JOURNAL Since 1994: The Original Magazine of the Linux Community CELEBRATING 20 YEARS WRITER FROM LJ’S FIRST ISSUE LOOKS BACK AND AHEAD I DIY TWO-FACTOR AUTHENTICATION FOR APACHE AND SSH J ;ii_ican SERVERS • STORAGE • HPC Use the Tails Live Distribution for Extra A Look at the Role of UEFI Secure Boot HOW-TO: Give Irssi Hell with Docker EOF Doc Presents Readers an Assignment for the Future WATCH: ISSUE OVERVIEW If You Use Linux, You Should Be Reading f/«»V JOURNAL T. • Hoi AIDE 1 Nexus 7 I Linux Worms 1 RPi 1 DevOps Unicode 1 AIDE j Nex ^ ^ sponsored by LMIX JOURNAL . ___ o^f ika I inuv Community S,„C.. w'Tk. Ori,l«. M,7.^n. .. .h. unux ^^ WORKING WITH DROID AT RS LU^ Contfo' your own Data with the personal Cloud J D'^?o?Ir SKlv rSoTTRlCK build A PERSON^o SYSTEM oL .11 QrriDlS » In-depth information providing a full 360- degree look at featured topics relating to Linux » Tools, tips and tricks you will use today as well as relevant information for the future » Advice and inspiration for getting the most out of your Linux system » Instructional how-tos will save you time and money Subscribe now for instant access! For only $29.50 per year—less than $2.50 per issue—you'll have access to Linux Journal each month as a PDF, in ePub format, in Mobi format, on-line and through our Android and iOS apps. Wherever you go, Linux Journal goes with you. SUBSCRIBE NOW AT: WWW.LINUXJOURNAL.COM/SUBSCRIBE ...rklvTlOH s DiL ■S ^ = 1 A. 1 flL lie iRT 7X m ]Q SERVERS • STORAGE • HPC 'X ■a A & ^_ J» (Lor>s.t%h- ___ J^J i^-SsJ^ei -s & S-H^^ j. I —& V/'r-Kio.ri>/> ■<-:—^ MBU£Ju£t£ CONTENTS S" FEATURE 62 20 YEARS OF LINUX Bernie Thompson H 4 / MARCH 2014 / WWW.LINUXJOURNAL.COM INDEPTH 76 Docker: Lightweight Linux Containers for Consistent Deveiopment and Depioyment Docker promises the ability to package applications and their dependencies into lightweight containers that move easily between different distros, start up quickly and are isolated from each other. Dirk Merkel 92 The Growing Roie of UEFi Secure Boot in Linux Distributions UEFI Secure Boot: a milestone in defending against malware, bringing added security features to Linux-based distributions. Mark Doran 100 Two-Factor Authentication System for Apache and SSH Implementing a two-factor solution doesn't have to be hard. With a little bit of ingenuity, you can implement a simple, self-contained solution in just a few minutes. James Litton COLUMNS 32 Reuven M. Lerner’s At the Forge TogetherJS 40 Dave Tayior’s Work the Sheii Simulating Dice Rolls with Zombie Dice 44 Kyie Rankin’s Hack and / Tails above the Rest: the Installation 52 Shawn Powers’ The Open-Source Ciassroom A Little GUI for Your CLI 108 DocSearis’EOF Our Assignment KNOWLEDGE HUB IN EVERY ISSUE 8 Current issue.tar.gz 10 Letters 16 UPFRONT 30 Editors’ Choice 58 New Products 123 Advertisers index 74 Webcasts and Whitepapers ON THE COVER • Writer from LJ’s First Issue Looks Back and Ahead, p. 62 • DIY Two-Factor Authentication for Apache and SSH, p. 100 • Use the Tails Live Distribution for Extra Privacy, p. 44 • A Look at the Role of UEFI Secure Boot, p. 92 • How-To: Give Irssi a GUI, p. 52 • Conquer Dependency Hell with Docker, p. 76 • EOF: Doc Presents Readers and Assignment for the Future, p. 108 LINUX JOURNAL (ISSN 1075-3583) is published monthly by Belltown Media, Inc., 2121 Sage Road, Ste. 395, Houston, TX 77056 USA. Subscription rate is $29.50/year. Subscriptions start with the next issue. WWW.LINUXJOURNAL.COM / MARCH 2014 / 5 LINUX JOURNAL Subscribe to Linux Journal Digital Edition for only $2.45 an issue. ENJOY: Timely delivery LMIX JOURNAL Executive Editor Jill Franklin jill@linuxjournal.com Senior Editor Doc Searls doc@linuxjournal.com Associate Editor Shawn Powers shawn@linuxjournal.com Art Director Garrick Antikajian garrick@linuxjournal.com Products Editor James Gray newproducts@linuxjournal.com Editor Emeritus Don Marti dmarti@linuxjournal.com Technical Editor Michael Baxter mab@cruzio.com Senior Columnist Reuven Lerner reuven@lerner.co.il Security Editor Mick Bauer mick@visi.com Hack Editor Kyle Rankin lj@greenfly.net Virtual Editor Bill Childers bill.childers@linuxjournal.com Contributing Editors Ibrahim Haddad • Robert Love • Zack Brown • Dave Phillips • Marco Fioretti • Ludovic Marcotte Paul Barry • Paul McKenney • Dave Taylor • Dirk Elmendorf • Justin Ryan • Adam Monsen Publisher Carlie Fairchild publisher@linuxjournal.com Director of Sales John Grogan john@linuxjournal.com Associate Publisher Mark Irgang mark@linuxjournal.com Webmistress Katherine Druckman webmistress@linuxjournal.com Accountant Candy Beauchamp acct@linuxjournal.com Off-line reading Easy navigation Phrase search and highlighting Ability to save, clip and share articles Embedded videos Linux Journal is published by, and is a registered trade name of, Belltown Media, Inc. PO Box 980985, Houston, TX 77098 USA Editorial Advisory Panel Brad Abram Baillio • Nick Baronian • Hari Boukis • Steve Case Kalyana Krishna Chadalavada • Brian Conner • Caleb S. Cullen • Keir Davis Michael Eager • Nick Faltys • Dennis Franklin Frey • Alicia Gibb Victor Gregorio • Philip Jacob • Jay Kruizenga • David A. Lane Steve Marquez • Dave McAllister • Carson McDonald • Craig Oda Jeffrey D. Parent • Charnell Pugsley • Thomas Quinlan • Mike Roberts Kristin Shoemaker • Chris D. Stark • Patrick Swartz • James Walker Advertising E-MAIL: ads@linuxjournal.com URL: wvvw.linuxjournal.com/advertising PHONE: +1 713-344-1956 ext. 2 Android & iOS apps, desktop and e-Reader versions Subscriptions E-MAIL: subs@linuxjournal.com URL: WWW. linuxjournal.com/subscribe MAIL: PO Box 980985, Houston, TX 77098 USA LINUX is a registered trademark of Linus Torvalds. SUBSCRIBE TODAY! Become a Big Data Master! Over 45 HOW-TO, practical classes and tutorials to choose from! Attend Big Data TechCon! The HOW-TO technical conference for professionals implementing Big Data Come to Big Data TechCon to learn the best ways to: • Process and analyze the real-time data pouring into your organization. • Learn HOWTO integrate data collection technologies with data analytics and predictive analysis tools to produce the kind of workable information and reports your organization needs. • Understand HOW TO leverage Big Data to help your organization today. • Master Big Data tools and technologies like Hadoop, MapReduce, HBase, Cassandra, NoSQL databases, and more! • Looking for