Help translate pastebinit

Posted on 2011/01/24 by Stéphane Graber

pastebinit is one of my pet projects. It’s a command line pastebin client that let you easily send any command output or file to a pastebin. It’s packaged and available in quite a few distributions.

Pastebinit started at the end of 2006 with support only for pastebin.com. Over the time, a lot of other pastebin websites have been added to end up supporting over 15 different pastebins.

I recently went through all the bugs on Launchpad, fixed most of them and I think pastebinit is now in pretty good shape. I plan on releasing version 1.2 on Friday if no major issue is found by then.

That leaves between now and Friday to have it properly translated in as many languages as possible. So please go to https://translations.launchpad.net/pastebinit and make sure your language will be included in the next release !

Posted in pastebinit, Planet Revolution-Linux, Planet Ubuntu | Tagged | 3 Comments

Sandbox changes name to become Arkose

Posted on 2011/01/09 by Stéphane Graber

Sandbox started as a quick hack I wrote at the Ubuntu Developer Summit in Orlando, FL back in October.

Since then it evolved quite a bit, getting a decent user interface and even a nautilus plugin.

Only thing that really was missing before making it an “official” project is a “real” name.
After thinking about it for a while (trust me, I’m really bad at finding names), I finally ended up browsing sand-related pages on Wikipedia and chose to go ahead with “Arkose”.

Arkose (pronounced /ˈɑrkoʊz/) is a detrital sedimentary rock, specifically a type of sandstone containing at least 25% feldspar.

Arkose

I really liked “sandbox” as a name though, but it was a bit of a pain to Google for, apt-cache was returning multiple results too and finding relevant dent/tweet was a really difficult. So instead, I’ll mostly be using “Arkose – desktop sandboxing”. The name itself being a lot less common and “desktop sandboxing” is already giving very good Google results.

I finally created a Launchpad project and moved the branch to it. I’m expecting packages to hit the archive over the next few days.

PPA is available at: https://launchpad.net/~arkose-devel/+archive/stable

Posted in Arkose, LXC, Planet Revolution-Linux, Planet Ubuntu, Sandbox | Tagged | 3 Comments

Getting ready for IPV6

Posted on 2010/12/31 by Stéphane Graber

I’ve been regularly playing with IPV6 since mid-2006 when I first opened an account at SixXS ang got my first IPV6 tunnel up and running. Sadly at that point, there wasn’t much Point of Presence for tunnels, not even mentioning the state of native IPV6 networks…

Relatively recently my dedicated server provider started offering native IPV6 connectivity in their Nuremberg-based datacenter. They offer a /64 per server which should be plenty enough for most users and allows for stateless configuration of a single network. Unfortunately in my case, I’m running OpenVZ, LXC and KVM on that box, meaning multiple distinct networks with bridging and firewalls.

As I also wanted IPV6 connectivity for my home network and would rather have a single provider for both, I started looking at the current state of tunnel brokers to end up choosing Hurricane Electric who offer free IPV6 tunnels and one /48 network per subnet which is exactly what I needed. They have Point of Presence pretty much all around the world which means very low latency IPV6 for all my networks.
They also happen to be one of the two upstream providers of the ISP we use at the office.

So I started configuring my Vyatta (Debian-based router distribution) routers to handle the IPV6 tunnel, send Router Advertisement to all my networks (radvd), relay DHCPv6 to my DHCP server and firewall incoming traffic.
That was surprisingly easy, taking only a few minutes, copy/pasting the configuration provided by the tunnel broker and setting up the firewall rules.

I then made sure all my main services are working properly with IPV6, for now that includes, DNS servers, Web servers, Mail servers and shell access. Backported Natty’s isc-dhcp-server to 10.04 LTS and moved my DHCP to using it and created a minimal configuration to get stateless DHCPv6 to announce my NTP and DNS servers.
I also updated my public DNS to include AAAA records for all services that have dual-stack support and got my registar to add IPV6 glue records to my domain.

