Hacking a Reiser4/Zstd (SFRN 4.0.2) -patched Build of Debian Linux 4.14.Cempohualli-Ce for AMD64.

(Use your right mouse pointer on image to show video controls and/or to Open video in new tab -- recommended)

Official 4.14.x iterations of Debian kernel packaging for Unstable (Sid) ended with 4.14.17-1. Accordingly, there is no Debian kernel packaging for current upstream release Linux 4.14.20 and much less named its Nahuatl equivalent: Cempohualli: twenty and Ce: one. Moreover, the currently available Reiser4 patch is for kernel 4.14.1+; thus I had to find a way to debianize last kernel packaging if it was to successfully wrap around pristine kernel.org's Linux 4.14.20. The latter, i.e., Cempohualli, is a beautiful number; full of symbolism for existing Nahuatl speaking real Mexicah. What follows are my annotations to carry out the somewhat involved build procedure.

First oddity. Beginning with upstream kernel 4.14.18, Debian kernel packaging for 4.14.17-1 will fail to build:

LD vmlinux.o
MODPOST vmlinux.o
arch/x86/entry/syscall_64.o: In function `x32_enable':
syscall_64.c:(.init.text+0x8): undefined reference to `system_call_fast_compare_end'
syscall_64.c:(.init.text+0xe): undefined reference to `system_call_fast_compare'
syscall_64.c:(.init.text+0x19): undefined reference to `system_call_mask_compare_end'
syscall_64.c:(.init.text+0x1f): undefined reference to `system_call_mask_compare'
syscall_64.c:(.init.text+0x33): undefined reference to `system_call_fast_compare'
syscall_64.c:(.init.text+0x3f): undefined reference to `system_call_mask_compare'
make[5]: *** [vmlinux] Error 1
[]/build/kernel/tekitl-4.14.18/linux/Makefile:998: recipe for target 'vmlinux' failed
make[4]: *** [sub-make] Error 2
Makefile:146: recipe for target 'sub-make' failed
make[3]: *** [__sub-make] Error 2
Makefile:24: recipe for target '__sub-make' failed
make[3]: Leaving directory '[]/build/kernel/tekitl-4.14.18/linux/debian/build/build_amd64_none_amd64
make[2]: *** [debian/stamps/build_amd64_none_amd64] Error 2
debian/rules.real:190: recipe for target 'debian/stamps/build_amd64_none_amd64' failed
make[2]: Leaving directory '[]/build/kernel/tekitl-4.14.18/linux'
make[1]: *** [binary-arch_amd64_none_amd64_real] Error 2
debian/rules.gen:24: recipe for target 'binary-arch_amd64_none_amd64_real' failed
make[1]: Leaving directory '[]/build/kernel/tekitl-4.14.18/linux'
make: *** [binary-arch] Error 2
debian/rules:50: recipe for target 'binary-arch' failed
dpkg-buildpackage: error: fakeroot debian/rules binary-arch gave error exit status 2

Accordingly, if I wanted to build current upstream Linux 4.14.20 'the Debian way', i.e., to generate DEBs as well as UDEBs suitable for Metztli-Reiser4 netboot Debian-Installer (d-i), I had to figure out the issue above.

After considerable effort I found there are a few updated patches we must apply from current Debian kernel packaging master 4.15.4-1 git repository to our Debian kernel packaging unstable (Sid) 4.14.17-1 for this latter to build my downloaded Linux 4.14.20 from upstream:


Additionally, I modified 4.14.17-1 packaging

because 4.14.20 newer kernel already had these security fixes applied.

Now, assuming the Debian kernel packaging default , i.e., to build the real-time (RT) kernel and headers, we get second oddity.

Although the first set of patches for the Debian 'vanilla' kernel applied smoothly, if the developer desired to build the real-time (RT) kernel and headers to subsequently patch all with reiser4 -- which I did -- I had to implement another small hack to fix the following issue:

Applying patch features/all/rt/preempt-lazy-support.patch
Applying patch features/all/rt/ftrace-Fix-trace-header-alignment.patch
Applying patch features/all/rt/x86-preempt-lazy.patch
1 out of 5 hunks FAILED
Patch features/all/rt/x86-preempt-lazy.patch does not apply (enforce with -f)
debian/rules.real:145: recipe for target 'debian/stamps/source_rt' failed
make[2]: *** [debian/stamps/source_rt] Error 1
make[2]: Leaving directory '/[]/build/kernel/nahui.matlactetl_onnahui.cempohualli/linux'
debian/rules.gen:989: recipe for target 'source_rt_real' failed
make[1]: *** [source_rt_real] Error 2
make[1]: Leaving directory '/[]/build/kernel/nahui.matlactetl_onnahui.cempohualli/linux'
debian/rules:26: recipe for target 'source' failed
make: *** [source] Error 2

Evidently debian/patches/features/all/rt/x86-preempt-lazy.patch applied by quilt with fuzz=0 fails at arch/x86/include/asm/thread_info.h since the latter has an extra line of code in the Linux 4.14.20 source tree:
u32 status; /* thread synchronous flags */

which quilt attempted to patch thread_info.h to be subsequently copied over into RT kernel build directory:

thus I modified slightly debian/patches/features/all/rt/x86-preempt-lazy.patch 1 so it could apply after the above referenced line of code.

It worked...

Otherwise, if you do not want to build the real-time (RT) kernel and headers, edit with a text editor (like xvi &#59;)
xvi debian/config/defines

and locate the lines:

enabled: true

and change 'true' text string to false, i.e.,

enabled: false

save your changes and close debian/config/defines

In summary. I used last 'official' Debian kernel packaging 4.14.17-1 for Unstable (Sid) as base. I then applied the above operations plus other reiser4 hacks for Stretch elaborated in previous post(s); thus generating a Metztli Reiser4 Debian kernel packaging for 4.14.Cempohualli...er, 20, suitable to build a stretch-backports kernel and which resulting source code I subsequently uploaded to Github.

Tonalpohualli: 'Aztec Calendar'
Real Mexicah used a base Cempohualli, i.e., twenty, for their number theory and cherished the expressiveness, non-linearity, of their language: Nahuatl. Those characteristics enhanced their mathematical acumen to apprehend, appreciate, and imitate, nature and Nehnencacitlalli ['the cosmos']. In stark contrast, pseudo-'Mexicans' from 1821 onward, i.e., descendants of Spanish scum invaders who -- like their mother country Spain -- lag several centuries behind in science and technology[1], only have tainted their colonized masses with infinite ignorance.

