Author: Shadow8472

Posted on

ButtonMash’s Solid Foundation on Rocky Linux

Good Morning from my Robotics Lab! This is Shadow_8472, and today I am still working on my Rocky Linux server. Let’s get started!

Project Selection

One would think it shouldn’t take a month to set up a server, but the vast bulk of that is research. What all do I want the server to do? What services do I need to set up to include it? When I know more than one way to do something, which way do I want to do it? The questions don’t end until work has progressed beyond the point of answering differently.

My goal for today is to get a few things running: I want to mount the GoldenOakLibry NFS server. I want to update-grub so I can properly dual boot with Debian. I want to install BitWarden. These three things are probably the most important end-goal tasks remaining for configuring ButtonMash’s Rocky install.

Package Managers

Before I can really work on my target goals, I need to know some of the basic specifics. Every major branch has its own compatible package managers. Debian has DPKG and Apt (Snap for the Ubuntu sub-family) while Arch has Pacman and AUR. Wrappers and cross-compatibility tools exist as a zoo of possibilities that will not be fully sorted out here, today.

My first impression as I research the Red Hat branch’s solution are the striking parallels to Debian, though it is also experiencing a stir. RPM (Redhat Package Manager) is like DPKG in that it is used for directly interfacing with the repository. YUM (Yellow dog Updater, Modified) was the package manager the likes of Apt I’ve been hearing about associated with the branch. It is now replaced by DNF (DaNdiFied YUM) for installing Package X and everything Package X needs to run (called “resolving dependencies”). Both YUM and DNF are present on my install, though.

Cockpit

I’ve had a chance to look over this web interface that came with Rocky Linux. By default, there doesn’t appear to be much to it after logging in beyond information readouts, an interactive firewall, and most importantly: an in-browser terminal. There appears to be a whole ecosystem to learn about, but it’s beyond me for now. I will want to look deeper into this subject when I move in to disable password authentication over the network.

Note about the terminal: it’s a little quirky from sharing its inputs with the browser. Nano’s save command also tells FireFox to “Open” and copy-paste commands don’t always work the same.

NFS Mount

From experience, I know that NFS is a royal pain to learn how to set up. On top of that, I know of at least two ways to automount network drives: during boot with fstab, and dynamically with systemd. Mounting it with fstab is annoying on my laptop because it halts boot for a minute and a half before giving up if GoldenOak is unreachable. More annoying is that this appears to be the more well documented method between the two. For an always-on server, though, it may not be a concern.

Not helping systemd’s case is/are the additional way/ways I’m discovering to set its automount functionality up. I don’t even know the proper name for the method I’ve used before – just that I didn’t mess with /etc/fstab whereas another systemd method does. It is a great challenge finding a source that compares more than a single mounting method. The good news is that aside from installation, I should be able to disregard what distro the tutorial was intended for.

While researching this section, I rediscovered autofs, and saw mention of still other automount methods. I’m avoiding autofs because because the more I read about it, the move complex it appears. In this instance, it would behoove me to just leave a line in /etc/fstab because I don’t expect to be booting this server outside the context of the GoldenOak NAS, but as this is more or less the centerpiece of my home’s network, I’m going with systemd mount files, as per the blog by Ray Lyon I referenced last February when I first learned about it. I’ll leave a link to his post in my Works Cited[1].

NFS Automount is tricky stuff, but each time I study it, I retain a little more. I can barely remember how to mount a share manually – let alone configure systemd automounts. It took me several days to find a copy of the files I needed, even after looking back at my above mentioned post from February[2]. My best guess is that I got lost in my own filesystem. I’m taking notes and organizing them in my home directory on this new install.

Update-Grub

When I installed Rocky Linux, I was all nice and safe by not letting it see any drives it wasn’t installing over, but the host machine still has a job to do on the photo trunk project; I need it to dual boot. I read up on a command called update-grub I could just run once everything was installed and physically reconnected. First of all, update-grub is a script, and second of all, it’s notoriously absent.

A variety of help topics exist on what command to run on RHEL instead of update-grub. From what I can tell, it’s pretty universally present on Debian-based systems and when I checked Manjaro (Arch family) just now, it was there too.

Update-grub itself is pretty simple. It’s three lines long, and serves as an easy-to-remember proxy command to actually update your Grub boot loader. The exact command may differ between computers depending on if they’re using BIOS or a newer, less common equivalent called UEFI. I assume it is generally generated during package installation.

Once I had my bearings, it was fairly easy to update grub on my own. I found my configuration file at /boot/grub2/grub.cfg because I am using BIOS. An effectively empty directory stump existed for the UEFI branch, cluing me in that this operation is one you should understand before using copy-paste into terminal. This StackExchange forum has several individual explanations, including reference to what I take to be a catch-all I am not using. Link[3]

So… I go to verify everything is working, and it’s not. A simple reboot loaded Rocky’s GRUB, but the Debian kernel refused to load over the USB 3 PCI card. So much for that idea. I moved the Debian drive to a motherboard USB port and BIOS found it and loaded Debian’s GRUB, which doesn’t know about Rocky Linux. I tried running update-grub in Debian and… it didn’t work. I wasn’t looking to spend even more time on this part of the project, so after confirming that Rocky’s GRUB could boot Debian, I got into BIOS and told them to prefer the internal Rocky drive over anything on USB.

BitWarden False Alarm

I’m super-excited about putting my self-hosted BitWarden server back up. I’ve already started researching, but the topic still feels like it’s expanding when I need to be getting ready for publishing this already lengthy post full of amazing progress. BitWarden will need to wait until I can better teach myself how to properly take care of it.

