Utah Open Source Planet

As a Linux instructor for Guru Labs, I get the opportunity to do a great deal of system administration. One of those responsibilities as an admin is performing installations of RHEL, Fedora, SLES, OpenSUSE and OEL. Soon, hopefully, we’ll be adding Debian and Ubuntu to the mix of courses and courseware. As such, along with Christer Edwards who also teaches at Guru Labs, I’ve taken it upon myself to find the necessary admin tools to bring to the table for our future courses. One such tool that has bothered me as of late, is automating an Ubuntu or Debian install.

With Red Hat and Fedora, the Anaconda installer automatically creates a /root/anaconda-ks-cfg file. This file is a Kickstart file necessary for automating installs if I want to build machines exactly like the one I just installed. In other words, this file is all the answers to the questions that I just entered for that installation. This is a handy feature. Why doesn’t Debian and Ubuntu do this? Actually, they do. Kind of.

When asked the necessary questions in the Debian text-based installer, a database is created keeping track of each of those answers. When the system is finished installing, that database is stored under /var/log/installer/questions.dat. Unfortunately, if you installed your system via the GUI installer, this file is not created. Further, you will need a utility to extract the answers to those questions, as the questions.dat file is a binary database.

So, we need to install debconf-utils for access to a couple of binaries necessary to build this preeseed config file for automating the rest of the installations that I wish to perform.

sudo aptitude install debconf-utils

After installed, I now have access to the debconf-get-selections tool for helping be exctract the answers out of the questions.dat database. So…

sudo debconf-get-selections --installer > preseed.cfg
sudo debconf-get-selections >> preseed.cfg

I now have a preseed config file necessary for my automated installs. However, that config file may have a bunch of unnecessary stuff that I may not want for the install. So, I should open up that config file, and edit it as necessary, removing a lot of the bloat. It is best, rather, to build a preseed.cfg file from scratch, or using an example template, and building from there. This approach is superior for a couple of reasons. First, I will learn the internals of preseed itself. Second, I will become intimately familiar with the Debian installer questions, and the power that I probably take for granted. After building my own preseed file from scratch, I can then customize it to fit my needs, or my network needs, as necessary.

To build one such file, the Debian documentation team has some decent docs for helping me get started. However, the docs are hardly exhaustive, so you may find yourself spending a bit of time on Google, before getting the hang of it. At the documentation site, I have “Creating a preconfiguration file” and “Contents of the preconfiguration file” documents available. Spending some time there, learning preseed is time well spent. After the file is created, there is a syntax checker to make sure the contents of the preseed file are sound:

sudo debconf-get-selections -c preseed.cfg

Now that I have my built preseed file, it’s time to boot my boxes using the file. Obviously, I will need to make the file accessible somehow. I can make this preseed file accessible via HTTP, FTP, NFS, locally on a hard drive or partition, CDROM or even built into the initial RAM disk itself. Once I have that access, at the boot prompt, I enter the following (adjusting as necessary for the location of the preseed file):

linux preseed/url=http://foo.com/bar/preseedcfg

And, based on the contents of the preseed file located at that web address, the installer starts, and off we run with installing the new Debian or Ubuntu system, completely hands-off (again, based on the file contents).

As an ending thought, preseed can read Anaconda Kickstart files, but there is still a bit to yet be implemented. If you prefer using Kickstart as a method for automating your installs, you should probably build a hybrid file for the missing Kickstart features with preseed. There is also a GUI tool for building Kickstart files available in the Debian and Ubuntu repositories:

sudo aptitude install system-config-kickstart

However, using Kickstart files to build your Debian or Ubuntu box isn’t as flexible or powerful as preseed, and further, you really won’t learn the internals of the Debian installer. Kickstart is heavily documented, unlike the sparse documentation that exists for preseed, so you’ll likely find more answers if building a Kickstart file.

I’ll be presenting tomorrow night (Wed. May 21, 2008) on the OpenSuse Build Service at the Salt Lake Linux Users Group meeting. Everyone is welcome and it’s free! The announcement I wrote for the SLLUG mailing list follows:

Hi everyone!

