Brother QL-810W on Ubuntu 18.04

Although Brother states that Linux is supported for the QL-810W and they even provide a driver package, installing and using the Brother QL-810W on Ubuntu (and probably other modern Linux OSes) can be a little tricky.

First, download the Debian package and install it from the command line with

sudo dpkg -i --force-all ql810wpdrv-<version>.i386.deb

That adds the QL810W printer as a local USB printer. If you would like to print via network, open the Advanced Printer Settings and change and adjust the Device URI in the printer’s properties.

While you are in that properties dialog, go to Printer Options and select the correct Media Size (This is the most important setting of all!).If you want to make sure that the borders of your labels remain as defined in your application, set Trim tape under Cut Option to Off.

Network Protocols

Since I am not fan of black magic like Zeroconf, Avahi, mDNS, I have only kept

Web Based Management (Web Server)
IPP
SNTP

enabled on the Network > Protocol page in the printer’s web management tool.

Label Sizes

For some reason, the “length” of a label cannot exceed 10cm on Linux although continuous labels are used and correctly selected in the printer properties. If you would like to print out larger labels, you need to add custom label sizes with the corresponding tool that comes with the driver package:

sudo brpapertoollpr_ql810w -P QL810W -n "62mmx190mm" -w 62 -h 190
sudo brpapertoollpr_ql810w -P QL810W -n "38mmx190mm" -w 38 -h 190

I used the above two for creating labels for Leitz folders with OpenOffice Draw.

AppArmor

In Brother’s FAQ there is an entry regarding AppArmor and setting the mode to complain for the CUPS service if printing does not work. In my case printing works flawlessly if the setting remains in enforce mode. So for security reasons, I would not recommend to change it to complain.

Installing Firmware Update on POPP 10 Year Smoke Detector (009402)

We have a couple of the POPP 10 Year Smoke Detectors in our house for a while now. The main reasons why I have chosen those in particular are:

10 years of battery life for the smoke detector itself
detector is from EI Electronics, one of the widely used models also in professional/industrial installations
no blinking of LED every 30 seconds like many others
Z-Wave

The Problem

The only problem I’ve been facing with these smoke detectors in combination with openHAB over the years, was that with some versions of openHAB the smoke detectors where identified as “Solar Powered Outdoor Sirens” and functionality was quite shaky.

Well, due to a not so decently planned update to openHAB 2.5 Milestone 5, I managed to crash our whole controller last weekend. By then everything was setup manually over time, based on openHABian. Since I do manage all my systems with Ansible in the meanwhile, I decided to reinstall everything again by using a proper Ansible playbook and starting off with a minimal installation of the latest Raspian distribution.

After everything was up an running again, the smoke detectors were again seen as “Solar Powered Outdoor Siren”. Since I finally wanted to have a clean setup, I began searching the openHAB community, which revealed that POPP has shipped a faulty version 1.1 firmware of their 10 Year Smoke Detectors back in 2016, which made themselves identify with the type and id “0004:0002”, which resolves to, what a surprise: Solar Powered Outdoor Siren. The correct type and id should be “0004:0004” instead.

How to fix?

Interestingly it wasn’t hard to find the firmware update itself. You can get the 1.14 version from https://zwave.de/zwave-ota/

But how do you install OTA updated, if you only have an open source controller and all the vendors seem to be a group of paranoids who at the same time think their devices contain the secret path to finding the holy grail?

It took me a few days ~~and a waste of 15$ (bought a commercial product which did not work at all)~~ (EDIT: In the meanwhile I got a refund) to find the answer to that question. As often: once you know how to do it, it’s easy.

Disclaimer: The following procedure did work for me. It does not mean that it will work the same way or success rate in other setups or combination of devices. Failed firmware updates may brick your device and under no circumstances I can be hold accountable for it, or any other consequence that may arise from the following description.

So, here is what you need:

a Windows PC
a copy of Z-Wave PC Controller from Silicon Labs (you can find a free download somewhere on the internet – there is even one on another well known Z-Wave device supplier site. since I cannot verify if that is legally correct I am not going to provide the link to it)
UZB1 Z-Wave USB dongle (others may work as well)
srecord for Windows

Update Procedure

Preparation

Covert binary firmware image to a hex firmware image:

srec_cat.exe firmware.bin -binary -output firmware.hex -Intel

Also make sure you know the node IDs of the smoke sensors.

