[sigmaris.info] #

Recent Posts

Automating Debian install in QEMU

published on

I recently wanted to automate building a headless Debian testing (codename “buster”) virtual machine, hosted on macOS, and it turned out to be somewhat more complicated than I expected, so I thought I’d document it here for others’ benefit.

Instead of installing VirtualBox, VMWare Fusion or Parallels which are quite heavyweight virtual machine apps, I wanted to run a headless VM using QEMU, which can be installed easily using Homebrew. QEMU now supports hardware accelerated x86 virtualisation on Macs using the Hypervisor.framework built in to macOS.

The script and preseed file to perform the fully automated install is here, and I’ll explain the details behind what it does in this post.


Cross compiling Rust on Mac OS for an ARM Linux router

published on
Wanting to compile a small program I’d written in Rust to run on my home router, I found this guide to cross compilation of Rust code. The router is a Netgear R7000 with an ARM processor, running FreshTomato, a distribution of Linux for ARM and MIPS architecture consumer routers. The top of that guide shows an example of installing the cross-compilation toolchain for ARM on Ubuntu, but it required some work to adapt to Mac OS High Sierra, my desktop environment. Read More...

Make certbot Let’s Encrypt certificates readable by Debian ssl-cert group

published on
On Debian, there’s a group named ssl-cert which grants access to TLS certificates and private keys, so that services that don’t run as the root user can still use TLS certificates. For example, the PostgreSQL Debian package installs PostgreSQL to run as a user named postgres, which is a member of the ssl-cert group, and so it can use certificates and private keys in /etc/ssl. The certbot Let’s Encrypt client, by default, makes the certificates and private keys it installs only readable by the root user. Read More...


Development (7)

Linux (2)

Mac (7)

Nds (3)

Rust (1)

Smartcard (2)

Uncategorized (3)


address-book (2) bluetooth (2) dd-wrt (1) emitsms (1) encryption (2) firewall (1) homebrew (1) ipv6 (1) mac (2) nds (1) opensc (2) security (2) smartcard (2) stmu (1)