Tomorrow night!

Topic:

Marc Christensen will be presenting on the OpenSuse build service: A short tutorial on making cross-distro packages (one set of source/config files produces debs, RPMs for various vendor’s distros) and the power of the build service.

For more information on what the build service is and what it can do for you (regardless of what distro you maintain (for the most part)), see:

• http://en.opensuse.org/Build_Service
• http://en.opensuse.org/Build_Service/cross_distribution_package_how_to
• http://en.opensuse.org/Build_Service/Deb_builds

If you package apps that other people consume such as in and IT environment or OpenSource project or just simply want to make packages available for easy install on one or more Linux distributions, you need to know about the build service.

Time and place:

• Date: Wednesday May 21, 2008
• Time: 7:10pm
• Place: Warnock Engineering Building (WEB) room 101 (Previously known as EMCB)
• Cost: $0.00. Zip. Nada.

Directions/Parking:

Directions - [http://www.map.utah.edu/index.jsp?find=62] Parking can be found just East of the WEB building and there is a big lot just North of the Merrill Engineering building (MEB). Parking is free after 6:00 (Based on the signs posted. Always check in case this changes.)

Special thanks go to:
* Prof. Lepreau and the U of U for providing the meeting room.
* Various Volunteers

On Tuesday, 13 May 2008, the Fedora Project released the latest version of their Linux distribution, Fedora 9.

I was able to get my hands on Fedora 9 the previous Friday after it was discovered "in the wild" on BitTorrent networks. I promptly installed it on my Dell Latitude D830 laptop that I use every day for work.

The downside to installing a Linux distribution like Fedora before it is officially released is that you have no access to any updates. You're kind of on your own with what you've got until the official release date.

I wasn't too terribly worried about any of that. After all, Fedora 7 and Fedora 8 were, for the most part, very stable from the get-go.

I think I may have been wise to have waited. Over the last week, I've encountered all sorts of issues. Some have been related to specific hardware I'm using while others are general OS issues. A significant chunk of the issues I've run into are a direct result of my running KDE as my desktop environment. Fedora 9 includes KDE version 4 which is a ground-up rewrite of the fundamentals of KDE.

The experience has given me some flashbacks to 2003 when Red Hat Linux 9 came out with GNOME 2.2. I had been a GNOME user for a couple of years (and used AfterStep as my primary desktop environment before that) and was content with the way the Sawfish window manager worked in GNOME up until Red Hat Linux 9. Now GNOME used the Metacity window manager and I couldn't stand the thing. Where were all my configuration options? What happened to everything I had come to rely on? Well, GNOME had tucked it all away... and made everything work slower while they were at it.

I switched to KDE and found it had advanced leaps and bounds since I had looked at it last. It was mature, reliable, and, most of all, it offered plenty for me as a "configuration nut" to appreciate.

Fast forward to now. KDE4 is cool, very cool, but it's lacking a lot of stuff KDE3 had, understandably. I'm sure it's all forthcoming in due time, but I want it now!

So, below is my current list of annoyances. Some are still outstanding while others I have taken steps to resolve and have documented those steps below so that others may benefit.

