Vous êtes sur la page 1sur 100


om d
fr loa
D wn
DV o

e /d
th m
of .co
EE 3.1 ore
O at
e rm
FR E 1 + m
th xfo
et nu
*G w.li
URnSU .8.8
YO e 0
Op aro


Roundup: OwnCloud vs the world


Expand the
Raspberry Pi

Control lights, motors and

more with our guide p46

1 for Free Software

Extra strong

Mint 16
All hail the freshest release of
the most popular Linux distro
The must-have Cinnamon 2 desktop
From zero to hero, the community wins
Mint 17: what to expect next
8 pages of getting started guides

Scratch Creating games p84

Squeak Object orientated p88


Speak to your


Also inside

We investigate gender inequality

in Linux and what the community
is doing to bridge the gap p50

OwnCloud 6

Fruit flies and Shim


Microsoft isnt able to

force Secure Boot on the
server market, which is a relief

Join the biggest open map in the

world and create your own p76

All-new document collaboration

discover how it works p68

Host the fastest sites in the West p80



Raspberry Pi


Nmap probing


Host your own sites

even on a Raspberry Pi

Probe remote sites and

reveal their inner workings

Control fans, lights and

much more with your Pi


Matthew Garrett on the cloud and booting p42

Build static websites





1 for Free Software

What we do
We support the open source community
by providing a resource of information, and
a forum for debate.
We help all readers get more from Linux with our
tutorials section weve something for everyone!
We license all the source code we print in our
tutorials section under the GNU GPLv3.
We give you the most accurate, unbiased and
up-to-date information on all things Linux.

Who we are
In this issue we look at open source mapping
project OpenStreetMap. We asked our contributors
what kind of map they would like to make.

Chris Thornett
Id add a GPS
device to my
special mug, then
plot its movements
across the office.

Matt Hanson
Last year I mapped
the cycle route
from Bath to
festival with pubs

Efrain HernandezMendoza
Maps are for wimps.
Real men navigate
by the stars and
their sense of
smell alone.

Les Pounder
Id create a map
that traces all the
wires between my
Raspberry Pi and
all my various
expansion boards.

Mayank Sharma
Id create a map of
all the various
Debian forks that
have emerged over
the years.

Neil Bothwick
The only map I
need is one that
shows me the
secret entrance to
the mountain lair
of my ancestors.

Joe Jordan
Ive just bought a
load of cheap black
ink, so Id like to
map some
unexplored corner
of space.

Juliet Kemp
Id like a map that
showed the way for
more women to
develop for Linux.
Theres not enough!

Shashank Sharma
Id like a map to
the Fedora
Projects head
quarters so I could
see whats causing
all their delays.

A minty fresh start

Were into a new year, so isnt it time you thought about
a fresh new start? Mint 16 is out and its easily the best
version of Mint to date, packing Cinnamon 2.0 as its
desktop. To celebrate its launch weve got eight pages
dedicated to how the Mint community pushed through these
key features, bug xes, taking Mint 14 from what it was, to
today; making Mint 16 a truly awesome Linux desktop
experience. We also look forward to Mint 17, which creator
Clement Clem Lefebvre and the Mint community have huge
plans for. You can nd out more on page 34.
The question no one seems able to answer is whether Mint is
truly the most popular avour of Linux out there. Is it?
According to Distrowatch its a country mile ahead of the rest,
but that neither makes statistical sense, nor is it at all reliable.
You cant trust User Agent details, as theyre likely to return
incorrect values, while Steam stats are Ubuntu biased, as thats
the Valve ofcially recommended OS. This all leaves limited
user surveys, these seem to put Ubuntu slightly ahead, which in
reality is the likely situation.
The reality is, it doesnt actually matter. No one here is
Microsoft, worrying about slipping market share, crashing PC
sales, shareholders demanding a pound of esh or noisyoutgoing CEOs. Mint is certainly popular, but more importantly
its community of users and developers are passionate and
vocal about it. That passion has made it a distro that people
love and embrace wholeheartedly. Its an approach other
companies could certainly do with emulating.
Talking of passionate users, Raspberry Pi is back into the
bosom of Linux Format. After slipping out of the pages for a
couple of issues, were happy to welcome it back, taking a look
at how you can expand beyond the Pi board and get the Pi to
control the world. Bless its tiny heart. So if you fancy brushing
up on the Pi (p46), getting starting in programming with
Scratch (p84), kicking off your own web server (p72) or hosting
your own sharing service (p26), weve got something to help
you get a fresh start.

Neil Mohr Editor

David Hayward
Id create a map of
all local pubs, with
a comprehensive
guide to the
available snacks in
each pub.

Marco Fioretti
Coming from a
country with a fine
tradition of
cartography, Id
map the hidden
depths of Hull.

Subscribe today
See p32 for awesome deals

February 2014 LXF180 3


Lets not ascribe to malice what could just be incompetence

OpenSUSE 13.1 ..................18
Weve got a bit of a mag crush on the latest
release. Find out the new features and
innovations that have got us excited.

New features and improvements

makes OpenSUSE 13.1 a winner.

Fedora 20 Beta ..................19

Another delay to the long awaited distro has
prevented us reviewing the final version.
Weve bravely soldiered on with the beta.

Mint 16
Is the latest release of the
popular distro enough to
make you switch? p34

storage p26

Fedora 20 will have been released by

the time you read this. Maybe.

OpenMandriva ................. 20
It seems to be open season with
these distros, but is this distro better
than that joke?

Netgear ReadyNAS 316 ...21

A feature rich and easy to use network
attached storage device has us impressed.

Netgear R6250 Router ..... 22

It seems to be Netgear season with... wait,
that doesnt work. You wait for a Netgear
review to turn up, then two come along.

Books ................................. 23
A Female Genius: How Ada Lovelace, Lord
Byrons Daughter, Started the Computer
Age and Designing the Internet of Things.

Ada Lovelace:
we review a
biography of a
beautiful mind.

Talking heads
Should you give your data
to a company that you
have no real contractual
relationship with?
Matthew Garrett Cloud storage, UEFI and fruit flies p42

4 LXF180 February 2014


On your free DVD

OpenSUSE 13.1
Includes KDE and GNOME versions

Clonezilla 2.2.0-31
Disk cloning can be a life saver
PLUS: HotPicks and tutorial code


Treat yourself or a
loved one to an LXF
subscription! p32

Dont miss...

Beyond the Raspberry Pi...46

Expand your Pi with our pick of add-ons.

Equality and open source..50

Are some more equal than others?

Not all those who wander are lost.

Coding Academy

Online collaboration
OwnCloud 6 ...................... 68

Scratch .................................. 84
Les Pounder shows off an easy to use visual
language thats great for beginners. Its also
been helping kids as young as six learn the
basics of programming.

Neil Bothwick explains how to use

OwnCloud Documents.

Squeak ................................... 88
Juliet Kemp introduces the object orientated
language that has some fantastic educational
properties. Its easy to get started with, but offers
plenty of depth once you become more familiar.

Regulars at a glance

OwnCloud 6: DIY Google Docs

News............................. 6 Subscriptions ...........32 Answers .....................92

A malicious worm is targeting Linux

Nothing says I appreciate you like a


machines, and mad scientists create

subscription to LXF.

Ubuntu One annoyance, removing

a virus that can move via sound.

duplicate files and more explained!

User groups................ 11

Dr Chris casts his eye (lidless and

Next month ...............98

CodeCamp for Teachers preps them

wreathed in flame, since you asked)

Mastering Raspberry Pi, the best

for the new computing curriculum.

over statistics concerning Linux.

VOiP clients, free your Android device

from Googles influence, and more!

Mailserver...................12 HotPicks ....................60

One very happy Pinguy OS user,

mouth; theyre so hot theyll burn you!

and much more.

Les Pounder shows you how to expand the

scope of your Raspberry Pi project.

Host your own ...................72
Mayank Sharma shows us what can be
achieved with a Raspberry Pi, an Apache
server and your fingers.

Map the world....................76

Dont put these picks into your

sound card woes, Fortran nostalgia

Raspberry Pi
PiFace ................................. 70

Also it would be weird.

Learn how to contribute to this fantastic

open source mapping project.

Roundup ....................26 Back issues ...............66

Worried about third party cloud
storage services? Just make your

can help you out! Make sure you

own! We test five of the best tools to

subscribe as well, so that it doesnt

make that happen.

happen again.

Static websites
How to set one up............80

Missed out on an issue? Fear not, we

Our subscriptions team is

waiting for your call.


But why would you want to? Marco Fioretti

explains why it might just be your thing.

February 2014 LXF180 5


THIS ISSUE: Worm warning

Grey coders

Soundwave malware

Ubuntu TV


Is Linux safe?
A new worm targeting PCs running Linux is in the wild. Matthew Hanson pointlessly
dons a type-one hazmat suit as he looks into just how safe we are...

ne of the many brilliant things

about Linux is how secure it is.
While Windows and even,
increasingly, the traditionally
hermetically-sealed, virus-proof Mac
continues to worry users with a steady
stream of bad news concerning
vulnerabilities and threats, Linux has
remained relatively unscathed.
The truth is no operating system is
completely safe from viruses, and while
Windows users struggle with antivirus
software that does just as good a job of
slowing down their PCs as it does
protecting them, a new threat has
emerged for Linux, which proves that
we cant afford to rest on our laurels.
The worm, named Linux.Darlloz,
spreads itself by exploiting a
vulnerability in php-cgi. This vulnerability
was patched in May 2012 (PHP 5.4.3,
and PHP 5.3.13), but that may still be
too late. While desktop PCs running
Linux are vulnerable to this worm, it also
targets devices such as routers and settop boxes that run on Linux-based
operating systems. So far there have
been no attacks found in the wild, but
security firms such as Symantec are
worried that people remain vulnerable
to the attack especially people who
may not be aware that their device runs
on a Linux variant. An investigation by
Symantec into the behaviour of the
worm showed that once executed it
generated random IP addresses and
accessed specific paths on the machine,
which are well-known to store ID and
passwords. It then sends HTTP POST
requests, exploiting the vulnerability. If
the victim has not downloaded the
patch from May 2012, the worm is
downloaded and spread to other
targets. At the moment it appears to be
only able to infect Intel x86 systems, as

6 LXF180 February 2014

the URL in the code uses the ELF binary

for Intel architectures, but this may
change in the future. To protect yourself
from the virus, make sure all your
software is updated to the latest version,
keep your passwords secure and block

This is exactly
what the worm
will look like
inside your
poorly computer.

Linux will continue

to see far fewer threats
than Windows.
any incoming HTTP POST requests to
/cgi-bin/php. It looks like Linuxs
popularity could turn the attention of
more virus makers towards the
platform. As well as being the most


popular open source operating system

in the world, its used in routers, security
cameras and, of course, is a huge player
in the server world.
As mainstream adoption of Linux
grows, are we going to see more
threats? While this is likely, the majority
of computer users are still sticking with
Windows, which means the people who
make malicious software, viruses and
worms are still going to take the easiest
route that affects the most people, so
Linux will continue to see far fewer
threats than Windows. The use of root
passwords and accounts, and the fast
patching at kernel levels also helps limit
malicious codes scope and damage.
Still, it doesnt hurt to remain vigilant.



Ubuntu Resources
website launches
Theres a new website from the folks at Canonical, good
news for Ubuntu Touch owners...

new website has been launched by

Canonical thats optimised to be read on
mobile devices and, rather fittingly, will
be focused primarily on Ubuntu Touch devices.
Its early days for the website Canonical is
treating the release as an alpha and the design,
layout and features of the site look set to change,
with input from the Ubuntu community.
As Inayaili de Len Persson, lead web designer,
said in a blog post (http://bit.ly/Desuntu), The
first and current release of the site alpha
focuses solely on small screens. The main goal is
that all the content is accessible and the visual
style and features will be progressing and being
added as we go The idea behind Ubuntu
Resources (http://bit.ly/Resuntu) is to be the
main resource for case studies, news, press
release and events, and in time it will replace most
of the resources that are found at http://
insights.ubuntu.com. This initial release has
been formatted with mobile devices in mind,
upcoming releases (Canonical plans to roll out the
Resources site in multiple releases, treating the
website much like its distro), will focus on devices
with larger screens. Other features that will be

added further down the line include the ability to

subscribe to individual pieces of content, a new
layout of landing pages for each top, content
filtering and sorting, cleaner URLs, improved PDF
and other file format handling and a section
dedicated to press releases. Well be keeping an
eye on the Ubuntu Resources website as it
develops, and though its a bit rough around the
edges at the moment, better ways for Canonical
to communicate with its users and developers is
always welcome.

Future updates will configure the layout to

suit larger tablet screens.

The Linux Foundation has
announced three new members,
Cloudius Systems, the HAS
(Heterogeneous System Architecture)
Foundation, and Valve. Weve been
mentioning Valve a lot recently, as the
games dev has been a big force in
getting more games onto Linux. Mike
Sartain from Valve said: Joining the
Linux Foundation is one of many ways
Valve is investing in the advancement
of Linux gaming... we hope to
contribute tools for developers
building new experiences on Linux,
compel hardware manufacturers to
prioritise support for Linux, and
ultimately deliver an elegant and open
platform for Linux users.
Has Google been beaten to the
punch when it comes to
wearable computer eyewear? It looks
that way as the Vuzix M100, an
Android device that comes with a dual
core 1GHz processor, WiFi, Bluetooth,
GPS, sensors, five megapixel camera
and voice and gesture recognition has
been released just before Google
Glass. It connects to an Android
smartphone via Bluetooth, and the
monocular display has WQVGA
resolution with a 16:9 aspect ratio. To
add further insult to injury, it is also
being sold for $1000, $500 less than
the developer version of Google Glass.
It appears that the project to get
TVs powered by Ubuntu is still
on-going, its just taken a backseat as
Canonical turns its focus towards


Is Linux going grey?

Will a new generation emerge to keep the kernel updated?

ver the 20 years that Linux has been

with us, more than 11,000 developers
have worked on the kernel. While this is
certainly very impressive, there needs to be a new
influx of younger developers ready to pitch in to
ensure that the kernel remains as up to date and
regularly improved as it is now.
A recent review by Bitegia, a company that
analyses free and open source software projects,
looked at who was contributing to the Linux
kernel Git repository. It found that when the Linux
Git repository started, there was a large
generation of developers who had been working
with Linux for many years. However, as the years
have gone on, the new generations of developers
have become smaller and at the same time the

older generations have became less active. You

can view the analysis at http://bit.ly/lxfbitegia.
Its clearly essential that younger developers
continue the work of previous generations.
Community managers can play a hugely
important role in encouraging new contributors,
and getting them trained up alongside developers
who have been working on the kernel for a long
time. Maintaining developer retention
encouraging a developer who has contributed in
the past to continue to contribute in the future
is another priority. The Linux Foundation has also
been looking at initiatives to bring in new
developers, and included activities at LinuxCon to
promote new developer engagement. Theres also
the issue of gender see p50...


We havent heard much about

Ubuntu TV recently, but were told
its still coming.
mobile devices. The initial showing,
which was impressive, was back in
January 2012 at CES and there hasnt
been much activity since. It might be
some time until we see a final version.
A brand new graphics driver
update from Intel for its fourth
generation Haswell processors has
been released and some early
benchmarks over at hardware website
www.phoronix.com show the drivers
OpenGL performance reaching parity
with Windows 8.1, great news for
gamers and video editors with Linux
as their OS of choice.

February 2014 LXF180 7




Scientists create
soundwave malware
It can cover a distance of 65 feet using mics and speakers.

cientists, no strangers to scary

experiments (cf Jurrasic Park), have
developed a malware prototype that
can use audio signals inaudible to the human
ear to transmit keystrokes and other personal
data without the infected machines even
having a network connection.
All the malware needed to work was the
built-in microphone and speakers of the
laptops used by the researchers at the
Fraunhofer Institute for Communication,
Information Processing, and Ergonomics in
Germany. The laptops were able to transmit
passwords and small amounts of data over
almost 65 feet, with the distance able to be
expanded using a network of zombie devices
that echo the audio signals. The researchers
attempted a number of methods for using
sound to transmit data, and found that
software that had been designed to transmit
data under water was the most successful. The
results are impressive, especially when
combined with a number of devices to create
what the researchers called a covert acoustical
mesh network There were drawbacks, though
the methods used were only able to achieve

data throughput of just 20 bits per second. Its

not much, but certainly enough to transmit
keystrokes and passwords.

Whats that noise?

In their paper published in the Journal of
Communications, the researchers explained:
This small bandwidth might actually be
enough to transfer critical information (such as
keystrokes). You dont even have to think about
all keystrokes. If you have a keylogger thats
able to recognise authentication materials, it
may only occasionally forward these detected
passwords over the network, leading to a very
stealthy state of the network. And you could
forward any small-sized information such as
private encryption keys or maybe malicious
commands to an infected piece of
construction. Theres no need to worry just
yet, as this was just a prototype designed to
demonstrate that its possible for malware to
travel via sound, though some people have
pointed out that it could explain the mysterious
case of badBIOS a piece of malware that a
few years ago apparently infected the machine
of Dragos Ruiu, a security consultant. One day,

If you thought the worst damage sound

could do was Gary Barlow-related, read on.

out of the blue, his Macbook Air suddenly

updated its firmware, preventing Ruiu from
booting from CD, while deleting data and
changing settings without any prompts. A few
days later, a machine running OpenBSD began
exhibiting the same behaviour. Data was being
sent from the computers using the IPv6
protocol, even when it was supposedly
disabled. Even when power cords, Ethernet
cables and the Wi-Fi card were removed,
network data was still being transmitted, and
the infected machines grew, with many using
variations of Linux. Thankfully, according to
researchers at Fraunhofer Institute, Linux
operating systems have the best chance of
protection: If audio input and output devices
cannot be switched off, implementation of
audio filtering options may be an alternative
approach to counter maliciously triggered
participation in covert networks. In Linuxbased operating systems, a software-defined
audio filter can be implemented with ALSA in
conjunction with the LADSPA.

German Patent ruling in blow to Microsofts earnings.

Could one of Microsofts largest
and most unpopular outside of
Redmond revenue streams be
under threat?
It was only last issue that we
mentioned how Microsoft was
obscuring the money the Xbox
and Windows Phone divisions
were losing by including the vast
sums of money they make from
patents on Android with the
overall Windows Phone and
entertainment division. One of
these patents, on the FAT (File
Allocation Table) file system, has
just been invalidated by
Germanys Bundespatentgericht
(Federal Patent Court). The
patent deals with common name
space for long and short
filenames, and Microsoft had
used this patent to enforce a
sales ban in Germany of
Motorola Mobility products,

8 LXF180 February 2014

Microsoft doesnt want

Motorola products sold in
Germany. The big meanies.

which is owned by Google.

According to the FOSS Patents
blog (www.fosspatents.com) a
full-day nullity (invalidation) trial
[was held] at the conclusion of
which Judge Vivian Sredl, who
presides over the Second Nullity
Senate, announced the ruling
that EP0618540 on a common

name space for long and short

filenames is invalid in its entirety
(including Microsofts proposed
amendments) because the court
found that all of the elements
distinguishing the patented
invention from the prior art
(which includes a Linus Torvalds
post to a mailing list) did not
satisfy the technicity
requirement under European
patent law. Microsoft can and
presumably will appeal this
decision to the
Bundesgerichtshof (Federal
Court of Justice, BGH)
While the courts decision
offers some good news for those
of us who are against these
patent shenanigans, this fight is
far from over. This isnt the first
time the Bundespatentgericht
has invalidated the patent, only
for the Bundesgerichtshof to


reverse the decision, and

Microsofts lawyers will be
looking at how this precedent
can be used to reverse the
current ruling.
Whilst the FAT patent
probably isnt the most profitable
of Microsofts patents on
Android, losing it, and the
potential to loose further patents,
will be worrying for Microsoft. Its
rumoured that for every handset
sold, HTC pays Microsoft $5,
whilst Samsung pays around
$10. Of course, Microsoft could
turn its attention to making its
own Windows Phone profitable,
but thats probably not going to
happen any time soon. Filing
patents and raking in the money
remains far too lucrative
considering the effort needed, so
were going to be seeing more of
these disputes in the future.






Michael Meeks
During the
festive season
LibreOffice is
its next release: 4.2 with an intense round of QA
and bug fixing. Our release schedule this year
lines up with FOSDEM the premier Free
Software conference in Brussels in early
February one well worth attending.
LibreOffice 4.2 brings a whole host of new
features to try out. CloudOn a startup doing
interesting things with LibreOffice has heavily
invested in improving round-trip interoperability
with newer Microsoft Office XML formats. They
are adding new core features and also
preserving features that we cant currently
render so they are not lost when you re-save.
That, along with much improved encrypytion
support, gives some great interoperability wins.
This release we also debut an Apple Keynote
import filter from RedHat, along with built-in
Google Drive support.
Weve also done a number of UI
improvements: with a re-written Start Center
and graduating the new sidebar out of
experimental mode. Our new default document
template is crisper, and complements a new
low-colour icon theme, Sifr. We now expose all
of our config options in an expert about:config
style view so that we can start streamlining our
options dialogs. Progress on re-working every
dialog to layout beautifully has reached 60% of
dialogs. Weve added a GNOME 3 application
menu to improved Xfce and Mate desktop
integration. In this release Impress gets new
iOS and Android remote controls for your
phone or tablet, which significantly improves
the presentation experience, as well as an
improved custom animation user interface.
A whole host of work has been done to
improve Calc, weve a completely new database
backend, and a slew of other useful new
features. Id love to tell you more, but its more
fun for you to investigate...
Michael is a pseudo-engineer, semi-colon lover,
SUSE LibreOffice hacker and amateur pundit.

10 LXF180 February 2014

Hitting the mirrors

Whats behind the free software sofa?

While many distros are becoming
bigger and flashier, with opulent
user interfaces and loads of extra
features, Nanolinux has taken the
opposite approach, being a tiny
distro that takes up less than a
nicely diminutive 14MB when
installed. Its not lacking features
either, as it comes with a file
manager, web browser, text editor ,
spreadsheet tool and a lot more
even a fair few interesting games
are included in the package.

Its tiny and light, yet still very

easy to use without too many
niggling compromises.

It should go without saying that were
always pleased to see public services
move over to free and open source
software, so weve been watching
Canaima GNU/Linux with interest.
Its a distro sponsored by the
Venezuelan government, based on
Debian, and is primarily used for the
computer of Venezuelan Nation
Public Administration. Version 4.0
(code named Kerepakupai) has just
been released, with updates to
GNOME, Linux kernel 3.2, Cunaguaro

Canaima GNU/Linux is designed

for National Public Administration
under a presidential decree.

22.0 web browser and Gucharo

17.0.5 mail client.

Ozone, a Wayland-based Chromium
web browser, may be relatively new,
but it has had a recent string of
updates that have boosted its feature
set, as well as its compatibility with
Wayland. Its well worth checking out.
Created by Intels Open-Source

Technology Center to allow the

Chromium web browser work natively
on the Wayland display server
protocol without having to depend on
X.Org. New updates include multiwindow support, offscreen rendering
and fullscreen mode.

OS4 OpenLinux 14.3 has just been
released, and OS/4 PowerLinux
Final should be hitting the mirrors
in the next few days. With the 14.3
version of OS4 OpenLinux more
improvements have been made to
create an Ubuntu-based distro with
a focus on user friendliness. Find
out more and download the
distro with a swift journey to


OS4 OpenLinux is good looking,

fast and easy to use.

Linux user groups


United Linux!
The intrepid Les Pounder brings you the latest community and LUG news.

Find and join a LUG

Community 180

Blackpool LUG & Makerspace Meets

every Saturday, 10am to 2pm. See website for details.

The Best of things to come.

ts that time of the year where we

Hacking the NHS to source the
reflect on what has been and look
cheapest generic drugs for cancer
forward to what will be. 2013 has
patients using open source tech.
been an awesome one for events.
July saw Barcamp Blackpool break
In March we had the first Raspberry
all records and draw nearly 200 people
Jamboree take place in Manchester,
for a barcamp and makerfaire.
which attracted 400 eager Pi users to
October is the time for Oggcamp,
swap new ideas and talk about what
which drew an ecstatic 400 people
they had done in the first year of the
from across the globe to Liverpool for
Raspberry Pi. The event was the idea of
making, learning and sharing!
Alan ODonohoe (@teknoteacher) and
This new year is already looking
encouraged children and adults alike to
fantastic with FOSDEM just around the
work on making the Pi awesome. Alan
corner, Barcamp Blackpool in the early
is in the final stages of organising a
stages of planning and this years
much larger event for later in 2014.
Raspberry Jamboree looking to attract
We also saw the Manchester Girl
1,000 delegates. Oggcamp was a
Geeks launch their first self-styled
massive success in 2013. Being open
Bracamp which focused on the aspect
source is definitely cool! LXF
of women in computing and
attracted a 90% female
attendance. This event
really explored the issues
faced by women in a largely
male dominated subject.
We fast forward to May
and the always exciting
Opentech event took place
in London. This showcased
the best ideas in coding,
politics and social change,
This years Raspberry Jamboree is hoping to
attract 1,000 attendees.
with great topics, such as

Greater London LUG

More details can be found on the website.

Tyneside LUG From 12pm, first Saturday of the

month at the Discovery Museum, Blandford Square,
Newcastle. Visit the website for more details.
RaspberryJam Manchester Monthly at
Madlab, visit the website for more details.
Manchester Hackspace Open night every
Wednesday, Visit the website for more details.
Lincoln LUG Third Wednesday of the month at
7pm, Lincoln Bowl, Washingborough Road, LN4 1EF
Hull LUG 8pm at Hartleys Bar, Newland Ave, first
Tuesday every month, visit the site for more details.
Surrey & Hampshire Hackspace Third
Tuesday of the month. Visit the website for more
information. http://sh-hackspace.org.uk
Preston Hackspace Every two weeks on a
Tuesday at The Continental, Preston. More details can
be found on the website.

Community events news

working on delivering workshops
for those working in education.
This is sure to be a massive
maker and tech event.

Barcamp Blackpool 2014

The next event will be in July
2014 at a venue to be confirmed,
but expect more of the great
stalls, talks and workshops that
made the 2013 event a runaway
success. For 2014 the team are

CodeCamp for Teachers

Russel Winder, author of the
popular Python for Rookies book
is hosting a one-day workshop
for teachers who want to begin
learning programming using
Python. With the changes to the
computing curriculum coming in
to effect from September 2014,

teachers are under greater

pressure to understand the
concepts of computing and the
fundamentals of coding. Python
has been chosen as the textual
language for children in
secondary education due to its
ease of use and clear syntax.
FLOSS UK Spring Conference
Formerly known as UKUUG (UKs
Unix and Open Systems User
Group) are once again organising
an annual Spring conference in


Brighton from 18 to 20 March

2014. This is the UKs only
conference aimed specifically at
systems and network
administrators. It attracts a large
number of professionals from
sites of all shapes and sizes.
As well as the technical talks,
the conference provides a
friendly environment for
delegates to meet, learn, and
enjoy lively debate on a host of
subjects. Head over to the
website for more details.

February 2014 LXF180 11



Write to us at Linux Format, Future Publishing, 30 Monmouth Street, Bath BA1 2BW or lxf.letters@futurenet.co.uk

Pinguy OS
I was happy to see Pinguy OS
included in your review, as its
been my primary OS since
shortly after its inception. I had
tried many distros, but this was
the first one where I simply felt
at home, a distro that, to borrow
a phrase, just works And, while
I understand it may bear some
resemblance to the Mac,
I had come from a strictly
Windows world, yet for me it
always felt very intuitive.
Now, some years on, every so
often your magazine inspires me
to dig deeper into Linux itself.
Any distro, including Pinguy,
allows this. But when I want to
step back, let the OS do the
work, and use applications to get
stuff done, Pinguy does the job.
And while its good to see it
came out on top in this
competition for an OS for Linux
beginners, I know that isnt the
point. The point is choice. I
believe a single person puts this
together, and while every
decision isnt perfect, for me
they hit the mark far more often
than most.
Although I dont distro-hop
much anymore (except for a
little fun in Virtualbox), each of
your issues, besides highlighting
distros, features articles over my
head, too simple, and spot on.

Letter of the month

Theres my LXF!

ey there team, thought I would let the

Northern Hemisphere know that here
in New Zealand, otherwise known as
the Antipodes to the English, my
issue of LXF178 for Christmas has been
received during the week ending the 23rd
November, so according to Andrew, delivery is
right on target this far South. However having
said this, it will all turn to custard once the
Christmas mail starts so I wont be expecting
further delivery before January.
Very best to all at LXF Towers for Christmas
and dont overdo the Eggnog. I certainly enjoy
the magazine!
Terry Hefferen, the Antipodes
Matt says: Thanks Terry, its great to hear youre
getting your issues all the way down there in a
reasonably timely fashion. Christmas is but a
hazy memory now, though we know not what this
Eggnog is of which you speak. Real ale and a
roaring fire is the way to go in these parts, and
possibly a packet of Christmas-themed
overpriced crisps (brussel sprouts and turnip or
stuffing and burnt potatoes) if were feeling

Pinguy OS is a great distro for beginners and veterans alike.

12 LXF180 February 2014

Eggnog is a dairy-based beverage.

particularly festive. Anyway by the time you get this

issue itll probably be nearing Easter, so enjoy those
chocolate eggs, whether they be nogged or not!.

That makes things interesting,

and keeps my subscription of
many years active. I appreciate
the thought behind your
approach, the good work, and
the possibilities that Linux
allows us all.
Ron Brusky, Miami, FL USA
Matt says: Ron, youve brilliantly
highlighted the strength of so
many of the beginner distros we
looked at in LXF178. They may be
geared towards people just
starting out with Linux, but they all
offer enough depth and
complexity to help you experiment
once youve become more
confident, and as our roundup
showed, Pinguy OS excelled in this
area. Since the article Ive been
using Elementary OS, and though
its still relatively new the current


stable release Luna is version 0.2

its already got a lot going for it,
including an attractive and easy to
use interface, yet it is powerful
enough for me to complete more
complex tasks through the
terminal. The fact that distros
such as Pinguy OS and
Elementary OS are going out of
their way to welcome new users
without artificially limiting or
patronising them is something
we should celebrate. Also, as you
say, the fact that theres plenty of
choice is just the delicious icing on
a Linux-shaped cake.
Thanks for the kind words
about our articles Ron, weve got
some brilliant features coming up
that continue to explore the vast
potential of GNU/Linux and free
and open source software!



Creative make some

great sound cards
but not Linux drivers.

Sound as a pound
Hello! I decided to make my Dell
Optiplex GX520 into a dedicated
audio studio system, based
around Mint 15, with codecs and
many of the features of Ubuntu
Studio. All went well until it came
to the sound card... The internal
card worked well, albeit in a
basic way, but I wanted better
quality. I switched out the
internal card in the bios, and
tried fitting various old audio
cards I had gathered together in
the past... None of them worked!
I tried tweaking settings in
Alsamixer from the command
line, adding Pulseaudio, etc., but
could get nothing to work for
both record and playback, apart
from the internal card!
I emailed Creative, who
informed me that none of their
cards are supported in Linux,
which strikes me as somewhat
shortsighted as they have the
monopoly on sound cards and
are therefore turning their backs
on about 20 million Linux users.
Can you run an article on
creating a Linux Studio System,
and give advice on the choice of
sound card to buy, whether new
or legacy. It would also be a good
feature to have a page or two
dedicated to hardware found to
work, in the same way that Wine
lists Windows software... Gold,
Silver, or Dead in the Water!
Nick Ford

Matt says: Nick, your

experience with
Creative is something
weve often found to be
an all too common
occurrence from some
manufacturers. They
often think that
supporting Linux is too
much fuss for too little
gain, and would rather
take the easier route of
just supporting
Windows, where they
think the majority of
their customers are. It can be
incredibly frustrating, and as you
pointed out rather short sighted
for companies to ignore a large
and growing potential audience.
For a company as large as
Creative, there really is no excuse.
Of course, there are dedicated
people out there wholl write their
own open source Linux drivers
and share them with the
community, so check out a list at
html. One of the great things
about Linux and opensource
software is that if theres drivers or
software missing, you can always
create it yourself, expertise and
skill permitting, and if you cant
you can always ask the vibrant
community to help. Of course, this
shouldnt allow companies to
abdicate their responsibilities to
not only potential customers, but
also their existing ones. What
happens if someone buys a
soundcard, then decides to move
from Windows to Linux? Do they
have to accept that the card they
bought is now useless?
Regarding your ideas for a
feature, thats a great idea and Ill
share it with the others on the
magazine. As you can imagine, we
sit on a pile of dated technology,
both at home and in the office.
Electrical waste is a big problem,
but we shouldnt throw away our
old computers just because
Microsoft and Apples increasingly
bloated OSes wont play nice on
the old hardware. Hurrah!

Hey LXF, just a quick email to
say: love the magazine! I really
cant wait to see what the new

team has in store and what it

can do with the mag!
Chris Wood
Matt says: Aww thanks Chris,
were all blushing like giddy school
girls here! Weve got good news
and then some more good news
for you. The good news is were
not planning to change what has
become a winning Linux formula,
which mirrors all of our passion for
open-source software. The other
good news is that weve got some
great features, interviews and
tutorials lined up for 2014, which
were sure youre going to love!
Weve got features that range from
a look into GCC to mastering the
Raspberry Pi, so something for
everyone! Thanks for writing in.

Project Sputnik
Many thanks for the article on
Project Sputnik in LXF 177. As a
result of this I took the plunge
and bought one as my travel PC.
The machine is superb but the
wifi issue noted in your article
had not been solved. Within a
few days of receiving it I was
travelling and had great difficulty
using wifi in a hotel. I wandered
around like a lost soul looking
for a wifi hotspot that was
strong enough to give me a
stable connection.
The problem was clearly the
driver which I solved by installing
the latest kernal using: sudo aptget install linux-generic-ltsquantal obtained from the
forums. Now the wifi is working
fine. Why couldnt Dell get this
right? I have noticed that battery
power consumption is heavy.
Perhaps you should run an
article on tuning power
consumption, maybe using
somethiing like PowerTOP.
Many thanks for running a
superb magazine.
Matt says: Dells Project Sputnik,
an Ultrabook running Ubuntu, is a
great machine, and were glad
youre enjoying yours Mike. Being
as robust and powerful as it is slim
and light makes for an excellent
portable PC, and Project Sputnik,
along with other Ultrabooks, are
proving that you dont have to turn
to Apple to get a beautifully
crafted laptop packed with some


of the best components around.

Not getting an Apple machine also
means you wont have to deplete
your life savings, or hate yourself
every time you look in the mirror.
That bits a joke. Sort of.
Whilst Ultrabooks that run
Linux as a main operating system
are few and far between, its good
to see a company as influential as
Dell who arent often in our good
books taking the initiative. Its a
shame the WiFi driver problem
hasnt been sorted yet; hopefully
Dell will get on to that ASAP. You
wouldnt expect a new Windows
machine to ship with nonfunctioning WiFi, so why should
we have to put up with it for a
Linux machine? Dell! Sort it out!
A few years ago there was a
brief phase where laptop
manufacturers installed a
separate Linux-based operating
system that could be started up
by pressing a special button on
the keyboard, this ran almost
instantly and pre-boot from the
BIOS. The idea was that if you
wanted to quickly check your
emails, browse the internet or
word process without having to
wait for Windows to boot, you
could quickly boot into this
secondary OS. The manufacturers
were basically admitting that
Windows took too long to boot,
and you could do a lot of the
things youd want to do quickly
and easily through the Linux OS.
The feature didnt really take off,
but why didnt manufacturers
move over to including Linux as
the main operating system, if it
made their systems work so well?
Im guessing that one of the
reasons is that laptop profit
margins are notoriously tight, so
most manufacturers include
pre-installed software. The
software is usually pointless and
annoying, or are trials that bug
you to upgrade as soon as you
switch on your machine. However
the manufacturers get paid to
include them, which allows them
to lower the price of the laptop. By
going to Linux theyd be cutting off
this revenue stream, which may
mean were unlikely to see a big
influx of Linux-only laptops
coming from the big laptop
makers any time soon.

February 2014 LXF180 13



Nostalgia, for
Fortran, named for FORmula
TRANslation, which didnt come
up in the article in LXF 178
(Christmas edition), was my first
programming language, learned
at Purdue University in 1976 on
the Minnesota Fortran compiler
(MNF) on a CDC 6600 mainframe, using (yes, you guessed
it) Hollerith cards from various
rooms around campus where
you could punch the cards, sort
them in order in your card deck,
try to remember to punch the
cards properly in columns 73-84
for sorting (important when you
might have several hundred line
programs), then take them to
the card reader in the computing
centre to submit your job for
later output on 132 column lightgreen & white alternating bar
computer paper, roughly 17
wide by 11 long per sheet on
tractor-fed paper of which the
punched round holes on the
(wide) ends did not come off.

You had to have your proper JCL

(job control) punch cards at the
beginning, or you wouldnt even
get your errors output! MNF
wasnt even Fortran 66
compliant, although it was in the
mid-70s, it was Fortran IV
compliant, and at the time, there
was a LOT of packages which
were Fortran IV compliant, but
had not yet been translated to
the (new) Fortran 66 standard.
Engineers and Mathematicians
see no purpose in upgrading
when they could be using the
code, or writing new code to
solve new problems!
At the time it was important
that the names of computer
languages which were acronyms,
such as Fortran, ALGOL
(ALGorythmic Oriented
Language), or COBOL (COmmon
Business-Oriented Language see Gace Hooper) were properly
in all capital letters, while
languages like Pascal which were
proper names were capitalised
only on the initial letter.
I later got a project while

Digital copies of our archive are available to subscribers.

otherwise unemployed to
translate from a time-shared
computer Fortran program to a
program which would run on
IBM-compatible computers. I
ended taking the Fortran source
code, compiling and running it
under Nevada Fortran on my
Zorba CP/M transportable
computer to have a basis for
comparison, then translating
from Fortran, and documenting
properly the code to Microsofts
QuickBASIC compiler, with code
available for IBMs included
BASIC interpreter (with IBM
DOS for BASIC in ROM). For
those who dont know BASIC
stood for Beginners All-purpose
Symbolic Instruction Code.
See? Nostagia, for Fortran
yet! I must be losing it. Next, I
might send in an article
suggestion about COBOL or
even dBase programming! These
would probably be of only
historic interest, although I have
programmed in ALGOL, Forth,
and dBase, as well as PAL
(Paradox Application Language).
See, languages which are only of
interest if you have some 20th
century code which you are
maintaining. Have a nice day!
Carl Snyder
Matt says: Thanks for sharing
that Carl, it just goes to show no
matter what the language, therell
be people out there who think
fondly of their first forays into
coding using methods and syntax
which have faded into partial
obscurity. The Hollerith punch
card method of coding seems a
world away from what were able
to do sat at our desks now, but
whilst it might seem inconvenient,
you could argue that it instilled a
more stringent approach to errors.
When a mistake could mean


14 LXF180 February 2014


having to dash halfway across a

University campus, youre going to
have a keen eye to make sure they
dont crop up. Is this a habit that
coders these days are missing out
on, when mistakes are annoying,
but can sometimes be fixed with a
few taps of the backspace key?
Your letter also highlights the
fact that the one thing more
fascinating than the pace of
change in technology, is what has
stayed the same. The fact that
elements in the Fortran code you
used in the 1970s can still be
found in modern applications is a
quite wonderful thing.

Inquiries and hope

for Linux Format
I am a third year US subscriber
to LXF and enjoy the magazine.
However, I must admit that most
of the articles are beyond my
grasp. As a newbie, I seek
explicit instruction on the topic.
Too many articles are written for
users who can manage without
instruction, they gloss over the
details leaving me to muddle
over each step. I buy a magazine
to learn more about the platform
-- Linux, and contrary to some
tastes, the DVD! I need more
info about whats on the DVD
and more importantly how to
load those included packages
into the various distros and
desktops. I have yet to succeed
in that I have to use the
package manager and take that
offering thus negating the
benefit of already being on the
DVD readily spinning in my PC.
Maybe you can Offer a PDF read
me on the DVD to give step-bystep instruction on extracting a
package with my own installed
package manager, and a detailed
account of the process to


Writers reply

Got something to say about one of our articles? Write in and well pass your queries on to the writers.