[1] Kant.

Building Reiser4/Zstd (SFRN 4.0.2) stretch-backports Linux 4.14.Cempohualli-Ce for AMD64

Assuming a proper development environment to build our kernel 'the Debian way' as elaborated a priori in other post(s), we can build upstream Linux kernel 4.14.20, thus:

mkdir --verbose nahui.matlactetl_onnahui.cempohualli
...er, well that's Nahuatl for 4.14.20 -- which you could name your working directory. I will just make a symbolic link:

ln -s nahui.matlactetl_onnahui.cempohualli 4.14.20

cd nahui.matlactetl_onnahui.cempohualli

Download Debian kernel packaging hacked for Linux 4.14.20 from GitHub:
git clone https://github.com/Metztli/reiser4-debian-kernel-packaging-4.14.20.git linux

(Do something while it downloads as it approaches 1Gb of data)

then download kernel 4.14.20 from upstream:
wget https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.14.20.tar.xz

Let's create a symbolic link in the format that Debian kernel packaging expects:
ln -s linux-4.14.20.tar.xz linux_4.14.20.orig.tar.xz

and change into linux directory
cd linux

Edit debian/changelog:
xvi debian/changelog

Locate the text string:

linux (4.14.17-1) unstable; urgency=medium

and remove the number 17 and insert 20, instead, i.e.,

linux (4.14.20-1) unstable; urgency=medium

save your changes.

Now we are ready to build the kernel 'the Debian way' as we did in previous post(s).

Added bonus &#59;)
Likely fix for Bug#885166: instability with 4.14 regarding KVM virtualization

since referenced commit:
https://lists.debian.org/debian-kernel/2018/02/msg00173.html seems to be already applied to Linux kernel source tree 4.14.20.

YES! Bug#885166 has been fixed in 4.14.20!...
"If I used git correctly, then 4.14.20 already has 2a266f23550be997d783f27e704b9b40c4010292, so I tried 4.14.19. 4.14.19 on the one virt host that had the most violent failures failed in the first hour of operation, but with a slightly different error behavior that I was used to. I am therefore not sure whether we are not talking about multiple issues, one of them having been fixed somewhere in between 4.14.13 and 4.14.19."

1 RE: x86: Support for lazy preemption in Debian Linux 4.14.20 AMD64

DISCLAIMER:P although due diligence has been applied, this resource is made available for testing/evaluation purposes on an AS IS basis. The procedure only reflects my own modifications, my limited testing, and the potential user who executes the procedures assumes all risks.

Please do not hold me or Metztli Information Technology responsible if the information provided here does not achieve the desired result. The information is provided AS IS and with the hope that it may be useful to the Internet community --especially those who desire reiser4 on GNU/Linux Debian.

Nevertheless, there is no implicit or explicit guarantee that the information presented here is accurate --even though due diligence was exercised during the procedure. Accordingly, if an user(s) decide to download and/or implement the procedure and/or shell commands described here s/he or them, do so at her, his, or their own risk. You have been forewarned.

Jose   ,   Feb 25 / 06:23
Categories: reiser4

From Ксения [Xenia] to Мария [Maria] With ffmpeg, gnome-subtitles, and mencoder

I used Mplayer's mencoder (built from source) to render the English/Russian subtitles in the PoC video above -- as I was trying out the upcoming GNU/Linux Debian Jessie distribution encapsulated inside a KVM virtual machine.

Debian: virt-manager managed KVM Jessie instance

In the past I had used mencoder to add Spanish subtitles to a video, but this time I was challenged with Russian subtitles, as those initially would not render properly in the resulting video. As a matter of fact, I was not even able to install mencoder from the Debian Jessie and Sid repositories due to libdvdnav4 dependency issue. Thus, the ephemeral viable option was to build mplayer's mencoder from source --which will skip support for DVD during the configure phase.

To solve the first issue, during Debian Jessie installation routine in the virtual machine I selected Russian as an additional language:

Debian Jessie installation: add ru_RU.UTF-8 locale during installation

I can verify the above action by examining /etc/locale.gen; I can see (scrolling to the bottom) that, in effect, I enabled 2 languages in addition to English: Russian and Mexico's Spanish dialect, all UTF-8.

Examining Debian Jessie /etc/locale.gen

For the record, at the top of the /etc/locale.gen file the user is advised to execute:


after manually enabling any locale (by removing the hash symbol from the beginning of the directive.)

Building mplayer -- defaults to building mencoder, too -- from source in Debian Jessie.

I update Debian repositories:


apt-get update

Since I am getting mplayer/mencoder code via Subversion:


apt-get install subversion

Then I get the mplayer/mencoder source code:


svn checkout svn://svn.mplayerhq.hu/mplayer/trunk mplayer

and directory mplayer will be created at my current directory location.

I change directory into mplayer:


cd mplayer

Since I am on Debian, and after scanning the README file, I can simply download a couple of DEBs:


apt-get install git devscripts

and then could simply execute the script under the debian directory to

"configure, compile and build a proper Debian .deb package with only one command:"


debian/daily-build.sh -b

But no. Since I am in a non-stable Debian, the resulting mencoder package may still refuse to install. Thus, I will download the relevant DEB packages manually:


apt-get install ffmpeg docbook-xsl ladspa-sdk libenca-dev libaa1-dev libasound2-dev libaudio-dev libcaca-dev libcdparanoia-dev libbluray-dev libdirectfb-dev libdts-dev libesd0-dev libfaad-dev libfontconfig1-dev libfreetype6-dev libfribidi-dev libgif-dev libgl1-mesa-dev libgtk2.0-dev libjack-dev libjpeg-dev liblircclient-dev liblivemedia-dev liblzo2-dev libmp3lame-dev libmpcdec-dev libncurses5-dev libopenal-dev libpng12-dev libpulse-dev libschroedinger-dev libsdl1.2-dev libsmbclient-dev libspeex-dev libsvga1-dev libswscale-dev libtheora-dev libvorbis-dev libvorbisidec-dev libx11-dev libx264-dev  libxext-dev libxinerama-dev libxv-dev libxvidcore-dev libxvmc-dev libxxf86dga-dev libxxf86vm-dev libvdpau-dev pkg-config vstream-client-dev x11proto-core-dev xsltproc yasm zlib1g-dev mpg123 libmpg123-dev

After the above operation completes, then we are ready to build mplayer/mencoder from our downloaded source snapshot. Since I am in the mplayer directory:


./configure --enable-gui

(sample partial output):

Creating config.mak
Creating config.h

Config files successfully generated by ./configure --enable-gui !