Takeaway

The Red Hat branch of Linux is in a notable state of flux. Key fundamentals elements of the family like CentOS and YUM are everywhere in old tutorials, and that is bound to make for a frustrating time trying to learn Red Hat for a while to come – especially if you’re new to Linux. Here, more than anywhere else, learning the history of the branch is vital to teaching yourself how to sysadmin.

Side Project

A while ago, I thought Derpy’s RAM was failing because Kerbal Space Program kept crashing the whole system. I’ve been running the three 4 gigabyte sticks on my Manjaro workstation for a month or two, and they appear fine. In the meantime, my father ordered up a pair of 8gb sticks. This week, I installed them, displacing one of the 4gb sticks. Passive testing will now commence.

Final Question

Have you ever had a project take a discouragingly large amount of research time then suddenly come into focus in a single day?

Works Cited

[1] R. Lyon, “On-Demand NFS and Samba Connections in Linux with Systemd Automount,” Ray Against the Machine, Oct. 7, 2020. (Edited Aug. 8, 2021). [Online]. Available: https://rayagainstthemachine.net/linux%20administration/systemd-automount/. [Accessed Nov. 7, 2021].

[2] Shadow_8472, “Stabilizing Derpy Chips at Last,” Let’s Build Robotics With Shadow8472, Feb. 22, 2021. [Online]. Available:https://letsbuildroboticswithshadow8472.com/index.php/2021/02/22/stabilizing-derpy-chips-at-last/. [Accessed Nov. 7, 2021].

[3] “Equivalent of update-grub for RHEL/Fedora/CentOS systems,”StackExchange, Aug. 26, 2014-Oct. 10, 2021 [Online]. Available:https://unix.stackexchange.com/questions/152222/equivalent-of-update-grub-for-rhel-fedora-centos-systems. [Accessed Nov. 7, 2021].

Posted on

Rocky Linux: Looking Around

Good Morning from my Robotics Lab! This is Shadow_8472, and today, I am installing Rocky Linux on ButtonMash. There’s a lot to learn and a bit more to do, so let’s get started!

Checklists and Notepads

A home server is useful. However, if you ask me what one is good for, and I’ll struggle to come up with an answer before the conversation stalls. I’ll come across as simply begging for another expensive toy, and you’re even less interested in one than before.

To remedy the stress of the moment, I opened a text buffer and slapped in a few uses I had in mind. Over the next several days, I added some more for a total of seven or eight so far. None of them were new per se, but it was the first time I had them all in the same place at once.

On the topic of brainstorming, I’m considering developing my own checklist for installing Linux no matter the distro. Watch for it in a future topic once I’m half-satisfied with it.

I left a document open for several days to add ideas for running on server

I am developing a personal Linux Install checklist

Installation

As stated in my last post, I already flashed a thumb drive with Rocky Linux. I was considering using optical media this time because of the expected long term support for this install, but even the minimal option I ended up downloading was too large for CD and we’re seemingly out of blank DVD’s. When I did make my download, I accepted Firefox’s offer to open it with Popsicle, a USB flasher utility that came with either PopOS or KDE (I have reasons to think either is likely). I overwrote the Debian install media from my Laptop.

Slated for overwriting was a previous ButtonMash SSD (Solid State Drive) with MineOS on it. I had already cleared stuff out from it, but after working on the family’s Minecraft server on Apex, I started having second thoughts. I sought out and found an even older and smaller MineOS SSD originally from DerpyChips. My father and I connected it up and booted to the install media.

By this point, I knew this Linux installation will be provisional at best – to my relief. Without the pressure of getting a “forever server” going, I can further refine my approach until I’m satisfied. In the meantime, I can load up some lightweight services.

The installer was one of the smoothest I’ve ever seen. All the usual elements like time zone, user accounts/passwords, and partitioning were linked from a main menu. My one complaint is the full screen slide animation blasting my eyes whenever I clicked on something. It’s not worth my time to recompile the installer, though.

There were a couple unfamiliar panels from the installer menu. One appeared to be some sort of privacy policy configuration screen. I had no idea what most of the options were about, but I could still recognize the value in it. The other screen had options for a selection of software to install. We read through each option, deciding weather or not I wanted each piece. Stuff like networking tools for SSH or NFS were included. Stuff a headless workstation doesn’t need, like GNOME, stayed off. If I didn’t recognize something, I left it alone. Some of the stuff I opted to include with installation were things I knew I’d be installing anyway, so that’s a little time and effort saved.

Configuration

SSH is an easy skill to learn, but difficult to master; I’ve poked at it this week, but I’ll need more time with it before I can consider myself safe using it on an unsecured line. I had a little trouble matching key fingerprints when SSH’ing into ButtonMash from my Manjaro workstation vs having the later SSH into itself with localhost. I quickly realized they were using different hash algorithms, but I had to give up on forcing them into alignment for now. I was able to verify the code on DerpyChips, though.

As soon as I got myself SSH’ed into ButtonMash, I received a prompt to launch a webUI called Cockpit. I don’t know much about it, but I recognized the name from my research last week and the interface feels familiar from some of my previous experiences with server management over browser. The interface came back online after a reboot, so there’s that. I will note that Firefox wasn’t happy about its self-signed security certificate. I have fixed that in the past, but I’m ignoring it for now.

Takeaway

I can feel like I’ve come a long way since when I first started Linux. Each major jump feels like I’m landing in a less unfamiliar place, though there are still surprises. To answer one of my own early “Final Questions:” results are not as important as learning why you got the results in the first place. Though there are plenty of places that make no assumptions about prior skill, general experience will still be of benefit when working with such systems.

Side Note

After I was done with last week’s post, I poked around a bit more at my Manjaro workstation’s spell check for LibreOffice Writer. I was able to get it working by installing a package called hunspell-en_us, as no language libraries were included by default.

