Skip to main content


Debian Day in Varese

I'm stuck home instead of being able to go to DebConf, but that doesn't mean that Debian Day will be left uncelebrated!

Since many of the locals are away for the holidays, we of @Gruppo Linux Como and @LIFO aren't going to organize a full day of celebrations, but at the very least we are meeting for a dinner in Varese, at some restaurant that will be open on that date.

Everybody is welcome: to join us please add your name (nickname or identifier of any kind, as long as it fits in the box) on before thursday, August 10th, so that we can
get a reservation at the restaurant.


Travel piecepack v0.1


A piecepack set of generic board game pieces is nice to have around in case of a sudden spontaneous need of gaming, but carrying my full set takes some room, and is not going to fit in my daily bag.

I've been thinking for a while that an half-size set could be useful, and between yesterday and today I've actually managed to do the first version.

It's (2d) printed on both sides of a single sheet of heavy paper, laminated and then cut, comes with both the basic suites and the playing card expansion and fits in a mint tin divided by origami boxes.

It's just version 0.1 because there are a few issues: first of all I'm not happy with the manual way I used to draw the page: ideally it would have been programmatically generated from the same svg files as the 3d piecepack (with the ability to generate other expansions), but apparently reading paths from an svg and writing it in another svg is not supported in an easy way by the libraries I could find, and looking for it was starting to take much more time than just doing it by hand.

I also still have to assemble the dice; in the picture above I'm just using the ones from the 3d-printed set, but they are a bit too big and only four of them fit in the mint tin. I already have the faces printed, so this is going to be fixed in the next few days.

Source files are available in the same git repository as the 3d-printable piecepack, with the big limitation mentioned above; updates will also be pushed there, just don't hold your breath for it :)
blog crafts


XMPP VirtualHosts, SRV records and letsencrypt certificates

When I set up my XMPP server, a friend of mine asked if I was willing to have a virtualhost with his domain on my server, using the same address as the email.

Setting up prosody and the SRV record on the DNS was quite easy, but then we stumbled on the issue of certificates: of course we would like to use letsencrypt, but as far as we know that means that we would have to setup something custom so that the certificate gets renewed on his server and then sent to mine, and that looks more of a hassle than just him setting up his own prosody/ejabberd on his server.

So I was wondering: dear lazyweb, did any of you have the same issue and already came up with a solution that is easy to implement and trivial to maintain that we missed?

from IRC:

<nicoo> Anyhow, the issue is that, for a X.509 cert to be valid for XMPP for, it needs to have either in its subjectAltNames (making it able to impersonate any other service on that domain, esp. HTTPS)
<nicoo> or it can have an SRV-ID in subjectAltName
<nicoo> Unfortunately, the CA/B rules don't allow CAs to issue SRV-ID names
<nicoo> There has been some tentative effort to change that, but it seems to be stalled:
<nicoo> Here is the matching Let's Encrypt thread:
<nicoo> I did actually offer to implement it in Boulder (and had a stab at that on a local fork) but it's pointless as long as nothing changes on the CA/B side


New pajama

I may have been sewing myself a new pajama.


It was plagued with issues; one of the sleeve is wrong side out and I only realized it when everything was almost done (luckily the pattern is symmetric and it is barely noticeable) and the swirl moved while I was sewing it on (and the sewing machine got stuck multiple times: next time I'm using interfacing, full stop.), and it's a bit deformed, but it's done.

For the swirl, I used Inkscape to Simplify (Ctrl-L) the original Debian Swirl a few times, removed the isolated bits, adjusted some spline nodes by hand and printed on paper. I've then cut, used water soluble glue to attach it to the wrong side of a scrap of red fabric, cut the fabric, removed the paper and then pinned and sewed the fabric on the pajama top.
As mentioned above, the next time I'm doing something like this, some interfacing will be involved somewhere, to keep me sane and the sewing machine happy.

Blogging, because it is somewhat relevant to Free Software :) and there are even sources, under a DFSG-Free license :)
blog crafts
This entry was edited (2 years ago)


kvm virtualization on a liberated X200, part 1

As the libreboot website warns: there are issues with virtualization on x200 without microcode updated.

Virtualization is something that I use, and I have a number of VMs on that laptop, managed with libvirt; since it has microcode version 1067a, I decided to try and see if I was being lucky and virtualization was working anyway.

The result is that the machines no longer start: the kernel loads, and then it crashes and reboots. I don't remember why, however, I tried to start a debian installer CD (iso) I had around, and that one worked.

