dimanche 23 septembre 2018
Par Yves le dimanche 23 septembre 2018, 23:04
The IRIScan mouse is a neat little device! Its scanning function works really well and fast, for such a little piece of hardware, and the mouse function is surprisingly familiar: no extra weight, no extra bulk. It could be perfect.
But…
jeudi 9 novembre 2017
Par Yves le jeudi 9 novembre 2017, 19:26
The Chrome web browser won market-share fast, and still is. But people tend to forget who is behind Chrome.
Now Google (or should I say Alphabet?) decided that their Chrome browser feeling faster is worth breaking web sites and going against the established standards that make the Web an open platform. That’s bad.
I’ve been using Firefox since it first appeared, not because it is the fastest, nor because it is the best, but because it is free software, backed by an organisation that pursues its users’ best interests and protects their privacy. Here’s one more reason to do so, if one was needed.
The icing over the cake is that Firefox is getting really fast! If you’ve been using Chrome, think again…
lundi 6 novembre 2017
Par Yves le lundi 6 novembre 2017, 23:50
Yeah… sorry about that… The long-awaited change of server that I had been planning for more than a year has finally happened :-) It took some time, and things are coming back online one piece at a time…
On the good side, Git has become easier to browse and use. See here: https://yalis.fr/git/
jeudi 20 avril 2017
Par Yves le jeudi 20 avril 2017, 13:53
When I setup gitolite on my server for Git access through SSH, of course I did test that cloning worked from outside my network. That was for my Paperweb project.
Later I configured port-knocking on the server to get rid of bot-based authentication attempts that were polluting my log files. Unfortunately, at this time, the “outside” server on which I have an account was down, so I could not leave my network to check that all was fine; from the inside of the network, all worked like a charm, though!
Same situation when someone asked me for the Paperweb code by e-mail because they could not get it the normal Git way. I had no idea that port-knocking was the problem: from my side of the firewall, all worked correctly…
dimanche 20 novembre 2016
Par theYinYeti le dimanche 20 novembre 2016, 14:30
Three years ago, I wrote a small series about having all my favourite tools on a USB flash drive when I am on the go. Some things have changed in these years, so the time has come to write fresh blog posts on the subject. My main aim is a full portable Linux OS, and this third part is about just that!
Par theYinYeti le dimanche 20 novembre 2016, 11:45
The following text is the second part of a reboot —as they say for films, now— of my 3-year-old series about having a universal Linux and Windows toolbox on a bootable USB flash drive. The main target is a full portable Linux OS, but I will also
address the Windows OS, for those times when you have no choice ;-)
This part is about the boot loader and miscellaneous tools accessible from there.
vendredi 18 novembre 2016
Par theYinYeti le vendredi 18 novembre 2016, 20:36
This is a new take on my 3-year-old series on the same subject, with the aim of having a portable toolbox for anything PC, from booting Linux, to having my favourite productivity tools at all time, to being able to rescue a broken disk or OS, and so on. This toolbox takes the form of a standard USB flash drive, made bootable and filled with all that I need, yet still uncluttered, and usable as any USB flash drive for transferring data.
This first article is about the “bootable” part.
samedi 24 septembre 2016
Par Yves le samedi 24 septembre 2016, 21:00
I tried to import an old e-mail file from year 2000 or so, using Thunderbird’s ImportExportTools extension. And it failed. I first tried to split the mbox file, but eventually I found that X-Mozilla… headers were at fault! So, the solution is simply to run this command on the file before importing it in Thunderbird:
sed -i.bak '/^X-Mozilla/d' MboxFile
In case someone is interested, here is how I could split the mbox file into multiple eml files:
mkdir files.eml
awk '
BEGIN {f=0; o=""}
function new() {if (f!=0) close(o); f=f+1; o=sprintf("files.eml/%d.eml",f)}
/^From - / {new(); next}
/^X-Mozilla/ {next}
{print >>o}
END {new()}' MboxFile
This worked because each e-mail in my mbox file started with a « From - … » line. I’m not sure this is a universal rule, however.