Neil Bothwicks
BitTorrent Article
Regarding Neil Bothwicks BitTorrent
Article in LXF 176, trackerless torrents
using magnet links seem to work quite
well with Transmission via the Distributed
Hash Table (DHT) and Peer EXchange
(PEX), without the need to do any more
than the following...
First, place the file or directory in the
Transmission download area. Next load it
into the client, then wait for Transmission
to start seeding the data. Once the data is
available under the seed tab, right click on
the data and select Copy Magnet Link to
Clipboard then paste the contents of the
clipboard into an email then send it to the
person with whom you want to share the
data. The person receiving the magnet link
can then open it with their BitTorrent
client and start downloading the data.
The above assumes that a static LAN
address is set in the router for the IP
address associated with the box running
Transmission with port 51413 forwarded to
that address, and the same port is open on
the software firewall for TCP/UDP on the
box running Transmission.
Andrew Shead

compile it. The many distros and

varied desktops make it harder
for your writers to break it down
to basics, but that is the prize I
seek and the key to learning -building on a solid, repeatable
knowledge base. I can pick my
distro of choice, install it and
really make it my own. That sir,
will wean me from Windows!
The website archive page for
subscribers seems to be missing
the link to download the entire
issue 178 as a PDF. Is this
intentional? I like to use this
feature on a second computer

Neil Bothwick says: Trackerless torrents and

DHT (Distributed Hash Tables) are indeed a
useful way of sharing torrents. They do have
limitations when you are trying to share data
privately, by their very nature, but apart from
that they are a good option.
The only reason I didnt mention them in the
tutorial was the available space. Had it been a
four page tutorial, trackerless torrents would
certainly have been included. Maybe we can
look at revisiting them at a later date.

Fortran: Get Started

Juliet Kemps article on Fortran is very
good, and taught me some new things
about the newer Fortran standards, but I
must take exception to her statement, In
F77 and earlier you had to use labels and
GOTO to generate a loop. As far as I know
Fortran has always had DO loops. Certainly
Fortran II did in Implementing Software for
Non-Numeric Applications by William M.
Waite (Prentice-Hall, 1973). A large package
for implementing a list-processing virtual
machine, Wisp, is written entirely in Fortran
II, and contains many DO loops. Perhaps
this is a misunderstanding; Fortran 77
introduced DO statements with negative
index steps, which was a new feature.

so I can try to follow as I work on

the experimental PC, and since
delivery here takes 2-4 weeks, I
still await LXF 178.
I sincerely hope LXF will take
a more basic approach to
content and help the newbies. I
believe that we buy the most
magazines as a group and are
your biggest potential market
based on the small and mostly
stagnant number of Linux
operating system statistics that
Ive read.
Thanks for your reflections
on these matters. I was going to

Neils torrent tutorial can be found in

the pages of LXF 176.

Leslie Turriff
Juliet Kemp says: Thanks for the correction
youre right, F77 (and earlier) did have
DO-loops, it was only other types of loop that
had to be constructed with IF and GOTO. My
apologies for the mistake, and Im glad you
enjoyed the tutorial otherwise.

allow my subscription to lapse in

February, but since there is new
blood in the Staff, I will renew for
another year to give you time to
make it interesting, instructive,
and more importantly addictive
for me and the millions of
newbies you have yet to reach
and convert!
Neil says: I believe issue 178
should be live on the archive
website. Let us know if you still
have issues, but we have uploaded
it, I assure you.
As for your other points, its

interesting that weve been

discussing the level at which LXF
should be aimed, as currently it
does assume a lot of prior
knowledge and experience, while
we seem to be seeing an influx of
new Linux users, partly due to the
Raspberry Pi success.
Hopefully issue 179 and its
Getting Started with Linux
material should help, but your
letter is food for thought on
making the mag more accessible.
Though it is a tricky balancing act.
Hopefully the next few issues can
convince you to stay! LXF

Write to us
Do you have a burning Linuxrelated issue you want to discuss?
Do you simply want to hail our
awesomeness or bemoan the
distinct lack of PulseAudio
criticism in the magazine these
days? Write to us at Linux Format,
Future Publishing, 30 Monmouth
Street, Bath BA1 2BW, or


February 2014 LXF180 15




All the latest software and hardware reviewed and rated by our experts
has been comparing
distro release dates
with this issues
deadline and weeping.

Our pick of this months releases:

OpenSUSE 13.1 ......18


f youve ever had to rely regularly

on the Great British public
transport system, youll be well
acquainted with the concept of
delays. Even when I was partaking in
the relatively modest commute
between Bristol and Bath, I was
faced with a wide spectrum of
reasons why the train I was
attempting to catch was delayed.
From the mysteriously vague signal
failure to the awe-inspiring train
caught fire I gritted my teeth as I
watched the expected time of arrival
inch ever upwards, whilst a
dispassionate tape recording of a
womans voice assured me that she
was very sorry for the delay. As
impressed as I was that a cassette
had become sentient and mastered
the complex human emotion of
regret, this didnt really cut it.

This latest release has got us

seriously impressed, with a number
of improved features, such as an
updated kernel and brand new file
system, along with some excellent
innovations, such as support for
portable ARM devices.

Fedora 20 Beta ........19

Its rare that we look at a beta, but a
last minute delay to the already
long overdue Fedora has forced our
hand. Does the beta show enough
potential make it worth the wait?

OpenMandriva ....... 20
Like a slightly disappointing
phoenix, OpenMandriva rises from
the ashes of a once beloved distro

with a solid feature set, but not

much to get excited about.

Netgear ReadyNAS
316 ......................... 21
Ready to add network attached
storage to your ever growing home
network? The Netgear ReadyNAS
316 is worth consideration, then,
with some top features that are
easy to use.

Netgear R6250 Smart

WiFi Router ........... 22
The second Netgear networking
product weve got in these hallowed
pages, were again impressed with
the marriage of advanced tools
wrapped in a user friendly package.
Good work, Netgear.

Netgear ReadyNAS 316:

Backing up files over your
home network made easy.

OpenSUSE 13.1


A solid and dependable release which has

certainly got us all a-quiver.

This latest release plays it safe, resulting in a

bit of a boring distro.

Time to fix things

But are all delays intrinsically bad?
When it comes to software and
occasionally hardware delays can
sometimes be a good thing. For
example, the twentieth release of
Fedora was pencilled in for 26
November. It had already been
delayed three times before we
decided to review it. Unfortunately
Fedora 20 was once again delayed
to a week after this issues deadline.
Sure its frustrating, but weve
decided to look at the beta release,
to at least give you an idea of the
new features you can expect when
the full version arrives. And if the
delay means that the Fedora Project
can deliver a far more stable and
feature-rich product, then itll be
worth waiting a few more weeks.

Hosted storage services p26

BitTorrent Sync




If youre not comfortable with
third-party online storage such
as Dropbox, then why not make
your own? Youll protect both
your cash and your privacy, and
its easy with these tools.


February 2014 LXF180 17

Reviews Linux distro


OpenSUSE 13.1
The release of the latest version of this popular distro puts Mayank Sharma
in an awkward position, struggling to find any flaws.
In brief...
A major multidesktop Linux
Alternative RPMbased distros are
Fedora and

very writer fears reviewing

releases such as OpenSUSE
13.1. Not only do they rob us of
the opportunity to use colourful
metaphors to criticise the project, they
make us work extra hard to find faults
with the software. But sometimes we
just have to admit defeat and tip our
hats to the project and its developers.
OpenSUSE 13.1 is just such a release.
If you look at a distro in terms of
outstanding and innovative features,
this release doesnt offer much. Its got
the regular slew of updates youd
expect from a mainstream distro.
Theres a new kernel, a new filesystem,
updates to networking and
virtualisation stacks, and tons of
bugfixes in the crucial bits of the distro.
But evaluating 13.1 based on its
individual components would be doing
injustice to the distro. The release is
greater than the sum of its parts. Its a
wonderfully-packaged distro that offers
a smooth user experience from the
installation to the desktop and beyond.

Constant evolution
Once known as the premier KDE
release, OpenSUSE nowadays looks
good across all the major desktops.
Besides KDE 4.11 and Gnome 3.10, the
latest release features Mate 1.6, Xfce,
Enlightenment and LXDE desktops.
Under the hood, this release is
powered by Linux kernel 3.11. A major
highlight of this release is its support for
ARM devices. In fact, the distro has
ports for ARMv6, ARMv7 and the 64-bit

Features at a glance

Evergreen release

Technology previews

The developers will

provide security updates
and bugfixes to OpenSUSE
13.1 for three years.

The release includes

upcoming technology,
such as Wayland support
in Gnome and KDE.

18 LXF180 February 2014

OpenSUSE 13.1 is an evergreen release, which has a lifetime of three years.

ARMv8, also known as AArch64, with

more than 6,000 packages.
As usual, the release is available as
live installable images and install-only
DVD images for both 32-bit and 64-bit
machines. There isnt any remarkable
change to the distros installer, except
for the fact that it builds on the
experimental support for Secure Boot
introduced in the previous version.
The developers have also worked on
the Btrfs filesystem, which is still not
the default filesystem, as they feel it
needs some more stabilisation efforts
in enterprise use-cases. But they
reckon its stable enough for everyday
desktop use we used it on all our real
and virtual machines and didnt
experience any hiccups.
Complementing the Btrfs filesystem
is the Snapper tool. Together, theyre
a sort of meta-backup scheme for the
distro. With Snapper, you can undo
system changes by reverting to an older
snapshot of the system. A snapshot is
created every time you make changes
to the system with the Yast
configuration tool. Snapper lets you
compare and revert the changes in two
The release leverages on the
improvements in the desktops it ships.
Its KDE desktop is an LTS release with
performance tweaks and new features
in the KDE PIM, such as spam
detection. If you are a Gnome user, you
can sample the latest from your
favourite desktop, including


improvements to core Gnome Apps, as

well as new geolocation features based
on OpenStreetMap (see tutorial, page
74) and the unified system status area.
Additionally, the distro includes the
best open source apps, such as Firefox
25, LibreOffice 4.1 and Thunderbird 24.
The OpenSUSE 13.1 release
continues to outshine recent releases
from the other behemoth of RPM-land,
Fedora. Compared with Fedoras
re-envisioned Anaconda installer,
OpenSUSE has a stable installer, which
is easy to use and offers ample options
to tweak the install. The distro also has
the impressive one-click install system
and the previously mentioned Yast.
A look on the forums failed to reveal
any significant issues with the week-old
release, and if you havent used
OpenSUSE before this is your cue. LXF

OpenSUSE 13.1
Developer: OpenSUSE Project
Web: www.opensuse.org
Licence: GPL

Ease of use


A stable and solid release that

works as advertised and packs in
a host of innovations.

Rating 8/10

Linux distro Reviews


Fedora 20 beta
While Shashank Sharma had hoped for more to celebrate 10 years of Fedora,
the latest release should not be dismissed as irrelevant.
In brief...
The RedHat
sponsored distro
that ships only
free software.
Alternative RPMbased distros are
OpenSUSE and

edora is as much known for

being a Gnome and RPM-distro,
as it is for being the test bed for
technologies that find their way into
Red Hat Enterprise Linux. The project,
however, is still committed to providing
a stable distro for the community at
large. This is why Fedora 20, the release
to mark 10 years of Fedora, has been
postponed a number of times due to a
large number of bugs. We had intended
to review the final Fedora 20 release,
codenamed Heisenbug, but the delays
have forced us to focus on the beta.
A quick glance at the blocker bugs
page reveals that most of the bugs
responsible for our predicament relate
to the Anaconda installer. However, the
installer has come a long way since the
complaints raised in our review of
Fedora 18 [Reviews, p22, LXF169].
As it stands, there still isnt an
integrated cloud based storage service,
but the installer itself, and the
partitioning in particular, is as good as
you could hope for. The installer now
also supports LVM thin provisioning.
Although not of much use to the
average home user, the feature is bound
to impress anyone hoping to setup a
Fedora server. Also, Heisenbug marks
the first Fedora release to feature ARM
as a primary architecture, along with
One of our biggest complaints
against Fedora has been its package
management tools. Packagekit isnt
quite in the same league as Ubuntus
Software Centre, or even the good ol

Features at a glance

CLI goodness

Package manager

Nmcli supports all major

connection types, such as
Wi-Fi, vLAN and Ethernet.

With Gnome Software,

Fedora finally addresses a
long-term weakness.

Not a DOA Fedora release for a change. Lets hope they build on it.

Synaptic. Thankfully, Fedora 20 ships

with Gnome 3.10 which has Gnome
Software, a distro neutral software
management app.

Added package
While the app is the default on Fedora
20, it only provides limited functionality.
It shows a brief description and an icon
for apps, and you can use it to install,
remove and update apps. Screenshots
for each app, along with interactive
features, such as ratings and reviews
will not be available until the next
release of Fedora.
With a view to unclutter the windows
and free-up more screen space,
titlebars and toolbars have now been
merged into a single element called
Header Bar. The System Status area
has also been redesigned. You now get
a single menu in the top-right corner of
the screen which provides battery and
network status, along with a button to
access the system configuration tool.
As with past releases, there are
other desktop spins, such as KDE,
LXDE and Mate. The repos also feature
the latest Enlightenment 0.18 release.
Unlike various other distros that
target either newbies or advanced
users, Fedora aims to please everyone.
Advanced users favouring the
command line will appreciate the
changes to the nmcli tool. You can now


use the tool to add, edit, delete, activate

and deactivate network connections.
Theres also an interactive mode which
guides users through the configuration.
Syslog has been replaced by
Systemd Journal as the default system
logger. Another long-term resident,
Sendmail is also not installed by default.
If you use virtualisation, youll
appreciate virt-managers new ability to
easily manage virtual machine
snapshots. Work has also gone into
improving Arm virtualisation support
and Libvirt now has ACL capability.
Overall, this is a fairly routine release.
Still, its an improvement over past
releases and shows other RPM-distros
that Fedora isnt out of the game yet. LXF

Fedora 20
Developer: Fedora Project
Web: www.fedoraproject.org
Licence: Various

Ease of use


A number of useful features, but

offers no reason for existing Linux
users to switch allegiance.

Rating 7/10
February 2014 LXF180 19

Reviews Linux distro


OpenMandriva Lx
Another KDE distribution that can can trace its lineage to Mandriva. But is
there more to OpenMandriva? Shashank Sharma investigates.
In brief...
A wonderful
KDE distro that
builds on the last
Mandriva release.
aside, the distro
offers nothing of
original value with
this release. See
also: Mageia,
ROSA Linux,

udging by Ubuntu and Fedora,

one could argue that commercial
backing, dedicated developers,
and a faithful user base is the holy
trinity that makes for a Linux
distributions success. Time was, you
could count Mandriva in that list. A fork
and financial troubles for its parent
company, however, resulted in the
premature end of a beloved distro. But
there endeth the sob story.
OpenMandriva Lx 2013.0 is the first
release from the OpenMandriva
Association. Now driven by the
community, the distribution hails itself
as a successor to Mandriva 2011. Like
most Linux distros, OpenMandriva is an
installable live distro. It boots up in a
couple of seconds to provide a fullyloaded KDE desktop.
While the project aims to support
ARM in future releases, for now the
distro is available in 32- and 64-bit
flavours. The distro doesnt offer any
USB-making tool of its own, but
recommends you use Fedoras LiveUSB
Creator tool if you dont want to burn
the roughly 1.6GB ISO to disc.

Please-all distro
The latest release features KDE 4.11.2
and KDE apps such as Kmail, which is
the default email client on the distro; as
well as Amarok music player, Krita,
Dolphin file manager, and more.
Keeping them company is Firefox 25.0.1
and LibreOffice 4.1.3, and all the apps
youd expect in a complete desktop
distro. It also offers a couple of robust

Features at a glance


Mandriva Control

Acts as a desktop search

tool and gets content from
social networking sites.

Renamed OpenMandriva
Lx Control Center, a nod to
the distros parentage.

20 LXF180 February 2014

Despite a two-year hiatus, the developers still know how to build a distro.

desktop sharing tools. This release

features support for Intel graphics
cards, thanks to the latest kernel,
including support for fourth-generation
cards. The latest ATI cards are also
supported. The distro had been out for
a week at the time of writing, and a look
at the forum boards didnt reveal any
complaints about graphics card
support. The software repositories
include drivers for older NVIDIA cards,
but theres no support for the latest
cards. The installer is easy to follow and
the partitioning tool is newbie-friendly.
As with Ubuntu, you dont get to choose
which packages to install.
The distro doesnt ship with
proprietary drivers out of the box, but
you can install these using the software
repositories. You must first configure
the media sources, so go to the control
centre and click Configure media
sources for install and updates Once
the repositories are added, you can use
the graphical software management
tool, rpmdrake, to install software
packages, and even proprietary codecs.
OpenMandriva shares a significant
part of the codebase with ROSA Linux.
The distro features SimpleWelcome
Launcher, a ROSA innovation. Nepomuk
is disabled by default, but when
enabled, SimpleWelcome can serve as a


desktop search tool. The launcher can

serve content from Facebook, but
doesnt support other social networks,
such as Twitter. Also lifted from ROSA is
the ROSA Media Player and the 3.6.11
nrjQL kernel, a variant of the Linux
kernel, that provides better CPU load
and disk I/O scheduler.
OpenMandriva Lx 2013.0 is a highly
polished distro. It offers all the stability
of Mandriva of old, along with some
ROSA innovations. A sparse wiki and
little to make Linux users shun their
existing distro are its only
shortcomings. One hopes both are a
work in progress. LXF

OpenMandriva Lx 2013.0
Developer: OpenMandriva Association
Web: www.openmandriva.org
Licence: Various

Ease of use


An excellent KDE distro, but it

offers no reason to make existing
Linux users to jump ship.

Rating 7/10

Network Attached Storage Reviews


ReadyNAS 316
A Netgear NAS drive thats as powerful as they come, Neil Mohr fires up its
humming drives and stands well back.
In brief...
The new range
of ReadyNAS
drives from
Netgear may have
dumb down the
interfaces, but the
features, build
quality and
performance are
top class.

Intel dual-core
Atom 2.1GHz,
2GB memory
6 bays, 2.5/3.5inch SATA, hot
2x Gigabit LAN
2x eSATA
1x USB 2.0,
2x USB 3.0.

veryones after more storage

these days and as its cheap as
chips thats really not a problem.
What is a problem is making that
storage as convenient as possible and
ensuring its secure. Thats where your
local NAS drive comes in; sat on the
local network and offering cloud
storage, media stream, automatic
snapshots and redundant disk arrays,
a modern NAS is a bundle of whirring
binary love.
The new Netgear ReadyNAS 2013
range is pretty impressive. Were looking
at the Netgear ReadyNAS 316
(RN31600), which is at the higher-end
of its mid-range options, offering a
better than usual six empty SATA drive
bays. Within the Netgear ReadyNAS
range the ReadyOS 6 software remains
the same; higher-end models offer
faster processors and up to 16GB of
memory, while lower-end ones drop the
number of drive bays, but retain the
decent Intel Atom processor and 2GB
of memory.
Physically the Netgear NAS is
impressively built; its solid and weighs
a hefty 7kg. Partly this is down to an
integrated PSU, which is great it uses
a standard kettle lead and eliminates
the chance of a lost or damaged
external power brick. The front has a
2-line LCD display with touch-panel
control for status information, which is
handy for on-the-spot diagnostics.
Inside the NAS is a something of a
dream. Populating bays is a completely
quick-release, tool-free affair. It takes a
minute of initial head-scratching to
work out how to release the
mechanism, but once done drives can
be flung in and out in mere seconds
Technically, the total internal
capacity is 24TB with 4TB drives,
obviously running RAID5/6 drops the
usable amount down. Importantly using
the eSATA ports youre able to extend
this capacity via the Netgear EDA500.
This is a five-bay box, with support for
two, youre able to push total capacity
to an impressive 64TB. At this level it, of
course, supports iSCSI for visualisation
and easy SAN integration. All of these
capabilities put this ReadyNAS 316
model into the SMB arena, capable of

Its big, black,

bold and can
handle six
SATA drives.

servicing up to 25 users. Itd

certainly take care of a demanding
home users needs for years to come.

Software services
Running the latest ReadyOS 6 software
as all marketeers want, ReadyNAS
drives support cloud access. This
means any registered users are able to
access files across the internet and it
offers easy drag and drop access via
the sites web interface. This is
alongside the standard user shares,
setting up RAID, DLNA, iTunes sharing
and other standard NAS services.
Netgear doesnt use ext4 but opts
for the BTRFS B-Tree File System, yet
another open source file system,
developed by Oracle, Red Hat, Intel and
others. The main reason for this is that
it enables far easier unlimited blocklevel snapshots. What does that mean?
It offers entirely flexible per user, per
folder or per share snapshot protection.
This can be set on an hourly, daily or
weekly level and enables you to roll
back individual files or entire shares via
the dashboards handy timeline graph.
On a performance level the
ReadyNAS 316 performs strongly with
random reads averaging 102MB/s and
random writes at 77.8MB/s. The same
speeds with sequential files were


108MB/s and
92MB/s. This makes it
amongst the best
performances weve seen,
speed wise.
A key area for ReadyOS 6 is the new
Windows 8-style minimalist interface,
which frankly we didnt get on with at
all. For us its a key weakness and had
us wishing for a standard FreeNAS
interface, while it looks far less able
than offerings from QNAP and
Synology. It at least does offer
additional apps which you might like to
call extra services via the Genie
Marketplace that are added with a
single click. This makes it possible to
add support for services like DropBox,
ownCloud, shared printers and a limited
number of other services. LXF

Netgear ReadyNAS 316
Developer: Netgear
Web: www.netgear.com
Price: 601 (diskless)

Ease of use
Value for money


A solid SMB-level NAS, wed love a

classic interface but its unlimited
snapshots are a godsend for admins.

Rating 9/10
February 2014 LXF180 21

Reviews Router


R6250 WiFi Router

Can Netgear create a router thats as user friendly as it is powerful?
Matt Hanson greases up his broadband and investigates.
In brief...
Netgear has
created a slim
router which
offers advanced
networking tech
in an easy-touse package.

Dual Band Wi-F
2.4 & 5GHz
Dual-core 800
MHz processor
128 MB flash
IPv6 support
USB 3.0 port

The Netgear
uses a web
interface, so it
doesnt matter
what flavour
of Linux youre

he Netgear R6250 Smart WiFi

Router is aimed at people who
want to take advantage of the
technological advancements in
networking technology, without having
to worry about messing around too
much with various settings. But is a
router that combines power with plug
and play ease too good to be true?
When opening the box, the first thing
youll notice is the design of the router,
and itll certainly be divisive. The plain
and minimalist black square that
emerges from the packaging seems far
removed from the rather functional
looking routers of Buffalo and TP-Link,
and Netgear has clearly got its
designers to come up with something
that wed be happy to have on display in
our homes, rather than hidden away
behind a bundle of wires. Whether or
not theyve succeeded will be down to
personal taste, and while the look might
not be our cup of tea weve certainly
seen uglier routers.
On the front of the router are four
icons that are illuminated depending on
the state of your network and internet
connection, as well as information if a
USB device is connected or not. On the
side of the router are buttons for
switching the Wi-Fi on and off, and for
connecting devices via WPS. On the
back are five gigabit Ethernet ports (one
of which is dedicated to hooking up to
your modem more of that later), a
reset switch, power button and a USB
3.0 port. While a lot of routers have

22 LXF180 February 2014

been including USB ports for

some time now, the addition of a
USB 3.0 port, rather than the
standard USB 2.0, is welcome.
With the increased speeds of
the 802.11ac wireless protocol
that the router uses, it would be
a shame to bottleneck the data
transfer speeds with the low
USB 2.0 bandwidth. The
Boradcom BCM4708
processor that inside the
Netgear does a good job of
running the new protocol as
well as dealing with traffic
via the USB 3.0 port.

Feature packed
Installation through the web
interface was quick and easy, and
rather than having to type in an IP
address to access the settings, you can
just type in www://routerlogin.net. Its
in the web interface where Netgears
aim of creating a product thats easy to
use for beginners, yet still offers more
advanced tools for experts, is evident.
The wireless antennas (three 5GHz
for 1300Mbps and two 2.4 GHz for
300Mbps) are built into the body, so
unlike routers with external antennas,
you can not position them to broadcast
in certain directions. While this might
not be too much of a problem, if youre
got a bit of a blackspot in a certain part
of the house, directing an antenna
towards it can help improve wireless
coverage. This seems to be a case here
where the routers aesthetics have been
chosen over functional.
Once set up we were able to look
closely at the features included, and
theres a lot of them: DHCP, Static,
PPPoE, PPTP and L2TP support, builtin dynamic DNS client for dyndns.com,
WAN port scan and DoS protection,
IPv6 WAN connection support (autodetect, 6to4 tunnel, Pass through, fixed
[static], DHCP, PPPoE, Auto config),
partental controls via OpenDNS, UpnP
and DLNA media support, and SMB,
HTTP, HTTPs, FTP storage sharing. For
most home users this should be
absolutely fine, but for more advanced
tools like IPv6 port forwarding and
firewall support, youre going to want to


The design of
the Netgear R6250
is slim enough to hide away if
youre not keen on its looks.

look elsewhere. For programmers

wanting to play around, the router and
firmware comes with a GPL v2 licence.
In our tests the Netgear R6250
performed pretty well, broadcasting two
separate SSIDs for each band
simultaneously, and on the 5GHz band
we saw very impressive data transfer
rates of 593Mbps, and while performance
dropped the further we moved our
machine from the router, we were still
able to get good performance across a
two bedroom flat over two floors. LXF

Netgear R6250
Developer: Netgear
Web: www.netgear.co.uk
Price: 129.99

Ease of use
Value for money


An easy to set up and use router

that offers plenty of functionality, and
even open-source firmware.

Rating 8/10

Books Reviews


A Female Genius: How Ada Lovelace, Lord

Byrons Daughter, Started the Computer Age

Neil Mohr ponders if society will ever learn from history?

e dont really want to review,

but rather talk about A
Female Genius. Its as good
and an absorbing biography as you
could expect, written almost two
hundred years after the birth of its

We would
love to say
that Lovelaces
because of
her gender are
a shameful
problem thats
been consigned
to history; but
we cant.

protagonist, using her own letters and

the musings of her closest friends and
relatives. It paints a picture of a woman
with superlative intellect, described in
Babbages own words as capable of a
force which few masculine intellects
could have exerted. Ada Lovelace was
clearly a cut above the rest, boasting
the likes of Charles Dickens in her circle
of closest friends; on her deathbed she
requested he pop round and read her
the death-scene of Paul Dombey from
Dombey And Son.
The tragedy thats clearly painted
and highlighted in the book is incredibly
one repeated by society today. The
failure to recognise, nurture and reward
the greatest minds in a generation, just
because theyre female. If Babbage
could have set aside his Victorian pride
and fully accepted the help Ada
Lovelace who intellectually grasped the
maths and functionality of the analytical
engine, he likely would have finished the

designs, perhaps he may have even

gained funding and ushered in the
computer age generations earlier?
Surprisingly enough, biographies of
Ada Lovelace are thin on the ground, so
its a real pleasure to find that A Female
Genius thoroughly uncovers the life of
Ada Lovelace, her dealings and
correspondence with Charles Babbage,
creator of the difference engine. LXF

A Female Genius
Author: James Essinger
Publisher: Gibson Square
ISBN: 978-1-90809-666-1
Price: 14.99
Pages: 256

A fascinating historical biography

of Ada Lovelaces life, if a little short.

Rating 9/10

Designing the Internet of Things

Can you design the next iPhone? Matt Hanson gets some tips.

hinking about the internet in

purely software terms is quickly
becoming an outdated practice.
With so many devices around our home
being able to connect to the internet
from the obvious, such as smartphones
and set top boxes, to the more obscure

After reading
this book, Matts
going to invent
a smart scarf
that tightens
itself around the
neck, the colder
the weather is.
Completely safe.

like fridges and cars if youre going to

make the next big thing on the internet,
then youre going to have to think long
and hard about the hardware its going
to run on.
Designing the Internet of Things, by
Adrian McEwen and Hakim Cassimally,
is a rough guide to designing internet
capable devices. As the authors
mention early in the book, the price of
microprocessors is now low enough
that we can include them in almost
anything, connecting them to the
internet, making them smart and as
they rather charmingly describe it,
creating magical objects, enchanted
things This wide-eyed enthusiasm
permeates throughout the book, and
the authors obvious passion for the
subject quickly rubs off on you youll
soon find yourself brimming with ideas.
However, this is a book designed to
inspire you and take you through the
initial processes of designing and
prototyping your device, but it keeps
away from being too technical or


prescriptive. There are no step-by-step

guides or tutorials, instead there are
examples given as a taste of what can
be achieved. Devices such as the
Raspberry Pi and Arduino are touched
on, but if you want a more in depth
guide to creating devices with them,
then youd be better off going for a
more specific title. As a general guide to
internet connected devices, though, this
is a fascinating book. LXF

Designing the IoT
Author: A McEwen & H Cassimally
Publisher: Wiley
ISBN: 978-1118430620
Price: 19.99
Pages: 336

Thinking of designing an internetconnected device? This book will

inspire you, and offer some advice.

Rating 8/10
February 2014 LXF180 23



in our January Sale

st Sa UR
Ja le R
nu en Y
ar ds !

Discover a new interest or hobby this New Year

with nearly 60 titles to choose from
Roundup: Best beginners distro




Plus! Finally the

Retina iPad mini!

New Macs, new iLife and iWork,

Mavericks all the details from
Apples bumper launch event!


Find your perfect

Mac and get a
great deal!

iTunes Radio
is coming

Plus! Will your

next Mac have
an A7 chip?

Share stuff
with AirDrop
Easily share photos,
videos and more!

Full new iMac range


1 for Free Software

Fund your

is back!


FROM 23.49


FROM 13.99



Fortran Hack like its 1957 p88

Python Print hello world p84

How one tiny graphical

toolkit took the world of mobile
development by storm p46

Renaissance man



Speak to your

Robert r0ml Lefkowitz on, well, everything p42

Also inside

PyCON UK 2013
Parselmouths dwell in the New
Model stronghold of Coventry p50

Qt 5
What next for Nokias lost orphan child? p54


Customise a GUI



Build a bespoke
desktop environment

Unleash world-beating
Web 3.0 sites the easy way

Beat the Slashdot effect

with high availability

Load balancing



FROM 25.49


FROM 22.99

worrying about annoying limits


Ubuntu 13.10
Has Ubuntu lost it/still got it/got
it back/always been ace? p18


How to configure your storage

for optimal performance

FROM 26.99

FROM 12.99


Most people today write

more than Charles
Dickens did in his lifetime



6 pages of programming excellence

Inside Qt

Simple monitor calibration

for movies and gaming

Everything you need to build

and manage your own site

The easy way to gain speed

Fixes annoying problems
You can do it in an hour!

Get the backing you need

Synergise the interwebs
Become your own boss!

Take control of your
photos with Gimp
Update your
Get your head
round qCraft
How to mine





The little tech

that couldnt




Get the ultimate from your

machine with a full refresh

How crowdfunding
is transforming
the economy of
free software

Hit 60fps at 1080p in Battlefield 4

Make a killer system for 740

Discover your next

favourite band!



GTX 780 Ti
AMD R9 270

Optimise Windows for

the best experience

Work anywhere with

Apples free web apps


Plus essential tips for

Windows 8, Vista & XP



Master iWork
in iCloud


iPad Air

Ele ingu



D ks !
DVtpic ore
EE , Ho + m
FRuna -bit
L 4
UROS 4 6
YO ry 3.0
N ta 1
O men y OS



Use Premiere Elements to

make even better videos



Price 5.99 | Issue 267 | December 2013

MacFormat.com | @MacFormat


FROM 19.49


Upgrade your Wi-Fi network

Control your PCs with one mouse
Boost startup speed

Organise your desktop
Virus-guard your PC
Save broken CDs!
Turn to p98 now!
Windows tutorials

New things to do

Buying advice

Help & support

100% jargon free


FROM 23.49


FROM 19.49


FROM 12.99


FROM 18.49


FROM 20.99


2 easy ways to order

Or call us on 0844 848 2852

quote Z406

Lines open Mon to Fri 8am 9.30pm

and Sat 8am 4pm

Savings compared to buying 2 years worth of full priced issues from UK newsstand. This offer is for new print subscribers only. You will receive 13 issues in a year except Computer Music Specials
in any way you can write to us or call us to cancel your subscription at any time and we will refund you for all unmailed issues. Prices correct at point of print and subject to change. For full terms and
conditions please visit: www.myfavm.ag/magterms Offer ends: 31st January 2014


N AT URE + TWorldMags.net








Every month we compare tons

of stuff so you dont have to!

Hosted storage
Not willing to trust a third-party with his data, Mayank Sharma evaluates
five tools to create a personal Dropbox-like service.

How we tested...
Some services in this Roundup are
easier to set up than others. Most
need to be set up on top of a server.
Such services have been installed on
top of an Ubuntu Server 13.10
installation running on a 2.1GHz Intel
Core 2 Duo machine, with 4GB RAM
and a 1TB disk.
Weve used the latest stable
versions of all the services from their
respective websites, while the
dependencies were installed from
the distros repositories. Besides
comparing their setup and
configuration mechanisms, weve
also appraised them based on the
intuitiveness of their user interface.
Weve also rated the usability of
their Linux and Android sync clients.
Some tools are more than file silos
and offer other features. Some, such
as encryption and version control,
were weighted higher than others,
such as add-on apps.

BitTorrent Sync

nline storage duffel bags

such as Dropbox have
changed the way people
collaborate and share files.
But these services come at a cost in
the form of cold hard cash and, more
importantly, privacy. To some of us, the
very idea of uploading our confidential
work files to a remote server, outside
our jurisdiction, seems preposterous.
This is where personal cloud storage
software steps in. These tools offer all
the convenience of an omnipresent
storage service, while keeping you in
charge of your private data. The data
never leaves your computer, and yet its

26 LXF180 February 2014

You can use the hosted services

to share all kinds of data,
including photos and videos.
still accessible through any device that
is connected to the internet. Many
hosted services also offer sync clients
for various mobile devices and
desktop platforms.
You can use the hosted services to
share all kinds of data, including
vacation photos and videos. In a
professional setup, you can also use
these tools to collaborate on


documents, and use the built-in version

control features to track changes and
revert to older versions.
In this Roundup, well look at some
of the most popular tools for sharing
and syncing your data. We have
services that require setting up a server
as well as those that work without one,
and enable users to share data directly
between them.

Hosted storage services Roundup


What does it take to get up and running?

f all the services in the

Roundup, OwnCloud has the
clearest installation process,
which is also well documented. You can
manually install the OwnCloud server
on your machine or from the official
repositories for popular distributions.
By default, OwnCloud uses the
SQLite data server, but it can plug in to
an existing MySQL database and will
also work with other web servers,
including Nginx and Lighttpd.
Similarly, Seafile also uses SQLite
database, and its website has
instructions on deploying it with
existing MySQL/PostgreSQL databases
and existing web servers, including
Nginx or Apache.
Seafile installs with a Python script,
which asks you to configure various
components. Although the installation
steps are well documented and
explained, you need to have knowledge
of your network.
Surprisingly, the Seafile clients are
available only as precompiled Debs.
Another service that makes only Debs
is Tonido. And it doesnt do a very good

job of it, because Ubuntu complains

that the packages violate the quality
Once the server is installed, youll
have to set up a unique name for it by
registering with the Tonido servers, after
which youll be able to access this
computer from the internet.
Developers will like the
SparkleShare service because it uses
the version control system Git under
the hood. All thats required to install
the service is to download and run a
script. However, sharing a directory,
called projects, with SparkleShare
takes some doing.
When you create a project,
SparkleShare spits out the SSH
address of the host and the location to
the shared directory, which is created
under its own /home/storage user
directory. You need to give these to any
client you wish to add.
You can install the client from your
distros repo or compile it yourself,
following instructions on the website.
When you add clients, theyll ask for the
hosts public SSH key, so youll have to

Tonido requires you to register with its relay service, but

you can disable it after installation.

figure out how to pass them along.

Interestingly, the SparkleShare client
can connect to the host as well as to
other hosting sites, including GitHub
and BitBucket.
Finally, theres BitTorrent Sync,
whose installation and setup is a more
involved process, at least on Linux. You
can pull packages for the service after
adding a PPA. During installation, the
installer gives you the option to create a
default instance of BitTorrent Sync. Or
you can define the parameters
interactively or by editing configuration
files, since theres no graphical
configuration tool for Linux.

BitTorrent Sync
installation and
procedure is

Built-in tools and add-ons

Flesh-out your storage server with cloud apps.

parkleShare and BitTorrent

Sync offer only file-sharing
services, and nothing else. You
can use these services to back up and
share data with other users.
Seafile has a built-in wiki module,

and includes a rich text editor and a

simple editor that converts plain text
into XHTML documents. Seafile also
lets users collaborate on documents.
It generates a new version after each
modification, and you can restore the

You can install additional apps from OwnClouds app store.

file to a previous version. Tonido ships

with apps, including a file explorer and a
webshare tool to share large files. It
hosts several others, mostly free, on its
website. Some interesting ones are the
browser-based torrent client, the Thots
blogging app and the Workspace PIM.
If you want to flesh out your service
with web apps, theres no beating
ownCloud. The tool ships with a photo
gallery app, uses ampache for music
streaming and has a web-based PDF
viewer and ODF viewer. Theres also a
task scheduler, an online text editor,
and an app to store bookmarks.
You can download other apps from
its app store. It hosts productivity tools
such as a URL shortener and the
Roundcube mail server, multimedia
tools such as the JW Player-based
video player, and tools to visualise
storage space and scan files with
ClamAV virus scanner.


BitTorrent Sync
has by far the
most diverse
collection of

February 2014 LXF180 27

Roundup Hosted storage services


Do you need a PhD to use these services?

hese arent average desktops apps.

Most require you to set up a server, and
if you want to access them from
outside your network, youll have to tweak your
router and punch holes in the firewall.
The USP of some apps in this Roundup is

that theyre easier to set up and administer,

while others support client-side encryption
and offer better security and privacy.
But a major point of comparison is the user
experience. Theres no point recommending
the most secure app if it requires sifting

through reams of documentation. Well

evaluate the user interface of the web-based
administrator consoles and the desktop client.
Well also keep an eye out for the procedures
to create a shared folder and access it from
other machines.

The minimal installation procedure works as advertised. The service has
an impressive file manager and can handle files in most popular formats.
The service ships with a useful set of apps and you can flesh it out with
others. In terms of security, were pleased with its basic encryption and
file versioning. Unlike encryption, versioning is enabled by default. The
versioning app ensures you never run out of space, by automatically
deleting old versions. OwnCloud lets you mount external cloud storage
drives, such as Google Drive, Amazon S3, Dropbox, and OpenStack Swift,
and can seamlessly manage data on these along with that in your
private cloud. The service supports CalDAV and CardDAV to sync your
calendars and address books. OwnClouds impressive desktop client
displays notifications and shows you a summary of sync activity.

Installing this service isnt much hassle either. All you need is to
download and run a script. The service transfers data over SSH channels
and you can optionally create encrypted shares as well.
But, unlike other services, you dont get a web-based user interface
for administering the service its all done from the command line. Also,
connecting the clients to the server is a more involved process and youll
have to find a way to securely transfer the public SSH keys from the
client to the host.
The service has a desktop client with limited features and no mobile
client. Once set up, surprisingly even relatively small files, such as 25MB,
take some time to sync. Additionally, the developers themselves admit
that SparkleShare isnt great for storing photo or music collections and
large binary files that change often, such as video editing projects.

