Archive for English

The ownCloud Public Link Creator


ownCloud Share Link Creator - Context Menu

ownCloud Share Link Creator – Context Menu

Holiday season is the perfect time to work on some stuff on your personal ToDo list. ownCloud 6 introduced a public REST-style Share-API which allows you to call various share operations from external applications. Since I started working on the Share-API I thought about having a simple shell script on my file manager to automatically upload a file and generate a public link for it… Here it is!

I wrote a script which can be integrated in the Thunar file manager as a “custom action”. It is possible that the program also works with other file managers which provide similar possibilities, e.g Nautilus. But until now I tested and used it with Thunar only. If you try the script with a different file manager I would be happy to hear about your experience.

ownCloud Share Link Creator - File Upload

ownCloud Share Link Creator – File Upload

If you configure the “custom action” in Thunar, make sure to pass the paths of all selected files to the program using the “%F” parameter. The program expects the absolute path to the files. In the “Appearance and Conditions” tab you can activate all file types and directories. Once the custom action is configured you can execute the program from the right-click context menu. The program works for all file types and also for directories. Once the script gets executed it will first upload the files/directories to your ownCloud and afterwards it will generate a public link to access them. The link will be copied directly to your clipboard, additionally a dialog will inform you about the URL. If you uploaded a single file or directory than the file/directory will be created directly below your default target folder as defined in the shell script. If you selected multiple files, than the program will group them together in a directory named with the current timestamp.

This program does already almost everything I want. As already said, it can upload multiple files and even directories. One think I want to add in the future is the possibility to detect a ownCloud sync folder on the desktop. If the user selects a file in the sync folder than the script should skip the upload and create the share link directly.

Edit: In the meantime I got feedback that the script also works nicely with Dolphin, Nautilus and Nemo

flattr this!

Introduction to the new ownCloud Encryption App


Last weekend we released a first preview version of the new encryption app. This wouldn’t be possible without the work done by Sam Tuke and Florin Peter. Thanks a lot for all your work! Let me take the opportunity to tell you some details about the app, what it does and how it works.

The encryption app for ownCloud 5 was a complete re-write. We moved from the relatively weak blowfish algorithm to the more secure AES algorithm. The complete encryption is built on top of OpenSSL a well-known and tested encryption library. Further, the encryption app is integrated into ownCloud seamlessly. This means that the encrypt and decrypt happens transparently so that you can still use all the other features from ownCloud like sharing, different viewer apps, WebDAV access etc.

To make this possible, we decided to perform the encryption server-side. Still the architecture allows us to implement client-side encryption as an additional option later. Server-side encryption is especially interesting for users who also use the external storage app. Combining the external storage app with the encryption app allows you to use external storage without giving any 3rd-party provider access to your data.

ownCloud uses the users log-in password for encryption. This means that you should choose a strong password in order to protect your data. It is important to know that by default a user will lose access to his data if he loses his log-in password. As an additional feature the administrator can generate a recovery key which allows him to recover user data. Once this feature is activated in the administrator settings every user can enable the recovery key in his personal settings. By default the recovery key is disabled. Every user can decide for himself whether he wants this additional protection against password loss or not. Since we are using server-side encryption this feature does not reduce the security. Keep in mind that your ownCloud administrator will always be able to intercept your data because everything gets encrypted and decrypted at the server. Since ownCloud is Free Software you can choose a trustworthy administrator freely or decide to be your own administrator if you wish.

Let’s talk about some technical details and how the encryption works. The encryption is based on three different keys: every user has a private/public key-pair, every file has a file-key and to give multiple users access to a file we have share-keys.

Every user has an asymmetric 4096-bit strong key-pair which consists of a private and a public key. The private key is encrypted with the users log-in password, for the encryption AES-128 is used. Additionally there are up to two system-wide key-pairs: One for public link shares which allows ownCloud to decrypt files which are shared as public link and if enabled the recovery-key-pair.