Hadoop training? We have several Hadoop tutorials and dozens of Hadoop classes to get you started — or advanced classes to take you to the next level! BigData — TECHCON Boston ABZ Media Event vnoyaD Big Data TechCon Big Data TechCon™ is a trademark of BZ Media LLC. March 31-April 2,2014 www.BigDataTechCon.com Current_lssue.tar.gz A SHAWN POWERS 7,305 Days! P ersonally, I thought it was strange for everyone to make a big deal about such an arbitrary number of days. Then I was told it was the years that were of particular note (20 of them, to be exact), and suddenly thought it seemed insignificant. I mean, 7,305 is a much bigger number! Then people rolled their eyes and left the room. We're excited for our 20th year! And to celebrate, we figured we'd give you a month of Linux- related information, up-to-date news, fun articles and boat loads of tips. It's been our thing for 20 years, and it seemed like a silly time to stop! Reuven M. Lerner kicks off this System Administrator- focused issue with togetherness. Specifically, togetherness supported by TogetherJS. With TogetherJS, you can add real-time collaboration to your Web apps. If you need to write apps that allow remote individuals VIDEO: Shawn Powers runs through the latest issue. to collaborate on particular projects, this article is for you. Dave Taylor steps back into the gaming world as he starts us off on a quest for Zombie Dice. I don't think we'll actually script brain- munching game pieces, but Dave proves that story problems really were important in school. Let's dive in and figure out the game as Dave describes how to create it. Kyle Rankin has a game of his own this month, and that game is security. Okay, maybe it's not a game, but it was a good segue, so I'm going to keep it. Kyle demonstrates Tails, which is an entire Linux distribution designed to route all traffic through the TOR network. It does even more, but I'll let Kyle explain the rest. I decided to open up my personal laptop a bit and explain how I use a GUI notification system on my remote Irssi IRC program. Using Irssi in a screen session is such an incredible way to chat that I'm unwilling to move to another client. Unfortunately, I can't always see my terminal window when working, so 8 / MARCH 2014 / WWW.LINUXJOURNAL.COM CURRENT ISSUE.TAR.GZ I miss important notifications. This month, I show you my solution. Hint: it's nerdy. Then we have Bernie Thompson back to celebrate our 20 years of Linux. You may remember Bernie wrote in the very first issue of Linux Journal, comparing Linux to Windows and OS/2. In this issue, he looks at where things have gone during the past two decades, and where things are going in the future. Linux was cutting edge 20 years ago, and today? Still on the forefront of technology. Virtualization has changed the way we think of computers. As with any incredible idea, it has evolved and even sparked new technologies like LXC, or Linux Containers. Dirk Merkel shows us Docker this month. If you need lightweight Linux containers, and want them to be consistent and easy to deploy, you'll want to read this article. Dirk not only shows us the why, but also the how. Every system administrator needs to be familiar with the latest security- related features of Linux and the hardware it supports. Mark Doran discusses UEFI Secure Boot this month, as it's becoming more and more prevalent and important in our corner of the tech world. Whether you prefer simply to disable Secure Boot or want to leverage a distribution that supports it, Mark's article will arm you with knowledge. And like G.l. Joe told us all those years ago, knowing is half the battle! Last, but certainly not least, James Litton shows how to implement two-factor authentication on Web sites and SSH servers. If you thought implementing two-factor auth was too complicated for your own purposes, think again. James demonstrates that with a little bit of scripting, it's as easy as 1-2-3. (But please don't use "123" as your password, even with two-factor auth.) Like every other issue during the past 20 years, this one is full of tech tips, product announcements and thought-provoking content. I've only been part of the staff here at Linux Journal for a little less than half the past 20 years, but I've been a reader for almost the entire 20. As a community, we've grown more and more passionate through the past two decades, so I very much look forward to the next 20 years—or 10,519,200 minutes, whichever you prefer.* Shawn Powers is the Associate Editor for Linux Journal. He's also the Gadget Guy for LinuxJournal.com. and he has an interesting collection of vintage Garfield coffee mugs. Don’t let his silly hairdo fool you. he’s a pretty ordinary guy and can be reached via e-mail at shawn@linuxjournal.com Or. swing by the Minuxjournal IRC channel on Freenode.net. WWW.LINUXJOURNAL.COM / MARCH 2014 / 9 letters r LINUX JOURNAL Sine* 1ff4' Th» Original Haganna gl tha Linux Community SOLID-STATE DRIVES Are They Worth K? HOW TO HARDEN YOUR SSH CONNECTIONS V_ SSDs, I Regarding Brian Trapp's interesting article on SSDs ["Solid-State Drives— Get One Already" in the January 2014 issue], there's one thing I would like to know. Mr Trapp should have been more elaborate on this: how does he reconcile his remark on TRIM and RAID setups with this: http://serverfault.com/questions/ 508459/implementing-linux-fstrim- on-ssd-with-software-md-raid?? note. My assertion that SSDs, TRIM and RAID are a bad combination was indeed incomplete. Never bet on Linux not having a feature for long! If you're using hardware-based RAID (using the RAID feature built in to your motherboard's BIOS, a standalone RAID card or a RAID on a NAS device), TRIM support still is probably not going to work. Intel seems to be working hard on the RST chipsets, but check the notes for your specific driver carefully. On the other hand, if you're using software-based RAID, the picture is much prettier! According to the 3.7 Linux kernel notes ('http://kernelnewbies. 0 rg/Linux_ 3 . 