Diary of an Emacs tragic

Author: Jason

  • Set group permissions for whole subdirectory with ACLs

    Set group permissions for whole subdirectory with ACLs

    Sometimes you want to preserve file permissions under subdirectories in linux with ACLs but that’s not the whole story. If you want multiple users to be able to read and write to these files, and the group permissions to stay correct, you need to set ACLs and also group +s on the subdirectories. This is to ensure new files and directories are also created with the correct permissions and group ownership.
    I wrote a small script that takes a group and a directory as parameters, and recursively fixes the permissions and set new ACL and group permissions so in future, new files will have the correct permissions.
    I put set-acl-permissions on github.
    It blindly recursively sets permissions so be careful. Also, it may well contain bugs that could cause catastrophic failures.

  • LED Clock Project

    LED Clock Project

    For a long time I have wanted a bedside clock that would keep accurate time via some external mechanism, and would take care of daylight savings automatically. I eventually decided that the best approach would be to use a wifi enabled device and use the NTP protocol for keeping the time accurate.
    After wasting several months hacking away on an Olimex IMX 233 that never worked reliably, I decided to change platform to the Beaglebone Black (BBB).
    Along the way I realised there were a few other features I needed:

    • LEDs should dim with the ambient light so the clock doesn’t light up the whole bedroom
    • The display needs to be big enough for me to read from across the bedroom without my glasses on.
      To make them dimmable I decided to get a pair of
      I also needed a power supply that could give 12v for the LED drivers but 5v for the BBB. I found a nice little board on ebay for a few bucks that seems to do the trick. Its called the Benq 12v-5v-3.3v
      I hooked that up tonight so now I only need the one power supply to run the LEDs and the BBB.

  • My uranium mug is not radioactive

    My uranium mug is not radioactive

    A while ago I broke my favourite mug. After a long and difficult search I found a new mug. A mug with the periodic table of elements entry for uranium on it. It also glows in the dark. Gav from the hacker space has a Geiger counter so I took the opportunity to measure the radioactivity of my mug. Luckily it’s not radioactive at all. Only 0.106μSv/h (micro Sieverts per hour).

  • Pull a backup from a remote host with ssh and tar

    Sometimes you might need to copy a whole directory from a remote host, but the remote host does not have enough space to tar the whole thing up and then sftp it off. The solution is to tar/bzip the directory and stream it directly to your local host:

    ssh root@remotehost 'tar cjf - /path/to/somedirectory' | pv -cN tar  > somedirectory.tar.bz2

    Using pv (pipe viewer) gives you extra progress bar goodness:

    tar:  176MB 0:09:14 [ 371kB/s] [                             <=>    ]
  • HP MediaSmart IR Remote for MythTV

    HP MediaSmart IR Remote for MythTV

    I’ve been on a quest to find a good remote for MythTV. My first try was with a Logitech Harmony. Those things are nasty horrible pieces of crap. I’d never touch one again. Programming it is a nightmare. It does not have a generic PVR option so you have to fake it to make it work with Mythtv by telling it its another device and learning those codes in LIRC. It is a very slow device with what felt like a 500ms delay with each keypress. It also tried to know what state your equipment was in so that it could turn things on and off, but of course it would always be out of sync and then you’d have to go through this process of turning things on and off until it was in sync again.
    Enter the HP MediaSmart IR remote, also known as HP RC2285202/01. These devices used come with a media player box that HP used to sell. As far as I can tell, its not in production anymore but the remotes are readily available on Ebay.
    Features:

    1. Dedicated IR codes for the PVR. On previous universal remotes I have used, I was unable to find a “code” setting that would make all the buttons active, that I could then learn in LIRC.
    2. Back-lit keys. All the keys seem to be backlit. Some universal remotes either only backlight a few keys or have no  backlight at all.
    3. Cheap. A$23 with USB receiver, delivered.
    4. Universal remote. Can control 5 devices including your PVR.
    5. Punch Through. Some buttons like volume and mute can punch through from the TV or Amp, to the PVR device. IE. you can make it turn the volume up on the amp when you press the volume button when in PVR or TV modes.
    6. Takes standard AA batteries.

