Raspberry Jam with Debian and Arch Linux ARM

RaspberryPi is a tiny little (credit-card size) ARM/Linux box which has caught the software/hardware/linux communities by storm.  Here’s an image from raspberrypi.org that explains exactly what this tiny little machine does:-

RaspberryPI

The hacker community in Singapore is in full-blown Raspberry Mania with our inaugural Raspberry Jam held at Hackerspace.sg on the evening of 19th July.  To quote RaspberryJam.org.uk, a

Raspberry Jam is a rapidly growing global network of user groups that meet every month to support hobbyists, developers, teachers, students, children and families – in fact, anybody that would like to put their Raspberry Pi to good use.

I have been wanting to mess with this cute little machine with my daughter since I heard about it back in December 2011. With its simplicity, barebones approach and low low cost of USD25.00, it was the perfect vehicle, in my opinion, for introducing her to the notion of computing.

Getting my linux OS into the RaspberryPi was a simple matter of running `sudo python raspiwrite.py` and selecting the appropriate linux distro (specific flavor of a linux operating system) and the script walks you gently through it.  Fortunately for me, Debian distro and Arch Linux (arm) distro are both my favorite linux distros; and getting Debian up-and-running (from my Mac OSX machine) was particularly a brain-dead affair.  Get started by downloading the raspiwrite.py script from http://exaviorn.com/raspiwrite/.  Alternatively, if you are a pro hacker with git chops, get the latest and greatest version of raspiwrite.py from https://github.com/exaviorn/RasPiWrite.

RasPiWrite: your Debian distro set-up via a simple Python script

Once you have gotten your script, insert your blank SD card into your SD card reader connected to your machine, launch your terminal, cd into the RasPiWrite directory to run `sudo python raspiwrite.py` and you should be guided by this well thought out python script and, for now, we will choose the simpler Debian option:

Once done, all we have to do is to plug our Debian-powered SD card into the RaspberryPi’s SD card slot, plug in a 5V power cable into the micro USD, connect a mouse, a keyboard into the USD ports, hook up a HDMI display device (which in my case, is a small, portable projector with a HDMI port) and we will have our little machine booted up. Our installed Debian image comes with LXDE desktop environment, so it was a simple matter of booting up our machine, logging in with the image’s prescribed/default user name and password and launching LXDE via `startx`.

Here’s the debian LXDE desktop in all its glory:

Arch Linux ARM for the advanced Linux users… or Beginners who are brave enough to venture! :-)

Since Arch Linux is my favorite linux distro, it was simply impossible for me not to go down this road; especially since RasPiWrite has gotten it nailed as one of the easy-to-install option.

Bewarned that this Arch Linux ARM install for RaspberryPi does not come with a desktop manager.  This means that when you are done, all you really have would be the command line :-)

If this sounds really fun for you, read on!

Following the exact steps above with RasPiWrite, the first problem you will encounter, after the command-line step-by-step guide, will be:-

:: Starting Secure Shell Daemon [BUSY]
Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_dsa_key
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Disabling protocol version 2.
Could not load host key sshd: no hostkeys available -- exiting. [FAIL]

Well, this shouldn’t scare us off because

  1. You are a smart, clever boy/girl, ya? (encouragement for the Kids!!! think of the children!!!!!!!) :-)
  2. Arch Linux’s wiki is famously detailed and the Arch Linux forum users are crazily helpful

Well, for the uninitiated (windows users and mac users not acquainted with telling your computer what to do with typed instructions in command line), the error message is referring to a process which all linux operating system uses.  This little background software is called “ssh” (Secured Shell, like what the first line of the error message says) and it runs as a Daemon (background process, behind the scene when your operating system starts up) to allow a user to securely “login” to a machine.  In this case, our RaspberryPi’s Arch Linux ARM operating system (which we have just installed) is having trouble loading up this sshd (Secure Shell Daemon).