Desktop integration

Are their desktop clients good enough?

one of the services integrate

with the right-click context
menu on the Linux desktop.
That said, most services have
impressive Linux clients and can back
up any folder on the desktop.
OwnCloud users can sync any folder
on the system. Its client can be
accessed from the status bar. You can
use the client to throttle upload and
download bandwidth and pause and
resume transfers. The client also lets
you add local folders and specify

28 LXF180 February 2014

patterns for files or directories that

shouldnt be synced. With Seafile, you
can share a folder on the desktop by
uploading its contents into a shared
library. The Seafile desktop client can
be used to create new libraries or
download existing ones, and view the
sync status, and other information.
SparkleShare can sync only
directories shared by the server.
Although the service has a client in the
system tray that displays notifications
about the sync operations, as well as a

list of changes across all shared

directories, it cant do much more.
Tonido isnt much better. Because of
the intended purpose of the service, its
client can add files to the synced folder,
but it cannot share a new folder.
BitTorrent Sync doesnt have a
desktop client on Linux. You have to rely
on its web-based interface to sync
folders. It generates read-only and fullaccess secret keys and QR codes for
mobile apps, and lets you throttle
upload and download bandwidth.


BitTorrent Sync
The Seafile
tool has a very
desktop client.

Hosted storage services Roundup

Although Seafile has a straightforward script-based install, it employs
components that run on different ports, which makes it difficult to
identify a problem when something goes wrong. The web UI is verbose.
You begin by creating a library, which can be encrypted, and then add
files to it. The service offers flexible options to share libraries or
individual files with users or groups of users. You can also transfer
ownership to another registered user. The impressive desktop client sits
in the system tray and displays notifications for sync operations. Other
users can download and create libraries. Once a library has been
downloaded, the latest version will be uploaded to the server and then
synced with all computers. The service also includes a fsck tool.

BitTorrent Sync
BitTorrent Syncs USP is it employs no server. It transfers files securely
between users via P2P connections. During installation, it creates a
default config file, though advanced users would want to create one
manually since it offers more options. The tools web-based interface is
the default way of accessing BitTorrent Sync on Linux. You can manage
general and shared folder preferences here. When you add a folder, you
get two keys read-only and full-access. Pass on the secret key to other
BitTorrent Sync users to start syncing the folder. The service encrypts all
traffic using a private key derived from the shared secret key. If you want
to sync to a mobile phone, you can download the mobile app and scan
the QR code generated by the web-based client.

The app is designed for the average desktop user, so it doesnt bother
you with details about your network. You install it on the computer you
wish to share files from and register the computer with its relay server.
Your computers disk is now accessible from any computer on the web.
You can access the files from any web browser. To be able to sync files
and folders, youll need to install its sync client. The app is designed
primarily for an individual user who wants universal access to their files.
However, you can add guest users and share files with other users
not using Tonido via simple web links. The service lets you create and
share these links via email or you can post them to Facebook or Twitter.
Tonido also has an app store with lots of freely available apps.

Mobile clients

Access your cloud on the move.

oull have trouble accessing

your SparkleShare cloud from
the mobile. As per its website,
the service had a basic Android client
that allowed you to browse and
download files, but it isnt listed in the
Android Play Store anymore.
Seafile has a basic Android client
thats under active development. You
can use it to browse, download and
upload files, but it doesnt automatically
sync changes yet. OwnCloud has
mobile apps for Android and iOS, but

unlike the server they arent available as

free downloads, nor do they offer a trial
version. The app will sync and download
individual files but not entire folders. It
also doesnt show thumbnail previews
of pics and cant sync the calendar and
contacts like its server.
BitTorrent Sync and Tonido have
freely available mobile apps. In addition
to Android and iOS apps, Tonido offers
apps for Blackberry and Windows
Phone as well. With the Android and iOS
BitTorrent Sync apps, you can sync files

by selecting the folder in your phone

and scanning a QR code for a shared
folder on the desktop. You can also send
and receive files by scanning QR codes.
Using the Tonido Android client, you
can access and download files from
your server and even upload files to a
shared folder. You can share folders by
a link and watch music and videos from
your server that are transcoded on the
fly before they are streamed to your
phone, based on your network


BitTorrent Sync
The Tonido
and BitTorrent
Sync mobile
apps are simple
to use.

February 2014 LXF180 29

Roundup Hosted storage services


Safety features
Can you trust them with your data?

very Seafile desktop client has a

unique private key. When a client
and a server connect, they
exchange the public key and negotiate
a session key. This session key is then
used to encrypt the data transfer. You
can also create an encrypted library,
which is encrypted with AES-256.
Seafile also has version control and
although it keeps full history by default,
you can specify a period to keep old
files for, per library. You can browse the
history of a file and restore the file
content to an old version. You can also
add users and organise them into

groups and share libraries with groups.

While adding users in OwnCloud, you
can restrict their storage space and
organise them into different groups. You
can share your admin responsibilities
with other users and make certain
users group admins. You can encrypt
files with ownCloud, which also
supports simple version control.
Also, both OwnCloud and Seafile
dont have automated options to back
up the data on the host, but the process
to manually back up the relevant
folders and the database is well
documented. SparkleShare transfers

SparkleShare uses SSH channels but gives read/write access to clients.

data via SSH channels and you can

create encrypted projects as well,
though it cant encrypt existing projects.
Since its based on Git, SparkleShare
has version control built-in. Using the
tool, you can share some of your
projects with other users, while keeping
others private.
BitTorrent Sync also supports
versioning. By default, it creates and
stores all the old copies of edited and
deleted files for 30 days in a hidden
directory within the sync folder. The tool
encrypts all traffic, using a private key
derived from the shared secret key, to
ensure that people you share them with
can see only your files.
Because of its intended use, the
default Tonido user is the admin user
who has full access to all the files in the
system. However, you can create guest
accounts if you want to share only a few
folders or files with others.
You can, optionally, enable additional
security by adding a second level of
authentication for remote logins. Tonido
uses its proprietary P2P technology
and encrypts all data using AES
encryption. The service also insists that
your data isnt transferred using a thirdparty server, and is in fact transferred
directly from your computer to the
remote computer.

BitTorrent Sync
Seafile and
OwnCloud both
ensure that you
are in control of
your data.

Sharing and accessing files

Pass links and mount cloud drives.

ou can access your OwnCloud

storage via the WebDAV
protocol. You can access it from
the file manager or mount it after
installing DAVfs, you can even access it
from Windows and OS X machines.
OwnCloud lets you select which
users or groups you want to share files
with and whether you want to give them
permission to modify the files. You can
share an item with someone who isnt
on your OwnCloud server by sharing a
URL to that file on your server. You can
also password-protect the link and set
an expiration date.
Tonido offers a similar feature and
lets you share files with a URL. It also
lets you customise the name of the

30 LXF180 February 2014

share and make a share

public or accessible to
selected guest users.
BitTorrent Sync also lets
you share read-only links
with other users, though
they must be using the Sync
client. But thats better than
SparkleShare, which doesnt
allow you to share files with
links. All you can do is create
The Seafile desktop client makes it very easy to
a project, and any clients you
share files.
add to this project will have
full read/write access.
With Seafile, you can share a library
single documents with another user.
with specific contacts or groups and
Members can upload, download and
enable read-write or read-only access
edit files online or even download the
to different libraries. You can even share
whole libraries from the cloud.


BitTorrent Sync
Except for
all tools allow
guest access to
shared content.

Hosted storage services Roundup

Hosted storage services

The verdict

electing a hosted storage

service depends on many
factors, such as what type of
data you will be syncing, and your level
of expertise. In fact, it isnt uncommon
for people to use multiple services.
For example, if youre concerned
about the privacy of your data you can
use SparkleShare to collaborate with
colleagues and safely pass documents.
The service is very secure, since it uses
SSH, but isnt intuitive enough for the
average desktop user.
The average user would be well
suited to the proprietary Tonido
desktop. Its ideal for personal use and
gives universal access to your data in a
couple of clicks. Although you can share
files with other users, it isnt designed
with collaboration in mind.
If collaboration is the primary reason
you want a hosted share, take a look at
Seafile. Its easy to install, has clientside encryption, a feature-rich client for
the desktop and a functional client for

the mobile. Theres also a version for

the Raspberry Pi. In our tests, Seafile
was the only service that misbehaved
repeatedly, and because of its
components it took time to identify the
problem. The Seahub component is the
tools weakest link. Some people on the
Seafile forums point out that over time
the tool doesnt work well with large
libraries, though we didnt face any such
problems in our week-long test.
For sharing large files, theres no
beating BitTorrent Sync. Its designed
with security and encryption in mind.
The service is different from the others
as it doesnt use a storage server.
The community edition of OwnCloud
works well whether you want to share
files with friends or family or collaborate
with colleagues. It
has been suggested
that it doesnt scale
well, though we
didnt face any such
issues. OwnCloud

Thanks to the PageKite tunneling tool, we could even

access our files outside our network.

has a decent Android client and, like

Seafile, uses an SQLite database for
simpler installations, but can scale and
hook up with other servers. It has tons
of useful apps, and we like the flexibility
to connect to external services.
All said and done, OwnCloud seems
to be the best option for a large number
of installations.

OwnCloud has tons of useful

apps and we like the flexibility to
connect to external services.
4th SparkleShare

1st OwnCloud

Web: www.sparkleshare.org Licence: GPLv3 Version: 1.2.0

Web: www.owncloud.org Licence: AGPLv3 Version: 5.0.13

Offers the right features for storage in personal and professional settings.

2nd Seafile

Most secure sharing service with no fancy share-control options.

5th Tonido

Web: www.seafile.com Licence: GPLv3 Version: 2.0.3

Web: www.tonido.com Licence: Freeware Version:

The perfect solution for users who dont want OwnClouds add-on apps.

3rd BitTorrent Sync

Ideal for desktop users who wish to access their files from the internet.

Over to you...

Web: www.bittorrent.com/sync Licence: Freeware Version: 1.2.73

Best service to share files with your mates.

Do you agree with our choice? Maybe youd have picked completely
differently? Email your opinions to lxf.letters@futurenet.co.uk

Also consider...
If you arent averse to getting your hands dirty,
you can roll your own syncing and backup
service with some open source software.
Heres a tutorial for building a private
Dropbox-like service using GlusterFS on
CloudFS.org (http://bit.ly/1ifDT4h) thatll
create a mountable filesystem from a remote
server on your local machine. Theres another

tutorial on Fak3r.com (http://bit.

ly/1eAqYVF), which uses OpenSSH for
encrypting the transfers, rsync for
syncronisation, and the lsyncd live syncing
daemon. If youre looking at ready-made
solutions, theres the dvcs-autosync project,
based on the distributed version control
system (DVCS). It uses Git for backend storage


and supports Mercurial and other distributed

version control systems. PerlShare is built
around the Unison synchronisation tool. Its
only available as a developer preview. Theres
also the git-annex assistant tool (http://gitannex.branchable.com/assistant), which
was crowdfunded and enables you to create a
synchronised folder in several machines. LXF

February 2014 LXF180 31


Subscribe today
Subscribe today and get Linux Format
for just 3.85 an issue

ake advantage of our fantastic

subscription offer and subscribe to Linux
Format for just 25.49 every 6 months.

Our subscribers are our most

loyal readers, and as a thank
you we like to make sure you
not only get a great price, but
also tons of other benefits.

Get all this:

Exclusive access to the LXF
subs-only area, featuring magazine
PDFs, complete issues and
coverdisc downloads.
A digital edition of every issue
from our subs-only area on your
PC, iPhone or iPad.
Save money on the shop price.
Get each issue delivered to your
door a week before it hits the
shops (UK only).
Discount on Linux Format

What Youll Pay:

UK Pay 25.49 every 6
months or 99.99 for 2 years
Europe Pay 99.99 for a
years subscription
Rest of the world Pay
107.99 for a years

32 LXF180 February 2014


the di nt
Turn t ?
page 6 o


v u
WorldMags.net 40%e ep to
Fig. 1 The benefits of subscribing

Get th r year
of DRM sands
ls, feat e
and re
views es

Hello Linux Format reader!

Is this the
rst time
youve read


Read, enjoy, come back next issue.


Do you buy
LXF more than
a couple of
times a

Are you a



Well done! Youve saved

yourself the hassle of
getting down to the shops
town centre parking is
a nightmare these days.



Dont bother subscribing; its not

worth it. Instead, write to us and let
us know what you want to see more
of and what you want to see less of.
We want your cash!

Are nancial
to you?

Do you
live in Foreign
and visit the UK
more often than
once a



Congratulations on transcending materialism.

Perhaps youd like more than 2,700 DRM-free
PDFs covering everything from Asterisk to
Zshell, available exclusively to LXF subscribers.*


Do you own

Buy it on the
newsstand in
the UK and
save our costly
export fees.




You should subscribe. Youll get

your copy up to a week before it hits
the shops, and be able to download
a digital version.



You should subscribe.

At just 54.99 a year for
UK readers, its far cheaper
than buying each
issue individually.

You are the Doctor, and I claim my

prize. Also, please take me back to
1968 so I can see the Elvis
comeback special!

*Thats all of our back issues, starting with issue 67 and

going right up to the magazine youre holding in your hands.

Visit www.myfavouritemagazines.co.uk/LINP2B
(Please use the full web address to take advantage of this special offer)

or call our hotline on 0844 848 2852 and quote LINP2B

For international subscription offers go to:

In the USA or Canada?

Subscribe for $139 a year, or $35 every three months
Go to www.imsnews.com/lxf-a049
or call TOLL-FREE on 1-800-428-3003 and quote a049
All savings are based on current newsstand prices. Payment is in GBP unless otherwise stated. You will receive 13 issues of Linux Format a year.
If you are dissatised in any way you can write to us or call us to cancel your subscription at any time and we will refund you for all unmailed
issues. International subscribers please allow up to eight weeks to receive your rst issue. Access to the subscriptions-only archive area is
strictly for personal use and not available to digital subscribers. Offer ends 10 February, 2014.


February 2014 LXF180 33

Linux Mint


Linux Mint 16
Time to savour Mint this year?
Linux Mint goes from strength to
strength, says David Hayward and
why not? It does after all have the
community behind it.
he old adage of if a thing is
worth doing, its worth doing
well can certainly be applied to
many different distributions of
Linux, but theres one distro that time
and time again comes out shining above
the others: Linux Mint.
The reasons behind the popularity of this
particular flavour of Linux are many, and
weve covered most of them thoroughly in
the past (LXF167); however, there is one
major factor contributing to this excellent
example of an operating system thats
worth going over again, and thats its
commitment to providing us, the users, with
a well tested and well thought out system.
How often do we, as dedicated Linux
users, casual Linux testers, distro junkies
and enthusiasts fully appreciate the amount
of work and effort thats involved in taking
what has worked in the past and improving
on it? How much work does it actually take
to listen to all the hands-on desktop
experiences the community has with the
system, learn from their voiced concerns or
congratulations and apply those ideas and
concepts to the finished product? The
chances are most of us never fully
comprehend the dedication of the people
behind the scenes.

makes or breaks you as a person, or

indeed, as a team.
The operating system is a prime
example; we are all aware of the poor
examples of a
Linux distro,
just as much
as we are
aware of the
ones. However, to keep up the record of
improvement, continual growth and
success, and the appreciation of those
who use it takes something more than
just dedication, it takes passion.

Most of us never fully

comprehend the dedication of
the people behind the scenes.
The same can be said for virtually every
item of FOSS, regardless of whether its built
by one developer or the result of a
worldwide team of hundreds of developers
and testers the finished product is what

34 LXF180 February 2014


Linux Mint


Mint Condition
Has the battle of the charts been won?
heres a kind of unwritten rule throughout internet
land, where charts, top lists and other popularity
identifiers such as these are taken greatly into
account. Some of these lists are compiled thoroughly
using the most up to date data available, some arent.
Distrowatch is one of the more popular and accurate of
these lists (Although Chris Brown may not agree, see p58),
and although their rankings are based on page hits from
their own links, they have nevertheless established
themselves as the go-to view in which to see the top ten,
top twenty or top one hundred distros available to users.
Linux Mint has been top of the Distrowatch charts for
quite some time now. The battle between Mint and Ubuntu
for first place has raged for a couple of years and has
culminated in an all-out win for Mint if you see Distrowatch
as important, certainly.
As you can see from the chart weve included below of the
top distros from Distrowatch, Mint is leading the way with
3,424 page hits based on a six-month period.
So what does all this mean? Well, in truth we do realise
that theres only so much faith you can put into the
DistroWatch charts, they just represent a small section of the
community by all accounts, but it makes for interesting
chewing-over and although theres not much chance of Mint
being knocked off the podium for the foreseeable future, its
also nice to view the rankings of the other distros as they
climb the ladder of popularity.
Really though, its down to the team of developers and
testers who work diligently to bring us a stable operating
system, and their faith in what theyre doing. In the end, thats

still embracing as much new technologies as is functionally

possible. This, dear readers, is what makes Linux such an
evolving and enterprising world to live in: its not just an
obsession with free software, its our
passion for the ethos of FOSS and its
embodiment in the common good for
working with and for each other.
What were looking at today is a version,
and Linux Mint 16 Petra can help offer both
the Windows refugee and the habitual Linux
user a fresh new outlook on their desktop
doings. In the next few pages well look at the new
technologies involved in Mint 16 Petra and see whats shes
got under the hood. And finally well take a gander at possibly
the most important factor of this or any distro the
community. So lets dive in.

The man
behind the
OS, Clement

Its an all-out win for Mint

if you see Distrowatch as
important, certainly...
what Linux Mint means to its followers and the vast
community of users, not least us here at LXF. Its the passion
in which Clem Lefebvre and his team put into every release; to
be forever moving onward and upward, and to offer us a
complete system, free from as many bugs as possible while

The charts
Its actually quite interesting if you take
the time to look back in time to 2007,
when Mint first started to appear on the
Distrowatch page hit charts. Then it
was ranked sixth, with 991 hits, with
Ubuntu on top at 2,519.

With a Bullet
Slowly it managed to creep up in
popularity, little by little, rising to a very
respectable third place in 2008 with a
total of 1,458 hits and with Ubuntu still
assumed to be the unconquerable King of
this particular hill.

However, it wasnt until 2011 that Mint
reached the number one spot, with a
total of 2,618, and finally managed to
knock Ubuntu off its lofty perch after a
very impressive six years as the
DistroWatch number one.


February 2014 LXF180 35

Linux Mint


Technologies galore!
Whats your flavour? Try a blast of freshness...
inux Mint 16 is certainly no backward operating
system, as youll soon come to appreciate when you
read on or indeed, just use it. The technologies,
tweaks and enhancements it offers far outweigh the more
common operating systems that grace the screens of a
modern PC. Mint, however, doesnt always run with the
latest innovations.
As well see later on, there are more recent updates for
many of the features that appear in Linux Mint 16, but the
team decided to make the overall experience of using Linux
Mint a stable one, so where the latest version may have been
forsaken for an earlier one, the stability of it means youre
ultimately getting a better operating system.
Saying that though, theres still plenty of up to date
technology in Mint 16. As Clem mentions, This new release
comes with updated software and brings refinements and
new features to make your desktop even more comfortable
to use. Linux Mint 16 focuses on the task at hand, it does less
and does it better than before.

Cinnamon 2.0
One of the biggest features showcased prior to the Mint 16
launch was, of course, the release of Cinnamon 2.0.
After spending five months in development, along with
856 commits from 28 developers, Cinnamon 2.0 was
unleashed with a plethora of bug fixes, brand new features
and many, many improvements.

The Cinnamon project did have something of a shaky start

in life when it was first introduced back in Linux Mint 13,
although Mint 12 owners gave it a good testing base in early
2012. There were a number of users complaining of frequent
crashes, and issues such as unusable desktops, but after
some bug fixes things started to settle and the users began to
get the measure of this new environment. Back then
Cinnamon addressed the concerns of Gnome 3.x that some
of the community held, particularly the loss of productivity
and usage versus the Gnome 2 environment. Cinnamon
appealed to the masses who were becoming a little sick of
the flashy, bubble gum tablet interface that most desktops
were turning into regardless of their desktop OS origins.
Cinnamon was simple, powerful and had a catchy name:
perfect ingredients for a community winner.
Fast forward a couple of years, and we have Cinnamon 2.0
on our desktops, and its looking as good as ever. However,
looks arent everything and the proof of the pudding, as they
say, is in the tasting.
It would be easy to list all the minutiae of details regarding
the many fixes and features of Cinnamon 2.0, but itll be
somewhat superfluous, especially since this ground has
already been covered many times before. Rather than that,
then, well simply highlight the more important aspects, that
way those of you who arent familiar with the delicacies of
Cinnamon 2.0 can at least make a small judgement based on
what you read; remember though, as with most desktop
environments, Cinnamon is a personal thing, what works with
one user may not necessarily work or attract the next.

Work round the edges

Cinnamon has matured into a Gnome free environment rather nicely.

A sample of delicious technologies from Cinnamon 2.0.

Edge tiling is when you move an active window to the edge

of the screen and stick it there, occupying half the screen
(or by pressing the Super key + L + Arrow key). It may sound
unnecessarily flashy for some, but consider the modern
desktop owner with a widescreen monitor, tiling the
windows to one half of the screen potentially makes for a
more productive layout and better use of the available
desktop space available.
With Cinnamon 2.0 there were some nice additions to the
edge tiling feature: tiled windows no longer needed to fill half
the screen, as they do by default, and now display a Heads Up

Whats in Mate 1.6?

Mate, the other desktop environment that Linux
Mint comes in, is an alternative that has found
much favour among its users.
Mate is, essentially, designed to be the new
Gnome 2. Whichever way you decide to look at it,
Gnome 2 was basically renamed, and Mate has
carried on with the desktop project where Gnome
2 eventually left off. But Mate goes far beyond
Gnome as a desktop. The features, the look, feel

36 LXF180 February 2014

and performance of Gnome have since evolved

into Mate, and as such Mate has evolved into an
environment that encompasses everything that
was once great about Gnome but without the
bugs that inherently plagued it for years.
With Linux Mint 16, Mate was destined to
accompany the latest Cinnamon with version 1.8
of its environment. However, there were a few
problems and as a result Mate 1.8 wasnt released

in time for Mint 16. The Venerable Lefebvre has

since stated that he talked extensively to the
Mate team, and stressed the importance of
releasing a new Mate for each new version of
Mint, as both projects benefit greatly and it helps
momentum, particularly for the Mate project. But
the problems raised during testing meant that
Mate 1.8 had to be replaced with an updated
version of Mate 1.6.


Linux Mint


Edge Tiling has many exciting benefits...

Nemo is better than ever, and considerably more stable.

Display zone where theyll tile to but you can then resize the
edge tiled window to better suit your needs.
In addition to the four edges of the desktop (left, right, top
and bottom, duh!), you can include the four corners in the
edge tiling zones, too. That way, you can effectively and easily
create four distinct windowed programs, occupying the
corners of the visible desktop. The end result is very effective
and again makes for a more productive desktop layout.
Like its edge tiling companion, edge snapping is a modern
UI-inspired snap to edges or corners function that allows the
user to snap an active window to the surrounds of their
desktop, then open a full screen program without it covering
the snapped window.

access and modify their own account information via the

Account Details section of Settings. Additionally, the User
Applet adds fast access to account information, details, user
switching, system settings and the ability to quickly logout or
power off the computer.
Next comes Nemo, the Cinnamon file browser (a fork of
Nautilus 3.4), which has had some welcome improvements,
which include better MIME handling, new tray icons,
improved performance, bookmarks, move to and copy to
functions, previews and a bug free Extra Pane view. Not only
that, but it looks better overall and thanks to the bug testing
and performance enhancements, now feels more snappy and
greatly enhances the overall Mint experience.
Finally, and probably the most significant
addition, or enhancement, is the fact that
Cinnamon is its own desktop environment
built on classic Gnome technologies. Where
Cinnamon was once the frontend of Gnome,
version 2.0 has become more like its
colleague environments: Mate and Xfce.
It still uses the various Gnome libraries and it launched
with the reassurance that compatibility with Gnome
programs isnt a problem, but now rather than rely on the

We have Cinnamon 2.0 and its

looking as good as ever. But
looks arent everything...
In essence, this means that the user can effectively do
what they need to do on the main program window, while still
being able to keep one eye on the snapped program window.
Users with a multi-monitor setup have naturally been able to
do this anyway, however, a single monitor setup makes edge
snapping a valuable and very functional addition.
Screen snapping may very well have been born from the
pages of Microsoft Windows 8 or the Xbox One, or from some
other system before that, but thats not to say its a bad thing.
While Cinnamon prides itself on being an interface that
forsakes the semi-useless features of the tablet generation it
doesnt ignore the worthwhile features that are actually of
some use. Okay, so its not every day that youll stick a movie
in one corner, a document in the lower half of the screen and
a web browser in the other, but you can if you wanted to,
which is more important.

Shepherding accounts
One bugbear of former Gnome versions was a decent
application for managing and administering user accounts. In
Cinnamon 2.0s case, the Users and Groups function were
written from scratch and now feature a more fluid, and
intuitive control method.
Mint system administrators have control over the groups
particular users are a part of, and users themselves can

Edge Snapping also has a fair array of benefits. Watch your edges, basically.


February 2014 LXF180 37

Linux Mint


Gnome backend services Cinnamon enjoys its own

environmental freedom to grow, mature and evolve into
something greater than its original parent desktop.

Managing Minty goodness

The Mint Display Manager (MDM), which basically handles
the login window and starts the X session, has seen an
impressive array of graphical improvements since Linux Mint
15, and some nifty performance tweaks to make it an
extremely streamlined process.
The speed and performance improvements (24,500 lines
of code were removed) have required the removal of a
number of features such as: remote login and XDMCP
support, Xnest and Xephyr nesting, server management,
dynamic servers, some custom commands, Solaris support
and the MDM Photo setup. Their departure, however, doesnt
impair the ability or functionality of MDM, in fact its
considerably lighter on its feet now and more user friendly.
Additionally, the new default login theme features an
animated background and a clearer aspect for the user. The
theming, therefore, is now open to those of a suitably artistic
bent to go forth and create a wealth of stunning login
backgrounds for Mint users to use.
It would have been nice to see the previous version of
Mints pre-installed HTML MDM themes with 1.4, but theres
only Clouds and Mint X available at present. Its not too
difficult to include more, though. Theres also still a wide
range of GTK and GDM styles to choose from, if you decide to
opt for a non-HTML login screen instead.
Although the creation, formatting and so on of a USB stick
isnt much of a problem to those who know what theyre
doing, within Linux in general and not just Mint, its something
of a befuddlement to the new user. With that in mind, and to
help out the rest of us who regularly format USB sticks on
what seems like an hourly basis, the team have introduced a
new USB Stick Formatter with Mint 16. The new tool is
capable of formatting sticks to the tune of FAT32, EXT4 and
NTFS, and whats more, its incredibly fast and stable.

MDM HTML5 animated themes are a really very nifty feature.

A small addition, but a worthy one: USB Stick Formatter.

Overall, the benefits Linux Mint 16 offers over many of the

competition is the fact that it has been significantly improved
and tweaked over the last six months to represent the
absolute best of both worlds.
By this we mean, not only is Linux Mint 16 a very quick,
snappy and responsive OS that has many performance
improvements that use less system resources than before,
but its also, as our friend Clem Lefebvre happened to
mention in a recent interview: Only interested in stable and
proven technology which, in turn, offers users for personal
or for business use an ideal computing foundation on which
to expand from.

Speed, speed and more speed

This all-new set-up is, in short, pretty much ideal for the new
user, as well as the more experienced Linux aficionado, and
its managed to look consistently great at the same time.
Theres plenty of scope to further improve the visuals of the
system, and through some clever manipulation you can come
up with a Linux desktop thats more personal than any other
operating system around is capable of doing.
This is what it means to be a Linux user though: to
experience something that is continually evolving, that will
always be getting better with every human usage, and indeed,
to be one of the active users who actually contribute to the
experience and to have your thoughts, ideas and
contributions recognised and listened to by others out there.
Linux may be a personal thing to the end user, in that they
may prefer one distro over another, or one desktop
environment over another, but as a whole, as the community,
the Linux user becomes something more than the individual.
And Linux Mint makes for a great entry in this wider
community of likeminded individuals.

Desktop glam
As weve come to expect from every new
release of Mint, the artwork involved goes
up a notch and offers us some stunning
eye-strokingly impressive aspects to
positively wallow in while we look at the
desktop. Granted, for many the
appearance of the desktop is of little
consequence, after all youll be doing
your work, viewing photos, videos or

38 LXF180 February 2014

browsing, and you wont be able to see

the desktop. But thats not to say it cant
look good when its visible.
The stock wallpapers that come with
Mint 16 are very nice indeed, and when
combined with the themes (of which
there are the core three to begin with,
Cinnamon, Linux Mint and Mint-X) you
can create something spectacular.

Mints artwork gets better and better with each release.


Linux Mint


The Community
We know it is what we make it... what do we want to make it?
he main driving force behind many Linux distros: what
they look like and what they eventually contain comes
directly from the vast community of users and testers
that have spent their time and efforts providing positive and
critical feedback to the developers and distro teams.
Linux Mint is certainly no exception. In fact, Mint is one of
the most active communities in the Linux world, and virtually
every comment, item of feedback and constructive criticism
is taken seriously by both Lefebvre and other members of the
development team.
As our man Clement recently mentioned in a reply post on
the Linux Mint pages: Im happy to confirm I personally read
every single comment during an RC phase and consider
every bit of feedback to improve the release as much as
possible. The big problem we have is to communicate back
and to follow up, i.e. to acknowledge, respond and get back to
people who help us test the RC. Its also true that we do not
have eyes on Launchpad, Github or even the forums during
that phase. He then goes on to add, Im very grateful for the
feedback we get during the whole cycle, but particularly
during the RC. Its thanks to you we can fix things prior to
releasing as stable.
Lack of communication and understanding between the
developers and the community as a whole is one of the major
problems that face some of the other bigger distro names.
Canonical in particular, the company behind Ubuntu, has
been criticised in the past for ignoring the wider community,
as have several other distros. But, theres now a real shift
from the bigger distro players in the community. They are
now starting to take notice of what the user have to say.
This, we believe is thanks, in part, to the efforts made by
the developers of Linux Mint and its community of valued
users. Obviously, we cant be certain of this, but consider how
popular Mint is now, and how the former distro favourites
have dropped significantly in the last year or so. Now take into

If you need more info, then engage in a spot of one-onone chat with other Mint users.

consideration how Ubuntu is starting to listen and change

some of its features, such as better privacy, options to drop
out of certain features etc. based on the feedback from the
community and critics.
Linux Mint has always within reason had a good
relationship with its users. Where there has been some issue
during a testing phase of the Release Candidate ISO, the
users testing have reported anything untoward and Lefebvre
and the development team have looked into the possible
causes. Its a win-win formula; by keeping the users in the
loop you inevitably end up releasing a product that the
majority, or as close as possible, wants to use.

The Mint
has never
been more

Room for improvement

However, as with most instances where user and developer
feedback thrives, theres always room for improvement. As
many of us have in the past experienced the act of providing
feedback and getting a sensible return on our comments is
often a strangled affair. Words can be taken out of context,
lost in translation, or not really understood fully. The problem
of discoverability tends to become more of an issue as a
project gains in popularity; the feedback we provide could
easily be lost among the hundreds of other posts that
inevitably pop up on a forum: we are, after all, just one voice
among the many.
Linux Mint admins, and Lefebvre in particular, understand
this complex model of debate. There have been times in the
past where a lack of communication has been pointed out
during the release candidate testing phase, or the
communication wasnt taken seriously enough. Indeed, this is
something that Lefebvre has specifically responded to: I can
see how hard it is for people in the community to see whats
going on. I cant promise it will be perfect for Mint 16, but it will
definitely be better.
The reason we mention this quote is that, as members of
the community ourselves, we are pleasantly surprised that
someone who is extraordinarily busy with the release of an
OS takes the time to respond to feedback from a lone


February 2014 LXF180 39

Linux Mint


individual. Feedback given is clearly important to the Mint

team, so much so that a lengthy response is provided by
Lefebvre in our mind, this speaks volumes for the
commitment that he and the rest of the development team
show and demonstrate to other development teams.
While there will always be those whose comments are
missed for some reason or another, Linux Mint still remains a
community driven and community focused OS that not only
wants the best for those who use it, but is also actively
seeking out the community discovered issues, ideas and
praise to further expand on an already great system.

Shaping the future of Mint

Theres little doubt then that the community have helped to
shape the Mint that weve all come to love and appreciate.
Through the critical feedback and various bug testing, to the
comments and requests for help from Linux or Mint
beginners, Lefebvre and the team have put together an
operating system thats very user focused. But what does the
future hold for the community?
Humans, even LXF writers, have a distinct lack of being
able to predict whats going to appear in another six months.
But from what we can see from the many posts that have
littered the Mint forums, with regard to the previous versions
of Mint we can see a distinct shift from the tablet-centric
world to that of a more classically styled approach.
To many, the user interface Microsoft adopted with
Windows 8 was the final nail in the coffin, and those Linux
distros that have followed suit have been given a very public
and vocal mauling. And as weve seen countless times before,
users will show dissent by uninstalling a particular distro or
OS. With Mint weve seen many of its users beg the team to
avoid the Gnome 3 and Unity UI, which the Mint team has
acknowledged by including Mate and Cinnamon, and offering
of Xfce for those who want something else. Listening to the
users proves that they will stay loyal to your brand, and
ultimately help you form a better and more appealing

Community written tutorials are a great starting point for

newbies to the wonderful world of Mint.

product. Perhaps this is something other OS leaders should

seriously think about adopting?
There are also interesting calls for Mint to peel off from the
Ubuntu base. This in itself raises the potential for something
greater than the Debian-based giant, but it will require a
growth in volunteer development and financial support.
Without upsetting the Ubuntu users too much, Canonical
is firmly focused on its convergence story which has meant
the mobile operating system has been given greater attention
than the common desktop, and Canonicals ultimate goal is to
see everyone use the same OS across all devices. This then
puts Mint in an ideal position to closely monitor the future of
the desktop. If Ubuntu focuses too intently on the mobile
market, then Mint will have little choice but to break away.
If Mint does decide to part ways and Ubuntu fails in its
plan to dominate the mobile market, Mint could find itself in a
prominent position on the desktop for a time. Anyone hoping,
however, that Ubuntu would fade away if that happens is
ignoring the level of community support it still retains or the
tenacity of Mark Shuttleworth and his financial clout. If,
however, the desktop as we know it ends abruptly one day
and yields to mobile and futuristic quantum computing, then
theres still room for Mint to adjust to the brave new world.
Either way, Mint and its users will still enjoy the benefits of
having what they want in a release structure that
concentrates on the stable and the working, while paying
careful attention to the wishes of the community.

Mint 1 through 10 and 14, its a forever evolving OS.

Clem on community
Clement Lefebvre quite rightly attributes
much of Linux Mints success to its
thriving community: The community is
the most important asset of a
distribution, he admitted in an interview
in 2013. It provides feedback, ideas,
promotion, support, bug reports,

artwork and motivation. Its the living

heart of any open source project. In my
opinion you need both clear leadership
and good communication with the
community. Its easy when the project is
small and it gets harder as the project
goes mainstream.
There are many MDM HTML5 themes available for download.

40 LXF180 February 2014


Linux Mint

Mint 17, a bold new era?
Since Cinnamon is now free from the restrictions
and past history of Gnome, Mint 17 promises a
more open outcome. With the new OS being built
on Ubuntu 14.04 LTS, the boundaries for the
technologies developed through Cinnamon 2.0
have been removed so when 17 comes along
theres going to be an air of freedom in what

direction Mint and Cinnamon, in particular, can

take. With Mint 17 and Cinnamon 2.1, the Mint
motto of From freedom came elegance could
never be more appropriate.
Although word on whats definitely going to
happen for Mint 17 is sketchy at the moment,
theres the opportunity to check out the Linux

Mint Roadmap on GitHub, found at http://bit.

ly/ICwATN. In here youll find confirmed issues,
along with updates and comments regarding the
progress of the most recent version of Linux
Mint. Its worth looking at from time to time,
especially if you have an issue or if youre just
curious as to whats going on.

Anatomy of feedback
The concept of providing feedback via community pages is
nothing new, but Linux Mint and its followers have made
something of an art form of it.
Lets take, for example, the Release Canditate (RC) of
Linux Mint 16. Here, Lefebvre and the team uploaded the RC
after previous testing and listed the new features on a page
within the Linux Mint blog (http://bit.ly/1eVhaFL). Along
with the many features theres a section that details Bug
Reporting, of which any comments can be added to the
section following the blog posting.
1 As an example then, heres a posting from Mint user
RavetcoFX listing the bugs he or she have so far discovered:
Nvidia drivers dont automatically install nvidia-settings
(Tested with nvidia-319 and nvidi-319-updates).
cinnamon-desktop-editor Choose an icon dialog does not
have image previews.
Git is not installed by default (Unknown if intentional).
Magnet links for torrents are not working in Firefox.
In some random cases, an application will freeze Xorg
(Needs more testing).
Banshee will segfault after playing ~30 mp3 songs.
On/Off switch for networking applet is visually glitchy
Having links of files/folders on desktop from another hard
drive at startup, then mounting the drive will usually crash
then restart Cinnamon.
Cinnamon Settings is advanced mode by default always.
2 The discovered bugs are logged in GitHub (http://bit.
ly/1k9U5Qb) and added to as necessary, and any significant
updates are logged in the Testing ISO File section on the
community pages of Linux Mint (http://bit.ly/1gDRtKA).

Expo has proved to be an efficient way of working in Mint.

3 The testing teams, and there are a few of them (http://

bit.ly/1g5NkS6), go about running different elements of the
reported problems though their systems in order to locate
and nail down the specific issues relating to the bugs that
were mentioned.

Some feature
effects too.

4 The end result is a fix, either in the form of an update for

the RC released via the repositories through testing (http://
bit.ly/IDQaPu), and the Update Manager in particular, or
through a new ISO released via the main Linux Mint download
section http://bit.ly/1dPtVEG.

Final thoughts
Although a Debian, or an Ubuntu based system may not be
for everyone, Linux Mint may have hit the proverbial nail on
the head with the release of Petra. Forking so many projects
cant be easy on the team, and theres a lot riding on the
implementation of newer technologies, so when it works it
works extremely well likewise, if things go wrong then the
project as a whole can easily become one giant mess.
The Mint team are pretty battle-hardened by now, and
theres not much that slips by them in terms of problems. In
fact, you could go so far as to say that Mint 16 is the most
stable and useable Linux distro so far; weve certainly found it
to be so, to say the least.
Theres no doubt there will be some who have a bad
experience in the past with Mint, but Petra is a singularly
excellent and well-conceived distro that deserves to, at least,
be tested. So why not give it a go for the New Year, join the
community in 2014, and get involved. LXF


February 2014 LXF180 41

Matthew Garrett


Cloudy with
a chance
of hacking
Andrew Gregory
speaks to Matthew
Garrett about cloud
security, fruit flies and
Microsofts not-so-evil
Secure Boot.
42 LXF180 February 2014


Matthew Garrett

We spoke to former
Linux kernel developer
and biologist Matthew
Garrett about cloud
security and his senior
security developer
role at Nebula, a cloud
computing service
provider. We even mention fruit flies, but
we certainly cant blame Microsoft for that.
We can, however, discuss how evil its UEFI
Secure Boot is, which we do, though that
could just be incompetence


Linux Format: Cloud security is important

our stuff is floating in the air, and our
readers want to know how paranoid they
should feel. Why should we trust it?
Matthew Garrett: Should you give your data to
a company that you have no real contractual
relationship with? I think thats probably a bad
idea. I personally host all my mail, I host my
website. Its on a computer that I own that is
run in a hosting facility owned by a friend.
Thats not so much out of paranoia, thats just
how Ive always done it and Ive been doing
that for 15 years or so, but if I moved that to
Google itd make my life easier in terms of not
having to ring someone in London to go and
poke it and see if its dead or whether its just
unplugged. I do trust that Google handles its
advertising in a way that its not easy for
advertisers to find out anything about me
directly. I dont know that all others online
services are going to be equally trustworthy.
LXF: How does it work from your point of
view, for hosting?
MG: If I have a company and I want to use
EC2, the big problem there is I can verify the
security of my code. I can say, this Ubuntu
image Im about to spin up there is verified and
I trust Canonical not to put in backdoors. So I
can run that on EC2, but when youre running
on virtualised servers youre not just trusting
the hardware, youre actually trusting the
security of the hypervised environment on top
of the hardware.
Its probably impractical for people to
compromise the hardware itself in most cases.
If I go to an ISP and tell them that I want a
server, to run software on the bare metal,
someone would have to go to a lot of effort to
compromise the hardware.
But the same isnt necessarily true of a
virtualised environment; Xen has had some
issues. There have been cases where Amazon
has had to force everyone to reboot their EC2
instances because they needed to update Xen
underneath them, in order to close a security
flaw that potentially allowed someone in a
guest to break out of that guest into the
hypervisor. Once youre in the hypervisor, you
can get to any of the other guests.

