Formatting a netbook with dual boot Windows and Linux, plus a Docker container for travel and offline LAMP development

When I travel, I like to carry the smallest and cheapest computer that can serve my needs, a netbook: the HP Stream 11” netbook (C$250) is a modest Intel single-core 64 bit cpu with 2 threads, 4GB of RAM, and 57GB of usable space on a 64GB eMMC drive. This computer is inexpensive, light, and disposable. This computer can be reformatted often, as it is not my main personal computer. Although this computer has light specs, the RAM and hard drive are double the size of typical netbooks. The amount of drive space makes a multiple boot environment possible, and the amount of RAM makes Windows bearable. I have also added a 64GB micro SD card for extra storage.

I use Linux for a lot of PHP programming. I also prefer Linux as a desktop for the performance, and for the privacy and freedom. I have to retain the ability to use Windows in case I need to connect to certain systems for work, and the computer is too limited in terms of CPU and RAM for virtualization. Don’t even get me started on Wine.

Partitioning a multiple-boot system with Windows and Linux

This has led me to divide the 57GB drive into a 35GB Windows 10 partition, and a 22GB Fedora 28 Linux partition. Windows must be installed first, with unallocated drive space available to the Linux installer to create a new drive partition. The Linux installer will also install a multiple boot manager which will list the Windows boot partition as an available option on startup.

Installing Windows

If you are modifying an existing Windows installation to become multiple-boot, resize the windows partition to create free, “unallocated” space, which can be used by the Linux installer.

If you are doing a fresh installation of a multiple boot system, use the Windows installer to destroy all existing partitions, then Windows system should be installed first, only partitioning the drive space needed for Windows, leaving the rest of the drive space unallocated for later use by the Linux installer.

I don’t plan to provide much further detail on how to install a Windows system, the world gives enough love to Windows already. The rest of this blog post contains my notes on installing Linux and setting up Docker containers for Linux/Apache/MySQL/PHP (LAMP) web development.

Installing Linux

Changing Fedora 28 from a sudo/wheel group implementation to a traditional box with root

Prior to Fedora 28, the operating system reflected a traditional RHEL-style box, with sudo available but requiring a true root password for some operations. It would seem that Red Hat has chosen to emulate the Ubuntu permissions model, which is that of a privileged user that owns the desktop, that belongs to the wheel group (BSD style permission to use sudo command), and that accepts the privieged user’s password to escalate to root using sudo as part of the command. To my mind, this means that the system effectively has no sandboxing or root password protection. I used the sudo su command to escalate to a root prompt, set a root password using the passwd command, edited the group file to remove the user owning the desktop from the wheel group, then rebooted.

Some general notes on setting up a Fedora 28 workstation

(My brother is the king of this kind of list.) I noticed that even when planning to do a minimal install for a temporary format for some experiments, I needed to perform the following steps to get the machine where I wanted it to be, so I decided to note them in a text file:

systemctl stop firewalld; systemctl disable firewalld

systemctl start sshd; systemctl enable sshd

dnf install nano (cause you always need a text editor)

Disable selinux:

cd /etc/selinux

nano config

set SELINUX=disabled

Set hostname:

cd /etc

nano hostname

Change gdm from Wayland back to x.org:

cd /etc/gdm

nano custom.conf

remove # in front of WaylandEnable=false

reboot

dnf clean all;dnf update

dnf install denyhosts

enable desktop sharing

adjust power settings: change timeouts for screen and hibernation on ac and battery power.

add the following repositories:

rpmfusion-free

rpmfusion-non-free

remi-release-28 (note: disabled by default you must edit the .repo file to enable prior to dnf)

(again) dnf clean all; dnf update

Accept GPG signatures, watch for missing RPM dependencies or conflicts between repositories.

Installing some favorite open-source desktop applications

vlc: video and audio player

vncviewer: install tightvnc package

Filezilla: FTP and SSH file transfer client

rdesktop/rdp123: Windows remote desktop client

Installing binaries of proprietary software packages on Fedora 28 workstation

Some important utilities are only available as binary-only installations, you can find the installers by using Google:

Teamviewer

Skype

Installing Google Chrome on Fedora 28 workstation

On Fedora 27, installing Google Chrome was easy, the 64 bit RPM installed without a hiccup. However, on Fedora 28, I got broken RPM dependency errors, which I had to resolve one-by-one, by googling and finding the following commands:

dnf install redhat-lsb

dnf install libXScrnSaver

dnf install libappindicator

dnf install libappindicator-devel

dnf install libappindicator-gtk3

Installing Google Earth on Fedora 28 workstation

Once Google Chrome is installed with its dependencies, you can install Google Earth.