In order to not always have to encrypt and decrypt large files we have introduced the file-keys which are 183 byte strong ASCII keys. The file-key is used to encrypt the users file symmetrically with AES-128. Than the file-key gets encrypted with the public keys from all users with access to the file. This means that if a user gets added or removed from a file we only have to re-encrypt the small file-key instead of the whole file.

Every time a file-key gets encrypted to multiple users OpenSSL generates for each user an additional share-key. Only the combination of the users private key with the corresponding share-key enables the user to decrypt the given file again.

Everybody is welcome to test the new encryption app and report issues on our mailing list or preferable directly on GitHub. But keep in mind that this is a preview version, you should always have a backup of your unencrypted data!

flattr this!

Free Software, Open Source, FOSS, FLOSS – Same same but different


There are two major terms connected to software you can freely use, study, share and improve: Free Software and Open Source. Based on them you can also find different combinations and translations like FOSS, Libre Software, FLOSS and so on. Reading articles about Free Software or listening to people involved in Free Software often raises the question: Why do they use one term or another and how they differ from each other?

Historical background

Historically, Free Software was the first term, created somewhere around 1984 together with the Free Software definition. In 1997 Debian, a project aiming to create a completely free and community based GNU/Linux distribution, defined the Debian Free Software Guidelines (DFSG) as a check-list to decide whether a program can be included in the distribution or not. In 1998 the Open Source Initiative was set up as a marketing campaign for Free Software and introduced the Open Source definition by copying the DFSG and replacing “Free Software” with “Open Source”. According to a public statement by Bruce Perens, one of the founders of the OSI and author of the DFSG and Open Source Definition, the Open Source term was introduced as a synonym for Free Software. Perens eventually decided to return to the roots of the movement and to speak about Free Software again. This historical development shows that both Open Source and Free Software describe the complete set of software licenses granting the right to use, study, share and improve the software.

In the course of time people came up with even more terms. Today, terms such as Libre Software, FOSS (Free and Open Source Software) or FLOSS (Free, Libre and Open Source Software) are often used to describe Free Software. In some cases people also use terms like “organic software” or “ethical software”. Often the motivation for these terms is to stay out of the terminology debate and to avoid confusion generated by words like “open” or “free”. At the end those terms create more confusion than they help because they virtually invite people to search for differences between the terms where actually no differences exist, regarding the software they describe.

In short, these different terms share the same historical root and describe the same set of software, although the choice of one term over the others highlight different aspects of Free Software.

Usage of the terms by different people and organisations within the movement

Today the Free Software movement is a large and diverse community. People have different interests in Free Software and different motivations to take part in this movement. But these differences are not necessarily related to the language they use. There are many people using the term Open Source and highlight the social and political dimensions of Free Software while on the other hand there are a people in our community who prefer the term Free Software but concentrate more on the practical benefits. This means that the terms Open Source and Free Software are not a good criterion to identify these different motivations.

Beside individuals there are also many well known organisations in the Free Software ecosystem. Many of them play an important role and emphasize different aspects of Free Software. For example, some organisations focus on the technical direction of Free Software projects, some on legal aspects, some on political, social and ethical aspects and some focus on license evaluation. These organisations typically have decided to use one or another term and sticked to it. But this should not lead to the conclusion that the term they use is the critical factor regarding their motivations. The critical factor are the people driving the organisation and the goals of the organisation as such. The practical experience with different organisations and people in the community shows that the line can’t be drawn along the language they use.

This diversity is good, as it reflects that Free Software provides many advantages in many different areas of our life. But we should not divide our community just by the term someone prefers. No matter what term someone uses and what his initial motivation is, at the end most of us work on the same set of software and on the enhancement of software freedom and any other aspect of Free Software.

