This directory is intended for storage of temporary files created
executed on the Raspberry Pi. When you’re done, type exit /tmp
by various programs, clear every restart.
to terminate the remote session and return to your local shell. The largest directory that contains all the programs and support
The OpenSSH package also includes scp (secure copy) files Also houses other important directories such as /usr/bin
that makes use of an SSH encrypted tunnel to copy files /usr that holds executable programs and commands installed by
across the network. Unlike the tradition cp command, when Linux. There’s also /usr/share that contains all the shared data
used by programs in /usr/bin.
using the scp command you’ll have to ensure that the

Master the Terminal
Secure your system

Don’t trust your feelings, how do know that you are yourself?
L
inux is known for its security prowess, although we shadow file. To append the setuid bit to a file, add +s for the
Top Tip:
fsck: Checks the admit it hasn’t been that good in the last few years user, for example chmod u+s /path/to/file . Now anyone who
integrity of a file with the numerous exploits and breaches. Earlier in attempts to access this file will do so as if they are the owner
system before it is the feature we mentioned the /etc/passwd file that of the file.
mounted, such as
sudo fsck records details about the users in the installation. The file
/dev/sdb1. uses the following format: Sudo primer
[username]:[x]:[UID]:[GID]:[Comment]:[Home To grant access to sudo , a system administrator must edit
directory]:[Default shell] the /etc/sudoers file. It’s recommended that this file is
Some fields such as [username] and [Home directory] edited using the visudo command instead of opening it
are self explanatory. The x in the second field points to the directly with a text editor. Entering sudo visudo opens the
fact that the account is protected by a shadow password. /etc/sudoers file using vi text editor. The Defaults secure_
The [UID] and [GID] are the numerical representation of the path= line specifies the path use for every command run
user and primary group that a user belongs to. The [Default from sudo . It’s followed by lines that specify permissions for
shell] is the shell that will be made available to this user when root, any other user and certain groups (marked by the %
they login into the system. Most Linux distros will default to sign) on the installation. The rule for the root user reads
the Bash shell but there are several others on offer. Then something like this:
there’s the /etc/shadow file which contains the encrypted root ALL=(ALL) ALL
password as well as other information, such as account or This means that the root user can run any command on
password expiration values. any host as any user. To allow user mayank to add and
The permissions on the /etc/shadow are set to prevent remove users on all machines, we can add this line:
Top Tip: any user from even reading the file. But if no one can access mayank ALL=/usr/bin/useradd, /usr/bin/userdel
find: Helps search the file how can users change their passwords which are The file has an extensive man page ( man sudoers ) that
for files, for example,
find . -iname ‘doc*
stored in this file? This is because the passwd utility uses a has more examples and features.
looks for files whose special permission known as SUID (Set User ID).
name begins with
‘doc’.
Thanks to this special provision, the user running the Superintend processes
passwd command temporarily becomes root while the The average home user doesn’t need to have the proficiency
command is running and can proceed to write to the /etc/ and the dexterity of a professionally qualified system
administrator. However, there are a few skills that should be in
your repertoire to manage your computer efficiently.
One important aspect of a system administrator’s job is to
make sure that the computer you are looking after runs
The pstree smoothly and you can do so by monitoring it. The ps -e
command command will print a long list of all the processes on the
shows all the system. You can truncate the list to display only processes
processes that
that have the same UID as the current user by invoking the
are currently
ps command without any switches. The output of the ps
running along
with their
command includes the unique process ID (PID) along with
associated the name of the running program.
child processes It’s more common to pipe (see Pied Piper box, bottom
in a tree- right) the list to display information about a specific program.
like format. The command ps aux | grep libreoffice will display detailed
Control your services

Many popular distros have traditionally used If you follow this up with systemctl list-units -t If you want a service to start at boot, you will
SysVinit for starting and controlling services. service command, which will list the active need to use the enable option, such as
But this has now been replaced, in a somewhat services. You can check the status of any sudo systemctl enable sshd.service
controversial fashion for some users, by a new individual service with the systemctl status Similarly, the command
system and services manager called Systemd. command, such as systemctl status sshd. sudo systemctl disable sshd.service
The Systemd service manager uses the service . Similarly, you can change the state of disables it from starting at boot. You can also
systemctl command to control the services. If the service by replacing status with start , use systemctl to power cycle the computer.
you enter the systemctl command into a restart and stop . For example, sudo systemctl The command for this is systemctl poweroff
terminal window it will to list the status of start sshd.service will start the service, if it isn’t which will power down the system and
everything that is controlled by Systemd. already running. systemctl reboot will restart it.

Master the Terminal
Greater force powers

Sage advice for your journey to master-level command-line Jedi:
1 screen If you SSH into remote machine regularly, you’ll find screen to be
a wonderful companion. Using the utility you can run a process without
maintaining an active shell session. To run a time consuming process inside
a remote machine, first connect to it with SSH. Then type screen to start
the screen session. You can now initiate the time-consuming process like an
update or a download. When it’s underway, press Ctrl+A and D to detach
from the screen session but leave the process running. You can then
terminate the SSH process. Later on when you reconnect to the SSH
session, you can check on the status of the update or download by restoring
Since crontabs use an odd format, you can use the online the screen session with screen -r . Use screen -ls if you have multiple
utility at www.corntab.com to easily setup crontabs. screen sessions and then reconnect to the one you want by specifying its
session ID, such as screen -r 6754 .
2 renice If you have a process that’s hogging the resources on your
information only about the processes associated with
computer, you can use the renice command to assign it a lower priority.
LibreOffice, for instance. Once you know the PID of a process
Linux assigns a priority to each process and the ones with higher priority are
you can terminate that process with the kill command. first given access to the system’s resources while others with lower priority
Assuming that LibreOffice has a pid of 8899, you can have to wait for their turn. The renice command can assign a priority value
terminate an unresponsive session with the sudo kill 8899 between -20 and 19. The lower the number the higher the priority. If you
command. It’s also possible to send signals to multiple want to take away resources from LibreOffice (PID: 8899) for example, you
processes matching a specified program or username by can assign it a lower priority number with renice 15 8899 .
using the killall command, such as killall vlc . 3 xkill Helps you terminate graphical process. You can either type the
You can also use the top command to view a list of command in the terminal or the run dialog box which changes the pointer
running tasks with the most CPU-intensive ones listed first. into a cross-hair cursor. Now click on any non-responsive window to kill it.
The top command also displays various bits of useful Right-click to dismiss xkill without killing a process.
4 dmidecode You can use the dmidecode command to know more
information about the processes including their PID. It also
details about your computer’s hardware. For example, use dmidecode -t 16
has a few interactive commands. For example, you can kill a
to list details about the physical memory. Try browsing the dmidecode man
process from within top by pressing the K key which prompts
page for a comprehensive list of supported options. Once you get
you to enter the PID of the process you want to terminate. comfortable working with SSH, use sshfs to mount remote partitions. For
example, sshfs user@remotehost:/home/bodhi /media/remotefs mounts
Schedule tasks the remote home directory under the local filesystem.
There are tasks that are more effective when you run them on
a schedule, for example regular backups and downloads.
Top Tip:
The at command helps you schedule tasks that you need jobs which you can then remove with the atrm command by tmux: Can create
to run at a specific time and date. For example, if you need to suffixing the ID of the job you wish to delete. many sessions, run
tasks in each and
download a large file, it’s best to schedule it late in the night, If you wish to run a task repeatedly, then you’re better off switch between them
for example 1am in the morning. The command at 1am using the Cron daemon. Use the / crontab -e command to without stopping
tomorrow will change the prompt to at> and everything that edit your crontab file. The first time you run the command the others.
you type at this prompt will be run at the time that you you’ll be asked to select one of the available command-line
specify. To download a file, point to its location with the wget text editors. Each job is specified in seven fields that define
command. Press the Enter key to specify another command, the time to run, owner, and command. The first five
for example, if you want to move the file to a specific folder. commands specify the execution time, the sixth defines the
When you are done, press Ctrl+D to save the job. At the time, day of the week, and the last field lists the command to be
the at command will perform the actions you’ve told it to executed. You can use the / crontab -l command to list your
and the at command allows for fairly complex time scheduled jobs. System-wide crontabs are stored in /etc/
specifications. In addition to AM and PM, the command also crontab and user-specific crontabs are under the /var/
accepts times in the HH:MM format and particular dates. spool/cron directory. Taken your first steps have you, but
When you press Ctrl+D to submit a job, the command mastery of the terminal is a long journey, so continue to buy
prints a job ID. Use the atq command to list all submitted Linux Format you must! LXF
Combine the force with pipes

One of the best things about the CLI is that it character. In the example, we’ve used the | the entire log with the history command or
lets you combine small individual commands operator to sort through the verbose output of scroll through the list by piping the output to the
into a complex and useful task without much the ps command to find the processes that are less command such as history | less . You can
effort. This is accomplished with the pipe ( | ) associated with a particular application, such also use | to chain together a number of
operator. It is used to sending the output of one as LibreOffice. commands. For example, use sed with the
command as the input for another. For example, You can do some amazing things with the | earlier command that lists all files with the
ls -a | grep _ uses the ls and grep commands operator. We mentioned earlier that Bash underscore ( _ ) to change it to a hyphen ( - )
to list all files that contain the underscore maintains a history of commands. You can print with ls -a | grep _ | sed "s/_/-/g" .

Cory Doctorow
Champion
of Freedom
Not usually one for being starstruck, Jonni Bidwell
finds himself blushing and weak at the knees as he
meets one of his heroes, the visionary Cory Doctorow.
Cory Doctorow
Cory Doctorow is an sorts of movements, that was a radical

award winning author, departure from the old way of doing things,
Interview thinker and speaker. they really turned things around. Can you
He has written many speak to that?
things, young adult CD: Sure, I guess you can think about FOSS as
novels, science fiction being either an instrumental or an ethical
and non-fiction proposition and it can exist on a continuum
commentaries on the between the two as well. Obviously, Stallman
exigencies of modern society. They are all had both an instrumental and an ethical desire
fantastic, available in DRM-free formats when he started the GNU project. On the one
and released under Creative Commons hand he was just peed off because he wanted
licensing. He is Honorary Steward for the to do something with this piece of punch tape
Shuttleworth Fellowship program and that’d been locked in a drawer. In that regard it
co-editor of the Boing Boing blog. He is a was a purely instrumental thing.
digital rights activist and serves as Special But as is so often the case, when you start
Advisor to the EFF. Through the Apollo 1201 out with something that’s purely instrumental it
project, he’s part of a mission to rid the makes you think about the ethical questions:
world of DRM. ‘Why is the drawer locked?’, ‘Who put the lock
on the drawer?’ and ‘Who decides who gets the
Linux Format: Without sounding too much key?’. Those are ethical questions that are
like a hysterical screaming fan, I have to tell inspired by this instrumental desire. I think
you that I am a huge fan of your work and it’s human beings are very prone to rationalisation
an absolute honour to be sat here with you. and self-justification and one thing that often
Cory Doctorow: Thanks man, that’s very nice happens is that if you have something
to hear [mutters oh Jeez, not another one instrumental it can turn into something ethical.
quietly to himself]. Anyone that’s ever parented a child knows that
LXF: I’m reading On bad pOlicy

Homeland at the
moment, really “Don’t tell ISIS that with an
enjoyed Big Brother,
but I think you’re
inkjet you can open as many
collaboration with bank accounts as you need.”
Charlie Stross,
Rapture of the Nerds, has been my favourite. the line between ‘I really want a biscuit’ and ‘It’s
In all of these books there seems to be a unjust that I don’t have a biscuit’ [do not teach
spirit of rebellion—in your young adult my child this–Ed] is very fine indeed. One of the
novels this is the fight against the things the free software movement has done by
authorities, and in Rapture of the Nerds embracing peer review – at the licence level, at
there’s Huw shunning all the exciting the toolchain level and then at the code level –
technology that everyone else has welcomed it’s made it that much harder for those kinds of
into their lives—this spirit of rebellion in self-delusion to flourish, that peer review is
many ways seems to be embodied in the really our best answer to that.
open source movement. Going back to the
days of the GNU commune and all those LXF: What about the idea that technology is
moving too fast for us? We want to put the
internet in our fridges and, to use one of
your examples, rectal thermometers. I also
went to Karen Sandler’s keynote, she has
closed source code in her heart, and the
GCHQ talk suggested that soon it will be
possible to tap the entire internet. Do you
feel that at some point we ought to take a
step back and take stock of the situation?
CD: Well, there’s nothing wrong with taking
stock of things, that’s a good continuous
practice, but I don’t know that you’re going to
get everyone to stop while we take stock,
though. In fact, the term ‘taking stock’ is a really
interesting one, it comes from retail. One of the
things that computers have let retailers do is
allow them to take stock continuously. I used to
work in a bookstore and we used to have to
close for a day while we went round the shelves
and counted the books, and that’s not a thing

Cory Doctorow
bookstores have to do much anymore. Except able to pretend that you were in a very privacy
to figure out how many books have been protecting industry without having to do any of
shoplifted. So stock taking is now a thing that the messy protection of privacy. This will be
we do continuously. I think that there’s a risk to familiar to anyone that’s ever opened a bank
thinking that the reason our technology policy is account with a gas bill: The banks in the UK
so dire, or that GCHQ’s spying is so out of were told that they needed to prevent money
control is that no one thought that it should be laundering by taking industry standard steps to
better, or that no one considered that the policy identify and know their customers. But the
wasn’t dire when it was being enacted—that it statute didn’t say what the industry standard
was just some hidden, lurking, completely steps were and so the industry converged on
unintended consequence that emerged without nonsense steps, which is producing sheets of
anyone suspecting it would be there. Much like A4 that came off an inkjet printer that say
climate change—y’know the signs have been on you’re an EDS customer.
the wall for a long time and it hasn’t been a
matter of the consensus not catching up— LXF: Yes, no one can doubt the authenticity
it’s been a matter of denialism, right. of a bit of paper if it has a logo on it.
CD: Right, I mean don’t anyone ever tell ISIS
LXF: And now there’s no denying that things that with an Inkjet printer you can open as
have gotten bad, we have climate change many bank accounts as you need. This was
deniers, a privacy circus and DRM has beneficial for the banks because they got to go
inveigled its way into all sorts of places. on doing something that wasn’t unduly
Worse, it seems like the momentum is still burdensome for them, but it turned out to be
building in that direction. pretty bad news for anyone that cares about
CD: The thing is that there are a lot of people money laundering, but also anyone who doesn’t
who are richer for bad policy. There’s this formal happen to be the only person in the house that
definition that a common misuse of corruption pays the gas bill. Y’know, most houses have
which is that it is systems that have more than one person living in them, but also product, and therefore the internet or VHS or
concentrated gain and diffused costs. And so only one name on the gas bill. So it’s become any of these other technologies, they offer a
what happens is that if all the money is being hard to open a bank account in the UK without dividend that overcomes the cost. Because the
made by a small number of people when all the it becoming hard to launder money in the UK. cost is already being borne by you. If you’re
costs are being borne by everyone else, the going to pay a cost to communicate, you might
people making all the money can use some of it LXF: A lot of new technologies now seem to as well pay this cost in the form of acquiring
to lobby for the continuation and the expansion be finding uses in subverting the law. Moxie technical know-how. In the same way people
of the policies that benefit them. The people Marlinspike has this idea that ‘It should be who are already marginalised may want to
who are being affected by it—well, they have a possible to break the law’. It’s not a choose what state of mind they’re in and invest
much harder time all clubbing together to make sentiment that sits well with, say, prime the time and energy in sustaining the legal risk
a difference. minister May, and technology in general, of doing so. But it doesn’t mean that there’s
A good example of this would be privacy law: especially as concerns encryption, is getting something inextricable about it. If you look back
When the European Union brought in its Privacy vilified by lawmakers. All they do is parrot to the age of legal psychedelics, the brief period
Directive, it was the most lobbied directive in the same diatribe—what Schnier called the after their first synthesis in the lab.
European history. The policies it came up with, Four Horsemen of the Information
this idea that if you have personally identifying Apocalypse (terrorists, drug dealers, LXF: I’m reading this great book called
information you have to treat it with an enormous kidnappers and child pornographers). PiHKAL just now.
amount of care and gravitas, but you can take What are they not getting here? CD: Of course you are… All of our stuff on
stats not in the directive to turn that personally CD: We have to be careful about setting apart SSRIs comes out of that research, the idea that
identifying information into de-identified these technologies’ uses and their reputation as extremely small doses of chemicals could have
information, and you can treat it as if it has no counter cultural or illegal activities. There’s a gross effects on the mind. And that turned into
risk at all to the people that generated it. kind of corollary here to the shibboleth that the whole pharmacological basis for treating
Computer scientists don’t really think there pornographers are technology early adopters. depression and anxiety. But back then they
is a thing called de-identified information, not in This is a thing that John Gilmore really set me were a pretty mainstream phenomenon. It
large data sets. Over and over again we get straight on. The idea is that pornography was wasn’t just beatniks and hippies, the smart set
these allegedly de-identified data sets that are the first use of VHS and the Internet and so on. in the New York cocktail parties doing these
again re-identified to a large extent with And this means that there’s something about things. Once things become illegal the game
relatively simple undertaking—sometimes by the sex trade that is intimately bound up with changes. To go back to the Silk Road example,
merging multiple data sets, sometimes by technology. Gilmore said no—you have a form people weren’t selling heroin and assassination
finding unique identifiers and what have you. of communication that enjoys unrestricted services on eBay because they couldn’t, so they
This issue, the reason that it was lobbied for so access to the existing channels, so you have no invested the time in learning Tor and Bitcoin.
hard is because there are a bunch of companies reason to invest the energy in figuring out how
that make shedloads of money by gathering to use a new channel. But if your LXF: And all the command line switches for
huge amounts of data on people. So they communications are restricted, then you are GPG, no one’s going to do that for a hobby.
created this carta that is not so much a already paying a tax to communicate, because CD: Right. Another side of it is that refugees are
loophole as a 16-lane motorway right through you have to avoid the restrictions in the real heavy users of VoIP and video conferencing
the directive that effectively says that if you world. So in the days of pornography you would technologies—because they don’t have any
sprinkle some de-identification pixie dust on have to find customers who were willing to money and they need to use free services and
some data, then you get all the benefits of being receive plain brown envelopes full of your they’ll pay the tax to figure out how to use them.

Cory Doctorow
LXF: You’ve been nominated as the Yahoo! for $30 million. So I’ve been a lifelong cartridge, and that program registers when the
Honorary Steward for the Shuttleworth user, literally one of the first users, of Flickr and cartridge is empty. So if you refill it, you won’t be
Foundation Fellowship program. Tell us Flickr is now part of Yahoo!. When I started able to use it because the cartridge still thinks
about that. putting all of my photos and articulating my that it’s empty. So when SCC reverse-
CD: Mark Shuttleworth is a philanthropist who social graph on there I felt like I had a good engineered that chip, it violated our copyright,
obviously has a deep involvement with GNU/ reason to trust Yahoo!, not just because of what because we have a copyright on that 12-byte
Linux, he’s the founder of Canonical and the the company had done, but because the long program’. The Federal Circuit said that a
Ubuntu Project. He made lots of money from founder of Flickr was working for Yahoo! at the 12-byte program isn’t copyrightable—it’s too
running a certificate authority and he uses that time (he’s not any more, he founded another short. But now an ink cartridge, a lightbulb, any
money to do good deeds. He used to give company called Slack that’s doing something of these technologies have full-blown operating
grants to organisations, as a lot of foundations else rather successfully). systems—they have embedded Linux,
do. When I worked for EFF as European Director, Now it turns out that Yahoo! is delivering networking stacks, Wi-Fi access points, all kinds
it was a grant from his foundation that funded rootkits for the NSA in its infrastructure, so of technologies that is assuredly copyrightable.
the work I did. But over time they hit on this there is no irrevocable element about my If Linux isn’t copyrightable then the GPL doesn’t
very novel strategy for funding good works, relationship with Yahoo!. And that manifests apply to it, so we’d better hope that Linux rises
which is investing early stage in people who slowly over time because things fall apart, to the standard of copyrightability. What’s
have visionary, radical ideas that are plausible Yahoo! got worse and worse and I was more happened is that over time software stacks
and giving them money separate from any and more bound to this declining thing as the have gotten so cheap that they’ve infiltrated all
institution they’re affiliated with to spend as years went by. I think that the thing that made of our technology, which has allowed DRM to be
they choose. And so the process is really easy to FLOSS powerful was the inability to take away used to configure that technology so that legally
apply for—it’s six questions that have a and turn around the freedom that had been you are only allowed to use it in a way that is
maximum of 1,500 characters each and then most beneficial to the
you record a video of no more than five minutes, manufacturer. So
and then a CV. My understanding is that in the
On management ironically the
last few years the success rate has been about
one percent, which is pretty high for granting
“it turns out that Yahoo! is proliferation of open
source software
proposals. As Honorary Steward I’ll be helping delivering rootkits for the components, along with
NSA in its infrastructure.”

to make the final determination, so I’ll be this dumb law from the
working from a shortlist. mid-1990s, has
managed to make DRM
LXF: You’ve put across this dichotomy that granted in the name of FLOSS. But DRM is into this triumphant force in our new software-
on the one hand FOSS has won, primarily actually a mechanism for doing just that—DRM industrial complex.
due to the GPL, but at the same time DRM has a very slow fuse because it only applied to
has also won. How do you reconcile those locks that restrict access to copyrighted works. LXF: The inclusion of DRM as used by
two notions? Originally that was for things like making sure Encrypted Media Extensions (EME, required
CD: With GPL code there’s this irrevocable legal people didn’t de-regionalise DVDs or make for Netflix) in Firefox has been something of
construct around free and open source third-party CDs that played in Sega a contentious issue, we used to feel like we
software that prevents enclosure—once Dreamcasts. People tried to use it to restrict were making a principled stand by using
something has been opened it can’t be closed what people could do with printer cartridges— Firefox instead of Chrome, but now Firefox
again. That’s why tivo-isation, if you remember in the mid-2000s Lexmark sued a competitor doesn’t seem to have quite that same Good
these debates about licensing, was such a big called Static Control Components. They said Guy ethos, and we sort of mourn for that.
deal. Because at the level where people think ‘We have a 12-byte long program in our printer How do you feel about Mozilla’s decisions in
about licenses, there’s this understanding that
irrevocability is hugely important to defending
against changes in management.
There were people who worked for SCO who
were pretty horrified to discover that the
company that they helped build was being used
to sue over the Linux kernel. There are lots of
changes in management all of the time. So
when I met my wife at an event in Finland, I was
living in San Francisco and she was living in
London, and one of the other people at that
event was a guy who’d just started a videogame
called Game Neverending that we were both
alpha testers on. He came out to visit me in San
Francisco later and asked me how the long
distance relationship was going. I said “it’s great,
but it’s hard to share photos of our daily lives
and that’s something we like to do to keep the
relationship going”. He said “Oh, we have photo
sharing coming for the game, I’ll just move it up
in the product roadmap”. And he did, and it was
so successful that he shut down the game and
renamed the company Flickr and sold it to

Cory Doctorow
this regard? social change to get rid of DRM everywhere. device.

CD: I’m certainly sad about it, I don’t know that Because DRM only really exists because of the Right now the pitch that the manufacturers
I’m mourning Firefox because I still think Mozilla DMCA, if it wasn’t illegal to break DRM, then make is ‘Well we never told you you were
does good work and still I’m a great supporter people would just break it. allowed to use third party cartridges, we never
of the Foundation and I still use Firefox. But I Technically, the idea that I can make a device told you, you were allowed to use a third-party
think that it set up a false dichotomy when it that tries to enforce a policy against you by app store. If you don’t like it don’t buy it”. That’s
decided that the only way it could get users was hiding a secret and then assume that you’ll not how property works! No one every told me
to put DRM in there. So Brave, which was never figure out where that secret is when you that I could toast whatever bread I wanted in my
founded by Mozilla’s former CEO Brendan Eich, have the device—that’s a dumb idea. Even the toaster. It doesn’t mean that if a manufacturer
it also shipped EME support but without DRM. very best bank safes are kept in the bank vaults, puts ‘Sunbeam toasters for Wonderbread’ on
Brave breaks the DRM and it takes the legal risk. and not in the bank robber’s living room. If your the box that I’m not allowed to use bread of my
Firefox has more money and more resources adversary has a device that has a secret in it, choosing in my toaster. But, of course, we’re
than Brave, yet it decided that it wouldn’t take then your adversary will find out what that one vision system away from a toaster that can
that risk. And so far it hasn’t supported a secret is for sure. So DRM without the DMCA, be configured to only toast manufacturer-
proposal at the W3C that it’ll promise not to use without Article 6 of the EUCD, without Canada’s approved bread. So we’re going to challenge
the DMCA to attack security researchers. I think Bill C11, without New Zealand’s Bill 92-I and so that norm as well, and we’re doing a bunch of
that Mozilla’s failure to make that promise has on, without these rules there’s no reason to different projects to make that happen.
been a particularly galling disappointment. And make DRM because competitors will just come One of them is this project with the W3C, to
I really hope that we can find a way to work along and break it and make cheaper tools. get them to reform their practices; to get them
together again on this, because I think that it So what we say is that if we can just weaken to adopt this rule that if you make DRM at the
has and should continue to be a force for good the DMCA, we can introduce some ambiguity W3C you have to promise not to abuse laws like
in the open internet. into the enforceability of Section 1201 by having DMCA 1201. We got the open source initiative to
a court case that’s moving forwards. There are a amend its definition of what constitutes an
LXF: You’re an Ubuntu user too, I hear. ton of high-risk investors who are willing, for open standard to say that if you make DRM and
Do you find Linux as frustrating as do some example, to invest in Uber on the off chance you don’t have this codicil in your membership
of our readers? that some day it will be legal to create Uber, or rules or licensing rules, you can’t call it an open
CD: Ha ha, no it’s not that bad at all. I’ve had invest in Airbnb on the off chance that one day standard. That’s really important because UK
frustrations with every OS that I’ve used. I used that practice will be legalised. There are government rules say that they can only
to be CIO for a Mac shop and they are every bit companies that are prepared to take similar procure technology built according to open
as many frustrations in every modern OS as risks to make DRM-breaking technology, standards, which means that W3C standards
there are in Linux. Generally speaking, my because the only reason to deploy DRM is to are becoming illegible for implementation for
software works really, really well. I have two limit the competition and cause your customers UK government contracts, so this is a big lever
outstanding gripes right now though. One is that to spend as much money as possible actively to move, but also to help weaken the legitimacy
some fullscreen videos freeze my computer and buying your product. GM charges $70,000 per of laws like DMCA 1201 and Section 6 of the
require a reboot. That’s a known bug in the mechanic to get a diagnostic tool to diagnose EUCD and so on. So all of those pieces come
chipsets of Thinkpads and the current Ubuntu. GM cars, and it has designed the cars so that together over the course of the next decade or
The other is the controller for the unified getting the diagnostics out without that tool so, to kill all the DRM in the world. LXF
headphone/microphone jack doesn’t work as involves bypassing DRM—so
advertised, and as a result I can’t get an external risking a prison sentence or a
microphone to work off that jack, which has led $500,000 fine.
to me suspending my podcast. Once a law is in place no one
knows whether that law is
LXF: Do you use one of the old Thinkpad’s enforceable or not. There’s
that can do Libreboot? going to be entrepreneurs who
CD: Alas no, I wish I could be that pure, but come along to break that. And
y’know, I need the hi-res screen, my eyes aren’t there’s going to be code makers
what they used to be. I used to be a smoker and who make code to break it. And
when I quit my doctor said “You need a better they’re going to start coming in
reason than not getting cancer in 40 years to out of the cold, it’s not going to
quit because next week you’re going to really be that you download some
want a cigarette and some benefit that’s 40 blob from the internet to unlock
years off won’t convince you not to have one, you your iPhone—it’s going to be
need an immediate benefit”. So I figured, well, I open collectives of computer
am spending two laptops a year on fags, so I’m scientists and security
just going to give up and buy a laptop every year researchers who make these
for the rest of my life. And so every year I buy the tools. So we’ll see industry and
new Thinkpad X series and I never feel any guilt technology working together to
and I feel like I’m ahead of the game. create markets and code for
breaking DRM while the law is
LXF: You’re part of the Apollo 1201 project changing to make DRM and
whose goal is to destroy all DRM. that’s going to change the
CD: Apollo 1201 starts with the idea that if we norms of DRM. We’re going to
can challenge the legality of Section 1201 of the have to change the idea that it’s
DMCA, that we can harness the four forces that legitimate for a manufacturer to
Lawrence Lessig identified as the levers for decide how you can use your

Helping you live better & work smarter
LIFEHACKER UK IS THE EXPERT GUIDE FOR

ANYONE LOOKING TO GET THINGS DONE
Thousands of tips to improve your home & workplace
Get more from your smartphone, tablet & computer
Be more efficient and increase your productivity
www.lifehacker.co.uk
twitter.com/lifehackeruk facebook.com/lifehackeruk
The ultimate server
Ultimate
server redux In the first in an exciting series of features,
Jonni Bidwell lays the foundations of what will
be the Linux Format reference server.
W
riting tutorials is a tricky really the interesting part. So to mix things additions, diversions and other
game. Most of our tutorials up a little we present to you, dear readers, augmentations to this, and this feature will
are self-contained, which on the blueprint for our ultimate home server. always be freely available online in case
the whole is handy—there’s no In future issues we will describe optional anyone misses (or loses) this issue. In part
need to refer to a previous one we shall cover the bread
issue or other source to do
what needs doing. It does
“We present to you, dear and butter tasks: Installing an
operating system, setting up a
mean, however, that much
matter is devoted to initial set
readers, the blueprint for static IP address and arming
some defences against
up, which in many ways is not our ultimate home server.” nefarious hackers.