Final Question

What would you do with a home server?

Posted on

Picking Out a Red Hat Style

Good Morning from my Robotics Lab! This is Shadow_8472, and today, I am reconfiguring ButtonMash to run some Red Hat family distribution. Let’s get started!

My Early Impressions of Linux

When I was taking my first deep dive into the Linux operating system, I was amazed and overwhelmed with the sheer diversity and customization to be found. Between the soup of permissive licenses and modularity of GNU/Linux (pure Linux does not a complete operating system make), Linux isn’t one operating system: it’s thousands. And if that’s not good enough, you can always make a new one.

I quickly found representations of the Linux family tree listing several popular distributions spawned over time as people forked projects, swapped code, and in some cases ceased development. And while there are several names that have stood the test of time so far, I was introduced to three branches each revolving around a particular distribution: Debian, Arch, Red Hat Enterprise Linux (RHEL). Ubuntu is large enough to receive an honorary mention within the Debian family. Most of my computers run Debian or a derivative thereof. My flagship computer runs on Manjaro of the Arch family. I would like some experience on a RHEL family branch.

The Red Hat Family

The modern Red Hat branch feel different compared to Debian and Arch. The titicular distribution, RHEL, is sold on a subscription basis. Red Hat, the company, sponsors a distinct, community supported, upstream distro called Fedora where programs can be tested before being deployed to customers’ production environments where downtime can cost a lot of money. Per the permissive licenses of software going into RHEL, anyone can view, modify, and redistribute their source code – just respect the Red Hat trademark. Do know that actually subscribing comes with technical support.

Historical and editorial note: from what I can tell, Red Hat Linux used to be the branch root, if you will. Red Hat reorganized things in 2003, adopting Fedora while discontinuing Red Hat Linux in favor of Red Hat ENTERPRISE Linux. The way these three terms are used almost interchangeably made this section very frustrating to research, but I will try and use the proper terms: Red Hat is the company, Red Hat Linux was Red Hat’s flagship product sold on store shelves sold from the mid-90’s until 2003, and Red Hat Enterprise Linux (RHEL for short) is Red Hat’s modern OS users subscribe to.

Looking deeper into different distros based off RHEL source code, you will find that 100% binary compatibility is huge. You can develop something on a RHEL downstream and it should work for a paying RHEL subscriber. If you find a clever use for a bug –it has happened before in the tech world– that bug will be there in RHEL.

CentOS

CentOS has been an important name in Linux for a while. Had I done this week’s research for a Red Hat branch distro a year ago, I have no doubt it would have been my pick for use on a home server.

Despite CentOS’s long history as the go-to RHEL downstream, the CentOS I was looking forward to getting to know has a short future. Just as Red Hat Linux was discontinued in favor of RHEL, CentOS is to be discontinued in a couple months on this coming New Year’s Eve (December 31, 2021) and repurposed. The future CentOS Stream will sit between Fedora and RHEL, making it an unsuitable distro for a server I expect to run for at least the next few years.

The niche CentOS is vacating already has new distros vying to be the de facto replacement. The leading contenders are Alma Linux and Rocky Linux. Alma Linux has the backing of a large company, while Rocky Linux is being done by the guy who originally started CentOS. So far as I can tell, they’re a coin flip away from each other. If they both work out, more power to the end-users.

Even as I write, I’m unsure what I’ll be running a year from now. For no reason in particular, I’m leaning towards Rocky Linux. I’ve already flashed a thumb drive with the install media, but setup will have to wait until next week.

Takeaway

I picked a horrible time to get into free Red Hat distros. One chapter in its history is drawing to a close and the opening of the next is still going through revisions. However, I’m not looking to wait a year for that retrospect. I’ll be re-evaluating as needed.

Final Question

Have you ever started a project during a sub-optimal time?

Posted on

Source Code Bending for Minecraft

Good Morning from my Robotics Lab! This is Shadow_8472, and today, I am diving deep into working on a Minecraft server – deeper than I have ever gone before. Let’s get started!

Minecraft: A Game of Memories

My family has maintained a small Minecraft community for a few years now. With DS9 Fireblade’s larger server, Phoenixcraft, going on the lull –the family’s been helping moderate– we’re all waiting for the Minecraft 1.18 update. Our closer group of friends is feeling ready for a new season, but we don’t want to start a whole new one just yet. That leaves us with revamping the current season of Creepers N Cream, our family-run server.

A friend at university got me into Avatar the Last Airbender, a show set in a world where some people have super abilities to manipulate [or bend] one of the classical elements: water, earth, fire, air. I brought it home. I was into its unofficial tie-in plugin for Minecraft even before my whole family had accounts. I credit the bending plugin with getting me into running servers as far back as Minecraft 1.6. On one of my previous servers, there existed an official RPG side-plugin that added world events that strengthen or nerf your bending.

Years have passed and I’ve played the plugin a few times. It’s still around, but it’s called Project Korra now (PK). Time has not been as friendly to the Bending RPG side-plugin, though. The latest full release is a couple months shy of seven years ago.

The Test Server and Compiling From Source

I started a server for testing all the plugins we expect to be using. It was taken over for a family survival world, and I made a second testing world for just bending and bending RPG. The old plugin loaded, to a little surprise from chat on the ProjectKorra Discord when I reached out and told them it made its announcements, but didn’t affect actual gameplay. Someone directed me to the ProjectKorraRPG GitHub, where I could find a more recent, less out of date version of the plugin – specifically the event-concurency branch.