So, I decided to investigate a bit more: apparently a new installation done from that iso (debian-8.3.0-amd64-i386-netinst.iso) boots and works with no problem, while my (older, I suspect) installations don't. I tried to boot one of the older VMs with that image in recovery mode, tried to chroot in the original root and got failed to run command '/bin/bash': Exec format error.

Since that shell was lacking even the file command, I tried then to start a live image, and choose the lightweight debian-live-8.0.0-amd64-standard.iso: that one didn't start in the same way as the existing images.

Another try with debian-live-8.5.0-i386-lxde-desktop.iso confirmed that apparently Debian > 8.3 works, Debian 8.0 doesn't (I don't have ISOs for versions 8.1 and 8.2 to bisect properly the issue).

I've skimmed the release notes for 8.3 and noticed that there was an update in the #codeblock-4# package, but AFAIK the installer doesn't have anything from non-free, and I'm sure that non-free wasn't enabled on the VMs.

My next attempt (thanks tosky on #debian-it for suggesting this obvious solution that I was missing :) ) was to run one of the VMs with plain qemu instead of kvm and bring it up-to-date: the upgrade was successful and included the packages in this screenshot, but on reboot it's still not working as before.


Right now, I think I will just recreate from scratch the images I need, but when I'll have time I'd like to investigate the issue a bit more, so hopefully there will be a part 2 to this article.
#debian-it blog


Debconf streaming and kudos to the video team

With Debconf being in South Africa, a lot of people (like me) probably weren't able to attend and are missing the cheese and wine party, mao games and general socialization that is happening there.

One thing we don't have to miss, however, are the talks: as usual the video team is doing a great job recording and streaming all talks so that people can still participate a bit from their home.

What they do, however, requires a lot of manpower, so if you are attending Debconf please consider volunteering to help: from my experience last year they are very nice people who are welcoming towards new contributors and they have periodical training sessions to help people getting started with the various tasks. More informations about video team meetings and training session are in the topic of the IRC channel, #debconf-video@OFTC.

I don't think there are cookies involved (which just proves that the video team isn't evil), but you may get a t-shirt and you will get a warm fuzzy feeling of having helped people around the world.

@Debian #debconf


Busy/idle status indicator

About one year ago, during my first Debconf, I've felt the need for some way to tell people whether I was busy on my laptop doing stuff that required concentration or just passing some time between talks etc. and available for interruptions, socialization or context switches.

One easily available method of course would have been to ping me on IRC (and then probably go on chatting on it while being in the same room, of course :) ), but I wanted to try something that allowed for less planning and worked even in places with less connectivity.

My first idea was a base laptop sticker with two statuses and then a removable one used to cover the wrong status and point to the correct one, and I still think it would be nice, but having it printed is probably going to be somewhat expensive, so I shelved the project for the time being.


Lately, however, I've been playing with hexagonal stickers and decided to design something on this topic, whith the result in the figure above, with the “hacking” sticker being my first choice, and the “concentrating” alternative probably useful while surrounded by people who may misunderstand the term “hacking”.

While idly looking around for sticker printing prices I realized that it didn't necessarly have to be a sticker and started to consider alternatives.

One format I'm trying is inspired by "do not disturb" door signs: I've used some laminating pouches I already had around which are slightly bigger than credit-card format (but credit-card size would also work of course ) and cut a notch so that they can be attached to the open lid of a laptop.


They seem to fit well on my laptop lid, and apart from a bad tendency to attract every bit of lint in a radius of a few meters the form factor looks good. I'll try to use them at the next conference to see if they actually work for their intended purpose.

SVG sources (and a PDF) are available on my website under the CC-BY-SA license.

Ma a questo punto a che servono due ? Basta girarne uno solo.

@Sandro I due sono perché dietro ad uno c'è scritto "hacking", dietro all'altro c'è scritto "concentrating", per i casi in cui "hacking" può esserere frainteso.

E sì, sul portatile in ogni momento ne va uno soltanto.


StickerConstructorSpec compliant swirl

This evening I've played around a bit with the Sticker Constructor Specification and its template, and this is the result:


Now I just have to:

* find somebody in Europe who prints good stickers and doesn't require illustrator (or other proprietary software) to submit files for non-rectangular shapes
* find out which Debian team I should contact to submit the files so that they can be used by everybody interested.