The ultimate server
C
anny readers will recall that we ran
an Ultimate Home Server feature
back in LXF213 [Features, p32]. That
was generally well-received, and much of it
will inform this article, but this time around
things will be even more ‘ultimate’. See the
box (Hardware Considerations, below) for
some hardware guidelines, but by all means
feel free to improvise. There’s nothing
wrong with using old hardware, but there’s a
lot wrong with relying on it to store valuable
data. So take extra care with backups if
that’s all that’s available to you. We won’t
cover physically putting the machine
together, but if you want some tips check
out Zak Storey’s Fastest Linux PC feature Downloading via BitTorrent is preferred, if only to see ludicrous speeds such as this.
[See p46, LXF219].
One criticism of the ‘penultimate’ feature available. Apropos to this, we’ll assume that a the domain name blank, unless you have a
was the RAID set up: ‘too complicated’, ‘not wired connection is available. Wireless reason not to, and also leave the root
worth bothering with’ and ‘no guidelines on adaptors nowadays may boast about using password blank which has the effect of
how to recover from a failure’. So this time 802.11ac, beamforming and quantum disabling the root account. Next, set up a
around we won’t bother with that. If you do resonance (one of these is a joke) to achieve regular user and password, which will be
plan on setting up RAID, and it’s a good idea if connection speeds in gigabits, but in reality granted sudo rights for privileged commands.
you have some spare drives, see that feature, this is hard to achieve. If getting a cable to Next we must partition our disks. If you have
our mdadm tutorial in LXF206 [Tutorials, p76], your server’s location is messy, then get some only one drive, then we’ll need to create a data
or our Next-Gen Filesystems feature [see p48, powerline adaptors—the tech has come a partition on it during the installation, where as
LXF193]. In particular, if you plan on using ZFS long way since the early days, where regular if we have two (or more) then we can follow
filesystem, then you’ll want to invest in error unplugging and plugging back in again were the default scheme for our OS drive (a small
correcting memory and probably will benefit the order of the day. EFI partition, a large ext4 partition and a small
from having more than 4GB. So assuming our machine powers up, stick swap partition) and have a single large ext4
in the Debian disc/USB stick and reboot. partition on the other drive. Set the data
Deploy Debian partition to be
We chose Debian for our server’s OS last time
and it’s an excellent choice so we’re jolly well
“With SSH working, you mounted at
/mnt/data to
going to stick with it for this outing. We don’t
care about getting the latest version of Gnome
should be able to get rid of the save fiddling
around with
or a bleeding edge kernel—we want stability monitor, keyboard and mouse.” /etc/fstab
and security (which would be Debian’s middle later. Select
names, if it had middle names, but it doesn’t). You will need to disable Secure Boot if it’s ‘Finish Partitioning and Write Changes to Disk’,
At the time of writing, the latest version is 8.7 enabled, but UEFI installation is supported. confirm and the base system will be installed.
and ISOs/torrents can be downloaded from A graphical installer is available from the boot Once that’s done you’ll be prompted to add a
https://debian.org/CD. A live image is menu, but the textual one is perfectly fine. network mirror, which is a good idea if you
available, but we have no need of trying before You’ll be asked the usual questions about have a working network connection (it’ll
‘buying’, so grab either the small Network language, location and keyboard layout. Then update packages from a server close to you)
Install image (~250MB) or CD 1 of the install we must choose a hostname, we’ll use and a bad idea if you don’t (it won’t work), so
set (you almost certainly will want the amd64 lxfserver, but we know that names are choose appropriately. Then you can add some
edition—32-bit architecture is officially old powerful (Mu’adib), sentimental and hard to package groups. We don’t need a desktop
now). Subsequent packages can be added in choose under pressure. Fortunately, the environment, so unselect this one, but Print
later, assuming a network connection is hostname can be changed at any time. Leave Server, SSH Server and System Utilities are all
Hardware considerations
You can make a home server out of any old bits files, print and run web services. However, if you all modern Intel chips and AMD APUs) or the
and pieces you have lying around, but that plan to use it for streaming movies around the cheapest of GPU cards will be fine. Once the OS
doesn’t mean you should. At least not as house (e.g. with Emby), something more is installed we won’t even need the monitor, or
regards old disk drives and power supplies— powerful (like a recent Core i5) will be better— mouse or keyboard. We’ll want a large hard
these things have a habit of failing as soon as on the fly video transcoding is quite an onerous drive for storing data. We’ll put the operating
you start relying on them, and we would rather chore for older CPUs. Memory (at least DDR3 system and data on separate partitions. Really
our server be reliable. memory) is cheap nowadays and 4GB will be they should be on separate drives too, and we’d
In terms of processing power, a dual-core more than enough for most purposes. You can encourage readers to invest extra money in
chip from the last decade will suffice for most get away with much less, but it’s better to have another drive (a small SSD would be a good
things you might want your server to do: host more. Integrated graphics (such as are found in suggestion) to make this possible.

The ultimate server
useful. Once all this is installed you can reboot deal with IPv6 addresses. We also will need the iface eth0 inet static
into your freshly minted server. address of our router (since DHCP also address 192.168.1.100
Before we do anything, we’ll want to set provides routing and DNS information) which netmask 255.255.255.0
our machine up with a static IP address. This you may already know but if not can readily gateway 192.168.1.254
will make it easy to find our server from other discover by typing routel and looking in the You can change the last digit of the
machines on the network and access its Gateway column. Don’t worry if your router’s address to anything less than 255 that isn’t
resources. By default Debian obtains an address looks different, there are a number of already in use on your network, but the
address from your router via DHCP. This is different blocks reserved for private gateway line must correspond with your
good because it means connectivity is alive networks—some routers use 10.*, but router. Save this file with Ctrl+X, y, Enter.
without us having to do anything, but bad 192.168.* seems to be more popular. We’ll We also need to tell Debian to use our router
because the IP address you are assigned suppose our router’s IP is 192.168.1.254. for DNS lookups (which it passes to your ISP).
today may very well be different tomorrow. This time edit the file /etc/resolv.conf and
You can see what your current address is with Network config replace any nameserver lines with a single:
the ip a command. Each network interface Network configuration in Debian is all handled nameserver 192.168.1.254
gets its own name, there ought to be at least a by the file /etc/network/interfaces. So let’s You may prefer to use Google’s DNS here
stanza for the loopback interface lo and your edit this file (you may wish to back it up first) (8.8.4.4 and 8.8.8.8), as many UK ISPs have
Ethernet card, probably eth0 . The line: with sudo nano /etc/network/interfaces . flaky DNS servers or block certain lookups.
inet 192.168.1.100/24 brd 192.168.1.255 scope Replace the line: Now we can activate our new network
global eth0 iface eth0 inet dhcp configuration with:
in the eth0 stanza betrays its IPv4 address with the following block (leaving intact any $ sudo systemctl restart networking
(192.168.1.100), perhaps in the future we will preceding lines such as allow-hotplug eth0): And test it with:
$ ping -c4 google.com
If four packets are safely returned then
huzzah! Else further tweaks will be necessary.
At this point, we should be able to SSH into
our server from another machine on the
network. Provided we remembered to tick the
SSH Server box during install, that is. If not
sudo apt-get install ssh-server will do the
trick. We can access our server from Windows
via the PuTTY program, or through the new-
fangled Windows Subsystem for Linux (WSL),
although setting WSL up is beyond the scope
of this feature. Or you can do it the grown-up
way from a Linux box with a simple:
$ ssh lxfuser@192.168.1.100
With SSH working, you should be able to
get rid of the monitor, keyboard and mouse
attached to your server. They might come in
This is how your disk layout should look if you have a separate drive for storing data on. handy later if it breaks so don’t go
(Yes, we did cheat and use VirtualBox to do this.) defenestrating them just yet, but for now
SSH keys
Logging into SSH using a key involves first it will be appended to the file /home/lxfuser/. key off such media (and then run:
generating a private key and a public key. It’s ssh/authorized_keys on the server. We can test chmod 600 id_rsa
your responsibility to keep the private key as it works with: before attempting to log in.
secret as can be. It’s convenient to have a copy $ ssh lxfuser@192.168.1.100
on every machine you log into the server from, All going well we shouldn’t be asked for a
but also insecure—if one of those machines was password this time. If you want to disable
stolen it represents a vector by which our server password logins altogether, then you will need to
could be compromised. Ideally you should keep add the directive:
the private key on a USB stick and not lose it. PasswordAuthentication no
The public key can be just that, and a copy of to /etc/ssh/sshd_config.
it is stored on the server to verify the private key The keypair itself lives in the ~/.ssh/ folder,
via mathematical voodoo. To generate a keypair in the files id_rsa.pub and id_rsa.priv. The latter
(ideally on a machine that you’ll access the file is the private key, and should be treated with
server from, rather than the server itself) run care. If you copy it elsewhere, you can tell SSH
the command ssh-keygen . Accept the default to log in with ssh -i /path/to/key but it will be
location and choose a password for your key. rightly fussy about permissions.
This adds an extra layer of security in the Since filesystems commonly used on USB ssh-keygen gives you a pictorial
event the key is purloined. Copy the key to the sticks (such as FAT32 and NTFS) don’t support representation of your public key—who says
server with ssh-copy-id lxfuser@192.168.1.100 , Linux permissions, you will need to copy your cryptography isn’t aesthetically pleasing?

The ultimate server
enjoy the comfort that goes with knowing your

server can be trusted to do its thing and
remain accessible from any computer on your
home network. If you trust fellow users of this
network, then there isn’t too much reason to
be paranoid about choosing a lengthy and
complicated password for your user. However,
if you choose to make your server accessible
to the whole world (see later) then a strong
passwords is essential. You can even go one
better and use public key crypto to better
secure logins. (See the SSH Keys box, left).
One aspect of SSH that’s often overlooked
is its ability to securely transfer files via SFTP.
Any modern file manager will enable you to
log into your server and copy files thereto and
therefrom by visiting the URI sftp://
lxfuser@192.168.1.100. Some file managers
have done away with address bars that you
can actually type into, but Ctrl+L usually does
the trick, Gnome’s Files also allows you to If all else fails, the portforward.com website will help you figure out how to do just that on
input server addresses from the Other your router. However, the process should be straightforward.
Locations section of the sidebar. Remember
you’ll only be able to do read and write to lessen bot traffic) from our router’s external IP. program, which we can install with sudo apt-
locations on the server where lxfuser is Unfortunately for most people, that IP address get install fail2ban . Fail2ban can work with
allowed to read and write. will change with the weather, but this problem any service, and once specified number of
can be circumvented using a dynamic DNS failed logins (or just requests to a web server)
Opening the floodgates provider (such as the free and excellent are recorded then a temporary ban is
There’s plenty of reason not to make your www.duckdns.org). By running a script on implemented via iptables. The default settings
SSH service available to the whole world. your server, the provider is informed of any are fine for our purposes, but it’s good
But being able to do a spot of admin remotely changes to the server’s IP and DNS records practice to copy the main configuration file
is also pretty handy. Most home routers now are updated, so your server remains and make any changes to a local file:
have a handy interface for forwarding ports, accessible through an invariant hostname, sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/
but they’re all different so you’re on your own such as lxfserver.duckdns.org. jail.local
here. We want to make TCP port 22 (SSH) on Once your server is publicly accessible, it Have a poke around in /etc/fail2ban/
our server available to the world, so we need won’t take long before bots start trying to log filter.d to see how the various filters work.
to forward a TCP port (and it’s a reasonable in with common usernames and passwords. And tune in for our next exciting instalment
idea to make it different from 22, e.g. 10022 to We can mitigate against this using the fail2ban next month [cue moody orchestral music]. LXF
Our server, the wonderful services

it will provide and its place in the
wider network.
Internet
Router
192.168.1.1
192.168.1.100
Client machines (desktops, laptops and phones etc)

Mr Brown’s Administeria
Mr Brown’s
Jolyon Brown
When not consulting on Linux/DevOps, Jolyon
Administeria
Esoteric system administration goodness from
the impenetrable bowels of the server room.
spends his time bootstrapping a startup. His
biggest ambition is to find a reason to use Emacs.
Adiós Administeria
T
ime for a little bit of a change here
at Linux Format: this is my last
Administeria column. It’s a good
idea to keep things evolving and I look
forward to seeing what the great editorial
team here at LXF come up with next. I
thought I’d use this last 300 word section
(which has always been the most difficult
bit to write) to briefly mention the kinds of
things I’m going to be looking at for the next
A peek inside Google
year or so. They’re a mixture of skills that Search giant reveals how it handles security and
hopefully keep me vaguely employable—
and others that I just find interesting.
drops hints about “custom silicon” safeguarding.
It really is a disadvantage in the job
G
market now not to have any skills when it oogle has given the world a peek into that a system is legitimate at the hardware
comes to the big players in the cloud how it secures its internal and public level. This chip provides cryptographic
computing arena. The barriers for getting cloud service with the publication of signatures for the stack that the machine
online and learning about them are so low an infrastructure security design overview. The boots—from the BIOS upwards. There’s also
now that there isn’t much of an excuse. document (see https://cloud.google.com/ information about how remote procedure calls
Similarly, having knowledge of containers security/security-design) is among a number are encrypted and everything that’s written to
(whether that’s Docker or any of the many of resources made available by the search disk (indeed, there are details on both
other container technologies available now) giant as it pushes to challenge AWS’ position as application layer and disk hardware layer
is a must for Linux sysadmins. the dominant cloud platform. encryption being used). The whole set of
I also think having some experience of Presumably designed to reassure potential documentation is well worth a look for anyone
Google Go programming language will (large) customers and provide a quick check interested in the security and operation of
become more valuable and It’s going to be list of security features they might want to modern infrastructure (especially anyone
my systems language to learn this year. I’ve consider using Google for hosting, there are a designing something from the ground up).
also been impressed by Kali Linux since couple of nuggets of information previously not A second ‘present’ from Google was the
covering it for the magazine a while ago and widely known about the internal workings of online release of its recently published book
continue to experiment with the pen testing the famously secretive company. There is an Site Reliability Engineering under a Creative
and ethical hacking distro. But I remain admission that custom silicon has been Commons licence (https://landing.google.
completely fascinated by machine learning. designed, including a hardware security chip com/sre/book.html). Covering a variety of
There’s a wealth of information out there to deployed on servers and peripherals. This modern system administration topics at a
look at and free courses to attend and provides a level of identification and assurance range of levels, the book is a collection of
projects to try out. insights into how Google SREs approach
Hopefully, the column has been useful various operational tasks and issues and is
and entertaining over the time I’ve been at great resource for any budding sysadmin.
the reins. I had fun writing it (but not so Finally, some good news from the Linux
much fun when it came to hitting deadlines. Foundation which announced that RethinkDB
I still have the marks to prove that LXF has been ’rescued’ following the purchase of
knows where I live) and thanks to everyone the rights to its source code by the Cloud
who ever got in touch. Native Computing Foundation (CNCF). The
Don’t forget that a good sysadmin with company behind the open source database
problem solving skills is an asset to any shut down last year leaving the code in the
company. Keep practising and keep Need to write operational procedures from hands of creditors under an AGPL licence.
learning. May your backups be ever valid! scratch or just want to compare what you The Linux Foundation now has ownership
jolyon.brown@gmail.com. currently have to a market leader? Google’s using the more permissive Apache software
whitepaper is very useful. licence (http://rethinkdb.com).

Datacentre Operating System

Jolyon Brown uses up the last of his Azure credits while
finishing this overview of DC/OS.
L
ast month [see Administeria, LXF221] I started looking LXF 222
at DC/OS, the Datacentre Operating System, covering minecraft config
- According to
some of the background and concepts. I ended with
my children,
the laziest install I’ve ever documented in these pages (simply
this is the first
selecting a DC/OS package from the Azure marketplace and useful thing I’ve
letting some computers out there in the ether handle ever done while
everything for me). Now it’s time to show you how I put this writing for LXF
shiny new system to use and demonstrate how to get
something up and running with it (did I manage it before my
Azure credits expired? Read on to find out!).
Now the DC/OS browser based GUI is very nice and all,
but being a creature of habit I like to understand what
command line options are available to me. So before doing
anything else, I investigated the DC/OS CLI. In the bottom left
corner of the DC/OS dashboard screen my name was
displayed and clicking on that brought up a menu for looking
at documentation, signing out and installing the CLI.
Choosing this brought up a small window detailing exactly show ). This includes a value for dcos_url which is the address
which commands I needed to run to download the DCOS the CLI uses as the current cluster to communicate with. In a
command line client. multiple environment setup, this value would need to change
for the CLI to be able to speak to, for instance, development
The command line rather than production.
This is very reminiscent of the way Rancher does things—I’ve However, when trying to run some of the other commands
no idea which one did it first though (or whether this is a (such as $ dcos node ssh ), I started getting all kinds of
common design pattern in other tools in this space). In this errors with different IP addresses being reported back as
case, a curl from https://downloads.dcos.io, followed by a unavailable. Frustrated, I dug back into the instructions for an
bit of copying and ‘chmoding’ resulted in a new binary called Azure install and found some caveats/recommendations that
dcos installed in /usr/local/bin. Before I could use it though the CLI might be better installed on the master node within
I needed to authenticate to the cluster using the $ dcos auth the cluster itself to avoid these kinds of problems when using
login command, which prompted me to generate an OpenID an SSH tunnel. Huh!
Connect ID token via my browser (and giving me a URL to do Even after this I had some further problems. The
so). Pasting the subsequent text into my terminal rewarded command line agent feels rather… incomplete. Or in a state of
me with a successful login and the ability to run commands transition, perhaps. Some commands gave what looked like
like $ dcos node , which listed my master and slave nodes: quite helpful errors, recommending using a flag or parameter.
HOSTNAME IP ID But more than once I found that adding that flag caused the
10.0.0.5 10.0.0.5 b49be0c4-9af3-44ac-8e55- CLI to return another error saying it was deprecated and to
47760ae2de6a-S1 use something else! Somewhat disheartened I went back to
10.32.0.10 10.32.0.10 b49be0c4-9af3-44ac-8e55- the browser.
47760ae2de6a-S3 Determined to have a better outcome, I decided to try my
… hand at firing up a container using Marathon. This was easily
The dcos command creates a config file in ~/.dcos/ accessed via my local port 8000 (using my SSH tunnel)
dcos.toml (its contents can be displayed with $ dcos config using the url http://localhost:8000/Marathon. You might
Scaling applications
It’s a fairly common requirement for applications utilisation by a Marathon service. Based on pre- This is done by dividing the number of requests
to be horizontally scalable these days. For supplied metrics, this script will increase the being seen per second by the target number of
lightweight microservice-based infrastructures number of app instances up to a ceiling when it requests per application instance. There are
it’s an assumption that this will be possible. calculates that the conditions have been met. other possibilities as well,e.g. http://bit.ly/
DC/OS handles this in a couple of different A bit more sophisticated is an advanced MicroscalingQueue gives an example of
ways, with Marathon being responsible for feature of Marathon-LB that scales up based on ‘microscaling’ based on the number of requests
handling the actual ramping up of capacity. The the number of requests an application is seeing in an Azure Storage Queue and where jobs
DC/OS tutorial provides an example python over a defined time period. The autoscale script deemed of higher importance are scaled ahead
script (https://dcos.io/docs/1.8/usage/ polls the HAProxy stats endpoint (on which of less important background tasks. All of these
tutorials/autoscaling/cpu-memory) which Marathon-LB is based) and automatically scales examples can be seen on GitHub and so offer
monitors the amount of CPU and memory app instances based on the incoming requests. the possibility of developing bespoke options.

recall Marathon is the init system for DC/OS and is used to managed to keep the kids quiet for a little while with their
manage processes and services. Typically it monitors newly created virtual world.
applications via a defined health check and automatically The correct way to handle this apparently though would
heals failures. Adding these is straightforward: select ‘Create be to use the Marathon Load Balancer (which is based on
Application’ from the screen and fill in fields typical for any HAProxy) to expose the container out towards the internet
Docker instance. when it can’t have the ‘slave_public’ setting. This took me a
After quickly getting an Nginx container online, I decided fair amount of web searching (which, again, may be down to
to try something slightly more challenging and fired up a my relative lack of experience with DC/OS). I also found that
Minecraft server, using the docker image itzg/minecraft- creating an application via the GUI sometimes required
server which is downloadable from Docker Hub. There were a editing JSON directly (flicking between application interfaces)
few things to take into account here—a port which wouldn’t, for particular settings which was OK, but not that slick an
by default, be allowed through Azure’s firewall and load experience for someone unfamiliar with this kind of thing.
balancer policy, and I wanted it to be public facing. The health But good news! I went back to the command line and issued
check wasn’t a typical HTTP one as well. It did take quite a bit the command:
of experimentation to get this one over the line so to speak. $ dcos marathon app list
While adding the Docker image and port (25565) wasn’t too To be rewarded with
difficult, I was stumped by errors relating to persistent ID MEM CPUS TASKS HEALTH DEPLOYMENT
volumes and complaints about ‘acceptedResourceRoles’. In WAITING CONTAINER CMD
the end, this was down to my inexperience with DC/OS. I /minecraft 1024 1 1/1 1/1 --- False DOCKER
wanted to add the Minecraft server to the ‘Public’ agent pool None
and the setting that handled this (adding the rather obscure /nginx 32 1 1/1 1/1 --- False DOCKER
string ”slave_public” to the Optional tab under the resource None
roles box) was clashing with DC/OS not allowing this Hurrah! It seems that some commands did work after all
particular combination. as my two containers were reported as being up and healthy.
In the end though, I did get this working (I removed the
persistent volume) and after adding a new firewall, load Bundled applications
balancer and health check settings at the Azure level I DC/OS comes with a bunch of prepackaged options for
software that can be installed. These are available on the
‘Universe’ tab from the main screen. There are a bunch
available and some are listed as ‘selected’ packages (which
includes the likes of GitLab, Jenkins and Cassandra), while
others are listed as ‘community’. The latter is a larger set
including software familiar to just about anyone working in
open source these days (Redis, MongoDB, Postgres, Ceph—
and the list goes on). I experimented with picking a couple at
random—I chose the aforementioned Marathon-LB to
experiment with and Cassandra as a pretty heavyweight
application to see how easy it was to install anyway and to
see how fast the operation was. They were reasonably quick
(much of this might be down to Azure itself of course).
Cassandra fired up four nodes using between 2 and 4GB of
memory in around 10 minutes—fully configured of course
Feeling somewhat buoyed by the unexpected success on
the command line earlier, I tried out some of the package
commands:
The Universe tab in DC/OS—it’s like supermarket sweep for containerised
$ dcos package repo list
applications! Although perhaps a little less terrifying than we’ve made it sound.
Universe: https://universe.mesosphere.com/repo
Service discovery
Mesos-DNS provides service discovery within a A _mongodb._tcp.marathon.mesos. 60 IN SRV
DC/OS cluster. It automatically allows 0 0 3411 mongodb-aht54-s2.marathon.mesos.
applications and services to find each other via ;; ANSWER SECTION:
DNS. When an application is launched by mongodb.marathon.mesos. 60 IN ;; ADDITIONAL SECTION:
Marathon, it gets assigned a name using the A 10.32.0.7 mongodb-aht54-s2.marathon.mesos. 60 IN A
naming pattern task.scheduler.mesos. In all of I can go on a little further though—I can use 10.32.0.7
my cases here, that means task.marathon. the command (below) which will give me the Another possibility is to use Named VIPs
mesos. So, for example, when I want to find out information on which host the MongoDB service which offer some benefits over Mesos-DNS
the IP address of my MongoDB service, I can is running at the current time, but to find the (such as no caching or reliance on the SRV
just issue the command port I need to connect to, I have to look at the record). These are name/port pairs given to an
$ dig mongo.marathon.mesos service locator DNS record: application as part of its packaging—take a look
And get a result like the following (which I’ve $ dig _mongodb._tcp.marathon.mesos srv at https://dcos.io/docs/1.8/usage/tutorials/
edited for brevity). ;; ANSWER SECTION: dcos-101/service-discovery which actually
;; QUESTION SECTION: _mongodb._tcp.marathon.mesos. 60 IN SRV recommends their use over Mesos-DNS as the
;mongodb.marathon.mesos. IN 0 0 3412 mongodb-aht54-s2.marathon.mesos. default service discovery method.

$ dcos package search mongo

NAME VERSION SELECTED FRAMEWORK
DESCRIPTION
mongodb 3.2-0.2 False False MongoDB is an
open-source, document database designed for ease of
development...
mongodb-admin 0.0.20-0.2 False False A Web user
interface to administer MongoDB databases built using
Express.
mongodb-replicaset 0.1.0 False True A MongoDB
ReplicaSet service for DC/OS. An example for this package’s
usage c...
$ dcos package install mongodb
This took literally a few seconds. A few moments later I
checked $ dcos marathon app list and a single instance of
MongoDB was installed and passing health checks.
Scheduled jobs
Next, I took a look at the job scheduling facility in DC/OS.
This is just a way of running commands (or Docker instances)
at set times or intervals. Typically these would be short lived With the job
scheduler it’s
processes—a batch job to generate some reports for applications, containers or jobs are deployed, the admin can
easy to write
example. There is a fair amount of control available over how tag/label them in order to track and report on usage across
your very own
they operate—the amount of CPU, memory and disk space the cluster. These labels might relate to a cost centre, a waste of CPU
they consume for example, as well as a Cron type format for customer or particular team. This might be used for billing cycles
the schedule of the job itself. I decided to try and set a perhaps or for simple audit purposes. This data can be seen
dummy job of some kind up. For a trivial sleep command this via the services tab in the GUI or can be downloaded using
was very easy to do. Clicking on the jobs tab, editing a few the Marathon HTTP API (with data presented in JSON
fields and saving it. Obviously though manually editing these format). There will definitely need to be some post processing
kinds of things doesn’t really cut it for sophisticated on the output for calculations, but there are bound to be
sysadmins of the kind who read this column. Ideally, we’d some freely available packages to handle most of the work for
want to have these jobs held within source code and loaded anyone wanting to go down this route. I do like the idea of
up via the command line. I managed to list my job via $ dcos being able to use DCOS to host some kind of application and
job list and then retrieved the details for it: be able to calculate individual usage in this way, and it feels
$ dcos job show lxf-test-job like a nod towards corporate customers (which can’t do DC/
{ OS any harm).
"description": "a dummy job, a waste of good cpu",
"id": "lxf-test-job", Summing up
"labels": {}, It’s clear that I’ve barely scratched the surface of what you
"run": { can do with DC/OS over the last two tutorials. It’s a quite a
"artifacts": [], large beast of an orchestration platform. There’s a bunch of
"cmd": "sleep 1000", stuff I haven’t even covered yet—Dynamic Reservations and
"cpus": 1.01, Persistent volumes to name but two. I have to say there are a
"disk": 4, couple of areas I’m not 100% sure about. Unfortunately,
"env": {}, secrets management (handling encrypted information,
"maxLaunchDelay": 3600, passwords and such-like) is only included in the enterprise
"mem": 32, edition of the software (I tend to feel this is a really big miss in
"placement": { my opinion, as the setup in the enterprise platform looks
"constraints": [] quite useful and well put together). Perhaps some alternative
}, secrets management could be put together using, for
"restart": { instance, the likes of Hashicorp’s excellent Vault software.
"policy": "NEVER" However, DC/OS does feel like a natural fit for running on
}, a cloud provider’s platform. But before committing to one
"volumes": [] distro over another though, I’d definitely test the same types
} of workloads and operations out over a reasonable period of
} time. I’ve obviously used Azure here and it seemed to be
Saving this command into a file and editing the JSON adequate to be honest. I believe that monitoring the whole
directly, I then managed to reload it using the command set up will be a non trivial exercise, wherever it ends up
$ dcos job update <path to file . This was quite slick and I getting deployed.
began to feel somewhat guilty for my earlier evil thoughts Having spent a little more time with DC/OS, I’ll stick to my
towards the command-line client package afterwards. It’s guns on what I said last time: This feels like more of a
also possible to amend a schedule in the same way and heavyweight than others in the field. I just wish some of the
associate it with a job. enterprise features were available in the open source version!
Another neat idea is to assign labels to jobs (they can also But it’s definitely worth considering if you are in the market
be attached to applications). The idea here is that when for a container management solution. LXF

The best new open source
software on the planet
Alexander Tolstoy
used ‘LANG=C’ for launching
each hot and sizzling open source
application this month to deliver you
readable screenshots!
Raw Therapee Qt FLIF Plugin Babe-Qt Neofetch QtPass KDE Connect

QStardict RCloneBrowser Marble Linux Air Combat Operation Nautak
Photo editor
RawTherapee
Version: 5.0 Web: http://rawtherapee.com
A
lthough the overwhelming in restoring and enhancing RAW images
majority of mortals shoot means that you effectively learn to do it
photos using their better than the automatic algorithm in
smartphones these days – and largely your camera. RawTherapee also feels
selfies – there are still a large like a professional tool with its
community of people who care about numerous sliders, graphs, preview
every pixel and demand the highest panels and stylish grey icons, all
quality for their digital images. To join wrapped inside a dark-themed UI.
the club you need to ignore the lossy In order to get around we watched
JPEG format in favour of RAW, the some video tutorials from the web. RawTherapee offers a cosy darkroom for healing noisy
format of pure data from a DSLR Some of the videos featured an older images and fixing pale tones.
camera sensor. version of RawTherapee, which
RawTherapee is a well-established immediately highlighted how many extra options have been added to it.
tool for digital photography in Linux, Specifically, if you open an image and
especially for managing RAW files. The
application’s general aim is to make the
“An abundance of noise go to the Detail section (Alt+D), you’ll
see an abundance of noise reduction
best out of your camera’s photos with
more accurate colours, less noise and
reduction tools that tools that cover lots of areas, including
luminance/chrominance/impulse noise,
smoother skin tones, etc. Gaining skills cover lots of areas.” defringe and contrast detail levels. Once
you understand how each setting
changes an image, you’re ready to edit
Exploring the Raw Therapee interface... your RAW images.
Any combination of custom settings
in RawTherapee can be saved as a
profile and re-used for another image or
A choice of places even for a batch of files. The application
These include your home and
~/Pictures directories as well
is already bundled with some popular
as disk volumes and profiles, e.g. you may want to apply the
removable drives. ’Default ISO High’ profile to low-light
images or the Non-Raw > Brighten
profile to fix an under-exposed JPEG.
RawTherapee 5.0 is the first major
Recent directories list update after more than two years of
The easiest way to pore through
development. There are lots of new
endless subdirectories is to use
the tree view. tools for better handling different image
defects. Apart from convenient noise
removal, there are now different
wavelet-based tools for fixing
sharpness, the Retinex tool for fighting
Thumbnail view Quick tools Magic effects dust particles and restoring images that
RawTherapee is quite robust in You can rotate, flip and crop All the valuable features reside here under
are too dark. The new version is a must-
generating small previews for images without leaving thumbnail different categories (such as Colour, Detail
almost any graphic files. view and entering the editor. and Wavelet, etc). have tool for both amateur and pro
users who love open source software.