Now that we have beginner readers up-to-speed, let’s head over for some help on Arch Linux’s wiki/forum - https://bbs.archlinux.org/viewtopic.php?id=144449

And so it appears that this Arch Linux ARM Operating System image that we have installed does not have a functioning ssh program.  The prescribed solution is simply to connect our raspberrypi to an internet connection via its ethernet port and then run:

pacman -Syy
pacman -Rsn openssh && rm -vfr /etc/ssh && pacman -S openssh && /etc/rc.d/sshd start

The first command `pacman -Syy` tells our arch linux arm operating system to synchronize the latest open source software with the freely available open source repositories on the internet.

What the long, second line does is to remove any trace of the current openssh program (software “package” is the commonly used term), including other software libraries (dependencies) that it uses, remove all its associated files in /etc/ssh directory, install it all over again and then start up the daemon (the software “process” in the background).

`pacman` is the software “package manager” used by Arch Linux operating system (o yeah, I love operating systems with a sense of humor! And for the arch veterans, you and I know there’s a little easter egg here ya? shhhhhh…).  This command sounds scarily convoluted, but all it does is pretty much what you would do on a computer running windows or Mac OSX when you “click on a link” on a webpage to download some software that you want to use, and run the installer which comes with a graphical user interface.  In this case, we are simply giving instructions to remove the outdated copy of the “ssh” (openssh) software, and reinstall it with a fresh copy and then start it up immediately.

Once done, we can reboot and you will find that we no longer have that scary error message.

At this point, however, we are still messing around at command line!  This is perfect for advanced users who are familiar with administering remote servers and is used to dealing with “headless” (no Graphical User Interface) operating systems and simply wants a clean, barebones installation with bare minimum software so that we can be very very specific about exactly what other type of software we want to install/run from pacman (remember, Arch Linux’s open source software package manager).  For a small little machine like RaspberryPi, I imagine this would be exactly what most advanced users expect to use it for.

For those who would still like to have a GUI, we can of course use Debian (or Fedora), or we can still set up a Desktop environment (with wonderful Graphical User Interface that we are used to on Macs and Windows PCs).

Here’s a good resource for you to consider if you want to be part of the geek elite with Arch Linux :-D and still want to have your GUI desktop – http://www.raspberrypi.org/phpBB3/viewtopic.php?f=5&t=6000&p=79061&hilit=Arch#p79061

The Limitless Possibilities of RaspberryPi

This USD25 piece of wonder, like Arduino before it came about, has changed the landscape for small devices.  In recent days, a whole range of similar devices from Korea, China (There’s one called “Gooseberry”!) and many other countries will revolutionize what people can create with software and hardware.

Unlike Arduino (microcontroller-based), RaspberryPi is microprocessor based with a full fledge operating system running on it.  Already creative and talented software/hardware hackers are making waves with RaspberryPi-based creations like a remote-controlled car -

And a Coffee-making machine! Like this – http://moccapi.blogspot.sg/.

Plans for RaspberryPi!

Meanwhile, Kait-Lyn and I will hatch up our next *devilish* :-D project with RaspberryPi as well… and I have created a new community site called http://LittleHackers.com and Facebook group at http://www.facebook.com/groups/littlehackers with the mission of fostering parent-and-child bonding through creative and fun techie projects!

This is a community that will go beyond RaspberryPi.  A really good example of fun projects could be an Aquaponics project! Such as the one that Stephan February has been hacking on at his home for the past 1 year!  Aquaponics – http://en.wikipedia.org/wiki/Aquaponics.

At the end of the day, it is all about inculcating a can-do spirit, a “Maker’s Ethos” and a culture where curiosity and application of knowledge really matters. (Yes! More than certs! :-))

Insufficient entropy pacman-key –init

As mentioned on https://wiki.archlinux.org/index.php/Pacman-key, pacman package manager uses GnuPGP keys to determine if the open source packages that you install via pacman are authentic.  The detailed explanations on this wiki document explains the specific details, including the Signature checking level option (SigLevel) in our /etc/pacman.conf file.

After upgrading your pacman to 4.0.3:


$ pacman --version

.--. Pacman v4.0.3 - libalpm v7.0.3
/ _.-' .-. .-. .-. Copyright (C) 2006-2012 Pacman Development Team
\ '-. '-' '-' '-' Copyright (C) 2002-2006 Judd Vinet
 '--'
 This program may be freely redistributed under
 the terms of the GNU General Public License.

you might run into GnuPGP key authentication issues like this:


$ pacman -S vim
resolving dependencies...
looking for inter-conflicts...

