LinuxFormatUK261 - 2020-04

BUILD A Pi TABLET!
4. L
FR B S 4
1 3D print a chassis 2 Pick a better battery
7G U
SO
EE DV .1
3 Choose a mobile OS 4 Customise Plasma Mobile
PLUS!
D
HOW TO…
GET A DIGITAL DIARY
PROTECT YOUR FILES
MONITOR YOUR SERVERS
The #1 open source mag
VIRTUALISE
EVERYTHING
Bring all your servers, devices and services
together with the power of virtualisation tools
pages of
67 tutorials
& features
Switch to BSD, the
other open source OS
Zededa’s
Synthesise and analyse
Erik Nordmark digital signals on your PC
on how Linux will power the
Control your system
edge computing revolution logs the easy way
BETTER SEARCH LIBREOFFICE CALC
Create analytic Use spreadsheets
search tools for coding and science
WELCOME
Virtual beginners
This issue Jonni has been getting
very angry at me for conflating the
terms ‘emulate’ and ‘virtualise’ –
and don’t even get him started on
WHO WE ARE ‘containerise’. Part of the issue

was that I hadn’t clocked that
virtualisation only includes systems
running on the same hardware
This issue we asked our experts: platform. I think it’s an easy enough
We’re being devils and using BSD, so mistake to make; the x86 platform is
so dominant, it’s about the only thing
what’s the best non-Linux-based OS you are going to virtualise.
you’ve used – and for what, for why?! That world is changing though;
the idea that, for Linux Format readers, x86 is going to remain the
dominant platform in your lives just isn’t true any longer. There’s
Mats Tage Axelsson a good chance that Arm plays as much of a role, be that in the
The best BSD-based system I used was Raspberry Pi, your smartphone, tablet or smart TV. With Amazon
TrueOS. It works great as a replacement already running its own design of Arm-based server processor, Apple
desktop system, but also has excellent uses posturing to launch an Arm-based consumer-level processor for
as a network analyser. It has all the style you laptops and Microsoft already peddling Arm builds of Windows, you
need from any OS. The AppCafe is also great can see the world is changing – if slowly.
for
f picking
i ki up new applications and any other software. The beauty of Linux and open source is that these changes mean
little to us; many distros already offer Arm builds and have done for
some time. Emulate entire architectures with QEMU, virtualise
Jonni Bidwell operating systems in VirtualBox, containerise software deployments
Being nostalgic of late, more and more I find with Docker: the level of complexity scales to your needs along with
myself lost in a reverie of those halcyon the speed and efficiency.
Amiga days. Right around the time Linus was This issue we’ll take your hand and guide you through all three:
inventing Linux, I was editing S:Startup- starting with VirtualBox basics, we’ll show you how to run a server
Sequences and messing round with the within QEMU and how to use Docker with Nextcloud and
speech synthesizer via BASIC. No longer my goto language. ElasticSearch tutorials. We also look at BSDs, which you might want to
virtualise out of the way, plus there’s a crazy mishmash of awesome
open source fun including: even more GNU Radio projects, Zabbix
Aaron Peters monitoring, advanced LibreOffice Calc functions, open source diaries,
I have to hand it to macOS – it’s a solid plotting and graphing tools and managing those pesky Linux logs. Get
UNIX-based foundation with a pleasant UI. stuck in and enjoy!
Bonus points for all the pre-loaded open
source tools, and props to the community
for projects like HomeBrew. But do I wish
they were more open? Yes. Yes I do.
Les Pounder Neil Mohr Editor

In the early 1990s I was a passionate [email protected]
Amiga user and I learnt how to make my
own ‘coverdisks’/magazine disks which
contained games, tools and articles. My
subscriber numbers were low – only 12
people – but I enjoyed
enjoy learning the skills to make bootable
floppy disk magazines.
Subscribe
Alexander Tolstoy & save!
I’m not a big fan of BSD, because its desktop
performance is usually poor. My love is On digital and print
Haiku, a modern scion of BeOS. It’s a super- – see p26
fast and perfectly designed OS that I have in
my dual-boot setup! NEW GIFT
www.techradar.com/pro/linux April 2020 LXF261 3

Contents
NEW GIFT
SUBSCRIBE NOW!
Page 26
REVIEWS
AMD Radeon RX 5500 XT 8GB

Jarred Walton tries out AMD’s ‘just north
of mid-range’ graphics card – a Navi-based
19
VIRTUALISE
offering that’s as good as the older RX 590
but uses much less power.
EVERYTHING
Jonni Bidwell isn’t real and everything
you think you know about reality is just
an illusion on page 34.
PrimeOS 0.4.5 20
John Knight loves this promising desktop
Android distro, but before falling in love he
finds it marred by a thorny issue.
GhostBSD 20.1 21
There were many people who said BSD
didn’t have a ghost of a chance on the
desktop. Mayank Sharma was one of them.
Linux Lite 4.8 22

As the lightweight distro now welcomes
Windows 7 EOLers, Mayank Sharma
wonders if Lite is the right option?
PsychOS 3.4.6 23
Forever 90s’ Jonni Bidwell finds nostalgia
and confusion in a weird lightweight/
heavyweight superposition of distro-space.
ROUNDUP INTERVIEW
Dwarf Fortress 24
Management is wondering what Steve
Hogarty has been up to in the LXF Server
Dungeon… he’s just digging a hole to hell.
Plotting tools 28 The razor’s edge 42

Turn your numeric data from plain figures More tales from Jonni Bidwell’s pilgrimage
into stunning charts, plots and diagrams. to the 2019 Open Source Summit. This
Alexander Tolstoy finds out which plotting time Erik Nordmark explains what the
tool is the best. heck edge virtualisation is all about.
4 LXF261 April 2020 www.linuxformat.com

CONTENTS
ON YOUR
Pi USER FREE DVD
OpenMandriva
4.1
Raspberry Pi news 50 Solus 4.1
Vulkan is coming to the Raspberry Pi! More Page 96
education is coming to the Raspberry Pi!
More updates are coming to Raspbian!
Combian 64 51
Les Pounder goes back to the 1980s to
remember a time when he used to type in
code listings from magazines…
Scratch and SenseHAT

Les Pounder reveals how we can get data
52
TUTORIALS
TERMINAL: Smart delete

and control the Sense HAT add-on board
using super-easy Scratch 3. 58
If you’re worried about accidentally wiping
Home-build tablet options 54 out important files, Shashank Sharma
Christian Cawley shows you how to knows a few techniques to protect them.
LIFEOGRAPH: Dear diary…

customise your Raspberry Pi tablet
project and choose the right touch- 60
friendly operating system. Nick Peers reveals how to create private
and encrypted ‘Dear Diary’ moments to
last you a lifetime (of embarrassment
reading them back).
GNU RADIO: Home electronics lab

CODING ACADEMY
66
Sean Conway will install in your wetware
the foundational knowledge to use GNU
Radio on an Ubuntu system.
ZABBIX: System monitor

Science with Calc! 88
Mike Bedford suggests that – in a change 70
from its more common business use – Manage an enterprise as Stuart Burns
LibreOffice Calc offers much to the introduces Zabbix, a scalable monitoring
scientific and mathematical user. tool that is lightweight and easy to use.
Elasticsearch 92 DOCKER: Nextcloud proxy 74

Mihalis Tsoukalos explains how to Add a Traefik reverse proxy to your
work with Elasticsearch, Logstash, Nextcloud Docker deployment with a
Beats and Kibana to build and improve little bit of guidance from Chris Notley.
LINUX: Manage your logs

your own search systems.
REGULARS AT A GLANCE
78
Mats Tage Axelsson takes you through the
basics and then digs a little deeper into log
management and analysis.
IN-DEPTH
News 6 Subscriptions 26
People cry the GPL is dead (they are
wrong); trolls attack Mycroft; Godot waited Back issues 64
and good things happened; Lenovo
embraces Linux; and Librepay is going well. Overseas subs 65 Hello BSD! 46
Aaron Peters is a stranger in a strangely
Linux user groups 11 HotPicks 82 familiar land as he dives into using Linux’s
Les Pounder helps out a fellow Linux user Alexander Tolstoy hasn’t got time to go open-source cousin FreeBSD…
and cat-hater (not really). around putting pictures of Putin up in lifts
and recording people’s reactions to it –
Answers 12 he’s far too busy reacting to the finest open
Comparing directories, bongs for Linux, source software on the planet like: Tartube,
partitions for Windows, grappling with AwesomeBump, UserManager, Minase,
GRUB, booting the Crontab and file links. Tutanota, JSPaint, ScreenGrab, Tower Time,
Rygar, Hardinfo and Fileinfo.
Mailserver 16
GNOME is actually pretty good, tape drives Your free DVD 96
deserve a look, we’re wrong again (it has
been a while) and Linux on tiny drives. Next month 98

Newsdesk
THIS ISSUE: GPL on the wane Mycroft targeted Yay for Godot
Embraced by Lenovo Liberapay birthday Linux on iPhone
LICENCES
GPL’s popularity is waning

– but don’t count it out
GNU’s GPL is seeing increased competition from other open-source
licenses like MIT – but not all is what it seems.
report by The Register (http://bit.ly/ trouble? Not necessarily.
A LXF261TheRegister) suggested that

GNU’s GPL (General Public License) is
Permissive license numbers
are inflated by the fact that
losing favour among developers, who are they can be used for open
increasingly looking at permissive open source source and proprietary
software licences such as MIT (http://bit.ly/ projects, while copyleft licences
LXF261MIT) and Apache 2.0 (http://bit.ly/ are only for open source.
LXF261Apache). According to The Register, this Paul Berg, an open source
is because these have fewer caveats, while not licensing consultant, explained to Th
The RRegister
i t D
Don’t
’ count the
h GGPL out just yet.
requesting licensors to share code revisions. that with projects dealing with proprietary
The Register cites WhiteSource (www. aspects, “permissive licenses like Apache, MIT
whitesourcesoftware.com), a company that and BSD are more popular, which is expected
provides an “all-in-one licensing, security, and since those licenses do not impose many
reporting solution for managing open source restrictions or obligations when interfacing with
components,” which claims that “use of proprietary software.” This is especially true if
permissive open-source licenses continues to
rise, while usage of copyleft licenses, and the GPL
family in particular, continues to decrease.”
ARE COPYLEFT LICENCES
According to the report, in 2019 33 per cent of
software handled by WhiteSource used copyleft
LIKE THE GPL IN TROUBLE?
licenses, while 67 per cent used permissive NOT NECESSARILY.
open source licences – an increase of three
percentage points from 2018. In 2012, copyleft software authors don’t want to give rights to
licences covered 59 per cent of projects, while others to redistribute their work.
permissive licences were used for 41 per cent. Berg claims that copyleft licencing is growing
This data is only from WhiteSource projects, in popularity in cloud computing “because it has
and we should point out that a trend found in stronger guarantees that consumers of that
one source does not necessarily mean it will be software will remain members of the community
found elsewhere. However, as The Register points rather than simply extend and repackage the
out, it does tally with GitHub’s findings from software for their own sole benefit.”
2015, where projects appeared to be moving So no one should take this to mean GPL
away from copyleft licenses in favour of is dead, but it highlights the importance of
permissive open-source ones. developers to seriously consider each licence, as
So, are copyleft licences like the GPL in they offer different benefits to different projects.

NEWSDESK
PATENTS OPINION
Mycroft AI targeted by patent troll HOME

Mycroft, an open source voice assistant, is fighting back FREE
against what it claims is a patent troll.
t appears that once again an open project will deal with patent trolls: “We are going
I source project has been targeted by a

patent troll, with Mycroft (https://
to litigate every single patent suit to the fullest
extent possible including appealing any adverse
mycroft.ai) an open-source alternative to voice decisions all the way to the Supreme Court.”
assistants like Siri and Alexa, revealing that it had Montgomery also revealed that the policy will be Jonni Bidwell
been contacted by Tod Tumey of Tumey LLP, a to attack “bogus” patents, like the is happy with his new boat-based
law firm based in Texas that has a reputation for aforementioned US9794348, and “have them purchase, considering the recent
representing patent trolls. Tumey emailed re-examined and invalidated where possible.” precipitation-based weather.
Mycroft AI’s CEO Joshua Montgomery to claim Rather than settle with Voice Tech, which he
that Mycroft AI infringes on two patents claims would be akin to giving “a schoolyard bully
(US9794348, which can be viewed at http://bit. your lunch money,” Mycroft AI will “be aggressive Linux beginners
ly/LXF261Patent1, and US10491679, which can and “stab, shoot and hang” them, then dissolve and seasoned users alike
be read at http://bit.ly/LXF261Patent2) that them in acid. Or simply nuke them from orbit, it oftentimes run into difficulties
belonged to his client, Voice Tech Corp. According is the only way to be sure.” with home directories. Maybe
to Montgomery, who posted a combative blog It certainly seems like Mycroft AI is not going simple permissions artefacts
post “Troll Hunter – Mycroft’s Position on Patent to be backing down from this, and with the CEO from running things as root.
Trolls” (http://bit.ly/LXF261MycroftTroll), revealing that he “always wanted to be a troll Maybe the classic forgetting a
Tumey emailed to offer a non-exclusive license of hunter,” things could get very messy. slash when trying to copy a
Voice Tech’s patents. Montgomery directory and ending up with
ignored the email, as he didn’t want to /home/home/jonni or
“feed the trolls” (his words), which has something. Or maybe
led to them being sued by Voice Tech catastrophic data loss
for patent infringement. doing something else.
This has led Montgomery to draw up Mycroft AI has revealed that it has Anyway, there’s a new
an internal policy at Mycroft AI on how the been targeted by a patent troll. way of managing home
directories coming to town,
and we suspect some of you
will feel shivers run down your
GAME DEVELOPMENT spine when you read the next
paragraph.
Good news for Godot Systemd-homed aims to

modernise home directory
management on Linux. It
The Godot Engine is going from strength to strength. aims to ease directory
migration, streamline
odot (https://godotengine.org) is a announcements soon. We should also give credit encryption and introduce a
G powerful open source game engine

that is turning into a formidable set of
to Epic for awarding a grant to a rival game
engine to its Unreal Engine. Fair play.
modern JSON user database.
It will be merged into the next
tools (we last reported on Godot back in It’s also recently been announced that the Systemd release (245) and
LXF255), and there has been another run of Vulkan renderer has been added to the main picked up by distros as they
good news for the project. First of all, it’s been code base. While this is an important step see fit. I think some of this is
announced that the Godot Engine has been that brings support for the cross-platform pretty neat. At the same time,
awarded an Epic MegaGrant. Given by the Epic 3D graphics and computing API closer, the I probably won’t make use of
Games studio (founded by Tim Sweeney and Godot team are keen to stress that Vulkan it, well maybe the part about
behind games such as the ridiculously popular support is still unfinished. logging in with a Yubikey,
Fortnite, as well as the Unreal Engine. The reason why it’s been merged into the that’s cool.
The grant, which totals $250,000, was main code base when it’s still a work in progress What I definitely won’t do is
awarded to Godot after the team applied for it is because “a lot of further development planned complain about it ‘taking over
in the category of open source graphics for Godot 4.0 depends on it.” The upcoming my distro’, or being ‘a solution
software, with the purpose of improving update to Godot will rework a lot of the engine’s looking for a problem’. And,
graphics rendering, as well as the built-in game core code to fix issues and improve performance, without a modicum of
development language GDScript. As the Godot and that cannot be done while the master and research, neither
team explain (http://bit.ly/LXF261Epic), they Vulkan branches are separate. should you.
are discussing how the award will be used and Find out more at http://bit.ly/
allocated, so keep an eye out for more exciting LXF261GodotVulkan.

NEWSDESK
OPINION HARDWARE
FIXING Lenovo embraces

PEOPLE Linux in the US
Credit: Lenovo
Lenovo is selling high-end workstations
with Ubuntu preinstalled. The Thinkstation P520 is a workstation for AI
developers and now comes with Ubuntu.
enovo is the largest PC maker in the affordable computers. Considering Lenovo’s

Keith Edmunds
is Tiger Computing Ltd’s MD,
L world, and it’s now shipping some of its
most powerful workstations (like the
enviable market share when it comes to PC
shipments, the company’s move to offer Ubuntu
which provides support for Thinkstation P520) with Ubuntu preinstalled, as an option for the operating system may also
businesses using Linux. rather than Windows 10. This is certainly a hopefully encourage its rivals to do the same.
positive move, though at the moment it’s While this may not be enough for many
confined to US shipments, and the very highest- people to forgive Lenovo for its past misdeeds –
I was recently end workstations. So if you have $5,000 lying including the Superfish scandal back in 2015,
reminded of a story from my around and need 128GB of RAM, head over to where the company was caught including
early days in IT. Six months Lenovo’s website at http://bit.ly/LXF261Lenovo. adware on its PCs – many of us hope that by
after starting work at Digital For anyone with a more modest budget, let’s getting a Lenovo machine with Linux installed
Equipment Corporation, I hope that Lenovo extends the option to get a PC rather than Windows 10, we may avoid Lenovo’s
was at my first job review. In with Ubuntu (or another distro) on more notorious preinstalled bloatware.
those days I repaired
computer terminals – just
printers or VDUs that
connected to a computer
DONATIONS SMARTPHONES
elsewhere in the building.
Things had been going
well, and I was looking
forward to the meeting. We
Liberapay Linux on iPhone
sat down, and after the
small talk my manager
turns four Apple’s iOS has been
jailbroken to run Linux.
asked me what my job was. Celebrates by introducing
“Fixing computer
terminals,” said I.
automatic renewals. f you fancied Apple’s stylish iPhones
“No,” he replied sagely,
“it’s fixing customers.” iberapay (https://en.liberapay.com) is
I (or an iPad or iPod), but didn’t want to
have to deal with its constrictive iOS
That was a long time
ago, but his words are
L a recurrent donations platform that
allows people to help fund creators and
operating system, you’ll be pleased to know that
Twitter user Qwertyopuiop appears to have got
still true today. For those projects online. It’s celebrating its fourth Linux booting on an Apple device that uses the
of us in customer service birthday, and in a blogpost (which can be read at A10 SoC (so either an iPhone 7, iPad 6, iPad 7 or
roles, fixing the customer http://bit.ly/LXF261Liberapay), the team have iPod Touch 7). Using PongoOS, a custom version
remains the goal. announced that the much-requested feature of of iOS, Qwertyoruiop has shared a few
Linux is a vast subject. enabling automatic renewals for donations has screenshots of Linux booting – and not much
You can’t be expected to been implemented. While the blog post warns else. Still, it’s an interesting development and
fix every technical problem that the feature is “very new and still rough you can see the screenshots for yourself at
that arises, but you can fix around the edges,” it means donors can set up http://bit.ly/LXF261iPhoneLinux.
most customers. Here’s recurring donations to provide a stable income
how to do it, at least for for creators and projects.
today: “Sorry you are Users can now set up recurring donations via It seems
having a problem, the new Payment Schedule page. At the time of someone has got
Frederick. We’ll look writing, this feature only works with Stripe, and Linux running on
into it, and I will get not PayPal, but that should hopefully change in an iPhone 7.
back to you before 5pm”. the future.
That buys you a day to fix Other new features coming to Liberapay
the problem – or to find include grouped payments – where you can fund
someone else who multiple people with a single payment – better
can help. receipts and visual improvements. As the blog
post admits, there’s still lots of work to be done,
but it’s heading in the right direction.

NEWSDESK
OPINION
Distro watch
What’s behind the free software sofa?
STORKING
HWANGSAEUL
NETBSD 9.0
NetBSD (as the name suggests) is a BSD-based
operating system. It comes with a simple interface and
complex features, and the latest version is now available
for download. Version 9.0 brings improved 64-bit Arm
support, as well as kernel ASLR and better support for Jakub Adam
the ZFS file system. According to the release Senior Software Engineer
announcement (http://bit.ly/LXF261NetBSD), at Collabora
“significant improvements” have been made to
hardware support, quality assurance, security, as well NetBSD is a portable Unix-like OS that
as new features added, and “hundreds” of bug fixes. can be installed on a variety of platforms. For remote security
surveillance, like monitoring
an industrial facility where
PROJECT TRIDENT 20.02 equipment or human lives
Project Trident has successfully moved from TrueOS, might be at stake, maintaining
and is now based on the Void Linux distro – and the an immediate and high-
first stable release based on Void has been released. quality video stream from the
Four different types of installation are available: areas of interest is a must.
Void, which installs the base system from Void Linux With the advent of 5G
and ZFS-related bootloader packages; Server, which is networks, it’s possible to
a CLI-based system, with additional services and tools stream high-quality video
installed; Lite Desktop, which is a minimalist install; in real time with very low
and Full Desktop, which adds extra tools and apps. Project Trident has ditched TrueOS latency, which wasn’t possible
Find out more at: for Void Linux. with past generations of
http://bit.ly/LXF261ProjectTrident. mobile networks.
In this domain, the SRT
open source protocol has
SPARKYLINUX 2020.02 been picking up momentum,
This distro has a rolling release, and the and thanks to the elements
latest snapshot is available to download. available since GStreamer
Based on Debian’s Testing branch, it 1.16, it’s easier than ever to
includes Linux kernel 5.4.13 as default, as well as Firefox The latest snapshot of this rolling-release incorporate low-latency
72.0.2, Thunderbird 68.4.2, LibreOffice 6.4.0, VLC 3.0.8 distro can now be downloaded. streaming into your app.
and Calamares installer 3.2.18. At Collabora we’ve been
The release announcement (http://bit.ly/ participating in the design and
LXF261Sparky) lists the changes in full, and also warns development of Hwangsaeul
users that the Calamares installer fails if you install – a next-generation security
Sparky in full auto mode with full disk encryption and a video feed streaming platform
swap partition – so check that before you begin to with SK Telecom Co.
download the distro. It’s a cloud relay service
that gathers live security
video feeds from different
TINY CORE LINUX 11 locations into a single service
This modular – and minimalist – distro has to which clients can connect
been updated to feature the 5.4.3 Linux to watch the feeds.
kernel. Glibc has been updated to 2.30, GCC Hwangsaeul also enables
to 9.2.0, util-linux has been updated to 2.34 continuous recording of each
and BusyBox updated to 1.31.1, among other feed. The SRT protocol is
changes to the distro. Tiny Core Linux 11 weighs in at just 12MB, utilised by camera-to-relay
The release notes (http://bit.ly/LXF261TinyCore) and runs entirely in memory. and relay-to-client transport
point out that there is a bug with the 32-bit version to minimise latency.
that prevents booting with high-end Intel systems with Still in early development,
IOMMU and VT-D, so make sure set intel_iommu=off to the streaming service already
fix that. provides the most
fundamental APIs for
3rd-party consumption.

NEWSDESK
Kernel Watch
OPINION
COMPLEX
OPENSTACK
Jon Masters summarises the latest happenings
in the Linux kernel, so you don’t have to.
L
inus Torvalds announced the first being relative to the time since the system
couple of release candidates for was last booted. Although this isn’t specified as
what will become Linux 5.6. This the actual base, there is generally the further
Jon Masters has been involved came following the closure of the merge implied assumption that these clocks do not go
with Linux for more than 22 years. window (the period of time during which backwards or behave in other strange ways when
disruptive changes are allowed) that had migrating a container from one host to another.
Virtual Private fallen close enough to the Christmas period Such migration could happen using the Linux
Networks started life last year that the number of patches was checkpoint or restore functionality, similar to
as a means for remote users “smaller than usual”. Of course, as Linus says VM migration.
to safely participate in local in his announcement, “‘slightly less’ is still just The new time namespace can be used with
networks, or to bridge that – we still have more than 10k commits”. containers to provide them with a view of time
between different company Which is a lot of commits. relative to an offset. Thus when a migration
sites. Today, VPNs are used The new kernel includes a number of occurs, applications continue to see time relative
widely for all manner of interesting features, among them support for to how it was on the system from which they
other purposes as well. the Arm E0PD extension, which provides were migrated without having to worry about
Maybe you value your constant time TLB handling so as to any difference at the destination.
privacy, want to work undermine certain timing based side-channel Linus was pretty keen to point out the
around a geographic attacks on hardware with the new feature. updated ‘openat2’ system call in his 5.6-rc1
content filter, or even just There’s also time namespaces, the WireGuard announcement. The existing openat system
want to login to your full VPN (see left), complete year 2038 safety (a call is not robust enough for today’s world of
home network seamlessly suitable userspace is required), and support sandboxing, in which we are concerned with
from afar. for the new openat2() API. malicious users trying to ‘escape’ by providing
Whatever the reason, Linux traditionally provides a number of cunning paths that cause the kernel to ‘walk’
VPNs are very useful, and different notions of time. These are typically into another filesystem or follow a ‘magic’ link,
yet they have often been manifested in the form of three clocks that and so on.
fairly nightmarish to set up, can be accessed by applications: CLOCK_ Aleksa Sarai’s reworked openat2 behaves
configure and operate. The REALTIME (a system-wide notion of real ‘wall a little differently, and allows for various
proprietary ones were bad clock’ time), CLOCK_MONOTONIC (a time constraints, such as RESOLVE_NO_XDEV (do
enough, and things certainly since some unspecific starting point), and not cross any mount points), or RESOLVE_NO_
improved when many CLOCK_BOOTTIME (the same as CLOCK_ SYMLINKS (do not follow any symbolic links,
shifted to OpenVPN, MONOTONIC but including suspended time). whether regular or ‘magic’. It’s likely to be used
but even OpenVPN is In most cases, developers think of CLOCK_ by sandbox applications, like web browsers, to
cumbersome and complex, MONOTONIC and CLOCK_BOOTTIME as further improve security.
ONGOING DEVELOPMENT
with many moving parts to
get right. It is, then, quite
exciting to see the progress
being made to Wireguard, a
new VPN design that aims Yi L Liu posted a patch series titled “Export Paolo Bonzini posted a security patch
to be slim enough to create device’s PASID capability to VMs”, which correcting support for TLB flushing within
in 4,000 lines of code. aims to enable support for Shared Virtual guest VMs. TLBs (Translation Lookaside
Linux 5.6 comes with Memory (SVM) within virtual machines on Buffers) cache translations between virtual
WireGuard built in by Intel platforms. SVM enables a device and (as seen by an application or VM) and
default. The actual design host (or in this case, guest) operating physical memory addresses (as seen by
is quite fun to read about, system applications to share the same attached system memory).
but the upshot is that soon virtual view of memory without needing TLBs need to be invalidated whenever
there will be widespread special drivers in each instance. there is reuse of virtual memory addresses,
support for a lightweight Eventually, it will enable applications to but an optimisation intended to allow
VPN that is as easy to use talk to plug-in cards without special drivers, deferring of these invalidations lead to an
as SSH, and cross-platform which is very useful if the plug-in card is a unsafe race condition, allowing malicious
by design. It’s a good flexible device such as an FPGA, that would processes running within a guest to spy on
example of how useful otherwise require many different device one another. The new patch corrects this
solutions can actually drivers for every possible function. behaviour to remove the vulnerability.
get upstreamed
promptly.

LUGS
LINUX USER GROUPS

The intrepid Les Pounder brings you the latest community and LUG news.
FIND AND JOIN A LUG Catching a critter

The cat’s out of the bag (and in the garden).
R
BradLUG
BCB Radio, 11 Rawson Road, Bradford BD1 3SH.
7–9pm on the second Tuesday every month. ecently a new member the code to start on boot. All of this
http://bradlug.co.uk
joined us at the Blackpool was made possible thanks to a tiny
Cornwall Tech Jam
LUG and asked if we could Linux computer.
Second Saturday of the month, alternating between
Bodmin and Camborne. help with a problem. A local cat had At the same meeting, a regular was
www.cornwalltechjam.uk decided to use their garden as its keen to build their own retro-games
Roanoke Linux Users Group own personal toilet. The new member machine using the latest model of the
Every third Thursday of the month at Roanoke had knowledge of Linux and was Raspberry Pi – so we explored what
South County Library. comfortable at the command line, but they wanted to build and how it could
https://roalug.net how could they use their skills to catch be achieved, and after a couple of
Medway Makers the cat in the act? hours we had it built!
Meet every 3-4 Weeks on a Sunday. Full details Well, they used an original So why are these projects
at www.eventbrite.com/o/medway-
Raspberry Pi – yes, the model important? First, they both use a
makers-8800006845.
released in 2012 – and the official Pi Linux computer to achieve totally
Leeds Hackspace
Open night every Tuesday 7pm-late. Open day Camera. With a little instruction on different goals. Second, and most
second Saturday of the month, 11am-4pm. how to use Python, they got the hang importantly, is that at our LUGs/jams
http://leedshackspace.org.uk of it and quickly created a device to /makerspaces/hackspaces we can
rLab Reading Hackspace detect and record the pesky critter! share our knowledge and help others
Unit C1, Weldale St, Reading. Open sessions Using a little Linux-fu, they also enable to achieve more.
Wednesday from 7pm.
http://rlab.org.uk
Huddersfield Raspberry Jam
Meet every month at Huddersfield Library, typically
the fourth Saturday of each month.
Huddersfieldraspberryjam.co.uk
PLUG: Provo Linux User Group
Third Tuesday of every month at 7:00pm at the UVU
Business Resource Center in Orem.
https://plug.org
Credit: Mike Hewitt

Horsham Raspberry Jam
Park Side, Chart Way, Horsham.
www.facebook.com/hackhorsham Hosting the LUG meeting in a library
enables anyone to have access to the
knowledge and skills of the group.
COMMUNITY EVENTS NEWS

Workshops and talks will be there to feed you need to feed your Debian knowledge.
your mind, and during the sprints you More details and free tickets at:
can share your knowledge with other https://ti.to/acevents/minidebconf-
Pythonistas to improve Python and its aberdeen.
many modules for the general public to
use. More details and ticket prices at EMF 2020
https://pylondinium.org. Electromagnetic Field is a ‘Glastonbury
for Geeks’ weekend event, taking place
MINIDEBCONF/CAMP ABERDEEN at Eastnor Castle Deer Park in
PYLONDINIUM Aberdeen, 24-25 April is the place to be Herefordshire on 23-26 July. If you love
Back for 2020 more Python and as you if you are a Debian Linux enthusiast. On hardware hacking, radio, blacksmithing,
might guess, this event takes place in 24 April, MiniDebCamp takes place at jewellery making, lasers and Linux, then
London at Bloomberg’s European HQ the University of Aberdeen. On the 25th EMF Camp is for you. Ticket prices
from 5-7 June. Over those three days you there will be the first MiniDebConf – a are from £140 and will be released in
will learn new skills and practices using conference for Debian users – and this waves – but they sell out fast!
the ever-popular Python language. event promises to provide everything See: http://bit.ly/lxf261emf.

Answers
Got a burning question about open source or the kernel?
Whatever your level, email it to [email protected]
Neil
Bothwick
even solved
world peace
but the
dog ate
the answer.
Q The sound of silence

I have installed the latest version
issue. I assume that you’ve tested that
the headphones themselves work by
(USB Video Class compliant) under the
USB 2.0 standard.”
of Linux Mint on my HP Spectre laptop. plugging them into another device, so To check whether or not the computer
I keep it updated with software updates. check the laptop too. If it is dual boot, was recognising the webcam, I opened a
My only issue is that when I plug in the does connecting the headphones have the terminal to list any video4linux devices,
wired headphone in the jack, the sound expected outcome in the other operating and entered:
does not work. Can you please help me system? Alternatively, try booting the $ ls -ltr /dev/video*
identify the problem and a possible fix? computer from a live CD of a different The resulting output ended in dev/
Sajal Sachdev distro and see what happens there. If video0. So something was installed.
it doesn’t work with multiple operating I tested the webcam by opening VLC
When you say the sound does not systems, then you most likely have a media player and selecting Media > Open
A work, do you mean it stops hardware fault. Capture Device> Video Device Name =
altogether or it continues to play through /dev/video0 > Play. The indicator light
the speakers? If it continues to play
through the speakers, ignoring the
Q Faceless Skype
My desktop OS is Linux Mint 19
next to the webcam came on and I saw
myself displayed onscreen in Full HD
connected headphones, check your mixer and I have installed Skype. When I call 1080p resolution. How can I get this
settings. As Linux Mint uses PulseAudio, try a friend using Skype I can hear what output recognised and used by Skype?
pavucontrol I find this more useful than they say and see them in a window. Alfred Douglas
most desktop mixers for viewing and They can hear me, but with no video
controlling audio outputs. Your system output at their end. Is your webcam even available for
should detect your headphones being I bought a Philips Brilliance
A selection in Skype’s settings? There
plugged in and automatically switch 241B7QPJKEB monitor with a retractable are a number of possible causes for this
outputs, but I have seen systems where webcam and microphone built into the issue. One is that the uvcvideo module is
this does not happen and manual top of the monitor, in order to use Skype. not loaded by the kernel when it detects
intervention is needed. The Philips monitor’s manual states the camera. To check this, open a terminal
If, on the other hand, nothing at all is that the webcam will work with various and run:
played when you plug in the headphones, versions of MS Windows, as well as “any $ lsmod | grep uvcvideo
you could be looking at a hardware other OS whichever support UVC/UAC You should see something like uvcvideo
106496 1. The numbers are not relevant,
only that the module shows up. If it isn’t
loaded, run:
$ sudo modprobe uvcvideo
If this does the trick, you need to either
load the module each time you want to use
Skype or, more conveniently, tell Linux to
load it when you boot up. Create a file in
/etc/modules-load.d, such as skype.conf,
containing just uvcvideo on a line on its
own. The name of the file is unimportant
but it must end in .conf. From then on,
whenever you reboot, the uvcvideo module
will be loaded.
Another possibility with webcams is
that your user does not have the right
permissions to use /dev/video0, which
usually means that your user needs to be
For better control
a member of the video group. You can see
of PulseAudio the groups you are a member of by running
devices than most either groups or id in a terminal. However,
desktop mixers this is unlikely to be the cause in this
provide, install
instance, as you can use the webcam with
pavucontrol.
other software.

ANSWERS
It could also be that another program is

using /dev/video0 and preventing Skype
from using it. There have been reports of
Cheese, a webcam program, interfering
with Skype, with the simplest solutions
being to uninstall Cheese. You can see
what, if any, programs are using /dev/
video0 with:
$ fuser -v /dev/video0
You can also use fuser to check that
Skype is accessing the webcam, if you
open the Audio & Video section of the
Inverting the display in your desktop’s
settings may not sound like a useful
settings in Skype, it should try to use the
idea, unless it is already upside down!

webcam, and skypeforlinux will show up
when you run fuser.
Q PoP over
I have installed PoP!_OS from the
Section “Screen”
Identifier “Default screen”
the program you run as root does not have
access to most of the environment
Linux Format cover DVD. Why does the Monitor “Default display” variables that your user had. This is a
PoP desktop image appear upside down? EndSection security measure. One such variable is
I’m fed up with standing on my head! Section “Monitor DISPLAY, which GUI programs use to find
Maurice George Identifier “Default monitor” the desktop. The brute force “solution” is to
Option “Rotate” “inverted” use sudo with the -E switch, which
A There’s no need to stand on your
head, simply turn your monitor
EndSection
You only want to use one of these solutions,
preserves the environment.
$ sudo -E gedit
upside down! Seriously though, is the though, otherwise you will be right back This works, but it gets rid of a layer of
entire desktop upside down or just the where you started. security. You may even find it doesn’t work
Q Root editing
background image? If it is the image, are on some systems as their security policy
you using a custom image? If so, probably may not allow it. If you have permission to
the simplest solution is to invert the At a Bash prompt, if I try to use sudo to edit /etc/sudoers, you can
wallpaper image, which you can do in just execute gedit, the application shows up add specific variables to the env_keep list,
about any image editor, such as The GIMP, as expected. But if I try to execute sudo which contains environment variables that
or alternatively from the command line gedit, the cursor just blinks, and after are preserved, so adding:
with convert or mogrify: a few seconds I see a “Text Editor not env_keep += “DISPLAY”
$ convert -rotate wallpaper.png new_ responding” dialogue box with Force Quit to the file will allow GUI programs to run.
wallpaper.png or Wait options. It is also possible to specify environment
$ mogrify -rotate wallpaper.png Noah George variables when you call sudo:
$ sudo DISPLAY=”:0” gedit somefile
A
Both of these commands are from
the ImageMagick suite of tools that are When you run a program with sudo, These methods can be applied to
installed by default on most distros. The you run it in a separate environment, most environment variables, not just to
difference between them is that convert
writes the converted image to a new file
while mogrify overwrites the original.
If the whole desktop is inverted, there
is probably a problem with how X is
detecting your monitor’s characteristics.
This is a whole lot more disconcerting. I
find the inverted mouse movement worse
than trying to read text upside down, but
the solution is simple. Go into Settings
> Devices > Display and click on the
orientation setting. Set this to Landscape
(Flipped) to invert the display. This is a per-
user setting so it will not take effect until
you log in, which means you still have to log
in standing on your head. One way around
this is to enable automatic login for your
user, avoiding the acrobatics.
Alternatively, you can configure the X
server to invert the display immediately,
which is also a good option when you have
multiple users. As root, create the file /etc/
X11/xorg.conf.d/50-screen.conf (see the
answer to the question on root editing if By setting the editor variable for sudo, you can use your preferred text editor and settings to edit files that only
unsure how to do this) containing: root can change.