LXFHotPicks
Image plugin
Qt Flif Plugin
Version: Git Web: http://bit.ly/QtFlifPlugin
W
hile some people keep their way that they do with PNG or any other
home directory (~/) very supported format. Compiling the plug-
small, others collect in produces the libflif.so file that you
significant amounts of personal files, should place in /usr/lib64/qt5/
including images. In LXF205 [HotPicks, plugins/imageformats. (Note: your
p57] we admired the brand new FLIF prefix may be different from /usr/
image format that will eventually lib64.) Don’t forget to place the
replace PNG someday. bundled XML and DESKTOP files in
FLIF has a full-fledged desktop support now.
The FLIF encoder produces files that their correct destinations in order for Qt
are up to 30% smaller than PNG and apps to accept the plugin.
still lossless. So, if you happen to have Once done, you’ll get correct Gwenview 16.12 compatibility (only
lots of PNG (or run a worldwide thumbnails in Dolphin and the ability to older versions worked with the plugin),
screenshots database), you can save edit FLIF files in many applications. FLIF but we contacted the Qt FLIF Plugin
your disk space by converting all PNGs supports animated images as well, developer and he was quick to come up
to FLIF. In the meantime, the FLIF although the Qt plugin can only read with a fix. Alternatively, you can check
format is still missing in the MIME such files, but not save animations yet. out another compact image viewer at
database that comes with every Linux Before we were able to write these https://github.com/spillerrec/
distro, so you need some third-party words there was an issue with imgviewer that has no compatibility
tools to view FLIF files and possibly problems. Both the
manipulate them.
The Qt Flif Plugin offers a shared
“Read and write FLIF files in viewer and the plugin
can be easily compiled
library that enables many Qt-based
apps (such as Gwenview, Kolourpaint)
the same way you do with PNG using just $ qmake &&
make within roughly a
to read and write FLIF files in the same or any other supported format.” minute or so.
Music player
Babe-Qt
Version: Git Web: http://bit.ly/babe-qt
T
here are so many music players QML language, which is used in KDE
for Linux that it’s hard to Plasma. This prompted Higuita (aka
imagine what another could Milohr) to convert his player to pure Qt,
offer. When we first discovered Babe hence the name change.
(without ‘Qt’ in the name), it was an The main screen presents cover art
early hobby project written in Vala by with a thin playing position slider below
Camilo Higuita. The developer is a it. When you hover your mouse over the A stylish and compact way to listen to your music.
talented artist and graphic designer, cover art extra buttons appear, such as
who shows off some very good-looking playback control, shuffle, adding the has a lots of stylish buttons that hide
screenshots of customised Linux currents track to favourites and toggling extra player options, it’s best to try each
desktops on his DeviantArt account. the player’s view. The toggle button button yourself to find the Babe-Qt
Higuita is also a talented software cycles through three modes: minimalist settings area (you add your Music
developer and the initial idea behind removes window borders (you hold Alt directory here), scroll through the
Babe was to create a tiny but polished to drag the Babe-Qt window); the album list, manage playlists and
music player that puts your favourite second mode adds a playlist area below favourites and save your music library
music tracks at your fingertips. He the cover art and the third expands the searches, etc. The application is a work
wanted the player to be very simply music collection on the left. Babe-Qt in progress, and the author hopes to
designed and compact while capable of add features such as youtube-dl
advanced features, such as music
collection lookups and tagging. It
“Babe-Qt has lots of support for audio streaming and a
dedicated Chromium extension. You
turned out that Vala+GTK 3 wasn’t
powerful enough to fulfil Higuita’s
stylish buttons that hide can build Babe-Qt using $ qmake-qt5
&& make and don’t forget to install Qt
design aspirations, but neither was the extra player options.” and Taglib headers beforehand.

LXFHotPicks
Command-line tool
Neofetch
Version: 3.0 Web: http://bit.ly/neofetch
T
hese days it’s hard to find a uptime, CPU, GPU, Memory info and, of
Linux-related forum or course, your theme settings.
discussion boards where there The new Neofetch release bumps
isn’t a popular ‘Show your Desktop’ the latest version to 3.0, although the
thread. People love to show off their changes are fairly substantive. In
customisations to others and Neofetch addition to extra ASCII artwork, you can
is a little helper just for that. No, it now enjoy CPU sensor output in
Grab all the useful details of your system with some
doesn’t take screenshots, but it does Fahrenheit, multiple GPUs listed on
colour and ASCII flair in your terminal with Neofetch.
help you to quickly find out useful different lines and fixed output in non-
details about your system. GTK based desktop environments (e.g. over 50 configuration options to play
Using Neofetch, you can boast about KDE users will no longer see GTK theme around with.
your fantastic desktop and prevent a output listed in their screen fetch). Installing Neofetch is very simple, as
flood of questions such as ‘What You can configure Neofetch your long as there are no binary components
icon are you using for X?’ Just run way by modifying the /etc/neofetch/ inside it. As usual, there’s a special PPA
$ neofetch and you’ll see a funny config file, which is a plain Bash script. for Ubuntu users at ppa:dawidd0811/
ASCII-rendered logo of your Linux distro This script enables you to comment out neofetch, but there exists an even
and a list of system details next to it. In or add custom entries, and there are simpler installation method: you can
fact, Neofetch can show logotypes of as clone/download the contents of
many as 108 different operating
systems, including various Haiku,
“Prevent a flood of Neofetch GitHub repos and just
run $ sudo make install . If you
Windows and various sorts of BSD.
The default list of details includes full
questions such as ‘What like this small program, feel free
to add it to you ~/.bashrc file
OS name, PC type, kernel version, icon are you using for X?’!” and enjoy it each time you open
a terminal window.
Password manager
QtPass
Version: 1.1.6 Web: https://qtpass.org
M
ost of us have many online that helps avoid fiddling with the
accounts and services that command-line arguments.
require (at least) a password Once you start it for the first time
to log in. It’s not that easy to learn all you need to add the first user and
the different passwords by heart, generate a GnuPG keypair—simply
especially as they need to be changed provide an email, a nickname and a
regularly, and that’s why many security passphrase. A few minutes later, you’ll
aware Linux users turn to use password be taken to QtPass config window QtPass includes the ability to configure clipboard use and
managers. For those that don’t like where you change clipboard behaviour, fine-tune the random password generator.
using a GUI-based manager, there’s a manage profiles and form templates. and subfolders, and then organise a
powerful command-line utility called The main application window custom hierarchy of your password
pass that follows Unix philosophy and resembles a customised note-taking categories. QtPass supports multiple
stores each password lives inside of a manager or a bookmarks library. You user accounts and enables you to set
GPG-encrypted file. can add an entry in order to store a URL, permissions for your password entries
The filename is the title of the a password and a login name. (You and folders—you can grant access to
website or resource that requires the change the default template to specific accounts and forbid other
password. These encrypted files can be customise these fields.) Aside from people from accessing certain
organised into meaningful folder root-level entries, you can create folders passwords. This should not be
hierarchies, copied from computer to confused with regular system-level
computer, and, in general, manipulated
using standard command-line file
“An ideal solution for Linux users, though.
QtPass is very flexible and is an ideal
management utilities.
But for those that like their GUIs,
protecting your solution for protecting sensitive data
where several users access the same
QtPass is a graphical front-end for pass sensitive data.” Linux machine. It is also cross-platform.

LXFHotPicks
LXFHotPicks
Android connector
KDE Connect
Version: 1.0.3 Web: http://bit.ly/KDEConnect
W
hen will Linux finally take over router). Despite its name, KDE Connect
the desktop? After waiting is very friendly to other desktop
decades, it’s clear that the environments, such as Unity or
dream has already come true through elementaryOS’s Pantheon.
the prevalence of Android-powered It integrates well into the System Monitor your smartphone battery on your desktop and
smartphones. Android has the Linux Tray as a standard appindicator. never miss a call or SMS with this mighty tool.
kernel inside, but there’s a noticeable Regardless of your Linux desktop of
lack of seamless integration tools choice, make sure you have the right Android application and the Linux
between Android smartphones and mobile app on the phone’s side: go to desktop component run silently, but
Linux desktop environments. We Google Play and search for ‘kde once both ends connect to the same
mentioned Nuntius [See HotPicks, p65, connect’ and install it. Next, you’ll need network the pairing happens
LXF206], a Gnome Shell-friendly utility to pair your phone with your computer, automatically. When your phone is
that integrates your phone’s which is a matter of few seconds and a connected, you can check its battery
notifications into your desktop topbar. couple of mouse clicks in the KDE status and send SMS from your
But, Nuntius hasn’t received any Connect plasmoid/appindicator desktop and trigger your ringtone to
updates for a long time and uses settings. Accept the pairing request on find a lost phone. On the Android side,
Bluetooth to connect to a phone, which your phone and that’s it. Both the you can set up quick launchers and
brings additional obstacles. control certain Linux
KDE Connect is a much more
promising technology that relies on
“Send SMS from your desktop applications remotely. KDE
Connect is currently
Wi-Fi connection. All you need is a
standard network for your phone and
or trigger your ringtone to uniquely positioned, as
there’s nothing as good or
your computer (e.g. a home Wi-Fi find a lost phone.” as stable (yet, at least).
Dictionary
QStardict
Version: 1.2RC1 Web: http://bit.ly/QStardict
H
ow long English will remain the thanks to the broad choice of free and
world’s common language for open source options around the web
international communication is (see http://qstardict.ylsoftware.
questionable [says the Russian–Ed], com/dictionaries.php). All you need to
but it has been the inspiration for many do is unpack the downloaded tarballs to
online dictionaries and translating ~/.stardict/dic and QStardict will Use QStardict for offline language translation.
services. But most of them share the automatically pick it up.
same issue: once you’re offline, you lose To use QStardict, you just type the To hear how they are pronounced,
access to a service and since the use of word you want to know the meaning of you’ll need the Festival speech
a translator suggests you might be and enjoy the instant results. It doesn’t synthesiser, which should be available
abroad without any sort of the internet matter what language you’re typing in, in standard repos of your Linux distro.
coverage, an app that doesn’t rely on QStardict should guess the direction QStardict sits in the System Tray
remote connections would be helpful. correctly without manual setup. The and can be easily invoked using the
QStardict is a robust version of buttons below the search field are used Ctrl+t keystroke. One of its most useful
Stardict, one of the most popular open to navigate through different entries, features is Scan, which is enabled by
source offline dictionaries. In fact, save word definitions to an external default. Setup your dictionaries, launch
QStardict just offers a GUI, and plain text file, print it and even show QStardict and minimise it to System
populating it with specific dictionaries is how to pronounce a word. Tray and return to a web browser, text
down to you. The application is editor or any other application with
compatible with various dictionary
formats including DICT, XDXF (XML
“Hover your mouse over selectable text. When you hover your
mouse over any word you’ll get an
Dictionary Exchange Format) and Abby
Lingvo. In many cases, you don’t need
any word to get an instant pop-up translation. This
splendid capability can even help you
to purchase commercial dictionaries instant translation.” learn foreign languages!

LXFHotPicks
HotGames Entertainment apps

Flight simulator
Air Combat
Version: 3.42 Web: http://bit.ly/LinuxAirCombat
A
decade ago there was a LAC has lots of advantages over its
beautiful flight simulation predecessor in many regards. There’s
game called GL-117, but it five-tiers of graphics setting. The first
hasn’t seen any updates for a long two are quite basic and the rest
time. To the joy and happiness of supplying great detail—make sure to
many Linux users, the fork called increase the default settings to see
Linux Air Combat (LAC) has emerged. water reflections, leaves on the trees
The two games are still very similar, and clouds.
although LAC is a more feature-rich. LAC has a broader selection of both Enjoy the beautiful view before going down in flames.
You control an aircraft armed with historical and modern aircraft than
machine gun and, occasionally, GL-117, such as P51, P38, A6M2 and B17 on low speed; reducing the throttle
missiles. LAC maintains the tradition from the WWII, as well as the more with heavy cargo load or with full
of GL-117 by greeting novice users recent F-16 jet fighter. Many real-world fuel tanks; and darkened vision in
with introductory tutorials, including features have been added to make accelerated state, etc.
basic flying skills (avoid hitting flying more realistic, such as stalling out LAC also includes a network
mountains otherwise your plane will mode that enables you to make
blow up, etc), targeting, shooting
ground objects and completing
“Networking joint strikes with your friends
against the enemy team and talk
simple missions. There’s a vast list of capabilities bring LAC to your buddies via the pre-
to new heights.”
progressively harder missions that configured Mumble VoIP app that
follow once you’re ready. runs on the game’s web server.
Strategy game
Operation Nautak
Version: Git Web: http://bit.ly/OperationNautak
T
ower defence games are very game before you probably have an idea
popular on mobile devices, but that the right balance is required: a
although some proprietary stronger unit is more efficient than
titles do exist for the Linux desktop, several weaker ones, so you need to
finding a decent (and playable) open concentrate your resources and not
source game took us a little longer. split them.
Trick the aliens to split their forces to defeat them.
Operation Nautak is a fully The aliens also position solar plants,
featured strategy game where you buy units and build missile launchers, but the end in this case justifies
defend military bases against AI. The and after a while you’ll find it hard to the means.
plot is classic sci-fi; there are 25 break their resistance without a solid The game has been in
cities throughout the world where strategy. A simple approach can do the development since 2012, but it still
alien invasions have taken place. trick— send a crowd of cheaper cannon receives frequent commits. It has
Within each location, you need to fodder down one path and while the been distributed as a source tree of
destroy the alien base while enemy’s guns destroy them, send a the Adobe Air 2 package, which is a
preventing them from taking over group of highly-trained gunmen on the very rare type of Linux app. To build it
your base camp. neighbouring route. Callous it might be, from source, you’ll need a 32-bit only
During the game, you need to Adobe Air SDK and some patience to
place solar plants that generate
energy, which is a sort of currency for “Operation Nautak is a fully first get it to work and
then package the game
you to buy attacking soldiers and
missile launchers for defence. If
featured strategy game where with $ adt . You can also
play online at http://bit.
you’ve ever played tower defence you defend bases against AI.” ly/2jKTA6q.

LXFHotPicks
Cloud services connector
RCloneBrowser
Version: Git Web: http://bit.ly/RCloneBrowser
M
ost data backup tools for RCloneBrowser what terminal
Linux rely on rsync, the most application it should use, like this:
practical Unix utility for $TERMINAL=konsole ./rclone-browser
syncing source and destination The main window shows the blank
Browse your cloud storage without actually needing to
directories. Even though rsync can be area because you haven’t added any
download anything to your system. Splendid!
used for accessing remote filesystems accounts yet. Press the ‘Config’ button
(if you can mount it), it doesn’t work below to set up at least one account. local files with a cloud, it browses files
with cloud storage. The rclone RCloneBrowser will open a Terminal and directories of your cloud storage
application is an attempt to create a instance and guide you through the remotely, enabling you to download any
cloud-based rsync version and process. All supported cloud services item on demand. You use the button on
integrates your Linux system with offer public APIs, which means that the toolbar to create or delete files and
widely used storage services, such as you’ll need to go to certain URLs in folders, upload new items to the cloud
Dropbox, Amazon S3, Google Drive, and order to authorise yourself, get and even mount cloud-based
Microsoft One Drive, etc. confirmation codes or perform similar directories locally. This feature is really
RCloneBrowser offers a user- actions. The approach of fantastic as your files appear as if they
friendly GUI for the command-line RCloneBrowser differs from classic were downloaded, but they are only
rclone utility. Both parts are open desktop clients of cloud services. fetched if you need to open them (or
source and can be compiled using the Instead of continuous syncing your generate thumbnails). Best of all,
convenient $ cmake . && make RCloneBrowser is a
sequence, although you are free to use
binary packages. Before proceeding,
“A replacement for many replacement for
many proprietary
make sure you have the compiled proprietary standalone desktop standalone desktop
clients from third-party vendors .”

rclone utility (you’ll need to specify its clients from third-
path in the GUI settings) and tell party vendors.
Virtual globe
Marble
Version: 16.12.1 Web: https://marble.kde.org
W
e first featured Marble in your position. Marble has a set of useful
HotPicks a long time ago plug-ins, all enabled by default. Going to
[See p71, LXF160] as an View > Online services, you can select
‘eye-candy’ application and we must extra layers, such as earthquakes,
admit that it has grown into something postal codes, weather, satellites, shared
a lot more substantial. Marble is an photos with geotags and a lot more.
open source replacement for Google Scrolling through the changelog of Apparently, it’s not too cold in Japan, but there are
quakes in the northern parts of the country.
Earth and a very useful desktop the major recent Marble update can
application, especially if you have an make your fingers hurt; there are
internet connection. Marble can show massive changes throughout the code. Earth in real time, day and night. Marble
atlas, satellite or OpenStreetMap layers The team has recently refactored the also has an Android version.
using stereographic, Mercator, routing algorithm, added bookmark By default, Marble pulls out quite a
gnomonic or azimuthal equidistant support and fixed a lot of minor issues. KDE Frameworks dependencies, so if
view—and these are just a small There are other noteworthy changes, you use another desktop, you may want
selection of all possible views and e.g. Marble now includes both a desktop to get rid of that stuff. but you can build
projections that are available. widget and wallpaper, which display the Marble from source using the $ cmake
Depending on what you want to do time on top of a satellite view of the -DWITH_KF5=FALSE command. LXF
with this application, you can: explore
distant places on planet Earth; go off
world and explore moon craters or star
“Watch the map of current earthquakes,
constellations; and hop back to plan
journeys by car or bike; watch historical
postal codes, weather, satellites, shared
world maps, e.g. from 1689; or track photos with geo-tags and a lot more.”
Rev ews Xxx
Pi user
Giving you your fill of delicious raspberry Pi news, reviews and tutorials.
Google AI to
Carl Monk
Prolific maker
and tinkerer in
the raspberry Pi
Community.
Welcome... smarten your Pi

Your Pi is going to gain some super-smarts in 2017.
M
y interest in the Raspberry
Pi was spawned after
T
watching the now infamous he Raspberry Pi Foundation has said that being able to connect their services to the real
video of Rory Cellan-Jones showing the search-engine giant intends to make a world using Raspberry Pi.”
off one of the prototypes in 2011. I range of its machine learning and artificial Google kicked things off with a survey asking Pi
managed to bag my first Pi (which I intelligence tools available to the single-board PC. users to discern what tools would be of most
still have) in June 2012 and never What does this mean? The official Raspberry Pi benefit. This went from the usual demographics to
looked back. One of the great things blog says “Google is going to arrive in style in specific areas of speech and facial recognition.
that has come from this credit-sized 2017” as it’s intending to make a range of its http://bit.ly/GoogleToolsPi
£30(ish) computer is the community machine learning technologies available to makers
that grew up around it. What started to enable them to build more powerful projects.
on forums and Twitter, expanded out (See the cucumber-sorting Pi [Pi Intro, p56,
into hack meets and the ever- LXF216] as an example of what is possible.)
expanding Raspberry Jams. The Rasberry Pi co-founder Eben Upton told
latter benefiting from the dedicated TechCrunch: “For me, the big opportunities are
early efforts of people like Alan around deep learning and AI. Google are very
O’Donohoe and Ben Nuttall. strong in this area, particularly after the DeepMind
The first time I became actively acquisition, and there are obvious benefits to Google’s machine learning tech comes to the Pi.
involved in the community was the
Tardy Tinker MeARM!

Egham Raspberry Jam. Initially, I was
a wary participant; seeing all these
fantastic creations I was in awe of.
Now I’m a regular contributor to
Jams; showing my own ‘fantastic Delayed launch for Asus SBPC DIY PI arms
creations’ and, more importantly,
W W
hoping to inspire young makers (and e were getting our hopes up for a new e love Pi. We love robots. We love arms.
a few older ones) to grab a SBPC from Asus called the Tinker So we really love the robot Pi arm
breadboard and some components Board. With a 1.8GHz quad-core MeArm Pi. It’s the latest Kickstarter
and have a go. It’s rewarding chatting Cortex A17 core, Wi-Fi, Gigabit LAN and a host of project to get funded and intends to provide a DIY
with people about how things work shiny extras, it seems its launch was delayed by robot arm kit for your Pi. It’s from an experienced
and answering questions. Often lack of OS support, Asus promises to have that group so back with impunity!
helping them to realise that the more fixed by the time you read this. http://bit.ly/lXFpiarm
http://bit.ly/asusTinkerBoard
impressive a project is, the
underlying principle is pretty simple
and accessible.
I am active on Twitter and often
there will be a ‘how do I’ tweet from
someone in the community, be they
a newcomer or an old hand. The
community are quick to offer
support, linking articles or providing
advice. Making that first leap into the
unknown can be daunting.
Sometimes all that’s needed are a
few words of encouragement. Debian and Tinker oS are coming, honest! Get off me arm!

Single-board computer Reviews
Compute Module 3
Les Pounder gets hands on with another slice of Pi, but this time with a
smaller portion, still packed with power!
W
hen the Raspberry Pi
In brief... Compute Module first came
out, back in 2014, it was the
An update to first major hardware redesign for the
the 2014 Raspberry Pi. Gone was the ‘credit card’
Raspberry Pi
Compute Module. sized board, replaced with something
Now powered by that resembled a SO-DIMM taken from
the same package a laptop. Since then we have seen
as the popular numerous new Pi models and most
Raspberry Pi 3 it
notably the Raspberry Pi 3 which saw
requires an IO
board in order to an increase in computational power.
flash the OS and But the Compute Module has not been
connect the 120 so fortunate. Until now.
GPIO pins. Ideal Released mid-January 2017, the
for industrial/
embedded Raspberry Pi Compute Module 3 brings
technologies as the powerful 1.2GHz quad-core CPU
the user will be and 1GB of RAM, BCM2837 system on
required to design The Compute Module 3 is truly tiny
a chip to the original SODIMM form
circuits around board, but it requires a specialist knowledge
factor. The Compute Module 3 comes in in order to get the most from it.
the module.
two flavours: a version with 4GB of flash
storage, reviewed here, and a ‘lite’
version that requires an external connect the Compute to your compare it in size to the Pi Zero, which
microSD card for storage. The Compute computer. But why do we do this? is only a few millimeters smaller than
is a tiny package into which a Pi can be Well, we need to flash an operating the Compute.
housed, chiefly because the Compute system onto the Compute’s internal But here is where we hit a snag, the
Module 3 requires a development board 4GB flash storage via a USB slave Zero retails for around £4, and the
(around £150), known as a Compute connection to our computer. Compute Module 3, along with its IO
Module IO Board, with which to board retails at £150. For the home
breakout and interface with the module. Industrial Pi hobbyist the Zero offers the same small
The Compute Module 3 is Also on the IO board we see two footprint board but at a significantly
connected to the IO board using a camera interfaces which can be used reduced price. Would the hobbyist need
typical SODIMM slot, this then connects with the official Pi camera via an a Compute? Quite frankly no, but then
the BCM2837 to the 120 GPIO pins adaptor, there are also two display the Compute is aimed at businesses
present on the board. The IO board also interfaces that also require an adaptor. who are looking to integrate the Pi into
provides a single USB 2.0 port, HDMI We also saw a microSD card adaptor on their own technologies, such as NEC
and two micro USB ports. One for the IO board and this works with the using the Compute Module 3 in a line of
powering the board, which will need a ‘lite’ version of the Compute module, televisions. But for most of us this is too
2.4A supply to adequately power the which comes with no flash storage. much to outlay for a project. LXF
device, and a port which is used to What isn’t present on the Compute,
or the IO board, is the Wi-Fi and
Bluetooth chip that’s on the Pi 3B. As Verdict
Features at a glance the intended applications for this board
are in industrial and embedded Raspberry Pi Compute
products, a Wi-Fi/Bluetooth connection Module 3
could compromise security or safety. Developer: Raspberry Pi Trading
Web: www.raspberrypi.org
The IO board also offers no Ethernet Price: £25 (dev. module £150)
connectivity, requiring the use of a USB
Features 7/10
Ethernet device in order to work with
Performance 8/10
the Compute. Ease of use 6/10
Due to the size of the onboard flash Value 8/10
the chosen OS is Raspbian, albeit the
Power in a small form factor but at a
GPIO everywhere! Dual cameras 1.5GB ‘Lite’ version without a desktop cost. Aimed at industrial development,
The Compute Module IO Connecting two cameras environment, so a solid knowledge of it’s expensive for home hobbyists.
Rating 7/10
Board provides access to is possible using the IO Linux is a necessity.
all of the GPIO pins on the board, handy for apps
The Compute Module 3 is a truly
BCM2837 chip. needing stereo vision.
powerful device, especially when we

Raspberry Pi Digital assistant
Python: Make a
digital assistant
Les Pounder shows us how physical computing, some Python libraries and
an open data API can be used to build a Pi butler.
P
ersonal assistants vary in their design and scope but $ sudo pip3 pyowm
what are the basics? Well, it should be easy to use and With the installation completed, we can now move on to
provide instant access to information. Fortunately, coding the project. Open the Python 3 editor, found in the
creating one can be quite simple. We’re going to create a Programming menu. The first screen to open is the Python
project where waving your hand in front of a sensor will have shell, which we will not be using so click on File > New to
your homemade assistant inform you of the latest news and create a new file. Once the new window opens immediately
Our weather before you head out into the world. save the file using File > Save and call it butler.py. Remember
expert We start by connecting our sensor, which only requires to save as you work through the code.
Les Pounder three connections to our Pi: 5V power, Ground and GPIO17. In the code, we start with importing the necessary
Les is a hacker Even though the sensor uses 5V for power, the output signal libraries. We will import the MotionSensor class from the
and maker who from the sensor is only 3.3V which is the maximum safe GPIO Zero library – this is used for our sensor – followed by
loves tinkering
with Raspberry Pi, voltage for the Raspberry Pi GPIO pins. To tweak the sensor’s Feedparser to parse the RSS feeds; the time library to get the
Arduino and sensitivity there’s a small potentiometer on the rear of the current time; gTTS for our text to speech service; os to work
micro:bit. He
sensor. Turn this clockwise to increase the sensor’s range. with the Linux operating system and pyowm to use the
trains teachers
with the We used a standard 3.5mm speaker on our Pi, so we OpenWeatherMap service.
Raspberry Pi needed to ensure our audio was routed to the analog output, from gpiozero import MotionSensor
Foundation and
writes up his from the Pixel desktop right-click on the Speaker icon in the import feedparser
adventures at top right and select ‘Analog’. Your Pi will also need to be import time
http://bigl.es connected to the internet, in order to put this into a box for from gtts import gTTS
standalone use, use a Wi-Fi connection to minimise wires. import os
import pyowm
Software setup To retrieve the RSS news feed, we need to use feedparser
Before we start writing any Python code we firstly need to to parse the RSS into something that Python can work with:
install a few software packages. In the Terminal, we will install news = feedparser.parse("http://feeds.bbci.co.uk/news/rss.
COMPATIBILITY a simple MP3 player called mpg321 that will handle playback xml?edition=uk")
all of our audio with $ sudo apt install mpg321 . pir = MotionSensor(17)
Pis We now move on to installing the Python 3 specific
libraries. Using pip3 we shall install feedparser to parse the
We create an object called news that will store the feed
from BBC News and later we’ll work with the feed. Next, we
raw RSS news feeds, gTTS, Google’s Text to Speech service create an object called pir that will store the GPIO
and pyowm the Python Open Weather Map API. connection used for our infra red sensor, in this case GPIO17.
$ sudo pip3 install feedparser We now enter into a loop that will run as long as the
$ sudo pip3 install gTTS Raspberry Pi is powered up:
You will need:

Raspberry Pi 2 or 3 Model B
Raspbian Pixel
1x Infrared obstacle sensor
We had a spare
3x Jumper wires (to connect sensor to GPIO)
Speaker speaker kit laying
Power supply around, so we
Wi-Fi connection integrated it
Optional box to store the project into the project
All of the code for this project and a detailed instead of a
diagram can be found at https://github.com/ big speaker. We
lesp/LXF222-Butler/archive/master.zip. bought the kit
from Kitronik.

