Month: March 2018

Creating An OpenHAB 2.3.0 Snapshot Docker Container

We found quick instructions for creating a Docker container for the OpenHAB 2.3.0 snapshot. These instructions evidently presuppose some basic knowledge of building Docker containers, so I thought I’d write the “I don’t know what I am doing” version of the instructions. Beyond the obvious download & install Docker, then make sure it’s functional (service starts).

The linked Dockerfile is not the only thing you need. Go up a level — you need both the Dockerfile and files. Create a directory somewhere and grab these two files. Then build the container using

docker build -t oh2imagename .

I used a short, alpha-numeric only name for my image. When I used slashes as in the example, the container would not start. Then make the folders you want to map into OpenHAB2:

mkdir /some/path/to/openhab/addons
mkdir /some/path/to/openhab/conf
mkdir /some/path/to/openhab/userdata

The instructions conflate local users/groups with in-container users/groups. You do not need to create a local user. You do need to indicate the uidNumber and gidNumber for the openhab user and group. Even if you do create the local user and group, then change the /some/path/to/openhab permissions to provide full access to the user … you may well not be able to access the files. That is SELinux, not a file permission issue. The quick/dirty solution is to start the container with the privileged flag:


Alternately, consult the Universal Archive of All IT Knowledge and figure out how to allow the docker service to write files where you want them. And how to access USB devices if you are trying to use something like a ZWave dongle. We went with the privileged route 🙂 The –name option is just the container name. The –net uses the host network for container communications instead of the bridge network. Saves mapping ports, although you could easily use the bridge network and map out the handful of OpenHab specific ports. The -d runs the container in detached mode. The -e sets some environment flags (used by the user/group creation script that runs upon container startup). The –tty (or -t) attaches a console. Not really used here.

docker run --privileged --name oh2containername --net=host --tty -d -e USER_ID=5555 \
 -e GROUP_ID=5555 oh2imagename

Ideally, your OpenHAB2 instance will be running. Use “docker ps” to list out the running containers. If you don’t see a container with the name supplied above … then something went wrong. You can use “docker history oh2containername” to view a quick history, but “docker logs oh2containername” will probably provide more useful information. We encountered file permission issues (as noted above, due to SELinux) which prevented the initial container setup from running. Once that was sorted, the container showed up in the running container list.

You’re ready to use it — you can access the web console using your computer’s IP address (assuming you set this container up in the host network and not the bridge — if you used the bridge, you can use “docker inspect oh2containername” and look for IPAddress under NetworkSettings) on the default port. You can ssh into the Karaf console with the default user/password on the default port. Or you can shell into the container.

docker exec -it oh2containername /bin/bash

This is a bash shell running on the OH2 container — you’ll find a lot of ‘stuff’ hasn’t been installed, and your normal command aliases won’t be present. But it’s a shell on the server and can be used to start/stop OH2.

Spinach Hemp Seed Pesto Recipe


  • 1 cup of firmly packed spinach leaves
  • 1/3 cup of hemp seed
  • 1-2 cloves of garlic
  • 1 teaspoon of fresh lemon juice
  • Pinch of sea salt
  • 1/8 teaspoon of freshly ground pepper
  • 1/4 cup of grated Parmesan cheese (not powdery grated, long slivers)
  • 1/4 cup of olive oil


  1. In a food processor, combine spinach, hemp seeds, garlic, lemon juice, salt, and pepper. Run the processor until the spinach has been chopped into fine pieces.
  2. Add the Parmesan cheese, and run the processor for few seconds to incorporate.
  3. Add the olive oil; run the processor until you’ve got a thick paste.

This was really good. I will probably make a version with 1/2 cup of basil when basil is growing again.

Gathering Android Log Files

A friend has an Android application that isn’t functioning properly. On Windows or Unix, I know how to stack-trace and debug apps … so she figured I’d be all set up to do the same thing on Android too. Except I’ve never encountered a problem that required debugging Android apps. Consult the universal archive of all IT knowledge (a.k.a. Google).

I don’t have the Android developer kit installed, nor do I need it, so I elected to use “Minimal ADB and Fastboot” to grab the log data. My device did not show up without a Windows driver for the debug bridge. Once the driver was installed and the adb server restarted, my device appeared.


