Categories: ,
Posted by: bjb

I had a very smooth upgrade of a Debian wheezy system to Devuan jessie. This is a small system that doesn’t have a desktop or use any other dbus things — it mostly runs as an unattended server and I only connect to it occasionally.

 continue reading
Posted by: bjb

Happy birthday Devuan!

Devuan is a systemd-less fork of Debian.

02/12: netdev

Categories: ,
Posted by: bjb

I’m lucky enough to be sitting in the netconf conference, with Pablo Ayuso, Jamal Hadi Salim, David Miller and others. They are discussing current and proposed future work on the networking subsystem of the Linux kernel.

This is the by-invitation-only mini-conference. Many of the attendees here will speak at the open-registration netdev01 conference from Feb 14 — 17 at the same venue (the Westin Hotel, downtown Ottawa). It’s looking like that conference will be really great. It’s not too late to sign up! I’ll definitely be there.

Posted by: bjb

I looked up a question on stackoverflow, and even found it. But it had no answer, so I wrote one.

With luck, it’s not too far wrong.

… well I guess I answered the wrong question. Oops.

Can an existing folder be redeclared a virtual enviroment with VirtualEnvWrapper?

I thought this was a project that had been made with virtualenv, and they wanted to put it under virtualenvwrapper. But apparently it was made with virtualenvwrapper, and I don’t know what they want to do with it.

They can probably get the answer to their question from my answer, though.

My answer:


Anatomy of virtualenvwrapper

The existing project has two parts:

  • the virtualenv, where python and the python libs are installed, and
  • the project directory where your code is (that uses the virtualenv).

Virtualenvwrapper adds a third part, the virtualenvwrapper hooks. These are mainly shell functions that are called at certain times in a project or virtualenvs life cycle. They live in a third directory — by default, they are installed to ~/.virtualenvs (at least that was true on my Debian wheezy system). The hooks include postactivate, which we will edit below, and a bunch of others such as premkproject, premkvirtualenv, etc. The following list of keywords gives you the flavour of the hooks: initialize, pre/post, mk/rm, project/virtualenv, activate/deactivate. virtualenvwrapper puts these scripts in $VIRTUALENVWRAPPER_HOOK_DIR, which defaults to $WORKON_HOME.

virtualenvwrapper assumes

  • all the virtualenvs are in one place ($WORKON_HOME) (defaults to ~/.virtualenvs) Let’s say you have two virtualenvs, one called MYVENV and the other called MYOTHERVENV
  • all the project directories are in another place ($PROJECT_HOME).
  • Let’s say you have a project “is” in directory /home/me/where/my/proj that uses virtualenv MYVENV.

    how to use workon to work on your pre-existing code and virtualenv

    Here I’m assuming all your virtualenvs are in one place (in my case, they are all in /usr/local/virtualenv).

    one-time operations

    ** edit ~/.virtualenvs/postactivate (+) to have

        case $env_name in
                cd /home/me/where/my/proj/is
                cd /home/me/where/my/other/project/is2

    ** links

        for hk in get_env_details initialize postactivate postdeactivate \
                postmkproject postmkvirtualenv postrmproject \
                postrmvirtualenv preactivate predeactivate premkproject \
                premkvirtualenv prermproject prermvirtualenv; do \
            ln -s ~/.virtualenvs/$hk /usr/local/pythonenv/$hk; \

    any time you want to work on your project that uses MYVENV virtualenv

        WORKON_HOME=/usr/local/pythonenv workon MYVENV

    Of course if all your virtualenvs are indeed in the same place, you can define WORKON_HOME in your .profile and you won’t have to specify it on the command line every time.

Posted by: bjb

The problem I’m trying to solve here is to see if my web app is setting the right headers on the response. But, the web app is under https so it’s hard to sniff. Here’s how I did it. Hopefully next time I have to do this, I will find this hint and get going a lot quicker.

In the thing below, pretendhostname is a name that the remote web server uses for the server name, and the local machine has as an alias to Also, I have used ssh port forwarding to send the data to the remote web server.

Remote machine
  • In /etc/apache2/sites-enabled/the-web-app:

    <VirtualHost *:443>
        ServerName pretendhostname
Local machine
  • ~/.ssh/config stanza for some remote network on which the remote web server ( runs:

    Host remote_gateway
            LocalForward 8443
  • in /etc/hosts on my local machine:       localhost pretendhostname
  • Type these commands:

    $ ssh remote_gateway

    then in a different terminal on my local machine:

    $ curl -L -b -c \
        -d 'username=theusername&password=thepassword' \
        -k -D headers.txt \
    $ curl -L -b -c \
        -d 'username=theusername&password=thepassword' \
        -k -D headers.txt \

This will put the headers of the response into headers.txt, where I can inspect them.