Java is not a favorite language. I’ve tried getting into it no fewer than three times, but the barrier to entry kept getting in my way. Long story short, their development-support channel was quite helpful and I even got in contact with the most recent developer on the PK Discord, Simplicitee. It was a long, involved process –possibly worth a blog post in its own right had I better understood what I was doing– but with help, I managed to provide get the needed .jar files, update a few version numbers, and set up a symbolic link (from memory even) where the compiler expected. Eventually, I got myself a compiled version of Bending RPG and running on the server. Simplicitee even noticed my efforts and started working on it again, starting with updating the GitHub for the first time in two years. I have yet to compile this version yet though, but not for lack of trying.

My sister, Taz, and I test played it, and while the actual RPG mechanics took a little getting used to, they were playable, even if they lack balance – an armor stand defaulted to the same XP as a mob, passive, hostile, or even boss (configurable).

While that all was going on, our whole inspiration for playing the bending plugin again was a video showcasing an earthbending move that looked like a revamped seismic sense for earthbending. It made the move look awesome when no one in the family has really gotten earth as an element yet. We quickly learned it was actually an ability pack called TerraSense by Hiro or Hiro3 (Discord and PK forums, respectfully), and the latest publication was only relevant to plugin versions pertaining to Minecraft 1.17 and not 1.17.1, the version we’re playing on. Hiro was kind enough to provide me with a work in progress 1.17.1 build for my server and I’ve been reporting bugs as they show up.

Bending on our Apex server

Our target world was a 1.17 vanilla world running on Apex. I stipulated that I wold not be doing anything with the server until I had a copy of it running locally. Apex support directed me to one of their videos, and I followed it… and waited for the uncompressed download to progress – Apex has built-in compression in their provided online FTP access client. I wasn’t able to get it on a server, but I did load it up in single player. A viable copy is safely stored on GoldenOakLibry, our network storage.

In theory, switching server jars is as simple as operating a drop-down menu and uploading any plugins. In practice though, our server file space is cluttered. There were some plugins from the last time we were on a Bukkit server or something because they jumped to life when Paper Spigot for 1.17.1 crashed trying to load them and one was incompatible. When we switch to 1.18, I fully intend to compress the whole thing, download it, and wipe everything. I expect there are world files for at least a couple servers in there.

Takeaway

Programming is about more than coding. For this project, I was able to give back to the community by identifying bugs and sharing my findings. As I was writing, I received the news that several of my reported bugs were now patched. One edge case bug involving switching to spectator mode while flying even sparked a conversation where that led to solving a number of seemingly disjoint bugs and it was addressed before I had the chance to follow up with a better description.

Final Question

Have you ever contributed back to a project you enjoy?

Posted on

Squashing All My Computers into One: Part 1

Good Morning from my Robotics Lab! This is Shadow_8472, and today I am centralizing storage across my several computers. Let’s get started!

Computer Drift

One of my favorite things about Linux is exploring the possibility space of designs for what a computer operating system can look like. But maintaining multiple workstations can and will leave you wondering where that one picture is saved or what ever happened to that document you know you saved under blog drafts. I have no fewer than three computers –four or more if you count my laptop and ButtonMash as separate given their common install and/or my dual booted machines– it’s high time I consolidate my computers’ respective identities to reflect me as a single user given my access to GoldenOakLibry, the family network storage.

Project Overview

One would think the process would be as simple as dumping everything in a central location and spreading everything around be it garbage or not. Alas, subtle differences in installed programs or versions of programs make this approach unsuitable.

My best bet will be to think backwards. Not everything will be shuffled around; directories supporting install-specific programs should stay on their specific computer. Backups for such files are fine, but I can accidentally damage other instances if I’m not careful. I’ll need to tailor a number of Rsync commands and schedule them to run automatically with Cron. As this topic is basically day-of filler while I work on a larger project, the full job is a little out of my scope for today.

My goal for today is to make a backup I can operate manually and later automate. If things go well, I can see what I can do about Rsync, but Cron will need to wait for another day.

GUI File Transfer

The terminal is an important skill to have when managing a Linux ecosystem of multiple computers. However, there are some things, such as managing picture files, that inherently work better over a graphical file manager. While preparing for writing today, I noticed places like my respective Downloads directories are quite messy after a few years of Linux.

I wasn’t the biggest fan of jumping workstations all day, so I searched for a way to have the Dolphin file manager operate over SSH. The first result to catch my attention was called FISH (Files Transferred over SHell protocol). Similarly, SFTP (SSH File Transfer Protocol) appears to fill a similar computing niche. Each would be an interesting research topic, but for my purposes today, they both work equally well as long as SSH is configured to use authentication keys.

Derpy’s Backup

The easiest place to start would be my DerpyChips workstation as that’s the one I’m working from starting off. Documents was fairly easy to clean out. I had some Blog drafts and some other stuff I sorted into proper places on the drive.

The dreaded Downloads directory was relatively tame on Derpy. Nevertheless, I still spotted elements from at least four distinct projects ranging from incomplete to long done or abandoned. I even found an instance of GraalVM I may have been running straight from Downloads. My goal is an empty directory. If it will update before I need it again or I won’t need it ever again, it’s gone. If I’m unsure, I’ll find another home for it. I similarly emptied out any directory intended for file storage. Pictures was simple this time, but I expect I’ll need a more elaborate structure once I start trying to organize additional computers’ worth of memories.

ButtonMash’s Backups (Debian and MineOS)

Things were a little more interesting when I started moving things over from ButtonMash. At first, I set a Dolphin instance up with ButtonMash’s home on the left and its view GoldenOak on the right, but when I got a warning about not being able to undo a delete, I thought twice. I did have a deletion accident last phase and used an undo action, so it’s Derpy’s view of it on the right.

