™ HOW-TO: INTERROGATE YOUR SYSTEM’S HARDWARE

Since 1994: The Original Magazine of the Linux Community DECEMBER 2015 | ISSUE 260 | www.linuxjournal.com INTERVIEW WITH LinuxQuestions.org Founder JEREMY GARCIA AN INDEPTH LOOK AT + SECURE Can We Save Wireless from CODING Regulators?

PRACTICES Build a Better BirdCam

WATCH: ISSUE Add Two-Factor OVERVIEW Authentication to SSH V

LJ260-December2015.indd 1 11/19/15 11:07 AM Improve Finding Your Business Way: Mapping Processes with Your Network Practical books an Enterprise to Improve Job Scheduler Manageability for the most technical Author: Author: Mike Diehl Bill Childers Sponsor: Sponsor: people on the planet. Skybot InterMapper

DIY Combating Commerce Site Infrastructure Sprawl Author: Reuven M. Lerner Author: GEEK GUIDES Sponsor: GeoTrust Bill Childers Sponsor: Puppet Labs

Get in the Take Control Fast Lane of Growing with NVMe Redis NoSQL Author: Server Clusters Mike Diehl Author: Sponsor: Reuven M. Lerner Silicon Mechanics Sponsor: IBM & Intel

Download books for free with a Linux in Apache Web simple one-time registration. the Time Servers and of Malware SSL Encryption

Author: Author: http://geekguide.linuxjournal.com Federico Kereki Reuven M. Lerner Sponsor: Sponsor: GeoTrust Bit9 + Carbon Black

LJ260-December2015.indd 2 11/19/15 11:07 AM Improve Finding Your Business Way: Mapping Processes with Your Network Practical books an Enterprise to Improve Job Scheduler Manageability for the most technical Author: Author: Mike Diehl Bill Childers Sponsor: Sponsor: people on the planet. Skybot InterMapper

DIY Combating Commerce Site Infrastructure Sprawl Author: Reuven M. Lerner Author: GEEK GUIDES Sponsor: GeoTrust Bill Childers Sponsor: Puppet Labs

Get in the Take Control Fast Lane of Growing with NVMe Redis NoSQL Author: Server Clusters Mike Diehl Author: Sponsor: Reuven M. Lerner Silicon Mechanics Sponsor: IBM & Intel

Download books for free with a Linux in Apache Web simple one-time registration. the Time Servers and of Malware SSL Encryption

Author: Author: http://geekguide.linuxjournal.com Federico Kereki Reuven M. Lerner Sponsor: Sponsor: GeoTrust Bit9 + Carbon Black

LJ260-December2015.indd 3 11/19/15 11:07 AM DECEMBER 2015 CONTENTS ISSUE 260

FEATURES 54 What’s in the Box? 78 LinuxQuestions.org: Interrogate Your Linux Not Your Average Machine’s Hardware Linux Forum An in-depth look at several tools Need to raise your Linux IQ? you can use for hardware detection. Visit LQ (LinuxQuestions.org). Federico Kereki Brian Conner

4 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 4 11/19/15 11:07 AM COLUMNS 24 Dave Taylor’s Work the Shell Analyzing Comma-Separated Values (CSV) Files 30 Kyle Rankin’s Hack and / Two Factors Are Better Than One 16 34 Shawn Powers’ The Open-Source Classroom BirdCam, Round Three 42 Susan Sons’ Under the Sink Chain of Custody 90 Doc Searls’ EOF Can We Save Wireless from Regulators?

IN EVERY ISSUE 34 8 Current_Issue.tar.gz 10 UPFRONT 22 Editors’ Choice 50 New Products 95 Advertisers Index

ON THE COVER ‹0U[LY]PL^^P[O3PU\_8\LZ[PVUZVYN-V\UKLY1LYLT`.HYJPHW ‹/V^;V!0U[LYYVNH[L@V\Y3PU\_:`Z[LT»Z/HYK^HYLW ‹(U0UKLW[O3VVRH[:LJ\YL*VKPUN7YHJ[PJLZW ‹(KK;^V-HJ[VY(\[OLU[PJH[PVU[V::/W ‹*HU>L:H]L>PYLSLZZMYVT9LN\SH[VYZ&W  ‹)\PSKH)L[[LY)PYK*HTW 54

LINUX JOURNAL (ISSN 1075-3583) is published monthly by Belltown Media, Inc., PO Box 980985, Houston, TX 77098 USA. Subscription rate is $29.50/year. Subscriptions start with the next issue.

WWW.LINUXJOURNAL.COM / DECEMBER 2015 / 5

LJ260-December2015.indd 5 11/19/15 2:05 PM Executive Editor Jill Franklin [email protected] Senior Editor Doc Searls [email protected] Associate Editor Shawn Powers [email protected] Art Director Garrick Antikajian [email protected] Products Editor James Gray [email protected] Editor Emeritus Don Marti [email protected] Technical Editor Michael Baxter [email protected] Senior Columnist Reuven Lerner [email protected] Security Editor Mick Bauer [email protected] Hack Editor Kyle Rankin lj@greenfly.net Virtual Editor Bill Childers [email protected]

Contributing Editors )BRAHIM (ADDAD s 2OBERT ,OVE s :ACK "ROWN s $AVE 0HILLIPS s -ARCO &IORETTI s ,UDOVIC -ARCOTTE 0AUL "ARRY s 0AUL -C+ENNEY s $AVE 4AYLOR s $IRK %LMENDORF s *USTIN 2YAN s !DAM -ONSEN

President Carlie Fairchild [email protected]

Publisher Mark Irgang [email protected]

Associate Publisher John Grogan [email protected]

Director of Digital Experience Katherine Druckman [email protected]

Accountant Candy Beauchamp [email protected]

Linux Journal is published by, and is a registered trade name of, Belltown Media, Inc. PO Box 980985, Houston, TX 77098 USA

Editorial Advisory Panel Nick Baronian Kalyana Krishna Chadalavada "RIAN #ONNER s +EIR $AVIS -ICHAEL %AGER s 6ICTOR 'REGORIO $AVID ! ,ANE s 3TEVE -ARQUEZ $AVE -C!LLISTER s 4HOMAS 1UINLAN #HRIS $ 3TARK s 0ATRICK 3WARTZ

Advertising % -!),: [email protected] URL: www.linuxjournal.com/advertising 0(/.%     EXT 

Subscriptions % -!),: [email protected] URL: www.linuxjournal.com/subscribe MAIL: PO Box 980985, Houston, TX 77098 USA

LINUX is a registered trademark of Linus Torvalds.