Digital assistant Raspberry Pi
OpenWeatherMap: how to get your API key

Adding extra functionality to our project, have multiple keys at any one time, but
we used a popular open data provider to most users just need the one. Your API Quick
provide precise weather data for our key will need to inserted into the Python tip
assistant. The Open Weather Map code for this project, remember we had a
Use sudo raspi-
website, http://openweathermap.org, line of code marked:
config from the
offers a free (Application Programming owm = pyowm.OWM("API KEY")
Terminal to output
Interface) API for use with many different Well, all you need to do is paste your audio via a 3.5mm
languages. For our project we used key inside (“API KEY”) , save and run headphone jack.
Python 3 and installed the pyowm library your code to connect to the To alter the volume
for a pythonic method of using the API. OpenWeatherMap service and retrieve level use alsamixer
In order to use the service you will the weather for your town or city. in the terminal. Use
need to sign up as a registered user. This Don’t share your API key or post it the up and down
is a free service. Once signed in go to API online. This code is unique to you and keys to control the
volume and ESC
Keys and create a new key and any misuse by other parties may lead to
to exit. This works
remember to give it a name. You can consequences being addressed to you. Only one sensor required.
over SSH, too.
while True: tts.save("news.mp3")

status = pir.wait_for_inactive() os.system("mpg321 news.mp3")
First, the loop will store the status of our sensor inside of a In true TV news style, we now go to
variable called status . The value is either True or False. True the weather report. Here we use the
when it detects an object, or False when nothing is detected. OpenWeatherMap API, called pyowm.
Our sensor works by sending a high signal to the GPIO pin We create an object called owm and
when at rest, but when it detects an object it drops the signal store inside our API key necessary to
to low, which triggers a change. We now need to wait for the access the service (see OpenWeather
trigger to be activated, storing True inside the variable. Map: how to get your own API key,
if status == True: above). We then create another object
current_time = time.ctime() called observation and in there we
str(current_time) store the location of our weather report.
If that is the case then we get the current time using the Last, we create another object called w
time.ctime() function, storing it in a variable called current_ to get the weather for our location.
time , next we ensure the data inside the variable is a string. owm = pyowm.OWM("API KEY")
We now move to our first look at gTTS, Google’s text to observation = owm.weather_at_
Our final
speech library: place("Blackpool,uk")
project sees a
tts = gTTS(text=(current_time), lang='en-us') w = observation.get_weather()
Raspberry Pi 3
tts.save("time.mp3") Our weather comes in two sections: the current status,
enclosed in a
os.system("mpg321 time.mp3") cloudy, raining, sunny and the temperature. Creating a wooden box. The
We create an object called tts and in it we store the text variable called weather we get the status and store it in the sensor pokes out
that we wish to convert to speech, in this case the current_ variable. We then pass this to gTTS for conversion to speech, of the box for
time variable, we also can choose the speech language. We ensuring that the data stored in the weather variable is easy access.
chose American English as it had the most natural tone. stored as a string, and then played back using mpg321.
Google text to speech doesn’t perform live speech synthesis, weather = w.get_status()
rather it just converts the text to an audio file. We save the file tts = gTTS(text=("The current weather is,
with a relevant filename and call mpg321 from the terminal to "+str(weather)), lang="en-us")
playback the audio file. tts.save("weather.mp3")
To retrieve the top five news headlines from the BBC News os.system("mpg321 weather.mp3")
RSS feed, we use a for loop that iterates five times and each Our temperature report is handled in the same manner as
time the value of i is increased by 1, starting at 0. the weather status, but to get the correct temperature data
for i in range(5): stored in a variable called temperature we need to pass an
Again, we’ll create a tts object for storing the text that we extra argument, in this case celsius and pass the key temp_
want to convert to speech. But in this case, we create a new max so that the value stored for that key is returned and
MP3 every time the loop is run, and each time it will store a stored in the variable.
different news item. Earlier, we created an object called news temperature = w.get_temperature("celsius")["temp_
that stored the RSS feed. We now extract that data using a max"]
dictionary (our news object, a list contained inside the tts = gTTS(text=("The current temperature is,
dictionary called entries , another dictionary that stores the “+str(temperature)+"celsius"), lang="en-us")
numerical value of the news headline, and finally the text for tts.save("temperature.mp3")
the headline is stored as a key called title . os.system("mpg321 temperature.mp3")
for i in range(5): Now that our code is complete, save your work and click
tts = gTTS(text=(news["entries"][i]["title"]), lang="en-us") on Run > Run Module to test that it’s working correctly. LXF
Fun projects every issue Subscribe now at http://bit.ly/LinuxFormat

Raspberry Pi CMS in-depth
CMS: Build a
content server
Sean Conway demonstrates how to install the three software foundations:
web server, database and language for a CMS web server.
T
his tutorial will configure a Raspberry Pi as a web
server to set up a content management system
(CMS) using the popular WordPress platform. Before
starting the configuration, we’ll cover what makes a CMS and
follow up with how to install and configure a WordPress server
and have it running and accessible from a browser. For this
tutorial, you’ll need a Raspberry Pi for booting into Raspbian.
Our You’ll also need some experience using the terminal and be
The database’s root user password initialization.
expert comfortable using a text editor to work with files.
Drupal, WordPress and Joomla are just three examples of
Sean D. free open source CMS software platforms available. Drupal software installations. Log in again and open a terminal
Conway had came to life as an open source project in 2001 while window to proceed with configuring the software.
formal training
in electronics and WordPress first appeared in 2003. Joomla was a software During configuration of the software, a number of different
spent half a fork of Mambo in 2005. Each has something that makes their accounts will be used for specific tasks, which can get
career in aviation,
so, if anything, he CMS successful but we’re going to use WordPress. confusing for a novice because some accounts have the
really knows how same names. One of the goals of this Pi tutorial is to assist the
to implement a
GPS receiver on
CMSPi reader in understanding the different accounts that are used
a Raspberry Pi. A Raspberry Pi with Ethernet network capability provides a during configuration.
simple yet ideal platform to experiment with a CMS. To run A user accesses (i.e. logs in) Raspbian with user account
our WordPress CMS web server, we used a Model B Revision credentials. In the case of a Raspberry Pi the credentials are
2.0 running Raspbian (Wheezy) which you can download username: pi with a default password: raspberry. Software
from www.raspbian.org and load onto a 4GB SDHC memory applications running on the OS also use credentials. For
card. Other Pi models and Linux distros will work, but before instance, the web server has an account username: www-
we start, we need to run through the boxout. (See The usual data and the relational database MySQL has an account
updates, top right.) username: mysql.
Now let’s begin by adding the three software components When software is running and accessing system resources
COMPATIBILITY that establish a LAMP (Linux Apache MySQL PhP) server. they are functioning under their OS user account name,
all sudo apt-get install -y nginx mysql-server php5-fpm php5-cli which is similar to a user’s account used to log in to access
Pis php5-gd php5-mysql

This line of code installs the web server ( nginx ), relation
files. Typically the accounts for the software components are
prevented from logging into the system.
database ( mysql-server ) and programming language PHP
( php5-fpm php5-cli php5-gd php5-mysql ) of the LAMP Relational database
server. For this tutorial, we’ve replaced the ‘A’ for Apache in Within the relation database software itself there are
LAMP with Nginx, which is a simpler web server to configure. additional accounts. The accounts used within the database
Also note, the PHP installation contains packages to support provide control to manage and access the database
CGI scripts, command-line interface, graphics and resources (i.e. databases and tables, etc). The relational
communicate with our relational database. database is built containing an account called root. This root
During the installation of the MySQL relational database, account is for the MySQL software and is separate from the
the installation process will stop and display a screen that root account for the OS.
asks for a password. This password is for the database Starting off first in the LAMP configuration batting order is
superuser account (i.e. root under MySQL). This account has the database. From the command line open the MySQL
god-like privileges on the database, so apply some relational database console using the software root user ( -u )
forethought in creating a secure password for this database account: mysql -u root -p . The application will ask for the
access account. password ( -p ) that you have assigned during the software
When the software installation process completes, the installation. From the MySQL command prompt (i.e. mysql>)
command prompt will return. Initiate a reboot (i.e. sudo issue the following command: show databases ; . Commands
shutdown -r now ) to ensure the Pi comes back up after the entered in the MySQL console must end with a semi-colon to

CMS in-depth Raspberry Pi
The usual updates

Before loading the software packages that are currently installed on
components it is good practice to the Pi. An update command is
ensure that the distro is updated, so it performed first so that apt-get knows if
has all the newest versions of all new versions of packages are available
packages currently installed on the for upgrade. Restarting an OS after
system from the source repo: major changes will help in the long run.
sudo apt-get update It make troubleshooting problems
sudo apt-get upgrade easier. Performing a number of tasks on
sudo shutdown -r now an OS before rebooting creates the
The upgrade command is used to difficultly of trying to determine what
install the newest versions of all change may have caused the error.
configuration files used by Nginx. Using your favourite text

editor, create a file in the directory specified and add the Quick
contents shown. We’re old school and haven’t stopped to tip
learn some of the improved text editors, so we bang out We wouldn’t
The default databases that make up MySQL.
text files using legacy vi using the filename: wordpress and recommend
the directory: /etc/nginx/sites-available/. running a
commercial web
be recognised. The output from the command will show the server { service from
databases that currently exists (see the grab bottom right). server_name webpi; a Pi. The little
create database wpDB; listen 80; computer lacks
create user wpdbprime@localhost identified by the horsepower
to support such
"WordPressDB"; root /home/pi/www/wordpress;
a venture, but its
grant all privileges on wpDB.* to wpdbprime@localhost; index index.php index.html; size will enable you
flush privileges; to carry a website
The database names displayed are the databases the location / { development
application itself uses to store information. Next, we use the try_files $uri $uri/ /index.php?$args; with you for
demonstrations.
database root user account, to create a new database for the }
exclusive use of the CMS. Finally, we’ll also create a user
account that has the permission necessary to manage the location ~ .php$ {
new database. try_files $uri /index.php;
Let’s do a quick recap. First, a command was issued inside include fastcgi_params;
the database console to create a database with the name fastcgi_pass unix:/var/run/php5-fpm.sock;
wpDB . Next, we have a command to create a database user fastcgi_param SCRIPT_FILENAME $document_
to access the database from the localhost with the user name root$fastcgi_script_name;
wpdbprime and password WordPressDB . The next fastcgi_index index.php;
command assigns all privileges required to manage the }
database named wpDB to the database user wpdbprime . }
Finally, The last command we use enables the permissions to
take effect. Web server
To confirm that the tasks were completed, we issue the Let’s examine the lines of code (above). The first set of
following commands and examine the outputs: parenthesis defines the web server’s name and what port it
show databases; should be listening on (i.e. port 80). The next section defines
The output should show that the name of the new where the root of the web server file system starts and what
database has been created. file or files you should find there by default if nothing else is
use mysql; specified. The last set of parenthesis are configuration
We can also examine the database that holds the data for options to tailor the use of PHP scripts.
the databases with. Whatever name you chose to put in the server_name file
select user,host, password from user; edit the /etc/hosts file and add the IP address and
And see that yes, both the user account and the password hostname (i.e. server_name) details at the top of the file.
are encrypted
exit;
We’re partial to an OS reboot and a LXF Cup of TeaTM at
this time. However, it could be argued, that it’s not required
The new
[NO TEA?!–Ed] because the changes were all contained
wpdbprime user
within a resident application and not to the OS therefore a and password
reboot is not necessary—but we like a cup of tea. can be seen
Now that the database setup is complete let’s tackle the in the mysql
web server. The directory /etc/nginx is the location for the database.
Love your Pi more Subscribe and save at http://bit.ly/LinuxFormat

Raspberry Pi CMS in-depth
In this tutorial, it was 192.168.2.104 webpi. The file will

already contain a reference to the hostname that points to
127.0.1.1 (i.e. 127.0.1.1 webpi). Remove the entry and save.
The next series of commands will remove the web server
default configuration file and enable the new web server
configuration. A restart of the web server ends the series:
sudo rm /etc/nginx/sites-enabled/default
sudo ln -s /etc/nginx/sites-available/wordpress /etc/nginx/
sites-enabled/wordpress
sudo service nginx restart
With the web server restarted, let’s use a few commands
to see under the hood. The web server will have a process
associated with it and there will be a port open (i.e. LISTEN)
for the web service to use.
Our web server account with worker process, protocols
sudo ps -ef|grep nginx
Quick sudo lsof -i:80
and ports all set to LISTEN.
tip sudo netstat -an|more
Creating strong The terminal window screenshot (see, right) shows the You may recall the first part of setting up a LAMP server
passwords output from the three CLI commands that show there is a was installing the PHP applications. But what about
is important.
web server running. The first command displays the web WordPress? In the web server configuration, a root directory
Retaining default
passwords for server master process started by the operating system root and file were specified. Let’s create that directory and camp
software installs and then the worker process owned by www-data. You recall out in it, to load and configure WordPress:
or using simple this is the OS account used by the web server. sudo mkdir /home/pi/www && cd /home/pi/www/
password makes In the output of the next command notice the worker The WordPress website holds a repo (repository) of the
the installation easy
processes are listening on a TCP port for HTTP, the web most current build of the file package. Download the file
to compromise.
service protocol. If you’re not sure what services are (i.e. latest.zip) and unzip it to deposit the contents in the
associated with what ports, use a text editor to examine web server’s home directory:
the /etc/services. Never again, will you need to remember sudo wget https://wordpress.org/latest.zip
port numbers! sudo unzip latest.zip
In the last command output, you can see the web service
port 80 is listening. If you aren’t convinced, issue the PHP/WordPress
command to stop the Nginx service (i.e. replace restart in To fine tune the configuration, it’s necessary to establish
the service command with stop ) and run the same series of ownership and permission to the WordPress directories. The
commands again and examine the output. WordPress ZIP package was downloaded and installed using
From the last command output take note there’s a port the pi user account using sudo for root access. For that
3306 in LISTEN. Venture to guess what software installed so reason, all the directories and files belong to the owner root
far would be listening for a connection? The /etc/service file and the group root.
is one place to look. If your response was MySQL you would The web server needs access to the directories and files of
be right. You may recall it was configured just before we did the WordPress installation. The web server has it own group
the web server. www.data and owner www-data. Looking back at the
A final test for the web server is to use your browser to command that displayed the worker process for the web
connect to the web server using the IP address assigned to server, notice that OS root starts the Nginx service but it then
the server. The browser should display an error page spawns ownership of the process to the web server owner,
generated by the web server. The web server throws up an www-data—this is all part of an elaborate plot to ensure a
error because it cannot find the directory specified in its secure system.
configuration file. sudo chown -R pi.www-data /home/pi/www/wordpress/
That is two software components: relational database and sudo find /home/pi/www/wordpress/ -type d -exec chmod
web server installed for a CMS. Next, we’ll supply the 755 {} \;
WordPress content that the web server is looking for. sudo find /home/pi/www/wordpress/ -type f -exec chmod
644 {} \;
sudo chmod -R 775 /home/pi/www/wordpress/wp-content
The fantastic four of CMS When the website setup is complete, it’s necessary to
reset the wp-content directory to ensure everything is locked
LAMP, the fantastic four of the open- down and not open for others to change. To do so enter the
source server setup: Linux distro, following command and follow the walkthrough (right):
Apache web server, MySQL relational sudo chmod -R 755 /home/pi/www/wordpress/wp-content
database and PHP programming There you have it: a pocket size, portable WordPress
language work together to deliver the
server. Remember if you decide to take your development
genius of a CMS. WordPress is a PHP
system to a different network, there’s a good chance DHCP
script package that melds the web
server with a relational database to will supply a IP address that wasn’t used during configuration.
provide the functions found in a CMS. How LAMP forms a CMS. A quick edit of the Pi /etc/hosts file is all that is required to
have your web server up and accessible!
Never miss another issue Subscribe to the #1 source for Linux on page 28.
CMS in-depth Raspberry Pi
In the beginning…
In the early days of website changed website design by it into two subsystems: One is
development, the emphasis was separating the content from the content management. The
on designing the web pages page code. In a CMS, the web components used in the
around the content. The site pages are fed content instead of management subsystem enable
content was hard coded in HTML. being embedded in the code, creating, organising, modifying
Supporting the server required which enables the content to be and deleting website content. The
comprehensive webmaster skills. managed with minimal skills. other subsystem is content
The development of Content An effective method for gathering that publishes content
Management Systems (CMSes) understanding a CMS is to divide to the web and manages workflow.
Configuring and install WordPress
1 Reboot your server 2 Generate your config 3 Create admin account

Kick off a reboot of the server, by now you Fill in the question fields with the Create the file listed above using the CLI.
must remember the shutdown command for configuration data used for setting up the Copy the contents from the screen and
a restart. When the server returns, open a MySQL database. If you don’t recall them the deposit them to the file. When the file is
web browser to access the user front-end of details are in the screenshot (above). After saved, go back to the web screen and select
the CMS system by entering the URL http:// completing the fields, select the ‘Submit’ the button to run the install. WordPress will
webpi. The WordPress platform is designed button. Using the details provided, WordPress return a welcome screen. The details for this
to provide step-by-step assistance in generates the contents for the configuration screen are needed to create an account that
completing the configuration. We are in the file /home/pi/www/wp-config.php . It can log into the web server admin front-end
home stretch now, select the ‘Let’s Go’ radio wouldn’t be able to write the contents to a file and make web design configuration changes
button and proceed. so it will stop and asks for assistance. in the back-end.
4 Install WordPress 5 Design your site 6 Content flow

The first question asks to create a title for the Now use the credential you’ve created (i.e. Content is displayed by publishing to the
website. Use the details from the screenshot wpadmin) to log in and start designing a web server’s front-end (http://webpi). In the
to complete the form to put the final touches CMS website using WordPress. Access the back-end of the web server there are many
to the CMS config. Select Install ‘WordPress’ user content published by the web server via components working together to publish
button on the bottom of the screen. The a browser. The configuration tools for the content. The configuration of the website
success screen will appear in a short while. WordPress are also available via a web is controlled by an administrator accessing
You can’t log in on the success screen, even if browser. The CMS site is built to display the the back-end functions via the web server
it looks like you can. To log in drop the URL content to browser users by sourcing content administrator front-end (http://webpi/
http://webpi/wp-admin into your browser. data from a relational database. wp-admin). LXF

Not from the UK?
Don’t wait for the latest issue to reach your local
store – subscribe today and let Linux Format
come straight to you.
To SubScrIbE
“If you want to expand your
knowledge, get more from Europe?
your code and discover the From €15 every 3 months
latest technologies, Linux
Format is your one-stop shop uSA?
covering the best in FoSS,
From $15 every 3 months
raspberry Pi and more!”
Neil Mohr, Editor
rest of the world
From $15 every 3 months
IT’S eASy To SubScrIbe...

myfavouritemagazines.co.uk/LINsubs17
cALL +44 344 848 2852
Lines open 8AM–7PM GMT weekdays, 10AM–2PM GMT Saturdays *
Savings compared to buying 13 full-priced issues. You will receive 13 issues in a year. You can write to us or call us to cancel your subscription within 14 days of purchase. Your
subscription is for the minimum term specified and will expire at the end of the current term. Payment is non-refundable after the 14 day cancellation period unless
exceptional circumstances apply. Your statutory rights are not affected. Prices correct at time of print and subject to change. * UK calls will cost the same as other standard
fixed line numbers (starting 01 or 02) and are included as part of any inclusive or free minutes allowances (if offered by your phone tariff)
For full terms and conditions please visit bit.ly/magtandc. Expiry date in the terms: 30/04/2017

Get into Linux today! Back issues Missed one?
Issue 221 Issue 220 Issue 219
March 2017 February 2017 January 2017
Product code: Product code: Product code:
LXFDB0221 LXFDB0220 LXFDB0219
In the magazine In the magazine In the magazine

Leave Google behind. Make your increasingly Our no nonsense guide
We build our own clever home secure and to getting started with
impenetrable castle in the connect to our pick of the the greatest OS on the
clouds out of the best best remote desktop planet (the Martians are
open source tools. Plus clients. Plus, make your still using MacOS—
the best BSD distros, plots beautiful with D3.js, losers). Plus our pick of
introducing MicroPython, LXFDVD highlights handle text in Python, LXFDVD highlights the lightweight distros, LXFDVD highlights
dual-booting using GRUB Ubuntu 16.10 Remix, Siduction web hosting with Drupal 8 Install the enterprise Linux distro build a faster Linux PC Manjaro 16.10.2, Fedora 25,
and fun with CentOS. 16.1.0 Xfce and Porteus 3.2.2 and Linux on Dell devices. openSUSE Leap 42.2 64-bit. and inside Wayland. antix 16, Bodhi Linux 4 and more.
Issue 218 Issue 217 Issue 216

December 2016 November 2016 October 2016
Product code: Product code: Product code:
LXFDB0218 LXFDB0217 LXFDB0216
In the magazine In the magazine In the magazine

The ultimate guide to Is it a bird, is it a plane? Hackers! No, we say!
getting the ultimate No, it’s Super Pi! Explore Hunker down in LXF’s
Ubuntu and the best how to build a slick Pi digital bunker of privacy.
Chromebooks herded machine. Also this Plus pick the best 3D
into a pile. Plus revive month, our secure chat printer for you, build an
your old PC with a 32-bit app Roundup, recreate espresso machine or a
distros, using Wireshark, LXFDVD highlights the Enigma machine, LXFDVD highlights dance mat and tackle Big LXFDVD highlights
learning about statistical BunsenLabs 2016.07.10, Ubuntu fun with stats, MythTV Android-x86 6.0, Elementary OS Data, time syncing and Tails 2.5, Kali Linux 2016.1,
learning and VPN. 16.10 32-bit & 64-bit and more. and build a CCTV sentry. 0.4, Linux Mint 18 KDE and more. bosh out some Bash. AntiX 16 and SystemRescueCD.
To order, visit myfavouritemagazines.co.uk

Select Computer from the all Magazines list and then select Linux Format.
Quote the issue code shown above and
Or call the back issues hotline on 0344 848 2852 have your credit or debit card details ready
or +44 344 848 2852 for overseas orders.
Get our diGital edition!

SubScribe
today and
Get 2 Free
iSSueS*
Available on your device now
*Free Trial not available on Zinio.

Tutorial P2P
P2P Learn how to give and take in the

world of peer-to-peer filesharing
P2P: Fileshare
the right way
Alexander Tolstoy helps you get the most from BitTorrent, showing you
how to become a leecher, a peer and a host of encrypted precious files.
T
ransferring large amounts of data between remote broadcasts data to all your in-house devices, you will need to
computers can still be challenging for many Linux choose one of the firewall modes. Almost all routers support
users. Sometimes you just don’t want to write it on an Universal Plug and Play (UPnP), which means that you need
external hard drive or upload to a cloud-based service. Both to tell your router to redirect all incoming packets to your PC.
ways take much time and effort while not being very safe. In Consult your router’s manual on how to do this in detail, but
this tutorial, we’ll examine methods for sharing files using the the general concept is simple: tell the router (e.g. 192.168.1.1)
Our peer-to-peer (P2P), which is a top-notch technology for to forward all packets to your PC (e.g. 192.168.1.35) to a
expert interchanging data. given port (e.g. 3000). The port number can be random,
The big entertainment corporations may not like the but the value in your router’s settings should match the one
Alexander
Tolstoy technology due to possible copyright laws infringement, and in the EiskaltDC++ settings. Finally, hit ‘OK’, go to Hubs >
has a torrent we certainly don’t endorse sharing files that you don’t have a Quick Connect and enter the hub’s address, starting with the
server running right to, and start to see P2P as something that can be used dchub:// prefix.
on a constantly
charging phone for good more so than for bad. After all, you may just want to You can easily search for your local hubs list and choose
somewhere in his share a Linux distro ISO or a homemade movie for your whatever hub you want, provided that it resides inside your
house. He’s lost it family rather than the latest blockbuster. We’ll take a look at service provider’s network or has access to the internet.
but connects via
SSH, so it’s not Direct Connect and BitTorrent software implementations,
really a problem. both of which have state-of-the-art desktop clients for Linux.
Connect to a hubs
There are dozens, if not hundreds, of local hubs in almost all
countries. The idea of a hub is to ease data interchange in
local communities by connecting to a nearby hub. As long as
the data flows inside a local segment of your service
provider’s network, the upload and download speeds can be
very high. In this example, we’ll learn how to get connected to
a hub and share some files from your computer. To do so,
we’ll need a DC (direct connect) client, and we’ll use
EiskaltDC++. This is a feature-rich and flexible application that
was derived from another widely known DC software, Valknut.
Quick When you launch EiskaltDC++ for the first time, you see a
tip clean and almost empty interface with colourful buttons on
Don’t forget to the toolbar and a categories list on the left side. The hubs
configure your ecosystem exists by ‘give and take’, so before we connect to a
firewall to let your hub, let’s choose what we want to share. Go to Tools >
shared directories
Preferences and then proceed to the Sharing section. Here
or P2P connections
work. You don’t you can add a directory that will be exposed to other users
need to turn it off once you connect to at least one hub. Next, examine your
completely, just settings in the Connection sections. Use the ‘active’ mode if
allow certain IPs
you have a direct Ethernet connection with a static IP address Dukto immediately detects other devices on your LAN,
and ports instead.
and no last-mile routers. If you connect to a home router that but you can always explicitly connect to a known IP.