ANSWERS
DISPLAY, but there is another way of using Peppermint for about two weeks The -xdev option has the same effect
handling the special case of editing a file as with a larger / partition and I’m noticing as -s with du. One obvious candidate for
root. You can specify the path to an editor that the space is slowly being taken up. growth is your home directory, browser
in /etc/sudoers This is concerning to me because I’m not and email caches, for example, or even
$ editor = “/usr/bin/gedit” downloading any packages or anything. the thumbnails created when viewing
Then you edit the file with Performing a du -sh check of the / is directories of photos. Another is /var,
$ sudoedit somefile problematic because it also begins to list particularly /var/log. You could install and
After the usual password verification, files in C:\ from my Windows partition, set up logrotate, a program that regularly
sudo will make a temporary copy of your which takes a very long time. Is this compresses old log files and removes older
file and load it into your editor. When you normal? I am just concerned that at this ones to reduce the growth in /var/log.
exit the editor, if the file has changed, sudo rate, I will eventually find myself low on The systemd journal is handled
replaces the original with the modified space from seemingly nowhere. differently, it is automatically limited to
file, keeping the original ownership and Ben Sanders 10% of overall filesystem size, which can
A
permissions. This way, the editor is running be quite a lot, and also to leaving at least
as your normal user, so all your settings for Addressing your last point first, du 15% free space on the filesystem. When it
the editor, theme and so on, are preserved, will traverse all directories below the reaches either of those limits it discards
it is only reading and writing the file that path you give it, including other filesystems older entries. You can change either or
is done as root. The editor set here is also mounted there. That encompasses not both of these by editing /etc/systemd/
used by visudo to edit the sudoers file. only your Windows filesystem but also journald.conf and uncommenting
You can specify more than one editor, things like /dev, /proc and /sys. Adding and setting SystemMaxUse or
separated by colons. If the first one is not the -x switch to your du command tells it SystemKeepFree. These can be set to a
available, sudo will try the next one: not to cross filesystem boundaries. percentage or an absolute figure, such as
editor = “/usr/bin/gedit:/usr/bin/emacs:/ You may find ncdu more useful – you SystemMaxUse=500M.
usr/bin/nano” will probably need to install this. It displays One of the ways you can get caught
Note that you must specify the full path your directories sorted by usage, and you out with root filesystem usage is that
to each editor – you don’t want someone can drill down to find out what is using the directories you cannot see, because they
dropping a script named gedit somewhere space. As you are mainly concerned with have other filesystems mounted on them,
in your user’s PATH and having sudo run it the increase in space, try running du or may also contain files. Rather than trying
with superuser privileges. ncdu each week, saving the results and to unmount everything, do this:
$ sudo mkdir -p /mnt/root
Q Filling root
comparing them. That way you can see
which directories are growing. You can $ sudo mount --bind / /mnt/root
I’m running Peppermint 10 dual also use the find command to list recently This creates a bind mount of root, the
boot with Windows 10 and I’m being created or modified files: same filesystem mounted at a different
faced with the issue of the space in / $ sudo find / -xdev -mtime -7 location, but does not include any other
being slowly used up. Around a year ago will list all files modified in the past week filesystems mounted on it. If you compare
I tried using Linux Mint for a week or so – it will be a long list. You may want to the output of ncdu on both / and /mnt/
but was forced to go back to Windows exclude your home directory as that will root you will see any hidden files as extra
due to / reaching 100% capacity and include a lot of recently changed files usage in /mnt/root, from where they can
me not knowing how to solve it. I’m still $ sudo find / -xdev -mtime -7 -not -path ‘/ be cleaned up.
home/*’
GET HELP NOW!
very much a novice, and now I’ve been
A QUICK REFERENCE TO SYSTEMD JOURNAL We’d love to try and answer any questions
you send to [email protected],
Most distros now use systemd as their to select a different boot – 1 shows the no matter what the level. We’ve all been
service manager, but systemd does first boot in the journal, more usefully -1 stuck before, so don’t be shy. However, we’re
a lot more than just manage startup shows the last but one boot, -2 the one only human (although many suspect Jonni
services. One of the extra features is before that and so on. is a robot), so it’s important that you include
that it replaces the traditional system This can be combined with -p err to as much information as you can. If
log with a journal. The journal is indexed show only errors for that boot. You can something works on one distro but not
for faster searching, which means also use: another, then tell us. If you get an error
that it is no longer a pure text file that $ journalctl -f message, please tell us the exact message
can be read with a pager like less or to follow the journal in real time. The and precisely what you did to invoke it.
searched with the likes of grep. Instead --since and --until options let you view If you have, or suspect, a hardware
you use the journalctl command, which problem, let us know about the hardware.
Consider installing hardinfo or lshw. These
entries over a specific time period,
comes with a number of useful options, while -t shows entries with a particular
For example: identifier, such as programs list the hardware on your
$ journalctl -p err $ journalctl -b -t sudo machine, so send us their output. If you’re
only shows journal entries with a to show you all uses of sudo since the unwilling, or unable, to install these, run the
priority of error or higher, useful when last boot. following commands in a root terminal and
trying to find problems; There are a lot more options, but send us the system.txt file too.
$ journalctl -b you can still use the old tools like grep uname -a > system.txt
shows the journal entries since the last if you prefer: lspci >> system.txt
boot. You can follow this with a number $ journalctl -b | grep somestring lspci -vv >> system.txt

THE ESSENTIAL HANDBOOK
FOR PYTHON USERS
Learn how to program in Python, discover amazing projects to improve your
understanding and find ways to enhance your experience of computing
ON SALE
NOW
Ordering is easy. Go online at:

www.myfavouritemagazines.co.uk
Or get it from selected supermarkets & newsagents
Mailserver Write to us at Linux Format, Future Publishing, Quay House,
The Ambury, Bath BA1 1UA or [email protected].
Great success! Happy news

I have used Linux Mint (MATE) for some time and I’m a student who recently discovered Linux Format
have it installed on a normal desktop, an all-in-one and I’ve been reading it to supplement my classes.
touchscreen desktop, a Lenovo Yoga 310 touchscreen It’s awesome how much stuff I’ve been able to learn
mini laptop and a 10-inch netbook. I use Bluetooth in the last hour just perusing the pages. I’m going to
mice with them and the touchscreens work well. look forward to trying out some of the projects
The Yoga310 with Windows 10 was my wife’s, but mentioned midway through the magazine! Keep up
with only 32GB eMMC onboard storage it did not the amazing work.
have the capacity to upgrade or update, even with no Lucas Chao
additional software installed, so I dispensed with
Windows and installed Mint MATE – very good. Even Neil says…
after months of updates and upgrades there is still It’s a cold, damp, windy and very grey day here in Bath.
13GB of free space. So a happy letter is just the thing to cheer myself and
Regarding testing distros, I always install to a USB Jonni up. Thanks!
flash drive (a minimum 16GB) and they always work
well, to the point that I tend not to bother (as in Taped up
forget about?) the HDD. On reading Neil Borthwick’s article on backups in
Thank you to everyone for the work that goes into LXF259, I was surprised that there was no mention of
Linux Format, it is very much appreciated. tape backups, not even in whether backup packages
Russell Preston, Dorset supported them. There must be thousands of
redundant tape drives in servers around the country.
Neil says… When I retired ten years ago, I was donated an LTO
Windows 10 on a 32GB drive by my employer, along with dozens of tapes.
drive, that’s optimistic! Back Dusty Pulver
in the day I struggled to run
Windows 7 on a 64GB drive – Neil says…
CREDIT: Lenovo
one reason I started to switch Everyone’s into instant gratification these days, so tapes
to Linux. Glad to hear of your can feel a bit slow, but more to the point they’re
success running Linux, and expensive too. They do, however, help to solve the off-
thanks for letting site issue, as you can take the tapes with you or lock
us know. Flash them up in a suitably fireproof safe.
drives are indeed But then – and this is the main issue for me – that’s
You always knew those great for testing more of a business solution than a home one, though it
low-budget laptops weren’t but are not as reliable does make me think that perhaps it deserves at least a
going to last with Windows. as SSDs or HDDs, so be wary. look as another option to consider.
Helpdex
[email protected]

MAILSERVER
LETTER OF THE MONTH

Gnome better
Long-time Linux user and distro-hopper here, but that ended when
I discovered Pop!_OS, which surprised me by making me love
Gnome again. Gnome was once my favourite desktop
environment, but that was back in the 2.0 days. Once Gnome 3
came out, I just couldn’t learn to love it, so I switched to Xfce.
About a year ago, I discovered Pop!_OS. What surprised me
the most about Pop!_OS was how snappy and responsive its
implementation of Gnome 3 is. I know System76 made
modifications of its own, but is that the only reason why Gnome
now seems faster than Xfce or KDE? I didn’t expect that, but with
Pop!_OS, that’s what I’m seeing.
Tape drives have

Perhaps that’s because I’m running Pop!_OS on a Dell G5
come a long way.
gaming laptop with an SSD, 16GB of RAM and an i7 processor, or
maybe Gnome really has improved since I last gave it a try.
I see many articles on how Linux can rejuvenate an older
Doom and gloom laptop, but I don’t see any that address these questions: is there a
I’m writing to highlight a slight error within LXF259. “best distribution” for a powerful PC? On a high-end system, does
On page 85, the magazine states in regard to the the choice of Linux desktop environment make any real
choice of Doom source ports available today, that difference? Will any desktop environment yield great performance,
“the most advanced is Doomsday Engine.” I apologise or is there a “best of breed” in desktop environments for cutting-
for splitting hairs but this is not accurate. The most edge laptops and desktops?
advanced and feature-rich source port, or engine, for Mike Creamer, Florida
Doom is the GZDoom port.
While I’m sure Doomsday is a fine source port of Neil says…
the game (I have to confess that I have not used it), Perhaps 2011’s Gnome 3 suffered in a similar way Windows Vista did,
according to the Wiki (https://doomwiki.org/wiki/ because it demanded too high a graphics specification on release? It
Doomsday) the engine only has limited Boom doomed Vista with a dreadful user experience, and perhaps that’s
compatibility, whereas GZDoom, along with all what put some people off. So while Gnome 3’s requirements haven’t
ZDoom-derived ports, contain close to full support. increased (it’s also had many optimisations) hardware power has.
This is a strong factor, as the majority of fan-made I’m not sure what a “best distro” would look like, especially for a
levels and modifications require at least Boom high-spec PC. I’m more than happy to be told. I’m more of a
compatibility, with a lot of newer projects requiring minimalist – the OS is something that’s supposed to stay in the
ZScript for custom items and monsters; and ACS for background and facilitate you using the system, access whatever
more complex level geometry, both of which are not software and services you need. That high-end PC is there to drive
supported by Doomsday Engine. the software and services, not so much the OS. What do you think?
Lastly, effects such as particles, dynamic lighting
and 3D models (which I think were pioneered by
Doomsday) are present in GZDoom.
John Z.
Neil says…
Thanks for the details! We’ll add it to the Hotpicks list.
Tolstoy is being forced to manually enter and compile
Gnome 3 continues to attract haters, while the rest of us just get on with using it.
the entire Linux 5.0 code listing down in the Server
Dungeon as penance.
WRITE TO US
Do you have a
burning Linux-
related issue
that you want to
discuss? Write
to us at Linux
Format, Future
Publishing, Quay
House, The
Ambury, Bath,
BA1 1UA or email
lxf.letters@
futurenet.com.

Discover another of our great bookazines
From science and history to technology and crafts, there
are dozens of Future bookazines to suit all tastes
you buy direct from us not available anywhere else super-safe ordering
REVIEWS
AMD Radeon RX 5500
XT 8GB
Jarred Walton tries out AMD’s “just
north of mid-range” graphics offering.
SPECS
A
MD’s retail Radeon RX 5500 XT series of
graphics cards is here, bringing additional
GPU: Navi 14 options to the budget and mid-range market.
Process: 7nm AMD’s Navi architecture hasn’t changed, although Navi
Transistors: 14 cuts the potential number of compute units from a
6.4 billion maximum of 40 down to a maximum of 24 – with the
Cores: 1,408 5500 XT enabling 22 of those CUs. There are two
Texture units: versions of the 5500XT; the only difference is the VRAM
88 and a £30 increase in price.
ROPs: 32 The 5500 XT 4GB card matches up against the
Clock: 1,670MHz GTX 1650 Super, and the two are effectively tied in
The 5500 XT is also available in

(Boost performance. The 8GB card, meanwhile, has to take on
budget-friendly 4GB form, which
1,845MHz) the GTX 1660, and Nvidia’s card has the same number
Mem: 8GB of GPU cores: 1,408. The problem for AMD is that will be fine for 1080p pursuits.
GDDR6, 128-bit Nvidia’s GPU cores tend to perform a bit better overall.
Mem speed: At least the TDP is about the same – 130W versus 120W
14Gbps won’t matter either way. always improve a lot with the extra memory. Except
TDP: 130W There’s little difference in features. Technically, when it does, and then you could end up disappointed
Ports: Nvidia’s GTX 1660 can enable ray tracing in games that you cheaped out on your graphics card and have to
DisplayPort v1.4, that support it. In practice, the 1660 isn’t fast enough turn down settings. The RX 5500 XT 8GB is a
HDMI v2.0 to make ray tracing worthwhile. There are other facets continuation of that; you can save $30 with the 4GB
of performance, but overall the two sides are evenly model, but long term we don’t think that’s the best plan.
matched in the mid and lower markets. Ultimately, AMD’s Radeon RX 5500 XT series is a
There’s also a jump in generational pricing, especially reasonable offering. It’s not clearly superior to other
with current prices. The RX 590 launched at £279; options, but it’s also not clearly worse. If you’re looking
today, you can get that same card for £179. It uses more to buy a new graphics card, whether as an upgrade to
power, but performance is going to be very similar to an existing PC or as part of a new gaming build, it’s
the RX 5500 XT 8GB. Which brings us to the real worth a look. Performance of the 5500 XT 8GB is
question: how does the RX 5500 XT 8GB perform? basically equal to the outgoing RX 590, while using
At 1080p medium, there’s no real benefit to the 8GB about 100W less power. But if you’re not set on AMD,
RX 5500 XT compared to the 4GB model. The RX 5500 and don’t mind proprietary drivers, look to the GTX
XT is also tied with the GTX 1650 Super in overall 1660 or 1660 Super.
VERDICT
performance, but the GTX 1660 is about five per cent
faster. But running medium quality at 1080p isn’t really
the goal if you’re going to pay extra for the 8GB card.
Stepping up to 1080p ultra starts to favour the 8GB MAN.: AMD PRICE: £200
model, though it’s only a seven per cent improvement. WEB: www.amd.com/en/products/graphics/
The difficulty AMD faces is that at 1080p, even at amd-radeon-rx-5500-xt
maxed-out quality, there aren’t a ton of games that truly
need more VRAM. And of the games that do, none of FEATURES 8/10 EASE OF USE 9/10
them seems to need more than the 6GB of the Nvidia PERFORMANCE 8/10 VALUE 7/10
cards. So again the GTX 1660 costs as much as the
5500 XT 8GB, but performs about five per cent better. A fine card, but there are cheaper options if you don’t
At 1440p ultra, the 5500 XT 8GB shows its largest envisage needing 8GB of video memory any time soon.
lead yet relative to the 4GB card. As a general rule, we
advise people not to skimp on VRAM. Yes, it costs more Rating 8/10
for the higher VRAM models, and performance doesn’t

REVIEWS Distribution
PrimeOS 0.4.5
John Knight reviews a beautiful and promising desktop Android distro, but
before falling in love he finds it clouded by a particularly thorny issue.
IN BRIEF
T
he desktop Android scene
has multiple distros
An Android competing for this growing
distribution for market, but a newer competitor has
x86, provides been slowly gathering momentum in
standard PC the background – PrimeOS. The
controls for homepage claims that PrimeOS
Android “gives a complete desktop
applications and experience similar to Windows or
integrates with MacOS (sic) with access to millions
Google’s Play of Android apps. It is designed to
store. Comes in bring you the best of both worlds – a
three editions, complete fusion of Android and PC.”
32-bit, 64-bit, The website provides an
and 64-bit executable installer for Windows
‘Mainline’ for users and a regular ISO image for the When working as intended, PrimeOS gives a fast, smooth and elegant PC desktop based around
new PCs; rest of us. Overall, the installation Google’s app store.
requires 16GB process was much quicker and less
hard disk space painful than its rivals, with fewer screens overall, and its which version to download, a forum, a link to an article,
and SSE4.2 GRUB2 prompt actually works. and that’s it.
support for PrimeOS has excellent boot scripting built in, with Second, we couldn’t enable Sleep mode on anything
64-bit editions. detection for Windows and most major Linux flavours and except a MacBook. The screen just went black (while
Provides derivatives, preserving GRUB entries while adding its own. remaining backlit) and mechanical hard disks emitted
compatibility for Without any complicated partitioning, the installation worrying start/stop noises that had us immediately
Arm apps, and a should be done in around a minute. reaching for the power button. For most Android users, a
gaming utility Once rebooted it will run a setup dialogue. It was non-functioning Sleep mode will be a deal breaker.
for remapping disconcerting when it wanted info like our date of birth Those problems we can forgive an unfinished project,
touch controls and gender, but otherwise the setup was painless, with but we have one overwhelming issue. It’s closed source.
to a mouse only a couple of prompts, preferring to configure things Why? PrimeOS could easily become the standard of the
and keyboard. like Wi-Fi and Google accounts later in the actual desktop. desktop Android world. Instead, this beautiful OS is being
Boot times are very fast, and once the desktop is hampered by dumb licensing, keeping the OS in obscurity.
loaded you can expect almost Scandinavian levels of PrimeOS is already free. Why not open source it and give
tasteful minimalism: a mountainscape wallpaper, icons for it a proper chance to shine? The OSS community could
Chrome and the Play store, a taskbar, and that’s about it. easily sort out the Sleep issue and write documentation.
Touch the system icons and a pull-down menu will appear So we’re left in a frustrating place. PrimeOS is nicer to
from above, where you can configure options like Wi-Fi. use than most rivals – Bliss OS is extremely buggy,
It’s all very elegant and runs incredibly smoothly. The Phoenix OS now has ads, and Android-x86 is only a bare-
only fly in an otherwise perfect ointment was applications bones system. But if it can’t suspend properly, it won’t
that minimised at strange times. suit most Android users. And if it’s closed source, there’s
As for unique features, under PrimeOS Settings was nothing you can do to fix it.
VERDICT
Enable Native Bridge, which can “support apps with arm
native libraries”. We couldn’t find any information on this
feature, but in our testing PrimeOS ran a lot more
software than competing distros. PrimeOS Settings also DEVELOPER: Floydwiz Technologies
allows you to enable or disable root access manually, and WEB: https://primeos.in
specify different levels of access. LICENCE: Proprietary Freeware
PrimeOS also comes with DecaPro Gaming Centre,
designed to bring Android gaming to the PC with mouse FEATURES 7/10 EASE OF USE 7/10
control and pre-defined shortcut keys. Some love it, PERFORMANCE 8/10 DOCUMENTATION 2/10
others don’t – either way, it’s definitely worth trying with
games like PUBG Mobile. Fast, beautiful, tastefully minimalist, but still unfinished. And
why is it closed source when it’s already free?
Have we got bad news for you!
There are currently three main drawbacks. First, there’s Rating 5/10
almost no documentation – there are instructions on

Operating System REVIEWS
GhostBSD 20.1
There were many people who said BSD didn’t have a ghost of a chance on
the desktop. Mayank Sharma was one of them.
IN BRIEF
B
SDs have all the hallmarks
of server operating systems,
One of the but you wouldn’t think of
handful of running them on the desktop.
projects that GhostBSD is one of a small number
leverages the of projects that’s working to change
robust and that perception. Unlike its peers,
stable base of though, which just slap a desktop
the FreeBSD OS environment on top of a BSD base,
to create a GhostBSD puts in the effort to create
lightweight a very approachable and functional
desktop that desktop. For instance, GhostBSD
resembles a boots straight into a live graphical
typical Linux desktop environment, which makes it
distro in both accessible to users irrespective of
form and their familiarity with BSDs. The OS GhostBSD’s Software Station looks and feels very similar to the venerable Synaptic package
function. uses the lightweight MATE desktop manager on Linux.
MIN SPEC
environment, and you wouldn’t even
realise you’re running a BSD-based OS. Outside of the installer, though, there is hardly anything
Behind the scenes though, it is still BSD. Until a couple that will appear alien to a Linux desktop user. In addition
CPU: Any 64-bit of years back, GhostBSD was running on top of a pure to MATE, the familiarity experience is further enhanced by
processor FreeBSD base. It then shifted to TrueOS, which brought the fact the application menu houses all the usual open
RAM: 2.5GB along several enhancements, in particular the OpenRC init source apps that you find on just about every desktop
HDD: 15GB system. GhostBSD is still based on TrueOS, but the Linux distro.
Build: Available project has dropped the CURRENT branch and instead Another big positive for the project is its range of
for 64-bit only moved to the STABLE branch for ABI stability, with the custom apps for essential administration tasks. For
integration of the latest system update developed by instance, fleshing out the installation is a no-brainer
TrueOS. With the 20.01 release it has re-based the OS to thanks to the graphical Software Station app, which is a
FreeBSD 12.1-STABLE. frontend to FreeBSD’s pkgng package manager. Similarly,
GhostBSD uses its own home-brewed GBI installer to you can use Update Station to track, fetch and install any
anchor the OS to the disk. While it isn’t particularly updates to both the system and the installed apps.
cumbersome to operate, when navigating it you’ll get the Another interesting custom app is Station Tweak, a fork of
first signs you’re running a non-Linux OS. The installer the MATE Tweak app, and will help you to customise the
recommends first-time users stick to the option of desktop by tweaking various elements of the UI.
allowing the OS to take over the entire disk. There is an GhostBSD is essentially a one-man project but has all
option for custom partitioning as well that has been the essential elements to succeed as a desktop OS. Its
improved in this release, particularly for UEFI-enabled engineering efforts are backed up by a decent
machines. However, you must be well-versed with the UFS documentation and support channel that’s good enough
file system to venture anywhere near it. So the inclusion of to acclimatise new users.
VERDICT
a custom partitioner for an alien filesystem essentially
forces you to stick to the recommended option. All things
considered, this is a serious limitation, since many users
wouldn’t have a spare machine to dedicate to GhostBSD. DEVELOPER: Eric Turgeon
No ghosts in the machine

WEB: www.ghostbsd.org
LICENCE: BSD Licence
The installer also gives you the option to install the
GhostBSD Boot Loader. You should install this if you want FEATURES 8/10 EASE OF USE 7/10
the OS to take over the entire disk. The GhostBSD PERFORMANCE 8/10 DOCUMENTATION 7/10
bootloader will also be able to boot Windows. However, if
you are dual-booting GhostBSD with a Linux distro, it’s A very usable BSD-based desktop that goes the extra mile to
best to skip installing the GhostBSD bootloader and cook up custom apps for regular administration tasks. Its only
instead use your Linux distro’s existing one. In such a drawback is it essentially requires a dedicated computer.
case, just install GhostBSD, boot into the installed Linux
distro and run the update-grub command to add Rating 8/10
GhostBSD to the boot menu.

REVIEWS Distribution
Linux Lite 4.8

As the lightweight distro now welcomes Windows 7 EOLers,
Mayank Sharma wonders if Lite is the right option?
MIN SPECS
L
inux Lite is a stalwart in the
league of beginner-friendly
CPU: 1GHz distros, as the project has
RAM: 768MB been putting out releases since 2012.
HDD: 8GB From the get-go its raison d’être has
Build: 64-bit been to present Linux as an
only with appealing option to users looking for
seperate images refuge from Windows. It does so by
for UEFI/ mixing familiar mainstream apps
Secureboot with customised ones to ease
machines. regular desktop configuration and
administration tasks. Its latest release
reenforces this view by moving
forward its scheduled release date to
coincide with Windows 7’s End of Life.
To mark the occasion, Linux Lite
4.8 features a special wallpaper that
is a throwback to the default Linux Lite has dropped out-of-the-box support for VirtualBox to shave some time off boot-up.
wallpaper on Windows 7. The layout of
the distro’s customised Xfce desktop improve the life of a laptop’s battery, create a compressed
will also appeal to Windows 7 users, with a panel at the block device in RAM for increased efficiency, etc.
bottom that houses the application launcher in the left On top of its beginner-friendly features, Linux Lite has
corner, and the network, volume and clock applet on the a solid foundation. It’s based on the Ubuntu 18.04.3 LTS
other end. The icons on the desktop have been labelled as release and uses the Ubiquity Ubuntu installer, which
per their names in Windows, such as Recycle Bin and shouldn’t confuse first-time users. To back it up, the
Control Panel, for added familiarity. project has comprehensive avenues of support, including
Another useful familiarity feature is the Lite Software a searchable help manual that’s also included in the
app, from which users can use to install several installation, and covers all aspects of the distro, from
mainstream apps, including popular proprietary ones setup to administration and troubleshooting.
such as Dropbox, Skype, Spotify, Steam and others, as Although it doesn’t require fancy hardware, which is
well as dozens of open source ones across all categories. another reason it’s ideal for some of the early, resource-
Lite Software takes the bite out of installing (and impoverished Windows 7 machines, Linux Lite’s list of pre-
uninstalling) apps and makes the process newbie-proof. installed apps doesn’t include any of the traditional
First-timers will also appreciate the Welcome screen lightweight apps and is instead brimming with the usual
that hosts quick links to essential system administration suspects such, as LibreOffice, Thunderbird and Firefox.
tasks such as installing updates. There’s also an option to Before you download Linux Lite you can use the
set up a restore point, which essentially fires up the keyword-searchable hardware database on the distro’s
TimeShift backup app and helps you take a snapshot of website in order to check if the distro will work on your
the current installation. computer, which trawls through 30,000 user-contributed
Desktop done right

computer configurations.
The Welcome screen and several of the options it hosts

are served via custom home-brewed apps. In fact, virtually
VERDICT
all the essential elements for interacting with and DEVELOPER: Jerry Bezencon
customising various aspects of the installation are served WEB: www.linuxliteos.com
by Lite-branded tools. Besides Lite Software and the LICENCE: Various
Welcome screen, there are others that’ll help guide first-
timers to upgrade to the latest release, manage users, FEATURES 8/10 EASE OF USE 8/10
configure network shares, and more. PERFORMANCE 8/10 DOCUMENTATION 8/10
One of the most useful ones in our view is Lite Tweaks,
which helps regular non-technical desktop users tune A well-rounded desktop that’ll appeal not only to recent
their installation. The app lists a number of tasks, Windows refugees but also to regular Linux users.
including some common fixes and performance
enhancements. For instance, you can use the app to free Rating 8/10
up memory, remove older kernels, install new ones,

Distribution REVIEWS
PsychOS 3.4.6
Forever 90s’ Jonni Bidwell finds nostalgia and confusion in a weird
lightweight/heavyweight superposition of distro-space.
IN BRIEF
W
eird (Hannah Montana
Linux), niche (CAINE
A nothing if not Linux, for crime scene
curious distro investigations) and sometimes
for 32-bit frankly baffling (Ubuntu Satanic
hardware at the edition) Linux distros are nothing
end of the world. new. So when we first saw the
It’s based on name, the website and the satirical
Devuan Ascii, so Peertube trailer (http://bit.ly/
systemd-free. LXF261peertube replete with a
It probably driving synth soundtrack and VHS
contains at least artefacting), our first thought was
one application that PsychOS was very much one of
you’ve never these oddballs. Maybe it is, but there
heard of but is actually a serious distro behind the
will nonetheless slightly ridiculous veneer. Retrograb can’t bring back your favourite chewed-up mixtape, but it can bring back memories of
find useful. PsychOS began life as a distro for DOS Animation programs.
SPECS
psychology students, so the name is
not a Hitchcock reference and nor (we think) is it any A lot of consideration has been given to users of old
aspersion on the mindset of anyone who might use it. hardware. The lightweight Firefox derivative Pale Moon is
RAM: 512MB That being said, it’s based on Devuan, is aimed at 32-bit the default browser, but you can also use Lynx from the
HDD: 16GB machines and claims to be suitable for beginner users. console. StreamPi is included to stream games of
Build: 32-bit The installed system is large (around 16GB, the release Netrunner to Twitch and such without having to invoke
only notes style it as an ‘end of days’ distro) and includes a something heavier like OBS. A combination of youtube-dl
truckload of applications. If you’re looking for a new and mpv is used for integrating video playback (e.g. in
hobby, you’ll probably find tools to help you with it here, CLIMax and Retrograb) in a lightweight way. It’s also easy
be it music composition/notation, video streaming, to install IceWM if the Xfce desktop proves too heavy
statistics or ham radio. Debian/Devuan’s free software (initial RAM usage is around 220MB). There’s a strong
guidelines are left by the wayside with firmware and focus on all things retro, with DOSBox, as well as
microcode installed out of the box, though you might emulators for the Acorn Electron, C64 and early consoles.
need them after the apocalypse. Plus if you like BASIC, you’re in for a treat, as there are at
In a niche
least four different versions bundled.
It’s a laudable effort, and the development logs give a
PsychOS, by default, features an Xfce desktop with the nice glimpse into the motivation and vision behind the
panel and menu on the left. The Thunar file manager has project. But most people will be put off by the huge
been augmented with numerous custom actions amount of niche software, and if you do find yourself on
(transcoding video formats, opening files with DOS the wrong side of digital Ragnarok, the last thing you want
programs). A number of tools unique to PsychOS are to be doing is trying to recall SysV init script syntax.
included. There’s CLIMax, which aims to introduce people
VERDICT
to the command line, through a neat categorised launcher
system with refreshingly human-readable documentation.
It’s a nice idea, and shows off some of the wonderful CLI
tools bundled with the OS, but you’re going to have to DEVELOPER: TheOuterLinux
learn to type stuff sooner or later. Another gem worth WEB: https://psychoslinux.gitlab.io
mentioning is Retrograb, which allows fetching and LICENCE: Various
installation of tools from Git repos, old software archives
(a great many 90s DOS tools are available). It also FEATURES 9/10 EASE OF USE 6/10
provides an emergency messaging system, as long PERFORMANCE 7/10 DOCUMENTATION 7/10
as the project’s Gitlab remains accessible.
The Refracta installer isn’t as slick as Calamares, but We don’t recommend one-person distros for serious use, but
it’s simple enough not to scare us off, and common install in the unlikely event the end times come and wipe out
tweaks are just a checkbox away. You’ll need to set up 64-bit hardware, this might just come in handy.
partitions yourself, and the installer offers a choice of
GParted or cfdisk to do just this. Fine, but it’s not really Rating 8/10
welcoming for beginners.

REVIEWS Dwarf management sim
Dwarf Fortress
Management’s wondering what Steve Hogarty has been up to in the LXF
Server Dungeon, but it’s nothing to worry about, he’s digging a hole to hell.
SPECS
I
n the Dwarven Year 250, the stubby reach of shame that Effy is already tunnelling vertically towards
dwarfkind had touched every procedurally oblivion and the realms of unending torture.
OS: A Linux generated rock in Ruspsmata, from The As a construction and physics simulator, Dwarf
CPU: Dual core Problematic Steppe to The Dune of Hermits, from The Fortress is perhaps at its least intimidating. You can’t
2.4GHz+ Prairie of Pregnancy to the Jungle of Conflagration. Not an assume exact control over your dwarves, instead you
Mem: 4GB inch of stone had not known dwarven steel, yet one dark designate areas for them to work on. In the early stages,
GPU: 1GB VRAM depth had so far eluded colonisation. “Leave the skies to that’s a case of simply tracing out chunks of the ground to
HDD: 500MB the birds,” sang the Dwarven king – probably, we’re be dug. Dwarves are assigned different jobs, such as
making this bit up – “the Underworld shall be ours.” mining, but some labour is shared by every dwarf, and
Dwarf Fortress is several things at once. It’s The Sims moving stone becomes a constant low-priority task.
and NetHack and Dungeon Keeper and Minecraft. It’s a Effy’s work takes place a short distance from Oakfire’s
vast, simulated fantasy world, generated just for you, with entrance hall. A roughly hewn passage leads away from
races and religions and history and wars and dwarves the main fortress before reaching an ever-deepening pit,
whose fingernails grow. It’s also infamously difficult, around which a rudimentary stairwell allows access to the
featuring only ASCII visuals and labyrinthine menus. Yet rapidly descending dig site.
Dwarf Fortress’s reluctance to expend even a joule of Two caverns are encountered and traversed in this
energy in prettying itself results in astonishing complexity. manner; two great and seemingly endless halls of fungus-
Bidwell the dwarf sets to work dismantling the wagon carpeted rock. Clever dwarves would build walls around
and turning the wood into beds. Mohr and Effy begin to their bafflingly unprotected staircases. Oakfire hosts no
scoop out a shallow hole. The others busy themselves clever dwarves.
stockpiling the food, furniture and fuel they arrived with. Unknown to all, a filthy menace is ascending from
Over days, seven bedrooms are carved out of the rock, below. The noise of all the hellbound tunnelling has
indoor stores are created, as are workshops and kitchens. awoken a bugbat in the underground caverns. The flitting
Peers happily builds doors. Bidwell constructs tables and beast makes its way to the entrance hall. Mayank Sharma
chairs for a dining room. His puppy is stung by a is cleaning himself when the creature latches on to the
bumblebee in an attempt to ironically frame just how calf of his right leg, bruising him through his silk trousers.
peril-free life is. He flails madly and humiliatingly about the fortress,
The dining room becomes Oakfire’s attractive crashing through the dining room and startling several
centrepiece, as the northwest corner has clipped a cluster hungry dwarves before the bugbat’s tiny mandibles finally
of green tourmaline, creating a shimmering emerald slice through his right index finger. Dwarf blood spurts
distraction from the now daily servings of Neil Bothwick’s enthusiastically from the wound, spattering the walls. Oh
freshly caught perch. It’s all very pleasant. It’s definitely a yes: Dwarf Fortress has a very detailed combat system.
You’ve landed, now

what? Read the
flipping manual!
This article first appeared in PC Gamer 228 in the Dwarven year 2011 in the month of Malachite (July).
It has been edited for length and the original dwarf names changed for sense.

Dwarf management sim REVIEWS
“Seal the dig site,” comes the order, one dead dwarf
too late. Bidwell works quickly to shape a bauxite
floodgate to cap the tunnel. The dig site can only be
opened using a lever in Neil Mohr’s fancy quarters – the
dig to hell will resume on his command.
Tun Eribesmul was a good and hard-working dwarf,
who had his head eaten too soon. He tells this to Effy as
he hovers above his bed. Effy is startled awake. Eribesmul,
satisfied, glides through a wall and into the meeting hall.
Jonni Bidwell places a plain siltstone slab in Oakfire’s
entrance hall, where a now-composed Effy makes an
engraving as solemn as it is tardy. “In memory of Tun
Eribesmul 186- 252.” Another task left too late, but at least
Eribesmul’s ghost finally rests. He vanishes from the
meeting hall. His corporeal leftovers rot in a tunnel.
The early months of Dwarven Year 253 are difficult
ones. On the surface and in the tunnel to hell, the long- World creation is
forgotten beasts respond ferociously to the incursions strewn about everywhere, over everything. All things more than just the
land, it’s an intricate
history too.
into their caverns. And these are no tiny crundles, nor between Effy and the entrance to Oakfire are devastated
clownish bugbats. A creeping eye drags its bloated form as the dark and cruel force races towards the surface.
upwards to be met with the thrashing axes and spears of It’s important to understand how excruciatingly
Oakfire’s militia in the fortress’s entrance hall. detailed dwarven pain is. Dwarves have individually
The simplest use of migrants, who’ll turn up to your assessed limbs, each with breakable bone, fat, muscle
fortress in greater and greater numbers as they hear of its and skin. A bone can be broken without breaking the skin.
prosperity, is to draft them into the militia. Multiple Fat can be bruised without breaking a bone.
squads can be formed and patrols scheduled so that The anguished howls of fallen dwarves are heard in
when one squad comes off-duty, another takes over. Oakfire and the bauxite seal is replaced. The tunnel to hell
On this day, in the autumn of the Dwarven Year 253, is locked shut, with confused, panicking dwarves still
Effy breached the portal to hell. It was not a simple trapped inside. On the wrong side of the door, Likot
process. At 158 levels beneath Oakfire, he first reached Naniroddom clutches her baby son. Her husband, Zon
warm stone. Beneath him boiled a heaving ocean of Fererush, is in the meeting hall, oblivious to her imminent,
magma, 20 levels deep, enough to consume all of Oakfire gruesome death. In the vanishing moments before the
several times over. Somewhere beneath that, he tide of violence reaches her and her child, she engraves
supposed, was the underworld. an image of Mayank Sharma holding aloft a bugbat bone
It was traversing this troublesome sea of molten rock armour stand. Oakfire’s only symbol of triumph over the
that raised the problem. The solution? That was found in creatures of the underground. It’s no solace against
the grand pillars of raw adamantine that sounded the what’s to come.
depth of the magma sea, from top to bottom. On the first The militia stand firm in the entrance hall facing the
day of Sandstone, Effy discovers an adamantine seam. He bauxite seal. The seal is blasted open from inside in an
steadies his pick, lifts, and strikes the precious mineral explosion of flame and stone. A surprised dog is fried alive.
once. It collapses inwards. The seam was hollow, an The entrance hall fills with dust, smoke and steam, and
adamantine straw poking up through the fiery ocean from when it clears Oakfire at last sets eyes on the denizens of
the lower depths of Ruspsmata. Effy hears horrifying the underworld. So many denizens of the underworld.
screams coming from the hole. He peers into the The demons rage through the fortress, burning and
darkness before him, turns and runs fast for Oakfire. steaming the population of Oakfire as they go. The
Something is coming up. Remember, losing is fun. fortress is lost. Even a highly trained army of dwarves
There are 29 dwarves in the narrow tunnel. 20 dwarves would fall before a handful of demons. And these demons
are destroyed by the evil rising from the underworld. Not are numbered on the status screen as ‘uncountable’, a
simply destroyed, but torn limb from limb. Their limbs are dizzying quantity otherwise reserved for ants and other
then messily reduced to their constituent parts. vermin. We’ve probably doomed all of Ruspsmata
VERDICT
A group is massacred in seconds. Shashank Sharma,
who’d been looking for plants in the caverns, is now
DEVELOPER: Bay 12 Games

WEB: www.bay12games.com
PRICE: Free
GAMEPLAY 9/10 LONGEVITY 10/10

GRAPHICS 10/10 VALUE 10/10
An unending series of unique dwarf-based adventures,

rendered in the limitless beauty of ASCII. It makes losing fun.
Sexy graphics are coming! Tile packs allow you to leave the purity of the Rating 10/10
ASCII display. For shame, we are judging you

SUBSCRIBE Save money today!
SUBSCRIBE
Sign up today and get this fantastic
STM DRIFTER LAPTOP
BACKPACK
Designed to carry most
15-inch laptops and the
16-inch MacBook Pro,
this 18L backpack is
spacious, comfy, protects
YOUR your devices and is
GIFT! packed with pockets!
WORTH Top features
£89.95 The protective tech cell lifts
out,
Don’t miss ow! your laptop off the bottom of
subscribe n the bag, keeping it away from the
impact zone
Spacious 18L capacity for
books, shoes, clothing and more!
Dedicated tablet pocket is
integrated into the laptop sleeve
3D foam mesh back-panel with
air-flow channel for hot days
Internal power pocket provides
a place to store your charger
Reflective light loop for better
visibility and night safety
SUBSCRIBE NOW!
www.myfavouritemagazines.co.uk/lin/stm1
Call: 0344 848 2852
Overseas
subs on
p65
PLUS: Exclusive access to 1
the Linux Format subs area!
1) Only available to MyFavouriteMagazines.co.uk subscribers.

1,000s of DRM-free
PDF back issues and
articles! Get instant
access back to issue
66 (May 2005) with
tutorials, interviews,
!
features and reviews.
DON’T MISS
Now with 5 ye
ars
&
At linuxformat.com
of Linux User
Develop er
issues
CHOOSE YOUR PACKAGE!

6-MONTH PRINT ONLY ANNUAL PRINT AND DIGITAL 2-YEAR PRINT AND DIGITAL
SAVE!
PLUS! PLUS!
22%
Only Only SAVE! Only SAVE!
£32.50 £72 58% £136 61%

6-month print Annual print and digital 2-year print and digital
by Direct Debit by Direct Debit one-off payment
Terms and conditions: This offer is only available for new UK subscribers. Gift is subject to availability (MSRP £89.95). Please allow up to 60 days for the delivery of your
gift. In the event of stocks being exhausted we reserve the right to replace with items of similar value. Prices and savings quoted are compared to buying full-priced print
and premium subscriptions. You will receive 13 issues in a year. You can write to us or call us to cancel your subscription within 14 days of purchase. Payment is non-
refundable after the 14 day cancellation period unless exceptional circumstances apply. UK calls will cost the same as other standard fixed line numbers (starting 01 or 02)
or are included as part of any inclusive or free minutes allowances (if offered by your phone tariff). For full terms and conditions please visit: www.bit.ly/magterms.
Offer ends 30 April 2020.

WE COMPARE TONS OF STUFF SO YOU DON’T HAVE TO!
Roundup
LibreOffice Veusz Jade Dia LabPlot
Alexander
Tolstoy
is planning to do
what he does
every night,
plotting to take
over the world!
Plotting applications
Turn your numeric data from plain figures into stunning charts, plots and
diagrams. Alexander Tolstoy finds out which plotting tool is the best.
HOW WE TESTED…
These days plotting in Linux

usually starts with an internet
search for ‘best plotting OSS
apps’, this predictably returns a
bunch of decent reviews. They
are good, but we have decided
to shift the focus towards
beginner-friendly applications
that provide an easy-to-use
graphical interface. With this in
mind, we’re not including such
respected packages as Gnuplot
and Ggplot2 in this Roundup.
Instead, we’re putting powerful
and mature WYSIWYG suites
(LibreOffice and Veusz) against
Jade, the promising project
that rivals MS Visio, as well as
the classic diagramming app
that’s been around for ages
(Dia), and also LabPlot – the
very decent tool for data
analysis and plotting. here are several approaches to data We’re going to evaluate how our contenders
The term ‘plotting’ is wide
enough to be handled in many
T visualisation that differ in the level of
scientific complexity. However, you
perform with CSV handling, drawing custom
plots, block schemes and diagrams, and also
different ways, but in this don’t have to be a scientist to visualise some what it takes to get used to them and take a
Roundup we’ll mainly look at simpler things in life, like kids’ school right step towards being proficient in plotting.
ways of turning numeric data (downward spiral?–Ed) performance or There is some additional intrigue in this
into aesthetically pleasing money spending. As such, we’ll leave powerful Roundup due to the fact that participating
plots, charts and diagrams systems as MATLAB aside and give more apps come from different categories:
without going too scientific favour to WYSWIG tools and editors. LibreOffice is a classic desktop productivity
– although advanced data- Finding a perfect balance between a rich suite, Veusz and LabPlot are very scientific,
processing features are set of features and a novice-friendly GUI while Dia and Jade have many vector-editing
always a bonus. sometimes sounds alike an impossible features. We will also be looking at the
mission, but we feel that some of our interoperability of each app and ways of
contenders come very close to perfection. exporting and sharing our plotting results.

Plotting apps ROUNDUP
Ease of
installation
What does it take to get the
applications up and running?
A
lthough this test is not directly data-related, it is a crucial
factor, because the availability of an application is key to
its adoption by the general public. LibreOffice is an
undisputed benchmark of perfect app availability. Many Linux
distributions make it available right after installation. Check the Jade is a nice drawing app, but it takes some time (and requires editing the jade.pro
Office section of your application menu to see if it is already there. file) to successfully compile the application.
If not, install it via a package manager or a software store.
Veusz is more niche, and it’s sometimes necessary to search Jade app, and the Libjade shared library it depends on. Firstly, you
for third-party Veusz packages. Nevertheless, the official Veusz need to compile Libjade using Qmake and a standard set of Qt5
website offers a rich selection of builds for various platforms, build dependencies. Then you grab the Jade source code and
including an assortment of Linux and BSD systems, so it’s not a build it the same way. Jade looks for Libjade in /libjade/lib, which
problem to install. means that you need to download and put both projects side by
The situation is even better for LabPlot. Being a member of the side. So while there’s nothing too challenging in installing Jade for
KDE family, this application is available almost ubiquitously. Just tech-savvy users, many inexperienced with compiling from source
in case, the official website lists helpful links in the Download will likely find it a serious obstacle.
section for nearly all mainstream Linux flavours.
VERDICT
Dia boasts excellent availability as well. It’s been around since
the late 90s, and many if not all Linux vendors include Dia out of
the box or keep it available in standard repositories. The only
minor issue is that the official Dia website offers a very limited set LIBREOFFICE 10/10 DIA 9/10
of download options and recommends outdated packages, so it’s VEUSZ 9/10 LABPLOT 8/10
better to search for Dia in the stock repositories of your distro. JADE 4/10
The only contender that requires more efforts to install is Jade. If you manage to get Jade up and running, you’ll probably have no trouble
This is a small, one-person project that consists of two parts: the with the rest of apps.
Ease of use
Will novice users feel welcomed?
F
or years LibreOffice has been promoted as an alternative
to Microsoft Office, which in turn is a widely adopted
desktop software suite. Using advanced features of Excel
and Calc does take some time and effort, but we must admit that
drawing plots and diagrams in Calc was really a piece of cake, and
those plots looked quite nice!
Veusz is also very interesting. This is a specialised plotting and
data analysis application that feels quite complex. However, it has
an unmatched built-in tutorial that runs (upon your agreement) Before dealing with complex and time-consuming 3D plots, start with simpler
right after the first launch. The tutorial involves animations and things and let the built-in Veusz tutorial guide you.
widget highlighting implemented directly in the Veusz interface,
allowing you to learn complex things from scratch in minutes. We conveniently. As such, if you just want to experiment with simple
really wish other scientific software could implement the same diagrams and plots by drawing them directly onto the canvas,
tutoring approach. For instance, LabPlot uses the same ‘project’ then go with Jade.
metaphor as Veusz and features a similar tree of hierarchical
VERDICT
objects, but it takes substantially more effort to get used to it.
Dia is a very simple software, with most of its features
displayed at your reach, but it uses the legacy floating-window
mode, which is annoying. Run it like $ dia --integrated to get the LIBREOFFICE 9/10 DIA 8/10
single-window mode and the much better experience. VEUSZ 8/10 LABPLOT 5/10
Ease of use is Jade’s stock in trade. We suspect that the reason JADE 10/10
behind creating Jade was primarily to get things done quickly and Go with Jade for simple drawings, and don’t miss the built-in tutorial in Veusz!