7 , December 2012), TRIM was added to mdadm for modes 0, 1 and 10! Thanks for the pointer. I'm going to try a RAID 1 on my workstation the first chance I get! I have a RAID 1 setup running on an SSD, which works perfectly well with fstrim. —^jouthuis Brian Trapp replies: Thanks for your SSDs, II I did a lot of research on SSDs and found "The SSD Endurance Experiment" by Tech Report, Geoff Gasior. There are several parts to the report with the last one on 10 / MARCH 2014 / WWW.LINUXJOURNAL.COM [ LETTERS ] 300TB testing on six SSDs. The results are impressive. —Roman Brian Trapp replies: Thanks for the link Roman! While the 200TB update came out after I had already written the article, it is a good resource for data on how the extreme upper end of write loads affect SSD performance and endurance. Usability, I The article "It's about the User: Applying Usability in Open-Source Software" by Jim Hall in the December 2013 issue was fantastic! I work for the US government, and usability is a significant issue that has plagued many of our software projects. The GNOME Human Interface Guide (HIG) provides on-target usability responsibilities, and I even used it as the foundation for a government software HIG several years ago. While the GNOME HIG is great, it lacks many of the key points made by Jim. Maybe GNOME 3 would have ranked higher in the 2013 Best Desktop Environment category if the HIG had a stronger emphasis on user testing. Speaking of user testing, I can't figure out one element of Jim's Gedit test—that is, how do you change the default font in Gedit? —Peter Cook Jim Hall replies: Thanks for your comments! Your question about how to change the default font highlights a usability issue in Gedit. From my usability test, all UNUXJOURNAL ARCHIVE DVD NOW AVAILABLE www.linuxjournal.com/dvd WWW.LINUXJOURNAL.COM / MARCH 2014 / 11 [ LETTERS ] Figure 1. Gedit Preferences participants either were unable to change the default font in Gedit, or they experienced extreme difficulty in doing so. I conducted my usability test with Fedora 17 and GNOME 3.4, and in that version of Gedit, there was a Preferences menu item under the Edit menu. In the current version of GNOME (3.10), the Preferences menu item is located under the gedit application menu in the top bar. Prom the Font & Colors tab, you can set the default font for Gedit. See Figures 1 and 2 for screenshots using Fedora 20 and GNOME 3.10. Usability, II Jim Hall's article on usability testing in the December 2013 issue was excellent! I have done some of the things he mentions, and one thing in particular is really important: when you have a user struggling during the testing, don't jump in to "fix" it. The problem is not the user; the problem is the program, particularly when a number of people face the same issues. Another example I found that agreed with my experience is regarding the use of "hot corners". I have always found that the biggest annoyance. Figure 2. Font Tab and I cannot imagine it got in with gedit Preferences View Editor f Font & Colors Plugins Font LJ Use the system fixed width font (Monospace 11) Editor font: Inconsolata Medium 12 Color Scheme Classic - Classic color scheme Cobalt - Blue based color scheme Kate ^ Color scheme used in the Kate text editor ObUvion - Dark color scheme using the Tango color... Tango - Color scheme using Tango color palette + - Help Close 12 / MARCH 2014 / WWW.LINUXJOURNAL.COM [ LETTERS ] the help of any usability testing. As an experienced user, I know I can find the place to turn it off (and I always do), but it exemplifies to me the problem with software designed by developers for developers. Open source has a culture that puts the developer at the top of the pyramid, with users at the bottom, and hot corners is a result. We are at the point where often the open-source alternative is every bit as functional as the proprietary software, but cannot get traction because of usability issues. This is the next frontier for open source if we really want to take over. And since Microsoft seems to have committed a huge usability blunder with Windows 8, we have a shot, but only if we can provide an alternative that is easier for people to use. —Kevin O'Brien Jim Hall responds: While GNOME was not a focus of my usability test, almost every participant experienced problems with the GNOME hot corner. This usually occurred right away in the first task, when testers first tried to use the menus. They would often "overshoot" the menu and activate the hot corner instead. Although testers were able to recover from this pretty guickly it definitely caused unexpected problems during the test. During the usability tests, I kept a running log of comments made and actions performed by the participants. When they accidentally activated the GNOME hot corner, participants were immediately confused, asking "What just happened?" or exclaiming "Whoa!" or "Oops!" One user became so frustrated, he started swearing at the computer whenever he hit the hot corner. Td like to make 2014 the year of usability in open-source software. Even proprietary software has usability issues (the dramatic change to the Windows 8 desktop is one obvious example), but I want to focus on open-source software. Tm glad you share this enthusiasm! Please bring this energy to your favorite open-source software project to help find and fix usability issues. This will help everyone who uses open-source software, and together we can make Linux even better! Automating Passphrases in Encrypted Volumes Thanks to Shawn Powers for his "Encrypting Your Cat Photos" article in the January 2014 issue. I'd like to share a solution to a problem I face while working with encrypted volumes in the cloud. The problem is how to automate entering passphrases when accessing encrypted volumes; in my case, access is WWW.LINUXJOURNAL.COM / MARCH 2014 / 13 [ LETTERS ] done from a script, and users cannot be prompted. I'm using this command to solve the problem: cryptsetup --key-file $pass_file luksOpen ^$vol_name my_volume Before calling it, I copy $pass_file, which contains the passphrase. Then I delete the file. This is not very secure method. I wonder if there is a better way to do it. —Evgeni Stavinov That is, unfortunately, an issue with encrypting a filesystem. The only solution I know for non¬ interactive decryption is what you are doing, which is to have a password file. Usually, that's a file stored with protected permissions somewhere on a system, but of course, you see the problem, the password is in a file! Tm not sure how you're copying the password file, but if it were me. I'd temporarily copy the file (with secure permissions of course) to a ramdisk so the file isn't recoverable from the hard disk. There's no great answer Tm aware of, however.