License evaluation

There are three entities in the Free Software movement which people look to for evaluations of Free Software licenses: The Debian project, the Free Software Foundation (FSF) and the Open Source Initiative (OSI). Most of the time they come to the same conclusion. In some corner cases they may disagree. In such cases the differences do not lie in different terms or different definitions, which as already shown have the same origin, but in the fact that it happens quite often that different people come to different conclusions for challenging legal questions. It would be a big mistake to use these cases to divide our community.

Protective and non-protective licenses

Looking at Free Software licenses there are two main categories, protective or Copyleft licenses and non-protective licenses. While Copyleft licenses are designed to protect the rights to use, study, share and improve the software non-protective licenses allow to distribute the software without those rights. Sometimes people think that the terms Free Software and Open Source are used to distinguish between protective and non-protective licenses. The lists of Free Software licenses by Debian, the FSF and the OSI show that both protective and non-protective licenses comply with the Free Software definition and the Open Source definition. This means that neither the terms Open Source and Free Software nor the different definitions are suitable to distinguish between protective and non-protective licenses.

This graphic should visualise the different software categories and their connection

Protective licenses and non-protective licenses are sub-classes of Free Software licenses recognized by the Open Source Initiative and the FSF. Copyleft or non-Copyleft is not a criteria suitable to distinguish between Open Source and Free Software, both terms describe the same set of software.

Development model

When looking at software we have to distinguish between the software model and the development model. While the software model describes the attributes of the software (e.g. free or proprietary) the development model describes different ways to develop software. As described at full length in “What makes a Free Software company?” the different development models are defined independently of the software models and work for both Free Software and proprietary software. Development models that leverage the advantage of an open and collaborative community can show their full strength in combination with the Free Software model. However this does not mean that an open, collaborative development process is a criterion for Free Software. There are Free Software projects developed by a single person or a company with little or no outside input. On the other hand developers of proprietary software have adapted collaborative development models to fit into their software model, e.g. SAP with its partnership program.

While the development model can be a crucial factor for the success of a software project it is not suitable to distinguish between proprietary software and Free Software or one of its synonyms.

Why do I still insist on calling it Free Software if it is all the same?

If all these terms describe the same software people may wonder why I insist on using the term Free Software. The easiest answer is that I simply have to choose a term if I want to talk about Free Software. As explained in the article all the terms describe the same set of software, therefore I don’t see any value in combining them (e.g. FOSS or FLOSS). Quite the contrary, this combinations often create more confusion than clarity. So the remaining terms are Free Software and Open Source and I decided to stick with Free Software.

Free Software is the oldest term. All other terms have their roots in the Free Software definition. It is a good tradition in science to use the first term and definition given by its author. Furthermore it is also advantageous if a term can be easily translated into different languages​​. This enables people to talk about Free Software in the most natural way, in their first language. In many cases Free Software even translates unambiguously into other languages, e.g. “logiciel libre” in French, “software libre” in Spanish, “software libero” in Italian or “Fri Software” in Danish which avoids the ambiguity between freedom and price of the English word “free”. I believe that it is important to use a clear terminology. I want to convey a strong message about freedom. Language is important because it frames how people think about a subject. Different terms focus on different aspects, even if they describe the same software and the language we use influences our thoughts about a subject. For me freedom is a core value of Free Software and I want that my language reflects this.

Free Software, which is easy to translate in different languages and emphasises the aspect of freedom for individuals, business and public institutions, together with the clear definition provides these values. All this makes Free Software the right choice for me and I invite you to follow me.

Conclusion

For historical reasons there are different terms to describe software that is free to use, study, share and improve. All terms, Open Source, Free Software or one of the combinations have the same roots and describe the same set of software. When it comes to people and groups within the Free Software movement we see a large diversity of motivations, different people or groups focus on different aspects of Free Software. But whatever the motivation may be it is not the doing of the software, it is the people. Neither is it possible to distinguish the people according to the term they use nor is it the business of the Free Software movement or part of the Free Software definition to find and define groups within our community. The Free Software movement identifies Free Software and works on the enhancement and adoption of it with all its positive aspects. Regarding licenses, different groups agree in their evaluation of Free Software licenses except for some corner cases which shows the complexity of legal documents but not a division between people, movements or software along the terms they use. Protective (Copyleft) and non-protective licenses are sub-classes of Free Software licenses and are recognised as such by all groups in the Free Software movement. These two categories are not suitable to separate Open Source and Free Software.