Categories: ,
Posted by: bjb

More main-stream media coverage on “the cloud”, this time from The Current

“They ask young people what do you think the cloud looks like? They use almost religious terminology to describe it when in fact the internet is just a bunch of data farms on the Colombia river or routers in a room in suburban Ottawa. Everything’s beige.”

Douglas Coupland on Alcatel-Lucent, in a The Current episode produced by Kristin Nelson.

Categories: ,
Posted by: bjb

I was pleased to see “the cloud” described in plain terms in this CBC news article:

“Don’t call it ‘the cloud.’ Call it someone else’s computer,” wrote security blogger Graham Cluley in a post last December, saying that mentality will make people more mindful of the security risks.

Hopefully, we can go back to calling data centres “data centres” again, soon.

Posted by: bjb

git ls-tree -r HEAD

I tried searching for how to list the files in a revision in git, and found only how to list the changed files in a revision.

I knew that gitk shows a list of files and directories in any given repo. So I looked in it (it’s a wish script) to find out how it gets the list of files for each revision. Found it around 3/4 of the way down, in proc gettree.

Probably most anything you’d want to do with git, you can find it in gitk.

Categories: , ,
Posted by: bjb

A friend recently was going to update his Facebook app on his Android tablet. Even he was shocked to see what permissions Facebook was requiring for the upgrade. Facebook was requiring the following new permissions in order to complete the upgrade:

    • read your text messages (sms or mms)
    • change network connectivity
    • connect and disconnect from wifi
    • change your audio settings
    • add or modify calendar events and send email to guests without owner’s knowledge
    • read calendar events plus confidential information
    • read your own contact card

This is in addition to the permissions that the Facebook app already has:

    • prevent tablet from sleeping
    • toggle sync on and off
    • record audio
    • take pictures and videos
    • modify your contacts
    • read call log
    • read your contact
    • write call log
    • modify or delete the contents of your USB storage
    • approximate (network-based) location
    • precise (GPS) location
    • add or remove accounts
    • create accounts
    • set passwords
    • full network access
    • read phone status and identity
  • the fold (below are “hidden” permissions — it’s an Android thing I guess)
    • install shortcuts
    • read sync settings
    • send sticky broadcast
    • test access to protected storage
    • download files without notification
    • receive data from internet
    • view wifi connections
    • view network connections
    • google play billing service
    • control vibration
    • find accounts on the device

And people want to keep money and other sensitive info on their Android devices, along with these promiscuous permissions? They wonder why their privacy is being eroded and their identities stolen, when they are giving away the info — and control — themselves?

At this point, even my friend is not keen to upgrade his Facebook app.

If enough people complain this time, we can watch for Facebook to relinquish a couple of the new permissions, then sneak them back in in future upgrades.

Categories: , ,
Posted by: bjb

It seems there are two ways to back up the android phone that I didn’t know before.

One is to use the “adb backup” command from the android developer kit. You can supply some switches to control what type of stuff gets backed up, even to the point of choosing particular apps. It probably backs up all the data for a given app in a lump, and also probably makes assumptions on where that data is. If the app writer followed Android conventions, you’re probably ok in terms of backing up what you’re interested in.

The other works if you have installed clockworkmod. You can boot to recovery mode, and select “backup and restore”, then “backup”. It will copy your data to the /sdcard/clockworkmod/backup directory. Copy the backup off, and you have your backup. I’m not yet sure what is in it. Supposedly this method is automatable.

I will have to try the restore for each method at some point I guess — because a backup isn’t complete until you know you can restore from it.

Of course I tried the above two methods in the other order, and so I’m probably backing up my backup. Oops. It’s still running.

… time passes

Ok, seems to have finished. Let’s have a look.

clockworkmod backup

The clockworkmod backup (that copies to /sdcard/clockworkmod/backup directory) produced the following on the android:

shell@android:/sdcard/clockworkmod/backup $ find                               

Simple enough to copy that off with an adb pull command:

$ ~/projects/android/android-sdk-linux-r22.3/platform-tools/adb pull /sdcard/clockworkmod/backup/2014-01- .
pull: building file list...
pull: /sdcard/clockworkmod/backup/2014-01- -> ./nandroid.md5
pull: /sdcard/clockworkmod/backup/2014-01- -> ./cache.ext4.dup
pull: /sdcard/clockworkmod/backup/2014-01- -> ./data.ext4.dup
pull: /sdcard/clockworkmod/backup/2014-01- -> ./system.ext4.dup
pull: /sdcard/clockworkmod/backup/2014-01- -> ./recovery.img
pull: /sdcard/clockworkmod/backup/2014-01- -> ./boot.img
6 files pulled. 0 files skipped.
3328 KB/s (21445584 bytes in 6.291s)

Note the ‘/’ at the end of the path that is being pulled, that’s how you get a directory and its contents.