LJ260-December2015.indd 6 11/19/15 11:07 AM Where every interaction matters.

break down your innovation barriers

power your business to its full potential When you’re presented with new opportunities, you want to focus on turning them into successes, not whether your IT solution can support them.

Peer 1 Hosting powers your business with our wholly owned FastFiber NetworkTM,

solutions that are secure, scalable, and customized for your business.

Unsurpassed performance and reliability help build your business foundation to be rock-solid, ready for high growth, and deliver the fast user experience your customers expect.

Want more on cloud? Call: 844.855.6655 | go.peer1.com/linux | Vew Cloud Webinar:

Public and Private Cloud | Managed Hosting | Dedicated Hosting | Colocation

LJ260-December2015.indd 7 11/19/15 11:07 AM Current_Issue.tar.gz

You’ve Got SHAWN POWERS Questions? We’ve Got Jeremy Garcia!

nyone who’s active in the to know the history of LinuxQuestions, Linux community knows that find out more about the man behind A while we love open source it, or even what the future holds, you and we swear by the kernel, the real should check out the interview. Jeremy power of Linux is the people making is as cool as you’d expect him to be! up the community. Whether it’s folks We also have our regular gang of using Linux in a server room, people columnists, starting with Dave Taylor, contributing code or documentation who teaches us how to do his taxes. to a project in their spare time, or More specifically, he shows us how to even geeks putting Linux stickers on analyze CSV files from the command their laptops, Linux is about people. line. Proprietary file formats are This month, Brian Conner has a great frustrating to work with, but thanks interview with Jeremy Garcia, the to the simplicity and standard-ness founder of LinuxQuestions.org. If of CSV, Dave proves it can be an there’s a better example of a healthy awesome format for folks who like and interactive Linux community, you’ll their calculating to be done in a script. be hard pressed to find it. If you want Kyle Rankin delves back into the world of green text on a black

V VIDEO: background (I’m assuming there, but Shawn Powers runs I have no doubt I’m correct) when he through the latest issue. demonstrates how to set up two-factor

8 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 8 11/19/15 11:08 AM CURRENT_ISSUE.TAR.GZ

authentication for SSH connections. developers and/or package maintainers In the past, he’s described how to need to be diligent in order to avoid set up SSH keys with passphrases to compromising security when offering increase security, but it’s also possible custom applications. If that sounds to create true two-factor auth using confusing, be sure to read the first Google Authentication. If you want installment of Susan’s, Under the Sink to make your server more secure than column. Welcome to the family, Susan! passwords alone can manage, you Federico Kereki is back this month won’t want to miss his column. as well, this time showing how to I actually head back to my backyard pry as much information out of your this month and discuss some of the Linux system as possible. When it upgrades and changes to BirdCam. You comes to hardware, Linux supports might remember my articles outlining just about everything under the sun. how I created a pseudo-streaming Thanks to a handful of tools, you can Webcam experience pointing at the learn about the specific hardware on bird feeders outside my office window. your system and use that information Since we recently moved, I took the to troubleshoot those rare occasions opportunity to make some changes, when things don’t work as planned. and they were interesting enough that This is a fun issue of Linux Journal, I thought I might share with the class. with a big focus on who we are as Whether you have a BirdCam, BabyCam a community. We include all the or just use the code to improve your bits and pieces you expect from an own weekend project, this column issue of Linux Journal, and if you’re should teach some new tricks. interested in being an active part of We also introduce a new columnist the Linux community, you couldn’t this month, and she’s already a perfect pick a better issue to read. We hope fit in our Linux Journal family. You you enjoy the December 2015 issue MAY REMEMBER HER 'UEST %/& COLUMN of Linux Journal as much as we’ve from a year or so ago called “Girls enjoyed putting it together!Q and Software”. In this issue, Susan Sons walks through the process to Shawn Powers is the Associate Editor for Linux Journal. make sure you’re using only trusted He’s also the Gadget Guy for LinuxJournal.com, and he has code when you install packages and an interesting collection of vintage Garfield coffee mugs. dependencies. Distributions generally Don’t let his silly hairdo fool you, he’s a pretty ordinary guy use cryptographically signed packages and can be reached via e-mail at [email protected]. for their standard programs, but Or, swing by the #linuxjournal IRC channel on Freenode.net.

WWW.LINUXJOURNAL.COM / DECEMBER 2015 / 9

LJ260-December2015.indd 9 11/19/15 11:08 AM UPFRONT NEWS + FUN

diff -u WHAT’S NEW IN KERNEL DEVELOPMENT

Linux capabilities are one of the calls from being abused for nefarious more fluid and less defined regions of purposes. And, Andy wanted to allow kernel development. Linus Torvalds one process to allow a completely typically has no trouble violating separate process to perform system POSIX standards if he sees a better calls on its behalf. This might allow way of doing something. In the case of the formation of system call services filesystem capabilities, however, there’s to centralize all system call usage and no standard to violate. The best we’ve make it easier to secure those uses. got is a POSIX draft document that was The discussion went round and discarded before becoming official. So ROUND %RICS IDEA AS HE LATER really, anyone with a good idea can clarified, was actually a bit broader come along and make big changes in than it appeared at first glance— that part of the kernel. he wanted to convert the Linux Filesystem capabilities refer to implementation of POSIX capabilities a finer-grained set of permissions into “Real Capabilities”. The term than the traditional choice between Real Capabilities refers to a computer running something as a regular user science concept that pre-dates POSIX or running as root. capabilities. It refers to the idea of Recently, Eric W. Biederman and giving a process some sort of token Andy Lutomirski found themselves that allows it to perform a specified tackling filesystem capabilities from action on a specified object. OPPOSITE DIRECTIONS %RIC WANTED TO Ultimately, nothing about allow a process that’s been granted capabilities, or any new patches in one set of capabilities to invoke that area, can have real clarity until system calls using an even more they go into the kernel. Before then, constrained set of capabilities. there’s always the possibility that Presumably, the goal would be to they’ll violate something important or increase security by preventing system aim in the wrong direction. But, it’s

10 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 10 11/19/15 11:08 AM [ UPFRONT ]