Even if all these terms describe the same set of software the terminology we use is still important because it frames how people think about a subject. Different terms focus on different aspects, even if they describe the same software. I want to put freedom first, for me freedom is a core value of Free Software and I want to respect the naming by the founder of the Free Software movement. These are the main reasons why I invite you to join me and speak about Free Software.

But no matter which term we use, we should not allow people to split our community just because of different terminology. At the end most of us work on the same set of software, improve it and foster software freedom no matter what our motivation or preferred term is. The community needs to stay together to have an impact on all levels of involvement and to improve Free Software in all aspects. Don’t let others use the strategy of “divide and conqueror” to harm our movement.

In this context you should also read “It’s time for the community to take charge of its brand”.

Edit: The Comment by Bob McConnell shows that maybe the point “copyleft vs non-copyleft” needs to be addressed more explicitly. Therefore I added the sub-section “Protective and non-protective licenses” which was initially planed but got lost somewhere in the process of writing the article

flattr this!

for the first time in my life…


going to fosdem 2011

see you there?!

flattr this!

A new toy arrived


Thin Client

My little new toy arrived! It’s a Thin Client Tux@Home Q-Box 270 (Intel Atom) with 1GB RAM and 500GB hard disk. One of the nice things about the device is the low power consumption, only 10-15Watt. This is important because I want to use the device as a small home server. To avoid paying the “windows tax / proprietary software tax” I bought the computer at ixsoft.de, a online shop which sells hardware with GNU/Linux pre-installed. It came with Fedora GNU/Linux and now runs the Debian GNU/Linux (Squeeze) operating system which I consider more suitable for the tasks I want to use the device.

Now the more interesting part: What software / services should run on this little helper? In a first step I want to enable ssh access from outside, install an IRC bouncer and a subversion (SVN) server. The next think I would like to install is some kind of address book and calendar which can be used from any device (desktop computer, laptop, smart phone). But therefor I have to look into some solutions first. Kolab looks quite interesting. But I have to see how well it works with my software/hardware setup (Claws-Mail (Thunderbird) and Android). OwnCloud is another project I want to look at. Maybe this could be a nice solution for some file hosting.

If you have a tip for a good address book and calender solution or any other fancy idea what could be done with the Thin Client than drop me a mail or add a comment.

flattr this!

My Backup Solution


For a long time I have made backups of my home partition by hand, starting from time to time rdiff-backup. But as you can imagine, this approach doesn’t generate regular and reliable backups.

I couldn’t put this task into a simple cronjob because of two reasons. First I use encrypted hard disks and my backup disk is connected via USB and not always on. So before a backup starts I have to turn on my backup disk and make sure, that my home partition and my backup disk is decrypted and mounted. Second I don’t want the backup happen during my regular work. In my experience such processes often starts in the most annoying moments.

So I decided that I need an semi-automatic backup, which runs during shutdown. The result is this small script which I put in /etc/rc0.d/K05backup.sh:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
#!/bin/bash
 
currentTime=`date +%s`
timeUntilNextBackup=604800                 # 604800sec = 1week
startBackup=false
 