ROUNDUP Plotting apps
CSV handling
What can you make
from CSV tables? LibreOffice 10/10 Veusz 9/10
C
LibreOffice is a large office suite with many Veusz is a nearly perfect solution for the
omma-separated values (CSV) components, but since we’re talking here visualisation of CSV data sets, but this
is an extremely popular format about CSV, the point of interest is comes at the cost of doing many things
for interchanging numeric LibreOffice Calc, the suite’s spreadsheet manually. First you need to import your
data. Being just a plain text file, a CSV application. Calc can open CSV files with CSV as a data set via the Data > Import
document stores tabular data using a ease. There is an import wizard that lets menu. Choose a delimiter, locale and
comma or any other character as a you define the custom separator (if it’s not set other CSV-related parameters. Pay
separator. Each line is a record or a a comma), encoding and whatnot. Once attention to the Direction field, as it allows
table row. We find that it’s crucial for a you see a readable table, make sure that you to choose columns or rows for
plotting app to be able to turn dull CSV numbers in cells have the Numeric format creating the data range. Import the file
figure into a compelling graphic image. (yes, that is not always true). After that, twice using different directions if unsure.
Despite the fact that our approach select the range of the table with data and Next we need to draw a chart, and it
includes both scientific and office-like go to the Insert > Chart menu. The Chart seems to be a more time-consuming job
apps, this should not be a problem. For Wizard will appear, and you’ll be able to than inserting a chart in Calc. On the left
instance, Microsoft Visio enables you to define chart type, data range, data series pane there’s a document node tree. Add
connect numeric data to its drawings and chart legend. the ‘graph’ element to the page (use the
and display several information views Calc has 10 different chart types, some Insert menu), then select ‘graph’ and
at once. Consequently, we want to of which can be also turned into the 3D choose Insert > Add xy. Now you can link
compare our five contenders in terms of mode. The data range is also very data to the X and Y axes using the options
CSV handling and see what diagrams important as it enables you to choose if panel below. You’ll need to insert more ‘xy’
they can draw from them – whether the data series is in columns or rows – this elements to make several CSV rows
they are fanciful, easy to read and so on. affects the core meaning of a chart. displayed at a time.
Data analysis
How can they analyse your data?
S
ometimes you receive raw data that needs to be Statistics, Analysis of Variance (ANOVA), Correlation, Covariance,
processed before plotting. In Veusz, look under the Exponential Smoothing, Moving Average and some tests as well.
Data > Operations menu and find lots of options for Working with a spreadsheet in Calc, you first need to define the
manipulating data sets. Joining, merging, finding the average, data scope – simply select cells that you want to analyse, and
filtering and many more are available. Some plots in Veusz are then choose an option under Data > Statistics. Once again review
analytical by nature, such as the covariance (say what now? – Ed) the input range and select the output cell – either by writing its
plot or the vectorfield plot. position or clicking the cell with your mouse.
LabPlot seems to be even stronger in terms of analytics. It can Dia and Jade don’t have means of data analytics, although they
perform linear and non-linear regression analysis, numerical don’t even claim to be scientific packages.
differentiation and integration, data smoothing, Fourier filtering
VERDICT
and more (see the Analysis menu). Given that LabPlot supports
integration with different open-source computer algebra systems
(CAS) like Maxima, Octave etc., it is simply a heaven for scientists
who work with big amounts of data! LIBREOFFICE 7/10 DIA N/A
A comparable set of data analysis features can be found in VEUSZ 9/10 LABPLOT 10/10
LibreOffice as well. This time again we’ll need LibreOffice Calc and JADE N/A
some numeric data organised in the form of a spreadsheet. Look Big data processing is best done in LabPlot and Veusz. Choose LibreOffice for
under the Data > Statistics menu and find Sampling, Descriptive more lightweight analysis tasks.

Jade N/A Dia 3/10 LabPlot 5/10

There is not much we can say about Dia is a tool that’s been made for drawing LabPlot is an extremely powerful scientific
CSV support in Jade simply because clock schemes and logical plans, which package for data analysis. It can apply
there isn’t any. Jade is a one-person is why it has lot of features for manual maths functions, perform approximation
project that focuses on manual plotting, drawing and nothing for data analysis. and do many other things with data sets.
which means that you need to visualise However, there is small third-party However, fanciful graphics is not
your data elsewhere and then redraw it extension for dealing with CSV files called something LabPlot can do with ease.
from scratch in Jade. Organization Chart Plugin For Dia. This is There is a decent and well-established
The vector-editing features that are a Python 2 plugin that you can place in mechanism for plotting in LabPlot. Start
available in Jade are very strong and ~/.dia/python and enable basic CSV by importing your data – select File >
enable you to draw curves and polylines, plotting. After that, check if the module Import > From File and load your CSV into
add axes, labels and so on. is detected and enabled and then just a new book. Next, right-click on the
Jade also provides some settings open a CSV file. spreadsheet and select Plot Data. Define
related to diagram editing. Go to File > The CSV support is very basic indeed, what columns will be connected to what
Preferences to change the default canvas since the only thing it can do is draw a axes and press Plot.
background from graph paper to hierarchical chart based on CSV rows. This LabPlot can draw standard XY plots
something else, change spacing and grid requires a specially prepared CSV, where and histograms connected to books and
colour etc. Right now that’s it, though, and the first row is the top level of the tree and worksheets and also lets you modify plots
currently there is nothing that even slightly the following rows are branches. after they are created. However, the focus
resembles CSV data import in Jade, but Importing another sort of CSV data, is definitely on the data content and
since it is a young and promising project, for example one where parameters are accuracy, not aesthetics, so in this regard
the situation can still be improved at some compared against each other, will result LabPlot is certainly a lot less eye-catching
point in the future. in Dia drawing an irrelevant chart. than LibreOffice.
Drawing capabilities
How do they handle drawing tasks?
I
n many cases plotting is assumed to be the same as However, nothing compares to the marvellous Dia, a program
drawing schemes and plans, which is very close to what designed specifically for drawing schemes and diagrams. Dia’s
vector-graphics editors do. Still, it’s always good to have tools help create structured diagrams in minutes, and you also get
an application that can properly connect boxes with arrows, a vast assortment of ready-to-use shapes from the Dia gallery.
automatically add text captions to drawn objects, and so on. In Our last (but not least) contender is LabPlot, which lacks direct
this regard most of our plotting apps performed very well. drawing tools – this is strictly a data analysis tool intended for
LibreOffice has a dedicated part with a simple name, Draw, for visualising maths formulae and numeric data. Therefore we
doing vector graphics with some advanced features like recommend everything but LabPlot for drawing plots and
connectors, object aligning, node editing and more. diagrams by hand.
Veusz is all about graphs, but it also lets you draw lines,
VERDICT
rectangles, polygons and ellipses. Drawing isn’t the primary
feature of Veusz, but you can nevertheless do a some basic stuff
with it.
In terms of drawing, Jade is more advanced than Veusz. LIBREOFFICE 9/10 DIA 10/10
Although it is still quite basic and simple, this app is ideal for quick VEUSZ 5/10 LABPLOT N/A
plots and graphs made by hand. In Jade you can manipulate JADE 8/10
objects just like in a vector editor, but with a focus on diagrams If you have LibreOffice, you’ve probably already got a powerful vector-
and blocks. drawing app.

ROUNDUP Plotting apps
Extensions
Can you add extra features to
the beloved plotting app?
T
he website https://extensions.libreoffice.org website
hosts hundreds of extensions, some of which are related
to charts, plots and diagrams. For instance, there is a
fanciful SmART Gallery extension with a bunch of colourful chart
templates, an extension to extract X/Y axes from scanned graph
and more. LibreOffice can be used for various different plotting Dia has a plugin-based architecture, but most of its plugins are already bundled
means, such as drawing guitar chords, building diagrams with with the default installation.
chemical engineering symbols, etc.
Veusz can also be extended with extra plugins that you can add already includes an impressive amount of features. Still, it could
in Preferences > Plugins. However, there are not many ready-to- be even better if it offered extensions and plugins that people
use plugins in the public domain. Instead, you are encouraged to would install at their discretion.
create your own Import, Tools and Data Set plugins using Python Only LibreOffice has a decent amount of extensions, while
– luckily a tutorial is provided by the Veusz project. other contenders only provide a capability to attach it.
As for Dia, this app was engineered with plugins in mind, but
VERDICT
most are included in the default bundle. There is a tiny repository
at https://github.com/sdteffen/dia-plugins with three extra
Python plugins (charts, length calculator and object rotator). It is
possible to write your own plugins for Dia, and let’s not forget the LIBREOFFICE 9/10 DIA 5/10
catalogue of shapes and templates available from the Dia website. VEUSZ 5/10 LABPLOT N/A
We didn’t expect to find third-party functionality for Jade, but JADE N/A
we were surprised to find that there are virtually no plugins for If you’re familiar with Python, create your own custom extensions for Veusz
LabPlot either. LabPlot is a fully-fledged thing as it is, and it and Dia, or just use the rich catalogue of super-useful stuff for LibreOffice.
Documentation
Where you can learn how to use it?
T
here is a wide selection of guides for each component of
LibreOffice, including the 550-page book on Calc and
242-page book on Draw (PDFs available). Plus, given the
very wide adoption of LibreOffice, you can find numerous third-
party tutorials and guides, including video tutorials on plotting
(find it on YouTube), a countless number of high-quality Stack
Overflow answers, Wiki pages, and much more. If you have a
question on getting started with plotting, there are plenty of
comprehensive answers with examples from proficient users.
Veusz is a smaller project, but it has a very decent Veusz
Documentation PDF book, and a number of very helpful YouTube LabPlot is powerful and definitely worth studying. If only it offered more helpful
videos from other parties. Creating graphs and studying plots in guides and materials!
Veusz are both well-examined and reviewed by other people, so
it’s quite easy to learn how to do complex things if you’re a started with. We managed to find the LabPlot Handbook on a
newcomer. Once again, we also want to praise the striking built-in third-party website, but it was outdated material (for LabPlot 1.6
tutorial that answers a lot of question for novice Veusz users. from 2007) with very basic descriptions and few examples.
Dia is quite an easy application to get used to without studying We won’t accuse Jade of a lack of documentation (oh, we won’t
auxiliary materials, although self-education is still possible thanks will we!?!?–Ed) as it is a small project, but LabPlot is a very solid
to the comprehensive Dia Manual PDF available from the project’s software with many contributors, and it should provide a better
website. The manual is a source of precious knowledge on support for its users.
VERDICT
working with vector graphics in general, coding in SVG, working
with complex shapes, etc. A good source of inspiration is a public
catalogue of diagrams in the Dia format that you can download,
open and examine. LIBREOFFICE 10/10 DIA 8/10
As for LabPlot, it requires good documentation, yet the VEUSZ 9/10 LABPLOT 3/10
appropriate section in the LabPlot website says ‘coming soon’. JADE N/A
That’s not good for a complex app that is not really easy to get It is assumed the LabPlot audience can set up their workflow without aid.

Plotting applications
The Verdict
T
he results are largely as expected, since we reviewed our
plotting apps with many criteria. LibreOffice may not be
perfect in certain areas, such as data analysis and ease
of use, but after putting all considerations together it beats all the
other contenders by a solid margin. LibreOffice has been one of
the best and most advanced examples of open source software
for many years. It was already unmatched not only in the days of
OpenOffice (mid 2000s), but also in the earlier days of its parent,
1st
StarOffice (mid 1990s). LibreOffice’s plotting capabilities are
spread between Calc and Draw components, with the first one LibreOffice 9/10
targeted at working with numbers and the second being a
powerful tool for drawing business graphics. Web: www.libreoffice.org Licence: MPLv2.0 (secondary license
Veusz comes second, mostly due to the fact that it does not GPL, LGPLv3+ or Apache License 2.0) Version: 6.4.0
have many available extensions and provides very limited The most complete plotting solution so far that covers most usual needs.
2nd
drawing capabilities. Still, it is a very strong, well-documented
and feature-rich solution for conducting scientific research, Veusz 8/10
plotting complex 3D scenes, maths formulae, combining several
data sets in one plot, analysing numeric data and more. Veusz is Web: https://veusz.github.io Licence: GNU GPLv2+
not the easiest app we’ve seen here, but the built-in tutorial Version: 3.1
compensates for that. There are great examples of Veusz A perfect solution for scientific plotting. Requires some efforts to get used to.
3rd
projects available online, so that one can start learning Veusz by
opening one of them and examining it (our favourite is that Dia 7/10
spectacular wavy 3D sample).
Dia comes in third, which means that if you just need to draw Web: https://wiki.gnome.org/Apps/Dia Licence: GNU GPLv2+L
diagrams, plans or block schemes, nothing can be more Version: 0.97.3
comfortable than this robust tool. Dia is easy to install and grasp, If plotting for you means making diagrams and charts, then choose Dia.
4th
and its drawing tools are nearly perfect.
In fourth is LabPlot, which is strange because it can do various LabPlot 5/10
high-profile scientific tasks that Dia is incapable of. LabPlot can
draw super-fancy curves based on mathematical functions, Web: https://labplot.kde.org Licence: GNU GPLv2+
process and analyse data, and maintain even very complex Version: 2.7.0
projects that are very readable and easy to deconstruct thanks to A poor result considering its advanced scientific and plotting features.
5th
the clean project-style tree. However, there are no extensions or
drawing tools in LabPlot, and it lacks decent documentation. Jade 4/10
As for Jade, we recommend this small app for quick projects
where you need to draw few plots and export them in SVG, PNG, Web: https://github.com/jaallen85/jade Licence: GNU GPLv3
ODG or VSDX. It’s very easy to use, but it lacks any of the more Version: 1.2.0
advanced features. Right now Jade can’t compete, but it’s still very useful for quick drawings.
ALSO_CONSIDER
We’ve covered the most advanced plotting applications that Another scientific plotting option is Matplotlib, a Python
provide a user-friendly GUI to its users. However, there are library that should be used via scripting. If you are familiar with
other plotting apps that are often recommended for plotting the Python syntax, you can produce high-quality 2D and 3D
task, but have a different way of being used. Have a look at plots and charts ready to be published as a hard copy.
Gnuplot, a scriptable plotting tool that can generate stunning That’s not everything – some people prefer LaTeX as a
2D and 3D images. The main benefit of Gnuplot is that you can universal publishing system, others stick to R because of its
integrate it with your Perl, Python or Ruby scripts, use it for developed tools for statistical computing. Tell us what’s your
batch processing, or in interactive mode. favourite plotting app at [email protected].

VIRTUALISE
ALL THE THINGS
Fed up with breaking Linux installs, and Linux
installs breaking him, Jonni Bidwell looks to
virtualisation to ease his very real woes.
W
ithout virtualisation, life at that the team had to wrangle, all the you don’t need to worry about breaking it
Linux Format towers would be while living the wild lifestyle encouraged – anything you do can be undone, and no
a lot more complicated. by the heady golden era of dead-tree one will come at you with pointed
Testing the DVD would be a publishing. Back then tech journalists questions/sticks if it breaks.
nightmare, reviewing new distros would were made of stronger stuff. For beginners, a virtual machine is
require us to wipe the machine on which Nowadays things are much more a great way to try Linux. You can run
we installed last issue’s distros, and if we straightforward. If you want to try a VirtualBox for free on Windows or macOS.
wanted to test new software on different new OS, or even if you just want to do If you’re already running Linux you may
distros, we’d probably need yet more something a bit crazy with your current prefer to use Red Hat’s Virtual Machine
hardware and yet more time. Yet if you one, all you need do is fire up a virtual Manager, which uses QEMU (an emulator)
rewind back to the late Mesolithic LXF machine, and within minutes you have a and KVM (Linux’s powerhouse of a
age – the early 2000s – these were device that for all intents and purposes hypervisor) behind the scenes. Whatever
exactly the kind of hardware logistics behaves like a regular computer. Only your tastes, we’ve got something for you.

Virtual machines
Virtualisation 101
Nobody can tell you what virtualisation is – you have to
experience it for yourself. Or you could just read this…
V
We use only virtual
penguins to test
irtualisation has been around since the 1960s.
our disc now –
Of course, computing then was all done on
mainframes and OSes were a lot different, ever since that
so it’s harder for youngsters to get their trendy heads ugly uprising six
around how this worked. The idea then is essentially the years ago.
same as it is now: compute resources were to be
shared (fairly) amongst users in such a way that
concurrently running jobs would not interfere with one
another. Operating system kernels used to be called
‘supervisors’, and each separate job was more or less
its own entity (today we expect our OSes to multitask
programs as a matter of course, but this wasn’t the
case back then). So the underlying OS which governed
these jobs was referred to as a hypervisor, a term still shipped with these hardware virtualisation extensions.
used today. And they have evolved to enable not only faster
Modern hypervisors such as Xen and Microsoft’s virtualisation, but deeper too, with hardware interrupts,
Hyper-V are thin OSes that run on bare metal with the memory management units (MMUs) and onboard
sole purpose of hosting guest VMs strictly and securely, graphics – via Intel’s iGVT-g on Iris Pro graphics –
much like the time-sharing schema of the mainframe now being virtualisable.
days. These are called Type-1 hypervisors, which It’s even possible to blur the boundaries between
correctly implies the existence of Type-2 hypervisors. physical and virtual; actual hardware can be handed off
The latter, exemplified by VirtualBox, Parallels and to a virtual machine and used seamlessly. A popular
QEMU run on a regular operating system and are example of this is running a Windows 10 VM with a
probably more familiar to everyday users. Things are second (usually high spec) graphics card. This trick,
not binary, though; the Linux’s KVM (Kernel-based known as PCIe passthrough, enables Linux users to
Virtual Machine) doesn’t fit nicely into either category, play AAA games at very close to native speeds. PCIe
since it turns the kernel into something like a Type-1 and the general area of Virtual Function I/O (VFIO)
hypervisor, but the host OS still runs as intended. require different CPU extensions, called VT-d on Intel
In 2006, Intel and AMD started shipping processors and AMD-Vi on AMD. Some of Intel’s overclocker-
with, respectively, VT-x and AMD-V extensions. These focused chips (the ones ending in K) lack these.
enabled operating systems to run virtualised without One new project worth keeping an eye on is Looking
modification, in contrast to previous approaches such Glass (https://looking-glass.hostfission.com) which
as paravirtualisation (which modified the OS to run in a aims to streamline passthrough setup for Windows
guest environment) or complex software workarounds. VMs. In particular, the need for a separate monitor
Since then, virtually (ahem) all desktop CPUs have and keyboard is obviated.
VIRTUALISATION, EMULATION AND CONTAINERISATION

It’s easy to confuse virtualisation and emulation. Both are a virtualise architectures that are similar. Around a decade
piece of software masquerading as a machine, and both have after the virtualisation revolution, a new technology emerged:
been around for a long time. In one sense virtualisation is just containers. These were popularised by Docker in 2013 and
a special form of emulation. On Linux, we can emulate lots of bring many of the benefits of virtualisation (isolation,
hardware; for example, a Raspberry Pi with QEMU, an Amiga efficiency), but use the host’s kernel, obviating the need to
with UAE, or a Sega Megadrive with BlastEm. We can also run a whole guest operating system.
emulate software, using DOSBox or Wine (we know, Wine Containers can be seen as OS-level virtualisation, as
isn’t an emulator – arrest us) for example. opposed to machine-level. Since a container need contain
Emulation recreates everything in software, translating only the libraries required to run a particular application, they
or rearranging foreign code into something the host can are eminently portable. They also provide a neat solution if
understand. Virtualisation differs in that the guest code that application only works with a particular version of a
runs directly on the host, which means it’s faster (although library. In the same way that Qubes OS runs applications in
sometimes other hardware still has to be emulated which different VMs, OSes like Container OS (formerly CoreOS
makes it slower again), but also means it’s only possible to Linux) and RancherOS run everything in containers.

Virtual machines
VirtualBox beginnings
Learn the basics of virtualisation no matter which OS you’re
running, or which OS you want to try.
O
ne of the easiest ways to fire up your first
virtual machine is with Oracle’s VirtualBox.
This is free (GPL2-licensed) software available
for Windows, macOS and Linux. Mac and Windows
users should download it from https://virtualbox.org,
and Linux users should install it with:
$ sudo apt install virtualbox
It looks and works the same for all platforms, so
no matter what your OS (or which OS you want to
virtualise), you can make use of our handy six-step
guide opposite. If you’re stuck for a distro to try, why
not copy the Solus or OpenMandriva ISO files off the
LXFDVD? If you were to tell VirtualBox to use it straight
from the disc things would be awfully slow. Setting up a bridge network (so your guest appears as a separate host
If you find yourself stuck in fullscreen mode, use on your LAN) is easy, and so are all these other network configs.
Right Ctrl+F to return to windowed mode. If you find
yourself with a mouse cursor trapped in the guest the optical disc) and tick the box. It’s possible to change
window, just press the Right Ctrl key to escape. Most the type of controller presented to the VM from here,
Linux distributions today support seamless mouse but generally speaking the defaults (PIIX4 for the IDE
integration, so the latter shouldn’t happen to you – controller the optical drive is connected to, and AHCI
taking the mouse past the edge of the screen in the for the SATA controller) are better supported.
guest should relinquish control to the host. VirtualBox 6.1, released in January, introduced
VirtualBox tweaks
experimental support for virtio storage, which means
VirtualBox doesn’t have to waste CPU cycles emulating
It’s straightforward to fire up a VM, but let’s look at a disk controller. This should work well for Linux
some of the options VirtualBox provides to make your distributions at least, but will require a driver to be
virtual life as smooth as your real one. First of all, if you added to a Windows VM. We’ll discuss the ins and outs
store your virtual drive image on a traditional spinning- of virtio over the page when we meet QEMU.
rust hard disk, I/O-heavy workloads will be very slow The most common thing people want to do is speed
and you’ll probably notice a lot of disk activity while up graphics performance. The new default graphics
they’re underway. For such tasks, and indeed if you’re controller in VirtualBox (VMSVGA, actually borrowed
brave enough to run a Windows VM, your life will be from VMware) should work well enough for Linux
markedly better if you store the image on an SSD. guests. If you have older VirtualBox VMs lying around
If you don’t have one, or don’t have space on one, you may want to update them to use the new controller.
you might be able to eke out some extra performance Virtual Windows may work better with the VBoxSVGA
by enabling the host I/O cache for the VM. Select your driver. There shouldn’t be any reason to use the old
VM from the column on the left, hit the Settings button VBoxVGA driver these days, unless you’re running or
on the toolbar, select the disk image (the VDI file, not trying to virtualise very old distos.
You’ll find the Graphics Controller options in the
Display section of the VM’s settings dialogue. The
default Video Memory allocation is only 16MB, which
is fine for testing out a Linux distro at sub-1080p
resolutions, but for more serious work you’ll want
to boost this. The aforementioned virtual SVGA
devices emulate enough of a graphics card to expose
basic OpenGL primitives and some 2D acceleration
capabilities – but you’ll have probably noticed there’s
a box for 3D Acceleration too.
If you use this, all the OpenGL capabilities of the
You’ll also find
VirtualBox in the
host will be available on the guest. The name is a little
Ubuntu Software
confusing, because lots of desktop effects which look
Centre. It’s not
very two-dimensional rely on 3D extensions. Linux Mint
really proprietary, under VirtualBox, for example, will tell you it’s using
don’t worry. software rendering until the 3D box is ticked.

Virtual machines
OPEN THE VIRTUALBOX!
1 Get ready
Download VirtualBox, as described opposite, and fire it up. 2 Create your VM
Hit the New button in VirtualBox’s toolbar. We’ll use the
By default new VMs are stored in your home directory, so make Solus ISO which we copied from the LXFDVD – feel free to use any
sure there’s some room to play here – or else be aware that you’ll distro you like, though. Give your VM a name, set the Machine
need to manually specify a different location. A desktop Linux Type to Linux and the Version to whatever is appropriate. The
install that starts at 5GB will very easily grow to 10GB. 32-/64-bit selection is important here.
3 Allocate memory
How much memory you allocate to your VM depends on 4 Sort out storage
We’ll need some storage for our VM. Modern Linux distros
how you want to use it and how much RAM the host machine has. tend to be fussy about installing to anywhere with less than 10GB
Modern desktops and applications such as web browsers will of space, and if you can spare it then allocating more is a wise
happily chew through 2GB, whereas booting to the console idea. Choose ‘Create a virtual hard disk now’ (unless you just
requires very little. If you allocate too much memory to your want to run a Live disc) to begin the process.
VM, host performance will suffer.
5 Tweak storage
Choose the default VDI storage. These files can be fixed or 6 Lift off!
You’ll need an ISO image to boot your machine. Go to
dynamically sized, up to a given maximum. Dynamic storage is Settings > Storage and select the optical drive, click the tiny disc
obviously much more flexible, and these days you’re unlikely to drop-down on the right and select Choose Virtual Optical Disk File
notice the increased I/O overhead, so go with that. You can (sic). Locate your ISO, click OK, then hit the green Start arrow.
specify the file’s location with the tiny icon to the right. Chocks away!

Virtual machines
QEMU and KVM

Dig deeper and build your own virtual machine at the command
line using the power of Linux.
V
irtualBox is all well and good, but there are because powerful servers could house multiple VMs –
other options. Some people don’t like using saving resources, increasing portability and generally
Oracle software, and in the past the guest making merry. Workstation Pro is VMware’s commercial
extensions (which enabled graphics acceleration and offering, and of course there are Hyper-V, Xen and other
shared clipboards) were not freely licensed, meaning proprietary tools that have revolutionised infrastructure
they couldn’t be bundled by distros and had to be management. One consequence of this is the rise of
installed separately. cheap VPS (virtual private servers) from the likes of
This is no longer the case and most distros now Digital Ocean and OVH. These are a great way to see
ship with the required host and guest modules – what remote server administration is all about.
but occasionally, host and guest modules become The Linux way of doing virtualisation is a tale of two
mismatched (if a guest distro includes older modules cities: KVM and QEMU. KVM is the hypervisor part and
than the host is running, for example) and they must enables the kernel to access the virtualisation functions
be installed manually. These can be installed – on all of the CPU; QEMU is the userspace utility that talks to
platforms – in a running VM by selecting Install Guest this and emulates virtual hardware. KVM has been
Additions from the Devices menu. A virtual CD will be ported to many architectures and is today running on
inserted and you’ll find a Linux script to build and install Arm, IBM s/390 mainframes and MIPS. QEMU is an
the modules, as well as Windows and Mac executables. emulator, and we’ve already talked about emulation and
Anyway, we digress; we were supposed to be talking virtualisation being different animals – but we’ll see later
about VirtualBox alternatives, not providing helpful that the amount of actual emulating QEMU has to do
advice. So, there’s the free (but not open source) can be reduced to almost zero.
VMware Workstation Player, which is fine for running a QEMU is a command-line affair, but as Linux
single machine on a desktop and from a user’s point of aficionados or budding CLI warriors we won’t let that get
view works much the same as VirtualBox. However, the in our way. Installing QEMU is just a matter of:
virtualisation revolution happened not because people $ sudo apt install qemu
could run clunky desktop operating systems windowed To deploy our first VM we first need to create a file
in another clunky desktop operating system, but that can be used to back the virtual storage. QEMU
VIRTIO
supports a number of formats for this; a raw image is
the fastest, but the modern qcow2 format is not slow,
is more resilient to disk or power failures, and supports
snapshotting. So let’s use it to create a 10GB image:
We mentioned that QEMU’s job in the QEMU/KVM duality is to $ qemu-img create -f qcow2 lxf.qcow2 10G
emulate hardware, and we’ve alluded to the fact that this is a The qemu-img command can also convert, resize
relatively slow process. So rather than emulate such things, it makes and do all kinds of other things with disk images, so
sense to tell the virtualised OS that it is thus, and that the hardware check the man pages for more. As with VirtualBox, we
it can see is not real. In this way we modify the OS (or in this case its need some sort of installation medium to begin. This is
device drivers) and have the hypervisor present abstract an opportunity to grab an ISO file for a distro you’d
paravirtualised hardware, which both sides conspire to handle otherwise be scared to try on bare metal (go on, try
nicely. The framework KVM uses for this sourcery is called virtio,
and its drivers enable paravirtualisation of block devices, video
cards, network devices and the interestingly named balloon device
(used for memory management). The virtio drivers need to be
installed on the guest, but have been part of the Linux kernel for
a long time – so for Linux guests no action is required:
$ qemu-system-x86_64 -drive file=lxf.
qcow2,format=qcow2,if=virtio -vga virtio -net nic,model=virtio -m
1G -enable-kvm
If, in the guest, you run
$ lspci
you’ll see your VM now has a virtio-powered video, Ethernet and
SCSI disk. In order to take advantage of the improved imaginary
video device you’ll need to install a desktop environment, which
you can do with:
$ sudo apt install ubuntu-gnome-desktop QEMU doesn’t look like much at first, but it’s incredibly powerful and
enables you to perform destructive actions with no risk of reprisal.

Virtual machines
Linux From Scratch, how hard can it be?), but we’ll be a

little beige about it and try out a daily Ubuntu Server
20.04 image. You can grab such a thing from http://
cdimage.ubuntu.com/ubuntu-server/daily-live/
current.
Now we can commence installation, adjusting paths
for the install medium and qcow2 file if they are not in
the current directory:
$ qemu-system-x86_64 -cdrom focal-live-server-
amd64.iso -boot order=d -drive file=lxf.qcow2 -m 1G
By default QEMU assigns only 128MB of memory for
its machines, which it turns out is nowhere near enough
to boot Ubuntu. The -m option at the end assigns 1GB,
thus remedying this. A window should open, which you
can click in to navigate through the setup questions.
By default QEMU provides NAT and DHCP services
and will set up the VM with an IP address of the form
10.0.2.<number>, which should work fine. We then Once the virtio
drivers were
installed, we added
went with the ‘Use Entire Disk’ option to avoid needless to access services on the host (at the address 10.0.2.2),
2GB of GNOME
partitioning. Ubuntu can automatically set up SSH for but not vice versa. Communication between different
you, which generally is A Good Thing™, but we’ll see later guests is also not possible in this configuration. We goodness to our
that host-to-guest networking with QEMU is tricky. It could delve into the ins and outs of setting up a tap Ubuntu Server
also offers you a list of popular snaps, so feel free to device (a virtual network interface) or host-only 20.04 VM.
install anything you think might be interesting. You may networking, but since we’re going to talk about Libvirt,
want to increase the 1GB of memory and enlarge the which makes all these things effortless, we’ll defer to the
image file if you plan to have your VM do anything Arch Wiki page on QEMU, in particular the lengthy
vaguely onerous. Networking section. See https://wiki.archlinux.org/
While the install is underway, or whenever the QEMU index.php/QEMU.
window is open, you can press Ctrl+Alt+2 to show the If you really want nothing more than to have a VM
QEMU monitor, which allows you to assess the state of that’s easy to SSH into, you can use QEMU’s bridge
DON’T FEAR THE EMULATOR

QEMU. Do this and then type info kvm to see whether
KVM is being used. You’ll probably find it isn’t, in which
“QEMU is an emulator, but we’ll

case we’re emulating a machine, not virtualising one.
Oops. That goes some way to explaining the slowness,
see that the amount of actual

and it takes only a command line switch to activate
KVM. Use the menu or Ctrl+Alt+1 to return to the VM.
emulating it has to do can

Once the install has completed, shut down the VM. It
does offer to reboot, but go to the Machine menu and
be reduced to almost zero.”

hit Power Down instead. As the title bar tells you, use
Ctrl+Alt+G to ‘escape’ the mouse from the VM’s window
if it’s stuck.
Now start the machine with the correct invocation:
$ qemu-system-x86_64 -drive file=lxf. helper to help you (for a wired connection). This involves
qcow2,format=qcow2 -m 1G -enable-kvm creating a file called /etc/qemu/bridge.conf,
and log in with the credentials you invented earlier. consisting of a single line:
Ubuntu will tell you its IPv4 and IPv6 addresses, but if allow bridge0
you try to SSH in from the host, you’ll find it doesn’t Now we must create the bridge, add our Ethernet
work. QEMU’s default network setup enables the guest connection (enp3s0 in our case) to it, and connect it to
the outside world. If your distro uses NetworkManager
(it probably does) then it’s best to do this with nmcli
rather than the lower-level ip commands:
$ sudo nmcli connection add type bridge ifname
bridge0 stp no
$ sudo nmcli connection add type bridge-slave ifname
enp3s0 master bridge0
$ sudo nmcli connection up bridge-bridge0
Then start QEMU with:
$ qemu-system-x86_64 -drive file=lxf.
qcow2,format=qcow2 -m 1G -enable-kvm -net nic -net
bridge,br=bridge0
This means your VM will join the same network as the
host and get an IP from your home router. The same
thing can be achieved in a VirtualBox VM by visiting the
If you run into bridging difficulties, it’s easy to delete everything and network settings and changing the adapter type from
start again from the Network settings area. NAT to Bridged Adapter.

Virtual machines
Into the libvirt

Putting all the pieces together, we show you how to make your
virtualisation faster, easier and safer.
Y
ou might gather by now that QEMU virtual disks or create pools), networking (no messing
incantations can get quite unwieldy once you around with handcrafting network bridges) and,
start avoiding defaults – so it’s common for naturally, can create, start and stop VMs. To some
people to store these in a script, or use some kind of extent it also abstracts the user out of the business of
frontend for QEMU. The modern way to wrangle this is running the VMs, and this is generally good.
with Red Hat’s Libvirt. This isn’t a frontend – we’ll meet Suppose we were running a VM in our favourite
Virtual Machine Manager soon, which is – but rather an desktop environment and something crashed, forcing
API that provides access to virtualisation functions us to log out. On returning to that VM we’d probably
through its daemon, libvirtd. Libvirt supports a number find it in a sorry state, since the process running it
of hypervisors, including KVM and VirtualBox. (QEMU or VirtualBox) would have been wiped out.
This might seem, to the layman, like adding another With Libvirt, VMs – known slightly confusingly as
layer of complication on top of something that’s ‘domains’ – are run by a separate user, so if a local
complicated enough. That’s a reasonable point; if you user’s desktop crashes while they’re playing with a
just want to set up a VM to try the occasional Linux VM, it stays running in the background and can be
distro, it’s easy to do with VirtualBox or any other reconnected to. In this way it works much like
friendly frontend. Where Libvirt comes into its own is connecting to a remote machine. In fact that’s another
with management. It can take care of storage (resize thing Libvirt does: enable VMs to be run from remote
KEEPING OUR VMS SAFE

machines. The simple Boxes tool uses Libvirt behind
the scenes to totally abstract away the difference, so
through the same interface you can connect to a
remote machine, a virtual machine, or indeed a remote,
The CPU vulnerability can of worms that was opened in January virtual machine.
Installing Libvirt
2018 with Spectre and Meltdown shows no sign of ceasing to spew
its vulnerability worms everywhere, with new speculative execution
vulnerabilities (CacheOut, Zombieload v2, L1DES and VRS) made We can install all the required bits in Ubuntu by
public this year. These enable an attacker – albeit by pretty complex installing the Virtual Machine Manager (aka virt-
means – to access memory that they shouldn’t be accessing. One of manager) frontend from the terminal with:
the major concerns is that on a host running multiple VMs, such $ sudo apt install virt-manager
attacks could break the isolation, allowing one VM to read the This will also install QEMU if you skipped the
contents of another’s memory – even memory protected by Intel’s previous pages (shame on you), and enable the
secure enclave (SGX) tech. required services. It will also add your user to the libvirt
Cloud giants host billions of VMs on shared machines, some of group, but you’ll need to log out and back in before you
which house sensitive data, so this is a grave concern. VMs and the can connect to said services.
hosts themselves need to have fixes applied and be rebooted in Start Virtual Machine Manager from the Applications
order to be safe, and if you rent a VPS your provider ought to have menu, and it should automatically connect to Libvirt;
been in touch with you to tell you this. If it hasn’t, you might want to you’ll get a permissions error if you didn’t obey the
consider changing. In the meantime, the RIDL Test Suite available at previous sentence. Click the ‘Create new virtual
https://mdsattacks.com will tell you which flavours your VM is machine’ button at the top left to start the wizard.
vulnerable to. Select ‘Local install media’, ‘Use ISO image’, ‘Browse’,
One project that caught our ‘Browse local’ (yes, it’s a bit long-winded) and choose
eye as we scrambled to get this an ISO file. We went with the desktop version of an
feature in on time was Bareflank, Ubuntu 20.04 daily build this time.
a hypervisor SDK. This project is Virt-manager will try to guess which OS the medium
funded by Assured Information is going to install, based on the name. This often
Security and aims to enable doesn’t work, so clear the ‘Automatically detect OS’
rapid prototyping of new box, and select Linux and Ubuntu 18.04; it doesn’t have
hypervisors. Bareflank to exactly match the guest OS, which is good as not
Hypervisor SDK 2.0, including everything is listed. Next, allocate some memory and
the reference Boxy hypervisor, CPUs to your VM; for a modern desktop distro,
was released in February. We’d anything less than two cores and 2GB of memory is
encourage you to investigate probably going to be painful experience.
Keeping track of so many CPU further at https://github.com/ Click Forward and choose the ‘Create a disk image’
vulnerabilities is a full time occupation. bareflank/hypervisor. option, remembering that virtual machines’ disks fill up
as quickly as real ones. By default, images are stored in

Virtual machines
/var/lib/libvirt/images. If you want the image to be

created somewhere else – say on another partition
where there’s more space – then choose the custom
storage option here. Go forward and name your new
VM – and if you want to use virtual UEFI firmware, don’t
ignore the tiny ‘Customize configuration before install’
box. That is the only opportunity you’ll get to set this
up, using the Firmware option in the Overview section;
once the VM has been installed in classic BIOS mode,
it is stuck there.
The default NAT Network will work in the same way
as QEMU’s default set up, but if you want bridged
networking, select the vtap device and set the Source
mode to Bridge. Graphics performance can be
improved by using the virtio video (aka Virgl3d) driver,
which enables the guest to use the 3D acceleration of
the host. In order to make it work with virt-manager Install the virtio
drivers in Windows
by ‘inserting’
you’ll need to set the ‘Listen’ type to ‘None’ in the The singlemost straightforward way to ensure that
the ISO file and
Display Spice section. Since we’re using the video card virtual Windows runs fast is to make sure the virtual
almost directly when we enable Virgl3d/virtio, the drive is stored on an SSD, preferably a fast one. Next, if right-clicking the
remote part of this doesn’t work. you’re using KVM, you’ll want to install the virtio drivers relevant INF files.
You can check if you’ve got it working by running from http://bit.ly/lxf261virtio. Scroll down to the
dmesg | grep drm . You can also easily select virtio direct downloads section and download the Stable
network and storage devices. Now you’re finally (from RHEL) or Latest (from Fedora) ISO file.
primed to boot your libvirt-powered VM. Hit the Begin It’s easiest to do this on the host machine and
Installation button at the top-left, and – fingers crossed then use the VM’s imaginary optical drive to access it.
– it all works. If not, try the QXL video driver instead If you want to use the virtio SCSI driver (highly
(see below). recommended), you’ll need to add this at install time –
JUST CAN’T BE BOTHERED?

If you find installing new Linux virtual machines
too much effort, then good news – you can download
“If you find installing new Linux virtual

ready-to-go VirtualBox and VMware images at https://
osboxes.org. It’s easy to convert the VirtualBox VDI
machines too much effort, then good

images into something QEMU can use. Suppose we
downloaded the Arch Linux CLI image (and unzipped it
news – you can download ready-to-go

to the current directory), then QEMU provides the tools
to to the conversion:
VirtualBox and VMware images.”

$ qemu-img convert -f vdi -O qcow 201905-cli-64bit.vdi
archlinux.qcow2
Virtual Windows
We haven’t covered virtualising Windows here, but it is the rest can be added later. You’ll want to give your VM
absolutely possible. You can download an ISO of lots of memory; running Windows 10 on less than 4GB
Windows 10, entirely legally, from Microsoft’s site at is no fun at all. There’s no Virgl3D windows driver, but
http://bit.ly/lxf261windows. Note that you’ll still there is an alternative. The QXL video card is a partially
need to buy a valid Windows key if you want to officially paravirtualised video device which should offer better
activate the installation once it’s all set up to your liking. performance (and higher resolutions) than the standard
VGA driver. You can use it in QEMU with -vga qxl , or
you’ll find it in the Video section of virt-manager. You’ll
find a Windows driver for it on Red Hat’s ISO in the
qxldod/ directory.
For the absolute best video performance, though,
you’ll want to look into PCIe passthrough. With this
setup, we install a dedicated GPU just for the Windows
VM, and have the kernel isolate it for us at boot. We
covered this in our last virtualisation extravaganza
back in LXF244. One of the greatest resources on this
topic is the Arch Wiki page at http://bit.ly/
lxf261passthrough. If you get this working, we’d love
to hear from you and your benchmarks. Virtualising old
versions of Windows is possible too, with the correct
ISO, which is a reasonable way to hold on to your old
Libvirt uses XML to define virtual machinery, and if you need fine- apps – perhaps from your now-retired Windows 7 install
grained control you can edit it directly in virt-manager. – until you find suitable Linux alternatives.

EDGE
THE RAZOR’S
More tales from Jonni

Bidwell’s pilgrimage to the
2019 Open Source Summit –
this time from virtualisation
guru Erik Nordmark.

