July 2023 – Let's Build Robotics with Shadow

July 31, 2023July 31, 2023

Nextcloud Soon?

Good Morning from my Robotics Lab! This is Shadow_8472 and today I am pressing on towards my very own Nextcloud deployment beyond a proof of concept. Let’s get started!

Preparing an Account

Last week, I learned that Rootless Podman comes with certain challenges when trying to access a network drive. ButtonMash’s Rocky 8 Linux hard drive is tiny, so I don’t want to use it for storage. That leaves my retired laptop, “RedLaptop” for the job.

I use dedicated user accounts to isolate processes. The first order of business was to create a new account and log in through the Cockpit web interface. I had a bit of trouble when the underlying SSH couldn’t connect because Debian doesn’t like capital letters in its usernames, but the nonexistent, capital-containing username was flushed out while diagnosing user groups per advice on Discord. The account was additionally locked to prevent normal logins via password.

Preparing Containers

I’ve been developing a couple scripts for running Nextcloud on ButtonMash in a pod, so I copied them and the secrets directory (password storage) over to RedLaptop and tried them out. Errors galore! I downloaded the Nextcloud and MariaDB container images, but the older version of Podman (3.0.1 on Debian vs. 4.4.1 on Rocky 8) meant missing features – namely Podman secrets and mounting volumes on pod creation.

The secrets were easy to revert. I just had to remove the –secret flags and reinstate the passwords in surrounded by quotation marks. Unlike best practices in later versions, volumes mounted nicely into their respective containers. I double checked one with

podman inspect <container ID> | grep -i volume

and found references to the correct volume.

New Territory

At long last, I made it to the Nextcloud installation screen where I need to make an admin account. From here on, all I know comes from the little scouting I did way back by using an SQLite database hosted offered from the Nextcloud container as opposed to a more capable one.

I got an error about failing to connect to the database. I found a username with a capitalization error and I didn’t actually have a named database created within MariaDB’s container. But even with both of those fixed, I kept getting kicked back to Nextcloud’s create-an-admin screen.

And here my research for the week runs out of time. MariaDB’s log shows two errors I suspect to be the root issue:

<timestamp> 0 [Warning] mariadbd: io_uring_queue_init() failed with errno 1
<timestamp> 0 [Warning] InnoDB: liburing disabled: falling back to innodb_use_native_aio=OFF

Takeaway

I so want to be done with this project. That is all.

Final Question

I am left without a solution for now. For all I know, it may be low RAM, which I’m already maxed out on for my model of laptop – meaning I’d need to start over again with something else. If anyone has any ideas, I’d be happy to hear about them in the comments below or on my Socials.

July 24, 2023July 24, 2023

Podman-Nextcloud: Climb Shorter Mountains

Good Morning from my Robotics Lab! This is Shadow_8472 and today it’s bully or be bullied as I take another swing at getting my Nextcloud instance even partially usable. Let’s get started!

If there’s one long term project of mine that just loves humiliating me, it’s getting Nextcloud operational. My eventual goal is to have it running in a rootless Podman container with a way to quickly move it to an auxiliary server. My strategy thus far has been to prepare three Podman volumes hosted on GoldenOakLibry (NAS) over NFS while accounting for the speed needs of the MariaDB and Nextcloud volumes with an SSD and vs the capacity needs of the PhotoTrunk volume with a RAID 5 array of HDD’s.

NAS: Network Attached Storage

NFS: Network File System

SSD: Solid State Drive

HDD: Hard Disk Drive

Lowering Expectations

I’ve lost count of how many times NFS has given me grief on this project, so I eliminated it. I moved the SSD from where it was on GoldenOakLibry to ButtonMash, my main server computer. I added it to /etc/fstab – bricking Rocky Linux. ButtonMash is dual booted, so I booted to Debian for repairs.

Rocky’s installation system uses an LVM2 format, which Debian can’t read by default. An LVM2 package exists, and I installed it. LVM2 partitions show up in lsblk as sub-partitions of an actual partition, and it is these sub-partitions that get mounted, for example:

sudo mount /dev/rl_buttonmash/root /mnt/temp

to mount the sub-partition that shows up as rl_buttonmash-root. While I did explore for a quick fix, it’s a very good thing when each side of a dual booted machine can repair the other. Mounting a file system is a very important tool in that kit.

Upon closer inspection, a contributing factor to bricking Rocky was the root account being locked. The computer booted into an emergency mode and got stuck in a loop ending with “Press ENTER to continue…” Unlocking it didn’t get me anywhere when I looked at the logs per the loop’s recommendation, but the command lsblk -f clued me in that I was mounting the drive using the wrong file system type, an error which was soon remedied after I discovered it.

