Thinkpad X240 and Debian Linux

This post is being updates as we go… check back later for more

So, Lenovo have finally made another laptop that has specs I can live with: The new Thinkpad X240.
The Lenovo web-shop is a steaming pile of crap, and trying to customize/configure the laptop will take many attempts, with various differences between the different locales. However, in the end I ended up with the laptop configured the way I wanted it:

Specifications:

  • Full HD, non-touch, non-glare 12.5″ screen (1920×1080)
  • Intel Dual-Core i5-4300U
  • 500G Harddisk (swapped with a SAMSUNG 840 SSD, 250GB immediately after arrival)
  • 8GB DDR3 Ram
  • Intel 802.11ac dual-band wifi and Bluetooth
  • Intel Gigabit Ethernet
  • USB 3.0 (2 ports, 1 left, 1 right)
  • Smartcard reader
  • SD-Card reader
  • 3-Cell (internal, 23Whr) + 6-Cell-High-Capacity backside battery (72Whr, total ~95Whr)
  • Backlit US-international keyboard
  • Clickpad and clit-mouse
  • VGA and Mini-DisplayPort
  • Docking port (though I didn’t buy a dock)
  • WWAN antenna’s (WWAN modem optional)

I also bought a set of adapter cables to convert from the old-style 7.9MM round thinkpad adapter to the new flat/square connector on the X240 (and X1-Carbon). These can be found on aliexpress or ebay so I could re-use my 4+ existing Thinkpad Adapters.

Software:

By default, the Thinkpad X240 comes with Windows 8… which is not very user-friendly, and definitely not compatible with my usage. I removed the internal HDD drive, swapped it out with a Samsung 250GB SSD and installed Debian Jessie on this drive. (BTW: Windows 8 was very sluggish on the HDD drive, even with 8GB of ram)

I prefer running the Mate/Gnome-2 desktop, so I added the mate-desktop repositories and installed mate-desktop-environment.

Hardware Configuration

Lenovo has made it very easy to disable unneeded hardware in the EFI/BIOS. The following devices can be turned off (to add battery-life and privacy 😛 )

  • 720p Webcam
  • Microphones
  • WWAN
  • WLAN
  • LAN
  • USB

Config tweaking

  • Tweak440s: https://github.com/MacGyverNL/tweak440s
  • Synaptics configuration: /usr/share/X11/xorg.conf.d/50-synaptics.conf
    • Option “SoftButtonAreas” “60% 0 0 5% 40% 60% 0 5%”
  • Disable the soundcard, so the internal speakers are the ‘fallback’ option, then logout/login to make the media buttons work on the new default device.

Likes

  • Very quick resume from suspend, open the lid and immediately see the ‘unlock screensaver’ popup
  • Full-HD display
  • Very low battery-drain when idle and almost none in suspend
  • Hot swappable battery
  • Lightweight

Dislikes

  • No fysical buttons with the trackpoint/touchpad
  • No leds for wifi/disk activity
  • No way to set ‘fn-lock’ automatically
  • Not as ‘non-glare’ as they used to be, but still acceptable
  • End/Insert button is shared, to use ‘end’ you need Fn-End, while I never use insert.
    • FIXED: Edit /usr/share/X11/xkb/keycodes/evdev, and swap the codes for END and INS, then run: setxkbmap
    • <INS> = 115;
    • <END> = 118;

Visiting Linux-Kongress.de

This week I’ll be at the Linux Kongress in Hamburg Germany. It’s a quite small congress, with 2 technical tracks which go quite in-depth into kernel stuff.

There doesn’t seem to be any official WiFi here that’s free to use, so I have been using Iodyne dns tunnels, and I’m not using an event accesspoint that’s put up by the GUUG guys.

My hotel only has paid wifi as well, but I couldn’t get Iodine working there. I did notice that ping traffic is allowed and let trough, so I’ve setup a ping tunnel now, using icmptx, which I’ll be testing tonight, when I’m back at the hotel.