    There are a few downsides too:

    1. Difficult to get going (solved now that you have found this blog post)
    2. Punch through does not work on all buttons.  Namely Power and Source. This is annoying but solvable with a pulse-eight CEC adapter

    I spent many hours trying to work out why it would not work on my system. In the end it came down to two things.
    For some reason LIRC does not work correctly with MCEUSB receivers that are plugged into USB3 sockets.
    You need to tell the kernel to treat the receiver as lirc rather than anything else, in order for LIRC to be able to connect to it:

    $ sudo sh -c "echo lirc > /sys/class/rc/rc6/protocols"
$ sudo cat /sys/class/rc/rc6/protocols
rc-5 nec rc-6 jvc sony mce_kbd [lirc]

    The word [lirc] surrounded with square brackets tells you it worked.
    I implemented this at boot time by adding

    /etc/rc-scripts/start-lirc

    to /etc/rc.local and then in /etc/rc-scripts/start-lirc

    #!/bin/bash
echo "Making lirc the default for rc"
echo lirc > /sys/class/rc/rc0/protocols
echo "Starting lircd"
/etc/init.d/lirc start

    Remove lirc from the normal startup process:

    $ sudo update-rc.d lirc remove

    Test your configuration (retrieve HP-RC2285301-01.conf below):

    $ sudo /usr/sbin/lircd -n -d /dev/lirc0 -P ./lirc.pid  HP-RC2285201-01.conf
$ irw

    And when you press the keys on your remote, you should see some output from irw.

  • Tips on installing FreeSWITCH and FusionPBX in debian

    I’ve been testing out FreeSWITCH and FusionPBX. I found it non trivial to install in debian. Here are my tips for installing.

    1. Don’t bother with the install script. I found it to be broken. And when it breaks during install, it leaves you in a state that’s very hard to understand and fix. In the end it was easier to install FreeSWITCH by hand, get that working, to the extend that you can make inter extension calls, then proceed with the FusionPBX install.
    2.  Install FreeSWITCH by following the Quick Install Guide.
    3. Commit the entire FreeSWITCH configuration to git so its easy to roll back when you reinstall FusionPBX. Switch to a new branch before making further changes. 
      cd /usr/local/freeswitch
      git init
      echo 'db/*' >> .gitignore
      echo 'log/*' >> .gitignore
      echo '.svn*' >> .gitignore
      git add -A
      git commit -m "Initial Commit"
      git checkout -b try1
    4. Get the latest version of FusionPBX from svn. 
      cd /usr/src
         svn checkout http://fusionpbx.googlecode.com/svn/trunk/ fusionpbx
         cd fusionpbx
         cp -a fusionpbx /var/www/fusionpbx
    5. Create a fusionpbx site for apache and enable it. Note that this makes fusionpbx appear at the root of your site. Create file called fusionpbx in your /etc/apache2/sites-available directory and put the following in it: 
            <VirtualHost *:80>
        ServerAdmin webmaster@localhost
        ServerName freepbx.example.com
        DocumentRoot /var/www/fusionpbx
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/fusionpbx/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>
        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
        <Directory "/usr/lib/cgi-bin">
                AllowOverride None
                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                Order allow,deny
                Allow from all
        </Directory>
        ErrorLog /var/log/apache2/error.log
        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel debug
        CustomLog /var/log/apache2/access.log combined
    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>
</VirtualHost>

      Then enable the site with a2ensite fusionpbx/

    6. after installing FusionPBX, commit the entire configuration to git to make rolling back easier. Switch to a new branch before making further changes.
    7. set up a FQDN for the box running FreeSWITCH and FusionPBX
    8. use ACL to allow www-data to make changes to the /usr/share/freeswitch directory

    And after you install and you realise it didn’t quite go as planned

    1. Reset the postgresql database: 
      root@fusionpbx: # su - postgres
postgres@fusionpbx:~$ psql
postgres=# drop database fusionpbx;
postgres=# create database fusionpbx;
postgres=# alter user fusionpbx with password 'XXXX';
grant ALL PRIVILEGES ON DATABASE fusionpbx to fusionpbx;
    2. revert your FreeSWITCH configuration using git
    3. revert your FusionPBX configuration using git




  • Proxy Dashing Dashboard behind Apache with SSL

    I needed to allow access to my Dashing dashboard over ssl from the Internet.  I decided to proxy it behind Apache and get Apache to do all the SSL heavy lifting, mainly because I couldn’t work out if and how you could enable SSL within Dashing itself.
    It turned out to be quite simple to implement. I simply created a vhost configuration for my dashboard and enabled it in Apache.
    Create a file  called dashboard in /etc/apache2/sites-available/ with the following content:

    <VirtualHost *:80>
 ServerName dashboard.example.com
 Redirect permanent / https://dashboard.example.com/
</VirtualHost>
NameVirtualHost *:443
<VirtualHost _default_:443>
 SSLEngine On
 SSLCertificateFile /etc/ssl/CAcert.cert.pem
 SSLCertificateKeyFile /etc/ssl/private/key.pem
 ServerAdmin webmaster@localhost
 ServerName dashboard.example.com
 ErrorLog "/var/log/apache2/dashboard-error_log"
 CustomLog "/var/log/apache2/dashboard-access_log" common
 <Proxy *>
   Order allow,deny
   Allow from all
 </Proxy>
 ProxyPass / http://mylocalserver.example.com:3030/
 ProxyPassReverse / http://mylocalserver.example.com:3030/
</VirtualHost>

    Ensure the proxy modules are enabled:

    $ sudo a2enmod proxy
Enabling module proxy.
To activate the new configuration, you need to run:
service apache2 restart
$ sudo a2enmod proxy_http
Enabling module proxy_http.
To activate the new configuration, you need to run:
service apache2 restart
$

    Enable the new dashboard site:

    $ sudo a2ensite dashboard

    Check your configuration is working before restarting apache:

    $ sudo apachectl configtest
Syntax OK
$ sudo service apache2 restart
[ ok ] Restarting web server: apache2 ... waiting .
$

    Don’t forget to delegate your dashboard.example.com hostname to resolve to your apache server’s IP address.
    Now visit http://dashboard.example.com/name_of_your_dashboard. Your browser should automatically get redirected to https://dashboard.example.com/name_of_your_dashboard and you should see your dashboard.

  • 3D Printed Heated Towelrail Brackets

    3D Printed Heated Towelrail Brackets

    Our heated towel rail’s brackets broke from old ages recently. After investigating getting a new towel rail and finding out they were quite expensive, I decided to try and design and 3D print new brackets for it.
    The first cut of the design turned out to have too little space for the nuts. A second draft with a little more space and it worked perfectly.
    The top left of the above image shows the broken parts and the bottom center shows 2 of the 3d printed replacement parts.
    3D Printed bracket holding the heated towelrail

    Update 2016-03-26

    Someone emailed me mentioning that their “Posh” heated towel rail had the same problem. A bit of googling around revealed a link a Goldair Towel Rail Bracket and Strap kit that looks like it contains the same straps as mine. This might help others find the relevant parts. Goldair have an Australian site too but it makes no mention of the strap kits.

  • Preserve file permissions 664 under subdirectories in linux with ACLs

    Have you ever wanted to give several users permission to work on files within a directory, but then struggled with what permissions and user:group ownership to set them to so users can always edit the files?
    You might think the solution is to make the parent directory owned by a common group, lets say dev, and then try and make the permissions flow through to the files within. This doesn’t work though, and new files will still be created with the user’s umask, typically 644, which is no good as it results in the other users not being able to edit the file.
    The solution lies in ACLs (Access Control Lists). Thanks to Pelle at Stackoverflow for making such a concise set of steps to set this up. Blatantly copied here:
    First add the acl option to the mounted partition where the directory is you want to apply this to. Add the acl option to the mount point in /etc/fstab:

    /dev/xvda1      /               ext3    errors=remount-ro,acl 0       1

    Then remount the filesystem to enable it:

    # mount -oremount /

    Then set the permissions using the setfacl command:

    # setfacl -dm u::rwx,g::rwx,o::r /shared/directory

    Test by creating a new file in /shared/directory:

    /shared/directory$ touch test
/shared/directory$ ls -al test
-rw-rw-r-- 1 jason dev 0 Feb 20 12:37 test

    Marvel in the wonders of modern filesystems.

  • FreeCAD

    screenshot of FreeCAD showing a cylinder intersecting a cube and the Boolean operation window visible
    Cylinder intersecting a cube

    Hack A Day has a great article introducing FreeCAD.

    FreeCAD is a parametric 3D modeler. Parametric modeling allows you to easily modify your design by going back into your model history and changing its parameters. FreeCAD is open source (LGPL license) and completely modular, allowing for very advanced extension and customization.

    There are several great things about this.

    1. It’s free as in beer
    2. It’s free as in libre
    3. It’s available for Windows, Linux and Mac OS X
    4. It’s scriptable in python
    5. you can draw things using constructive solid geometry (CSG)
    6. you can create objects by extruding 2D drawings similarly to Solidworks

    If this article is of interest to you, see my other list of OpenSCAD alternatives, and my other posts about free CAD packages.