Using Docker containers to create isolated web development platforms without virtualization

On the Linux side, although the Fedora 28 workstation environment can easily support a Linux/Apache/MySQL/PHP (LAMP) server for offline web programming, it supports PHP 7.x, which is incompatible with some older software that is still in production on Centos 7.x boxen (Fedora 19, PHP 5.x). This code is being re-factored, but the new versions are not ready for production. Rant: PHP deprecates far too aggressively, and has created a demand for legacy version PHP parsers. I chose not play with batch files and symbolic links to binaries, as I was worried about creating version mismatches, especially with glue drivers that link php and mysql.

Again, because of the limitations of the hardware, creating and running a virtual machine guest is not a viable option. At a Linux meetup about a year ago, I learned about Docker and containers and thought they were stupid. Now, I realize that many things I learn at Linux Meetup will be useful later on.

Installing Docker

dnf install docker docker-compose docker-common docker-devel

systemctl start docker; systemctl enable docker

Using Docker images and docker compose files to install a Docker container environment

Rather than installing a traditional LAMP stack, I have decided to install containerized environments, one for the old PHP 5.x environment, and one for the current PHP 7.x environment. I found the following links to be helpful:

https://github.com/sp0ker/lamp-docker

https://linuxconfig.org/how-to-create-a-docker-based-lamp-stack-using-docker-compose-on-ubuntu-18-04-bionic-beaver-linux

Despite the Ubuntu-specific reference in one of the above links, I was able to follow the procedure on a Fedora 28 workstation.

There are endless permutations to Docker, some involving virtual machines, which I tried to avoid given the limited specs of the system on which I am installing. The 2 links above created self-contained environments that can be started using the command “docker-compose up –d” and can be stopped using the command “docker-compose down” from within the build context of the Docker container’s directory structure.

Docker has a lot of commands and options. Two commands to help get you started:

docker ps (lists running docker containers, note that what you consider a single container could actually be multiple linked containers, ie one for apache and php, another for mysql, and so on)

docker exec -it 6ca756ef1b50 bash -l (in this case, a shell login to the isolated instance of the Docker container running MariaDB/MySQL so I could run the mysql command line utility)

Due to the nature of LAMP development, most of the time access to files within your normal shell in the Docker file directories should be enough, along with phpMyAdmin on the local web server.

Tip: if you expect to be truly isolated and offline during your development, install an offline copy of the php.net website on your local system.

 

Operating systems and freedom: deep thoughts on replacing a cell phone

In 2014, I was in Alaska, and wanted to use a Red Pocket SIM card with my iPhone 4 to roam with a lot of data — 3GB was included in the package. I ordered the SIM card, installed it (with some difficulty), and was able to connect voice, text, and data to the local AT&T cell network. However, my personal hotspot for wifi tethering was disabled. I made a point of replacing the iPhone with  a hackable Android phone, the Google Nexus 5. The software environment on the Nexus 5 is ideal, but the hardware died early. I then got a Oneplus One, which is now in its 3rd year of service. Both the Nexus and the Oneplus were unlocked, and i reflashed both of them with rooted versions of Android. I then had the ability to use a SIM card and to edit various registries that control things like whether tethering is permitted on a prepaid SIM. As it turned out, I only used this capability once — on a trip in 2015. After that time, roaming plans for Canadian cell phones have improved considerably.

I had planned to replace my Oneplus One with a Oneplus 6 in July of this year (2018). However, Google’s war with Amazon has produced some collateral damage: Google apps will no longer run on unofficial builds of the Android kernel. There is a mechanism for registering as a developer, but the point is, I would be better off at that point by staying with stock OTA updates and a non-rooted image on an Android phone.

Google picked a bad time to do this: rumors are that a cheaper 6.1″ LCD iPhone will be released in September 2018, at US$550 (C$720). If an iPhone only costs C$60 more than a OnePlus 6, I may as well just buy the iPhone. I have been lusting after wifi calling, call handoff to the iPad, and Airplay to the Apple TV.

This got me to thinking about vendor lockin. Microsoft is trying to get things to go through their app store, if they follow the MacOS path this will soon be the default, and we could see a potential future where apps are locked down fully on Windows and MacOS.