P2P Tutorial
Control torrents from the command line

There are various BitTorrent clients that can be usage. The great power feature of the command- automatically manage the queue:
used in command-line mode. This approach can line version of Transmission is that you can $ sudo service transmission-daemon start
be very beneficial if you want to set up a daemonise it, i.e. you don’t need to stay List all torrents that are being downloaded
dedicated machine for file sharing and then connected to the host all the time the torrents and see the verbose statistics:
control it remotely via SSH or otherwise. are downloading. You can set it up once and $ transmission-remote -n
Linux has plenty of console-based torrent have the daemon run in the background. If you 'transmission:transmission' -si
software to offer, including Ctorrent, Rtorrent have the .torrent file already, add it to the There’s also a dedicated utility for creating
and Transmission. Let’s see how the latter works. daemon this way: new torrents from scratch ( $ transmission-
Transmission is known as one of the most $ transmission-remote -n create -h ), editing torrents ( $ transmission-edit
popular graphical BitTorrent clients, but it often 'transmission:transmission' -a /path/to/your/file. -h ) and even examining the torrent metadata to
comes with packages such as transmission-cli torrent find out what exactly you will be downloading to
and transmission-daemon designed for remote Start the daemon and enable it to your machine ( $ transmission-show -h ).
In the latter case, your connection speed will be limited by Consider allowing other people to write files on your server by
your regular internet download rates. Most hubs have a ticking the option below the WebDAV checkbox.QWeborf Quick
defined minimum share requirement to let you in. already includes a miniUPnP server for traversing NAT and tip
EiskaltDC++ needs some time to get hashes of your share bypass your router to share files outside of the local network. Run your own cloud
files, so you may need to wait a little while before everything Another very useful tool is Dukto. It doesn’t need any service using the
settles down. The great feature of any DC client, including servers, neither does it implement its own web server. gorgeous ownCloud
EiskaltDC++, is that it’s very social. The main area of the Instead, Dukto enables you to share files between any devices or Nextcloud. Both
services are very
application’s window is dedicated to the IRC-style chat that within a LAN. The great feature of Dukto is its large number of useful for organising
greets you with welcome information, rules and registration supported platforms, including all the major OSes for both file sharing in
details. Once registered, you can take part in conversations the desktop and mobile devices. With Dukto, you can share large LANs.
and connect to the hub with your nickname and password. files between Linux, Mac, Windows, Android or even ancient
You can add any hub to favourites and specify your Symbian phones, without any wires or compatibility issues.
credentials there. The application UI is consistent across all platforms. Just
Use the ‘Search’ button on the toolbar to go to a file search click or tap a destination device in the Buddies section and
dialog and enter your query there. The application will look up use the ‘Send some files’ option to select what you will be
what other people share and display the list of the results sharing. You can also enter the recipient’s IP address
below. Double-click any file or directory to put it in your manually by going with the ‘IP connection’ entry. This way you
download queue. Naturally, the machine that is sharing what can share your data outside LAN, provided there are no
you’re currently downloading should be online so that your obstacles on the way (e.g. firewalls). Regardless of the way
progress will depend on other people’s behaviour during you want to use Dukto, you need it running on both ends.
certain times of the day. QWebord and Dukto are both peer-to-peer network tools
that will work even if your internet connection is down—you
Sharing within LAN only need to maintain a LAN connectivity. Another common
If you need to send a file or directory to another computer in feature is the ability to access your files from mobile devices.
your local home or office desktop, you’ve probably thought of You can set up Samba or configure an NFS storage on your
Samba, CIFS or NFS. All three methods are suitable, although Android device, but, in the case of the above tools, all you
two of them are historically Windows-specific and require need to do is open a link in a web browser.
additional skill to implement. We’ll use alternative tools that
don’t bring much overhead and offer an easy-to-use way of
accessing files from other devices. The first solution is Weborf,
a minimal web server designed for rapid sharing of
directories. Weborf makes your content accessible via any
web browser and shows the directory that you specified as an
http:// address. The application is developed together with a
corresponding GUI called QWeborf, which saves you from
messing with command-line arguments.
In the main application window, go to the Basic tab and
select a directory that you want to share and review default
values in the Intermediate tab. Here you can change the
suggested server port (8080 is used by default), enable
authentication, turn on the WebDAV mode and adjust other
settings. For instance, check the ‘Send directories as .tar.gz’
option if your recipient needs to download everything you
share in bulk. If you enable the WebDAV mode, your clients
will be able to mount your share via their file managers and Filesharing can be very social pursuit: You can find new friends on Direct
access it as if your share was just another local directory. Connect hubs around the world and chat to them right from EiskaltDC++.
We’re #1 for Linux! Subscribe and save at http://bit.ly/LinuxFormat

Tutorial P2P
We’ve already touched on the WebDAV technology. This is

a useful extension because it enables you to mount a remote
URL as a local (aka FUSE) filesystem with your standard file
manager, such as Dolphin or Nautilus. You can enjoy
thumbnails, bookmarks and any other features of your file
manager, as if you were browsing a regular local directory.
QWeborf allows you to enable WebDAV access to your share
and here is how you can access it from the other end.
Make remote files local

In Dolphin navigate to the list of network locations at
remote:/ and click the ‘Add network folder’ button. In the
new wizard window, which is virtually the Knetattach
program, select the ‘Webfolder (webdav)’ variant and click
‘Next’. In the next screen you’ll need to provide connection
details. In the case of a public WebDAV share you only need to
give server name and port. The required ‘Name’ field can be
whatever you want and the ‘Folder’ field can be left empty
(meaning that you’re mounting the root of the share). In the
case of the Gnome-centric Nautilus file manager, select the Make any directory accessible via web browser. A perfect
‘Connect to Server’ option and provide your WebDAV share way to share very big files across the local subnet.
address using the following syntax:
davs://user:password@host.name:0000/path automatically upon system startup by adding a similar line
Where 0000 is port number. Again, the unprotected into you /etc/fstab file:
destination will be accessible via the stripped down string like http://192.168.1.3/owncloud/files/webdav.php /home/user/
davs://host.name:0000/path owncloud_share davfs user,rw,noauto 0 0
For minimal desktop environments or console mode-only Using cloud services is a specific filesharing use case and
systems, you may want to have a working command line since we want to access our remote account in the most
solution for mounting WebDAV directories. Linux has the seamless and natural manner, we can’t skip RClonebrowser
splendid davfs2 utility that offers a great way of manipulating (see HotPicks p57, for details), so here are some practical
remote filesystems. After installing davfs2, first, add yourself considerations. As long as this tool browses remote cloud
to the respective user group: accounts instead of continuous syncing them with your local
$ sudo usermod -aG davfs2 $USER directories, you can obtain specific files with just a few mouse
Next, edit the configuration file to let davfs2 know clicks. The main tree view in RClonebrowser supports
authentication credentials. Open the ~/.davfs2/secrets file uploading and downloading files on demand, but there’s also
and add a line according to the following template: the ‘Mount’ button. This can be used to make your Amazon
$PathToMountPoint $USER $PASSWORD S3, Google Drive and other supported cloud-based accounts
For example: /home/user/owncloud_share user P@ look as if they were regular directories. The real downloading
ssw0rd. (Of course, create the destination mount point will only start once you decide to copy a file from that
directory in advance). Now mount your share: mounted directory somewhere else.
$ mount -t davfs http://192.168.1.3/owncloud/files/webdav.
php /home/user/owncloud_share Use BitTorrent
Don’t forget to use the real IP and path. You can do this Many Linux users download large files via BitTorrent
technology thanks to its simplicity and high speeds. Using a
torrent is very social endeavour because your download
speed depends on the current number of seeders—people
who are sharing data for that torrent. What’s even better, you
don’t need to do much to join the crowd of seeders: once you
have downloaded all segments of a torrent, you automatically
start sharing it as long as you don’t quit your torrent software.
Downloading something using torrents is still a one-sided
affair, even though you help others to raise downloading
speed, so let’s advance a bit further and create our own
torrent seed that others can download.
Creating new torrents is a standard feature of almost any
popular BitTorrent client. In the following example we’ll learn
how to do this with KTorrent, although the procedure is very
similar in other applications. Launch KTorrent and press the
‘New’ button on its toolbar (or hit Ctrl+N). The new torrent
creation dialog will appear with various options you can set or
Don’t just download what other people share—create your own BitTorrent file configure. Press the ‘Open File’ button to select a directory
and take the initiative and become the first seeder. that will be included in your torrent. For the next step, you
P2P Tutorial
Encrypt your shared files

The main reason why some people avoid using the ‘Encrypted directory’ field select the directory shared files from another computer, or enable
public shares is the matter of trust. But in most that will show encrypted files. Finally, set the other people to do so, it’s important to set up
other regards, public shares are more convenient access password and enjoy the on-the-fly exactly the same KEncFS configuration on the
than peer-to-peer communications. Luckily, you encryption. Using this technique, you can tell other end in order to decrypt the files.
can combine the power of both by using EncFS— KEncFS to use ~/Public or ~/Dropbox, or These kind of measures are an aid for possibly
the encrypted filesystem. whatever the path to your shared files is, as the weaker security of non-P2P communication,
KEncFS is an easy-to-use graphical front-end ‘Encrypted directory’. As a consequence, if your where you can never be completely sure that
for the filesystem. Launch it and press the ‘Add’ shared files are leaked, lost or otherwise taken your filesharing is really private and EncFS is a
button, give a name for a new entry, set the out of your control, they will be useless to a third- high-performance solution that does encrypting
mount point (a destination directory) and then in party. Naturally, if you want to access your and decrypting very quickly.
need to decide whether you want to use a torrent tracker or Speaking of applications, the selection for Linux is not
not. A tracker is a natural dependency of the original limited to GUI-only applications; you may want to control
BitTorrent protocol. It’s a third-party web server (usually a torrents from the command line, (See Control Torrents From
forum run by enthusiasts) where you need to register and The Command Line, p69, for details.)
post your torrent file to get your first leechers (users that are
downloading your torrent but haven’t completed it yet). Decentralise your file sharing
Traditionally, when leechers open your torrent file for While some Linux filesharing applications have a focus on
download, their client connects to the torrent tracker to usability, there’s a different class of tools that provide
update statistics and get the list of seeders and other anonymity and security. Retroshare, an anonymous friend-to-
leechers and only after that downloading will proceed as a friend network client, is one such tool. It combines the
pure peer-to-peer operation. As an alternative to this elements of secure Tox-like chat with EiskaltDC++'s file
approach, you may want to go with a fully decentralised sharing approach and an exterior that resembles an email
torrent seed. In KTorrent tick the ‘Decentralized (DHT only)’ client. On the first run, you will be asked to create an identity,
checkbox to enable the DHT (distributed hash table) mode. which constitutes your nickname and a password. Once you
In this case, peer IP addresses are stored inside a torrent are in, you can start exploring Retroshare’s tabs and sections,
using the BitTorrent infohash as the key. Since all a tracker although they will all be empty. Since RetroShare only
does, basically, is respond to put/get requests, this connects to your friends, before using it you need to tell it
functionality corresponds exactly to the interface that a DHT about them. Press the ‘Add’ button on the main toolbar and
provides: it allows you to look up and store IP addresses in the select the way you want to establish a connection. The default
DHT by infohash. option is to enter the certificate code that your friend has
So, if you choose to create a regular torrent, you’ll need to provided you. Retroshare will also generate a certificate on
add at least one tracker URL in the field below. Take note that your side, meaning that you will send it back to your friend.
trackers’ addresses usually differ from regular URLs that you As you can see, making friends requires mutual operations on
use to visit their sites, e.g. https://openbittorrent.com both ends (like real life). Once you have someone to
suggests that you use the http://tracker.openbittorrent. communicate with, you can share some files and receive files
com/announce address. from other people. Press the ‘File Sharing’ button on the main
If your choice is a DHT torrent, go to the ‘DHT nodes’ tab toolbar and find yourself in the File Transfers window. Go to
below and enter the IP address of the server that will provide My Files to see what’s shared on your side. By default,
an infohash table for seeders. Naturally, if you want your Retroshare uses the directory inside your profile, which looks
Linux machine to serve as a DHT node, you must have a something like ~/.retroshare/<hash value>/Downloads.
static IP address and keep your system up and online all the This means that everything that you download automatically
time. Press OK when you are finished with the settings. You’re becomes available to others, and, if you have many active
now ready to send it to your friends, but keep in mind that friends, the number of files in reach will grow exponentially.
they will be able to download the torrent content only if there Still, it would make sense to add some extra content, so go
is at least one seed, so consider staying online with your ahead and press the ‘Add Share’ button. In the Share
torrent open in your favourite client application. Manager window, you can add additional directories and
assign ‘virtual folder’ names to them. You can also manage
access flags. Set these if your files can be browsed by friends
from specific groups only or allow anonymous access to your
content. When you land back at the File Transfers section, you
can use the Friends Files tab to browse materials that are
available to you.
Due to the decentralised nature of Retroshare, there are
various limitations that you should get used to: You don’t
authenticate yourself on any server, so to use your account
on a different computer or operating system you need to
transfer your profile manually. When logging into Retroshare,
note the ‘Manage profiles and nodes’ link. It will lead you to
Retroshare: Perhaps the most secure and anonymous the profile manager that enables you to export and import
filesharing solution on Earth. your identities using the encrypted ASC file format. LXF

Window
Tutorial managers Learn how to
Window managers
switch and try new window managers
Tilers: Manage
your windows
Mats Tage Axelsson takes us through some different window managers
options you can try and shows the pros and cons for each one.
Our
expert
Mats Tage
Axelsson
has spent
decadesmaking
his computers Here is lightdm showing my extensive list of window
run Linux. His managers available after installing to do my experiments.
first was a
All added for writing this article.
ThinkPad laptop
from IBM when
the company screen and only allow you to split the screen when you need a
was still
new application. Using this system will naturally stop you
making them.
from opening additional windows because they end up being
too small to use. There are also some tiling window managers
with a taskbar, virtual desktops and other goodies to help you
find a balance between the minimal and over decorated.
Pick a window
Your personal choice will rule here, and most people will
choose a well-decorated desktop including the mess we love.
Before you decide, we urge you to try some alternatives.
W
hen it comes to the graphical user interface, the When using stacking and compositing window managers,
major Linux distributions (distros) will provide you there are differences in implementation which impact
with a compositing Window Manager (WM). In performance. With a compositing window manager, switching
this tutorial, we’ll examine the alternatives to help you make a applications is likely to be very fast at the cost of having all
bold choice and perhaps try something different such as a active applications full window in an assigned buffer. The size
tiling WM. First, we’ll start with the types of window managers of the buffer has to be adjusted for this.
that exist. After that, we discuss some popular, and more However, with a stacking window manager, an application
obscure alternatives, and examine the impact they have on that’s not responding may be undrawn, this may also result in
both your machine and your productivity. flickering or worse: The entire desktop to slow down or freeze.
Compositing is the most common type of window The reason for these differences is the way windows are
Quick manager, but there are also stacking and tiling window drawn. Stacking window managers draw every single window
tip managers. The stacking and compositing versions arrange on a desktop even when other windows cover them.
If you want to start your windows just like a traditional desktop. On our desk, for Compositing window managers leave rendering up to
a window manager instance, we have a stuffed penguin, a lamp and a wooden applications and give them an off-screen buffer. The buffer is
without lightdm
mannequin to stir our artistic inspiration. Many documents composited into the desktop you see on your screen and this
running you’ll
have to kill the tend to overlap and fill the desk quickly, and this is the usual cuts the number of times there’s a need to access display
display manager. state of affairs for many users. memory for a fully rendered view.
Using systemd, Many experts, however, claim this will make you as Many window manager types have alternatives with a
this requires disorganised as the desktop environment you are using. If this focus on either being lean or having all the bells and whistles.
using systemctl
stop lightdm.
is you, a tiling window manager could come in and save the Of course, with Linux we have a wide array of choices
day. They are different because they always use the entire anywhere in between. If you want to be in control yourself,

Window managers Tutorial
For Fedora use dnf:

$ sudo dnf install [package] Quick
The name of the package will vary slightly, but there are tip
search functions included. If all goes well your new window If you are interested
manager will show up in the drop-down list of your display in tweaking
manager. awesome, hop over
to GitHub: https://
Have a look at i3 github.com/
serialoverflow/
Let’s take a look at the i3 window manager first. This manager awesome-themes.
is dynamic, which means that it can set your application If that’s not
windows to ‘floating’ making it a regular window. enough for you,
check out this
When starting i3, it may seem a little confusing with just
useful list of tools:
When i3 starts it’s empty. It has no hints about what to an empty screen and a small toolbar at the bottom. Fear not, https://github.
do. Apparently, this is an intentional design philosophy, by learning a few basic keybindings you’ll be good to go. com/atsepkov/
because we can just guess what to do, right?
Initially, you will need to know what $mod means. In our awesome-
setup, it’s the wiggly Windows flag key (as we’ve not got awesome-wm
There are also links
look for a highly configurable one, sit down, read the around to customising it yet). Most of us will have that key,
to distribution
documents and start experimenting. also known as the super key, and Mod4 in i3, as our $mod specific packages.
key. Your basic operation of i3 depends heavily on the $mod
KDE and GNOME key and bindings to it in the i3 configuration file.
Most distros come installed with KDE or GNOME by default. First, we will open the dmenu, by using $mod+D key
We mention these in this article for clarity as they are both combination which brings up a bar at the top of the screen
desktop environments. By default, GNOME uses Mutter as a listing programs in alphabetical order. On our system, the first
window manager, which is compositing. KDE uses another program is 2to3 and as we type ‘fire’, Firefox will show up and
compositing manager KWin, as default. is alone and highlighted so we hit Enter.
GNOME is developed and maintained as a set of libraries Firefox will now start in a new window which covers the
that help develop applications for the desktop, and there are whole page since that’s the default. You can continue with
many usually delivered with your standard install. Some other applications and see where they go. To see how tiling
examples are gedit, a text editor and gnote for notes and works, the easiest thing to do is hit $mod+Enter several times
gnumeric, a spreadsheet program.
KDE started when developer Mattias Ettrich decided to
make a desktop environment that worked for end users. He
had just found the Qt toolkit and was so impressed by it that
he sent a call on Usenet for programmers to help with his
project. Since then, Many applications have been developed,
including Kontact, Knotes and Kaffeine (a media player).
To come to your own conclusion, you’ll need to learn how
to turn the current environment off, test the new one and
revert to previous settings. We prefer to do it on our running
system, rather than starting from USB for each new window
manager. Doing it this way can be a bigger hassle, though,
especially if you need your system for more serious work.
Here are some ways of switching your GUI. The simplest
way is to add the window manager using the built-in package
manager system. We’re running Ubuntu so for us, it will be
done with apt: The fvwm running Firefox and Terminal on a black background. The pager is
$ sudo apt install [package] active in the right bottom corner of the picture.
TinyWm, a learning tool

TinyWM only contains 50 lines of C-code, the Written by Nick Welch, the functionality is started if you want to develop in X. So if you are
code depends on Xlib and calls very few limited to four basic window functions: starting out, it’s a good idea to read the code and
functions, creating a binary smaller than most. 1 Move Windows interactively, using the implement a new function to get you started.
The code is on http://incise.org/tinywm.html Alt+Button1, the left mouse button. The project has been forked to create many
with one version with annotations and one 2 Resize windows interactively, using the other window managers, e.g. smallWM. With
without, the code is also on GitHub. The Alt+Button3, the right mouse button. such a small codebase it was inevitable that
description is very thorough, detailing possible 3 Raise windows, using Alt+F1. many ports would show up based on TinyWM.
pitfalls when programming for X. Cases covered 4 Focus windows with the mouse pointer. With ports to Java, Python, Ruby, etc, you can
are resizing to extreme values; how to handle lag The list, as you can see, is very short which use this package to get started with many
of different kinds and how to handle key bindings. gives you an excellent reference point for getting different languages.
Improve your Linux skills Subscribe now at http://bit.ly/LinuxFormat

Tutorial Window managers
Awesome!
Another minimalist window manager is configuration file pointed to from the rc.lua file. heavier tasks are dealt with by other languages;
Awesome, which aims to be fast and easily Using $mod+P will also show a bar at the top of the official lua.org web page describes Lua as a
configurable. When we tried it on our system, it the screen that lists program categories in a tree ‘glue language’ designed to start and coordinate
was faster to start than we could react. Awesome form. Use the arrow keys to navigate the tree software made in other languages.
follows a similar pattern as i3 using the until you find your program; this feature also You’ll realise once you look that you don’t need
$mod+key scheme to map different key enables you to type the name of the application to know Lua extensively to make small changes.
combinations to actions. and see matching results dynamically. There are even themes available that require Lua
One major difference is that Awesome comes You can change these behaviours yourself as and an extension called LAIN. If you want
with a drop-down menu which lists your the file is in the Lua language. The main aim of detailed control of your desktop, learning Lau
applications. The list is held in a standard Lua is to make it easy to write small scripts while could be an exciting project for you.
to create many terminal windows and then playing around. If text in the upper right corner. You’ll need to be quick to
we continue on from one Firefox window open and limit memorise that Ctrl+T ? gives you the commands summary.
ourselves to two Terminals, the result will be easier to see. If To start a Terminal use Ctrl+T C, you can now run any
you use only $mod+Arrow key combinations, you should see applications from the command line. For example, here is
the title bar of the windows shift colour, indicating a change of how to start Firefox:
focus. Next, we need to add in the Shift key with $mod + Shift $ firefox &
+ Arrow. Your screen will have all its windows next to each The ampersand (&) creates a new process so you can
other because the horizontal tile is the default. When you use launch other stuff as well. When using Ratpoison you must
the left or right arrow key, or J and ; respectively, the window get used to the idea that switching application is always done
will move to the side. If you use the Up arrow key it will spread with the keyboard, it feels even more extreme than i3 but it
over the top, and the two terminals will share the lower space. works. When you dig deeper, you will soon find that there’s
In our opinion, using more than four tiled windows defeats the also an applications menu, reached by Ctrl+T.
purpose of tiling and returns you to a cluttered desktop state.
To avoid an untidy desktop you can also use virtual ones; FVWM
you have up to ten virtual desktops available. When you need Originally an extension of twm (Tab Window Manager), FVWM
a new desktop, you press $mod+n where n is the 0 through 9 is a stacking window manager that has grown to include
keys. The desktops will appear immediately and stay active many of its own extensions. Good performance has been a
until you have closed all windows in one and left it. major goal of the project from the start and it’s still very
For more advanced users there are many configuration efficient. When you first start FVWM you have the option to
Quick options, the keybindings are set in the i3 configuration file, start different modules, depending on your needs. The default
tip usually in ~.config/i3/config. Other possibilities are to start is very lean and is only applicable if you want to start all your
If you want to play applications at startup, assign functions to the mouse keys applications from the command line. To find the application
with Sway, check and assign applications to specific virtual desktops. However, list, click on the background and the default list drops down.
out the homepage this is a big subject for another time. Also, If you are eager to This list will need changing based on the applications on your
http://swaywm. switch to Wayland there’s a drop-in replacement called Sway, machine. There is also support for virtual screens as well as
org. There are so
far only packaged
which supports most features and has some of its own. virtual desktops. The background isn’t set by default so you
sources available. will need to use a utility such as feh to set your background:
If you are into Ratpoison $ feh --bg-scale ‘/home/user/Picture/Of_myCat.png
compiling your Ratpoison gets its name because the developer hated the If you want to use themes, search for fvwm-crystal, this
own, it is worth
idea of using the mouse. It’s a smart idea, but when Ratpoison will increase the size of the manager load and it’s a lot of fun.
the effort.
starts, you are met with only an empty screen and a short
Xfce
Xfce has a history of many other window managers behind it,
one of them being FVWM. The window manager uses very
few resources but still has a high number of features. This
window manager is well established and known for low-
memory needs and processor load.
Many distros have Xfce as their default window manager
but use add-ons to enhance and adapt the graphical
appearance for the specific needs of the distro, for example,
Linux Lite (easy to use distro), Mythbuntu (DVR system) and
Ubuntu Studio (multimedia creation). As you can see, it’s
used by many media-based systems; this is to make sure the
load is focused on the media being played or edited.
Enlightenment
This window manager is slim but bursting with features. Its
Enlightenment’s launcher contains a clock, battery indicator and other gadgets. libraries are also in a spin-off called Tizen, which is used for
Want even more Linux? Grab a bookazine at http://bit.ly/LXFspecial

Window managers Tutorial
smartphones and a development environment is also GIMP, need floating windows for their tool sub-windows so
currently in the works. don’t limit yourself completely.
Enlightenment starts quickly while also providing fantastic All window managers boast about their performance but
graphical decorations for your windows. There are a huge when you start measuring the results you’ll soon see that
number of themes available on the internet if you’re into while it does help, other programs are equally important.
customising your desktops. One interesting feature is that it In our testing we realised that going with a tiling window
has both compositing and tiling in one package, so you can manager boosted start-up time, but as soon as we started all
switch to tiling mode when you want and switch back. There’s the things we wanted to use, such as email, cloud sync, etc,
also a working Wayland version available for beta testing. the performance dropped again.
The biggest performance hit for us was the lack of
Performance issues memory causing a lot of swapping to disk. With this in mind,
When measuring memory usage, you will quickly realise that choose your window manager wisely and at the same time
the standard GNOME and KDE environments use a lot even consider carefully what you are going to do with a particular
though the binary files are tiny. The reason for this is that the system. Is it useful to have a constant check on your email,
desktop environment loads a lot of features, including Facebook or Twitter account? Do you need to back up of your
notifications and other necessities. data every minute, etc?
The different choices mentioned in this article all have A good strategy is to create special sessions, e.g. reducing
their individual features and quirks. In terms of size, Tinywm resources and turning off notifications when gaming and
is the smallest here with only 50 lines of code and a binary when it’s time to get your head down and do some work
size of 5,036 bytes, a quarter of evilwm with 20,244 bytes. cutting social media feeds. You can schedule what you want
In comparison, the size of Mutter is 10,400 bytes and Kwin to do, take all distractions away and finish the task— even if
6,136 bytes respectively, while these amounts of memory are that task happens to be the next level of your favourite game.
quickly sucked up by a system when running both GNOME Our preference is to use Enlightenment for graphical work,
and KDE, typically around 200MB. such as the GIMP and CAD applications. For other situations,
In the collection of window managers we tested, we found our favourite tiling window manager is awesome to help us
that the oldest, unsurprisingly, were the fastest but also that focus on one task at a time With it, we gain a tidy desktop and
they had the least features. This might have sufficed for us clever features, with the clock, memory and CPU load
but for the arduous task of having to rewrite the configuration available in the Taskbar. LXF
just to access our favourite applications from the menu.
Having said that, when looking at the tiling managers we
could see that the effort to create lean packages has paid off
and they come in a narrow second. I3 has a sleek interface
while being very economical on resources, making startup
very fast.
Awesome appeared a little less sophisticated at first,
but when looking through what’s included for tweaking
options, we were proven wrong. The big caveat is that you
need to have Lua support and LAN to take full advantage of
all the possibilities.
Ratpoison is an option for those who want to use the
keyboard exclusively while also having floating windows—
give it whirl. Once you get past the steep learning curve, we’re
sure you’ll love it.
If you love themes and your current choice is weighing
heavily on your hardware, Enlightenment is a good choice.
E starts fast and runs quickly while supplying brilliant window
decorations and animations. On top of that, you have the
option to run it in tiling mode.
In general, using tiling window managers is much more Awesome used to run Firefox, GIMP and Rhythmbox on the same screen using
productive but be aware that some applications, such as its default theme with an alternative background picture.
FVWM: F means Forefather?

FVWM started a long time ago in a Department meaning of the F in the title, which had originally offering styling and convenience. The NeXTSTEP
of Defence office, when Robert Nation started meant ‘Feeble’, became lost. When the original OS, inspired by AfterStep, is also a derivative of
hacking the twm window manager. Of course, announcement was retrieved from newsgroups, FVWM. Several others were designed to
twm also has a history but that’s another story. the developers decided to leave the F’s meaning resemble other operating systems. For instance,
Nation’s main goal was to reduce memory usage mysterious. FVWM has since been used to you can probably guess what Fvwm95 was
while adding support for virtual desktops. create new window managers (some that we’ve designed to look like while AmiWM had a stab at
In June 1993 he bundled it with rxvt, a project mentioned in this tutorial). looking like Amiga OS and MLWM made a good
he’d been working on, which was already Xfce is one notable one which has become job of looking like Apple’s famous OS. Another
successful (and still is). As development the default manager in many distros, especially derivative called FVWM-XPM lead to the popular
continued and maintainers changed, the ones aiming to be lean on memory while still Enlightenment window manager.

MicroPython
Tutorial MicroPython
Xxxx Use two micro:bits to
build a pair of radio-controlled robots
MicroPython:
Robot wars
Les Pounder shows us how to use two micro:bits and some MicroPython
code to build radio-controlled robots for our own robot battles!
W
e introduced MicroPython, in a previous tutorial 3 Making a controller unit that detects user input and
[see Tutorials, p88, LXF221], by learning how to interprets movement.

create our own Iron Man-inspired light glove that 4 Establishing radio communication from the controller to
reacted to input, in the form of coordinate data, taken from an the robot.
accelerometer built into the micro:bit. For this tutorial, we 5 Configuring the robot ‘brain’ to receives radio signals and
shall build something even better! react accordingly.

One of the most popular projects for beginner hardware
Our Prepping for the project
expert hackers is creating a robot. We’ve seen many different
versions, typically using various models of the Raspberry Pi For this tutorial, you’ll need to own two micro:bits (after all,
Les Pounder as the brains of the robot attached to many different motor you need two sides to have a war), a USB battery pack, two
is a (gentlemen)
hacker/maker who control boards and robot chassis. But since the release of the USB-to-micro USB leads, Kitronik motor driver board and a
loves tinkering micro:bit, we’re seeing even more robot kits and accessories robot kit. You can find robot kits for a cheap price on eBay
with Raspberry Pi, come to the market. Since the micro:bit doesn’t come with and you’ll need one that includes, two motors, chassis, a pack
Arduino and
micro:bit. He Wi-Fi and there’s no support for Bluetooth using Micro of four AA batteries, two wheels and a trolley caster (with
trains teachers for Python, how can we control a robot? The answer is that we front wheel balance).
the Raspberry Pi
have a simple radio system in the BBC micro:bit that can be Our robot will be controlled by a micro:bit steering wheel.
Foundation and
writes up his used to send brief messages or data. This wheel will read data from the built-in accelerometer and
adventures at In this tutorial, we’ll introduce the following steps to communicate the information to another micro:bit attached
http://bigl.es.
building and programming a robot: to our robot. We will code all of this project in MicroPython,
1 Building a robot chassis from a kit. using the Mu application. Released by the Python Software
2 Controlling motors using a driver control board. Foundation to enable anyone to use the leaner
implementation of Python 3, MicroPython was originally
Quick created by Damien George.
tip Using MicroPython, two micro:bits, a motor driver board
and a cheap robot chassis we’ll take our first steps with
All of the project MicroPython robotics with the micro:bit. We covered installing
code can be
Mu, the MicroPython editor in the previous issue, but here is a
found in our
GitHub repository quick reminder. Installing Mu on a Linux machine is trivial, all
here: https:// you need to do is download the application from
github.com/ https://s3-us-west-2.amazonaws.com/ardublockly-
lesp/LXF222-
builds/microbit/linux/mu-2016-11-06_11_36_15 then
micropython-
robot/archive/ navigate to your Downloads folder. Right-click on the
master.zip. application and select Properties then go to Permissions and
change the permissions so that the file can executed as an
application. Now you can double-click on the application and
it will open the Mu editor.
We’ve broken the tutorial down into sections to make the
whole process easier to follow, so let’s start building a robot!
The finished
robot car is really
simple to make
thanks largely to
an off-the-shelf
chassis and a Mu is the Micro Python editor for the micro:bit. It offers a
motor driver built simple to use interface that handles code suggestions and
for the micro:bit. indentation for the user.