Project Impossible

The move hardly seemed to fix anything as hoped. I didn’t solve much. I kept getting NFS related errors when trying to run the pod, even after moving to a new mountpoint I’d never touched with NFS automounts. I even tried mounting the volumes using hard links pointed at the mounted “data drive” and I still couldn’t get a working Nextcloud instance. Somewhere in my shambling among the apparently limited content available regarding this topic online, I found the following warning on Oracle’s Podman documentation:

Caution: When containers are run by users without root permissions, Podman lacks the necessary permissions to access network shares and mounted volumes. If you intend to run containers as a standard user, only configure directory locations on local file systems [1].

Rootless Podman lacks network share permissions. OK, so NFS out unless I can selectively give Podman network permission without going full root. Until then, Podman is limited to the local disk, and if I’m understanding this warning correctly, mounted drives are also off the table. My plans for a Photo Trunk upgrade may be grounded indefinitely, and with ButtonMash’s Rocky drive being only 60GB, I’m not looking to burden it with anything resembling bulk storage.

Takeaway

The next logical innovation would be to rebuild the project on a computer with more storage. Barring a full makeover of ButtonMash, I do have my Red Laptop as an auxiliary server. I made a new account, but in all reality, this inspiration came after my research cutoff. It’s a project for another week once again.

Final Question

My project directory is messy with scripts to the point where I started a README file. Have you ever had a project so involved as to need one?

I look forward to hearing about it in the comments below or on my Socials.

Work Cited

[1] Oracle, “Configuring Storage for Podman,” oracle.com, [Online]. Available: https://docs.oracle.com/en/operating-systems/oracle-linux/podman/podman-ConfiguringStorageforPodman.html. [Accessed July 27, 2023].

July 17, 2023July 17, 2023

Shadow_8472’s Minecraft Installation Guidelines (2023)

Good Morning from my Robotics Lab! This is Shadow_8472, and today I am documenting how I set up Minecraft. Let’s get started!

Here is my 2023 list for “installing” Minecraft while minimizing your data bleed to Microsoft. I listed it in the rough order each technique should be implemented, but no one relies on any of the others.

Linux

Switching to Linux or another open source operating system is easily simultaneously the biggest, most impactfull, and least convenient change you can do for your privacy in terms of digital privacy in general. On one of my attempts at reading Minecraft’s terms, I found data collection policies on both Windows and Mac, but nothing on anything else. Furthermore, shortly after I created my Xbox account on a Linux machine, I found a section on their privacy panel claiming they had no data on my stuff (take-that-as-you-will). To keep it short: Linux being open source gives users a mechanism for action when potentially unwanted programs are are identified.

Xbox Account Lockdown

As alluded to above, Microsoft accounts come with a “privacy panel.” My overall experience has me believing it’s engineered to discourage its own use while still satisfying relevant privacy laws so marketing can safely boast about offering this feature to more users than they are required to. They mention a hotline you can call somewhere, but it was never staffed when we called.

To make the most of the situation, log into your microsoft account and turn everything off that you can find. But leave on the two permissions about joining multiplayer and communicating with text (the permission is bundled with voice permissions) for a normal gameplay experience.

GraalVM

Minecraft needs Java to run. GraalVM is a high-performance implementation of Java. I’ve covered manual installation enough to perform it from memory: download, extract, point application at java. Optionally, it can be placed beside other system Java installations. And wherever you place it, be sure to make a note of which CPU architecture worked because I’ve lost track of how many times I’ve had to re-install because I got the wrong one.

PolyMC

Minecraft is complex enough to need various inputs most end-users never see because a launcher manages things like login, version handling, Java, and more. The game itself doesn’t care how these variables are provided, so we are free to swap out the launcher. MultiMC has been my open source launcher of choice, but I spent several hours researching a couple alternatives and their history. PolyMC is a MultiMC fork that adds support for downloading mods. Prism Launcher is a PolyMC fork that split over the lead “ghttps://www.iizcat.com/uploads/2016/10/lcyay-cheshire-gif.gifoing crazy.”