Yesterday evening after I arrived in Hamburg I walked around town a bit, looking for a nice bar to have a drink… There aren’t too many near the reeperbahn (mostly just private clubs, sex joints and hookers…) but I finally found a nice Irish bar, with an unhealthy supply of Guinness and Murphy’s

Update: I was back at the hotel, and the pingtunnel (icmptx) works over wayport wifi 😉 I also got the gifts I wanted to buy today 🙂

Vaio VGN-TZ21XN/B in review

As I wrote earlier, I ordered a TZ21 from Sony. I’ve been playing with it for a few days now, and decided to write down my first experiences with it.

The TZ21 is very light, it only weighs 1240 grams, and given it’s small size and weight it’s easy to carry it around, or keep it in your hands while typing or watching the screen. The keyboard is quite comfortable, considering it’s size, and I’ve adapted to it quite well. It’s quite like the new macbook keyboards, and i’ve only occasionally miss-typed around the edges of the keyboard. The normal a-z characters are all very reachable. I feared I would get a UK keyboard, but apparently Sony found out that in the Netherlands we prefer US keyboards, and supplied the TZ21 with a normal US keyboard.

The screen is great, it’s only 11.1 inches small, but provides a nice high-res (1366×768, wxga) which will let you display enough programs without filling up the available real-estate. The brightness of the screen can be set in 7 steps, from dim enough to work comfortably in darkened areas to bright enough for outside use. (Though I haven’t tested it in sunlight yet, it’s fall, and constantly raining here).

powerhistory graph
power estimated time graph
Battery life is (at least under linux, and using most power-saving settings) as good as, or even better then the advertised 7 hours.
I’ve had it on for nearly 6 hours now, and still have half an hour remaining, while having wifi on the entire time. Of course setting the brightness higher, and leaving cd/bluetooth/lan/usb on reduces battery-life, but they can all be turned off individually.

The modem, lan and firewire ports on the left-hand side are nicely covered by a bit of plastic/rubber to keep the dirt out. The 2 🙁 usb-ports and the expresscard34 slot are also on the left-hand side of the notebook. The back of the laptop is free of ports, as it only holds the 3, 6 or 9 cell battery (6 default). The default battery makes for about 1/3rd of the total weight of the laptop. The right-hand side only holds the VGA port and the dvd-writer. It reads and writes all current disc-formats, including dual-layer and dvd-ram. The power to the drive (which appears as a usb-device to the system) can be turned off from linux or windows to save power.

The front of the laptop houses the headphones and microphone plugs, the MS and MMC/SD slot, battery/hd led, rfkill switch and wifi/bluetooth leds. It also has some multimedia buttons, which I haven’t been able to use under either vista or linux.

I haven’t done much with the vista install on the TZ21 yet, only removing most of the crapware that came installed with it, so I could save some space in the quite stuffed harddrive. I’ve removed the 9GB recovery partition, and recycled it for a Ubuntu 7.10 install after backing it up to a USB drive.

Most of the hardware in the TZ21 is supported out of the box in Ubuntu 7.10, at least the devices that are ‘required’. There is still no working driver for the webcam, fingerprint reader and sd-slot. I haven’t been able to test expresscard, modem or the sony memory-stick slot, since I don’t have any of those devices around.

Some dislikes in the TZ21 are:

  • A backlit keyboard, or a led in the screen illuminating the keyboard. Especially with the brightness of the screen set to low it can be quite hard to find keys on the keyboard in darker areas, since everything is black.
  • The touchpad isn’t the friendliest, and the mousebuttons are right on the edge of the laptop, making it hard to reach them when you have the laptop lying on your legs.
  • The fingerprint reader is in between the mouse buttons, making it hard to middle-click, i’d prefer it somewhere to the side.
  • Very long ‘power-on’ battery charge time (4+ hours), probably due to low-powered adapter.
  • No ‘status’ leds on the battery to tell you how full/empty they are without plugging them in.
  • Sony doesn’t let you enable hardware virtualisation in the bios, even though the cpu(‘s) support it.