COOL TO WATCH %RIC AND !NDY AND LOTS at compile time software that used of other folks, trying to figure it out. newer versions of libc, and then have One recurring problem with that piece of software elect to disable Linux is the need for backward vsyscall at runtime. But, he didn’t see compatibility. Actually, this affects a good way to accomplish that, and virtually the whole Open Source Brian Gerst pointed out that vsyscall world, but Linus Torvalds takes a was globally shared and couldn’t be particular strict stance on the issue shut off for individual processes. with regard to the Linux kernel. If This actually turned out not to be there’s a compiled piece of user 100% true. Although Andy agreed software out in the wild that relies on that vsyscall was shared globally, the a kernel feature, even a dumb kernel mechanisms to execute it were all feature, then future kernels have got emulated in the kernel, and those could to support that feature, so that the be disabled on a per-process basis. piece of user software will continue to Rich Felker proposed another run after a kernel upgrade. workaround for vsyscall’s global It makes sense. But as Andy availability. He said the kernel could Lutomirski recently said, the result simply unmap all means of executing was a batch of features that existed vsyscall. Any older software that only to support old programs. And by tried to access it would generate a carrying these features perpetually page fault, which the kernel could into the future, he said, newer then catch and emulate vsyscall just software ran the risk of accidentally for that program. using those features or even But, Andy didn’t go for that idea. becoming reliant on them. He said that modern instrumentation He proposed allowing new software tools might want to read the to turn off those compatibility targets of calls, and a page fault features explicitly, but that turned would prevent that. Any vsyscall out to be more complex than he’d solution, Andy said, had to maintain originally thought. Specifically, one compatibility for those tools. of his cornerstone ideas—granting On the other hand, as Rich said, the ability of newer software to those modern tools might never be turn off the vsyscall page—was not used on ancient binaries in practice. easy to arrange. Andy’s initial idea And even if they were, it might be was to have the compiler identify possible to code up specific kernel

WWW.LINUXJOURNAL.COM / DECEMBER 2015 / 11

LJ260-December2015.indd 11 11/19/15 11:08 AM [ UPFRONT ]

workarounds for each use case in a less invasive way than trying to come up with a They Said It complete solution for vsyscall. It’s a robust debate, complicated by the fact The secret of being that it’s difficult to know for sure if anyone boring is to say is actually running old binaries that depend everything. on this or that kernel compatibility feature. —Voltaire But, Andy made it clear that cleaning out compatibility features was not really his It’s not enough primary goal, so much as it was to eliminate that we do our potential security holes. Apparently, Google’s best; sometimes Project Zero had identified more exploits: we have to do http://googleprojectzero.blogspot.com/2015/08/ what’s required. three-bypasses-and-fix-for-one-of.html. —Winston Churchill The Linux framebuffer, once a bastion of innovation, is now on the chopping block, The best way to in favor of the Direct Rendering Manager escape from a (DRM) subsystem. The fbdev maintainer, problem is to solve it. Tomi Valkeinen, has asked everyone to stop —Alan Saporta submitting new fbdev drivers and to aim their efforts at DRM instead. To avoid criticism do It was not as uncontroversial as you nothing, say nothing, might think. It turned out, as folks like be nothing. Thomas Petazzoni said, that it still was easier —Elbert Hubbard to write very simple drivers for fbdev, than it was for DRM. Just in terms of lines of code, The vitality of Geert Uytterhoeven noticed that the simplest thought is in fbdev drivers were just a few hundred lines of adventure. Ideas code, while the simplest DRM drivers might won’t keep. REQUIRE A COUPLE THOUSAND Something must be No one argued that this would be a done about them. permanent problem. If anything, the discussion —Alfred North highlighted the need to write some supporting Whitehead libraries for DRM and help speed up the ultimate elimination of fbdev.—ZACK BROWN

12 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 12 11/19/15 11:08 AM Node.js At Your Service

Version Chaos SUBSCRIPTIONS: Linux Journal is available in a variety of digital formats, including PDF, .epub, .mobi and an on-line digital edition, as well as apps for iOS and Android devices. Management Renewing your subscription, changing your e-mail address for issue delivery, paying your invoice, viewing your account details or other I’m just starting out in the world of subscription inquiries can be done instantly on-line: http://www.linuxjournal.com/subs. development, and many of the projects I’m E-mail us at [email protected] or reach us via postal mail at Linux Journal, PO Box interested in exploring are written in Node.js. 980985, Houston, TX 77098 USA. Please remember to include your complete name If you’re an old hand at such things, you already and address when contacting us.

know that which version of Node you use on ACCESSING THE DIGITAL ARCHIVE: a particular application is vitally important. Your monthly download notifications will have links to the various formats (This is actually one of the reasons Docker is so and to the digital archive. To access the digital archive at any time, log in at amazingly amazing when it comes to deploying http://www.linuxjournal.com/digital.

Node apps, but I digress.) LETTERS TO THE EDITOR: We welcome your letters and encourage you to submit them For folks like me, the version issue can be at http://www.linuxjournal.com/contact or mail them to Linux Journal, PO Box 980985, confusing and frustrating. Thankfully, I ran Houston, TX 77098 USA. Letters may be across a simple tool with a simple name: n. edited for space and clarity. Once you have Node.js installed on your system, WRITING FOR US: We always are looking for contributed articles, tutorials and using n, it’s possible to download and make real-world stories for the magazine. An author’s guide, a list of topics and active a very specific version of the program, so due dates can be found on-line: your specific application works properly. In fact, http://www.linuxjournal.com/author. FREE e-NEWSLETTERS: Linux Journal when I was installing the NOMP stratum server editors publish newsletters on both for Bitcoin mining recently, I had to use n to try a weekly and monthly basis. Receive late-breaking news, technical tips and more than a dozen versions before I found the tricks, an inside look at upcoming issues and links to in-depth stories featured on one that worked as expected. http://www.linuxjournal.com. Subscribe for free today: http://www.linuxjournal.com/ Node.js is a powerful, incredible language that enewsletters.

is used by many smart developers. Those of us ADVERTISING: Linux Journal is a great who are just getting started, however, are easily resource for readers and advertisers alike. Request a media kit, view our current intimidated by version needs. If that describes editorial calendar and advertising due dates, or learn more about other advertising you, or if you understand the nuances but just and marketing opportunities by visiting us on-line: http://ww.linuxjournal.com/ WANT A QUICK AND EASY WAY TO MANAGE IT CHECK advertising. Contact us directly for further out n today. There are instructions on the Github information: [email protected] or +1 713-344-1956 ext. 2. page: https://github.com/tj/n.—SHAWN POWERS

WWW.LINUXJOURNAL.COM / DECEMBER 2015 / 13

LJ260-December2015.indd 13 11/19/15 11:08 AM [ UPFRONT ]

