Olivier Mehani

About Olivier Mehani

Just another random geek.

I’ve long been meaning to store all my passwords in a single, safe, location, as a way to remain sane as well as safe. But which one? Every operating system (or desktop environment) now has its own store, but choosing one casts a lot of things into stone, and most have a lot of third-party dependencies.

KeePass seems to be a good cross-platform solution, with clients for Linux, Windows, OS X and even Android, and nice features such as filling on demand. But I don’t like the whole clicky interface, if only for use without graphical display. It also doesn’t offer a native way to synchronise the stores across boxes.

For a while, I have been storing all my important configuration files in a git repository, with some make magic to install and update the files on the system. This magic would also store all passwords in a GPG-encrypted files, and replace them when installing the files.

The problem, of course, is that the passwords are still in plaintext in the live systems. And it came back to bite me when I sent an innocuous script (the ics2dav.sh script from this post) to a friend… with the password nicely sitting there. Fortunately, I noticed this before him, and changed my password. In addition, this doesn’t cater for passwords stored in other applications, such as Firefox.

So things had to change. And I discovered pass (1), a simple command-line tool based on GPG-encrypted flat files, with an option to sync natively with Git. So there is finally an option for me to store passwords in a way which fits my workflow.
Continue reading →

I recently realised that the QNAP TS-212 NAS (running the latest QTS 4.2.0) can be used as a print server. No need to keep another machine on to print from anywhere!

Remote printing is easy

Both UNICES, through CUPS, and Windows, through Samba, can use the printer straight-away. In the case of the Samsung SCX-3205, the driver under ArchLinux is the samsung-unified-driver (from AUR) which, fortunately, doesn’t install any useless binary beyond those needed by the PPD used by CUPS.

client$ pacman -Qs samsung
local/samsung-unified-driver 1.00.36-2

Remote scanning is harder

The problem is that this is a combo printer/scanner. Moving the printer to the NAS requires a similar solution to CUPS to scan from the network. Fortunately, SANE can do this, and there is some documentation about setting it up on a QNAP NAS. In this case, however, this did not work smoothly, so I had to fix a few things.

Continue reading →

A screenshot showing URL completion in dmenu

I have parted with FVWM. Not that I was dissatisfied with more than 12 years of using it and organically growing its configuration. I was not.

But I was recently shown i3 which, despite not being Awesome, is indeed awesome. Particularly in the usability of its default, which I found did not require many a tweak. I was however a bit confused at first, then impressed, when I realised that the auto-generated configuration took into account my Dvorak keymap, and updated the keybindings so the keys would be the same as those on a QWERTY keyboard. That’s thoughtfullness.

The next great thing about i3 (save for $mod+Return to start a term anywhere, anytime), is dmenu. At a press of the relevant binding (equivalent to $mod+d on an 200-year-old keymap), one gets to enter a one-line entry where any command can be entered for execution, with incremental completion.

Dmenu is also nice due to its modularity. It takes a list of strings that can be completed on stdin, and outputs the typed or selected string on stdout, for consumption by whatever script called it.

I figured that it should be possible to handle URLs in a dmenu script. It is actually pretty trivial, and the friend who convinced me to take the jump also provided such a script, which would simply open the typed URL. But I wasn’t entirely satisfied, as recent years of browser usage taught me to expect URL completion. So I looked into ways of doing it.

Continue reading →

Popt has a poptReadConfigFile() which is described as doing the following

 The file specified by fn is opened and parsed as a popt configuration file. This allows programs to use program-specific configuration files.

What’s unclear is whether it can only be used to enable aliases, or if it can also be used as a general-purpose configuration file to replace the command-line interface, and if so, what format it should be in.

As no documentation I could find explains it one way or the other, I resorted to reading the code.

The short answer is no. Popt (1.16) cannot read command line parameters from an rc configuration file.

Continue reading →

It is bad practice to use make install. Period.

Why? Because it installs files everywhere on your system—if you’re lucky, only in /usr/local—with no guaranteed way to cleanly remove them afterwards.

Yet, sometimes, there is no other option, for example if some software is not packaged for your Unix of choice and you don’t have time to do it yourself. There are some easy and rather straightforward ways around it, which I usually recommend to beginners.