Install prefix: /usr/local
Data directory: /usr/local/share/mplayer
Config direct.: /usr/local/etc/mplayer

Byte order: little-endian
Optimizing for: native

Note: the default installation directory is /usr/local/ and the --enable-gui option is, well, optional. As usual we could change the installation directory and disable/enable options. Simply type ./configure --help for an overview.

Additionally, if you will be downloading codecs, make sure to place the extracted files ending in .so under the directory /usr/local/lib/codecs/
End of note.

In this particular case for this post, I follow a successfully completed ./configure operation with:


make install

You may be required to acquire root privilege to make install into /usr/local --as is usual any time you install software from repositories.

Cihuatl Archetype And The Human Subconsciousness.

Unless one is brainwashed by one of those three(3) major patriarchal strains spread by fanatics throughout the world imposing a misogynist attitude, the archetype of Cihuatl, Nahuatl -- Mexico's language par excellence -- which translates as женщина in Russian, Woman in English, and Mujer in Spanish, is fascinating. It beams down onto a man's subconsciousness when least expected.

I happen to add an extra feature supporting RuTube videos in b2evolution for Openshift PaaS cloud hosted at my Nepohualtzintzin GitHub repository. And during testing I came across Miss MAXIM 2013 (Ксения Кайгородова: Xenia Kaygorodova). Thus the seed of a proof of concept -- or PoC -- was generated as result of a Russian media video and my chance listening of a melody sung in Spanish: ¿Tú De Que Vas? -- loosely translated as, Do You Even Need To Ask?

Thus, I used youtube-dl utility -- available also from Debian repositories. If it does not exist in your system, all you have to do is:


apt-get install youtube-dl

and subsequently downloaded the video from RuTube with command:


youtube-dl -o nenetl.flv http://rutube.ru/video/cf126c6e54c8e30758fffe75503ca644

the option -o is just to assign a name to the file of interest; otherwise, you will end up with an unintelligeble alphanumeric-named file. As for the word nenetl, it is akin to a female image, ideal form, approaching an archetype.

Assuming current location is where the downloaded file resides, I create an ephemeral directory and change into it:


mkdir --verbose ephemeral
cd ephemeral

At this directory I will operate as follows:

used ffmpeg in order to extract the images from the nenetl.flv video, thus:


ffmpeg -../nenetl.flv -f image2 images%05d.png

The extracted images will occupy around 1.5 Gb of space. Now, by rough trial and error, I aimed to fit a relevant subset of the images into an interval equal to the length of the melody playing in the background. The final command -- referenced below -- outputs a nenetl_slideshow.mp4 which lasts approximately the length of the melody:


ffmpeg -r 6.2 -ss 00:00:03 -i images%05d.png -c:v libx264 -r 30 -pix_fmt yuv420p ../nenetl_slideshow.mp4

I had to decrease the intake of the images to 6.2 frames per second (fps) by using the -r option to ffmpeg; thus it gives the video somewhat of a slow motion :))

Also, by feeding the -ss to ffmpeg I advanced the resulting slideshow by hh:mm:03 seconds. Please type:


man ffmpeg

for additional information relevant to options specified.

Once we are satisfied with the outcome, we can erase all the extracted .png (picture) files at our current ephemeral directory and thus recover our disk space.

Subsequently, I merged the slideshow file with the .mp3 Franco de Vita audio file as follows:


ffmpeg -../nenetl_slideshow.mp4 -../Franco_De_Vita-Tu_De_Que_Vas.mp3 -map 0 -map 1 -codec copy -shortest ../nenetl.mp4

Cool! Now we have the length of the melody that is roughly equivalent to the most visually interesting media. We can verify it with the mplayer that was built above:


mplayer ../nenetl.mp4

Or, alternatively, since we enabled the graphical user interface (GUI) as an argument during ./configure


gmplayer ../nenetl.mp4
Using Hayraphon skin in GUI-enabled mplayer: gmplayer

Note: If you accepted the default installation path for the mplayer build, please make sure to install your skins under /usr/local/share/mplayer/skins/. For instance, the location for the Hayraphon skin in the above snapshot would be /usr/local/share/mplayer/skins/hayraphon End of note.

Adding Subtitles with GNOME Subtitles Editor

In Debian, we install the application as:


apt-get install gnome-subtitles

After it is completely installed, we start it from our shell:



From topmost menu, we select Video, Open from the ensuing cascaded menu, and locate the nenetl.mp4 video/audio media we created before. The media file will be embedded in the upper section of the application.

gnome-subtitles: open video

We select the leftmost blank paper icon labeled New to start creating subtitles for our video -- as it is played using the controls under the embedded media. Further, as our embedded media is played, we can add another line of text by pressing the plus icon labeled Insert located in the upper row of icons -- just below the uppermost menu.

gnome-subtitles: new/open .srt file

From aforementioned row we also can save our newly created subtitles file by selecting the green arrow pointing down in a drawer icon, labeled as Save.

The named file will default to be saved with an extension .srt and UTF-8 locale.

Save dialog prompting format and location of subtitles file.

After we are satisfied assigning subtitles to relevant sections of the embedded audio/visual stream, we are ready to embed the subtitles file into the actual nenetl.mp4 media. For that we will use mencoder.