MicroPython Tutorial
Micro:bit Radio
For this tutorial, we used a radio link to connect import radio radio.config(power=7)
two micro:bits, which enabled strings of data to radio.config(channel=99) Transmission power ranges from -30, -20, -16,
be sent between devices. This used the default radio.on() -12, -8, -4, 0, 4dBm with each of these seven
radio settings for ease of use. But what if we So now we can change the channel from 0 to values relating to a configuration value of 0 to
wanted to create multiple robots for battle in an 100. This must be done for every micro:bit that 7 respectively.
arena? This is where channels come into play. you wish to have on a certain channel. If you would like to know more about sending
The radio class has many different If you would like your radio signal to go further, radio signals using the MicroPython then head
configuration options available to the user, but then you’ll need to increase the power of the over to an excellent official resource here:
the most basic is channel. To change the channel transmission. This is also a configuration option https://microbit-micropython.readthedocs.
of the radio we must use: and is handled with: io/en/latest/radio.html.
Our project uses two micro:bits, the ‘brains’ of the robot So if the gesture is left, we need to provide the driver with
and a controller unit used to send the commands over a radio feedback to say that this has been acknowledged: Quick
connection. We shall start by coding the controller. So in Mu display.show(Image.ARROW_W) tip
make sure you click on ‘New’ to start with a new blank radio.send('left') The micro:bit
document. Also remember to save often: Here we’ve updated the LED matrix on the controller can be a little
from microbit import * micro:bit to show the direction of travel. The display class tricky to power
import radio contains lots of images that we can show. So to illustrate that properly. Ideally,
it’s powered via the
we are turning left we update the display to show an arrow JST connectors and
Coding the controller pointing ‘west’, which is the left-hand side of the micro:bit. a 3V source, but a
We first import two libraries, the entire micro:bit library, The radio function handles communicating with our robot 5V USB powerbank
which gives us access to the sensors and display present on brain and it sends a string of data over the radio to our is also acceptable.
We used a cheap
the board, and import radio , a library that enables short awaiting robot brain. With the string being the direction that
powerbank from a
range radio communication between micro:bits. In order to we wish the robot to travel. pound shop.
use the radio we first must turn it on, this must be done for But what if the gesture was right? Well, here we use an
every micro:bit that we wish to use in the project. (See also else if, known as elif in Python. Elif will be checked if the first
Micro:bit Radio, above, for more information): condition is False, or previous elif conditions also returned
radio.on() False. We go down the elif until one returns as True. So if we
We now scroll a message across the LED matrix of our gestured to go right then the following code is run:
controller micro:bit. This message advises the user on how to elif gesture == "right":
control the robot. We also set the scrolling speed using a display.show(Image.ARROW_E)
delay. This delay will control how quickly the matrix is radio.send('right')
updated. The default is 150ms, but we have reduced it to We repeat this for tilting the micro:bit up and down:
50ms as 150ms was too slow. elif gesture == "up":
display.scroll("Turn the wheel to drive the robot",delay=50) display.show(Image.ARROW_N)
In order to constantly check the driver’s input, we need to radio.send('forward')
use an infinite loop, which in MicroPython is elif gesture == "down":
while True: display.show(Image.ARROW_S)
Inside of the loop we need to determine the driver’s input. radio.send('reverse')
This is collected by checking the status of the accelerometer. Our final elif condition to test is our emergency brake. Just
In the previous issue, we gathered and used the individual X,Y in case we need it we can press the ‘B’ button on our micro:bit
and Z co-ordinates generated by moving the micro:bit to to stop the robot. This only works if the board is held flat!
control our WS2812B LEDs. But for this project we can elif button_b.was_pressed():
simplify the accelerometer data by using ‘gestures’. The display.show(Image.SURPRISED)
micro:bit can determine 11 gestures, such as up, down, left,
right and shake etc. But it can also measure acceleration
forces, measured in G:
gesture = accelerometer.current_gesture()
print(gesture)
Here we create a variable called gesture and store the Our controller
current gesture. We also print the contents of our gesture is a micro:bit
variable to the Python shell, REPL, for debugging purposes. held in place on
a DIY steering
We have the gesture stored in a variable and now we shall
wheel using Blu-
test to see if the gesture matches one of those required to
Tack. Turning
control our robot. For this we shall use an if...elseif test:
the micro:bit
if gesture == "left": as you would
This first test is to see if the controller has been turned controlling a car
left. So we check the contents of our gesture variable against will successfully
the hard-coded value "left" . control the robot.
Get your dose of projects Subscribe now at http://bit.ly/LinuxFormat

Tutorial MicroPython
Here we used a namely microbit and radio. We also ensure that the radio is
USB power pack turned on ready to receive a signal:
to power our from microbit import *
micro:bit, but you import radio
can also use the radio.on()
official 3V AAA
To signify that the robot is loading and preparing for use
power pack.
we’ll create a short animation using a for loop. For loops are
used to iterate a set number of times, e.g. in this for loop we’ll
set a range of 3 which will cause the loop to iterate three
times:
for i in range(3):
What will happen inside the loop is that we shall display a
small heart on the LED matrix, wait half a second, or 500ms
using Micro Python’s sleep function, to ensure that the
image is visible to the user:
radio.send('brakes') display.show(Image.HEART_SMALL)
So that is all of the code for our controller. Make sure that sleep(500)
you save the code to your computer. Now plug in your Then we swap the image for that of a larger heart and
micro:bit and click on ‘Flash’ to upload the code to your repeat the same sleep to create a ‘beating’ effect on the
micro:bit. After a few seconds, you will see the instructions LED matrix.
scrolling across the LED matrix. Now hold the micro:bit like a display.show(Image.HEART)
steering wheel and you will see an Up arrow appear, indicating sleep(500)
that the radio unit is sending the command forward to our
robot. Turn the miro:bit left and right, now turn it upside down Coding the robot
for reverse gear. Finally, hold the micro:bit flat and press B to With the robot startup code written, we now move on to the
apply the brake. main loop that’s responsible for continually checking for radio
To create a more ‘realistic’ feel for steering the robot we signals. Again, we use an infinite loop to contain the code
used an old circular frame, which also transports cables/ necessary:
wires through the post, to create a makeshift steering wheel. while True:
With a few cable ties to hold the micro:bit and our USB Inside the loop, we create a new variable called incoming
battery securely in place, we were ready to go for a drive. this will store the incoming radio messages, sent by our
controller micro:bit.
Building the robot incoming = radio.receive()
Quick With the controller complete, we now move on to creating our

robot, and our first task is to build the robot a body. Our robot
In order to interpret and process the commands being
sent over the radio, our robot needs to first understand what
tip uses a common robot chassis found in an online auction to do for a specific command, and here we once again use an
There are many house for roughly £10. There was a little soldering involved, if...elif conditional test. We check that the value of our
different types of namely the terminal connections on each motor. This is a incoming variable is the same as a hardcoded value, for
motors available.
We used standard
simple task but if you can’t solder or don’t have the kit, pop example ‘left' :
DC motors, but you along to your local makerspace/Raspberry Jam or LUG if incoming == ‘left':
can also find cheap, meeting for help. So if the instruction was to turn left, then we update the
micro gear motors The wires from your motors are connected to a Kitronik LED matrix of our robot brain micro:bit to show the direction
that enable smaller
motor driver board. Each motor is connected to its own of travel. In this case, we update to show an arrow pointing
robot to be built.
terminal. Looking at our robot from the front, Motor 1 is on east, as when looking at the robot head on, the arrow pointing
the left of our chassis and Motor 2 is on the right. Both of the east is also pointing in a left direction.
wires from one motor are connected to the two terminals for
Motor1 on the driver board. Do the same for your second
motor ensuring that it connects to Motor 2. Also ensure that
the terminals grip the wire snugly. Now connect your AA
battery box to the power terminal, and check that you match
the polarity. Typically the AA battery box has red and black
wires, where red is ‘+’ and black is ‘-’. Don’t put the batteries in
just yet. Now secure the battery box, motors and driver board
to your chassis using the screws in the kit or for a quick hack
use cable ties. For now, keep the robot brain micro:bit out of
the robot chassis as we need to program it.
Ensure that you are using the micro:bit intended to be the
brain of our robot car. Don’t use the robot controller micro:bit
that we flashed earlier. Connect your micro:bit to your
computer and load the Mu application. Create a new file and
remember to save often. We start coding the robot by Our robot car has a brain and a heart! The heart
importing the same libraries as we did for the controller, animation indicates that the robot is ready for action.
MicroPython Tutorial
display.show(Image.ARROW_E) Our chassis

To control the motors, we need to control the GPIO pins has all manner
that they are connected to via the motor driver board. As you of holes for
attaching
can see, next to the terminals on the motor driver board there
components, but
are ‘P’ numbers. These are the GPIO pins used for the
the motor pylons
terminals. To drive the motor in one direction one pin must be can only go in
high, and the other low. In other words, only one pin can be on this area due
and the other must be off. To reverse the direction of the to the careful
motor we need to reverse that polarity: balance needed
pin8.write_digital(0) for our robot.
pin12.write_digital(1)
Motor control
To turn the robot left we need to tell one motor to go forward,
and the other to go backwards. For our example, motor one is
the left motor (looking from the front of the robot) and it’s
connected to pins 12 and 8. Our right motor is connected to
motor two which is controlled by pins 16 and 0. So to turn the
robot left, motor one needs to go forwards and motor two
backwards. We do this by sending power to the respective
GPIO pins using write_digital .
The code to turn the motors right is a reverse of what we
set for turning left. Showing that the circuit can easily switch
polarity on the fly:
elif incoming == ‘right': pin8.write_digital(0)
display.show(Image.ARROW_W) pin16.write_digital(1)
pin8.write_digital(1) pin0.write_digital(0)
pin12.write_digital(0) Here is the code for reversing our robot:
pin16.write_digital(1) elif incoming == ‘reverse':
pin0.write_digital(0) display.show(Image.ARROW_S)
Here is the code for moving the robot forwards: pin12.write_digital(0)
elif incoming == ‘forward': pin8.write_digital(1)
display.show(Image.ARROW_N) pin16.write_digital(0)
pin12.write_digital(1) pin0.write_digital(1)
Our last condition to test is our emergency brake. This will
set all of the GPIO pins connected to the motors to off:
elif incoming == ‘brakes':
display.show(Image.SURPRISED)
Save the code and click on ‘Flash’ to upload the code to
your micro:bit. Now remove the microbit from your computer
and place it in your motor driver board’s slot. Once you insert
the batteries, you should see the heartbeat animation start.
Now power up your controller; we used a USB phone battery
for ours. After the scrolling instructions, you will be able to
Motor 1 is the motor on the left of this picture, and Motor drive your robot around the room. If your robot behaves a
2 is on the right. You can also see the wires routed through little differently then you may need to swap the wires from
a space in the chassis to the motors. each motor to their motor terminals. LXF
Why you need a controller

In this tutorial, we used a motor driver board to heart is a DRV8833 motor controller that uses L9110S, and all of them are compatible with the
interface our micro:bit with two motors—but an H bridge or ‘flip flop’ circuit to control the micro:bit but you will need to break out more
why did we need that controller? The controller direction of the current. Remember in the GPIO pins from the micro:bit as the three
is simply there to buffer the micro:bit as motors tutorial we changed the polarity of the motors to provided aren’t enough.
require a considerable amount of current in change direction? Well, that’s the H bridge circuit You can purchase adaptors that convert the
order for them to start moving. in operation. edge connector of the micro:bit for use with
This is current that the micro:bit is unable to But do you need to buy the Kitronik kit? You breadboards and common electronics, reducing
provide without potentially damaging the unit. can make your own by buying a motor control the cost of your robot builds and enabling you to
We used a Kitronik motor driver board, but at its board, such as the DRV8833, L293D or the build multiple robots for your new army!

Nginx
Tutorial Nginx Learn how to set up a web server,
Xxxx
read log files and use Nginx with a CMS
Nginx: Set up
a web server
Mihalis Tsoukalos teaches you how to efficiently use Nginx’s high
performance with your CMS of choice and give life to your websites.
with your Nginx setup more easily. Also, the default port
used for HTTP traffic is TCP port 80—if you are using the
default port then the following two URLs are the same:
http://linuxformat.com and http://linuxformat.com:80.
About TCP/IP ports

If you are not using the default HTTP port, then it is required
that you specify the port number you want to use. There are
Our
expert various ways to find out whether a TCP or UDP port is in use
or not on a given machine. The following output shows the
Mihalis availability of a port as well as the process that uses the port
Tsoukalos
is a DBA, but requires SSH access to the machine and root privileges:
mathematician, # netstat -tulpn | grep :80
programmer and tcp6 0 0 :::80 :::* LISTEN 7039/apache2
Unix admin. He
enjoys writing As SSH access to a machine is not always possible, the
articles and next command, which uses the netcat utility, checks whether
learning about
a given IP address – which in this case is 127.0.0.1 but you can
programming
languages. You put any IP address you want – listens to a given port without
can reach him at the need for SSH access to that particular machine:
@mactsouk.
$ nc -zv 127.0.0.1 80
localhost [127.0.0.1] 80 (http) open
If a port number isn’t used, you will get the following kind
of output:
$ nc -zv 127.0.0.1 8080
localhost [127.0.0.1] 8080 (http-alt) : Connection refused
Hint: The results that you get when you are examining
T
his tutorial will cover the Nginx web server and its use open TCP/IP ports from the command line of the machine
by presenting valuable information, tips, error are more accurate because remote connections can be
messages, log entries and example configuration files denied from intermediate networking devices, such as
for Drupal and WordPress sites. After installing Nginx on your routers and firewalls.
Linux machine, using your preferred distro, you can find out
its version by executing the following command:
$ nginx -V
nginx version: nginx/1.10.0 (Ubuntu)
built with OpenSSL 1.0.2g 1 Mar 2016
Quick TLS SNI support enabled
tip On Ubuntu and Debian machines, the default directory for
the Nginx configuration files is /etc/nginx where nginx.conf,
Nginx is worth the
extra time you’ll the main config file is located. Although you can define new
spend learning it. websites inside nginx.conf, it’s better practice to define new
Once you do learn sites inside the /etc/nginx/sites-enabled directory, because
how to use it to
the default nginx.conf file automatically reads everything
serve different
kinds of websites, that’s inside it (including symbolic links). The reason for this is
you will only have the following line found in the ‘http’ block of nginx.conf:
to copy and paste include /etc/nginx/sites-enabled/*;
existing configs to This means that you can also include other directories, This screenshot shows various troubleshooting
create new virtual
but it’s considered good practice to use the default directories commands as well as a successful and an unsuccessful
web servers.
when possible because this will allow other people to deal attempt to start the Nginx server process.

Nginx Tutorial
What about Apache?

After learning about Nginx, you might ask that this is the only way to avoid blocking when existing Apache .htaccess files into Nginx rules
whether Apache is still a good choice. Well, using synchronous I/O. As you may appreciate, which looks like a lot of work. However,
before Nginx, Apache was the most popular web the way Apache works is simple to implement remember that you only have to do it once.
server, which means that it’s still good. and can easily serve websites without lots of If you already using Apache as your web
Apache is a process-based web server, which traffic provided that your Linux machine has the server of choice, then converting to Nginx might
means that each simultaneous connection right amount of memory and CPU power. take some time but will be worth the effort
requires a separate thread. The main reason for Apache uses .htaccess files and Nginx doesn’t especially when you are trying to avoid upgrading
having a separate execution for each request is support .htaccess files, so you’ll have to convert your Linux machines.
root /srv/www/S1/public_html;
index index.html index.htm;
Quick
} tip
Each website needs its own ‘server’ block where you Even if you don’t
define everything about the website. Each ‘server’ block is want to use Nginx
This is the error message that you will get when you for serving your
embedded inside the ‘http’ block of the nginx.conf file. The
websites, you
trying to install WordPress without the proper Nginx rules most important definitions of a ‘server’ block have to do with can still use it as
and appropriate configuration. the TCP port that the website will listen to ( listen ); the a reverse proxy
format and the file location of both the access log file server as well as
If you try to start Nginx using the default HTTP port while ( access_log ) and the error log file ( error_log ); the name of for load balancing
and content
Apache uses port number 80, you will get the following error the server ( server_name ) that can be a domain or a caching purposes.
message either on your screen or in the Nginx error log file: subdomain; a list of the acceptable index files ( index ) and
2017/01/07 15:57:13 [emerg] 1664#1664: listen() to 0.0.0.0:80, the root directory of the site ( root ). However, only the listen,
backlog 511 failed (98: Address already in use) index and root definitions are required. As simple.site does
2017/01/07 15:57:13 [emerg] 1664#1664: listen() to [::]:80, not use a domain or a subdomain, you don’t have to define
backlog 511 failed (98: Address already in use) the server_name variable.
2017/01/07 15:57:13 [emerg] 1664#1664: still could not bind() After creating the configuration file, you will need to create
its symbolic link inside /etc/nginx/sites-enabled, the
Basic Nginx necessary directories and populate the site, which in this case
What the previous error messages tell us is that the Nginx is going to be a simple HTML file named index.html or index.
server process couldn’t bind port number 80 because the htm depending on your taste—the values of the ‘index’
port is already in use. In order to avoid similar problems, this variable show the order Nginx will search for index files to
tutorial will use port 8080 for the basic Nginx setup. An automatically load when you visit the root page (/) of a
additional advantage of port number 8080 is that you can website. Note that you can have any filenames and
use it even if you do not have root privileges. extensions you want as long as they are not being blocked by
See screenshot (bottom left) for the kinds of messages an active Nginx rule.
that are presented for a successful and unsuccessful Nginx Last, if you don’t want to have an error log, you can define
start as well as various troubleshooting commands based on error_log as follows:
the information of the previous section and the way to stop error_log /dev/null crit;
the Nginx server process. However, dropping error messages isn’t recommended
The first thing you should do after a successful Nginx when working with production sites because it can hide
installation is delete the symbolic link called ‘default’ found problems or hacking attempts. Apart from the ‘warn’ level of
inside /etc/nginx/sites-enabled. In order for configuration logging, you can also use emerg, alert, error, warn, notice, info
changes to take effect you will need to restart Nginx. On a and debug. The debug level catches everything whereas the
Ubuntu or Debian system restarting a service can be done emerg level only catches the more critical information. Notice
with: # service nginx restart . Please note that a successful
execution of the previous command generates no output!
Serving websites
In this section we’ll show you how to create a Nginx setup to
serve static pages using port number 8080. The usual
practice is to put all configuration files inside /etc/nginx/
sites-available and symbolic links for the websites you want
active inside /etc/nginx/sites-enabled. The log files
of Nginx look
The contents of simple.site, which resides inside /etc/
similar to the
nginx/sites-available, are the following:
log files of the
server { Apache web
listen 8080; server and are
access_log /srv/www/S1/logs/access.log combined; also in plain
error_log /srv/www/S1/logs/error.log warn; text format.
Want even more Linux? Grab a bookazine at http://bit.ly/LXFspecial

Tutorial Nginx
that if your nginx.conf file or any one of the files found inside location / {
/etc/nginx/sites-enabled have multiple errors, Nginx will try_files $uri $uri/ /index.html;
only print the first error when you try to run it or test the }
validity of its configuration using the -t option. You have to
correct the first error and rerun nginx –t to make sure that location ~ \.php$ {
there are no additional errors. try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
Installing WordPress fastcgi_index index.php;
If you try to install a WordPress site using the configuration fastcgi_param SCRIPT_FILENAME $document_
(found in the previous section), the installation process will root$fastcgi_script_name;
fail with an error message (similar to the one found in the include fastcgi_params;
screenshot, see the first page) the main reason for the error }
message is that the default Nginx configuration doesn’t know ...
how to handle PHP code. The good thing is that once you }
have the right config file and the WordPress installation The WordPress site uses port number 8081 to avoid any
process begins, you’ll be able to operate your WordPress site conflicts with the other two websites. However, the single
Quick with the exact same Nginx configuration.

Before doing anything else, you will need to create the
most important change to wordpress.site is the addition of
the index.php string to the index variable in order to be
tip config file for your WordPress site and create a symbolic link able to accept PHP files. Please don’t forget to restart Nginx
There are many for it inside the sites-enabled directory: after you finished editing wordpress.site. Note that you
books about Nginx # vi /etc/nginx/sites-available/wordpress.site should also have the php5-fpm package installed. [You can
including Nginx
HTTP Server, 2nd # link -s /etc/nginx/sites-available/wordpress.site /etc/nginx/ refer to Tutorials, p72 LXF188 for more information about the
Edition, by Clément sites-enabled/wordpress.site PHP installation.] The rest of the code contains Nginx rules
Nedelcu and Nginx After that, you’ll need to create the necessary directories that handle security issues, URL translation and the execution
Troubleshooting for the WordPress files as well as the error and access log of the PHP code. This happens because Nginx doesn’t
by Alex Kapranoff.
files. WordPress also needs to use a database but talking support .htaccess files, so the functionality of an Apache
Although books
are helpful, nothing about the installation process of WordPress and PHP is .htaccess file is embedded in the configuration files of Nginx.
replaces actually beyond the scope of this tutorial. The important contents of The good thing is that the equivalent rewrite rules in Nginx
using Nginx. the wordpress.site file are: are usually fewer and less complex than the ones found in an
server { .htaccess file.
...
listen 8081; Installing Drupal
... Next, we’ll cover Drupal 8 and Nginx. First, you’ll need to
index index.php index.html index.htm; follow the same steps as before but create a new file called
drupal.site inside /etc/nginx/sites-available and then
create a symbolic link to it in the /etc/nginx/sites-enabled
directory. The important configuration commands and rules
of drupal.site are the following, which as expected have to do
with PHP and URL handling:
location ~ ^/sites/.*/private/ {
return 403;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
Nginx has
include fastcgi_params;
an excellent
documentation fastcgi_param SCRIPT_FILENAME $request_
site where filename;
you can find a fastcgi_intercept_errors on;
plethora of useful fastcgi_pass unix:/var/run/php5-fpm.sock;
information. }
More information about Nginx

Nginx works differently to Apache mainly consumption of Nginx is very low when serving User requests are served by the worker
because of the way it processes requests. A side static pages. processes that Nginx server starts. The number
effect of this is that Nginx processes requests The configuration files of Nginx are simpler to of worker processes the Nginx creates is defined
faster using fewer system resources. read, use and modify than the config files of in the worker_processes variable of the nginx.
Nginx uses asynchronous sockets that allow Apache. The only reason Nginx uses multiple conf file. (The screenshot, see top right,
it to handle more requests per process while not processes, is to make full use of multi-core, illustrates the way Nginx works in a graphical
having to spawn too many children (worker) multi-CPU and hyperthreading systems that are way.) You can learn more about Nginx web
processes. As a result, the memory currently being used. server by visiting https://nginx.org.
Nginx Tutorial
location / {
try_files $uri @rewrite;
}
location @rewrite {
rewrite ^ /index.php;
}
location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}
The Drupal website will use port number 8082 to avoid
any conflicts with the previous two sites—you can use any
TCP port number that you want to as long as it is not being
used by another server process.
If you have your own domain, things will be considerably
simpler, because you will able to create several subdomains
and avoid having to use a different port number for each
virtual site. However, this requires a proper DNS
configuration. As you can see by looking at the full contents of This is how
drupal.site, the Drupal configuration file is much bigger than using two server blocks. The first block is for accepting Nginx handles
the WordPress one because Drupal is a more complex and requests for mtsoukalos.eu in order to forward them requests using
its worker
powerful beast of a CMS than WordPress. whereas the second block is for supporting www.mtoukalos.
processes.
Once you are able to start the Drupal installation process, eu. You can tell which block supports which URL by looking at
you will know that you have a correct Nginx configuration. the definition of the server_name variable.
Please note that if you have problems when serving
WordPress and Drupal sites using Nginx, the first thing you Nginx rules
should check is the rules in the configuration files. Now, imagine the next security related .htaccess rules:
order deny,allow
Nginx log files deny from all
In this section, we will briefly look into the log files of Nginx, allow from 192.168.1.1
which look like the following:
12.34.56.78 - - [07/Jan/2017:21:20:30 +0200] “GET / # setup.php
HTTP/1.1” 200 140 “-” “Mozilla/5.0 (Macintosh; Intel Mac <Files “setup.php">
OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Order Allow,Deny
Chrome/55.0.2883.95 Safari/537.36” Deny from All
12.34.56.78 - - [09/Jan/2017:21:02:48 +0200] “GET /core/ </Files>
misc/favicon.ico HTTP/1.1” 200 5430 “http://www. Their Nginx equivalent is the following:
mtsoukalos.eu:8082/core/install.php” “Mozilla/5.0 location / {
(Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 allow 192.168.1.1;
(KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36” deny all;
As you can probably decipher from the log snippet }
(above), Nginx log files are quite similar to Apache log files,
mainly because they contain the same kind of information. # setup.php
(See the previous spread for a sample of Nginx log entries location ~ /setup.php {
both from a website and from Nginx itself.) deny all;
Imagine the following .htaccess rule: }
RewriteCond %{HTTP_HOST} mtsoukalos.eu What the previous rules do is allowing access to a given
RewriteRule (.*) http://www.mtsoukalos.eu$1 IP address only and denying access to the /setup.php file
You can easily convert it into an Nginx rule: to everyone.
server { All the examples that we’ve covered should give you a
listen 80; pretty good idea of how Nginx deals with rules. (Should you
server_name mtsoukalos.eu; wish to learn more about Nginx rules you should visit the
return 301 http://www.mtsoukalos.eu$request_ Nginx documentation page (pictured bottom left).
uri; If you are already using Apache for your web server then
} converting everything to Nginx might not be worth the
amount of effort involved and the potential risks. However,
server { if you are setting up a new web server machine, then using
listen 80; Nginx would be a wise choice. If you are maintaining multiple
server_name www.mtoukalos.eu; web servers, you could migrate your existing Apache websites
... to Nginx one by one to see the way it provides more
} predictable performance under high loads and gain
What the previous rule does is replace the URL confidence in using it. Hopefully, this tutorial will be the
mtsoukalos.eu with www.mtoukalos.eu in your web browser beginning of your Nginx journey! LXF

AngularJS
AngularJS:
Customisation
Kent Elchuk explains how to quickly build AngularJS applications for the
web and how to customise their look and feel.
gallery with several categories. Thus, when you select your
category, only images for that category are displayed. When
an image is clicked, a popup of the image picture is displayed.
We’ll describe the gallery in more detail later.
Use Bootstrap
In the modern era of web development, responsive design
Our has become the standard. In this tutorial, we use Bootstrap
expert as our responsive framework. Other examples of responsive
Kent Elchuk frameworks are Skeleton CSS and Foundation. Also, many
is a freelance full template makers have built their own frameworks, such as
stack and web
Theme Fusion. However, since Bootstrap is very popular, it
developer for a
college in has great documentation and is easy to use. The framework
Vancouver, uses a grid system. This means you have a row with a set
Canada. He
enjoys both front- amount of columns for which you can set various
and back-end breakpoints: e.g. under 576px (pixels) for small phone
development. screens; 768px for tablets; 992px for larger devices and
1,200px for large devices. Before we move on to the
breakpoints and how to deal with them, we’ll make using
Bootstrap an easy process.
The first thing we want to enforce is that each section is a
row. In fact, everything in a row will be surrounded by <div
class="row"></div>. Make extra note of the row class which is
applied to the div element. Typically, columns are inside the
div element. The key here is that all columns can add up to a
T
his tutorial is an extension of a JQuery and AngularJS maximum of 12. Assuming that you want three equal columns
article we published previously [see Tutorials, p88, in your Bootstrap row, you’d use the following code block:
LXF218]. If you’ve read that tutorial or have the <div class="row">
coding sample that will help. If not, you can still follow along <div class="col-md-4"></div>
as this tutorial is about extending AngularJS’s appearance <div class="col-md-4"></div>
and functionality. We’ll be covering how to add a new theme <div class="col-md-4"></div>
to a one-page application; using AngularJS to create image </div>
Quick galleries; the everyday features used in basic web Since the row evenly accepts a number adding up to 12,
tip development and changing its appearance with Bootstrap,
CSS and JQuery.
each column has the class col-md-4 since the three fours
Although AngularJS The main file that’s run is called index.php. As a refresher,
controllers can be
the specialised content that runs for each page, such as /
used to manipulate
the DOM, creating about, is delivered via a script.js file and delivered into the
custom directives ng-view directive, which makes packaging the code you want
with AngularJS is for each page straightforward. One major change from our
the typical method
original simple application is that all the files need to be PHP
used. Directives
can be placed in this time rather than HTML. To make this change, the routes
the HTML view are altered in script.js and the files are just renamed with .
and a matching php extensions. Why do we need to do this? This means we
set of JavaScript can post the contact form to a PHP file for processing and
is all it takes to
sending email to the site owner. We’ll cover this later.
make a directive
function properly. We also have two other small additions: an image for the The home page has a simple image and we’ve set the
home page and a new page called gallery. We’ve supplied the width to 100% so it spans the whole page.