mardi 13 septembre 2016
Par Yves le mardi 13 septembre 2016, 19:43
Le Fairphone 2 est un excellent téléphone. Je ne savais trop comment présenter cette acquisition…
Quelqu’un l’a déjà fait, bien mieux que je ne saurais le faire. Allez-y, c’est très bien écrit :
https://grisebouille.net/fairphone-un-telephone-pour-libriste/
samedi 10 septembre 2016
Par Yves le samedi 10 septembre 2016, 13:13
Heureux possesseur d’une théière électrique riviera&bar Yunnan, je déplorais toutefois le volume strident de son alarme sonore, dont le rôle est d’informer l’utilisateur des différentes étapes : ébullition, infusion, maintien au chaud… Il suffit d’ailleurs de consulter la FAQ du fabriquant concernant cette théière pour s’en convaincre ; une seule question à ce jour : « Peut-on retirer les signaux sonores du produit ? »
C’était insupportable ; j’ai donc atténué le volume sonore de son « buzzer ».
mercredi 8 juin 2016
Par Yves le mercredi 8 juin 2016, 17:45
A bit more than a year ago, I hardened my SSH server, which resulted in the near-disappearance of automated SSH login attempts. Alas, the script-kiddie tools have finally caught up with the current state of cryptography; or at least with the level of cryptography that I dare require, and still maintain compatibility with most devices that I use.
Fail2ban, although dormant all this time, still ran like the ever-vigilant Argos, and resumed its usual work as the attacks came back. But I do not like relying solely on fail2ban. So I decided to add port-knocking as a protection.
lundi 30 mai 2016
Par Yves le lundi 30 mai 2016, 23:46
My ageing eSATA SheevaPlug is running a lot of tasks:
It is now running Debian Jessie, after having run Lenny, and then Wheezy, which shows just how long it’s been running, considering the long lifetime of a major Debian version :-D
With only a half-GB of RAM, it’s come to the point where swap is being used on a regular basis, although not too much so far. As for the processing power, everything works, albeit slowly; reasonably so… so far. And more importantly, anything more is impossible (eg. nice ownCloud modules, or a sound server…).
The time has come to plan a replacement, which is the subject of this post.
jeudi 21 janvier 2016
Par Yves le jeudi 21 janvier 2016, 23:19
I am very fortunate that one jflesch on GitHub decided one day to create Paperwork! This excellent program evolved very quickly and is still improving. I manage all my official documents, invoices, and such, in Paperwork. Scan by scan, PDF import by PDF import, I am slowly approaching the 2000 documents, or 5000 pages. This program has proved invaluable in the past year alone, both for speeding up the processing of new documents, and for looking for old documents.
Yet I miss one feature: the possibility to search the database of documents (which is on my home server) from any computer or mobile device, without having to launch Paperwork, which is only installed on the main family PC.
Besides, as I often connect to my server from distant places using OpenSSH, the possibility to do command-line searches would be a big improvement over my current use of find, grep, etc. Or I should rather say, my former use of find, grep, etc. Because…
dimanche 17 janvier 2016
Par Yves le dimanche 17 janvier 2016, 21:33
Like everyone, I have important data on my computer. Like everyone, I have a backup (several, actually) of this important data —you do too, don’t you?— But while this backup is good enough in case I have a hardware failure, it won’t help me if my apartment gets flooded or catches fire. That’s because the data and its backup are stored in the same place. Several solutions exist.
samedi 16 janvier 2016
Par Yves le samedi 16 janvier 2016, 13:56
J’ai recommencé à tenir mes comptes dans l’excellent GnuCash. Comme je n’ai pas le temps (ni l’envie) de tout saisir pour ensuite rapprocher les comptes, j’importe les données depuis les fichiers téléchargés sur Internet et je me contente d’affecter les revenus et dépenses, et vérifier que tout est normal.