The .md5 file has md5sums for the other files. The .dup files seem to be lists of paths on the android device. Not sure how they map to the .img files. I’m guessing the .img files are the full flash contents of those two partitions (boot and recovery).

To restore some but not all, you can boot to recovery mode, select backup and restore, then advanced restore. Now you can choose to restore:


I suppose being able to choose these things is better than nothing, but I was hoping for the ability to restore, say, the calendar but leave the other things alone. Guess I have to keep looking.

adb backup

This produced a single mega-sized file. File says it is of type “data”. It starts with the following string: “ANDROID BACKUP”.

I guess you can back up only a single app (or a few apps) if you give the app (or apps) name(s).

you can list the package names (e.g. specifically that you would like to backup.”

adb backup -all -apk -shared -system


adb backup -apk -shared -system com.droidwave.offlinecalendar

The adb command directs you to “unlock the phone and enter the password”. It just means to enter your pin or do whatever you do to access your phone normally — not referring to “rooting” your phone here. During the backup, a screen appears on the phone over top of everything else, asking for your password (which you set in settings, developer settings, desktop backup) and permission to do the backup — and showing the progress by giving the name of the app (file? app?) bing handled. Note that I’ve seen two warnings in different articles on the web saying the backup/restore will not work unless the password is set. android.sharedstorage.backup might be shown for a long time, esp. if there is a big fat backup from the other method sitting in it. Oops.

It takes quite a while — on the order of half an hour or so if you asked for a full backup (-all -apk -shared -system) and there is a clockworkmod backup in /sdcard/. Oops.

In the end there is a humongous file (nearly 3 GB in my case) in the named place (-f option on the adb backup command line) on your desktop.

I don’t think there is a way to restore just part of it.

Deleting the other backup and doing this backup again resulted in a slightly smaller humongous file:

$ ls -la
total 8109684
drwxrwx--- 3 bjb bjb       4096 Jan  3 00:05 .
drwxrwx--- 4 bjb bjb       4096 Jan  2 14:11 ..
-rw-r----- 1 bjb bjb 2775642349 Jan  2 14:47 20140102
-rw-r----- 1 bjb bjb 2775658565 Jan  2 23:06 20140102-a
-rw-r----- 1 bjb bjb 2744876613 Jan  3 00:50 20140102-b
drwxrwx--- 2 bjb bjb       4096 Jan  2 19:22 clockworkmod

After a few trials I have:

$ ls -la
total 12469752
drwxrwx--- 3 bjb bjb       4096 Jan  3 02:40 .
drwxrwx--- 4 bjb bjb       4096 Jan  2 14:11 ..
-rw-r----- 1 bjb bjb 2775642349 Jan  2 14:47 20140102
-rw-r----- 1 bjb bjb 2775658565 Jan  2 23:06 20140102-a
-rw-r----- 1 bjb bjb 2744876613 Jan  3 00:50 20140102-b
-rw-r----- 1 bjb bjb 1486766101 Jan  3 01:45 20140102-c
-rw-r----- 1 bjb bjb 1486766101 Jan  3 02:28 20140102-d
-rw-r----- 1 bjb bjb       4213 Jan  3 02:29 20140102-e
-rw-r----- 1 bjb bjb       4213 Jan  3 02:36 20140102-f
-rw-r----- 1 bjb bjb       4213 Jan  3 02:38 20140102-g
-rw-r----- 1 bjb bjb 1486766101 Jan  3 02:46 20140102-h
drwxrwx--- 2 bjb bjb       4096 Jan  2 19:22 clockworkmod
aunknownadb backup -f 20140102-a -all -apk -shared -system
bunknownadb backup -f 20140102-b -all -apk -shared -system (after deleting the extra backup)
cunknownadb backup -f 20140102-c -apk -shared -system
d6m 17sadb backup -f 20140102-d -apk -shared
e0m25.650sadb backup -f 20140102-e -apk
f0m24.420sadb backup -f 20140102-f
g0m19.870sadb backup -f 20140102-g -system
h6m8.702sadb backup -f 20140102-g -shared -system