Assuming our location continues to be our ephemeral directory that we created for this set of tasks and we have a resulting xenia.srt subtitles file also here, we type next command:


mencoder ../nenetl.mp4 -oac mp3lame -ovc lavc -sub xenia.srt -subcp enca:ru:utf--subfont-outline 4 -of mpeg -o xenia.mp4

Alternatively, directive below will add extra font feature to your subtitles:


mencoder ../nenetl.mp4 -oac mp3lame -ovc lavc -sub xenia.srt -subcp enca:ru:utf--subfont-text-scale 4 -subfont-outline 6 -of mpeg -o Nenetl.mp4
Debian Jessie gmplayer


Useful FFmpeg Commands.

ffmpeg, how to add new audio (not mixing) in video

Past midway during the creation of this post -- researching sources -- I was surprised to find the RuTube source is also available from YouTube, albeit with a different cover:
Десятка финалисток Miss MAXIM 2013. Часть первая (Ксения Кайгородова)

How I got b2evolution to work in both English and Russian with UTF-8

DISCLAIMER:P although due diligence has been applied, the above post is intended as a proof of concept for encoding Russian language subtitles in videos.

Please do not hold me or Metztli Information Technology, or its associates, responsible if the information provided here does not achieve the desired result. The information is provided AS IS and with the hope that it may be useful to the Internet community.

Notwithstanding, There is no implicit or explicit guarantee that the information presented here is accurate. Accordingly, if an user(s) decide to implement the procedure or shell commands described here she, he, or them, do so at her, his, or their own risk. You have been forewarned.

I reserve the right to modify the blog and even to delete it without further notice.

Debian: Patching Linux Kernel To Enable Aufs3 Module

Totonal ye
totonal ye omixpoliuhtzino,

ihuan centlayohuayan

Mach ticmatih occeppa mohualhuiliz,
ma occeppa moquizaltiz

ihuan yancuican techtlahuililiquiuh.
The Art of Toltecayotl

I happened to came across the need to enable advanced multi layered unification filesystem (Aufs) -- now at version 3.x (thus, Aufs3) -- module support into a GNU/Linux Debian deployment. It had been a while that I had done something similar by customizing the kernel to enable that feature. Well, surprise! Nothing has changed. Well, let me rephrase that, Aufs development continues; however, we still have to somehow hack the feature into the linux kernel tree version desired. Below I describe a procedure that worked on Debian and linux kernel 3.12.2, that is, the latest stable kernel source on this date.

Given the fact that cahuitl means the space of time in Nahuatl (Mexico's language par excellence), and a certain place, area, or surface in n-dimensional space is referred to as tlacauhtli, I was inspired to create a working directory appropriately named for the task at hand :P

mkdir -p --verbose /usr/src/tlacauhtli/build

Of course, prefixing sudo for the privilege to execute the above command (and similar others) is necessary if you are not already wielding root privilege; either way, the root (or super user) privilege is necessary to create directory(ies) at /usr/src directory since in Debian the default owner and group is root as shown with command:

ls -ld /usr/src
(sample output)...
drwxr-xr-x 8 root root 376 Nov 28 00:10 /usr/src/

We will not touch those default permissions but will manipulate those of the directories we initially created for our operations.

Now find out if your_username already belongs to Debian's src group:

groups your_username

Membership in the group src must be included in the output since, for security, we will want to operate as a non-root user. If the output does not show that your_user is a member of src group, then, wielding root privilege we should add the normal user who will be doing the Aufs3 and kernel build operations as a member of Debian's src group:

adduser your_username src

For the privileged permissions to take effect, your_username must logout and then login back again. Subsequently entering command again:

groups your_username

the output should show that your_username is a privileged member of Debian's src group (amongst others).

your_username should now be ready to begin her Aufs3 hack into the kernel tree.

But first root should grant and/or modify access permissions on our work area tlacauhtli and its subdirectory build, as below.

Still wielding root privilege, we subsequently grant src group ownership and writing privilege on the tlacauhtli directory where the operations will take place.

chmod -R g+w /usr/src/tlacauhtli

grants writing privilege to the group on directories tlacauhtli and its subdirectory build

chgrp -R src /usr/src/tlacauhtli

grants group ownership to the members of src group (which includes your_user) on directories tlacauhtli and its subdirectory build

Below is a rather verbose snapshot summary from bash shell on Debian:

Debian permissions on build directories

Now, we assume the identity of a normal non-root user, of course, you will assume your_username that we elaborately granted src group membership and privileges to operate on tlacauhtli and its subdirectory build directories. Now empowered, we change to tlacauhtli directory:

$ cd /usr/src/tlacauhtli

We start by downloading the latest stable kernel by visiting The Linux Kernel Archives. For security you are encouraged to check integrity of the files downloaded and scan them for malware.

For instance, if you have clamav, you may scan the uncompressed files as:

$clamscan downloaded_file

If you already uncompressed the files, you can recursively check the directory trees and only print out if infected files were found as:

$clamscan -ri uncompressed-file_directory

(Please do man clamscan and read for further information).

NOTE: If your Debian does not have the clamav anti-virus, wielding root privilege download and install as: apt-get install clamav

Verify Integrity Of Your Downloaded Kernel Releases By Verifying The Corresponding Signatures...

Linux kernel releases PGP signatures

Assuming we downloaded the compressed linux kernel tree linux-3.12.2.tar.xz and it is at our current location, we download its corresponding signature with wget utility (all in a single line directive)

NOTE: If your Debian does not have wget and/or bzip2, wielding root privilege download and install as: apt-get install wget bzip2 bc (indeed, you will need bc - An arbitrary precision calculator language - in your kernel building efforts.

$wget https://www.kernel.org/pub/linux/kernel/v3.0/linux-3.12.2.tar.sign

In order to be verified, linux-3.12.2.tar.xz should be decompressed and left in tar format (see Using GnuPG to verify kernel signatures ). As illustrated, the procedure can be accomplished step by step or in a one liner concatenation directive. I have decide to go with the latter:

$xz -dc linux-3.12.2.tar.xz | gpg --verify linux-3.12.2.tar.sign -

(sample output)...
gpg: Signature made Fri 29 Nov 2013 11:29:20 AM PST using RSA key ID 6092693E
gpg: Can't check signature: public key not found

I take as input the RSA key ID to download the public key from the PGP keyserver in order to verify the signature, thus:

$gpg --recv-keys 6092693E --keyserver subkeys.pgp.net

alternatively, if the above directive fails, try:

$gpg --keyserver pgp.mit.edu --recv-keys 6092693E
(sample output)...
gpg: requesting key 6092693E from hkp server subkeys.pgp.net
gpg: key 6092693E: public key "Greg Kroah-Hartman (Linux kernel stable release signing key) <greg@kroah.com>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)

I rerun gpg --verify...:

$xz -dc linux-3.12.2.tar.xz | gpg --verify linux-3.12.2.tar.sign -
(sample output)...
gpg: Signature made Fri 29 Nov 2013 11:29:20 AM PST using RSA key ID 6092693E
gpg: Good signature from "Greg Kroah-Hartman (Linux kernel stable release signing key) <greg@kroah.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 647F 2865 4894 E3BD 4571 99BE 38DB BDC8 6092 693E

Using GnuPG to verify kernel signatures

For this post, we will stop our verification process here. Nevertheless, you may decide to continue the procedure by following:

'You will now need to verify that the key used to sign the archive really does belong to the owner...'