I was right about needing to take pictures slowly on this one. Some pictures fit better in with my blog while mems I felt worth saving went in their own directory within the more general Pictures one. But I don’t need copies of everything everywhere if I can just access the drive. Possibly just my favorite desktop and my avatar, if that. I made a directory for those two and any others I may want to spread around.

File manager over SFTP understandably has limitations. Not all files can be directly accessed –particularly audio files– and some graphical files don’t render shortcuts. When I try to preview an archive, it must first be copied over as a temp file.

I had another accident while moving some old Python projects over. For whatever reason –be it permissions or simple corruption– some files didn’t copy over cleanly. I fished around with it a little more and gave up and deleted both source and destination, as I expect another copy was made when I cloned my laptop to its internal drive.

Thanks to this blunder, though, I was more careful when it came to the family’s Minecraft servers from when we were running MineOS. I encountered an error while copying, so I reverted to rsync directly from ButtonMash. Even then, I had to elevate permissions with sudo to finish the job.

Takeaway

I’d like to say I’m somewhere around half way with my goal for today, but if I am to take this task seriously, I’ll need to go back farther and reintegrate any old backups I may have laying around, and by that count, I at least eight computers to consider – more if I count Raspberry Pi’s and any recursive backups I may find.

In some ways, this project is not unlike my experience with synchronizing Steam games manually, but on a larger scale. I’m having to re-think my structure for what I want backed up where as well as how I’m planning to access it. This is not a simple grab and dump.

Final Question

Have you ever made an comprehensive and accessible backup of all your computers, present and surviving?

Posted on

Linux 101 with Leo_8472: Part 3: Minecraft

Good Morning from my Robotics Lab! This is Shadow_8472, and today, I am helping my father get his Debian install to a livable level. Let’s get started!

Reality Checks and Cancellations

My goal with talking my father through a Linux install is to grow my own abilities as well, but our time together is often limited, leaving little room for research during our work sessions.

Debian Testing sounded like a good idea until we started reading about it. I knew there would be warnings, but the booklet worth of information about special care it required was more than a little intimidating. It’s still something I’d like to try some day, just not when back seat computing.

Likewise, setting up a Windows look-alike desktop environment was beyond the scope of our allotted time. The selection I had located were simply themes build upon actual desktop environments. Again: something I’d like to try when I have a machine to do more advance research on.

A lot of our work this week was spent reading on these canceled side projects. We unfortunately had to reduce our scope, but we now understand our limitations better for it.

MultiMC with GraalVM

Overall, my family’s favorite game is Minecraft. I’m trying to move the family away from the default launcher, so we installed MultiMC, a third party launcher that doesn’t confuse your versions.

One download option for MultiMC is a .deb file labeled as if for Ubuntu. I improved a little on the installation when trying to install it locally with aptitude, apt, and finally dpkg. We had to look up how to address dependencies. While it wasn’t painless, it wasn’t memorable either, but it was one example of why straight Debian may not be the best for someone looking to get into Linux without a guide.

Minecraft uses Java. The current version uses the relatively new Java 16, which isn’t a common find on Debian based systems unless purposefully installed. Graal is my preferred open source version of Java, and they have experimental builds for Java 16. With my recent return to the game, I’ve done the following procedure a few times already.

Graal can be downloaded from their GitHub. They provide builds for both amd64 or aarch64 architectures. We didn’t happen to know which one we needed, so we just choose one with a mental note to be prepared in case it wasn’t recognized, which it wasn’t. While Graal will work from anywhere as long as it’s called, the proper place to install it is in /usr/lib/jvm/. On my other installations, the jvm/ directory already existed and was host to other Java installations, but this time we had to make it ourselves. MultiMC recognized Graal shortly after properly installing it properly.

Takeaway

There’s a special feeling when you can reference your own work for solutions to problems you’ve already solved. The standard Java path is something that took me a while to learn, and I still had to look it up on my own system while writing. A week or two ago, I was happy to dump Graal wherever I could find it –one instance was even running it from my Downloads directory– but it’s best to put utilities on a computer where others can expect to find them.

In the meantime, we are practicing terminal with that… hard to read terminal emulator that came with LXDE. My father tried to change the colors, but his settings didn’t stick on restarting the program.

Final Question

Have you ever self-referenced for answers?

Posted on

Linux 101 with Leo_8472: Part 2: Browser

Good Morning from my Robotics Lab! This is Shadow_8472, and today I am hardening Firefox with my father on his new Debian installation. Once again, I am hands off the actual machine. Let’s get started!

The popular Chrome browser by Google is literally made by a company that makes money by studying you to feed you ads you’re vulnerable to (ie: more likely to click on) or want you to see for some other reason (a political agenda they approve of). While this is shady and dishonorable, respectively, there’s little to keep them from aiding a government they wish to appease from targeting people on a basis for any sort of “wrong” thinking.

Consider: if logging in to a site online is like showing your face, the browser you use to visit that site is your car. Just as people can learn to recognize you by your car, websites can recognize you by your browser –even if you don’t log in– by all the individually nondescript details your browser shares by default.

Firefox markets itself as a privacy-respecting browser, and while they’re a less-offensive choice than the alternative, they’ve made some choices that chase cash and not all their defaults respect Grandpa Joe’s technical ignorance. Their default search engine is Google. They have a “privacy respecting” news headline service that tracks you locally on your machine (as I understand it) but ultimately will record your clicks and is subject to its own political bias.

Project Progress Review

Before diving into the main payload, I did guide my father through installing Debian again over his first install – this time using the LXDE desktop environment. It’s small, and we are planning on installing a different one anyway that isn’t included in the default lineup found in the installer.

When starting a software project is often best to check for updates. sudo apt-get update and my father’s account wasn’t in the sudoers group. I quickly found a command to fix that and talked him through logging in as root to take care of that. Once updated, we began working over Firefox using a guide by Chris Xiao [1].

