Using EurKEY on Ubuntu 22.04 and newer

Standard

Since I always forget how to add the EurKEY layout after installing a new system every now and then, I once for all gonna write it down here for my future me:

  • Install the gnome-tweaks package: sudo apt install gnome-tweaks
  • Open Tweaks, select Keyboard & Mouse, and enable Show Extended Input Sources.
  • Important: Log out and log in again!
  • Go to Settings > Keyboard, click the + button, select English (United States), and then pick the EurKEY (US) keyboard layout.

Brother QL-810W on Ubuntu 18.04

Standard

Although Brother states that Linux is supported for the QL-810W and they even provide a driver package, installing and using the Brother QL-810W on Ubuntu (and probably other modern Linux OSes) can be a little tricky.

First, download the Debian package and install it from the command line with

sudo dpkg -i --force-all ql810wpdrv-<version>.i386.deb

That adds the QL810W printer as a local USB printer. If you would like to print via network, open the Advanced Printer Settings and change and adjust the Device URI in the printer’s properties.

While you are in that properties dialog, go to Printer Options and select the correct Media Size (This is the most important setting of all!).If you want to make sure that the borders of your labels remain as defined in your application, set Trim tape under Cut Option to Off.

Network Protocols

Since I am not fan of black magic like Zeroconf, Avahi, mDNS, I have only kept

  • Web Based Management (Web Server)
  • IPP
  • SNTP

enabled on the Network > Protocol page in the printer’s web management tool.

Label Sizes

For some reason, the “length” of a label cannot exceed 10cm on Linux although continuous labels are used and correctly selected in the printer properties. If you would like to print out larger labels, you need to add custom label sizes with the corresponding tool that comes with the driver package:

sudo brpapertoollpr_ql810w -P QL810W -n "62mmx190mm" -w 62 -h 190
sudo brpapertoollpr_ql810w -P QL810W -n "38mmx190mm" -w 38 -h 190

I used the above two for creating labels for Leitz folders with OpenOffice Draw.

AppArmor

In Brother’s FAQ there is an entry regarding AppArmor and setting the mode to complain for the CUPS service if printing does not work. In my case printing works flawlessly if the setting remains in enforce mode. So for security reasons, I would not recommend to change it to complain.

Installing Firmware Update on POPP 10 Year Smoke Detector (009402)

Standard

We have a couple of the POPP 10 Year Smoke Detectors in our house for a while now. The  main reasons why I have chosen those in particular are:

  • 10 years of battery life for the smoke detector itself
  • detector is from EI Electronics, one of the widely used models also in professional/industrial installations
  • no blinking of LED every 30 seconds like many others
  • Z-Wave

The Problem

The only problem I’ve been facing with these smoke detectors in combination with  openHAB over the years, was that with some versions of openHAB the smoke detectors where identified as “Solar Powered Outdoor Sirens” and functionality was quite shaky.

Well, due to a not so decently planned update to openHAB 2.5 Milestone 5, I managed to crash our whole controller last weekend. By then everything was setup manually over time, based on openHABian. Since I do manage all my systems with Ansible in the meanwhile, I decided to reinstall everything again by using a proper Ansible playbook and starting off with a minimal installation of the latest Raspian distribution.

After everything was up an running again, the smoke detectors were again seen as “Solar Powered Outdoor Siren”. Since I finally wanted to have a clean setup, I began searching the openHAB community, which revealed that POPP has shipped a faulty version 1.1 firmware of their 10 Year Smoke Detectors back in 2016, which made themselves identify with the type and id “0004:0002”, which resolves to, what a surprise: Solar Powered Outdoor Siren. The correct type and id should be “0004:0004” instead.

How to fix?

Interestingly it wasn’t hard to find the firmware update itself. You can get the 1.14 version from https://zwave.de/zwave-ota/

But how do you install OTA updated, if you only have an open source controller and all the vendors seem to be a group of paranoids who at the same time think their devices contain the secret path to finding the holy grail?

It took me a few days and a waste of 15$ (bought a commercial product which did not work at all) (EDIT: In the meanwhile I got a refund) to find the answer to that question. As often: once you know how to do it, it’s easy.

Disclaimer: The following procedure did work for me. It does not mean that it will work the same way or success rate in other setups or combination of devices. Failed firmware updates may brick your device and under no circumstances I can be hold accountable for it, or any other consequence that may arise from the following description.