—Shawn Powers WRITE LJ A LETTER We love hearing from our readers. Please send us your comments and feedback via http://www.iinuxjournai.com/contact. PHOTO OF THE MONTH Remember, send your Linux-related photos to ljeditor@linuxjournal.com! LINUX JOURIAl fit Your Service SUBSCRiPTiONS: Linux Journal is available in a variety of digital formats, including PDF, .epub, .mobi and an on-line digital edition, as well as apps for iOS and Android devices. Renewing your subscription, changing your e-mail address for issue delivery, paying your invoice, viewing your account details or other subscription inquiries can be done instantly on-line: http://vwvw.linuxjournal.com/subs. E-mail us at subs@linuxjournal.com or reach us via postal mail at Linux Journal, PO Box 980985, Houston, TX 77098 USA. Please remember to include your complete name and address when contacting us. ACCESSING THE DIGITAL ARCHIVE: Your monthly download notifications will have links to the various formats and to the digital archive. To access the digital archive at any time, log in at http://www.linuxjournal.com/digital. LETTERS TO THE EDITOR: We welcome your letters and encourage you to submit them at http://www.linuxjournal.com/contact or mail them to Linux Journal, PO Box 980985, Houston, TX 77098 USA. Letters may be edited for space and clarity. WRITING FOR US: We always are looking for contributed articles, tutorials and real-world stories for the magazine. An author's guide, a list of topics and due dates can be found on-line: http://www.linuxjournal.com/author. FREE e-NEWSLETTERS: Linux Journal editors publish newsletters on both a weekly and monthly basis. Receive late-breaking news, technical tips and tricks, an inside look at upcoming issues and links to in-depth stories featured on http://www.linuxjournal.com. Subscribe for free today: http://vvvvw.linuxjournal.com/ enewsletters. ADVERTISING: Linux Journal is a great resource for readers and advertisers alike. Request a media kit, view our current editorial calendar and advertising due dates, or learn more about other advertising and marketing opportunities by visiting us on-line: http://ww.linuxjournal.com/ advertising. Contact us directly for further information: ads@linuxjournal.com or + 1 713-344-1956 ext. 2. r 14 / MARCH 2014 / WWW.LINUXJOURNAL.COM OUR EIGTH YEAR lATTEND FLOURISH Inspiring talks” ILLUMINATING WORKSHOPS FLOURISH! S OPEN SOURCE. OPEN FUTURE LINUX JOURNAL T/R/E/E {technologygroup } UNIVERSITY OF ILLINOIS AT CHICAGO UlC Department of Computer Science COLLEGE OF ENGINEERING FRONT NEWS + FUN diff -u WHAT’S NEW IN KERNEL DEVELOPMENT Linus Torvalds is planning to put out Linux version 4.0 in a year or so, and he mentioned it by way of explaining why he wanted to do it and what he hoped would happen when he did. Apparently, his main reason to go from 3.x to 4.x is to avoid the 3.x minor numbers going up above the teens. He said, "I'm ok with 3., but I don't want us to get to the kinds of crazy numbers we had in the 2.x series." That's no joke. The 2.1 .y series got up to 2.1.132, and there were complaints. So, why announce it now, if 4.0 is a year or two away? Linus said he hoped the 4.0 kernel could be a "stabilization" release, where everyone contributed bug-fixes only. By announcing it early, he hoped everyone gradually would get used to the idea, and that perhaps there would be at least a very slim chance of success. He said, "I may be pessimistic, but I'd expect many developers would go 'Let's hunt bugs....Wait. Oooh, shiny' and go off doing some new feature after all instead. Or just take that release off. But I do wonder...maybe it would be possible." Clearly his thinking has come a long way from the old 2.x days, when long periods of stabilization were official policy—and the source of much developer angst. Even now, most responses were opposed to making 4.0 a "stabilization" release. But, that could have less to do with a general dislike of bug-fixing and more with the fact that a large culture of stabilization has emerged in the wake of the 2.6 tree's abandonment of stabilization efforts nearly altogether. Originally Linus was supposed to hand off the 2.6 tree to Andrew Morton, who would maintain it as a stable tree while Linus forked off a 2.7 development series. Instead, Linus stayed in control of 2.6, never forked a development tree, and just started taking development patches in 2.6 instead. Thus endeth the x.even/x.odd development paradigm for stable and development kernels. In place of this, in those long-ago days, Linus said that really the Linux distribution folks were the natural ones 16 / MARCH 2014 / WWW.LINUXJOURNAL.COM [UPFRONT] to handle stabilization. They typically heavily patched the Linux kernel anyway, so they had a process in place and the motivation to keep their users from hitting bugs. But that didn't really seem like enough, so Andrew converted his beloved and popular -mm tree into what is now called the linux-next tree. Before the switch, the -mm tree was simply the collection of patches Andrew intended to feed up to Linus. But he was so prolific, and collected so many patches from other developers, that the -mm tree already had started to become a natural staging area for many patches that were on their way to the official tree. And, a lot of people ran the -mm kernel on their home systems because they liked it better. Renaming it linux-next simply formalized that identity and gave code a place to live, and more important, it allowed it to be tested by a large number of users before heading up to Linus. Greg Kroah-Hartman and some others also started their own stabilization effort, in which they would fork off each official release and put out a few more official versions of that release consisting of bug-fixes Powerful: Rhino Rhino M4700/M6700 • Dell Precision l\/14700/l\/16700 w/ Core i7 Quad (8 core) • 15.6"-17.3" FHD LED w/ X(5)1920xl080 • NVidia Quadro K5000IVI • 750 GB - 1 TB hard drive • Up to 32 GB RAM (1866 MHz) • DVD±RW or Blu-ray • 802.11a/b/g/n •Starts at $1375 • E6230, E6330,E6430,E6530 also available • High performance NVidia 3-D on an FHD RGB/LED • High performance Core i7 Quad CPUs, 32 GB RAM • Ultimate configurability — choose your laptop's features • One year Linux tech support — phone and email • Three year manufacturer's on-site warranty • Choice of pre-installed Linux distribution: ✓ - [Tablet; Raven — Raven X230/X230 Tablet • ThinkPad X230/X230 tablet by Lenovo • 12.5" HD LED w/ X@1366x768 • 2.6-2.9 GHz Core i7 • Up to 16 GB RAM • 750 GB hard drive / 180 GB SSD • Pen/finger input to screen, rotation •Starts at $1920 • W530, T430, T530, XI also available Rugged: Tarantula Tarantula CF-31 • Panasonic Toughbook CF-31 • Fully rugged MIL-SPEC-810G tested: drops, dust, moisture & more • 13.1" XGATouchscreen • 2.4-2.8 GHz Core i5 •Up to 16 GB RAM • 320-750 GB hard drive / 512 GB SSD • CF-19, CF-52, CF-H2 also available EmperorLinux .where Linux & laptops converge www.EmperorLinux.com 1-888-651-6686 Model specifications and availability may vary. [UPFRONT] only. For example, after Linus put out 2.6.39, Greg and his fellows put out 2.6.39.1 through 2.6.39.4, all with stabilization fixes and security patches. When Greg started this work, Linus' nickname for it was the "sucker's tree" because of the unfathomable amount of work required. Both Andrew's linux-next and Greg's stable tree persisted into the 3.0 time frame and continue to be a primary means of stabilizing the official kernel tree. Any patches going into Greg's stable tree, for example, must be accepted into Linus' tree first. That may sound odd, but it actually prevents the same bug from cropping up again and again in new official releases. Even with the patches going into Linus' tree, Greg's stable series is still valuable, because it has the fixes, the whole fixes and nothing but the fixes, which means Greg's tree becomes more and more stable while Linus' continues to gallivant off in development-land. Greg also occasionally designates one of his forks as "long-term stable", which means he intends to put out more than just a few stabilization releases, but will continue to maintain it for maybe a year or longer. The choice of which official release will become "long-term stable" is a source of much ongoing speculation, because distributions like to organize their ongoing work around a particular kernel as early as possible—in fact, earlier than Greg typically picks out a new "long-term stable" candidate. But, that is another story. The point is, stabilization efforts have risen up to fill the gaps left by Linus' decision to abandon stabilization efforts in the main kernel tree. And as a result, his concept of 4.0 as a "stabilization" release doesn't seem to strike anyone as very important. Actually, Linus didn't completely abandon stabilization as a goal. Each release cycle includes a final release- candidate process that focuses on stabilization for a couple weeks before the official release comes out. But, this brief stabilization window was exactly why certain people didn't like his 4.0 stabilization idea. Olof Johansson, for example, said that instead of dedicating a whole release to stabilization, why not just extend the stabilization window of the previous release? There were other objections. Ingo Molnar and Greg both felt that the release before 4.0, "would also probably be a super-stressful release to maintainers, as everyone would try to cram their feature in there". And Greg remarked, "I see it today when people are trying to guess as to what the next 18 / MARCH 2014 / WWW.LINUXJOURNAL.COM [UPFRONT] long-term-stable kernel is going to be, and they throw things in that are half-baked just because they know they can 'fix it up' later." Ingo also said that a better way to make the official kernel more stable would be for maintainers to put more pressure on developers to submit fixes to known bugs before sending in patches implementing new features. Ingo pointed out that Linus rarely got patches directly from the developer who created them, and that these patches typically went through at least a maintainer and possibly another person above them, before reaching Linus. So Ingo didn't feel that Linus could have much direct influence over the stabilization process anyway. He concluded, "why not just do what worked so well for v3.0 and afterward? Keep the existing process in place." And Greg pointed out that his stabilization forks were actually very successful. He pointed out that 4,000 bug-fixes went into the 3.0.x stable releases, which he felt indicated that developers in general already took stabilization very seriously. He suggested that trying to focus on stabilization for a single 4.0 kernel release would not be as useful as evangelizing good practices for submitting code to Greg's stable trees. The discussion continued for a bit, but for the moment, Linus had nothing to add. It seems as though he does want to improve the stabilization process for the official kernel in some way. Maybe he'll do it with a push for stability in 4.0, and maybe he'll try something else that runs more along the lines of supporting existing stability efforts.— zackbrown They Said It We would spend many hours taking turns trying to rescue the princess and overthrow Bowser. We bonded over 8-bit technology and room temperature fizzy drink. — B. T. Hogan Nothing of me is original. I am the combined effort of everybody I've ever known. —Chuck Palahniuk Wanting to be someone you're not is a waste of the person you are. —Kurt Cobain No one can be right all of the time, but it helps to be right most of the time. —Robert Half [Television is] the triumph of machine over people. —Fred Allen WWW.LINUXJOURNAL.COM / MARCH 2014 / 19 [UPFRONT] Non-Linux FOSS; Wampserver I'll be honest, the first thing that drew me to Wampserver was the name. Although it's just a continuation of the LAMP acronym for Linux, Apache, MySQL and PHP, there's something about that name that makes me smile. Anyway, Wampserver is an application for Windows that provides Apache, PHP and MySQL in a single manageable package. Wampserver includes a single installer for all the components and an interface for controlling them (Figure 1). Although it certainly makes sense to use Linux for hosting an Apache-based Web server, if you're in a situation that requires you use Windows, Wampserver is a perfect way to install what is normally a fairly complex set of applications. Wampserver installs all open-source software on your Windows machine, and is itself open-source software as well. It's available from SourceForge or directly from the Wampserver Web site: www.wampserver.com.