From what I pieced together from various accounts, PolyMC was born out of a dispute over MultiMC’s direction in 2021 regarding third party mod loading. On October 16, 2022, lead developer lenny mclennington had had enough identity politics. The following day, he deleted the standardized Code of Conduct in a commit titled, “reclaim polymc from the leftoids.” Community backlash began immediately and grew worse as it became clear that Lenny wasn’t hacked: over a page of bogus issues on GitHub, around 3500 accounts raiding his Discord over the following week (judging by #joins traffic) with offensive Internet garbage, and LOUDLY denouncing PolyMC as compromised and accusing Lenny of injecting malware. The drama reached Microsoft, who canceled PolyMC logins for a couple days until that got sorted.

Around an hour after Lenny’s controversial commit, work began on what would become Prism Launcher. The ejected developers migrated over there where today they number at around 200 where PolyMC and MultiMC each list around 100 contributors each. Between the three, activity on Prism’s GitHub has been a lot more consistent (almost daily). Bad blood exists among the forks of MultiMC, but this gives end-users the chance to evaluate each project based on its community rules. MultiMC keeps its project simple, PolyMC prefers it not be used to push politics, and Prism Launcher is getting the updates. Pick your poison, or tell me all about why your preferred not on this list is the best.

No Chat Reports

Minecraft moderation was once handled by local communities. On one extreme, anarchy servers rules read, “Anything goes!” and players can grief without any retribution but what their victims muster. On another extreme are intricate codes of conduct dictated by mods-who-don’t-like-YOU: “Farms may only load 30 entities at a time, but no ‘selling’ entities if they stand on two legs. We don’t care if you murderize your rejects, but we absolutely won’t condone slavery – even if you call it an ‘adoption’ or ‘delivery’ fee! Oh, of course you should somehow be compensated for your disproportionally large time investment compared to everyone else’s marketable goods. We just don’t know how, Troublemakers.”

And then Mojang came up with Chat Reporting. Players can now tattle on each other to a centralized authority to get them banned from all multiplayer servers for a time (or indefinitely). The tech literate community revolted, creating tools like the No Chat Reports mod to strip actionable cryptographic authentication data from messages. Vanilla servers have a toggle to enforce this chat reporting though and vanilla clients will complain on login if this toggle is set to false.

own opt-out and Mojang provided a server side toggle to disable enforcing clients’ cooperation with this system. The No Chat Reports mod strips the actionable cryptographic proof your messages were sent by you. The vanilla server requires this proof by default and the vanilla client complains if a server doesn’t enforce it.

No Chat Reports can be installed via Forge or Fabric. Fabric is the better performing mod loader between the two, so I’ll be using that when I play “vanilla” from now on. It was a two click install for on MultiMC for the most recent Fabric version.

Takeaway

I know what I wrote last week about insisting on chat reporting both sides, but after learning how it works, I feel the need to retract that. While I could draw out my Minecraft migration story to detail how I go through these steps on each of my machines and the difficulties I encounter with Graal and PolyMC, I have more important projects I want to work on. I’ll only cover those if I learn something new.

Final Question

What did I miss? I would love to include your suggestions in a future guide.

I look forward hearing your answers in the comments below or on my Socials.

Works Cited

[1] u/RealLemonmaster, u/Chezzik, et all., “Any pros and cons to Prism launcher over MultiMC,” reddit.com, 2023. [Online]. Available: https://www.reddit.com/r/feedthebeast/comments/10ak23a/comment/jmivti8/?utm_source=share&utm_medium=web2x&context=3. [Accessed July 17, 2023]. (Citation refers to multiple comments)

July 10, 2023July 10, 2023

My Ugly Minecraft Account Migration

Good Morning from my Robotics Lab! This is Shadow_8472, and today I am grudgingly migrating my Minecraft account. Let’s get started…

I’m heavily biased against Microsoft, so I’ve held out on migrating my Minecraft account to Xbox. I’d always planned on reviewing the terms of service -someday-, but with the announcement that the account migration period will close on September 19 of this year (2023), I discussed Minecraft’s tiny type with an acquaintance who works as a corporate lawyer. For a less abridged rant, see “Extended Opening” down below.

My biggest concern with agreeing to new terms of service is how Big Tech collects data for targeted advertising and other unsettling practices. Consumers rarely care about use agreement junk enough to consider alternative software, so big companies get away with vaguely worded permissions if and when someone sues. Microsoft is no different.

Data Collected

I’ve heard many fear gospels about Microsoft. These are the facts my acquaintance found in the tech giant’s terms:

Microsoft's privacy policy appears to be very generalized and very cliché for the most part.  For the most part, it doesn't specify what information is collect at what specific junctures.  Most privacy policies do not get that particularized.