Erik Nordmark INTERVIEW
rik Nordmark is one of the
E
co-founders and the chief
architect at Zededa, pioneers
in edge virtualisation and
creators of Project EVE – the Edge
Virtualization Engine.
For anyone that doesn’t buy into new
computing paradigms, Erik claims “the
edge is already here, it’s just not connected
yet.” And he would know. He also sits on
the technical advisory committee of the
Linux Foundation’s LF Edge umbrella
organisation (https://lfedge.org), which
brings together seven (and counting)
projects, including Project EVE (and
EdgeX Foundries, which we heard about
in LXF257). LF Edge has the lofty goal
of establishing an open, interoperable
framework for edge computing.
Erik was brave enough to join Jonni
Bidwell among the clouds on the roof
of the Lyon convention centre – skirting attack surface. This means the hardware might not have the same network security
dangerously close to all kinds of appalling is no longer the obstacle, even though with firewalls and such. Or it could be that
edge/cloud punnery, but escaping today most of what’s deployed is for Intel these things are so distributed that you
with only a tasteful nod to W. Somerset processors, typically lower powered, don’t ever want to go there for software
Maugham’s lukewarm classic. passively cooled things. maintenance because it’s too far away.
I talked to people who were deploying You’d have to get on a plane and drive for a
Linux Format: What sort of things are you or thinking about deploying things, about couple of hours just to service one box. So
working on at Zededa? what they saw as their pain points and there’s other things that are unique about
Erik Nordmark: What I care about is driving what was missing. One of those was data, the edge in terms of the IoT aspect of data.
edge technology, but there’s scary stuff IoT data, which we don’t deal with. What Some of the things that Jason
that goes along with that. We’ve seen we deal with is how to operate and scale (Shepherd, see our interview in LXF257)
many home products that ship with things. So let’s say I deploy an application has been working on concern data
default usernames and passwords. How on 10 devices – it doesn’t matter if those provenance, right, and how to transform
can we advance the state of the art [tech] are MQTT relays or AI devices with TPUs, that data because there’s all these
so that people can deploy these things and the application is deployed and everything different protocols and different schema in
still be able to sleep at night? We want the works. Now what happens when we want terms of how that data is set up. The way
people who have the domain expertise – to scale to 1,000, or 10,000 devices? you describe a light fixture could be very
retail, energy, healthcare, whatever – they different because some organisations have
worry about their applications, they don’t LXF: For the benefit of our readers, and defined a schema that talks about colour
worry about how to make Linux secure. indeed me, could you explain a little bit temperature, and others describe it in
When we set up Zededa [in 2016] we about where this edge computing trend terms of red, green and blue components.
found you could buy a $7 Orange Pi board came from and why it is important? So there are many problems that are
with 256MB of RAM and boot the Xen EN: Edge computing is something that’s coming from IoT and the apps that go with
hypervisor on that. So now we can build touted as being quite new, but I would that. LF Edge as an organisation is bringing
something that’s quite secure, in terms of argue it’s actually been here for a long in projects that are covering different
having a type-1 hypervisor with a smaller time. It’s just it wasn’t connected until aspects of this. So that’s a key thing, it’s
now. If you walk into a factory today every not just taking what we’ve already done
machine there has an industrial PC inside in a central way and distributing it. We’re
it, with an operator console. So people trying to address all these things that are
look at that, see the data that’s there unique to the edge.
and deploy new applications. That’s an
example of taking something that exists in LXF: Which projects are involved in LF
one place and deploying it elsewhere, but Edge at the moment?
the edge is a lot broader because people Right now there are seven projects,
talk about it in terms of anything that’s not and more are coming in. The original
in the cloud or the data centre. And that’s five projects were: Akraino – they’re
a very broad definition. looking to do integration work from a
One of the things we’re looking at in LF telco background, EdgeX Foundry, which
Edge is, “What is actually distinguishing Jason told you about; Project EVE (Edge
in terms of the edge?” It’s not just that Virtualization Engine) – that’s what
it’s a different size data centre that has I’ve been working on, we’re looking at
similar characteristics. It’s deployed in a providing a baseline for edge virtualisation;
distributed way, where maybe you don’t there’s the Open Glossary project, which
have the same physical security, or you is trying to harmonise terminology across

INTERVIEW Erik Nordmark
the space; and the Home Edge project, your solution. This is not how things evolve streaming databases that have grown
which Samsung contributed to. quickly because now you say, “I have that out of dealing with SCADA systems and
Since then we’ve had two more, one thing, it works over Ethernet, but I want to whatnot. We want to make that stuff move
that’s called Fledge, which is similar to run it over LTE” and then you have to start towards this horizontal layering model.
EdgeX but more focused on industrial IoT again from scratch because the system is
and the way people have built systems in so integrated. LXF: I talked to Dan Cauchy about Linux
that space. And finally there’s this one that Instead of doing it how it’s been done in in cars earlier, and he told me a bit
looks like it’s hard to pronounce, Baetyl, the data centre and in normal computing, about why virtualisation is important
but it’s just ‘beetle’. We’re looking at how we’re dealing with someone that provides there. In an amazing display of thematic
to leverage things when it makes sense fairly standard hardware, an operating consistency I’m going to write a cover
to build a solution by combining some of system, a hypervisor, and have it layered feature on virtualisation too. So in
these things. There’s some overlap but that way so that things can evolve much keeping with that, why is virtualisation
there is also a certain amount of layering faster. That’s what’s fundamentally driving important for edge computing?
and independence. this – people want to deploy applications EN: There are two aspects of virtualisation.
that can act on this data. One is the horizontal layer – you don’t
LXF: What is the overarching goal of the I have some slides here so can say want the application to be compiled in
LF Edge division? Is it to standardise the a little bit more about some of the with the LTE modem device driver, so
ecosystem with open source tooling and organisations involved. Home Edge is you give it a virtual Ethernet device. Then
avoid the perils of fragmentation? pretty early in its lifecycle, but that’s you can run that same application in the
EN: Yes, it’s clear that we have new looking at issues that are unique to the data centre, and it will run the same over
needs at the edge and there’s a need home and consumer products, particularly Wi-Fi, LTE, Ethernet or something else –
for a new edge stack. It can be built with privacy. It’s not something that we’ve had the application isn’t affected. That’s the
components that we already know about to worry about hitherto in Project Eve. If I hardware decoupling side of it.
– hypervisors and networks and whatever run a railroad and buy a locomotive from The other aspect is being able to build
– but we still need to put it together. Being General Electric, well I’d probably lease these systems with security that’s fit for
able to leverage things and figure out how one, whatever, I’m still perfectly okay from the edge where you don’t have the same
to do this will mean customers can build or a privacy perspective that GE knows the physical or network security you’d expect
deploy applications without having to do location of that locomotive and how it’s in a data centre. In this setting it makes
all this work themselves. doing. If I buy a mobile phone though, then sense to separate the applications from
If you look at how things have I might not be okay with the mobile phone the underlying management of things. The
been done traditionally in embedded manufacturer knowing exactly where I am. way this has been done traditionally in
computing, it’s always been about vertical Fledge, as I said, is about the industrial server infrastructure is through baseboard
integration. There’s someone who puts IoT part of the ecosystem, in particular management controllers – basically a
together some hardware, a real-time OS the operational technology where they separate computer that can flash the
(probably Linux), an application, some have different software that I hadn’t heard BIOS and power things on and off. But that
cloud connectivity, and then you have about until two years ago. They use these assumes you have a support network for
that. When you’re sitting out in, say, that
streetlamp over there, you don’t have a
support network, maybe you have a wire,
maybe you have LTE, but you don’t have
two physically distinct interfaces. So being
able to pull data from different channels
into the same piece of software, you want
to have strong isolation between them.
If you look at the deployment lifetimes
for these devices, it’s a lot longer than
in the data centre. Plus in many cases
these are security-critical systems. It’s
not only about IT security issues, it’s
about operational safety issues. If you’re
controlling a robot, for example, and
it gets compromised, then it’s not just
leaking data and credit card numbers, it’s
potentially hurting or killing someone. A
refinery could catch fire because someone
messes with the valves, so how do you
build that system to prevent that?
The best thing we know how to do
is to have relatively fine-grade isolation
between the components in different
applications, between the applications and
the underlying runtime, but also carving

Erik Nordmark INTERVIEW
up the runtime so you get “defence in We want to get more interoperability.

depth”. Wherever the next security bug And we want to be able to explain this
shows up, whether it’s in SSL or wherever stuff, it’s very confusing. I think a couple
– there’s definitely going to be one in of years ago people counted how many
the next 5-10 years, it’s just a question of different IoT frameworks there are out
where – it might only affect one of these there. The figure they came up with was
components, and even if you can break in the hundreds, I think 400 or 600.
into that one then you can’t use it to Because someone says “I have an API,
access the application that’s running, as I have something in the cloud, maybe
everything’s running as separate virtual something else is distributed over there”,
machines isolated by the hypervisor. it’s extremely hard for people to navigate.
“Which hypervisor?”, you may ask. So now we have some software, it’s all
Well it could be anything. We started with open source, and we can explain it. Maybe
the Xen hypervisor because it was well- it’s not so easy because of partial overlap,
proven and available both on Arm and x86. but it’s much easier than explaining 400
Recently people at Intel have contributed different things.
support for the ACRN hypervisor (https:// Akraino is coming from the telco space
projectacrn.org), there’s still some work and is doing more within the integration
in progress there. Basically the hypervisor space, in terms of describing the different
doesn’t matter, it’s the properties of the components – what you’re putting
hypervisor that matter. together, different versions of
OpenStack, and how to connect
LXF: What sort of industries are using those things.
edge computing now? A quick search EdgeX, which Jason’s involved
showed that for a relatively new industry with, is about the protocol connectivity.
there is a lot of jargon and a lot of You have all these different protocols,
frameworks, but does this translate to a southbound as well as northbound, so LXF: What about the future, or LF Edge’s
lot of adoption? we need a place to handle the data. The utopic vision of the future?
EN: There are lots of markets showing data might be different depending on EN: From a hardware perspective, the way
up, and different markets have different what sort of ecosystem it’s coming from. I see it, we will have a huge number of
WIDESPREAD ADOPTION OF THE EDGE

fixed function devices, typically running
these microcontrollers, maybe running on
“There are lots of markets showing up, and

battery and harvesting energy. But those
are not very flexible because you might
different markets have different abilities to invest

not have enough memory and CPU to run
something new. Even more fundamentally
in the edge. But the energy sector is pretty big in

you might not have enough battery. If
something is supposed to last for ten years
terms of wanting to get better efficiency.”

and it only lasts for one because you’ve
run another app, then you’ve broken it.
So there’s that part of the ecosystem,
and you want to be able to deploy that
abilities to invest in the edge. But the What does “100” mean for a lightbulb? Is more quickly by having open source, of
energy sector is pretty big in terms of it 100 lumens, 100 per cent? They’re both course. But the places where you get
wanting to get better efficiency. Then integers, right? So EdgeX provides those more flexibility, in terms of application
there’s a lot of work going on in retail and kinds of services that people can then deployment, is typically something that
places where things are quite regular. So use to deploy applications and use as a is already running Windows or legacy
things like chain stores, as opposed to baseline to plug in new things. software. There you have that headroom
‘mom and pop’ stores, are more into this Scale is important, as the edge can be to deploy something new. You want to get
because they have around 2,000 stores highly distributed, and the key for that is away from this vertical separation so I
that are all the same. Transportation too location. This vibration sensor needs to go don’t have to – as someone explained it to
– there’s a lot of things on the automotive on this part of this machine, or this video me, buy one Fitbit to get the pulse, another
side. What we’ve found in conversations camera looking at this car park for free to get the blood pressure, and sooner or
at Zededa is that the way you build a spots. So you end up with a very different later I run out of arm. We want end-to-end
vehicle, what goes inside it is very much distribution in terms of physical location. connectivity from the sensor to the cloud.
controlled. But how the factory is set up is Things haven’t really been designed for Now we can do horizontal architectures
a very different thing – the way they think that like they have for the data centre. so that you can deploy different
about what they produce as opposed to There you have relatively few, hundreds or applications with more flexibility, and
the machinery they have on the factory thousands, of high-powered servers, but ideally you would only need to deploy
floor. Then there’s lots of different levels you can run tons of applications on each hardware once. Or at least the deployment
of deployment in the telecoms sector one. That make no sense at the edge, where cycle of the hardware is not tied to that of
towards the enterprise. you’re running a handful of applications. the application.

IN-DEPTH FreeBSD
USING BSD FOR

LINUX USERS
Aaron Peters is a stranger in a strangely familiar land as he dives into
I
installing and using Linux’s open-source cousin FreeBSD…
f you’re reading this magazine, code as the basis for the Darwin project, an
then you have at least a passing OS that became Mac OS X (and now macOS).
interest in free software. Maybe If you’re looking for a desktop system to
it’s limited to Linux, but the install and immediately be productive with,
FOSS community is bigger than that. there’s better options for you (see the
There’s plenty of software projects that run sidebar for some other members of the BSD
on other operating systems, and also a clan). But this article intends to be a learning
variety of open source Un*x clones. exercise to see how this little Unix-y devil
The BSD family of operating system is an stacks up. And FreeBSD offers that learning
important example, representing some of the opportunity by being more hands-on than
first systems truly free from legacy Unix other desktop-oriented systems, whether
code, and can be seen as at least an uncle to Linux or BSD. However, the author did have a
Linux as we know it today. What started as goal – to be able to take this from a fresh
one system, the Berkeley Software install to a “productivity system”, complete
Distribution (BSD) went through a variety of with a GUI interface and accompanying tools.
versions (a book in itself), with different But along the way, we’re aiming to see what’s
projects and vendors. Today’s family of BSD the same, as well as what’s different.
systems include NetBSD, OpenBSD, and And as we in the open source community
TrueOS. Of these, FreeBSD is considered the know, variety is the spice of digital life. So we
most ‘general purpose’ and is arguably the owe it to ourselves to explore this BSD
most popular. Notably, Apple used FreeBSD system and see what’s what.
CREDIT: The FreeBSD® logo is a registered trademark of The FreeBSD Foundation.

FreeBSD IN-DEPTH
W
hy use FreeBSD? A better question might be 5 Finally, some quick system configuration, including
“Why not use FreeBSD?” As we’ll see, FreeBSD setting up the root user, network, time zone, date/time,
comes from the same Unix-y roots as Linux, services (SSH is selected by default), security options,
and we can expect our skills to transfer over nicely. Oh, and user account(s).
there will be slight differences for sure, but a shell is a There are sub-steps, and it may seem like we glossed
shell is a shell, and your ls command in FreeBSD will over the installation. But honestly, if you’ve done a Linux
indeed list the contents of your current directory. install you’ll have no troubles. For those of us of a
But there’s always something to be learned from certain age, step 2 might even bring back fond
different ways of doing things, and some of the areas memories of writing sets of Slackware floppy disks.
Booting into FreeBSD

where FreeBSD excels include:
As a server. FreeBSD powers some of the most basic
services on the internet, and is also used in some of the That nostalgia will continue once you reboot your
network hardware that makes up its infrastructure. system. You’ll get to see the plain-text system messages
Security. Its beginnings as a server OS have led to blur past in all their glory, and when all is said and done
FreeBSD including a number of unique security you’ll land at a login prompt – no fancy desktop, no new-
features, such as access control lists (ACL), a choice of fangled session manager. You’ll see login: and that’s it.
powerful firewalls, and jails for running virtualised OSes. It doesn’t even clear the screen for you.
Following documentation. With many modern Linux But start poking around and things will begin to get
distros, getting installed is a simple point-and-click familiar pretty quickly. Your home directory is in /home
affair. In contrast, FreeBSD comes from an era where /<username>/, and the standard sh shell is similar
you actually had to read the documentation, understand enough to Bash that you won’t notice the difference.
it, and follow along closely. The first thing that will probably jump out at you is that
A focus on compiling source. The Ports system gives a sudo isn’t installed by default, so you’ll need to use the
fantastic introduction to compiling software for those actual root account to make changes. But otherwise all
who aren’t software engineers by training. the basics are there: cp, mv for shuffling files, mkdir for
Use FreeBSD for fun. Use it to learn, and evangelise it new directories, and cd to get yourself around.
to others in the community – we’re family after all. The That said, your system is definitely barebones. Take a
way you install FreeBSD is just like Linux, in that you tour around your executable directories (/bin, /sbin,
need to get some sort of installation medium, then boot /usr/bin, and /usr/sbin) if you don’t believe me. You’ve
your machine from said medium. The main differences got basically enough to do some text editing (with either
during installation are threefold. First, the installer is edit or <sigh> vi). In order to make this a useful system,
text-based. Second, the installer doesn’t give the option we’ll need to get started installing some programs.
to move back to previous screens. Finally, the way you Note: one area where the author ran into some
include software during the install is rather unique. delays is in setting up the bootloader. In part, this has to
In this context, “include” software doesn’t mean do with his stubborn insistence on trying to make it
actually installing it. But the installer does give you the work with the native Windows boot manager on this
option to add the FreeBSD Ports Collection. Ports is the dual-boot device. Things went much more smoothly
equivalent of Linux package repositories, except that once FreeBSD was allowed to take over the entire disk,
they’re used to build packages rather than install. and even just installing the FreeBSD bootloader would
MEET THE BSD DEVILISH FAMILY

For now, if you’ve installed a Linux distro, you’ll
breeze through the text-based installer’s screens:
1 First up, a couple of environment screens: Keymap
selection, and choosing a hostname for your machine.

2 Select the “distributions”. As mentioned, make sure FreeBSD is similar to Linux in that there’s an extended family of
you include Ports. Think of these as software sets, other systems. There’s now quite a few different choices in the BSD
rather than the colloquialism for a Linux-based OS. world. Here are a few of the most popular:
3 Disk partitioning. The first option will be between the FreeBSD (www.freebsd.org) was originally a server OS first (as
traditional UFS and the newer ZFS (see LXF227) most Unix-likes were), but now is positioned as the “jack-of-all-
filesystems. For testing, UFS is fine. You’ll be offered the trades” system, if you’re willing to put in the work in, as we’ll cover.
usual manually partition,or take over the whole disk. You’ll NetBSD (www.netbsd.org) is another all-purpose OS, with a focus
also have a choice of several different partition schemes. on running on as many different devices as possible, meaning you
4 The installer will start decompressing the distro onto can just as easily find it on a desktop, a server, or replacing Windows
your drive. Don’t go anywhere, it won’t take long. CE on an NEC MobilePro 790 circa 2004.
OpenBSD (www.openbsd.org) its claim to fame is security, with all
packages going through rigorous audits at the source level.
TrueOS (www.trueos.org), originally called PC-BSD, this is a
desktop-friendly remix of FreeBSD, but pre-configured with niceties
such as a graphical installer and bundles of apps pre-installed.
DragonflyBSD (www.dragonflybsd.org) forked from FreeBSD and
provides a carefully tuned system for high-performance applications.
GhostBSD (www.ghostbsd.org) is technically a grandchild of
FreeBSD, as it’s built off of TrueOS. Just as Linux distros stand on the
shoulders of giants, this aims to provide a simpler experience than
You may start to panic when you see FreeBSD’s text-based installer. its parent, with a focus on lighter desktops like MATE and Xfce.
But its steps (like Partitioning as shown here) will be familiar.

IN-DEPTH FreeBSD
likely have made things easier. It’s worth noting that pkg delete [package name]
FreeBSD is planning on making direct UEFI booting You can see all the packages you have installed with:
available in a coming release. pkg info
Installing s oftware
Again, if you’re a Linux user who regularly drops
down a quick terminal to search and install software in
FreeBSD offers two ways to get software. The first is the Ubuntu or Fedora, it will take you all of 14 seconds to get
Ports Collection. If you included it during your the hang of this. And installing Ports is just as easy.
Day-to-day usage
installation, poke around the /usr/ports directory.
Alternately, you can opt to install software pre-compiled
as well. Each of these has their own pros and cons. Using FreeBSD on a day-to-day basis is precisely as
Installing the pre-compiled packages is faster and described in the previous section. You’ll find a lot of
potentially easier/less error-prone. However, building things very familiar as you’re navigating around the
software on your machine will better tailor it for your console. And of course, applications operate just the
hardware. The first step is to get the package tool set up same on FreeBSD as they do on Linux. There are only
on your system. Enter pkg in your shell, and if it’s not two areas where a little adjustment will be required. The
already present you’ll be prompted to download it. Your first is system configuration. While the /etc/ directory
first step should be to update the package database: exists and does indeed contain many configuration files,
pkg update there’s a useful one that’s unique to FreeBSD. As you
Then, search for your desired program with: work with FreeBSD you’ll see references to making
pkg search [your desired term] entries in the rc.conf file. This contains a smattering of
To install something, use this: important system-level settings. If you open it up, you’ll
pkg install [package name] see some of the things you set during install (such as
You’ll see the progress of the install in the terminal, network config). It’s very short, but one would expect it
including the calculation of dependencies, the download to grow longer with your personal configuration.
of all that software and the actual installation. If you The bsdconfig utility can help with some of these
need to backtrack, it’s just as simple: tasks, and it’s as close to a control panel as you’ll get
without installing some sort of desktop that contains
one. It’s a menu-driven terminal program not unlike the
installer, where you’ll use arrow keys and Tab to jump
around the dialogue. It won’t be too much of an
adjustment, as even some modern package systems
The installer’s will use these types of dialogues when configuring
“distributions” are individual packages.
package sets. You
only have a choice
You should also expect to do a bit more
of adding up to
troubleshooting on FreeBSD. To clarify, this isn’t
seven of these
because things in FreeBSD are broken, but rather there
sets as part of are things that FreeBSD does differently by design that
the installation. a Linux user will have to learn through research. A case
FREEBSD’S LINUX COMPATIBILITY

in point: the pkg command does follow dependencies,
but not quite in the way a Linux user might expect.
The author issued a quick pkg install lxqt command,
to which the output indicated that a number of
While it may not be compatible with other BSDs, FreeBSD does packages would be installed. On completion the
come with a feature that enables you to run Linux software on it. The startlxqt command failed with an error. Some quick
Linux Binary Compatibility layer allows you to install both 32 and checking revealed that the LXQt desktop was installed,
64-bit Linux applications, although it appears the support for but Xorg was not. When the startup failed again after
i386-based software is fading. To add Linux compatibility, first add the X install, further poking about showed that while the
the Linux module for the FreeBSD kernel (while logged in as root): base X server was there along with the top-level LXQt
kldload linux64 desktop, the Qt5 toolkit that sits between them was still
Then install the package (or build the port) for the emulation layer: missing. And even when this was installed, using the
pkg install emulators/linux_base-c7 startx command launched a default twm-based affair.
Add the following to /etc/rc.conf/ to make sure Linux compatibility
is loaded at start-up.
linux_enable=”YES”
Your FreeBSD system is now set up to run Linux programs. Some
other considerations you may need to take into account include:
Does the program require any shared libraries? If so, you’ll need to
track them down and install them as well.
Does the program come in a particular package format? Some
traditional packages such as .DEB or .RPM are easy enough to crack
open, but newer ones like FlatPak (see LXF244 for a deep dive) or
Canonical’s Snap may not be as simple.
See the handbook (www.freebsd.org/doc/handbook/linuxemu-
lbc-install.html) to learn more about these and other topics. Before you log in, all the dmesg output will scroll by you furiously. Once
it’s complete you end up with a prompt at the bottom of the screen.

FreeBSD IN-DEPTH
Sometimes
installing binary
Manually adding an .xinitrc file with the following finally
let startx bring up a usable LXQt desktop. packages is the
Again, this isn’t to say what occurred was wrong. quickest and
easiest way to get
the software you
But based on past Linux experience, the author was
want. And like
expecting the installation to include all dependencies
and the launch script to start everything up Linux package
“automagically”. But in FreeBSD, you need the managers, it
is dependency
aware.
wherewithal to install X.org yourself, launch it in the
“standard” way, and make sure your environment it
set to trigger LXQt when you do.
The designation for devices are similarly different.
In FreeBSD, you reference the first internal drive with Stated another way, think of modern Linux
/dev/ada0/. Partitions are alternately referred to as distributions as an office suite with easy-to-use buttons
slices, so the second partition may be /dev/ada0s1/ or that sometimes don’t get you precisely the result you
/dev/ada0p1/ depending on where you’re looking. want. FreeBSD, on the other hand, is LaTeX. You can get
Likewise, the default CD-ROM is represented by /dev/ exactly the end product you want, you just also need to
cd0/. Is using “ada” for the hard drive “wrong?” Who know exactly how to go about it.
Quickly, back to Linuxland!

knows! Just understand that you may need to do some
translation of nomenclature along the way.
FreeBSD is DIY
This short journey into the world of FreeBSD tracked
with what you’ll find a lot in open source. It’s easy to
This speaks to the philosophy of BSD, which is to get started and achieve some measure of success and
assemble the system you want with the software you productivity. But as you start to dig into it, you quickly
want. In the course of writing this article the author learn how far you still have to go.
frequented the FreeBSD message boards (https:// Mentioning a couple of key take-aways at this point is
forums.freebsd.org), on one occasion looking for hints prudent if you’re thinking of giving FreeBSD a spin:
on a GUI package manager. Firstly, the FreeBSD Measure twice, cut once, aka do your research.
community is very active on forums, and give extremely The FreeBSD Handbook (www.freebsd.org/doc/
accurate answers. But the answer to questions like handbook) is your best friend.
“Where’s the GUI package manager for FreeBSD” was Plan to do more things in the terminal than with Linux.
a resounding, “We don’t have one, we like pkg or port. FreeBSD often defaults to MVP (minimum viable
Feel free to try some until you find one you like though.” product). You may need to manually add things that
This wasn’t intended to be dismissive, but rather to just “came with” Linux.
encourage the poster to build his/her platform to taste. All that said, for Linux users a short holiday in
Yet the FreeBSD developers have taken pains to FreeBSD is a great learning experience. And when it
make the assembly easy where it makes sense. A quick comes to the open source world, isn’t that the point?
USING THE PORTS COLLECTION

confession: this author was fully prepared to hunt down
Xorg configs (or XF86Config files, as those of a certain
age will remember them) and tinker with modelines. At
one time this was an extremely painful part of getting a
Linux system running. But the X.org installation process First, navigate your way to the Ports Collection on your machine:
on FreeBSD, the graphics system was configured, and a cd /usr/ports
nice-looking desktop was the result. So, you may ask, A Port is basically a recipe for building the program in question. Spin
why did the issue in the last section happen? Why didn’t through the various sub-folders and you’ll start to see some old
the whole desktop stack just install? friends, such as desktops in the /x11-wm folder, the Firefox browser
It’s because FreeBSD didn’t assume this author in /www, and (huzzah!) Emacs in /editors. In order to search for
wanted to use X.org at all. Maybe Wayland was the applications, we first need to index all the ports in the system:
intention. In this sense FreeBSD will often “do what cd /usr/ports
you say, not what you mean”. So you should be sure make index
about what you’re doing before you issue commands Use the following command to search for something:
in FreeBSD, especially if you don’t understand their make quicksearch name=[name of your search target]
function (e.g. there’s a command that will happily This will show you the name, location and a short description for
re-build your entire system from source, likely your results. If you find what you want and would like to install it, you
occupying it for several hours) or target devices as can use the command below. Just bear in mind you’ll be compiling,
mentioned in the previous section. In other words, not just installing, the application and all its dependencies.
understand the FreeBSD parlance for disk partitions To build and install a program, navigate to its Port directory and
before you start formatting drives. issue the below command. Note the clean parameter will make sure
any temporary build files are deleted once it’s done.
make install clean
Sit back and watch the messages scroll by, and after a few
minutes/hours/days (depending on the size of the application), your
hot-off-the-press program will be ready to run.
Uninstalling is just as easy (again, from the Port directory):
Installing the nano text editor using the Ports system. It fetches the make deinstall
source for all dependencies, compiles, and installs them.

Pi USER
Les Pounder
works with groups
such as the
Vulkan to land
on Raspberry Pi 4
Raspberry Pi
Foundation to help
boost people’s
maker skills.
BACK VideoCore VI hardware offers enough bells

TO BASIC(S) and whistles to support a native build of Vulkan.
For the past few weeks I have ulkan is an industry-wide initiative to Before the Raspberry Pi 4, Pi models
been immersing myself in the
1980s – specifically, BASIC
V deliver a modern, high-performance,
cross-platform API to support 3D
were unable to directly support Vulkan as it
requires hardware that supports OpenGL
programming on a Z80 board rendering and compute abilities. It was largely ES 3.1. Obviously, this didn’t stop the Pi
called the RC2014 Micro. It got created through the need to replace the more community trying to bring Vulkan support to
me thinking about those golden complex OpenGL library with a lower-level the Pi regardless… But with the release of the
days. I learned to code using and less CPU-demanding API, especially for Raspberry Pi 4 and its VideoCore VI hardware
BASIC, and I could even do mobile devices running Android – but that does support OpenGL ES v3.1, the
some rudimentary GPIO and extending to anything requiring GPGPU possibility of Vulkan support became a reality.
electronics work thanks to a compute abilities and OpenCL. So it shouldn’t surprise anyone that at the
series of books from Usborne end of January 2020 Ebon Upton announced
Publishing, which are now free to Vulkan would be coming to the Pi 4. The post
download as PDFs. BASIC is a was accompanied by a proof-of-concept,
great language, and it struck me Vulkan-rendered RGB triangle. In his
that because I can already code comments, Upton suggested a first public
in a few other languages, I picked beta release would be in six months’ time,
up BASIC quickly and made a few so watch this (3D) space. See http://bit.ly/
projects using the language. lxf261vulcan for more.
Learning to code is not just
about learning a language – it is Rendering has to start somewhere,
about how logic works. How a and where better than an RGB triangle?
loop can iterate, how to declare a
variable, set the variable and get
the data from it, and so on. By
learning one language I quickly
learned this logic, and now I can
apply it to others.
Raspbian Educators united!
But why am I so impressed
with such an old language? updated Super symposium.
Simplicity. If I can understand re you a Pi enthusiast? Are you a
New screen reader.
what is going on, even vaguely,
I can debug and fix my issues. aspbian has received an update,
A UK educator? Then you should get
involved in the Pi Foundation’s
If you have never tried BASIC,
please do so! There are many
R post the Pi 4 release of last year. The
new revision has tweaked the file
Education Research Symposium on 1 April
2020. Held at the Department of Computer
versions on offer: Microsoft manager for the better, introduced the Orca Science and Technology, University of
BASIC, Commodore BASIC and screen reader, enhanced the audio mixer and Cambridge, it’ll cover school-level computing
what is often considered to be now Ctrl+Alt+Del brings up the power education with free workshops run the day
the best, BBC BASIC. All of these dialogue rather than the task manager. Get before. Get more details and book your spot
versions can be run on the updated now with a terminal-based: now at http://bit.ly/lxf261symp.
Raspberry Pi, via emulation or a sudo apt update && apt full-upgrade .
modern-day application. If you
have access to the old hardware,
and have electronics skills, then
perhaps you can build those
Usborne projects and show them
off at your next Raspberry Jam.
The tweaks
sound great!
We love a good symposium, so sign up today…
IMAGE CREDITS: Raspberry Pi Foundation

Distribution REVIEWS
Combian 64
Les Pounder goes back to the 1980s to remember a time when he used
to type code listings from magazines!
IN BRIEF
T
he 1980s saw a massive number of home
computers released across the world, and in the
A Raspberry Pi UK children would have their usual playground
distribution gangs based upon football teams, toys and home
designed for computers. The ‘Commodore Kids’ vs ‘The Speccies’ was
retro computer common, and it highlighted how popular these machines
enthusiasts to were. They were the Raspberry Pis of the age, and their
get hands-on BASIC language was our Python. So when we got the
with the classic chance to try out a Raspbian distro designed to boot into
machines of the a working Commodore 64, we had to have a go. This Commodore 64 was the beginning of a lifetime of learning,
late 1970s and Combian 64 is a stripped down version of Raspbian and now we can emulate it on a £35 computer!
1980s. It’s able that will boot directly into the VICE emulator, giving us
to emulate a the impression that our Pi is really a Commodore From the main menu we chose to exit and then were
diverse range machine. The most recent version is a bit old – it came presented with a further Combian 64 menu, but this time
of Commodore out in 2018 and only supports up to the Pi 3B+ – but it was for configuration of the system. We found that we
machines, do we really need the power of a Pi 4 to just emulate an could switch machines and emulate a Commodore VIC-
external old Commodore 64? 20, Plus/4, PET and many more. And we could also set up
peripherals such We tested Combian 64 on a Raspberry Pi 3B+ and the a USB stick onto which we can move games from our
as disk drives original Pi Zero and found the experience to be enjoyable computer to the Pi.
and cartridges, on both. So if you have a spare Pi Zero doing nothing, then Another surprise was the included StrikeTerm BBS
and enables us this could be the distro to bring it back to life. software, enabling advanced users to connect their virtual
to use them as if Combian 64 is made up of a series of applications Commodore to a live Bulletin Board System if they have
they were real designed to enable an easy emulation experience. On first the correct equipment, such as a real modem or a device
devices. And we boot we saw the famous Commodore 64 BASIC V2 to convert the AT commands into TCP/IP.
can play games! screen and were instantly transported back to our youth, Combian 64 is very slick – we just put the distro on a
remembering a series of BASIC programs to scroll text micro SD card and we had a running system. It also
and change the colour of the screen. Once nostalgia had provides the best experience for enthusiasts and
left us we delved into the VICE menu and found that we newcomers. We can load our games with ease, and then
could load tapes and floppy images stored on the SD run them from the BASIC screen using the original
card. So we loaded a few games and tested a little more commands (C= and RUN/STOP to start a tape game
and found that all was good. Well, except for Ghostbusters springs to mind). It is as if we are sat back in the 1980s
– the sprites were rather messed up. Controlling our typing in code from a magazine.
Uridium can be
games was possible by configuring a USB joystick and our The lack of Pi 4 compatibility does not hold Combian
brought back to keyboard, but some games did behave a little erratically. 64 back. A Pi Zero can run most games with ease, but an
life with the All configurations can be saved to the SD card to old Pi 2 or 3 would be ideal for this use and is much
Combian 64. customise your experience. cheaper than buying one of the two mini consoles on offer
at this time.
Have a go and let the memories of the 1980s flood
back, just be careful with the joystick when playing Daley
Thompson’s Decathlon.
VERDICT
DEVELOPER: Carmelo Maiolino
WEB: https://cmaiolino.wordpress.com
PRICE: Free
FEATURES 8/10 EASE OF USE 9/10

PERFORMANCE 9/10 DOCUMENTATION 5/10
This fun project offers us the chance to relive or take our first
steps with computers of old. A great way to recycle an old Pi.
Rating 8/10

TUTORIALS Sense HAT
SCRATCH 3
Light up your life

with the Sense HAT
Les Pounder reveals how we can get data and control the Sense HAT
add-on board using super-easy Scratch 3.
ere we’ll use the scientific
H powerhouse Sense HAT

board with Scratch 3 to
create three projects; using LEDs to
scroll our name, joysticks to trigger
input and sensors to read
OUR temperature and orientation.
EXPERT With the power off, connect the
Les Pounder Sense HAT to all 40 pins of the
is a freelance GPIO, ensuring that the board fits
The Scratch interface
maker who works neatly over the Pi. Use the brass is easy to use. We have
with organisations standoff provided with the Sense all of the projects in
such as the HAT to fix the board firmly in place. this tutorial together
Raspberry Pi Connect your peripherals, then in one window.
Foundation to power up the Pi to the desktop.
promote maker From the desktop, go to the main menu and click on under the previous block. The next block for this project
skills. He blogs at Programming > Scratch 3, if Scratch 3 is missing we is found in the Sense HAT section of blocks. This block
https://bigl.es. have a solution in our Quick Tip for this project! is called Display Text. Drag this block and connect it
Scratch 3 has three main sections. From left to right under the previous one.
they are: We want to say “hello” to the user, but we also want
The blocks to code a project, grouped by function. to call them by their name. So from the Operators
These colour-coded blocks can be filtered by function. blocks look for Join Apple Banana and drag this over to
There are also tabs for costumes, to change how a replace the word hello in display text. Change apple to
sprite looks, and a tab for sounds associated to a game. Hello (the space after Hello is important!). Then go
The central area is the coding area, where blocks are back to Sensing and drag the Answer block and drop it
dragged to make a project. on top of the Banana section of the join block.
The right section is the stage, a place where our sprite By doing this the answer to the question, “Who are
reacts to input and produces output in a project. you?” is saved as a variable called answer , which is
Underneath the stage is a section to manage sprites then used to greet the user by their name. Click on the
and backgrounds. Green Flag icon just above the stage, and the sprite will
YOU NEED To use the Sense HAT we need to install an ask your name. Type in your name and watch as your
Raspberry Pi extension, a library of code that Scratch uses to provide Sense HAT greets you by name.
3B+ or 4 extra blocks. Click on the icon on the bottom left of the
Sense HAT screen, and a series of extensions will be offered. Look Johnny 5 neeeed input
Latest for Raspberry Pi Sense HAT, and click on it to install. In a The Sense HAT has a simple joystick that we can use for
Raspbian few moments a new section of blocks will appear, and input. To test that it works we are going to write one
release we are ready to make our first project. simple project, and then one that’s more complex.
Code: The test project uses the When Joystick Pressed Up
https:// Scrolling Hello World block found in the Sense HAT section. Drag this into the
github.com/ To get used to using the Sense HAT extension we are same coding area as our earlier code, then change the
lesp/LXF261- going to create a simple scrolling name project. Firstly direction to push the joystick from up to centre. The
Scratch3- we need to go to the Events section of blocks and drag next block to connect is also from Sense HAT and is Set
SenseHAT/ When Green Flag Is Clicked into the coding area. The Colour To… Change the colour to something fun! The
archive/ next block is found in Sensing, and it asks a question, final part of this test is to drag Display… and connect it
master.zip What is your name? Drag this block and connect it to the previous block.

