Audacity on a Mac running Catalina


Well, we haven’t seen an Apple product on this website in a long time. I think the last time I wrote about an Apple product, I was trying to emulate a Mac so I could use the IDE to emulate an iPhone, so I could convert an Android app into an iPhone one. But, here we are.

And the backstory: I do some IT work for a local church that I attend. They use a Macintosh computer in the sound room to record the sermon audio, as well as display projector images or songs, and the like. Recently, the computer automatically updated itself from 10.14 to 10.15, or what Apple calls “Catalina”.

Unfortunately, this caused a problem. The sound recording program, Audacity, still launched like normal, and looked like normal, but it didn’t act like normal. First, it couldn’t open any files from previous recordings to be edited. To make matters worse, it couldn’t record any audio. After fiddling for a bit, I decided to make sure we had the latest version of Audacity, and to my surprise, I found this article on their website outlining how Audacity was not compatible with the latest Mac version.

Ultimately, the issue seems to be a matter of permissions. Fortunately, someone had found that if you elevated your permissions by launching it from a terminal, you could make it work, or so they said. So, I opened the terminal:

open /Applications/

And it launched Audacity, which is great, and even better, it would prompt for permission, but then allow you to record audio and view/open files from the computer. Great and more great. But, well, that’s fine for a keyboard ninja like myself, but what about the average user coming in to use the computer to do the recording? I can’t expect them to know how to launch the terminal and run these commands. If only there was a way to have a button or icon that they click on and launch Audacity properly? Oh, wait, there is, appify!

You can read all about the process on their website, but I’ll walk you through it.

Open the terminal. Conveniently, Mac’s are sort of butchered Unix, which is like Linux, so I was right at home….

sudo su

(type your password)

cd /usr/local/

mkdir bin

cd bin

nano appify

That opens up Nano editor, and you can paste in the program:

#!/usr/bin/env bash

APPNAME=${2:-$(basename “${1}” ‘.sh’)};

if [ -a “${APPNAME}.app” ]; then
echo “
${PWD}/${APPNAME}.app already exists 😦“;
exit 1;

mkdir -p “${DIR}“;
cp “
${1}” “${DIR}/${APPNAME}“;
chmod +x “

echo “${PWD}/$“;

Then press CTRL-x to exit, it will ask if you want to save this, so press y for yes.

Now, back at the terminal, we have to make appify an executable:

chmod a+x appify


You are now exited from being the root or super user, and are your regular old self again. Now we need to create a shell script to launch the terminal window, with a command to launch Audacity. I tried just making a shell script to launch Audacity, but then the permissions were not right. So, to make our shell script:


mkdir install

cd install


Once again, we are in the Nano editor, to which I put this:

#!/usr/bin/env bash

open -a Terminal “open /Applications/”

exit 0

Then press CTRL-x to exit, it will ask if you want to save this, so press y for yes. Which once again brings us back to the terminal window.

appify “audacity”

Now I have an icon in the “install” folder in my user folder. It had a weird icon, but if you double clicked it, a terminal window would open and Audacity would launch with the right permissions, all audio recording and file saving/loading worked! To fix the icon:

  1. CTRL-click on real Audacity app icon, and say “get info”
  2. Click on the Audacity icon at the top left of the get info window, and press the apple key – c to copy it.
  3. CTRL-click on the new icon, and say “get info”
  4. Click on the paper icon at the top left of the get info window, and press the apple key – v to paste it here.

Now, my home brew icon matched the real Audacity icon. I simply removed the old Audacity icon from the dock, and dragged my new audacity app/shortcut that I made to the dock at the bottom of the screen, and it was now launch-able with one click!

That was a lot of work, but in the end, for the end user making recordings, they use it just like they did before. They click the Audacity icon at the bottom of the screen on the dock, and the only perceptible difference is the terminal window also opens in the background. Hopefully, Audacity will work things out with the next revision, but until then, they can keep doing their recordings.

Linux – keep it simple.

Home photo server, part 1: Server Setup, SCP and FTP

While there are many, many options out there for photo storage, if you are looking for a home storage solution that does NOT involve just plugging in your phone and dumping the pictures to your hard drive, you have to get a little technical. (By the way, if that is what you have to do, there is no shame in it. It is probably a lot safer doing that than letting Google hold all of your photos.)

The first thing I needed was a server. Granted, you could use just about anything these days, and there are a lot of open source/open hardware type solutions, but I was gifted an older, generation 1 Dell PowerEdge 1950 from a friend. Granted, it was made in 2006, but it still is 64 bit, has two quad core Xeon 2 GHz processors, and I loaded it with 24 GB of ram. You can get them on eBay now for about $60. A little overkill for this sort of thing, but the price was right! As a bonus, it supported hardware raid, and I put two 2 TB drives in a mirror array, so that 2 TB of space that was backed up.

From there I loaded CentOS 7 on it per the usual installation method, and updated the system. I also purchased an APC battery backup unit, a Back-UPS 1350. This would only hold the power on for about 15 minutes, but it would help for brown outs, and frequent “blips” where the power goes out for only a second or so, which is common where I live. Later I’ll have to do a post on setting up the auto-shutdown and controls, because that was rather interesting.

So the next thing I needed, if I wanted this to work, was a domain. I needed a way to contact my home computer from my cell phone, especially while not at home. Granted, you could set all of this up so when you come home your phone would automatically back up your photos, but I wanted to be able to do this from abroad. Thus enter I’ve used them before, and it is great if you are looking for a cheap, cheap solution. Because it is free.

Granted, a free account your hostname will need to be manually renewed every 30 days, but they send you an email, and all you have to do is click the link to keep it active, so it is pretty easy. After creating an account, logging in, getting a dynamic IP address, then all I had to do was install the DUC software. DUC is the Dynamic Update Client software that allows:

“Remote access your computer, DVR, webcam, security camera or any internet connected device easily. Dynamic DNS points an easy to remember hostname to your dynamic IP address.” (

All you have to do is download the source code and compile it. It went like this:

$ cd noip-2.1.9-1/
$ make
$ sudo make install

After entering my password, it ran through an installation script and asked me for my account name, password for the account, and which DDNS I wanted to associate with this computer. It is interesting, you can have several.

From here, it then became a matter of preference on how to continue. I toyed with several options on my Android phone for how to get the photos from the phone to the computer over the internet.  One of the first methods I tried was using scp, or secure copy over ssh. So, I installed ssh on my server.

# yum install ssh-server

# cd /etc
# cd ssh/
# ls
# nano sshd_config

I then edited the sshd_config to my liking, there are a lot of guides on this on the internet, so I wont belabor the point here. I will note that I use non-standard ports as a form of extra security, however slight that may be, so you may consider doing the same, but essentially it works as is once installed. Then I opened the ports in the firewall – I list the standard ports here, for ease of following along:

# firewall-cmd
# firewall-cmd –help\
# firewall-cmd –help
# firewall-cmd –add-port=22/tcp
# firewall-cmd –add-port=22/tcp –permanent

And that worked great. Unfortunately, scp is slow and can be cumbersome from an Android phone, especially since I didn’t find any apps that would sync my directories automatically (that were open source so I knew what was really being sync’ed). However, I found several open source options that would sync automatically via FTP. So I decided to install “very Secure FTP”, or vsftp, like so:

# yum install vsftpd

# cd /etc/vsftpd/

# ls

# nano vsftpd.conf

Again, I set it up to my needs, but you can check out this guide for ideas. I also needed to punch some holes in the firewall for the service and for both active and passive mode, since several Android apps would use either.

# firewall-cmd –add-port=21/tcp
# firewall-cmd –add-port=21/tcp –permanent
# firewall-cmd –add-port=20/tcp
# firewall-cmd –add-port=20/tcp –permanent

# firewall-cmd –permanent –add-port=40000-50000/tcp

And viola! All that was left was a quick restart of the processes:

# firewall-cmd –reload

# systemctl restart vsftpd

And now I could use FTP apps on my Android phone to sync my pictures from my phone automatically to the home server! In case you are wondering, a great app for this is on F-Droid, the open source app repository of open source apps. It is called SyncTool, and it is very handy. It supports FTP sync one way, both ways, automatic scheduling or running jobs manually.

Wheeow, that was a long post, but now my photos were being automatically backed up. However, that’s only part of the story, because if I was convincing my wife to ditch Google Photos, I needed to also have a way to browse them online, share them, organize them, etc…. It was time for a web server. Guess we’ll cover that next.

Linux – keep it simple.

RWE: Ejabberd failed to start in Debian Wheezy

I had an old laptop that I decided would make a good toy for playing around with some lightweight server applications. It was a great candidate for several reasons. For one, I’m not using it for something else. Second, it was free. Third, it has a built in battery backup. Seemed like a win-win for me.

I’ve mentioned before that I am a member of SDF, the Super Dimensional Fortress (, a free to the community Unix server that allows remote log in and numerous other goodies. Among those extras is the free jabber (XMPP) service for members. It’s really great, especially for free, but on several occaisions, it has been down for maintenance when I was waiting to receive a message to someone. That is a bit annoying. Obviously, server maintenance needs to happen, and I am really thankful to for providing the service. I was just thinking that this would be a good excuse to try setting up my very own XMPP server.

Thus enter ejabberd. Ejabberd is an open source XMPP server that is available on most GNU/Linux distributions, including Debian Wheezy, which was already on my laptop. I looked up several tutorials on-line, and they all seemed to indicate that it would be super easy to set up, and I could get it up and running in a few minutes.


Two days latter…..

I finally got it set up and running. No matter which tutorial I followed, none of them worked. It took hours of research (in between being a dad, husband, working person, etc.), but I finally figured out the problem. Not too many people are planning to set up their own XMPP server, and this problem is probably specific to Debian Wheezy, but I figured that I would show you the REAL steps to get this going.

The problem was that after installing ejabberd, even with the default settings, it would say:

starting service: ejabbered………………………………………………………..FAILED.

And there was no rhyme or reason why! I was only able to figure it out by running ejabberd live, so the output came to the terminal, and then I could see the issue.

# apt-get install ejabberd

If you are like me, it will fail after install.

# dpkg-reconfigure ejabberd

Set up your server name, admin, etc.

# ps axc|grep beam

# ps axc|grep epmd

Now kill both of those processes.

# nano /etc/default/ejabberd

Uncomment the ERLANG_NODE=ejabberd line, or add it if it does not exist. Save and exit that file. Not having this line caused my first failure.

Edit your  /etc/hosts file to look like this: localhost

# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

Essentially, you need to delete any “extra” hosts in the file, just leave the localhost ones. Later, more can be added to the file once ejabberd is running, but for some reason, having extra hosts in this file cause my second failure.

Now you can start ejabberd. I recommend that the first time, you start it “live” so you can see what is happening under the hood:

# /etc/init.d/ejabberd live

But in the future, you can just start it with the usual services tags:

# service ejabberd restart

You should now have a running instance of ejabberd! Of course, now you need to add a user, if you didn’t already. Here is an example:

# ejabberdctl register userName superSecretPassword

And there we go! At least for me, that was enough to set up a fully functional XMPP server with ejabberd on Debian Wheezy. Of course, this still needs tuning and enabling features like blocking, encryption, etc., but hey, at least now you have something to work with!

Linux – keep it simple.

RWE: Step by step instructions for building AOKP 6.0 for the T-Mobile variant of the Samsung Galaxy S4

I have noticed that the build instructions on the AOKP website are a bit outdated. They date back to JellyBean. I would like to encourage other users to build more custom roms, and I thought that it would help if I show how to build one of the roms wich compiled successfully for me (Praise God!). It is my hope that these instructions are clear and easy to follow. Hey, if I can do it, anybody can do it!

<<<<< Step 1: Setup your system. >>>>>

To be honest, this can be the most daunting part, because if you do not set this up properly, it just will not work. I use Ubuntu 14.04 on a HP Compaq 6715b laptop. I know, not a very ideal compiler, but it is what I’ve got. Here are the suggested packages, just open a terminal and paste this in:

$ sudo apt-get install bison build-essential bzip2 curl dpkg-dev flex g++-multilib git git-review gnupg gperf lib32ncurses5-dev lib32readline-gplv2-dev lib32z1-dev openjdk-7-jdk libbz2-1.0 libbz2-dev libc6-dev libghc-bzlib-dev libgl1-mesa-dev libgl1-mesa-glx:i386 libncurses5-dev libreadline6-dev libreadline6-dev:i386 libx11-dev:i386 libxml2-utils lzop maven pngcrush pngquant python-markdown schedtool squashfs-tools tofrodos x11proto-core-dev xsltproc zip zlib1g-dev zlib1g-dev:i386

This will take a while. Once it is done, do this:

$ mkdir ~/bin && curl > ~/bin/repo && chmod a+x ~/bin/repo

$ gedit ~/.bashrc

Now you should see gedit open up your .bashrc file, to which you should add this at the very end, and save it:

export PATH=~/bin:$PATH

Now you need to close your terminal and open a new one to get the PATH variables to stick. Actually, it wouldn’t hurt to reboot your system after installing all of those programs we just installed. Your computer should now be primed and ready to go.

<<<<< Step 2: Download the source. >>>>>

Here is a very short project for you that takes the computer a long time to complete. Open a terminal and start typing:

$ cd ~
$ mkdir aokp6
$ cd aokp6
$ repo init -u -b mm
$ repo sync

You can now go outside, play with the kids, phone a friend, and then go to bed. When you awake the next morning, this might be done, depending on your internet connection!

<<<<< Step 3: Adding the device, kernel, and vendor trees. >>>>>

In some cases, you can simply type the command

[CODE]$ breakfast[/CODE]

and just choose your device, but at this time, the AOKP repository did not include a current device tree for the JFLTETMO phone, so we need to download one. I chose to test out the Dirty Unicorn JFLTETMO devices trees, by going here and choosing to download the zips. Later, perhaps we can learn about adding them as dependencies, but here are the links, be sure to choose the 6.0 branches and click the download button to download the zips:

Once you have downloaded them, unzip each one and rename them:

android_device_samsung_jfltetmo – jfltetmo
android_device_samsung_jf-common – jf-common
android_device_samsung_jflte – jflte
android_device_samsung_msm8960-common – msm8960-common
android_device_samsung_qcom-common – qcom-common

Go to you aokp6/device folder and create a folder called “samsung”. Now put the above folders into it.

Then unzip the kernel_samsung_jf folder and rename it “jf”. Go to the aokp6 folder and create a folder called “kernel”, go into the kernel folder and make a new folder called “samsung”, enter that folder, and put your “jf” folder here. Don’t worry, we are almost done.

Now go to your aokp6/vendor folder. Create a new folder called “samsung”. Enter the samsung folder and copy the contents of your unzipped proprietary_vendor_samsung folder. This should be a bunch of folders like jf-gsm-common, jf-common, etc. You actually don’t need all of these folders right now, but it will not hurt to have them, and there are two folders in there that you need.

Now you should probably take a break before going on to the next step!

<<<<< Step 4: Editing the device, kernel, and vendor trees. >>>>>

Now, go to the device/samsung/jfltetmo folder and rename to and edit it as follows:

$(call inherit-product, device/samsung/jfltetmo/

# Enhanced NFC
$(call inherit-product, vendor/aokp/configs/

# Inherit some common DU stuff.
$(call inherit-product, vendor/aokp/configs/

PRODUCT_NAME=jfltetmo \
TARGET_DEVICE=jfltetmo \
BUILD_FINGERPRINT=”samsung/jfltetmo/jfltetmo:4.4.4/KTU84P/M919UVUFNK2:user/release-keys” \
PRIVATE_BUILD_DESC=”jfltetmo-user 4.4.4 KTU84P M919UVUFNK2 release-keys”

PRODUCT_NAME := aokp_jfltetmo
PRODUCT_DEVICE := jfltetmo

NOTE: the original file said “vendor/du/config/*” you must change it to “configs” or there will be an error!

Then, in the jfltetmo folder, delete the cm.dependencies file. Do the same deletion in all of the device/samsung/* directories. You don’t want to download CM dependencies, because you already have them here.

Note: Because repositories are constantly updated, I can only garuntee that this will work based on the files as they were the day of this writing. However, with all of this in place, if you follow this guide, it should work realatively the same as what happened for me.

You can actually just run the compiler right now, however, you will have several stop errors that we plan to address here before you do that. All of these edits are due to errors that cropped up when running the compiler.

The first error was relating to libhealthd. Android and AOKP source already has a built in libhealthd for the qcom motherboards, and it is a duplication of efforts (which causes an error) to have both the device tree libhealthd and the source libhealthd. So here is how we fix it. Now, go to the device/samsung/qcom-common/libhealthd folder, and make the following changes to the file:

# WJH LOCAL_PATH := $(call my-dir)

# WJH include $(CLEAR_VARS)
# WJH LOCAL_SRC_FILES := healthd_board_default.cpp
# WJH LOCAL_MODULE := libhealthd.qcom
# WJH LOCAL_C_INCLUDES := system/core/healthd bootable/recovery

Another error that will crop up if you run the compiler now, is that your multi-media video will have a problem setting the picture order, and the compiler will get confused and stop with an error. So we can fix that here before we begin. We need to edit one of the hardware files. Go to hardware/qcom/media-caf/msm8960/mm-video/vidc/venc/src, and edit the video_encoder_device.cpp file as follows (this is the last few lines of the file):

bool venc_dev::venc_set_picture_order_count_type(OMX_U32 type)
// WJH venc_poctype temp;
// WJH venc_ioctl_msg ioctl_msg = {&temp, NULL};

// WJH temp.poc_type = type;
// WJH DEBUG_PRINT_HIGH(“Setting poc type: %d”, type);
// WJH if(ioctl(m_nDriver_fd, VEN_IOCTL_SET_PIC_ORDER_CNT_TYPE, (void *)&ioctl_msg) < 0)
// WJH {
// WJH DEBUG_PRINT_ERROR(“Request for setting poc type failed”);
// WJH return false;
// WJH }
return true;

And finaly, there is an error that will pop up and stop your compiler because of a conflict over the “ambientIsAvailable” portion of this file: packages/apps/InCallUI/src/com/android/incallui/ at line 404. So we will just go ahead and edit it here before we begin.

final boolean showNote = isProvisioned &&
// WJH DeepLinkIntegrationManager.getInstance().ambientIsAvailable(getUi().getContext()) &&
mNoteDeepLink != null;

Now that all of the hard work is done, it is time to actually build something!

<<<<< Step 5: Start your build! >>>>>

Phew! You have invested a lot of hours into this project, now it is time to actually put those files and time to use! Open up a terminal in your aokp6 folder and start typing:

aokp6$ . build/

Which will output something like this:

including vendor/aokp/
including sdk/bash_completion/adb.bash
including vendor/aokp/bash_completion/git.bash
including vendor/aokp/bash_completion/repo.bash

Now type:

aokp6$ brunch jfltetmo

Which will start the long build process, it will output this:

including vendor/aokp/
Got local manifest
Got local manifest
Checked dependency tree over :
NO_DEPS: device/*/jfltetmo

AOKP_VERSION = aokp_jfltetmo_mm_unofficial_2016-06-20_1015
TARGET_PRODUCT = aokp_jfltetmo
TARGET_ARCH_VARIANT = armv7-a-neon
HOST_ARCH = x86_64
HOST_OS = linux
HOST_OS_EXTRA = Linux-3.16.0-73-generic-x86_64-with-Ubuntu-14.04-trusty
OUT_DIR = /home/alaskalinuxuser/Documents/projects/phones/compile/aokp6/out

And this:

…..edited for space…..

Import includes file: /home/alaskalinuxuser/Documents/projects/phones/compile/aokp6/out/host/linux-x86/obj/EXECUTABLES/acp_intermediates/import_includes
host C: libhost <= build/libs/host/CopyFile.c
build/libs/host/CopyFile.c:86:43: warning: unused parameter ‘pSrcStat’ [-Wunused-parameter]
static bool isSameFile(const struct stat* pSrcStat, const struct stat* pDstStat)
build/libs/host/CopyFile.c:86:72: warning: unused parameter ‘pDstStat’ [-Wunused-parameter]
static bool isSameFile(const struct stat* pSrcStat, const struct stat* pDstStat)
build/libs/host/CopyFile.c:104:42: warning: unused parameter ‘src’ [-Wunused-parameter]
static void printNotNewerMsg(const char* src, const char* dst, unsigned int options)
build/libs/host/CopyFile.c:531:69: warning: unused parameter ‘isCmdLine’ [-Wunused-parameter]
static int copyFileRecursive(const char* src, const char* dst, bool isCmdLine, unsigned int options)

…..edited for space….. Stuff like this will scroll by …..

Copy: /home/alaskalinuxuser/Documents/projects/phones/compile/aokp6/out/target/product/jfltetmo/obj/STATIC_LIBRARIES/libext4_intermediates/libipt_LOG.c
Copy: /home/alaskalinuxuser/Documents/projects/phones/compile/aokp6/out/target/product/jfltetmo/obj/STATIC_LIBRARIES/libext4_intermediates/libipt_MASQUERADE.c
Copy: /home/alaskalinuxuser/Documents/projects/phones/compile/aokp6/out/target/product/jfltetmo/obj/STATIC_LIBRARIES/libext4_intermediates/libipt_MIRROR.c
Copy: /home/alaskalinuxuser/Documents/projects/phones/compile/aokp6/out/target/product/jfltetmo/obj/STATIC_LIBRARIES/libext4_intermediates/libipt_NETMAP.c
target StaticLib: libip4tc (/home/alaskalinuxuser/Documents/projects/phones/compile/aokp6/out/target/product/jfltetmo/obj/STATIC_LIBRARIES/libip4tc_intermediates/libip4tc.a)
target thumb C++: keystore <= system/security/keystore/keystore.cpp
target thumb C++: keystore <= system/security/keystore/keyblob_utils.cpp
target thumb C++: keystore <= system/security/keystore/operation.cpp

…..edited for space…..


Notice that there were some “warning” flags in there. Warnings are not all bad, but they can be. In this case it works out okay. Hopefully, after many hours, you should see this:

______ _____ __ __ _____
/\ _ \/\ __`\/\ \/\ \ /\ _ `\
\ \ \L\ \ \ \/\ \ \ \/’/’\ \ \L\ \
\ \ __ \ \ \ \ \ \ , < \ \ ,__/
\ \ \/\ \ \ \_\ \ \ \\`\ \ \ \/
\ \_\ \_\ \_____\ \_\ \_\\ \_\
\/_/\/_/\/_____/\/_/\/_/ \/_/

===========-Package complete-===========
zip: /home/alaskalinuxuser/Documents/projects/phones/compile/aokp6/out/target/product/jfltetmo/
md5: 46bc18249c61988e75aba813464692a3
size: 320M

Success! Praise God! Now you can put this on your phone and test it out! Hopefully everything will be working! For future use, now you can start making changes or edits, from backgrounds to kernels! Have fun and make lots of backups. Remember, sometimes it is really hard to undo a change that you make.

Hopefully we learned how to set up our system, get the source, add devices and kernels that are not in the source, make proper edits, and run the compiler. Like I said, this works on my machine, as of this writing. You may notice, that if you make this build, it will not be identical to the one that I have posted on XDA. That is because I have made a few edits, additions, and/or subtractions here and there. That is the great thing about Android and open source! It is now up to you to make it better, to make it unique, or to make it you. Good luck with those builds, and be sure to share and help the next guy or gal with thier projects too!

Linux – keep it simple.


Real World Example: Setting up a dynamic IP for remote ssh sessions – for free!

Yet another Real World Example (RWE)! I know it has been a while since I have posted one of these, but it is better late than never, right?

The situation: An undisclosed party needed a way to log into their Linux computer from anywhere. Particularly from their home computer, or their cell phone while on the go. This is pretty handy, as an admin can log in, restart/start/stop services, and check on status without driving back to the office. They also didn’t want to spend any money for services, or purchase any new equipment, it just wasn’t in their budget.

The Solution:

The first thing that we had to discuss was what kind of connection they needed. In this case it was an SSH session, which is great as far as bandwidth and setup. However, this scenario would work just as well for Xrdp, vnc, ftp, etc., it just helps that in this case it was a “simple” fix that would be quick to set up.

The second thing that we needed was a way to establish the address of the computer in question. We will refer to the computer that they wish to connect to as the server, and we will refer to the gadget that they are using to connect as their cell phone or home computer. We needed a way to tell the cell phone the ip number of their remote server. Since they do not have a staic WAN IP address assigned to their router, they do not have a hard and fast “set” WAN IP address that does not change, instead they have the dynamically assigned IP address that gets changed potentially every time they connect to the internet, or every DHCP renewal to their router, etc.

The best answer to this problem would be to pay for a static IP address and assosiated Dynamic Name Services (DNS) so that you have a hostname that you type into your home computer or cell phone which always leads to your server. Ths service actually cost money, and hense would be outside of their budget.

So how did we solve this issue? Well, enter No-IP for free ( ), which is an internet based company that has a few very handy tools to do just that. As we will see from the following, setup was really easy, and FREE. By free, they mean, FREE. Which is pretty nice these days. Now, they do have upgrade options which are not free, but the basic package is completely free.

The first thing that we had to do was register an account for them. Once registered, we added a “hostname” for them. They have many to choose from, such as “” and “”. We will not discuss their actual choice to protect the innocent, but for this example I will continue with

Second, we set up the computer with their DUC (dynamic updater client) which we downloaded from their website. It comes as a tar file, which we unzipped, and then we ran make install to put the files where they needed to be. It was really pretty simple and had a few straitforward questions in the config file, as well as instructions on how to start and stop the service, and how often it should update.

This DUC tool is what makes it all work. The DUC tool finds out what your router’s dynamic (changing) WAN IP address is at any given moment, and sends a packet to the No-IP server to tell it your present dynamic IP address. So when you connect to, it is actually asking No-IP’s server what the current WAN IP address is for your server. Pretty slick trick actually.

Once that was done, we of course needed to do the basics, such as installing the SSH server. In this case we chose to:

$ sudo apt-get install openssh-server

Which istalled OpenSSH Server. Now I don’t want to get too deep into the details of their setup, for security purposes, but I will cover the basics here. I highly recommend that you choose an arbitrary port other than 22 for your SSH connections, to help trick those who do wrong from attempting the connection. It may even be wise to pick a port that is used for something else. For the remainder of this explanation, though, I will explain what we did using the standard SSH port 22.

For security reasons, you should also not allow root logins, but rather use a special user who can then sudo or switch user to root with a password. This double door password feature will likely save your bacon if someone gets in. You should also use an obscure username, not something like admin, ssh, maintenance, or server. Finally, you should have a really complicated password, one that is as complicated as you can remember. In this case, we actually had to change their password to something a little tougher, because theirs was too short and a dictionary word, which is bad. Also be sure to properly set up your firewall, which is something we will not talk about here.

The next step on the bucket list was to configure the router. Which has several smaller steps, but which were easy to manage locally. Their server already had a static IP on the Local Area Network, but if you are setting this up for yourself, say at home, be sure to give your server a local static IP address from your home router. This is usually done based on the server’s mac address. In this case, consider it

After all that, we were down to the final step, which is to configure the router for port forwarding. Most routers have a web gui that is fairly intuitive, and you will need a guide for your router to complete this step. In this case, we assigned anything coming in on port 22 to be forwarded to the local IP address of the server computer, or Note that the :22 means to send it to port 22 of the local computer.

Now the setup was done and it was time to test it. Which I did from my cell phone. Having an Android phone running SlimLP (5.1.1) I used an app called JuiceSSH. It is a really great app that is well constructed, looks snazzy, and works flawlessly. It also allows screen rotation, and even has special keys such as tab and ctrl. So in the app, I chose to set up a new connection to, port 22, with the appropriate username and credentials. Once I clicked connect, I was greeted by some scrolling information about echanging keys, passwords, etc., and eventually the remote server’s command prompt. Success!

All told, that was a pretty simple fix for a complex problem! Not to mention it was completely free. One down side to the free option, however, is the need to renew your free hostname every 30 days. That’s a pretty easy trade off for the free service though. Also, the free package only includes 3 dynamic addresses. So if you want to do this for a large business, you are better off with a paid package.

Linux – Keep it simple.

How to make XRDP look better

One of the things I do on a regular basis is use rdesktop to log into another computer (or cell phone) through xrdp. It is simple and works very well, as well as being very simple to set up. While not really a problem, I got bored of looking at the old xrdp icon and the simple xrdp logo for the interface. So, I decided to change it.

Unfortunately, I didn’t know where that was done. I checked the xrdp.ini file, but it didn’t have any reference to the pictures used. A quick Google search led me to look in the /usr/local/share/xrdp folder. However, that folder didn’t exist in Debian. The article was for a RedHat/Fedora user, so I figured they just have a slightly different folder set up.

The article said that xrdp used bitmap files, so I just tried to look it up with locate and grep:

$ locate xrdp |grep bmp

When I opened that folder I could see that those files were in fact the icon and logo displayed during log in. While I still don’t know what points to these files, I decided to cheat and just change these files with my own. I used image magic to convert my files for my pictures, then copied them to the folder and renamed them.

$convert theme_tron.png tron.bmp
$convert android.jpg bg.bmp
$sudo cp bg.bmp /usr/share/xrdp/ad256.bmp
$sudo cp tron.bmp /usr/share/xrdp/xrdp256.bmp
$sudo convert /usr/share/xrdp/ad256.bmp -resize 25% /usr/share/xrdp/ad24b.bmp
$sudo convert /usr/share/xrdp/xrdp256.bmp -resize 25% /usr/share/xrdp/xrdp24b.bmp

Now when I log in, I get to see my custom login screen!

Linux – keep it simple.

Real World Example: Why can’t I talk to my blackbox?

You are probably getting tired of hearing about TCPdump, but I just can’t get over how handy it is.

After a recent upgrade to one of our simulator systems, we needed to re-align the projectors. This re-alignment is quite complicated, where you have multiple projectors overlayed on a curved screen which reflects off of a curved mirror to point all of the image to the focal point of the pilot who is driving in the simulated world. Fortunately for us, we have a computer program that does the heavy math for “warping” the image on the projectors to make them line up on the curved surface. To do that, however, we first have to turn on a series of LED lights to guide the projector and camera system to the edges of the screen. Here is where we ran into a problem.

The LED lights are controlled by a simple blackbox controller with the IP address of, which you can open in a browser on several hosts to reach the web gui and turn on and off the various LEDs. When we tried to connect to the web gui, our connection would time out, and we were unable to communicate with the box.

Unfortunately, I did not tee it to a log, so I don’t have the log example to paste here, but here is what we did.

First we tried to ping it:


All of the pings whent through. However, the pings had unusually high return times. Something was creating a problem. We then ran two different TCPdump instances.

#tcpdump -i eth0 |grep

There are better ways to do this, but it was the quick and dirty way to see who the black box was talking to, and who was talking to the black box. As it turns out, the Image Generation system ( was incredibly busy talking to the blackbox. What we found was that the IG system was set to talk to all of the projectors and cameras on the addresses and was constantly polling the projectors for status updates and consistently sending the projectors a time stamped request to display the image, a sort of lock to keep them in sync. Because the blackbox was above 50, it was also receiving this data, but it was useless to the blackbox. Unfortunately, the blackbox was not able to keep up with the constant amount of useless traffic, and would falter on loading the gui because it was too busy processing the other traffic.

Since we are not allowed to change the software settings, we simply changed our procedure to first stop the IG system, which was not needed for projector alignment. Problem was solved, and we were once again able to communicate with the blackbox. Just another easy real world example of using TCPdump with Linux.

Linux – keep it simple.

Real World Example: Turning an Access point into a wireless repeater

Recently at my work we realized that we needed to extend our wireless internet without wired connections. They do, of course, sell wifi extenders. We actually bought one, and had some marginal success with it, but it would often require rebooting by way of physically unplugging it and plugging it back in. This became tedious. It also did not have very good signal strength, and we needed to put it fairly close to our main wireless access point to make it work. This was unsatisfactory.

So, I needed a solution.

Enter DD-WRT. As it turned out, we have several Linksys Wireless-G Broadband Routers. We had a version 2.2, and a version 8.0. DD-WRT allows you to wipe the Linksys firmware, and replace it with a small Linux run firmware called DD-WRT, which has a lot more options, such as wireless repeaters and bridging.

First stop was here to get the software and do some *light* reading. By light I mean HEAVY, REALLY HEAVY.

Then I started the process of wiping the version 8.0 Linksys. First, performing the hard reset, by pressing the reset button for 30 seconds, unplugging the unit, still pressing the reset button for another 30 seconds, and then plugging back in while holding the reset button for 30 more seconds, or 90 seconds total. This is required they say to clear the NVRAM.

Once done, I logged into the router through a wired lan connection on, username/password of admin/admin, the defaults. Once in, I simply navigated to the Administration -> Update Firmware page and selected the browse button. For my specific model, I then “upgraded” it by selecting the vxworkskiller_GV8-v3.bin file. This actually wiped everything and set it back to the boot mode.

The Linksys rebooted itself, and I waited 5 full minutes, per the instructions, before proceeding.

I lost my LAN connection to the Linksys, so I set my LAN to a static IP of,,, respectively, which allowed me to connect once again. The web gui was no longer available, but it did accept pings.

I then used tftp to push a file to it. If you do not have tftp in Debian, you can install it like so:

$ sudo apt-get install tftp

I then typed the following:

# tftp
> mode binary
> rexmt 1
> timeout 60
> push dd-wrt.v24_micro_olsrd_generic.bin
xxxxxxx kb sent in xxx seconds.

Now I waited once again for a while to make sure the Linksys reset itself properly. After a few minutes, I logged into the unit on my LAN cable at, to be greeted by DD-WRT! There were several helpful guides on how to wirelessly link two or more routers, so I highly recommend you read one of them before proceeding, as the language used for the connections seems backwards to me, making it impossible for me to set up on my own. With a guide, however, it linked right up and is working flawlessly!

Linux – keep it simple.

Real World Example: Why you can’t add a swap file to an older Android device.

Recently, while utilizing Linux on my Android phone, I ran into an interesting problem. Android uses memory differently than Linux usually does. In the Android world, programs that you open are suspended in RAM, and a portion of that RAM is kept active even when you “close” a program. This allows the programs you have previously opened to become available again very quickly.

Linux does not typically operate in this fashion, although there are options and configurations to do similar things. The problem, however, is that Debian is sharing the RAM with Android on my phone, rather than being a seperate chroot program under Android. So Debian can only utilize the RAM that Android is not hogging.

I decided that a swap file may help me while I am utilizing Debian. So I set about to create one:

phone@localhost:~$ dd if=/dev/zero of=./swapfile bs=512 count=102400
102400+0 records in
102400+0 records out
52428800 bytes (52 MB) copied, 9.79242 s, 5.4 MB/s
phone@localhost:~$ ls -lah
total 63M
drwxr-xr-x 24 phone phone 4.0K May 27 20:02 .
drwxr-xr-x 3 phone phone 4.0K Feb 12 15:32 ..
————- Edited
-rw-r–r– 1 phone phone 50M May 27 20:02 swapfile
————- Edited

phone@localhost:~$ sudo chmod 0600 swapfile
phone@localhost:~$ sudo chown root:root swapfile
phone@localhost:~$ sudo mkswap ./swapfile
mkswap: ./swapfile: warning: don’t erase bootbits sectors
on whole disk. Use -f to force.
Setting up swapspace version 1, size = 51196 KiB
no label, UUID=c083a787-70da-40e1-bd44-e2a18875cf75
phone@localhost:~$ sudo swapon ./swapfile
swapon: ./swapfile: swapon failed: Function not implemented
phone@localhost:~$ sudo mkswap -f ./swapfile
Setting up swapspace version 1, size = 51196 KiB
no label, UUID=55faa525-9190-45da-888e-01c829eca1dc
phone@localhost:~$ sudo swapon ./swapfile
swapon: ./swapfile: swapon failed: Function not implemented
phone@localhost:~$ uname -a
Linux localhost #1 PREEMPT Fri May 27 09:18:49 KST 2011 armv7l GNU/Linux

What we can see here, however, is that it didn’t work. The question was why did it not work. The answer is that the Android/Linux kernel was compiled without CONFIG_SWAP=y. WIthout this compiled into the kernel, then swap is disabled. Unfortunately, since these kernels are digitally signed, I cannot simply find a swap module for the kernel and load it. Not to mention, as far as I can tell there isn’t one. I would need a whole new digitally signed kernel with that option enabled.

As of Android 4.0, I have been told this option is enabled, but for all of these older phones and tablets, it is not an option without specific kernels or patches. Bummer.

Linux – keep it simple.

Real World Example: Fixing LSB tags and overrides on a Linux expanded Android phone.

As is often the case, I usually expand my Android phones to full Debian distributions using Sven-Ola’s Debian Kit. Since Sven does not appear to support the kit anymore, it sometimes takes quite a bit of tweaking to make it work. Recently, I put Debian on a phone with PacMan Rom which was equivalent to Android 4.4.4. One of the many problems which I ran into involved LSB tags and overrides.

Note: LSB stands for Linux Standard Base. “The Linux Standard Base (LSB) is a joint project by several Linux distributions under the organizational structure of the Linux Foundation to standardize the software system structure, including the filesystem hierarchy used in the GNU/Linux operating system.” –Wikipedia. Essentially, LSB is a movement amongst Linux to set some standards that should be common between all distributions.

The PacMan Rom creator needed to fix a few things that happen during startup. They did this by creating some scripts for insserv to utilize and make the system perform/work as it ought to. The particular problem was this: with these scripts in place, I would be alerted every time I tried to install something new that there was an error. Sometimes this error would make insserv so angry that it could not continue to do what I originally told it to do, like install something from the repositories through scripts. That is not acceptable when it causes a failure, and rather annoying when it creates all of the warnings.

The warnings look like this:

insserv: warning: script ’90userinit’ missing LSB tags and overrides
insserv: warning: script ’81setrenice’ missing LSB tags and overrides
insserv: warning: script ’81cron’ missing LSB tags and overrides
insserv: warning: script ’80check’ missing LSB tags and overrides

A cursory reading of the Debian wiki page for LSB tags told me to either add the tags or place copies of the files in the /etc/insserv/overrides/ directory. Since the original scripts make the PacMan Rom work, I really didn’t want to edit them. So I decided to fix this by putting copies of each script into the overrides directory.

# cp /etc/init.d/90userinit /etc/insserv/overrides/
# cp /etc/init.d/81setrenice /etc/insserv/overrides/
# cp /etc/init.d/81cron /etc/insserv/overrides/
# cp /etc/init.d/80check /etc/insserv/overrides/

Well, that ought to do it. Or so I thought. Physically putting them in the overrides folder does not make them overridden. As I came to learn, you need to tell insserv to look for each individual overridden file.

# insserv -o 90userinit
# insserv -o 81setrenice
# insserv -o 81cron
# insserv -o 80check

Wow, now I’m done right? Wrong! As it turns out, what I didn’t understand, and what I don’t feel was reasonably clear in the wiki page was: putting something into the override folder and telling insserv that it is overridden doesn’t actually make it null and void and cause it to ignore the files or errors. Doing all of this simply tells insserv to use the override file instead of the original. Of course, all of my overridden files were copies of the original, and had the same problems and caused the same errors. So I needed to perform a few more steps to make this work.

Ultimately, it would have been shorter to add the LSB tags to the original scripts, but I was still concerned that changing them in any way might hinder their function, so I didn’t want to touch them. However, I now had overridden copies that were available to be edited to my hearts content. So I simply stole the tags from another script.

# head -17 /etc/init.d/cron >> /etc/insserv/overrides/90userinit
# head -17 /etc/init.d/cron >> /etc/insserv/overrides/81setrenice
# head -17 /etc/init.d/cron >> /etc/insserv/overrides/81cron
# head -17 /etc/init.d/cron >> /etc/insserv/overrides/80check

I then opened each file, went to the last 17 lines, and edited the runlevels and name listed in the LSB tags. A quick check with insserv -n revealed that I no longer had any errors popping up! Finally that nuisance was gone and I could focus on the real problems.
Linux – keep it simple.