If you look at the security information you

see from most virtualised cloud providers,
theyll say things like am I secure? yes,
youre secure, as your guest is protected by the
hypervisor from seeing or being seen by any of
the guests. Youre saying its secure, because
its secure. Thats really unconvincing. Most
commercial cloud providers do nothing to
actually convince users that what theyre
seeing is secure. So what were doing at
Nebula and with the rest of my team, is
working on hardware and software
functionality to make it possible for users or at
least the admins to determine whether the
underlying system is secure or not.

commercial cloud providers you dont actually

see that, may be they are doing it, but we just
dont know. They wont tell customers and I
think thats harmful to the industry as a whole.
Its important that people are able to trust their
cloud providers, not just because the cloud
provider tells them so, but because theyre able
to look and figure out if it meets their own
security requirements.
LXF: Its that sort of boot time level checking
that the code is unmolested that sounds
related to Secure Boot with UEFI.
MG: What were doing at the moment is strictly
Trusted Boot, and Trusted Boot is potentially
user hostile, if its deployed in a way thats
controlled by someone else. Were building
these computers ourselves, the customer
wants to be able to check if the computer has
booted securely. So Trusted Computing is a
good match there, its not constraining their

LXF: The admins as in the clients?

MG: It depends how you expose it, we sell
private cloud solutions. You buy a Nebula thing
and then you turn it on and you have an
OpenStack instance immediately. Then theres
various bits in the
UI that expose
various security
Our next version is
going to have TPMbased security, so
when you log into the
Admin interface you
freedoms, if they want to change the software
can look at every one of the nodes, the
they can disable the functionality.
physical servers that run the guest operating
systems, and you can see the TPM verifies that
LXF: Youre providing it as a service.
its running the kernel that we sent it, that its
MG: Trusted Boot is checking that youve
running the inner MFF that we sent it. And that
booted what you think you wanted to boot,
means we know the underlying operating
Secure Boot is only booting what Ive said is
system, the hypervisor is unmodified when
trusted. So theyre basically orthogonal things.
the system booted.
Secure Boot is good for preventing you from
Now, long term we need to move beyond
getting into an untrusted state, whereas
that and verify that its secure in the running
Trusted Boot is determining whether or not
state as well as the booted state thats an
youre in a trusted state.
ongoing process. If you go to the majority of

Its important that

people are able to trust
their cloud providers


February 2014 LXF180 43

Matthew Garrett


So the two tied together is great in our

case if someone did manage to get into the
system and push out an untrusted kernel, the
system would still boot, but then fail at a
station. Wed say this is unsecure, so were not
running anything on here. Secure Boot would
stop that in the first place. The two are useful in
different ways.
LXF: Diagnostics versus enforcement?
MG: The main reason were not doing Secure
Boot is that right now the server industry
mostly hasnt implemented it. Our expectation
is that in the server market Secure Boot is
going to ship disabled for some time now.
Theres still a lot of companies that want to run
older versions of operating systems, the only
version of Windows Server that supports
Secure Boot is 2012, there are still companies
running 2003 and 2008, theyre not going to
upgrade because they bought new hardware.
So Microsoft isnt able to force Secure Boot on
the server market yet, which is a relief.
LXF: Arent most cloud providers running
Linux anyway?
MG: Yes, the concern is that if hardware
vendors started to ship with this on by default,
that would make it more fiddly to set these
systems up. Given that so much of the server
hardware market is Linux rather than Windows,
Im not too worried yet.
LXF: It sounds like the hypervisor is a way to
control the boot process in software?
MG: Right, you need to verify what you wanted

44 LXF180 February 2014

to boot, but later you need to ensure that no

one changes that with kernel exploits. A root kit
is just a modification of the running kernel
code. You can do that in a straightforward way
by loading a module thats extra kernel code.
Once youre in the kernel youre able to rewrite
the kernel, theres no protection there.
That kind of runtime station verification is
an interesting technical challenge. There has
been a bunch of research into that, but very
few deployed solutions.
LXF: Your Shim software that you wrote,
thats independent of the kernel, it loads
its own bootloader.
MG: Shim does two things, first it provides a
standardised mechanism for verifying
signatures on things. UEFI actually implements
that internally, but with no standard way of
hooking into the UEFI signature checking
system, so we had to implement a way of
doing that in Shim.
So what that means is that Shim contains a
complete copy of OpenSSL, which is a little
unfortunate, so it installs a standardised
interface for signature checking that other
UEFI applications can then make use of then
it verifies the signature on the second stage
boot loader, which might be GRUB or
GUMMIBoot. It boots the second stage
bootloader and the second stage bootloader is
then able to use the Shim interface to do its
own signature checking.
LXF: We thought there was GPL conflict with
GRUB, was everyone having to use LILO?

MG: This gets very interesting, by which I mean

your readers are going to get very bored by
what Im about to say (Cackles LXF)
GPLv3 requires that you provide the ability for
users to replace GPLv3 components if youre
selling a user product.
There are two outs here. The first is if the
user is able to install their own keys, then the
user is able to replace the GPLv3 components
without needing your sign-in key, as theyre
able to generate their own key and then they
can replace the GPLv3 components.
The second thing is, a Linux distribution is
not a user product, a user product is
something sold for a specific purpose, a Linux
distribution isnt under the relevant part of the
GPLv3 licence.
We called the Free Software Foundation and
spoke to them about this and it said, yup,
thats absolutely fine which is good as it wrote
the licence, so its interpretation matters. Also
its the copyright holder of GRUB and if the
copyright holder says thats fine, then that
really is fine.
You end up at a stoppel, the person that
could have said you cant, instead says you
can do that, which means if they change their
minds they have no legal standing. But we
thought thats what the licence said the
copyright owner said thats what the licence
said, the licence author said thats what it
said I think we were fairly safe there.
LXF: So, what took you from fruit flies to
computer science?
MG: Id been interested in computers all my
life, we got a Commodore 64
when I was three; that was
some time ago now.
Growing up I never got into
programming. I started as a
medical student, which in
hindsight was a mistake,
realising I didnt really like
people enough to save
them. I ended up going into
biology, while I was doing an
experimental course most of
the research I was doing was
based on software analysis
of genetic sequences. My
PhD was a 50/50 split, I did
a lot of detailed sequence
analysis and then prediction
and then did experimental
validations to check whether
my predictions were correct.
By the end of it, I realised I
not only didnt like people,
but I really hated fruit flies.
The Linux stuff that had
been a hobby for sometime
was attractive. I could do
something I really enjoyed


Matthew Garrett

and was given money for it. I love that working
in the Linux community has given me the
opportunity to travel and to meet an incredible
range of inspiring people. Its kind of nice,
always knowing for sure theres no risk Im
never going to be the smartest person in the
room, there are so many incredible gifted,
skilled people doing this stuff.
LXF: Have you seen Fastboot?
MG: The idea there is when you turn on a
computer, the firmware has to do USB
initialisation, if the firmware wants to use USB.
Then you start the operating system, then the
operating system has to do USB initialisation,
so you have to do USB initialisation twice.
There are bits of the USB specification where
you have to do something and then wait, a
small amount of time before doing anything
else to let stuff settle. So theres a genuine
technical argument there, only doing USB
initialisation once improves boot performance
and most of the time you have no need to do
anything that involves USB in the boot process.
The problem then is, how do you get into
the system firmware? Microsoft solves that by
adding something to the UEFI boot spec, thats
now part of the UEFI spec, where the operating
system sets a flag and on the next reboot the
firmware does a full initialisation and lets you
get into the firmware. How do users discover
this? You have to hold down shift and press the
power icon and click on Restart in Windows 8, a
menu appears and you click on Advanced Boot
Options then either boot to firmware or other
operating system, which is a little convoluted.


LXF: Thats our Linux Format

motto! It gets us out of so many
fights. We did have one letter from
a regular reader who had bought a
laptop and got around it by
removing the hard drive.
MG: Yes, if it cant then find any valid
boot options, itll re-enable USB and
look for the full set of options. That
works, apart from laptops that have
SSDs directly soldered on to them.
With a bunch of ultrabooks, even if
they have a traditional hard drive,
theres not a bay to remove the drive
from. You should simply not have to
do that. I hope Microsoft improves
this with 8.1.

LXF: Do you think Secure Boot will

improve security for Linux users?
As in, malicious code being loaded
at boot time?
MG: The first viruses were boot
sector viruses way back in the
1980s. Scraps of code that lived in
the boot sector of floppy disks. Youd
put that in and then when the
system read it, itd load that into
system memory and it would infect any other
disks you put in.
That was a huge problem in the Atari ST
and Amiga days, boot sector viruses caused
incredible problems, people had to run viruses
checkers the entire time because sometimes
even reputable magazines managed to ship
disks with viruses, because just before sending
them to duplicators
they had put the
disk into an infected

We got a Commodore 64
when I was three; that was
some time ago now...
The other problem is Windows 8, if you buy a
new machine and turn it on and the first thing
you get is the end user licence and theres no
way to get to the Advanced Boot Options, in
order to get to the option you have to agree to
the Windows 8 licence.
I think thats objectionable; I dont think it
was malicious. Its very easy to say Microsoft is
doing something because they want to make
life difficult for Linux, most of the time people
at Microsoft dont care about Linux. So its not
that they did this to force users to adopt a
licence agreement before they could boot
Linux. They did it because they just didnt think
about the case of someone wanting to install
Linux without agreeing to the licence. On the
other hand maybe it was a case of them trying
to screw everyone over, but lets not ascribe to
malice what could just be incompetence.

LXF: Through
not malice...
MG: Of course. That
pretty much vanished once people stopped
booting off floppy disks. The question is, why
would you attack the boot process, when you
can do that at runtime? But in recent years
Windows security has been getting much
better, its far harder to attack the kernel from
runtime, so boot sector viruses have been
coming back. Theres over 40 in the wild, none
of them are particularly common.
Theres one called Meron, on some systems
with a specific manufacturers firmware, itll
flash itself into your firmware and then it will
infect any hard drives that are attached. You
can remove the hard drive, put it into another
system, rewrite the boot sector, put it back in
the original system and the BIOS will reinfect
the hard drive. Thats mostly impossible now
with Secure Boot, as firmware updates have to
be signed. So its not easy to just insert stuff


into the firmware. But people are definitely

attacking the boot sector, its not a
hypothetical concern, its something thats
probably going to grow in prevalence.
Windows now launches the Windows 8
anti-malware before it launches any other
applications, before Explorer or anything
like that. The very first thing it runs once the
kernel is up is the anti-malware, so theres
no opportunity for something to infect the
system. If you want to avoid that you have to
go back earlier in the boot process and infect
the boot loader.
LXF: That could then have an effect on Linux
systems, if its flashing the BIOS?
MG: None of those that weve seen in the wild
know how to do anything malicious with Linux.
The worst thing theyll do is maybe stop your
system from booting, as theyre assuming
youre booting Windows and get confused.
One of the main reasons no ones been
attacking Linux, is theres not enough people
using it for it to be worth the effort. Malware is
typically written to make money, in the olddays you wrote viruses to prove you could or to
get back at someone. Its now to get
someones credit card details or to use their
systems to send spam. If youre going to do
that, if youre going to put in an amount of
effort, youre going to put it into where its
going to have the most impact and right now
thats Windows. But you are starting to see
malware targeting OS X, and if Linux does
become more popular on the desktop at any
point, Linux will be a target as well. LXF

February 2014 LXF180 45


Going beyond

the Raspberry Pi

Les Pounder investigates expansion boards

that make the most of your Raspberry Pi.

hat have you done with your

Raspberry Pi? On its release
in February 2012, the Pi was
hailed as the saviour of computing,
which would herald a new era of
bedroom coders. A buying bonanza
ensued and when those precious first
Raspberry Pis arrived from the likes of
CPC and RS Electronics, people
marvelled at their new piece of shining
kit for a time, but then many
ignored them. The more
fortunate Pis ended up as
XBMC clients while the
unlucky ones ended up in
desk drawers. The reality
beyond all the hyped Pi projects on
maker sites is that to get the most out
of the Pi you need an irresistible urge to
tinker and hack things, and the right
add-ons for the job.
In the past 18 months there have been
many boards and add-ons released for
the Pi some made by corporations, but

many made by small groups of interested

makers who are using the low cost device
as a foundation for fantastic projects.
So whats out there, and why would
you want to use any add-ons with your
Pi? The answer is you dont have to, but
they do provide excellent extra features
for your Pi, for example PiGlow [reviewed
on p22 LXF178] provides fun output via a
series of super bright LED. And at the

fragile, and connecting components to it

while powered up is not advised as you
may create a short, which might reboot
or damage the Pi. Some add-on boards
provide features not found in the GPIO,
such as MotorPitx, which provides an
interface for motors and servos. You
shouldnt directly attach a motor to the
GPIO as this can cause major damage.
In this feature we look at a handful of
boards, ranging from simple
GPIO breakout boards and
extensive boards filled with
sensors and methods of input,
to fully integrated solutions.
The Raspberry Pi provides a
great base to learn and these boards can
take your enjoyment to another level. The
internet of things, for instance, where
mundane objects, such as door controls,
coffee makers and smart energy meters
can all be remotely controlled via the
internet all this is now possible thanks
to the Raspberry Pi.

To get the most out of your

Raspberry Pi you need an
irresistible urge to tinker...

46 LXF180 February 2014

other end of the spectrum we have

PiFace (see Tutorials, p70), which gives us
a full array of inputs and outputs handy
for hardware hacking projects.
Yes, you can directly connect to the
GPIO (General Purpose Input Output)
pins, but in doing so there are a number
of concerns to address: The GPIO is


Raspberry Pi


Adafruit Pi T-Cobbler
Breakout your Raspberry Pi GPIO pins and build
some mind-expanding projects.
ave you ever wanted to dabble with
electronics? Well, the GPIO pins on the
Pi provide the perfect way for you to
learn the pitfalls and beauties of getting stuck
in, but they are frankly just a little too fragile for
day to day use, unless youre preternaturally
careful which youre not. But what if there
was a way to have those pins on a breadboard?
The T-Cobbler, by Pimoroni, is an excellent way
to do just that and take the 26 GPIO pins to the
breadboard for safe hacking and learning. The
T-Cobbler is exceptionally handy for creating
circuits on any size of breadboard and provides
helpful references, based on the Broadcom pinmapping specification. If you are used to the
standard pin mapping, 3v3 is pin 1.
The kit requires a certain measure of
assembly, which means a small amount of
soldering but it is by no means a difficult job
and should only take around 30 minutes for a
moderately skilled tinkerer to build.
Thankfully, the T-Cobbler requires
absolutely no special drivers or configuration

to work but to use the GPIO pins on a

Raspberry Pi you will need to install the correct
packages, which are python-dev and pythonrpi.gpio via apt-get in a terminal.
The T-Cobbler is exceptionally handy for
prototyping new projects as the pin references
handily printed on the kit provide a quick guide
to each pins specific function, such as GND,
5V, I2C and SPI.
We tested the T-Cobbler by writing the
Hello World equivalent script for the GPIO,
namely flashing an LED by connecting our
components to a breadboard and creating a
circuit to the T-Cobbler.
Having gone to town on it, we have to say
the T-Cobbler really is an excellent piece of kit
and is very handy for quick reference when
building projects on the breadboard. Adafruit
also do a smaller version, but the pin
references are a little harder to see.
We can see the T-Cobbler becoming an
essential piece of kit for use in schools and
hackspaces around the world.

The T-Cobbler looks great and is extra

useful when learning the GPIO.

Adafruit Pi T-Cobbler
Developer: Adafruit
Web: http://shop.pimoroni.com (UK reseller)
Price: 7.50

An excellent piece of essential kit for your

precious Raspberry Pi.

Build your own robot to do your bidding.
obots are invading the planet! Even
Google are investing in them Well,
perhaps Skynet is some way off but
robots are now very common in the home
Roomba, for instance, is a great robot
appliance. The Raspberry Pi has quickly been
assimilated into many robotics projects, and
the MotorPitx is here to make your own robot
project that little bit easier to build.
Created by Jason Barnett, the MotorPitx
add-on board provides you with controls for
two motors or servos and provides two
external power inputs: one using micro USB
and the other being a barrel jack. Both inputs
reduce the burden on your Pi, which can
become erratic. Jason has also provided an
essential feature missing from the Raspberry
Pi a power switch, closely modelled on the
ATX power system. This enables you to
perform a hard shutdown without removing
the micro USB lead as well as a soft shutdown
and power up from a simple press of a button.
Building a robot or a pan and tilt camera
mount is now as simple as connecting your

MotorPiTX to your Raspberry Pi and then

connecting your chosen motors to the board.
We followed the guidance from Barnetts
website (www.boeeerb.co.uk/motorpitx),
which provided information on the board itself,
but you can find more on the software
installation on his Github page https://github.
com/Boeeerb/MotorPiTX. We followed the
installation, and downloaded two files, servod
and motorpitx.py. We then hooked up a simple
servo and created a test script that imported
motorpitx and ran the motorpitx.servo1()
function with a value corresponding to the arc
of our servo.
So why should you use this in your project?
The simple answer is that its beautifully easy
to use and works with many types of motors
and servos, enabling you to make great robots
and a smooth pan and tilt mechanism for
cameras or even lasers. There is a reason that
this Kickstarter project was funded so
impressively quickly, and thats due to the
quality of the product and the support that
Jason continues to give.


Building robots with lasers using your

Raspberry Pi is now made easy.

Developer: Jason Barnett
Web: http://www.boeeerb.co.uk/motorpitx
Price: 25 (assembled) Xxxxxx 2013 LXF16x 47

The barrier to building your own robot

has been broken down by this board.

February 2014 LXF180 47

Raspberry Pi


Build a tweeting chicken naturally and
control higher voltage equipment.
he GPIO can do more than just flash an
LED or sound a buzzer, but not many
people do anything more than this.
What if you could connect Nerf guns and
motors to your Pi?
Well, with PiFace the world is your oyster. It
provides eight digital inputs, four switches and
eight outputs that give you immense flexibility
in your projects, such as controlling higher
voltage components using two 12V changeover
relays. It was created by a team at Manchester
University as a ready-built alternative to the
expansive Gertboard and it has quickly found
favour with makers.
Piface also brings two important software
solutions to the maker table: a GUI simulator
that enables you to control and tinker with
Piface without touching any components, and
most importantly, PiFace is fully compatible
with Scratch, which means children can build
their own circuits and code in a familiar
environment. This functionality is a unique
selling point for PiFace and places the board in
the hands of young coders and makers.

For our review we used Python to control

PiFace and followed the guidance set out in
http://piface.github.io to install and
configure the kit. Using the PiFace functions
built into the module, we were quickly able to
control the LED and sense input from buttons.
We also used the simulator to trigger the
inputs and light up a few virtual LED.
So why would you use PiFace? Well, its a
really cost-effective board that expands the
scope of Pi projects to such as scale that
machinery and high voltage components can
easily be used. The boards use of Python and
easy to use libraries enables you to integrate
PiFace into an exisiting project with relative
ease and safety from damage.
If you need a multi purpose board for
science or industrial projects, PiFace is the best
by far. Its reasonable cost and ease of use
lowers the barrier to working with the GPIO. We
previously mentioned Gertboard as an
alternative board the Gerboards only issue is
its large size and the need to build and solder
the board before use.

With PiFace you can build bigger and better

projects powered by Python.

Developer: Element 14
Web: http://cpc.farnell.com
Price: 24

A great solution for rapidly building and

prototyping serious projects.

Resistance is futile, you will become one with the PiBorg!
akers love new boards to tinker with,
and PiBorg are producing lots of
great boards with an interesting twist.
The PicoBorg board, for instance, enables you
to control small motors and LEDBorg provides
feedback via super bright LED. From the vast
selection available we chose the XLoBorg for
our review as it was something unique, a board
with motion and direction sensors that can be
easily used via Python.
XLoBorg comes with a three axis
accelerometer and a magnetometer and can
detect from a large spectrum of movement
from small knocks to large sweeping arcs. The
magnetometer can also sense temperature,
making this board an extremely versatile piece
of kit. XLoBorg board is an attractive option for
robotics and even advanced UAV (Unmanned
Aerial Vehicle) Raspberry Pi-based projects.
Robotics projects have gained significant
ground over the last 18 months due to the
introduction of the Pi and a plethora of
components and kit being released for it.

48 LXF180 February 2014

Using this board is a simple task of fitting it

to the GPIO pins and visiting www.piborg.
com/xloborg to install the Python libraries
necessary to get it working. XLoBorg uses I2C
(Inter-Integrated Circuit) to communicate with
the Raspberry Pi and this frees up the number
of pins used so you can break out this board to
a breadboard for larger projects, its also
compatible with PiBorgs TriBorg which
triplicates the number of GPIO pins.
For our review we followed the official guide,
which involved downloading an installation
script to our Pi. The script automatically setup
our Pi to use the I2C bus and we then rebooted
for the changes to take effect. We then ran the
XLoBorg.py to test that our setup was correct
and we were presented with lots of lovely on
screen data and moving the Pi around changed
the data to reflect the sensor input.
If you are looking for something different to
add to your project, the XLoBorg is an excellent
addition, providing real world sensor data via a
simple to use Python-based library.

With accelerometers and magnetometers

typically found in smartphones, this is the
board to prototype your sensory projects.


Developer: PiBorg
Web: http://www.piborg.com/xloborg
Price: 8.76
Xxxxxx 2013 LXF16x 48

This is the first step in building your own

Pi-powered Star Trek Tricorder.

Raspberry Pi


PiFace Control
Control your Raspberry Pi without a
monitor, keyboard or mouse.
he Raspberry Pi has become the go-to
board for projects that involve the
internet of things, but a problem that
faces every project is devising an easy method
of input and output, which is traditionally
where keyboards, mice and monitors are used.
But what if you want to build an internet radio
for the kitchen or a simple video player for the
kids? Well, this is where PiFace Control and
Display comes in to its own.
PiFace Control and Display is an add-on
board that provides physical inputs via a series
of microswitches and a jog wheel, while output
is handled via the LCD screen. Another
interesting feature is the built-in infrared
receiver, which can be programmed to work
with many remote controls.
PiFace Control and Display fits neatly over
all of the GPIO pins and its form factor is very
close to that of the Raspberry Pi. Software
installation is straightforward, requiring only a
quick update of the repositories and the
installation of python3-pifacecad (you can
replace python3 with python).

To test our board we ran the default test

program, which rports the IP address,
temperature and CPU load of our Pi on the
boards LCD screen. All of the tests were
created in only 60 lines of Python code and its
clear that the library of functions is utterly vast
and will cover many types of uses we
especially enjoyed the train times and internet
radio station example scripts, as they proved to
us just how diverse a range of projects this little
marvel can support.
PiFace Control and Display is an excellent
board and creates a novel method to enable
standalone projects. The infrared input is a
welcome addition and enables lots of new
project ideas from media centres to tripwires.
There are many boards that provide input
and output but there are none that provide this
level of functionality in such a well put together
package. This is a board worthy of your next
project and is clearly the beginning of more
elaborate industrial scale builds and art
installations where a screen would probably be
unsuitable. You heard it here first.

From internet radios to remote controlled

camera rigs this board can handle it all.

PiFace Control and Display
Developer: Element 14
Web: http://cpc.farnell.com
Price: 25.20

An innovative and fun way to control and

communicate with your Raspberry Pi.

Enter the Matrix

PiFace Control and Display is still a relatively new
product, but there is one project created by the
team behind it, which is truly astonishing. In the
late 1990s the Matrix films pioneered a method
of capturing 360 degree sweeping camera arcs
using expensive digital cameras. Fast forward to
2013 and the same can be done with a ring of
Raspberry Pi, Pi Cameras and PiFace Control
and Display.
Using a ring containing 48 of each device and
half a kilometre of network cables, the PiFace
team were able to produce a time-lapse

sequence of photographs that all captured the

same moment in time, but from 48 different
angles. The code necessary for such a project is
relatively simple and relies on a knowledge of
networking to make the magic happen.
Now we know what you are thinking thats a
lot of kit to buy how can I use PiFace Control and
Display to produce my own project? Well how
about using it to control a time-lapse camera in
your garden? Or use the kit to build a simple
photo booth for your LUG or event? The code to
control PiFace Control and Display is available via

their website and the python library for the

Raspberry Pi camera has just been released and
allows greater control of the camera including
brightness and built in time-lapse functions. You
can grab a copy of the code from https://pypi.
The combination of many forms of input, such
as buttons, switches and the infrared receiver
make PiFace Control and Display a remarkable
piece of kit for your project. The addition of the
LCD screen provides a great means of providing
output without the bulk of a large monitor. LXF

Take one Pi into your

project? Not these guys,
theyre using 48 of them!


February 2014 LXF180 49


and the open source community

, but
re e
All a e are mothers
somal than

Jono Bacon explores to what extent gender and

other discrimination is a problem in our community.
he open source community
has always carried the flame
of openness and accessibility
to all. Not a day goes by when
we dont collectively enthuse about how
welcoming our community is,
with the consistent mantra of
everyone being capable of
helping further the wider open
source effort. It seems so
simple: just join a project and
make the world a better place.
For some though, our community may
not be as accessible as we might think.
Over the last few years theres been
increasing concern in some parts of the
community that the community is less

accessible, and in some cases more

offensive to certain groups. The most
commonly cited example is women who
experience divisive or misogynistic
behaviour, but other people have shared

pages were going to delve into the topic

with the goal of sharing some stories, some
experiences, and some conclusions. With a
bit of luck, this will prove to be food for
thought for all Linux lovers, whether you
agree or disagree with our findings.

We happy 1.5%
By far the most common concern has been
about gender discrimination. While the
roots of the online battle of the
sexes stretch back many years, a
key study called the FLOSSpols
report articulated the issues, in
relation to open source groups.
In 2005 a group of
researchers performed an EC
study that revealed a significant
discrepancy in the proportion of men to
women in open source. It showed that just
1.5% of open source community members
were female at that time, compared with

Is our community turning

into a cesspit of inequality,
or are some over-reacting?

50 LXF180 February 2014

complaints too with regards to race, age,

cultural norms, disability and more.
So what gives? Is our community
turning into a cesspit of inequality, or are
some people over-reacting? In the next few




most emphasis on a particular skill set.

Other activities such as interface design or
documentation are understood to be a
less technical undertaking and therefore
less prestigious. This has consequences
both for the lower valuation of activities in
which FLOSS women often engage as well
as for the software itself, which often is still
oriented more towards the developer rather
than the user.
FLOSS production and infrastructure is
designed and built with the assumption that
contributors have a long history with
computers, but women tend to engage later
in their lives with computers. In order to join
women have a larger amount of catching up
work to do, which they must do in an
environment that almost exclusively values
independent discovery.

Elizabeth Krumbach is
active in the Ubuntu and
Partimus communities.

28% in proprietary software. This deeply

concerning chasm between two different
software worlds suggested that the open
source community was simply
comparatively uninteresting to women.
Rather predictably, however, the report
caused a shockwave of interest in many
parts of the community, kicking off a useful
discourse on one hand, but sadly a hefty
amount of ignorant assumptions some
involving the phrase too complicated for
them on the other hand.
Based on this research, the project
initiated another study to try to understand
why there was such an
unsettling gender gap between
the open source and proprietary
worlds. FLOSSpols goal was to
find reasons for this bias and to
make recommendations for
actions that might improve the
ratio of women to men They went on to
suggest that as FLOSS constitutes an
increasingly significant arena of
technological advancement and economic
development, it has become an important
public policy question
This work was performed via an
ethnographic study consisting of empirical
surveys, participant observation and
qualitative interviews. The team aimed to
provide the worlds first comprehensive
in-depth study of gender in open source
and develop policies to maintain the EUs
role in this area.
From the study it appeared that few
people within the community felt that
gender disproportion was desirable. The
survey showed that 66% of men and 85%
of women agreed that more female
participants would be better for the whole
open source community. This led the team
to pay particular attention to the social
dynamics within open source that keep it so

male dominated, at the same time as the

majority of participants expressed a
preference for a more balanced community.
The result of the report was a set of
findings from observations:
Women are actively (if unconsciously)
excluded rather than passively
disinterested. The effect lies within FLOSS
cultural and social arrangements. The
exclusion happens among people who often
do not mean to appear, and who do not
interpret their own actions, as hostile to
women. The effect is an outcome of the

Inflammatory talk and aggressive

posturing (flaming) is tragically accepted
within many FLOSS projects as a key
means of developing reputation. Whereas
more established/mature FLOSS members
obviously do not engage in flame wars
people still establishing their reputation
often try to use them as a platform to
gain attention from others. This is often
off-putting for newcomers and less
experienced contributors who are not yet
familiar with the community, its norms, or
its real hierarchy. The effect is particularly
pronounced in the case of women, who in
many cases have a shorter
history in computing (as noted
above) and, therefore, often have
less confidence in defending
themselves on technical
grounds. Flaming thus put rightminded people of any gender off,
but particularly undermines the confidence
of less experienced members.

66% of men and 85% of

women agreed there should
be more female participants.
importance given to the individual as the
sole carrier of agency.
FLOSS communities actively perpetuate
a hacker ethic, which situates itself outside
the mainstream sociality, but equates
women with that mainstream. Women are
treated as either an alien Other or (in online
contexts) are assumed to be male and thus
made invisible. Women are seen as innately
more able to organise, communicate and
negotiate among FLOSS projects as well as
with the outside world. Thereby they
become carriers of sociality that is seen in a
contrast to the technical realm ascribed to
men. Additionally FLOSS women receive a
high level of attention that decreases their
feeling of acceptance as community
members, as well as their desire to further
engage with the community.
FLOSS rewards producing code rather
than the producing software. It thereby puts


The reliance on long hours of intensive

computing in writing successful code
means that men, who in general assume
that time outside of waged labour is theirs
are freer to participate than women, who in
some areas still assume a disproportionate
amount of domestic responsibilities. Female
FLOSS participants, however, seem to be
able to allocate a disproportionately larger
share of their leisure time for their FLOSS
activities. This gives an indication that
women who are not able to spend as much
time on voluntary activities have difficulties
integrating into the community.
While these findings are an important
piece of data in this discussion, they can be
interpreted in many different ways.
From the perspective of someone whos
been part of the Open Source community

February 2014 LXF180 51



for the last 15 years, the core premise of

these findings ring rather true: women are
in many cases somewhat excluded from
communities, even if only unintentionally,
and there is definitely a hacker culture
which is often filled with machismo and
technical elitism, with a presumption by
some that women arent very technical
This is further fuelled by a strong focus on
technical contributions and an overly maledominated environment that can be
complex to join if you dont look and sound
like everyone else.
Despite this, some of the findings seem
rather dated and disconnected. Flaming
isnt only the domain of less experienced
contributors idiots come in all sizes and
less technical domains such as design and
documentation have become very
prestigious roles and responsibilities in
open source communities, although

Jane Silber, a
force to be reckoned
with in open source.

online to vendors who give away boxers at

their booths and promote events catered to
straight, male attendees. When this kind of
thing happens regularly, it is a constant
reminder that we are other and it becomes
very de-motivating to female contributors
One of the key points outlined in the
FLOSSpols report, and one that certainly
doesnt seem have been solved yet, is that
technology in general also has a pipeline
problem. Krumbach has identified this as
an issue too: Young girls arent pushed
towards technical pursuits, so even if they
develop an interest later in life it can be
tough not measuring up to male peers who
have been programming since they were
very young. This can lead to dropping out of
technical tracks in college because they feel
like they cant measure up, in spite of data
showing that many of these women actually
do well in spite of lacking early exposure

admittedly back when the report was

published in 2006 technical contributions
were indeed seen as the most expected
method of participating. Thankfully those
times have changed.
Irrespective of how everyone reads the
findings, it seems clear that our wider
community does indeed have an issue with
gender discrimination. The 1.5% figure is
damning, and the gist of the findings in the
FLOSSpols report point to reasonable areas
of study.
Part of the challenge here is that this
entire topic is defined by personal beliefs
and subjective opinion about where the line
should be drawn between what is
considered acceptable and unacceptable.
Elizabeth Krumbach, who works on
OpenStack and is an active member of
Ubuntu, Partimus, and other communities,
also believes the challenges with gender
discrimination are very real, saying In the
most severe cases, there are still incidents
of overt sexual harassment of women in
open source communities. These range
from comments online about their weight
and looks to threats and incidents of sexual
harassment and assault at conferences
Krumbach feels that more commonly,
however, many women simply face a
barrage of assumptions about their position
in the community and technical skills.
There are assumptions that women at
events are not technical, are attending to
attract attention (fake geek girls) or are
simply attending as a wife or girlfriend of a
male technical contributor. Open source
communities are regularly addressed as
being male-only and treated as such by
everyone from people who seek assistance

Getting better
Fortunately it does seem like some things
are getting better, which Krumbach feels
could be for a whole host of reasons. Firstly,
discussion about sexism in technology and
free culture is happening more openly
nowadays: We are working through
problems and have more allies, support
groups and conferences targeted at
addressing the issues. Allies have been a
huge help, women cant do this alone,
if nothing else we get burnt out, always
standing up to sexist behaviour and
become unable to focus on our actual
technical work
One of these support groups is Ubuntu
Women, with which Krumbach has been
heavily involved for many years. The

Jono Bacons Story

went through something of an interesting

time about three years ago in my role as
Ubuntu Community Manager.
Around that time, Mark Shuttleworth, the
founder of Canonical and Ubuntu got up to
speak at LinuxCon in Portland and in the course
of his presentation made a statement about
explaining to our girlfriends what we do
Around this time I was put under a tremendous
amount of pressure as a public representative
of Canonical and Ubuntu to come out and
condemn Mark for his comments. In the eyes
of the enraged, Mark was a horrendous
misogynist and those who didnt condemn him
supported his misogyny.
I didnt agree. Having known Mark since 2005, I
know he isnt sexist. I know this not only from his
hiring a female CEO, head of design, head of HR,
and many more, but also from the general way in
which he engages with women. I wasnt going to
bow to public pressure to out him as a sexist, I
think he just made a silly comment in a

52 LXF180 February 2014

presentation... and believe me, we are all guilty of

doing that from time to time.
Although I dont agree with all alleged cases of
sexism, I struggled with this situation. I have
always taken a very holistic view of the open
source community and seeing any kind of
infighting, irrespective of which projects people
work on, feels like were getting distracted from

the bigger picture, which hurts our wider

community. As such, I tried to balance in my
mind what seemed like over-reactions in some
cases with the reality that sexism very much
exists in our community.
Elizabeth Krumbach tells me problems were
and are widespread: Some communities do a
better job than others. I specifically joined the
Ubuntu community because of the high value
placed on the code of conduct and have been
very happy to see it spread to other projects.
Karen Sandler, the Gnome Foundation
Executive Director, helped me to understand this
balance better. Karen made the point that while I
tried to understand what it must feel like to be
discriminated against... as a white able-bodied
man I would never truly understand what it felt
like. The closest I have ever come to feeling
marginalised is when I got my nails done for my
wedding and I was the only guy in the salon; it
felt weird, but I didnt feel intimidated, so its
perhaps not a particularly apt comparison...


benefits are clear for having the group.
Many women learning about our project
know they arent alone. Its still common to
go to conferences and meetups where you
might be one of the few women there and it
can be very isolating. Having a group like
Ubuntu Women that exists to engage you
and put you in touch with other women in
the community is a huge help, we often
have Ubuntu Women meetups at
conferences A support network is not the
only benefit though; Ubuntu Women is very
active in getting women involved into the
wider project: We seek to get women
working directly on Ubuntu (and upstream)
projects and celebrate the work that is
already being done by women in our
community, Krumbach continues. For
whatever reason, women are often less
likely to be profiled and approached for
interviews in a lot of open source
communities so we do seek out women
specifically to make sure our strong female
leaders and mentors are represented
To counter some of the problems
outlined here, various projects have sought
to bring clarity to levels of expected
behaviour in their respective communities.
As an example, many projects have
developed Code Of Conduct documents.
The Ubuntu Code Of Conduct has acted as
a foundation for many of these and the key
themes are simple:
Be considerate
Be respectful
Take responsibility for our
words and our actions
Be collaborative
Value decisiveness, clarity and
Ask for help when unsure
Step down considerately
While the full Ubuntu Code Of Conduct
provides more content to flesh out these
points, you should get an idea of the gist of
the document, which, to steal a phrase from
Bill & Teds Excellent Adventure, is be
excellent to each other
Other groups, particularly those who
organise events, have also created antiharassment policies to make levels of
expected behaviour clear. Here is an
example of a common anti-harassment
policy that can be used on some events:

Karen Sandler, the
executive director of
the GNOME project.

community to be respectful when dealing

with other attendees.
Harassment of (INSERT EVENT)
participants will not be tolerated in any
form. Harassment includes offensive verbal
comments related to ethnicity, religion,
disability, physical appearance or gender,
sexual images in public spaces, deliberate
intimidation, stalking, following, harassing
photography or recording, sustained

expected conduct, they have two

fundamental flaws. First, just because you
write expectations of conduct down it
doesnt mean anyone is going either to have
read the documents, or indeed paid
attention to them. Second, any kind of
prescribed policy will always act as a
lightning rod in which people will judge
other peoples actions. Unfortunately, this is
not generally the intent of these
documents; they are intended to
guide, not to judge.
The key point here though is
that every individual part of the
community can make a practical
difference; the only way to
change a community is for the
wider group to understand what is and isnt
acceptable. We asked Krumbach what she
feels are the things everyone reading this
article can do to help. Her tips were:

Dont make assumptions

about technical ability based
on how someone looks.

(INSERT EVENT) is committed to

holding an event that reflects the diversity
of its community and provides a
harassment-free conference experience for
everyone, regardless of ethnicity, religion,
disability, physical appearance or gender.
Its important to remember that a
community where people feel
uncomfortable or threatened is not a
productive one. We expect members of the

disruption of talks or other events,

inappropriate physical contact, and
unwelcome attention. Participants asked to
stop any harassing behaviour are expected
to comply immediately. If a participant or
exhibitor engages in harassing behaviour,
the conference organisers may take any
action they deem appropriate, ranging from
a simple warning to the offender to
expulsion from the conference. If you are
being harassed, notice that someone else is
being harassed, or have any other
concerns, please contact a member of
conference staff immediately. Conference
staff can be identified by their T-shirts.
Conference staff will be happy to help
participants contact hotel/venue security or
local law enforcement, or otherwise assist
those experiencing harassment to feel safe
for the duration of the conference.
Although these kinds of clearly stated
policies are a great way of clarifying levels of


Dont make assumptions about technical

ability based on how someone looks
(gender, race, age, etc).
Make poor behaviour unwelcome and
foster a friendly, non-judgmental
community for everyone.
Be an ally, make a lot of noise when you
see inequality in action.
Taking practical steps to not tolerate bad
conduct, to help get closer to the overall
goal of equality, and not to presume too
much about the person on the other end of
the IRC channel or mailing list, can all help.
We would encourage every one of you to
follow the advice Elizabeth shares here.
If every one of us plays our part, we have
the chance to achieve great change. LXF

February 2014 LXF180 53

What on Earth OpenStreetMap


What on Earth is

Matt Hanson sharpens up his cartography skills with the
open source collaborative map service.

Q Lets cut straight to the chase; what

is OpenStreetMap?
aim of
A The admirableeditableOpenStreetMap is to
provide a free,
map of the world

around for Google or Garmin to notice that

theres a new roundabout at the bottom of a
road. Plus, if you notice something is wrong or
out of date, you can always change it yourself!

address search and routing between

destinations for finding your way about.
Freemap (www.free-map.org.uk) has its
own Android app for turning phones into a
satnav, while RMP Creator helps you import
OpenStreetMap onto Magellan Trion and
eXplorist GPS navigator devices.

for anyone to download and use, as well as

collaborate on. It started off as a response to
proprietary maps, which not only restrict how
we use them, but can often come under
political pressure in certain parts of the world
to omit locations.

of ways
A There are a numberwork withyou can get Q This all sounds a bit too good to be true.
OpenStreetMap to
GPS devices
and use them to find directions when driving,
The maps cant be that detailed, can

Ooh, so well finally see where Area 51

really is, and be able to peek into Dick
Cheneys back garden?
Thats part of the plan, and great news if
youre a conspiracy nut or enjoy stalking
old, right-wing men, but theres a lot more to
OpenStreetMap than that. The collaboration
aspect, for example, can help keep the maps
completely up to date thanks to local
contributors, which means youre not waiting

walking or using public transport. For example,

Mkgmap is a command-line utility that
converts OpenStreetMap data into vector
maps to load onto a Garmin GPS device. Its a
pretty simple procedure, and as well as getting
the maps for free Garmin and other GPS
manufacturers usually charge pretty steep
prices for additional maps from around the
world you get control over how the maps,
places of interest and street names are
displayed on the device. It also supports full

54 LXF180 February 2014

good. So can
Q Soundsinto a Satnav? I use it to turn my

they? You probably get better quality maps

in a childs colouring book.
Actually, you couldnt be further from the
truth. The worldwide appeal of
OpenStreetMap lets users contribute to maps
at all corners of the Earth, and its not just your
normal street maps either. There are a number
of OpenStreetMap spinoffs that focus on
specialist maps. For example, 4UMaps
(www.4umaps.eu) provides topographic
outdoor maps for hiking and mountain biking


OpenStreetMap What on Earth

using OpenStreetMap data, and
OpenCycleMap (www.opencyclemap.org)
provides an international map which highlights
cycle routes and places of interest.
OpenPisteMap (http://openpistemap.org)
highlights the best downhill ski slopes and
resorts, while OpenSeaMap (http://
openseamap.org) offers nautical charts.
Theres even a few more esoteric choices, such
as a 3D mapping project of the Czech Republic
So its easy to
my very
Q Nice.Csar-Franois becomede Thury?
Im not really sure
A Um,he have anything tohowwithanswer that.
was a French
Q Yeah, he Century. Waitcartographer in I
the 18th
a minute, arent
supposed to be the one that asks questions?
Oh yeah, good point. Well, its easy to get
involved with OpenStreetMap and
contribute to creating and updating maps. Sign
up for a free account at www.openstreetmap
.org/user/new. Youll need to agree to share
your contributions. Once done, you can gather
data via GPS devices, local knowledge, or by
tracing aerial imagery. OpenStreetMap users
have been given permission by a number of
sources to do the latter. Funnily enough, the
most popular source is Bing.

areas do these
Q What kinds oflook after?

AThey look at features such as accessibility; Q This all sounds really great. Whos
making OpenStreetMap accessible for
groups with disabilities such as the blind, or
behind OpenStreetMap?
route planning for people in wheelchairs. There
A TheSteve Coast as anproject wasmapping
are nature, conservation and environmental
communities, and others which focus on
certain types of infrastructure, such as road
networks or shipping the OpenSeaMap
project, for example, adds information for
navigating at sea. Locations of lighthouses and
harbours, as well as weather charts and other
essential data, is all provided by the community
to make OpenStreetMap a reliable resource for
sailors. The WikiProject Latter-day Saints,
maps places of worship, while groups such as
the WikiProject Whitewater Maps community
focus on outdoor activities.
Wow, thats quite a list. So do the
communities focus mainly on making
the maps better for users like you and me?
While a lot of communities focus on the
user experience, there are also groups
doing some amazing humanitarian work.
Thanks to contributors, OpenStreetMap has
the worlds largest catalogue of drinking water
sources. Meanwhile, the Humanitarian
OpenStreetMap Team works with relief efforts
around the world, supplying maps and other
resources after catastrophes.
People in areas that are vulnerable
to natural disasters are helped to
prepare and recover by projects
such as WikiProject Haiti, 2011
Sendai earthquake and tsunami,
and on-the-ground initiatives.
Their amazing work has helped
save countless lives.

Founded in 2004, by
2008 we had over 50,000
contributors. We now
have over 1,400,000.
Q Well, thats probably the first time Ivethe
seen the words Bing and popular in
same sentence. So OpenStreetMap is pretty
popular then?
You could say that. It thrives on user
contributions of local knowledge from all
over the world. Steve Coast founded it in 2004,
and the first State of the Map conference was
held in Manchester in 2007. By 2008 there
were over 50,000 contributors, and double
that by early 2009. We hit 600,000
contributors in April 2012, and have now
reached over 1,400,000 registered users.

thats a lot
Q Wow,get crowdedof people. Wont the
with updates?
with a
A Asminoritylot of open collaborative projects
contributes the majority of
content. While quantity is essential to keep a
map from looking empty, quality is essential for
people to rely safely on the maps. Its believed
around 30% of users have contributed at least
once to the database. Also, a number of
communities have been created which focus
on specific areas and features.

service in iOS 6, OpenStreetMap is one of the

sources for for Apples own Maps app.

Q Thats really impressive. What else is

cool about the OpenStreetMap project?
did you know that the
A Well,at www.mapbox.com cleverused a
Sensefly eBee wireless flying drone to capture
100 acres of aerial imagery at 4cm resolution.
The drone had taken 225 photos during a
40-minute flight. Once it landed the images
were imported into TileMill, a design studio for
creating interactive maps. Its available for
Ubuntu from www.mapbox.com/tilemill.
After a bit of I believe the technical term is
fiddling about the resulting image is quickly
added as a custom layer in OpenStreetMaps
ID editor for tracing. You can see a video of the
process at http://bit.ly/lxfmapbox.

service to the UKs Ordnance Survey, a

government-run project that, while good at
gathering large amounts of mapping data, was
reluctant and sometimes downright refused
to make its datasets freely available. The
non-profit OpenStreetMap Foundation was
created in August 2006 to promote and
support the development of freely-reusable
spatial data. Though it has strong ties with the
OpenStreetMap project, it is able to help other
free and open source mapping projects.

Q Are thereinany other ways I can get

involved the project?
A Therean annual are. Since 2007 there has
conference, organised by
the OpenStreetMap Foundation, called State of
the Map. It has been hosted all over the world,
including Amsterdam (2009), Denver (2011)
and Tokyo (2012). Last years conference was
held in Birmingham, and the 2014 conference
is in the early stages of planning for mid- to late
2014. A bidding process is underway to decide
on the host country and venue.
are discussed
Q What topicsconferences? at the State
of the Map
vary, but they
A It canpressing issuesusually touch on the
facing the project
and the state of mapping services in general.
They include keynotes from the people behind
OpenStreetMap, talks on the importance of
geodata, and guides for both beginners and
professionals on using and implementing
OpenStreetMap data. Where the conference is
held can play a part in the topics covered. For
example, disaster-related mapping was a major
theme in Tokyo due to the large earthquake
that hit Japan the year before.
Videos and audio of last years talks are
hosted at http://2013.stateofthemap.org.
Another great resource is www.maptember.
org three geographic and mapping meetings
in the UK during September 2013, and the AGI
GeoCommunity 13 and FOSS4G (Free and
Open-Source Software for Geospatia) 2013
conferences led to September being
affectionately renamed Maptember

Q This sounds like an amazingly altruistic,

collaborative project.

any services that

Q So areOpenStreetMap? Ive heard of

A Yep, its pretty brilliant. Visit http://blogs.

openstreetmap.org to keep up to date

loads. The first major organisation to

A Yes, on OpenStreetMap data was Oxford

with whats going on, or follow us at https://

plus.google.com/+openstreetmap. You can
make a donation to support the valuable work
at http://donate.openstreetmap.org. See
page 76 on how you can edit your own maps.

University. Since then Foursquare, Craigslist

and Wikipedia also use OpenStreetMap. After
Apples abandonment of Googles mapping


February 2014 LXF180 55

Dr Browns Administeria


Dr Browns
Dr Chris Brown


The Doctor provides Linux training, authoring

and consultancy. He finds his PhD in particle
physics to be of no help in this work at all.

Esoteric system administration goodness from

the impenetrable bowels of the server room.

Were all doomed!

ccording to Ars Technica (http://

bit.ly/1brzSG5) the US Navys
newest warship, the USS Zumwalt,
boasts some hefty computing power, based
on Red Hat Linux. Thank goodness
Captn: Sub-lieutenant, we have reports of
enemy ships in the vicinity. Bring the
weapons guidance system online.
Sub-Lt: Aye aye, sir! [Pause] Er, sir
Captn: What?
Sub-Lt: Do you want to read the licence
agreement? Theres quite a lot of it
Captn: Are you insane? Nobody reads
licence agreements. Just click on Accept.
Sub-Lt: Yes, sir! [Another pause] Sir?
Captn: NOW what?
Sub-Lt: Do we want to check for updates?
Captn: No! We do not want to check for
updates. We do not want to participate in a
customer survey, and certainly dont want
our top-secret email address on their
marketing list. We just want to use it!
Sub-Lt: Ah, this is better, sir. Its installing
drivers. Shouldnt be long.
Captn: OK, lieutenant, boot up the tactical
intelligence cluster.
Sub-Lt: Ill need a credit card for that, sir.
Captn: A credit card?
Sub-Lt: Yes, sir. If you remember we only
got the 60-day trial version, and its expired.
Captn: Look, those guys out there are
mean. They dont take prisoners, and
theyre running Linux. Just click on the big
red button that says FIRE Then when it
says are you sure? click on Yes.
Sub-Lt: Yes, captain. Well show em! Firing
weap .... Uh-oh, the screens gone all blue.

Lies and statistics

The popularity of Linux is almost impossible to
measure. But that doesnt stop people trying

e all know that Linux is growing in

market share, but just how many
Linux systems are out there, and
whats the relative popularity of the distros?
These things are difficult to measure. You cant
just count how many people have bought it,
because typically its not something you buy.
A single download of CentOS (say) may end up
installed on hundreds of machines, or on none
at all. Theres no way of knowing. The site
distrowatch.com is well known for publishing
popularity ranking of distros thats based

Ubuntu and Debian (red and green lines)

are gaining ground against RedHat and
CentOS when it comes to hosting websites.

Netcraft (www.netcraft.com) has a long
history of exploring the internet and reporting a
variety of statistics and trends covering
measures such as hosting providers and web

56 LXF180 February 2014

server popularity. Much of the detailed info is

only available if you pay for it, although the web
server survey results are available for free (see,
the server survey here: http://bit.ly/1bI55jf).

purely on the number of page hits the website

receives for each distro, and as the disclaimer
on that site says: they correlate neither to
usage nor to quality and should not be used to
measure the market share of distributions.
Then there have been lots of survey results
that present data derived from asking a
selected group of people which distro they use
(see an example on Constantmayhem.com
http://bit.ly/17Zgako) but the answers
depend strongly on who you ask.
Id like to share with you some recent
results from w3techs (follow the links from
http://w3techs.com/blog) who have been
busy polling the OS behind the worlds
websites. Thats a rather specific thing to
measure, but at least its objective well, sort
of. The results are interesting, showing that
Debian and friends are steadily gaining ground
against Red Hat and friends. To quote the site:
Ubuntu is the shooting star and currently
gains around 500 of the top 10 million websites
every single day. It sounds impressive if you
think about those 500 sysadmins, each day
busily migrating their sites, though if you do
the math, it gets less impressive; accounting
for a 1.8% annual growth.
Of course the other question is: what
exactly are these web-based surveys counting?
IP addresses? Websites? Physical machines?
Theyre not the same thing. A Linux box can
listen on many IP addresses and hosting
companies can run thousands of sites on a
single computer. So how many computers
are running Linux? We just dont know.


Dr Browns Administeria


Win with Cygwin

If you really must use a Windows operating system, install Cygwin and
re-capture all that Linux command-line goodness.

have a confession to make. I use Windows. There, Ive

said it. Maybe that means youll stop reading my column.
In my defence, I use Windows not out of choice but
because I have clients who need content in formats that are
only supported on Windows, like PowerPoint and Camtasia.
The interesting thing is, so many of the open source
programs I have grown to know and love on Linux are
available on Windows, its possible to build yourself a working
environment on Windows thats scarily similar to the true
Linux experience. You can use Chrome in both environments,
and Open Office, and GIMP and so on (I posed the question:
What is the essence of Linux? Back in LXF163).
But for me, the most important package for bringing me
back into my comfort zone when Im using Windows is
Cygwin (www.cygwin.com). Cygwin provides a hefty
collection of apps, which are ports of all our favourite GNU
tools for Windows. At the heart of Cygwin is a library called
cygwin.dll, which provides a (mostly) POSIX-compliant layer
on top of Windows. In other words, it provides a run-time API
very similar to the one found on Linux, so that its relatively
easy to get those GNU tools running.
To install Cygwin, begin by browsing to the official site
http://cygwin.com and downloading the installer, either the
32-bit or 64-bit version as appropriate (Youre doing this on a
Windows box, remember?). Run the installer, click on Next a
few times, and youll get to a slightly bewildering screen
where you can choose which pieces you want to install. These
are presented in 32 categories (Admin, Editors, Interpreters,
Python, Shells and so on). Its not immediately obvious how
to drive this installer. You click on the little circular arrow
icons which lets you cycle among the choices Default, Install,
Re-install and Uninstall.
You can make these selections at the category level, or at
the level of individual packages, or at the global (All) level. The
easy options are to go to the All level (the first line) and select
either default (the no-brainer option) or, if you have plenty of
disk space, choose install, which gets you everything. But its
much more interesting to expand the category list, drill down
to the individual package level and make your selections

Cygwin and Wine

Lets be clear that Cygwin is not like
Wine in reverse. Wine provides binary
compatibility that allows compiled
Windows executables (that is, EXE files)
to run on Linux. Cygwin does not

enable compiled Linux executables

(ELF files) to run on Windows. Instead,
it provides source-level compatibility
and applications must be re-compiled
from source.

there. You can choose to skip or install each package, and you
can choose to install the binary and/or the source code of the
package. It takes a while to look though these, but at least you
get a feel for whats available. Theres also a search box, if
youre looking for a specific package.
Youll run this installer for your initial installation, and you
can run it again later to install (or uninstall) other
components. You also need to re-run it to install updates.
Theres no mechanism to automatically check for updates.
The number of tools included in Cygwin is impressive to
provide just a small sampling: the base category of packages
includes bash, all the core GNU utilities, file, gawk, Grep, gzip,
man, sed, tar, and quite a few others. The Editors category
includes Emacs, Gvim, Joe, Nano, ted, and vi. The interpreters
category includes Emacs, Gawk, python, Ruby, Perl, Tcl.
The Net category includes bind, curl, OpenSSH (including the
all-important SSH client); the Net category includes the
Apache and Lighttpd web servers and squid. The list goes on
and on, but I hope you get the message: theres a lot of good
stuff here. There are man pages, too!
It would be pushing the truth to say that the Cygwin
environment is indistinguishable from Linux. Youre not
running a POSIX-compatible file system, you dont really have
a Linux kernel underneath, and these differences do show
through in the Cygwin command-line experience. For
example, file permissions probably wont work how you
expect them to. If you do an ls l, the permissions you see
are Cygwins attempt to interpret the underlying Windows
ACL in a familiar linuxy rw-r--r-- style. And if you look carefully
at the screenshot and youll see that the executable is named
hello.exe a dead giveaway that weve built it on a Windows
machine. But overall the illusion of sitting at a Linux
command prompt is strong.

A Linux experience in Windows. Bash, cat, GCC, ls what more do you want?


February 2014 LXF180 57

Dr Browns Administeria


An armchair view of the internet

Join me as I poke the internet with a big stick to find out whats out there.

fter I graduated university and started looking

around for a postgraduate research subject I was
very attracted to the field of astronomy. I was
fascinated by how much you can discover about distant
objects simply by looking at them. In the end that didnt work
out for me, but the fascination remained. Nowadays theres a
similar fascination just how much can you discover about a
remote site on the Internet while sitting in front of your
computer? Quite a lot, it turns out. Here, have a squint down
this eyepiece

What can DNS tell us?

org use a
of passive DNS
lookups and
active probing
to present a
picture of what a
sites running.

A good place to start is with a simple DNS lookup. Here, Ive

chosen the site linuxformat.co.uk as my target:
$ dig +short linuxformat.co.uk
That gets us the sites IP address. We can find out where the
sites name servers are by asking DNS for NS records instead:
$ dig +short linuxformat.co.uk ns
Both servers are actually in the future.net domain, not a
surprising result given that Linux Format is published by
Future Publishing.
A reverse DNS might also prove interesting:
$ dig +short -x
Hang on! If we do a forward lookup followed by a reverse
lookup, wouldnt we expect to get back to where we started?
Not necessarily. Its very common for multiple domain names
to have the same IP address, but a reverse lookup is going to
give us the so-called canonical name. Now, TuxRadar is
basically the web presence of Linux Format, so its not really
surprising that both sites are hosted on the same machine.

Looking up MX (Mail Exchanger) records for a domain

may tell you who handles its mail. So for example:
$ dig +short sheffield.ac.uk mx
20 alt1.aspmx.l.google.com.
20 alt2.aspmx.l.google.com.
30 aspmx2.googlemail.com.
30 aspmx3.googlemail.com.
10 aspmx.l.google.com.
from which it seems that Sheffield University is using Google
for its email. Before leaving the world of passive DNS
lookups, its also worth trying:
$ whois linuxformat.co.uk
I wont reproduce the entire output here. Suffice to say
that you get to know the registrants name (in this case
Future Publishing), their postal address, and the expiry date
of the registration.

Getting aggressive
To return to our astronomy comparison, looking things up in
DNS is a bit like an astronomer just consulting a star
catalogue. To make new discoveries, he needs to get out and
actually point his telescope at something. One of the best
telescopes for the internet is a network reconnaissance tool
called Nmap, which I discussed in detail back in LXF173.
A basic Nmap scan shows the open ports on the target:
$ nmap linuxformat.co.uk
Starting Nmap 6.00 ( http://nmap.org )
Nmap scan report for linuxformat.co.uk (
Host is up (0.034s latency).
rDNS record for www.tuxradar.com
Not shown: 987 closed ports
21/tcp open ftp
23/tcp filtered telnet
80/tcp open http
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds
1433/tcp filtered ms-sql-s
2020/tcp open xinupageserver
2967/tcp filtered symantec-av
2968/tcp filtered enpp
4899/tcp filtered radmin
5900/tcp filtered vnc
6667/tcp filtered irc
6668/tcp filtered irc
Here, we see that the machine is running externally
accessible ftp and http servers, and something-or-other on
port 2020 (though probably not xinupageserver thats just
the service name Nmap thinks is associated with the port).

Other scanning tools

Xprobe2 is another OS fingerprinting tool.
I havent had much success with this. I tried
using it to scan my ADSL router and its two
best guesses of OS were FreeBSD and HP
JetDirect ROM R.22.01 EEPROM L.24.08

58 LXF180 February 2014

pOf (Passive OS Fingerprinting) is a rather

different beast. Rather than reaching out to
provoke sites by poking them with a stick,
it passively captures incoming traffic, and is
perhaps best thought of as a specialised sort of

tcpdump. Indeed, it can analyse a PCAP

capture file and has the same notion of filters
for selecting the traffic of interest. Passive
analysis generally takes longer, but the machine
youre analysing doesnt know youre doing it.


Dr Browns Administeria

Tracing the route

With an impressive array of cunning probe techniques,

Nmap remains the premier network reconnaissance tool.

We shouldnt push the astronomy analogy too far here

however much they might like to, astronomers cant reach
out and poke Rigel or Betelgeuse with a long stick to see how
they react. They must be content with passive observations.
You can run a more inquisitive Nmap scan with the -A
option which enables additional advanced and aggressive
options including operating system detection, version
scanning and a traceroute.
# nmap -A linuxformat.co.uk
Note that you need to run this scan at root because Nmap
needs to generate hand-crafted IP packets to do the
fingerprinting something that only a root process can do.
The output is quite extensive and I wont reproduce it here
(you can always run it for yourself). Its best guess at the
underlying OS is Linux 2.6.18. (The folks at Linux Format tell
me its actually running 2.6.15)

One-stop shopping
Much of the information weve seen so far is also provided as
a one-stop-shopping experience by Netcraft. From its home
page (www.netcraft.com) find the Whats that site running
box and enter a URL. The report shows all the DNS
information weve discussed, as well as fingerprinting of the
OS and web browser. Since Netcraft sends out these probes
on a regular basis the results screen also provides a hosting
history which can be quite interesting. For example, www.
royal.gov.uk (the official website of the British Monarchy)
apparently switched from running Microsofts IIS web server
to Nginx in 2011. Poking around among Netcrafts results
threw up a few mysteries; for example, the site download.
http://microsoft.com is shown as running Linux as the OS
and Microsoft IIS 8 as the web server, which pushes credulity
a little too far. (In truth, the machine were probing is probably
part of Akamais content delivery network rather than one in a
Microsoft data centre.)
So, how exactly do you go about fingerprinting a machine?
Well, the basic idea is that all OSes exhibit slightly different
behaviours in their TCP stack, particularly if confronted by
malformed packets or unusual packet sequences. As a simple
example, the initial TCP window size sent by a machine
provides an easy clue, as different OSes tend to use different
values. As another example, the order in which TCP options
appear in a header can be a useful indicator. The TCP
standard doesnt specify a specific order, and different OSes
choose differently. When fingerprinting, no single probe
provides a unique identification, but by examining the
systems response to a variety of carefully crafted probes, its
possible to build up a signature that can be matched against
a database of known signatures, giving a result with
(hopefully) higher certainty. The database contains over
3,500 entries, somewhat cryptically encoded.

Theres an ingenious tool called

Traceroute that attempts to tell you the
path that an IP datagram will take to
reach a specified destination. Usually,
Traceroute will show you how the
packet wriggles its way out of your own
ISPs network, and how it wiggles its
way into the destinations network.
Traceroute relies on a cunning trick of
setting the time to live (TTL) field on
outbound packets.

So starting with a value of 1,

traceroute elicits a time exceeded
response from the first router along the
path. The next packet is given a TTL
value of 2, so the first router forwards
the packet, but the second router drops
it and replies with ICMP Time Exceeded.
By gradually incrementing the TTL field
in this way, traceroute builds a list of
routers that packets pass through until
they reach their destination.

These techniques are fraught with difficulty due to

obstacles along the network route firewalls, NAT gateways,
reverse proxies, load balancers and so on. Any of these might
modify the probe packets (or the replies) in ways more
characteristic of their own TCP/IP stack rather than that of
the machine youre trying to probe. As in astronomy, the
closer you are to a celestial object, the clearer you can see it.
The amount of information that a system leaks is to
some extent a measure of how well the machine and its
firewall have been configured. Websites that havent bothered
to provide a custom 404 not found page reveal what web
server theyre using. Generally, the web server version is easy
to obtain. On the other hand, the version of your backend
database should not be visible to the outside world unless
your site is seriously misconfigured. In my experience youre
most likely to see this on sites that have a buggy PHP serverside script that either contains a syntax error, or generates an
invalid SQL query. When the PHP interpreter or the database
complains, the script will if youre not careful pass the
report back to the browser.

Im IP geolocating you...
Another way of being nosey is to use IP geolocation, which is
the process of translating an IP address to a physical location.
Usually, you can get the country right, just by consulting the
Whois service to discover the address of the registrant. Even
this can go wrong. I had someone on a training course
recently who worked (in the UK) for a German company. He
complained that every website he visited thought he was in
Dusseldorf. There are many commercial databases that
attempt to resolve your IP address to the city level and there
are a few free ones, too (see http://freegeoip.net for
example). In my experience these are a bit hit-and-miss. For
example, freegeoip thinks Im in Newark-on-Trent and www.
ip2location.com thinks Im in Leeds. Both are wrong, if your
intent is to drop a nuclear bomb on me its true that targeting
either of those locations would cause me some
inconvenience. But if youre trying to deliver geo-targeted
advertising, Im unlikely to be interested in a fishmongers
shop thats a 90-minute drive away.
Why might you want to do these things? Well, apart from
simply satisfying your curiosity, there are a few more specific
reasons for this sort of probe. First, scanning your own
network can help determine if theres anything connected to
it that you dont know about. Unauthorised devices can
introduce viruses and security holes. Second, large-scale
scans can provide interesting statistical usage figures
(Netcraft do a lot of this!). Third, and more sinister, knowing
what OS a machine is running is often helpful to would-be
intruders wishing to tailor an exploit for a specific target.
Of course, youre not one of those people, are you? LXF


February 2014 LXF180 59

The best new open source

software on the planet

Joe Jordon

PyCharm Pandoc Nightingale Truecrypt

FlightGear AlienArena MuseScore FreeMind Tupi

is a software developer and when hes

not scouring the net for open source
gems, he relaxes by reinvigorating old
hardware with new Linux releases.

Python Development Environment

PyCharm CE
Version: 3.0.1 Web: www.jetbrains.com/pycharm

ome developers think the only

development tool you need is
Emacs or Vim they have
clearly never tried a JetBrains IDE. Our
HotPicker this month, Joe Jordan, first
met one of their spookily psychic
software products, in his case
ReSharper, while working on a few
C# applications.
Hed had been merrily typing in
boiler plate stuff for literally years, and
then their tool caused his brain to
rewire itself in a matter of hours!
Were delighted, then, to see that an
Apache licensed Community Edition of
its PyCharm IDE has been released for
everyone to play with. JetBrains is, of

course, trying to flog you the Pro

version, but unless you need advanced
features, such as Cython (extensions
for C) or specially tailored Django
functionality, youll be as happy with its
open source offering as Joe (and he
codes Python all day every day).
You get all the usual trimmings you
would expect from an Integrated
Development Environment: file and
symbol breakdowns of your project;

PyCharm: Youll find

yourself typing as fast
as you can think.

Exploring the PyCharm interface

Quickly jump forward and
back through your Edit
History, run and debug the
code, and more.

Symbol Outline
You can expand out a file to
see what classes and
functions are inside, and jump
straight there.

Version Control



The UI highlights new and

changed lines if the code is in
a version control repo.

Just start typing a variable name

and PyCharm will guess what
you mean. Hit Tab to accept.

Preview markers show version control

changes, errors and warnings. You can
click on them to jump to the problem.

60 LXF180 February 2014


Pycharm knows Python syntax so

its autocomplete feature attempts to
anticipate what you mean.

syntax highlighting; running and

debugging your code from inside the
UI; version control markers, and so on.
But where PyCharm really shines is
when you start to type.
Say youve got a well-named
variable like elves_in_tamriel, and you
need to type it four or five times as your
code progresses. In most IDEs, youd
need to type the whole name every
time, or at best itll make you choose
from every similar symbol in the project.
In PyCharm, just typing elv is enough to
get the IDE to suggest only the
variables visible from this scope that
start elv, and you can use the arrow
keys and Tab to choose and accept
which one that you meant. If it guesses
correctly, which it does impressively
quite often, you can just hit Tab and
keep typing.
As this and other syntax-aware
helpers gradually remould your brain,
youll find yourself typing as fast as you
can think, instead of how fast your
fingers can move. Youll never go back
to that plain old editor.


CLI document conversion

Version: 1.12.1 Web: http://johnmacfarlane.net/pandoc

e Linux users are used to

dealing with text files,
whether were
programmers or conf file wizards.
Markdown, the popular online input
language from websites StackExchange
and Github, is a great way to save
formatting into a normal text file
without taking up huge amounts of
space, like a DOCX or ODT file would.
Scientists are also still very attached
to LaTeX and its ability to embed maths
into our documents. However, the rest
of the world hasnt caught up with us
yet DOCX and RTF formats are
everywhere! Persuading these poor lost
souls of the virtues of our way of doing
things has been a minefield and
were still the ones the rest of the family
turns to when MS Word crashes and
loses the vital report/homework! Weve
learnt that saying Why dont you just
use LaTeX is exactly the wrong thing to
utter at this point.

This is where Pandoc bridges the

gap for us. Its a project that parses
human-readable markup languages,
such as HTML, LaTeX and Markdown,
and builds them into a single unified
data structure, and outputs them in a
huge number of formats PDF, DOCX,
ODT, even the EPUB ebook format,
as well as writing back out in all those
input languages.
This means you can happily write all
your documents in your favourite
markup language, and then export
them to DOCX for sending to those
pesky co-workers or set up the family
computer so that the kids can do their
essays in Markdown and then convert
to DOCX or PDF to submit or print.

Pandoc is very useful going from text files, such as

Markdown and LaTeX to formats like PDF and DOC.

Parses markup
languages, and outputs
them in many formats

To get started in Pandoc, which is

available in Debian-based distros by a
simple apt-get install pandoc. To use
you just need to specify your from and
to document types, and then give a
filename or pipe from another process:
pandoc -f markdown -t docx -o my_
work.docx my_work.md
cat my_work.md | pandoc -f markdown
-t docx -o my_work.docx
Of course, we also recommend that
you should check out the man page
with man pandoc to see the full list of
input and output formats, as well as all
the other options you can specify.
The possibilities are extensive!

Music Player and Library

Version: 1.12 Web: http://getnightingale.com

ongbird had a noble goal: to be

an open-source cross-platform
music library application built
on Mozillas XULRunner (the core
libraries that make Firefox and
Thunderbird tick). However, back in
2010 Songbird dropped support for
Linux, and last June the app finally
shuttered its website as the company
couldnt fund development anymore.
Nightingale, the community fork,
was born when Songbird dropped Linux
support. Since then, the community
has been removing the non-free images,
tidying up the clone of the old codebase,
and the result is a polished, speedy and
free (as in freedom) experience
interacting with your music with
support for all the Songbird plugins that
are still around!
The interface is reminiscent of the
heyday of iTunes, back when it was
about helping you organise your music

and less about selling you stuff. You

have a list of songs, complete with autodetected metadata from the MP3s, and
a near-instant filter with the search box.
The interface can also be collapsed
down into a mini-player, you can install
Songbird themes, and even customise
how Nightingale looks using CSS.
On first launch, youre given the
opportunity to install various internet
radio providers, a lyrics-finder and Last.
fm scrobbling. These work like magic,
and integrate seamlessly into the UI.
If you choose Tools > Add-Ons, and in
the settings pane click Get Extensions.
It will take you to a page full of them
inside the application, including apps

Nightingale lets you manage a big, complicated music

library, complete with lyrics fetching, artwork and playlists.

It can synchronise a
specified chunk of your
library to your phone.

for everything from guitar tabs to

library deduplication.
And, of course, Nightingale has the
most important feature for any music
app it can synchronise a specified
chunk of your library to your phone.
It enables you to specify any folder to
sync to you connect your device and
mount the storage, and then enter the
Synchronization tab on the left of the
interface and choose the relevant folder
and playlists. You can subscribe to MP3
podcasts, too, and keep your device
stocked with the latest updates.

February 2014 LXF180 61



Encrypted volume manager

Version: 7.1a Web: www.truecrypt.org

ollowing the revelations in the

news this summer about how
the NSA and GCHQ are reading
all of our emails, theres been renewed
interest in software to tidy up after our
digital footprints. Truecrypt is
controversial in open source circles,
because it has a home-brewed open
source licence and because nobodys
sure exactly who wrote it. However, the
source is out there, and it remains the
easiest way to encrypt your important
data, so it belongs here in HotPicks.
Once youve installed Truecrypt from
the website (the controversy
unfortunately means its missing from
most repos) and run it for the first time
you have a window with some buttons.
Hit Create Volume to make your secret
container, and follow the wizard for
either creating an encrypted file, or
mashing an entire partition such as a
USB stick or a subdirectory of your
home folder.

The highlights of this process

include choosing how many encryption
algorithms to run one-after-another on
your data, dreaming up a complicated
and random password (my tip here is to
daisy chain (sort of) random passwords
you already know until you have a really
long one) and then wiggling the mouse
around to generate a trustworthy
source of entropy!
One other option available to you is
whether to have a Standard encrypted
volume or a Hidden one. A Hidden one
is only really good for fooling very stupid
gangsters who dont know what youre
hiding. In the UK at least, its contempt
of court to hide any encrypted data
from the police if they have reason to
suspect you, which means trying to use
hidden volume may well land you in
prison. Encryption isnt about getting
away with murder, its just about
stopping the government knowing
everything about everyone all the time.

Truecrypt lets you manage encrypted file containers as

files on your computer, or as USB sticks and partitions.

Finally, once youve created the

volume you can go ahead and mount it
by choosing the file or partition, and
entering the password (you may need
to enter your root password to mount
the volume). You can then just start
creating some files inside that new
volume which will contain your secrets
safely dont forget to unmount it when
youre done.

Truecrypt remains the

easiest way to encrypt
your important data.

Digital shredder

Version: 1.0 Web: http://bleachbit.sourceforge.net

e all leave a very detailed

digital trail behind us
search history, social media
cookies and the rest. The data we leave
on companies servers is only so
intrusive, but imagine how much there
is in your browser cache a complete
history of your online behaviour sitting
there on your hard disk, including your
online banking pages if youve risked
that exercise.
Its a good job you mashed the clear
cache button, but did you know that
forensic examination of the disk could
lead to the recovery of most of the files?
This is because filesystems are lazy
theyll delete the reference to the file,
but not wipe over the actual data until
they need the space for something else.
Where Truecrypt was about hiding
your secrets in a safe, Bleachbit is about
shredding your receipts and bank
statements before you put them in the

62 LXF180 February 2014

recycling. It not only monitors and

deletes temporary files and recently
accessed lists that you specify, but it
also writes random data to the empty
parts of your hard disk to make sure
any deleted files really are gone.
The Bleachbit interface enables you
to configure which files to monitor and
delete, and which to leave alone it has
useful descriptions of all the files it can
look for on your operating system. You
can run a preview of the changes it will
make by hitting the preview/magnifying
glass button, and you can actually
make the changes by hitting the delete/
red button. Of course, we also want to
run this task regularly, so theres a

Bleachbit enables you to securely erase system logs,

such as the Firefox cache and recently used files lists.

Configure which files to

monitor and delete, and
which to leave alone.

command line interface that enables

you to add specific cleaning tasks to a
Cron job. You could pack them all into a
script, or just run lots of different Cron
jobs. Its important to choose a time to
run when your applications arent using
the data you should close Firefox,
for example, before clearing its cache
and defragmenting its database!
You also need to run as root if youre
interacting with Apt or Yums files, or
the X11 debug logs. The projects online
documentation has examples for
commands and Cron jobs.


Sheet music editor

Version: 1.3 Web: http://musescore.org

nyone who has had to use a

MIDI program to edit sheet
music will know that it can be
quite a pain in the neck. Youll find that
most applications are MIDI and mixer
first, and the score view is generally
considered an afterthought by the
developers try transposing a
Saxophone part into E flat while still
getting the MIDI synth to play in tune,
its a painful experience we dont wish
to repeat.
MuseScore makes editing sheet
music a delight, because its taken a
score first approach. With heaps of
options for adding notes, tuples
(triplets and so on), trills, and grace
notes, for modifying the spacing and
the labelling, for arranging pretty much
anything on the page exactly as you
want, this editor does it simply.
Highlighted notes, bars or other
objects are coloured in or boxed in blue,
and you can right-click to get its specific

options on the part label you can set

invisible or copy and paste, but on the
whole bar you get the options for
shrinking things horizontally. The parts
feature (File > Parts) makes it very
simple to export each instrument to its
own score, while still keeping a master
copy for the conductor.
The preferred file format is
optimised to store everything that
MuseScore needs compactly, so that it
can be shared on the internet and
the MuseScore Connect and Save
Online features make it easy to find and
share music. It also supports importing
a huge number of other score formats,
and can export in the common
MusicXML format as well. And of

MuseScore enables you to edit, arrange, play back and

share your sheet music very easily.

Editing sheet music is

a delight, as its taken a
score first approach.

course, it can export the parts en

masse to PDF for printing.
Different parts of the music come
with different channels, so you can
mute some parts during playback, and
when you add dynamic information,
such as ppp or rallentando, the
playback feature responds properly
its a real musical preview. This makes
detecting your mistakes much easier,
and is great if you plan to do composing
without a full concert orchestra at hand.
It also enables you to export the
synthesised sound in the free formats
FLAC and OGG, as well as the better
known WAV and MP3. But, most
importantly, MuseScore is just a great
score editor.

Mind map editor

Version: 1.0 Web: http://freemind.sourceforge.net

ots of people use Mind Maps

techniques (or, as we used to call
them at school, spider
diagrams) to organise a complicated
set of ideas that dont fit neatly any
other way. FreeMind is a java application
for doing just this kind of thing on your
computer, and its just got a new version
with some cool new features.
First up, for those new to FreeMind
you will want to create some nodes
which are the basic building blocks of a
mind map. You can select a node by
clicking on it, and your mind map will
start out with one node in the middle.
You can edit this by double clicking,
the text will become an active input,
and you can give a name to your top
level objects.
To create a new child node, you click
the lightbulb icon at the top, or use the
keyboard shortcut Insert, and give the
node a name. Now (and this bit isnt

entirely intuitive, arent you glad you

read this) hover the mouse over the join
between this node and the parent, just
where the line curves, until you get a tall
thin oval this is the handle you can
use to drag the node around and
arrange your child nodes as you want
them to be displayed. While a node is
selected, you can also make it bigger or
smaller by hitting Ctrl++ and Ctrl+-.
FreeMind has added quite a lot of
new features since the last release,
which was over two years ago, including
support for geographical maps with
OpenStreetMap (see What On Earth is
OpenStreetMap p54, and tutorial on
p76). With the information available on

A mind map of
a small part of
the Linux Family
Tree. Apologies
if I left out your
favourite distro!

Includes support for

geographical maps with

the maps, you can build a tree of local

restaurants, tourist sites for your
holiday or anything else you can find on
the planet. You can also host shared
collaborative mind mapping sessions
you will need to make one of you the
master of the mind map and your
friends can connect to you through
their FreeMind install at your IP address
on a port you choose (remember to
open your firewall on that port if youre
having trouble with this.) To get the new
version of FreeMind, youll need to go to
the main Sourceforge site, as at the
time of writing the distros havent
updated their packages for this very
recent release.

February 2014 LXF180 63



HotGames Entertainment apps

Flight simulator

Version: 2.12 Web: www.flightgear.org

ost games give you a

complicated machine
whether its an assault rifle,
or a rally car and then build a
simplistic user interface that makes
this complicated thing easy to use in
the game. For instance, in a racing
game, youll typically have a button
for swerving left, another for
swerving right, the all-important go
faster! button, and maybe, if youre
in difficult mode, a brake pedal. Not
so in the ultra-realistic FlightGear.
This is a game where the initial
tutorial runs like a typical first lesson
at your local airfield, complete with
checks to make sure there arent
pedestrians in the way of your
propellers. It isnt until tutorial
number six (pictured) that you try to
take off and with good reason we

didnt know it would be that easy to

crash a plane while trying to taxi to the
runway! At the end of each attempt,
it tells you the number of deviations
you made from the correct method. If
you get less than 26, you beat us.
Theres no getting away from it
this game is daunting. With a hundred
things to remember, each mapped to a
different key, youll feel lost unless
youve already got a 1,000 flight hours
under your belt. were sure that using
this game with a joystick would make it
easier most of our woes were keeping
track of what the mouse was doing to

A flight sim
program, where
the payoff is
satisfaction that
a light hearted
shooter cant
even approach.