I refresh my Debian repositories:


apt-get update

and download the necessary tools/utilities to build my kernel:

$apt-get install build-essential kernel-package patch fakeroot libncurses5 libncurses5-dev git

Now I change from my current tlacauhtli to subdirectory build

$cd build

and decompress my kernel, simultaneously untar'ing it:

$tar -xvJPf ../linux-3.12.2.tar.xz

"it becomes clear that 'Aufs was rejected. Let's give it up.' According to Christoph Hellwig, linux rejects all union-type filesystems but UnionMount."

Aufs at SourceForge

Since I am interested in building Aufs3 as a module, at this particular time the aufs3-standalone GIT tree enables that CONFIG_AUFS_FS=m option; hence, I download it:

git clone git://git.code.sf.net/p/aufs/aufs3-standalone aufs3-standalone.git

and change into the referenced directory:

$cd aufs3-standalone.git

and remember to specify the minor number of the kernel we are building. Thus, in our case, I have emphasized the minor number of the kernel 3.12 for inclusion in the next command:

$git checkout origin/aufs3.12

(sample output)...

Note: checking out 'origin/aufs3.12'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -b with the checkout command again. Example:

git checkout -b new_branch_name

HEAD is now at 4a7364f... aufs3.12 20131111

and proceed to create a couple of directories to prepare a patch for the linux kernel tree:

$mkdir --verbose ../x ../y

How you name those remains at your discretion but I named them x and y. The following sequence of commands should operate on the directory ../y/.


cp -rv Documentation ../y/.
cp -rv fs ../y/.
cp -rv include ../y/.

In the above commands, the verbosty (-v) is optional.

Make sure to remove Kbuild:

$rm -v ../y/include/uapi/linux/Kbuild

else you should specify 'no' when prompted by the patch utility whether it should replace Kbuild in your linux kernel tree.

We go back to our previous directory, i.e., build:

$cd ..

And perform the following operations:


diff -rupN x/ y/ > linux-3.12.2/aufs.patch
cat aufs3-standalone.git/*.patch >> linux-3.12.2/aufs.patch

We are ready to apply the patch; we change directory to our linux kernel tree source:

$cd linux-3.12.2

And apply the patch:

$patch -p1 < aufs.patch

You will observe a long output to your bash shell but no errors.

Yolahuialtia [Cheers!] You have just patched your latest stable linux kernel tree :)

As I am upgrading from my currently running linux kernel 3.12.0, I will import the relevant .config into my spanking new and Aufs-patched linux kernel tree:

$cat /boot/config-`uname -r` >.config

and do:

$make oldconfig
(sample output)...
HOSTCC scripts/basic/fixdep
HOSTCC scripts/kconfig/conf.o
SHIPPED scripts/kconfig/zconf.tab.c
SHIPPED scripts/kconfig/zconf.lex.c
SHIPPED scripts/kconfig/zconf.hash.c
HOSTCC scripts/kconfig/zconf.tab.o
HOSTLD scripts/kconfig/conf
scripts/kconfig/conf --oldconfig Kconfig
* Restart config...
* Miscellaneous filesystems
SquashFS 4.0 - Squashed file system support (SQUASHFS) [M/n/y/?] m
Squashfs XATTR support (SQUASHFS_XATTR) [Y/n/?] y
Include support for ZLIB compressed file systems (SQUASHFS_ZLIB) [Y/n/?] y
Include support for LZO compressed file systems (SQUASHFS_LZO) [Y/n/?] y
Include support for XZ compressed file systems (SQUASHFS_XZ) [Y/n/?] y
Use 4K device block size? (SQUASHFS_4K_DEVBLK_SIZE) [Y/n/?] y
Additional option for memory-constrained systems (SQUASHFS_EMBEDDED) [N/y/?] n
OS/2 HPFS file system support (HPFS_FS) [M/n/y/?] m

Aufs (Advanced multi layered unification filesystem) support (AUFS_FS) [N/m/y/?] (NEW) m

Indeed, the directive above prompts as to whether install Aufs as a mdule, which I agree to by specifying to enable Aufs support as a module by typing: m

And subsequently follow additional options:
(sample output)...
Maximum number of branches
> 1. 127 (AUFS_BRANCH_MAX_127) (NEW)
2. 511 (AUFS_BRANCH_MAX_511) (NEW)
3. 1023 (AUFS_BRANCH_MAX_1023) (NEW)
4. 32767 (AUFS_BRANCH_MAX_32767) (NEW)
Detect direct branch access (bypassing aufs) (AUFS_HNOTIFY) [N/y/?] (NEW)
NFS-exportable aufs (AUFS_EXPORT) [N/y/?] (NEW) y
Readdir in userspace (AUFS_RDU) [N/y/?] (NEW) y
Respect the attributes (mtime/ctime mainly) of special files (AUFS_SP_IATTR) [N/y/?] (NEW)
Show whiteouts (AUFS_SHWH) [N/y/?] (NEW)
Ramfs (initramfs/rootfs) as an aufs branch (AUFS_BR_RAMFS) [N/y/?] (NEW) y
Fuse fs as an aufs branch (AUFS_BR_FUSE) [N/y/?] (NEW) y
Hfsplus as an aufs branch (AUFS_BR_HFSPLUS) [Y/n/?] (NEW)
Debug aufs (AUFS_DEBUG) [N/y/?] (NEW)

If I do a:

$make xconfig

I can observe and configure graphically Aufs support in the kernel tree:

make xconfig: Aufs graphical configuration

The moment to build our Debian custom linux kernel has finally arrived! Do:

$fakeroot make-kpkg clean

And I proceed to build my kernel: Xonecuiltzin which :yes: prefixed with a leading dot, I provide as an argument to --append-to-version in the directive that follows:

$time fakeroot make-kpkg --append-to-version=.xonecuiltzin --stem aufs -j8 --initrd kernel_image kernel_headers

I also provide aufs as an argument to --stem because I want to know the main reason for my kernel customization. Additionally, I provide 8 as an argument to -j. Eight(8) represents the number of threads I wish to launch, hence I make it equal to the number of cores in my machine where I am building the kernel -- for optimum performance during compilation.

After a few minutes, the build procedure ends and I take a look a my newly created Debian kernel and headers DEB packages, thus:

$ls ..
(sample output)...
aufs3-standalone.git/ linux-3.12.2/
aufs-headers-3.12.2.xonecuiltzin_3.12.2.xonecuiltzin-10.00.Custom_amd64.deb x/
aufs-image-3.12.2.xonecuiltzin_3.12.2.xonecuiltzin-10.00.Custom_amd64.deb y/

Debian build of Xonecuiltzin kernel done

To install our newly built Xonecuiltzin kernel on Debian, we need to acquire root privilege or prefix the command below with sudo:

$dpkg -i aufs-image-3.12.2.xonecuiltzin_3.12.2.xonecuiltzin-10.00.Custom_amd64.deb

... yeah, include the path if your kernel is not at your current directory location ;-)

1Our Sun has
our Sun has been hidden from us,

and left us in total darkness.
But we have the certainty that,

once again it will rise,

once again it will come to shine for us all.

Nahuatl quote found in an IAEA Publication (PDF) titled: Analytic Number Theory & The Nuclear Level Density.

The quote is attributed to Cuauhtemoc, last ruler of the Mexicah. On August 13, 1521, after the death of some 250,000 Mexicah and besieged for 79 days, Cuauhtemoc's metropolis Mexico-Tenochtitlan fell to the large invading armies of indigenous enemies of the Mexicah led by a small number of Spanish mercenary plunderers. After being tortured unsuccessfully to reveal hidden gold by the avaricious Spaniards, Cuauhtemoc was revered by the surviving Mexicah as Xonecuiltzin, "The Limping one", the same name/title by which one of their Deities, Tezcatlipoca, was also known.

How To Roll A Kernel the Ubuntu/Debian Way
Kernel 3.9 on Debian Wheezy/Testing
Compile Debian Kernel (Squeeze) 3.0 and Above with Aufs and squashfs
COMPILING Linux kernel version 3..2.6 | r4mi5

DISCLAIMER:P although due diligence has been applied, this resource is made available for testing/evaluation purposes on an AS IS basis. The procedure only reflect my own modifications, my limited testing, and the potential user who executes the procedures assumes all risks.

Please do not hold me or Metztli Information Technology responsible if the information provided here does not achieve the desired result. The information is provided AS IS and with the hope that it may be useful to the Internet community --especially those who need Aufs support on Debian.

Notwithstanding, There is no implicit or explicit guarantee that the information presented here is accurate --even though due diligence was exercised during the procedure. Accordingly, if an user(s) decide to implement the procedure or shell commands described here she, he, or them, do so at her, his, or their own risk. You have been forewarned.

Accessing Data On OS/2 JFS Partitions With GNU/Linux Debian.

Yes, OS/2 supports GNU/Linux -with difficulty.

Coming from OS/2 and learning my first GNU/Linux commands at the OS/2 command shell -in an ported public domain Korn shell (ksh) emulated environment- I can not help but peek, once in a while, into the pond from which I emerged. A couple of days ago, I visited the OS/2 World forum and scrolled the initial page for something new. Perhaps, I thought, Serenity Systems International -the last vendor of an fixpacked OS/2 known as eComStation- might have developed an booting procedure or hack that emulated the Linux booting procedure.

If true, I continued submerged in my revery, then I could build an OS/2 instance into an virtual machine to be hosted in an Infrastructure as a Service (IaaS) provider like Amazon. To my dismay, I only found what I regarded as an mundane issue that could be resolved in a jiffy (if an OS/2er were to be a little more open minded) -that of accessing OS/2 created JFS partition from an GNU/Linux distribution.

OS/2 and Lotus SmartSuite WordPro.

In preparation for a migration from an OS/2 installed base to an modern Linux alternative, the user was interested in knowing how to access OS/2 created JFS partitions from an Ubuntu Live distribution. Her/his concerned lied in the fact that whenever he tried to mount an certain OS/2 JFS partition from the Live Ubuntu distribution, the message in his Linux shell output would be along the form:

mount: wrong fs type, bad option, bad superblock on /dev/xyz,
missing codepage or helper program, or other error
In some cases useful info is found in syslog - try
dmesg | tail or so

Mounting an unclean OS/2 created JFS partition.

Well I just happened to have reinstalled an Linux Debian unstable distribution. No, the install is not from a “live” CD but it will help to illustrate an potential solution to the OS/2 administrator evaluating methods to migrate existing OS/2 deployments into GNU/Linux.

First of all, to exercise administrative duties in enterprise Linux, the user becomes root (or super user). Please note that from the perspective of Debian cfdisk utility, OS/2 created JFS partitions will be seen as of file system (FS) Type: Unknown (35). The reason may possibly be due to the fact that the LVM.EXE or LVMGUI.CMD disk management utilities of an appropriately upgraded OS/2 require a created physical partition to be of type LVM; otherwise formatting in the OS/2 implementation of Journaling File System (JFS) will not proceed. Hence, the GNU/Linux cfdisk utility does not appear to recognize the type of the OS/2 created partition and regard those as Unknown (35).

Observe the screenshot below:

cfdisk /dev/hda

Using Debian cfdisk utility as root user.

Additionally, note that if you hard drive is IDE, of course, you will see the Primary partitions as hda1, hda2, and hda3. Partition hda4 represents the whole extended partition; when this latter is sub-partitioned, the first extended (sub)partition is hda5, hda6, etc.. Also note from the snapshot that if Primary partitions hda2 and/or hda3 are non existent, their places are reserved; as can be observed, the very first logical (sub)partition skips over the reserved slots for Primary partitions and starts at hda5. Obviously, if your hard disk is SCSI the device seen with the cfdisk utility will be of the form sda1, sda2, etc..

