N5BOC Duplex Hotspot

I managed to get my hands on one of the hot items in the MMDVM world — an N5BOC Duplex Hotspot. This is really a mini-repeater which uses both timeslots on DMR and has a separate transmit and receive antenna connector. Initial results have been as expected — excellent!

My idea was to have a hotspot where I could configure XLX on TS1 and Brandmeister on TS2. With the N5BOC board and Pi-Star this was a breeze. The key is in the DMR Gateway configuration.

My XLX configuration:

[XLX Network]
Startup=020
Enabled=1
File=/usr/local/etc/XLXHosts.txt
Port=62030
Password=passw0rd
ReloadTime=60
Slot=1
TG=6
Base=64000
Relink=60
Debug=0
Id=1234567
UserControl=1
Module=A

My Brandmeister configuration:

[DMR Network 1]
Enabled=1
Address=107.191.99.14
Port=62031
TGRewrite0=2,9,2,9,1
PCRewrite0=2,94000,2,4000,1001
TypeRewrite0=2,9990,2,9990
SrcRewrite0=2,4000,2,9,1001
PassAllPC=2
PassAllTG=2
Password="passw0rd"
Debug=0
Name=BM_United_States_3101
Id=123456701

If you’re not currently using DMRGateway, make sure that you have activated it by setting the DMR Master on the configuration page to DMR Gateway. This will reveal options to help you manage Brandmeister, DMR+, and XLX, all on the same hotspot.

XRF020B Hamvention Connection

XRF020B is your link to Dayton Hamvention through the end of this weekend. In cooperation with VA3UV and KA8SCP, we’ve linked XRF020B and XRF038C to Dayton D-Star repeater W8RTL. So feel free to connect through the course of the weekend for updates from your fellow radio amateurs.

You can also connect via DMR to XLX020B using TG6. Key up with an initial private call to 64002.

Feel free to post any big Dayton news in the comments.

73 to everyone in Dayton and those who wish they were.

xlxd and SELinux

TL;DR — If you’re not running an xlxd based reflector using SELinux you can skip this post.

I recently migrated the XLX reflector from Debian Stretch to Fedora FC30. Debian is the platform recommended by the software author, but xlxd runs fine under Fedora as well. However, since I’m running with SELinux enabled, there were a couple of issues to tackle.

SELinux tags filesystem elements with a security context and in some cases, xlxd fails to access certain files for which it does not have authorization. There are three files that will require some special attention.

xlxd.pid -- contains the running process number
xlxd.log -- the XML log file used by the dashboard
callinghome.php -- contains the hash value used for registration

In my system, the files are installed in the following directories:

/var/run/xlxd.pid
/var/log/xlxd.log
/var/lib/httpd/xlxd/callinghome.php

I had to create new rules to put the files in the correct security contexts.

semanage fcontext -a -t httpd_sys_content_t /var/log/xlxd.xml
semanage fcontext -a -t httpd_sys_content_t /var/run/xlxd.pid
semanage fcontext -a -t httpd_sys_rw_content_t \
/var/lib/httpd /xlxd/callinghome.php

One issue I discovered is that the contexts do not handle the creation of a new file. For that, I installed restorecond. This system daemon watches for specified files to be created and relabels the security context.

dnf install restorecon

Then, add the 3 fully pathed file names to /etc/selinux/targeted/contexts/files/file_contexts.local. Restart the restorecond service and you’re ready to start the xlxd, httpd, and php-fpm services.

A very useful command is ls -lZ. On an SELinux enabled system it will list the security context labels for each file.

ls -lZ
total 4
-rwxrwxrwx. 1 apache apache system_u:object_r:httpd_sys_rw_content_t:s0 66 May 16 14:12 callinghome.php

Another useful command is restorecon. RTFM.

73