Android Candy: How Clever We Once Were

I freely admit I learned about this app from my wife. In fact, I saw a few nostalgic posts on her Facebook timeline and investigated where they came from. It turns out she had installed an app called Timehop. I normally wouldn’t write about something that at first glance seems like an ego-stroking shot of nostalgia, but I had so much fun looking at the posts it dug up, I couldn’t help myself. Timehop is a free app in the Google Play Store. Once you install it, you’re guided through connecting to all the major social-media networks (Twitter, Facebook, Instagram and a few others I didn’t recognize). Then, using some sort of popularity algorithm (or magic, I’m not sure which), it finds funny and/or memorable posts and photos from the past and shows them to you. You are able to share community. But really, it’s so much those old posts from the app and fun, if you’re having a bad day, allow others to experience your give it a try and see if a three- little hit of nostalgia as well. years-ago-you can cheer you up. I still feel a little silly sharing I know two-year-ago Shawn made this app with the Linux Journal me smile!—SHAWN POWERS

14 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 14 11/19/15 11:08 AM [ UPFRONT ]

Chromebookify Your Laptop Now!

A few years ago there was a project installs Chromium onto a wide variety designed to boot generic laptops so of laptops from various manufacturers. they functioned as Chromebooks. It (A long list of tested models is was a cool project, but unfortunately, available at http://go.neverware.com/ the compatibility wasn’t great, and it certifiedmodels.) I actually have a Dell wasn’t reliable to use on a daily basis. $ THAT IS GETTING VERY LONG IN THE Although Chromebooks are old news tooth as a Linux machine, but as a THESE DAYS IT STILL WOULD BE QUITE USEFUL #HROMEBOOK ITS STILL QUITE EFFECTIVE to transform aging laptop computers If you have an aging laptop, give into Chromebooks. Because they have CloudReady a try. It’s free, and you SUCH LOW SYSTEM REQUIREMENTS OLDER even can boot off USB to check it out laptops running the ChromeOS can before installing. BECOME QUITE USEFUL AGAIN CloudReady from Neverwhere: Thanks to the folks at Neverwhere, http://www.neverware.com/free. you can get the CloudReady installer that —SHAWN POWERS

WWW.LINUXJOURNAL.COM / DECEMBER 2015 / 15

LJ260-December2015.indd 15 11/19/15 11:08 AM [ UPFRONT ]

Symbolic Algebra Everywhere

Previously in this space, I have covered Once it is installed and you start it software packages like Maxima that can up, Xcas asks what mode you want be used to solve symbolic mathematics to work in. You can select from problems. Several packages are spreadsheet, CAS, programming or available that can do those types of geometry. Whenever you start a new calculations. In this article, I discuss session within Xcas, you get this same Xcas/Giac. Xcas is the GUI interface to initial interface. If you want to change the system. Giac is the command-line it later, select the CfgAGeneral program that provides access to the Configuration menu option. This pops core engine. Xcas has the functionality up a new window where you can to handle symbolic algebra, two- select the Level option. If you choose dimensional and three-dimensional the CAS option, you get the starting graphing, spreadsheets and statistics. window shown in Figure 1. It even has its own programming To open a new tab with the same language that you can use to add extra level, click the FileANew Session functionality of your own. Although you menu item. You also can open a new can use the default interface that comes tab using any of the available levels, with Xcas, you also can link the CAS or modes, using menu commands. (Computer Algebra System) engine as a They are a bit hard to find though. SHARED LIBRARY TO YOUR OWN # CODE For example, you can get a new Packages are available for many spreadsheet with the SpreadsheetA different Linux distributions, but they New Spreadsheet menu item. usually aren’t available via the default There is far too much functionality package management systems. For available within Xcas to explain how example, in , you need to add everything works in such a short an APT source that points to the home article, but I’ll try to cover some of the page for Xcas. Then you can use the most interesting parts. following to install it on your system: Let’s start by looking at the command level. This operates in a form sudo apt-get install giac python-giacpy similar to the worksheet in Maple or

16 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 16 11/19/15 11:08 AM [ UPFRONT ]

Figure 1. This the opening window in CAS mode.

Mathematica. You start with the first don’t need to use it, you can remove empty command line and enter the that pane by clicking the Kbd button mathematical expression you want at the top of your session window. TO EVALUATE 0RESSING %NTER RUNS THE The library of available commands command, displays the output in a new is very large. Luckily, you can find the pane, and creates a new command line majority of them by clicking on the and drops the cursor there, ready for Cmds menu item. Here, you can find your next command. This style should sections for several different areas, be comfortable to anyone with even a such as complex numbers, group little bit of experience. theory, calculus or probability. The keyboard panel at the bottom No system has everything that you of the window gives you a selection of may possibly need when you start doing common elements that you will likely any kind of scientific computing. This use within your commands. If you means that you need to be able to add

WWW.LINUXJOURNAL.COM / DECEMBER 2015 / 17

LJ260-December2015.indd 17 11/19/15 11:08 AM [ UPFRONT ]

Figure 2. You can create your own functions in Xcas.

new functionality of your own devising. the OK button in the programming With Xcas, you can create a new pane. If there are any errors, you will function by clicking on the PrgANew get a message in the output pane. program menu item. This pops up a If there are no errors, you will get a new window where you can define the “Success compiling” message. name, arguments, locals and a return You can include graphics inline value. Once you are happy with these within a session. If you want a settings and click the OK button, you general graphics pane, click the will get a new program pane with a GeoANew figure 2d or GeoA template ready for you. You then can New figure 3d menu item. This gives ADD IN ANY OTHER CODE THAT IS REQUIRED you a graphics pane along with an by your new functionality. associated command pane where you There are menu options within can enter the plotting commands the programming pane to help you you want drawn. If you have a with the syntax of programming specific item drawn, you can select structures, such as loops, conditionals one of the other items in the Geo and IO. In Xcas, functions need to be menu section. For example, if you compiled before they can be used. This want to graph a function, you can compiling step happens when you click go to GeoAGraphAFunction. This

18 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 18 11/19/15 11:08 AM [ UPFRONT ]

Figure 3. Graphing functions is pretty easy.

pops up a new window where you independent variable. When you click can enter the function you want to OK, you get the graph drawn inline graph, along with the limits of the within your current session.

LINUX JOURNAL on your Android device

Download the app now from the Google Play Store.

www.linuxjournal.com/android

For more information about advertising opportunities within Linux Journal iPhone, iPad and Android apps, contact John Grogan at +1-713-344-1956 x2 or [email protected].