Step 1 – Attach the Z-Wave Dongle to Windows PC

Shutdown you openHAB (or other controller), unplug the the UZB1 dongle and plug it into the Windows PC

Step 2 – Update the Firmware

Start the Z-Wave PC Controller
Connect to the UZB1 dongle (serial device)
Open the OTA Firmware Update function
Select the Z-Wave node you want to update
Click on “Get” in the “Current Firmware” section
Select the hex firmware file in the “Firmware Update” section
Chose the Firmware Target (the smoke detectors only have one)
Click on “Update”
The yellow LED on the smoke detectors start blinking
Double-click the Z-Wave button on the smoke detectors to confirm the update request
Wait…
Wait longer…
Wait even longer…
After approximately 3-4 minutes the update has been transferred.
Repeat the above steps with every node you want to update.

Step 3 – Attach the Z-Wave Dongle to openHAB device

After all nodes have been updated, the Z-Wave dongle can be reattached to the openHAB device and openHAB can be started again.

Step 4 – Include Nodes

After the firmware update is complete, the nodes are seen as new devices and thus must be included in Z-Wave network again. I don’t exactly know if that is expected, but it did not cause any problems for me.

I have not exactly figured out if it is really necessary to reboot (remove battery) the device or not.

After re-inclusion all smoke detectors where correctly identified and the “manufacturerRef” field is set to “0004:0004” and “zwave_version” is 1.14

SSH Agent on WSFL

To automatically spawn an ssh-agent when starting the first Bash instance, and otherwise re-register a running ssh-agent in the Windows Subsystem for Linux, append the following lines to your .bashrc. Kudos to Mathew Johnson!

# wsfl bash is not a login shell
if [ -d "$HOME/bin" ] ; then
  PATH="$HOME/bin:$PATH"
fi
 
# ssh-agent configuration
if [ -z "$(pgrep ssh-agent)" ]; then 
  rm -rf /tmp/ssh-*
  eval $(ssh-agent -s) > /dev/null
else
  export SSH_AGENT_PID=$(pgrep ssh-agent)
  export SSH_AUTH_SOCK=$(find /tmp/ssh-* -name agent.*)
fi
 
if [ "$(ssh-add -l)" == "The agent has no identities." ]; then
  ssh-add
fi

Identify from where an AD account was locked out

After enabling password lockouts in our company AD, my account got locked out from time to time. After some searching I finally found out that on a Windows Server 2012 the magic event ID to check is “4625”. It will tell you from which IP the login request, that lead to the lockout, originally came from.

BTW: In my case it was an unused but configured Nextcloud app on my mobile.

Running a limited number of scripts in parallel from Bash

Imagine you have a text file with a single parameter for another script on each line, but you want to speed things up. Instead of writing an overly complicated wrapper script, as I did a few times in the past, you could just use xargs. It comes equipped with everything needed for this task. The following example assumes, that for each parameter in parameters.txt the command MyFancyScript.py should be executed, with no more than 20 processes at the same time:

cat parameters.txt | xargs -n 1 -P 20 MyFancyScript.py

I guess it’s not hard to figure out that -P is the magic switch to allow multiple instances to be executed at the same time.

Why isn’t the full certificate chain provided by my web server?

Good question, simple answer though: Probably you’re still on Ubuntu 14.04 (Trusty) and thus your Apache version is too old (2.4.7) and does not provide the full certificate chain from the file specified as SSLCertificateFile. The nasty thing: It does not throw a warning nor an error; not on the console nor in the error.log.

Solution: Use the SSLCertificateChainFile option instead to point to the intermediate certificates of your CA.

But watch out when you update your server: SSLCertificateChainFile became obsolete with version 2.4.8, when SSLCertificateFile was extended to also load intermediate CA certificates from the server certificate file.