AngularJS
Custom DOM selections

This tutorial has various instances where DOM is any image on the page with the class called pages all with the same element and class name.
manipulated with JQuery. To access a DOM ‘specialImage’. Thus, the HTML for this item To make custom selection a simple process, here
element with JQuery, the selector is often the would look like <img class="specialImage" is a very big tip. You can use Firebug or Inspector
first part of the process. For example, let’s look at src="myImage” />. to get the precise selection of an element. Using
$(’.myName').show(). The selected element is As you can see, the second example was a Chrome or Chromium, you can type
actually any element with the myName class. little more specific. Although that may seem as CTRL+Shift+i to open the Inspector. Then, right-
In some cases, that could be exactly what you specific as you might need, you may end up with click on the element inside the inspector and
want to select. Now, to reinforce this, look at a situation when you must be much more select ‘Copy CSS path’. That can help you obtain
$('img.specialImage'). The item selected here is specific because you have 20 thumbnails on the an accurate path for your JQuery selector.
add up to twelve. Although that looks simple, these columns The gallery
are slammed side by side into a row without any separation. (see the next
To fix this issue and make three stacked columns with some page) is a series
separation, you can add another row within each <div of images and
class="col-md-4"></div> tag. In fact, once you have one main links that work in
row and made the desired columns, each column can contain conjunction with
a custom Angular
as many nested rows as you want to give it.
directive so the
The about.php file included with this tutorial pages has a
proper images
three-column layout. However, let’s continue and turn it into a are displayed
clean three-column layout. To make all the columns the same and they pop up
height, you can apply the row-eq-height class to the top row when clicked.
with <div class="row row-eq-height” . With Bootstrap, the
class could be missing, so you may need to add it yourself. ng-model is the important Angular part of the input. Inside
The easiest way to add new CSS code to your application script.js, any code that’s added into the input field translates
is to create a CSS file called style.css and add it to the root into $scope.email.
folder. To make it accessible, open the file index.php and add The placeholder is just the text a user sees inside the form
the line into the head under the other CSS links: that briefly describes something. In this case, it reminds the
<link rel="stylesheet" href="style.css" /> user to include their email address in the input box. The value
In the style.css file add the following code: is what the user enters into the form. With AngularJS, it has
.row-eq-height { scope; thus the value that is added and displayed through the
display: -webkit-box; {{email}} tags is also the same as the $scope.email.
display: -webkit-flex; The next attribute ng-pattern does a check to ensure that
display: -ms-flexbox; the email address follows the proper pattern of a real email
display: flex; address. Thus, test@example.com would pass, but something
} like ‘blah’ or blash@example would fail. Finally, the required
As you can see, the little snippet adds properties to the entry means that filling out this text input is required or the
row-eq-height class which makes it flex and allows each form won’t submit.
column to be of equal height. Since we are posting data with AngularJS and using PHP
as the server-side language, the first step is to change the
AngularJS forms route from contact.html to contact.php. After that, the
This simple form can be used to collect data from a user and controller, contactController is added to the bottom of
add the data to a database and send the results via email. script.js to ensure the form is handled correctly. Again, you’ll
This particular form has form fields for name, phone, email, notice a pattern. An enclosed controller, named ng-controller
message and a hidden input with a random string to protect in the HTML view, has a matching controller name in the file
from cross-site request forgery. The actual form is added to script.js because that’s where the code exists for handling
the /contact page and includes a new controller that triggers the controller. In this particular case, the check_credentials()
on click and sends the post data for processing, which in this function is surrounded by an ng-click directive. When the user
case is sending an email. The controller used in this example submits the form, you can see the logic used to handle this
is called contactController. You can find that in the /contact. submission is wrapped within the $scope.check_credentials =
php file included with this tutorial. Here’s the form input: function () {} scope.
<input type="text" size="40" name="email" ng-model="email" It’s inside this function that the error-checking and post
placeholder="Email" value="{{email}}" request takes place. I’ll guide you through that next process.
ng-pattern="/^[_a-zA-Z0-9]+(\.[_a-zA-Z0-9]+)*@[a-zA-Z0-9-]+(\. The code block below shows the basics of a post request:
[a-zA-Z0-9-]+)*(\.[a-zA-Z]{2,4})$/" required> var request = $http({
The first input is type="text" which is the standard for a
text input field. The second attribute, size="40" , refers to the method: “"post",
width. The third attribute, name="email" , refers to the name url: "post.php",
of the input; it’s critical because it identifies the item when all data: {
data is posted, emailed or stored in the database. The email: $scope.email,
Want even more coding? Grab a bookazine at http://bit.ly/LXFspecial

AngularJS
name: $scope.name, document ahead of the angular.js file. For lighter JQuery
message: $scope.message/*, usage, you can use the built-in JQuery Lite that comes
csrf: $scope.csrf*/ bundled with Angular, but is limited in functionality. In this
}, coding example, we’re loading the JQuery library ahead of
headers: {'Content-Type': Angular to ensure all functionality is available.
'application/x-www-form-urlencoded'} The actual plugin that’s being used for the gallery is called
}); Fancybox. If you look at index.php, you’ll see where Fancybox
begins and ends to get the required files for the plugin to
request.success(function (data) {} work. You can download Fancybox from http://fancyapps.
The $http service is passed into the contactController com/fancybox/#license. Since the head of the index.php
controller, so that the service enables you to send, get or post file is already set up, you can copy and paste the downloaded
data to the server. In this case, all the form fields are gathered files into the source/helpers folder to get a grip on the
together and the post method is used to send the data to the process. Getting the required files is the easy part, now we’ll
post.php URL. In addition, there are specific headers that attempt to explain how the interaction between script.js and
encode the data in the URL. Essentially, the posted inputs gallery.php makes the gallery work as desired.
fields and their respective values are passed to the post.php If you open up script.js and scroll towards the bottom,
file. When the post.php receives the request, the file_get_ you’ll see two directives. One is called myAppliances and the
contents function takes in the php://input, which is a read- other is fancybox.
only stream with the raw data. The myAppliances directive is just the part that moves the
After that, the json_decode() function is used to decode images around when a category is selected. So go ahead and
the JSON string of data which has all the form inputs. At this have some fun clicking some of the links for appliances.
point, each field can become variables. Thus, $email = To take a simple example, let’s analyse the actions that
$request->email is the actual email address that was input occur when you click on the ‘Washers/Dryers’ link. If you look
into the form. Since all the data is now readily available in at the gallery.php file, you’ll see a custom directive that starts
individual pieces, it can be added and used to send an email with <my-appliances> and ends with </my-appliances>.
to the person who handles the data from the online enquiry. That same directive matches up with the ‘myAppliances’
Sending the email is a detailed process. In this case, the directive in script.js. As you can see, the directive still uses
file post.php has a subject that will become the subject line the myApp naming convention, followed by the directive and
when the user receives the email. In addition to the subject, a function that returns a directive definition object.
it contains a from header. After that, you’ll see restrict: ‘E, which restricts its usage to
The actual mailing takes place with the mail function. In an element. In our case we want that to work when the
this case, it contains three parameters; $to, $subject, $content element is clicked.
and $headers. Each of those variables is named appropriately, The next step is the link function, which takes in $scope,
so you should have no confusion as to what they are. The element and attrs. For the purpose of the tutorial, let’s
simple email code block is printed below: concentrate on $scope. You may remember how we used
$to = “test@example.com”; $scope from the first tutorial. Well, since we are using
$subject = “From Website Form”; ‘ng-click’ when an image category is clicked, we definitely
$headers = “From: $email” . “\r\n”; want $scope again.
mail($to, $subject, $content, $headers); Now, let’s look near line 29 in gallery.php. Here you’ll see
After the email is sent, the line of code, $_SESSION = ng-click="showWashers()" . When this item is clicked, you
array() is used to nuke all session variables. can match it up with the $scope.showWashers function that’s
found in script.js.
Add an image gallery What a takes place next is some very basic JQuery
Now, it’s time to create a little eye candy. We’re adding a comprised of two simple lines of code for this function. The
gallery to this little project as it is so often a requirement for first line ensures that the classes .stove, .dishwasher, .
any website. Without some images to back up a product or microwave, .fridge are set to display:none, which means they
service, your viewers may move on. will be hidden from browser view.
The files that handle the gallery are pages/gallery.php At this point, you may be thinking—what do we mean by
and script.js. With Angular, you can use a JQuery plugin and classes? Did I miss something? Well, no. A class is an attribute
add the JQuery library by adding these files to the head of the that you can give to an element to distinguish it and apply
certain CSS styles to it. In this case, we add the washer class
to the, already existing, classes for the element.
The code below shows the markup code for the
The image has washing machine. Note: the washer class at the end of
a special anchor this list is classes.
tag(<a></
<div class="col-md-2 col-sm-6 col-xs-12 washer"
a>) and class
style="margin-top:20px">
that makes the
<a id="fancy” href="img/appliances/washer.
Fancybox plugin
come to life. On jpg"><img id="test" style="width:100%" ng-click="open_
click, the image fancybox()” class="img-responsive" id="myImg5" src="img/
pops up in a appliances/washer.jpg" alt="Fourth" ></a>
clean location. </div>
Did you miss the last issue? Head over to http://bit.ly/MFMissues now!
AngularJS
PHP flexibility
With AngularJS, especially for newcomers, many like <a href="#/contact"> to the actual PHP page. Without ng-app, no angular. Now, there’s no
of your usual repeat tasks can become more This means the new link will look like <a point in having Angular tags when the contact-
complicated to implement. Thus, if your files for target="_self” href="contact-us.php">. The target us.php file opens. At this point, you could easily
your application are PHP files, you have options is required. This a new workaround for the use the Google API for Captcha2:
to switch in and out of an Angular application. Angular route. But since the index.php page is <?php if (basename($_SERVER['SCRIPT_
To make this process simple, you can do a few an Angular app, you need to ‘deangularise’ it for NAME']) != 'contact-us.php'){?>
things. With our example, let’s say you have a the contact-us.php page. If the code (right) is <html ng-app="myApplication">
website and want to run Captcha2. The first step inserted into the top of the index.php page, the <?php } else{ ?>
you can take is to change a link in your main ng-app="myApplication” will not become part of <html>
menu, footer and wherever else from something the code when the contact-us.php is opened. <?php } ?>
forms, and a gallery. Although many barebones options exist,

you can easily beautify this code with free or commercial
templates. One such resource for free CSS templates is
www.free-css.com. Another popular commercial source is
https://themeforest.net.
Taking this project further

We’re in no way attempting to promote commercial
templates, but our opinion – based on extensive web
experience – is tht professional HTML/CSS templates go for
as little as $10-$20 and more often than not, the code will
Three identical columns are located side by side using work superbly, have good support and look top quality.
CSS Flexbox and Bootstrap in unity. This is simple starting Having gone the free road many times, we’ve found that you
point for your custom data. may find a bug shows up at the worst time, the code may be
adequate (but not top notch) and there won’t be any support.
With JQuery, you can add an action to multiple classes by In fact, even one hour of headaches with inferior code is – in
separating them with commas inside the selector, which is our opinion – far worse than paying for the best code in the
exactly as they are shown inside the function. After that first place.
function, a Jquery show() method is implemented to show When we want a modern style, we look for top reviews,
the washer and dryer classes. references, download statistics and various key features.
The example for the hiding and showing items in the Next, we tend to go bug hunting with different devices, such
categories is the same process for the other categories, as PCs, laptops, TV, iPad and smartphones. Once we’re
except that the scope is different and a different function is confident of the calibre of a particular product, we would
called. Last but not least, there’s one important difference: open this AngularJS application sample and move the new
the Jquery fadeIn() method is used to fade in the items over code in from the template and pull out the old.
a four-second interval. Essentially, we would need to completely redo index.php
Now, let’s cover the details for each category; again, using to use different CSS and JavaScript code. We would maintain
the category ‘Washers/Dryers’ as our reference. Let’s go the <div ng-view></div> and keep the same routes or make
straight to the washer as the Fancybox plugin works perfectly slight modifications. Then, test and test.
for these items. For the other items, you can simply make By keeping both the sample and new application open at
small code alterations to achieve the same effect as this will the same time, you can develop your new application and
help reinforce what is happening. reference the other application to make sure the new one
When an item is clicked, the open_fancybox() function is works as you would expect it to.
called. You can see where the nitty gritty takes place near line Well, there you go. You now have a slim, AngularJS app
210 in script.js where you’ll see the $scope.open_fancybox . that you can use to develop new, single-page applications in
Here is where the JQuery fancybox plugin makes it all happen. no time at all. The codebase is minimal so your development
The simple line below is all that’s required to make it work. will be easy. LXF
The selector a.fancy takes the link with the fancy class.
Then, the plugin takes over and places the contents on the
page with the Close button.
$("a.fancy").fancybox({
}); A simple
You can use the built-in settings or customise it to your contact form
needs. If you want to move on and customise it, more that can post
data and send
information is available http://fancybox.net/howto.
an email to the
Now that we’ve gone through a detailed description of
desired recipient.
how to add an image pop up plugin, you can follow this
The form has
approach for other JQuery plugins that exist out there, for validation
example Owl Carousel. requirements
So far, this exercise has covered how to build a single-page and is submitted
application using AngularJS with standard Bootstrap files, on a click.

Python
Tutorial Python Learn how to code your
Xxxx
own version of the wc utility
Python: Code
a system tool
Mihalis Tsoukalos shows you how you can develop a handy system tool for
accessing text file information in Python 3 that will make your life easier.
T
he subject of this tutorial is programming the famous As wc has to count the number of words per line and not
wc command line utility in Python 3. This utility is a process them, you can use the following code instead:
relatively simple tool with only three main command nWords = len(line.split())
line switches, which we’ll also implement here. In other words, The split() method separates the words of a line and the
when you implement such a famous utility, it’s easy to decide len() method returns the number of words returned by
what you want to support, so you don’t have to think a lot split() . Last, you can process a text file character by
Our
expert about the features your program will have.
One of the oldest Unix command-line utilities, wc, which is
character using this Python 3 code:
f = open(filename, ‘r')
Mihalis short for word count, enables you to quickly find out for word in f.read().split():
Tsoukalos
(@mactsouk) has information about a text file. The wc utility does various things for ch in word:
an M.Sc. in IT from such as counting the words, lines and characters of its input, print(ch)
UCL and a B.Sc. which is usually one or more plain text files. Before you write However, in order to count the number of characters a line
in Mathematics,
which makes him in: We know the more recent GNU wc utility has more options has you don’t need to process each line character by
a DB-admining, than the original wc implementation. character, which would be too slow, you just have to count its
software-coding,
length using the len() function.
Unix-using,
mathematical Reading text files
machine. You can
reach him at www.
The most important task of the implementation is being able Creating wc
mtsoukalos.eu. to read a text file. The most convenient way to read the file is By combining the previous code, we can come up with a
line by line and process each line individually. The following program that implements the central functionality of wc,
Python 3 code show you how to do this and opens a file and which is character, word and line counting. This script will be
processes a text file line by line: called count3.py:
f = open(filename,'r') #!/usr/bin/env python3
for line in f:
line = line.rstrip() import os
print(line) import sys
The rstrip() function is called in order to remove the new
line character that’s present at the end of each line. So far if len(sys.argv) >= 2:
then, you know how to read a text file line by line, which solves filename = str(sys.argv[1])
Quick the problem of counting the lines of a text file. The following else:
tip program, saved as countLines.py, implements this print('Not enough arguments!')
You can grab the
functionality: sys.exit(0)
code pack for this #!/usr/bin/env python3 nLines = 0
tutorial from: www. nWords = 0
linuxformat.com/ import os nChars = 0
files/code/tms16.
import sys f = open(filename,‘r')
code.zip
for line in f:
filename = str(sys.argv[1]) nLines = nLines + 1
nLines = 0 nChars = nChars + len(line)
f = open(filename,‘r') nWords = nWords + len(line.split())
for line in f:
nLines = nLines + 1 print('Lines:’, nLines, ‘Words:’, nWords, ‘Chars:’, nChars)
print(nLines) Executing count3.py file generates the following kind
You can also process a text file word by word using the of output:
following technique: $ ./count3.py count3.py
f = open(filename, ‘r') Lines: 22 Words: 55 Chars: 385
for word in f.read().split(): $ wc count3.py
print(word) 22 55 385 count3.py

Python Tutorial
About standard input, output and error

Unix applies a concept of standard streams of data, which $ ./myWC.py < count3.py
means that each program automatically gets access to three 27 78 536
data streams: input, output and error. Note: This method doesn’t work with multiple files. But with
Each standard stream has a file descriptor associated with, this approach you can take advantage of standard input,
0, 1 and 2 respectively. A file descriptor is just a number used output and error as well as how to redirect standard error to
for referring to an open file. The following command shows how standard output and ignore the standard error output entirely
to use a single file as an input to another file: with a redirection.
The second command uses wc to verify that the count3. nWords = nWords + len(line.split())
py script works correctly and remember: always test your Quick
code! By testing your code when learning how to program print('Lines:', nLines, 'Words:', nWords, 'Chars:', nChars) tip
you can gain a better understanding of how the code works. All of the work here is done by declaring the filename as A very good Python
If there is an error with your programming (and let’s face it— None , which is a special value in the Python language that 3 book is Dive Into
at some point there will be especially when you’re starting means that the filename variable has no value. Next you use Python 3, which
also be found online
out) then it’s better to catch those errors early. The next sys.stdin to read from standard input as if it was a regular
at http://www.
section will make the code of count3.py even better. file. Now, you can use count3.py in two new ways (although diveintopython3.
the old one still works): net. Two other
Reading from standard input $ cat count3.py | ./count3.py useful books
for experienced
The wc utility can get its input from standard input. Therefore, Lines: 27 Words: 78 Chars: 536
developers are
you will need to learn how to do the same in Python 3. But, $ ./count3.py Fluent Python by
when do you need to read from standard input? The following 1234 Luciano Ramalho
script will read from standard input when there’s no filename Lines: 1 Words: 1 Chars: 5 and Effective
given as a command line argument. $ ./count3.py count3.py Python by Brett
Slatkin. Although
The other command line options will still be valid and Lines: 27 Words: 78 Chars: 536
reading books is
working if they are present. The two simplest ways to create a $ cat count3.py count3.py | ./count3.py very useful, nothing
pipe and pass the output of the first program to wc are to use Lines: 54 Words: 156 Chars: 1072 beats practice!
the following: Here we can see that the last command we ran proves
$ cat aTextFile | wc that count3.py can even accept multiple files in the standard
$ ls | wc input. However, count3.py will not read from standard input
Currently, if you try to execute the next command, you will if it has a file to process, even if the filename doesn’t exist:
get an error message: $ cat myWC.py | ./count3.py count3.py
$ cat count3.py | ./count3.py Lines: 27 Words: 78 Chars: 536
Not enough arguments! $ wc myWC.py
An improved version of count3.py implements the desired 37 99 753 myWC.py
functionality: $ cat myWC.py | ./count3.py count3
#!/usr/bin/env python3 Traceback (most recent call last):
File "./count3.py”, line 21, in <module>
import os f = open(filename,‘r')
import sys FileNotFoundError: [Errno 2] No such file or directory: Quick
if len(sys.argv) >= 2: ‘count3’ tip
filename = str(sys.argv[1]) A program that’s
else: Command line arguments executed without
filename = None The original wc utility supports three main switches: -m for being compiled
counting characters only, -l for counting lines only and -w is usually called a
script. However,
nLines = 0 for counting words only. As a result, our implementation
code that needs
nWords = 0 should also support these three switches as well. Dealing with to be compiled
nChars = 0 more than two command line options without a module to before execution
help is silly. generates a
if filename == None: The next section of Python 3 code, which is saved as program. Just to
confuse things,
for line in sys.stdin: comLine.py, shows you how to deal with both command nowadays you can
nLines = nLines + 1 line options and switches with the help of a a very useful refer to a text file
nChars = nChars + len(line) module called argparse: with Python code
nWords = nWords + len(line.split()) #!/usr/bin/env python3 in it as both a script
and a program.
else:
f = open(filename,'r') import os
for line in f: import sys
nLines = nLines + 1 import argparse
nChars = nChars + len(line)
Want even more coding? Grab a bookazine at http://bit.ly/LXFspecial

Tutorial Python
parser = argparse.ArgumentParser() $ ./comLine.py 1 2 3 -l 12

parser.add_argument("-m", default = False, action="store_ usage: comLine.py [-h] [-m] [-l] [-w] [filenames [filenames ...]]
true", help="Counting Characters", required=False) comLine.py: error: unrecognized arguments: 12
parser.add_argument("-l", default = False, action="store_ Generally speaking, it’s better to include the switches first
true", help="Counting Lines", required=False) and then the filenames. You can also get help:
parser.add_argument("-w", default = False, action="store_ $ ./comLine.py -h
true", help="Counting Words", required=False) usage: comLine.py [-h] [-m] [-l] [-w] [filenames [filenames ...]]
parser.add_argument('filenames', default = None,
help="Filenames", nargs='*') positional arguments:
filenames Filenames
args = parser.parse_args()
if args.filenames == None: optional arguments:
print('No filenames given!') -h, --help show this help message and exit
else: -m Counting Characters
for f in args.filenames: -l Counting Lines
print(f) -w Counting Words
As you can see comLine.py works just fine, so we can
if args.m == True: continue with the actual Python 3 implementation. You can
print('-m is on!') find more information about argparse at https://docs.
else: python.org/3/library/argparse.html.
print('-m if off!')
The final version
if args.l == True: Once you’ve learnt all the previous things we’ve covered,
print('-l is on!') implementing wc in Python 3 should be relatively easy and
else: straightforward. Below, you’ll find the Python 3 code for our
print('-l if off!') version of wc, called myWC.py:
#!/usr/bin/env python3
if args.w == True:
print('-w is on!') import os
else: import sys
print('-w if off!') import argparse
The parser.add_argument() method adds a new switch
whereas, the args variable holds the values of the defined def count(filename):
switches. Executing comLine.py generates the following kind nLines = 0
of output: nWords = 0
$ ./comLine.py -l 1 nChars = 0
1 if filename == None:
-m if off! myText = sys.stdin.read()
-l is on! chars = len(myText)
-w if off! words = len(myText.split())
$ ./comLine.py -l -w lines = len(myText.split('\n'))
-m if off! return(lines-1, words, chars)
-l is on! else:
-w is on! f = open(filename,'r')
However, the next form will not work because it includes a for line in f:
switch and then a filename: nLines = nLines + 1
Processing command line arguments

When you execute a Linux command or a script #!/usr/bin/env python3 ‘2’, ‘-w']
you usually provide some text after the name of 1
the program, which are called command line import os 2
arguments, can be accessed in every import sys -w
programming language and Python 3 is no print('All arguments:’, str(sys.argv)) As you can see, the first print() command
exception. Traditionally, command line for i in sys.argv[1:]: displays all of the arguments, whereas the for
arguments on a UNIX system are stored using print(i) loop goes on to process all the arguments one
an array or a similar data structure—the first If you name the previous Python code as by one while ignoring the first one, which is the
element of the array, which has an index number aStrangeScriptName.py, make it executable name of the script.
of 0, is usually the name of the program itself! and run it, you will get the next output: However, as you saw in myWC.py, in the main
You can process command line arguments in $ ./aStrangeScriptName.py 1 2 -w tutorial, using a module such as argparse can
Python 3 as follows: All arguments: [’./aStrangeScriptName.py’, ‘1’, make your life a lot easier!
Improve your code skills Subscribe now at http://bit.ly/LinuxFormat

Python Tutorial
nChars = nChars + len(line) main()

nWords = nWords + len(line.split()) else: Quick
return(nLines, nWords, nChars) print("This is a standalone program not a tip
module!") A pipe is a handy
def main(): The code is pretty clear—most of it deals with printing the way for Unix
characters = 0 desired information according to the switches given. processes to
communicate with
words = 0 The core functionality of myWC.py, which is counting
others. When a pipe
lines = 0 characters, words and lines, needs less code than you might is used the output
totalC = 0 expect and is implemented easily enough inside the count() of a program
totalW = 0 function, which returns three values: number of characters, becomes the input
totalL = 0 number of words and number of lines. The rest of our of another program.
In order to create
nFiles = 0 homegrown wc utility is handled inside the main() function.
a pipe, you need to
toPrint = '' include a vertical
parser = argparse.ArgumentParser() Testing and benchmarking bar (|) between
parser.add_argument("-m", default = False, action="store_ No program is ready for use until it has been extensively two commands.
true", help="Counting Characters", required=False) tested it. The following tests will be performed in order to
parser.add_argument("-l", default = False, action="store_ make sure that myWC.py works as expected:
true", help="Counting Lines", required=False) $ ./myWC.py myWC.py
parser.add_argument("-w", default = False, action="store_ $ ./myWC.py myWC.py myWC.py
true", help="Counting Words", required=False) $ ./myWC.py myWC.py myWC.py | ./myWC.py
parser.add_argument('filenames', default = None, $ cat myWC.py | ./myWC.py -m -l
help="Filenames”", nargs='*') $ cat myWC.py myWC.py | ./myWC.py -l
args = parser.parse_args() $ ls | ./myWC.py
if args.filenames == []: Generally speaking, test cases can also be used for
(lines, words, characters) = count(None) learning how to use a new command.
if args.l == True: In order to have reliable benchmarks, you will need to
toPrint = '{:>10}'.format(lines) process big text files using both wc and myWC.py and find
if args.w == True: out which has the best performance.
toPrint = toPrint + '{:>10}'.format(words) This part of the tutorial will teach you how to create a new
if args.m == True: place where you can put your own Python 3 scripts and make
toPrint = toPrint + '{:>10}'.format(characters) them available from anywhere on your Linux system. You will
if args.m == False and args.w == False and args.l == want to do this in order to be able to find and execute them
False: from anywhere on your Linux system without the need to use
toPrint = '{:>10}'.format(lines) + '{:>10}'.format(words) their full path or put ‘./’ in front of them. As the default shell
+ '{:>8}'.format(characters) on Linux machines is Bash, this section will show you how to
if toPrint != '': change the PATH variable of the Bash shell; if you use a
print(toPrint) different shell you will need to make small changes to the
toPrint = '' presented commands that we’ve used.
else:
for f in args.filenames: Changing the PATH variable
nFiles = nFiles + 1 First, we need to check what the current definition of the
(lines, words, characters) = count(f) PATH variable is:
totalC = totalC + characters $ echo $PATH
totalW = totalW + words /usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
totalL = totalL + lines So, create a directory named bin inside your home
if args.l == True: directory and add its full path to the PATH variable:
toPrint = '{:>10}'.format(lines) $ mkdir ~/bin
if args.w == True: $ export PATH="$HOME/bin:$PATH”
toPrint = toPrint + '{:>10}'.format(words) $ echo $PATH
if args.m == True: /home/mtsouk/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/
toPrint = toPrint + '{:>10}'.format(characters) games:/usr/games
if args.m == False and args.w == False and args.l == Please note that the tilde (~) character is an alias for your
False: home directory. So, if your username is ‘python’, then your
toPrint = '{:>10}'.format(lines) + '{:>10}'. home directory will be most likely called /home/python,
format(words) + '{:>10}'.format(characters) which will also be the value of ~.
if toPrint != '': Next, put aScript.py inside the bin directory and use the
toPrint = toPrint + ' ' + '{:15}'.format(f) which command to find it:
print(toPrint) $ mv aScript.py ~/bin/
toPrint = '' $ which aScript.py
# Print totals /home/mtsouk/bin/aScript.py
if nFiles > 1: $ aScript.py
print('{:>10}'.format(totalL) + '{:>10}'.format(totalW) + If you want to make the changes to the PATH variable
'{:>10}'.format(totalC) + ' ' + '{:15}'.format('total')) permanent, you should edit ~/.profile or ~/.bashrc. If you
do not know how to do this, you should contact your local
if __name__ == '__main__': administrator for help. LXF

Got a question about open source? Whatever your level, email it to linuxformat@futurenet.com for a solution.
This month we
answer questions on:
1 Sending email 3 Opening VNC
automatically to the internet
2 Using the 4 Picking a distro
mKiosk extension 5 EFI bootloader
for a Firefox ★ Networking
info system Linux Kali
1 Automated email
Before I retired I worked in a
Microsoft environment. Using VBA, I
could control Outlook to send
emails as and when required at the touch of
You don’t need a GUI mailer to send emails with Linux.
a button. I now wish to replicate that under
Ubuntu 16.04—can this be achieved using
Thunderbird or some other email service The easiest way is with the mail program, a your mail. You can also send content directly
and maybe Gambas or C# on Mono? command line mailer. All you need to do is without creating an intermediate file
Mike Higgins create the email then feed it to mail e.g. $ echo "This is a test" | mail -s "A test mail"
Sending emails from the command $ mail -s "A test mail" me@example.com me@example.com
line with Linux is easy and doesn’t <mail.txt Whatever mail receives on standard input is
need a specific language or mailer. where the file mail.txt contains the body of used as the mail body, you can also add
headers with the -a option and extra cc and
Enter our competition bcc recipients with the -c and -b options
Win! respectively, e.g.:

$ cat mailbody | mail -a "X-Mailer: Hacky
Linux Format is way more copies than any Script 0.1" -b me@home -s "test" me@work
proud to produce other Linux mag in the UK. Any arguments that contain spaces must
the biggest and As we like giving things to our readers, each be quoted to avoid confusing the shell. There
best magazine that issue the Star Question will win a copy or are various other options documented in the
we can. A rough word count of LXF217 two of our amazing Guru Guides or Made man page but these are the main ones. Mail
showed it had 65,010 words. That’s a few Simple books – discover the full range at: needs a local email server running, which is
thousand more than Animal Farm and http://bit.ly/LXFspecials. traditional in the *nix world. The server receives
Kafka’s The Metamorphosis combined, but For a chance to win, email a question to the emails and sends them on to their
with way more Linux, coding and free lxf.answers@futurenet.com, or post it at destination. If you don’t have one installed, you
software (but hopefully less bugs). That’s as www.linuxformat.com/forums to seek can use a simply forwarding mail daemon,such
much as the competition, and as for the best, help from our very lively community. as nullmailer. This simply listens for local
well… that’s a subjective claim, but we do sell See page 94 for our star question. emails and forwards them on to your ISP’s mail
server. It should be in most distros’ software
repositories for installation in the usual way.
You then tell it where to send the mail by
editing, as root, the file /etc/nullmailer/
remotes. This can be as simple as one line:
mail.example.com smtp
This tells nullmailer to send all mail through
mail.example.com using the SMTP protocol
(the standard way of sending mail). Most mail
servers require authentication, so a more
useful example, for sending through a Gmail
account, is:
smtp.gmail.com smtp --user=you@gmail.com