# check if it's time for the next backup
if [ -f /var/log/nextBackup.log ]; then
    nextBackupTime=`cat /var/log/nextBackup.log`
    if [ $(($currentTime - $nextBackupTime)) -gt 0 ]; then
        startBackup=true                       #time for the next backup
    fi
else
    startBackup=true
fi
 
if [ $startBackup == true ]; then
    echo "It's time for another Backup!"
    echo "Don't forget to switch on your backup hard disk before you start!"
    repeat=true
    while $repeat; do
        echo -n "Start backup procedure now? (y)es or (n)o? "
        read char
        case $char in
            [y,Y] ) 
                if [ ! -d /home/schiesbn ]; then
                    echo "encrypted HOME partition has to be mounted..."
                    cryptsetup luksOpen /dev/sda6 secureHome
                    mount /dev/mapper/secureHome /home
                fi
                echo "encrypted BACKUP partition has to be mounted..."
                cryptsetup luksOpen /dev/sdd1 secureBackup
                mount /dev/mapper/secureBackup /mnt/backup
                echo "Starting Backup...";
                rdiff-backup --print-statistics /home/schiesbn /mnt/backup
                echo "umount backup disk..."
                umount /mnt/backup
                cryptsetup luksClose secureBackup
                # calculate the time for the next backup and write it to the log
                nextBackup=$(($currentTime + $timeUntilNextBackup))
                echo $nextBackup > /var/log/nextBackup.log
                echo "DONE."
                sleep 10   #give me some time to look at the backup statistics
                repeat=false;;
            [n,N] )
                repeat=false;;
        esac
    done
fi

If the last backup is older than 1 week the script asks me, if I want to do another backup. Than I can decide to postpone it or to start it now. If I decide to start the backup procedure I get the opportunity to decrypt my backup and home partition before rdiff-backup starts. After that I can leave the room and be sure that the computer will shutdown after the backup is finished.

Until now this is the best and most reliable, least annoying and most automated solution I could found.

flattr this!

A successful year for the 1. RFC Stuttgart


This year it was the first time I participated at RoboCup tournaments. It was quite stressful but also really exiting and most important successful!

In April the year started with the German Open in Hanover. It was a hard week, we lived in a bus and worked every day far into the night. But it was worthwhile. After many years of struggle the 1. RFC Stuttgart finale made it and win the German Open!

Here you can see a summary of the final game in Hanover against Osnabrück (Stuttgart = cyan; Osnabrück = magenta):


(direct link to the video)

But this was not the end of our success in 2009. Last week we went to Graz, Austria for the RoboCup world championship. Like a few weeks ago in Hanover it was again a hard week. At the end we went home with two cups! First we won the free challenge with the presentation of our “Automatic Camera Man” and at Sunday we finally won the final and became world champion for the first time!

The tournament started quite well with 6:0 wins in the first round robin. In the second round robin we had our only defeat and finished the round with 3:1 wins. The third round robin ended with 2:0 wins. In the semifinal we won against MRL (Iran) 4:1. Than in the final we met Tech United (Eindhoven, Netherlands) and beat them 4:1 for the world championship.

This is the team which made all this happen:

Below you can see a video, recorded by Tech United, from the final (Stuttgart = magenta; Tech United = cyan).


(direct link to the video)

By the way, all robots are powered by Debian GNU/Linux and the software is developed with C++ and Qt (for graphical tools)…

flattr this!

Free Software in Schools


At the moment Free Software in education is one of my main interests in the Free Software ecosystem. FSFE’s Fellowship wiki already provides some useful information on this topic. It’s quite interesting to see the development in this area. Further I think schools play an important role for the adoption of Free Software in many areas. What pupils learn and get used to during school is what they want to use and what they demand if they enter the business world. I also think that it is important to get as early as possible at least a basic idea about the role of software in the information society.

Today I read an interesting article about a school in Austria which uses GNU/Linux systems on USB sticks (German only). With LinuxAdvanced the school created their own distribution based on Debian GNU/Linux 5.0 (aka Lenny) and the lightweight desktop environment Xfce.

