2018年3月11日 星期日

強者我朋友的故事

最近看到一些討論,讓我想到一個強者我朋友的故事。

這個朋友從蠻久以前就是個車奴。其實說到車子,對我來說它就是個交通工具,當然我現在手上這台 TIIDA 也是我生活賺錢的重要夥伴。不過我除了一般保養,有問題時找認識的車廠維修,有時甚至自己想辦法搞定以外,我並沒有特別挑惕一定要哪個廠牌的車子,或是車子要能夠跑多快,外型有多炫,內部操作有多方便。我這台車已經為我服務了快廿七萬公里了。

而我這朋友則不一樣。他從可能二十幾年前吧,我們剛考上駕照那時,他就堅持一定要用某個廠牌的跑車。他也真的是有錢啦,而且不只是每週洗車,不管到哪裡他一定要開這台車去。隨著這台車一代又一代的推陳出新,他也真不吝嗇每出一代一定更換。

然後還有一件很妙的事。他不管到哪裡都要開車,即使是到 T 點(那裡其實有許多人三不五時都會要去那邊辦點事,不過到底是哪裡並不是重點,就讓我隱匿其名吧),他也堅持一定要開他那寶貝車。他常常跟我炫耀他開那台車只要三分鐘就可以到 T 點,然後問我幹嘛不跟他一樣弄一台跑車,多省時啊。

可是對我來說,去 T 點開車不一定好,主要是不好停車啦,我也不像他不是那麼忌誨停在非標準的停車格裡,(然後很神奇的在那邊的交警對他那款車好像也一向網開一面,我也不知道為何)所以我多半選擇坐公車去。

去那邊坐公車的話,要轉一次車,下車後再走個五分鐘吧,全程大約 30 分鐘。其實對我來說只要能到 T 點就好啦,但對強者我朋友而言怎麼到達那邊好像是件很重要的事。我有時也會跟他說坐公車也蠻有趣的啊,他偶而聽說公車換了內裝好像比較舒服,或是換了新車之類的,他也會跟我嘗試一下,但每次都是一樣的結果。他受不了三十分鐘的車程,受不了轉車加走路,有幾次幾乎要跟我翻臉。我這個人比較重視友誼(這不代表我會投票給侯友宜喔),所以後來我也就不特別邀他了,他喜歡開車就讓他開吧。我還是跟著我的老夥伴,偶而坐捷運、火車或公車去辦我的事。

然後最近出事了。原本他的車有一個很酷炫的功能,就是買車的時候必須跟原廠登錄指紋,並由原廠在車上植入一個秘鑰。這部車只能強者我朋友開,其他人開車的話,原廠就會用一個特殊暗號通知警察,好像叫海盜還是什麼的。我朋友原本也頗為自豪,但那一天這部車不知道哪裡不對勁,把我朋友認定成海盜啦!他的車不但不能開,還勞動到警察來看怎麼回事。

我朋友當然很生氣啊,他花了那麼多錢買的車,怎麼能說他是海盜呢?他打電話給原廠。原廠查看了一下,給了他一個回應:「我們這邊目前愛莫能助。有兩種可能性,一種是你的指紋跟我們這邊資料庫的對應不正確,可能是車內電腦的問題;另一種是我們這邊中控室認定你的車有問題,所以不讓任何人開。這些都不是現在可以解決的,要花上一段時間。」

我朋友很生氣地說:「我現在要去 T 點啊,我有很重要的工作,不去那邊那資料不行!現在我沒車開也不能去哪裡,你要我怎麼辦?」

原廠仍然給了他一個制式回應:"Sorry, There's nothing we can do."

他打電話來向我發洩了一頓,但我能怎麼辦呢?我說:「不然你那麼急的話就先坐公車去啊!」

不說還好,一說他好像更火大。「公車那麼 low 的東西,我才不坐!」

「好好好,不坐就不坐,不過我也不知道怎麼辦。或許你再買一台新的?」

我朋友就掛電話了。

後來我沒再追這件事。不過我內心總是祈禱著,希望我朋友不要一時衝動跑去偷別人的同款跑車,只為了去 T 點......

2017年9月3日 星期日

open ftp passive mode with ufw


ufw allow ftp

/etc/proftpd/proftpd.conf:
PassivePorts  50000   51000

ufw allow proto tcp from any to any port 50000:51000

2017年8月7日 星期一

Akademy 2017


Being absent in Akademy 2016, this year when starting calling for paper I almost immediately submitted two topics.  Fortunately two proposals were all accepted.  BTW, this time a young community friend also submitted a topic and was accepted, so I was no longer travelling alone.  Plus KDE and The Document Foundation are partners now, being a member of both KDE e.V. and TDF it was my honor to be the bridge between the two important community.

This time the travel was not as twisted as in 2015.  We arrived Almeria smoothly and met Lydia in the bus to the hotel!  It was a happy time meeting old and new friends and that's supposed to be the fun of having open source conferences.

In this year I had a long and a short talk.  The long talk was about customizing Kubuntu 16.04.  The way I used to customize Kubuntu 14.04 was almost useless in 16.04, which made me very frustrated.  I used to call for help in mailing lists and IRC channels but didn't get too much help.  So in my talk, I listed some important issues like the environment variables of XDG menu specs were of no use in Plasma 5, and the configuration structure in Plasma 5 was totally different but no enough documents available.  I have to say that, face to face communication is really good because we can see the problems and discuss together.  After my talk some issues were confirmed and I got to know the new "look-and-feel packages" way to customize.

In another short talk it was about Calligra suite.  In these two years I mainly work on helping the Taiwan's governments to adopt ODF and LibreOffice.  Since an important advantage of using open standard is that users will have different choices for software, I hope that Calligra can be improved especially for the CJK issues so that users in Taiwan can have more choices.

In the BoF session I helped Gabriele Ponzo and Xisco Fauli, who were from TDF to register BoF sessions talking about the LibreOffice community and announcing the release of LibreOffice 5.4.  I also registered one talking about to form a total solution composed with free software, for public administration in all the countries.  Being an excellent desktop environment KDE can and should play an important role in it.

Another important issue I raised in the "Ask us everything" sessions of  KDE e.V. board members was the member electing system we are using now.  I was elected as a KDE e.V. member as well but these years I keep wondering if it is an appropriate system.  Someone apply for e.V. member because he contributed to KDE and would like to get involved more.  Why should he get a certain number of current members to agree?  Besides, in this system the "+1" scheme is problematic too.  I hope that we can together discuss and think about the member system more to improve it.

Though the time was short but I really had a great time in Akademy 2017.  Wish to see you all in Vienna next year!



2017年7月9日 星期日

convert pdf to CMYK

把 pdf 檔改成 CMYK

gs -dSAFER -dBATCH -dNOPAUSE -dNOCACHE -sDEVICE=pdfwrite \
-sColorConversionStrategy=CMYK -dProcessColorModel=/DeviceCMYK \
-sOutputFile=output.pdf input.pdf


確認圖檔或 PDF 檔的 color profile
identify -format '%[colorspace]' [input-file]

2017年5月29日 星期一

openvpn


被搞好幾次囉

1. install openvpn, easy-rsa
2. vars 修改,. ./vars
3. build-ca
4. build-key-server <server_name>
5. build-dh
6. build-key <client_name>
7. openvpn --genkey --secret ta.key



https://openvpn.net/index.php/open-source/documentation/howto.html#examples
server/client config example

server 端:走 tcp, ta 打開 (0)

client 端:放 ca.crt, ta.key, <client_name>.* 到 openvpn 設定目錄內
走 tcp, ta 打開 (1)

重點:
防火牆打開

ufw allow 1194/tcp
ufw allow 1194/udp

/etc/ufw/before.rules 內最後面加上

## NAT table rules
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]

# Port Forwarding
-A POSTROUTING -s 192.168.95.0/24 -o ppp0 -j MASQUERADE

# don't delete the 'COMMIT' line or these rules won't be processed
COMMIT
               

/etc/ufw/sysctl.conf 裡打開 net/ipv4/ip_forward=1

然後要把來自 tun0 的封包都預設 allow 不然 client 丟過去的 ip 不一樣就會被擋
ufw allow in on tun0

2017年2月26日 星期日

ezgo 使用者還原改寫為 systemd 系統


因為從原本的 SysV 改成 systemd,結果以前的使用者還原 script 全部要改寫。
研究了一下 systemd 的運作,終於改寫成功。

使用者還原:

產生兩個檔案:
/lib/systemd/system/multi-user.target.wants/recover_ezgo.service

內容:
[Unit]
Description=Recover user home contents #systemd service 的描述
Before=sddm.service #因為使用者家目錄的修改要在啟動 sddm 前做好,否則會出大亂子

[Service]
Type=oneshot
ExecStart=/usr/share/ezgo/recover/restore_ezgo.sh  #restore_ezgo.sh 是依據使用者選擇的帳號而產生

[Install]
WantedBy=multi-user.target


然後把它連結到 /etc/systemd/system/multi-user.target.wants/ 裡。這樣開機時就會在 sddm 執行 /usr/share/ezgo/recover/restore_ezgo.sh。

另外一個檔就是真正執行還原的,也就是 restore_ezgo.sh。裡面就是清掉家目錄的內容,再將先前備份的檔案放回去。


還原系統初始值:將家目錄整個砍掉重建,再把 /etc/skel 裡的內容放進去。
一樣放在開機時 sddm 執行前:

systemd 的部份要建立一個檔案: /lib/systemd/system/multi-user.target.wants/skel_ezgo.service

[Unit]
Description=Recover factory default for ezgo users
Before=sddm.service

[Service]
Type=oneshot
ExecStart=/usr/share/ezgo/recover/skel_ezgo.sh 

[Install]
WantedBy=multi-user.target

一樣把它連結到 /etc/systemd/system/multi-user.target.wants/ 中。這樣就能在 sddm 前執行。


2016年11月12日 星期六

debian server login 變慢的問題


已經有好一陣子,連到自己的伺服器,不管是做 sudo su - 或是用 ssh 連過去,或是用 scp 拷東西過去,都要等上十幾秒才會回應。今天去爬了文,找到原因。d-bus 有變化時,要重新執行

systemctl restart systemd-logind

就解決了