— SHAWN powers Apach'e ► StartvReELime Service ■ Stop Service ^ Re&tart Service ► Te&tPortSO Install Service ^ Remove Service Apache modules Alias directories Q httpd.conf Q Apache error log 0 Apa che access log Powered by After Way 1 1 ^ Localhost ^ phpMyAdmin WWW directory j N D PHP ► B MySQL ► Debug ^1 (2 Client XDebug ptl webGrind & Quk:k Admin Start All Services 1 Stop All Services Restart All Services Put Online Figure 1. Wampserver Interface 20 / MARCH 2014 / WWW.LINUXJOURNAL.COM [UPFRONT] Terminator Kyle Rankin demonstrated the advantage of splitting terminal windows in previous issues. If you'd like a simple, graphical way to split your terminal window, look no further than Terminator (http://gnometerminator. blogspot.com). Split screens and keybindings can be saved for quick setups, and it's simple to create a grid of terminal windows or a combination of large and small screens. If you've ever opened multiple terminal windows and tried to arrange them so you could see them all. Terminator will make your life a lot easier. Even if you've never tried a split-window setup, the ease and simplicity Terminator offers might make you a believer. It did for me! —SHAWN POWERS WWW.LINUXJOURNAL.COM / MARCH 2014 / 21 [UPFRONT] Android Candy; Humans, Run! Whether you're a fan of the shambling brain- munchers or you prefer your undead to sprint from victim to victim, zombies are amazingly popular. In an ironic twist, the most unhealthy members of humanity, or former members, can help you become the healthiest! "Zombies, Run!" is an application for your Android phone that uses GPS and your music collection to help motivate you to exercise. A slim waist and a great beach body might be enough to get you running, but how about the sounds of an approaching zombie horde? It's a twisted motivator, but it really works! The application isn't free, but at $7.99 (or less if you find it on sale), it costs about as much as an extra-large frozen mocha latte. Both investments will affect your health, but in this case, the zombies are far better for you. Check it out at https://www.zombiesrungame.com. —SHAWN POWERS 22 / MARCH 2014 / WWW.LINUXJOURNAL.COM [UPFRONT] Spelunking with Linux Mapping is ordinarily a complex task— just consider all the available software to help maintain and generate maps. And, that's only for mapping in two dimensions. Maintaining and generating maps of caves bumps this complexity up a notch. Caves exist in all three dimensions. So any mapping software needs to keep track of volumes rather than areas. There are not very many options that can handle this task. Luckily, one available package can do this job very well: Therion (http://therion.speleo.sk/ index.php). Therion is an open- source program, released under the GPL and available for Windows, Mac OS X and Linux. Most distributions should have a package available, or you always can download the source and build it from scratch. In Debian-based distributions, you can grab it with the command: sudo apt-get install therion Once it is installed, you can find it in your desktop environment's menu system, or run xtherion from a terminal window. When you first start up Therion, you essentially get a blank canvas. You can open an existing file or create a new one to begin working. Let's start by creating a new project. You can click the File^New menu entry or press Alt-N. Therion then asks you to enter a name for your new project. This name should end with .th. You end up with two black panes as the main part of the interface. On the far right, there are a number of sub-panes, with the settings pane opened. Here you can set the working directory for your current project and the related configuration file. You also can set command¬ line options, and there is a compile button, which I'll discuss shortly. The main interface is actually composed of three separate windows. You start in the first one, the "Text Editor". There is also a "Map Editor" window and a "Compiler" window. They are accessible two ways. The first is by using the menu. The window entries are located under the main menu entry Window. There also are keyboard shortcuts for each of them. You can bring up the text editor with FI, the map editor with F2 and the compiler with F3. Let's start with the text editor. The first step is to define the survey WWW.LINUXJOURNAL.COM / MARCH 2014 / 23 [UPFRONT] Figure 1. The main window that comes up when you first start Therion. for this project. Since this is just a quick tutorial, let's just use the name "examplelIn the text editor window (press FI to bring it up), enter the following text: survey examplel endsurvey Between these two lines is where you need to enter your survey data. You could enter this data manually, but usually, it would have been collected using some other system. One example of this is using PocketTopo to go and collect the survey data directly in the field. If you don't have any data available, you can get some on-line. There is a very good tutorial at the Cave Surveying Group (http://cp.cavesurveying.org.uk/ index, php/articles/3-therion-tutorial). It also includes some example data you can use while you are learning to use Therion. Let's use the example file bpwth.txt. In the text editor window, add 24 / MARCH 2014 / WWW.LINUXJOURNAL.COM [UPFRONT] Figure 2. The survey data is simply a list of data points. an extra blank line between the two lines you already entered, and place the cursor on this new blank line. Now you can click on the menu entry File^lmport and select the file bpwth.txt. This will import the data you are going to plot. Once you have all of your data imported, you need to save it to a file. Because the project's name is examplel, name the text file examplel .th. The next step is to run the compile stage to process all of this data. Press F3 to switch to the compile window. You need to give the compiler some options so that it knows what to do, so open a new configuration file by either clicking the menu item File^New or pressing Alt-N. The default filename that comes up is thconfig. To keep things clean, name the file thconfig.the, and save it in the same location as the text file you created earlier. Click in the top pane to set the focus there, and enter the following text: source examplel.th export model -fmt survex -o examplel.3d WWW.LINUXJOURNAL.COM / MARCH 2014 / 25 [UPFRONT] Figure 3. The log of results from the compile shows up in the lower pane of the main window. The first line tells Therion where