## Samba absolutely needs to be user-configured.

On my Linux machines, I generally have the Samba server installed, to ease the simple transfer of data over my LAN. But it can happen that during an initial install, a computer of mine only has the Samba client installed, not the server. This initially results in a computer which remains invisible to LAN-browsing, but which can browse the Samba shares of other computers.

Recently, an upgrade to the Samba packages I had installed on the laptop I name ‘Klystron’, also pulled in as dependencies, the actual Samba server, which next made that laptop visible to the LAN-browsing of my other computers.

And so what I thought next, was that I would not have to set up this new Samba-installation, in that it should default to safe behavior when not configured. And it turns out I was wrong.

The behavior of the new Samba setup was such, that it did not allow unauthorized fetching of user shares, but also such, that that laptop would sometimes just seem to disconnect from the Samba servers on the other computers.

And so what I have learned, is that every time we install Samba, we must also customize ‘/etc/samba/smb.conf‘, so that this configuration is compatible with whatever we have set up on our LAN. I just did so, this afternoon. And ‘Klystron’ then reappeared in the LAN-browsing of my other computers, including to the Windows 7 machine I name ‘Mithral’, without requiring any reboots from me.

The fact remains that ‘Klystron’ has an empty ‘smbpasswd’ list, and that it does not share out any user data. But still, it needed to be configured.

Dirk

## VPN Server Test Completed Today

Just this evening, I went to my neighborhood Tim Hortons, to order some food, but also to use their public WiFi hot-spot, in order to log in a session with the VPN server I have on my LAN, that uses the ‘OpenVPN’ protocol. This is a type of test which I perform periodically, just to make sure that the server does work, after certain upgrades. The test was a success.

But I would like to point out several things which this action does not imply.

In the world of today, many people pay money to rent a VPN server, the only purpose of which is to fool the geo-blocking of certain services offered in the USA. In this context, they may expect that to install ‘OpenVPN’ on their clients, will give them free access to a VPN.

This would be False.

The way I have OpenVPN set up on my LAN, I can use the compatible Android client, named “OpenVPN For Android”, to make my computers behave as though my tablet was physically on my LAN. From there, I can ping computers on my LAN. This could be useful to me if I need to access certain resources that specifically exist on my LAN here at home.

In general, I do not use this service to redirect any Internet traffic through my VPN, so that Internet traffic continues to flow directly from the tablet which is my client, through the WiFi that I have used separately, to gain access to my OpenVPN server.

Some people have suggested that I may be taking quite a chance with my data, by connecting to my VPN from within a WiFi hot-spot. But contrarily to what the name of this protocol may suggest to some minds, this protocol has robust encryption techniques in place, in addition to password challenges, which will not only prevent unauthorized access, but also prevent any data from being gleaned from the connection, in the event that the entire session might be monitored.

My main fear in this scenario tends to be, that certain hot-spot operators may not differentiate, between a person who connects to his VPN at home, and one who connects to a VPN across the border, simply because either type of session typically uses the same port numbers, only on different servers. If they did not differentiate, my access to any VPN might be blocked regardless. It was not blocked this evening.

There is an observation about Tim Horton WiFi however, which I may mention. I pinged another computer tonight, which was physically on my LAN. This represents a low-bandwidth scenario. The ping times were slower than before, averaging maybe 200ms. In the past I sometimes obtained ping times of 30-50ms. Yet, if I was to do the same thing from a non-public WiFi hot-spot, my ping times should also be back to normal…

Dirk

## I have just had to get my hands dirty, with apt-listbugs.

According to This Posting, I have installed ‘unattended-upgrades‘ on the computer I name ‘Phoenix’, and I have also installed ‘apt-listbugs‘, as an insurance policy against ‘unattended-upgrades‘ auto-installing defective packages.

This has always posed the question of what will happen in practice, if ‘apt-listbugs‘ “pins” certain packages, thus having stopped them, but if the update-procedure needs to be reactivated later, manually. I have never had to act in this matter yet, while instead, there was one recorded occasion, on which upgrades did not take place on one day, but took place again a day later, automatically.

But just today I needed to override what ‘apt-listbugs‘ had done, manually. In particular, the question exists, of how one can get apt-listbugs to unpin an upgrade which was once scheduled, so that we can do the upgrade later, and so that we can see what apt-listbugs had to say about it.

By default, if we then simply type in ‘apt-get upgrade‘, nothing happens.

As it turns out, there is a single file named ‘/etc/apt/preferences.d/apt-listbugs‘, which we need to delete, before we can restart an upgrade process.

After I did this, my ‘apt-get upgrade‘ took place normally again, and I got to see what the error was, over which ‘apt-listbugs‘ had stopped the unattended upgrade today.

Dirk

As of an earlier posting, I had “Dropbox” v3.16.1 running on my KDE-4 Linux desktop. This version has updated itself to v3.18.1 . Additionally, I have this Dropbox client installed and idling, on the Linux laptop I name ‘Klystron’.

I see one significant new behavior. When I have left my laptop idle, with the screen turning off, the little Dropbox icon changes to show that it has dropped its connection to the Dropbox server. This is similar to behavior which my “Pidgin” IRC client has shown, and seems to suggest, that there are power-saving measures in place on up-to-date Linux desktop managers, which certain applications may opt to use.

The ‘KDE’ desktop manager has in common with ‘GNOME’, that both now use ‘DBUS’ as their inter-process communication system. So what works under GNOME, will frequently also work under KDE when properly set up.

But the fact that both Pidgin and Dropbox seem to do this on my laptop, means that I do not have to keep looking as hard as before, for causes within the kernel module of my laptop WiFi, for possible connection issues. In both cases, the software seems to reconnect to its server, as soon as I have unlocked my screensaver.

Unlocking the screensaver is an event, which a kernel module usually does not recognize.

(Edit 04/17/2016 : ) One way in which such a power-saving mode would make sense however, is that the Kernel can recognize it, and can give the software command to the Kernel Module, to turn off its antenna as well. However, according to This Posting, I have forbidden the KM from following such a command, such that the antenna does not switch off.

Depending on what software we have installed, simply having the WiFi turn off, can cause problems.

Dirk