Youll feel lost unless

youve got a 1,000 flight
hours under your belt.

the yolk thats the real name for the

steering wheel, don-cha-know!
But dont get us wrong: its
impossible to sit in front of
something like FlightGear and not
feel awed by its depth. This game has
downloadable content for over 450
aircraft, and two different weather
system plugins. This is 16 years of
open source development, with
aviation enthusiasts everywhere
contributing to the code, and its left
us with an accurate flight sim that
gives you an immeasurable
satisfaction when you can, finally,
take off without crashing.

First person shooter

Alien Arena
Version: 7.66 Web: http://red.planetarena.org

ll the machinery of modern

shooter games has been
collected into this
deathmatch anthology the lighting
effects, the weapon types, the creepy
alien voices and yet the skin it
wears is a light hearted and jovial one
that is more like the movie, Mars
Attacks! than War of the Worlds.
This gives a much friendlier face to a
game that might seem unrelenting to
someone unfamiliar with the genre.
For those who havent been
playing FPS games since Doom and
Quake, this game takes place in, what
is now a traditional location, an
enclosed arena, which this time is full
of hostile aliens and you. Power ups,
ammo, better weapons and armour
are all to be found by exploring, but
you wont get far without meeting an
enemy. Even when you die, the game

64 LXF180 February 2014

continues your score is frags (kills)

minus deaths. When the timer runs out,
the player (or AI bot) with the highest
score wins.
The difficulty levels are suitably
condescending, even on Easy - You Will
Win we were struggling to keep my
score above a pitiful zero. We shudder
to think how fast the bots get at Ultra Only The Best Will Win level.
If youre thinking about organising a
LAN party this may be the game for
you, since the multiplayer server
software is open source as well as the
main codebase, and if youre on Ubuntu
the whole bundle: game and server is

Alien Arena offers a classic multiplayer deathmatch

romp in an outer space junkyard!

If youre thinking about

organising a LAN party
this the game for you.

available for a quick install via the

Software Centre. It also runs on
Windows - so you can invite your
less-enlightened friends, too.
If youre not on Ubuntu, the
source download is 620MB, and
building the software is relatively
simple it really is as easy as
./configure; make; sudo make
install but youll need to grab a
quite long list of libraries it uses. For
once, the script is up to the job of
telling you whats missing, though, so
its not too bad. Good luck, soldier!


2D vector animation studio

Also released


New and updated software that

also deserves a look...

Version: 0.2 Web: www.maefloresta.com

ancy yourself as the next Walt

Disney or Hayao Miyazaki?
Tupi is a modern program for
doing animation the old fashioned way!
With all the features you could need,
including onion-skinning (overlaying a
transparent version of next-door
frames so you can see the relative
positions) and drawing tools for
freehand, geometric shapes and more,
youll soon being creating your very
own 2D masterpieces.
Tupi thinks in vectors, rather than
bitmap or raster images, so when you
sketch a freehand line it will smooth it
out for you nicely. Your boxes and
circles are also selectable, re-sizable
and re-colourable. When youre done
with your first drawing, just select the
next row down in the frame view on the
right. One issue we had with Tupi was
that we found it sometimes tricky to
copy and paste between frames the
project is still in alpha and under heavy

Clonezilla 2.2.0-16
Disk imaging software for system
backup and restore. Grab it from the
LXFDVD this month.

development, so you can expect this

sort of problem to quickly go away as
things solidify.
Playback preview is just a tab away,
and with configurable playback speed
you wont have to draw too many
frames. Pro tip: Professional animators
often draw on twos so a setting of 12
frames per second is perfectly
respectable. Once youve completed
your masterpiece, uploading to Youtube
or exporting to a video file are just a
button click away. Dont forget to
mention Tupi in your credit reel!

GIMP 2.8.10
Open sources answer to Photoshop
gets an update.
Lives 2.2.0
A powerful video effects, editing,
conversion and playback system.

My rather
poor attempt
to animate a
stick figure and
a TARDIS. Dont
judge me.

Lives now includes better

support for handling large clips.

Note management and Evernote client

RTextDoc 1.7
A text editor with proofreading,
designed for typesetting research
papers and using the likes of LaTeX.

Version: 1.5 Web: http://nevernote.sourceforge.net

f your desk is anything like those of

the LXF team, its probably covered
in stacks of paper, cryptic diagrams,
ideas and random scribbles. NixNote is
the solution to this clutter a copy of
your thought history thats tagged and
indexed, complete with rich formatting
and embedded images.
NixNote is also the best Evernote
client for the Linux desktop you can
sync all your thoughts to your Android
phone and gain access from anywhere
via the internet. Of course, being a
desktop app, NixNote also lets you keep
your notes to yourself if youre wary
of handing out all your data to every
new trendy startup out there, you can
keep everything in the local database
and never sync anything. Its also easy
to have an Evernote notebook and a
local/private one, so you can easily
separate the sensitive stuff from the
general brain-cloud.

Sage v5.12
Mathematics software solve
equations and do calculus.

Installing NixNote is a relatively easy

process if youre using Ubuntu you
can add the PPA source using add-aptrepository ppa:vincent-c/nevernote
(you may need to sudo that) and then
after an apt update its installable as
package nixnote. The Sourceforge
website also hosts 32-bit and 64-bit
Deb and RPM packages for other
distributions. Once youre all set up,
its time to make some notes. Hit the
big green plus sign on the dashboard at
the top and start typing away in the

Unleash the drift racer in you with
this racing simulation.
XRoar 0.31.1
The Dragon emulator adds support
for Dragon 200-E.

NixNote brings
offline Evernote
support to the
Linux desktop.


For a guide to installing XRoar

download HotPicks from LXF178.

February 2014 LXF180 65

Back issues Missed one?
Issue 179
January 2014

Issue 178
Christmas 2013

Issue 177
December 2013

Product code:

Product code:

Product code:

In the magazine

In the magazine

In the magazine

Continue the new year

with a freshly installed
Linux, configured just
the way you want it!
We also look to the
future of gaming on
Linux and round up the
best open source video
editors around.

Join the in crowd,

with our feature on
crowdfunding, marvel as
we peer inside Qt, pick
your own beginners
distro, and find out what
Robert r0ml Lefkowitz
has to say about open
source software.

Uncover the next

generation of open
source mobile OSes
in Ben Everards last
feature for LXF. Go
inside Project Sputnik:
Dells Ubuntu laptop and
discover the programs
teaching kids to code.

LXFDVD highlights
Ubuntu 13.10, OpenBSD 5.4,
HotPicks, code books and more.

LXFDVD highlights
Pinguy, Elementary OS Luna,
tutorials and HotPicks.

Issue 176
November 2013

Issue 175
October 2013
Product code:

Product code:

In the magazine

In the magazine

In the magazine

Not satisfied with the

plethora of Linux distros
available? We show you
how to build your own.
Discover why youll want
an Ubuntu phone and
reveal the Raspberry Pi
extras that youll want to
tinker with at home.

Level up your skills with

our guide to the tools
of tomorrow. Peek into
the world of Arch Linux,
and get the inside track
on how open source is
being put to good use at
Jolla, the successor to
Meego, the mobile OS.

Save time and work

smarter with the right
desktop for you. Explore
the Raspberry Jam,
marvel at the insight of
Mozillas top security
guy, and feed your brain
with tutorials on Puppet,
Kotlin, Grub 2 and more.

LXLE, OS/4 OpenLinux and Grml

in 32- and 64-bit flavours.

Issue 174
September 2013

Product code:

LXFDVD highlights

LXFDVD highlights
Rosa Desktop Fresh R1 64-bit,
Sonar Linux and 4MLinux 7.

LXFDVD highlights
Fedora 19, Arch Linux, Knoppix,
Tails Linux and Overclockix.

LXFDVD highlights
Gnome Tweak Tool for Gnome 3,
Mint 15, Linux Bodhi, Siduction.

Quote the issue code shown above and

have your credit or debit card details ready



Available on your device now

*Free Trial not available on Zinio.



Turn on, log in and let our experts help make you a smarter Linux user
has got stuck in with
some compiling this
month and is in awe
of checkinstall.

This month learn how to...

Let it Snowden
f you needed a reason to
distrust big government then
NSA contractor, Edward
Snowden supplied it with the
58,000 files he handed over to
the press. It started with PRISMs
wholesale collection of peoples
data from service providers, and
rather than diminishing, its
become almost absurd:
encryption backdoors, elected
presidents emails compromised
and even elite hacker teams
working for the NSA and GCHQ.
Yes, were not in Kansas
anymore but your data is
probably in Utah or will be soon
and for decades to come, when
the NSAs huge new data centre
comes online.

Cloud collaboration .. 68 PiFace relay fun.......... 70

Host a webserver ........72

Neil Bothwick guides us through

using OwnCloud 6, and how to work
together with others online with
OwnCloud Documents.

Mayank Sharma shows how to set

up an Apache web server to host
your own Wordpress website. It will
even work with the Raspberry Pi!

Les Pounder explains how to control

a fan using Raspberry Pi, a PiFace
expansion board, and some relays.
The possibilities are endless!

Code in tutorials
Source code is presented in beige
boxes. When lines of code are too long
for our columns, the remaining text
appears on the next line in a solid box:

procedure TfrmTextEditor.

I toxing you
Since Skype was on the list of
PRISMed service providers,
I decided to go in search of a
secure IM/VoIP alternative and
came across the open source
Tox project (www.tox.im). This is
aiming not only to be secure
it uses a BitTorrent-like
decentralised DHT system to
hide Toxers but its also plans
to be even more user-friendly
than Skype. The trouble is that
Tox is in pre-alpha and the
Ncurses-based client is the only
one that works reliably.
By the time you read this,
however,Tox is likely to have a
working GTK-based client. The
project lead also seemed
confident that the DHT would be
untrackable by the New Year.

Help map the world .. 76

Static websites ............80

Want to contribute to the largest

open source mapping project in the
world? Get your compass ready, as
Marco Fioretti shows you the way.

Marco Fioretti tells us why the old

ways might also be the best ways
with static websites, and find out how
to create your very own.

Otherwise, there is a gap, like this:

mniWordWrap.Checked := false

Whether youre a beginner or

a guru, learn new skills in our
programming section

In this issue...


This easy to understand

language is a great way to
begin programming p84

Juliet Kemp serves up an

introduction to the free version
of the Smalltalk language p88


February 2014 LXF180 67

Cloud sharing

OwnCloud: Work
Neil Bothwick takes a look at OwnCloud 6 and shows you how to work
collaboratively in the cloud with OwnCloudDocuments.

Neil Bothwick
has a computer in
every room, but
wont disclose the
location of his
central server for
security reasons.

few months ago, we looked at ways of doing cloud

computing without the help of the internet giants,
such as Google and Facebook. One of the options we
looked at for setting up your own cloud computing was called,
rather fittingly, OwnCloud [LXF173 and Roundup on page
26]. We covered how to install, set up and use OwnCloud,
either on your own computer or a hosted system, but now
there is a major new release on the horizon. Currently in the
advanced stages of beta testing, OwnCloud 6 may well have
been released by the time you read this.
OwnCloud 6 offers the usual collection of bug fixes,
usability improvements and minor features, along with some
significant additions. In the previous article, we stated There
is only one important area where the open source alternatives
do not match up to the commercial offerings that of office
productivity software Well, that is changing with OwnCloud 6
offering OwnCloud Documents.
Previous versions of OwnCloud had a basic text editor, but
this is a proper word processor that formats and saves files in
open document ODT format. More importantly, the word
processor supports collaboration, so a number of people can
work on a document. So far, only word processor documents
are supported.

Because it is still in beta, there is no ultra-simple web installer,
nor are you likely to find OwnCloud 6 in your distros
repositories, so we will have to install it from a tarball. If you
already have version 5 installed, you can install the two
versions side by side. To have both at once, rename your
existing OwnCloud directory to OwnCloud5 you will find this
in your web servers DocumentRoot, usually somewhere such
as /var/www.
Now cd to the document root and unpack the OwnCloud
6 tarball, which will create its own directory. You then need to
give the user running your web server (usually either apache
or www-data) full access to this directory; so the full
sequence is:
cd /var/www
mv OwnCloud OwnCloud5

If you use the default data directory location, you will need
to move or copy the data directory from OwnCloud5 to
OwnCloud. If you follow the advice given of keeping your data
in a directory not accessible by the web server, say /var/
OwnCloud, this step is not needed (this is another reason
why it is preferable to keep your data outside the web servers
document root, it keeps it out of the way when upgrading).
In that case, you should back up; the OwnCloud database is
using sqlite. This is in a file called OwnCloud.db in the data
directory, for example:

68 LXF180 February 2014

cp /var/OwnCloud/OwnCloud.db /var/OwnCloud.OwnCloud.
Point your browser at your OwnCloud server, say http://
localhost/OwnCloud, and you will get the Set up an admin
account page, because you moved the old install out of the
way and are starting again. If you have a separate data
directory, dont forget to tell the new OwnCloud where it is on
this page the setting appears when you click Advanced.
You could try unpacking the OwnCloud 6 tarball on top of
your existing OwnCloud 5 files, but this can cause problems
(it is still a beta after all) so the backup and install afresh
approach is recommended. Expect this to change when
version 6 becomes production-ready. If you havent tried
OwnCloud, the procedure is much the same as above, just
skip the parts that involve backing up or renaming OwnCloud
5 paths. Unpack the tarball, set the ownership and log in.

Lets process some words

Once youve logged in, you will see the usual web page listing
the contents of your cloud; theres nothing unusual about
that until you look at the icons on the left side, particularly the
one labelled Documents. Click on this and you will see a list of
all ODT documents already on the server, plus buttons to
upload or create new documents. Open a document and you
will find yourself in a basic word processor, where you can
create and edit content.
If you are running the OwnCloud sync client on your
computer, any changes you make will be synced to the
computer, and vice versa. You will see your username to the
right, a clue to the real power of OwnCloud documents. Click
the Share button and you can specify users or groups who
can also edit the document. Try creating another user and
then opening a different browser window (either use a
different browser or use private mode to stop cookies tripping
over one another), logging in as that user and opening the
document. The sidebar shows the other user is accessing the
document, and any changes made by one user are updated
and highlighted in almost real time in the other users session.
What happens when two users try to edit a piece of text at
the same time? Unfortunately, this beta does not handle that
well and responds by logging one user out, although hitting
reload gets you back to where you were. If you are looking for
a Save button, you wont find it. Changes are committed
automatically use the close button to leave the document
and ensure all changes are committed. If you want to see
when changes were made, use the Activity button on the left
of the main screen, which shows all activity on your account.
Collaborative document editing is the most prominent of
the changes for OwnCloud 6, but there are plenty of others. If
you are hosting OwnCloud on your own hardware, you can
have all the storage space you need that is not normally the
case if you are using a VPS or other hosted environment.


OwnCloud Tutorial


together online
However, you probably have plenty of storage space available,
with services such as Dropbox and Google Drive. You may be
using OwnCloud for privacy and control, but you may also
have plenty of non-critical data that you are happy to store
with those services. Now you can do that and still have it
available through OwnCloud, as it can use external storage
services. This was a feature of OwnCloud 5, but it has been
rewritten for 6 and now works much better.
First, you have to enable external storage by clicking the
+Apps button at the bottom of the left-hand menu bar and
enabling external storage support. Now you have an External
Storage option in both the personal and admin settings
pages, you can set this up globally or per user, but the global
options page has a setting to prevent users doing this if you
wish. Give a folder name, the mount point for the external site,

and select the type of site. For most sites, you will need some
sort of authentication, such as a username and password.
Others use OAuth, so you need to get a key from their site.
For example, to mount a Dropbox folder, go to https://www.
dropbox.com/developers and, in the API console, create a
new API app. Answer the question and press Create app. This
will give you an App Key and App Secret paste these into
the OwnCloud settings, use the Applicable box to set who can
use this (only for global settings) and press Grant Access,
which takes you to a Dropbox page, where you log in and
authorise this OwnCloud instance to access your Dropbox.
The procedure is similar, although sometimes less
complicated, for other storage services. You can even link two
OwnCloud servers in this way. This really is a good time to
start hosting your own cloud files. LXF

Set up and use OwnCloud

Set permissions

If you are presented with this warning, it

means that the OwnCloud directory is still
owned by nobody you can change that
using chown.

4 Two users, one

This shows two users editing the same
documents, with changes made by one
highlighted in the others browser.

Recreate settings

Updating means starting with a blank config;

you need to recreate your admin user and
give the path to the data directory. Other
settings remain unaffected.

External storage 1

Before you can mount a Dropbox or Google

Drive folder in OwnCloud, you first need to
create some authentication keys on the
relevant site.


Share a document

The Share button unlocks the power of

OwnCloud Documents collaborative editing.
Pick the users or groups who can also edit
this document.

External storage 2

Once you have the keys, you can set up the

mount in OwnCloud and where it appears.
Any changes will be automatically synced to
your external account.

February 2014 LXF180 69

Raspberry Pi Use a PiFace board to

control a fan via a push button input

PiFace: Play
Les Pounder explores building bigger Raspberry Pi projects using PiFace.
First of all we need to connect PiFace to our Raspberry Pi.
PiFace has the same form factor as the Raspberry Pi and will
fit neatly over the top, just be careful to align the pins
correctly before applying force. Once the board is fitted well
need to ensure that Raspbian has been updated, to do this
we need to open LXTerminal. Theres an icon on the desktop
for this. Double-click on the icon and a terminal window will
open. In that window type in the following lines:
sudo apt-get update
sudo apt-get install python{,3}-pifacedigitalio
You will have noticed python{,3}-pifacedigitalio in the
code. This will install the libraries for Python 2.x and 3 all at
once. PiFace can be easily used with both versions of Python,
but for our tutorial we shall stick with Python 2.7.

Les Pounder
enjoys tinkering
with lots of new
languages and
gadgets and finds
jQuery great fun.

Testing PiFace

hen the Raspberry Pi was released in February

2012 few would have conceived the popularity of
the diminutive device. The Raspberry Pi has now
found its way into our homes, offices and even industrial
processes. In fact, as Liz Upton informed me recently, the
device that checks the Pis into the factory is a Pi itself.
Back in the early days, there were only a small minority
whod given any thought as to how to connect electronic
components to the Pi, but fast forward 18 months and the
internet is full of Pi-powered projects, each more elaborate
than the next with robotics and motor control being two
popular choices (See Going Beyond Raspberry Pi, p46).
What has helped fuel this uptake is the large number of
specialist boards produced to meet the increasing needs of
Raspberry Pi users. One of the most versatile boards is
Element 14s PiFace. This has a slew of digital inputs and
outputs as well as two 12V relays, which will enable you to
work with high-powered devices in isolation from your Pi.
In this tutorial well create a simple test to ensure that our
PiFace board is working correctly and then we will learn how
to control a 12V PC case fan, using a push button on PiFace
which will be our form of input. Once youve learnt how to do
this for the fan you can safely replace it with any other 12V
device, such as a lamp or even a Nerf sentry gun.
For this tutorial together with your Pi youll need to
have Raspbian OS running, the PiFace add-on board, a 12V
PC case fan, 9V battery (PP3), six male to male jumper
cables, four crocodile clips and a breadboard

70 LXF180 February 2014

Once the Raspberry Pi has finished updating we need to test

our setup and a great and easy way to do this is to blink lots
of LEDs that are built in to PiFace. The board has eight LEDs
built in and they are addressible in our code by using pfd.
leds[x].toggle where [x] is a number between 0 and 7.
To create our test code open a text editor and enter the
following code:
import pifacedigitalio
import time
pfd = pifacedigitalio.PiFaceDigital()
while True:
for i in range(0,7):
Remember that Python is white space sensitive and that
indentations equal four spaces. Python IDE such as IDLE will
automatically indent the code as you type but text editors will
require manual configuration.
Save the code as sweep.py and then return to or open a
new terminal and navigate to the directory where you just
saved the code. In the terminal type:
python sweep.py
You should now see one of the LEDs light up for a split
second then turn off for a split second, followed by the rest in
sequence creating a sweeping light effect using all eight of the
LEDs. Once you are satisfied that this is working, press Ctrl+C
at the same time to break the program.
Now that we know that our board is working correctly,
well build ourselves another project and this time well use
the relays to control our case fan. For this project we need to
wire up our circuit as per the diagram. But lets take the time
to understand whats going on.
Electronic components typically have two wires for
electricity to flow; one is red and itll be labelled + the other is


Raspberry Pi Tutorial


with relays
Hack safely volt you need to know
The Raspberry Pi can safely work with voltages of around 3.3V
to a maximum of 5V and around 0.5 amps of current. Using any
voltages higher than 5V directly with the Pi can result in damage
and in a worst-case scenario the death of your Pi.
PiFace provides a buffered interface to the GPIO, but you
should still exercise the same caution when not using your
PiFace. The only exception to this is when using the relays as
they can safely handle 12V and, in theory, they can also handle
240V but we advise that you dont use voltages greater than 12V
as they can cause serious harm to you.

a ground and is typically blue or black and labelled or

sometimes GND. When working with higher voltages we need
to use a relay as it isolates the higher voltage from the
delicate Pi circuitry. A relay is an electrically operated switch
composed of a strong electromagnet thats triggered by a low
current sent from the Raspberry Pi. Once the magnet is
activated it pulls the switch into a closed position (for our
project), which enables the unsafe 12V to complete a circuit
while remaining totally separate from the Pi. We will be using
the relay to connect the case fan to the 9V power supply
thats been designed to complete the 9V GND section of the
circuit, once PiFace sends 5V to the relay. We are using the
relay in a Normally Open configuration, which means that
the circuit is broken until we apply 5V from the Raspberry Pi.
This turns on the electromagnet, pulls the switch inside the
relay into position that then enables the power to flow from
the battery to the fan.

Programming relays
Our code is simple and shows how we can control any 12V
device thanks to the fantastic libraries that PiFace supplies:
import pifacedigitalio
pfd = pifacedigitalio.PiFaceDigital()

Dealing with 240 volts requires a sound knowledge of

electricity and electronics to use correctly, as the electricity can
arc, by which we mean that electricity can spark out of the wires
and cause harm. In our tutorial we use a PP3 battery to supply
9V to our case fan and while this is less than the 12V it requires,
its enough to power the fan at speeds.
So please hack safely and enjoy learning about circuits and
relays. Always use common sense and check any circuits before
applying voltage, if youve never worked with high voltages
before ask for help at your local LUG or Hackspace.

script. Now that weve setup PiFace we create a while True

loop which will continue forever unless we break out of the
program or turn off our Pi. Inside our loop we use two
conditional statements if pfd.switches[0].value == 1 that
simply means if the first push button is pressed and elif pfd.
switches[1].value == 1 that means if the second push
button is pressed These two push buttons control the
activation and deactivation of our fan. Activation is handled
via pfd.relays[1].value = 1 the value [1] indicates that we are
using the second relay on the board, if you wish to use the
first relay change [1] to [0].
The examples used in this tutorial are there to give you a
grounding in how to use PiFace, but try experimenting with
the board and learning more about the many inputs and
outputs. PiFace is an extremely adaptable board and enables
anyone to quickly build more complex projects using Python
or Scratch (see page 84) making this a must-have piece of kit
for classrooms and hackspaces.
The development team behind PiFace have also made
their example code available via Github here https://github.
com/piface and there are also some great guides on the
Github, too http://bit.ly/PiFaceDocs. LXF

while True:
if pfd.switches[0].value == 1:
pfd.relays[1].value = 1
elif pfd.switches[1].value == 1:
pfd.relays[1].value = 0
Lets look at the code in more detail. First, we import the
module pifacedigitalio this is the library of code that enables
you to work with PiFace. Next, we shorten pifacedigitalio.
PiFaceDigital() using the variable pfd this makes it easier to
work with the function. Before we can use PiFace we have to
initialise using the function pifacedigital.io.init() this tells the
program that we would like to use the PiFace code in our

PiFace uses two 12V relays to control higher voltage circuits.

If you missed last issue Call 0844 848 2852 or +44 1604 251045

February 2014 LXF180 71

Get started Fire up your own low

power web server and Wordpress site

Apache: Host
Mayank Sharma helps you fire up your own Wordpress-hosted website on
the back of Apache, itll even work on the Raspberry Pi.

Mayank Sharma
loves a bit or
Raspberry Pi and
was a contributing
editor at Linux.
com and has
written for
LinuxToday and
Digg, (back when
it was popular).

heres no end to the debate over whether or not you

should host your own website. But there surely isnt a
better way to prove your geek credentials. You can
setup the infrastructure to host a website on your regular
computer, or an old unused one. Start by making sure the
computer thatll be your server has a static IP address.
The easiest way to do this is to setup your router to reserve
an IP address for the server. The exact steps for doing this
varies from one router to another.
For the router to identify your server it needs the MAC
address of the network adaptor. To find this out, scan the
output of the ifconfig command, which will point you to the
network interfaces on the machine and their MAC address.
The active interface will have an IP dished out to it via DHCP.
In our server, scanning the output of the command reveals
that the active network interface is wlan0 and its MAC
address is 0c:ee:e6:bc:33:f6. It also has as its
IP address which is what I setup as its static IP.

Put up the infrastructure

Now lets fetch the different components that make up a web
server. Well start by installing the Apache web server. Fire up
a terminal and enter sudo apt-get install apache2, which
should fetch and install all the required dependencies as well.
Youre actually now all set to host simple websites. Enter
the fixed IP address in the address bar of a browser on any

computer in your local network and you will get the default
Apache It works! index page. But since we plan to host
heavy-duty dynamic websites, well need additional
components like a database and a scripting language.
PHP is still the most popular scripting language of choice
for this task. It fetches data from a database and renders it on
a web page. Some of the most popular content management
systems such as Wordpress, Joomla, Drupal, MediaWiki, and
more are written in PHP.
To install PHP5, enter the following terminal command:
sudo apt-get install php5 libapache2-mod-php5
which will also hook up the module with the web server.
You should next install the Alternative PHP Cache (APC)
package. APC is a PHP extension thats designed to improve
the performance of applications written in PHP. In a terminal
type sudo apt-get install php-apc, which will install and
setup the extension.
Youll now have to restart your web server with sudo
service apache2 restart. To check the PHP cache, first copy
the apc.php file into your web root with:
sudo cp /usr/share/doc/php-apc/apc.php /var/www
and then view it from a web browser by going to http://
localhost/apc.php. This will show you information about
what is being cached, and give you stats on the memory
usage and more. Now lets plug in a database for our web
server. The MySQL database is the most popular open source

Do this on a Raspberry Pi
If you have a Raspberry Pi you can follow the
instructions in this tutorial and set your Pi up as
your own web server.
Before setting out make sure you have burned
the Raspbian distro onto an SD card. Raspbian is
the customised Debian for the Raspberry Pi.
The first thing you should do after you boot the
image is to run its configuration script with sudo
raspi-config and change its memory allocation.
By default, the Raspberry Pi divides its 512MB
memory between the ARM CPU and the
VideoCore GPU. Since youll be primarily using the
Pi as a web server make sure that you allocate
only the bare minimum memory to the GPU,
which is just 16MB.
Next, you should also enable the SSH server to
securely access the Pi from a remote computer
on the network. After rebooting the Pi, update
Raspbian with the commands sudo apt-get
update followed by sudo apt-get upgrade.
Dont forget to change the default password
of the pi admin user.

72 LXF180 February 2014


Apache Tutorial


your website
database that will work with almost every content
management system out there. Fire up a terminal and enter:
sudo apt-get install mysql-server mysql-client php5-mysql
While the MySQL packages are being installed, youll be
prompted for a password for the MySQL admin user, root.
To test the MySQL installation, you can log into it by
entering mysql -u root -p in a terminal. Youll be prompted
for the password for the MySQL root user and then be logged
into the database monitor which has the mysql> prompt.
Type quit to exit MySQL return to the terminal.
When youve installed all the components, restart the
Apache web server with sudo service apache2 restart.
Of late the MariaDB database has been gaining popularity
as a drop-in replacement for MySQL. Its got the same tools
as MySQL so most popular apps that are designed to work
with MySQL will work flawlessly with MariaDB. But MariaDB
isnt available in the official repositories of popular Linux
distributions. Follow the instruction on this page
to install MariaDB in your distro.

Admin the database

The one component in your web server that youll have to
interact with regularly is the database server. Whether its to
create database users or create and manage databases and
their tables. The phpMyAdmin tool is designed to ease the
management of a MySQL/MariaDB database server with its
browser-based graphical interface.

Install the tool by entering this in the terminal:

sudo apt-get install phpmyadmin
Youll be asked to select a web server that will be
automatically configured to run phpMyAdmin. Select the
apache2 entry.
While configuring this tool, youll be asked to hook it up
with a database. For this to work the tool will prompt you for
the password of the database administrative user, which you
setup earlier while installing the database server. Once
authenticated with the database server, youll be asked to
create and confirm a password for phpMyAdmin itself.
The setup will then add a phpmyadmin.conf file in the
/etc/apache2/conf-enabled directory which will point to
the phpMyAdmin installation under /usr/share/
phpmyadmin. To access the tool, point your web browser to
http://localhost/phpmyadmin. Login with phpmyadmin as
the username along with the password you created during
the setup process.
If phpMyAdmin prints an error message at the bottom of
the page, follow this Launchpad link (http://bit.
ly/1f4MmSw) to correct the issue.
Thats all it takes. You can now safely disconnect the
monitor. As long as the computer is connected to the
network, you can login to it remotely with SSH and copy files
via FTP. Now follow the walkthroughs to flesh out the server
with additional components and also install the Wordpress
content management system and serve complex websites
from your own server. LXF

Install additional items


This application will help you to transfer files

to the web server. To install the app, log into
the web server and enter the command sudo
apt-get install proftpd in a terminal. You can
run the FTP server in either the inetd mode
which is ideal for low-traffic installation or as a
standalone server. The server is controlled by
the /etc/proftpd/proftpd.conf
configuration file.


If you like phpMyAdmin youll likely love

Webmin. Its a web-based tool that lets you
configure various aspects of your web server
from a web browser. You can add users in
your server as well as edit configuration files,
and modify the different components of the
web server. Follow the instructions on this
page (http://www.webmin.com/deb.html)
to install the tool in your distro.


The Apache web server keeps track of lots of

data about the server, such as the date and
time a web page was accessed, the IP
address of the individual viewing the page,
and more. Webalizer presents all of this
information in an easy to digest graphical
view. Install the tool with sudo apt-get install
webalizer and then generate the reports with
sudo webalizer.

If you missed last issue Call 0844 848 2852 or +44 1604 251045

February 2014 LXF180 73

Tutorial Apache


Install Wordpress on your server

Download Wordpress

The first step is to get the Wordpress files on to your web server.
Log into the server and change to the web servers root directory (cd
/var/www). Here download the latest Wordpress release with wget
http://wordpress.org/latest.tar.gz and unzip it with sudo tar zxvf
latest.tar.gz, which will extract all the files under a folder called
wordpress. Rename the folder if you wish.

Setup Wordpress

To pass on the database settings to Wordpress, launch your browser

and navigate to the Wordpress setup page under the Wordpress
installation location, for example http://localhost/wordpress/
wp-admin/setup-config.php. Here enter the name of the database
you created in the previous step along with the MySQL admins
username and password.

74 LXF180 February 2014

Manual setup

The previous step will create a wp-config.php file under your

Wordpress installation directory. If it is unable to create it, youll have
to manually create the file under the Wordpress installation directory.
The Wordpress setup will print the contents of the file that you can
paste into the manually created wp-config.php file using your
favourite text editor.

Installing Wordpress

With the file in place, simply navigate to the Wordpress installer under
the wordpress installation directory, for example, http://localhost/
wp-admin/install.php. Youll be prompted for details of your
Wordpress website such as its name and the credentials of the site
admin, as well as your email address. Click the Install WordPress
button when youre done.

Create a database

Now login to phpMyAdmin and switch to the Users tab. Click on the
Add user option to add a new user. Enter the username and password
for the new user in the text boxes. Also select the option to create a
database with the same name as the username, for example
Wordpress or Blog. Finally, select the Check All option under Global
privileges and click the Go button.

Dealing with dashboard

Thats all it takes to install Wordpress. The Wordpress installer will

connect to the database server and use the information in its
configuration that you created in earlier steps to create the required
tables in the Wordpress database. Itll then drop you to the login page
from where you can authenticate yourself and log into the dashboard
and start building your website.


Apache Tutorial

The 50p tour of Apache
A web server is a complex piece of software.
Dont underestimate it just because you can
install Apache with a single command.
In Ubuntu, Apache is installed under /etc/
apache2 directory. It houses the apache2.conf
file which is its main configuration file. On start
up the server reads the instructions in this
particular file. It also reads the ports.conf file
which points it to ports it should keep an eye on
for incoming connections.
There are also directories such as confenabled, mods-enabled and sites-enabled
that house different configurations to manage
modules and other snippets of configuration
usually added by additional components, such
as phpMyAdmin. If you need to configure the
web server its best to add an entry in a file

under the appropriate directory instead of

modifying the apache2.conf file.
For example, if you get an error about the
servers fully qualified domain name when
starting up, you can resolve it by setting the
ServerName parameter. The command:
echo ServerName localhost | sudo tee /etc/
will create the servername.conf file under the
conf-enabled directory to set the proper
identity of the server.
The sites-enabled directory is tied with
Apaches ability to host multiple sites on a single
Apache installation. This feature is known as
VirtualHost. By default, the installation only
enables the site called default, which is what you
will see when you browse to http://localhost.

You can extend Apache by fetching useful

modules from http://modules.apache.org.
You can enable configuration elements and
modules by using the a2enconf and a2enmod
command-line tools.

Access your website from the web


To get started create an account with a Dynamic DNS website, such

as http://noip.com, to map your local website with a domain name
and track changes to the DNS configuration. Youll need to select a
domain name for your website and create an account with the
service. Different services offer different domain names but many
also offer some free ones such as http://no-ip.biz.

Open ports

Next you need to forward ports to allow the router to allow incoming
web traffic from its firewall. Again the exact steps for this step
depend on the router. Try the guides at http://portforward.com for
exact steps for your router. Basically you need to enter the port
number you wish to allow traffic from (80) and the local IP address of
the web server this traffic should be directed to.

Setup router

After youve confirmed the account, log in to your router and head to
its Dynamic DNS section. The exact location of this section varies
from router to router. In this section, select the DDNS provider and
enter the login credentials with the service along with the registered
domain name. Save the configuration after you router successfully
connects with the DDNS service.

Setup Apache

The final step is to edit your Apaches configuration file under the
sites-enabled directory and go on to create a ServerAlias entry in the
default <VirtualHost *:80> configuration, such as ServerAlias
l33tbodhi.no-ip.biz. Now youll need to restart the Apache web
server and your local website should now be accessible to you from
anywhere you are via the Internet.


February 2014 LXF180 75

Mapping Produce your own accurate

digital maps and share them online

Marco Fioretti explains how to work on the biggest open map in the world
and use it as the basis for your own cartography.
All digital maps such as OSM are made of separate layers.
In general, there is one layer for every type of data. A layer
could consist of the shapes and positions of all and only the
houses built in your city between the years 1990 and 2000;
another may contain the paths of all the rivers of Great
Britain. Map editors can modify layers one at a time, while
map-rendering software can combine them in many ways.
What makes OSM special is that you can, both technically
and legally, not only edit its raw database (called OSM Data
Layer) but also reuse it and combine it with any other layer, in
ways that are much easier than you may think.
To help you do all this, well explain the main functions of
some popular OSM editors, then how to collect field data in
easy but effective ways. Finally, we show you how to create,
starting from OSM, custom maps that you can even embed in
your website.

Marco Fioretti
likes free software.
He studies and
teaches on the
impact on society
of open digital

The OSM editing cycle

Fig 1. You can
start improving
OSM as soon
as you get an
OSM account,
with the iD webbased editor.

ou tend to find two maxims in cartography manuals:

Map or you will be mapped and He who designs
the map controls how others see the world These
two principles are the reason we decided to write about
OpenStreetMap (OSM, http://openstreetmap.org). If
youre interested in the world around you itll help you
become an editor of the online map that everybody can
edit. It may even help you to convince others to assist you.
Contributing to OSM can be great fun, not to mention an
excellent and selfless civic service.

76 LXF180 February 2014

Whatever editor you use, contributing to OSM always

includes these three basic steps:
Load from a local OSM file or straight from the website
the part of the map that you want to work on.
Edit it using any combination of aerial photographs, field
data and your memory.
Upload and merge all your changes into the main OSM
database for all the world to see.
In order to do this, or to create embeddable maps, you
need to get a user account on the OSM website. The quickest
and simplest way to become an OSM contributor is to use
web-based editors, such as iD or Potlatch. These are
in-browser editors that you can use when you log on to the
OSM website and click on the Edit link above the map. See
Fig 1 it shows part of the iD interface: there are buttons to add
points, lines and areas, tools to modify already existing
elements and forms where you can define all of their tags. You
may also get an RSS feed that informs you of all the edits
made to a certain area.
The open source Java editor, called JOSM (http://josm.
openstreetmap.de), is available as a binary package on most
Linux distributions and follows the same basic flow but has
many more functions.
Dont let JOSMs crowded interface overwhelm you! To get
started, you dont need to know everything just the basic
operations. To move inside the map, you drag it around while
pressing the right-mouse button, and you can zoom in and
out with the mouse wheel or the + and - keys.
The buttons (partly shown in Fig 2) are divided into two
main groups: the top ones correspond to the main
operations, eg, Select, Delete, Draw. The lower buttons open
panels that display many kinds of information, run data filters
or help you to clone ways. The panels stacked on the right of
the map provide information on the objects on which you are


OpenStreetMap Tutorial


Map the world


OSM elements
Both the whole OSM data layer and the
sections corresponding to single cities or
countries are available in several open
formats. The basic one, with the OSM
extension, is a dialect of XML. There are
also hybrid formats (PBF, O5M, etc)
optimised for streaming applications or
incremental database upgrades.

Regardless of formats, everything you see

in OSM is a combination of three different
types of element.
Single point features, such as springs
or city centres, are represented by nodes.
Ordered lists of nodes, called ways, define
objects that consist of lines or are
enclosed by them: from rivers and roads

working. There is a panel to rearrange layers or temporarily

hide them, and another that shows all the tags of an object,
so you can modify them or add new ones. Even more
important may be the Selection panel, which shows you what,
exactly, is selected at any given moment, for example a whole
street or just one of its points. A button in the same panel
opens the JOSM search interface, which can work on tens of
different criteria. If you entered highway=* type:way, for
example, it would find all the roads in the area you
downloaded for editing.

to buildings or national parks. The links

among objects are inside data structures,
called relations: a Route relation
connects all the trunks of the same
highway. Besides relations, each single
OSM object can have many tags, that is
key/value pairs of text strings, that
describe what it is.

The golden rules of

Dont copy from
other maps, and
have fun!

load all the tags of that object in the Properties panel. You
may add, edit and delete tags either there or from the Presets
menu of JOSM. Before changing anything, though, control
what you have selected. A common error for JOSM beginners
is to apply certain actions to a whole street instead of just one
of its points, or vice-versa, because they believed they had
selected the first instead of the latter.

Downloading OSM data

Of course, you cant edit on your desktop a map you didnt
download first. In practice, youll need to download only the
small part of OSM that you want to modify. There are five
ways to do this, after you click on File > Download from
OSM. You may enter a place name (eg, Wembley Stadium),
the geographical coordinates of a rectangle, or search for
tiles, which are the little squares that constitute a layer at a
certain zoom level.
The easiest way, however, is the Slippy map: find the area
you need in the preview box, then select it by dragging the left
mouse button (but dont choose an area so big that the OSM
servers will refuse to serve your request). You can also
bookmark the parts of the map you edit regularly.
At this point, you may start working, or just save what you
downloaded for later (maybe offline) editing, by setting that
data as the active layer and then clicking File > Save. In either
case, the map outside the selected area will look greyed out,
to remind you that you must not edit it (not in the current
session, at least). If you want to use aerial photographs as
a reference, choose and download them from the Imagery
menu. The first choice there is satellite photographs by Bing,
courtesy of Microsoft.
The two operations you will perform most frequently as an
OSM editor are selection and drawing. Selecting objects is
necessary to move or delete them, or to better define what
they are. To select something, press the Select button and
click on the object with the left-mouse button. This action will

Fig 2. JOSM is richer than iD, but you can do lots using only a few buttons.