Some cool things:

  • The power led starts blinking faster when power is low, and switched from green to red when you’re suspended.
  • Powerusage can be reduced from a default 15 watt (most stuff on) to about 7-8 Watts with only the wifi on.
  • Extended battery is available (though quite expensive, $400+)
  • Decent speakers for their size, though headphones are recommended
  • Design is really nice, small, thin, light.
  • The power-adapter is really small, but it only needs to deliver 30 watts to charge and run the TZ21, so that’s easy. There is also a yellow led on the power-plug, so you can instantly see if it is plugged in.
  • I haven’t seen the 3 temperature sensors go past 61 degrees, while the laptop does become warm to the touch, it doesn’t get hot or uncomfortable.

All in all a great piece of technology, if you need ultralight and can afford it. I recommend the TZ21, and let’s home some remaining issues get fixed with a bios-update 🙂

Update: Ubuntu on the Vaio VGN-TZ21XN

Shell weirdness

Habbie pointed me to this one, but I thought it would be wise to write this down for future reference. The shell source command (.) in bash (and others) works like exec, not like open, (which you might be confused to think) in that it searches your $PATH for the argument, and if it can’t find the argument in the $PATH, it looks in $PWD

Demo:

PATH=/home/username/bin:/usr/bin:/bin:/usr/local/bin:…

$ echo “bin/meuk” > ~/bin/meuk
$ echo “home/meuk” > ~/meuk
$ cd ~

$ . meuk
bin/meuk
$ source meuk
bin/meuk

Update: Tested with bash / dash / ash / pdksh
All give the above result

From the manual:

source filename [arguments]
Read and execute commands from filename in the current shell
environment and return the exit status of the last command exeâ
cuted from filename. If filename does not contain a slash, file
names in PATH are used to find the directory containing fileâ
name. The file searched for in PATH need not be executable.
When bash is not in posix mode, the current directory is
searched if no file is found in PATH. If the sourcepath option
to the shopt builtin command is turned off, the PATH is not
searched. If any arguments are supplied, they become the posiâ
tional parameters when filename is executed. Otherwise the
positional parameters are unchanged. The return status is the
status of the last command exited within the script (0 if no
commands are executed), and false if filename is not found or
cannot be read.

Enabling the posix option in bash doesn’t change it’s behaviour, disabling sourcepath does:

$ shopt -u sourcepath
$ . meuk
/home/meuk

Power management in Linux

Intel released Linux PowerTop, a tool to monitor power-usage. It still won’t display anything on my core2duo mobile board (in a server), but I think that’s because I’m still missing some required kernel options (still running 2.6.18). They also have a long list of tips and patches to limit power-usage. A recommended read for all laptop-users using linux on laptops.

Sudo with LDAP

Most people who use *nix systems are probably familiar with sudo. At a customer I’ve been working for there used to be a vast machine park with sudo installations, all slightly different in configuration. Maintaining these configurations was not an easy task. Enter LDAP. Using LDAP for storing the sudo configuration we can now have a single point for configuring sudo, with instant updates on all machines.
I’ll explain what needs to be done to ldap-i-fy your sudo configuration below.
sudo cartoon xkcd

Put the following schema in your ldap config


dn: cn=schema
attributeTypes: ( 1.3.6.1.4.1.15953.9.1.1 NAME 'sudoUser' DESC 'User(s) who may run sudo' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' )
attributeTypes: ( 1.3.6.1.4.1.15953.9.1.2 NAME 'sudoHost' DESC 'Host(s) who may run sudo' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' )
attributeTypes: ( 1.3.6.1.4.1.15953.9.1.3 NAME 'sudoCommand' DESC 'Command(s) to be executed by sudo' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' )
attributeTypes: ( 1.3.6.1.4.1.15953.9.1.4 NAME 'sudoRunAs' DESC 'User(s) impersonated by sudo' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' )
attributeTypes: ( 1.3.6.1.4.1.15953.9.1.5 NAME 'sudoOption' DESC 'Options(s) followed by sudo' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' )
objectClasses: ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL DESC 'Sudoer Entries' MUST ( cn ) MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoOption $ description ) X-ORIGIN 'SUDO' )