You just know that generally they collect:
- Name and contact data
- Credentials
- Demographic data
- payment data
- subscription and licensing data
- interactions (e.g., device usage data; payment and account history; browse history; device, connectivity, and configuration data; error reports and performance data; troubleshooting and help data; bot usage data)
- interests and favorites
- content consumption data
- searches and commands
- voice data
- text, inking, and typing data
- images
- contacts and relationships
- social data
- location data
- other input (e.g., the buttons your press on an Xbox controller)
- content (e.g., files and communications sent/uploaded/received/created using MS software)
- video or recordings (if you attend MS events or go to their buildings)
- feedback and ratings
- traffic data

Microsoft is Sus

Almost immediately, I saw “text, inking, and typing data” and realized a key logger on your Windows machine may be perfectly within their rights. Anything made with Office is potential data for their machine per “content (e.g., files… created using MS software).” “Location data” can mean anything from knowing just your city to which park bench you rest on and when. Anything listed past “subscription and licensing data” except possibly “feedback and ratings” has at least something I could fret about – especially with interacting permissions: if they’re tracking the stranger who sad beside you on that bench, they might simulate your conversation based on your search histories and online shopping carts.

An Attempt at Devil’s Advocate

Every listed item is benign in its proper context. A single, do-everything terms of service agreement is less hassle to the masses with only basic computer skills. Inputs for an Xbox controller –for example– must be allowed for a Microsoft-hosted multiplayer game to function. Permission to collect the likes of “interactions,” “interests and favorites,” “voice data,” “images,” and “social data” are integral to smoothly operating a modern chat room network. “Content” is needed for working with cloud Office applications. While “Location data” may sound ominous, I speculate it can help when automatically choosing the best game server.

My Verdict

My threat model concerning having a Microsoft+Xbox account is unnecessary data collection. A lot of that is addressed simply by using Linux and minimizing contact with unrelated services. I furthermore see nothing wrong with giving misinformation for an online identity so long as motivation remains privacy as opposed to things like bypassing age restrictions. I can also take advantage of California Consumer Protection Act, which Microsoft supposedly extends to all US citizens, though we’ve never reached a living soul on their compliance hotline.

It can be taken further. Data never transmitted is data never collected. I don’t know what is in the vanilla Minecraft launcher, but in theory one could inspect the Internet packets it sends out. Even if compressed and encrypted, one can still tell how large they are, where they are going, and how frequently they are going there. I don’t have that skill set, but I can use the open source MultiMC as an alternative.

If there is one thing that made me more angry than forced migration when I heard about it, it is global chat moderation. Let an “incorrect” opinion slip, and Big Brother Microsoft might decide to ban me, even if I’m having a seemingly private discussion among adults on a server my own group owns. To be clear: this is only paranoia in terms of absolute certainty, but I believe it to be well-founded even if it’s a tad exaggerated. On the flip side, I have heard of a mod to disable this speech nanny, so going forward, I refuse to longplay on servers where this spyware is either enabled or allowed on clients, because I don’t feel safe otherwise.

My Proper Migration

I began migration and was immediately stomach churningly nauseated by the flowery language explaining the process AND THE EMPHASIS ON THAT STUPID CAPE! My migration did NOT go smoothly as my Mojang login was tied to a hacked Gmail account I lost irrecoverably around ten years ago. To be fair: I was able to switch it to an active email address by answering my security questions.

Once that was sorted, I got my migration code and went into Bitwarden to make a 128 character password and landed on a vague error page, “There’s a temporary problem.” A little research, and it would seem Microsoft accounts max out at 127 characters, but this still landed on the same page. Three later attempts doing the exact same thing allowed me another screen where I got as far as one of those rare alphanumeric “are-you-human?” tests.

Hours passed and I made at least a couple more failed attempts. I tried making a Microsoft account separately and it failed successfully such that the error page I landed on had an option to sign out (127 character password confirmed, but their error message erroneously cites disallowed characters). I blew a bunch of my patience wandering the same few help articles before finding my way back to the migration page. I fumbled around until I got a confirmation about completing my migration.

If there is one undisputed high point of my experience, it’s their prompt e-mail service – where other places might get back to you within 15 minutes on a good day, I never had to wait for an authentication code. If there was one undisputed low point (besides the cape), it would be the clashing mess that is the Microsoft account privacy panel. My inner Devil’s Advocate says it’s “modular to the point of ????,” while my skeptic says it’s either sloppy or intentionally designed to discourage all but the patient and/or paranoid from finding everything. In the end, I’m tired mentally, emotionally, and physically, but at least my account is not subject to deletion in just over a couple months.

