containers, e.g. with systemd

The more complex a program or application, the more likely it contains exploitable or otherwise dangerous faults. Containers are a way of limiting the damage by limiting an application access to the bare minimum. Ideally we would have a separate and instantly replaceable computer for every little daemon and service we run. Sadly, even with virtual machines, this would hardly be an efficient use of resources, so containers try to find a middle ground by allowing us to separate applications almost as if they were running on different machines, while actually sharing the same hardware and operating system kernel.

Several features come together to make this possible:
  • chroot
  • namespaces
  • cgroups

And it is a good idea to augment them with others:

  • seccomp-bpf syscall filter
  • packet filtering (ebtables)
  • virtual network devices
  • apparmor

Armed with these keywords, your week should now be filled with interesting and productive reading. :-)

If all you want are some opinionated basics however, read on:

Lesen Sie weitere containers, e.g. with systemd

Saving power of powerful printers

printerbonegreen

At home, my Samsung laser-printer uses 15W during standby. So, a few years back, in order to save power, I put it on a USB-controlled power-plug. Pretty soon I added a tiny script that would query cups if a print-job was queued and would switch the printer on and afterwards off again. It turned out to be a pretty effective power saving measure.

usbpowerswitching

Our two very big and reliable printers at realraum were even more power hungry, so I wanted to to something similar for the space.

Using the hardware I had on hand, I cobbled together the following:

* A BeagleBone Green to act as cups print-server and to run the python scripts.
* An empty 230V power-plug case, housing a 5V power-supply (for the BB) and a small opto-coupler isolated relay to switch the plug.
* A second power-plug case with a second small opto-coupler isolated relay.

While there is a lot of room for optimization, like a leaner BeagleBone image and better housing for the power-plugs, printing- and power-saving-wise it works very well.

As always you can find our code on Github. Stay tuned for updates.

Laser Engraved Zippo

Engraving Metal
1: Engraving Metal

Years ago we got some horribly expensive foil needed to engrave metal using our laser-cutter. Today is, as far as I know, our first attempt to actually use it.

People always seem to search for a lighter, but then forget to put them back. As a result, even the safely stored ones can never be found when a Bunsen needs to be lit (which we actually have an Piezo for that the evil smokers don’t want to steal) or a flame is needed for some project.

Reason enough to make a big deal out of nothing and sponsor an old but sturdy quality Zippo and mark it permanently with the r3 Logo!

Obviously the Zippo was empty. Just to be safe.

finished engraving with foil still attached
2: finished engraving with foil still attached

Afterwards the burned foil needs to be removed and the surface cleaned.

Finished is the engraved lighter. Not so bad for a first attempt, even though the result could be even nicer. Laser-speed was set to 10mm/s and power to 100% of the 60W.

Not to self for next time: don’t trust the red positioning dot without checking if it still corresponds to the actual laser position. The graphic was offset by a few mm. Still worked out though.

Works! The final working result is now stored in the drawer in Masha. As engraved on the lighter. :-) The lighter fluid is right across from it on the shelf.

Have fun and put it back!

Finished Engraving
3: Finished Engraving
r3 Lighter
4: r3 Lighter
stored in MaSha
5: stored in MaSha