Firefox Hardening

Firefox presents its user with an overwhelming number of options. Xiao’s guide [1] does a good job of maneuvering you through a number of options you may want to set if present, but in the end, it’s up to you to make the final call on each setting exposed to you. We neither followed all the steps suggested nor limited ourselves to it.

The guide starts off with the settings menu one might find by fiddling with the menu, where it was simple enough to read the guide and switch settings as we spotted them. It then followed in to the spooky scary deeper settings you only change when you’re okay with potential software breaks. My father compared it to the registry in Windows.

Closing thought:

I made a mistake. In a coming week, I plan on moving my father over to the “testing” branch of Debian. I don’t have the exact numbers in front of me, but his Firefox version is about 15 to 20 versions behind what I’m using on Manjaro (Firefox 92.0.1).

I will need to revisit this list.

Takeaway

Online privacy is largely a fleeting fantasy these days, but I believe it’s still worth working for.

Final Question

Where do you draw the line between privacy, functionality, and security?

Work Cited

[1] C. Xiao, “Yet Another Firefox Hardening Guide,” May 5, 2021 [Online]. Available: https://chrisx.xyz/blog/yet-another-firefox-hardening-guide/ [Accessed Sept. 26, 2021]

Posted on

Linux 101 with Leo_8472: Part 1

Good morning from my Robotics Blog! This is Shadow_8472, and today I am talking my father through his first Linux install. Let’s get started!

Installing Linux isn’t as difficult as people think it is. If you ask me, the hardest part is the research. You need at least a little experience to know what your priorities in an operating system are or even could be, but you won’t get that experience without exploring the possibility space.

For this project, I’ll be helping my father install Linux. However, he will be the one at the controls and I’ll be “over the phone” from the same room, telling him what hardware to use, what software to download, and what commands to enter.

Step 1: Hardware

Linux doesn’t run in thin air, but it can run on otherwise low-spec hardware. For today’s project, we’ll be installing over my first Linux install — from before I really knew what I was doing — the hard disk drive originally from ButtonMash, my server/phototrunk workstation. For the rest of the system, we will be using his existing computer, ButtonMash’s hardware sister. I’ve selected one of my thumb drives to host our install media.

Very important: back up your data. THE LINUX INSTALLATION PROCESS DESTROYS ANY DATA IT TOUCHES. The USB we’re using is just outdated installation media for a previous system. I started talking my father through the backup process, going through a number of commands, but when I remembered an existing backup, I went and laid eyes on it before giving the final clearance to overwrite it.

This section went well, but I did have to fetch an extra SATA cable to install the drive with.

Step 2: Installation Media

Linux is often installed from some sort of installation media, usually a USB stick. Normally, I’d use the dd command and a setup where I won’t nuke a different drive by accident. I’d rather not risk an accident, though, so I spent a while searching for some sort of Linux USB flasher.

Turns out installing Linux from Windows is a well-documented rite of passage, and dd is what you’re expected to use when jumping from Linux to another Linux. I eventually dropped a question in the Engineer Man Discord and user localhost recommended Belena etcher, so we’ll be trying that. I chose Debian to install because I’ve had some success with it in the past, but to keep things fresh, I’ll be moving him to the testing branch.

Belena etcher came without any sort of checksum, but Debian does. When given, always make sure to look for a checksum — especially for core applications like operating systems.

This section went smoothly aside from an overstuffed Downloads directory providing us with plenty of distractions and command line practice. Belena Etcher came in a .zip file, so we created a decompression chamber my father dubbed his Bombshelter. Once we were ready, Belena Etcher made it clear which drives were which as advertised. The only thing remotely worth complaining about was their self-promotion for premium and other products. Of note: they are multiplatform; if you’re looking to switch from Windows, they are a viable choice.

Step 3: Installation

Now for the main event and my father’s first important choice. Dual booting. When multiple bootable drives are present, the BIOS select which drive to boot and the bootloader on that drive can provide a list of operating systems to boot into. When I wanted to set up one of my computers for multiboot, I wasn’t able to configure it manually after physically disconnecting all drives I care about.

Debian 11 booted straight into an installer, where the graphical installation process mostly cared for itself. Overall, though, this step was a little harder. Names are hard, even for a computer. I know about Logical Volume Management (LVM), but not enough to recommend it for this particular project. When we tried it, it was looking to mess with the existing disk.

We had the option in terms of desktop environment to install, but as I plan on taking him to a place where he can further customize it, it doesn’t matter so much. I nudged him in the direction of trying KDE in the name of exposing him to something new, even though it’s typically a little heavier.

We had a some trouble getting the computer to boot into Debian proper. I suspected it was the GRUB list only outputing to VGA until we pulled up a BIOS level boot list and forced it to boot to the new Debian drive and the GRUB menu offered access to Debian or Mint.

As I feared, KDE was a bit slow.

Takeaway

Congratulations to my father on his first Linux install. I had more planned, but we simply ran out of time. I expect a part 2 to follow shortly where we’ll focus on getting from a point-and-click environment to something he can feel more comfortable in.

Final Question

Have you ever tried to pass on a skill to another person?

Posted on

A Minecraft Server Sent Me Source Diving

Good Morning from my Robotics Lab! This is Shadow_8472, and today, I am building a private Minecraft server for plugin testing. Let’s get started!

Minecraft Paper Server

Any sufficiently popular computer game will eventually attract someone with the ability and drive to modify it. Others will come along and make tools to lower the barrier of entry so even more people can customize their experiences. Barring legal action from parent companies or a drop in popularity, the cycle continues to the point someone with basic computer literacy can find the resources he needs to join the modding community as I did almost ten years ago after my friend introduced me to Minecraft Bukkit servers. Shortly afterwards, I had myself a Last Airbender inspired Minecraft server.