Extended Opening

My Minecraft account predates the Mojang buyout. Microsoft has since broken promises such as never having microtransactions or interfering with the community. While continued development is generally a good sign, a number of design decisions keep narrowing the target demographic to younger audiences as opposed to maintaining cross-generational appeal. I refused to migrate to an Xbox account until now out of protest.

My distaste over the migration process stems from the migration announcement video. I found it very offensive when my biggest addressed concern came up to be met with the offer of a cape and the characters I had been identifying with started celebrating. When migration became mandatory on pain of not playing, I chose to not play until I understood the additional terms of service.

And I really tried a couple times between pleading with my family/group to join in my protest and find an alternate game. Everything was either too different and confusing or so close as to trip up someone or another’s Autism. Everyone else either felt the pull of/duty to other players more strongly than my calls of boycott. The most I ever got was a lone visitor on a couple different occasions.

Takeaway

The move-it-or-lose-it policy is another reason for me to hate Microsoft. They should have either been up front with the cutoff date or made provisions for an indefinite migration period. At the same time, I’m tired of carrying this bitterness. I am very thankful to my acquaintance for helping me face my fears. I still have a way to go before I seriously think about full-fledged forgiveness, but I do not see myself laying down my mistrust of them and similar companies who abuse their mono- or poliopolistic position to exploit the very people they have a moral duty to protect.

Final Question

This was a trying topic for me, but I still managed to find a patch of “enemy territory” I considered virtuous: the automated e-mail system didn’t leave me waiting for hours. What positive things have you noticed while dealing with a company you really don’t like?

July 3, 2023July 3, 2023

Let’s Build… a Shelf?

Good Morning from my Robotics Lab! This is Shadow_8472 with a side project for the week. Let’s get started!

My bedroom closet is an interesting shape. One side is only deep enough for hangers, and the other fits my dresser with standing room left over. Over time, my dresser became the de-facto resting place of a couple boxes with soft articles stacked on top of that. A few weeks ago, I had a gravity crisis involving a towel and some winter bedding.

Taking a look at the rest of my closet, I noticed a bunch of unused space above my dresser. An additional shelf would fit the space nicely. The two existing shelves are of a simple enough construction: two brackets, a pinewood surface, a dowel for hangers, and some screws to hold everything together. A matching shelf for light-weight, long term storage shouldn’t be too difficult, and should work nicely if/when the house is sold.

Gathering Materials

A special thank you to my father for doing most of the actual work in building the shelf. I mostly did logistics tracking (strategic pestering) to have it done within the week. When I use the term “we,” it’s something he either did while I was either unavailable or ducking away from noise.

Our local hardware store is rigged for Pandemic Brand Pickup (not really a TM): order online, and your merchandise shows up in lockers outside. The brackets made it home this way, but the board had to be picked up manually. Online listed a board that would have been about the right size had our local branch carried it, so a longer one found its way home.

When we went to actually build the shelf on Sunday, we noticed the brackets’ brace pieces were round as opposed to the “flat” ones already in-place. We needed screws for going into the wall anyway, so it was back again to the hardware store.

Shelf Assembly

As much as I would have preferred a nice, symmetrical construction, the brackets must mount into studs. With my closet the seeming result of leftover space within our house’s structure, the stud finder’s lopsided report should not have been so great a surprise. The sides of the studs were marked with a pencil. A measuring tape pointed to how high to drill pilot holes so we didn’t start cracks in the wall while driving screws. Soon, the brackets were hung and secured.

The pinewood board wasn’t the prettiest to look at. Not only was there a knot running across the width on one side but the side we kept had a bunch of micro knots one might mistake for mold spots. The shelf is going in above my head, so I chose the better looking side to go face down – even though it had some lumber markings, a number printed onto it, and a bad cut line from before we discovered the store hadn’t cut the ends at a 90 degree angle. We sanded the markings off, and I continued sanding a little for slightly smoother surfaces. The board was secured with four tiny screws from our stockpile.

The hanger rod was sourced from our supplies – most probably it came out of a closet elsewhere in the house. We shortened it, but it had a large splinter we had to glue back into place and clamp it overnight. The morning of posting, I spent a while sanding it smooth and we installed it taking into account the nicest side to look at while hiding a previous screw hole and the repaired splinter.

Takeaway

The field of computing is complemented by additional skills. While this shelf might only ever support cloth, home improvement techniques can just as easily be used to cable manage a workstation, get your network goodies off the closet floor, or install a wall-mounted server.

Final Question

What supporting skills have you used for computing?