1 (edited by ralessi 2019-12-15 20:06:34)

Topic: A service dedicated to the Thinkpad X200

As everyone already knows, some computers are notoriously important to the Free Software nebula.  Thinkpads X200 are definitely among them.

Some time after the deprecation of /etc/local.d/, on the advice of Emulatorman, I wrote a very basic service just to make the distinctive whining noise of these machines disappear.  Then I gradually added other features of interest to me, such as switching off all radio devices whenever I close the lid or shutdown the computer.  The reason for doing this is easy to understand: for instance, suppose you close the lid just before leaving your flat on your way to the airport.  Do you want to broadcast items of information from your computer the moment you open the lid in the aiport terminal?

And just a moment ago, I added another feature to this service, namely the ability to backup essential files or directories to the encrypted disk that I have inside my dock.  Of course, the backup process must be triggered on certain conditions only: 1. The option must be enabled in the conf.d file 2. The disk must be mounted 3. An (empty) 'dobackup' file must be present in the backup directory.  Then, once these conditions are met, the backup process is triggered whenever the service is stopped.  It additionally generates a list of installed packages in case my disk should die and I should reinstall everything.

After this general presentation, I come to the subject at hand.  Following this idea, wouldn't it be nice to have such a service dedicated to the X200 in Hyperbola?  If so, this service should be easy to configure, it should do simple things, but do them well, leaving refined or complex tasks to other speficifc and more elaborate softwares.

Here is what I did for my own use: https://git.robertalessi.net/x200-my/

It is very far from being a starting point—on the contrary, it could be worth writing something afresh—but at least it gives the idea.

2

Re: A service dedicated to the Thinkpad X200

ralessi wrote:

Here is what I did for my own use: https://git.robertalessi.net/x200-my/

It is very far from being a starting point—on the contrary, it could be worth writing something afresh—but at least it gives the idea.

For security reasons, we have plans to remove NetworkManager. So I suggest you replace it with dhcpcd-ui or some similar one.

3

Re: A service dedicated to the Thinkpad X200

Last time I had dhcpd-ui installed I had also polls to the DNS-servers from Google.
I'm going to look after that a bit more in detail!

Human being in favor with clear principles and so also for freedom in soft- and hardware!

Certainly anyone who has the power to make you believe absurdities has the power to make you commit injustices: For a life of every being full with peace and kindness, including diversity and freedom. Capitalism is destroying our minds, the planet itself and the universe in the end!

4

Re: A service dedicated to the Thinkpad X200

throgh wrote:

Last time I had dhcpd-ui installed I had also polls to the DNS-servers from Google.
I'm going to look after that a bit more in detail!

Are you sure that happened?

Why not report it in the but tracker so it can get fixed. smile

HyperbolaBSD: The Future of Secure Libre Lightweight Operating Systems!

5

Re: A service dedicated to the Thinkpad X200

cynicfm wrote:

why not use dhcpcd with wpa_supplicant hook for stuff like wireless connection in home??

dhcpcd-ui is the one I use, is light and very usable.  I am thinking he must have found a bug in it which must surely have a fix for it. smile

HyperbolaBSD: The Future of Secure Libre Lightweight Operating Systems!

6 (edited by throgh 2019-12-18 02:23:59)

Re: A service dedicated to the Thinkpad X200

zapper wrote:
throgh wrote:

Last time I had dhcpd-ui installed I had also polls to the DNS-servers from Google.
I'm going to look after that a bit more in detail!

Are you sure that happened?

Why not report it in the but tracker so it can get fixed. smile

Not really sure about as I need more time researching this. It can be also part of the environment I had the notebook and the installation within when connected to a hotspot. But if I find out more I'll create an issue for sure. smile My first thought was to look in the source-code: There was nothing to be found - yes, knowing about C and C++ as I'm a developer myself.

Human being in favor with clear principles and so also for freedom in soft- and hardware!

Certainly anyone who has the power to make you believe absurdities has the power to make you commit injustices: For a life of every being full with peace and kindness, including diversity and freedom. Capitalism is destroying our minds, the planet itself and the universe in the end!

7 (edited by ralessi 2019-12-19 23:14:03)

Re: A service dedicated to the Thinkpad X200

Emulatorman wrote:

For security reasons, we have plans to remove NetworkManager. So I suggest you replace it with dhcpcd-ui or some similar one.

Thank you for this information, André.  I was not aware of plans to remove NetworkManager, which seems good by the way!  So I completely removed it in advance and I took this opportunity to improve my x200-my service.  Here is what I did so far:

- Added an option "is_thinkpad_x200", so that the script can be used with other computers.

- Added a "Privacy settings" section: if "enable_privacy" is set to "true", then the wired internet interface that may or may not be connected to the internet can have its MAC address spoofed at startup. (The wireless interfaces must also be spoofed, but this can be handled by wpa_supplicant.)  Additionally, x200-my will delete /etc/dhcpcd.duid, which will make dhcpcd generate a new DUID-LLT based file with an updated timestamp and the link-layer address of the network interface that is connected to the DHCP device at the time that the DUID is generated.

See https://git.robertalessi.net/x200-my/ and https://git.robertalessi.net/x200-my/tree/x200-my.confd for more information.

Some points remain to be studied: for instance what is exactly sent to DHCP servers?  At least on my routers, only spoofed ids with no hostname are received, but this is to be confirmed.  So more testing is needed.

8

Re: A service dedicated to the Thinkpad X200

Yes, systemd used that - is also listed in the reasoning for Hyperbola to be found here. But as I've said: I think this can be also part of the DNS of the environment I had dhcpcd-ui running last time. So I'm in the research and try to setup this again next week. The deeper look into the sources brought up nothing special.

Human being in favor with clear principles and so also for freedom in soft- and hardware!

Certainly anyone who has the power to make you believe absurdities has the power to make you commit injustices: For a life of every being full with peace and kindness, including diversity and freedom. Capitalism is destroying our minds, the planet itself and the universe in the end!

9

Re: A service dedicated to the Thinkpad X200

cynicfm wrote:
throgh wrote:

Last time I had dhcpd-ui installed I had also polls to the DNS-servers from Google.
I'm going to look after that a bit more in detail!

It's nice to read something like this...

i remember when about 2 years ago... It was few months after i started to install different distributions on my old laptop just to discover new things... At the time in my head i had stuff going on like google is biggest virus out there ahah ;P. Basically at the time i was very allergic to word google... Everytime i saw google anywhere i felt very uhm... it's not for me!!!! Avoid it at all costs :PPP

So short time later i found out (i dont remember how) about systemd, i was massively using duckduckgo for certain stuff... And i entered the website boykott systemd or withoutsystemd or something like that... And there was link arguments against systemd... (Funny that this website doesnt exist anymore i think ;o)... So everything was mostly technical, and to me linux beginner i had no idea what i had been reading about ;P... But then out of all arguments against systemd there was: systemd sets *google* DNS as default. At the time i also haven't known what DNS was (althouigh i knew it's something related to internet)... So for me that was it... google and systemd, evil!!!!
So it's funny because even me amateur of linux found something that put me off using this 'init system' big_smile. Logically i decided to avoid google and systemd has something from google = i must avoid systemd as well!! tongue.

But why i am saying it's nice to read about something like this is that mostly nobody cares about things like google dns...

Redhat, Google, Microsoft, Apple... they are the most dangerous in general. Out of the other three, I don't know which is the worst... probably apple, then google and microsoft tied below it. Apple is very, hard to jailbreak.

HyperbolaBSD: The Future of Secure Libre Lightweight Operating Systems!

10

Re: A service dedicated to the Thinkpad X200

cynicfm wrote:

I remember that the first time i visited hyperbola website in the past it had systemd... So next time i visited after long time perhaps it showed that systemd has ended, and that team decided to stop using this, i was kind of surprised when that happened.... So when i read this i decided that Hyperbola is the distro that i want to use, but i needed to sell my acer laptop first... and get something like libreboot ;-)

Sorry that i offtopic, i am just very excited to be here :-P... And also this forum is the only place where i can write stuff like this, because you understand what i mean when i say certain things as well as i understand you...

The problem of our time is the shortening of information and facts: So I'm sorry that I've stated before having Google-DNS within the lookup without having further information by now. It's just my failure as I have until now no further information about that and I think I should correct this by now as I'm using "Network-Manager" under icewm. But I'm going to change this now. You see: When I write something down, I should be clear enough. My last posting regarding Google here was not clear as I've thought somebody has also experiences where to look and I could get behind to create an issue.

And please don't get wrong: Nothing wrong about being critical. But when we want to do something different we have to be clear as others don't do it. That's the point about this community and this distribution I like so much: About principles. Something is not free and libre? It is going to be changed and removed. No discussions about that as I had in the past with others regarding proprietary services included or implementations being questionable within Kodi for example - I didn't even know until I read about that through Parabola back then. But as noted: I'm sorry I have written a shortened posting with content being unclear. I see that and I'm going to correct it. So my scenario is the following:

1. Disable Network-Manager.
2. Enable dhcpcd and install dhcpcd-ui again.
3. Checkup the connection throughout DHCP here in my current network-connection.
4. Installation of toolset to check current connections.

Human being in favor with clear principles and so also for freedom in soft- and hardware!

Certainly anyone who has the power to make you believe absurdities has the power to make you commit injustices: For a life of every being full with peace and kindness, including diversity and freedom. Capitalism is destroying our minds, the planet itself and the universe in the end!

11 (edited by throgh 2019-12-19 22:15:24)

Re: A service dedicated to the Thinkpad X200

For now I'm not saying anything more as "Please wait!". smile And no the Network-Manager here is some other thing, also not being within Google. Hyperbola is about security, privacy and freedom. Checking up as my assumption stays: It was the environment I had my notebook into. wink

Looking now onto my logs with iftop shows NO Google, not for dhcpcd-ui and also Network-Manager. wink

EDIT: Yep, as I had mind. It was this damn environment I was in.
So this is cleared from my point. I'll have to save the log, better keep this running for some time now. The really important point being is: Speaking about network means also very complex content and dependencies. DNS-servers in background used? Browser-connections active? Services active and running for a ping or even more? There is much to look after. And as I had in mind now: The damned DNS-servers from the Wifi-hotspot I was in are connected with Google. Well? Good to know about that I'm here cleared about that at home with OpenWRT and LibreCMC. big_smile

Human being in favor with clear principles and so also for freedom in soft- and hardware!