So, here is what you need:

  1. a Windows PC
  2. a copy of Z-Wave PC Controller from Silicon Labs (you can find a free download somewhere on the internet – there is even one on another well known Z-Wave device supplier site. since I cannot verify if that is legally correct I am not going to provide the link to it)
  3. UZB1 Z-Wave USB dongle (others may work as well)
  4. srecord for Windows 

Update Procedure

Preparation

Covert binary firmware image to a hex firmware image:

srec_cat.exe firmware.bin -binary -output firmware.hex -Intel

Also make sure you know the node IDs of the smoke sensors.

Step 1 – Attach the Z-Wave Dongle to Windows PC

Shutdown you openHAB (or other controller), unplug the the UZB1 dongle and plug it into the Windows PC

Step 2 – Update the Firmware

  • Start the Z-Wave PC Controller
  • Connect to the UZB1 dongle (serial device)
  • Open the OTA Firmware Update function
  • Select the Z-Wave node you want to update
  • Click on “Get” in the “Current Firmware” section
  • Select the hex firmware file in the “Firmware Update” section
  • Chose the Firmware Target (the smoke detectors only have one)
  • Click on “Update”
  • The yellow LED on the smoke detectors start blinking
  • Double-click the Z-Wave button on the smoke detectors to confirm the update request
  • Wait…
  • Wait longer…
  • Wait even longer…
  • After approximately 3-4 minutes the update has been transferred.
  • Repeat the above steps with every node you want to update.

Step 3 – Attach the Z-Wave Dongle to openHAB device

After all nodes have been updated, the Z-Wave dongle can be reattached to the openHAB device and openHAB can be started again.

Step 4 – Include Nodes

After the firmware update is complete, the nodes are seen as new devices and thus must be included in Z-Wave network again. I don’t exactly know if that is expected, but it did not cause any problems for me.

I have not exactly figured out if it is really necessary to reboot (remove battery) the device or not.

After re-inclusion all smoke detectors where correctly identified and the “manufacturerRef” field is set to “0004:0004” and “zwave_version” is 1.14

SSH Agent on WSFL

Standard

To automatically spawn an ssh-agent when starting the first Bash instance, and otherwise re-register a running ssh-agent in the Windows Subsystem for Linux, append the following lines to your .bashrc. Kudos to Mathew Johnson!

# wsfl bash is not a login shell
if [ -d "$HOME/bin" ] ; then
  PATH="$HOME/bin:$PATH"
fi
 
# ssh-agent configuration
if [ -z "$(pgrep ssh-agent)" ]; then 
  rm -rf /tmp/ssh-*
  eval $(ssh-agent -s) > /dev/null
else
  export SSH_AGENT_PID=$(pgrep ssh-agent)
  export SSH_AUTH_SOCK=$(find /tmp/ssh-* -name agent.*)
fi
 
if [ "$(ssh-add -l)" == "The agent has no identities." ]; then
  ssh-add
fi

 

Lojax

Standard

Malware die sich ins UEFI BIOS lädt. Na damit konnte nun wirklich niemand rechnen, dass das mal passieren wird….

Wie würde Fefe sagen: Hätte uns doch nur jemand davor gewarnt.

Identify from where an AD account was locked out

Standard

After enabling password lockouts in our company AD, my account got locked out from time to time. After some searching I finally found out that on a Windows Server 2012 the magic event ID to check is “4625”. It will tell you from which IP the login request, that lead to the lockout, originally came from.

BTW: In my case it was an unused but configured Nextcloud app on my mobile.

 

 

Apps können Mails aus GMail lesen

Standard

No shit Sherlock! Ich werde als Nutzer gefragt, ob $App oder $Service auf mein Google Account zugreifen darf. Ich bekomme einen Google Consent Dialog angezeigt, wo für jeden der lesen kann beschrieben steht, wer worauf zugreifen will.

Das geht theoretisch auch mit jedem anderen Mail-Account. Warum treiben die Medien jetzt wieder eine Google-ist-böse Sau durchs Netz!?

1. Wenn eine nicht-Email-App Mails lesen will, dann frage dich, warum sie das Recht dazu will.

2. Installiere Apps oder nutze Dienste, die vertrauenswürdig erscheinen, oder denen Privacy am Herzen liegt. Dann ist es eher unwahrscheinlich, dass sich die Entwickler im Hintergrund Zugriff verschaffen.