Fedora 9 Annoyances

• nVidia video driver - I've got a nVidia Corporation Quadro NVS 140M tucked away in this laptop and to get 2D and 3D accelerated performance out of it, I must use the proprietary nVidia driver available for Linux. I usually get this from the fine Livna repository for Fedora. The kmod-nvidia driver was available from Livna, but it didn't work. I got it to function (details coming) but it's far from perfect.
• Tap-to-click not working on Synaptics touchpad - This is a documented bug and I'm sure Fedora will be pushing a fix soon. In the meantime Bob Kashani at Berkeley has gracefully provided a fix.
• kmix applet is missing - This one is annoying. I have grown very accustomed to having the kmix applet in my KDE taskbar. This gives me a handy mixer utility to control my sound. Without it, I'm forced to launch the kmix application every time I want to adjust the mixer. Lame.
• Font irregularities (related to NVidia?) - Application fonts between KDE and GTK/GNOME applications display differently. This has suddenly been a problem, but it isn't the first time I've seen it. I also saw it with Firefox 3 betas under Fedora 8, but only on this particular system (my laptop) and not on other systems. I blame the nVidia driver.
• Multimedia buttons - The volume up/down and mute buttons just worked out of the box with Fedora 8. With Fedora 9, KDE is completely ignorant of them.
• NetworkManager forgets everything - In Fedora 7, there was a separate KDE NetworkManager component called knetworkmanager which integrated seemlessly into KDE, but major changes within the NetworkManager community forced the Fedora project to adopt the GNOME NetworkManager work for KDE users in Fedora 8 (and Fedora 9). The problem in Fedora is that NetworkManager doesn't seem to be using the GNOME keyring system at all. Every time I connect to a secure wireless network, I have to enter the encryption key or passphrase because it isn't getting saved anywhere.
• KPilot not syncing with Palm Treo 700p via USB - This was fixed with the first Kernel update!
• KDE configuration lacks depth - This is due to the rewrite of everything, but there are things that really bug me: No configuration of the Compose key and I haven't found a way to turn off the silly "Pong" sound the system plays every time I move between virtual desktops.
• No web browser can load Zimbra admin login page - I didn't have any problems with Firefox 2, but neither Firefox 3b5 nor Konqueror can load the Zimbra admin page. Konqueror complains about a script out of control and Firefox 3b5 just sits and spins.
• gpk-application sucks - Pirut (and pup) are gone and now we have this PackageKit suite of applications for managing packages. I think it's a good idea in the long run, but gpk-application has a long way to go before it catches up with how well pirut worked. Just let me install many packages at once, why don't ya?!

Well, there's that for starters. I'll probably be blogging more in the future about these problems in more detail, including, hopefully, how to solve or work around them.

If your in the greater Salt Lake area and love python swing by the meeting this evening! We’re doing a python editor head-to-head, should be fun!

After the MiniDV videotape camcorders and before the explosion of hard disk camcorders,
several manufacturers were making these camcorders that would record directly to DVD media. A handful of them recorded to full-size DVD media, but most recorded to a small (~3 inches in diameter) mini-DVD media. One of these discs can hold about 30 minutes of SD (740x480, 30 frames per second) video or about 1.4GB of data.

A couple years ago, I was working on a video editing project and one of my sources was from one of these mini-DVD camcorders. One of the perks of the mini-DVD format is you can throw it right into a DVD player and it plays it, without much grief, like a normal DVD movie. There's even a scene-selection menu that shows you thumbnails of images to select scenes recorded on the DVD.

I think the mini-DVD format was a great idea for people who just want to videotape an event and throw it in the DVD player, but it's not so good for someone who wants to edit the video on the computer. The camcorder manufacturers probably shipped the cameras with some kind of conversion program to extract the video from the discs and convert it into an editable format, but since I didn't own one of these mini-DVD camcorders, I didn't have such software.

A little googling and I found the answer!

Check out this command:

mplayer dvd://1 -dumpstream -dumpfile dvd.vob

This mplayer command may be familiar to those who rip video from DVDs to convert it to an MPEG4 format or something similar.

I can't edit a VOB file, so I needed to convert the VOB into, preferably, an AVI. Most of the AVIs I edit are DV format AVIs that I get off my DV camcorders. I knew if I could get the video on the mini-DVD into that format, I'd be in heaven. I didn't find a direct way to do this, but I did find two more steps that would do it.

ffmpeg -i dvd.vob -target dv dvd.dv
cat dvd.dv | dvgrab -f dv2 -s 0 -stdin

The first command (ffmpeg) converts the VOB into raw DV data. This is data you could stream to a camcorder and store on a tape. It's not in an AVI container, but it's close. The next command (dvgrab) is usually used for capturing video from IEEE 1394 (Firewire) video devices, but being that it has an option (-stdin) for reading data from standard input, we can use it to convert our raw DV data to an AVI.

Voila!

Tonight we are having our first openSUSE User Group meeting, we’ll be discussing 11.0 Beta 2.