But neither will happen today, nor probably tomorrow, because lazy O:-)

Edit: now that I'm awake I realized I forgot to thank @Enrico Zini Zini and MadameZou for their help in combining my two proposals in a better design.

Source svg
@Enrico Zini blog
This entry was edited (3 years ago)


Conservancy supporter, at last!

Yesterday I've finally donated to become a Conservancy Supporter.

The reasons to donate have already been explained many times both on Planet Debian and elsewhere; a few weeks ago I wrote a post (in Italian) on the Ninux community blog to spread the word about it.

So, why I haven't donated earlier?

Trying to donate via PayPal from Italy (and, it seems, from Europe in general) requires a PayPal account, which I don't have and don't want to have, so I contacted them to ask for bank transfer instructions.
The first instructions I received were too complex for my online-only bank account, so I asked my bank for help, there was an exchange of emails, further simpler instructions from their bank, a small donation to test everything and time passed.

Finally, the good news: it is possible to donate to Conservancy from Italy (and probably from elsewhere in EU) using a SEPA transfer with minimal commissions and usually available from the home banking websites, so that it doesn't require significantly more effort than using paypal.
You can contact Conservancy via e-mail to get the relevant payment data.

(Conservancy has an account in EUR which is then used to pay for expenses in EUR, so no currency conversion commission are involved.)


Finding people who have already signed your key

To be sure not to waste time during a ksp to meet people with whom I have already exchanged fingerprints, I decided to do a quick check of the list.

I had already downloaded a recent wotsap db to ~/.wotsapdb;

$ wotsap $MY_KEY > signatures.txt

I've then edited the file, keeping just the signature sections:

This key is signed by, excluding cross-signatures:
This key is cross-signed with:
Keys signed by this key, excluding cross-signatures:

And then grepped the keys in the kps file in that list (maybe doing the reverse would have been better, whatever)

$ for K in `grep "^pub" ksp-dc15.txt | cut -c 15-22 ` ; do grep $K signatures.txt ; done

The first characters on each line tells you if it is a cross signature (X,X), if you have signed the key (-,X) or if they have signed your key (X,-), so that you can mark them on the ksp list as "ignore", "ask if there were problems with your fingerprint / ID", "ask whether they have received your signatures" as relevant.

I only had a few results, so the next step was done by hand.


Printing a 2965 lines text file

Let us image I have a reason to print a text file that is 2965 lines long, is encoded in utf-8 (so a2ps and enscript don't work) and I don't want to destroy a whole forest for it.

I've started by using xelatex to get a nicely typeset A5 page with my file in a monospaced font: partecipants.tex


\lstset{ %


This gets compiled into partecipants.pdf with

$ xelatex partecipants.tex

And resulted in 44 pages, 4 less than the 48 needed by a2ps, and printable on just 11 A4 sheets.

I wanted it to be easily manageable while walking around, taking notes into it while standing, so I decided to arrange it in booklet form:

$ pdfbook partecipants.pdf

The result, partecipants-book.pdf was printed (two sided, of course) folded and stitched in the middle.

I could have arranged it into signatures, but this would have required an additional sheet to bring the number of pages to a multiple of 16.

I know that there are electronic alternatives around, and I've also considered just carrying around the file and adding notes (to a copy?) with vim, but I'd trust a paper copy more.


Leap second on 31 march

A couple of days ago this appeared in my system logs

Mar 31 23:59:59 kernel: Clock: inserting leap second 23:59:60 UTC

my first reaction of course was "great! they gave us one second more of sleep! MY PRECIOUSSSS", but then I realized that yes, this year there was supposed to be a leap second, but it should have been in June, not in March.

Other people I know noticed the message, but nobody knew anything else about it, and duckduckgoing didn't find anything, so I'm asking the lazyweb: does anybody know what happened?

Update: it seems that this has been traced to a single layer1 ntp server.
This entry was edited (4 years ago)


Reducing useless noise from irssi

Yesterday I missed a query from a friend (with the answer to a question *I* had asked in the first place) because it ended up in window 30-something and my statusbar was full of dim numbers from channels where people had just joined/left.

This morning I've set
activity_hide_level = JOINS PARTS QUITS
and my world is a much neater place :)

(I may have to add NICKS and possibly MODES, but they are rare enough and I'm still not sure I don't care about them, especially the latter.)


vim hello.txt

Hello Worl⎋bdwaFriendica!⎋:wq
This entry was edited (5 years ago)