Where does that leave freedom? The multiple-boot partition that runs Linux on my personal laptop is in many ways the last place I will truly be free to control my own computer. I used to see Linux as a great server and a mediocre desktop. I now see it as a free desktop, free as freedom, not simply free as in beer.

Windows 10: setting network profile to private or public

If you are experiencing problems with file and print sharing, either as a server or as a client, it may be due to the current network profile of your Internet connection. Windows makes a distinction between private networks (home and work) and public networks (hotel wifi, Starbucks wifi, etc.) The idea is to avoid sharing your episodes of Gilligan’s Island with other people at the Starbucks by accident.

Windows often asks you to select whether a network profile should be private or public, but sometimes the issue is unclear.

To see and change the current network profile, right-click on the network icon (wired or wifi) on the bottom right near the time:

Click on “Change connection properties:”

You will be able to view and change the network profile:

 

A picture of a cat with an iPad

My friend Jim is in town to attend to some family business, he brought his cat Lucky. This is the first blog post I have been able to tag under both the “iPad” and “Cats” categories.

 

Muting Chrome audio by default and un-muting tabs selectively

Many web sites play audio without permission, so I usually have audio muted for the entire desktop. However, sometimes I like to watch Netflix or a media file on VLC, on a second screen, while I load other web pages on my main screen. This makes it necessary to mute audio on Chrome itself while allowing other applications to play sound, or to allow one web page to play Netflix or Youtube while others are muted.

Enabling mute function

To allow muting on individual Chrome tabs, enter the following address in the Chrome URL bar:

chrome://flags/#sound-content-setting

enable the option: “Sound content setting.”

Click “Relaunch now.”

Enabling mute controls per tab

To enable a control that allows for muting of individual Chrome tabs, enter the following address in the URL bar:

chrome://flags/#enable-tab-audio-muting

enable the option: “Tab audio muting UI control”

Click “Relaunch now.”

Muting all Chrome tabs by default

To enable a control that allows for muting all Chrome tabs by default, enter the following address in the URL bar:

chrome://settings/content/sound

disable the option:

When disabled, this option shows “Mute sites that play sounds.” When enabled, this option shows: “Allow sites to play sound (recommended).”

Click “Relaunch now.”

Selectively unmuting or muting Chrome tabs playing audio

When a tab is playing audio, an audio icon will appear on the tab, indicating whether sound is muted or not, and on which you can click to unmute or mute sound. There is also a sound control at the right of the URL bar which offers more detailed settings. You can also right-click on the tab label and select unmute or mute from the context menu.

 

Enabling SMB1 so Windows 10 can act as a file share server or client with non-Windows devices

Note: there are many things you need to check to get a Windows share working: whether network discoverability is enabled, ensuring that the firewall zone is set to private, and other advanced sharing options. This blog post assumes you have solved all of those problems, and have a Windows computer act as an SMB server, with a file share that is visible to other Windows computers, but is not visible to non-Windows clients. This blog post also applies if you have a Windows computer that is able to act as an SMB client to access a share on another Windows computer, but is unable to access a file share on a non-Windows device acting as an SMB server. Even if your Windows share does not yet work, it is probably worth your time to perform the steps outlined in this blog post.

Windows 10 includes a feature called File and Print Sharing that allows for a folder on a computer’s hard drive to be shared with other computers on a network. This kind of file sharing is called Server Message Block (SMB) and is implemented in non-Windows products, both hardware and software, in order to allow interoperability. Some hardware appliances, and some software, like the MacOS and Linux operating systems, as well as specialized programs like VLC running on iPad/iPhone, iOS, or TVOS (Apple TV) are able to act as SMB clients, so they can access files stored on a Windows-style share. Windows can also access shares on non-Windows devices using the SMB protocol.

This feature has been modified recently by security patches intended to harden the Windows 10 operating system against security threats like the WannaCry virus. There are several versions of the SMB protocol. The SMB 1.0/CIFS version of the protocol is now disabled by default. In addition, 3 rules were added to the Windows firewall that had the effect of blocking port 445, which is used by the SMB protocol. While it is fine to disable a firewall during initial troubleshooting, it is better for the long-term to re-enable the firewall, while disabling the rules that prevent SMB file sharing.