* Date/Time: Tuesday, May 6, 2008 @ 7:00pm.
* Location: Applebees, 105 E 12300 S, Draper, UT
* Google Maps: Click Here

You can get more information on the group here.

It’s been some time since Python 2.5 became stable and released. Version 2.5 has plenty of new features that have helped me in deciding that it was time to go ahead and start using it for primary development of all my new projects. One of the reasons I was still using version [...]

Well, not exactly “benchmarking” in the strictest sense, but interesting data I find nonetheless. Setting out on my voyage to learn more about filesystems that the Linux kernel supports, I went looking for which filesystem does the best job at managing space. No speed tests. No data integrity. No feature comparisons. Just space conservation. Of course, I plan on investigating these filesystems further on those notes, and will report my findings, but suffice it for now to compare space utilization.

First, I have 6 2GB USB thumb drives for this test. Unfortunately, 2 of them are slightly smaller than the other 4. As such, I felt that LVM would be a good solution for making sure each filesystem was put on the exact same storage container.

The result? 6 logical volumes exactly the same size, each with 486 PEs with 4MB per PE. Each filesystem was mounted to it’s own directory under /mnt:

aaron@kratos:~ 4149 % df -h /dev/mapper/test-*
Filesystem              Size  Used Avail Use% Mounted on
/dev/mapper/test-ext2   1.9G  2.9M  1.8G   1% /mnt/ext2
/dev/mapper/test-ext3   1.9G   35M  1.8G   2% /mnt/ext3
/dev/mapper/test-jfs    1.9G  376K  1.9G   1% /mnt/jfs
/dev/mapper/test-reiser 1.9G   33M  1.9G   2% /mnt/reiser
/dev/mapper/test-vfat   1.9G  4.0K  1.9G   1% /mnt/vfat
/dev/mapper/test-xfs    1.9G  288K  1.9G   1% /mnt/xfs

Next, I needed to populate these filesystems with some data. I ran the following for-loop:

for i in ext2 ext3 vfat xfs jfs reiser; do
    dd if=/dev/zero of=/mnt/$i/foo.img bs=1024 count=500000
done

Let’s see how they fared:

aaron@kratos:~ 4166 % df -h /dev/mapper/test-*
Filesystem              Size  Used Avail Use% Mounted on
/dev/mapper/test-ext2   1.9G  492M  1.3G  28% /mnt/ext2
/dev/mapper/test-ext3   1.9G  524M  1.3G  29% /mnt/ext3
/dev/mapper/test-jfs    1.9G  489M  1.5G  26% /mnt/jfs
/dev/mapper/test-reiser 1.9G  521M  1.4G  27% /mnt/reiser
/dev/mapper/test-vfat   1.9G  489M  1.5G  26% /mnt/vfat
/dev/mapper/test-xfs    1.9G  489M  1.5G  26% /mnt/xfs

VFAT, XFS and JFS all seem to do fairly well on data conservation. Knowing that the FAT filesystem isn’t very robust, or feature-packed, looking at just this data, I would be willing to spend some time further with JFS and XFS. However, to be fair, I’ll give FAT a good look in respect to features.

It is a pity however, that Sun Microsystem’s ZFS is licensed under the CDDL. I would rather enjoy working with that filesystem, I think, as it supports a great set of features. Unfortunately, unless ZFS is ported to the GPL, it’s unlikely that we’ll see it in kernel space, and I’m not really interested in an implementation of it under FUSE.

Last night, Christer and I were playing with the Ubuntu 8.04 installer, trying to break it, and get any last bugs reported before final is released tomorrow.

What I noticed last night, during the install really surprised me. ReiserFS is a screaming filesystem compared to XFS. After doing the install 3 times on 2 identical machines (Dell Precision 490), in every case, ReiserFS was nearly twice as fast completing the install. Didn’t matter how the disk was partitioned either. It is a screaming speed machine. Further, launching applications, and playing with KVM, it was also noticeably faster than it’s XFS competition.

However, XFS did have much better storage management in the way of sqeezing out every last byte on the drive. In fact, on bare bones installs, XFS gave me 10% more storage space than ReiserFS.