Mais tous les organismes ne fournissent pas de fichiers directement exploitables. Beaucoup se contentent de fichiers PDF…
lundi 3 août 2015
Par Yves le lundi 3 août 2015, 06:50
J’ai récemment commencé à utiliser ownCloud pour la synchronisation de fichiers. En fin de compte, malgré quelques problèmes à la marge, l’expérience est vraiment satisfaisante, à tel point que j’ai déplacé sur ownCloud tout mon « nuage personnel », précédemment sur un partage NFS. Néanmoins, si le client ownCloud standard convient lorsqu’il est disponible, il ne l’est pas toujours. En particulier :
Pour de telles situations, j’ai essayé d’utiliser DavFS, qui s’est avéré bien trop lent ; cela reste toutefois un bon second choix. Puis j’ai essayé le programme Java WebDAV-Sync, mais bien que celui-ci ait correctement effectué l’import initial, on ne peut pas dire que la synchronisation ait vraiment fonctionné : l’ensemble des données était à nouveau intégralement téléchargé à chaque nouvelle tentative de synchronisation !
Donc j’ai créé mon propre outil de synchronisation, dont les seules dépendances sont curl et bash, et optionnellement ssh. Ces dépendances sont disponibles partout, même sur Windows et quelques systèmes embarqués ;-)
dimanche 2 août 2015
Par Yves le dimanche 2 août 2015, 18:45
I recently began using ownCloud for file synchronization. All in all, although there are some minor hindrances, the experience is really satisfying. So much so, that I moved all my “personal cloud” data to ownCloud, from the previous NFS share. However, although the regular ownCloud client is just fine where available, it is not available everywhere. In particular:
For these situations, I tried using DavFS, but this solution was much too slow; it is a great fall-back, though. Next I tried the Java program WebDAV-Sync, but although the initial download went fine, sync did not work all that well: the whole share was fully downloaded again each time!
So I created my own synchronization tool, the only dependencies of which are curl and bash, and optionally ssh. These dependencies are available everywhere, including Windows and some embedded systems ;-)
mercredi 1 juillet 2015
Par Yves le mercredi 1 juillet 2015, 02:00
Jul 1 01:59:59 myserver kernel: [100093.877018] Clock: inserting leap second 23:59:60 UTC
dimanche 7 juin 2015
Par Yves le dimanche 7 juin 2015, 20:21
My personal server only served a few real users to this day, which means that each of us had an account on the server, that owned files and could run commands, schedule tasks, and so on.
I just extended my hosting perimeter, but I only allow email usage for my new guests so far. With this in mind, I did not want to create new Linux accounts, which would have needlessly weakened my server by exposing it to attacks towards these new accounts. Thus I created my first virtual users, for electronic mail.
I found several configuration examples on the Internet, but those mostly addressed situations where all users were virtual, often in several domains, or where a given domain was targeted at real users while others domains were targeted at virtual users. My wish was rather to allow new, virtual, users into my existing domains, the users of which were so far of the real kind only. Still, by taking from all those readings, it was not that hard to get there.
samedi 6 juin 2015
Par Yves le samedi 6 juin 2015, 13:22
Mon serveur familial ne servait jusqu’à présent que des utilisateurs réels, c’est à dire que chacun y avait un compte, propriétaire de fichiers et autorisé à exécuter des commandes, planifier des tâches, etc.
Je viens d’étendre le cercle des utilisateurs sur mon serveur, pour la messagerie uniquement pour l’instant. Dans ce contexte, je ne voulais pas créer des comptes Linux, ce qui aurait augmenté la surface d’attaque du serveur sans nécessité. J’ai donc introduit des utilisateurs virtuels pour la messagerie.
Les exemples que j’ai trouvés sur Internet visaient principalement à gérer de multiples domaines virtuels, avec exclusivement des utilisateurs virtuels, ou bien à gérer un domaine avec des utilisateurs réels et des domaines avec des utilisateurs virtuels. Mon souhait était plutôt d’ajouter des utilisateurs virtuels aux domaines que je gère déjà et qui contennaient déjà des utilisateurs réels. En m’inspirant de ce que j’ai lu, ça n’a pas été très compliqué.
« billets précédents - page 1 de 5