The Kremser Bundesgymnasium uses this system since two years on all computers in the computer science classrooms. Now they decided to switch from local installations to live systems on USB sticks. The advantage: The pupils can carry their system around with themselves. They can use it at school, at home or at any computer they want. About 50% of all pupils uses the system regularly at home. It seems like especially the young pupils using the system quite naturally and have no reservations. Further Rene Schwarzinger explains: “We don’t want to encourage our pupils to create illegal copies just to be able to work at home with the same programs as at school”. The obvious solution to avoid this is to use only Free Software at school and pass it down to the pupils.

In autumn they want to introduce netbooks together with the GNU/Linux USB stick to the pupils.

I really like the idea using USB sticks instead of normal installations on hard disks. Live systems are nothing new but I think it makes much sense in this scenario. With the USB sticks the pupils can work with their systems and their data wherever they want without having to convince their parents to install a new operating system at home which could be quite challenging, both technically and philosophically.

I’m interested in more success stories about Free Software and GNU/Linux in schools. Please let me know if you know schools (especially in Germany or Europe) which already uses GNU/Linux or prepare the switch to Free Software.

flattr this!

Fedora and gpg-agent


While it was quite easy to set up my Fellowship smartcard for SSH logins on Debian GNU/Linux following this instructions I never managed to get it working on Fedora GNU/Linux. At some point of time I just gave up. Today finally I found a solution in an on-line forum.

The problem was that gpg-agent always stopped with the error message:

$ gpg-agent 
gpg-agent[2857]: can't connect to `/home/schiesbn/.gnupg/S.gpg-agent': No such file or directory
gpg-agent: no gpg-agent running in this session

By default the gpg-agent on Fedora creates the socket in /tmp instead of in /home/schiesbn/.gnupg. So you have to move it manually over to your home directory once gpg-agent has started.

To do this I use this script:

#!/bin/bash
 
# Decide whether to start gpg-agent daemon.
# Create necessary symbolic link in $HOME/.gnupg/S.gpg-agent
 
SOCKET=S.gpg-agent
PIDOF=`pidof gpg-agent`
RETVAL=$?
 
if [ "$RETVAL" -eq 1 ]; then
	echo "Starting gpg-agent daemon."
	eval `gpg-agent --daemon `
else
	echo "Daemon gpg-agent already running."
fi
 
# Nasty way to find gpg-agent's socket file...
GPG_SOCKET_FILE=`find /tmp/gpg-* -name $SOCKET`
echo "Updating socket file link."
cp -fs $GPG_SOCKET_FILE $HOME/.gnupg/S.gpg-agent

To execute this script during log-in I have added this to my ~/.bashrc:

# GPG-AGENT stuff
GET_TTY=`tty`
export $GET_TTY
$HOME/bin/gpg-agent-start.sh

I still wonder why it works that easy on Debian and on Fedora i need all this scripting. But for the moment I’m just happy that I have found a solution to use my smartcard for SSH login on my Fedora systems.

flattr this!

It’s all about communication


About one week ago the new Fellowship web page was launched. It’s a great improvement over the old one. Finally we have a first-class blogging platform, a first class wiki and a planet to aggregate all weblogs of FSFE’s Fellows. I think this components already show that communication (blogs, planet) and collaboration (wiki) is an essential part of the Fellowship. Beside increasing FSFE’s financial independence and political weight the Fellowship always aimed to bring Free Software supporters together and offer them a place to exchange ideas and collaborate on Free Software activities.

But the Fellowship offers even more ways to collaborate and communicate. There are mailing lists for various languages and regional Fellowship groups, there is a Jabber server with multi-user chats (MUC), there are IRC channels and there are even Fellowship meetings for real life contacts. I always thought that this infrastructure was not as visible as it should be. So as one of my contribution to the new web page I helped to create the communicate-page which gives an overview of all these options.

Just take a look at it. Maybe you will find some mailing lists or chat rooms you are interested in. With this web page in place I hope more Fellows will know an use the various communication channels.

flattr this!