If you missed last issue Call 0844 848 2852 or +44 1604 251045

February 2014 LXF180 77

Tutorial OpenStreetMap


Before you draw, make sure that nothing is selected and

click on the Draw tool. To begin drawing a line, double-click
where it should start, then click once for every other point
that defines that line. Double-click when you reach the end of
the line.
When you are done editing, click File > Upload Data to
merge your work with the main OSM database, remembering
to add a description of your edits in the upload form.

Capture the world and add it to OSM

The amount of
OSM data you can
get from relatives
and friends is
limited only by how
much they like you!

Correcting errors or adding objects to OSM using satellite

photographs as a reference is great. In some areas, however,
it has a couple of limitations that are hard, if not impossible,
to ignore. Photographs, for instance, are not available at the
same resolution for all places, and, ultimately, theyre unlikely
to be as up to date as your own photos. The way to overcome
this is to gather raw data yourself, directly from the field. This
may be the most important (and fun) activity that you do with
OSM, and its for the benefit of everyone.
There are two ways to do OSM surveys, that are both
much more accurate and productive than anything you may
do with your means only. One involves GPS navigators, the
other requires a trusty pen, some paper and your feet! Both
these methods are also perfect for collaborative work; theres
no reason why the person who provides map or GPS
measurements has to be the same person who adds the
corresponding objects to OSM. Asking friends and relatives
who like going hiking, for instance, can be a great source of
extra OSM data.

How OSM meets GPS

All GPS-enabled devices, from smartphones to car navigation
systems, can store latitude and longitude data for their
current location. A couple of such numbers and the
associated timestamp constitute one GPS waypoint. These
devices can also store whole tracks: thats a series of
waypoints captured at regular intervals while you move.
Saving these track files to a computer is a really easy

Fig 3. The right side of JOSM holds a set of panels that displays all the data
about the currently selected objects.

Fig 4. Thanks to their QR codes, OSM editors immediately

recognise hand-drawn Field Papers snapshots and load by
themselves the corresponding section of OpenStreetMap.

operation, even if the details depend on the exact

combination of GPS device and Linux distro.
Now, if you think about it, youll quickly see that GPS
waypoints and tracks are nothing other than OSM nodes and
ways. Wouldnt it be great if you could tell an OSM editor to
load and display all that stuff below the OSM data layer, in the
right position? If that were possible, you would only have to
double-click wherever you saw a GPS waypoint to create the
corresponding OSM node, right? Of course, the answer is yes
and, of course, it is already possible and easy to do this.
In JOSM, for example, click File > Open, select the track file
and youll get a new, non-editable GPS data layer. Which is
much more accurate and up to date than any aerial
photograph might be.

No GPS? No problem!
In general, nothing prevents people from printing a part of
OSM, visiting the corresponding area and drawing, directly on
paper, all the differences or missing parts. The obvious
drawback is that, unlike the GPS tracks, this wouldnt be
digital data that an OSM editor can load and place with
enough precision
Unless you did the drawing on a printout from
http://fieldpapers.org! This web service produces PDF
versions of OSM areas, with a QR code included, that are
made-to-order for manual map drawing.
Thanks to that code, if you draw by hand on a piece of field
paper, you can scan and upload the whole thing to
fieldpapers.org. The service will be able to do two things:
recognise exactly what part of OSM that is, and convert it to a
format usable as a background layer, just like satellite pictures
or GPS tracks.
The procedure to generate a field paper is very simple,
and similar to that for slippy maps inside JOSM: zoom and
pan inside the map until you find the area you need, then
select its borders with the mouse. In addition, you can decide
the style of the background, caption, and whether to add
grids or not.
The only part of the process that requires some practice is
figuring out the exact extension and scale of the OSM area to
print. A map too big will just waste paper, but one at too large

Never miss another issue Subscribe to the #1 source for Linux on page 32.
78 LXF180 February 2014


OpenStreetMap Tutorial

a scale wont let you draw on it with enough precision. A field
paper with predefined borders and all the other options we
mentioned is called an atlas and, besides PDF, may be
downloaded in several raw formats. Once you have a printed
Atlas, take a walk in the corresponding area and draw directly
on it, as accurately as possible, what is on the ground. Then,
when you are back home, youll need to scan the paper with a
resolution of at least 200dpi; save it in JPG, PNG, TIF or GIF
format (not PDF!); youll have a snapshot ready for
fieldpapers.org, so upload it and take note of the URL and ID
number that the server associates with it.
You can keep your work private, declare it as public or
share it with specific people, by sending them the unique
URLs that fieldpapers.org creates for each snapshot. Once
ready, Field Paper snapshots can be loaded directly in OSM
online editors, such as iD, by clicking on the corresponding
links right above them. To load them in JOSM, instead, you will
need a plug-in. In JOSM, click on Edit > Preferences, open the
Plugins tab and select Field Papers (not Walking Papers,
which was a similar service now apparently closed).
Next, click OK and restart the program, which will now
have a new Field Papers entry in the top menu. To use a
snapshot, click there and enter its complete URL, as found on
fieldpapers.org, in the pop-up box. Next, of course, you will
have to load the corresponding part of the OSM data layer. No
problem: click again on File > Download from OSM > Slippy
Map and you will find the OSM section that exactly matches
that snapshot already selected. Thats great, isnt it?

Put your maps on your website

By now, you know how to contribute to OSM with several
kinds of input. Once you fall in love with OSM, though, sooner
or later you will want to use it as the basis for your custom
maps, possibly embedded on your own website. There are
many ways to do this, but the simplest ones are MapBox
(www.mapbox.com) and Umap (http://umap.
Both services make it easy to create layers that you can
display over the standard OSM. MapBox also has commercial
plans, with different levels of storage space and map views.
I will focus on Umap, because it is entirely free software and
gives you more options on what you can do with your data,
but MapBox works more or less in the same way.
To use Umap, you must already have an OSM account.
The Umap online editor works very much like a simplified
version of iD. The only difference is that it lets you edit only
your own extra layers, not the actual OSM. The commands
are very simple, so Ill just invite you to look at the result in Fig
5 and describe the main features of Umap, instead.
You can choose the OSM style, invite others to work on
the map, upload or download your layers in GeoJson format,
share the whole map via direct URL or embed it in any web
page. The last three operations are all accessible by the
Embed and share this map button on the left of the Umap
window. If you want the embedding, click there, copy the
whole iframe code in the Embed the map field and paste it in

Fig 5. Discover on page 80, how you can embed OSM, using the Umap service,
directly into your own static websites.

the source code of your web page. Note, however, that CMS
systems such as Drupal or WordPress will strip raw HTML
such as that out, by default, for security reasons. You will have
to install plugins that support iframes to make the embedding
work as intended.

Final tips and best practices

At this point, it should be clear that much more than hacking
skill is needed to be a really good OSM contributor, because it
requires quite a lot of patience and self-discipline.
First, always provide good metadata: use tags as often
as possible, and always add a detailed description of your
edits when you upload them.
Second, dont be creative: study and follow established
naming and tagging conventions.
Third, start small, with one or two little edits at a time,
and only when you are sure that OSM should be changed in
that way. Then, come back to check if more expert editors
decided to undo or modify your changes.
Another important best practice is to always work in short
sessions, uploading your changes as soon as you are done.
This will guarantee you are always working on the most up to
date version of OSM. It will also minimise the chances of
concurrent editing by you and others, which may lead to
conflicts and loss of work. Last but not least, be sure to
remember the golden rule of OpenStreetMap: dont copy
from other maps. LXF

More than hacking
skills, what you
really need to
be a good OSM
contributor is
patience and selfdiscipline.

What to read next

To find out more about JOSM than we could ever have fitted into
four pages, download the PDF manual at Mapkirbera.org
(http://bit.ly/1himAhB). If youre after the very basics of OSM,
head to http://learnosm.org website. Also important, to

understand the rich OSM tagging system, are the Map Features
and TagInfo pages at, respectively,
http://wiki.openstreetmap.org/wiki/Map_Features and


February 2014 LXF180 79

Websites Learn how to make and

customise a static site using Mynt

How to: Build

Marco Fioretti explains how to build websites as they did twenty years ago,
and why its actually still a good idea for certain types of content.

Marco Fioretti
likes free software.
He studies and
teaches on the
impact of open
digital technology
on society.

e know what you are thinking: this is the age of

Web 2.0, mobile apps, real-time collaboration...
and LXF wants to teach me how to set up a static
website? What is this? 1995! We understand. The hardest part
of static websites is not their creation and management, but
figuring out when and why they could be good for you today.
Thats why well start with a detailed explanation of what
static websites actually are, how they work and when, exactly,
they still make a lot of sense. Next, well show you step by

Fig 1. When you visit a dynamic site a lot of things happen in the background.

80 LXF180 February 2014

step how to build such a website with one of the many free
software tools developed just for this kind of job. Finally,
well briefly mention some other free software packages that
will do a similar job.
As shown in Fig 1, our web browser shows us HTML
(HyperText Markup Language) pages that they request on
our behalf from a website, using the HyperText Transfer
Protocol (HTTP). When you visit a dynamic website, such as
www.linuxformat.co.uk, its HTTP server gets the pages from
a Content Management System (CMS). This CMS builds at
least part of each document on the fly each time. This is how
each user gets up to date menus, or content customised
according to their access privileges or other real-time input.
Static websites, instead, replace the upper half of Fig 1
with pre-built files that the HTTP server picks from standard
folders and sends as they are, every time, to whoever
requests them.
Let me repeat this very important thing: what is dynamic
or static here is only the HTML files as seen and transmitted
by the HTTP server. Static web pages need not to be ugly,
completely fixed and passive. They can certainly use
beautiful, modern CSS style sheets. They can also embed
Slideshare presentations, YouTube videos, drop-down menus,
dynamic tables and everything else a modern browser may
process and run locally by itself.

Reasons to be cheerful
For a webmaster, the first advantage of a static website is the
peace of mind that comes from far fewer administration
chores and much more security. A CMS must be constantly
updated, since malicious user input can exploit bugs to make
it crash or expose private data. Static pages, instead, are
created by software unreachable by crackers and have
nothing that may break inside. The only moving part of a
static website is the HTTP server, which is much more stable
software than most CMSes, and is usually managed by
somebody else.
Other advantages are greater speed and reduced costs.
Making pages more or less from scratch for every single
request takes much more time and processing power than
sending static files. Besides which, plain folders on internet
servers are much cheaper, when they arent given away for
free, than real hosting accounts with dynamic features.
As good as they are, static websites are not for everyone.
To begin with, you have to write content as plain text (more
on this below), then upload it manually, or set up a script that
does it for you. Many people find that way of working much
better than using a GUI, because it lets you script many more
operations and write without distractions in your preferred
editor. On the other hand, such a workflow is feasible only if all
the authors of a website can accept it and are skilled enough
to handle the process.


Static websites Tutorial


a static website
Other static generators
Mynt is perfect for a tutorial, but isnt the only
one around or has the most features. If you dont
like Mynt, try the following: Bashblog, Blogofile,
Jekyll, Nikola and Pelican. According to
http://staticsitegenerators.net there are more
than 200 applications of this type In practice,
and ignoring obvious issues such as software

licenses, what makes the most difference

between one generator and another are its
language and community support. I mention
languages because you must take into account
both the programming language in which a
package is written, and the markup language(s)
it can accept as sources. Most site generators

The other big issue is how much visitors must provide

data or directly interact among themselves. A website full of
forms really needs some non-static software on the server to
handle their input. This is also true if you must generate
different content for each visitor. Adding the possibility to
comment and discuss your posts is very easy with third party
systems, such as Disqus, but only if you are comfortable with
the privacy and data-ownership problems they create.

Build a static website

Local search may be another showstopper, if you want to
include that as an option. If you dont want to tell your visitors
to use Google, youll have to stick to CMSes that also offer
that feature, or set up a separate (non-static) search engine
software by yourself.
Using a static website is suitable for various
circumstances. For instance, when a project finishes and you
just need to keep it online, as is, you can take a full static
snapshot once with mirroring utility. On Linux, use one

seem to be written in Python or Ruby, with

JavaScript, PHP, Perl and even Bash trailing
behind by quite a distance. When it comes to
sources, almost all the free software generators
support Markdown. Many of them, also accept
input formatted with Markdown alternatives,
such as Textile, Liquid, or even good old HTML.

command like this:

wget -mk -w 50 http://www.mywebsite.com/
This will create a fully portable copy of www.mywebsite.com
on a folder on your computer, which you can then upload to
your server. A live static website works a bit different. Its one
that will be more or less regularly updated and it works, more
or less, in this way:
Prepare templates and general configuration data (this is a
one-time task).
Write your pages in a text editor with a markup language,
such as Markdown.
Feed the pages to a static website processor application,
which will create go ahead and create HTML versions of your
posts and all the auxiliary pages, from category and monthly
indexes to RSS feeds.
Upload everything on the server (this may be handled by
the site processor itself).
Restart the website processor whenever you add or update
source documents.

Static websites
need not to be ugly
and passive. They
can use state of
the art style sheets
and everything
modern browsers
can handle by

Fig 2. Yes, we
know: the default
look of a Mynt
website is pretty
dull, but its
fast and it takes
little time to
customise it as
you wish.

If you missed last issue Call 0844 848 2852 or +44 1604 251045

February 2014 LXF180 81

Tutorial Static websites


Fig 5 This is what Mynt generates when you feed it with simple Markdown
input as explained in these pages: clean, standard HTML pages.

The flow Ive just described assumes that the website

processor is installed on your local computer. If you have the
right access and environment on the HTTP server, however,
nothing prevents you from installing the processor on the
server itself as a regular Cron job. Then you could write
content from any computer or smartphone, upload it and see
the HTML version online a couple of minutes later.

Thats Mynt mate

Another reason to
use static websites
is that the only
user interface that
you need to learn
how to use is your
text editor.

Ill now show you how to work with Mynt (http://mynt.

mirroredwhite.com), a static site generator written in
Python, whose slogan is Static Done Simple Installation of
Mynt should not be a problem on any recent Linux
distribution: type pip install mynt as root at the prompt, and
your Python environment will download and configure the
package and all its dependencies. This, instead:
[marco@polaris]$ mynt init mynt_demo
>> Initializing
Completed in 0.011s
is how you tell Mynt (as a normal user!) to create the initial
environment for a certain site, which consists of the following
files and folders:
[marco@polaris]$ ls mynt_demo/
index.html _assets
feed.xml _posts
config.yml _templates
Index.html and feed.xml are the empty home page and,
respectively, the RSS feed of your website. If, right after
initialisation, you decide to launch Mynt (as explained in the
Generate The Site, p83), you would get what you see in Fig 2:
an absolutely generic layout with placeholder texts.
To customise the text and other features of your site, you
need to edit the config.yml file. For instance, Fig 3 shows
how the sidebar changed after I set these variables:
base_url: http://zona-m.net/marco/mynt
subtitle: simple, but really fast
title: Static Blog Demo
author: Marco for LXF
And added the this is a static blog paragraph to the main

layout file (see below), called layout.html. There are many

more things you can (and should!) play with inside config.
yml. These two settings, for example:
date_format: %B %d, %Y
posts_url: /articles/<title>/
This tells Mynt to display dates as November, 16th, 2013
and to put posts inside an articles subfolder, in files named
after their titles.
The next big Mynt thing to play with before publishing
would be the files in the _templates folder. Like index.html,
each of them defines the layout of some page type: from
chronological archives to tag indexes, single posts and site
headers. The templates are HTML files with some code inside.
Here is a very short snippet of that code, to give you an idea
of how it works:
<ul id=navigation>
{% for item in navigation %}
<li><a href={{ item.href }}>{{ item.caption }}</a></li>
{% endfor %}
<h1>Who am I?</h1>
{{ my_name }}
The first part of the code above means, more or less,
insert a list of links here, one for each item in the navigation
variable The last line simply places the actual value of the
my_name variable below the Who am I? header.
In general, strings inside {% %} delimiters are single
commands or flow control sequences. Double curly quotes,
instead, contain variables and their actual content should be
used each time the template is rendered. The variable values
can be processed by filters concatenated with the pipe
symbol, in the similar way that happens in shell scripts. This:
{{ company_name|striptags }}
removes any HTML markup that may have ended inside
company_name. All this code was not invented for Mynt, but
is the core of a generic template engine called Jinja (
http://jinja.pocoo.org/docs/templates/). Jinja is installed
transparently with Mynt. You only need to know this in case
you ever need to find the right documentation for it.
Mynt wants you to put everything thats not text content,
from images to JavaScript and stylesheets, in the _assets
folder. Fig 4 illustrates how weve completely changed the
look of the demo website, by simply replacing the default
style.css file with another, inside _assets/css.

Lets write
After configuration and templates, we can think about
content. All your texts should go into the _posts directory,
one source file per article. Mynt sources are plain text files,
with names that, by default, start with the publication date, as
in 2010-11-14-Conference-Report.md.
You can use any text editor to prepare posts for Mynt, as
long as you give them the following two-part structure. The
first part, which starts and ends with three dashes, is called
frontmatter. It contains all the metadata of an article,
formatted as YAML (Yet Another Markup Language,
http://yaml.org). A frontmatter for Mynt may look like this:
--layout: post.html
title: Report from the FOSSa 2010 Conference
tags: [Free Software, Open Source, France]

Never miss another issue Subscribe to the #1 source for Linux on page 32.
82 LXF180 February 2014


Static websites Tutorial

The first line tells Mynt to insert this specific article into
the template file _templates/post.html. The title and tags
labels should be self-explicative. Just remember that tags are
case sensitive and must go inside square brackets exactly as
shown above, otherwise Mynt will abort with very cryptic
error messages!
The actual text of a post, which goes right below the
frontmatter, must follow the Markdown formatting syntax.
Like YAML, this is much easier to learn than it may seem from
its name. As a practical example, here is the Markdown
formatted source of the part of HTML page generated by
Mynt and shown in Fig 5:
The [fOSSa 2010](http://fossa2010.inrialpes.fr) conference in
Grenoble did a good job to prove (since its still sorely
needed, see conclusions below) that Free/Open Source
Software (FOSS) isnt some unreliable toy for amateurs.
# FOSS for the Software and Web Industry #
I have already described in other articles the [lessons that
ALL managers could have learned at fOSSa](http://stop.
See what I meant? The tags defined in the frontmatter
show up right after the post date, while the strings inside the
paired square and round parentheses become hyperlinks.
Headers are enclosed by pound signs and so on. To learn
Markdown syntax, read the easy official guide at

Generate your site

By now we should have a working configuration, proper
templates and CSS stylesheets, and a few raw articles in the
_posts directory. Its time to tell Mynt to generate a complete
static website with all this stuff, so lets type:
[marco@polaris]$ mynt gen mynt_demo mysite
>> Parsing
>> Processing
>> Rendering
>> Generating
Completed in 0.659s
If the mysite folder already exists you must add the -c or
-f flags to either delete or empty it, but thats it! Mysite now
contains a home page, an RSS feed and a few folders, namely
one for assets, one for archives listings and one per year:

Fig 3. A few edits to the configuration file, and our static

site gets its own identity.

[marco@polaris]$ ls mysite
At this point, all thats left to make the whole static website
available to the internet is to upload of all the content of
mysite to the right folder on your HTTP server. In practice,
this step is usually handled with rsync or similar automatic
synchronisation utilities.

Mynt extras
What you have read so far is enough to let you put a site
online that will be good looking, very fast and much safer
from crackers than anything running off any CMS software.
However, we want to cover a few more things that will make
your Mynt based web publishing more productive.
Besides init and gen, the Mynt executable has two other
modes of operation, called Serve and Watch. The former
starts a local HTTP server that lets you test the HTML pages
before uploading them, by pointing your browser at
http://localhost:8080. In the latter watch mode, Mynt will
run in the background and update the content of mysite
whenever you change something inside mynt_demo.
Another thing to know is that you can put as many drafts
as you want in the Mynt folders; as long as their names begin
with underscores or periods, Mynt will ignore them.
Last but not least, internal links. If you put a string like this
in your posts:
{{ get_asset(my_portrait.png) }}
it will insert the correct, absolute URL of your portrait, which
you put in the _assets directory, in the HTML version of that
post. get_url() does the same job for URLs of other posts.
As you have seen, using Mynt or any other static site
generator means working with plain text files. There are no
obscure settings, database optimisation issues and similar
annoyances here. Therefore, dont be afraid to play with
templates and configuration! Back up all your files before any
important changes, and it will be very easy to repair any
mistake or unwanted change you may have made! LXF


Fig 4. Replace
the default CSS
stylesheet with
one of the many
freely available
online, or make
your own: thats
all it takes to
change the look
of your site!

Start Mynt in Serve
mode to have a
complete copy
of your website
available for testing
in your computer.

February 2014 LXF180 83



Scratch: and go
Les Pounder runs through the basics of Scratch for those itching
to code or looking for ways to teach others to code.
Les Pounder
enjoys tinkering
with lots of new
languages and
gadgets and finds
jQuery great fun.

Scratch uses a
three-cloumn UI
from left to right:
Block Palette,
Script Area and
The Stage

ow did you learn to program? Typically, we think of a

person sitting in front of a glowing screen fingers
slowly typing in magic words that, initially, mean
nothing to the typist. And in the early days of coding that was
the typical scene with enthusiasts leaning by rote, typing in
reams of code printed in magazines.
In this modern era where children are now encouraged to
learn coding concepts as part of their primary school
education, we see new tools being used to introduce coding
to a younger generation and the most popular tool is the
subject of this very tutorial.
Scratch, created by MIT, is a visual programming
environment that promotes the use of coloured blocks over
chunks of code. Each set of blocks provides different
functionality and introduces the concepts of coding in a
gentle and fun way. Children as young as six are able to use
Scratch and its now being heavily used in the UK as part of
the curriculum for key stages 1 to 3 (6- to 14-years-old) and
as part of the Code Club scheme of work.
For the purpose of this tutorial, we are using the current
stable version of Scratch, which at the time of writing is 1.4.
Version 2 of Scratch is available as a beta and reports suggest
that its very stable to use, but there are a number of

Fig 1.0 The logic for

our LXF logo sprite.

Fig 1.2 This is the code

that clears effects.

differences between the locations of blocks when comparing

version 1.4 to version 2.
As mentioned, Scratch uses a block-based system to
teach users how different functions work in a program. This
can be broken down into the following groups and colours:
Motion (Dark Blue) This enables you to move and control
sprites in your game.
Control (Orange) These blocks contains the logic to control
your program (loops and statements) and the events needed
to trigger actions, such as pressing a key. In Scratch 2.0 the
events stored in Control have their own group called Events.
Looks (Purple) These blocks can alter the colour, size or
costume of a sprite and introduce interactive elements such
as speech bubbles.
Sensing (Light Blue) For sensing handles the general input
needed for your program, for example, keystrokes, sprite
collision detection and position of sprite on the screen.
Sound (Light Purple) Adds music and sound effects to
your program.
Operators (Green) This enables you to use mathematical
logic in your program, such as Booleans, conditionals and
random numbers.
Pen (Dark Green) This is for drawing on the screen in
much the same way that logo or turtle enable you to do so.
Variables (Dark Orange) Creates and manipulates
containers that can store data in your program.
By breaking the language down into colour coded blocks
Scratch enables anyone to quickly identify the block they

Scratch online
Scratch is available across many platforms. It
comes pre-loaded on every Raspberry Pi
running Raspbian and is available for download
from http://scratch.mit.edu. But did you know
that there is an online version that provides all of
the functionality present in the desktop version,
but requires no installation or download? Head
over to the MIT website (above) and youll be

84 LXF180 February 2014

greeted with the same interface and blocks of

code, but with a few subtle differences. This is
the latest version of Scratch and you can save all
of your work in the cloud ready to be used on
any PC you come across. If you wish to use the
code built online on a PC that does not have an
internet connection. Then you can download
your project and run it offline.

You can also download the latest version of

Scratch from their website. This latest version is
still in beta but reports show that it is very stable
and ready for use. Scratch 2.0 uses Adobe Air
and is available across all platforms including
Linux. Adobe dropped support for Air on Linux a
few years ago but you can still download the
packages necessary for Scratch 2.0 to work.



need. Children typically work
via the colour coding system at
first and then through the
natural process of playing they
understand the link between
each of the blocks and how
they work together.

The environment
Scratch uses a clear and
structured layout, which is
divided into three columns.
The first column is:
Block Palette
This is where our blocks of
code are stored and sorted by
their function.
Fig 1.1 The code used
Script Area In the second
for Matt to receive
column is an area, where you
can drag our blocks of code
from the Block Palette to add code to our program.
The Stage The third and final column shows the results of
your programming and can be used to interact with the game
world. At the bottom of this column you will also find the very
handy Sprites Pane. This shows the sprites and assets that
belong to your particular program. Clicking on a sprite will
change the focus to that sprite, enabling you to write code for
that sprite only.

Building our game

To write code with Scratch, we need to move blocks of code
from the Block Palette to the Script Area for each sprite or
background that we want to use in our program.
For this tutorial, we are going to make a quiz game, using
Matt and Neil as our quiz masters. The purpose of the game
is to score more than 3 points and you must answer the
question correctly to progress to the next round. If you
receive three wrong answers in the game, then its game over.
Each of our sprites has their own scripts assigned to run once
an event triggers it. An event is typically clicking on the green
flag to start the game but it can be as complex as listening for
a trigger from another sprite.
Weve given our four games sprites names: Neil is Sprite6,
Matt is Sprite7, the LXF Logo is Sprite5 and the Game Over
image is Sprite8. Each of these sprites has their own scripts
associated with them, so lets look at what they each do;
starting with the LXF Logo. I wanted this logo to appear right
at the start of the game, but not be visible straight away, so
my logic was as follows:
When Green Flag clicked.
Wait for 2 seconds.
Double in size.
Loop 10 times and each time reduce size by 15%
You can see this as Scratch presents it visually in Fig 1.0.
Now lets look at the logic for Matts sprite. Matt has five
sections of code that react to something called a broadcast
which is basically a way to chain trigger events between
sprites in the program (you can find broadcast under control)
So we have a number of actions to perform once we receive
these broadcasts from Neil and the Stage.
player_name The Stage sends a broadcast once the player
has entered their name.
support Neil sends a broadcast to Matt once the player has

answered a question correctly.

insult Neil sends a broadcast to
Matt to taunt the player.
Score Neil sends a broadcast to
Matt triggering Matt to tell the
player their score.
game_over Neil sends Matt
a broadcast to trigger the end of
Fig 1.3 This resets Neils sprite and the
guesses variable.
the game.
As we can see (Fig 1.1, left)
for each of these broadcasts
Matt is triggered to run a certain
sequence of code. Matt also has
a script thats run in the event of
clicking on the green flag. Fig 1.2
(see left, p84) shows the code
that clears any special effects
used on his sprite.
Lets move on to Neil. This
sprite has a lot more code than
Matt. This is because hes the
main part of our game.
First, theres the Green Flag
event. What this does is triggers
Neils sprite to reset any special
effects that may be in use and
then stores 0 in the variable
called guesses (see Fig 1.3,
above right).
Fig 1.4 Part 1 of the main game code.
The second part, is the loop
that controls our game. This large
loop is triggered once we receive the name of the player,
which is handled via the code associated with The Stage,
which we will come to later.
Ive broken Matts main loop into three parts. At the start
of the game, theres a section of code associated with The
Stage that asks for the players name. It then stores that as a
variable called Answer, which is stored in the Sensing
Right-clicking on
category of blocks. Once the user enters their name, the
a block of code
is a quick way to
script associated to the stage sends a broadcast called
duplicate or delete
player_name. Neils code is waiting to receive this broadcast
your code.
as a trigger event. Once the code is triggered Neil will say
hello to the player by their name, using the Answer variable.
Once we have the formalities out of the way, we move on
to the main loop that controls the first question. We wrap the
question in a loop that will repeat until the correct answer is
given, which is repeat until answer = ubuntu.
We then ask the question and run another loop inside of
the main loop (see Fig.5, below). This second loop is an if
statement which uses a condition to perform a certain
sequence of code if a condition is true, or if it is false it will run
the code associated with else. In the case of the answer being


Fig 1.5 The

second loop of
Neils code inside
the main loop.


February 2014 LXF180 85



Blocks that can be
linked together will
have a white halo
indicating they can
be connected.

Fig 1.6 The last

part of the main
code associated
with Neil.

correct, Neil will say that the answer is correct, play a sound
to reward the player then alter the variable score by 1 point
and, finally, broadcast support to Matt who will say something
nice. If the player provides an incorrect answer then Neil will
say Incorrect play a gong sound effect and then increment
the guesses variable by 1 and then send a broadcast to Matt
who will taunt the player.
Part two of the code is exactly the same as the main loop
of part one and the reason why is because we duplicated the
code and changed the question and expected answer.
To duplicate code in Scratch you can simply right click on the
blocks of code and select duplicate, hey presto you have
doubled your code in just one click.
The first section of the third part is exactly the same as
the main loop from the previous two parts. So lets move
down to the last four blocks of code (see Fig 1.6, below).
Our first block is a broadcast score to Matt, this will trigger
Matt to tell us the score, we then pause for three seconds to
allow Matt to finish speaking. Then we send another
broadcast to Matt who will then run thorough the end of
game code associated with that broadcast. Lastly, we use
stop all to stop any scripts in the game.
The Green Flag event is the code that controls the number
of guesses that the player has. We use conditional logic to say
that when the number of guesses is equal to 3 then we

Fig 1.7 The Stage contains the sprites but can also have
its own scripts.

broadcast game_over to Matt, which, in turn, triggers the end

of game script.
The Game Over sprite has two scripts associated with it.
The first is simply when the green flag is clicked to hide the
sprite. The second script is triggered when the game_over
broadcast is sent. It triggers the sprite to reveal itself and set
its size to 100%. We then use a loop that will repeat 10 times
to change the size and rotation of the sprite, giving us a
rotating zooming effect just like what youd see in the classic
8-bit games of the 1980s.

The Stage
As well as being the home of our sprites, The Stage can also
contain its own scripts (see Fig 1.7, above). For our game we
have two sections of code on The Stage. Both sections of
code are triggered by the click on Green Flag event. The first
part resets two variables called guesses and score. We then
ask the player to provide their name, which is then broadcast
to Matt and Neil and starts the main code loop assigned
to Neil. The second section of code is an infinite loop that
will play the loop DrumMachine continuously and set its
volume to 50%.
As I mentioned earlier on, variables are a great way to
store data. But before we can use one we need to create it.
To create a variable we need to use the Variables button from
the Block Palette. In there you will find the make a variable
button, click on it and you will see Fig 1.9 (see right, p87).
In our game we used two variables, score and guesses
and we want them both to be available for all sprites, so that
Matt and Neil can use them both. Once created, we can easily

Programming concepts
Using Scratch is great fun but did you realise
that you are also learning to code? No matter
what language you use, the underlying concepts
of coding provide a firm foundation. And once
learnt they can be applied to any coding project.
The main concepts are:
Sequences: A series of tasks required to be
completed in a certain order. For example the
steps needed to solve a maze.
Loops: A way to repeat a sequence. They can
be run forever (while true) or controlled using a
for statement (for x in range(0,3)). We have
used many loops to control the players progress
in our game.

86 LXF180 February 2014

Parrallelism: This is the principle of running

more than one sequence of code at the same
time. Weve used that a lot in our Scratch game
as each sprite has its own code that runs in
parallel to each other.
Events: This is a trigger that starts a sequence
of code and the most visible event in our
Scratch game is clicking on the green flag to
start the game.
Data: We use a variable to store the value of
our score and we can later retrieve and
manipulate the score to show the players
progress through the game.
Operators: These are the basic mathematical

rules that we all learn in school. We can apply

operators to text and numbers, which enables
us to perform calculations in our code and
iterate data if required.
Conditionals: These form the basis of our
logic and provide a method for us to compare
data against the input that is given by the player.
We have used conditionals in our game to
compare the answer given to the expected
answer. If they both matched, which in Boolean
logic would be classed as True, the player would
be awarded a point. If they did not match, which
would be defined as False, the player would have
to try again.



drop these variables into our code enabling us to reuse their
value many times in the game, see Fig 1.8 below for the
example that we made for our game.

Pseudo code
When trying to understand the logic of my game we like to
write pseudo code. Pseudo what? we hear you say. This is
when you write down the logic of how your program will work.
Lets look at a simple example:
a has the value of 0
while a is less than 10:
print on the screen the value of a
increment a by 1
So we have our psuedo code, but how do I express this in
a programming language? First, lets do this with Scratch
followed by Python. In Scratch our code will look like this.
[When Green Flag is clicked]
Set variable a to 0
forever if a < 10
say a for 2 secs
change a by 1
This will give the variable a the value of 0. We then create a
conditional loop that will only loop while a is less than 10.
Inside the loop we ask Scratch to print the value of a for 2
seconds, then increment the value of a by 1. This loop will
continue until we reach a = 9 and then it will stop as the next
value, 10 is not less than 10.

In Python our code looks like this

while a < 10:
print a
So why did we include that piece of Python code in a
Scratch tutorial? It simply illustrates that there isnt a lot of
difference in the logic between the two languages and that
Scratch can be used to help understand the logic that powers
many applications. In both Scratch and Python we create a
variable called a and set its value to be 0, from there we
create a loop that will continue to iterate round until it reaches
9 (which is less than 10). Every time we go round the loop, we
iterate a by 1, allowing us to count the number of times that
we have been around the loop.

Testing our game

Fig 1.8 As you can see, there are two variables in our
game: guesses and score.

Weve done it! Weve made a game. So now lets play our
game. The flow of the game should be as follows:
Click on green flag.
You will be asked for your name.
Matt says hello and Neil says hello and your name.
They both welcome you to the quiz.
Matt prompts Neil to ask the first question.
Neil asks a question.
A box will appear for you to type your answer.
If answer correct, then Neil will say so, Matt will also say
something nice.
Your score will increase by one.
Else if your answer is wrong, you will be taunted by Matt
and the number of guesses will increase by 1, leaving you
with only 2 guesses left. You will then have another chance
to answer the question.
If you guess correctly, you will move on to the next question,
and this will happen twice as there are 3 questions.
If you answer all the questions correctly, Matt will tell you
your final score and then say Game Over.
The Game Over sprite will appear on screen and all of the
scripts in the game will be turned off.
If the number of guesses made reaches 3 at any point in the
game, then the game will automatically skip to the Game
Over screen.
But this is just the start of our adventures with what you
can do with Scratch. In our next issue we will be using Scratch
to control electronics via everyones favourite hackable
computer the Raspberry Pi. We hope youve enjoyed learning
Scratch; its a great tool to understand coding but its also
great fun to learn. LXF


Fig 1.9 Hit the

Make a Variable
button to create
a variable.

You can share your
projects online
across many
platforms via

February 2014 LXF180 87



Squeak: An intro
Squeak, a free version of Smalltalk with its own VM, is highly
portable, very object-oriented and provides an interestingly
different coding environment for Juliet Kemp this month.
Juliet Kemp
was thrown by all
the graphics at
first, but was won
over by the ease
of producing
working code.

queak is an open-source implementation of Smalltalk,

a language thats itself over 35 years old, and arguably
the first truly object-oriented language. Everything in
Smalltalk is an object and everything is done by sending
messages to objects. Squeak provides a highly self-reflective
development environment: everything in your Squeak project
is also written in Smalltalk, and can be examined, including
graphics objects and the Squeak VM itself. Its particularly
used in educational contexts, although it also shows up in
many other projects. Read on to try it out with an
implementation of a short game.

Getting started

and Transcript
with that allimportant
first program.

You can install Squeak either via your packaging system

(squeak-vm on Debian/Ubuntu), or as a single ZIP file from
the website. If you download via your packaging system,
youll also have to download a Squeak image from the Squeak
website. Alternatively, if you use the ZIP website download,
just unzip the SH file, cd into the unzipped directory and type
When you fire up Squeak, you get a big window with lots of
little windows containing some basic Squeak info. The first
thing to do is to create a new project. Choose Projects > New
Project > New MorphicProject and youll get a new project,
which is a Squeak window with all its sub-windows and
various tabs dotted around the edges (See The Squeak
Environment, p89 for a run-down on the various parts of a
Squeak project window).
Although Smalltalk does include an option for MVC
projects (the MVC toolkit from Smalltalk-80), the MVC-alone

88 LXF180 February 2014

part has a rather out-of-date look, and is not really maintained

any more. Morphic does all the same stuff with more on top,
and looks better too, so its best just to go ahead and use that.
Morphic is also available in other languages (eg Self), and is
designed to be good for creating GUIs.
To get started with some actual code, click on the project
window background, and youll get a World menu. Choose
Workspace from this to get a workspace window (where youll
create the code) and Transcript to get a transcript window
(where code results and errors will be output). Alternatively,
you can click on the Tools tab at the far right, and drag a
Workspace and Transcript window out from there.
In the Workspace window, type:
Transcript show: Hello World.
You must use single, not double, quotes. (Double quotes in
Squeak denote comments, and you need one at each end of
a comment.) Select, right-click and choose Do It to run it, and
youll see Hello World appear in the transcript window.
The full stop at the end, which concludes a code statement,
isnt necessary with a single line, but it is with multi-line code
so you might as well use it straight away.
Alternatively, theres an even quicker option: type this into
the Workspace:
Hello World
Then highlight it, right-click, and choose print. Hello World
will appear directly in the Workspace print also acts as an
evaluator. Try typing in a mathematical expression, e.g. 65*30,
highlight and print, to see the result appear in the Workspace.

Squeak grammar
Being able to evaluate little snippets of code can be handy,
but the Transcript show line demonstrates Squeak grammar
a bit better. Squeak is an entirely object-oriented language;
everything in Squeak is an object. So the basic Squeak code
sentence is: object message.. Here, Transcript is the object
(the Transcript window), and show: Hello World is the
message. Specifically, the message in this case consists of a
method (show) and an argument, but the details will vary
depending on what youre doing.
Since Squeak is so good at graphics, we can also easily
create a Hello World button:
button := SimpleButtonMorph new.
button color: Color green.
button label: Say hello.
button addMouseUpActionWith: Transcript show: Hello
World ..
button openInWorld.
This creates a new SimpleButtonMorph object, button,
colours it green, and assigns it a label. The button called
addMouseUpActionWith does roughly what it says: adds an
action to perform when a MouseUp is detected (ie after a
user has finished clicking on the button, which is the norm for




Adding the
first class. Note
the red warning
message at
the bottom
I havent added
a comment yet.
(Bad coder, no

click actions). The action is our Transcript line from earlier.

However, this time the string needs double quotes (but these
are two single quotes, *not* a double quote character).
Finally, openInWorld shows the button in the Squeak World ie
within the Squeak window.
Select the code and do it and youll see the button appear.
You could also get the button to change its label:
button addMouseUpActionWith: self label: Hello World! ..