In the year I was gone from Minecraft, my mother and sister have been helping on the moderation team for DS9Fireblade on PhoenixCraft. DS9 has selected a number of plugins to manage the chaos that often accompanies publicly available servers, but it’s hard to master all the commands when you have to worry about not breaking stuff.

Server Building

Little has changed about the fundimentals of Minecraft server construction. A modded server provides a stable platform imitating the vanilla game while providing plugin or mod makers a space to hook into without interfering with other plugins.

DS9’s server is running Paper, a version of Spiggot from the Bukkit modded server family. Ideally, I would take the time to track down the exact version for 100% compatibility, but I was having trouble finding the download. I made the executive decision to just use the newest version of each piece of software and adjust things if needed.

I loaded the server onto ButtonMash even though it’s still technically on Photo Trunk duty until that project is done, idle as it is. I remembered a series of topics I covered a while ago on how Minecraft doesn’t do well with the default settings and that G1GC (Generation 1 Garbage Collection) makes things go more smoothly in terms of long-term problems. I wasn’t fond of doing all that research again, so I reviewed this sight [1] which I do not look forward to citing, but offers a a list of Java flags to use and what each one does.

Months of idling were not kind to Button’s RAM, as it was about maxed out with Xorg (graphical server), even when I closed everything. I rebooted. It defaulted to its internal Minecraft server drive I have slated for a future Linux install some day. Around ten minutes of digital technical taps to the BIOS and removing a bent thumb drive later, I got it back into Debian.

The server still refused to start. Java was up to date with the repositories at Java 11 but it wanted Java 16. I just so happen to have solved the exact same issue with a Minecraft client earlier week. I downloaded an appropriate version of GraalVM [2]. Since I don’t plan on this server going anywhere, I saved it within the server’s main directory and edited my serverstart command accordingly.

The server was a bit more cooperative after that. I signed the EULA and modified a comment about tacos supposedly being the best food (why is that even in there?). Once I confirmed the server was running I started adding plugins, starting with the modern bending plugin and following it up with tools from PhoenixCraft.

mv Goof

My workflow settled into a pattern of looking up a plugin from the list, going to the download page, copying the actual download link, then using wget to download it onto ButtonMash as I’m working over SSH. I wasn’t impressed when I had to rename each file as it came in, but I figured it wasn’t worth my time to immediately puzzle it out, but I made a Downloads directory to isolate incoming files so they didn’t get lost.

Things were going well until I found one that didn’t want to be downloaded via command line. I waited a few minutes, but it still said it was temporaily unavalible. I was able to download in Firefox though, so I saved it to GoldenOakLibry, my family’s network storage. Soon I was copying its containing directory over into plugins.

Oops.

The containing directory was gigabytes of information at the least. I at least knew my Unsteam games project was in there, but I also found an old backup from my laptop. The connections are all hard wire, but I didn’t feel like waiting an unknown amount of time for the half way point, so I canceled the command with CTRL+C to assess damages.

It had only really started: two visible files at the very least. They appeared to still be in their original spot, but I wanted to be sure. I looked up the mv command’s inner workings, but my search results were filled with helpful information for someone learning normal terminal operations, not an unusual situation like my own.

With few places left to turn, I went source code diving. The hardest part was finding the code, but dpkg -S is the tool for that job. I zeroed in on the mv source and found the exact file [3] on the Debian website, a file written in C. My mission at this point was to answer this basic question: does mv do anything to directory trees its moving between physical disks as it goes or does it copy everything and clean up at the end?

I found what appeared to be a loop structure at line 364 in main(), but it didn’t appear to be trying to traverse any sort of file system structure. Further study led me to line 173, in do_move() where it copies the file in question before flagging the whole thing for deletion on line 224. And with that, I had answered my own question: cleanup is done after everything is safely moved.

Takeaway

This post was entertaining to make. It was supposed to be a boring, but quick and easy job I didn’t need to research much for after a week of stalling for topics. It was also the first time I went looking into the Linux source code, and while it makes poor skimming material, it was insightful. Find In Page was my best friend.

Cleaning up in post makes sense though. Everything in Linux is a file, even directories that contain other files.

Final Question

Have you ever studied the laid out inner workings of anything?

Works Cited

[1] lechowski (I think… Author is unclear), <March 5 OR May 3> 2021. [Online]. Available: https://lechowski.info/gry/minecraft/modded-mc-and-memory-usage-history-crappy-graph [Accessed Sept. 12, 2021]

[2] GraalVM, 2018-2021. [Online]. Available: https://www.graalvm.org/ [Accessed Sept. 12, 2021]

[3] M. Parker, D. MacKenzie, and J. Meyering, “mv.c” 1986-2018. [Source code]. Available: https://sources.debian.org/src/coreutils/8.30-3/src/mv.c/ [Accessed Sept. 12, 2021]

Posted on

By Continuing To Stay I Agree To What?!

Good Morning from my Robotics Lab! This is Shadow_8472, and today, I’ve been thinking long and hard about my policies towards current practices of data collection and how I’m going to balance privacy and functionality. Let’s get started!

Wakeup Reactions

My first reaction when thinking about data collection is that it’s all bad – overreaching companies look at where you’re going and what you’re doing and use that data to feed you ads and filter your social media feeds so you start thinking “correctly” according to some big boss at the top. I’m scared. Some people just give up trying because they feel it’s too late to stop the cyberpunk dystopia we’re quickly sinking into so it’s not worth it to even try. Others will go overdrive the other direction and redesign their whole lifestyle around having little to no online interaction.