Answers
input for a while and return to either a home how long the system should be idle for before
Terminals and page or a slideshow. Could I somehow use loading the default page, in seconds.
superusers the screensaver to run a command to load a
new page?
#!/bin/sh
MAX_IDLE=300
We often give a solution as commands to type in Liam Donnelly while true; do
a terminal. While it is usually possible to do the same
I have set up a system like this and let “CUR_IDLE = $(xprintidle) / 1000”
with a distro’s graphical tools, the differences between
these mean that such solutions are very specific. found a couple of ways of doing it. The if [[ $CUR_IDLE -lt $MAX_IDLE ]]; then
The terminal commands are more flexible and, most simplest is to use the mKiosk sleep $(( MAX_IDLE - CUR_IDLE ))
importantly, can be used with all distributions.
System configuration commands often have to
extension. The mKiosk add-on not only has an else
be run as the superuser, often called root. There are option to start the browser fullscreen, it can echo ‘window.location="file:///www/index.
two main ways of doing this depending on your distro. also jump to a specific page after a set period html"’ | netcat localhost 32000 &
Many, especially Ubuntu and its derivatives, prefix the
command with sudo , which asks for the user password of inactivity. There are several other options sleep $MAX_IDLE
and sets up root privileges for the duration of the you can use to run Firefox as you want. fi
command only. Other distros use su , which requires the
However, I found it didn’t quite suit my needs done
root password and gives full root access until you type
logout. If your distro uses su , run this once and then run and switched to using a couple of other The script runs forever, you could even
any given commands without the preceding sudo . extensions and a shell script. add a line at the top to start Firefox in the first
First, install the Run Fullscreen extension in place then run this script from the autostart
Firefox. This does exactly what it says and file or you could start Firefox independently, it
--pass=yourpassword --port=465 --auth-login causes Firefox to run in fullscreen mode. With is up to you.
--ssl only left-mouse button control offered by the
As the remotes file contains passwords, touchscreen, this means the browser is locked 3 VNC vs Firewall
it shouldn’t be readable by normal users. in fullscreen mode. I then used a script that In an old Linux Format Answers you
Editing as root should not change this but to be called xprintidle to reload the home page after had a FAQ about remote desktops.
on the safe side run: five minutes of idle. The reload command is The question was about connecting
$ chmod 600 /etc/nullmailer/remotes sent via the remote control extension from from a work computer to a remote home
You can also edit the other files in /etc/ https://addons.mozilla.org/en-GB/firefox/ computer. I assume the home machine is
nullmailer but this is not essential. The man addon/remote-control. The remote control probably behind a router with a firewall?
page has all the details. extension allows you to send JavaScript So doesn't he need to open a port in this
This is the easy way to send mail from a commands with telnet or netcat. By default, it firewall at home before he can connect? Is
terminal or script. If you want to do it from a only listens on localhost, using port 32000, this risky? Which port is used for VNC?
‘proper’ programming language, most of them which can be changed in the preferences. To David Hignett
have modules or libraries to handle sending force loading of a local page, you would use A home computer behind a router is
mail, for example Python has smtplib, which something like inaccessible from outside by default.
does the job with ease. echo 'window.location="file:///www/index. It’s not just a firewall, Network Address
html"' | netcat localhost 32000 & Translation (NAT) on the router means that the
2 Touchy Firefox All that remains is to run a script that external IP address only gets as far as the
I am trying to build an information checks how long the system has been idle, router. You need to set up port forwarding on
system using a Raspberry Pi running using xprintidle . This command prints the the router to forward specific ports from the
Raspbian and a touch screen. I number of milliseconds since the last input Internet to a specific computer. In the case of
thought I could drive everything from Firefox event, which is a little too precise for this VNC, the default address uses port 5900.
running in fullscreen mode and displaying application so we divide it by 1,000. Then we However, this is considered a security risk and
everything in HTML. I have some recollection compare that with the limit we have set, if the will open you up to all sorts of attacks from
of a kiosk mode option, but I can’t find it. limit is exceeded we force a page load. If not, people trying to find vulnerabilities in the VNC
Can I do what I want? If so, how? we work out how long is left and set it to go to software. A safer approach is to use a VPN
The other thing that would be useful is to sleep for that time before checking again. The (Virtual Private Network) which creates an
be able to know when there has been no full script is below, the MAX_IDLE setting is encrypted tunnel through which the remote
A quick reference to...

Dealing with random crashes Because such problems can be transient,
there is a chance of faulty memory passing
N
othing is more infuriating than reliably on battery power alone, look for a on a single run, so let it run for at least two
random crashes of a computer. If replacement battery. The other common passes and preferably overnight.
a crash is reproducible, you have culprit is faulty memory. Not all of it, just a If neither of these show anything, you
somewhere to start looking, but if it few bytes. Testing memory on a running may have a problem with some core
happens at any time and using any software, system is unreliable as you can't test software. If you use a popular distro, that is
where do you look? If it happens regardless anything the system needs, so use unlikely without others also being affected.
of the software you are using, it may be a Memtest86+. This is a bootable system that One other possibility is a dirty mains supply;
hardware problem. uses minimal RAM for itself, leaving the rest voltage spikes or drops can trigger a reboot.
If you have a spare PSU, try swapping available for testing. Memtest86+ runs a Some sort of power smoothing, such as a
that. If it’s a laptop, the battery may be on comprehensive series of tests and takes a UPS (Uninterruptible Power Supply) can
the way out. If the computer doesn’t run while to run, but even that's not enough. eradicate such issues.

Answers
computer becomes a part of the home

network We've covered this in the past, but it
can be a little tricky to set up. Fortunately, there
is now a simpler alternative in the form of the
ZeroTier service. This allows you to create a
virtual network in your web browser. The first
step is to go to www.zerotier.com and install
the software on both computers. Next, create a
network, which you do from the website. This
has a 16-character ID, used to add computers
to the network. On each computer, run
$ sudo zerotier-cli join ID
You don’t want anyone to be able to
ZeroTier is a safe yet simple option for connecting to your computers remotely.
connect to your network, so you need to go
back to the web control panel at https:// You really are asking for an estimate of supported until April 2021. Ubuntu provide live
myzerotier.com, go to your network and tick the length of a piece of string here! DVDs, where the operating system boots and
the Auth box for each computer. Now each You are asking for two things here; runs from a DVD without having to install
computer has a new IP address that can only stability, which applies to most distros, and anything. This means you can try it out to see if
be accessed by other authorised computers on long term support. I would say there are two it suits you before proceeding to install it to
your network. All traffic is encrypted and goes main candidates, Debian and Ubuntu, although your computer for permanent access.
directly between your computers and the other options could be considered. Debian is One of the things that can confuse Windows
software only connects to the zeroTier server renowned for its stability, at the expense of not users new to Linux (there are several) is the
to get the location of the other computer. having the latest versions of software, and each variety of desktops. With Windows you get the
Unlike a VPN, ZeroTier creates a new release is well supported for years. There is a default whereas Linux distros offer a number of
private network rather than joining a computer reason it is the preferred distro for many different desktop environments. Last month’s
to an existing network, so you need to add internet servers, where long term stability is LXFDVD contained a version of Ubuntu 16.10
each computer separately. Apart from that, it's paramount. However, there is another with six different desktops available, so you
a simple way of safely accessing a computer requirement implied by your question, that it could use that to experiment and decide what
from afar, and it works with mobile devices too. should be easy to use by someone not used to you prefer. Ubuntu 16.10 isn't an LTS release, so
Linux. Ubuntu may fare better for you in that you would need to install 16.04 and use its
4 Stable Linux for all regard. Ubuntu is derived from Debian, but with software manager to install the relevant
Please help me to find a stable Linux its own infrastructure. Look for the LTS (Long desktop— the instructions for this in last
distro for a desktop/laptop/ Term Support) releases, they are supported for month’s magazine apply equally to 16.04.
notebook that's valid for next two five years while the interim versions have a Once you have picked a distro to install,
years to replace Windows? lifespan of only nine months. The most recent stick with it. Switching to a different distro each
Mohee Jarada Ubuntu LTS release is 16.04, which will be time you find something you're not keen on
Star
Question Winner! This month’s winner is Paul Fawbert. Get in touch with us to claim your glittering prize!
★ Kali conundrum $ sudo apt-get install firmware-b43-installer Not "repositorie" but it isn't installed by
I am having problems trying to get a You do not state which year of Apple default on Ubuntu-derived distros. You can
Kali Linux and Mac OS X dual boot MacBook this is, but that package should work install it with:
on my friend’s MacBook as when I for most Broadcom BCM controllers, as used $ sudo apt-get install python-software-
installed Linux there was no Wi-Fi chip found. by the MacBook and many others. If after properties
I did some research and found it was a rebooting, the wireless connection is still not It is also possible to add repositories by
common problem. I managed to get a USB available, you may need to use the broadcom- editing /etc/apt/sources.list; add-apt-
to Ethernet working with the internet, but sta package instead. To switch to that run repository is a convenience function, usually
when I use apt-get install Thenameofthedrive $ sudo apt-get remove firmware-b43-installer used for adding PPAs to sources.list. Kali
it says 'package not found' and the same $ sudo apt-get install broadcom-sta advise against adding extra repositories,
error occurs when I try installing different Having both installed can potentially cause warning that it could break the distro, it has a
applications that had worked for me conflicts so it's safest to try one at a time. It is a list of recommended repos at http://docs.
previously. A bit more research later I found bit chicken and egg when you need a network kali.org/general-use/kali-linux-sources-
that adding some repositories might help connection to install a network driver, but you list-repositories. Distros go to a lot of
but using apt-add-repositorie/s , it says managed to neatly sidestep that with your use trouble to make sure that all the software
'command not found'. of a USB Ethernet adaptor. they provide plays nicely together, adding
Paul Fawbert, 12 and a junior pen tester The apt-get utility needs the precise name random PPAs breaks this cycle of QA testing,
The wireless network adaptor in the of the package to install, although it can offer introducing untested software into the mix.
MacBook Pro is not supported by some guesses if the name is almost right. If This is particularly risky on a distro like Kali,
Linux without additional firmware. you are unsure, use the search option first where security is of utmost importance.
This is not included with the Linux distribution $ sudo apt-cache search search_term Don’t let your first stumbles put you off, it is
for licensing reasons but can easily be added The command to add a repository is: great to see someone so young trying Linux
with the command: add-apt-repository and thinking of original solutions.

Answers
Help us to help you

may seem a good thing, but you learn little. It is
better to persevere with your choice and gain
some experience of working with it before
We receive several questions each month that we are
looking at something else. Finally, there are no unable to answer, because they give insufficient detail
bad distros out there, they are different from about the problem. In order to give the best answers to
your questions, we need to know as much as possible.
one another, not better than each other, If you get an error message, please tell us the
whatever you choose will be a rewarding exact message and precisely what you did to invoke it.
experience once you get the hang of it. Just If you have a hardware problem, let us know about the
hardware. If Linux is already running, use the Hardinfo
remember that Linux isn't Windows: things are program (https://github.com/lpereira/hardinfo) that
done differently and don’t be afraid to ask for gives a full report on your hardware and system as an
HTML file you can send us.
help. Linux users are a friendly and helpful
Alternatively, the output from lshw is just as useful
bunch in general. (http://ezix.org/project/wiki/HardwareLiSter).
One or both of these should be in your distro’s
rEFInd is a UEFI boot manager that isn’t
5 Gummiboot gone tied to any controversial Linux software.
repositories. If you are unwilling, or unable, to install
these, run the following commands in a root terminal
I started using the Gummiboot boot and attach the system.txt file to your email. This will
manager on my UEFI computer. manager, such as rEFInd (www.rodsbooks. still be a great help in diagnosing your problem.
uname -a >system.txt
However, this has now been com/refind). With UEFI, the kernel itself lspci >>system.txt
assimilated into the systemd collective, becomes the bootloader, so programs like lspci -vv >>system.txt
which I have no desire to install on any of my Gummiboot and rEFInd only need to manage
hardware. That was fine as long as it was still the options without the complexities of a full
available separately too, but that's no longer bootloader like GRUB.
the case. I have two questions for you. First, UEFI computers provide their own boot There are two configuration files that
is it possible to continue using Gummiboot menu that can be used as a very basic boot control rEFInd’s behaviour. The main one is at
without systemd? Second, if not, what manager, or it can be used to choose one, so EFI/refind/refind.conf and is heavily
alternatives are there? installing rEFInd alongside Gummiboot isn't commented. The options here mainly control
Anthony Williamson only possible, it's recommended as that gives the appearance and behaviour of the menu.
Gummiboot will continue to work for you a fallback while getting used to rEFInd. The other file is /boot/refind_linux.conf that
you. It has a simple job, to present you The web page includes installation contains the kernel options for the Linux menu
with a list of kernels or OSes to boot. instructions but most distros now have rEFInd entries. This was created by refind-install using
The job doesn’t change so you can continue to in their repos. After installing, run your existing boot options and is used
use it. The only concern is if a security $ sudo refind-install whenever booting a Linux kernel.
vulnerability is found, as Gummiboot is This installs it to the UEFI partition and sets You can create manual configurations but
unmaintained it will not be fixed. It's possible to it as the default bootloader. It also retrieves the this is generally unnecessary, the auto-
extract the boot manager from systemd and options used to boot the running system and detection is good. That also means that you
install that without using systemd itself, adds them to the configuration. You can now don't need to run anything after adding or
although this may not always be possible. reboot and try it, knowing that if anything goes removing a kernel, rEFInd picks up changes
Another alternative is to switch to a different wrong you still have Gummiboot. automatically, unlike Gummiboot or GRUB. LXF
Frequently asked questions…
Reset Well, no we don’t. Linux has a little

magic in the kernel, whenever you
mode, E sends a TERM signal to all
processes and I sends a KILL
very silly. You could use Reboot
Even If System Utterly Broken,
press Alt, the SysRq key and a signal. Don’t use these two from a which is quite appropriate, or
Why do computers have reset command key, the kernel will remote session as they will kill the remember that it is BUSIER
buttons? always respond to that command, network connection. S syncs all spelled backwards.
Because they come with Microsoft unless it is completely locked up. mounted filesystems, that is it
Windows operating systems. Because this is a function of the writes all cached data to the disks That’s fine if I have access to a
kernel, it works as soon as the immediately. U unmounts all keyboard on the computer, but
That joke is so old I first heard kernel is loaded, so you can use it mounted filesystems, then what if it is remote or headless?
it from a Stegosaurus. Are you during the boot process. remounts them as read-only. The You can also run the magic
saying that Linux programs last two operations ensure that the commands like this
never crash? I don’t have a SysRq key, what contents of your disks are echo s >/proc/sysrq-trigger
The Linux kernel is very stable and do I do? correctly written and cannot be Providing you are able to shell
application crashes usually don't The SysRq key is also used for corrupted. That makes it safe to into the computer, you can sync
affect the rest of the system by Print Screen, it can be marked as press the third command key, B and shutdown.
much. But occasionally a rogue either, or both. for reboot, which reboots the
process will muck things up, using system immediately. Because your Are there other keys and
up all your CPU or RAM (or both) What are these command keys disks are synced you’ll see no commands I can use?
and requiring a reset. Or a kernel I can use? warnings when you reboot and You can find a full list and lots of
panic will stop the boot process There are several command keys there’ll be no need to run fsck. other useful details in the kernel
dead in its tracks. to perform various operations, but documentation at /usr/src/
the most useful ones are R, E, I, S, How am I supposed to linux/Documentation/sysrq.txt,
So we still need the dreaded U and B, pressed in that order. R remember that sequence? or www.mjmwired.net/kernel/
reset button, don’t we? resets the keyboard driver to raw There are various acronyms, some Documentation/sysrq.txt.

On the disc
Distros, apps, games, books, miscellany and more…
The best of the internet, crammed into a phantom-zone like 4GB DVD.
Community favourite 64-bit

Distros
A
t first
glance,
Linux Mint
and Scientific Linux would not
Mint 18.1 Cinnamon
appear to have much in common, We have two quite contrasting distros on the
but that’s not the case. Both are LXFDVD this month. While Scientific Linux has its
based on commercially supported roots in the scientific community, Linux Mint
distros and both are community started as a respin of a desktop distro aimed
developments. These are mainly at home users.
important points. We have Outside of the major and professionally backed
companies such as Canonical and distros, Linux Mint is one of the most popular,
Red Hat taking free software and
although it is difficult to measure user numbers
turning it into a commercial
with free software. Mint is available with a number
product, but in turn they have, and
of different desktops but the two it’s known for, and
choose, to give their changes back
a substantial part of the reasons for its success, are
to the free software ecosystem.
Cinnamon and MATE. Both take the familiar GTK
Then one of the great advantages
of the free software and open 2/GNOME 2 desktop as used by Ubuntu before the
introduction of Unity (was there every a software You can install MATE on the 64 bit version, or
source environments comes into vice-versa, by slecting a single package to install.
play: the idea of community. name that proved to be so inappropriate with
With our communities there’s hindsight?) and modernise it.
no divide between a software Of the two, Cinnamon is the most modern and, MATE to an installed system from the Cinnamon
vendor and its user, anyone can because of its use of hardware graphics version, you only have to install the mint-meta-
use the software and anyone can acceleration, the more demanding of the two. mate package, which will download and install all
submit changes to it; the lines That isn’t to say that Cinnamon is a heavyweight, of the software required to use the MATE desktop.
between user and developer it isn’t, but it runs best on relatively modern Once installed, you only need to log out and you
become blurred allowing people to hardware, although cutting edge gaming rigs are can pick MATE at the next login. Unlike with a live
move between the two roles with certainly not necessary, which is why we have CD, the installed distro will remember your choice
ease. If you consider yourself only included the 64 bit version here. until you change it again. You can also set the
a user of a distro, try to give back That’s not to say that you cannot run Cinnamon default desktop in System Settings > Login
a little. A bug report or feature on a 32-bit system, or MATE on a 64-bit computer Window > Options.
request is a start, or helping (where it will really fly). If you want to try MATE Linux Mint is still heavily based on Ubuntu,
someone else to overcome a you can simply choose the 32-bit MATE option with the main exception of the desktops, so
problem you have dealt with.
when booting from the DVD. If you want to add updates follow Ubuntu. This means that you get all
While all projects welcome code
the security
patches that’s not
updates that
the only way to
Ubuntu users
become involved
get, but not
and help your
favourite necessarily the
software grow. relatively short
lifespan of the
non-LTS Ubuntu
distros. The
Important version we have
NOtICe!
here, 18.1
(codenamed
Serena) is a long
Defective discs term support
For basic help on running the disc or in the release (LTS),
unlikely event of your Linux Format supported until
coverdisc being in any way defective,
April 2021.
please visit our support site at:
www.linuxformat.com/dvdsupport The Login
Unfortunately, we are unable to offer details: username
advice on using the applications, your mint, and the
hardware or the operating system itself.
password is blank.

New to Linux?
Start here
What is Linux? How do I install it?
Is there an equivalent of MS Office?
What’s this command line all about? Are you reading
How do I install software? this on a tablet?
Download your DVD from
Open Index.html on the disc to find out www.linuxformat.com
Lightweight edition 32-bit

And more!
Mint 18.1 MATE System tools
Essentials
Checkinstall Install tarballs with your
package manager.
This is the 32-bit version of Linux Mint with the
Coreutils The basic utilities that should
less demanding MATE desktop. It may be less
exist on every operating system.
demanding but it is no less functional and provides
HardInfo A system benchmarking tool.
a similar experience to the classic Ubuntu/GNOME
Kernel Source code for the latest stable
2 desktop. That is not to say that this is a distro only
kernel release, should you need it.
for old hardware; MATE works very well on modern
Memtest86+ Check for faulty memory.
systems, and is extremely fast on them thanks to
Plop A simple manager for booting
its light weight design. MATE is a good choice for
OSes, from CD, DVD and USB.
those that want their computer hardware to do
RawWrite Create boot floppy disks
computing rather than fancy desktop effects, while under MS-DOS in Windows.
avoiding the slightly older and cut down feel of the Smart Boot Manager An OS-agnostic
likes of LXDE. The Login details are: manager with an easy-to-use interface.
username mint and the password is blank. WvDial Connect with a dial-up modem.
Not just for the lab coats Reading matter

64-bit Bookshelf
Scientific Linux 7.3

Advanced Bash-Scripting Guide
Go further with shell scripting.
Bash Guide for Beginners Get to grips
with Bash scripting.
It may surprise some of you to hear that not many Bourne Shell Scripting Guide
distro that comes with all the backing and support Get started with shell scripting.
of our readers are high-energy physicists (or high of the friendly giant Red Hat, inc and a price tag to
The Cathedral and the Bazaar Eric S
energy anything for that matter), so why are we match. While RHEL is commercial, it is still open Raymond’s classic text explaining the
including a distro called Scientific Linux on the source so other distros can be built on it, and this is advantages of open development.
cover disc this month? Despite the name, and what the (extremely) clever folks at Fermi National The Debian Administrator’s Handbook
the birthplace, of this distro, it is a good general- Accelerator Laboratory have done. An essential guide for sysadmins.
purpose desktop distro. That’s hardly surprising as The result of their work is a rock solid general- Introduction to Linux A handy guide
it is based on Red Hat Enterprise Linux (RHEL), a purpose distro with a focus on stability rather full of pointers for new Linux users.
than supplying Linux Dictionary The A-Z of everything
cutting edge to do with Linux.
versions of Linux Kernel in a Nutshell An

introduction to the kernel written by
software. If you
master hacker Greg Kroah-Hartman.
are looking to
The Linux System Administrator’s
gain experience Guide Take control of your system.
of the type of
Tools Summary A complete overview
Linux used in of GNU tools.
business, whether
to enhance
your career
prospects or out
of plain curiosity,
Scientific Linux is
a good choice of
learning platform.
Login details:
username
liveuser and the
password is blank.

Future Publishing, Quay House,
The Ambury, Bath, BA1 1UA
Tel 01225 442244
Email linuxformat@futurenet.com
EDITORIAL
Editor Neil Mohr
neil.mohr@futurenet.com
Technical editor Jonni Bidwell
jonni.bidwell@futurenet.com
Operations editor Chris ‘Linux User’ Thornett
chris.thornett@futurenet.com
Art editor Efrain Hernandez-Mendoza
efrain.hernandez-mendoza@futurenet.com
Editorial contributors Neil Bothwick, Jolyon Brown,
Sean Conway, Kent Elchuk, Matthew Hanson,
Jeremy Laird, Les Pounder, Mayank Sharma,
Mats Tage Axelsson, Alexander Tolstoy,
Mihalis Tsoukalos, Jarred Walton
Cover illustration magictorch.com
Cartoons Shane Collinge
ADvERTIsIng
AMD Commercial sales director Clare Dove

clare.dove@futurenet.com
Ryzen
Senior advertising manager Lara Jaggon
lara.jaggon@futurenet.com
Advertising manager Michael Pyatt
michael.pyatt@futurenet.com
Director of agency sales Matt Downs
all the details matt.downs@futurenet.com
Ad director – Technology John Burke
on the Intel john.burke@futurenet.com

Head of strategic partnerships Clare Jonik
clare.jonik@futurenet.com
CPU killer
LXF 223 MARkETIng
Marketing manager Richard Stephens
richard.stephens@futurenet.com
will be on sa
le PRODucTIOn AnD DIsTRIbuTIOn
Tuesday Production controller Nola Cokely
Head of production UK & US Mark Constance
building better
Distributed by Marketforce, 2nd Floor, 5 Churchill
11 April 2017 Place, Canary Wharf, London, E14 5HU
LIcEnsIng
Senior Licensing & Syndication Manager Matt Ellis
IoT Pi Zero W
matt.ellis@futurenet.com Tel + 44 (0)1225 442244
cIRcuLATIOn
Trade marketing manager Juliette Winyard
Tel 07551 150 984
subscRIPTIOns & bAck IssuEs

UK reader order line & enquiries 0344 848 2852
Pop on your maker hat, it’s time to combine Linux, Overseas order line & enquiries +44 344 848 2852
Online enquiries www.myfavouritemagazines.co.uk
Python and the new Pi to create secure IoT devices! Email linuxformat@myfavouritemagazines.co.uk
ThE MAnAgEMEnT
Creative director, Magazines Aaron Asadi
What happened to Blu-ray?

Editorial director Paul Newman
Senior art editor Jo Gulliver
LINUX is a trademark of Linus Torvalds, GNU/Linux is abbreviated to Linux
throughout for brevity. All other trademarks are the property of their respective
The digital download revolution is the obvious answer,
owners. Where applicable code printed in this magazine is licensed under the GNU
GPL v2 or later. See www.gnu.org/copyleft/gpl.html.
Copyright © 2017 Future Publishing Ltd. No part of this publication may be
but let’s explore playing Blu-ray discs on Linux.
reproduced without written permission from our publisher. We assume all letters
sent – by email, fax or post – are for publication unless otherwise stated, and reserve
the right to edit contributions. All contributions to Linux Format are submitted and
accepted on the basis of non-exclusive worldwide licence to publish or license others
to do so unless otherwise agreed in advance in writing. Linux Format recognises all
copyrights in this issue. Where possible, we have acknowledged the copyright holder.
Contact us if we haven’t credited your copyright and we will always correct any
Android Studio
oversight. We cannot be held responsible for mistakes or misprints.
All DVD demos and reader submissions are supplied to us on the assumption they
can be incorporated into a future covermounted DVD, unless stated to the contrary.
Disclaimer All tips in this magazine are used at your own risk. We accept no liability
for any loss of data or damage to your computer, peripherals or software through
Get a leg up with Android app development building a
the use of any tips or advice.
Printed in the UK by William Gibbons on behalf of Future.
base Android development environment.
Future is an award-winning international media
group and leading digital business. We reach more
than 57 million international consumers a month
Open source CAD

and create world-class content and advertising
solutions for passionate consumers online, on tablet
& smartphone and in print.
Future plc is a public Chief executive officer Zillah Byng-Thorne

company quoted Non-executive chairman Peter Allen
With the Maker revolution here everyone needs decent on the London
Stock Exchange
Chief financial officer Penny Ladkin-Brand
Creative director, Magazines Aaron Asadi
CAD software, we explore what FOSS has to offer.
(symbol: FUTR). Tel +44 (0)1225 442 244
www.futureplc.com
We are committed to only using magazine paper which is

derived from well-managed, certified forestry and chlorine-
free manufacture. Future Publishing and its paper suppliers
have been independently certified in accordance with the rules
of the FSC (Forest Stewardship Council).
Contents of future issues subject to change – we might be too busy innocently joining Russian botnets.

9000
9012

Linux Format - April 2017

Uploaded by

Copyright:

Available Formats

Linux Format - April 2017

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Linux Format - April 2017

Uploaded by

Copyright:

Available Formats

REVIEWED: Pi comPutE moDulE 3

Harness the full power of the command line

Get into Linux today!

Subscribe & save!

www.techradar.com/pro April 2017 LXF222 3

The Pentium name has been reborn

Dirt Rally ........................... 20

4 LXF222 April 2017 www.linuxformat.com

Mint 18.1 MATE 32-bit

Scientific Linux 7 64-bit

Only the best distros every month

Compute Module 3 .............. 59

Build a Pi web server ........... 62

Coding Academy Tutorials

Build the wc command ....... 88 Windows

www.techradar.com/pro April 2017 LXF222 5

Open sOurce Outrage

Munich may drop Linux

6 LXF222 April 2017 www.linuxformat.com

Microarchitecture drop everything you need to build it yourself

www.techradar.com/pro April 2017 LXF222 7

8 LXF222 April 2017 www.linuxformat.com

www.techradar.com/pro April 2017 LXF222 9

Find and join a LUG Makefest returns

Community events news

10 LXF222 April 2017 www.linuxformat.com

12 LXF222 April 2017 www.linuxformat.com

www.techradar.com/pro April 2017 LXF222 13

Intel Pentium G4600

Intel Core i3 7350K

16 LXF222 April 2017 www.linuxformat.com

www.techradar.com/pro April 2017 LXF222 17

18 LXF222 April 2017 www.linuxformat.com

www.techradar.com/pro April 2017 LXF222 19

20 LXF222 April 2017 www.linuxformat.com

Life’s better with t3

Every month we compare tons

P “Crafted specifically to equip you

22 LXF222 April 2017 www.linuxformat.com

www.techradar.com/pro April 2017 LXF222 23

Linux Kodachi HHHHH

Documentation & support

24 LXF222 April 2017 www.linuxformat.com

Trusted End Node Security HHHHH

www.techradar.com/pro April 2017 LXF222 25

26 LXF222 April 2017 www.linuxformat.com

1st Linux Kodachi HHHHH 4th Whonix HHHHH

2nd Subgraph OS HHHHH 5th TENS HHHHH

3rd Tails HHHHHHHH Over to you...

www.techradar.com/pro April 2017 LXF222 27

Get into Linux today!

Choose the perfect package for you!

Only £14 Only £11.25

28 LXF222 April 2017 www.linuxformat.com

Subscribe online today…

www.techradar.com/pro April 2017 LXF222 29

Journey, you must, into the

30 LXF222 April 2017 www.linuxformat.com

Easing into a CLI