LJ260-December2015.indd 19 11/19/15 11:08 AM [ UPFRONT ]

Figure 4. Graphs show up inline within your session.

Xcas is designed to be reasonably with many other people. good at interacting with other CAS With Xcas, you can work on almost software. With this idea in mind, it any system that you have access to. is no surprise that you can import You can use your Linux system to do and export worksheets using several major amounts of work, and then different formats. Xcas will handle you can continue that work on your Maple and Mu PAD file formats Android or Apple device, or even use fairly well. It also can handle the your Texas Instruments calculator. file format used by TI calculators Although the interface is a bit (like the TI-89 or the Voyage 200). confusing, and the learning curve is With this type of support, you rather steep, there is no denying just should be able to share your work how powerful Xcas is.—JOEY BERNARD

20 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 20 11/19/15 11:08 AM A BZ Media Event

Learn what’s new in SharePoint and Office 365! Look into the future with SharePoint 2016! Whether you want to learn about what’s coming in SharePoint 2016, are still making the most out of SharePoint 2013 or even 2010, or getting started with Office 365, you will find the SharePoint and Office 365 training you need at SPTechCon.

SharePoint 2016 training! SharePoint 2013 training! • SharePoint 2016 Design and Implementation • Going Mobile with SharePoint 2013 • SharePoint Farm Architecture and Performance: • SharePoint Designer 2013 Workflows – An Introduction Testing on 2013 and Planning for 2016 • Upgrading to SharePoint 2013 • What's New for Power Users in SharePoint 2016? • SharePoint 2013: Online vs. On-Premises • What's New for the BI workloads in SharePoint 2016? …and much, much more! …and much, much more! Still on SharePoint 2010? Office 365 training! There’s plenty of excellent information for you as well. • Demystifying Office 365 Administration • The 10 Best Office 365 Features You’ve Never Used (But Should) • Making Office 365 Work for the Business: Building Powerful No-Code Solutions • How Office 365 is Changing the Face of Collaboration and Communication …and much, much more!

LJ260-December2015.indd 21 11/19/15 11:08 AM [ EDITORS' CHOICE ]

EDITORS’ Non-Linux FOSS: CHOICE Airsonos ★

I love Sonos. There probably are for its larger speakers, but it’s really some audiophiles reading this a kludge and doesn’t work well. who rolled their eyes at my lack of %NTER !IRSONOS !N OPEN SOURCE auditory prowess, but honestly, the project, Airsonos is a Node.js-based speakers sound wonderful to my application that runs on a server 1980s-damaged eardrums. Granted, and probes the network for the Wi-Fi-enabled speakers are on-line Sonos speakers. It then very expensive, thus limiting my creates Airplay devices for each supply. I’m amazed at the ability speaker, and an iPhone or iPad for the speakers to sync a single easily can stream to a Sonos audio source throughout my house speaker. I personally run Airsonos perfectly without the need for wires. At all. The problem (apart from the price tag) is the limited options for music sources. You can stream radio stations, Pandora radio and even MP3 music files from a central network-accessible server. For my family of teenage girls, however, the inability to stream via Airplay (yes, my family has many Apple products) is a showstopper. So in their upstairs bathroom there’s a $300 speaker on the shelf, and they just listen to their phone speakers while in the shower. It breaks my heart. Sonos offers line-in options

22 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 22 11/19/15 11:08 AM as a Docker app, and it’s a “set it 3O THIS MONTHS %DITORS #HOICE and forget it” sort of application. award goes to Airsonos, with shared In fact, Airsonos has all the award status to the Dockerized app MAKINGS OF AN %DITORS #HOICE version maintained by “justintime”— award-winning project: thank you for making my nerdy world a better place! Q It’s open source. Q Airsonos: https://github.com/ Q It runs on a Linux system. stephen/airsonos.

Q It’s easily Dockerized. Q Dockerhub: https://github.com/ justintime/docker-airsonos. Q And, it solves a real problem in an awesome way! —SHAWN POWERS

LJ260-December2015.indd 23 11/19/15 11:08 AM COLUMNS WORK THE SHELL

Analyzing DAVE TAYLOR Comma-Separated Values (CSV) Files Introducing FIX-CSV, a script to analyze and fix errors in comma-separated values (CSV) files, so Dave finally can do his taxes. No, really. Read on!

Ugh. I’ve been working on my taxes. either would involve me having to I know, it’s a bit weird to be doing learn the spreadsheet’s programming my taxes in the autumn, but if you language (for example, Visual Basic defer and file an extension with the IN -ICROSOFT %XCEL  OR MANUALLY IRS every year, well, then you’re used click-dragging series of cells to to tax time being September/October, summarize their values. Both are not April 15th. tedious, and however peculiar my I have a very old-school, geeky way solution, the idea of actually learning of preparing for my own taxes, and it Visual Basic just boggles my mind, so INVOLVES USING AN %XCEL SPREADSHEET TO that’s just not an option. enter all my line item expenses then But, there’s a lurking problem in the normalizing and cleaning up the data. CSV format I use, and to understand When that’s all done, which typically it, I need to dig in to exactly what’s involves a lot of sorting and re-sorting being formatted. of the data, I then export it all as a A typical expense entry has four comma-separated values data file and fields: date, category, amount and pull out a Linux shell script to analyze any detailed notes or comments. and summarize expenses by category. For example: I suppose I could do that in the spreadsheet program itself, but it 4/10/15 subscriptions 19.99 Linux Journal

24 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 24 11/19/15 11:08 AM COLUMNS WORK THE SHELL

All of it’s neatly organized in it goes: columns and data cells, as befits a spreadsheet, of course. BEGIN { sum=0; category=""; FS="," } Random aside: did you know that { if ( $2 != category ) { it was a spreadsheet that proved the if ( sum > 0 ) { print category," == ",sum; } viability of the personal computer sum=$3 back in the day? VisiCalc was } the groundbreaking app with its else { sophisticated interface (for the day, sum+=$3 at least) and ability for accountants } and business folk to create category=$2 sophisticated mathematical tables } and regular people to...balance their END { print category, " == ", sum } checkbooks. Yes, one of the killer apps for the very first generation of Awk scripts are blocks of code that PC was checkbook balancing. We’ve match specified regular expressions, come a long way! although all three of the above With a spreadsheet populated with blocks are somewhat special cases. these four fields, the easiest way to The first, BEGIN is executed before create a dataset for further work is to the first line of input is read in, so it export it as comma-separated values, just initializes variables. The last, END, the “CSV” format. Here’s how that is run after the last line is processed. particular line will be exported: And the middle section? It’s a regular expression that matches every line (by 4/10/14,subscriptions,19.99,Linux Journal being omitted entirely). Since the field separated is set to a comma, it means Not too bad, and it’s easily managed that within the main awk block, $1 is by changing the field separator to a the date, $2 is the category, $3 is the comma. For example, to extract just AMOUNT AND  IS THE COMMENT the numeric value: cut -d, -f3. For the sample input line, it’d be: In fact, once the output is sorted by category, it’s a simple awk script $1 = 4/10/14 to read the CSV file line by line, $2 = subscriptions testing each category against the $3 = 19.99 previous and summing up values as $4 = Linux Journal