C:\Users\lisa>"c:\program files (x86)\Minimal ADB and Fastboot\adb.exe" kill-server

C:\Users\lisa>"c:\program files (x86)\Minimal ADB and Fastboot\adb.exe" start-server
* daemon not running; starting now at tcp:5037
* daemon started successfully

C:\Users\lisa>"c:\program files (x86)\Minimal ADB and Fastboot\adb.exe" devices
List of devices attached
g142ef0c        device

Something interesting about the adb log data – it can include an hour or more of history. Which is awesome if your app crashed a few minutes ago and you want to capture historic data, but for a reproducible error … well, there’s no need to slog through thousands of lines to find where the problem actually started. Clear the log buffers first then start capturing the adb log data:

"c:\program files (x86)\Minimal ADB and Fastboot\adb.exe" logcat -b main -b system ^
-b radio -b events -c&&"c:\program files (x86)\Minimal ADB and Fastboot\adb.exe" logcat ^
-v threadtime -f "C:\temp\SessionLog.txt"


Alternative Fact: Constitutional Amendments Are Easy

Alternative Fact: Courtesy of Mnuchin on Fox News Sunday:

MNUCHIN: Well, it doesn’t need to be reality. And I’m not going to comment on what the president will do. But as you heard him say, he’s not planning on doing this again. I think — I think they should give the president a line item veto. These things should be looked at —

WALLACE: But that’s been ruled unconstitutional by the Supreme Court, sir.

MNUCHIN: Well, again, Congress could pass a rule, OK, that allows them to do it. But —

WALLACE: No, no, sir, it would be a constitutional amendment.

MNUCHIN: Chris, we don’t — we don’t need to get into a debate in terms of — there’s different ways of doing this.

Real Fact: It actually is a Constitutional amendment, and while there may well be many ways of “doing this” … they shouldn’t fare any better. That’s the basic principal of the three branches of government. Sadly, I suspect many in Trump’s administration could use a civics refresher. While the principal of a line-item veto could be rewritten in an altered form, the decision in Clinton v. City of New York, 524 U.S. 417 (1998) wasn’t quibbling details. They found that the Executive branch altering legislation violates the Presentment Clause.

Green Springtime Muffins

Makes 18 muffins in standard sized cupcake liners


  • 2 cup flour, whole wheat
  • 1/teaspoon cinnamon
  • 2 teaspoon baking powder
  • 1/teaspoon baking soda
  • 1/teaspoon salt


  • 3/cup milk
  • 1/cup honey (I use a combo of maple syrup and honey)
  • 1 large banana
  • 6 ounce spinach
  • 1/cup butter, unsalted
  • 1 large egg
  • 1 teaspoon vanilla extract


  1. Preheat oven to 350 F, and line a muffin pan with paper liners (or use silicone muffin cups sprayed with cooking spray).
  2. Combine all dry ingredients in a large mixing bowl.
  3. Melt butter. Blend the wet ingredients in a blender or food processor until completely pureed.
  4. Pour the puree into the dry ingredient bowl, and fold together gently until just combined. (Do not over-mix.)
  5. Spoon the batter into the muffin pan, and bake for 18-22 minutes, or until the muffins are firm to the touch on top, but not quite browning.
  6. Cool most or all of the way before serving.

Enable OUD Changelog Without Replication Partner

Since the Sun Directory Server Enterprise Edition went the way of, well, Sun, we’ve migrated to the Oracle Unified Directory 11g platform for the company’s pure LDAP directory. There is an Oracle Identity Management application that reads the LDAP changelog to ingest user lockout events. In production, our servers replicate with a couple of partners to provide capacity and high availability. In development / sandbox, environments … not so much. But the IDM platform still needs to read the changelog.

Oracle’s documentation tells me to enable replication … which, great, I’ve got to bring up a second, off-port, directory instance and monitor for replication failures just to get a changelog. The site does say “By using this method, you can conceivably set up replication on a standalone server, which will enable you to have access to an ECL on a standalone server.” … conceivably, but it would be nice if they’d mention how. Since all of their documentation for using the dsreplication binary includes a partner server and valid credentials over yonder … that’s a bit of a bust.

But I’ve finally worked out a technique for enabling replication just enough to get the changelog created without having to provide valid credentials on a foreign host with which replication will be established.