This means that if you have a share on Windows that is visible to other Windows computers, but not to non-Windows clients such as Mac, Linux, or hardware appliances, VLC, or Kodi, you may have to re-enable SMB 1.0/CIFS support in Windows 10. This may also apply if you are trying to use Windows as an SMB client to connect to an SMB share on a non-Windows device and are unable to do so, despite being able to connect to shares hosted on Windows computers.

Removing firewall rules re port 445

You may also have to disable certain firewall rules that were added by the security patch, specifically those that deal with port 445 for File and Print Sharing. From the Start menu, type “firewall,” then click on the option for “Windows Defender Firewall with Advanced Security. On the left side menu, select “Inbound Rules.” Locate the 3 rules labeled “File and Print Sharing (SMB-In). Highlight all 3 rules, right-click, then click “Disable rule.” On the left side menu, select Outbound Rules.” Locate the 3 rules labeled “File and Print Sharing (SMB-Out). Highlight all 3 rules, right-click, then click “Disable rule.”

Enabling SMB 1.0/CIFS protocol

To enable SMB 1.0/CIFS on a Windows 10 computer, go to the Start menu, type “windows feature,” then click on the option “Turn Windows features on or off.” You will then be presented with the following dialog:

Ensure that SMB 1.0/CIFS File Sharing Support and its sub-options are selected. Press OK. You will be prompted to reboot your computer. After you reboot, it is more likely that your share will be visible to non-Windows SMB clients, as before the security update. It is also more likely that your Windows computer will be able to connect as an SMB client to an SMB share on a non-Windows device.

Formatting an old 32 bit netbook with Linux to function as a file server

A friend wanted to reformat an old laptop with Linux to serve as a home file server, so that he could stream media files using VLC on iPad and Apple TV.

We initially tried with an HP laptop with a decent AMD chip (equivalent to i5 class) but had difficulty getting the installers for Fedora 27 64 bit and Linux Mint 18.3 64 bit Cinnamon to load. Problems with AMD have haunted me for 20 years. I am sure if we continue experimenting with command line arguments for the kernel at bootup we will find a solution.

My friend then found an old Acer Aspire One netbook. The system had an Atom N280 CPU (32 bit), 2GB RAM, and a 64GB hard disk.

Due to the limited offerings on the Fedora side (it is hard enough to convince  user to try to format with Linux, a text-only netinstall was all that Fedora offered for 32 bit), we decided to try Linux Mint 18.3 (32 bit) with a Cinnamon desktop. We encountered one problem with the install — we had to use the Tab key on startup to add the kernel command line arguments “acpi=off noapic”

Surprisingly, the system performed well — better than I expected, I remember trying to get 32 bit Fedora Linux to run on the same hardware: it ran hot, slow, and ran the fan like a leaf blower. I thought for sure that I would have to use a stripped-down desktop like XFCE, but the Cinnamon desktop ran well on the 32 bit system.

Until now, my advice has been to avoid 32 bit systems altogether — that such systems were below my junk pile threshold. The strong performance of Linux Mint 18.3 (32 bit) with a full Cinnamon desktop on such a low end system should change people’s expectations as to what is possible with a low-end system.

My friend is now able to stream media files from network file shares on the Linux server to stream media files via using VLC on iPad and Apple TV.

Streaming or downloading video files from a home network server to an iPad using VLC

A friend suggested that I write a blog post about about streaming video files from a home network to an iPad using VLC. There are 2 ways of consuming video on the iPad using VLC: by streaming files from a network share, or by using its built-in web server to receive files sent over a network.

If you are on the same local network as the network share, just stream the files. If you would like the file uploaded to the VLC data area of the iPad’s storage, use its built-in web server to receive the files sent over a network.

Let’s start with a sample video file, stored on a network share:

Streaming files from a network share

 

Using VLC’s built-in web server to receive files sent over a network

A good checklist item before you take a long trip by plane, train, or bus: load up your iPad with video files so you can entertain yourself offline.

 

Bluetooth shower speaker

My brother just gave me an advance birthday present, the Vic Tsing Bluetooth Shower Speaker.

The name says it all, here are some pictures:

On weekdays, my morning starts really early and i like to listen to the radio for traffic and weather while in the shower, or while shaving. However I can’t really hear the sound from the shower, and I do not like the idea of exposing my ipad to humidity.

So this devices should work out really well, the plan is to start a radio stream on the ipad, then send it to the speaker via bluetooth, from another room.