Please note that Red Hat and Fedora, at the very least, may also refer to IDE drives as sda1, sda2, etc.. I just want to call your attention to the fact that under all conditions, you should verify that the Linux operating system and you are on the same page. Fedora 11, in my limited tests, was able to mount JFS partitions. Notwithstanding, for this blog I used Debian.


Avoid unnecessary woes by diligently backing up all your OS/2 JFS partitions data during the migration planning stage. Technology, being a human creation and subject to unanticipated variables, is not perfect.

Additionally, please verify that you have the Debian jfsutils package. As root user, from the command line in your Linux shell you can simply type:

apt-get update

apt-get install jfsutils

Or if you prefer to install those visually with the synaptic package manager, from the Debian desktop menu, select System, Administration, and subsequently press the Synaptic Package Manager item from the cascading options.

Selecting (from Debian menu) Synaptic Package Manager.

Alternatively, as the root user, you may just type:


and the package manager will come into existence, as well. Either way you access Synaptic, press the Search button from the wide menu of the utility and when the search utility appears, proceed to enter the text string "jfs" into the field. After some seconds, the jfsutils will be listed among other packages that met the criteria. Selecting the item jfsutils from the list will provide additional information: Utilities for managing IBM's Journaled File System (JFS) under Linux. Hence, after installtion of the package, you will have in your Linux Debian distribution: fsck.jfs, logdump, logredo, mkfs.jfs, xchkdmp, xchklog, xpeek.

Synaptic description of Debian jfsutils.


Reading the man page for jfs_fsck (or fsck.jfs) we note the warning: serious damage may occur if we check a mounted file system in other than READ ONLY access.

man jfs_fsck

Debian man page warns that JFS partition should be unmounted.

After verifying that our target JFS partition(s) is(are) not mounted, and scrolling further down in the man jfs_fsck information, we come across the command to form to check our OS/2 created JFS partiton(s): jfs_fsck -v -f /dev/hdxy.

Debian man jfs_fsck also shows us some hints on proper use.

As an specific example, I selected the 26GB /dev/hda10 seen in the initial cfdisk snapshot at the beginning of this blog. Accordingly, if the hypothetical Linux user xiuhtecuhtli became root (or super user) of his GNU/Linux Debian sytem, he would enter the following command to check and fix (-f) his previous OS/2 created and formatted JFS partition:

jfs_fsck -v -f /dev/hda10

Performing an file system check (and fix) on an dirty OS/2 created JFS partition.

After performing the adequate JFS modifications on the OS/2 partition, the jfs_fsck front end utility for fsck.jfs finishes; and xiuhtecuhtli would be able to mount his 26GB OS/2 created JFS partition in an relevant directory created under /mnt, be typing:

mount /dev/hda10 /mnt/hda10

Debian jfsutils finish (and fix) file system errors in an OS/2 created JFS partition.

Please note that the above procedure will not work on OS/2 Logical Volume Manager (LVM) volumes spanning multiple devices/partitions. If an user tries to access one of the spanned entities composing an OS/2 LVM volume, the mount process will fail; also, if an file system check is performed on a device/partition component of the spanned OS/2 LVM volume, it may corrupt the target. Accordingly, make sure that you know -from the OS/2 side- which units are part of an spanned OS/2 LVM volume. For instance, see this snapshot of an past OS/2 Java-based utility that can be invoked as lvmgui.cmd in your OS/2 command shell environment.

Perspective of OS/2 LVMGui.cmd Java-based disk management utility.

Java 2 SE 1.4.1 native port for OS/2 is by Golden Code Development (GCD).

One final note. If an GNU/Linux root (or super user) mounts an OS/2 created and formatted partition -even if JFS checks and fixes are performed from the Linux side- an regular non-root user will likely not be able to view the contents of that file system. The reason is because all or most of that data will not have appropriate permissions, as seen in this sample ls -l command operating on the directory /mnt/hda10/xxe-std-3_5_1:

ls -l /mnt/hda10/xxe-std-3_5_1

total 28
d--------- 7 root root 256 2007-02-02 18:00 addon/
d--------- 7 root root 4096 2007-02-02 12:17 bin/
d--------- 2 root root 4096 2007-02-24 14:52 binHTML/
d--------- 9 root root 4096 2007-02-01 17:06 demo/
d--------- 17 root root 4096 2007-02-01 17:06 doc/
d--------- 2 root root 256 2007-02-24 12:44 Xiuhtecuhtli/
d--------- 2 root root 4096 2007-02-02 20:13 webstart/
---------- 1 root root 6778 2007-02-24 12:33 XXE-STD-3_5_2.zip

What the OS/2 turned Linux admin needs to do is to apply pertinent permissions to the files so that regular users are able to use and/or access the data. For an specific instance, if the root user needs to modify all the files in a directory to be world readable and or writable (r or w) use the chmod command with -R option to specify recursively all of the files in that directory.

chmod -R a+r /mnt/hda10/xxe-std-3_5_1

ls -l /mnt/hda10/xxe-std-3_5_1

total 28
dr--r--r-- 7 root root 256 2007-02-02 18:00 addon/
dr--r--r-- 7 root root 4096 2007-02-02 12:17 bin/
dr--r--r-- 2 root root 4096 2007-02-24 14:52 binHTML/
dr--r--r-- 9 root root 4096 2007-02-01 17:06 demo/
dr--r--r-- 17 root root 4096 2007-02-01 17:06 doc/
dr--r--r-- 2 root root 256 2007-02-24 12:44 Xiuhtecuhtli/
dr--r--r-- 2 root root 4096 2007-02-02 20:13 webstart/
-r--r--r-- 1 root root 6778 2007-02-24 12:33 XXE-STD-3_5_2.zip

Additionally please note that for an user in Linux to be able to use data s/he may need additional permissions such as being the owner and/or group member allowed to manipulate the data. Accordingly, the OS/2 admin turned to Linux admin (root user) should make use of the chown command to achieve her/his purpose.

As the OS/2 remains anchored in the past and with no supporting organization providing continued development -much less a clear road map for its future- OS/2 admins will be forced to migrate. Metztli Information Technology will be glad to provide migration and/or support services provided the target platform is resilient, secure, open source - open standards: GNU/Linux.