Sense HAT TUTORIALS
The Sense HAT

works with all 40
pin GPIO models
of Raspberry Pi
and it provides a
great selection of
sensors for most
school projects.
The default image is some pixel art of the Pi logo. read The temperature is and in the second space drag
With the code complete, test by pressing the joystick another Join block. Then drag the temp variable and
centre, similar to how we can use a PS4/Xbox One place it in the next space, and in the last space type C Is Scratch 3
analogue stick. You should see the Pi logo on the LED For the Else condition, activated if the temperature is missing from the
matrix in a colour of your choosing. below 20°C. Duplicate (right click) the colour and text Programming
menu? Fear
not! Go to the
Still in the same coding area, we’ll now move on to a blocks and place them inside the Else condition – just
Preferences
more complex project. This project will check the remember to change the colour! Press Up on the
menu >
temperature using the onboard temperature sensor of joystick to get live temperature data!
Tilt it real Recommended

the Sense HAT. It will save the temperature to a variable,
Software and
then compare that variable to see if it’s greater than
search for
20°C: if it is then the text scrolling across the Sense HAT The final project uses the accelerometer to detect
will be in RED; if it’s below 20°C then it will be blue. movement, and we shall use that to control the sprite. Scratch 3. From
We start with another When Joystick Pressed Up From the Sense HAT section drag When Tilted Forward there it can be
from the Sense HAT block section. Then we go to the and then from the Motion blocks drag Change Y by 10. installed and
Variables section and click on Make A Variable, call the Now tilt the Pi so that the HDMI lead points to the ready to use in a
variable “temp” and accept the default options. Now ceiling and the sprite moves once. Duplicate these few minutes.
from the Variable section drag Set My Variable To 0 and blocks (right click), change the tilt to backwards and the
place it under the previous block. Change my variable 10 to -10. Move the Pi so that the HDMI lead points to
to temp using the drop-down menu. From the Sense the floor – the cat moves down.
HAT section, drag the Temperature block and place it To move right we need to use another When Tilted
over the 0 of our Set variable block. This will update Forward and change it to “right”, then from Motion use
the contents of the variable temp with the current Change X by 10. Tilt the Pi right and the cat moves.
temperature read from the Sense HAT. Duplicate and alter the code to go left in a similar
The next block is found in Control and it is called If, manner to going backwards. Test the code by moving
Then, Else and is a conditional test. Drag this block and the Pi around. And there we have it, three quick projects
connect it to the previous. To build the test we need to to work with Sense HAT via Scratch 3.
go to Operators and drag _ > 50 and place it inside the
WHAT IS THE SENSE HAT?

blank shape between If and Then. Now go to Variables
and drag the temp variable block, place it over the first
blank of _ > 50 and change the 50 to 20. This means if
the temperature is greater than 20°C, so if the The Sense HAT is a scientific platform created for use in schools and
temperature is over that the text colour will be changed in space! Two Raspberry Pis are currently on the International Space
to red using Set Colour To from Sense HAT blocks. Station as part of a scheme with the European Space Agency, where
Connect a Display Text block from Sense HAT, and children can write code and potentially have it run on these high-flying
drag a Join block from Operators and place it over the Pis. The competition is called Astro Pi, and the code written by the
Hello! of that block. Change the first section of text to schools can be silly or serious. Is there a north in space? Well using
the Sense HAT you can find out, just as one school did.
The Sense HAT has sensors to measure temperature, humidity,
pressure, magnetic forces, orientation or acceleration, and it has a
lovely 8x8 grid of multicolour LEDs on which we can scroll text and
display pixelated images. The joystick provides basic input – handy
when you are an astronaut wearing big gloves!
It works with every model of Pi, from the original B+ to the current
Pi 4, and can be used with languages as diverse as Scratch 3, Node-
RED and Python, so every level of user can take their first steps. For
Adding additional functionality is easy, just import an extension, a around £25 it’s great to get your kids interested in science and space!
library of pre-written blocks that we can easily drop into any project.
GET YOUR Pi FILLING HERE Subscribe now at http://bit.ly/LinuxFormat

TUTORIALS Plasma mobile
PLASMA MOBILE
Choosing the right
mobile tablet OS
Christian Cawley shows you how to customise your Raspberry Pi tablet
project and choose the right touch-friendly operating system.
aspberry Pi projects are never quite as
R straightforward as they appear. Many (if not

all) of the tutorials featured in Linux Format are
crystallised moments – the result of days, weeks or
even months of research that bring us to a point of
usability. The project might work and work well, but
OUR there is always room for improvement.
EXPERT A case in point is our guide to turning a Raspberry Pi
Christian into a portable tablet (LXF258). With so many options for
Cawley tablet design, portable power, and operating system
has worked for choices – not to mention the choice of Raspberry Pi
over ten years as models – it’s possible to go far more in-depth.
a tech blogger,
covering the Choosing a chassis If you’re using a 3D-printed chassis for your project, be sure to acquire
Raspberry Pi Raspberry Pi tablet-builders have two options for a any necessary additional components, such as screws or adhesive.
since it launched. case: take advantage of an existing product, or else
On a good day he fabricate a customisable option (this will typically be a on a removable panel that doubles as a tablet stand is a
is over six feet tall. 3D-printed case). smart piece of design.
Cases designed to fit a Raspberry Pi and the official Assembling a 3D-printed case for your Raspberry Pi
touchscreen display are a good starting point. The might require additional components. These are
OneNineDesign Case for Raspberry Pi Official 7-inch typically listed with the STL files. For example, the case
Touchscreen from The Pi Hut (http://bit.ly/LXF261- might be designed with screws for securing the
case) is an acceptable starting point, but it’s short components. Take the time to order the exact size of
Our original of space for portable power. The SmartiPi Touch screw from the suggested resource. When assembling
tablet project
tCase (http://bit.ly/LXF261-smartipi) has similar the case for your tablet, take extra care not just with the
relies on the
official Pi 7-inch
shortcomings, although the superior build quality and electronic components within but with screws and
touchscreen mounting options make it a must-have regardless. With screwdrivers, and the 3D-printed plastic. It might be
display. Instead some redundant behind-screen space, it’s just possible wise to tape wires clear of screw holes to avoid
of being limited that this could make a suitable tablet case for your inadvertent power issues and shorts.
by this, consider Raspberry Pi. Other materials can be used to build your own
alternative The tablet project in our earlier issue relied on the Raspberry Pi tablet. You could rely on Lego, although
displays. You Raspberry Pi 7-inch Touchscreen Super Awesome this is likely to be unnecessarily bulky. Whatever you
might prefer Portable project by DrVegetable on Thingiverse (http:// use, take your time to plan everything. Ensure you have
a 4-inch bit.ly/LXF258-3Dcase). However, this was settled on the right Raspberry Pi and touch display for the chassis
HyperPixel
after several months of research and consideration. you’re planning to use. If you’re starting from nothing
display, a 5-inch
screen, or even
An alternative project is the Adafruit 3D printed and don’t own a 3D printer, consider using cardboard
the 10.1-inch tablet case for a Raspberry Pi and 7-inch touchscreen for early development.
Industrial (http://bit.ly/LXF261-adatabs). Although similar, this Of course, 3D printing a case for a Raspberry Pi 3
Touchscreen build features a frame for securing a Raspberry Pi 2, when you’re using a Raspberry Pi 4 is going to result in
display. Choose display adaptor and battery pack. some tweaking. Take care to ensure that the ports are
one that suits There is no reason to stick with a Raspberry Pi for correctly lined up with access slots.
your needs and your DIY tablet project. STL files are available from
adapt the 3D Thingiverse for NovelDesignLab’s Tablet Frame for Power to the Pi
printed chassis Raspberry Pi, Arduino, and other SBCs (http://bit.ly/ Rechargeable batteries for the Raspberry Pi have
to suit.
LXF261-frame). Mounting the Pi (or your chosen board) improved considerably since its release in 2012. Back

Plasma mobile TUTORIALS
RASPBERRY Pi TOUCH OPERATING SYSTEMS
1 Ubuntu Touch
On paper, Ubuntu Touch should be the touch OS of choice 2 SailPi (Sailfish OS)
While Sailfish OS has been abandoned, a version was
for Raspberry Pi users. It’s been in development for years, released for the Raspberry Pi 2. Dubbed SailPi, it combines the
continued beyond Canonical’s abandonment thanks to the Sailfish OS with support for the Pi’s GPIO. Sadly, the project
UBports team, and recently added Raspberry Pi support. hasn’t been updated within the past five years, but if you’re
However, builds are unreliable at this stage. While Ubuntu Touch looking for a basic OS with a web browser, this is good enough.
might be the best option for Raspberry Pi tablet projects in You can grab SailPi from the Internet Archive (http://bit.ly/
future, try at your own risk (http://bit.ly/LXF261-ubports). LXF261-sailospi).
3 LuneOS
Most people have forgotten webOS, HP’s mobile OS that 4 Plasma Mobile
A solution to your Raspberry Pi touchscreen project
was abandoned after its phones and tablets line went south. that works very well, Plasma Mobile runs on Raspbian Lite.
These days it’s usually seen as the OS on LG smart TVs. Its Importantly, this lets you retain that important integration
mobile version is known as LuneOS, which retains the look and between the Raspberry Pi and its default operating system.
feel of webOS. Relatively stable, it’s a strong alternative to Plasma Plasma Mobile is the best non-Android touch OS for the
Mobile. Nightly and stable releases can be found at webos-ports. Raspberry Pi. See the boxout overleaf for a look at how to
org (http://bit.ly/LXF261-webos). set up Plasma Mobile on the Raspberry Pi.
then, the solution was almost always a portable Note, however, that the size of the display will impact
Plasma Mobile
smartphone charger. Big, bulky and difficult to keep on battery life. So the larger the display, the larger the
should run
permanently attached the computer, such chargers battery capacity you’ll need for any sort of prolonged
without
are rarely used these days. use, unless you keep the tablet near a plug or attach a
trouble, but it is
The right power solution for a tablet project needs to portable smartphone charger… which of course defeats
primarily a UI for
be compact and capable of delivering power to both the the object.
Raspberry Pi and the touch display. LiPo batteries are In addition, a PowerBoost device from Adafruit is phones. Detailed
almost certainly the best option (although you could go recommended. This should be chosen specifically for instructions on
completely DIY and power your Raspberry Pi tablet with use with the corresponding battery; it’s a device for installing and
AA or AAA batteries) with the 4000mAh battery from managing power and enabling the battery to be troubleshooting
Plasma Mobile
can be found on
The Pi Hut (http://bit.ly/LXF261-lipo) capable of recharged via a USB port, so it’s important to get this
hacker Tinker’s
powering a Raspberry Pi for several hours. This right. Additionally, a power switch can be mounted and
webpage (www.
contrasts with the original project that uses a 1000mAh connected to the PowerBoost, immediately elevating
tinker.sh/kde-
cell. While space might be at a premium with your the Raspberry Pi to the level of an actual tablet, rather
plamo-rpi)
chosen Raspberry Pi chassis, it’s worth exploring all than just an SBC with no power button that is posing
options for maximum uptime. as a tablet.
TAKE US EVERYWHERE YOU GO Subscribe now at http://bit.ly/LinuxFormat

TUTORIALS Plasma mobile
The customisable nature of a DIY Raspberry Pi Inject the Plasma

3D-printed tablet makes upgrading your chosen power Fortunately, the solution here is straightforward. If
While 3D solution far simpler. You can upgrade it as and when you’re already running Raspbian, or just want to avoid
printing it’s required! the other operating systems, Plasma Mobile is a great
hardware
Rip off Raspbian
way to add a tablet-style user interface. Designed for
has become
increasingly
touchscreens (specifically phones), 2019 saw Plasma
affordable,
If you’ve spent any time with Raspbian then you’ll know Mobile’s development team introduce support for the
plenty of
that as good as the PIXEL desktop is, it’s almost useless Raspberry Pi.
people don’t
as a tablet user interface UI). If anything, it harks back Specifically, you’ll need Raspbian Lite installed,
yet own one.
to the original Windows tablets in the early 2000s, in flashed to your SD card using Etcher (http://bit.ly/
The affordable which a finger or stylus was required to drag the mouse LXF261-etcher), or via NOOBS setup. You have two
alternative to pointer around. options to enable SSH:
buying a 3D Most operating systems are designed for mouse 1 Open the /boot/ directory on your PC, create a blank
printer is to use and keyboard. While it is quite possible that you’re text file called ssh (no file extension).
a mail-order happy to retain Raspbian as your tablet’s operating 2 Alternatively, you can boot the Pi with a keyboard
printing service.
If you’re using
system, several choices are available that will make attached and open raspi-config, then open Interfaces
designs from
your tablet a lot easier to use. to enable SSH.
Thingiverse,
A Raspberry Pi tablet requires a touch UI that is Whichever you choose, your Raspberry Pi will then
there’s the
simple and straightforward to use, one that makes the be remotely accessible within your local network via
option to Order
best use of the display real estate as possible. There’s your SSH client.
This Printed and
no point having an icon that most fingers can’t hit Next, update the firmware and reboot:
have the build properly, for example. sudo rpi-update
delivered to So, aside from a few menus and desktop icons, sudo reboot
your door. Raspbian (and other standard Raspberry Pi operating Once backed up and running, open config.txt in nano:
systems) is utterly useless as a tablet. The solution, sudo nano /boot/config.txt
therefore, is to create something from scratch, or Scroll through and uncomment the line near the end:
embrace a tablet operating system. The problem with a #dtoverlay=vc4-fkms-v3d
custom solution – perhaps a web UI like Webian Hit Ctrl+X to save and exit, then reboot again. After,
(http://bit.ly/LXF261-webiantouch) – is that you’re confirm dirmngr is installed:
limited to those apps that can be configured to be sudo apt update && sudo apt install -y dirmngr
‘touch friendly’. It’s necessary to edit the sources list to add repos.
While a web interface can easily prioritise mobile sudo nano /etc/apt/sources.list
websites, for example, it’s much tougher to rework the Then ensure that the following repos are listed, adding
user interface of existing Linux apps to be suddenly if necessary:
touch friendly. deb http://raspbian.raspberrypi.org/raspbian/ buster
Our tablet tutorial featured the Android-based main contrib non-free rpi
LineageOS, which works well with a Raspberry Pi 3B. deb http://ftp.debian.org/debian/ buster main contrib
non-free
The Pi display and
However, some alternatives are available, which we
Pi in place, ready explore further in the boxouts. But what if you really deb https://repo.kaidan.im/debpm buster main
to be closed up. want to use Raspbian? Once again, save and exit nano, then add new keys for
the repos:
sudo apt-key adv --keyserver keyserver.ubuntu.com
--recv-keys 8B48AD6246925553 CF319275556E40EC
Follow this with a full Raspbian upgrade:
sudo apt update && sudo apt -y full-upgrade && sudo
apt autoclean && sudo apt -y autoremove
We are almost done here, with just a little bit of
sysadmining required. Create a new user, phablet
and add it to sudoers:
sudo adduser phablet
sudo usermod -aG sudo phablet
Change to user phablet and input the password when
you’re prompted:
su - phablet
Remove user pi:
sudo deluser pi
Finally, you can install the following components for
Plasma Mobile:
sudo apt -y install plasma-phone-components plasma-
phone-settings plasma-settings kwin-wayland
simplelogin dbus-x11
Follow this with a reboot; just a few moments later, the
Raspberry Pi tablet should boast a shiny Plasma Mobile
user interface.

Plasma mobile TUTORIALS
SET UP PLASMA MOBILE ON A RASPBERRY Pi
1 Decide on Plasma Mobile

If the idea of installing a new operating system on 2 Install Raspbian Lite and enable SSH
Start off with a fresh install of Raspbian Lite (http://bit.ly/
your Raspberry Pi for a tablet project doesn’t appeal, consider LXF261-rasplite), written to an SD card with Etcher. Once done,
Plasma Mobile. Developed as a means to introduce KDE Linux to with the microSD still in your computer, browse the /boot/
smartphones, Plasma Mobile is basically a desktop environment directory and create a new file called ssh without a file extension.
that is compatible with Raspbian. So while the Raspberry Pi This file acts as a flag to enable SSH and enable remote
tablet runs Raspbian Lite, it has Plasma Mobile set as the UI. connections. Use this to set up Raspbian Lite with Plasma Mobile.
3 Configure Raspbian and install

Plasma Mobile 4 Get to grips with the UI
Plasma Mobile has a simple, intuitive user interface.
The steps (see previous page) for installing Plasma Mobile are When it loads up, you will see the lock screen. As you might
required to configure Raspbian Lite, switch repo sources, run a with an iOS or Android device, swipe up to reveal the password
full update, and create a new user. Once this is done, a new user field. You will later see all the default apps listed, with the
can be created and Plasma Mobile installed. This will launch opportunity to swipe up again to access the settings. Things
automatically each time Raspbian boots. Your Raspberry Pi tablet are a little functional in places – use KSysGuard to check
is ready to use – so what can you do with it? processes, for example.
5 Access notifications and shortcuts

Following the Android design language, Plasma Mobile 6 Install apps, browse the web
Minimal apps are installed with Plasma Mobile. To change
features settings shortcuts at the top of the screen, accessed by this, you’ll need to install apps manually, so why not start with a
dragging them down from the edge. This includes things like browser? Use SSH to get started, and install the Chromium
Wi-Fi, sound, and location settings. You’ll spot things that might browser remotely with:
seem odd, such as mobile data. Display brightness can also be sudo apt install chromium-browser
set, and there is a Shutdown button. Meanwhile, recent Check the Plasma Mobile repos for more apps or use your
notifications can be reviewed and dismissed here. Raspberry Pi tablet as a handy internet slate.

TUTORIALS
TERMINAL
The smarter way

to delete files
If you’re worried about accidentally wiping out important files,
Shashank Sharma knows of a few techniques to protect yourself.
D
eleting files is a fairly straightforward process, In this tutorial, we’ll discuss two command-line
whether you work with a graphical interface or utilities, trash-cli and rm-protection, which you can use
the command line. The former, more often than to add these functionalities to the terminal.
Trash for bash

not, relegates deleted files into the trash directory,
OUR
giving you the option to access deleted files and even
EXPERT
restore them if needed. But this isn’t the case with the Even if your graphical environment of choice doesn’t
popular rm command. Once invoked, rm immediately place an icon for it on the desktop, your Linux distro
flushes the specified files, skipping the trash directory already has a trash directory. The advantage of
Shashank Sharma altogether. To recover a file deleted from the command relegating files to a trash directory is that it gives you
is a trial lawyer in line, you must use dedicated software such as the option to view all the deleted files and even restore
Delhi. He’s pained at PhotoRec, but the process is involved and cumbersome, files, empty the trash, etc. You can access this trash
having to abandon and not the subject of this tutorial. directory by navigating to ~/.local/share/trash. It
the noble quest of If you wish to permanently delete files using the comprises three directories: files, expunged and info.
growing a yeard (a graphical environment, you must press the Shift+Del The info directory keeps a record of the permissions,
hipster beard) after key combo. You’ll be prompted with an alert seeking path and deletion date of each of the files. This is
10 months. confirmation before the selected files or directories are relevant and useful if you decide to restore deleted files
deleted. This is in stark contrast to the command line, or directories. You’ll find all the deleted files and folders
where running the rm command will delete the in the files directory.
specified files without any confirmation prompts. The trash-cli utility adds the ability to move files to
MAKE FILES IMMUNE TO DELETIONS

the trash from the command line. You’ll find the utility in
the software repositories of many popular desktop
distributions. If it’s not available for your distribution,
you can follow these steps to install it from Git:
If you have accidentally lost precious data because of hasty $ git clone https://github.com/andreafrancia/trash-cli.
Shift+Del, we have a quick solution to prevent further mishaps. You git
can use chattr to change the associated attributes for a file. The $ cd trash-cli
default syntax is chattr [operator] [switch] [filename] . $ sudo python setup.py install
Refer to the man page of chattr for a list of all available attributes The first command creates a directory named trash-cli
and their purpose. For now, we’re only interested in the immutable in the working directory and copies the contents of the
attribute, which can be used to make sure a file cannot be deleted by trash-cli repository. You can now run the setup.py script
any command, even by a root user.
Run the sudo chattr +i filename command to set the immutable
attribute. You’ll find that you can no longer delete the file, and you
can’t edit it either. Run lsattr filename to view the attributes of the
specified file. sudo chattr -R +i <directoryname> can also be used to
recursively change the attribute of all files in the specified directory.
If you wish to be able to edit the file, but only wish to protect it
from being deleted, you can use the append attribute instead of
immutable: sudo chattr +a filename .
Replace the + with an – operator to remove the attribute from a file.
For instance, running the sudo chattr -i filename command will once
again grant you the ability to edit or delete the file. While the project hasn’t seen a new release in quite some time, it
works exactly as advertised, even with large files and directories.

Deleting files TUTORIALS
to install the utility. You can optionally use the --user

<username> command option with the last command
so that the trash-cli utility isn’t installed system-wide
and is only available for the specified user:
$ sudo python setup.py install --user linuxlala
Once installed, the trash-cli utility provides five
unique commands that can be used to delete files or
directories, view the contents of the trash, restore files
and more:
trash-put – Delete specified files or directories.
trash-list – Displays the contents of the trash.
trash-rm – Delete individual files or directories from
the trash.
trash-empty – Delete all files and directories from
trash.
restore-trash – Restore the specified file or directory. You can run the
To delete a file, you must use the trash-put protect filename
command to
command. The latter command expects the complete
overwrite the
command. You can provide a list of space-separated name of the file, and you can’t employ tab-complete
files, and even use pattern-matching to specify the files with this command. So if you wish to delete a file named existing question/
you wish to delete. Unlike the rm command, which memo of appearance from the /trash, you will have answer for a
won’t delete non-empty directories unless you use the to type the complete file name. If you only provide protected file.
-R command option, trash-put has no such reservations one part of the name to trash-rm it won’t delete
about deleting them. the corresponding file, nor will it report any errors.
As the trash-cli utility only makes use of the already Alternatively, you can run the trash-rm memo*
present /trash directory on your system, you can command to delete the file and all other files that start
straight away run the trash-list command to view the
Instead of
with the word memo.
The trash-empty command can similarly be used to
repeatedly
contents of your /trash directory. That is, files deleted
invoking the
using the graphical environment, or from the command delete all the files and directories from trash. The
line using trash-put command can be accessed with <days> command option can be used to only delete
trash-put
the trash-list command.
command, you
files that have been in the trash for longer than a
When you run the restore-trash command without specified number of days. For instance, if you wish to can instead
any additional arguments, the utility will display all delete all the files that were deleted more than a month create a
the files in the /trash directory and ask you to choose ago, you can run the trash-empty 30 command. The shorter alias
the file you wish to restore. The files are all assigned command trash-empty 1 will similarly delete files that for the same.
The trash-cli
utility already
a unique number, and you must enter the one have been in /trash for longer than a day.
Protected files provides trash

corresponding to the file you wish to restore.
as an alias to
The downside to this approach is that you can’t
trash-put, so
simultaneously restore multiple files. You can use the rm-protection utility to provide a
The restore-trash command also keeps track of
you can run
question/answer for important files. The specified file
the trash
your current working directory. If you invoke it from will not be deleted unless you provide the correct
your /home directory, it will list all the files in the /trash answer to the prompted question. This ensures that <filename>
directory. However, if you run it from another directory, files aren’t deleted accidentally. command to
it will only list the files in the /trash that were originally Run the sudo pip install rm-protection command to delete the
stored in that directory: install the utility. It provides two commands – protect specified file.
$ cd ~/Music/ and rm-p . The former is used to specify the files you
$ restore-trash wish to safeguard against accidental deletions, while
No files trashed from current dir (‘/home/linuxlala/ the latter can be used to delete files so protected.
Music’) Remember, you can still delete a protected file using
$ cd ~/Documents/for-gm the rm or the trash-put command.
$ restore-trash So if you decide to employ protect to safeguard
0 2020-02-13 14:02:31 /home/linuxlala/Documents/for- your files, you should consider creating an alias for
gm/memo of appearance.odt rm-p such as:
1 2020-02-13 14:02:34 /home/linuxlala/Documents/for- alias rm=”rm-p”
gm/temp When you protect a file, the question and answer
What file to restore [0..1]: are stored in a plain text file named .filename.
So the second time we run restore-trash , the utility rm-protection. The answers are case-sensitive, so
presents a list of files deleted from the current directory, typing “terminator” as an answer in place of
and asks you to specify the file you wish to restore. “Terminator” will result in an error.
Pruning trash
If you’re comforted with the possibility of restoring
deleted files, we must take a moment to caution you
You can delete files or directories from the /trash with against using the rm-p command. Like rm , it
the trash-rm <pattern> or the trash-rm <filename> bypasses the /trash directory.
IMPROVE YOUR LINUX SKILLS Subscribe now at http://bit.ly/LinuxFormat

TUTORIALS Digital diary
Credit: http://lifeograph.sourceforge.net
LIFEOGRAPH
Create and update
your digital diary
Nick Peers reveals how to create private and encrypted ‘Dear Diary’
moments to last you a lifetime (of embarrassment reading them back).
ne of the biggest weaknesses of blogging – the the Flatpak repository (https://flatpak.org/setup/
O online equivalent of keeping a diary – is that it’s

so public. Sure, you can lock down your blog,
Ubuntu), which gave us the latest version – 1.6.1 at the
time of writing – through the Software Centre.
but unless you’re hosting it on your own local server, it After installation, launch the program to find yourself
can leak online despite your best efforts. at the main program screen, which going forward will
Lifeograph (http://lifeograph.sourceforge.net) provide you with a list of all recently opened diaries (yes,
OUR is designed to provide you with a journal that’s offline it’s possible to set up and run multiple diaries to keep
EXPERT and – through password-protected encryption – private. various aspects of your life separate). The first time it
Nick Peers It’s clean and simple to use, but dig a little deeper into appears, you’ll see a handy ‘If this is your first time with
Is still getting it and you can get even more from it than simple text- the program, click here to start right away’ button to
over the based scribbles. create your first diary file. Choose a suitable location on
embarrassment your hard drive and provide your choice of filename
of keeping a diary First steps (with .diary extension) before clicking Save.
as a teenager. Lifeograph is available in the official Ubuntu repos, but First, encrypt your diary for greater security if
the version here is likely to be outdated – 18.04 carries necessary: click the diary’s filename in the right-hand
version 1.4.2-1, for example. For this tutorial we added navigation pane to bring up its properties screen. Next,
click the Edit button followed by the diary icon to its
right to bring up a pop-up menu. Select Encrypt, then
BUILD YOUR OWN THEME add a password – the diary will be encrypted using
AES-256, and you’ll need to enter the password to open
Lifeograph enables you to change the look and feel of diary entries the diary in future.
using themes to define the colour scheme used. These are applied at As an extra security measure, Lifeograph logs you
the tag level: when you select a tag to view its properties you’ll see a out of your diary (while saving it) after 90 seconds of
section devoted to themes. Here you should be able to change the inactivity – look out for the countdown timer popping
colour of selected items, whether it’s text in the case of headings and up and giving you a ten-second warning (click anywhere
normal text, or the colour used for highlighted text, or the background within Lifeograph to cancel it). You can temporarily
of the entry itself. You can also change the font size and style too – disable this by clicking the ‘v’ next to the Log Out button
again by clicking the appropriate option and making your choice from and clicking ‘Disable Auto Logout for This Session’.
the menu. Permanently disable the feature – or change the expiry
Once you’ve assigned a custom theme to a tag, you can quickly time by clicking the burger ( ) menu to the left of the
paste it to another one – simply select that tag, click the drop-down Log Out button and choosing Preferences.
menu next to Theme and choose Copy From followed by your desired
tag. You’ll also see a Reset To Default option on the Theme drop-down
menu should you need it.
Any entries that aren’t assigned to tags are themed according to
the Untagged entry, which you can also customise. Themed tags are
identifiable by their dotted red
outline. If you assign two themed
tags to an entry, the post will
keep the theme from the original
tag – to switch to the other tag’s
theme, click its entry in the
Themes apply specific colour schemes, bottom pane and click Use
backgrounds and fonts to entries. Theme from the pop-up menu. Lifeograph is a good repository for all those old blog posts that you
want to back-up somewhere safe, away from prying eyes.

Digital diary TUTORIALS
While you’re at the Preferences screen, you can Navigate Lifeograph’s interface...
change the date format from the default (YYYY-MM-
DD), toggle the formatting toolbar on/off in diary entry 1
view, and show a preference for the dark Gtk+ theme. 2
5
Your first diary entry 4
You’ll see an empty entry for today has been created,
currently blank. You switched from read-only mode
earlier (if not, look for the blue Edit button and click it),
so you can start recording your thoughts. It’s as familiar 3
as using a text editor, with added support for limiting
formatting. Note that your first line will be automatically
formatted as header text. Hit Return and subsequent
lines default to plain body text.
You’ll see that the formatting toolbar reveals support
for bold, italics and strike-through text, as well as
highlighted text and lists in the form of bullet points or a 6
to-do list within the diary entry. You can also set up a list
by starting a line and pressing Tab followed by your
choice of character: asterisk for bullet, plus dash (-),
number and full stop (1., 2. and so on).
There’s support for more sophisticated formatting in Entry title Diary entry window
the form of additional sub-headers, mark-up text and 1 Click the title to rename it, or click its 4 This works like a regular text editor
internal (and external) hyperlinks. Your entries can also associated icon to turn it into a to-do item or with some clever extras, including support for
include images, but only as a thumbnail with a link to make it a Favorite. markdown formatting and hyperlinks.
the original image. The simplest way to do this is to
Sort diary entries Navigation pane
create a new paragraph within your text, then drag the 2 Click the hamburger ( ) button to 5 All diary entries and chapters are listed
file from Files into here, or to copy and paste it from change the sort type (date, size or last changed) here – use the Search tool or Filter to control
another application like Image Viewer. and order (ascending or descending). what’s shown by date, keyword or other.
It’s possible to insert asides in the form of specially
Tags Calendar
formatted comments anywhere in your text (for 3 Assign these to diary entries to help 6 Use this to navigate by date – days with
example, references or explanatory text that doesn’t organise them – click one to edit its properties entries linked to them appear in bold: click once
always need to be displayed). This button reveals the (including theme). to view, double-click to create a new entry.
mark-up text you need to use – simply enclose your
comments within double square brackets [[like so]] and
they’ll automatically be formatted. Use the [[]] button choose a start-up action, which lets you select the diary
on the formatting toolbar to toggle between hiding or entry you want to be displayed when you first open it –
showing comments as required. the latest entry, the last entry you were viewing, or a Lifeograph
specific entry. Beneath this you’ll also see a Chapters supports simple
No more spilling mestakes drop-down menu, which lets you divide your diary into to-do lists
Lifeograph has a built-in spellchecker spanning multiple specific segments – more on that shortly. within diary
languages. It’s disabled by default, but you can manually To return to your previous diary entry, click the back entries. Use
apply it to the current diary entry by right-clicking and button in the top left-hand corner or click its entry in the the List button
choosing Spell Checking followed by your chosen right-hand pane. While you’re there, you can change the to set one up.
You’ll see four
language. Any misspelled words are then highlighted in current diary entry’s date by clicking on it at the top of
box options:
the usual way – with a red squiggle beneath them. Just the main window – enter the new date using the same
to-do, in
right-click the word to reveal suggested alternatives. format as the current one (YYYY.MM.DD by default). progress, done
If you’d like to apply spellchecking to the entire diary, and cancelled.
switch to its properties screen (click the diary filename It’s tag-tastic Once this list is
in the navigation pane if you’ve forgotten how). From There are several ways in which you can introduce in place, update
here you can set your choice of spellchecker and layers of organisation to your diary to make content each box simply
quicker to find. One is to favourite individual posts – by clicking it
click the icon to the left of its title and you’ll see a heart once to cycle
icon. Click this and you’ll see a heart appear both over between the
available
its icon and next to its entry in the navigation pane.
options screen.
Another easy and visible way is to add tags to posts.
You’ll see the ‘Add tag’ button in the bottom of the
screen. Click this, add your first keyword and click
Create Tag. Not only is the tag added to this diary entry,
but it’ll appear in the Tags list on the left-hand side of
the Lifeograph window. Going forward you can simply
drag tags from here into the main diary entry pane to
add them to the post.
Tags come in two principal types: Boolean, basic keyword-based tags, Click a tag in the left-hand pane and its properties
and parametric, for compiling statistics. will pop up. This works in a similar way to other

TUTORIALS Digital diary
elements, with the ability to quickly rename it by clicking
You’ll also find

the name at the top. You’ll also see an option to assign it
another hidden
a specific category – yet another layer of organisation –
file with a
and also change its type and unit.
~previousversion
file extension.
Crying over football tags
This is a backup This is where things get interesting: the default type of
version that tag is Boolean, which is perfect for simple keywords, but
contains the Lifeograph also supports parametric tags, which enable
diary’s content you to add numeric values to tags on an entry-specific
prior to the last
editing session
basis. There are two types of parametric tag you can
– if you wanted
create: cumulative (perfect for totting up your football
Organise related diary entries into chapters to help you organise them
to roll back to
team’s pathetic points tally over a season) or average
more efficiently. Three types – date, numbered or free – are available.
this version,
(for monitoring weight over an extended period).
the procedure
When creating the tag for the first time, simply enter
TAGNAME = <VALUE> and hit Enter. The value should
is the same as
growth in cumulative values over time, or changing
for the ~LOCK~ be unitless for now – supported units are kilometres, averages, depending on the tag type.
file, except this miles, kilograms, pounds, litres, Celsius/centigrade and The graph tracks figures on a monthly basis by
time you want Fahrenheit. To assign a unit to the tag, click the Type & default, but you can change this to yearly by clicking the
to rename the Unit drop-down menu – you can switch between drop-down menu next to Graph. An Underlay Previous
~previousversion
with a .diary
cumulative and average from here – and then click the Year box can be ticked to compare this year with the
extension
Unitless drop-down menu to specify your unit. Return to previous one; also look for a zoom slider with an
instead.
the diary entry and you’ll see that the unit is now accompanying horizontal scrollbar for tracking data
displayed next to the tag. over an extended period.
Working with chapters

Going forward, the tag plus value can be assigned to
other diary entries in the usual way – if you drag and
drop it, it’ll be automatically given a value of 1. Just click On one level Lifeograph can be used purely to record
the tag to reveal a pop-up menu, where you can change diary entries – multiple entries per day are permitted –
this figure. and the whole list appears in the right-hand navigation
Return to the tag properties screen over time and pane, which can be sorted from the burger ( ) menu
you’ll see the statistical graph at the bottom update to (see the annotation). But you can go further and divide
show potentially useful information. Graphs beneath your diary into chapters, then organise (or create)
Boolean tags simply display the number of entries entries to sit within these sub-folders.
containing that tag on a month-by-month basis, while The quickest way to create new chapters is via the
those for parametric tags can be used to show the main screen – click the + button next to the Today
SYNC CONTENT BETWEEN DIARIES

button and you’ll see a pop-up menu appear, revealing
that three types of chapter are supported: by date, by
number or a so-called ‘free chapter’.
Date chapters work in a slightly different way to the
Lifeograph enables you to perform a selective merge or sync between others: you’re limited to one per day (see the Quick Tip
two different diary files, choosing exactly what to transfer between for a workaround involving chapter categories), and they
them – entries, tags and/or chapters. can be colour-coded to help identify them when viewing
Click your diary file’s name in the navigation pane to bring up its the diary’s statistics in graph form.
properties screen. With Edit mode on, click the diary’s icon and Once created, you will then be taken to the chapter
choose Synchronize/Merge… Click the None button at the top to title’s properties page in edit mode. From there you can
select your diary – we found leaving Diary Files selected as the file replace the ‘New chapter’ part of the title by clicking on
type produced no matches, so change this to All Files to locate and the chapter title at the top of the screen. Click on the
select the file containing the data you wish to bring across. icon that’s to the left of its title, and you can assign it a
By default, all items are set to be added as new entries in the new status icon instead of using the four to-do options
diary – click Scheme to change the default behaviour (you may wish available elsewhere.
to set Changed to Overwrite if you’re happy to replace existing entries New diary entries can be created directly from this
with their corresponding entries from your original diary). You can screen, or you can drag and drop existing entries into
then select each individual item and click the grey I button to set it to the chapter via the right-hand navigation pane in the
ignore, or A button to add it. Flick the Apply To Similar switch to On order you want them to sit. Drag and drop entries into a
and change the status of one item – be it tag category, tag, chapter or numbered chapter and they’ll be assigned prefixes – 1.1,
entry – to make all entries of the 1.2, 1.3 and so on – while dragging diary entries into a
same type change along with it. date chapter will see their date automatically changed
Click the Tag Imported Entries to match the chapter.
box to create and assign a tag to Should you wish to delete a chapter, click the chapter
all imported diary entries. icon next to its name – you’ll see a Dismiss option
Once you’re happy with your underneath the to-do boxes. Select this, read the
selection, click the Go button warning (any nested diary entries are moved back to the
Import data from another diary is easy and the entries should top level of your diary unless you tick Also Dismiss The
using Lifeograph’s selective sync tool. successfully transfer across. Entries Within to delete them too) and click DISMISS! to
remove it.

Digital diary TUTORIALS
Search and filter to the title and choosing Print. You can also export all or
Lifeograph features a powerful search tool that can part of your diary as a Lifeograph diary file or plain text.
quickly find content through simple keyword searches, To do this, set up your filter to select only those Lifeograph
but it can also be used as a search and replace tool. entries you want to export, then click the diary filename supports
another level
of chapter
After typing your search term(s) you’ll see the in the navigation pane. Click the diary button at the top
organisation
navigation pane update to show only those with entries of the screen and you’ll see an Export option. Enter your
in the form
containing your keywords; you’ll also see a pop-up diary’s password if necessary, then choose to export all
of categories,
window appear beneath the Search box with options for entries or only the current filtered ones followed by your
which work in
moving backwards and forwards between matches, as desired format, and click Export. If you export in plain
well as replacing the text – either the current selection text, all markdown formatting marks are preserved. relation with
or all the text in your document. You may also wish to access – and update – your date chapters
You’ll also see a filter button to the left of the search diary on different machines. Lifeograph offers desktop to let you
box. This serves two main purposes; performing more apps for Linux and Windows, plus an Android app that create multiple
advanced searches, plus limiting various operations to mirrors the desktop version effectively, allowing you to date chapters
for the same
day, one per
the filtered selection only, such as exporting or printing read (and update) your thoughts while on the road. One
category. They
part of your diary. Click the button and you’ll see several way to do this is to keep your diary file in a shared
can be set up,

quick filters appear: Not In Trash; In Trash; Regular; and location – a secure cloud folder, for example – that each
renamed and
Favorite. These are toggled simply by clicking the client can access when required, but it’s also possible to
removed via the
appropriate button – as you do so, the list of diary sync part or all of your diary with another compatible
entries will be filtered accordingly. device or PC (see the boxout on page 62). Chapters drop-
down menu
Troubleshooting
The buttons beneath this enable you to filter diary
entries by their status: regular (the pencil icon), to-do on your diary’s
and in progress entries are shown by default; completed Lifeograph isn’t completely bug-free – sometimes it’ll properties.
and cancelled items are hidden. There’s also a (Drop a just crash with no rhyme or reason. Unsaved changes
tag here to filter) section – when in edit mode, you can made since you last logged out of the diary are stored in
simply tag here to add it to the filter. a hidden file with a ~LOCK~ file extension. When you
Click More Options to reveal additional criteria; start reopen the file, these changes should be merged back
and end dates, plus a hidden entries box (just drag into the original, enabling you to log out and hopefully
individual entries from the navigation pane into here to delete the file.
filter them from the navigation pane. You can then easily That doesn’t always happen, however – click Edit
remove them from the filter using the Remove Selected and you’ll see a warning about the lock file being in
and Remove All buttons). Finally, a Make Default button place. You’ll need to log out, then browse to the
enables you to make the currently selected filters the directory containing your .diary file. Inside there is the
default for your diary going forward. hidden ~LOCK~ file (tick Show Hidden Files in Files to
Sharing your diary

make it visible). You need to move your main .diary file
to another folder, then rename this file with a .diary
There are several ways you can share your entries – extension to recover all the changes made since the
individual ones can be printed by clicking the icon next main file was actually saved.
ADVANCED FORMATTING TIPS
2 3
Add extra headings Markup-style formatting Add links
1 We’ve seen how the first line on any Insert formatting via the formatting You can embed all kinds of links:
diary entry is formatted as a heading by toolbar, or use the following shortcuts: web URLs, emails, diary entries and other
default – other lines revert to body text. underscore (italics); asterisk (bold); hash files. Type a full web address or mailto: link
Lifeograph also supports two further sub- (highlighted); and equals (strike-through). and it will automatically convert into a
header styles. The first level can be Remember to use these before and after hyperlink; drag a diary entry from the
invoked for the current line by starting it your chosen text – so _italicised text_ for navigation pane to create a link based on
with a single space – ‘ Sub-header 1’, for example. Disable formatting in a paragraph the entry’s title. Drag files from Files into
example – while the second starts with a by starting it with a dot (.) followed by a the window to create links – image links
double space, so ‘ Subheader 2’. tab. Right-click to insert emojis. produce accompanying thumbnails.
DEAR DIARY, I ❤ ❤ ❤ LXF! Subscribe now at http://bit.ly/LinuxFormat

BACK ISSUES
BACK ISSUES MISSED ONE?

ISSUE 260 ISSUE 259 ISSUE 258
March 2020 February 2020 January 2020
Product code: Product code: Product code:

LXFDB0260 LXFDB0259 LXFDB0258
In the magazine In the magazine In the magazine

Sensing the As Windows 7 We venture into
coming of spring, we rouse reaches its end of life, we the murky realm of hacking, taking a
ourselves from semi-hibernation opportunistically swoop in to lead look at some of the ways hackers
with a feature full of glorious maker you to Linux’s desktop paradise. operate, how to prevent it, and how
projects. We also look at firewalls, Plus, learn the best ways to back up to set up a hacking playground.
set beginner distros against each everything, set up an audiobook Plus, we chart the rise of Blender,
other, and show you how to move streaming server, how to build a look at music notation software and
from Evernote to Joplin. processor, and how to use Grafana. building micro:bit walkie-talkies.
DVD highlights DVD highlights DVD highlights

Mint 19.3 (64-bit), Elementary OS v5.1 Pop!_OS 19.10 (64-bit), Rescatux 0.37 Kali Light (64-bit), Fedora 31 (64-bit),
(64-bit), and BlackArch 2020 (64-bit) (32/64-bit) and Bodhi 5.0 Lite (32-bit). and MX Linux 19 (32-bit).
ISSUE 257 ISSUE 256 ISSUE 255

December 2019 November 2019 October 2019
Product code: Product code: Product code:

LXFDB0257 LXFDB0256 LXFDB0255
In the magazine In the magazine In the magazine

Tired of a That dastardly The new Mint is
laptop that’s slow off the mark? Google, eh? Escape its data-guzzling here, and we’ve got your complete
Discover how to make Linux lighter clutches with our complete guide to guide to using it. Plus: how to
and faster. Also, bring deleted files open-source alternatives. Plus: get transfer data from Pi to PC (and
back to life, quickly edit videos, full Linux on your Android device, back), more Linux-on-Android fun,
create great HDR photos with open enhance your audio tracks with managing your apps, calling Linux
source tools, and create smaller Audacity, optimise your media services from your code, and a peek
apps with React. libraries and code in ZX BASIC! at Google’s Fuchsia OS.
DVD highlights DVD highlights DVD highlights

Ubuntu 19.10 (64-bit) and Puppy Linux 8.0 (64-bit) and Mint 19.2 Cinnamon (64-bit),
NixOS 19.09 (32-bit). LXLE 18.04.3 (32-bit). Mint 19.2 MATE & Slax 9.9.1 (32-bit).
To order, visit myfavouritemagazines.co.uk

Select Tech from the tabs of magazine categories, then select Linux Format.
Or call the back issues hotline on 0344 848 2852
or +44 344 848 2852 for overseas orders.
Quote the issue code shown above and have your credit or debit card details ready

£10 SUBSCRIPTION OFFER
FREE DIGITAL MAGS!
SUBS
10
LINUX FORMAT
for €/$/£
and get a selection of digital tech mags for FREE!
www.myfavouritemagazines.co.uk/lin/intt10
Offer available to EU, US and ROW subscribers
*Terms and Conditions: This offer applies to all new subscribers. This offer entitles new subscribers to their first quarter of issues for £10, €10 or $10 dependent on location. After these issues,
standard subscription pricing will apply – please see online for details. Offer applies to print subscription only for iCreate, Linux Format, MacFormat, T3, What Hi-Fi?, Windows Help & Advice.
You will receive an email after your purchase with a downloadable link to your free digital magazines. Prices and savings quoted are compared to buying full-priced print issues. You can
call us to cancel your subscription within 14 days of purchase. Payment is non-refundable after the 14 day cancellation period unless exceptional circumstances apply. For full terms and
conditions please visit: www.bit.ly/magterms. Offer ends April 30th 2020.
TUTORIALS Digital signal processing
Credit: www.gnuradio.org
GNU RADIO Part One!

