Raspberry Pi: Raspian disadvantages of embedded OS

The last 12 month have been a „golden“ time of the upcomming embedded linux devices, but the custom OS’s offers some problems, you should know for projects:

  • embedded PC’s like the ARM based pi2 / pi3 uses a own compiled OS
  • not every known debian package is available
  • not all compile scripts to rebuild are available on git
  • slow performance can let you run into unuseable problems (heat, load, I/O), correct written scripts run into freezes without any error made by you!
  • you should take time for a closer look at buying them
  • calc the costs of non-x86 systems, later you cant often upgrade, cause embedded systems are not made for
  • dealers take too much money for less performance!
  • embedded devices can’t be grown up for additional precs like compression based on chips!
  • embedded devices need less energy, but can hangup by load over 65%, cause no cooling
  • the are made for learning and small control jobs
  • for NAS / Server jobs take x86 m-atx / micro-atx, cause you can access easy full debian packages
  • not all python + libs packages are available to run projects (example: acd_cli amazon cloud nas backup)
  • current embedded pc livetime at multimedia usage may be 24month cause to much and faster changes

May be that the arm os package trees may grow up, then we can talk again, but current x86 is the cheapest way to build systems without stress! And you have always the reserve to buildin new things of hardware..

Security: Harden DSL Routers and Networks against attacks

Last days there was a high count of news about the Bot Attacks against T-Com Telekom Router devices. To understand the behavior about this up comming security problems you should know following points :

  • Every network supported device can be a goal for a attack ( Routers, Modems, PC, Fridges,IP-TV, IP Switches, IP-Cams…)
  • You have to update the OS for each device monthly, if not supported by the manufacter, then dont buy!
  • Try to get Opensource Hardware with Opensource Software for full access (ssh / console) to have full control
  • Reduce the count of devices who are connected direct to the web!
  • If you must use a ISP Modem / DSL Router of your ISP Provider, then install a second Opensource Router with Firewall behind for more security
  • Use small Firewalls to seperate WIFI and LAN Networks!
  • DISABLE if possible „auto update“ and „ISP Remote Control“ at the DSL Router / Modem cause more and more comfort functions are hacked to break the systems.
  • Updates must be tested on non productive Routers!
  • Keep clean backups of fresh installed Routers / Modems and restore the backup every 3 month to overwrite bad possible changes!!
  • Connect the Routers to a clocktimer to unplug and hard reboot the Router every night! (againts RAM Hacks)
  • Control every month the Router logs and ISP-Settings ( IP-Phones) cause hackers want to route calls to asia!
  • Dont trust blind every commercial hardware! much bugs like open doors, default passwords are set!
  • Test your System with free tools like „nmap“ Portscan and „iftop“
  • Change Passwords, WIFI Passwords, Wifi-IDs! min. 12 signs

How to compile the Centos SME Server 7.4 Linux Kernel 2.6.34

Download the latest stable kernel from the http://www.kernel.org/ unpack the downloaded source file.
Steps:

  1. # wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.34.tar.bz2
  2. # tar xjf tar xjf linux-2.6.34.tar.bz2
  3. # ln -s linux-2.6.34 linux
  4. # cd linux
  5. # cp /boot/config-`uname -r` ./.config
  6. # make menuconfig (here you can select .config as preselected .config from old kernel)
  7. # make rpm (Compile the Kernel and make a rpm-paket)
  1. During the compilation of linux-2.6.34 kernel the following error appears
  2. drivers/message/fusion/mptsas.c: In function `mptsas_port_delete'
  3.  drivers/message/fusion/mptsas.c: 105: sorry, unimplemented: inlining failed in call to 'mptsas_set_rphy': function body not available
  4.  drivers/message/fusion/mptsas.c: 467: sorry, unimplemented: called from here
  5. Because: The ‚mptsas_set_rphy‘ function is defined after the ‚mptsas_port_delete‘ function in the file

Solution :
Moved the ‚mptsas_set_rphy‘ function definition before to the function ‚mptsas_port_delete‘ function definition.

  1.  drivers/built-in.o(.init.text+0x3bad): In function `con_init': include/trace/events/kmem.h:47: undefined reference to `.L1452'

Solution:
This bug was due to the result of allocating the memory using kzalloc() in con_init() function in the drivers/char/vt.c file.
The problem is:

vc_cons[currcons].d = vc = kzalloc(sizeof(struct vc_data), GFP_NOWAIT);

Solution:
vc_cons[currcons].d = vc = alloc_bootmem(sizeof(struct vc_data));

Fritzbox: DHCP-IP Problems

Problem:Probleme mit IP-Adressvergabe ueber DHCP, wenn auf dem gleichen Rechner unterschiedliche Betriebssysteme laufen 

Beschreibung:
Wird ein Rechner mal unter Linux und mal unter Windows betrieben, so kann es passieren, dass der Rechner unter einem der beiden Systemen keine IP-Adresse mehr zugewiesen bekommt.

Waehlt man sich per Telnet auf der Fritzbox ein, so sieht man dort die Fehlermeldung „DHCPD no lease found“. Um dieses Problem zu vermeiden, muss der DHCP- Client unter Linux wie folgt korrekt konfiguriert werden:

Loesung :
In der dhclient.conf des Client-Rechners muss „send dhcp-client-identifier 01:Error-Report: Under the fritzbox router is a Bug appeared

Description:
If you run two different OS on one and the same pc, working with DHCP-Clients, the router will stop sending the updated ip addresses to the pc, cause its logged in leases-file.

Solution:
To solve it edit dhclient.conf and add lines above with the pc mac address-forcing, clear data inside multid.leases and reboot the router.