Restart your ldap server(s) to include the schema

Build sudo with the configure options ‘–with-ldap=<path$gt;’ and –with-ldap-conf-file=/etc/sudo.ldap

Put new sudo binaries on your system(s)

Create /etc/sudo.ldap with the following contents, replacing the ip’s and dc’s


host 10.20.30.40 10.20.30.50
sudoers_base ou=SUDOers,dc=example,dc=com

Create an ldif file with your sudo config (see below for an example)



dn: ou=SUDOers,dc=example,dc=com
objectClass: top
objectClass: organizationalunit
description: SUDO Configuration Subtree
ou: SUDOers

dn: cn=defaults,ou=SUDOers,dc=example,dc=com
cn: defaults
sudooption: ignore_dot
sudooption: !mail_no_user
sudooption: !root_sudo
sudooption: log_host
sudooption: logfile=/var/log/sudolog
sudooption: !syslog
sudooption: timestamp_timeout=10
objectClass: top
objectClass: sudoRole
description: Default sudoOption’s

dn: cn=Rule1,ou=SUDOers,dc=example,dc=com
cn: Rule1
sudooption: !authenticate
objectClass: top
objectClass: sudoRole
sudohost: ALL
sudocommand: /some/command
sudocommand: /some/other/command
sudouser: ALL
description: Allowed without password for ALL users


The first block of code contains the container for the rest of the sudo configuration, just leave this as-is. The second block contains the default options for sudo. Configure these to your liking, they are the same as for the non-ldap config, and are documented in the manual-page.

The third code-block lists a sample sudo rule. Repeat these as often as needed. The fields ‘sudohost’, ‘sudocommand’ and ‘sudouser’ are required, ‘sudooption’ is optional, and can override the defaults specified above.

Sudocommand should be repeated for every single executable (or use wildcards, not recommended) you want to enable via sudo. Sudouser can take regular usernames, or unix-group names when prefixed by a percent sign (%).

Please note that although commands can be negated (!/some/binary) there are work-arounds, so please think before acting. Users and Hosts can NOT be negated using ldap-configs… this is a current limitation.

Connecting to the internet via Nokia 3G phone and linux

So after some days of fiddling with settings, and asking around a bit I now have working settings for connecting my laptop (over bluetooth) to my Nokia E70 phone, using GPRS or UMTS to connect to the internet using T-Mobile Pocket Internet Totaal / Web’n’Walk.

/etc/ppp/peers/tmobile:

  • hide-password
  • nobsdcomp
  • noauth
  • connect “/usr/sbin/chat -v -f /etc/chatscripts/tmobile”
  • debug
  • /dev/rfcomm0
  • 115200
  • #nodefaultroute
  • noipdefault
  • user tmobile
  • remotename tmobile
  • ipparam tmobile
  • lcp-echo-failure 0

/etc/chatscripts/tmobile:(paste-it link)

  • ABORT BUSY ABORT ‘NO CARRIER’ ABORT VOICE ABORT ‘NO DIALTONE’ ABORT ‘NO DIAL TONE’ ABORT ‘NO ANSWER’ ABORT DELAYED
  • ” ATZ
  • OK-AT-OK “AT&FE0V1&D2&S0&C1S0=0+IFC=3,1”
  • OK-AT-OK “AT+CGDCONT=1,\”IP\”,\”internet\””
  • OK-AT-OK “ATD*99***1#”
  • CONNECT ”

/etc/bluetooth/rfcomm.conf:

  • rfcomm0 {
  • bind yes;
  • device 00:12:D1:XX:XX:XX; # replace with your bluetooth device-id
  • channel 2;
  • comment “Nokia 3G Phone”;
  • }