WWW.LINUXJOURNAL.COM / DECEMBER 2015 / 25

LJ260-December2015.indd 25 11/19/15 11:08 AM COLUMNS WORK THE SHELL

If you’re thinking about the field separator, it’s immediately obvious what’s going to cause trouble. Instead of actually escaping the comma, Excel has just quoted the field that has the comma in the output.

That’s easy enough, and easy to Where this does turn out to be a understand, I expect. The code’s problem is with the expense itself. ALSO QUITE READABLE SO YOU CAN SEE )N PARTICULAR %XCEL DISPLAYS FOUR DIGIT what’s going on. values with a comma if they’re a The problem? The problem currency: 1,300.00 arose when I encountered lines With. A. Comma. where one of the fields had a And, that comma survives the comma. For example, if I had the export to CSV format, which is a comment field on this line be bit mind-boggling. Suffice it to “Linux Journal, annually”, the say, it turns out to be tricky, as CSV output would be: you can see here:

4/10/14,subscriptions,19.99,"Linux Journal, annual" 4/10/14,subscriptions,"1,300.99",Linux Journal

If you’re thinking about the field The easy way to solve the problem is separator, it’s immediately obvious to choose a different cell format style what’s going to cause trouble. Instead that excludes the predilection of the OF ACTUALLY ESCAPING THE COMMA %XCEL spreadsheet to export with commas. HAS JUST QUOTED THE FIELD THAT HAS THE But hey, you read my column so you’re comma in the output. probably used to taking the long, In this particular instance, it’s circuitous route. So, let’s do it again! not that big of a problem. All that A bit of analysis reveals that if you happens is that instead of having simply split out the lines that contain h,INUX *OURNAL ANNUALv AS FIELD  QUOTES FROM THOSE THAT DONT YOU you’d end up with “Linux Journal” QUICKLY CAN IDENTIFY THOSE THAT NEED IN FIELD  AND hANNUALv IN FIELD  fixing or tweaking. Let’s start with

26 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 26 11/19/15 11:08 AM COLUMNS WORK THE SHELL

the raw file that contains two lines: The cut command now can be one with the embedded comma USED TO EXTRACT JUST THE QUOTED FIELDˆ problem, one without: cut -d\" -f2—and then any comma removed with sed. 4/7/14,subscriptions,199.99,Ask Dave Taylor Monthly In other words, use a script block 4/10/14,subscriptions,"1,300.99",Linux Journal LIKE THIS IF THE LINE IN QUESTION IS stored in the variable inline: There are lots of ways to identify the line with the problem, including f1=$(echo $inline | cut -d\" -f1) picking lines with more than the f2=$(echo $inline | cut -d\" -f2) expected four fields, but let’s do f3=$(echo $inline | cut -d\" -f3) something easier: Let’s examine what these three $ grep \" expenses.csv cut statements do: f1 is everything 4/10/14,subscriptions,"1,300.99",Linux Journal PRIOR TO THE FIRST QUOTE MARK f2 is

LINUX JOURNAL now available for iPad and iPhone at the App Store.

www.linuxjournal.com/ios

For more information about advertising opportunities within Linux Journal iPhone, iPad and Android apps, contact John Grogan at +1-713-344-1956 x2 or [email protected].

LJ260-December2015.indd 27 11/19/15 11:08 AM COLUMNS WORK THE SHELL

EVERYTHING THATS BEEN QUOTED AND CAN FIX THE #36 FILE QUICKLY AND EASILY f3 IS EVERYTHING AFTER THE QUOTED passage. In the case of the Linux #!/bin/sh Journal subscription, it’d look like this: # fix CSV files with embedded commas while read inline f1=4/10/14,subscriptions, do f2=1,300.99 if [ ! -z "$(echo $inline | grep \")" ] f3=,Linux Journal then f1=$(echo $inline | cut -d\" -f1) That’s just about all of the hard f2=$(echo $inline | cut -d\" -f2) work done because now you safely f3=$(echo $inline | cut -d\" -f3) can strip the commas from f2 without echo $f1`echo $f2|sed 's/,//g'`$f3 affecting the rest of the line, safely else stored in f1 and f3. echo $inline Then it all can be reassembled in fi a single line: done exit 0 echo $f1`echo $f2|sed 's/,//g'`$f3 Does it work? Let’s give it a whirl: Remember here that the backticks DENOTE A SEQUENCE THATS GOING TO BE $ sh fix-csv-commas.sh < expenses.csv passed to a subshell and its output 4/7/14,subscriptions,199.99,Ask Dave Taylor Monthly substituted. With the Linux Journal 4/10/14,subscriptions,1300.99,Linux Journal line, the output is exactly as desired: And there you go. As for me, well, 4/10/14,subscriptions,1300.99,Linux Journal it’s back to finishing up my taxes now that I’ve managed to burn a few hours It turns out that’s the solution, and creating this useful “CSV-Fixer” script.Q you now have all the basic pieces of the script itself. Actually, there’s Dave Taylor has been hacking shell scripts since the dawn of the no need to separate out files with computer era. Well, not really, but still, 30 years is a long time! QUOTED LINES VERSUS THOSE THAT DONT He’s the author of the popular Wicked Cool Shell Scripts HAVE QUOTES BECAUSE THAT CAN BE (10th anniversary update coming very soon from O’Reilly and done within the script itself. NoStarch Press) and can be found on Twitter as @DaveTaylor And so, here’s the succinct script that and more generally at his tech site http://www.AskDaveTaylor.com.

28 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 28 11/19/15 11:08 AM Instant Access to Premium Online Drupal Training

Instant access to hundreds of hours of Drupal training with new videos added every week!

Learn from industry experts with real world H[SHULHQFHEXLOGLQJKLJKSURȴOHVLWHV

Learn on the go wherever you are with apps for iOS, Android & Roku

We also offer group accounts. Give your whole team access at a discounted rate!

Learn about our latest video releases and RIIHUVȴUVWE\IROORZLQJXVRQ)DFHERRNDQG 7ZLWWHU #GUXSDOL]HPH 

Go to http://drupalize.me and get Drupalized today!

LJ260-December2015.indd 29 11/19/15 11:08 AM COLUMNS HACK AND /

Two Factors KYLE RANKIN Are Better Than One Make it even harder for an attacker to compromise your SSH accounts.

Although I’ve always been December 2013), I wrote about why interested in security, there are just you should set a passphrase on your some security measures I’ve never SSH keys and how to use SSH Agent liked. SSH brute-force attacks end to make password-protected keys a bit up being a major way that attackers less annoying. In one respect, you can compromise Linux systems, but think of password-protected SSH keys when it comes to securing SSH, I’ve as a form of two-factor authentication. never been a fan of changing your The key is something you have, and SSH port to something obscure, nor the password is something you know. have I liked scripts like fail2ban that The problem, however, is that if you attempt to detect brute-force attacks host a system with multiple users, you and block attackers with firewall can’t enforce password-protected SSH rules. To me, those measures sidestep keys from the server side. So in this the real issue: brute-force attacks article, I discuss how to add two-factor REQUIRE PASSWORD AUTHENTICATION )F authentication to an SSH server that you disable password authentication accepts only keys. (set PasswordAuthentication to These days, more services on-line no in your sshd_config) and use only offer two-factor authentication (2FA) SSH keys, you can relax about all as an extra layer of security on top of those brute-force attacks knocking a user name and password. After you on your door. perform your normal authentication, In a past article (“Secret Agent Man”, you provide your 2FA token (usually a

30 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 30 11/19/15 11:08 AM COLUMNS HACK AND /

string of digits) that authenticates you. Q It uses a custom PAM module, so !LTHOUGH IN THE PAST &! REQUIRED it’s easy to add 2FA system-wide. you to carry around a special hardware dongle, these days, a number of Q It provides a backup in the form of software approaches can use your cell backup codes in case users lose or phone instead. Some approaches use wipe their phones. TOTP (Time-based One-Time Password), so your phone just needs accurate time Install Google Authenticator but no network to function. Other As I mentioned, Google Authenticator approaches use push notifications, is packaged for a number of SMS or even a phone call to share the distributions, so, for instance, on 2FA token, and some implementations -based systems, you can install can use all of the above. it with: Some 2FA SSH implementations work via the ForceCommand directive $ sudo apt-get install libpam-google-authenticator placed in the SSH configuration for a particular user and let you enable If for some reason it isn’t packaged 2FA on a per-user basis. Others offer for your distribution, you also can just a PAM module you can add system- go to https://github.com/google/ wide (and use for sudo authentication google-authenticator/tree/master/ as well as SSH). Although a number libpam, download the software of excellent 2FA SSH implementations and make and install it according exist for Linux, I’ve chosen Google to the documentation there. You Authenticator for a few reasons: also will need to install the Google Authenticator app on your phone. Q It’s free, and the source is available. Configure User Accounts Q It’s been available and tested for a I recommend setting up Google number of years. Authenticator for all of your user accounts (or at least all of the Q Packages are available for a number sysadmin accounts) before enforcing of distributions. 2FA in SSH to make it easier to enroll all of the users and avoid the risk Q Clients are available for a number of locking people out. To configure of phone operating systems. Google Authenticator, each user needs

WWW.LINUXJOURNAL.COM / DECEMBER 2015 / 31

LJ260-December2015.indd 31 11/19/15 11:08 AM COLUMNS HACK AND /

to log in and run google-authenticator. compensate for possible time-skew between the client and the

You will be presented with a series of server, we allow an extra token before and after the current time.

QUESTIONS WHERE ITS SAFE TO ANSWER If you experience problems with poor time synchronization, you can

hYv HOWEVER ) GENERALLY ANSWER NO increase the window from its default size of 1:30min to about 4min.

to extending the time window to four Do you want to do so (y/n) n

minutes, and I also answer no to rate

limiting, since as I disable password If the computer that you are logging into isn't hardened against

authentication, I’m less concerned with brute-force login attempts, you can enable rate-limiting for the

brute-force attacks. The output looks authentication module. By default, this limits attackers to no

something like this: more than 3 login attempts every 30s. Do you want to enable

rate-limiting (y/n) n

$ google-authenticator

)F YOU HAVE LIBQRENCODE INSTALLED

Do you want authentication tokens to be time-based (y/n) y the output also will contain a QR code

https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl in the console you can scan with the

´=otpauth://totp/username@debian%3Fsecret%3D4SK2LTLCTLCEV757 Google Authenticator app on your

QR Code Removed phone. Otherwise, you simply can

Your new secret key is: 4SK2LTLCTLCEV757 enter the secret key into your Google

Your verification code is 221544 Authenticator application on your

Your emergency scratch codes are: phone. Also, be sure to write down

53267360 those backup codes and store them

44975412 in a safe place. These are one-time-

59302752 use codes you can use to get back

36003899 in to the system in case you ever

64736155 lose or wipe your phone. Once you

are logged back in, you can run

Do you want me to update your "/home/username/.google_authenticator" google-authenticator again.

´file (y/n) y

Configure PAM and SSH

Do you want to disallow multiple uses of the same authentication Once your phone and user accounts

token? This restricts you to one login about every 30s, but it are configured with Google

increases your chances to notice or even prevent man-in-the-middle Authenticator, you are ready to

attacks (y/n) y enforce 2FA in PAM and SSH. To

do this, edit your /etc/pam.d/sshd

By default, tokens are good for 30 seconds and in order to file and add the following to the

32 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 32 11/19/15 11:08 AM COLUMNS HACK AND /

top of the file: an additional setting to the config file:

auth required pam_google_authenticator.so AuthenticationMethods publickey,keyboard-interactive

On my Debian system, I noticed Once these settings are in place, you that once I finished the configuration can enable them by restarting your process, I would not only be SSH service, which depending on your prompted for my 2FA token, I’d also system may be one of the following: be prompted for my local system password. Because I wasn’t interested $ sudo service ssh restart in three-factor authentication (two- $ sudo service sshd restart and-a-half factor authentication?), I noticed I needed to comment out the After SSH has restarted, you should following further down in the file: get an additional prompt the next time you SSH to the server: @include common-auth $ ssh [email protected] Of course, if you aren’t on a Authenticated with partial success. Debian-based system, this extra step Verification code: may not be necessary. The final step is to configure Type in the verification code that SSH. Hopefully you already have shows up in your Google Authenticator disabled password authentication phone app, and you can log in. The for SSH in the past, and if not, I nice thing about adding 2FA to SSH is recommend you consider it. Most of that it provides an additional means the SSH 2FA guides out there (this of protection in case your computer is one included) will tell you to enable ever compromised or stolen. Attackers ChallengeResponseAuthentication also would have to compromise or in your /etc/ssh/sshd_config: steal your phone before they could access your systems.Q ChallengeResponseAuthentication yes Kyle Rankin is a Sr. Systems Administrator in the San Francisco I noticed, however, that when you Bay Area and the author of a number of books, including The are using key-based authentication Official Ubuntu Server Book, Knoppix Hacks and Ubuntu Hacks. instead of passwords, you need to add He is currently the president of the North Bay Linux Users’ Group.

WWW.LINUXJOURNAL.COM / DECEMBER 2015 / 33

LJ260-December2015.indd 33 11/19/15 11:08 AM COLUMNS THE OPEN-SOURCE CLASSROOM

BirdCam, SHAWN POWERS Round Three BirdCam 3.0? Check out Shawn’s latest improvements to BirdTopia.

I’ve been writing for Linux Journal outside my office window (Figure 1). since 2007 when I shared the process I decided it would be awesome to ) USED TO MAKE MY OWN -!-% ARCADE put a public Webcam on them, but I cabinet. Out of all the projects, didn’t want to pay for LiveStream or how-tos, reviews and silliness I’ve anything like that. In fact, I wanted written, nothing has gotten more it to be strictly image-based instead feedback and discussion than my of video. The initial article is at BirdCam. It’s been more than a year http://www.linuxjournal.com/ since I last wrote about my setup, content/its-bird-its-another-bird. and since that time, I’ve moved to a Like most folks, I fiddle with things new city and upgraded my cameras constantly, and BirdCam changed so and software significantly. So to much, I followed up later with an ANSWER MANY OF THE QUESTIONS ) GET article on my improvements, including about the current state of BirdCam, I how I create a daily video archive: figured I’d write about the technical http://www.linuxjournal.com/content/ details and hopefully inspire similar birdcam-round-two. projects or upgrades for others. Plus, If you don’t want to take the time I get to talk about BirdCam, and to read those articles, no worries. The that’s just pure fun! 4,$2 VERSION IS THAT ) TAKE PERIODIC snapshots of my bird feeders, and have A Short Refresher an auto-refreshing Web page that shows If you weren’t with LJ two years ago a 1–2FPS “video”, which is hosted at when I first wrote about BirdTopia, I’ll http://birds.brainofshawn.com. (Don’t QUICKLY CATCH YOU UP ) HAVE A BUNCH worry about swamping my home of bird feeders in my backyard, right CONNECTION THE FEED IS SCALED TO THE

34 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 34 11/19/15 11:08 AM COLUMNS THE OPEN-SOURCE CLASSROOM

Figure 1. BirdCam now has far less clutter, but way more appeal.

cloud—the details of which are also in $500 Axis-brand cameras that have the initial article!) GREAT IMAGE QUALITY AND AN ABILITY to pull still images, but that’s way New Hardware beyond my price range. This is by far the most frustrating I have had decent luck with the development with my BirdCam setup. $79 Foscam FI9803P camera. It does I want to move the bulk of the 720p, and with a convoluted URL, cameras outside so my office window it’s possible to pull still images from isn’t cluttered with wires, and also so it. It struggles with lens flare much the reflection of my new south-facing like my cameras pointing through window doesn’t cause J.J. Abrams-like the window, but it’s tolerable. With lens flare. Unfortunately, finding an an outdoor camera, I don’t have outdoor camera with the same image the problem of window reflection QUALITY AS MY REPURPOSED 'ALAXY 3 recording me in my office as phone is difficult. I’m sure there are evening approaches. Nobody wants

WWW.LINUXJOURNAL.COM / DECEMBER 2015 / 35

LJ260-December2015.indd 35 11/19/15 11:08 AM COLUMNS THE OPEN-SOURCE CLASSROOM

You may recall one of the problems I had with BirdCam was to get JavaScript that would regularly refresh the page and work across multiple browsers and platforms.

to stare at me in the reflection, HTML Updates but with window-based cameras, You may recall one of the problems that happens most evenings. I’ve I had with BirdCam was to get contacted several companies selling JavaScript that would regularly outdoor-rated cameras, and most of refresh the page and work across THEM REQUIRE THE USE OF A PROPRIETARY multiple browsers and platforms. The app to view images. code I posted last time did mostly I also attempted to use a Dropcam work, but I managed to come up (Nest cam now I guess), and although with JavaScript that is seemingly the super-wide angle is nice, and it is foolproof. I also updated the CSS possible to pull still images, the cloud- to handle resizing of the main page only factor is a showstopper for me. I better and split BirdCam into three don’t want to use constant bandwidth separate pages. The result is clickable to send video to the cloud when all thumbnails that “refocus” the page. I want is to pull still images. Perhaps Listing 1 shows the format of each there’s a way to hack the firmware, but page, the only difference being that out of the box, a Dropcam uses too with the other two pages, the links much bandwidth for my purposes. If and images are rearranged. I’ve anyone knows of an affordable 720p added comments to each section or 1080p outdoor security camera with explaining the functionality. optical zoom and the ability to pull stills via http(s), please let me know. Image Changes I’m actually considering building a small If you visit http://birds.brainofshawn. heated box with a window in order com, you might notice there no longer to put an old Android phone outside. are text overlays with sunset info and 4HE PHOTO QUALITY ON CELL PHONES IS so on. I might add the temperature so amazing, it will be hard to beat an back, but I found the rest to be Android device running IP Cam. overkill. Instead, there is a timestamp

36 / DECEMBER 2015 / WWW.LINUXJOURNAL.COM

LJ260-December2015.indd 36 11/19/15 11:08 AM COLUMNS THE OPEN-SOURCE CLASSROOM

Listing 1. house.html

´"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

´absolute;top:0px;left:75%" src="window2.jpg?time=" />

´absolute;top:0px;left:0%" src="window.jpg?time=" />

The birds. Or not.

but all are required because various browsers expect

different meta tags -->

´relative;top:0px;left:0%" src="house.jpg?time=" />

Click on smaller images to switch camera

´views