I’d describe myself as somewhere in the middle. I’ve tried to take a reasonable stance; I only replace digital services with less invasive alternatives when they’re otherwise up for replacement. This strict of a policy has led me to go a year without a phone and to boycott Minecraft ever since they announced mandatory Microsoft accounts. Overall, I feel a little safer for my efforts, but I’d feel better if I could convince the rest of my family to take similar steps as they are able. At the same time, I feel a little more isolated than I should be.

Data Collection: the Good and the Bad

The truth about online data collection is that there are functions that logically won’t work if it doesn’t happen at all. Posting to a comments section implies permission to display said comment publicly. It may also subject it to moderation, and inclusion in site backups (it may show up again if site is rolled back to before user-end deletion). Sharing a photo may additionally require giving the service permission to “digitally manipulate” it to make a low resolution thumbnail. Ordering up a video from a streaming service requires it to know what you’re watching. All these things are fine, even though you are technically forgoing elements of privacy to allow things to work.

The bulk of applications of data collection exist in a huge gray zone between acceptable and unacceptable. That video streaming service can make more appealing suggestions by building up a profile on you, observe that all your peers are into MoneyBuck’s Capitalist Island Adventure let’s plays (not a real game so far as I can tell), and guess that you might be too! The same technology and permissions can be used to track your interest in candidates for the Yellow-flag political party and with the way things are set up, it only takes a few lines of fine print you will never see, unless you actively look for them and they can sell their profile on you to some other company who prefers you vote Orange-flag and –with another line or two of fine text you won’t likely ever see or understand– will slowly change what it shows you to make you more sympathetic to the Orange-flag party while it hides pro-Yellow-flag stuff from people already in the Orange-flag camp.

In extreme, real-life cases, they’re essentially digitally harvesting your organs to profile you for profit in a not-illegal black market. Their model of you is perfectly legal because you technically give consent to the fine print of a web page they’ll only serve up when asked specialy.

Struggles of the Privacy Resistance Movement

Privacy tools exist. Many people give up hope anyway presumably because their go-to information sites often have built their business models around the user data market – places with a vested interest in hiding tools designed to assist in undermining abusive data collection policies.

Some jurisdictions have passed laws requiring opt-out options. It’s a start, but in my experience, there’s still a lot of room for sites and services to avoid unintentionally informing users of their rights and/or make it annoying or inconvenient for users wishing to exercise them. More than once, I’ve seen an opt-out popup revert on page refresh. For user accounts, expect instructions on how to find the opt-out controls to be buried behind at least a few layers of “Please see our X for more information” worth of of tiny type.

Minecraft and Microsoft Accounts

I don’t think of Microsoft in a positive light anymore. Their announcement trailer for account migration was honestly more than a little offensive because it left me with the message that my concerns in particular could be bribed away with a cape. They can burn my cape for all I care. It wouldn’t look good with my player skin anyway. I’ve been vocal about rejecting the terms of service for a Microsoft account.

However, I’d be lying if I said I didn’t miss playing Minecraft. If I want to keep playing, there will come a time when I’ll need to migrate. I’m still not happy about getting an account, but how much of a privacy backslide is it really? What steps can I take to tell them, “I said, ‘No!’” in a way they will understand?

I reached out to the folks at tos;dr [Terms of Service; Didn’t Read]. Their whole thing is annotating terms of service documents and highlighting potentially objectionable or commendable phrases they find embedded in the legalese. But they only have so many resources. In the end, they’re good to sound the alarm and not so good for pressing forward. I wasn’t able to get anything conclusive straight from them.

As migration propaganda was pushed through my family’s Minecraft launchers, I managed to talk my family into slogging through the tiny type. A lot of it sounded pretty good. Sugary even. Alarmingly calm. One document led to another led to three more and the web went on. It was not a fun read. Only as we were coming to the end of a document chain did we find that this Privacy Dashboard they mentioned several times [1] was effectively a partial red herring; I’ll need to talk to a human being somewhere in their system to exercise my full rights. {Writer’s note: I really wanted a direct quote, but it’s late, and “Learn more” is the enemy of “Find on Page.” Consequently, I don’t know if I’m on the right page.} With all the tricks I’ve seen so far, I half-expect their staffed privacy department to be severely understaffed to the point where it barely exists, legally speaking.

I may not agree with everything I’ve seen, but there’s nothing stopping me from minimizing my contact with them. I’ll only make an account once it’s absolutely necessary. I’ll only ever use Linux when playing because it doesn’t have all the mysterious collection nodes requiring additional policies on data collection from Windows, Mac, and some other names I don’t recognize or remember. The official launcher with its ads for their other games will only be my last-resort option after days of trying to get a chosen 3rd party launcher working. Finally, I’ll lock down my account once it’s made with their Privacy Dashboard for what that’s worth while I at least try to go the final step and clamp it down hard through a live agent. If I am going to accept their terms of service, it will be on MY terms.

Takeaway

Too few people care about data collection practices and the people who do are burdened with the alarmingly rational feeling of Big Tech watching them, even if they make a hobby or career out of researching how to be as nondescript online as they might be while walking a dog. Privacy should not be something Grandpa Joe needs to worry about after little Jimmy the computer nerd tips him off. On the other hand, it’s easy to get overenthusiastic about reclaiming privacy and cut yourself off socially instead. Each person has his or her own balance point, but it’s all too often privacy by intervention instead of by default.

Final Question

Have you ever boycotted anything to seemingly no avail?

Work Cited

[1] Microsoft, “Microsoft Privacy Statement” Microsoft, July 2021.[Online]. Available: https://privacy.microsoft.com/en-us/privacystatement [Accessed Sept. 6, 2021]

Privacy Policy