Don’t miss
next issue –
An electronics lab
subscribe on
page 26!
on your desktop
Sean Conway will install in your wetware the foundational knowledge to
use GNU Radio on an Ubuntu system – like an electronic hacking pro!
e’re going to take an in-depth look into the required to construct an analogue audio circuit with the
W instructions for installing and using the GNU

Radio software on a standard Linux desktop.
software. From a command line, enter the following
commands to refreshes the OS to ensure all
GNU Radio is an open-source software development repositories and software loads are current. After a
toolkit (SDK) that replaces physical test equipment and reboot, it installs the GNU Radio application:
electronic circuitry – usually found in an electronics labs $ sudo apt-get update -y;sudo apt-get upgrade -y
OUR – meant to generate and/or process analogue signals. It $ sudo reboot
EXPERT can simulate the audio source in software and then play $ sudo apt-get install gnuradio gr-osmosdr
Sean D. Conway the audio tone from the digital source using the PC’s The core of GNU Radio is written in C++ using
This retired sound output: no need for the audio generator and floating-point processor extensions for critical signal
Senior IT Security breadboard circuits! processing paths. This provides a real-time, high
Specialist loves We’re going to install GNU Radio on a computer throughput radio system. Additional functionality
to dabble in tech. running Ubuntu 18.04 and provide the basic knowledge is provided using Python.
The user interface for GNU Radio is the GNU Radio
Let’s explore GNU Radio… Companion (GRC). The terms are GRC and GNU Radio
are often used interchangeably, but to avoid confusion,
GRC is the graphical tool used for creating and
1
generating the flow graph source code used by GNU
Radio. GRC is bundled with the base install.
3
2 Radio GUI GUI
GRC can best be described as a GUI console for GNU
Radio. If GNU Radio’s software version changes, the
console may or may not change also. The console
packaged with GNU Radio version 3.7.11 is divided into
five areas: Toolbar, Workspace, Library, Terminal and
Block properties (see Let’s explore to the left).
Before using the software, let’s get familiar with the
terminology and then explore some basic concepts to
5 better understand the user interface. GNU Radio uses
flow graphs for all signal processing, which are
constructed using blocks. For this tutorial we will use
blocks native to the software. Writing new blocks is
4 encouraged in the community, and this can be done
using C++ or Python, with plenty of resources available
Toolbar for those up to the task.
1 Flow graph controls. Some key functions Terminal A flow graph after construction can be edited, saved
are managing flow graph files and starting and 4 Shows messages from flow graph and recalled for future use. These files are saved with a
stopping flow graphs. executions.
.grc extension. Sharing flow graphs is similar to sharing
Workspace Block Property files containing blocks of code. They can be expanded
2 The area in which you place blocks to 5 Displays a table of defined blocks IDs on, or combined with other flow graphs to build more
create a flow graph. and their variables. complex circuits.
Blocks are the basic building units in GNU Radio.
Library
3 A listing of all the blocks that are installed A block typically performs a single digital processing
on the system, with categories. function. Creating multi-processing blocks is not

Digital signal processing TUTORIALS
encouraged since it takes away from the modular
CREDIT: John Wiltrout

concept of flow graphs. One digital signal process per
block ensures the digital processing is modular.
Input and output to and from a block is done with
ports. Blocks that only have output ports are called
Source Blocks. Blocks that have only input ports are
called Sink Blocks. A flow graph must have a minimum
of one Source Block and one Sink Block. The Source
Block is the start of a flow graph, with the Sink Block
being the end or output of the flow graph. Got it?
Blocks can support different types of data. Each
data type is assigned a colour. In order to establish a
connection between two blocks, the data type (colours)
must match. The digital representation of the output
from blocks are referred to as items.
Let’s now use GRC to construct a simple flow graph Replace this entire
with a Source and a Sink block. The objective of the flow connection follows. Flow graphs depicting source ports electronics lab with
just a computer
screen!
graph is to generate an audio signal and route the signal on the left side of the workspace and sink ports on the
to the computer’s audio output. right of the workspace are done for aesthetic purposes
Building a flow graph

and ease of understanding. It’s actually possible to
place the sink block to the left of the source block, or
We’ll look at flow graph construction in two stages. In indeed anywhere, but the flow graph may then become
the interest of saving space, the diagram on page 69 confusing to follow.
shows the final flow graph. It’s divided by a dotted line To remove block connections, rightclick the
into two areas, labelled Simple and Enhanced. For the connection line and the drop-down menu enables you
first part of the discussion, focus on the blocks above to select Delete to remove the connection. The inside story
the dotted line in the area labelled Simple. In the second Now select the Toolbar start icon (yellow arrow) on SDR: https://
en.wikipedia.
org/wiki/
part, when the construction discussion advances, we’ll to start the flow graph. If this is a new flow graph
Software-
look at those blocks in the area labelled Enhanced. construction, the application forces you to do some file
defined_radio.
From the GRC Library, select Core > Waveform administration tasks before the flow graph will function.
Generators > Signal Source, left-click the block and The first time you run the program, you may receive
drag it to the Workspace area. After a block is placed in an error message that The xterm executable is
the Workspace it can be repositioned by dragging, in missing . Click the button to continue. This error
the usual way. Double-clicking a block on the message can be eliminated by using your favourite text
workspace brings up the block properties screen tab(s). editor to modify /etc/gnuradio/conf.d/grc.conf,
Change the Output Type field to Float and then select adding /usr/bin/gnome-terminal after xterm_
the OK button. This changes the port data type for this executable = .
Block. Block properties will be explored in greater depth Once you have given the file a name, the flow graph
later in the tutorial. tab will display the name only if you have more than one
We have actually changed the data type for the port tab (flow graph) open. The tab for the workspace will
on this block, and the port colour changes from blue to contain the name assigned to the flow graph file. You
orange as a result. Remember the rule: port data types can have more than one tab available. This becomes
must match in order for a connection to work. really handy to track changes when making multiple
The Libraries category listings can seem daunting, versions. Now that we have taken care of the file
and this is especially true if you are a novice or are not management, select the run button again. A pop-up
WX AND GX GUI
sure what you are looking for. Remember that blocks
with only output ports are called source blocks. Do a
search with the criteria ‘source’ using the search button
provided in the Toolbar area. The search will weed out
all the other category clutter and shorten the list of Earlier version of GNU Radio Companion used WX GUI widgets. WX
Blocks that meet the criteria. As you become more had some performance issues, especially with integrated graphic
familiar with GNU Radio, you will also become more hardware. The replacement are QT GUI widgets. In the console
familiar with the categories used for sorting blocks. drawing you can determine the widget support from Option Block.
We will use the search to aid us in our block listing. Before GNU Radio release 3.7, WX GUI was the default; QT GUI
From the Library, find an audio sink block and place became the default widget support at version 3.7.
it on the screen: Core > Audio > Audio Sink. Try using Since the Initial development of GNU Radio was done with WX GUI,
the search to accomplish the same task. Position the a number of Blocks were developed using that technology. Most if
blocks on the workspace so that the source block is on not all the WX Blocks now have QT Blocks to replace them. At the
the left of the workspace area and the sink block is on GRCON conference in 2018 it was indicated that with the 3.8 release
the right. Now click the source port (orange box) and of the software, WX GUI will be completely dropped.
then click the sink port (orange box). A line is drawn WXGUI and QT GUI are not compatible, meaning they can’t both
between the two ports, indicating a connection has operate in the same flow graph. There are a considerable number
been made. This connection was possible only because of flow graphs available under WX GUI technology, so if you’re
the two port data types matched. Drag the boxes downloading flow graphs you need to be aware of this change.
around on the screen and you’ll notice that the

TUTORIALS Digital signal processing
Port colour mapping

Bad connection
The project
Complex Float 64
(data type mismatch)
documentation
Complex Float 32
Blocks
is at https://
Complex Integer 64
wiki.gnuradio.
Complex Integer 32
org/index.php/
Complex Integer 16
Constant Source Complex To IChar Audio Sink
Main_Page.
Complex Integrer 8
Constant: 0 Vector Output: No Sample Rate: 32k Float 64
Float 32
(Source Block) (Sink Block) Integer 64
Integer 32
Ports Integer 16
Good connection Integer 8
Bits (unpacked byte)
(data type match) Message Queue
Async Message
When colour is the key to a good connection…

Bus connection
Wildcard
screen labelled Top Block will be displayed and a when flow graphs fail. Let’s create a problem so we have
1,000Hz tone generated by the flow graph source block an idea what to expect when an issue does occur.
and sent out the sink block will be played through the Drag a second signal source or audio sink block onto
computer’s speakers or headphones. This Top Block the workspace. Don’t make any connections to the
window contains nothing for the moment; it will become added Block. Notice that the Run button is greyed out.
populated as we explore more block features. Look at the extra audio sink block: it has red text. Look
To stop the flow graph and put an end to the piercing at the Terminal screen and note the message. In fact,
tone, use the ToolBar Kill icon or close down the Top when we tried this nothing was added to our Terminal
Block pop-up window that was opened by the program screen, but the error message displayed when we
when the flow graph started. pressed the ‘View flow graph errors’ button.
If your flow graph failed to generate audio, take a The console is designed to assist you in
look at the Toolbar for a red error button. Look at the troubleshooting problems: you just have to take the
Blocks themselves for red text to assist you in hint. In order to continue with the exercise we will need
troubleshooting the problem. You can also read to remove the extra block that was added.
messages provided in the Terminal window (at the The flow graph so far generated a tone and played it
lower left side of the console) to determine the cause through the computer’s audio output. It would be nice
of the problem. to augment the audio with some visuals. Using the
Library, drag the QT GUI Time Sink block onto the
Adding the enhancements workspace. As the block categories get deeper, the
If your first exercise was successful and audio was search feature begins to have more appeal: Core >
heard, that’s good – but we need to explore what to do Instrumentation > QT > QT GUI Time Sink.
MORE ABOUT GNU RADIO

Notice the port for this Block has a different colour
than the two Blocks. As noted: the colour defines the
data type the port is configured to support. Double-click
the QT GUI Time Sink block and change the type field to
GNU Radio is a free and open-source software development toolkit Float and select OK. The port colour of the QT GUI Time
that has generated interest in research, industry, academia, Sink Block should have changed to the colours of the
government and hobbyist environments. It enables the construction ports on the other two blocks. Remember a connection
of complex testing scenarios without the need for test equipment. between blocks with different data types is not
Note, however, that GNU Radio performs digital signal processing permitted. Do a search for the acronym WBFM
of an analogue signal. A Block may produce a 1kHz tone, but it is not (wideband FM) and drag the WBFM Receive block to
an analogue signal. It is an analogue-to-digital decoded (ADC) the workspace. This block supports two different data
representation of the signal. The GNU Radio software is not types and enables a digital signal process between
manipulating the analogue signal itself but rather the digital matched data types. Remove (left-click delete) the
representation of the signal. WBFM Receive block.
The learning curve for GNU Radio is not only steep but also broad. Connect the Signal Source port to the QT GUI Time
The documentation provides tutorials and flow graph code samples Sink by selecting one port and then the second port.
to get started, along with some suggestions for those new to the The two ports must be the same data type for this to be
world of digital signal processing. possible. Now use the Toolbar Run button and audio
The software can be used with readily available low-cost external should play, along with a pop-up a visual of the cosine
RF hardware to create software-defined radios (SDR). SDR is a radio wave on the screen.
system that uses signal processing in software instead of using Remember that before the addition of the QT GUI
dedicated integrated circuits in hardware. The same hardware can Time Sink Block, a blank window appeared with the
be used to create a variety of radio circuits within different label Top Block. That Top Block window will now display
communication standards by just changing the software data requested.
configuration of GNU Radio. It would be nice if we could change the frequency of
the tone like a real audio signal generator. Right-click

Digital signal processing TUTORIALS
Using Variables was one way to change the

frequency, but the method still doesn’t replace an audio
signal generator, complete with a method to change
frequency on the fly. Let’s see if we can make that
happen using another signal-processing block.
Delete the Variable signal_freq block we just created.
The workspace will throw an error because the Variable
is still in play in the flow graph but is not defined. Now
use the Library to find the block QT GUI Range and
drag and drop it to the workspace. Open the properties
of the QT GUI Range block and make the following
changes to it:
ID=signal_freq
Label= Audio Frequency Slider
Default_Value=1e3
Start=5e2
Stop=2e3
Step=100
Select OK or use Apply first to confirm there are no
The ‘Monopoly’ property squares of GNU Radio block configurations. errors. Then execute the flow graph using the Toolbar
Run icon. A tone should play and the Top Block pop-up
the block already on the screen labelled Variable, then will contain the audio waveform and a slider bar for
select Copy. Then immediately right-click again and adjusting the frequency. You can now adjust the audio
select Paste to copy the Block to the workspace. This frequency of the signal generator. Note the label
will create another Block variable, but the block ID value assigned to the slider bar was assigned in the properties
will be different. of the Block.
Let’s examine the properties of this newly created You don’t like a slider on the signal generator?
Variable block by right-clicking and selecting Properties Are you thoroughly old-school and you prefer a knob
– or double-click the block itself. Change the ID field to like the one found on your old tube generator? Go back
signal_freq and change its associated value to 2e3 into the properties of the Range Block and change the
and select OK. Widget field to a more appropriate value.
Now open the properties of the Signal Source block. It appears replacing that old audio signal generator
Change the frequency field to freq_signal and select wasn’t as hard as you thought. Let’s do a short review
OK. Notice the block now has red indicators and the to solidify some knowledge before you carry that old,
flow graph Run button is not accessible. If you open hardware audio signal generator to the curb (the bin
Signal Source block properties again, an error message men won’t take it – Ed).
is displayed on the lower portion of the box. This This tutorial constructed a simple audio signal flow
message pops up if you use the Apply button before graph as an an introduction to GNU Radio software.
completing the tasks by selecting the OK button. More complex digital signal processing is possible using
Change the Frequency field to signal_freq and select the software.
OK once more. A project to capture external data and process it
When the flow graph is executed, the tone and visual within GNU Radio might be something to consider once
time display will reflect a 2kHz signal rather than the you get really good with the software.
1kHz signal we originally started with. For those with
hearing loss at higher frequencies, you may want to
substitute 500Hz for the 2kHz in the properties of the Signal Source
Sample Rate: 32k
Simple
block. Creating Variables becomes useful if multiple
Waveform: Cosine
blocks use the same content; you only have to change Frequency: 1k Audio Sink
the variable in one place to propagate the change to all Amplitude: 1 Sample Rate: 32k
blocks using it. Offset: 0
Exponential crisis
Notice that in the lower-right area of the console, in the
Block Properties area, the variables and values are QT GUI Range
displayed. You may be wondering why exponential ID: signal_freq
values are used to populate fields. Exponents are used Label: Audio Frequency Slider QT GUI Time Sink
Default Value: 1k Number of Points: 1.024k
often to code values. It is much simpler to use
Start: 500 Sample Rate: 32k
exponential notation than trying to count the correct
Stop: 2k Autoscale: No
number of zeros when dealing with mHz or higher
frequency values. You should get in the habit of using Step: 100
Start simple and then add enhancements. Enhanced

exponential notation when coding values; for example,
2e3 is an exponential representation of 2,000Hz.
WE’D LOVE TO PROCESS YOU… Subscribe now at http://bit.ly/LinuxFormat

TUTORIALS Zabbix monitoring
Credit: www.zabbix.com
ZABBIX
Enterprise-grade
monitoring made easy
Manage an enterprise as Stuart Burns introduces Zabbix, a free, scalable
monitoring tool that is lightweight and extremely easy to use.
abbix is an extremely lightweight, easy-to-use Although most of the Zabbix site seems to prefer Cent
Z and free monitoring tool that can scale from

a small home lab to a huge multinational
OS, this demonstration is going to use Ubuntu 18.04
LTS. Make sure to give the server a static IP address so
company. Zabbix can help monitor and highlight issues that the server is always on the same IP address, or it
in the reader’s environment through a single application, will cause problems, i.e. it changes and causes agent
making life easier. Even companies such as T-Mobile connectivity issues.
OUR and Dell use it to manage parts of their estate. Create an Ubuntu server VM with 4GB RAM, two
EXPERT Here we look at the functional pieces that make CPU cores and 60GB of disk space, install Ubuntu and
Stuart Burns up the product and how to deploy it across your reboot. At this point the reader should be able to SSH
is a Fortune 500 environment in a test scenario, whether that be a small into the server using your credentials. For this proof of
administrator and home lab or a company. It can even monitor your cloud concept using a single disk is OK, but in a production
small business servers, should you want it to. It should be noted that environment it is strongly be recommended to have
owner this walkthrough does not address the security of the the SQL DB and other Zabbix data items on the second
specialising in system – for example, encryption during data disk to prevent any potential out-of-space issues. It’s
high-quality IT transmission or database security. recommend you create another virtual machine with
content. He While it may not be obvious how a small home lab Apache installed and running it, so that it can be used
wears many hats could benefit from such monitoring, try this real-life for experimentation.
and loves to delve example: your internet goes offline… what time did it
into technology occur, how long did it last? What was the impact on The software stuff
and simplify it. other systems? If Zabbix was set to monitor uptime by Time to locate the appropriate repository links from
pinging the device, this information would be recorded. Zabbix. It is quite straightforward. If you visit the
That is but one trivial example. For smaller companies, a Zabbix download page (www.zabbix.com/download)
free but extremely capable monitoring system can you will be able to tailor the download with OS versions,
make the difference between a well-managed IT Zabbix versions etc. if you don’t want to use the same
The Zabbix
installation
environment and a disruption causing outage. configuration. To save the work, the code below shows
wizard, making For the purpose of this guide it is assumed that the all the requirements to install items required for our
the setup easier. reader is able to set up basic servers and DNS. Ubuntu server. Install the repository by using the
following command:
wget https://repo.zabbix.com/zabbix/4.4/ubuntu/pool/
main/z/zabbix-release/zabbix-release_4.4-1+bionic_all.
deb
sudo dpkg -i zabbix-release_4.4-1+bionic_all.deb
sudo -- sh -c ‘apt-get update && apt-get install zabbix-
server-mysql zabbix-frontend-php zabbix-apache-conf
zabbix-agent -y’
At this point the Zabbix application and
dependencies are installed, but there is not yet a
database configuration. The next step is therefore to
create the MySQL database, a user for that database
and then assign the rights and then import the
database configuration that was downloaded. Once
done, start the MySQL client by using the command
sudo mysql -p:
create database zabbix character set utf8 collate utf8_
bin;

Zabbix monitoring TUTORIALS
grant all privileges on zabbix.* to zabbix@localhost

identified by ‘password’;
flush privileges;
quit;
At this point we have an empty database. To
import the tables and data that Zabbix depends
upon to function, use the command:
sudo zcat /usr/share/doc/zabbix-server-mysql*/create.
sql.gz | mysql -uzabbix -p zabbix
Depending on your configuration, this may take a few
moments and will not show any progress. Once
complete it will return to the console prompt.
Something important to note is that by default the
time zone for Zabbix is set to UTC+2 due to the It’s easy to create
new dashboards.
Here’s one showing
developers’ location. For UK readers this is obviously the The first thing you should do is change the password.
system stats for a
future. To configure the time zone either manually To do this, click on the user icon on the top right of the
change the file /etc/zabbix/apache.conf or copy and screen. Change the password by clicking the Change server group.
paste the following into the command line to correct it: Password button that sits alongside the Password field.
sudo sed -i ‘s/# php_value date.timezone Europe\/
Riga/php_value date.timezone Europe\/London/g’ / Loose hosts
etc/zabbix/apache.conf What now follows is the configuration and utilisation
One of the last base configuration steps is to modify steps. It is important to understand some of the
Zabbix’s database connection setting in the config file concepts before anything gets changed. The core unit of For small
to reflect the database that we just set up. Open the items being monitored is a host. A host in Zabbix has a environments
and test
environments,
configuration file for the server: loose meaning. As Zabbix itself states, a host can be a
sudo vi /etc/zabbix/zabbix_server.conf
Zabbix provides
virtual machine, a physical machine, printer, switch…
Locate the line that starts with DBPassword and
a virtual
you get the idea, almost anything on the network.
appliance
set it to the database password (for example Hosts can be physical or virtual servers for our
DBPassword=Password). Save the file and quit the editor.
image that may
purpose here. To add a host, use the menu bars at the
be used for
At this point the server should be configured to start top of the Zabbix webpage and click the configuration
both Zabbix and Apache on boot-up using: menu and click the Hosts option on the sub-menu. On a quick start.
sudo systemctl enable zabbix-server zabbix-agent the right-hand side click the Create Host button. The The physical
apache2 host name can be the DNS name of the server or an IP requirements
Check everything is as expected and the service is address. The visible name is useful to give a host a for the Zabbix
server can be
found on the
working by rebooting the server and logging in, using friendly name.
the command sudo systemctl status zabbix-server to
Zabbix website
When walking through the creation process the
at http://bit.ly/
show current status. system invites the reader to select from a number of
http://zabbix_server_address_or_ip/zabbix
lxf261zabbix.
templates. These templates are the ones available out
The above address should show the first page of a of the box, but provide us with a useful set of metrics to
TIMING IS EVERYTHING
configuration wizard that will walk the reader through a
series of requirements and configuration options.
Assuming all the items are correct (highlighted in green
or red appropriately), click to the next step. Configuring
the DB connection step is simple. Most of the items on Timing is critical. It is important to make sure all your devices report
this page are already filled in. Fill in the password with the correct time. Not having the correct time can cause many issues,
the one you elected to use earlier when setting up the not least with certificates, LDAP and others. By default, UK readers
MySQL system. Navigate to the next page. will have the time set to UTC, which isn’t actually a timezone.
One of the nice things about Zabbix is that it There is a new tool to manage time – timedatectl. To set the
supports LDAP and Active Directory (AD) correct timezone, just set it using the command:
authentication, which means that those with such a $ sudo timedatectl set-timezone Europe/London
directory services system can easily tie in the role- Obviously, for those in other timezones this may not be an issue or
based authentication and centrally managed user will require a different timezone. Alongside this, setting the time in a
authentication features. It also simplifies the small environment is quite simple. Using the timedatectl command
management of users within Zabbix. More information by itself will show the time, time zone, etc. as well as the status of
on this can be found in the manual. Local users can also the time sync. If this is set to No it needs to be corrected. To turn it
be added as needed, with various roles being available. on use the command:
On the next page there is an option to specify a $ sudo timedatectl set-ntp on
Zabbix project name. While not essential, it is useful to This will then sync with the NTP servers. If this environment has an
give the installation a project name. Be careful with this Active Directory server, this can actually be changed to serve time.
as this name will be seen in most browser title bars, so More details on this can be found at http://bit.ly/LXF261time.
just keep it short ,simple and clean. Click through the Of course, if you’re setting the time using the AD server, make sure
next few steps as there are no entries required by to point the clients to use the AD server.
default. Click the finish button. Also, as a final note, a lot of items people forget about are hidden
Once complete, login using Admin and zabbix . The because access is being blocked by the firewall!
basic task of setting up a Zabbix server is now complete.

TUTORIALS Zabbix monitoring
be monitored. We chose to monitor the Apache web together hosts that have similar properties. A couple of
host web availability along with CPU, Memory and disk. examples of groups are Web Servers or Database
If you haven’t An example of the template selected for the Apache Servers. Then when you want to apply a monitoring
set up DNS host are shown below. Obviously, your requirements policy (template) to the group of servers, it is possible
yet, this is the
push you need.
may differ, so this serves just as an example. for servers (hosts) to be a member of several groups.
Zabbix will
When setting up the host, it needs to be a member of While we now understand hosts, creating host
work against
at least one group. To create a new host group, just type entities themselves (in the current state) and templates
IP addresses,
in the group name desired in the groups text box. It will are only part of the story. Templates are groups or
but having
be saved as the group name entered. There is a series of collections of items (metrics) that the reader wants to
DNS resolution
marked fields for each host entry created. Each host monitor. For example, CPU, uptime, ICMP response, etc.
provides a much also has a peripheral page that can be utilised to store Hosts and groups can have several items attached to
cleaner and useful information, such as the location, serial number, them. When we added templates earlier, we essentially
easier-to-use and other pertinent information if desired (the reader added several items, because each template has a
experience. will need to select Manual in order to populate the field. collection of items it adds.
Once these requirements are met, just click Add.) Adding additional items to hosts is simple. If the user
As the number of hosts increase, these groups and navigates to the host screen and then locates the host
their use make more sense. Groups are used to collect in question, followed by clicking Items, it will open the
Items menu, and the reader can then select the desired
items to add to monitoring from the list. If the agent
isn’t installed, not all of these items can be collected.
Installing agents is discussed below. And don’t forget
to click the Apply button at the bottom of the screen
to save changes!
While adding these hosts by hand may be fine for
small home users, the sheer number of servers and
devices could be too much to manually create. One of
the nice things about Zabbix is that it can be used in
auto-discovery mode. While it is somewhat beyond
the scope of this introduction, you can find more
information on using auto discovery at www.zabbix.
com/auto_discovery.
Monitoring your stuff

By default, there will be a limited set of information that
Zabbix can collect. To fully expose the hosts to the
Out of the box there are many templates to accommodate most application types. power of Zabbix, an agent needs to be installed. The
ADVANCED MONITORING
agents enable more in-depth reporting, especially
around reporting disk, CPU, memory and other really
important metrics. Fortunately, there are agents for
most host platforms. Depending on the platform in
While in this introduction we have looked at information that can be question, the way it is installed differs. The installation
gathered using properly installed agents, getting information from routine may differ between platforms, but the
appliances presents an obvious problem – there are no installing configuration data needed remains the same. Be
agents on them. Fortunately, there is a solution to this problem. careful which agents you download because Zabbix
This is where the SNMP protocol comes into play. SNMP, or simple provides different configurations of builds – 32-bit,
network management protocol, works in a very standardised way 64-bit, installer, no installer, etc.
and is vendor neutral. When installed it allows the data to be pulled For Windows, simply download the appropriate
into tools such as Zabbix. package from www.zabbix.com/download_agents.
While there is the SNMP protocol, there’s also the MIBS Once downloaded, open the ZIP package and run the
(management information base) that go along with them. These installation as an administrator. Unless you have an
are essentially installable modules that vendors produce to enable overriding reason not to, leave the install options as they
the data on the appliance or other hardware to allow the data to be are (bar the Zabbix server IP address being entered into
brought into the system in a standardised way (i.e. SNMP). Zabbix the install wizard. Upon being presented with the
supports SNMP and MIBS. configuration options, fill out the name, friendly name
More information about installing the MIBs can be found at and address of the Zabbix server. Note that by default,
www.zabbix.com/documentation/4.0/manual/config/items/ the data between hosts and the Zabbix server is plain
itemtypes/snmp/mibs. On top of this, the way in which the data is text. It is possible to configure this to use encryption,
collected will change within Zabbix (for those hosts you wish to use but for brevity in our test environment we will allow the
MIBs with. An example of using MIBs and SNMP is a router that plaintext to remain.
supports it, so you can extract data such as temperature, utilisation There are a number of options that are available to
and bandwidth figures. set up the agents on Linux. The first option is to install
Care should be exercised, however, because it is possible to the same management repository as the server and
actually make modifications to the configurations when not properly then install the agent. This helps to ensure that the two
secured – the use of both public and private SNMP strings. are in lockstep in terms of versions and updates. To
install the agent (assuming that the reader has added

Zabbix monitoring TUTORIALS
the repository), use the following command: if you wish and the defaults will apply) and then click
sudo apt-get install zabbix-agent apply. At this point it just becomes a process of clicking
A quick item of note here. If you add a host to the and selecting the type of data to display and then Keep your
list of hosts and the Availability column doesn’t have selecting the hosts or group of hosts to create a very data and apps
separate. While
we could use
the ZBX box as green, it means there is no agent basic graph or display.
LVM and have

communication occurring and that something is wrong. Click on the dashboard and it will present a dialogue
all the data

While the checks that don’t require an agent may work, window. It now becomes quite simple to select the
and operating
the ones that do require one will not. items that the reader wishes to preview. Be aware that
system on one
Out of the box, each agent needs to be configured. the metrics available will differ by operating system.
disk, this is bad
So open the zabbix_agent (/etc/zabbix/zabbix_ There are many options to create a graph, data set or
agentd.conf) file. Locate the line that reads multiples thereof. practice and
Server=127.0.0.1 and replace it with the Zabbix host IP. Now that we know how to set up hosts and display will complicate
Also locate the Hostname entry and modify that to the information, the next step is to understand triggers. management.
reflect the fully qualified hostname of the local host As the name suggests, when a trigger threshold is Should your
disk get full,
expanding it,
that the agent sits on. detected, such as a host being restarted, it is flagged up
while doable,
Once that is set up, enable the agent using the in the global view. To add these thresholds to a server,
gets a bit messy.

command below: again, go back into the hosts view and click on the
sudo systemctl enable zabbix-agent
It is just easier
Triggers associated with the host in question.
to separate
OK, so you may be thinking “What now?” In the This will bring up a menu of triggers that can be
an OS and
background the system should be communicating with added. To add the trigger, simply click the tick box to
the host and collecting data. To look at the default the left of the trigger and click Enable at the bottom of apps. A full OS
dashboard and see machines in a grey state is a bit the page. And, at the risk of stating the obvious, if you disk means an
misleading. This global dashboard essentially holds the highlight an enabled trigger you can disable it. Again, unresponsive
high-level availability information across the estate with the triggers that are available will depend on whether server.
varying degrees of rating, from green (good) to blazing an agent is installed and also on what operating system
red (bad!) with ever increasing importance. By default, is being run.
the graph updates every minute. You can change this For example, to monitor a host for reboots, navigate
by editing the cog at the top left of the screen. Doing to the host, click the Triggers hyperlink, scroll down to:
this only refreshes the screen, not the data collection Template Module Linux Generic By Zabbix Agent:
intervals! Unless you have good reason, leave this as is. {HOST.NAME} has been restarted (uptime < 10m)
Most of the information an administrator would want Click the tick box to enable. At this point, if the host
to see comes from the dashboard. These can show you reboots, a warning will be displayed. If there are too
graphs, alarms, statuses and other useful information in many triggers, use the filter at the top of the page to
a quick visual representation. restrict what is shown. To experiment, add a host and
To create a new dashboard and see what has been then shut it down. Hopefully the main dashboard should
collected, navigate to Monitoring and Dashboard. To record this change in status and set the appropriate
create your own dashboard, click on All dashboards (on warning/notification.
the left-hand side). The screen will then change and a In short, this is just a barebones introduction to
blue button will be available on the right-hand side to getting a functional Zabbix installation set up, and
create a new dashboard. At this point it becomes quite there is an awful lot more that can be done after a
simple. Click anywhere on the screen and give the little reading of the online manual that’s available on
widget a name and an owner (you can leave it as default the Zabbix website.
The whole
system revolves
around the hosts
discovered in
the environment.
MONITOR US EVERY MONTH! Subscribe now at http://bit.ly/LinuxFormat

TUTORIALS Containers
DOCKER Part Two!

Catch up and
grab a back
Adding a reverse issue on

page 64
proxy to Nextcloud
Add a Traefik reverse proxy to your Nextcloud Docker deployment with a
little bit of guidance from Chris Notley.
f you followed part one of this tutorial (it’s on
I the archive, https://linuxformat.com/

archives, available to all) you should have a
working install of Nextcloud running in a Docker
container, along with a supporting container running
MariaDB. Assuming you configured port forwarding
OUR entries on your router, you should also be able to access
EXPERT this Nextcloud server from outside your home network.
Chris Notley This is great, but one of the main advantages of using
runs a technology Docker is that it’s really easy to add extra containers;
consultancy in however, only one of these can listen on a given TCP
Surrey with an port (such as TCP/443, for secure web connections). Updating containers is easy with docker-compose pull – one command
interest in open- One solution is to configure port forwarding entries checks for any updates to the images we are using and pulls them
down automatically.
source software. for each container (such as TCP/443 for Nextcloud,
TCP/444 for a wiki, etc.). This approach has a number of
problems, not least that some locations might block Port-forwarding and/or firewall rules configured on your
your access to non-standard web ports; many corporate router to route web and secure-web traffic (TCP/80 &
or educational networks limit access to TCP/80 and TCP/443) to your Docker host from the internet.
TCP/443, for example. Detailed instructions on the above requirements are
Another way to solve the problem is to use a reverse beyond the scope of this tutorial; however, an internet
proxy, which is a service that listens for web requests search will quickly provide you with answers.
(e.g. TCP/80 or TCP/443), and then retrieve the Throughout this tutorial a test domain (prelim.xyz)
requested content from Nextcloud, wiki or similar. was used, with a wildcard DNS entry pointing at the
During part two Reverse proxies have been around for a long time, and router’s external IP address (i.e. *.prelim.xyz points at
of the tutorial
the two most popular web servers (Apache and Nginx) the external IP address of the router). This approach is
our docker-
compose.yml
can both work this way. For this tutorial we’ll use a tool easiest if you have a spare or test DNS domain, but as
file has grown called Traefik (https://containo.us/traefik), which is long as you can configure a fully qualified domain name
in size and an open source edge router; it offers both traditional to point at your router’s IP address, it will work. The
complexity. If reverse-proxy services, along with many other features. schematic in this article shows how traffic flows through
you want to Among its many impressive features, Traefik is Docker- the solution and might help if you are unfamiliar with a
save typing in aware (as well as many other container platforms), reverse proxy.
each line, scoot meaning that it can discover containers automatically,
over to the and you can configure it using the same docker- That’s Traefik
project Github compose tool we used in part 1 of the tutorial. Before we do anything else, let’s check to see if there
respository at
Before we dive into the configuration, the focus of are any updates to our container images using the
https://github.
com/prel-im/
this tutorial is exposing Nextcloud to the internet command docker-compose pull . We now need to
lxf261, where securely using a free SSL certificate from Let’s Encrypt update our Nextcloud container so that we stop
you will find a (see the Let’s Encrypt boxout on page 75 for more forwarding TCP/443 on Docker host to the container.
final version information). To work through this tutorial you are going Edit your existing docker-compose.yml file and locate
of the file. to need the following: the Nextcloud container configuration, changing the
Remember Either a DNS domain that you can control (for ports section as follows:
to change the example, registered to you, one you can edit DNS ports:
hostnames records for) or a free DNS service such as Duck DNS - 9443:443
for your
that will let you create and update records (for example, You should then apply the configuration using the
environment!
some-hostname.duckdns.org). command docker-compose up -d, which will spot the

Containers TUTORIALS
Traffic flow
change and recreate the Nextcloud container with the
new setting. You can test this works by opening a
browser and connecting to port 9443 on your Docker
The Docker host
host (e.g. https://docker-host-ip:9443). Docker host
routes HTTPS to the
We shall now add two new containers: one for Traefik Traefik container.
itself and a second for a container called ‘whoami’. The
Internet Traefik Nextcloud
latter is a fairly simple but quite useful container image Container Container
that just so happens to be referenced in the Traefik
tutorials. The following lines should be added to the end
of your existing docker-compose.yml file:
traefik:
Request for https://nextcloud. Router forwards The Traefik container routes
image: traefik:v2.0
prelim.xyz is resolved to the TCP/443 to the HTTPS request to the
the Docker host.
container_name: traefik
IP of the router. Nextcloud container.
command: This shows the flow of traffic through the various components of our tutorial solution, from an
- --providers.docker=true ISP router, Traefic server and finally the Nextcloud server.
- --providers.docker.exposedbydefault=false
- --entrypoints.web.address=:80 can test it’s working by browsing to the hostname you
ports: specified earlier. If everything is correct, you should
- “80:80” see a simple text webpage showing various pieces of
- “443:443” information about your webserver and the client you
volumes: are connecting from.
- /var/run/docker.sock:/var/run/docker.sock
In addition
This is great, we now have a working reverse-proxy
whoami:
to being
server. However, to be really useful we want to use TLS
image: containous/whoami
packed full of
encryption so that we can browse securely. This is really
container_name: whoami
functionality,
easy to achieve as Traefik has built-in support for Let’s
labels:
Traefik is also
Encrypt and can automatically request and update
- traefik.enable=true certificates from the service. very well
- traefik.http.routers.whoami.rule=Host(“whoami. documented.
prelim.xyz”) Keep it secret Take a look at
Just like in part one of the tutorial, spacing is Enabling Let’s Encrypt involves a few steps: firstly, https://docs.
traefik.io for
everything
important, so make sure the first line above is prefixed we need to create a file that Traefik will use to store
from concepts/
by two spaces, and each subsequent indentation has a certificates using the following commands:
mkdir ~/traefik
tutorials
further two spaces added. The majority of the lines
touch ~/traefik/acme.json && chmod 600 ~/traefik/
through to
above include options we have already used, but let’s
acme.json
detailed
take a moment to remind ourselves. Firstly, we are
defining a new service with the title traefik: based on an
reference
We now need to make some changes to the Traefik
image with the same name (we are specifying version container (in docker-compose.yml) in the command: documentation
2.0). We then give our new container a friendly name, section so it looks as follows: for each feature.
again conveniently ‘traefik’. We then use something new, command:
namely the command section, which enables us to pass - --providers.docker=true
command-line parameters to the container. In this case - --providers.docker.exposedbydefault=false
we are simply telling Traefik to interface with Docker - --entrypoints.web.address=:80
(more on this later), to only enable containers if we - --entrypoints.websecure.address=:443
MORE ON LET’S ENCRYPT

explicitly tell it to, and to listen on TCP/80.
We are forwarding two TCP ports on our Docker host
to the Traefik container – not surprisingly TCP/80 and
TCP/443, the clear/encrypted ports used for web traffic
respectively. Lastly, we are mapping a file on our Docker Let’s Encrypt launched in 2016 and offers both individuals and
host to the container (/var/run/docker.sock). This organisations a way to obtain completely free TLS (historically called
particular file is used to manage the Docker service and SSL) certificates, allowing traffic to be encrypted between a web
needs to be mapped to Traefik to enable integration browser and server. Let’s Encrypt makes use of a challenge-response
between the two products. protocol (called ACME, we see this name mentioned in the Traefik
The whoami container has very little configuration configuration files) to verify that the certificate request is legitimate.
beyond an image and name; however, it includes a For instance, if you were to send a request for a certificate for
section we have not seen before – labels: . Labels nextcloud.prelim.xyz the service would send a challenge to that
enable various information to be tagged to an image. In address. Assuming you own the domain and your server is reachable,
this case we are using it to tell Traefik to route requests you have effectively proved ownership of the domain and a certificate
made to http://whoami.prelim.xyz to the whoami will be issued. The service has grown massively in popularity, with
container (change whoami.prelim.xyz to whatever nearly a billion certificates issued by the end of 2019!
domain/host you are going to use, such as whoami. SSL/TLS certificates used to be an expensive and fiddly thing to
myowndomain.co.uk, whoami-somthing-unique. configure on a web server, but as we will see here, enabling Let’s
duckdns.org, etc.). Encrypt with tools like Traefik is really easy. You will find that most
When you have finished editing the file, run e-commerce websites tend to make use of commercial certificates,
docker-compose up -d but even here Let’s Encrypt has helped by increasing competition!
This will create the two new containers for you, and you

TUTORIALS Containers
- --certificatesresolvers.myhttpchallenge.acme. listens on TCP/443 for encrypted web requests, as well

httpchallenge=true as enabling the Let’s Encrypt feature (we’ve also
Part one, what - --certificatesresolvers.myhttpchallenge.acme. enabled the ‘insecureskipverify’ feature – more on this
part one? Head httpchallenge.entrypoint=web later). Finally, we also added a couple of labels to our
to linuxformat. - --certificatesresolvers.myhttpchallenge.acme. whoami container, which tells Traefik to use an
com/archives to [email protected] encrypted connection.
grab the tutorial - --certificatesresolvers.myhttpchallenge.acme. After running docker-compose up -d the containers
from LXF259. storage=/acme.json should be recreated, and we should now be able to
- --serverstransport.insecureskipverify browse to the encrypted version of our whoami site
Change the email address above to something valid (https://whoami.prelim.xyz or whatever hostname
for you – this is the address notifications will be sent to you used) and we should see no certificate errors. This
(such as if your Let’s Encrypt certificate is going to is pretty cool – with fewer than ten extra lines in our
expire). Now we need to amend the ‘volumes’ section of docker-compose file, we have configured secure access
the Traefik container so that it looks like this: to a web service container, and anyone who has spent
volumes: time configuring Apache for TLS/SSL in the past will
- /var/run/docker.sock:/var/run/docker.sock appreciate that!
- ~/traefik/acme.json:/acme.json
Finally, add the following two labels into the whoami Next to Nextcloud
container we created in the last step: We are now entering the final stretch and are ready to
- traefik.http.routers.whoami.entrypoints=websecure configure our Traefik and Nextcloud containers to work
- traefik.http.routers.whoami.tls. together. Nextcloud is a more complex web application
certresolver=myhttpchallenge (when compared with whoami) and requires a little
We have made several changes here, so let’s quickly more configuration to work properly with Traefik. The
work through what each of them does. The first change first thing we need to do is amend our Nextcloud
we made was to create a file called acme.json on our configuration files so it knows we are going to connect
Docker host (in the Traefik subdirectory of our home to it via a reverse proxy. The file we need to edit for this
drive). We have then created what is called an entry is slightly buried inside our Nextcloud container. You can
point on our Traefik container called ‘websecure’ that find it at ~/nextcloud/config/www/nextcloud/config/
config.php (remember that everything inside ~/
nextcloud/ is a directory or file we mount from our
Docker host to the Nextcloud container), so open it with
When we add
your editor of choice.
the Traefik and Towards the top of the file you should see a line
whoami containers starting trusted_domains, which you should edit as:
Docker realises it ‘trusted_domains’ =>
needs to pull down array (
those container
0 => ‘DOCKER-HOST-IP:9443’,
images. They’ll be
cached locally. 1 => ‘nextcloud.prelim.xyz’,
),
TRAEFIK CONFIGURATION
‘trusted_proxies’ =>
array (
0 => ‘DOCKER-HOST-IP’,
In this tutorial we have configured Traefik using command-line ),
switches in our Docker Compose file (the section starting In case it is not clear, you are amending an existing array
command:). This is the equivalent of starting the application with a (trusted_domains) and adding a second array (trusted_
whole bunch of command options each time, and while this would be proxies). The trusted_domains array tells Nextcloud
far from convenient to type out manually, Docker Compose makes what URLs are allowed to be used to access the service,
the process fairly straightforward. The main advantage of doing it this so we need to add the hostname we shall configure in
way in our tutorial is that it means we can contain all the configuration Traefik (change nextcloud.prelim.xyz to nextcloud.
elements in a single file (docker-compose.yml). myowndomain.co.uk, nextcloud-somthing-unique.
If you look to pursue Traefik further and search the internet for duckdns.org, etc.).
examples, you are likely to find many that make reference to your The trusted_proxies array we are adding tells
configuration being placed in traefik.toml/traefik.yml files. The two Nextcloud that we trust Traefik (change DOCKER-
different file extensions relate to different file formats, one of which HOST-IP to match the IP address of your Docker host).
we have already seen in this tutorial (Docker compose files use the We now need to edit our docker-compose file and
YAML format, which uses indentation to separate elements). The make some changes to the Nextcloud container. All of
TOML format looks quite different and is (arguably) more difficult to the changes are in the labels section, which we need to
read than YAML. However, it can be easier to maintain a TOML file for add at the end of the Nextcloud container configuration
complex configurations (where many levels of indentation would be and are listed below:
required in YAML format). labels:
There is no right or wrong way to manage your configuration, but - traefik.enable=true
trying to mix different methods is probably not a good idea, so if you - traefik.http.routers.nextcloud.
want to look at using a configuration file it is probably a good idea to entrypoints=websecure
move everything into it! - traefik.http.routers.nextcloud.rule=Host(“nextcloud.
prelim.xyz”)