the data is to compile. The second line tells Therion what file format to use to save the compiled model. In this particular case, the model is being saved in Survex 3D format. Therion supports several different file formats. With this information in the system, you now can go ahead and compile your model. You can press F9 or click the menu entry File^Compile. Therion will process your model and write out details in a log, which is displayed in the lower pane. So, what does this look like? Luckily, Therion includes a viewer called Loch that can handle Survex 3D files. You should have an entry for it in the menu system for your desktop environment. You also can start it up from a terminal window with the command loch. It uses OpenGL to draw the three-dimensional model of your cave data. There is also another program called Aven that you can use to visualize the cave data. 26 / MARCH 2014 / WWW.LINUXJOURNAL.COM [UPFRONT] Ftfe View Too is Heip S SP J3- :] « n A + T >iia?|i*.||0||!..l » Altitude ^ 15 m 13 m 11 m 9 m 7 m 5 m 3 m 1 m -1 m -4 m -G m I 000" +90" t examplel.3d Figure 4. Loch is one of the viewers for 3-D files available from Therion. Figure 5. You also can use Aven to view 3-D files generated from Therion. WWW.LINUXJOURNAL.COM / MARCH 2014 / 27 [UPFRONT] Figure 6. You can import map data from PocketTopo into Therion. The last window to look at here is the map editor. For this example, let's switch to the map editor by pressing F2. Add a new file by clicking the menu item File^New and save it with the filename examplel .th2. The file ending .th2 is the default for mapping files in Therion. You can add images from several different file formats to your map, but in this case, let's add data from the PocketTopo export data. Click the menu entry Edit^lnsert Image, and change the file type to "PocketTopo therion export". Select the same sample data file as before. bpwth.txt. You will end up with a very nice layout of the cave that was surveyed with PocketTopo. You then can edit this map, adding points, lines and areas. Hopefully, you now will be able to plan safe and rewarding trips into your local caves with Therion. With more and more publicly accessible caves using Therion, you will have a growing set of information available before you ever leave home. Don't forget to check out the other tutorials available on-line to learn all of the other great things you can do with Therion. —joey Bernard 28 / MARCH 2014 / WWW.LINUXJOURNAL.COM 11th Annual 2014 High Performance Computi Linux for Wall Street show and conference April 7,2014 (Monday) Roosevelt Hotel, NYC Madison Ave and 45th St, next to Grand Central Station HPC, Data Centers, Networks, Low Latency, Big Data, Cloud, Optimization, Linux, at 2014 HPC, April 7, Roosevelt, NYC. Wall Street will be coming to see these systems live at the show. W all Street and New York will be coming to the 11 th Annual Wall Street IT marketplace at one time and one place in New York, April 7, Monday. Register and attend this major iT event covering HPC, Data Centers, Networks, Switches, Low Latency, Big Data, Cloud, Optimization, Linux, Cost Savings, and Operational Efficiencies. Our Show is an efficient one-day showcase and networking opportunity. Register in advance and save $100. Includes general sessions, drill¬ down sessions, industry luncheon, exclusive show viewing times, post-show receptions. In advance; $295. On-site: $395. Don’t have time for the fuii Conference? Attend the free Show. Register in advance at: www.flaggmamt.com/linux Wall Street IT speakers and Gold Sponsors will lead drill-down sessions In the Grand Ballroom of the convenient Roosevelt Hotel. Show Hours: Mon, April 7 8:00 - 4:00 Conference Hours: Mon, April 7 8:30 - 4:50 2014 Sponsors iiliiilii CISCO redhat. ARISTA SAB ^ DataDirect N N.I C T \A/ D ^ SaiiTisk Lb Leading vendors will be Introducing their latest financial services systems at this One-Day Conference for Wall Street registrants. UNUX NEW MEDIA The PuIm of Open Soum > mm ADMI COMMUNICATIONS ^ARKETSMEDIA ji^sis!! HPCi (^ ^^r ceMedia Show & Conference: Flagg Management Inc 353 Lexington Avenue, New York 10016 (212) 286 0333 fax: (212) 286 0086 flaqqmqmt@msn.com www.flaggmgmt.com/linux [EDITORS’ CHOICE] Alice, the Turtle of the Modern Age (Image from http://www.alice.org) Many of us grew up with LOGO, the kid-friendly programming language that guided a little turtle around a screen. Yes, it was simplistic. Yes, it taught only the very basics of programming concepts, but it also inspired an entire generation of programmers. The applications you run every day were written by people who steered a digital turtle around a screen in third grade. Alice is a project from Carnegie Mellon University that allows new programmers to use a drag-and-drop interface to create 3-D scenes and perform programmatic results without typing any code. The Alice Project has evolved through the years, and it's currently on version 3. The code is freely downloadable and is available for Linux, Mac and Windows. Although the LOGO programming language allowed for some lengthy instructions for the turtle, it was limited. Alice, on the other hand, uses the animation environment to teach amazingly complex programming concepts. By utilizing an environment where syntax is dragged as opposed to typed, it takes "typos" out of the equation. It's hard to describe just how complex the programming can be with Alice, so I urge you to download it or at least visit the Alice Project at http://www.alice.org. For doing its part in producing the next generation of programmers, while (at least in my mind) continuing the legacy of a small digital turtle from my youth, Alice gets this month's Editors' Choice Award.