./dsconfig -h localhost -p 4444 -D "cn=directory manager" -j ~/pwd.txt -X -n create-replication-server --provider-name 'Multimaster Synchronization' --set replication-port:8989 --set replication-server-id:1 --type generic
./dsconfig -h localhost -p 4444 -D "cn=directory manager" -j ~/pwd.txt -X -n create-replication-domain --provider-name 'Multimaster Synchronization' --set base-dn:o=windstream --set replication-server:localhost:8989 --set server-id:1 --type generic --domain-name o=windstream
Volia, make changes and we’ve got stuff under cn=changelog.

On Cambridge Analytica

A friend of a friend said she doesn’t mind her personality profile being tracked so FB can suggest things she likes. Why does everyone think it is so bad when she’s stumbled upon many gems from web series, shopping sites, particular products that she highly enjoys. Well, I have two reasons.

Firstly, some people are making a tactical decision to trade personal information for access to technology platforms they enjoy. There are a handful of people I knew in Uni who I thought were wonderful people, but just lost track of over the years. And it’s nice to meet them. There are special-interest groups for vegans, 3d printers, sewists, soap makers, and chicken owners that provide a lot of useful information to me. As an informed decision to share some basic demographic information & whatever FB can glean from my random musings in exchange for communicating with old friends and interest-based communities … I *don’t* think it is a bad deal (or I would have an account). Heap-o people making something other than an informed tactical decision, though, isn’t exactly in my “good” column. And some third party having information about me because, although I have the platform ‘stuff’ disabled on my FB account, a friend downloaded an app … that contravenes my specifically selected privacy settings. And feels like a violation of my trust.

More generally, I don’t care for psyops tactics trying to separate me from my money (or, in this case, my vote serving my real interests). That’s what all these data analytics seem like to me. I opt out of interest based ads on my computer and cell phone. New companies come online and things I’ve thought about buying and decided against once again start stalking me across the Internet. And, yeah, I’ve discovered products that actually INTERESTED me (not always, advertising steaks to a vegetarian is a major profiling fail). But I don’t need, nor I particularly WANT, to spend more money on ‘stuff’. If I have an obvious need for something in my life, I either make something myself or research product options.

I’m not a huge fan of Pinterest for a similar reason – I have a large backlog of projects I want to make. I *really* don’t need an algorithm to look at my projects and suggest additional ones I may like. Yeah, I *do* like them. Until my time machine comes online, I’ve only got so many hours to spread out between family, work, friends, caped crusading, hobbies, research. And I’m quite adept at finding *new* projects when I’ve got some spare time or have a particular need.

I see interest based advertising – online, mailing, any source – the same way I think about toys in the cereal aisle at the supermarket. I don’t object to toys on principal. I object to placing them in a location my kid is going to see because young kids (the target demo, based on toys available) are prone to public screaming fits when they don’t get their way. And 2$ to avoid an unpleasant and stressful situation doesn’t seem too awful when you’re already tired and just want to GET HOME. When the yarn I already decided wasn’t worth it (or decided against the whole project) … being asked to continually reassess this decision is an attempt to reach me at a time when I’m less prone to make rational decisions.

So while “bad” isn’t the word I’d elect to use … it’s the same kind of underhanded as piping O2 into intentionally windowless casino to keep gamblers playing longer. Or maybe it is bad, because the other example I think of is chemically engineering cigarettes and processed food to be more addictive.

Fedora 26 => 27 & PHP

Since I like to discover major changes by upgrading my server and then realizing something doesn’t work (well “like” might be too strong a word … but I certainly do it) … I randomly upgraded to Fedora 27 without reading any documentation on changes. Aaaand we have PHP! Evidently mod_php has gone away and I’m going to have to figure out how to use FastCGI (php-fpm). Luckily there’s a quick way to switch back to mod_php in the interim:


LoadModule mpm_prefork_module modules/

# worker MPM: Multi-Processing Module implementing a hybrid
# multi-threaded multi-process web server
# See:
#LoadModule mpm_worker_module modules/

# event MPM: A variant of the worker MPM with the goal of consuming
# threads only for connections with active processing
# See:
#LoadModule mpm_event_module modules/


<IfModule !mod_php5.c>
<IfModule prefork.c>
LoadModule php7_module modules/

<IfModule !mod_php5.c>
<IfModule !prefork.c>
# ZTS module is not supported, so FPM is preferred
LoadModule php7_module modules/