Containers TUTORIALS
the insecureskipverify option set on our Traefik

container, it would reject this certificate.
The remaining options all relate to a feature of Traefik
we have not used yet – middleware (the whoami
container is fairly simple and therefore did not need any
middleware settings). These options are really powerful
and enable us to modify both the headers and URLs of
requests and responses made to/from Nextcloud. The
options we are using are mostly related to security
recommendations from Nextcloud that harden the
server, along with a couple that improve functionality.
We are now ready to put all our changes into action
by running docker-compose up -d, which will recreate
and start our Nextcloud container. You can test that it
Let’s Encrypt certificates expire after 90 days, but thankfully Traefik has worked by browsing to the hostname you gave in
handles renewals for us, which is jolly decent! the last step, prefixing it with ‘https://’ (such as
https://nextcloud.prelim.xyz).
- traefik.http.routers.nextcloud.tls=true Let’s take a quick trip now over to Nextcloud’s
- traefik.http.routers.nextcloud.tls. security scanner by browsing to https://scan.
certresolver=myhttpchallenge nextcloud.com in the URL box type in the hostname
- traefik.http.routers.nextcloud.service=nextcloud you set, and run the scan. After a few seconds you
- traefik.http.routers.nextcloud. should see an A+ rating with no warnings or
middlewares=nextcloud-regex,nextcloud-headers recommendations (beyond keeping up the good work),
- traefik.http.services.nextcloud.loadbalancer.server. so our Nextcloud is installed, working and is also secure.
port=443 We have covered a lot across the two parts of this
- traefik.http.services.nextcloud.loadbalancer.server. tutorial, so if you have reached the end you should give
scheme=https yourself a pat on the back! The primary purpose of this
- traefik.http.middlewares.nextcloud-regex. tutorial was to introduce you to Docker and
redirectregex.regex=https://(.*)/.well-known/(card|cal) demonstrate how, by combining it with a tool like
dav Traefik, it’s possible to build secure and scalable web
- traefik.http.middlewares.nextcloud-regex. services that are easy to keep up to date and migrate.
redirectregex.replacement=https://$$1/remote.php/ Bear in mind that every element of what we have done
dav/ across both parts of this tutorial is inside our home
- traefik.http.middlewares.nextcloud-regex. directory. Moving this to another server is as easy as
redirectregex.permanent=true rsyncing our home directory, installing Docker and then
- traefik.http.middlewares.nextcloud-headers. running docker-compose up -d (for example, moving
headers.customFrameOptionsValue=SAMEORIGIN the work we have done onto a new host).
- traefik.http.middlewares.nextcloud-headers. We have seen only a small portion of Docker and
headers.stsSeconds=15552000 Traefik in this tutorial, but hopefully it has given you a
That’s a lot of code, so to make life easier copy and taste of what you can achieve with these tools!
paste it from the project Github repository (https://
github.com/prel-im/lxf261). Let’s walk through the
lines above to understand what we’ve added.
Firstly (and as we did for the whoami container), we
have enabled Traefik, told it we want to use encryption
and specified the fully qualified domain name we want
to use (change nextcloud.prelim.xyz to whatever
domain/host you are going to use). We then enable the
Let’s Encrypt configuration for our Nextcloud container,
and now meet our first new section (the line starting
traefik.http.routers.nextcloud.service). We need this
because our Nextcloud container is configured to
accept encrypted connections only (for example, Traefik
receives a HTTPS request and makes a HTTPS request
to Nextcloud).
Earlier in the article, when we were configuring
Traefik, there was a configuration line we added
(- --serverstransport.insecureskipverify) that I said we
would need for later in the tutorial, and it is for the
HTTPS connection to Nextcloud. The reason for it is
that the Nextcloud container is using a self-signed Our configuration passed through the Nextcloud security scan with flying colours! This useful
certificate for incoming HTTPS requests, and without tool is worth running regularly to make sure you are up to date.
GET LXF IN A CONTAINER AND… Subscribe now at http://bit.ly/LinuxFormat

TUTORIALS System logs
LINUX LOGS
Manage and read
your system logs
Mats Tage Axelsson takes you through the basics and then digs a little
deeper into log management and analysis.
inux gives us a very stable and secure system –
L that’s why we use it. It’s this sort of attitude

that makes you get arrogant and start ignoring
weaknesses and threats. When you are working on
documents, programs, graphics, or anything really, your
system is writing to logs. In these logs, there is
OUR information that tells you how the system is running
EXPERT and, most interestingly, what is going wrong.
Mats Tage Big parts of these logs do not wreck the system, nor
Axelsson do they create serious problems. However, if you see
is still showing and can correct small things, it can have a substantial
you how to make impact on your system performance. You can also
your life and work prevent a sudden crash by being ahead of bad You have a utility called syslog from the GNOME project where you can
set filters for your viewer to narrow down the results.
a more pleasant behaviours on your system.
experience. With this in mind we’re going to learn about the logs
you should monitor to keep your system in top shape. during a specific time period. You will need to filter and
For most users, even advanced ones like you (who me? sort your results so that you know you are looking at the
<blush> – Ed) the install comes from a distribution current issue and nothing unrelated.
medium, and some tools are installed by default. The Applications acting strange is another issue. They
most basic way to check your log is using cat, less or may not crash or cause a fault that you can pinpoint,
grep, in any combination that takes your fancy. but you still wonder why you have to go through many
A method like that combined with dmesg will get steps to save a file. Those situations require a lot of
you there. However, there are many other tools you digging in to log files and most likely contact with
can use. With systemd, you can use journalctl to check developers. For developers to have any chance of
logs, which is the primary tool for this. helping you, you absolutely must provide logs and ways
For a graphical solution, search your repositories for to reproduce problems. Many issues can look similar,
Log File Viewer. You get a listing of all your logs with a so describing and logging is essential to getting to a
view pane on the side. The most common log files are in conclusion of how to deal with a problem.
/var/log. List the files in that directory to see what you When the network is working but some sites break
have installed. If you’re handy with regular expressions, occasionally, you need to identify what feature you are
Before you start
investigate all these files from the command line. using that isn’t working. This can be rather complex,
using all the
These files are the ones your system uses because there are many protocols that are in use over
tools, learn a
few grep tricks, traditionally. The big difference comes when you have the internet.
they will help systemd, as that has a database that you can query with
you use more journalctl. The original files are still there and used by Spotting hardware failure
advanced tools. systemd, but you have enhanced tools to look through When your hardware is getting old, it keeps going for as
The simplest is your logs. You will see more tools to help you keep your long as possible. A hard disk can crash unexpectedly,
to look for the system on a tight leash. but you have a chance to be prepared if you can find
word in all files; logs that point to read errors. The system works around
grep -r Log! .log! log! many errors, so you may not notice until it is impossible
memory /
You need these tools to find out why you have strange to save that data, rather sub optimal.
var/log . You
system hangs, as these can be really hard to track When you’ve gone through this article, you will
will then have
a result full of down. At a hang, you don’t have a specific fault situation know enough to identify issues before they cause real
memory events. or crash. This means you have no crash dump or an problems. In the aftermath of a serious crash, many
obvious fault. Instead, you need to see what happened people think that they should have had a backup – don’t

System logs TUTORIALS
Checking the logs

using ranger in a
be that person. You want to be the one who is happy
that you were able to act in time; happy that you moved terminal works but
your data to a new system; happy that you didn’t run to it is usually better
to find tools to help
you see what you
the store with panic in your eyes and sweat running
have in your logs.
down your forehead. Make sure you have a new solution
ready in time before that next problem strikes.
What’s in a log?
Your log files are collecting the information you need to
correct what you can, and report the rest to developers.
When you are in flow and getting work done, it is not
productive to see what is going on with your system,
which is why you need logs. You need to stop regularly, where you got the boot image and if the system started
check through your logs for problems and adapt in secure mode.
yourself and your systems to the current situation.
The most important time to do this is before and dpkg.log
after you have made any changes to a system. This When you install or upgrade packages, you will be using
includes after major updates have been installed, apt if you are on an Debian derivative. This package uses
obviously, but also when you start using a new piece of the dpkg command, which creates several logs; the To see how
software. This is also a useful thing to do before you apt/* files and the dpkg ones. They will tell you what much space
start creating bigger projects, such as databases, you have installed lately and what went wrong. your log files
take on the
disk, you can
graphics or text. The amount of files that the system writes and how
use the du &

To make sure you know what your system is doing, long to keep them is useful to know and change. For this
df commands.
you have certain files that are generally of more interest purpose you use the logrotate script. On your standard
The simplest
than others in terms of logging: system the script is run by systemd. You have a service
is to use du
and a timer that determines what to do and when to do
-csh /var/log/
alternatives.log it, respectively. The parameters control how the system
The first one is for when you add tools to your system. handles files, how often, and whether it compresses you will see
Python, for example needs to know what is the standard them or not. one value; the
amount of disk
Some directives
binary. You can set this for yourself using the update-
alternatives program. Any changes you make go in the space that all
alternatives.log file. You control the behaviour with configuration files, which logs use.
are placed under /etc/logrotate.conf and the directory
apport.log /etc/logrotate.d. You have the global settings, the file
Apport is a service that collects troubleshooting reports. and any additional settings under the directory. Each
It collects these reports in /var/crash and logs to /var/ system that needs logs can have settings files here. The
log/apport.log. Using this system, you can see what format of the settings files are mostly the same in both
has crashed and collect the reports themselves from cases. However, the special files have section markers
the crash directory. that show which files they control.
The main file ends with an include statement:
auth.log include logrotate.d. This adds all the files from that
LOG MANAGEMENT TOOLS

In a single-user system, you may not worry about
whether other users have invaded your system.
However, if someone has, then you don’t know what
they are doing and you need to stop it.
In this file, you can see every time you have become Most advanced log management tools are made for professional
root. This includes when Cron has connected as root. system administrators so they have many options and plugins. The
You can also see what happens with the keyring and common ones that are in your repositories are the gnome-logs tool,
what the entire PAM (for those wondering it’s the the rsyslogd tool and the gnome-system-monitor. These tools are
Pluggable Authentication Module) system is doing. great for finding heavy processes and narrowing down what software
Many users are not people – rather they are daemons is weighing down your desktop system. When you start your own web
like web servers, etc. You don’t want to have server, the amount of issues will quickly mount and you need
unnecessary services on your system. Did you start a something with more capabilities.
web server while playing with some JavaScript code? Graylog is an example that can collect data. It uses a dashboard for
your results and creates graphs for all your needs. This, like many
boot.log other packages, has modules to adapt to more types of log files than
This one is essential to figure out why you need to wait they were originally built for. The package also comes as an open
for so long before you can log in. It includes what GRUB source or an enterprise solution, so you can stay FOSS until you are
is using, what filesystems are mounted, and what running your own corporation. Most of these systems, like logstash,
happened to your network devices. can also combine streams of logs from different systems and use
advanced search systems to draw conclusions. With the correct
dmesg handling and some AI, you can respond quicker to threats and bad
The dmesg file shows all the kernel activities at boot. configurations. Professional sysadmins continuously tweak these
This will tell you things like all the hardware that is tools to keep maintenance procedures at the top of their game.
supported and how the kernel treats it. You will also see

TUTORIALS System logs
directory to the main file. In theory, you could put all the
files into just one, but that would be hard to maintain so
When you are you should use the include statement instead.
interested Log files need to rotate for several reasons. One is
specifically in that you may want to come back to the history. To make
the network this easy, name the files you rotate out by the date they
interfaces,
‘nield’ is a strong
were filled. You end up with timestamps in the name.
alternative. It
The most important reason for this is that the files can
logs all serious

get enormous and you need to move them off your
network events
system or destroy them. Depending on your needs, use
regarding
a specific amount of time between rotates, and you can
The logrotate utility uses files that are chained together. You can set
interfaces,
also decide when to throw them out.
parameters for each log that you wish to collect.
routing and To set how often you want your log files to be rotated,
your IP address. use plain English! This means that if you want them to
rotate daily... you put daily in the settings file. On a six, the files will be deleted when they have rotated six
desktop system, this is set to weekly in the global file. times. The rotated files are history and will not be
You have the values; hourly, daily, weekly, monthly and accessed very often – or never, if all goes well. That
yearly. It is a little special with the weekly one. You can means you want them to be as small as possible, you
set it to be the specific weekday, specifying it with a can set this with compress parameters. By default
number. Here 0 means Sunday, which is default, and 7 the compression used is gzip but you can use any
means every day of the week. command with the compresscmd parameter. If you
With these time intervals, you may end up with a very have special demands, you can add parameters with
big file before the time is up. You don’t want that. the compressoptions value.
Log central
Imagine your disk filling up and crashing your system
because it got too big! To handle this, you have the
maxsize parameter. After setting this value, the log will There are several ways to send your files out of the
rotate as soon as the file is that size, even if it’s before machine they are on. This can be useful for virtual
the specified time interval. A file that should rotate once machines, small embedded systems and IoT
a week will rotate before the day you have set if it is applications. To make sure you have options, you can
larger than the specified maximum size. mail the logs that rotate using the mail parameter.
Compare this to the size value, which rotates a file Simply add mail [email protected] to your
only if it’s bigger than the specified size. You can set the configuration file and add the filename which should go.
values using the letters ‘k’ for kilobyte, ‘M’ for Megabytes Logrotate will mail the file that is about to expire by
and ‘G’ for Gigabyte. default. You can change this by adding mailfirst to your
Here is an example of a configuration file. You can config file.
see that it controls the dpkg log file and when it rotates For more advanced options, you can add postrotate
the files. on its own line into your settings. This is a marker in
/var/log/dpkg.log { the file where you start your script. You end the script
monthly sequence by adding endscript on its own line. A
rotate 12 common use of this is to add an invoke script that stops
compress and then starts the service, since many programs will
delaycompress never let go of their log files.
missingok
notifempty Systemd is good!
create 644 root root To check for logs on Linux, you will likely have journalctl
} available. At first, it looks like it just lists all the logs using
Part of logrotate is to compress and move the files less, which it does, but you have many options too.
away from your current system. However, at some point Assuming it does nothing more than that, takes a lot
the files have to be erased to clear the disk and avoid a away from the power of the command. Filtering your
full disk error. To specify when they are removed you results is much more than using grep. You can choose
can set the rotate parameter. The value is the number of from the fields of the log, which makes it possible to
times that the files have been rotated. When the value is choose both what is in the message and also what
subsystem you are investigating.
You have the option to search by systemd units,
the command and the executable path. There are
many more ways to filter your results, most of it is
for professional use such as hostname and machine
identity. For ordinary users, you can use these variants.
PRIORITY With this value you can check for any

emergency (0), critical (2) and lower priority events
until the value 7.
One useful graphical log viewer is the Gnome Logs utility. It helps you sort your logs in categories
UNIT These are service names, mount names and
so you can focus on your current problem easily. timer units. When you start using this, take advantage of

System logs TUTORIALS
the features to help you find what you are looking for
more easily.
EXECUTABLE You can pick the program by the

executable name, making it a lot simpler to look
through the logs.
GNOME_SHELL_EXTENSION_NAME This is the

name of the extension. Here you can find any active
extension and see what is going wrong. For example, the
Openweather extension may not connect to a webpage
to collect data.
Analysis tools
You can filter your files with all the search queries you
like, but sometimes it is more helpful to have a
visualisation of the log. Some techniques are simple, Using journalctl to check your extensions is easy as long as you can
some are more complex. While logrotate can mail your remember the name of the extension.
log files to you, it does not process them when doing it.
The program epylog will do this for you. It will parse create these things. When you have configured what you
the files according to your settings in /etc/epylog/ want to follow and how you want it displayed, you can
epylog.conf. With the help of modules, you can adapt also save a configuration file and use it to start the same
the processing to create customised reports. Simpler session again.
solutions exist – logtool is one. It creates reports in When you start using your logs to solve problems
ANSI, ASCII, CSV and HTML. You can use this to create and optimise your system, you may quickly be
reports directly to web pages or pipe them to a overwhelmed by the sheer amount of events running
spreadsheet program. through your system. Fret not, as you have fairly few
The logtop program is a simple utility that adds line files that are being logged, and many messages are
numbers, sorts and then returns a list of events with the there as information only.
number of incidents of each. You have several utilities To make the process easier and faster, you can use
that keep an eye on your logs, most of which are simple some tricks to filter out the unnecessary stuff. You can
in nature but powerful if you combine them with scripts. also add colouring and view many files at a time with
For desktop systems you have basic utilities, while the different tools shown here.
for web servers there are plenty more. This makes sense When you program, you will need these skills to
since there’s much more activity on a web server and follow compiling and error output, so that you can track
there are also many commercial implementations. You down faults in your code. It is also invaluable when you
could use mergelog to collect http logs by date from are checking website logs and for keeping your old
many sources. hardware running for the longest time possible.
NODE.JS LOGGING
The most interesting program is multitail. It works
like tail in that it shows the end of a file or command
output. The big difference is that it uses ncurses to
create windows in your terminal, one for each file you
follow. In addition, you can follow a command as you When developing a Node.js application you need to set it for logging
would using watch. You then use filters for the logs you and debugging. This happens in your code, and you direct it to
are looking at narrowing down the chaos of the screen standard out. It is always better to direct all logging to standard out
to match your needs. and let external tools route and filter where the logs go. Once you
While running this program, you can add new files, have done that you can read the logs directly from your console,
commands and filters. It has a menu you can open to which is fine to start with. As soon as you have several modules and
many views, you rely on many libraries.
This adds complexity really fast, and one of the first areas where it
shows is in the logs. You will end up digging through logs for most of
your time. For this to work, you need a module that shows you the
faults – the built-in stuff does not always work. You have the ‘debug’
module to do this for you. You just install it as you would any other
module and set the DEBUG variable to your own namespace, and
finally have it defined in your code.
const debug = require(‘debug’)(‘local-namespace’)
const name = ‘local-app’
debug(‘booting %s’, name)
You also have the libraries winston and Trace available for logging
The logtop utility adds numbers and splits the list in distinct entries of errors, debug and warning messages from your code.
a certain type, also showing how many of each are in the file.
LOG INTO OUR BLACK HEARTS Subscribe now at http://bit.ly/LinuxFormat

THE BEST NEW OPEN SOURCE SOFTWARE ON THE PLANET
HotPicks
Tartube AwesomeBump UserManager Minase
Tutanota JSPaint ScreenGrab Tower Time
Alexander Tolstoy
thinks that global warming
isn’t that bad because it
helps make his open
source picks even hotter!
Rygar Hardinfo Fileinfo
GUI FOR YOUTUBE-DL
Tartube
Version: 1.3.048 Web: https://
github.com/axcore/tartube
outube-dl is one of the most important CLI
Y tools for everyone fond of downloading videos

from YouTube. The Youtube-dl repository on
Github is flourishing with hundreds of contributors and
thousands of commits. No wonder that many video
players often integrate this utility to provide an extra
feature of playing media ‘directly’ from YouTube (though
the content is silently downloaded first).
There is no visible lack of graphical frontends to Discover new videos in your favourite channels without accessing the YouTube website at all!
Youtube-dl, but we think we have found the most
advanced and complete one – Tartube. This application
is based on Python and GTK3, and it provides a clean Discovering the Tartube interface
and developed interface for managing videos. In
particular, Tartube can sort your downloads in several
folders, download whole channels and playlists, and lets
3
you define many, if not all, youtube-dl options. 4
Most people use this CLI tool just to fetch the local
MP4 file from a given URL, but youtube-dl can do much
more, and Tartube even helps you to find new videos. In
fact, Tartube lets you completely avoid using a web 1
browser once you have the URL for a channel or a
2
playlist. You can discover the list of videos before
downloading anything, customise download options
globally or individually for any video, preview videos on
Hooktube (an alternative web client for YouTube), run 5
your own Favourites list and more.
Tartube can even run a fully-fledged media library
with integrated search, and that applies to more than
just YouTube, as youtube-dl supports dozens of other Organise videos in folders Set system preferences
web services too (bit.ly/2NVU0s4). This grants users 1 There are five pre-defined folders, plus 4 Tartube has two configuration panels.
a superpower they can use without entering a single you can add your own using the Folder button The one highlighted here defines global
on the toolbar. things such as back-ups, language, download
command! Find a video-hosting site and then use
scheduling, etc.
Tartube to grab all the videos that match your filter Explore the current list of videos
and upload date with ease and added convenience. 2 Decide which items from your channels Adjust download options
Install and run the application this way: or playlist will be downloaded, or play videos 5 You can set up the video format and
$ sudo python3 setup.py install that are already on your computer. quality, manage subtitles, change file naming
rules and other general download options for
$ cd tartube && python3 tartube Main features within reach Tartube from here.
Before downloading, go to the Progress tab to set max 3 Tartube has another toolbar that acts like
downloads, limit speed and specify video quality. a ‘ribbon’ and shows all important actions.

HOTPICKS
TEXTURE GENERATOR
AwesomeBump
Version: 5.1 Web: https://github.com/
kmkolasinski/AwesomeBump
G
ood news for everyone fond of imaging in specular,
Linux! We’ve got a tasty bit of open source ambient
software dedicated to image-processing using occlusion), so
the GPU of your graphics card. The application bears that you get a set of textures for various applications. A must-have tool
for game designers
and 3D modellers.
the memorable name AwesomeBump, and it turns out However, AwesomeBump has more options – for
It’s fast and really
to be a unique tool for generating textures – or at least instance, there is a 3D-editing panel with lots of sliders
the only one with such an impressive set of features. for adjusting shape, lighting, scaling and diffusion for easy to use!
The purpose of AwesomeBump is to assist your texture. If you need to calculate the ambient
professionals in 3D modelling, but the app is friendly occlusion and specularity of an image with real-time
enough to attract novice users as well. With the help of tessellation, than there is no better choice than
AwesomeBump you can create textures, height maps or AwesomeBump. And it’s always good to have a
ambient occlusions out of regular bitmap images – and standalone app not tied to GIMP.
they don’t even have to be made seamless beforehand. The price you pay for all that goodness is that
AwesomeBump solves the problem of precise AwesomeBump requires an OpenGL 4.1-capable
perspective transformation when applying textures to video system. Those who have older hardware with
various 3D objects, no matter if they are regular (such insufficient specs are sadly out of luck.
as a cube), or irregular (such as stone). AwesomeBump is fast and lag-free, as it performs
In some sense AwesomeBump is a more powerful most of its calculations on the GPU. The application can
replacement for Insane Bump – a GIMP plugin. Like be compiled using Qmake and a standard set of Qt5
Insane Bump, AwesomeBump can also convert texture development packages. Ready-to-use assets for Ubuntu
maps (diffuse) into other types of maps (height, normal, are also available on the Github page.
SYSTEM ADMINISTRATION
This is one
of the most
sane, smooth
and logical
GUI tools for
UserManager Linux admins.
Version: 0.1.1 Web: https://github.

com/xvass/UserManager
T
here’s a good reason to recall our dream of
building a perfect custom-tailored desktop
environment that would be fast, smooth and
have a minimum set of external dependencies. It often
feels like an unattainable goal, but we just got a little
closer to it. Meet UserManager, an app that can take
system administration away from the command line. sports large crystal-styled icons with clear meanings.
Specifically, this applies to such commands as You can enter a user/group settings window by clicking
useradd , usermod , groupadd and the like. There’s the appropriate button, or simply by double-clicking the
nothing wrong with that, but having a nifty graphical item you want to edit.
app for managing system users is a superb bonanza It’s very simple, clean and intuitive, but there is room
from the desktop perspective. It isn’t the only one user for a few extras. First, the main table with the list of
manager in the wild – we have similar GUI frontends in users boasts auxiliary columns and can also show the
Gnome, Yast and elsewhere – but we think that default shells for each entry. This way you can easily tell
UserManager has a nicer exterior, and it can be easily real people apart from service accounts created by
installed without closer ties to a Linux distro or a DE. If software such as MySQL or Postfix.
only it had a more distinctive name. UserManager has extra features under Settings. The
The central area has the traditional division of users Configuration window (Ctrl+S) enables notifications for
and groups. You can edit users from two standpoints: by users if their accounts are about to expire, while Create
changing a group’s properties, or by adding or removing Backup quickly saves copies of the passwd, group and
groups in a user’s properties. The colourful main toolbar shadows files from /etc to /tmp. Very helpful indeed!

HOTPICKS
FILE MANAGER
Selecting an MP3
instantly reveals
its metadata. Other
file types are also
supported by the
Minase Minase preview.
Version: GIT Web: https://github.com/

SAT1226/Minase
T
he typical file manager in Linux is usually a
twin-panel file manager. However, there exists
another sort of application that we can usually
only dream about – a text-based file manager. Minase is
one of the best-made applications of that sort – well, it
hasn’t disenchanted us after few days of usage at least.
In order to fall in love with Minase, one has to SIXEL graphics. In simpler words, this utility can render
completely abandon the mouse and switch to a solely high-quality images right inside the terminal. If you run
keyboard-driven life. Minase is designed to run in a your terminal in a graphical mode, or at least using a
terminal, so it is perfectly suitable to use without a full-resolution, mode-setting video driver, then the
graphical desktop at all. The main area of Minase has image quality will nearly match the one of a fully-fledged
two parts: the left one is the current directory, and the image viewer.
right one is the contents of the currently selected item. Of course, Minase can do much more than just let
Use arrow keys to navigate deeper into subdirectories, you roam inside the filesystem. The project’s
which open in the ‘cascading’ manner. If you select a file, Readme.md contains the very valuable cheat sheet
Minase comes up with helpful information. covering all the important key bindings of Minase. Plus,
Editable documents are previewed, and so are there are tips for setting up bookmarks and customising
images, archives and even audio files – Minase shows the application’s plug-ins.
tags via the TagLib integration. For image previews, Minase turned out to be robust and relatively easy
Minase relies on img2sixel (https://github.com/ to use. Once you know its keys by heart, filesystem
saitoha/sixel), a decoder implementation for DEC navigation becomes extremely robust and efficient!
EMAIL CLIENT
1GB of mail
storage for free
is a generous
offering.
Tutanota
com/tutao/tutanota
S
ecurity is everything, and we believe that every
Linux user has a right to enforce their privacy
protection. Various software exists for that
purpose, and this time we will set up a secure email
system. Many Linux users have heard about ProtonMail,
a secure and encrypted service that helps people hide secure the outgoing message with a password. The
their identity from third parties. But there is a less- recipient gets the notification with a link to open the
known yet very featureful contender – Tutanota. encrypted content in the web browser once the
Like Proton, Tutanota earns money from paid password is provided.
subscription plans, but it also has a free plan, which The main benefit of running a local Tutanota instance
boasts some benefits over other competitors. The is that you can go online only to send/receive mails and
Tutanota email client is made with NodeJS and stay offline for the rest of the time. The local client is
deployed as a web application. It lets you run your own great for LANs and for ethical hacking as well.
local instance of the official Tutanota web interface It’s easy to get it running with NodeJS and Python:
(https://mail.tutanota.com), which can be another $ npm install && node dist prod
way to improve privacy protection. $ cd build/dist && python -m SimpleHTTPServer
Under the hood Tutanota’s messages are secured via 9000
a hybrid method of symmetric AES-based encryption After that you’ll be able to access the application at
with a 128-bit key, and asymmetric RSA encryption with http://localhost:9000. Sign up and get the 1GB of
a 2,048-bit key. When you send something to a user storage. Paid plans enable you to set up Tutanota on a
who doesn’t use Tutanota, the service asks you to custom domain.

HOTPICKS
DRAWING APPLICATION
Can you tell the
real MS Paint and
JSPaint apart? Oh,
there’s the Extras
menu in JSPaint!
JSPaint
Version: GIT Web: https://github.
com/1j01/jspaint
S
o many applications go online these days –
music players, word processors, image editors,
and many other sorts of software are being
ported to run right in a web browser. So what about a
whole OS? No problem, there’s a cute Windows XP
mock-up made with JavaScript (https://github.com/
ShizukuIchi/winXP), which is very fun but too useless MS Paint, with all its features and Easter eggs. JSPaint
to be properly reviewed. Nevertheless, that mock-up lives at https://jspaint.app, but it takes a little more
features another open source project – JSPaint, a very effort to get yourself a personal local instance:
true-to-life web recreation of the original Microsoft Paint. $ npm install && npm run dev
Few people think of MS Paint as a serious drawing We spent a great drawing session with JSPaint,
tool, so there’s more of a nostalgic vibe from the days of which was simple enough to be non-distractive, yet it
Windows 9x. Still, did you know that MS Paint had a had all those lovely features found in the original MS
solid set of secret features, such as Clone Tool (hold Paint. In fact, JSPaint even outperformed its roots by
down Ctrl and drag the selection), Custom Brush (same, adding even more features. JSPaint can undo more than
but with Shift), Colour Replacement (use the right just three actions, and it sports the lovely Extras menu
mouse button with Eraser), Grid (zoom to 4x and press with a set of superb items. These include additional
Ctrl+G), Brush Resizer (use +/- keys on the Numpad). themes, multi-user sessions, and a mind-blowing GIF
Before you run away to check this out by firing up renderer that converts your feeble artistic efforts into
$ wine mspaint.exe, or booting the real Windows in a animations, and then politely suggests that you upload
VM, give JSPaint a spin. This is a very faithful clone of it to Imgur…
The longer
SCREENSHOT TOOL you need to
scroll down the
website, the
more megapixels
ScreenGrab there will be in
the grab. But it
will look perfect!
com/crux-lab/screengrab
I
f you want to download the whole internet (or
at least the most important parts) to make a
personal archive similar to the Wayback
Machine, expect a lot of obstacles. One of the problems
with the modern web is that pages often embed too
many scripts and has ties with trendy JavaScript including the base URL, the site’s subsections, image
frameworks. If you try to fetch a whole news portal, like size/scale and also the number of screengrabs done in
the BBC or Fox News, say, via wget, only a small part will parallel. The latter becomes important with high loads,
download. Some Python or Ruby-based utilities often as taking tons of PNGs can be a resource-heavy job.
do the job better, but it’s still not good enough. ScreenGrab is a command-line utility – no browser
However, there is another way of saving things: why window is visible. Yet the grabs are 100% true and
not take screenshots of all the webpages and store perfectly readable. It’s a NodeJS package, so to install it:
them as images? It can be slower and will occupy more $ npm i -g screengrab
disk space, but at least no visible information will be lost and use in the following manner:
(while the images can be later OCRed). $ screengrab -c config.yaml
There is a small application called ScreenGrab that a sample config file is provided.
does exactly that. ScreenGrab silently launches It looks like the only thing missing for unmanned web
Chromium in the headless mode via Puppeteer surfing is something that would populate config.yaml.
(headless Chrome NodeJS API), then visits the pages The file has a simple syntax and it’s impossible to read it
you have defined and takes screenshots. All details and wrong. Just keep an eye on your hard drive space and
configurations are defined in the config.yaml file, don’t let ScreenGrab eat all the free space!

HOTPICKS Games
TOWER DEFENCE
Those red dots
are on the good
side, they just
shoot with
deadly accuracy.
Tower Time
ahrampy/tower-time
W
e really love the tower-defence genre, but there
are very few open source games of this kind
out there. One of the examples that comes to
mind is Machine vs. Machines (see LXF223), once made
by Canonical to help populate the Ubuntu phone
ecosystem. Today’s pick is another rare gem: it’s open
source, very tower-defensive and is extremely playable.
Tower Time is a browser-based 2D game with a playing field have walls, and when you place a turret
classic top view and a number of elements you would somewhere on a free site, it also becomes a wall. This
expect from a tower-defence game. There is a source logic enables you to alter the maze and redirect evil
gate that pours out evil guys (the grey square), and your ones in such a way that they can be exposed to your
precious tower (the red square) that you need to defend. turrets for longer.
You can place four types of turret to shoot the evil ones Quite expectedly, after a few waves you face a
anywhere using unoccupied tiles on the playing field. dilemma of whether it’s best to add more basic
The Tower Time description uses the elements turrets or upgrade existing ones. It’s not a spoiler to
metaphor to describe those four types – they are earth, advise upgrading: Tower Time faithfully shows that
water, fire, and air. Your tower has 20 lives. quality outperforms quantity in the long run.
There are features in the game that we found to be Tower Time is another example of a game where
original. First of all, levels are randomly generated and very basic artwork doesn’t detract from the fun.
never repeat, which makes it impossible to adjust to a Endless levels, good balance of bot strength and
specific maze after multiple training attempts. Next, the turret upgrades makes it very entertaining!
ARCADE GAME
Some enemies are
low down, so you
first need to squat
down and only
then attack.
Rygar-emu
nullobject/rygar-emu
S
ometimes putting the ‘retro’ tag on a game
raises questions, like if it is old enough to be
called retro. But this game isn’t troubled by
that, as it dates back to 1986. Rygar-emu is a faithful
software recreation of the original Rygar gaming launching Rygar-emu you need to press 5 in order to
machine, produced in Japan by Tecmo. For its time, ‘insert coin’. After that press 1 to start the game and
Rygar featured advanced and very appealing graphics then use arrow keys to move, Z to attack and X to
that were years head of its time. jump. The Warrior uses the ‘Diskarmor’ weapon to
The plot suggests you take control of the Legendary attack enemies – an expandable shield with a chain,
Warrior, who must defeat the evil King Ligar and restore which can reach bad guys even at some distance. No
peace in the Argool realm. Essentially, the journey of the health grading is available, and every wound means
Warrior passes through several other realms, each death (although the gameplay says that the Warrior
ending with a boss fight. The game is very Japanese and has already risen from his grave before), so be careful
also very fantasy-themed, which results in a bizarre mix to not get hit at all. However, there are checkpoints
of ancient and futuristic details. The name Rygar is just across the level, which help you advance further and
another spelling of Ligar, so it turns out that the game is complete the level faster.
named after the main evil character. With various power-ups, pick-ups and very
Despite the fact that Rygar was once ported to the responsive controls, playing Rygar-emu is a really fun,
ZX Spectrum, Commodore 64 and other platforms and challenging and time-consuming pastime. The game
became an easily accessible video game, Rygar-emu is written with C and Python, and it ships with concise
recreates the original slot machine version, so after build instructions.

HOTPICKS
INFO & BENCHMARK TOOL

Tests show that
our machine is not
a top-notch one,
but at least it is
faster than a Core
Hardinfo 2 Duo.
Version: 0.6 Alpha Web: https://

github.com/lpereira/hardinfo
M
odern Linux desktops usually have tools for
providing the ‘About this system’ information
that let you find out what your CPU is and how
much RAM you have. But it wasn’t always this way, and
that’s why there’s an application for that purpose.
Hardinfo has existed since 2003, and despite the fact
the previous release (v.0.5) was out in 2009, this is still use Hardinfo to quickly tell how your system performs
under development and receives regular updates. compared to the reference range.
The current, unofficial v.0.6 Alpha is an up-to-date Hardinfo is aware of modern high-performance
system information tool with valuable extra features. CPUs such as AMD Ryzen 7 and Core i7, and it can
The Hardinfo interface has a simple layout made of draw very descriptive plots showing where you are in
two panels: the left one is for the categories tree, and the range. Don’t miss the Generate Report button on
the right one is for displaying the currently active the Hardinfo toolbar, which will collect the maximum
category. The left tree has more than just a summary of amount of data in one take. Hardinfo will perform all
your devices. Check out the Security section (see if available benchmarks and add it to a quite lengthy
your CPU is vulnerable to Spectre, Meltdown etc.), see HTML report.
what kernel modules are loaded, scroll through the list With Hardinfo it is very easy and convenient to
of boots, examine the list of development tools, etc. compare different Linux systems between each other,
The sweetest part of Hardinfo is its benchmarking and it also makes sense to compare different Linux
capabilities. These aren’t as advanced as, say, Phoronix distros on the same machine – for instance, you’ll be
Test Suite, but they are still very cool. In brief, you can able to see which kernel gives better performance.
COMMAND-LINE HELPER
It’s like a mini-
Wikipedia about
file extensions,
right at your
fingertips.
Fileinfo
sdushantha/fileinfo
W
e are not sure if there is a connection between
a program’s size and its value, but it’s clear that
the tiny Fileinfo tool is of extreme use. This
small application is made up of under 100 lines of
Python code and acts as a bridge between your Linux
terminal and the https://fileinfo.com website. The
latter hosts information on over 10,000 file extensions get the application directly from the online repository:
and provides a concise article for each one. $ pip3 install --user file-info
Many developers (and virtually everyone who spends Once it lands, use it with the following syntax:
much time working with the command line) find it $ fileinfo <some_extension>
uncomfortable to switch away to a web browser for You can provide only one extension at a time, and it
some information, so that’s where Fileinfo comes in makes no difference whether there is a dot before it
handy. Fileinfo searches for the provided extensions and or not. We noticed that the original pages at https://
outputs its description back to the terminal. If it does fileinfo.com split each article into the main part into a
not find the correct match, it just says so, but keep in distilled description and the More Information part.
mind that https://fileinfo.com has been around for The Fileinfo app only shows the first one, which is
over a decade, and there is very little chance it is more than enough and does not clutter your terminal.
missing extension data. If you come across a file with a weird extension that
Getting the Fileinfo utility up and running is very you cannot properly identify, try to feed it to Fileinfo
uncomplicated. The code from the Github pages can be and quickly get a clarification. It looks like it is the
easily installed using Pip3, but it is more convenient to fastest way of cracking extension mysteries!

CODING ACADEMY
LIBREOFFICE
Using Calc for serious
mathematics work
Mike Bedford suggests that – in a change from its more common business
use – LibreOffice Calc offers much to the scientific and mathematical user.
longside the word processor and presentation
A software, the spreadsheet forms the mainstay

of business computing – and for good reason.
Spreadsheets enable business users to do many tasks
quickly that would otherwise require either several
OUR dedicated applications or coding. However, we’d like to
propose that it does the spreadsheet a massive injustice
EXPERT to suggest this is the limit of its potential. In fact, we’d
Mike Bedford go as far as to say that it is also a very powerful tool for
despite his mathematical and scientific computing.
experience with As a high-level scientific calculator it has so many
programming uses. Here we’re just scratching the surface, but it could An unusual example of an XY plot is the generation of the Sierpinski
languages and be used for quite complex calculations in science or Triangle using random numbers.
scientific engineering, and for trying out ideas in a range of
calculators, scientific disciplines. A particular strength is graphics, needs will be different from the requirements addressed
commonly uses so we can imagine it being used to show experimental by our examples, but we trust that once you’ve stared to
the humble results graphically – by students for use in projects and see the humble spreadsheet in a new light, your creative
spreadsheet for coursework, by teachers for use in handouts, by juices will begin to flow.
problem-solving researchers for preparing illustrations for use in This tutorial will be particularly useful for readers
in maths, science academic papers, and by scientific authors for use in who don’t code, but even for coders, this will prove to be
and engineering. books and articles. a quicker way of doing a job in many cases. And on the
Here we’ll be focusing on applications that have a subject of programming, although spreadsheet
graphic element, if for no other reason than it provides applications usually have built-in programming
us with more attractive-looking screenshots. We’ve languages that can be used to write macros, no part of
categorised this article as inspirational. By this, we our main example exercises use this facility. This is in
mean that our aim here is to give you a better view of recognition of our view that if you’re going to write some
LibreOffice Calc’s potential for scientific use, even code, you might as well use a more conventional
though, in some cases, our example workbooks aren’t programming language. That is something of a
particularly difficult to create. The chances are that your simplification, however, so don’t lose sight of the fact
you could still make use of a spreadsheet, even if you
have to write a short macro. Indeed, we suggest one
LibreOffice such exercise as a closing example, although we leave it
Calc provides
mostly to you to figure out how to do it.
lots of options
for formatting
Oh, and finally before making a start, we’re assuming
charts. Included that you are familiar with using spreadsheets, even if not
here are for this sort of application. If that is not the case with
line styles, you, you would be well advised to get up to speed on
thicknesses and the basics first.
colours, marker
types, sizes and Mathematical functions
colours, axis In the realm of business use, rarely is the requirement
formatting and for maths any more complicated than the common
LibreOffice Calc’s trigonometry functions and its charting capabilities
so much more.
make it easy to illustrate the concept of the Fourier Series. arithmetic operators of add, subtract, multiply and

LibreOffice Calc CODING ACADEMY
divide, plus simple functions such as summing multiple

values, averaging, and determining maximum or
minimum values from a list. For scientific use a lot more
might well be needed, and LibreOffice Calc certainly
doesn’t disappoint. Of course, the four arithmetic
operators are augmented by exponentiation, and in
the realm of functions the repertoire is as good as that
provided in many programming languages. Specifically,
all the trigonometric functions are available, including
inverse and hyperbolic variants, as are functions such
as square root, rounding, factorial, logarithms and
random number generation. There are also logical
functions including NOT, OR, AND and XOR. What’s
more, if you need yet more specialised functions, the
Add-in Analysis Functions include number base
conversions, support for complex numbers, plus
Gaussian and Bessel functions.
Already we can start to see something of the
strength of LibreOffice Calc for teaching maths, and in A major omission in LibreOffice Calc is three-dimensional charts such as this surface plot or
particular we’re going to look at the concept of a Fourier contour plots. However, we do have a workaround.
Series. As a quick reminder, this allows any periodic
waveform to be created by summing an infinite number ripples on the sections that should be horizontal – but if
of sine waves. At first sight, it seems barely conceivable you add more terms, you’ll soon get very close.
that a square wave can be constructed this way, for If you want to add more terms, we suggest that you LibreOffice
example, but it’s easy to show that it can. The Fourier reduce the amount of work by making your spreadsheet includes a utility
Series for a square wave is sin(x) + 1/3 sin(3x) + 1/5 sin rather more sophisticated. Here we’ll only refer to those – the Math
(5x) + 1/7 sin (7x) and so on indefinitely. Needless to changes that affect the functionality, but once you’ve Formula Editor
– which allows
you to create
say, we can’t calculate an infinite series, but we can see got it working, edit the column headings accordingly.
equations. You
how it gets ever closer as we add more terms. You’ll have noticed, no doubt, that the expressions
can use it as a
So let’s create a spreadsheet. In accordance with you typed into columns C to F are identical except for
stand-alone
good practice, give it a name in cell A1, and label the numbers 3, 5, 7 and 9, and you could have written
columns A, B, C, D, E and F by putting x, sin(x), 1/3
utility or from
the expression in B4 (and hence it would also have
sin(3x), 1/5 sin(5x) etc. in cells A3 to F3 and sum in G3. ended up in all the other cells of column B) as within Calc
Now put the value -8 into cell A4, =A4+0.2 into cell A5, =1/1*sin(A4*1) , because that’s the same as =sin(A4) . where you’ll
and copy down from A5 to A48. Note that we’re This means that, if you insert a new row above row 3, find it at Insert
incrementing in small steps of 0.2 because the which will then be a new empty row 3, you can now > Object
trigonometric functions expect an angle in radians, not enter 1 into B3, =B3+2 into C3, and copy right from C3, > Formula.
degrees. Next, enter =sin(x) into B4, =1/3*sin(3*A4) into and that row will contain the numbers 1, 3, 5, 7, 9 and so
C4, =1/5*sin(5*A4) into D4, =1/7*sin(7*B4) into E4, on, depending on how far you copied. You can then
=1/9*sin(9*A4) into F4 and =sum(B4:F4) into G4 before change the expression in B5 (formerly B4) to refer to
DOCUMENTING YOUR SPREADSHEET

copying cells B4 to G4 down to row 48.
Looking at the figures in column G by eye, it’s pretty
clear that they represent something not too dissimilar
to a square wave, and if you’re feeling enthusiastic you
could add more of the series to get even closer. Programmers are always taught to document their code with
However, a picture is supposedly worth a thousand comments so that they, or someone else, will be able to understand
words, or in this case 160 figures, and this brings us to it if they need to debug or modify it at a later date. Just the same is
LibreOffice Calc’s graph-plotting capabilities. true of spreadsheets, so here are a few suggestions to make your
Graph plotting
creations more readable.
No doubt you’ll give your spreadsheet a sensible filename so it’s
Graph plotting might be a powerful and commonly used more easily identifiable, but it doesn’t end there. If your spreadsheet
feature of spreadsheets, but as with the mathematical contains multiple sheets, make sure you rename them to something
functionality, the types of graph used in business more meaningful than the default names of Sheet 1, Sheet 2, etc.
applications rarely go beyond the bar and pie charts Next up, make sure you include a meaningful title in the very first
that have adorned so many sales presentations. cell so it acts as a heading. This might not be enough by itself, so
Happily, Calc’s graphical capabilities go well beyond consider adding a few lines of sub-headings to explain the purpose of
these somewhat mundane chart types, as we’ll see in the spreadsheet more fully, and to explain how to use it. Alternatively,
several of our examples. so you have better formatting options, you might prefer to use a text
Before getting into more complex charting, however, box for this purpose. You could even dedicate a whole sheet for
let’s return to our Fourier Series spreadsheet, where we providing this sort of documentary. Note that you can include
only need to add a graph to illustrate the concept much properly formatted mathematical equations as images, and these will
more visually. Select all the figures in columns A and G look a lot better than single line formulae with loads of brackets.
and create an XY chart, choosing the option with lines And finally, make sure you give columns meaningful headings, and
but not points. You’ll immediately see that the result is the same might also apply to rows.
getting close to a square wave – albeit with some

CODING ACADEMY LibreOffice Calc
the value in B3 (make sure you refer to it as B$3 so that

the row number is absolute and won’t increment when
you copy down. For a similar reason refer to A5 as $A5).
Copy it down to B85, and then copy B5:B85 as far right
as you copied values in row 3. You will then, of course,
need to recreate the sum column.
As a final enhancement – we’ll leave you to figure out
how to do it – how about having a single cell containing
a value that dictates how many terms of the Fourier
Series to sum, so you can quickly see the result of
altering the number of terms.
XY charts
Figure 5: Plotting the Mandelbrot Set in a spreadsheet isn’t as tricky as
it might seem, even though it’s easier with a simple macro.
It might be quite
We’ve already used an XY chart, but apart from the fact
a mundane
that the x-axis shows the values of the independent
use, but have

variable, i.e. -8 to +8, rather than just a count starting However, with a spreadsheet it’s easy to generate the
you considered
from one, it looks pretty much the same as it would if x and y-coordinates of subsequent current points and
using
we’d just selected the numbers in column G and plotted plot them as an XY chart. We suggest that you define
LibreOffice Calc a so-called line chart. For scientific or mathematical use the positions of the three corners, making the initial
as a scientific this is generally what we’ll want, but the flexibility of an triangle as large or as small as you want, in six cells, i.e.
calculator? You XY chart offers other benefits. Perhaps most notably, the x and y-coordinates of corners 1, 2 and 3. Now use
might not even values down a column (or across a row) don’t three columns that will contain the x and y-coordinates
bother saving necessarily have to be plotted in sequence from left of the current position and the random number. Having
your result,
just type the
to right. As an example, which also differs in that we’ll entered the formulae for the top cell in each of these
formula you’re
plot points instead of lines, we’ll look at a somewhat three cells, just copy them down for a few thousand
interested
fascinating method of plotting a fractal figure known cells. Finally, select the numbers in the columns
in to see an
as the Sierpinski Triangle. containing the x and y-coordinates of the current
immediate
As a quick reminder, a fractal figure is one that shows position and create an XY chart, using the variant with
result. self-similarity at all levels of magnification. The simplest points but not lines. To see the detail, you’ll need to
way to envisage the creation of a Sierpinski Triangle is to format the chart so the points are as small as possible.
The elusive 3D plot

take a solid equilateral triangle, divide it into four
triangles of half the linear dimensions of the initial
triangle, and cut out the centre triangle. The same steps Despite our enthusiasm about using LibreOffice Calc for
are carried out on the remaining three triangles, and the technical applications, we have to report an important
process continues forever at increasingly small scales. drop-off. As yet, 3D charts are not available, even
There are lots of apparently different ways of though Excel supports this type of graph. Certainly it
generating this figure, but here’s an intriguing one: allows some 2D graphs to be formatted with a three-
1. Draw an equilateral triangle, label its three corners 1, 2 dimensional appearance, but what we’re referring to is
and 3, and mark a point – which we’ll call the current genuine 3D charts where some variable – the
point – somewhere inside it. dependent variable – is shown as a function of two
2. Generate a value of 1, 2 or 3 at random, and mark a other variables – the independent variables. This can be
Despite Calc’s
new point – which will become the current point – half presented as a surface plot, which looks like a three-
lack of 3D charts, way between the existing current point and the corner dimensional terrain, or a contour plot, which appears
it is possible to represented by the random number. two-dimensional but uses colour coding to represent
create a pseudo
contour plot as
3. Carry out step 2 again and again and again until you the dependent variable, rather like some topographic
this example of
get bored. The more points you plot, the closer the maps use colour to represent altitude.
an oscillating
result will come to the Sierpinski Triangle. Despite this omission, we are reporting it here in
quadratic Doing this with a pencil, paper, ruler, and a dice to the hope that someone might feel inspired to add this
membrane shows. generate the random number will take a long time. feature to the open source LibreOffice project. However,
we are also able to offer a work-around that will enable
you to produce something that looks very similar to a
contour plot.
The example we’re going to use is the simulation
of a square plate that’s vibrating due to soundwaves.
Physicists refer to this as an oscillating quadratic
membrane. You might have seen this done
experimentally, with fine powder spread on the plate to
indicate areas of movement – it can produce quite
intricate patterns. This was studied in the early 19th
century by Ernst Chladni, who discovered that the
behaviour is described by a partial differential equation.
Because this isn’t the place for a discussion on
physics, we’ll cut a long story short and look at how to
create a spreadsheet to plot the patterns of a plate that
is excited by two frequencies.