I’ve now been running that setup for a week or so for my home network, dedicated server and office network. Running wireshark for a few hours showed that almost half of my connections are IPV6 (mostly on my own networks).

I’ve been surprised to see how well Ubuntu Natty’s NetworkManager copes with IPV6 network. In my case, it successfully noticed the “other-config” flag in the router advertisement and started dhclient to grab the DNS and NTP configuration from the DHCPv6 server.

So I now have a working environment to developer the next generation LTSP-Cluster which is supposed to have complete IPV6 support from the first release.

Let’s hope we’ll see more IPV6 deployment in 2011.
Happy new year everyone !

Posted in LTSP, LXC, Planet Revolution-Linux, Planet Ubuntu | Tagged | Leave a comment

Having fun with containers

Posted on 2010/12/12 by Stéphane Graber

Not really having anything specific to do yesterday, I chose to have a bit of fun with sandbox.

I ended up installing a completely clean Ubuntu 10.10 in a VM with just an ssh server running.
I then installed sanbox from my PPA and appended the following line to my /etc/ssh/sshd_config:

ForceCommand sudo /usr/bin/sandbox -c "$SSH_ORIGINAL_COMMAND"

And this one to /etc/sudoers:

ALL ALL=NOPASSWD: /usr/bin/sandbox

Then restarted sshd.

The result is that any incoming ssh connection will be sent to its own sandbox with no direct access to the disk, no network available and won’t be able to see other user’s processes.
Connecting twice over SSH will give you two shells which won’t be able to see each other.

Posted in LXC, Planet Revolution-Linux, Planet Ubuntu, Sandbox | Tagged | 3 Comments

Want your own Edubuntu weblive ?

Posted on 2010/12/08 by Stéphane Graber

Since I announced Edubuntu WebLive 8000 users have been testing Edubuntu using it.

Edubuntu WebLive

After a bit of cleaning up and packaging, I’m now pleased to announce that the source code for both our Drupal plugin and the XML-RPC daemon is available on Launchpad: https://code.launchpad.net/vmmanager.

Drupal plugin

Features:

  • Provider the user interface for Weblive, like the one on: http://www.edubuntu.org/vmmanager
  • Gives a basic administration interface to enable/disable the NX servers and update all the text shown in the user interface
  • Code is PHP using the Drupal form APIs and php-xmlrpc to contact the ltsp-cluster-agent plugin

Installation is relatively trivial, just follow the README file in the branch.

ltsp-cluster-agent plugin

Features:

  • XML-RPC service (authenticated and using HTTPS) that Drupal uses to create new users
  • Database of all accounts ever created, their status and expiry time
  • Support for multiple SSH servers
  • Client to query the database (also over xml-rpc) to gather statistics or manually create/remove accounts
  • Code is python, using paramiko for SSH and storm+sqlite as ORM

Installation is straightforward as everything is packaged here: https://launchpad.net/~stgraber/+archive/experimental

ltsp-cluster-agent is a python daemon designed for use by LTSP and LTSP-Cluster. More on that in a later post.

The VM itself

For Edubuntu, our VMs are entirely automatically generated using debian-installer preseeding and KVM.
Unfortunately these scripts are not clean enough yet for me to release them, I’d expect to have them out very soon though.

The basic requirement for the VM is to have these packages installed:

  • ltsp-cluster-accountmanager (used to cleanup session leftovers)
  • freenx-server (the NX server)

We have recent versions of both in Revolution Linux’s PPA. ltsp-cluster-accountmanager is also in the archive since karmic and I’m hoping for freenx-server to enter the archive soon.

I’d also recommend removing the following packages as they caused some issues with Edubuntu WebLive:

  • network-manager, network-manager-gnome, network-manager-pptp, network-manager-pptp-gnome
  • jockey-common, jockey-gtk
  • rtkit

As usual, comments, patches and bug reports are welcome. I’d also be happy to hear from other deployments of WebLive !

Posted in Edubuntu, LTSP, Planet Revolution-Linux, Planet Ubuntu | Tagged , | 3 Comments