It happened again today. So I recommended the use of /opt/PKG-VER as an installation prefix and stow(8) to make the software seamlessly available to the rest of the system. Nothing fancy or novel, but I thought I’d share the summary email in the hope it would help others.

Continue reading →

A terminal showing khal in action, with two month of daily calendars, and two days of daily agendas

The following was initially posted on Pump.io, before I realised that this might benefit from a more preservable/visible format.

Frustrated with only interacting with my ownCloud calendar through the native web interface, I finally decided to look for a replacement application that I could run locally. Khal ended up being it, with vdirsyncer for two-way CalDAV sync with ownCloud.

Coupled with watdo, by the same author as vdirsyncer, for todo.txt-like management of CalDAV tasks (VTODO), I can now do all my schedule and tasks management from the comfort of my own terminal, even without any connectivity!

Continue reading →

CAcert is an SSL Certificate Authority based on the establishment of a web-of-trust à la PGP: rather than charging to issue certificates to anyone, it issues them only to members who have been vouched for by enough other trustworthy members (assurers).

For historical reasons, they were included in the Debian ca-certificates package. It was however recently removed, for justified reasons (CAcert is conducting an audit, and withdrew their demand for inclusion in the Mozilla chain until it’s done). Most other distributions mirror from this package to ship their root certificate, and have also dropped CAcert as a consequence.

This is however a bit annoying, as many sites started popping up warnings due to their root certificate not being in the trusted chain of the OS anymore. Until, maybe, they are reinstalled but disabled by default, I quickly wrote up a tiny script that downloads CAcert’s root certificates, and re-registers them. It’s quick and dirty, and only does an MD5 sum to make check they are the right ones, so use at your own risks.

Continue reading →

Some publishers, particularly the IEEE, require that the columns on the last page of an article are balanced, so it looks pretty. The problem is that the break is usually needed in the middle of the bibliography, for which less layout-control is available. Fortunately, there are some specific specific solutions for various cases, and one which works for most: flushend.

Continue reading →

After a lot of humming, I decided that it wasn’t very practical to use a different platform for every blog I was running on the same machine. Some more puffing led me to conclude that WordPress was the best candidate to replace the likes of SimplePHPBlog and Blogsum. I still have an odd Nanoblogger to migrate, but it is easily maintained and keeps to itself for the moment.

In the process, I had to find ways to import data from the old platforms, and massage it into something that WordPress can work with.

Continue reading →

An edited version of this article originally appeared in The Conversation. It was also translated into Polish by Mateusz Siemiński.

One evening when I was young, my father confiscated my radio because I was playing it too loud (I wasn’t). Fortunately, I had a bunch of broken down receivers in my room, so I built a new one. This was probably the start of my maker’s carreer.

The Maker movement has recently been gaining a lot of momentum, as evidenced by the number of events, Maker Faires, popping up around the world—Sydney is hosting its first Mini Maker Faire this Sunday at the Powerhouse Museum. Yet, in many aspects, makers have been around for a while, from amateur radio operators adjusting their rig to allow clearer communication with more remote contacts to software hackers rewriting their printer’s driver so it works the way they want it to, not forgetting the casual DIYer building a vertical garden out of found material.

All share the common trait that they had a need but, rather than asking somebody else to address it (buying a better radio, printer or, well, bigger house) they took matters into their own hands, and fixed it. As it turns out, it’s not that hard and quite rewarding—a study recently found that people value IKEA furniture more if built by themselves than by anyone else, imagine what it would be without the pre-cut boards, or instructions for that matter!
Continue reading →

Narf

The blagosphere got me…

Author Archives: Olivier Mehani

About Olivier Mehani

Unified password management, the UNIX way

Remote scanning on a QNAP TS-212 with a Samsung SCX-3200 with SANE

Remote printing is easy

Remote scanning is harder

URL completion in dmenu

Reading application configuration files with popt(3)

Managing locally-built packages without wrecking the system, with stow(8)

You know it’s mature when you only need a terminal to run it (CalDAV tools for the console)

Reinstalling CAcert root certificates on Debian

Balancing the last page in twocolumn LaTeX documents

Migrating to WordPress

Makers are bridging the gaps between technology, DIY, art and education