Xubuntu/XFCE to Ubuntu/Unity

I finally made it and switched from Xubuntu/XFCE to plain Ubuntu/Unity after I bought a new laptop for my parents, which forced me to finally choose a desktop environment that I want to support for my family and friends in the next years. I have to say that after using Unity a couple of hours, it turns out to be not as bad as I always thought. So basically it’s like every time there is something new that feels like it just wants to break your habits: first you hate it, then you accept it and at some point you begin to love it. Now, after switching my own laptop, my workstation at work and my parents desktop PC to Ubuntu/Unity, I am getting closer to “lovin’ it”.

All that does not mean that I was unhappy with Xubuntu/XFCE ever, but in the last years its main purpose was to provide me a way to stick with a Gnome 2ish desktop environment, just because I did not want to change my own, maybe bad habits. Unity without additional tweaking is great for the normal user and with its lightweight menus and highly integrated apps, it just does its job. With some minor adjustments it works perfectly well for advanced users like me. Compiz Settings Manager and Unity Teak Tool (PPA version) are very helpful if you want to improve your Unity experience and I highly recommend to have a look at them, even if you think that the defaults already provide a decent user experience.

BTW: There is no need to re-install you system. If you want to switch from any Ubuntu flavor back to pure Ubuntu, check out Psychocats’ Pure Ubuntu 14.04 post

Python’s argparse and lists

While Python’s argparse allows to declare a command line parameter to be of any supported type, this does neither work nor is it recommended for the “list” type. A workaround for passing a list of comma separated items is to use your own type, which for argparse means that the value of “type” must be callable as shown in the example below.

def csv_list(string):
   return string.split(',')

parser = argparse.ArgumentParser()
parser.add_argument('-l', type = csv_list)
parser.parse_args()

ARD: Die geheime Macht von Google

Die folgenden Zeilen habe ich bereits während der Ausstrahlung der Sendung auf meinem Smartphone angefangen zu schreiben und war kurz davor es einfach auf Google Plus zu posten. Aber ich denke in meinem Blog ist es besser aufgehoben. Anscheinend liege ich mit meiner Meinung zu der Sendung nicht ganz falsch, wenn ich mir angucke, was z.B. auf ZDNET dazu geschrieben wurde.

Was zeigt mir “Die Story im Ersten – Die geheime Macht von Google”: Mangelnde Medienkompetenz wohin man schaut. Merkel hat recht, ist alles #Neuland

Die gezeigten Nutzer fallen auf Anzeigen rein, die als solche gekennzeichnet sind und regelmäßige Benutzer von Google eigentlich sofort erkennen sollten. Eine Lehrerin ist überrascht was im Dashboard zu sehen ist. Vor allem das Tracking über das Smartphone überrascht sie. Aber hey, man wird beim ersten Nutzen ja nur danach gefragt ob diese Funktionen aktiviert werden sollen. Immerhin gibt sie am Ende ihr eigenes Versagen zu, indem Sie feststellt, sich wahrscheinlich nicht genug damit beschäftigt zu haben. Nochmal: Ich habe schon einige Androiden im Auslieferungszustand gesehen und man muss diverse Sachen die mit Tracking, Privatsphäre und Datenschutz zu tun haben bestätigen oder gar erst aktivieren. Wer da einfach immer auf “Weiter” drückt ohne zu lesen ist selbst schuld – basta!

Und für einen weinerlichen Anbieter von Kartendiensten, im Beitrag immer schön peinlich als “Internet-Manager” bezeichnet (was zum Henker soll das sein?!), dessen Branche jahrelang selbst Privatnutzer wegen jedem kleinen Kartenschnipsel verfolgt hat ohne ein akzeptables Geschäftsmodell anzubieten, habe ich leider auch kein Mitleid übrig. (Wie ich irgendwie schon vermutet hatte, verbirgt sich hinter einem der beiden gezeigten “Internet-Manager” anscheinend ein Mitarbeiter von Axel-Springer).

Da Google kein so erfolgreiches Soziales Netzwerk wie Facebook oder LinkedIN besitzt, gibt es auch keinen “Gruppenzwang” und jeder Nutzer kann selber entscheiden ob und was er von Google nutzt. Von daher sind wir Nutzer wohl eher die geheime Macht hinter Google. Zumindest konnte der Beitrag nicht ansatzweise irgendein Geheimnis lüften.

Tuxevaras Blog

my personal opinions about technology, politics and life

Computer