Targets (2): vim-runtime-7.3.600-1 vim-7.3.600-1

Total Download Size: 5.11 MiB
Total Installed Size: 27.90 MiB
Net Upgrade Size: 0.31 MiB

Proceed with installation? [Y/n] Y
:: Retrieving packages from extra...
 vim-runtime-7.3.600-1-x86_64 4.3 MiB 2.21M/s 00:02 [#########################################################################] 100%
 vim-7.3.600-1-x86_64 864.1 KiB 3.01M/s 00:00 [#########################################################################] 100%
(2/2) checking package integrity [#########################################################################] 100%
error: vim-runtime: key "7FB1A3800C84C0A5" is unknown
:: Import PGP key 0C84C0A5, "Thomas Dziedzic ", created 2011-10-31? [Y/n] Y
(2/2) checking package integrity [#########################################################################] 100%
error: vim-runtime: signature from "Thomas Dziedzic " is unknown trust
error: vim: signature from "Thomas Dziedzic " is unknown trust
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

This means we are required to get our machine’s (local) pacman keys properly initialized before we attempt to install anything else.    In fact, this was mentioned when we upgraded our pacman to 4.0.3:


(12/13) installing archlinux-keyring [#########################################################################] 100%
(13/13) upgrading pacman [####################################e23####################################] 100%
 >>> Run `pacman-key --init; pacman-key --populate archlinux`
 >>> to import the data required by pacman for package verification.
 >>> See: https://www.archlinux.org/news/having-pacman-verify-packages

Oops. Should have followed the label.

However, running pacman-key –init resulted in a “hanged process”.

$ pacman-key --init
gpg: /etc/pacman.d/gnupg/trustdb.gpg: trustdb created
gpg: no ultimately trusted keys found
gpg: Generating pacman keychain master key...

https://wiki.archlinux.org/index.php/Pacman-key#Initializing_the_keyring mentions the solution by using haveged to generate the entropy (system randomness) necessary required by the  key generation process.

But we can’t really install haveged (pacman -S haveged) at the moment because we don’t yet have a master key. :-D

To solve that, we should change our SigLevel in pacman.conf for the community  repository to ‘Never’.


[community]
SigLevel = Never
Include = /etc/pacman.d/mirrorlist

Now, we can install haveged and then generate our master key. As explained in Arch Linux wiki:

pacman -S haveged
haveged -w 1024
pacman-key --init
pacman-key --populate archlinux
pkill haveged
pacman -Rs haveged

And we can now switch the community SigLevel in pacman.conf back to `SigLevel = PackageRequired`


							
													

Forcing glibc install on arch linux

On a fresh install of arch linux in linode, 2011.08 64bit, attempting to upgrade pacman will yield a glibc error.

Like this:


$ pacman -Sy pacman
:: Synchronizing package databases...
 core 105.9K 1322.3K/s 00:00:00 [#########################################################################] 100%
 extra 1408.5K 3.9M/s 00:00:00 [#########################################################################] 100%
 community 1748.9K 3.4M/s 00:00:01 [#########################################################################] 100%
resolving dependencies...
looking for inter-conflicts...

Targets (15): linux-api-headers-3.4.4-1 glibc-2.16.0-1 libarchive-3.0.4-1 ca-certificates-20120623-1 libssh2-1.4.2-1 curl-7.26.0-1 pth-2.0.7-4 libksba-1.2.0-2 libassuan-2.0.3-1
 pinentry-0.8.1-4 dirmngr-1.1.0-4 gnupg-2.0.19-2 gpgme-1.3.1-4 archlinux-keyring-20120622-1 pacman-4.0.3-2