LibreOffice Calc CODING ACADEMY
Put a title in the top row and label cells A3 to H3 with

a1 , a2 , a3 , a4 , b1 , b2 , b3 and b4 . Now, in cells B3 to
H3, enter 3 , 5 , 5 , 13 , 1 , 1 , 1 and 1 respectively.
These are four constants that define the behaviour, and
you can alter them later to produce different patterns.
Enter 0 in B6 and =B6+PI()/40 into C6. Now, copy right
from C6 as far as AP6. This will result in values from 0 to
pi, in small steps, appearing across row 6 – these are
the x-coordinates of the plate. Do the same down
column A, so you have the same values from A7 to A47
– these are the y-coordinates. Next, enter the following
formula into cell B7: =$E$4*SIN($A$4*$A7)*SIN($B$4*B
$6)+$F$4*SIN($B$4*$A7)*SIN($A$4*B$6)+$G$4*SIN($C
$4*$A7)*SIN($D$4*B$6)+$H$4*SIN($D$4*$A7)*SIN($C$
4*B$6) . Copy it down to A47, and then copy A7:A47 right
to cells AP7:AP47. As a check, you should see the value LibreOffice Calc
has all the facilities
you’ll need for
0.831254 in cell C8. We now have values of movement 1. Initialise a complex number with (0, 0) and a count
correctly formatting
for 1,600 positions across the plate, but to really with 0.
appreciate what’s happening we need that elusive 2. Square the complex number and add the complex graphs of scientific
surface or contour plot. Here’s our workaround. number passed to the macro using complex arithmetic, experimental
Rename the sheet you’ve been working on “Main” saving the result as the new complex number. results.
and rename the second sheet “Contour Plot”. Now, in 3. Calculate the modulus of the result, that is the
cell A1 of the Contour Plot sheet, enter =Main!B7 . Copy distance from the origin.
this down as far as A41, and then copy A1:A47 right as 4. Increment the count.
far as AO1:AO47. You now have a copy of that array of 5. If the modulus is 200 or greater, exit, returning the
1,600 values on this second sheet. Next, use the facility value of the count.
called Conditional Formatting that you’ll find under 6. Otherwise, loop back to step 2.
Format. This allows you to define the colour of the text A further suggestion is that you provide four cells to
and background of cells, depending on the value they enter the x and y-coordinates (i.e. the real and
contain. For different values of a1 to b4 you might need imaginary components of the complex number) that
to take account of different values, but for our initial define diagonal corners of the area of interest. We
values of these constants all the resulting values are suggest you plot the whole Madelbrot set by entering
between -2 and +2. This being the case, you’ll get good (-2.25, 1.5) as the top-left corner and (0.75, -1.5) as the
results if you define different colours for the ranges -2.0 bottom-right corner. Of course, most dedicated fractal
to -1.6, -1.6 to -1.2, -1.2 to -0.8, -0.8 to -0.4, -0.4 to 0.0, software has a user interface that enables you to zoom
0.0 to 0.4, 0.4 to 0.8, 0.8 to 1.2, 1.2 to 1.6 and 1.6 to 2.0. in by dragging a box around the area of interest, but we
In each case you should use the same colour for the think that’s a struggle to do that in LibreOffice Calc.
VISUALISING EXPERIMENTAL RESULTS

background and the foreground so the text becomes
invisible. The result is a contour plot but it’ll be too large
to appreciate it properly. Finally, therefore, reduce the
size of the rows and columns in the Contour Plot sheet,
making sure that the cells are square. All the examples in the main part of this tutorial generated results
Mandelbrot madness
purely within LibreOffice Calc, using the laws of maths. However, it is
also useful for creating graphs of experimental results, perhaps
For our final example, we’re going to provide little in the combined with equivalent results from simulation studies generated
way of advice, with the aim of helping you learn a bit elsewhere. Calc offers several facilities that would be beneficial here.
more about technical uses of spreadsheets by figuring First of all, it’s especially useful when displaying several datasets
out the details yourself. That exercise is plotting all or a on a single XY chart that some can be shown as lines, while others
part of that most famous of fractals, the Mandelbrot set. can be shown as points. This allows experimental results to be shown
If you’re not familiar with it, you read up on it first. This as points, because intermediate values should not be interpolated, yet
is shown as a contour plot, so you’ll use the same simulated results could be shown as a line where intermediate values
method we saw for the oscillating quadratic membrane. are meaningful.
For this exercise, we suggest that you write a short Second, it is possible to show error bars – often required when
macro, despite our suggestion in the introduction that if showing experimental results. And third, trend lines can be added to a
you’re going to write code you might as well work in a series of points – these can be linear, logarithmic, exponential or
more conventional programming environment. However, power. In addition to drawing the line, Calc will also show you the
in this case, although people have plotted the equation that defines the line, so in the case of a linear trend line, for
Mandelbrot set in a spreadsheet without macros, we example, you can see the slope and the intercept with the y-axis.
believe that a small amount of work in creating that And finally, note that as an alternative to linear axes, Calc is able to
macro will more than pay for itself, by allowing the use logarithmic scales for either or both of the axes, which is a must
associated spreadsheet to be so much simpler. The for some datasets.
functionality of that macro is as follows:
IMPROVE YOUR CODE SKILLS Subscribe now at http://bit.ly/LinuxFormat

CODING ACADEMY Seach engine analytic
ELASTICSEARCH
Build a search and
analytic engine
Mihalis Tsoukalos explains how to work with Elasticsearch, Logstash,
Beats and Kibana to build and improve your own search systems.
he main subject of this tutorial is Elasticsearch,
T which is a distributed search and analytics

engine. However, it can’t work on its own and
requires other software for collecting, analysing and
visualising data. Elasticsearch works very well with
OUR Logstash and Kibana – both will be used in this tutorial.
Additionally, you will see Filebeat in action.
EXPERT Nowadays, almost all software can run as a container
Mihalis using a Docker image, and Elasticsearch is no exception.
Tsoukalos For reasons of simplicity, we are going to use a docker-
is a data scientist compose.yml file for executing the Elasticsearch Docker
and a technical image along with Kibana. The contents of docker-
writer. He is compose.yml will be the following: Figure 1: This is the output you get when connecting to an Elasticsearch
also the author of version: ‘3’ server. You can use that output as an indication that everything is OK.
Go Systems
Programming services: - elastic
and Mastering kibana:
Go, 2nd edition. image: docker.elastic.co/kibana/kibana:7.5.1 networks:
You can reach container_name: kibana elastic:
him at www. environment: driver: bridge
mtsoukalos.eu - ELASTICSEARCH_URL=http://elasticsearch:9200 Store docker-compose.yml in its own directory for
and @mactsouk. - ELASTICSEARCH_HOSTS=http:// reasons of simplicity and efficiency – give a descriptive
elasticsearch:9200 name to the relevant directory. After that you can start
networks: the Docker image by running docker-compose up and
- elastic stop it with docker-compose down from inside that
ports: directory. Note that if you have issues with a docker-
You can learn - 5601:5601 compose.yml YAML file, it helps to look at the generated
more about output for hints about the problems. Keep in mind that
Elasticsearch elasticsearch: Docker in general and docker-compose.yml files
at www.elastic. image: docker.elastic.co/elasticsearch/ specifically make experimenting with complex software
co and at www. elasticsearch:7.5.1 a better experience, so use them when possible.
elastic.co/ container_name: elasticsearch
products/
enterprise-
environment: Docking with Elasticsearch
search. You
- cluster.name=LXF After successfully running the docker-compose.yml file,
can find the - xpack.security.enabled=false you can connect to Elasticsearch by pointing your web
documentation - discovery.type=single-node browser to http://localhost:9200, which is the port
pages of - “ES_JAVA_OPTS=-Xms2g -Xmx2g” assigned to it. Figure 1 (see above) shows the kinds of
Elasticsearch, cap_add: information that you are going to use when connecting
Kibana and - IPC_LOCK to the running Elasticsearch instance – the output is in
Logstash at ports: JSON format, which is the way Elasticsearch accepts
www.elastic.co/ - 9200:9200 data and communicates. JSON documents have a
guide - 9300:9300 structure and can be parsed and processed more easily
networks: than plain text data. If you don’t see any error

Search engine analytic CODING ACADEMY
Figure 2: This
shows how you
messages, everything is fine with the Elasticsearch
can insert data
container. In the JSON output, you can see the
Elasticsearch version you’re running – in this case 7.5.1. to Elasticsearch
Now you should mainly do two more things. The first manually, using
curl. However,
software such
one is use some software to collect data and store it in
as Logstash
Elasticsearch, which in this case is going to be Logstash
and Filebeat is
and later Filebeat, and second, use other software
(Kibana) to process and visualise your collected data. usually used for
As all of these are being developed by the same putting data into
company, they work extremely well with each other. Elasticsearch.
Datacentric
Elasticsearch can store data without being able to
}
ELK is an
collect it. For the purposes of this section, we‘re going to
}
acronym for
manually put sample data and query it in the next
Elasticsearch,
section. Note that data is usually not inserted manually.
filter {
Logstash
Use curl as follows to put sample data in:
$ curl -XPUT “localhost:9200/lxf/external/ if [path] =~ “access” {
and Kibana.
mynewid?pretty” -H ‘Content-Type: application/json’ mutate { replace => { “type” => “apache_access” } } Recently the
-d ‘ grok { ELK stack has
{ “first_name”: “Mihalis”, match => { “message” => been renamed
“last_name”: “Tsoukalos” }’ “%{COMBINEDAPACHELOG}” } Elastic stack. All
} three products
are open
The data we just put into Elasticsearch will be stored in
}
source projects.
an index, which is how Elasticsearch organises its data.
date {
Elasticsearch
You can think of an index as a database in the relational
match => [ “timestamp” , “dd/MMM/yyyy:HH:mm:ss
was developed
database terminology. Lastly, a type in Elasticsearch is
Z” ]
first, and the
like a table in the relational database terminology. The
}
other two
name of the index is lxf and the id value is mynewid.
These values are defined in the endpoint used by curl. } followed next.
Figure 2 (see top right) shows the full interaction with In 2015, Elastic
Elasticsearch, which includes the Elasticsearch reply. output { added Beats to
Now query Elasticsearch using curl. The query that elasticsearch { the stack.
follows will return all documents in the lxf index: hosts => [“elasticsearch:9200”]
$ curl -XGET http://localhost:9200/lxf/_ index => “apache-logs”
search\?pretty\=true\&q\=\*:\* }
The next query will return all indices found in the stdout { codec => rubydebug }
running Elasticsearch instance: }
$ curl ‘localhost:9200/_cat/indices?v’
Pile of Logstash ABOUT LOGSTASH

Although you can execute Logstash as a Docker image,
this section will perform a manual installation of Logstash is a tool for managing events and logs. Usually, Logstash
Logstash on the Elasticsearch container, which runs stores the data it collects in Elasticsearch, so that it can be processed
CentOS. Execute the following commands: and visualised. Additionally, Logstash can process data before sending
$ docker exec -u 0 -it elasticsearch bash it to Elasticsearch, which can be good when dealing with lots of
# rpm --import https://artifacts.elastic.co/GPG-KEY- data generated by very busy servers. This will not only make the
elasticsearch visualisation process much faster, but it will also make the storing
# vi /etc/yum.repos.d/logstash.repo process faster.
# yum install logstash Logstash can accept data from many sources (inputs), process it
# yum install java and forward it to any of its available destinations (outputs). The list of
The first command is required to connect to the inputs includes plain text files, Kafka and Elasticsearch – each input is
Elasticsearch container. For the contents of /etc/yum. supported by an input plugin. Output plugins (www.elastic.co/guide/
repos.d/logstash.repo look at http://bit.ly/ en/logstash/current/output-plugins.html) work the same way for
LXF261elastic. We are now free to use Logstash to generating output.
process Apache log files. The path of the Logstash configuration file is either /usr/share/
In this section you will learn how to use Logstash to logstash/pipeline/logstash.conf or /etc/logstash/logstash.conf.
put data into Elasticsearch using an Apache log file as However, if you execute the Logstash binary with the -f option, you
input. The Logstash pipeline configuration we’ll use has can specify the path of the configuration file you want. It is in this
the following contents and is saved as /etc/logstash/ configuration file that you specify your inputs, their processing and
apache-log.conf in the Elasticsearch container: the outputs, which means it is the most important part of a running
input { Logstash process. Each Logstash configuration file has three distinct
file { parts, named input, filter and output – note that only the filter part is
path => “/tmp/access.log” optional. Lastly, you can get the list of supported plugins by executing
type => “apache_access” logstash-plugin list.
start_position => “beginning”

CODING ACADEMY Seach engine analytic
Logstash supports plugins for getting input and After that, select Next Step and choose @timetamp
Do not
sending output. To use a plugin, you need to specify its in the Time Filter Field Name area. When done, select
underestimate
name and the required options, which in this case is the Create Index Pattern. Now, select Visualize from the
the power of
path of the Apache log file that is going to be processed. Kibana menu and click on Create New Visualization.
a properly
The name of the Elasticsearch index will be apache-logs Choose Pie and the apache* source. Click on Add under
written docker-
– you are going to need this to be able to use the data Buckets and select Split Slices. Figure 4 (see right)
compose.yml from the Apache log file in Kibana. The filter part is what shows the options and the visualisation that was
configuration enables Logstash to understand and parse the different created using the data stored in the apache-logs
file because parts of each Apache access log entry. Elasticsearch index – the presented output visualises
it can save Start Logstash by going to /usr/share/logstash and the HTTP status codes.
you lots of
time when
executing ./bin/logstash -f /etc/logstash/apache-log. Note that Kibana has more capabilities and options
you want to
conf. Finally, put the Apache log file inside the Docker than this, but they cannot be covered in a single tutorial
create the same

image in the place specified in apache-log.conf: – so if you like Kibana then you should experiment with
$ docker cp ./access.log elasticsearch:/tmp
environment
it on your own.
elsewhere.
Logs to the max
This will trigger the Logstash process, which will
Having a library
automatically process the Apache log file and put data
of such YAML in Elasticsearch. You can verify the data was sent to Software that can capture data from multiple server
files can be a Elasticsearch and stored in the apache-logs index with: logs is Filebeat, which is also rather helpfully developed
great asset and $ curl ‘localhost:9200/_cat/indices?v’ by Elastic. Here we will illustrate the use of Filebeat in
will save you health status index uuid pri rep docs. reading data from log files and transferring it to
from having count docs.deleted store.size pri.store.size
to create an
Elasticsearch. As Filebeat is just a service, it doesn’t
yellow open apache-logs Qh4Jce9qQQOXvxO-
entire software
require its own Docker image – you can just install it on
KmMiEw 1 1 9430 0 5.8mb 5.8mb
infrastructure
a Linux machine using your favourite package manager
from scratch.
Now that we’ve put some real data into Elasticsearch, and configure it from there.
we can visualise it using Kibana. The main advantage of Filebeat is that it enables you
Kibana visuals
to forward logs and files from multiple machines to a
central location, which means you don’t have to visit
The dedicated visualisation dashboard for Elasticsearch each machine individually to find out what is happening
is Kibana. Figure 3 (see below) shows the initial screen in there. Its second advantage is that it’s pretty
of Kibana, after connecting to http://localhost:5601. lightweight and will not create too much load on the
The Kibana UI is quite busy and can perplex first-time machine it runs on. Once again, we will use Kibana to
users. Note that you will connect to Kibana without view, process and analyse the data stored by Filebeat.
needing any username and password combination. Note that Filebeat, which is written in Go, can directly
The first step is to create an index pattern to get the forward data to both Elasticsearch and Logstash – it is
data that interests us from Elasticsearch. On the left up to you to decide how you are going to put your data
side of the screen you can see the various components to Elasticsearch: directly, without any processing, or
and options of Kibana. Go to Discover, and in the Create indirectly, for more advanced processing.
Index Pattern area, write apache* and select the As we are using Docker images for almost everything
apache-logs index from the list. in this tutorial, we will continue doing so here. To include
ABOUT KIBANA
Filebeat in the docker-compose.yml file, add the
following lines to it and restart it:
filebeat:
image: docker.elastic.co/beats/filebeat:7.5.1
Kibana offers analytics and a search dashboard for Elasticsearch, as container_name: filebeat
well as visualisation capabilities for data stored in Elasticsearch. user: root
Kibana is so handy that it would be a shame to use Elasticsearch links:
without combining it with Kibana. Generally speaking, you will not - elasticsearch
need to work so much with Elasticsearch directly as you will use environment:
Kibana to get and process data stored in it. However, knowing how to - ELASTICSEARCH_URL=http://elasticsearch:9200
execute queries in Elasticsearch can be handy for troubleshooting.
When using the default port number, Kibana can be accessed by
your browser via http://localhost:5601 or http://hostname:5601,
in case you want to access it from a different computer.
It’s a good idea to know some Kibana terminology. An index
pattern tells Kibana about the Elasticsearch indices you want to work
with. A dashboard allows you to group and organise multiple metrics
and visualisations. To visualise and explore data in Kibana, you need
to create an index pattern to retrieve data from Elasticsearch.
Kibana can also work with Vega – a convenient capability that will
enable you to customise visualisations. Learn more at www.elastic.
co/guide/en/kibana/current/vega-graph.html.
Kibana has support for machine learning for data analysis and as a
way of extracting conclusions or predictions from data, and also has
an interface for managing certain parts of Elasticsearch and Logstash. Figure 3: The initial screen of the Kibana UI, which contains lots of info
and data. On the left you can see available sections of Kibana.

Search engine analytic CODING ACADEMY
co/products/beats), which is basically a set of data

shippers. A data shipper is a lightweight agent with a
specific purpose, this means that each data shipper in
the Beats collection collects a different kind of data.
Kibana and Vega

One of the options in Kibana when choosing a
visualisation type is Vega, which is currently in
Experimental status. Vega (https://vega.github.io) is
a JavaScript library, which implements a grammar that
offers a convenient way for creating graphs and plots.
This means that you should follow certain rules and use
certain keywords on your Vega files. After selecting the
Vega visualisation, you will be presented with a screen
that enables you to write your own Vega or Vega Lite
code. Unfortunately, talking more about this capability
is beyond the scope of this tutorial.
Figure 4: This shows a pie chart visualisation, created in Kibana using
Apache access log data imported to Elasticsearch using Logstash. Machine learning
The presented version of Kibana offers some machine
networks: learning functionality that can be accessed by clicking
- elastic on the Machine Learning option. You can analyse data
Note that if you are going to forward your log files to from an external file, which is currently an experimental
Logstash, you will need to modify the above docker- feature, using an existing index pattern or by using a
compose.yml block to include information about the third, paid option. Note that when processing external
Logstash Docker image. files, Kibana still needs Elasticsearch to store data, but
Now, we will need to configure Filebeat to know what there will be no need for software such as Logstash or
to do and what log files are going forward. The Filebeat to collect data.
configuration file of Filebeat, which is in YAML format, We made Kibana output that was generated by data
can be found at /etc/filebeat/filebeat.yml, when taken from an external Apache log file. The process was
Filebeat is installed on your local Linux machine, or at really easy to follow and the visualisation was created
/usr/share/filebeat/filebeat.yml when you run painlessly by Kibana. The output showed a high-level
Filebeat using a Docker image – the configuration file of overview of the Apache access log file, including the
Filebeat used here can be seen in Figure 5 (see below). number of records and the HTTP status codes.
The Filebeat configuration file shows that the file to Although doing simple things with the Elastic stack
be processed is /var/log/access.log and that it is an does not require lots of experience and effort, doing
Apache log. Note that you can also specify entire core complex tasks is not always straightforward and
directories where Filebeat will search for input files. requires some experience. The only way to learn how to
Additionally, it informs Filebeat about the name and the use Elasticsearch and the other software presented in
port number of the Kibana server, as well as the name this tutorial is by experimenting and trying things and
and the port number of the Elasticsearch server where failing and succeeding – you will find that failing will be
data is going to be stored. The name of the Elasticsearch a large part of your learning process. The good thing is
index is specified by Filebeat and has a format that you can use log files and data from your own Linux
analogous to filebeat-7.5.1-2019.12.28-000001. machines and that you can run all software locally, so
Before executing Filebeat, go to the Docker image by start collecting and visualising data now!
running docker exec -u 0 -it filebeat bash on your Linux
shell, make the changes to filebeat.yml (see Figure 5)
and execute ./filebeat -c filebeat.yml -e.
Filebeat comes with some preconfigured Kibana
dashboards that you can install by executing ./filebeat
setup --dashboards from the Filebeat container, but this
is optional – you might find the feature useful when you
become more proficient with Kibana and Filebeat.
Figure 5: The
Note that Filebeat also supports modules, these are
Filebeat config file
files used for parsing various popular types of log files –
the list of modules installed on the Docker image can be used for processing
found inside /usr/share/filebeat/modules.d/. You can an Apache access
log file, located
in the Filebeat
learn more about Filebeat modules at www.elastic.co/
Docker container.
guide/en/beats/filebeat/7.5/filebeat-modules.html.
Output is stored on
You can find more information about Filebeat at
www.elastic.co/products/beats/filebeat. Note that an Elasticsearch
Filebeat is a part of the Beats collection (www.elastic. server.
IMPROVE YOUR CODE SKILLS Subscribe now at http://bit.ly/LinuxFormat

On the disc
Discover the highlights from this month’s packed DVD!
DOWNLOAD
YOUR DVD
Get code and DVD images at:
www.linuxformat.com
/archives
START HERE
FOR GRUMPY TEENS
REC. SPECS: 2GB MEMORY, 10GB DISK
USING THE LXFDVD

Using Linux for the first time can
Solus 4.1 64-bit
S
be very confusing. It’ll be unlike
anything that you’ve likely operated
before, especially if you’re used to olus is an independent distro that first
Microsoft Windows or Apple appeared in 2012. Since then it has
macOS.
brought many innovations: its own
Generally our DVDs are designed
to be run directly, which is to say
Budgie desktop (with its gothically titled Raven
that when you first power on your sidebar), the Steam Linux Integration tool
PC (or Mac) it should ‘boot’ from (sadly now defunct), its bespoke package
the DVD – so before Windows or manager (eopkg) – and it has also nurtured
macOS even starts to load – with
an enthusiastic community.
Linux running directly from the
DVD. This trick is known as a Live It’s been nigh on a year since Solus 4.0
(Fortitude) was released (see our review in
LXF250), so we were excited to see what’s new
Disc. It enables you to try out the
various versions of Linux without Nevermore be bothered by lack of easy to access volume
having to install or change anything in this update. Solus is popular with gamers, and playback controls. Nevermore!
on your PC. Just remove the DVD,
restart your PC and it’ll be exactly
and this new release comes with the widely
as you left it. discussed ESync fixes streamlined, and support Calamares installer’s simple setup questions
While many systems will boot for third-gen Ryzen processors plus new GPUs than it will to copy onto the target drive. You’ll
from a DVD when it finds one, from AMD and Nvidia. Besides the new kernel find everything you need to get started is
many will not. See below for the (5.4.12) there’s also updated Mesa (19.3.2), and installed, with a bare minimum of cruft.
standard process for enabling gtreamer (1.16.2) packages, as well as various Solus follows a rolling release model, so if you
booting from a DVD on various
desktops and laptop PCs.
multimedia improvements. All of which should already use the Budgie edition your system will
contribute to a slick audio-visual experience. automatically receive this update. If not you’ll
The alternative option is to
locate the ISO file on the DVD and In line with other distros Solus now uses find Budgie 10.5.1 a pleasure to work with. It has
write this to your own USB thumb zstd compression for the Live disc. So, on an a stylish dark theme with which the bundled
drive and attemp to run that. We even modestly fast machine, you’ll notice the applications all integrate beautifully, a traditional
recommend using Etcher from Live environment is more responsive and find menu and a distinctly non-traditional but
https://balena.io/etcher that’s
available for Windows, macOS and
the installation process much quicker. It will eminently useful sidebar. Raven combines an
Linux. Good luck! probably take you longer to answer the applet area, for calendars and configuration
widgets, with a notifications area. It’s a slicker
solution than an overcrowded system tray whose
BOOT THE DISC residents occasionally interrupt you.
Many PCs should boot
We were told the next version of Budgie
automatically if they’re turned on
with a disc in the drive. If not, many would be based on Qt, but this may no longer be
offer an early Boot Menu accessed the case, with Experience Lead Joshua Stobl last
by tapping a key while powering up year suggesting the project would likely use
from cold: F9 (HP), F12 (Dell, GTK4. Either way we’re already excited for Solus
Lenovo), F8 (Amibios) or F11
(Award BIOS). Alternatively, use 5.0. There’s also a new Plasma-based Solus 4.1
the BIOS/UEFI to adjust the boot edition too (as well as new Gnome and MATE
order to start with the optical drive. editions), which almost went on the disc, but our
There are many beautiful backgrounds with Solus, and this
Again, this is accessed by tapping a disc replicators told us too much Plasma on the
tiny picture will never do them justice.
key during power up, usually Del
disc could cause atomic instability.
but sometimes F1 or F2. Some new
IMPORTANT NOTICE!
UEFI PCs require access via
Windows: holding Shift select its
Restart option. If you’re still having
problems using the DVD visit: DEFECTIVE DISCS: For basic help on running the disc or in the unlikely event of your
www.linuxformat.com/
dvdsupport Linux Format coverdisc being in any way defective, please visit our support site at
www.linuxformat.com/dvdsupport. Unfortunately, we’re unable to offer advice on
Mac owners: Hold the C key
while powering on your system using the applications, your hardware or the operating system itself.
to boot from the disc.

AND MORE!
OOH LALA!
MIN SPECS: 2GB MEMORY, 10GB DISK THE LXF LIBRARY
Advanced Bash
OpenMandriva Lx 4.1
Scripting Guide
64-bit Go further with shell scripting.
S
Bash Guide for Beginners
easoned readers will fondly remember a more stock take on the KDE Plasma desktop Get to grips with the basics
of Bash scripting.
Mandrake Linux from back in the day: than its own theme. The latter is, like Solus’
a French distro that had the audacity Budgie theme, a dark affair. Bourne Shell Scripting
to make Linux easy (well, easier, anyway). OpenMandriva is unusual in that the vast First steps in shell scripting.
Mandrake became a cosmopolitan fusion when majority of its packages are compiled with The Cathedral and
it merged with the Brazilian distro Conectiva LLVM-Clang which may offer increased the Bazaar
Eric S. Raymond’s classic text
Linux to form Mandriva Linux in 1998, a distro performance, but mostly makes life easier for
explains the advantages of
that lasted until 2011 – whereupon most of its developers compiling for multiple architectures open development.
developers joined the Mageia project via the (Arm releases are available, and a RISC-V port
Russian ROSA Linux fork. However, Mandriva is on the way). Under the bonnet it offers a The Debian Book
lives on in the form of OpenMandriva Lx, and bleeding-edge 5.5 series kernel, as well as the Essential guide for sysadmins.
like its globe-spanning lineage before, it offers option to install a Clang-compiled kernel, which Dive Into Python
a stylish take on the KDE desktop and lots of you can easily use to test the improved Everything you need to know.
features to make users happy. This latest performance claim. If you have a new AMD Introduction to Linux
release, which pleasingly has the same version processor, you’ll want to download the special A handy guide full of pointers
for new Linux users.
number as Solus, is codenamed Mercury. znver1-optimised build of the ISO, which better
OpenMandriva’s friendly welcome application exploits the capabilities of such hardware. Linux Dictionary
helps introduce new users to the OS and puts The distro switched to Fedora’s DNF package The A-Z of everything to do
with Linux.
various configuration options and common post- manager with the 4.0 release, and includes its
install tasks within easy reach. This is quite half-sister Mageia’s dnfdragora frontend for Linux Kernel in a Nutshell
handy on KDE because there are a number managing this. Packages are zstd-compressed An introduction to the kernel
written by master hacker
of places for such things to hide. One of so installation of new ones is very quick, and you
Greg Kroah-Hartman.
OpenMandriva’s most standout features is its can test this by installing popular applications
selection of desktop themes. It can be made to from the Welcome screen. You’ll find everything The Linux System
look like Windows, Ubuntu or macOS, and has you need is ready to go though. Administrator’s Guide
Take control of your system.
Tools Summary
Overview of GNU tools.
GNU Emacs Manual
Six hundred pages of
essential information!
Producing Open
Source Software
Everything you need to know.
Programming from
the Ground Up
Take your first steps.
Not everyone’s into making Linux videos, but if you are, OpenMandriva includes SimpleScreenRecorder.
NEW TO LINUX? START HERE…

Never used a Linux before? Here are some handy resources:
Read our quick-install guide http://bit.ly/LXFinstall Looking for an answer?
https://askubuntu.com Want to delve more deeply? https://linuxjourney.com

The #1 open source mag
Future Publishing Limited,

Quay House, The Ambury, Bath, BA1 1UA
Email [email protected]
EDITORIAL
LXFon s2ale
Editor Neil Mohr
Underpaid editor Jonni Bidwell
Art editor Efrain Hernandez-Mendoza
Production editor James Price
Group editor in chief Graham Barlow
Senior art editor Jo Gulliver
Editorial contributors
Mats Tage Axelsson, Michael Bedford, Neil Bothwick,
will be
Stuart Burns, Christian Cawley, Sean Conway,
Matthew Hanson, John Knight, Jon Masters, Chris
Tuesday
Notley, Aaron Peters, Nick Peers, Les Pounder,
Mayank Sharma, Shashank Sharma,
Alexander Tolstoy, Mihalis Tsoukalos
7 April
Cartoons Shane Collinge
Cover illustration magictorch.com
Raspberry Pi is a trademark of the Raspberry Pi Foundation.
2020 Tux credit: Larry Ewing ([email protected]) and The GIMP.

ADVERTISING
Media packs are available on request
Commercial sales director Clare Dove
[email protected]
Senior advertising manager Lara Jaggon
[email protected]
Head of commercial – Technology Dave Randall
[email protected]
Account director Andrew Tilbury
SECURE YOUR
[email protected]
INTERNATIONAL LICENSING
Linux Format is available for licensing. Contact the
Licensing team to discuss partnership opportunities.
Head of Print Licensing Rachel Shaw
[email protected]
SUBSCRIPTIONS & BACK ISSUES
LINUX BOXES!
Web www.myfavouritemagazines.co.uk
Email [email protected]
UK 0344 848 2852 World +44 (0) 344 848 2852
CIRCULATION
Head of newstrade Tim Mathers
PRODUCTION AND DISTRIBUTION
Head of production UK & US Mark Constance
Production project manager Clare Scott
Advertising production manager Joanne Crosby
Digital editions controller Jason Hudson
Production controller Nola Cokely
THE MANAGEMENT
Chief content officer Aaron Asadi
Everyone’s out to hack all your Editorial director William Gannon

Brand director Andy Clough
Head of art & design Rodney Dive
stuff: servers, laptops and data. Commercial finance director Dan Jotcham
Printed by Wyndeham Peterborough, Storey’s Bar
Road, Peterborough, Cambridgeshire, PE1 5YS
We help you secure it all. Distributed by Marketforce, 5 Churchill Place, Canary

Wharf, London, E14 5HU www.marketforce.co.uk
Tel: 0203 787 9001
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
GNU/Linux is abbreviated to Linux throughout for brevity. Where applicable code
printed in this magazine is licensed under the GNU GPL v2 or later. See www.gnu.
org/copyleft/gpl.html. All copyrights and trademarks are recognised and respected.
Disclaimer All contents © 2020 Future Publishing Limited or published under licence.
All rights reserved. No part of this magazine may be used, stored, transmitted or
reproduced in any way without the prior written permission of the publisher. Future
Publishing Limited (company number 2008885) is registered in England and Wales.
Registered office: Quay House, The Ambury, Bath BA1 1UA. All information contained in
this publication is for information only and is, as far as we are aware, correct at the time
Linux Format is 20! of going to press. Future cannot accept any responsibility for errors or inaccuracies in
such information. You are advised to contact manufacturers and retailers directly with
regard to the price of products/services referred to in this publication. Apps and
websites mentioned in this publication are not under our control. We are not responsible
for their contents or any other changes or updates to them. This magazine is fully
How did that happen? We drag all the ex-editors kicking and independent and not affiliated in any way with the companies mentioned herein.
If you submit material to us, you warrant that you own the material and/or have the
necessary rights/permissions to supply the material and you automatically grant
screaming into a pub and ask them exactly that. Future and its licensees a licence to publish your submission in whole or in part in any/all
issues and/or editions of publications, in any format published worldwide and on
associated websites, social media channels and associated products. Any material you
submit is sent at your own risk and, although every care is taken, neither Future nor its
employees, agents, subcontractors or licensees shall be liable for loss or damage. We
assume all unsolicited material is for publication unless otherwise stated, and reserve
Education USA style the right to edit, amend, adapt all submissions.
All contents in this magazine are used at your own risk. We accept no liability for any
loss of data or damage to your systems, peripherals or software through the use of any
guide. Notes: Three short deadlines in a row was not fun.
The Raspberry Pi has helped kickstart a UK computer We are committed to only using magazine paper which is derived
from responsibly managed, certified forestry and chlorine-free
manufacture. The paper in this magazine was sourced and
revolution. We look at how that’s being transferred to the USA. produced from sustainable managed forests, conforming to strict
environmental and socioeconomic standards. The manufacturing
paper mill and printer hold full FSC and PEFC certification and
accreditation.
Desktop wars: which is the best? Future is an award-winning international media group and
leading digital business. We reach more than 57 million
international consumers a month and create world-class
content and advertising solutions for passionate consumers
We love a good argument, so tell us why we’re wrong when we online, on tablet & smartphone and in print.
award Gnome or KDE or something else best desktop 2020.
Get into game coding

We kick off a new coding series that promises to teach you Future plc is a public Chief executive Zillah Byng-Thorne
code and how to write games, all at the same time. Madness. company quoted on the
London Stock Exchange
(symbol: FUTR)
Non-executive chairman Richard Huntingford
Chief financial officer Penny Ladkin-Brand
www.futureplc.com Tel +44 (0)1225 442244
Contents of future issues subject to change – we might be too drunk from all the “celebrating”.
98 LXF261 April 2020

9000 00
01

LinuxFormatUK261 - 2020-04

Uploaded by

Copyright:

Available Formats

LinuxFormatUK261 - 2020-04

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

LinuxFormatUK261 - 2020-04

Uploaded by

Copyright:

Available Formats

What are some of the topics covered in the magazine?

What are some of the topics covered in the magazine?

What operating systems are discussed?

What operating systems are discussed?

BUILD A Pi TABLET!

The #1 open source mag

WHO WE ARE ‘containerise’. Part of the issue

Les Pounder Neil Mohr Editor

www.techradar.com/pro/linux April 2020 LXF261 3

AMD Radeon RX 5500 XT 8GB

Linux Lite 4.8 22

Plotting tools 28 The razor’s edge 42

4 LXF261 April 2020 www.linuxformat.com

Scratch and SenseHAT

TERMINAL: Smart delete

LIFEOGRAPH: Dear diary…

GNU RADIO: Home electronics lab

ZABBIX: System monitor

Elasticsearch 92 DOCKER: Nextcloud proxy 74

LINUX: Manage your logs

www.techradar.com/pro/linux April 2020 LXF261 5

GPL’s popularity is waning

A LXF261TheRegister) suggested that

6 LXF261 April 2020 www.linuxformat.com

Mycroft AI targeted by patent troll HOME

I source project has been targeted by a

Good news for Godot Systemd-homed aims to

G powerful open source game engine

www.techradar.com/pro/linux April 2020 LXF261 7

FIXING Lenovo embraces

enovo is the largest PC maker in the affordable computers. Considering Lenovo’s

8 LXF261 April 2020 www.linuxformat.com

www.techradar.com/pro/linux April 2020 LXF261 9

10 LXF261 April 2020 www.linuxformat.com

LINUX USER GROUPS

FIND AND JOIN A LUG Catching a critter

Credit: Mike Hewitt

COMMUNITY EVENTS NEWS

www.techradar.com/pro/linux April 2020 LXF261 11

Q The sound of silence

12 LXF261 April 2020 www.linuxformat.com

It could also be that another program is

idea, unless it is already upside down!

www.techradar.com/pro/linux April 2020 LXF261 13

14 LXF261 April 2020 www.linuxformat.com

Ordering is easy. Go online at:

Great success! Happy news

16 LXF261 April 2020 www.linuxformat.com

LETTER OF THE MONTH

Tape drives have

www.techradar.com/pro/linux April 2020 LXF261 17

The 5500 XT is also available in

www.techradar.com/pro/linux April 2020 LXF261 19

20 LXF261 April 2020 www.linuxformat.com

No ghosts in the machine

www.techradar.com/pro/linux April 2020 LXF261 21

Linux Lite 4.8

Desktop done right

The Welcome screen and several of the options it hosts