— SHAWN POWERS 30 / MARCH 2014 / WWW.LINUXJOURNAL.COM O'REILLY Fluent CONFERENCE The Web Platform San Francisco, CA | March 11-13,2014 "Fluent is one of the best informational and networking events in technology. From the keynote presentations to the after-hours meet and greets, every event was well thought out and executed. I will be back next year." -Aaron Biggs, University of Oklahoma Does Your Future Depend on the Web Platform? You bet it does. Ifyou're building web applications, designing for mobile devices, or working with the web's evolving infrastructure, you need to keep up with the enormous proliferation of web technologies. At Fluent, you'll find workshops, tutorials, and sessions on all aspects of the Web Platform, including JavaScript, FITML5, WebGL, CSS3, mobile APIs, Node.js, AngularJS, ECMAScript 6, and more. We're even partnering with WebPlatform.org and hosting a Document Sprint. It's everything you need to stay competitive. Don't miss your chance to be a part of the web's evolution. Build your custom Fluent schedule around exciting talks on topics like: ©2014 O'Reilly logo is a registered trademark of O'Reilly Media, Inc. #14136 ■ Front End Frameworks and Libraries ■ FITML5, CSS3, and Browser Technologies ■ Node.js ■ Pure Code and JavaScript ■ The Leading Edge ■ The Server Side ■ Tools, Platforms, and APIs ■ User Interface / User Experience ■ FITML5 Gaming Fluent IS closer than you think Save 20% with code LINUX20 fluentconf.com COLUMNS AT THE FORGE Together JS REUVEN M. LERNER Want to add real-time collaboration to your Web application? Mozilla’s TogetherJS is worth a look. When Tim Berners-Lee invented the World Wide Web more than 20 years ago, he did it in the hopes that physicists would be able to collaborate easily with one another over the Internet. Since then, the Web has grown and morphed into a new medium that handles everything from newspapers to finance to supermarkets. And yet, although we can marvel at the large number of things we can do on the Web nowadays, the original idea that drove it all, of collaboration, is still a bit of a dream. Sure, we have sites like GitHub, which provide a Web interface to the Git version-control system. And of course, we have plenty of writing systems, such as WordPress, that allow a number of people to create (and publish) documents. And there's also Facebook, which sometimes can be seen as collaborative. But if you really think about it, we still don't have the sort of seamless collaboration we originally thought might be possible via the Web. Sure, I can work on something, hand it to others, and then work on it again when they are done with it, but it's still relatively rare to have collaborative tools on-line. Perhaps the most sophisticated and widespread example of real-time, Web- based collaboration is Google Docs (now known, I think, as Google Drive). It's true that Google's applications make it possible for you to store your documents in the cloud, as people now like to say. And it's certainly convenient to be able to read and write your documents from anywhere, so long as you have access to a Web browser. But for me, the real power of Google Docs is in the collaboration. Many different people can work on the same document, and they even can do so at the same time. I found this sort of collaboration to be invaluable when I had to work with several other people to put together a budget on a project several years ago. The fact that we could all, from our own computers. 32 / MARCH 2014 / WWW.LINUXJOURNAL.COM 1 COLUMNS AT THE FORGE edit the same spreadsheet in real time was quite useful. There are a number of open- source alternatives to Google's word processor as well. Etherpad was released as an open-source project after its authors were acquired by Google several years ago. You can download and install Etherpad on your own, or you can take advantage of one of the existing Etherpad servers on-line. Another interesting application is Ace, a browser-based programming editor with impressive collaborative abilities. Now, I never would claim that all collaboration needs to be in real time. There are many examples in the open-source world of people communicating and collaborating asynchronously, using e-mail and Git to work together—often quite effectively, without the bells and whistles that real-time collaboration seems to offer. However, for many of us, collaboration without a real-time component is always missing something. It would be great for me not only to be able to talk to someone about a Web site, but also to look at it (and edit its content) along with them, in real time. Yes, there are screen-sharing systems, such as VNC, Join.me and ScreenHero, but they require that you install something on your computer and that you activate it. That's why I have become interested in a project sponsored by the Mozilla Foundation known as TogetherJS. As the name implies, TogetherJS is a JavaScript-based, real-time collaboration system. The most impressive thing, in my opinion, is how much TogetherJS provides out of the box, with little or no configuration. It allows you to make your site more collaborative by adding some simple elements to each page. So in this article, I want to look into TogetherJS—what it does, how you can add it to your own sites, and how you even can connect your application to it, creating your own, custom collaborative experience. What Is TogetherJS? TogetherJS is a project sponsored by the Mozilla Foundation (best known for the Firefox browser and the Thunderbird e-mail client). Mozilla has been developing and releasing a growing number of interesting open-source tools during the past few years, of which TogetherJS is one of the most recent examples. (In recent months, for instance, Mozilla also released Persona, which attempts to let you sign in to multiple sites using a single identity, without WWW.LINUXJOURNAL.COM / MARCH 2014 / 33 COLUMNS AT THE FORGE tying it to a for-profit company.) TogetherJS was released by "Mozilla Labs", which, from the name and description, suggests this is where Mozilla experiments with new ideas and technologies. On a technical level, TogetherJS is a client-server system. The client is a JavaScript library—or more accurately, a set of JavaScript libraries—loaded onto a Web page, which then communicates back to a server. The server to which things are sent, known in TogetherJS parlance as the "hub", runs under node.js, the JavaScript-powered server system that has become quite popular during the past few years. The hub acts as a simple switchboard operator, running WebSockets, a low-overhead protocol designed for real-time communication. Thus, if there are ten people using TogetherJS, divided into five pairs of collaborators, they can all be using the same hub, but the hub will make sure to pass messages solely to the appropriate collaborators. Installing TogetherJS on a Web site is surprisingly easy. You first need to load the TogetherJS library into your page. This is done by adding the following line into your Web application: