™ PHP FOR THE NON-DEVELOPER

INTRO TO MULTITENANT APPLICATIONS

Since 1994: The Original Magazine of the Linux Community DECEMBER 2014 | ISSUE 248 | www.linuxjournal.com READERS’ CHOICE AWARDS 2014 SEE HOW THE GNOME DESKTOP FARES IN A USABILITY STUDY

DISCOVER ROGUE + WAPs Time-Saving WITH A Command-Line RASPBERRY PI Navigation Tips

WATCH: A LOOK AT ISSUE OVERVIEW Power Shell History V

LJ248-Dec2014.indd 1 11/17/14 12:28 PM NEW! Linux Journal eBook Series GEEK GUIDES FREE Download Slow Down to Speed Up: NOW! Continuous Quality Assurance in a DevOps Environment By Bill Childers DevOps is one of the newest and largest movements in Information Technology in the past few years. The name DevOps is a portmanteau of “Development” and “Operations” and is meant to denote a fusion of these two functions in a company. Whether or not your business actually does combine the two functions, the lessons and tools learned from the DevOps movement and attitude can be applied throughout the entire Information Technology space. This eBook focuses on one of the key attributes of the DevOps movement: Quality Assurance. At any point, you should be able to release your product, code or configuration—so long as you continue keeping your deliverables in a deployable state. This is done by “slowing down” to include a Quality Assurance step at each point in your workflow. The sooner you catch an error or trouble condition and fix it, the faster you can get back on track. This will lower the amount of rework required and keep your team’s momentum going in a forward direction, enabling your group to move on to new projects and challenges. Build a Private Cloud for Less Than $10,000! By Mike Diehl This eBook presents a compelling argument as to why you should consider re-architecting your enterprise toward a private cloud. It outlines some of the design considerations that you need to be aware of before implementing your own private cloud, and it describes using the DevCloud installer in order to install OpenStack on an Ubuntu 14 server. Finally, this eBook will familiarize you with the features and day-to-day operations of an OpenStack-based private cloud architecture, all for less than $10K!

DOWNLOAD NOW AT: http://linuxjournal.com/geekguides

LJ248-Dec2014.indd 2 11/17/14 12:28 PM Are you tiredtiered of of dealing dealing with with proprietary proprietary storage? storage? ®

9%2Ä4MHÆDCÄ2SNQ@FD ZFS Unified Storage zStax StorCore from Silicon - From modest data storage needs to a multi-tiered production storage environment, zStax StorCore

zStax StorCore 64 zStax StorCore 104

The zStax StorCore 64 utilizes the latest in The zStax StorCore 104 is the flagship of the dual-processor Intel® Xeon® platforms and fast zStax product line. With its highly available SAS SSDs for caching. The zStax StorCore 64 configurations and scalable architecture, the platform is perfect for: zStax StorCore 104 platform is ideal for:

‡VPDOOPHGLXPRIILFHILOHVHUYHUV ‡EDFNHQGVWRUDJHIRUYLUWXDOL]HGHQYLURQPHQWV ‡VWUHDPLQJYLGHRKRVWV ‡PLVVLRQFULWLFDOGDWDEDVHDSSOLFDWLRQV ‡VPDOOGDWDDUFKLYHV ‡DOZD\VDYDLODEOHDFWLYHDUFKLYHV

TalkTalk with with an anexpert expert today: today: 866-352-1173 866-352-1173 - http://www.siliconmechanics.com/zstax

LJ248-Dec2014.indd 3 11/18/14 2:25 PM DECEMBER 2014 CONTENTS ISSUE 248 FEATURE

58 Readers’ Choice Awards 2014 Shawn Powers

ON THE COVER Interested in joining our ‹7/7MVY[OL5VU+L]LSVWLYW ‹0U[YV[V4\S[P[LUHU[(WWSPJH[PVUZW Reader Advisory Panel for 2015? ‹9LHKLYZ»*OVPJL(^HYKZW ‹:LL/V^[OL.564,+LZR[VW-HYLZPUH(7Z^P[OH9HZWILYY`7PW explaining why you’d be a good ‹;PTL:H]PUN*VTTHUK3PUL5H]PNH[PVU;PWZW ‹(3VVRH[7V^LY:OLSS/PZ[VY`W fit to [email protected].

4 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 4 11/18/14 5:26 PM INDEPTH 74 Real-Time Rogue Wireless Access Point Detection with the Raspberry Pi Discover all the rogue wireless access points around you with nothing more than several RPis and wireless cards for each. Chris Jenks 92 The Usability of GNOME Following up from last year’s article about usability in open-source software, Jim Hall writes about his 22 usability study of the GNOME desktop. Jim Hall COLUMNS 30 Reuven M. Lerner’s At the Forge Multitenant Sites 38 Dave Taylor’s Work the Shell Power Shell History and the 74 ÀQG Command 42 Kyle Rankin’s Hack and / Dr Hjkl on the Command Line IN EVERY ISSUE 8 Current_Issue.tar.gz 46 Shawn Powers’ The Open-Source Classroom 10 Letters PHP for Non-Developers 14 UPFRONT 100 Doc Searls’ EOF 28 Editors’ Choice How Can We Get Business to Care about Freedom, Openness 54 New Products and Interoperability? 107 Advertisers Index

LINUX JOURNAL (ISSN 1075-3583) is published monthly by Belltown Media, Inc., 2121 Sage Road, Ste. 395, Houston, TX 77056 USA. Subscription rate is $29.50/year. Subscriptions start with the next issue.

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 5

LJ248-Dec2014.indd 5 11/17/14 12:28 PM Executive Editor Jill Franklin [email protected] Senior Editor Doc Searls [email protected] Associate Editor Shawn Powers [email protected] Art Director Garrick Antikajian [email protected] Products Editor James Gray [email protected] Editor Emeritus Don Marti [email protected] Technical Editor Michael Baxter [email protected] Senior Columnist Reuven Lerner [email protected] Security Editor Mick Bauer [email protected] Hack Editor Kyle Rankin lj@greenfly.net Virtual Editor Bill Childers [email protected]

Contributing Editors )BRAHIM (ADDAD s 2OBERT ,OVE s :ACK "ROWN s $AVE 0HILLIPS s -ARCO &IORETTI s ,UDOVIC -ARCOTTE 0AUL "ARRY s 0AUL -C+ENNEY s $AVE 4AYLOR s $IRK %LMENDORF s *USTIN 2YAN s !DAM -ONSEN

President Carlie Fairchild [email protected]

Publisher Mark Irgang [email protected]

Associate Publisher John Grogan [email protected]

Director of Digital Experience Katherine Druckman [email protected]

Accountant Candy Beauchamp [email protected]

Linux Journal is published by, and is a registered trade name of, Belltown Media, Inc. PO Box 980985, Houston, TX 77098 USA

Editorial Advisory Panel "RAD !BRAM "AILLIO s .ICK "ARONIAN s (ARI "OUKIS s 3TEVE #ASE +ALYANA +RISHNA #HADALAVADA s "RIAN #ONNER s #ALEB 3 #ULLEN +EIR $AVIS s -ICHAEL %AGER s .ICK &ALTYS s $ENNIS &RANKLIN &REY 6ICTOR 'REGORIO s 0HILIP *ACOB s *AY +RUIZENGA s $AVID ! ,ANE 3TEVE -ARQUEZ s $AVE -C!LLISTER s #ARSON -C$ONALD s #RAIG /DA *EFFREY $ 0ARENT s #HARNELL 0UGSLEY s 4HOMAS 1UINLAN s -IKE 2OBERTS +RISTIN 3HOEMAKER s #HRIS $ 3TARK s 0ATRICK 3WARTZ s *AMES 7ALKER

Advertising E-MAIL: [email protected] URL: www.linuxjournal.com/advertising PHONE: +1 713-344-1956 ext. 2

Subscriptions E-MAIL: [email protected] URL: www.linuxjournal.com/subscribe MAIL: PO Box 980985, Houston, TX 77098 USA

LINUX is a registered trademark of Linus Torvalds.

LJ248-Dec2014.indd 6 11/17/14 12:28 PM LINUX JOURNAL ARCHIVE DVD 1994–2014

NOW AVAILABLE

Save $10.00 by using discount code DVD2014 at checkout. Coupon code expires 1/15/2015 www.linuxjournal.com/dvd

LJ248-Dec2014.indd 7 11/17/14 12:28 PM Current_Issue.tar.gz

The Best SHAWN POWERS of the Best

love the Readers’ Choice issue. behind the scenes. If you’re a Web I jokingly say it’s because all the developer, you won’t want to miss it. I work is done by the community, I’ve written several articles through but honestly, it’s because I love the years on SSH, which I like to hearing the feedback from everyone. think of as the Swiss Army Knife of Year after year, I inevitably learn about command-line tools. Dave Taylor talks a new technology or application, about an equally powerful tool this and I’m usually surprised by at least month, namely the ILQG command. It one of the voting results. It’s also an seems like a simple concept, but with “unthemed” issue, which means our its various options, ILQG can be a articles can be from any discipline powerful addition to any Bash script. in the Linux world. Welcome to the Kyle Rankin talks about something Readers’ Choice issue of Linux Journal. I’ve never been able to get the hang Reuven M. Lerner starts us out this of doing. He discusses the virtue of month with the modern-day equivalent using the hjkl keys as opposed to of virtual name-based Web hosting. arrow keys while editing text files. Multitenant programming allows a Every once in a while, you’ll run across single server and/or application to a computer that supports only the serve multiple clients while keeping old-school method for moving the the cross-pollination of data from cursor around, but for Kyle, that old- taking place. SaaS isn’t a new concept, school method is his preferred mode but Reuven shows how to peel back of operation. I have to admit, I’m a the cloud layer and see what goes on little jealous. I can play a first-person shooter with the “wasd” keys, but for

V VIDEO: some reason, my brain just can’t get Shawn Powers runs used to “hjkl”. If you have no idea through the latest issue. what I’m talking about, be sure to

8 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 8 11/17/14 12:28 PM CURRENT_ISSUE.TAR.GZ

read Kyle’s column. is most likely one of the factors that I boldly go where no Shawn influences the results of our Readers’ Powers has gone before and touch Choice awards year after year. If on development of all things. My proper testing has taken place, the entire IT career has been one where chances for a particular technology I’ve avoided programming. Recently, to gain popularity are much higher. I had a need to create a Web-based We stuck with a similar format as last interface for a user, and I learned PHP. year in this issue, and gave the entire Granted, PHP isn’t the most modern range of votes as opposed to just the or powerful programming language, top few candidates. If people were but if you’re like me, it might be the told only about the most popular perfect intro to development. I urge one or two desktop environments, anyone who hates programming to no one would ever hear about Linux read my column. It might surprise you itself! There are a few upsets this year how much fun writing code can be. over last year, but every category is Chris Jenks has a cool article in this interesting with a few hidden gems issue where he teaches us to hunt that might not be as popular, but rogue access points in a network. certainly are worth checking out. There obviously are apps for Android This issue is truly an eclectic one, that will do basic scanning, but Chris and although there’s not a specific goes a lot further and discusses focus, that means we get to focus passively gathering data, looking for on “awesome stuff”, which is always even hidden SSID networks. If you have enjoyable. We have tech tips, product a need to track down rogue access announcements, cool programs and points, but fear sneaky users are hiding enough information to keep an entire their tracks, Chris’ article is perfect. herd of nerds busy for weeks. We Jim Hall goes searching this month hope you enjoy the Readers’ Choice as well, but in his case, he’s searching issue of Linux Journal. I know we for usability. Jim describes the process enjoyed putting it together.Q for formal usability testing and how it shapes changes in projects like Shawn Powers is the Associate Editor for Linux Journal. GNOME, which he uses as an example. He’s also the Gadget Guy for LinuxJournal.com, and he has If you’ve ever been curious about how an interesting collection of vintage Garfield coffee mugs. and why desktop programs function Don’t let his silly hairdo fool you, he’s a pretty ordinary guy the way they do, Jim’s article will be and can be reached via e-mail at [email protected]. of incredible interest. In fact, usability Or, swing by the #linuxjournal IRC channel on Freenode.net.

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 9

LJ248-Dec2014.indd 9 11/17/14 12:28 PM letters

as Linux puts up some security barriers to protect these ports from the ordinary user. There are reasonable ways to work around this limitation, such as exporting the pins in a boot script. Also, WebIOPi looks like a well put together solution for the Raspberry Pi that could be ported to the BBB. LJ should not be encouraging running as root, particularly on hardware that frequently ends up as mini-Web servers. —Mike Beaver

Leap Years in Bash Samuel Bucquet replies: Thank you, Jacques Amar is close (see the October Mr Beaver, for pointing this out. 2014 Letters). The year 2000 was a leap year. The access of the IO ports needs a lot of attention in a multi-user A year is a leap year if it is a multiple scenario. In the same way, if there is a of 400 or is a multiple of four and not possibility of multiple tasks accessing a multiple of 100. the same hardware simultaneously, —fest3er8 you need to consider some locking mechanism. The majority of the tasks “Accessing the I/O Ports of I described in the article are hardware the BeagleBone Black with administration tasks, but the reading Python” Article and writing on the IO ports can be Regarding Samuel Bucquet’s article in done as a regular user, like the user the October 2014 issue, it looks like a Web server is running with to allow the author is running everything as access of IO ports from a Web page. root. This seems to be fairly common in articles about the Raspberry Pi or Serial ports: In order to use them as a BBB where the hardware is accessed, regular user, there is nothing special

10 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 10 11/17/14 12:28 PM [ LETTERS ]

to do, as long as the user is in the But beware, you don’t want multiple dialout group (check with “id”). users fidgeting with the same GPIOs at the same time! GPIO: You will have to initialize, as root, the GPIO that will be Then you can access the gpio with used, and position the permissions the “debian” user. accordingly (like this for the Debian default user): Components on the i2c bus: As with the serial ports, if the user is in the “i2c”

# echo 48 > /sys/class/gpio/export group, she can access components on the

FKJUS5GHELDQV\VFODVVJSLRJSLR bus as a regular user. But there are a lot of

ILQGV\VFODVVJSLRJSLRW\SHIH[HFFKPRG^`? sensitive components on an i2c bus, so if

ILQGV\VFODVVJSLRJSLRW\SHGH[HFFKPRG^`? the integrity of the system is at risk, take

LJ248-Dec2014.indd 11 11/17/14 12:28 PM [ LETTERS ]

great care as to who can access what. Of course, there is a good Python module too. Analog reading: In the same way you did for the GPIO, put the permissions Shawn Powers and SSH in /sys/bus/iio/devices/iio\:device0/ Writing letters to LJ is becoming for the user, and again do not allow habit-forming this month. simultaneous access to the ADC. Shawn Powers left out the scariest part Handling of the permissions may vary a of SSH tunnels in his article “This Is Why little, and XGHY can be put to good use We Can’t Have Nice Things: SSH” in for other devices not automatically the October 2014 issue. It takes some recognized, but the essential part is here. thought and effort to set it up right, root access is needed, and public/private keys I might add that the solution I chose are required, but it’s relatively easy to to handle for this is a one and only set up PPPoS (PPP over SSH) using pon process to access an IO port. and poff. Then, you configure NAT as needed at each end of the link to obtain A shared memory server relays read- Internet access unfettered by a firewall. ings and writings to the IO handling Finally, redirect internal nodes to use the process. I use redis as a back end for internal system that hosts that end of the following reasons: the tunnel as their default gateway. That should be enough to make the toughest Q It allows me access to the IO from admin blanch. the network from multiple clients —fest3er8 (rarely multiple writing though). Ha! Indeed, SSH is like the light saber Q It allows me to dispose of IO of the tech world. It’s super amazing, readings in a coherent way but it’s fairly easy to cut your arm with transactions. off!—Shawn Powers

Q It allows me to attach a validity Linux Journal in Audio Format? period to each item of data. I am responding to Shawn Powers’ article in the August 2014 issue titled Q And it even allows a “First Health, Now Recreation”. Since PUS/SUB mechanism. he mentioned Audible, I would like to

12 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 12 11/17/14 12:28 PM ask if he has tried converting Linux Journal into an audio file? At Your Service

I love Audible, mainly because I can maximize SUBSCRIPTIONS: Linux Journal is available in a variety of digital formats, including PDF, the way I absorb information in a crowded train .epub, .mobi and an on-line digital edition, as well as apps for iOS and Android devices. or while driving. (I just caught up on the last Renewing your subscription, changing your e-mail address for issue delivery, paying your two LJ issues on flight when I was traveling to invoice, viewing your account details or other a conference yesterday.) subscription inquiries can be done instantly on-line: http://www.linuxjournal.com/subs. E-mail us at [email protected] or reach us via postal mail at Linux Journal, PO Box I have been thinking that if I could listen to LJ, that 980985, Houston, TX 77098 USA. Please remember to include your complete name would be very productive! With the fact that most and address when contacting us.

of the time 75% of the book is readable, maybe ACCESSING THE DIGITAL ARCHIVE: Dragon Speech (which I don’t have) would work? Your monthly download notifications will have links to the various formats —Leo Chan and to the digital archive. To access the digital archive at any time, log in at http://www.linuxjournal.com/digital.

That’s an interesting question, Leo. One of my LETTERS TO THE EDITOR: We welcome your letters and encourage you to submit them writing tricks is that I have the computer read back at http://www.linuxjournal.com/contact or mail them to Linux Journal, PO Box 980985, the text to me so I can hear any mistakes that my Houston, TX 77098 USA. Letters may be eyes glance over. I’m not sure the robotic voice edited for space and clarity. reading an entire issue would be great, especially WRITING FOR US: We always are looking for contributed articles, tutorials and when it comes to the code sections, but I wonder real-world stories for the magazine. An author’s guide, a list of topics and if folks with assistive reading devices have luck due dates can be found on-line: with Linux Journal’s text. Any text-to-speech http://www.linuxjournal.com/author. listeners out there?—Shawn Powers FREE e-NEWSLETTERS: Linux Journal editors publish newsletters on both a weekly and monthly basis. Receive late-breaking news, technical tips and tricks, an inside look at upcoming issues and links to in-depth stories featured on http://www.linuxjournal.com. Subscribe WRITE LJ A LETTER for free today: http://www.linuxjournal.com/ We love hearing from our readers. Please enewsletters.

send us your comments and feedback via ADVERTISING: Linux Journal is a great http://www.linuxjournal.com/contact. resource for readers and advertisers alike. Request a media kit, view our current editorial calendar and advertising due dates, or learn more about other advertising and marketing opportunities by visiting PHOTO OF THE MONTH us on-line: http://ww.linuxjournal.com/ advertising. Contact us directly for further Remember, send your Linux-related photos to information: [email protected] or [email protected]! +1 713-344-1956 ext. 2.

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 13

LJ248-Dec2014.indd 13 11/17/14 12:28 PM UPFRONT NEWS + FUN diff -u WHAT’S NEW IN KERNEL DEVELOPMENT

Containers are very tricky to the same UIDs could refer to different implement. Trying to isolate sets of users entirely. They shouldn’t be resources from each other completely, counted together. so that they resemble a discrete He wanted to patch the kernel system, and doing it in a secure way, to isolate these values, so that the has to be addressed on a feature-by- process counters wouldn’t get them feature basis, with many caveats and mixed up with each other. But, uncertainties. Over time, this makes Eric W. Biederman didn’t like the core kernel code more secure and Marian’s idea of creating namespace- robust, but each individual feature specific data structures within the may have surprising issues. kernel. He offered some workarounds, The whole namespace idea— but Marian didn’t like any of them. He corralling subsets of system resources said they were less efficient than his like user IDs and group IDs, and idea, and they would require him to performing on-the-fly translations put a lot of effort into redesigning his between the resource names within particular use case, which ran a batch the container and the corresponding of identical containers, each built out names in the outer system—is tough of a single master template. to manage. Ultimately, Eric suggested Recently, Marian Marinov noticed implementing something akin to that process counters in the outer Marian’s idea, but only for certain system counted processes as being filesystems. The problem, he said, owned by the same user if his or was that XFS exposed too much of its her UIDs (user IDs) were the same inner workings to userspace, making inside two separate containers. The it hard to perform the namespace same was true for GIDs (group IDs). translations correctly. If they limited He didn’t like this, because the two support only to “normal” filesystems, containers represented two logically Eric said, it would be much easier to isolated systems, and in that context, give Marian what he wanted.

14 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 14 11/17/14 12:28 PM [ UPFRONT ]

But, James Bottomley pointed of the system can be containerized out that Linux distributions wouldn’t safely? What parts have to wait until sacrifice XFS for anything. It had already other issues are addressed? In some been tried with the USER_NS feature. cases, the end result will be much Distributions wouldn’t accept USER_NS cleaner kernel code; in other cases, unless it supported XFS. James argued in the short term, much messier. that the same would be true here. Some features get so big and Eric replied that the two cases complicated that they can’t were different. His solution would be changed easily anymore. In not preclude using XFS in a Linux particular, it becomes harder to fix distribution; it would only preclude design flaws, because each fix has using a particular use case that didn’t to account for all the existing special currently exist anyway. And, Eric also wonkiness. The printk() function argued that XFS already had serious is one example. Its code apparently issues that made it less container- has become such a nightmare that friendly than other filesystems. It was kernel developers must choose worse hard to migrate an XFS filesystem to solutions to their problems, just in a system with different endianness order to avoid a redesign process and word size. This meant one of the that is made so difficult by printk()’s common container uses—migrating current insane implementation. processes and containers between Recently, Petr Mladek submitted machines—already was partially off some code to allow calling printk() the table for XFS, at least for the from within an NMI (non-maskable moment. That being the case, Eric interrupt). This is useful when a said, it didn’t make sense to go to system is in the midst of crashing and great lengths to support it in a feature needs to output logging data to help it couldn’t use until so many other the user identify what went wrong. XFS characteristics had been fixed. The problem was that printk() needed The debate undoubtedly will to take a lock that might be held by continue. Ultimately, the question another process. That’s a big no-no involves identifying where to draw in NMIs, because the whole point a line between seemingly integrated of NMIs is that they never can be features of the kernel. What parts interrupted by other processes. The

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 15

LJ248-Dec2014.indd 15 11/17/14 12:28 PM [ UPFRONT ]

printk() would loop forever, waiting time to implement and would delay for a process to release a lock, when Petr’s important fix that addressed that process would never get the CPU real-world crashes. And as Frédéric cycles it needed to release that lock. added, there also was the danger that Presto, deadlock. “if we push back this bugfix, nobody Petr’s code solved this by taking the will actually do that desired rewrite.” lock only if available and failing over At some point, Frédéric asked for to an alternate solution if necessary. Linus’ opinion, and Linus essentially Overall, Petr’s code improved the torpedoed Petr’s whole approach. situation, because users actually were He said: seeing lockups that could be better- diagnosed with printk()s in NMIs. Printing from NMI context isn’t Specifically, Jiri Kosina said, “we’ve really supposed to work, and we all actually seen the lockups triggered by know it’s not supposed to work. the RCU stall detector trying to dump stacks on all CPUs, and hard-locking I’d much rather disallow it, and the machine up while doing so.” if there is one or two places that But, as Frédéric Weisbecker put it, really want to print a warning and the printk() code base was an “ancient know that they are in NMI context, design” with “fundamental flaws”. have a special workaround just for Its poor design forced Petr’s patch them, with something that does to be 1,000 lines long when such a not try to make printk in general fix ordinarily might be much smaller work any better. (Linus Torvalds later estimated 15 lines as a good size for Petr’s features). Dammit, NMI context is special. I Frédéric suggested, “shouldn’t we absolutely refuse to buy into the rather redesign it to use a lockless ring broken concept that we should buffer like ftrace or perf ones?” make more stuff work in NMI Jiri agreed that the printk() code context. Hell no, we should not try base was “a stinking pile of you- to make more crap work in NMI. know-what”, and that a redesign NMI people should be careful. would be better than Petr’s stop-gap patch. But in fact, he said, the correct Make a trivial “printk_nmi()” design was not yet known, but wrapper that tries to do a trylock regardless certainly would take a long on logbuf_lock, and maybe the

16 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 16 11/17/14 12:28 PM [ UPFRONT ]

existing sequence of: wouldn’t do quite as good a job of dumping the stack data. As Jiri put it, LI FRQVROHBWU\ORFNBIRUBSULQWN “this is prone to producing not really FRQVROHBXQORFN  consistent stacktraces though, right? As the target task is still running at then works for actually triggering the time the stack is being walked, the printout. But the wrapper it might produce stacktraces that are should be 15 lines of code for “if potentially nonsensical.” possible, try to print things”, and But, Linus was insistent. He said, not a thousand lines of changes. “We should stop using nmi as if it was something ’normal’. It isn’t. Which, Petr said, was exactly what Code running in nmi context should his patch did, but he just needed be special, and should be very very 1,000 lines of code instead of 15 aware that it is special. That goes because of how broken printk() was way beyond ’don’t use printk’. We already. And Jiri said, “I find it rather seem to have gone way way too far outrageous that fixing real bugs in using nmi context. So we should (leading to hangs) becomes impossible get rid of code in nmi context rather due to printk() being too complex. than then complain about printk It’s very unfortunate that the same being buggy.” level of pushback didn’t happen when So, Paul’s solution, even being new features (that actually made it known to provide worse stack dumps so complicated) have been pushed; than Petr’s, would be adopted, that would be much more valuable simply because it could avoid making and appropriate.” further changes to printk(). Jiri said, At this point, Paul McKenney “I feel bad about the fact that we offered a compromise. Since Petr’s are now hostages of our printk() patch was inspired by the RCU (read- implementation, which doesn’t allow copy-update) stall detector using NMIs for any fixes/improvements. Having to dump the stack, and thus needing the possibility to printk() from NMI printk(), Paul could rewrite the RCU would be nice and more robust... code to avoid using NMIs for the stack otherwise, we’ll be getting people dump. This way, regular printk() would trying to do it in the future over and work, without requiring Petr’s patch. over again, even if we now get rid of The problem with this was that RCU it at once.”—ZACK BROWN

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 17

LJ248-Dec2014.indd 17 11/17/14 12:28 PM [ UPFRONT ]

Android Candy: Google Keep

I love Evernote. I pay for a premium Google Keep. membership, and to be honest, I It’s pretty neat. Honestly though, don’t think I even use the premium even though Google Keep has features. I just love Evernote matured quite a bit, I don’t see so much, I want to support the it as a competitor with Evernote. company. But in the spirit of fair I thought that was what it was comparison, I forced myself to try going to be, but to me it seems

18 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 18 11/17/14 12:28 PM [ UPFRONT ]

more like a really awesome sticky- couldn’t use it on a daily basis for note program that syncs seamlessly more than quick notes here and between devices. The Web interface there. I’d be curious to know if (http://keep.google.com) mirrors there are any Google Keep fanatics the Android app almost exactly, out there who can’t imagine and it syncs in what seems like life without it. For me, Evernote real time. You can grab notes combined with Nixnote is still the to rearrange them, and yes, you ultimate tool for keeping track of, can search notes using Google’s well, everything! Download Google powerful search engine. Keep from the Google Play store Perhaps it’s the lack of integration and give it a try. It really is a neat with other apps, or perhaps it’s app, and if you’re not an Evernote just that Google Keep is so new addict, it might be perfect! compared to Evernote, but I —SHAWN POWERS

LINUX JOURNAL now available for the iPad and iPhone at the App Store.

linuxjournal.com/ios

For more information about advertising opportunities within Linux Journal iPhone, iPad and Android apps, contact John Grogan at +1-713-344-1956 x2 or [email protected].

LJ248-Dec2014.indd 19 11/17/14 12:28 PM [ UPFRONT ]

A GUI for Your CLI?

For new Linux users, the command line is arguably the most intimidating thing. For crusty veterans like me, green text on a black background is as cozy as fuzzy slippers by a fireplace, but I still see CLI Companion as a pretty cool application. The concept is pretty easy. It’s professional, CLI Companion might a GUI environment that allows seem like a silly thing to install. If you to double-click your way the command line is intimidating, into entering CLI commands. You on the other hand, it might be can create your own commands the perfect tool to help you gain (sort of like bookmarks for the mastery. Heck, as I scrolled through command line), or you can search the database of applications, I from within the large database of learned a few command-line tools common applications. Oh, and if I didn’t know existed! the command requires command- If a GUI CLI is an oxymoron line arguments? The application you’d like to check out, surf pops up a window prompting you over to https://launchpad.net/ to enter them in. clicompanion and check it out. If you’re a dyed-in-the-wool Linux —SHAWN POWERS

20 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 20 11/17/14 12:28 PM [ UPFRONT ]

Non-Linux FOSS: Don’t Type All Those Words!

We mention Autokey later in this issue as a great tool for text replacement in real time on Linux. Thankfully, there’s an option for Windows users that actually is even more powerful than Autokey! AutoHotkey is a similarly named application that runs strictly under Windows. It’s still FOSS, but there’s you don’t need to re-program them unfortunately no version for Linux. when you move to a new computer. The premise for AutoHotkey is the Grab your .exe file, and run it when same as Autokey for Linux. Type a quick you visit your folks for the holidays. short bit of text, and it will expand (But don’t make a shortcut that that shortcut into the predefined text automatically misspells your sibling’s you tell it to use. I find this useful name when your parents type it...or if while programming, as creating those you do, don’t blame me!) curly braces in pairs is very useful. AutoHotkey is free, and it’s The program is a bit of a bear to available at http://ahkscript.org. configure, because there’s no GUI to There’s a nice quick-start tutorial as configure keys. In order to configure well to help you get started, because the program, you write a text-based like I mentioned, it’s a little rough at script that defines your shortcuts. first. If you’re stuck typing a lot of AutoHotkey (AHK it’s sometimes text on a Windows machine, check called) even allows you to pre-compile out AutoHotkey today! your shortcuts into an executable so —SHAWN POWERS

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 21

LJ248-Dec2014.indd 21 11/17/14 12:28 PM [ UPFRONT ]

Computing without a Computer

I’ve covered a lot of various pieces PyNomo (http://www.pynomo.org), of software that are designed to that you can use to create your help you do scientific calculations own. I also walk through creating of one type or another, but I some new nomographs, which have neglected a whole class of hopefully will inspire you to try computational tools that is rarely creating some too. used anymore. Before there was the First, let me explain what a electronic computer, computations nomograph actually is. Electrical had to be made by hand, so they engineers already should have were error-prone. To try to minimize seen and used one example, the these human errors, shortcuts Smith chart. This chart provides a and aids of one form or another very quick way to solve problems were developed. A common computational problem is to solve equations of some number of variables. The tool that was developed for this class of problem is the nomograph, or nomogram. A nomograph uses a graphical representation of an equation to make solving the equation as simple as setting down a straightedge and reading off the result. Once a nomograph is constructed, it is one of the fastest ways to solve an equation by hand. In this article, I explore some common nomographs that many Figure 1. With a Smith chart, you can work of you likely will have seen, and I on problems around transmission lines take a look at a Python package, and circuit matching.

22 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 22 11/17/14 12:28 PM [ UPFRONT ]

involved with transmission lines doctors. These charts allow a doctor and matching circuits. Solving these to take the weight and height of a types of problems by hand was a child and see where he or she fits very tedious task that wasted quite on a nonlinear scale that compares a lot of time, so the introduction one child to the available statistics of the Smith chart increased of a population very quickly. This productivity immensely. is much easier than plugging those A Smith chart is scaled in values into an equation and trying to normalized impedance, or calculate it manually. normalized admittance, or both. But, what can you do if you The scaling around the outside is want to use a totally new type in wavelengths and degrees. The of nomograph? Enter the Python wavelength scale measures the module PyNomo. The easiest way distance along the transmission line to install PyNomo is to use pip. between the generator and the load. You would type: The degree scale measures the angle of the voltage reflection coefficient SLSLQVWDOO3\1RPR at that point. Since impedance and admittance change as frequency You may need to preface this changes, you can solve problems command with VXGR if you want only for one frequency at a time. The it installed as a system module. To result calculated at one frequency get started, you need to import is a single point on the Smith chart. everything from the nomographer For wider bandwidth problems, you section with: just need to solve for a number of frequencies to get the behaviour IURPS\QRPRQRPRJUDSKHULPSRUW over the full range. But, because this isn’t meant to be a lesson in This section contains the main electrical engineering, I will leave it Nomographer class that actually as an exercise for the reader to see generates the nomograph you want just how many other problems can to create. There are ten types of be solved with a Smith chart. nomographs that you can create Another example, which should with PyNomo: be recognizable to any parent, is the height/weight charts used by Q Type 1: three parallel lines

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 23

LJ248-Dec2014.indd 23 11/17/14 12:28 PM [ UPFRONT ]

Q 4YPE  . OR : Fahrenheit degrees. It is generated out of two type 8 blocks. Each Q Type 3: N parallel lines block is defined by a parameter object, where you can set maximum Q Type 4: proportion and minimum values, titles and tick levels, as well as several other Q Type 5: contour options. A block for a scale going from –40 to 90 degrees Fahrenheit Q Type 6: ladder would look like this:

Q Type 7: angle )BSDUD ^ WDJ  $   XBPLQ   Q Type 8: single  XBPD[    IXQFWLRQ ODPEGDXFHOFLXV X  Q Type 9: general determinant  WLWOH U A?FLUF)   WLFNBOHYHOV  Q Type 10: one curved line  WLFNBWH[WBOHYHOV   DOLJQBIXQF FHOFLXV Each of these also is described by  WLWOHB[BVKLIW  a mathematical relationship between ` the various elements. For example, a type 1 nomograph is described by You will need a similar parameter the relationship: list for the Celsius scale. Once you have that, you need to create block ) X ) X ) X   definitions for each of the scales, which looks like this: Each element of a given nomograph must be of one type &BEORFN ^ EORFNBW\SH  W\SHB  or another. But, they can be mixed   IBSDUDPV &BSDUD` together as separate elements of a complete nomograph. A simple The last step is to define a example, borrowed from the parameter list for the main PyNomo examples on the main Web Nomographer class. For the site, is a temperature converter for temperature converter, you can converting between Celsius and use something like the following:

24 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 24 11/17/14 12:28 PM [ UPFRONT ]

PDLQBSDUDPV ^ ILOHQDPH  WHPSBFRQYHUWHUSGI  Figure 2.  SDSHUBKHLJKW  A simple  SDSHUBZLGWK  nomograph  EORFNBSDUDPV >&BEORFN)BEORFN@ is a Celsius-  WUDQVIRUPDWLRQV > VFDOHSDSHU @ Fahrenheit ` temperature conversion scale. Now you can create the nomograph you are working on with the Python command:

1RPRJUDSKHU PDLQBSDUDPV

A more complicated example is a nomograph to help with the calculations involved in celestial navigation. To handle such a complex problem, you need to use a type 9 nomograph. This type is a completely general form. You need to define a determinant form to describe all of the various interactions. If the constituents are functions of one variable, they will create a regular scale. If they are of two variables, they will create a grid section. For example, one of the single scales in this example would look like this:

J ODPEGDXFRV X SL

Whereas the grid is defined by:

JBJULG ODPEGDXYVLQ X SL VLQ Y SL

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 25

LJ248-Dec2014.indd 25 11/17/14 12:28 PM [ UPFRONT ]

Figure 3. You even can do something as complicated as celestial navigation with a nomograph.

Once this nomograph is steps in generating the nomograph. constructed, you can use it to The last step is to apply any compute the altitude azimuth. transformations to the various PyNomo goes through several parts. Transformations to individual

26 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 26 11/17/14 12:28 PM [ UPFRONT ]

components can be applied only to type 9 nomographs. If you do apply transformations They Said It to individual components, you need to make sure that relative scalings between the various You may be parts are still correct. For other nomograph disappointed if types, transformations can be applied only you fail, but you to the entire nomograph. There aren’t a are doomed if large number of transformations available you don’t try. —Beverly Sills yet, but there are enough to handle most customizations that you may want to make. One person with The transformations available are: a belief is equal to a force of Q scale paper: scale the nomograph 99 who have to the size defined by paper_height only interests. and paper_width. —John Stuart Mill

Q rotate: rotates the nomograph through The freethinking of one age is the the given number of degrees. common sense of the next. Q polygon: applies a twisting transformation —Matthew to the tops and bottoms of the various scales. Arnold

Q optimize: tries to optimize numerically Real success is the sum squared lengths of the axes finding your with respect to paper area. lifework in the work that With these transformations, you should be able you love. to get the look you want for your nomograph. —David Now that you know about nomographs, McCullough and even more important, how to make them, The secret of you really have no excuse to avoid your trip happiness is to to that isolated South Pacific island. Go ahead make others and play with PyNomo and see what other believe they are kinds of nomographs you can make and use. the cause of it. —JOEY BERNARD —Al Batt

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 27

LJ248-Dec2014.indd 27 11/17/14 12:28 PM [ EDITORS' CHOICE ]

™

EDITORS’ Autokey: CHOICE Shorthand ★ for Typists

For years I avoided installing recommend doing so. The time keyboard shortcut tools on my it saves is incredible, and after I computers. I thought dog-gonnit, abandoned my grouchy old ways, if something needed to be typed I’ve grown to love it. out, I’d type every letter myself. Unfortunately, there aren’t too Recently I capitulated, however, many options in Linux for really and I must say, going back seems good text-replacement apps. My unlikely. If you’ve never tried a personal favorite is Autokey. It text-replacement app, I highly can be a challenge to set up,

28 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 28 11/17/14 12:28 PM but that’s mainly because it’s Even though it has a very so powerful. If you want text complicated interface, the Autokey replacement to work only in a program is a great program, and particular app (think programming one we hope continues to get code shortcuts), it can be set to updated once it no longer works. work only with those apps. If you It’s currently available for Ubuntu want to have a special hotkey 12.04 and below, but it will required before text replacement install on recent versions without works, that’s an option too. In the a problem. Autokey takes this screenshot here, you can see I make month’s Editors’ Choice award, a simple auto-replacement shortcut because once you start using it, so that every time I type “ttt”, it you won’t be able to imagine life replaces it with a sentence. It works without it! Get your copy today at only in gedit, because that’s the https://code.google.com/p/autokey. constraint I set in the settings. —SHAWN POWERS

The White Paper Library on LinuxJournal.com

www.linuxjournal.com/whitepapers

LJ248-Dec2014.indd 29 11/17/14 12:28 PM COLUMNS AT THE FORGE

Multitenant REUVEN M. LERNER Sites One server and one program can service many sites. Here’s an introduction to “multitenant” applications.

For some time now, there has you’re positioned to create a new been tremendous growth in the SaaS application. With a good world of Web applications. It’s quite idea, some hard work and good amazing to see what you can do marketing, you’ll be on your way to just via a Web browser—not only having a successful business. can you buy just about anything, There are numerous models for but also a growing number of sites how SaaS can work. Sometimes, you offer “software as a service”, often have a user name on a system, and abbreviated as SaaS. The idea is that you’re simply interacting with your in exchange for a monthly service view of the world. But sometimes, fee, you get access to a service. an SaaS app gives you what appears Many thousands of such services to be an entirely new domain. So if I exist that take care of anything get an account on SuperDuperSaas.com, from Git repositories (for example, everything I do will be under GitHub and BitBucket), e-mail lerner.SuperDuperSaas.com. services (for example, AWeber and Programs allowing for this MailChimp), invoicing systems, are known as “multitenant” time-tracking systems, calendar applications. It’s possible, of systems, e-commerce systems, course, that each new subdomain e-learning systems—you name it. involves the rollout of a new As Web developers, you can create virtual machine. But there also are your own SaaS applications. That’s ways that you can make a single right—with little more than a Linux computer, with a single instance box, a database, a programming of the application, provide the language and a Web framework, same illusion of an infinite number

30 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 30 11/17/14 12:28 PM COLUMNS AT THE FORGE

of domains. Moreover, doing so The server would, if all went well, is not nearly as difficult as you send the contents of its home page might think. (typically formatted with HTML) back In this article, I look at several to the HTTP client. At that point, the techniques that make it possible connection would close. for you to create and maintain such Although HTTP 0.9 worked well multitenant applications. These for many simple cases, the explosive techniques can be used in an SaaS growth of the Web meant that product or any other application in it wasn’t good enough for many which the software can and should complex ones. One particularly respond differently to a variety of common, and particularly painful, case hostnames or domain names. was that of Web hosting companies: HTTP 0.9 required that each Web site It’s All Thanks to HTTP have its own IP address. If you set up HTTP, the Hypertext Transfer a Linux-based server with a single IP Protocol, is so ubiquitous that address but multiple hostnames, it most people barely give it any wasn’t possible for the HTTP server to thought. Even someone like me, distinguish between them. who works nearly every day on Web This changed when HTTP 1.0 was applications, knows that HTTP exists released and required that a “Host” and what it does—and yet, I don’t header be sent along with the action think about it too much. However, and pathname. Now, a simple request multitenant applications owe their looked like: existence to growth in the earliest days of the Web. *(7+773 The first version of HTTP that I +RVWOHUQHUFRLO encountered, back in 1993, was described as version 0.9. That version The first line changed, such that was a simpler protocol than the it incorporated the version number one we know today, but it already of HTTP that was being used. This included the basic GET and POST was done so as to have backward actions—that is, you could connect compatibility with HTTP 0.9 clients. to an HTTP server on port 80, and say: The second line was defined to be the first of several “request headers”, GET / name-value pairs that could be sent

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 31

LJ248-Dec2014.indd 31 11/17/14 12:28 PM COLUMNS AT THE FORGE

Given that a server now could distinguish between different hosts, even on the same IP address, it was possible to have a single server provide Web hosting capabilities for any number of different domains and hostnames.

from the client to the server. who knows about domains, These request headers have grown hostnames and DNS, but from the in scope through the years, and perspective of the server, it didn’t now include everything from the matter if it had to distinguish hostname to cookies to content type CompanyA.com from CompanyB.com, to caching information. But for my or abc.CompanyA.com from purposes in this article, the most def.CompanyA.com. That is, different important part of this request was hostnames within the same domain the “Host” request header. Given were treated similarly to different that a server now could distinguish domains. True, DNS and HTTP server between different hosts, even on configuration files made it easier the same IP address, it was possible to send *.CompanyA.com to the to have a single server provide Web same location, but at the end of hosting capabilities for any number the day, your HTTP server sees of different domains and hostnames. different hostnames and, thus, In other words, it was now possible can react differently. to have the same Web server provide “Virtual hosts”, as they became hosting to CompanyA.com and known, shared an IP address and a CompanyB.com, without either computer, and so from the perspective knowing of or seeing each other. of a programmer or IT manager, they The Web server would know to route were all under the same umbrella. requests for CompanyA.com to one From the perspective of the outside directory of programs and HTML files, world, these were completely and CompanyB.com to a second, different Web sites. Perhaps they completely separate directory of shared an IP address, and thus a programs and HTML files. hosting provider, but that was the This might be obvious to anyone only thing they had in common.

32 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 32 11/17/14 12:28 PM COLUMNS AT THE FORGE

Multitenant but also to the same instance of your Today, it’s trivial to service different Web application. hostnames under the same HTTP server. This might sound strange, until As I indicated previously, you simply tell you consider that because modern Apache (or nginx, or whatever HTTP versions of HTTP always pass a server you use) that the two hosts exist “Host” header, and because all of the in different directories, and that they HTTP request headers are available should be treated differently. With to a Web application, you can write such a configuration in place, there is a single application that will work no connection whatsoever between on multiple hosts. Consider that the different hostnames. This actually BigCompany.com has two different makes it easier to move Web sites from divisions and a separate Web site one machine to another. You scoop for each division. The site should be up the virtual host’s configuration file completely identical in both cases, and move it to another machine, along except that the contact phone with the programs and static assets— number and address should reflect that is, HTML files and images. the coast that the user has reached. Indeed, a huge industry of cheap, You can use the “Host” request on-demand Web hosting perhaps header in an “if” statement inside has made this the most common way the application, and thus display the servers are allocated and used. Even information that is appropriate. This my own personal server has five to is a classic example of multitenant ten different virtual hosts on it at any sites, although it’s certainly not the given time, between personal projects most complex of them. and demos of client applications. A multitenant application turns Multitenant with Sinatra this idea on its head. Rather than Let’s implement the above scenario using a single server, with a single IP using Sinatra, a very small and address, to service a large number lightweight Web application of different applications, each with framework written in the Ruby its own hostname, you will have language. In the July 2014 issue of LJ, many different instances of the same I covered a similarly small framework, application. That is, you’ll have both known as Flask, written in Python. CompanyA.com and CompanyB.com Such frameworks often are perfect point not only to the same IP address, for simple sites and example code.

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 33

LJ248-Dec2014.indd 33 11/17/14 12:28 PM COLUMNS AT THE FORGE

There are a number of ways that named explicitly and those upon you can create a Sinatra application. which my named gems depend. It My preference is to do so in a is worth taking a look at Gemfile.lock directory, along with a Gemfile and a sometime; it may well give you config.ru file. This took less than five insights into how your Sinatra and minutes for me to set up on my own Rails applications work. computer. First, I created a directory Next, I write a “config.ru” file, called “multiatf”. In that directory, I sometimes known as a “rackup file”, created a file called “Gemfile”, which which tells Rack—Ruby’s standard is where I will name the Ruby gems I’ll interface between HTTP servers and be using for this application: applications—where my application’s code is located and how to execute it. VRXUFH KWWSVUXE\JHPVRUJ The file looks like this: JHPVLQDWUDUHTXLUH !VLQDWUDEDVH JHP VKRWJXQ UHTXLUH EXQGOHU

The first line says that I want to %XQGOHUUHTXLUH retrieve gems from Rubygems.org, the official and standard location. The UHTXLUH PXOWLDWIUE second line says that I want to use UXQ6LQDWUD$SSOLFDWLRQ the “sinatra” gem, but that I don’t want to require “sinatra”, but rather The first line loads the “bundler” “sinatra/base”. Finally, I name the gem. Bundler is an increasingly “shotgun” gem, which provides for indispensable gem in the Ruby world, automatic reloading of Sinatra apps— in that it manages the versions of your precisely the sort of thing I want when gems for you, ensuring that they will I’m developing an application. not require conflicting versions of a Before continuing, I then run gem. After loading Bundler, you then EXQGOHLQVWDOO, which ensures that use the “require” class method, which all of the gems named in the Gemfile reviews your Gemfile.lock and loads have been installed. It creates a file the gems named within. named “Gemfile.lock”, which lists the Next, the “require” statement reads precise names and versions of each a Ruby file named “multiatf.rb” in the gem I’ll be using in my application. current directory. That is the actual This list includes those gems I have application code, and it’s the file I

34 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 34 11/17/14 12:28 PM COLUMNS AT THE FORGE

will be writing and modifying most of To start this up on my development all. Loading it means that Ruby will machine, I ran: read the contents of the code. In the case of my Sinatra app, that means VKRWJXQPXOWLDWIUE taking the various “get” and “post” declarations and turning them into This produces output telling me the appropriate routing map, such that Shotgun is now running my that the appropriate code block is application on port 9393, using Ruby’s executed for each URL. built-in WEBrick server. I can now Then, once the application has go to my Web browser, and load up been loaded, config.ru invokes http://localhost:9393, and because of 6LQDWUD$SSOLFDWLRQ. That starts the get / declaration in my Sinatra the application up and running. file, that method is fired. I get a nice The final step in putting the message telling me: application together is the multiatf.rb file. This also consists of very little code, +HOORIURPVHUYHU ORFDOKRVW  but potentially could be quite large: But, what if it isn’t localhost? What UHTXLUH VLQDWUD if I go to another server name? For example, I added the following two JHW  GR lines to my /etc/hosts file: +HOORIURPVHUYHU ^UHTXHVWKRVW`  HQG DWI DWI The first line loads the Sinatra code. Next is something that looks vaguely In other words, when I tell my like a method definition, but isn’t. Web browser to go to host “atf1”, Rather, it tells Sinatra that if someone it’ll go to 127.0.0.1, and it will send, makes a request to the / URL, it in the “Host” HTTP request header, should return a string. In this case, the the server name “atf1”. The output string isn’t static, but rather contains then will be: a dynamic portion, including the value of “request.host”. As you can +HOORIURPVHUYHU DWI imagine, this value will vary according to the hostname you are using. The same will be true for “atf2”.

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 35

LJ248-Dec2014.indd 35 11/17/14 12:28 PM COLUMNS AT THE FORGE

In many cases, showing different hostnames isn’t enough. You may want to show a different business name or a different address.

Showing Different Content let’s pull out the company’s name Thus, you’ve seen how you can from the hash, based on the key. have different output, based on I thus change multiatf.rb to read the value of the server name. This as follows: seemingly simple fact opens the door

to the entire world of multitenant UHTXLUH VLQDWUD

systems. For example, you could

imagine a company doing business KRVWV ^ DWI  !^QDPH )LUVW$7)VLWH 

under a variety of names, which DGGUHVV 0DLQ6WUHHW `

would want to have the same Web  DWI  !^QDPH 6HFRQG$7)VLWH 

application running, but showing DGGUHVV (OP6WUHHW `

the current domain name. All you `

have to do is change your strings,

or your templates, to reflect the JHW  GR

current hostname. :HOFRPHWR ^KRVWV>UHTXHVWKRVW@>QDPH@` ORFDWHGDW

In many cases, showing different ´ ^KRVWV>UHTXHVWKRVW@>DGGUHVV@` 

hostnames isn’t enough. You may HQG want to show a different business name or a different address. In The idea here is simple, but the order for that to happen, you’ll effects are profound. This is how need some additional data. The best each domain can appear different, and most scalable way to do this even if the content is the same. is a relational database, but you You can imagine going even further can simulate one with a Ruby hash than this, pulling in a different CSS that will be good enough for the stylesheet to an HTML page based purposes of this article. on the hostname, or having it show In this case, let’s define the hash different pictures. such that it contains two keys, one for If you are using a relational each of the hosts to recognize. Then, database, you can enter each new

36 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 36 11/17/14 12:28 PM COLUMNS AT THE FORGE

tenant site in a table, giving each form. That form allows them to add a unique ID number. You then can a new entry into the “sites” table. use that ID as a foreign key, adding The hostname is used to look up the (for example) this “site_id” value in site ID, whose value is then used to a table describing merchandise. For display properties. example, one of my clients manages Next month, I’ll continue with about 30 different sites, each with this topic, discussing not only how its own set of real-estate offerings. you can have the same site produce These 30 sites are actually running similar content, but how you can on a single Web application, with configure it such that different users a single database. However, based on can manage their own sites, without the hostname through which the user interfering with the overall software enters the site, the software displays and functionality.Q a different set of properties. This has made the site and the software easy Reuven M. Lerner is a Web developer, consultant and trainer. to manage, scale and grow. Each He recently completed his PhD in Learning Sciences from time a new site needs to be added, Northwestern University. You can read his blog, Twitter feed and the biggest task is to update the newsletter at http://lerner.co.il. Reuven lives with his wife and SSL certificate, such that it includes three children in Modi’in, Israel. the new hostname. Otherwise, the system works automatically, with the (nontechnical) company managers Send comments or feedback via able to create new sites within several http://www.linuxjournal.com/contact minutes, merely by filling out an HTML or to [email protected].

Resources

The Sinatra home page is at http://sinatrarb.com.

For information and ideas about multitenant sites in Ruby on Rails, you might want to read Multitenancy with Rails, an e-book written by Ryan Bigg and available at https://leanpub.com/multi-tenancy-rails. Although the book specifically addresses multitenancy with Rails, it offers many ideas and approaches that are appropriate for other software systems.

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 37

LJ248-Dec2014.indd 37 11/17/14 12:28 PM COLUMNS WORK THE SHELL

Power Shell DAVE TAYLOR History and the find Command Dave explores Bash command-line history and delves into the super-powerful ଏQG command.

It has been a while since I spent command’s numeric ID, like this: some time looking at basic command- line features and how they tie in to KLVWRU\_JUHSILQG shell scripts, so I thought it’d be a ILQG+20(QDPH ]LSSULQW good time to go back to basics. Let’s  start with some fundamentals of command-line history, actually. Make a typo on the command? If you’re like me, you’re stuck in You can use arrow keys to monkey a rut, either using [[ to repeat around and fix it, but that can be the most recent command starting tedious. Instead, use the ^old^new with that letter or those letters, or replacement sequence: using the arrow up/down keys to step through your command history SFROGILOHQHZILOH and find a specific command. I EDVKSFFRPPDQGQRWIRXQG definitely get into a YFF loop ASFAFS when I’m developing software, for FSROGILOHQHZILOH example—useful.  But, there’s a lot more that your Bash shell can do in terms of It’s super helpful, and notice that manipulating your command history. A Bash echoes the corrected command common one is to search for a specific so you know what’s going on too. command, then repeat it with the One of my favorites is to repeat

38 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 38 11/17/14 12:28 PM COLUMNS WORK THE SHELL

all the arguments of the previous statement or tap into the power of command but not the command itself. Bash history modifiers even further by Use  , like this: referencing the command by its number:

YLILOHILOHILOH KLVWRU\_JUHSFORXGDWODV

FS a HFKROLVWHQLQJWRWKHVRXQGWUDFNIURPFORXGDWODV

HFKR

Got that? The cp command will HFKRFORXGDWODV

copy each of the three files to your FORXGDWODV

home directory for safekeeping.  You also can select individual parameters by index number too, as Obviously, the shell’s habit of echoing I demonstrate here: the expanded command before it actually executes it makes these HFKROLVWHQLQJWRWKHVRXQGWUDFNIURPFORXGDWODV examples a bit annoying, but they OLVWHQLQJWRWKHVRXQGWUDFNIURPFORXGDWODV demonstrate the concept, and quite HFKR frankly, sometimes when you’re working echo the with the shell, a bit of redundancy isn’t the such a horrible thing anyway. HFKR

EDVKEDGZRUGVSHFLILHU The Incredible ଏQG Command Enough command-line history though. Hmm...what went wrong on that Let’s shift to the rather insanely second example? Did you figure it complicated ÀQG command instead. out? The  applies to the command There’s actually quite a bit you can do immediately before the current with ÀQG, and that’s why it ends up command, so the long string of being a really complex utility. Worse, its OLVWHQLQJWRWKHVRXQGWUDFN command-line parameters are specified in IURPFORXGDWODV is not what’s a format quite different from most Linux being modified, and there are only commands because they’re generally two words in the immediately previous in -parameter value pairs, except the command (echo the). very first parameter, which specifies the There are two ways to get the latter starting directory for the search. example to work, either have it come Unless it’s command-line flags that immediately after the longer echo aren’t in the -parameter value format.

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 39

LJ248-Dec2014.indd 39 11/17/14 12:28 PM COLUMNS WORK THE SHELL

To make this more fun, there are specifying “smhdw”, respectively. Size different versions of ILQG floating is specified in kilobytes, megabytes, around, depending on what flavor of gigabytes, terabytes and petabytes Linux you’re running—UNIX, NetBSD, with “kmgtp”, respectively. Darwin and so on. I’ll try to talk about Then, a specified value defaults to general approaches to working with an exact match, so FWLPHG will ILQG, but if you encounter hiccups, match only files that were created check your man page (PDQILQG) to exactly 30 days earlier—not quite see what your local variant should be. so useful. So, the - prefix means The most basic use of ILQG is to “less than or equal to”, and  means search for filenames that match a “greater than or equal to”. Got it? specific pattern—for example, all “C” You also can search for files by source files in the home directory or permission string, which is darn useful any subdirectory thereunder: for administrators. In fact, a very common search that you should do ILQGaQDPH FSULQW occasionally is this:

On modern ILQG commands, the ILQGSHUPXVHUURRWSULQW SULQW parameter is redundant and can be omitted, but if you’ve an old-school This introduces yet another version of ILQG, omitting it might result parameter: RZQHU. There’s also a in zero output—not so useful. group value if you want to check ILQG can check a lot of different group ID, although in modern Linux characteristics of files too. Here’s the that seems to be far less utilized than same search, but this time, let’s say it was back in the old days—progress, you want only C source files that are or something like that. more than 1K and have been created ILQG has an -exec parameter that’s 30 or fewer days old: worth exploring too, because it lets you invoke arbitrary Linux commands ILQGaQDPH FFWLPHGVL]HNSULQW on each and every matching file. So you started with a basic command And now, here’s an explanation, to list all C source files by looking because I know you need one. for matches with the simple pattern Times can be specified in seconds, F, but the output of that is just the minutes, hours, days or weeks by filenames—boring.

40 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 40 11/17/14 12:28 PM COLUMNS WORK THE SHELL

Instead, -exec can let you output an the matching filename, but without the ls -l result for each one just as easily: quotes, it’ll be preprocessed and removed. And, the weird ? sequence is because

ILQGaQDPH FH[HFOVO ^` ? -exec needs to know how far to read

on the parameter list, so it reads until

UZUUWD\ORUVWDII-XO the . But again, that’d be interpreted

8VHUVWD\ORU'RFXPHQWV%RRNV:LFNHG&RRO6FULSWVWK(G by Bash before even being given to

´6FULSWVQHZHSRFKF ILQG without the backslash—hence ?.

So, a really common way for sysadmins

UZ[UZ[UZ[WD\ORUVWDII6HS8VHUVWD\ORU to search for setuid root programs is a

´'RFXPHQWV/LQX[-RXUQDOGLVWDQFHEHWZHHQF slight variant on the above:

UZUUWD\ORUVWDII$SU8VHUVWD\ORU ILQGSHUPXVHUURRWH[HFOVO ^` ?_

´'RFXPHQWV/LQX[-RXUQDOIL[GLFWF PDLOVVHWXLGSURJUDPVDQGVFULSWVDGPLQ

UZUU#WD\ORUVWDII0D\ That’ll send an e-mail report that

8VHUVWD\ORU'RFXPHQWVROGLQWXLWLYHFRPLQWXLWLYHFRP lists all files with setuid and owner

´VFULSWVDGWJHWDGWQHZVF root to the e-mail address “admin”.

That’s it for this article. Next time,

UZUUWD\ORUVWDII-XQ I’ll talk about the ILQG_[DUJV

8VHUVWD\ORU'RFXPHQWVVHUYHUFOLILOHVDQG command pipe pair and the

DUFKLYHVVFULSWVDGWJHWDGWQHZVF substantial problem with files and

directories that contain spaces.Q

UZUUWD\ORUVWDII$XJ

8VHUVWD\ORU/LEUDU\$SSOLFDWLRQ6XSSRUW3OH[0HGLD Dave Taylor has been hacking shell scripts for more than 30 years.

6HUYHU3OXJLQV)UDPHZRUNEXQGOH&RQWHQWV5HVRXUFHV Really. He’s the author of the popular Wicked Cool Shell Scripts

´3ODWIRUPV6KDUHG/LEUDULHVWRUQDGRHSROOF (and just completed a 10th anniversary revision to the book, coming very soon from O’Reilly and NoStarch Press). He can be It seems like pretty complicated found on Twitter as @DaveTaylor and more generally at his tech output, but really, it’s just an ls -l site http://www.AskDaveTaylor.com. with a lot of subdirectories making things look more complicated. You can handle that, right? Send comments or feedback via The parameters required for -exec are http://www.linuxjournal.com/contact tricky. The ^` sequence is replaced with or to [email protected].

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 41

LJ248-Dec2014.indd 41 11/17/14 12:28 PM COLUMNS HACK AND /

Dr Hjkl on the KYLE RANKIN Command Line Who needs arrow keys when you have a perfectly good home row?

The first time I used vi was in a Linux Journal through the years along college programming course. It was those lines (all with Dr Hjkl in the the default editor on the computer title), and here, I’ve decided to revive lab’s UNIX systems we used to compile Dr Hjkl for another round of time- our assignments. I remember when saving command-line navigation tips our professor first introduced vi and that will help keep your hands on the explained that you used the hjkl keys home row and off those arrow keys. to move your cursor around instead Most of my tips in this article of the arrow keys. Before this point, are about reducing your reliance I was a pico user (that dates me a bit on the arrow keys and increasing now), and it seemed so backward to your speed when on the command me that vi used hjkl instead. line. For many years, whenever I It wasn’t until I became a heavy vim would find a mistake in a command user that I began to appreciate the I typed, I would do one of two speed you gain from navigation keys things: use a combination of Home, appearing on home row. As a touch End and the arrow keys (all way too typist, I realized the arrow keys are far away from home row) to move in a no-man’s land outside the home the cursor back to the mistake so I row compared to hjkl, and even could fix it, or sometimes I found it though vim supported arrow keys, I was faster to press Ctrl-C and type used hjkl instead. I’ve been pleased the whole command again. One day to discover a number of different I observed another Linux user fly programs that also support the same back and forth across words on the level of key bindings. command line and realized there I’ve written a few other columns in was a better way.

42 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 42 11/17/14 12:28 PM COLUMNS HACK AND /

On the command line, you can replicate the behavior of dw with Alt-d.

Moving Between Words it’s more keystrokes than the right- The first simple speed improvement arrow key, it keeps my hands on the is the use of Alt-b and Alt-f to move home row. Alternatively (as you’ll see backward or forward one word on later), I simply could press Ctrl-f to the command line. This behaves move forward an extra letter instead. somewhat like the b and w keys in vi to skip between words instead Delete Words of one letter at a time. Alt-b acts The bulk of the time that I use Alt-b like just like b in vim. Press Alt-b, and Alt-f on the command line is to and the cursor will move back one correct a typo earlier in the line. Now, word and sit at the first letter of you certainly could move the cursor the previous word. Alt-f is slightly over to the right position and then use different; the cursor moves forward Delete or Backspace to erase the error, until it ends up at the space between but for minor mistakes, I’ve found it’s words instead of at the beginning much faster to delete the whole word of the following word. So given the and retype it. In vim, I would type cw following command: to change the word under my cursor, or a slightly slower approach is to type OVOYDUORJ dw to delete the word and then enter insert mode to make my changes. On If my cursor were at the end of the the command line, you can replicate line and I pressed Alt-b, it now would the behavior of dw with Alt-d. The be over the l in log. If I pressed it Alt-d key will remove the word under again, it would move to the v in var. the cursor completely so you can If my cursor were at the beginning of retype it. So, taking the same example the line and I pressed Alt-f, it would from above: end up on the space between ls and -l. This annoys me enough that often OVOYDUORJ I’ll find myself going forward an extra word and then pressing Alt-b so the If my cursor were at the end of the cursor is where I want it. Even though line and I realized I wanted to change

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 43

LJ248-Dec2014.indd 43 11/17/14 12:28 PM COLUMNS HACK AND /

-l to -ltr, I would press Alt-b three First, although Alt-b and Alt-f move times to move it over the l in -l, then backward and forward a word, I would press Alt-d to delete the l, and respectively, their counterparts Ctrl-b finally type ltr. and Ctrl-f will move backward and forward a single letter. Somewhat Replace Home and End less useful, but still interesting, is It turns out the arrow keys aren’t the fact that you can use Alt-u to the only ones on the hit list. Home uppercase the full word under the and End, although useful, also are cursor, Alt-l to lowercase the word, out in that no-man’s land away from and Alt-c to capitalize the first letter the home row. In vi, you would just in the word. use ^ or $ to go to the beginning With all of these tips, I recommend or end of the line. On the command posting a reminder to yourself line, you can replace Home and End somewhere on your computer. It may with Ctrl-a and Ctrl-e, respectively. take a few weeks to ingrain a new If you use screen or tmux with habit like this into your command-line screen key bindings, you know that use, but once you get used to it, you Ctrl-a already is called for, so you’ll won’t go back. I’ve found that these need to press Ctrl-a a to send that shortcuts also apply in command-line Ctrl-a through to the command line. clients like Irssi, so if I notice I have Ctrl-a can be particularly useful a typo in something I’m about to say when you realize you need to pipe in IRC, I can just press Alt-b until it’s some initial command through under the cursor, and press Alt-d to something you’ve already typed, delete it, and then correct the error and Ctrl-e is useful to move back and press Enter.Q to the end of the line afterward to finish your command after editing it Kyle Rankin is a Sr. Systems Administrator in the San Francisco somewhere in the middle. Bay Area and the author of a number of books, including The Official Ubuntu Server Book, Knoppix Hacks and Ubuntu Hacks. A Few Final Shortcuts He is currently the president of the North Bay Linux Users’ Group. Although the above shortcuts are enough to get started, before I finish, I want to highlight a few Send comments or feedback via extra shortcuts that are less useful http://www.linuxjournal.com/contact but worth knowing all the same. or to [email protected].

44 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 44 11/17/14 12:28 PM LINUX JOURNAL on your Android device

Download the app now on the Google Play Store

www.linuxjournal.com/android For more information about advertising opportunities within Linux Journal iPhone, iPad and Android apps, contact John Grogan at +1-713-344-1956 x2 or [email protected].

LJ248-Dec2014.indd 45 11/17/14 12:28 PM COLUMNS THE OPEN-SOURCE CLASSROOM

PHP for SHAWN POWERS Non-Developers Development doesn’t have to be scary. With PHP, it’s like shell scripting for the Web!

After years of making it clear that article is to throw you right into I’m not a developer in just about writing useful PHP code. If you every article I’ve written here at really want to make “Hello World” Linux Journal, I do have a confession appear in a browser window, by all to make. I can write the “Hello means do so. But I’m not going to World” equivalent in almost every teach you how! programming language out there. In assembly, it might have been “1+1”, Preliminaries but my lack of advanced skills should Server: One great thing about PHP is be evident. The thing is, I’ve always that just about every Web server has wanted to learn how to program, but it installed and ready to go. If you get I hate the process so much I never get advanced and want to start making past “Hello World”. system calls to the underlying Linux Then I met PHP. OS, you might have to tweak php.ini I know PHP is no longer cool. I a bit, but getting a PHP platform is know that compared to Python it’s usually as simple as installing a Web extremely limited. But I also know server with a LAMP stack. that with PHP, I actually was able One thing that makes programming to create useful programs from the easier for me is to make sure my user beginning. I suspect that’s why I account has write access to the place love Bash scripting so much. With I’m writing code. My process usually Bash, I always start with a problem involves making a small change and to solve and use scripting to solve clicking refresh on the browser to it. I never “learned” to write Bash see if it worked. If you have to VXGR scripts, I just did it. My goal in this FSORFDOILOHVHUYHUILOH every

46 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 46 11/17/14 12:28 PM COLUMNS THE OPEN-SOURCE CLASSROOM

time you make a change, it will be works better for me. If you really no fun. Worry about proper file want to get fancy, programs like permissions when you release your Sublime or SlickEdit are amazing, code to the Internet, but not while but really gedit is fine. Just make you’re developing. sure whatever editor you use has The only other server tweak I syntax highlighting, it’s awesome. recommend is adding a .htaccess (If you need to edit remote files, I’d that turns on error reporting. I don’t check out using SSHFS to mount the always have errors display on the remote folder and edit them as if page, but if you get the dreaded they were local files. It works great “php blank page”, it’s nice to turn in gedit.) on error reporting quickly so you get a nice message telling you where you The Goal forgot a semicolon. I usually create a For this first foray together into the file called “err” and quickly rename world of programming, let’s create it to “.htaccess” when I want to see something useful, but still simple. errors displayed. You probably will I also want to start with something have to modify your Apache server, worth building on to. So let’s make telling it to “AllowOverride” for the a start page for your browser. folder you’re using, but it’s worth Remember iGoogle? Well, you’re the effort. Here’s what my .htaccess going to start with something far file looks like: more simple, but because you’re making it yourself, you can expand SKSBIODJGLVSOD\BHUURUVRQ later. (I find coding to be a perfect SKSBYDOXHHUURUBUHSRUWLQJ way to spend nights of insomnia, just saying.) Editor: PHP code is just text. You can use any text editor you How PHP Works like. I highly suggest using a text It took me a little while to understand editor that does syntax highlighting this concept, so I’m going to explain though, because it makes it much it quickly. PHP code can be added to easier to spot typos. I usually use standard HTML, or it can be strictly vim when I do Bash scripting, but PHP code that creates HTML as with PHP, I find myself scrolling output. These following two snippets more, so something like gedit of code do the same thing.

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 47

LJ248-Dec2014.indd 47 11/17/14 12:29 PM COLUMNS THE OPEN-SOURCE CLASSROOM

test.php: separate PHP files and browse to the page. You should see something like KWPO! Figure 1. The reason I spelled this ERG\! out is because different people code K!7KHFXUUHQWGD\LV "SKSHFKRGDWH O "! K! PHP in different ways. Just remember ERG\! that if it’s not inside a "SKS"! KWPO! container, it is treated like plain-old HTML. Anything inside those "SKS"! test2.php: containers are executed, and the output is sent to the browser window. "SKS Often, PHP code won’t have any HFKR KWPO! output, and so nothing is displayed HFKR ERG\! on the screen. But, if you want to HFKR K!7KHFXUUHQWGD\LVGDWH O  K! use PHP, it must be inside those tags, HFKR ERG\! namely: "SKS3+3678))+(5("!.

HFKR KWPO!

"! Let’s Make Something! I created a simple landing page in PHP. Feel free to copy that into two (Figure 2 shows its output.) You can

Figure 1. It’s not “Hello World”, but I’ll admit, it’s dangerously close.

48 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 48 11/17/14 12:29 PM COLUMNS THE OPEN-SOURCE CLASSROOM

Figure 2. This is the portal. Your family probably will be less silly looking!

download it at http://snar.co/ljphp. called MVRQ and then use the It’s also shown in Listing 1. Unzip MVRQBGHFRGH function to break that the file, and put it in your Web apart into an array. Check out the server so you can edit it and make Working with Arrays sidebar for some it work for you. tips on looking at the array itself so Notice the first line has "SKS in you can see what it contains. it—that means it starts with a section After that little bit of variable of PHP code rather than HTML. The work, the PHP section closes with first thing you do is load a weather a "! on line 8. From that point on, API into a PHP array. You’ll need to it’s mostly HTML coding that should register on Wunderground to get your look fairly clear. Basically, I created a own API key (they’re free), and then simple table. In the first cell, there is a modify the URL to fit your location. picture of my family (you can add your Basically, it’s a two-step process: you own fam.jpg to the same folder where load the JSON string into a variable the php file lives), and then I open

WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 49

LJ248-Dec2014.indd 49 11/17/14 12:29 PM COLUMNS THE OPEN-SOURCE CLASSROOM

another section of PHP code. Here I on the screen, put a dot in between print some of the information from them outside the quotation marks. the Weather API. You can figure most After some more HTML code, there of it out, but of particular note are is a section that checks Web servers the periods in the echo statements. If to see if they’re up. It’s important to you want to print more than one thing know that “is_up” is not a built-in PHP

Listing 1. Example Landing Page  "SKS HFKR*RRJOHLV "SKS LVBXS ZZZJRRJOHFRP 

HFKR EU! 7KLVLVDFRPPHQW7KHQH[WOLQHVIHWFKZHDWKHULQIR HFKR/LQX[-RXUQDOLV DQGWKHQWXUQLWLQWRD3+3DUUD\

HFKR%ODU[QRWLV MVRQ ILOHBJHWBFRQWHQWV KWWSDSLZXQGHUJURXQGFRP LVBXS ZZZZEODU[QWFRP  ´DSL<285B$3,B*2(6B+(5(FRQGLWLRQVSZVTMVRQ  "! ZHDWKHU MVRQBGHFRGH MVRQ758(   WG! "!

KWPO!  WGFROVSDQ ! KHDG! WLWOH!/DQGLQJ3DJH WLWOH! KHDG!  "SKSHFKR EU! FHQWHU!6HUYHU8SWLPH ERG\! ´VKHOOBH[HF XVUELQXSWLPH  FHQWHU!"! WDEOHVW\OH WH[WDOLJQOHIWZLGWKERUGHU   WG! ´FHOOSDGGLQJ FHOOVSDFLQJ ! WDEOH!  WG! ERG\!  LPJVW\OH ZLGWKS[DOW 7KH)DP KWPO! ´VUF IDPMSJ! EU!

 "SKS "SKS HFKR&XUUHQW7HPS IXQFWLRQLVBXS KRVWSRUW WLPHRXW  ´ZHDWKHU> FXUUHQWBREVHUYDWLRQ @> WHPSBI @ ^ ´) EU! IVRFN IVRFNRSHQ KRVWSRUWHUUQRHUUVWUWLPHRXW  HFKR&RQGLWLRQV LI IVRFN ´ZHDWKHU> FXUUHQWBREVHUYDWLRQ @> ZHDWKHU @ ^ ´ EU! HFKR'2:1 HFKR VPDOO!ZHDWKHU> FXUUHQWBREVHUYDWLRQ @ ` ´> REVHUYDWLRQBWLPH @ VPDOO! EU! else "! ^  WG! HFKR83  WGVW\OH YHUWLFDODOLJQWRS! ` 6KDZQ V9HU\6LPSOH3DJH EU! `  ELJ! VWURQJ! DKUHI KWWSZZZEUDLQRIVKDZQFRP!$UH

 EU! EU!

50 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM

LJ248-Dec2014.indd 50 11/17/14 12:29 PM COLUMNS THE OPEN-SOURCE CLASSROOM

function, rather it’s something I wrote to port 80 on the specified address. I to make the code cleaner. If you look made up blarxn0t.com so one would at the bottom of the file, you’ll see fail. Hopefully no one buys blarxn0t.com where I defined the function, and you just to spite me! (Note: don’t try to can see what it does. The only thing visit it, with my luck, somebody bought it checks is whether it can connect it and made it porn!)

Working with Arrays Arrays can be really confusing. In this article, I showed loading a JSON API feed into a PHP array, and then referenced a couple fields from inside that array. But how on earth do you know how to build those variable names like ZHDWKHU> FXUUHQWBREVHUYDWLRQ @> WHPSBI @? Thankfully, there’s a great tool for displaying arrays on the screen. Here’s a snippet of code that takes a copy of the JSON code from this article’s example and displays the entire array so you can see the names of the array indexes. You should be able to see how I created that variable name above:

DUUD\BYLHZSKS "SKS MVRQ ILOHBJHWBFRQWHQWV KWWSVQDUFRMVRQDSL  ZHDWKHU MVRQBGHFRGH MVRQ758(  HFKR SUH! SULQWBU ZHDWKHU  HFKR SUH! "!

When you load this page, it should display the entire array in an easy-to-read format in your browser. The

 tags are important; otherwise, it just jumbles the output all into a single line. Whenever I’m trying to figure out the contents of an array, I make a quick PHP file like this so I can look at it. Hopefully, you’ll be able to find the variable indexes, and it will make sense.
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 51
LJ248-Dec2014.indd 51 11/17/14 12:29 PM COLUMNS THE OPEN-SOURCE CLASSROOM
DEDICATED SERVERS. BY GEEKS FOR GEEKS. The last section of the PHP But, I urge you—don’t just look them document does a really cool PHP trick up and memorize how they work. and executes a local shell command, Come up with a problem and then solve dumping the output to the browser it! Everything I’ve learned in PHP started screen. So the results of the XSWLPH with a Google search like, “How do I command are printed at the bottom display large numbers with commas in of the landing page. If you have a PHP”, or “How do I round numbers in Windows server, it probably will just PHP”, or even “How do I multithread error out, but I’m assuming we’re all queries in PHP for parallel processing?” using Linux here. (That last one is by far the most complex thing I’ve done so far!) To Infinity and Beyond! PHP coding is incredibly fun. I can’t This first simple PHP page is just believe I’m saying that, but it’s true. that, very simple. I touched on a few If you love Bash and can’t imagine advanced subjects though, and I hope living without it, I suspect you’ll love you explore more from here. Arrays are PHP, because it’s a lot like Bash, but really cool and make working with APIs a Web browser gets to be the input/ from Web sites a breeze. If you liked output mechanism! If you’d like me to this little taste of PHP, I recommend do more project-based learning with you look into the following: programming languages, please let me know. I’d love a reason to come up with Q IF/THEN/ELSE conditionals. fun projects, but it only makes sense if everyone wants to play along!Q Q For loops. Shawn Powers is the Associate Editor for Linux Journal. Q While loops. He’s also the Gadget Guy for LinuxJournal.com, and he has an Linux Journal Magazine Exclusive Offer* interesting collection of vintage Garfield coffee mugs. Don’t let Q Reading and writing files on his silly hairdo fool you, he’s a pretty ordinary guy and can be % the system. reached via e-mail at [email protected]. Or, swing by the #linuxjournal IRC channel on Freenode.net. 15 OFF Q GET and POST variables. Call 1.888.840.9091 | serverbeach.com Q Functions. Send comments or feedback via Sign up for any dedicated server at ServerBeach and get 15% off*. Use the promo code: LJ15OFF when ordering. http://www.linuxjournal.com/contact * Offer expires December 31st, 2010. Q Including other PHP files. or to [email protected]. Terms and conditions: © 2010 ServerBeach, a PEER 1 Company. Not responsible for errors or omissions in typography or photography. This is a limited time offer and is subject to change without notice. Call for details. 52 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 52 11/17/14 12:29 PM DEDICATED SERVERS. BY GEEKS FOR GEEKS.
Linux Journal Magazine Exclusive Offer* 15 %OFF
Call 1.888.840.9091 | serverbeach.com Sign up for any dedicated server at ServerBeach and get 15% off*. Use the promo code: LJ15OFF when ordering. * Offer expires December 31st, 2010.
Terms and conditions: © 2010 ServerBeach, a PEER 1 Company. Not responsible for errors or omissions in typography or photography. This is a limited time offer and is subject to change without notice. Call for details.
LJ248-Dec2014.indd 53 11/17/14 12:29 PM NEW PRODUCTS
Opengear’s CM7100 Console Server
Enterprises need solutions that help them leverage their existing equipment and tools securely and efficiently, asserts Opengear, provider of critical infrastructure management solutions. This should occur, Opengear adds, without myriad logins and security procedures when accessing multiple devices. This philosophy underpins Opengear’s new CM7100 Console Server, a state-of-the-art appliance that offers dramatically simplified console management, high reliability and strong security for maximizing the uptime of enterprise networks. The CM7100 is a 16–48 port serial console server that enables network administrators to manage sprawling and complex infrastructure of switches, routers, PDUs, firewalls, servers, UPSes and other critical data-center equipment from a wide array of vendors securely and efficiently. Other key product features include enterprise-grade security with FIPS 140-2 certified SSL, SSH and VPN; dual LAN ports for main and secondary networks; and audit/trail logging to 4GB local storage or a remote log server. http://opengear.com
The Icinga Project’s Icinga Exchange
The new Icinga Exchange is a central repository for plugins, files, programs and add-ons that extend Icinga and compatible projects like Nagios, Shinken or Naemon. The repository allows users to search, store and rate Icinga-compatible extensions easily and connect with the people behind them. The project’s Solr-based search engine and navigation tags ensure that searches are quick and easy. Users can choose from manual upload or an automated GitHub sync, the latter “taking the fuss out of maintaining a second project site”, notes the Icinga Project. Currently more than 500 projects are available on Icinga Exchange, many of which migrated to the new repository with the previously established Monitoring Exchange repository. The Icinga Project also emphasizes its openness to plugins and add-ons that are compatible with related monitoring tools. http://exchange.icinga.org
54 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 54 11/17/14 12:29 PM NEW PRODUCTS
Untangle NG Firewall
The network software and appliance specialist, Untangle, Inc., recently announced a faster, more agile version 11 of its Untangle NG Firewall software. Untangle claims that its NG Firewall product brings a combination of enterprise-grade capabilities and consumer-oriented simplicity to the management of every aspect of network control. Most notably, version 11 of the solution adds performance gains to the Virus Blocker to address the ever-present and growing threats of malware and to the Spam Blocker to keep unwanted e-mail at bay. In addition, besides an updated kernel, Untangle further added new technologies from the company’s IC Control product, improving both HTTPS processing and Captive Portal. http://untangle.com
SSH Communications’ Secure Shell HealthCheck
Since news of the Shellshock Bash vulnerability broke, revelations about the impact of the bug have grown, including reports of lost or stolen Secure Shell (SSH) keys being used to access sensitive information covertly. In reaction to Shellshock, SSH Communications Security announced the release of Secure Shell HealthCheck, a solution for discovering major risk and compliance violations related to all aspects of SSH in data-center environments. SSH HealthCheck helps to reduce the risk of failed audits and cyber-security breaches from hackers or malicious insiders. SSH Communications Security, whose chief innovation officer is SSH inventor Tatu Ylönen, recommends properly scanning and managing SSH keys, including comparing and auditing them against approved keys. The company claims that only its tools can achieve this. http://www.ssh.com
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 55
LJ248-Dec2014.indd 55 11/17/14 12:29 PM NEW PRODUCTS
 iTrinegy’s NE-ONE
The NE-ONE solution was developed by iTrinegy to confront the demands that come from users’ accessing applications across myriad devices and mixed networks. NE-ONE enables businesses to understand, predict and manage the performance of applications across today’s diverse networks, keeping the performance of networks and applications at their best. iTrinegy says that with NE-ONE, it has eliminated the complexity of dealing with the ecosystem of public, private, cloud, mobile and virtual networks. NE-ONE also offers a modular design, so customers use just the solutions they need, when they need them. NE-ONE comes in two variants: Edge is the ready-to-go hardware-based solution, and Flex is the agile virtual appliance-based solution that can be deployed quickly wherever it’s needed on to a network. http://www.itrinegy.com
John Baichtal’s Robot Builder (Que)
The topic of DIY robots is so us, fellow Linuxers. Publishing HOUSE 1UE SAYS THAT AUTHOR *OHN "AICHTALS NEW BOOK Robot Builder: The Beginner’s Guide to Building Robots will help readers learn the craft of robot building from the ground up in an easy, fun and hands-on way. As the subtitle implies, absolutely no experience is needed. Baichtal has been a veteran author in the DIY [insert geek toy] space for many years and has helped many an INTRIGUED BY ROBOT GEEK GET STARTED WITH ROBOTICS "AICHTAL AND 1UE HAVE BROUGHT together a wealth of practical robotics know-how into “one incredibly easy tutorial”. Hundreds of full-color photos guide readers through every step and skill and get them building the first working robot (of 30 total) in the very first chapter. Throughout the book, skill building grows to expert level, and readers will find themselves powering motors, configuring sensors, constructing a chassis and even programming low-cost Arduino microcontrollers. http://www.informit.com
56 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 56 11/17/14 12:29 PM NEW PRODUCTS
Rockstor, Inc.’s RockStor NAS
In classic Linux style, the new Rockstor Network Attached Storage solution from the team at Rockstor, Inc., is free, open- source and versatile. Supporting all popular file-sharing protocols, including NFS, Samba/CIFS and SFTP, Rockstor is available as a complete Linux distribution in ISO file format or a USB image and can be installed on bare metal or as a virtual machine. Rockstor’s underlying Linux distro is CentOS and the supported filesystem is BTRFS. A pluggable Smart Probe mechanism and a growing list of smart probes provide detailed on-demand information about the various aspects of storage infrastructure. Rockstor supports advanced features for businesses of all sizes ranging from small to large enterprises—for example, snapshots, fast cloning, thin provisioning, dynamic volume management and replication over WAN. The solution comes with a clean, user-friendly Web UI to manage storage operations conveniently. http://www.rockstor.com
Eltechs ExaGear Desktop Eltechs hopes to lure ARM-based mini-PC users to try its ExaGear Desktop, which the company says can run virtual Intel x86 apps  TIMES FASTER THAN COMPETITOR 1%-5 %LTECHS %XA'EAR $ESKTOP is a virtual machine that implements a virtual x86 Linux container on ARM-based mini PCs, enabling the direct and simultaneous running of both x86 Linux and native applications. In addition, MS Windows applications can be run via the Wine emulator. The current version does not support applications that require kernel modules nor does it support 3-D hardware. http://eltechs.com
Please send information about releases of Linux-related products to [email protected] or New Products c/o Linux Journal, PO Box 980985, Houston, TX 77098. Submissions are edited for length and content.
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 57
LJ248-Dec2014.indd 57 11/17/14 12:29 PM FEATURE Readers’ Choice Awards 2014 READERS’ CHOICE AWARDS 2014 We added a couple great new categories this year, so be sure to read on to see the results!
SHAWN POWERS
 t’s time for another Readers’ Choice issue of Linux Journal! The format last year was well received, so we’ve followed suit making your voices heard loud again. I couldn’t help but add some commentary in a few places, but for the most I part, we just reported results. Please enjoy this year’s Readers’ Choice Awards! 58 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 58 11/17/14 12:29 PM BEST LINUX DISTRIBUTION Although this year the Debian/Ubuntu-based distros took the lion’s share of the votes, the “Best Linux Distribution” category is a bit like “Best Kind of Pizza”—even the bottom of the list is still pizza. It’s hard to go wrong with Linux, and the wide variety of votes only proves how many different choices exist in our wonderful Open Source world. 16.5% Ubuntu 16.4% Debian 2.5% Xubuntu .4% Tails 11% Linux Mint 2.3% Other .3% Android-x86 8.5% Arch Linux 1.6% Red Hat Enterprise Linux .3% Bodhi Linux 8.3% Fedora 1.4% NixOS .3% Chakra 6% CentOS 1.3% elementary OS .3% Kali Linux 5.3% openSUSE 1.2% Lubuntu .3% PCLinuxOS 4.1% Kubuntu 1% CrunchBang .3% SolydK 2.9% Gentoo .7% Mageia .1% Mandriva 2.7% Slackware .4% LXLE .1% Oracle Linux 
BEST MOBILE LINUX OS Android is such a dominant force in the mobile world, we decided to allow Android variants to be counted separately. So although the underlying system on some of these are indeed Android, it seems far more informative this way. 37.1% Stock Android 27.6% Sailfish OS 3% Ubuntu Phone .8% Replicant 20.2% CyanogenMod 1.5% Amazon Fire OS .8% Tizen 3% Other 1.4% Ubuntu for Android
BEST LINUX SMARTPHONE MANUFACTURER 29% Samsung 26.7% Jolla 5.3% LG 1% GeeksPhone 16.5% Nexus 3.7% Sony .6% Amazon 7.1% Other* 1.8% Nokia *Under “Other”, Motorola got many 7% HTC 1.4% Huawei write-ins, followed by OnePlus.
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 59
LJ248-Dec2014.indd 59 11/17/14 12:29 PM FEATURE Readers’ Choice Awards 2014
BEST LINUX TABLET 35.3% Google Nexus 7 14.8% Google Nexus 10 14% Samsung Galaxy Tab 9.8% Samsung Galaxy Note 8.4% ASUS Transformer Pad 6.4% Other 4.7% Kindle Fire HD 2% ASUS MeMO Pad 1.6% Dell Venue 1.4% Acer Iconia One .9% Samsung Galaxy Note Edge .7% Ekoore Python S3 
BEST OTHER LINUX-BASED GADGET (NOT INCLUDING SMARTPHONES OR TABLETS) We are a Raspberry Pi-loving bunch, that’s for sure! But really, who can blame us? With the new B+ model, the already awesome RPi is getting sleeker and more useful. I’m no fortune teller, but I suspect I know next year’s winner already. 71.4% Raspberry Pi 8.1% BeagleBone Black 1.1% Yamaha Motif XF8 .4% LG G Watch 4.3% Other* .8% Nvidia Jetson-K1 .4% RaZberry 3.7% Lego Mindstorms Ev3 Development System .4% VolksPC 3.4% Moto 360 .5% Cloudsto EVO Ubuntu .2% IFC6410 Pico-ITX Board 1.7% Cubieboard Linux Mini PC .1% JetBox 5300 1.7% Parrot A.R Drone .5% VoCore Open *Under “Other”, the most popular 1.4% Samsung Gear S Hardware Computer write-ins were Odroid and CuBox.
60 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 60 11/17/14 12:29 PM BEST LAPTOP VENDOR This category used to be a rating of which vendors worked the best with Linux, but thankfully, now most laptops work fairly well. So, we truly get to see the cream rise to the top and focus on things other than “it works with Linux”. It’s awesome living in the future. 32% Lenovo 19.3% ASUS 1.9% ThinkPenguin .1% Eurocom 18.5% Dell 1.8% LinuxCertified 10.6% System76 1.6% ZaReason *Under “Other”, the most popular write-ins were (in this order) 7.9% Other* 1.5% EmperorLinux Apple running Linux, HP, Toshiba 4.5% Acer .3% CyberPower and Samsung.
BEST LINUX DESKTOP WORKSTATION VENDOR 36.8% Dell 19.6% System76 9.4% Penguin Computing 1.4% CyberPower 17.5% Hewlett-Packard 2.7% ZaReason *Under “Other”, most of the 10.3% Other* 2.3% Microway write-ins were “Build your own”.
BEST LINUX SERVER VENDOR 31.4% Dell 21.2% IBM 4.7% Other* .7% Servers Direct 19% Hewlett-Packard 3% ZaReason 9.5% Supermicro 2.8% iXsystems *Under “Other”, most of the write-ins 5.9% Penguin Computing 1.9% Microway again were “Build your own”.
BEST ANDROID APP 26.7% JuiceSSH 24% Other* 6.7% Navfree *Under “Other”, the most popular votes were (in this order) OsmAnd, 16.3% Waze 1.7% Memrise F-Droid, ConnectBot, K-9 Mail, 14% feedly 1.3% QuizUp Google Maps, Google Now, 7.9% Google Goggles .6% FreedomPop Tasker, Wifi Analyzer, AirDroid, 7% Ayat Messaging KeePassDroid and Titanium Backup.
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 61
LJ248-Dec2014.indd 61 11/17/14 12:29 PM FEATURE Readers’ Choice Awards 2014
BEST CONTENT MANAGEMENT SYSTEM 34.7% WordPress 25.3% Drupal 1.1% ikiwiki 11.1% Joomla! .7% eZ publish 10.5% MediaWiki .4% Wolf CMS 10% Other* .3% Elgg *Under “Other”, the most popular 4.3% Alfresco .2% Blosxom write-ins were (in this order) 1.3% WebGUI DokuWiki, Plone, Django and Typo3.
BEST LINUX-FRIENDLY WEB HOSTING COMPANY When it comes to Web hosting, it’s hard to find a company that isn’t Linux-friendly these days. In fact, finding a hosting provider running Windows is more of a challenge. As is obvious by our winner (“Other”), the options are amazing. Perhaps a “Worst Web Hosting” category would be more useful! 22.8% Other* 22.5% Amazon 2.9% LAMP Host .4% Netfirms 13.1% Rackspace 2.6% Hurricane Electric .4% Prgmr 10.4% Linode .6% Liquid Web 6.5% GoDaddy.com .6% RimuHosting 5.6% OVH .5% Host Media *Under “Other”, the most write-ins went to (in this order) Digital Ocean 5.4% DreamHost .5% Savvis (by a landslide), followed by Hetzner, 4.8% 1&1 .4% Blacknight Solutions BlueHost and WebFaction.
BEST WEB BROWSER Firefox takes the gold this year by a significant margin. Even if you combine Chrome and Chromium, Firefox still takes the top spot. There was a time when we worried that the faithful Firefox would fade away, but thankfully, it’s remained strong and continues to be a fast, viable, compatible browser. 53.8% Firefox 26.9% Chrome 2% Other .4% QupZill 8.1% Chromium .8% SeaMonkey .2% Dillo 4% Iceweasel .5% rekonq 3% Opera .4% dwb 
62 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 62 11/17/14 12:29 PM BEST E-MAIL CLIENT If I didn’t know firsthand how many hard-core geeks live among us, I might accuse Kyle Rankin of voting fraud. His beloved Mutt e-mail client doesn’t take top spot, but for a program without any graphical interface, third place is impressive! 44.4% Mozilla Thunderbird 24.7% Gmail 3.2% Other 1.7% Geary 6.8% Mutt 2.2% Claws Mail 1% SeaMonkey 5.5% Evolution 2% Zimbra .9% Opera Mail 5.3% KMail 1.8% Alpine .4% Sylpheed 
BEST AUDIO EDITING TOOL 69.1% Audacity 10.8% FFmpeg 1.3% SoX 9.7% VLC 1.1% Mixxx 4.9% Ardour .7% LMMS 1.9% Other .5% Format Junkie 
BEST AUDIO PLAYER We figured VLC would take top spot in the video player category (see below), but it was a bit of a surprise to see how many folks prefer it as an audio player as well. Perhaps it’s become the one-stop shop for media playback. Either way, we’re thrilled to see VLC on the top. 25.2% VLC 15.3% Amarok 3.1% XBMC .4% Mixxx 10.4% Rhythmbox 3% foobar2000 .4% MPC-HC 8.6% Clementine 2.4% Xmms .4% Subsonic 6.1% MPlayer 1.2% DeaDBeeF .3% Nightingale 5.9% Spotify .9% MOC .2% Decibel Audio Player 5.5% Audacious .8% cmus 
4.6% Banshee .8% Ncmpcpp *Under “Other”, Quod Libet had 4% Other* .6% Guayadeque the most write-ins.
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 63
LJ248-Dec2014.indd 63 11/17/14 12:29 PM FEATURE Readers’ Choice Awards 2014
BEST VIDEO PLAYER 64.7% VLC 14.5% MPlayer 1.9% Kaffeine .2% Daum Potplayer 6.4% XBMC 1.6% mpv .1% Clementine 2.7% Totem 1.6% MythTV 2.7% Other* 1.4% Amarok *Under “Other”, most write-ins 2% Plex .3% Xmms were for SMPlayer.
BEST VIDEO EDITOR This is another testament to the geek factor when it comes to our readers. We didn’t specify “non-linear editor”, so by a transcoding technicality, VLC eked out a win in the video editing category. Well played, VLC, well played. 17.5%VLC 16.4% Kdenlive 7.5% Cinelerra 1.4% LiVES 15.1% Blender 4.9% PiTiVi .6% Shotcut 13.2% Avidemux 4.8% LightWorks .4% Jahshaka 13.2% OpenShot 4.7% Other .4% Flowblade 
BEST CLOUD-BASED FILE STORAGE In a category that used to have few options, Dropbox still takes top spot, but the margin is closing. It’s hard to argue against Dropbox’s convenience and stability, but hosting your own data on ownCloud gives it quite a boost into the second-place spot. 30.5% Dropbox 23.6% ownCloud 4.4% SpiderOak *Under “Other”, the most write-ins went to Younited and MEGA. Many 16% Google Drive 1.8% Box also said things like “no cloud is 8.3% rsync 1% Copy the best choice/my files stay on my 7.5% Other* .3% AjaXplorer storage/local only”. 6.6% Amazon S3
64 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 64 11/17/14 12:29 PM BEST LINUX GAME I rarely play games, so every year I look forward to this category to find the most popular options for those few times I do. I’m personally tickled to see NetHack so high on the list, especially considering the opposition. There’s just something about wandering around random tunnels that appeals to the old-school DnD player in all of us. 26.5% Civilization 5 23.5% Other* 3.7% Scorched 3D .9% Ryzom 8.7% Team Fortress 2 3.6% Destiny 8.4% NetHack 1.9% Ultima IV 7.1% X-Plane 10 1.8% FreeCol *Under “Other”, the most write-ins were (in this order) Minecraft, 6.1% Dota 1.4% Kpat 0 A.D., Frozen Bubble, Battle for 5.4% Bastion 1.1% FreeOrion Wesnoth, Portal and Counter Strike.
BEST BACKUP SOLUTION 23.5% Other* 18.9% Clonezilla 3.2% Back In Time *Under “Other”, the most popular answer was “my own scripts” or 14.3% Dropbox 2.1% luckyBackup “rsync”, followed by BackupPC, 11.7% Bacula 1.7% Tivoli Storage Manager Duplicity, Spider Oak, rsnapshot 9% rdiff-backup .9% Symantec Backup Exec and Deja Dup (in that order). 8.5% CrashPlan .5% Areca-Backup 5.6% Amanda .3% Storix 
BEST VIRTUALIZATION SOLUTION I think the relationship with Vagrant has helped Oracle’s VirtualBox significantly in popularity. Yes, Vagrant works with other virtualization platforms, but since it so seamlessly integrates with VirtualBox, I think it gets quite a boost. Virtualization is such an efficient and reliable way to implement systems, bare- metal solutions are almost a thing of the past! 33.4% Oracle VM VirtualBox 22.3% VMware 4.2% Other* *Under “Other”, the most write-ins went to Docker, 21.1% KVM 1.7% OpenVZ ProxMox and LXC, in that order. 5.7% XEN 1.3% Linux-VServer 5.3% QEMU .1% Symantec Workspace 4.9% OpenStack Virtualization 
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 65
LJ248-Dec2014.indd 65 11/17/14 12:29 PM FEATURE Readers’ Choice Awards 2014
BEST MONITORING APPLICATION 27.1% Nagios 20.7% Wireshark .7% NTM (Network 12.3% htop Traffic Monitor) 10.5% Zabbix .7% xosview 8.6% Other* .5% Manage Engine 6.2% Zenoss .3% FlowViewer 3.4% Munin .2% Circonus 2.8% PC Monitor .2% SysPeek 1.9% New Relic 1.2% Opsview *Under “Other”, most write-ins 1% SaltStack went to Icinga and OpenNMS.
BEST DEVOPS CONFIGURATION MANAGEMENT TOOL It was interesting to see Git take top spot in this category, because although it certainly would work to use standard version control on configuration files, I always assumed it would be used alongside tools like Chef or Puppet. If nothing else, the DevOps movement has taught crusty old system administrators like myself to treat configuration files like code. Version control is incredible, and it seems as though most readers agree. 39.4% Git 17.2% Puppet 5% Chef *Under “Other”, most write-ins went to NixOps. 8.9% Ansible 5.4% SaltStack 8.8% cron jobs 4.6% Other* 7.6% Subversion 3% CFEngine
BEST OPEN-SOURCE SECURITY TOOL 21.9% Nmap 18.4% Kali Linux (formerly 6.5% pfSense 3.7% Other BackTrack Linux) 6% Tails 2.4% AIDE 15.6% KeePass 4.9% Netfilter 2.1% OSSEC 13.9% Tor 4.8% Metasploit
66 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 66 11/17/14 12:29 PM BEST PROGRAMMING LANGUAGE 30.2% Python 17.8% C++ 1.4% Haskell 16.7% C 1.2% Lisp 7.1% Perl .6% Erlang 6.9% Java .6% Rust 4.6% Other* .4% D 4.3% Ruby .1% Hack 2.4% Go 2.4% JavaScript *Under “Other”, 2.2% QML most write-ins went to Scala, PHP and 1.4% Fortran Clojure (in that order).
BEST SCRIPTING LANGUAGE Python is incredibly powerful, and it appears to be a favorite in both the scripting and programming categories. As someone who knows Bash and a little PHP, I think it’s clear what I need to focus on as I delve into the world of development. Meaningful whitespace, here I come! 37.1% Python 27% Bash/Shell scripts 4.9% Ruby 11.8% Perl 2.1% Other 8.4% PHP 2% Lua 6.7% JavaScript
BEST TEXT EDITOR 45.6% vi/vim 11.6% Emacs 8.1% Other* *Under “Other”, a large amount of write-ins went 11% gedit 4.1% Geany to Sublime. 9.5% Nano 1.3% joe 8.8% Kate
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 67
LJ248-Dec2014.indd 67 11/17/14 12:29 PM FEATURE Readers’ Choice Awards 2014
BEST NEW LINUX/OPEN-SOURCE PRODUCT/PROJECT Docker is clearly our winner here, and rightly so—what a game-changing technology. It’s nice to see Jolla/Sailfish get some love as well. We love Android, but having a choice is a vital part of who we are as Open Source advocates. 28% Docker 19% Jolla and Sailfish OS 4% Git 2% Zabbix 7% LibreOffice 3% Apache Cordova/ 2% CoreOS 5% ownCloud OpenOffice/Spark/Tika 2% Firefox OS 5% Steam 2% Ansible 1% KDE Connect 5% Zenoss Control Center 2% Elementary OS 1% NixOS and NixOps 4% Raspberry Pi 2% OpenStack 1% Open Media Vault
COOLEST THING YOU’VE EVER DONE WITH LINUX This is my favorite new category for the Readers’ Choice Awards. Imagine attending a Linux conference and asking everyone the coolest thing they’ve done with Linux. That’s basically what happened here! We’ve listed a handful of our favorites, but for the entire list, check out our Web site: http://www.linuxjournal.com/rc2014/coolest. Note: the most common answers were “use it”; “rescue data/photos/ whatever off broken Windows machines”; “convert friends/family/businesses to Linux”; “learn”; “teach”; “get a job”; “home automation”; and “build a home media server”. The following list is of our favorite more-specific and unique answers, not the most common ones.
Q Building my procmail pre-spam spam filter Q A robot running Linux (for the back in the mid-late 1990s. Eurobot annual competition).
Q 450-node compute cluster. Q Accidentally printing on the wrong continent. Q 7.1 channel preamp with integrated mopidy music player. Q Adding an audio channel to a video while also syncing it.
68 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 68 11/17/14 12:29 PM Q Analyzed NASA satellite data with Q Hacked my coffee machine to send me a self-written code. text message when the coffee is ready.
Q Annoyed the cat remotely. Q Introduced my daughter to Lego Mindstorm EV3. Q Automated my entire lighting setup in my house to respond to voice and Q Monitor the temp and humidity of my my mobile apps. wine cellar and open the doors when too hot or humid. Q Automatic window plant irrigation system. Q Replaced the controller in my hot tub Q Bathroom radio. with a Raspberry Pi.
Q Brewing beer. Q Scripted opening and closing of a co-worker’s CD tray every 15 seconds Q Built an application that runs on the for four days. International Space Station. Q Used an LFS system to move ACH transfers Q Built a system for real-time toll collection for a national gas company. for a major toll highway system. Q Flushed my toilet from another city. Q Built our own smartphone. Q Remote chicken door. Q Built Web-based home alarm system on Raspberry Pi. Q Web-based sprinkler controller for 16 stations on a Raspberry PI (also control Q Cluster of Raspberry Pis to crack the pool and yard lights). encrypted office documents. Q Chaining SSH tunnels together to get from Q Controlled my Parrot drone. work to home via three hops due to restrictive network settings. Q Controlled the comms for 186 Wind turbines. Q Built a system that monitors a renewable energy installation with Q Controlling my Meade Telescope with two fixed solar arrays, a two axis sun Stellarium under Linux. tracking solar array and a wind turbine. Production and weather data are Q Converted my old VHS family videos, using displayed on a Web site in real time. a laptop more than ten years old. Q Back in the days of modems, I had Q Created a mesh network in the subarctic. my computer call up my girlfriend Q Created an ocean environmental sensor every morning, so she would wake up buoy with radio data transmitter. and go to work.
Q Discovered new planets. Q Used a Wii controller, through Bluetooth with my Linux computer Q Fixed a jabber server in Denver, USA, as an Infrared Camera, to detect the while in a hotel lobby in Amman, Jordan. movement of my daughter’s Fisher Price Sit and Spin Pony, and to control Q Got Linus’ autograph on a Red Hat 5.0 CD. a video game.
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 69
LJ248-Dec2014.indd 69 11/17/14 12:29 PM FEATURE Readers’ Choice Awards 2014
SINGLE-MOST IMPORTANT TOOL YOU USE AT WORK Note: this category was write-in only, and many people listed more than one tool. Many people also answered “my brain”, “my fingers”, “my computer” or “Linux itself”, because we failed to specify that it be a Linux tool. Thus, figuring out the percentages for this category was nearly impossible. The list below gives the answers for the most-popular “Single-Most Important Linux-specific Tool You Use At Work”, in order. SSH
Vi/Vim LibreOffice Bash Eclipse Git Emacs Terminal/Shell While this entire list is full of awesome and useful tools, my needs line up with the majority of readers. SSH and Vim are my bread and butter. Someday, those Emacs people will see the light.
We’d like to make Readers’ Choice Shawn Powers is the Associate Editor for Linux Journal. He’s Awards even better next year. Please also the Gadget Guy for LinuxJournal.com, and he has an send ideas for new categories and interesting collection of vintage Garfield coffee mugs. Don’t let any comments or feedback via his silly hairdo fool you, he’s a pretty ordinary guy and can be http://www.linuxjournal.com/contact reached via e-mail at [email protected]. Or, swing by or to [email protected]. the #linuxjournal IRC channel on Freenode.net.
70 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 70 11/17/14 12:29 PM Linux Journal_Layout 1 11/18/14 11:15 AM Page 1
SharePoint is at the Crossroads – Which Way Will You Go? SharePoint in the cloud or on premises? Or both? Come to SPTechCon Austin - 2015 and learn about the differences between Office 365, cloud-hosted February 8 11, 2015 SharePoint, on-premises SharePoint, and hybrid solutions and build your Renaissance Austin Hotel company’s SharePoint Roadmap!
For developers, the future means a new app model and new app paradigms. For IT pros and SharePoint admins, it’s trying to retain control over an installa- 80+ Classes tion that’s now in the cloud. For information workers and their managers, it’s about learning how to work ‘social.’ But it’s not for everyone. 40+ Microsoft Expert Where do you need to be? Speakers The answer is simple: SPTechCon Austin. With a collection of the top SharePoint MVPs and expert speakers, more than 80 classes and tutorials Get Your Texas-Sized to choose from and panels focused on the changes in SharePoint, SPTechCon will teach you how to master the present and plan for the future. Registration Discount— Migrate to SharePoint 2013! Prepare for Office 365! Register NOW! Build Your Hybrid Model! www.sptechcon.com A BZ Media Event SPTechCon™ is a trademark of BZ Media LLC. SharePoint® is a registered trademark of Microsoft. 
LJ248-Dec2014.indd 71 11/18/14 2:25 PM KNOWLEDGE HUB
WEBCASTS Learn the 5 Critical Success Factors to Accelerate IT Service Delivery in a Cloud-Enabled Data Center Today's organizations face an unparalleled rate of change. Cloud-enabled data centers are increasingly seen as a way to accelerate IT service delivery and increase utilization of resources while reducing operating expenses. Building a cloud starts with virtualizing your IT environment, but an end-to-end cloud orchestration solution is key to optimizing the cloud to drive real productivity gains.
> http://lnxjr.nl/IBM5factors
Modernizing SAP Environments with Minimum Risk—a Path to Big Data Sponsor: SAP | Topic: Big Data Is the data explosion in today’s world a liability or a competitive advantage for your business? Exploiting massive amounts of data to make sound business decisions is a business imperative for success and a high priority for many firms. With rapid advances in x86 processing power and storage, enterprise application and database workloads are increasingly being moved from UNIX to Linux as part of IT modernization efforts. Modernizing application environments has numerous TCO and ROI benefits but the transformation needs to be managed carefully and performed with minimal downtime. Join this webinar to hear from top IDC analyst, Richard Villars, about the path you can start taking now to enable your organization to get the benefits of turning data into actionable insights with exciting x86 technology.
> http://lnxjr.nl/modsap
WHITE PAPERS White Paper: JBoss Enterprise Application Platform for OpenShift Enterprise Sponsor: DLT Solutions Red Hat’s® JBoss Enterprise Application Platform for OpenShift Enterprise offering provides IT organizations with a simple and straightforward way to deploy and manage Java applications. This optional OpenShift Enterprise component further extends the developer and manageability benefits inherent in JBoss Enterprise Application Platform for on-premise cloud environments.
Unlike other multi-product offerings, this is not a bundling of two separate products. JBoss Enterprise Middleware has been hosted on the OpenShift public offering for more than 18 months. And many capabilities and features of JBoss Enterprise Application Platform 6 and JBoss Developer Studio 5 (which is also included in this offering) are based upon that experience.
This real-world understanding of how application servers operate and function in cloud environments is now available in this single on-premise offering, JBoss Enterprise Application Platform for OpenShift Enterprise, for enterprises looking for cloud benefits within their own datacenters.
> http://lnxjr.nl/jbossapp
72 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 72 11/17/14 12:29 PM KNOWLEDGE HUB
WHITE PAPERS Linux Management with Red Hat Satellite: Measuring Business Impact and ROI Sponsor: Red Hat | Topic: Linux Management
Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to de- ploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.
> http://lnxjr.nl/RHS-ROI
Standardized Operating Environments for IT Efficiency Sponsor: Red Hat
The Red Hat® Standard Operating Environment SOE helps you define, deploy, and maintain Red Hat Enterprise Linux® and third-party applications as an SOE. The SOE is fully aligned with your requirements as an effective and managed process, and fully integrated with your IT environment and processes.
Benefits of an SOE:
SOE is a specification for a tested, standard selection of computer hardware, software, and their configuration for use on computers within an organization. The modular nature of the Red Hat SOE lets you select the most appropriate solutions to address your business' IT needs.
SOE leads to:
 s $RAMATICALLY REDUCED DEPLOYMENT TIME
 s 3OFTWARE DEPLOYED AND CONFIGURED IN A STANDARDIZED MANNER
 s 3IMPLIFIED MAINTENANCE DUE TO STANDARDIZATION
 s )NCREASED STABILITY AND REDUCED SUPPORT AND MANAGEMENT COSTS
 s 4HERE ARE MANY BENEFITS TO HAVING AN 3/% WITHIN LARGER ENVIRONMENTS SUCH AS
 s ,ESS TOTAL COST OF OWNERSHIP 4#/ FOR THE )4 ENVIRONMENT
 s -ORE EFFECTIVE SUPPORT
 s &ASTER DEPLOYMENT TIMES
 s 3TANDARDIZATION
> http://lnxjr.nl/RH-SOE
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 73
LJ248-Dec2014.indd 73 11/17/14 12:29 PM INDEPTH Real-Time Rogue Wireless Access Point Detection with the Raspberry Pi Build a Raspberry Pi-based Kismet sensor network to hunt rouge wireless access points. CHRIS JENKS
Years ago, I worked for an with Fluke Networks’ AirMagnet, at automotive IT provider, and the time a proprietary external Wi-Fi occasionally we went out to the plants card and the software dashboard. The to search for rogue Wireless Access equipment required us to walk around Points (WAPs). A rogue WAP is one the plants—and that is never safe that the company hasn’t approved to due to the product lines, autonomous be there. So if someone were to go robots, parts trucks, HiLos, noise, roof and buy a wireless router, and plug access and so on. Also when IT people it in to the network, that would be a are walking around with laptops, rogue WAP. A rogue WAP also could employees on site will take notice. We be someone using a cell phone or MiFi became known, and the people with as a Wi-Fi hotspot. the rogue WAPs would turn them off The tools we used were laptops before we could find the devices.
74 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 74 11/17/14 12:29 PM INDEPTH
The payment card industry, with its network to watch for changes in data security standard (PCI-DSS), is Wi-Fi. A passive system, like Kismet the only one I could find that requires and Airodump-NG, collects all the companies to do quarterly scans packets in the radio frequency (RF) for rogue WAPs. Personally, I have that the card can detect and displays three big problems with occasional them. This finds hidden WAPs too, by scanning. One, as I said before, rogue looking at the clients talking to them. WAPs get turned off during scans In contrast, active systems, like the and turned back on after. Two, the old Netsumbler, try to connect WAPs scans are just snapshots in time. A by broadcasting null SSID probes and snapshot doesn’t show what the displaying the WAPs that reply back. day-to-day environment looks like, and This misses hidden networks. potential problems are missed. Third, A couple years ago, I decided to I think there is more value for every go back to school to get a Bachelor’s company to do the scans, regardless degree. I needed to find a single of whether they’re required. credit hour to fill for graduation. Later, when I was a network That one credit hour became an engineer at a publishing company, independent study on using the I found it was good to know what Raspberry Pi (RPi) to create a passive was on my employer’s network. real-time wireless sensor network. The company wanted to know if About the same time I left the employees followed policy. The automotive job, Larry Pesce of the company also was worried about SANS Institute wrote “Discovering data loss, especially around a couple Rogue Wireless Access Points Using projects. Other companies near Kismet and Disposable Hardware” us had set up their own wireless (http://www.giac.org/paper/ networks that caused interference gawn/7/discovering-rogue-wireless- with the ones we ran. Finally, I had access-points-kismet-disposable- to worry about penetration testers hardware/107273). This was a paper using tools like the WiFi Pineapple about real-time wireless sensors using and the Pwn Plug. These allow the Linksys WRT54GL router and network access over Wi-Fi beyond OpenWRT. But, I didn’t find out about the company’s physical perimeter. that until I had already re-invented One thing I always wanted was the wheel with the RPi. a passive real-time wireless sensor Today lots of wireless intrusion 
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 75
LJ248-Dec2014.indd 75 11/17/14 12:29 PM INDEPTH
Hardware
Below is the hardware per sensor—your prices may vary depending on where you buy and what’s on sale.
Cost of parts: $69.95 per sensor; I used six Raspberry Pis in the project.
Raspberry Pi Wireless Sensor Drone: Q Raspberry Pi Model B: $35.00 (found on sale for $29.99). Q 5v 1amp power supply: $9.99. Q Plastic Raspberry Pi case: $8.99. Q TP-Link TL-WN722N: $14.99. Q Class 10 SDHC 8-gigabit Flash card: $5.99.
Network: Q Cat 5e cable between 25–50’ long: already had. Q Linksys WRT54GL: already had. Q Linksys 16-port workgroup switch: already had.
Monitor and Kismet Sever: Q Laptop running Xubuntu Linux VM: already had.
 detection systems exist on the market, the RPi for this, I kept coming across but as listed in the Hardware sidebar, people using the RPi and Kismet for mine cost me little more than $400.00 war driving, war walking and war USD to make. Based on numbers I biking. David Bryan of Trustwave’s could get, via Google Shopping, using Spider Labs did a blog post in 2012 Cisco Network’s Wireless IDS data called “Wardrive, Raspberry Pi Style!” sheet from 2014, a similar set up (http://blog.spiderlabs.com/2012/12/ would have cost about $11,500 USD. wardrive-raspberry-pi-style.html) I’ve been told by a wireless engineer where he talked about using Kismet I know that he was quoted about with the RPi to track WAPs on his walk twice that for just one piece of and drive around his area. He used a hardware from the Cisco design. USB GPS device to map out where the When I started looking into using access points were.
76 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 76 11/17/14 12:29 PM INDEPTH
Wireless Survey
A wireless survey is usually a map of a building or location showing the signal strengths associated with wireless access points. Surveys are usually the first step when a new wireless network is installed. Surveys give the installers how many WAPs are needed, where they should be spaced, and what channels would be best to use in those areas.
Surveys normally are done with a WAP and a Wi-Fi-enabled device. The WAP is placed in a location, and signal strength is recorded as the client is moved around the area.
A rogue WAP or a survey WAP can be built from a Raspberry Pi with a wireless card and Hostapd. Most on-line documentation for a Hostapd WAP says to bridge the network cards on the RPi. This can be skipped if the WAP will not be used with clients that connect to the Internet.
Because the RPis are used as devices to be filtered out. stationary devices, I didn’t need GPS. The RPis have no shortage of One thing I did need though was operating systems to run. My choice a rough idea of where to place the for this project was to run Kali Linux sensors. Based on readings, Wi-Fi is good for about 328 feet (100 meters) with the omnidirectional Kali Linux: antenna being used on the TP-Link card indoors. Having the existing Kali Linux is the new version wireless survey (or doing one) will be of Backtrack Linux—one of the specialized Linux distributions for useful (see Wireless Survey sidebar). penetration testing and security. It It will let you know where the is currently based off Debian Linux, existing WAPs are. This information with security-focused tools preinstalled. also could come from the network Kali runs everything via the root login. documentation, if it exists. It is Kali has builds available as ISOs and important to keep the detectors from VMware images in 64-bit, 32-bit and being overpowered by approved custom-built ARM images for single access points. The wireless survey or card boards, Chrome OS and Android network documentation also should OS devices. provide the BSSIDs for the approved 
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 77
LJ248-Dec2014.indd 77 11/17/14 12:29 PM INDEPTH
Airodump-NG
Airodump is a raw 802.11 packet capture device. It is part of the Aircrack-NG suite. Normally, Airodump-NG will capture a file of packets to be cracked by Aircrack-NG. However, in my case, I wanted the feature where Airodump-NG can list the clients and access points it sees around it, which is about 300 feet indoors (this distance is based on documentation by the 802.11 standard).
 on the RPi, with Airodump-NG and rest of what I needed. Kismet. Originally, it was going to Kismet has two modes that can be be just Kali and Kismet, but I ran run. The first is the Kismet Server, into some limitations. The reason I which the Kismet User Interface chose Kali for this project, was the (Kismet UI) connects to (Figure 1). hardware drivers for the network card The Kismet UI shows the WAP name, I used didn’t need to be recompiled. if is an access point or not, encrypted Kali also came with Airodump-NG or not, the channel and other preinstalled, and an apt-get information. The “seen by” column XSGDWH DSWJHWLQVWDOO is the list of capture sources that NLVPHW took care of installing the saw the WAPs.
What Is Kismet?
Kismet is an 802.11 wireless network detector, sniffer and intrusion detection system. Kismet will work with any wireless card that supports raw monitoring mode, and it can sniff 802.11b, 802.11a, 802.11g and 802.11n traffic (devices and drivers permitting).
Kismet also sports a plugin architecture allowing for additional non-802.11 protocols to be decoded.
Kismet identifies networks by passively collecting packets and detecting networks, which allows it to detect (and given time, expose the names of) hidden networks and the presence of non-beaconing networks via data traffic.
78 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 78 11/17/14 12:29 PM INDEPTH
Figure 1. Kismet Network List
Kismet calls the remote sensors computer’s memory. drones. They’re configured through Making the drones this way did the kismet drone configuration file in cause a problem with the wireless /etc/kismet/kismet_drone.conf. I found network cards. Use LIFRQILJ to see the documentation for setting up this what cards the system lists. As you part rather sparse. Everything I found can see from the screenshot shown in spanned multiple years and didn’t go Figure 2, my drone02 has the wireless into too much detail. card listed as wlan1, and it is already When I configured my drones, I set in monitor mode. After the drives one up first and then cloned the SD were all cloned, I just had to go in and card with the GG command. I copied make minor configuration changes— the cloned image to the other SD besides the wireless card change. cards, again using GG. To speed up GG, The Raspberry Pi uses about 750 set the block size to about half the mAh, and a 5-volt 1-amp power 
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 79
LJ248-Dec2014.indd 79 11/17/14 12:29 PM INDEPTH
Figure 2. iconfig Screenshot
 supply doesn’t put enough power Configuring the Raspberry Pi out to start the wireless card after with Kali the Raspberry Pi is booted. Many of First, download the Kali Raspberry Pi the forums I read said that you need distro from the Kali Linux Web site. something that puts out 1.5–2.1 Copy the image to the SD card amps. I found that plugging in the with the GG command or a tool like card first prevents the extra draw, Win32DiskImage in Windows. This and I didn’t have a problem. creates a bit-for-bit copy of the image In the steps below, if you plug on the SD card. It is similar to burning in the Wi-Fi card after booting, an ISO to a DVD or CD. you risk a power drop to the Put the SD card into the RPi. Then, Raspberry Pi. The loss of power attach the Wi-Fi card you’re using to will crash the RPi, and the SD card a USB port. could be corrupted. Attach a Cat5, Cat5e or Cat6 cable 
80 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 80 11/17/14 12:29 PM INDEPTH
 to the Ethernet port. Wired is used you’ll have to reconnect. to communicate data to the network Next, edit /etc/kismet/kismet_drone.conf. to prevent problems with the wireless I have included a screenshot (Figure 4), card in monitor mode. but below are settings I used, and the Plug in the micro USB cable to turn fields that need to be changed. on the RPi. Next, ssh to the device. Set the following either to You may need to do a port scan with something that makes sense to you nmap to find the RPi. Alternatively, or the right information for your you can use a monitor and keyboard network and device. I used what I to access the console directly. Again, have configured for the examples. have all peripherals plugged in prior Name the drone with VHUYHUQDPH. to plugging in the power. This will show up in the bottom of the The login is “root”, and the password Kismet UI and logs when connecting. is “toor”. Use GURQHOLVWHQ to set the protocol, interface’s IP address and Configure the Kismet Drone port for the drone is to listen on for Configure eth0 with a static IP servers’ connection. address like in the static IP address List what servers can talk to this screenshot (Figure 3). This is done drone with DOORZHGKRVWV. This under /etc/network/interfaces. can be a whole network using CIDR Restart the networking with notation or just individual boxes VHUYLFHQHWZRUNLQJUHVWDUW or on the network, and also allow UHERRW. If you connected via SSH, the drone to talk to itself with 
Figure 3. Static IP Address Screenshot
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 81
LJ248-Dec2014.indd 81 11/17/14 12:29 PM INDEPTH
Figure 4. drone.conf
82 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 82 11/17/14 12:29 PM INDEPTH
GURQHDOORZHGKRVWV. background when the RPi powers on. Set the maximum number of servers Add these two lines before the exit that can talk to the drone with  so yours looks like the code below: GURQHPD[FOLHQWV. Set the max backlog of packets for VWDUWNLVWPHW the kismet drone with GURQHULQJOHQ. XVUELQNLVPHWBGURQHGDHPRQL]H Smaller than what I have might be better. I had problems with drone04 H[LW crashing. It also was the one that saw the most networks. Configure the Kismet Server on a Turn off GPS with JSV IDOVH. PC or Server for the Drone Sensors You don’t need it since these are There are two settings to change in stationary devices and you should /etc/kismet/kismet.conf. The first know where they are. is in the QFVRXUFH. The second is Set the capture source, QFVRXUFH. the ILOWHUBWUDFNLQJ. This tells the system what interface to The line below and related screen use and driver to use for that card: capture (Figure 5) tell Kismet what its capture sources are. In this case, VHUYHUQDPH .LVPHW'URQHSL nothing local is being used, just the GURQHOLVWHQ WFS drones. Repeat this line for each DOORZHGKRVWV  drone, with the proper information: GURQHDOORZHGKRVWV  
GURQHPD[FOLHQWV  QFVRXUFH GURQHKRVW SRUW QDPH L GURQHULQJOHQ  JSV IDOVH The line says the source is a drone, QFVRXUFH ZODQW\SH DWKN the drone’s IP address, what port to connect to on the drone, and The rest of the options I left set to what the drone should show as in default. Unless you’re in a country the Kismet UI. The name is seen that uses more B/G channels than “network list” view and “network the US, there is nothing that needs detail” view. I went with the two- to be modified. character name of “i#” because the The last thing to configure on the “Last Seen By” field in the network drones is the /etc/rc.local file. This will list has a hard-coded limit of ten start the kismet drone program in the characters. I wanted that field to 
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 83
LJ248-Dec2014.indd 83 11/17/14 12:29 PM INDEPTH
Figure 5. Kismet Server Sources
 show as many drones as it could. The bang (!) ignores that MAC Next, filter out the known network address. This shows everything but BSSIDs. Previously, I mentioned ignored WAPs. Without the bang (!), that a wireless survey or network Kismet would show only the WAP with documentation should be able to that BSSID in the network list. The provide this information. As you can choices are ANY, BSSID, SOURCE and see in the network list screenshot, DEST. Although the documentation several devices are listed. If you says you can use ANY with a bang (!), have devices you don’t want to trying it fails. The error said to use see, you’ll need to filter them out one of the other three options. The in the Kismet Server configuration MAC address can be stacked using a file /etc/kismet/kismet.conf. comma-separated list: In the configuration file, it has an 
 example of: ILOWHUBWUDFNHU %66,' '($'%(()'($'%((( 
´'($'%((' ILOWHUBWUDFNHU $1< '($'%(() With the Drone Sensor Network In my version of Kismet, that did running, the network detail screen not work. I had to remove the quotes for an access point will show which so the line looked like this: drones see the WAP (Figure 6). But, this is a limitation of the system. ILOWHUBWUDFNHU %66,' '($'%(() This screen provides only the signal 
84 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 84 11/17/14 12:29 PM INDEPTH
Figure 6. Network Detail Screen
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 85
LJ248-Dec2014.indd 85 11/17/14 12:29 PM INDEPTH
Figure 7. Drone2 airodump
Figure 8. Drone3 airodump
 strength for the drone with the had to go out and search. The strongest signal. This was the limit of search area was around all the Mr Pesce’s WRT54GL option. drones that saw the rouge WAP. In Mr Pesce’s model, once the Although his design makes the rogue WAP was detected, someone search area smaller than a whole 
86 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 86 11/17/14 12:29 PM INDEPTH
Figure 9. Drone4 airodump
 building, it doesn’t triangulate very level, which when used with the well. By using the RPis as drones, Roosevelt picture, shows how to use there is a second program you can it for triangulation). use for triangulation. ssh to each RPi drone, and run Airodump-NG, as I mentioned this command. Don’t forget to before, is for capturing packets on replace the EVVLG with the MAC over Wi-Fi. The user interface, when address of the WAP you are looking running Airodump-NG, provides for and the interface for what that several bits of information. The drone is monitoring with: ones you want are BSSID, PWR (power measured in negative DB), DLURGXPSQJEVVLG 0$&$''5(66! LQWHUIDFH! Channel and ESSID (Figures 7–9: each image shows a different power Note: I did not use the channel 
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 87
LJ248-Dec2014.indd 87 11/17/14 12:29 PM INDEPTH
Figure 10. Map of Roosevelt Hall at Eastern Michigan University (Google Maps)
88 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 88 11/17/14 12:29 PM INDEPTH
 command in the above line to lock wanted them, my professor hid a channel. This would interfere with the rogue WAP somewhere on data going back to the Kismet Server the same floor. By looking at the and lose the device if the WAP is power levels, I was able to figure configured for channel hopping. out where to go to find the rouge WAP. I knew that drone4 was the Proof of Concept closest and that the rogue WAP was I did my proof of concept at on the other side of that drone. Eastern Michigan University’s I walked down that hallway and Roosevelt Hall, which is where found the rogue WAP in less than my degree program’s labs are. In two minutes. It was hidden under the map of Roosevelt Hall (Figure a bench in the hall, outside a 10), there are three drones. This classroom and the other lab. was due to power and Ethernet cable limitations. There is also a rogue WAP (rogue_ap_pi), hidden by my professor. Kismet showed me all the networks in the area, LINUX JOURNAL because I didn’t have BSSIDs to ARCHIVE DVD filter them out. Again, this is where having network documentation or a wireless survey would be helpful. Drone3 and drone4 are in a hallway. Drone2 is in one of the lab rooms, with the Linksys network and my laptop running the Kismet Server and Kismet UI. When drone4 was just inside the lab’s door, there was a 10DB signal loss. Again, a wireless survey would have helped, because it would show how much NOW AVAILABLE signal the walls blocked. Once I had the system up and www.linuxjournal.com/dvd running and the drones where I 
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 89
LJ248-Dec2014.indd 89 11/17/14 12:29 PM INDEPTH
Limitations of the Wi-Fi Card developer) is working on a hardware The last limitation I want to cover and software Xbee detector is the TP-Link TL-WN722N card. called kisbee. An Ubertooth I went with this card because of One should work with Kismet the cost, the external antenna, to detect Bluetooth. the power draw when plugged in Cell phones and related cellular to the RPi and its availability at a network cards also would be local store. The card can talk only missed. Phones operate outside on the 2.4GHz range, meaning that the Wi-Fi card’s range, unless the it picks up only 802.11 B, G and phone is a Wi-Fi hotspot. The new N networks. It does not have the HackRF One card might be able to ability to detect or use the 5GHz detect the cellular networks, as range used by parts of N, A or the well as A/B/G/N/AC Wi-Fi, Xbee new AC networks. and Bluetooth, but I haven’t gotten Although I have a couple ALFA one to play with, and they would wireless cards, and one that should drive up the cost to about $300 be able to detect A and AC, I do USD per sensor.Q not know if I could run them on the RPi drone without a separate Chris Jenks is a senior in Information Assurance at Eastern powered USB hub. Michigan University. He has more than 15 years of experience This setup also does not detect in networking and system administration. He has presented :IGBEE8BEE OR "LUETOOTH 8BEE on Linux Hardening at DebryCon, GrrCON, and Bsides Detroit; uses both 900MHz and 2.4GHz. and on Open Source Intelligence at Circle City Con. Bluetooth uses 2.4GHz. Although both devices use 2.4GHz, frequencies (channels) are outside Send comments or feedback via the Wi-Fi card’s range. Mike http://www.linuxjournal.com/contact Kershaw (aka Dragorn, Kismet’s or to [email protected].
Resources
Kismet: http://kismetwireless.net
Kali Linux: http://www.kali.org
90 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 90 11/17/14 12:29 PM Instant Access to Premium Online Drupal Training
Instant access to hundreds of hours of Drupal training with new videos added every week!
Learn from industry experts with real world H[SHULHQFHEXLOGLQJKLJKSURȴOHVLWHV
Learn on the go wherever you are with apps for iOS, Android & Roku
We also offer group accounts. Give your whole team access at a discounted rate!
Learn about our latest video releases and RIIHUVȴUVWE\IROORZLQJXVRQ)DFHERRNDQG 7ZLWWHU #GUXSDOL]HPH  
Go to http://drupalize.me and get Drupalized today!
LJ248-Dec2014.indd 91 11/17/14 12:29 PM INDEPTH The Usability of GNOME Jim Hall writes about his latest usability study of open-source software, doing a “deep dive” into the usability of the GNOME desktop. JIM HALL
I work at a university, and one of productive, so the users decide when our faculty members often repeats a program is easy to use. Generally, to me, “Software needs to be like a program has good usability if it a rock; it needs to be that easy to is easy for new users to learn, easy use.” And, she’s right. Because if for them to use, and easy for them software is too hard to use, no one to remember when they use the will want to use it. program again. I recently spoke at GUADEC, In a more practical view, average the GNOME Users And Developers users with typical knowledge should European Conference, and I opened be able to use the software to my presentation with a reminder that perform real tasks. The purpose of GNOME is competing for mind share usability testing, therefore, is to with other systems that are fairly easy uncover issues that prevent general for most people to use: Mac, iPad, users from employing the software Windows and Chromebook. So for successfully. As such, usability testing GNOME to continue to be successful, differs from quality assurance testing it needs to be easy for everyone to or unit testing, the purpose of which use—experts and newcomers alike. is to uncover errors in the program. And, that’s where usability comes in. Usability testing is not a functional So, what is usability? Usability is evaluation of the program’s features, about the users. Users often are busy but rather a practical determination people who are trying to get things of the program’s operability. done. They use programs to be Usability testing does not rely on 
92 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 92 11/17/14 12:29 PM INDEPTH
Usability cannot be addressed only at the end of a software development lifecycle. If you wait until the end, it is usually too late to make changes.
 a single method. There are multiple lifecycle. If you wait until the end, it is approaches to implement usability usually too late to make changes. practices, from interviews and focus groups to formal usability How to Run a Usability Test— testing. Whatever method you use, Usability Testing in GNOME the value of usability testing lies in I recently worked with the GNOME performing the evaluation during Design Team to examine the usability development, not after the program of GNOME. This was an opportune enters functional testing when user moment to do usability testing in interface changes become more GNOME. The project was in the difficult to implement. In open- process of updating the GNOME source software development, the design patterns: the gear menu, the community of developers must application menu, selection mode and apply usability testing iteratively search, just to list a few. I assembled a throughout development. Developers usability test to understand how well do not require extensive usability users understand and navigate the experience to apply these usability new design patterns in GNOME. Here practices in open-source software. is how I did that. I prefer the formal usability test, and The first step in planning a usability it’s not hard. You can gain significant test is to understand the users. Who insight just by gathering a few testers are they, and what tasks do they and watching them use the software. typically want to perform? With With each iteration, usability testing GNOME, that answer was easy. identifies a number of issues to The GNOME Web site explains that resolve and uncovers additional issues “GNOME 3 is an easy and elegant way that, when addressed, will further to use your computer. It is designed improve the program’s ease of use. to put you in control and bring Usability cannot be addressed only at freedom to everybody.” GNOME is for the end of a software development everyone, of all ages, for casual users 
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 93
LJ248-Dec2014.indd 93 11/17/14 12:29 PM INDEPTH
 and software developers. a Web site—not to “Increase the font From there, I worked with the size”, which would have hinted at GNOME Design Team to build a the menu action they would need to usability test for these users. The use to accomplish the task. test also needed to exercise the Because I work on a university GNOME design patterns. I compared campus, I invited students, faculty and the design patterns used by each staff to participate in a usability study. GNOME program and decided five Volunteers were selected without GNOME applications provided a preference for gender, age group reasonable representation of the or level of experience. This reflects design patterns: GNOME’s preference to target a broad range of users. Each tester was 1. gedit (text editor) given a $5 gift card to the campus coffee shop as a “thank you” for 2. Web (Web browser) participating in the usability test. In total, 12 testers participated in 3. Nautilus (file manager) the usability test, representing a mix of genders and an age range spanning 4. Software (similar to an app store) 18–74. Participants self-identified their level of computer expertise on a 5. Notes (a simple note-taking program) scale from 1 to 5, where 1 indicated “No knowledge” and 5 meant Having decided on the programs, “Computer expert”. No testers I wove a set of test scenarios that self-identified as either 1 or 5. Instead exercised the design patterns around they filled a range between “2: I tasks that real people would likely know some things, but not a lot”, and do. Designing the test scenarios is “4: I am better than most”, with an an important part of any usability average rating of 3.25 and a mode of test. You need to be very careful “3: I am pretty average.” in the wording. It is too easy to Before each usability test session, “give away” accidentally how to do every participant received a brief something just by using a particular description of the usability study, turn of phrase. For example, one of explaining that this was a usability my scenarios for Web asked testers test of the software, not of them. to “Please make the text bigger” on This introduction also encouraged 
94 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 94 11/17/14 12:29 PM INDEPTH
 testers to communicate their thought tasks, which most testers completed process. If searching for a print in 50–55 minutes. action, for example, the participant should state “I am looking for a My Usability Test Results ’Print’ button.” Testers were provided The value of a usability test is a laptop running a “liveUSB” image finding areas where the program is of GNOME 3.12 containing a set difficult to use, so developers can of example files, including the text improve the interface in the next file used in the gedit scenario tasks. version. To do that, you need to However, the USB image proved identify the tasks that were difficult unstable for most programs in for most users to perform. the usability test. To mitigate the You easily can see the usability stability issues, I rebooted the laptop test results by using a heat map. into Fedora 20 and GNOME 3.10 This kind of visualization neatly to complete the scenario tasks for summarizes the results of the Web, Nautilus, Software and Notes. usability test. In the heat map, In testing GNOME, each participant each scenario task is represented used a separate guest account that in a separate row, and each block had been pre-loaded with the same in the row represents a tester’s example files. These example files experience with that task (Figure also included items unrelated to the 1). Green blocks indicate tasks that usability test, similar to how real users testers completed with little or no keep a variety of documents, photos difficulty, and yellow blocks signify and other files on their computers, tasks that presented moderate allowing participants to navigate these difficulty. Red boxes denote contents to locate files and folders tasks where testers experienced required for the scenario tasks. extreme difficulty or where testers At the end of each usability test, completed tasks incorrectly. Black I briefly interviewed the testers to blocks indicate tasks the tester was probe their responses to the tasks unable to complete, while white and programs, to better understand boxes indicate tasks omitted from what they were thinking during the test, usually for lack of time. certain tasks that seemed particularly The “hot spots” in the heat easy or difficult. Overall, the map show tasks that were difficult usability test included 23 scenario for testers.
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 95
LJ248-Dec2014.indd 95 11/17/14 12:29 PM INDEPTH
Figure 1. Usability Heat Map
96 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 96 11/17/14 12:29 PM INDEPTH
Figure 2. Header Bar for gedit, Showing the Gear Menu
1) Interestingly, all participants 2) In the Nautilus file manager, experienced significant issues with testers also experienced serious changing the default font in gedit difficulty in creating a bookmark to a (GNOME 3.12). A significant number folder. In GNOME, this task is usually of testers were unable to accomplish achieved by clicking into the target a similar task in Notes. In observing folder then selecting “Bookmark this the tests, the testers typically looked Location” from the gear menu, or by for a “font” or “text” action under the gear menu. Many participants referred to the gear menu as the “options” or “settings” menu because of a previous affiliation with the gear icon and “settings” in other Mac OS X and Windows applications (Figure 2). These participants expected that changing the font was an option in the program, and therefore searched for a “font” action under the gear or “options” menu. Part of this confusion stemmed from thinking of the text editor as though it were a word processor, such as Microsoft Word, which uses items in menus or on a toolbar to set the document font. This behavior often was exhibited by first highlighting all the text in the document before Figure 3. Dragging a Folder to Create a searching for a “font” action. Bookmark in Nautilus
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 97
LJ248-Dec2014.indd 97 11/17/14 12:29 PM INDEPTH
 clicking and dragging the intended reveals a view of currently running folder onto “Bookmarks” in the left programs and a selection of available pane (Figure 3). programs. Users can trigger the However, testers initially addressed Activities menu either by clicking this task by attempting to drag the the “Activities” word button in the folder onto the GNOME desktop. upper-left corner of the screen or by When interviewed about this moving the mouse into that corner response, almost all participants (the “hot corner”). Although testers indicated that they prefer to keep generally recovered quickly from the frequently accessed folders on the unexpected “hot corner” action, desktop for easier access. Most this feature caused significant issues testers eventually moved the target during the usability test. folder into the Desktop folder in their Home directory, and believed General Issues they successfully completed the task The open-source software usability even though the target folder did not challenge is cultural. To date, appear on the desktop. usability has been antithetical to 3) Testers also experienced open-source software philosophy, difficulty when attempting “find where most projects start by solving and replace text” in gedit. In this a problem that is interesting to the task, testers employed the “Find” developer, and new features are feature in gedit to search for text in incorporated based on need. Crafting the document. Experimenting with new functionality takes priority, “Find”, testers said they expected and open-source developers rarely to replace at the same time they consider how end users will access searched for text. After several failed those features. attempts, testers usually were able to However, a key strength of open- invoke the “Find and Replace” action source software development is successfully under the gear menu. the developer-user relationship. In Although the overall GNOME open-source software projects, the desktop was not part of the usability user community plays a strong role in test, many testers experienced testing new releases. Unfortunately, difficulty with the GNOME “Activities” testers cannot rely on the typical hot corner. In the GNOME desktop user-testing cycle to provide sufficient environment, the Activities menu user interface feedback. Developers 
98 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 98 11/17/14 12:29 PM INDEPTH
 can learn a great deal simply by provides sufficient feedback to make observing a few users interacting with informed usability improvements. And the program and making note where with good usability, everyone wins.Q testers have problems. This is the essence of a usability test. Jim Hall is an advocate for free and open-source software, Usability tests need not be best known for his work on the FreeDOS Project. At work, performed in a formal laboratory Jim is the IT Director and IT Executive at the University environment, and developers do of Minnesota Morris. In May, Jim received his Master’s not need to be experts in order to in Scientific and Technical Communication, studying the apply usability testing methodology usability of open-source software. to their projects. Developers need only observe users interacting with the program for usability issues to Send comments or feedback via become clear. A handful of usability http://www.linuxjournal.com/contact testers operating against a prototype or to [email protected].
LINUX JOURNAL on your e-Reader
Customized e-Reader editions Kindle and Nook editions FREE for Subscribers now available
LEARN MORE
LJ248-Dec2014.indd 99 11/18/14 2:26 PM EOF How Can We DOC SEARLS Get Business to Care about Freedom, Openness and Interoperability? They use our stuff. Why not our values too?
 t this point in history, some degree connected on the Net. arguments for using Yet, it remains a vast feudal system A Linux, FOSS (free and of suppliers that nearly all work to open-source software) and the lock doctors, hospitals and labs into Internet make themselves. Yet dependency on closed, proprietary, the virtues behind those things— incompatible, non-interoperable freedom, openness, compatibility, and non-substitutable systems. I’ve interoperability, substitutability—still witnessed these up close as a patient. tend to be ignored by commercial In one case, diagnostic scans by builders of new stuff. one machine and software system For example, US health care, like couldn’t be read by computers with pretty much every business category, software designed to read the output is full of Linux and FOSS, and is to of a different company’s scans. In 
100 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 100 11/17/14 12:29 PM EOF
 another case, records kept by one materialized network society. It’s specialty failed to inform another like a Google or Facebook writ specialty in the same hospital. large on the landscape. The first one gave me a case of pancreatitis, and the second one gave Google and Facebook don’t have my mother a fatal stroke. “users” or “customers”. Instead, We are seeing the same thing start they have participants under to happen already with the Internet machine surveillance, whose of Things (IoT), about which Bruce activities are algorithmically Sterling (http://en.wikipedia.org/ combined within Big Data silos. wiki/Bruce_Sterling) has written They don’t need the reader a brilliant essay titled The Epic to be the hero. He’s not some Struggle of The Internet of Things rational, autonomous, economic (http://www.amazon.com/The-Epic- actor who decides to encourage Struggle-Internet-Things-ebook/ the Internet of Things with his dp/B00N8AIFYC). “The first thing purchasing dollars. They’re much to understand about the ’Internet better off when those decisions of Things’”, he says, “is that it’s are not his to make. not about Things on the Internet. It’s a code term that powerful The reader may be allowed stakeholders have settled on for their to choose the casing of his own purposes. They like the slogan smartphone and the brand of his ’Internet of Things’ because it sounds vacuum cleaner, but the digital peaceable and progressive. It disguises relation between the two of them the epic struggle over power, money is not his decision. He still has a and influence that is about to ensue. role of sorts, but it’s much like There is genuine Internet technology the role he has within Google involved in the ’Internet of Things’. and Facebook. He gets fantastic However, the legacy Internet of services free of charge, and he yesterday is a shrinking part of what responds mostly with dropdown is at stake now.” menus and check boxes, while It’s actually worse than that: generating data whose uses and values are invisible to him. An Internet of Things is not a consumer society. It’s a The reader didn’t build the 
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 101
LJ248-Dec2014.indd 101 11/17/14 12:29 PM EOF
If we’re geeks like most Linux Journal readers, we’re already doing our part, laboring away on free and open-source stuff, and using as much free and open stuff as we can.
 phone or the vacuum cleaner. He willingly involved in their systems. can’t repair or modify them. He The Internet of Things is basically doesn’t understand their technical a recognition by other power- workings, and when the two of players that the methods of the them interact (by various adroit Big Five have won, and that they forms of wireless communication), should be emulated. he’s not in charge of that, or of where the data goes.... The Big Five are smart, profitable, capable and colossal. They are as The reader is not a “customer” of entirely free of political constraint Facebook because he never paid as the railroads or Standard Oil for Facebook. Facebook’s genuine were in their own heyday.... customers are the marketers— those who pay Facebook for Phil Windley calls this The Compuserve the hard labour of surveilling of Things (http://www.windley.com/ the billion people on Facebook. archives/2014/04/the_compuserve_of_ Facebook is one of the “Big Five” things.shtml), and says: of Facebook, Amazon, Google, Microsoft and Apple.... On the Net today we face a choice between freedom and The Big Five are the genuine captivity, independence and heroes of the Internet of Things. dependence. How we build The epic drama of the Internet the Internet of Things has of Things is really their story. It’s far-reaching consequences for not a popular uprising—except the humans who will use—or in the sense that the Big Five are be used by—it. Will we push really, really, really “popular”— forward, connecting things because billions of people are using forests of silos that are 
102 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 102 11/17/14 12:29 PM EOF
 reminiscent the online services of the ones running the companies the 1980s, or will we learn the building closed and silo’d systems, lessons of the Internet and build including proprietary networks of a true Internet of Things? things. And those folks aren’t getting the lessons we’ve been teaching for Well, it depends on who “we” are. decades. Why is that? If we’re geeks like most Linux Journal One dividing line is between readers, we’re already doing our part, standards and platforms built laboring away on free and open-source on them. This is also the line stuff, and using as much free and between infrastructure and open stuff as we can. But we’re not commerce in the “layers of time” 
Figure 1. Layers of Time (from The Long Now Foundation)
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 103
LJ248-Dec2014.indd 103 11/17/14 12:29 PM EOF
Geeks working down in the lower geology layers tend to be as oblivious to what happens at the Commerce and Fashion layers as the core of the Earth is to civilization.
 graphic from The Long Now dependencies. This is why there are Foundation (http://longnow.org)— more than a billion apps each on iOS see Figure 1. and Android. FOSS building materials are all But platforms can also change fast at the Infrastructure layer. So are (http://scripting.com/2014/07/07/ the standards that create the Net comparingApis.html) and put and the Web: TCP/IP, HTTP and the dependent developers and users at rest. These and countless thousands their mercy, as many discovered when (millions?) of standards and code Twitter pulled the rug out from under bases support boundless freedom them in 2012 by changing its API and generativity for everything (http://www.techradar.com/us/news/ that’s built on them and with world-of-tech/twitter-to-developers- them, up at the Commerce and screw-you-guys-1092570). This was a Fashion-Art levels. huge interop fail for many code bases, But all the Big Five, while founded some of which died. on those standards, and packed Infrastructural standards and code with FOSS code, need to compete bases (such as Linux and Apache) at the commerce level. This tends come up from lowest level—Nature— to subordinate freedom, interop, and bubble up through their cultures generativity and the rest—except and governance norms. None of those within their own feudal empires. norms arise from government policies, There they can do a pretty good job. in spite of what the Governance layer For example, most of the big suggests in that graphic. As David platforms come with SDKs (software Clark (http://en.wikipedia.org/ development kits), APIs (application wiki/David_D._Clark) famously put programming interfaces) and other it to (and for) the IETF in 1992, “We means for encouraging, producing reject: kings, presidents and voting. and supporting lots of code—and We believe in: rough consensus and 
104 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 104 11/17/14 12:29 PM EOF
 running code” (Lessig, Code 2.0, Android apps run on hardware p. 4: http://www.codev2.cc/ from makers required to privilege download+remix/Lessig-Codev2.pdf). Google’s apps first. Or that the Geeks working down in the walls of those feudal empires lower geology layers tend to be block views toward negative as oblivious to what happens at externalities, one of which is the Commerce and Fashion layers restricted (or absent) inter-empire as the core of the Earth is to interoperability. As a result we civilization. Some of us have heard have a marketplace where the Linus say “I do kernel space” benefits of freedom and openness— (http://www.linfo.org/kernel_ taught by the Net, the Web, open space.html). “I don’t do user space” standards, open code and open (http://www.linfo.org/user_space.html). hardware—aren’t seen, because That’s because Linux developers make their first causes are out of sight: a sharp distinction between those two buried down at the infrastructure spaces, by name. The deep nature of layer and below. Linux is in its kernel, whose job (as But some geeks aren’t forgetting. Cory working infrastructure) is to support Doctorow (http://craphound.com), for everything above it without prejudice example, warns of a coming “civil war” (http://www.linuxjournal.com/ (http://boingboing.net/2012/08/23/ article/8664). In other words, it tries civilwar.html) between general- to be as neutral as possible. purpose and special-purpose But up at the Commerce and computing. The white-box PC, Fashion-Art levels, where most for example, is general-purpose. people acquire goods and live with Meanwhile, we still have no them, few are concerned that a equivalent with smartphones billion+ iOS apps run only on and tablets. Instead we have closed Apple hardware, or that a billion+ and locked things that foreclose on 
The Net and the Web were both built on software and hardware that leveraged standard, open and general-purpose equipment, protocols and code bases.
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 105
LJ248-Dec2014.indd 105 11/17/14 12:29 PM EOF
 many freedoms. theory of interoperability” that can The Net and the Web were both resolve issues at the four layers built on software and hardware at which they see interoperability that leveraged standard, open playing: technological, data, human and general-purpose equipment, and institutional. protocols and code bases. I’ve been watching problems Smartphones and tablets take at all four layers for the past advantage of those things, but limit eight years through ProjectVRM what people can do with them. (http://cyber.law.harvard.edu/ Apps are available only in stores, projectvrm/Main_Page), which seeks which are closed and private. Apps to provide individuals with tools for themselves also tend to be silo’d. both independence and engagement in They may operate on your phone, the commercial world. All the projects but don’t easily interoperate with and companies on our developers each other. Try gathering data list (http://cyber.law.harvard.edu/ from all your fitness and health projectvrm/VRM_Development_Work) apps into a place of your own. do their best to reconcile the need Even if you can, such as with for interop and substitutability with DigiFit (http://www.digifit.com), commercial imperatives: attracting it’s in yet another company’s silo. investment and partners, competing Research on the questions raised and so on. by these issues is remarkably thin. Some efforts are formal and Toward relieving that, Urs Gasser involve a number of players (http://cyber.law.harvard.edu/ that compete in a cooperative people/ugasser) and John Palfrey framework. The Respect Network (http://cyber.law.harvard.edu/ (https://www.respectnetwork.com), people/jpalfrey), colleagues of for example, includes dozens of mine at the Berkman Center partner organizations committed (http://cyber.law.harvard.edu), to the Respect Trust Framework published Interop: The Promise and (http://openidentityexchange.org/ Perils of Highly Interconnected Systems, trust-frameworks/respect-trust- in 2012 (http://www.amazon.com/ framework), which assures both Interop-Promise-Perils-Interconnected- interoperability and substitutability Systems/dp/0465021972). In it they between service providers. argue for “a nuanced and stable But it’s an uphill battle, and has 
106 / DECEMBER 2014 / WWW.LINUXJOURNAL.COM
LJ248-Dec2014.indd 106 11/17/14 12:29 PM been for a long time. As I see it (and I’ve been looking Advertiser at this for Linux Journal since the mid-1990s), the biggest conflict Index for Interop is freedom vs. captivity. Thank you as always for supporting our Developers that value freedom advertisers by buying their products! tend to maximize interop, while developers that value captivity tend to minimize interop. And most of ADVERTISER URL PAGE #
 what we get are compromises. Drupalize.me http://www.drupalize.me 91 I believe the main problem is 
 simply ignorance of consequences, EmperorLinux http://www.emperorlinux.com 11 which is an old problem with business. But I also believe in ServerBeach http://serverbeach.com 53 research. Urs recently wrote to one Silicon Mechanics http://www.siliconmechanics.com 3 of the Berkman lists, asking for 
“the most challenging, fascinating, SPTechCon http://www.sptechcon.com 71 puzzling...interop stories, questions, problems, opportunities...that you’ve been thinking about recently”—
 toward fresh research on interop. ATTENTION ADVERTISERS Let’s give him some of those. Comment below (when this goes The Linux Journal brand’s following has up on the Web) or write me grown to a monthly readership nearly (doc at linuxjournal dot com).Q one million strong. Encompassing the magazine, Web site, newsletters and much more, Linux Journal offers the Doc Searls is Senior Editor of Linux Journal. He is also a fellow ideal content environment to help you with the Berkman Center for Internet and Society at Harvard reach your marketing objectives. For University and the Center for Information Technology and more information, please visit Society at UC Santa Barbara. http://www.linuxjournal.com/advertising.
Send comments or feedback via http://www.linuxjournal.com/contact or to [email protected].
WWW.LINUXJOURNAL.COM / DECEMBER 2014 / 107
LJ248-Dec2014.indd 107 11/18/14 2:26 PM