Writing a program
Lets head on to something a bit more substantial. Were
going to write a little program to play Tic-Tac-Toe (aka
noughts and crosses). Well create a 3x3 game board, which
will add a 0 or an X when you click on it. There will be a class
for the board, and a class for the cells, so well find out how
Squeak uses classes.
First, create a new Squeak project so you have a clean
area to work with. Now, were going to add a class category,
to store our classes in. Go to Tools > System Browser, and
youll see a browser which shows you all the Squeak classes.
Right-click on the left-hand pane, which shows all the
categories, and choose Add item. Give it the name Tic-TacToe, and hit Accept. Youll see the new category appear in the
list, though it doesnt have any members yet.
What it does have is a template in the bottom pane, which
is the class editing pane. This template is for a method which
sends a subclass message to the Object class, with the
parameter #NameOfSubclass so the Object class will
create a new subclass of itself, with the specified name. (You
could also describe this as calling the subclass method of the
Object class; but in Smalltalk we talk about objects and
messages, not methods.)
Well edit this to create our game cell class. Edit it to look
like this:
SimpleButtonMorph subclass: #TTTCell
instanceVariableNames: mouseAction
category: Tic-Tac-Toe
So now instead of creating a subclass of Object, were
creating a subclass of SimpleButtonMorph (a basic clickable
button) called TTTCell. Were also adding a mouseAction
instance variable (a variable which exists in each instance of
the class) to the class, so we can act on the cell depending on
what the mouse does.
To save these changes, right-click and click Accept. Youll

see a red message pop up at the bottom warning you that

theres no comment on the class. To add a brief comment,
click on the ? button between the instance and class buttons
in the System Browser pane, write a comment, and choose
Accept again.
Next, we can write some actual methods. The first one we
want is an initialise method, which sets up a new blank cell.
Select TTTCell in the class list, then all in the protocols list
next to it. Youll get a template method in the editing pane
below. Replace that with this code:
super initialize.
self label: .
self borderWidth: 5.
self width: 50.
self height: 50.
color := Color paleBlue.
self useSquareCorners.
This method starts out by calling the superclass initialize
method, which will set any sensible defaults that the
superclass has. We then set the cell label (to the empty string
again, thats two single quotes, not a double quote), its
border, size, colour, and so on. Most of this is fairly selfexplanatory. Effectively, each line is a message sent to the
objects self.
You can try this out for yourself by opening a Workspace
and entering this:
t := TTTCell new.
t openInWorld.

Squeak is the
and the
and Smalltalk
is the language,
although theres
some overlap in
customary usage,
which youll notice
is reflected in the
rest of the tutorial.

The Squeak environment

If youre used to command-line programming and a
standard editor, this is all going to look a bit unusual.
(Which is to say: it baffled me for a bit.)
First, a note on mice. Squeak assumes that you
have three mouse buttons. As not all mice do, how
the menus are mapped varies between systems.
The left mouse button is consistently used for
selecting things, the right mouse button will usually
bring up an options menu, and middle button (or
alt-left, or ctrl-left) will bring up the halo of buttons
around an object. However, these last two (also
referred to as yellow and blue) are sometimes
swapped; so experiment to work out which is which
with your install.
When you open a Squeak project, there are
several tabs around the screen. Objects gives you

objects (like buttons and arrows) that you can drag

into the screen; Tools gives you useful objects;
Widgets and Supplies are further useful subsets of
Objects. Any of them can be dragged onto the
screen to instantiate them. You can then middleclick or right-click to bring up various options.
Right-click and inspect or explore will show you
information about an object, with a code window at
the bottom where you can try out code. This tutorial
will focus on coding using the System Browser,
which enables you to add classes and code in a way
that will be familiar if you have any other coding
experience; but its possible to do a lot using the
Morphic graphics system. ( See the Squeak for
Kids! on p91) Its certainly worth playing around with
it a bit to see what you can do with it.


The green button has just been

resized with the yellow button in the
halo; and the Objects box is ready to
provide objects.

February 2014 LXF180 89



Highlight it and choose Do It to generate a new cell.

You could also just type TTTCell new, choose Inspect It, then
type self openInWorld. in the pane at the bottom of the
inspection window, then choose Do It on that. The inspection
window also allows you to check out various other aspects of
the object, so its good to play around with it a bit.

Game board

You can use the
System Browser
to examine any of
the Squeak classes.
Right-click and
choose find on
the top left window
to search for a
class, and use the
? button to see its

The TTTCell
is up in the top
left corner. You
can also see its
inspector further
down, and the
System Browser
behind that.

Our cell doesnt do anything yet, but well leave it for now and
move onto the game board. To create our game board class,
click on the Tic-Tac-Toe class category again, and youll get
another of those subclass templates. This time, edit it to look
like this:
BorderedMorph subclass: #TTTBoard
category: Tic-Tac-Toe
A BorderedMorph is just that, a morph (graphics object)
which has a border. Accept this method, then create an
initialise method:
| singleCell width height n |
super initialize.
n := self cellsPerSide.
singleCell := TTTCell new.
width := singleCell width.
height := singleCell height.
self bounds: (10@10 extent: ((width*n) @(height*n)) + (2 *
self borderWidth)).
cellGrid := Matrix new: n tabulate: [ :i :j | self newCellAt: i at:
j ].
This time, when you choose accept, Squeak will complain.
The first thing it complains about is cellsPerSide; confirm
that and we will write it in a moment. The second thing is
cellGrid; choose Declare Instance for this, as it will be an
instance variable. Finally, newCellAt again, confirm this and
well write it shortly.
The first line of this method declares four temporary
variables. Its good practice to declare variables that only exist
within a method as temporary, to avoid cluttering up the
Squeak project with unnecessary global variables, and reduce
the likelihood of accidentally overwriting variables.

Saving and quitting

There seem to be several different save options, but I could
only make one of them work. If you click Projects > Save
Project, it seemed in all my trials to hang. Clicking the Squeak
tab and Save, or the Squeak menu and Save, or the Squeak
menu, Quit, and answering Yes to save, all seemed to work
fine; when I reopened Squeak, my code was still there.
You can also save your project as a specific image, but the
squeak.sh script has the startup image hard-coded, so youll
need to edit that, write your own script, or use this code to
start Squeak:
exec Contents/Linux-i686/bin/squeak my.image
If you do lose some code, it should all be saved under
Recover Changes when you start up again, as Squeak logs
everything as it goes along. Go to Extras > Recover Changes,
highlight the changes you want, then right-click and choose
filein selections.

We then define all of these temporary variables. We set the

bounds of the gameboard (this looks long but just works out
the expected size of the board based on cell size). Finally, we
create a matrix of cells with the correct number of cells.
The most complicated line, though, is that final one.
cellGrid (which, remember, weve now defined as an instance
variable, so its accessible throughout the class) is where we
will store the grid of cells. We generate this with
Matrix>>new:tabulate:. This is the new method of the
Matrix class. The Class>>method notation is used when
talking about Squeak code, although you dont use it in the
code itself. Whats that tabulate doing there, though?
In Squeak, you know how many arguments a method takes
by how many colons it has in its name. Here, two colons mean
two arguments. The first one gives the rows and columns of
the Matrix, and the second specifies what object is at each
(i, j)th position of the matrix. This last uses the newCellAt
message, so each (i, j)th cell consists of whatever is returned
by newCellAt: i at: j.
(With thanks to the authors of the excellent Squeak By
Example for parts of this and a couple of other methods used
in this tutorial.)

More methods
All of that means that we need some more methods. Click the
class name and youll get another method template. We have
two methods to write:
Number of cells on each side of the board
newCellAt: i at: j
Create a cell at position i,j and add it to the screen
| cell origin |
cell := TTTCell new.
origin := self innerBounds origin.
self addMorph: cell.
cell position: i - 1 * cell width @ (j - 1 * cell height) + origin.
mouseAction: [self playMove: i at: j].
cellsPerSide just returns 3 (the ^ operator means return
this value). newCellAt does what it says in the comment.
It creates a new TTTCell, and defines origin, which is the
origin of the TTTBoards inside boundary. (If you think of the
board as a grid, this is the top left inner corner. This method is

90 LXF180 February 2014



inherited from the superclass BoundedMorph. We then
calculate and set the cells position by working out how far
across the board it is and adding that to the origin to place it
on the Squeak window.
The important part is the next-to-last line. This sets what
the cell should do in response to a mouse action; apply the
TTTBoard>>playMove:at: method. This is the basic game
logic, and well write it in a moment. Finally, we return the
newly created cell.
We now have even more methods to write to make all of
this work. TTTBoard>>playMove:at: is the next one:
playMove: i at: j
(cellGrid at: i at: j)
move: player.
self switchPlayer.
If you accept that, though, Squeak will complain that it
doesnt know about player. Add it as an instance, and well
handle it in a moment; switchPlayer just confirm, and well
write that method shortly too. cellGrid is a matrix, so inherits
matrix methods; specifically the at:at: method to identify a
particular cell in the matrix. Having got that cell, we apply the
move method, with the player argument; then switch player.
Next we need player to hold a value showing which player
is currently having their turn, X or O. X always starts, so we
just add a line to initialize:
super initialize.
player := x.
rest as before
We also need switchPlayer:
player = x
ifTrue: [player := o]
ifFalse: [player := x]
The first line is evaluated to either true or false (Boolean
value). If it is true, the ifTrue line is executed, and player is set
to O (it is Os turn now). If false, it is set to X. Note that this
doesnt do any error checking for you, which means you
might want to add something to check that it hasnt been set
to anything strange.
Thats all for the TTTBoard class. However, we still have a
couple of TTTCell methods to write and to handle the mouse
click events.

Mouse actions
Back to TTTCell, to handle mouse actions and that move
mouseAction: aBlock
^ mouseAction := aBlock.
mouseUp: anEvent
mouseAction value.
The mouseAction: method is what is called on the cell
when it is clicked, from the TTTBoard>>newCellAt:at:
method. Its also an instance variable, if you look back at the
code used to set up the TTTCell class. The mouseAction:
method, then, is just a setter method: and it sets the instance
variable mouseAction to the argument passed in. It then
returns it. So a Smalltalk setter method is variable:, and the
getter method is variable (note: it doesnt have a colon),
rather than setVariable and getVariable as in other
languages. These methods are called accessor methods and
should be placed in the accessing protocol when you are
categorising your methods.
mouseUp: defines what happens when a mouseUp event
is detected by the user interface. Here, we send the message

value to mouseAction. This method was set, in

TTTBoard>>newCellAt:at:, as [self playMove: i at: j] (that
is, TTTBoard>>playMove: i at: j). The value message tells
Squeak to evaluate that expression, so that playMove:at: will
be executed.
TTTBoard>>playMove calls TTTCell>>move, so thats
the final method we need to write:
move: player
self label: player.
self height: 50.
self width: 50.
This sets the player argument as the cells label. It then
resizes the cell, since setting the label resizes the cell to the
size of the label, which we dont want. For more portability
and better maintenance, it would be good to have height and
width as instance variables.
The game is finished! Now run it and see what happens.
As ever, theres plenty more you could do to improve this
game, so get stuck in and see what else you can do. Squeak
was a little bit of a departure for me, as its heavily graphicsoriented and my inclination is towards the command line. But
its a great language and a great environment once you get
the hang of it. It could also be interesting to try using more of
the drag-and-drop graphics widgets to construct code. If
youd like to investigate further, Squeak By Example is a great
book providing a thorough introduction to Squeak, and is
available free online. LXF

The game in
action! You can
select it and get
the halo around
it to move/
inspect/etc. You
can also see the
System Browser
with some code

To arrange your
method neatly, you
can right-click, click
more, then click
prettyprint. You can
also shift-right-click
to get straight to
the more menu.

Squeak... For kids!

One appealing aspect of Squeak is that
its very accessible for kids. Even kids
who arent yet ready to try coding with
Smalltalk can draw on the Squeak
surface and drag widgets and scripted
commands around.
This sort of coding allows scripts to
be created and joined without the user
having to type, which gives young
children more freedom to begin
experimenting with programming.


If youre interested in this, the Etoys

system (www.squeakland.org), which is
aimed specifically at children and used
heavily in the One Laptop Per Child
project, is part of Squeak. A similar
option, based on Squeak/Smalltalk and
developed by MIT, Scratch, which can be
used online. Squeak, Etoys, and Scratch
all provide a great opportunity for kids to
start hacking on software, not just
consuming it.

February 2014 LXF180 91


Got a question about open source? Whatever your level, email it to lxf.answers@futurenet.co.uk for a solution.

This month we
answer questions on:
1 Ubuntu One
2 Removing
duplicate files
3 Canon printer

4 PinguyOS
5 MEI module
Seeking a
recovery ISO

Ubuntu 1, User 0

Every time I boot up, I get the popup trying to entice me to sign up
for Ubuntu One. I have ignored it for
a while but I am becoming annoyed by it.
Can you please tell me how to eradicate it?
From the forums
If you want to completely remove it
from your system, use the following
terminal commands:
killall ubuntuone-login ubuntuone-preferences

Ubuntu really want you to sign up for Ubuntu One, but it is possible to stop them asking you.

This kills all running Ubuntu One processes,

which is necessary before you run the following
steps to remove its files, otherwise it may
recreate them when it exits.
sudo rm -rf ~/.local/share/ubuntuone
rm -rf ~/.cache/ubuntuone

Enter our competition


if ($letter == winner)
get $books
Get your questions answered and exploit our generosity.
Linux Format is the
biggest and best
magazine about Linux
1 for Free Software
and free software.
We did a rough word count of LXF173 and it
contained 67,659 words. About as much as
Heart of Darkness and Animal Farm
combined, but with considerably more
Linux, coding and free software!
Thats many more than our competitors,
and thats how we know that were the biggest.
As for the best, well thats a subjective claim,
but its one were happy to stand by.

92 LXF180 February 2014

Because were nice chaps as well as

Linux gurus, and because our offices have
very little storage space, were giving one
lucky reader each issue the chance to win
some of the books that get sent to us for
review. Theyre mostly reference books
that will give your shelves an air of
computational gravitas. For a chance to
win, email your question to lxf.answers@
futurenet.co.uk, or post it to www.
linuxformat.com/forums to seek help
from our lively community of readers.
See page 94 for our star question.

rm -rf ~/.config/ubuntuone
mv ~/Ubuntu\ One/ ~/UbuntuOne_old/
The last line moves your Ubuntu One folder,
but if you have no content in it you could just as
easily delete it. Finally, you uninstall all Ubuntu
One packages and their configuration files with
sudo apt-get remove --purge ubuntuone-*
You may need to escape the wildcard in that
command, depending on your shell and its
configuration. It should be fine with a stock
Bash setup, but if you get an error along the
lines of could not find ubuntuone-* in your
terminal, precede the wildcard with a
backslash to stop the shell trying to interpret it.
sudo apt-get remove --purge ubuntuone-\*


I am looking for a utility to locate

and remove duplicate files.
From the forums
The program you need is called
fdupes (http://netdial.caribe.
net/~adrian2/fdupes.html). This
command compares all the files in the
directories it is given and outputs a list of files
that are duplicates of one another. It first of all
checks file sizes and then, when it finds files of
the same size, compares checksums of the
files. Getting the size of a file is instant,
calculating its checksum is not, so the scan will
take longer if you have a number of large,
equally sized files. The filenames are not
considered, only the content, which makes for
a thorough scan. The normal invocation is


Finding duplicates

Terminals and
We often give a solution as commands to type in
a terminal. While it is usually possible to do the same
with a distros graphical tools, the differences between
these mean that such solutions are very specific.
The terminal commands are more flexible and, most
importantly, can be used with all distributions.
System configuration commands often have to
be run as the superuser, often called root. There are
two main ways of doing this, depending on your distro.
Many, especially Ubuntu and its derivatives, prefix the
command with sudo, which asks for the user password
and sets up root privileges for the duration of the
command only. Other distros use su, which requires the
root password and gives full root access until you type
logout. If your distro uses su, run this once and then run
any given commands without the preceding sudo.

fdupes -r directory1 directory2 ...

The output is filenames, one per line, with a
blank line separating each group of duplicates,
something like
If no duplicates are found, it returns to a
command prompt without giving any output.
You can also have it output all copies of a file on
a single line, separated by spaces, by adding
the -1 or --sameline argument.
fileX1 fileX2
fileY1 fileY2 fileY3
Deletion is also possible, but be careful
when expecting a program to make intelligent
decisions about which version of a file should
be kept. If you add the -d or --delete option,
you will be prompted which to keep, but if you
combine this with --noprompt, the first file in
each set of duplicates will be kept and the rest
deleted. This may not give the results you

expect, as fdupes does not process files in

alphabetical order but so-called natural order
the order the files appear in on the disk, which
is more efficient but less intuitive. Alternatively,
you could redirect the output to a file and then
use something such as awk to produce a list of
files to remove, after you have checked the list.

A-verse to printing


Do people find it comical, that

Canon and Canonical, make it so
hard for us, tedious and arduous, to
work together 12.04LTS and Pixma 2550?
Tom Healy
Thank you for the poetic and clearly
heartfelt plea. I tried to reply in rhyme
but, much like your all-in-one device, it
would not scan!
Anyway, to get this printer working as a
printer, you need to install the drivers from the
Canon website at http://bit.ly/19gO7Yv
On that page, select the Software option,
pick Linux as your OS and hit Search. This will
give you several options you want the two
Debian package archives, one called MG2500
series IJ Printer Driver and one called
MG2500 series ScanGear MP Save these to
your Downloads directory then open a terminal
(Ctrl+Alt+T) and run
cd Downloads
tar xf cnijfilter-mg2500series-4.00-1-deb.tar.gz
tar xf scangearmp-mg2500series-2.20-1-deb.
to unpack the two archives. Each is unpacked
into a directory containing software packages
and an install script, so install each set of
drivers with
cd cnijfilter-mg2500series-4.00-1-deb
cd ../scangearmp-mg2500series-2.20-1-deb
The install script uses sudo to put files in


system directories, so you will be prompted for

your password. This is a very long-winded way
of installing a couple of .deb packages, after
scrolling through a lengthy licence agreement
just to be able to use the printer you paid good
money for. Canon is one of those companies
that doesnt get open source and insist on
making extra work for you and themselves by
working against the system rather than with it,
because thats the Windows way.
Once your drivers are installed, you can set
up your printer in the usual way, by going to the
Printers section of System Settings. The
scanner should be auto-detected the next time
you use a scanning application, either through
Simple Scan or the scanner options in Gimp.
Because the drivers were not installed from a
repository, they will not be covered by the
update manager, so it would be worth
bookmarking the driver download page and
checking for updates from time to time.

Silent failure

What do I do when the

recommended PinguyOS from the
coverdisc fails at the end of a clean
install on a Lenovo X61, and fails to report a
fault? Or how do I install birdfont (HotPicks
LXF175) from the download into Xubuntu
(thats what I hoped PinguyOS would provide
access to)? Simply opening the download
gives 21 files (birdfont, birdfont/export,
icons, etc). The README is
incomprehensible, instructions in type this
here mode would be appreciated.
D Heckle
It is not good to fail without showing
the error, but it is almost certainly
logged somewhere. If you press
Ctrl+Alt+F1 from the PinguyOS live desktop,
you will switch to a virtual console, already
logged in as the guest user. From here, you can

A quick reference to...

art of Linuxs safety comes from
running as a user without
administrative privileges. However,
there are times when you need those
privileges, usually for administrative
purposes, so you need to switch to the
superuser (or root). This is traditionally
done with the su (switch user) command,
but that gives full root access, allowing the
user to do anything that root could for as
long as they are logged in. It also requires
them to have the root password. Wouldnt
it be safer if users were allowed to run as
root only for the commands they need?
This is what sudo does. The configuration

file, /etc/sudoers, contains a list of

commands that each user is allowed to
execute with root privileges. Running
sudo somecommand
prompts the user for their password and
runs the command. It is the users password
that sudo needs, not the root password, you
dont need to divulge that to anyone. This,
combined with the fact that only specified
commands can be run, greatly improves
security. This is the way Ubuntu works, which
is why you dont need a root password with it,
but sudo is worth using on all distros.
A typical entry in /etc/sudoers may look
something like:
nelz ALL = PASSWD: /bin/mount,


This lets the user nelz run mount or

umount on all hosts. You can remove the
need for them to enter a password, like this
nelz ALL = NOPASSWD: /bin/mount,
Use this with care! You can define aliases
for groups of users or commands, to make
administering a complex setup more simple.
You should not edit /etc/sudoers directly,
use the visudo command, as root, to edit it.
Contrary to the name, this does not
necessarily use vi to edit the file, it uses
whatever youve set in the $EDITOR
environment variable. visudo checks the
syntax of your edits before writing them to
/etc/sudoers, saving you the shame of
getting locked out by a typo.

February 2014 LXF180 93



inspect the system log files. The error is

probably written to /var/log/syslog, so type
less /var/log/syslog
and press Shift+ g to go to the end of the file.
There, you should see the error, and once you
have that you can search for a solution. If the
error is not written to that file, try running
ls -lrt /var/log
to show all the files in /var/log in time order.
The last file shown is the most recently written
to, and should contain what you need. If the
error message is too many open files this has
been reported by a few people, but does not
affect most. There is a fix, which is included on
this months DVD. Run the script on the DVD
while in the live environment (youll need to
copy it to a USB stick unless you have more
than one DVD drive) with
sudo bash /path/to/dvd/Answers/ubiquity_aptcache_autogc.sh
The birdfont file on DVD175 contains the
source code for the program, which must be
compiled to use it. Open a terminal and type
tar xf birdfont-0.21.tar.gz
cd birdfont-0.21.tar.gz
This unpacks the archive and runs the
configure script, which checks that you have
all dependencies installed. If it complains about
a missing package, install it from your package
manager. If the package appears to be installed
already, install the corresponding -dev
package. For example, if it complains about
missing libvala and you already have libvala
installed, you also need libvala-dev. The
difference is that the first package contains the



Well, it has finally happened. I have

gone and accidentally deleted a
bunch of files from my home
account on the separate /home hard disk,
which uses ext3. So far, I have been able to
refrain from placing new files on /home.
I know that there is a utility called
extundelete, which can recover (some) files
from an ext3 partition. What I have not been
able to find so far is some sort of recovery
ISO built around this and similar tools that
can be burned to CD/DVD. Do you know of
such an ISO and from where it can be
downloaded ?
First, the bad news: you have almost
certainly written to your home
directory. Simply logging in as you
causes files to be written or updated, running a
desktop even more so. However, if you have
plenty of free space, you may still be able to

94 LXF180 February 2014

libraries or programs needed to use that

software, the -dev package contains extra files
needed only when compiling software that
uses it, which is why -dev packages are not
installed by default. You may have to repeat this
process several times, as configure reports
only the first missing package it finds; install
that and it finds the next, and so on. This is the
most reliable method, if one of the least userfriendly. Once configure has completed, run
sudo ./install
The first command builds the software, the
second installs it (which is why it needs sudo).

Kernel spam

I recently swapped to Sabayon as a

change from Fedora, which I had
been using for quite a while. An

This months winner is Stuart. Get in touch with us to claim your glittering prize!

Looking for extundelete

Behind the PinguyOS desktop is a consle

where you can see what is really going on.

issue arose that I always got in Fedora, which

was the MEI module of the kernel spamming
dmesg massively with the following error:
[ 4948.024031] mei_me 0000:00:03.0: reset:
connect/disconnect timeout.
[ 4948.024036] mei_me 0000:00:03.0:
unexpected reset: dev_state = RESETTING
In Fedora, this was an easy fix blacklist
the MEI module. In Sabayon, its a bit harder,
as the MEI component is compiled into the
kernel. I could recompile the kernel, but I
would have to do this after every update,
which at the current four-week rate is not
something I wish to do. I do have a fix that
locates the relevant part and unbinds it:
echo $(find /sys/bus/pci/drivers/mei_me/ -type
l|sed s#^.*/##) >/sys/bus/pci/drivers/mei_me/
It took a while to find this solution and, as
long as I remember to run it, it works fine
but I cant get it to run at boot on Sabayon.
A friend has told me of Cron, that allows
things to run at boot. If I could fix the error,
with a BIOS tweak or something, this would
be much better. I have a Dell Optiplex 755
machine on the latest BIOS release.
Neil Williams.
This is a known issue, usually worked
around by blacklisting the module.
However, at some point the default
kernel setting for this switched from a module
to built-in. As you have discovered, this defeats
the blacklisting approach. As you say,
recompiling the kernel is an option, in which
case you could disable the option entirely to
avoid the need to blacklist the module. This

recover most, if not all, of your files.

My favourite rescue disc is System Rescue Cd
which, as it happens, I have booted right now
on a computer with a damaged hard drive.
It does, indeed, have extundelete and you can
download it from www.sysresccd.org. If you
have Linux Format 178, you already have
System Rescue Cd it is on the cover DVD and
can be booted directly from there.
That CD also contains ext3grep, which
performs a similar task, and photorec, which is
part of the testdisk (www.cgsecurity.org/
wiki/TestDisk) suite of tools. The name
indicates photorecs history, but it is able to
recover all sorts of files.
These programs will work on an unmounted
partition or a backup copy. The latter is the
safest option, provided you have sufficient free
space on another partition or disk to store a file
the size of your /home partition. It has to hold
the size of the partition, not just the files it
contains. Make sure the /home partition is

unmounted first and then back it up with the

dd command:
dd if=/dev/sdaN of=/media/external/home.
img bs=4M
where sdaN is the partition containing
/home. Now you can remount /home and
continue to use your system while running
extundelete on the backup copy with
something like:
extundelete /media/external/home.img

Extundelete does what it says, as long as

you havent written to the drive.


may mean you need to do it on each update, at
least until the default kernel configuration is
switched back to building this as a module. It
may be fixed by the next kernel update, either
in the module setting or even the fault causing
the error messages themselves.
There are a couple of other options on
some systems you can disable the
Management Engine Interface in your BIOS.
This could be well hidden, you may need to
turn on Management Extensions first. Some
systems let you go straight to the Management
Extension BIOS by pressing Ctrl+P at boot,
skipping the standard BIOS screens.
You can also execute the command you
gave at each boot, but cron is not the correct
tool for this. Cron executes tasks at set times,
whereas you want it run once, when you boot,
which is a job for the init system. Sabayon uses
OpenRC for its init system, and this executes
any scripts in /etc/local.d that end with .start
when it boots (and .stop scripts when it shuts
down). Put that one line in a file in that
directory, say /etc/local.d/mei.start, and
make it executable to run it each time you
boot. There is a README file in /etc/local.d
that explains the process.

Reluctant printer

I use Mint 13 but will be upgrading

to 15. I have a problem setting up
my new printer, a Samsung CPL360. It was bought as Samsung say on their
website they have drivers. The installation

instructions they supply didnt work, so I had

a look on the web, and found instructions on
how to set up CUPS on the Mint forum.
I followed the instructions and came up with
an error that /usr/lib/cups/filter/
rastertospl was missing. I got that from the
Samsung site and installed. When I try to
print it does nothing and there are no error
messages. I have attached the troubleshoot
text, do you have any suggestions of what is
wrong and how to fix it?
James Mess
Looking at the install script for the
Samsung printers, it appears to install
rastertospl to the correct location. Did
you run the install script as root or with sudo?
If you did not, it would not have been able to
install the files, because a normal user does
not have permission to write to /usr/lib. Even
worse, if you ran the script by clicking on an
icon, it would not have been able to tell you
this. This is one of the drawbacks of using
proprietary drivers you are reliant on their
install system, which in this case does not
check it is being run with sufficient privileges.
To install as root, open a terminal and run:
tar xf ULD_Linux_V1.00.06.tar.gz
cd uld
sudo ./install.sh
An alternative would be to try the Splix
drivers, a set of third-party, open source drivers
for Samsung printers. Your model is not listed,
but others in the CPL-300 series are shown as
working. SPL is Samsung Printer Language, a


Help us to help you

We receive several questions each month that we are
unable to answer, because they give insufficient detail
about the problem. In order to give the best answers to
your questions, we need to know as much as possible.
If you get an error message, please tell us the
exact message and precisely what you did to invoke it.
If you have a hardware problem, let us know about the
hardware. If Linux is already running, you can use the
Hardinfo program (http://hardinfo.berlios.de) that
gives a full report on your hardware and system as an
HTML file you can send us.
Alternatively, the output from lshw is just as useful
One or both of these should be in your distros
repositories. If you are unwilling, or unable, to install
these, run the following commands in a root terminal
and attach the system.txt file to your email. This will still
be a great help in diagnosing your problem.

uname -a >system.txt
lspci >>system.txt
lspci -vv >>system.txt

common language for their printers, so if it

works for one printer in a line it ought to work
for others. Splix is in most distros repositories,
so you should be able to install it in the
standard way, either from the graphical
package manager or from a terminal, with
sudo apt-get install splix
It is not good to have two sets of drivers for
the same printer installed, so if splix does not
work, uninstall it before trying again with the
Samsung package. Incidentally, CUPS sends
its error messages to /var/log/cups/error_
log, so check there if you have problems. LXF

Frequently asked questions

Compiling a kernel
I have a kernel, why would
I want to compile a new one?
Kernels supplied with distros
contain support for a wide range of
hardware, but not everything. You
may need to add support for
something you own. Or you may
want to remove support for all the
hardware you do not have. Building
your kernel from the kernel.org
sources will usually give you a later
version, which may be important.
Where do I get kernel sources?
You can download the standard
kernel sources from www.kernel.
org, or find them on each months
coverdisc. Most distros use
patched sources, and some of
their tools can rely on these
patches. You can install a source
package to match your current
kernel using your distros usual
package management tools. Look
for a package named something

like kernel-source or linuxsources. Compatible versions are

usually available from your distros
testing repository.
Which should I use?
The sources patched for your
distro are usually best. If you want
to apply your own patches, or use
the latest kernel, it may be better
to use the kernel.org sources.
How do I compile and install a
To install from a kernel.org tarball,
download it and do the following
as root:
cd /usr/src
tar xjf /path/to/downloaded/linuxx-y-z.bz2
rm -f linux
ln -s linux-x.y.z linux
where x.y.z is the kernel version,
say 2.6.28. If you install from a
distro package, these steps should

be taken care of for you. Whichever

method you used, now do
cd /usr/src/linux
make menuconfig
to start the configuration menu.
Most options should have sensible
defaults, but if you wanted to stick
with the default, you wouldnt be
doing this. So, go through the
options and set them to your
needs. If you need a specific
option, the 2.6 kernel menus have
a search option. Press / and type a
search string; you will be shown
which options cover this and
where to set them. If you prefer a
point-and-click interface, use
make xconfig. When you have
finished, exit the menu, accept the
option to save settings, and its
time to compile and install.
How do I do that?
If you have a separate /boot
partition, make sure its mounted,
then do
make modules_install


make install
or combine the three steps as
make modules_install install
The first step compiles the kernel
and modules, the second installs
the modules, the third installs the
kernel to /boot. The kernel is also
symlinked to /boot/vmlinuz and
your previous kernel is symlinked
to /boot/vmlinuz.old. If you have
options for these two kernels in
your bootloader menu, you will
always be able to choose between
your new kernel and the previous
one, which is essential if your new
kernel fails to boot. The install
command also backs up your
kernel configuration to /boot.
Is that all there is to it?
If you use the Grub bootloader,
yes. If you use LILO, you need to
run /sbin/lilo, even though you
havent changed the name of the
kernel, because LILO uses the
position of the file on the disk, not
its name, so it would still boot the
previous kernel otherwise.

February 2014 LXF180 95

On the disc


Distros, apps, games, podcasts, miscellany and more

The best of the internet, crammed into a massive 4GB of quality DVD.


o we
have too
distros? Are all the respins of
Ubuntu really necessary? Taking a
distro, changing the desktop and
repackaging the ISO doesnt really
count as a distro. Whats wrong
with releasing a theme or metapackage that can be installed on
the base distro to give the new
appearance? A new distro should
bring something new, whether its a
package manager, set of
configuration tools or a different
philosophy to the distro from which
its derived.
Not that deriving from another
distro is inherently bad, Ubuntu has
come a long way since first starting
out as repackaged Debian Testing.
SUSE has come even further since
its original Slackware derivation.
New is good when it offers a real
choice or opportunity for
development, not so good when its
just a paint job.
Would you be more likely to try
an enhancement of whatever distro
you like, if it was supplied as a
package to be installed rather than
having to be reinstalled? Of course,
such an enhancement may not
make it onto Distrowatch or other
news pages, do we need a way for
these to be shown off
anyone? Or
are you happy
with the way
things are?


Defective discs

In the unlikely event of your Linux Format

coverdisc being in any way defective,
please visit our support site at
www.linuxformat.com/dvdsupport for
further assistance. If you would prefer to
talk to a member of our reader support
team, email us at support@futurenet.
co.uk or telephone +44 (0) 1225 822743.

96 LXF180 February 2014

Linux distribution

OpenSUSE 13.1

We have to be thankful to the kind folks at

openSUSE for timing their release to fit exactly
between Ubuntu 13.10 last month and Fedora 20
next month. This means that we can bring you a
major distro each month without them competing
for the available space on the disc. This new

release, 13.1, comes as two live disc variants, one

using KDE 4.11 and one with Gnome 3.10.
OpenSUSE is one of the few distros to still use KDE
as its main desktop. It wouldnt be fair for us to tell
you which to use, so weve supplied both, select the
one you want from the boot menu.

Linux distribution

Manjaro 0.8.8
For a while, its seemed that every new distro has
been derived from Ubuntu or Debian, but thats
beginning to change. There are an increasing
number of distros that are based on Arch Linux,
one of which is Manjaro. This new distro is available
with various desktops, but we have
included the OpenBox version (KDE
and GNOME desktop fans are
already catered for with OpenSUSE
this month).
OpenBox is a much overlooked
alternative, a window manager that
supplies a desktop even faster and
lighter than Xfce. Combined with the
fast Systemd boot provided by Arch
and this distro will be up and running
in seconds, and just as fast in
general use.

Life doesnt always go to plan, so backups are

always a good plan. Clonezilla is one of the best
full-disk backup alternatives around, and you can
run it direct from this months LXFDVD. Dont
wait too long, backup your system and files now!


New to Linux?
Start here

What is Linux? How do I install it?

Is there an equivalent of MS Ofce?
Whats this command line all about? Are you reading
this on a tablet?
How do I install software?
Open Index.html on the disc to nd out

Download your DVD from


From the magazine

Extra hot additions

Calling all Top Guns Get 20 extra FlightGear aircraft.

Tutorial code
Squeak and Scratch code and software.

And more!

We assess them, now setup your hosted sharing service.

System tools
Checkinstall Install tarballs with your
package manager.
GNU Core Utils The basic utilities that
should exist on every operating system.
Hardinfo A system benchmarking tool.
Kernel The source code to the latest
kernel release.




A very sophisticated and open

flight simulator, with several extra
aircraft for you.

Unleash your Bach inside you.

Create, play and print beautiful
sheet music.

Use on-the-fly-encrypted data

storage (just dont ask who
developed it).




RaWrite Create bootable floppy disks

in Windows.

Combing some of the best things

you loved about Quake 3 Arena
(the other one Un-something).

Get support for a wide range of

audio formats with this multiplatform graphical audio player

A 2D animation design and

authoring tool for digital artists
of all ages.

SBM An OS-independent boot manager

with an easy-to-use interface.




Clean up caches and help preserve

your privacy cheaper than a trip
to Rekall or a ticket to Mars.

The self-claimed Swiss army

knife of document markup
converters: from EPUB to XML.

A Linux client for Evernote.



The popular mind-mapping suite

written in Java.

The smart coders Python IDE

with unique code assistance.

Plop A simple boot manager to start

operating systems.

WvDial Connect to the internet with a

dial-up modem.

Reading matter
The Cathedral and the Bazaar Eric S
Raymonds classic text explaining the
advantages of open development.
Intro to Linux A beginners guide.
Linux Kernel in a Nutshell An
introduction to the kernel written by
master-hacker Greg Kroah-Hartman.


Debian Administrators Handbook An

essential guide for sysadmins.
Linux Dictionary The A-Z of everything
to do with Linux.

Stay tuned... Season 6 coming soon

New team, new podcast The new season of the TuxRadar
podcast will be launching soon. A freshly regenerated team
will be taking the reins like a gaggle of Time Lords, taking you
on a journey through all of GNU/Linux and free and open
source software.
Expect old favourites, brand new features and plenty of
surprises when the TuxRadar podcast returns. Keep an eye
on www.tuxradar.com for news on when you can expect the
new episode.

Memtest86+ Check your RAM for

faults or errors.

Dive Into Python A masterclass in this

popular language.
Bourne Shell Scripting Guide Get
started with shell scripting.


Advance Bash
Scripting Guide With
more for power users.
System Administrators
Guide The basics of
running your system.

February 2014 LXF180 97


1 for Free Software

Future Publishing Ltd, 30 Monmouth Street,

Bath BA1 2BW Tel 01225 442244
Email linuxformat@futurenet.com
21,784 January December 2012
A member of the Audited Bureau of Circulations.

Editor Neil Mohr
Deputy editor Matthew Hanson
Operations editor Chris Thornett
Art editor Efrain Hernandez-Mendoza
Editorial contributors Jono Bacon, Neil Bothwick,
Chris Brown, Marco Fioretti, Andrew Gregory,
David Hayward, Joe Jordan, Juliet Kemp, Les Pounder,
Jem Roberts, Mayank Sharma, Shashank Sharma
Art assistance Nick Aspell
Illustrations Shane Collinge, Simon Middleweek

Advertising sales director Nick Weatherall
020 7042 4155 nick.weatherall@futurenet.com
Account sales manager Ricardo Sidoli
020 7042 4124 ricardo.sidoli@futurenet.co.uk


Campaign manager Sam Book
Head of Computing Group Ian Robson
UK chief operating officer Mark Wood

LXF 18

ll be on
Tuesday ale

Next month
Raspberry Pi


Do more with your Raspberry Pi. Well show you how

you can become a Pi pro with some brilliant tips
and expert tutorials.

Free Android from Google

Do what you want with your Android device

not want Google wants you to do.


Production co-ordinator Ian Wardle
Production manager Mark Constance
Trade marketing manager Colin Hornby
Distributed by Seymour Distribution Ltd, 2 East
Poultry Avenue, London EC1A 9PT Tel 020 7429 4000
Overseas distribution by Future Publishing Ltd
Tel +44 (0)1225 442244

Licensing & syndication manager Regina Erak
regina.erak@futurenet.co.uk Tel +44 (0)1225 732359

International account manager Rebecca Hill


UK readers order line 0844 848 2852
General UK enquiries 0844 848 1602
Overseas readers +44 (0)1604 251045
Online enquiries www.myfavouritemagazines.co.uk
Email linuxformatdvd1@subscription.co.uk

Editorial director Jim Douglas
Creative director Bob Abbott
Group art editor Steve Gotobed
LINUX is a trademark of Linus Torvalds, GNU/Linux is abbreviated to Linux
throughout for brevity. All other trademarks are the property of their respective
owners. All the code printed in this magazine is licensed under the GNU GPL v3 or
later. See www.gnu.org/copyleft/gpl.html.
Copyright No part of this publication may be reproduced without written permission
from our publisher. We assume all letters sent by email, fax or post are for
publication unless otherwise stated, and reserve the right to edit contributions. All
contributions to Linux Format are submitted and accepted on the basis of nonexclusive worldwide licence to publish or license others to do so unless otherwise
agreed in advance in writing. Linux Format recognises all copyrights in this issue.
Where possible, we have acknowledged the copyright holder. Contact us if we
havent credited your copyright and we will always correct any oversight. We cannot
be held responsible for mistakes or misprints.
All DVD demos and reader submissions are supplied to us on the assumption they
can be incorporated into a future covermounted DVD, unless stated to the contrary.
Disclaimer All tips in this magazine are used at your own risk. We accept no liability
for any loss of data or damage to your computer, peripherals or software through
the use of any tips or advice.
Printed in the UK by William Gibbons.
Future Publishing Ltd 2014

The best VoIP tools

Tested: The top 5 chat tools for talking to friends

and family across the globe.

Technology, Entertainment, Music, Creative and

Sports & Auto. We export and license our publications
to 89 countries around the world.

Exploring GCC
The legacy and future of GCC: What can we
expect from the GNU Compiler Collection?
Contents of future issues subject to change we might be creating Raspberry Pi-controlled turret guns.

98 LXF180 February 2014

Future produces high-quality multimedia products

which reach our audiences online, on mobile and
in print. Future attracts over 50 million consumers to


Future plc is a public

company quoted on the
London Stock Exchange

Chief executive Mark Wood

Non-executive chairman Peter Allen
Graham Harding

We are committed to only using magazine paper which is
derived from well-managed, certified forestry and chlorine-free
manufacture. Future Publishing and its paper suppliers have
been independently certified in accordance with the rules of the
FSC (Forest Stewardship Council).