Total Download Size: 13.05 MB
Total Installed Size: 61.67 MB

Proceed with installation? [Y/n] Y
:: Retrieving packages from core...
 linux-api-headers-3.4.4-1-x86_64 598.3K 3.0M/s 00:00:00 [#########################################################################] 100%
 glibc-2.16.0-1-x86_64 8.2M 3.9M/s 00:00:02 [#########################################################################] 100%
 libarchive-3.0.4-1-x86_64 529.3K 3.3M/s 00:00:00 [#########################################################################] 100%
 ca-certificates-20120623-1-any 127.1K 1579.5K/s 00:00:00 [#########################################################################] 100%
 libssh2-1.4.2-1-x86_64 185.7K 1942.8K/s 00:00:00 [#########################################################################] 100%
 curl-7.26.0-1-x86_64 495.4K 2.5M/s 00:00:00 [#########################################################################] 100%
 pth-2.0.7-4-x86_64 75.9K 1424.9K/s 00:00:00 [#########################################################################] 100%
 libksba-1.2.0-2-x86_64 109.9K 1329.7K/s 00:00:00 [#########################################################################] 100%
 libassuan-2.0.3-1-x86_64 76.5K 1444.7K/s 00:00:00 [#########################################################################] 100%
 pinentry-0.8.1-4-x86_64 93.1K 1403.4K/s 00:00:00 [#########################################################################] 100%
 dirmngr-1.1.0-4-x86_64 163.9K 1763.1K/s 00:00:00 [#########################################################################] 100%
 gnupg-2.0.19-2-x86_64 1449.6K 3.4M/s 00:00:00 [#########################################################################] 100%
 gpgme-1.3.1-4-x86_64 207.9K 2.2M/s 00:00:00 [#########################################################################] 100%
 archlinux-keyring-20120622-1-any 323.0K 2.3M/s 00:00:00 [#########################################################################] 100%
 pacman-4.0.3-2-x86_64 509.3K 2.4M/s 00:00:00 [#########################################################################] 100%
(15/15) checking package integrity [#########################################################################] 100%
(15/15) checking for file conflicts [#########################################################################] 100%
error: failed to commit transaction (conflicting files)
glibc: /usr/bin/tzselect exists in filesystem
glibc: /usr/sbin/zdump exists in filesystem
glibc: /usr/sbin/zic exists in filesystem
Errors occurred, no packages were upgraded.

This just means that tzselect, zdump and zic – which are all part of the glibc, the GNU C Library, that will be upgraded along with pacman – are already included by default in our fresh copy of arch linux OS; and if we want to upgrade pacman, we will have to do something about those existing files as the new pacman will not know what to do with them.
I am not sure why the pacman developers do not want simply kill off tzselect, zdump or zic but I would hazard to presume that they did not want to assume responsibility for removing them.

A quick chat with other arch linux users quickly confirmed my suspicions:

  1. pacman should not assume that the arch linux user wants his glibc library upgraded and userspace’s tzselect, zdump, zic forcibly removed
  2. pacman developers assume that most users would be using netinstall and not upgrading this version (provided by linode in my case)
  3. and the funniest reason of all, a “This-Is-Sparta” rationale – well, you are a Arch Linux user and not a Ubuntu user!  For such a trivial problem, you are expected to fix it yourself :-)

Okay…

IMPORTANT WARNING

DO NOT use `pacman -S glibc –force` if you are dealing with the /lib becomes a symlink to /usr/lib upgrade (reference: http://www.archlinux.org/news/the-lib-directory-becomes-a-symlink/)

The solution below worked prior to 13th July 2012.  From 14th July 2012 onwards, the correct solution is to use http://allanmcrae.com/2012/07/updating-arch-linux-from-a-core-install/.

Failing to heed this warning will lead to your glibc being wiped up and having a bricked system.

This only worked prior to 13th July 2012…

Anyhow, for those still scratching their head, the problem is exactly as the warning says. We can solve it by a couple of (simple) ways:

  1. Force glibc install first
    pacman -S glibc --force
    pacman -S pacman
    
  2. Or alternatively, just forcibly remove tzselect, zdump, zic
    rm /usr/bin/tzselect /usr/sbin/zdump /usr/sbin/zic
    pacman -S pacman
    

No magic here. Problem solved and moving on…