Certainly anyone who has the power to make you believe absurdities has the power to make you commit injustices: For a life of every being full with peace and kindness, including diversity and freedom. Capitalism is destroying our minds, the planet itself and the universe in the end!

12 (edited by ralessi 2019-12-20 12:52:51)

Re: A service dedicated to the Thinkpad X200

What is sure is that x200-my (with or without an X200) is supposed to be used in conjunction with `wpa_supplicant` and `dhcpcd` only.  In addition, I also use `wpa_gui` and `dhcpcd-ui`.

All I have to do when I want to establish a connection is `rfkill unblock wifi`: then the wifi radio is switched on and the spoofed DUID is generated, ready to be sent to the DHCP server by dhcpcd.

For this to work properly, it is important to have these two lines in `/etc/wpa_supplicant/wpa_supplicant.conf`:

mac_addr=1
preassoc_mac_addr=1

And these settings in /etc/dhcpcd.conf:

hostname "localhost"
hostname_short

More information in `x200-my` initd file: https://git.robertalessi.net/x200-my/tree/x200-my.confd

13

Re: A service dedicated to the Thinkpad X200

I forgot to mention two "extra started commands" associated with the x200-my service:

  1. `rc-service x200-my initbackup`: In case backup functions are activated, it is advisable to use this line thereafter rather than wait for the first backup to be triggered on shutdown.

  2. `rc-service x200-my refresh`: For X200 only. To be used occasionally, as the noise may come back, eg. when X is restarted or on resuming from hibernation.

14

Re: A service dedicated to the Thinkpad X200

Regarding privacy and tracking devices, I forgot to mention Dan Pollocks's excellent 'host' template file.

Here: https://someonewhocares.org/hosts/

To use it immediately:

su -
cd /etc
wget https://someonewhocares.org/hosts/hosts
cat hosts.1 >> hosts
rm hosts.1
exit

In this file, "#127.0.0.1" may be replaced with "127.0.0.1" to prevent your computer from connecting to additional sites at the cost of breaking things. (I wouldn't say what things, I always do s/#127/127/g...)

As this file is updated about once a month, I will include it as a feature of the next x200-my to come.

I will try to maintain this service for Hyperbola as long as possible.  However, as I am moving to devuan, updating x200-my may become impossible at some time.

15

Re: A service dedicated to the Thinkpad X200

ralessi wrote:

All I have to do when I want to establish a connection is`rfkill unblock wifi`

well i used to doas rfkill unblock wifi on every startup but then by mistake i found FN + F5 does it as well and without typing my password is it alright and how is it possible or why cause my head got an error after it happened tongue

16

Re: A service dedicated to the Thinkpad X200

it would be great if we could add this package to the hyperbola package list so that we could install it from pacman or hyperman in the future

17

Re: A service dedicated to the Thinkpad X200

rached wrote:

well i used to doas rfkill unblock wifi on every startup but then by mistake i found FN + F5 does it as well and without typing my password is it alright and how is it possible or why cause my head got an error after it happened tongue

Quite right!  As a matter of fact, I discovered Fn+F5 about a couple of weeks ago!

18

Re: A service dedicated to the Thinkpad X200

rached wrote:

it would be great if we could add this package to the hyperbola package list so that we could install it from pacman or hyperman in the future

All the more as I plan to turn it into something to be used with Devuan (viz. sysvinit).  But I will try to to maintain the PKGBUILD as well.

19

Re: A service dedicated to the Thinkpad X200

ralessi wrote:
rached wrote:

well i used to doas rfkill unblock wifi on every startup but then by mistake i found FN + F5 does it as well and without typing my password is it alright and how is it possible or why cause my head got an error after it happened tongue

Quite right!  As a matter of fact, I discovered Fn+F5 about a couple of weeks ago!

yeah but what makes it wierd is the fact that i dont need to doas anymore, why FN+F5 have root privilege yikes

20

Re: A service dedicated to the Thinkpad X200

rached wrote:

yeah but what makes it wierd is the fact that i dont need to doas anymore, why FN+F5 have root privilege yikes

On my side, I've always been able to use rfkill in Hyperbola as a normal user, and Fn+F5, which I discovered only recently—so in Devuan, works out of the box.

21

Re: A service dedicated to the Thinkpad X200

x200-my has been renamed my-x200 and made available to Debian/Devuan-based distributions.

Anyone interested in taking over x200-my for Hyperbola is more than welcome!

x200-my for Hyperbola: <http://git.robertalessi.net/x200-my> or <https://gitlab.com/ralessi/x200-my>