DISCLAIMER&#58;&#80; Please do not hold me or Metztli Information Technology responsible if the information provided here does not achieve the desired result. The information is provided AS IS and with the hope that it may be useful to the Internet community --especially OS/2 users and/or administrators considering GNU/Linux as their organizations' migration platform.

Notwithstanding, There is no implicit or explicit guarantee that the information presented here is accurate --even though due diligence was exercised during the procedure. Accordingly, if an user(s) decide to implement the procedure or shell commands described here she, he, or them, do so at her, his, or their own risk. You have been forewarned.

Metztli IT reserves the right to modify the content of the post or even to delete it altogether.

Jose   ,   Nov 5 / 05:27
Categories: Legacy

Providing 32-bit Application Support Under 64-bit GNU/Linux Fedora.

Note: This list collection of ia32-lib packages was successfully tested on x64 Fedora 10. I did not test them on x64 Fedora 11 nor x64 Fedora 12. Recently, however, I realized that the packages listed here do not even exist in x64 Fedora 13. Accordingly, I updated the list of packages in this list to reflect modifications done in the x64 Fedora 13 distribution. In order to minimize confusion, I deal with the issue and make available the relevant updated list in another blog entry: Hosting Providers Embrace of The Cloud Enabled by Open Source Virtualization Technologies. 08/10/2010

In an past how-to blog entry I described an procedure to install the 32-bit IBM Lotus Symphony office productivity suite under an 64-bit GNU/Linux Fedora 9 distribution. I mentioned that I had used the GNU/Linux 64-bit Debian ia32-libs suite package as a guide to figure out which packages would provide equivalent functionality in 64-bit Fedora 9 distribution. Notwithstanding, I was forced to realize that metztli-F9-ia32-libs.text, the list of packages that I made available for others as an aid to solve an similar issue as my own, was version specific. This short post is an update on metztli-F9-ia32-libs.text so as to make the list of packages more generically applicable to Fedora 9, Fedora 10, and Fedora 10+.

An kind comment by an user that used the pseudonym "Nobody" actually drew my attention to the need for the packages listed in metztli-F9-ia32-libs.text not to be version specific. At the time of Nobody's comment, well, I thought that making the packages listed in metztli-F9-ia32-libs.text version agnostic would be achieved simply by editing the file with vim, Elvis, or any other text editor. As an way of illustration, I downloaded metztli-F9-ia32-libs.text and opened it with my vim text editor:

GNU/Linux Fedora 10: Editing metztli-F9-ia32-libs.text

In effect, once metztli-F9-ia32-libs.text had been opened for editing in the vim text editor, pressing the Esc key at our keyboard and following that with the colon character ":", the percent character "%", and the letter "s" for substitution, we achieve 77 substitutions at once. Below is an snapshot of the end of metztli-F9-ia32-libs.text file showing the substitutions in that relevant section:

GNU/Linux Fedora 10, vim: 77 substitutions at once.

Nevertheless, there are a few files that require special attention --if they are to support 32-bit applications in an distribution release agnostic GNU/Linux 64-bit Fedora. Those are listed below, first as the file was listed in the older metztli-F9-ia32-libs.text and subsequently as listed in metztli-Fedora_agnostic-ia32-libs.text:

  • compat-libstdc++-33-3.2.3-63.i386 to compat-libstdc++-33.i386
  • libaio-0.3.106-4.2.i386 to libaio.i386
  • jack-audio-connection-kit-0.109.2-1.fc9.1.i386 to jack-audio-connection-kit.i386
  • java-1.6.0-openjdk- to java-1.6.0-openjdk.i386
  • compat-expat1-1.95.8-4.i386 to compat-expat1.i386
  • libgcrypt-1.4.0-3.i386 to libgcrypt.i386

And I had a duplicate of jack-audio-connection-kit-0.109.2-1.fc9.1.i386 &#58;&#111;&#111;&#112;&#115;&#58;; hence metztli-F9-ia32-libs.text should have contained a list of 80 74 packages (a big thanks to "an observer" 06-09-2009), instead of the 81 that I asserted in the post IBM Lotus Symphony 1 on 64-bit GNU/Linux Fedora 9 Sulphur. referenced initially.

Well, after detailing the procedure that I followed to generalize the prior 64-bit Fedora 9 specific package support for 32-bit applications listed in metztli-F9-ia32-libs.text, I now make available metztli-Fedora_agnostic-ia32-libs.text. This file will list version agnostic 32-bit packages that should work under 64-bit Fedora 9, Fedora 10 and possibly higher, since the packages providing the equivalent of Debian ia32-libs package likely are Fedora distribution release independent.

As referenced in the alluded past how-to blog entry, after the user downloads metztli-Fedora_agnostic-ia32-libs.text to his 64-bit Fedora distribution, s/he should install the listed packages by entering suggested commands at her 64-bit GNU/Linux Fedora shell terminal.

As an specific illustration, we assume that the user has become the root or super user in her 64-bit GNU/Linux Fedora 9, Fedora 10, or later; we further assume that the file metztli-Fedora_agnostic-ia32-libs.text was downloaded to her current file system location in her shell. Then the super user or root should install the support for 32-bit applications under her 64-bit Fedora by typing below commands:

for i in $(< metztli-Fedora_agnostic-ia32-libs.text); do yum -y install $i; done

64-bit Fedora 9, 10+ ia32-libs equivalent package: metztli-Fedora_agnostic-ia32-libs.text

DISCLAIMER&#58;&#80; although due diligence has been applied, the metztli-Fedora_agnostic-ia32-libs.text resource is made available for testing/evaluation purposes on an AS IS basis. Those files listed in the resource only reflect my own modifications on my limited testing --as expounded above and elswhere-- and the potential user that manipulates any or all of those (files) assumes all risks.

Please do not hold me or Metztli Information Technology responsible if the information provided here does not achieve the desired result. The information is provided AS IS and with the hope that it may be useful to the Internet community --especially AMD 64-bit GNU/Linux Fedora 9, Fedora 10 and higher distribution release, users.

Notwithstanding, There is no implicit or explicit guarantee that the information presented here is accurate --even though due diligence was exercised during the procedure. Accordingly, if an user(s) decide to implement the procedure or shell commands described here she, he, or them, do so at her, his, or their own risk. You have been forewarned.