Conclusion? If you’re after speed, from what I gathered last night, ReiserFS screams. If you’re looking for maximized disk space, XFS is the clear winner there. Was the disk space gain worth the wait of the install? Yeah, probably. But man, post-install, launching applications with ReiserFS was still noticeably faster than XFS.

I’m curious about these, and will be benchmarking some more in the future. Expect follow-up posts on this topic.

Due to the comments I recrived on the last post on this topic, I decided to make a few changes.

First I want to say thank you to everyone that showed interest. Apparently this type of plugin is desperately needed. My initial version was just a quick hack to transfer meta data to and from my iPod. Note the extremely hackish nature of the link between iPod and rhythmbox tracks (filename only).

1. The most common complaint was the rhythmbox crashing bug (Segmentation Fault). This is caused by the gpod module when it attempts to locate and read the itunes database on the iPod. My fix was to just check if gpod found the itunes directory, print an error to the console, and skip any processing at all. This will prevent killing rhythmbox, but doesn’t actually fix anything.
2. More intelligent rating updates. I used mockenh’s idea to compare last played dates to determine which rating to use in case of a conflict.

I don’t really have the desire to implement playlist, or podcast synchronization since I have very little time, and I am only a mediocre programmer at best. If someone wants to swipe my code to build on, they are more than welcome to.

1. I just use a periodic rsync to copy music from my iPod to my PC. rsync -av /media/BFUNGUS/iPod_Control/Music/ ~/Music/ Change any paths as necessary.
2. Since I don’t copy songs to the iPod using Linux, I didn’t write that support into it
3. The detection of the iPod mount location is dependant upon the GnomeVFS module. It must correctly recognize your iPod as a Music Player
4. The python gpod module must be installed. Debian users can apt-get install python-gpod

ipodsync v0.2

As I’m sitting in the San Jose Airport, I’m reading the sfdisk man page to get a better handle on the command. I want to script setting up partitions, rather than the interactive fdisk. As I’m reading along, I got a chuckle out of the -f or –force switch:

       -f or –force
              Do what I say, even if it is stupid.

I don’t know why I found that funny, but I thought to myself that more man pages need to be written in this fashion. It sure does brighten up the whole system-administration thing.

I just finished porting Tomboy’s print code to GTK so that we would be more portable and I thought other Mono apps looking to move from libgnomeprint or wanting to add printing support might find a code example helpful.

First, To start printing you do something like:

private void PrintButtonClicked (object sender, EventArgs args)
{
Gtk.PrintOperation op = new PrintOperation ();
op.BeginPrint += new BeginPrintHandler (OnBeginPrint);
op.DrawPage += new DrawPageHandler(OnDrawPage);

op.Run (Gtk.PrintOperationAction.PrintDialog, this.Window);
}

after the PrintOperation is set off you need to handle the BeginPrint event. The main things that need to be done are finding out how many lines will fit on a page and how many lines you have:

public void OnBeginPrint(object sender, Gtk.BeginPrintArgs args)
{
PrintOperation op = (PrintOperation)sender;
lines_per_page = (int)Math.Floor ((double)args.Context.Height / (double)font_size);
Gtk.TextIter start_iter, end_iter;
this.Buffer.GetBounds (out start_iter, out end_iter);
lines = this.Buffer.GetText (start_iter, end_iter, false).Split ('\n');
op.NPages = (int)Math.Ceiling ((double)lines.Length / (double)lines_per_page);
}

Finally, now that you have the printing setup, you need to actually render the data to be printed:

public void OnDrawPage(object sender, Gtk.DrawPageArgs args)
{
PrintOperation op = (PrintOperation)sender;
Cairo.Context cr = args.Context.CairoContext;

int line = args.PageNr * lines_per_page;
int num_lines = 0;
if (args.PageNr+1 != op.NPages)
num_lines = line + lines_per_page;
else
num_lines = lines.Length;

cr.MoveTo (0, 0);

for (int i = 0; i < lines_per_page && line < num_lines; i++)
{
Pango.Layout layout = args.Context.CreatePangoLayout ();
Pango.FontDescription desc = Pango.FontDescription.FromString (”sans ” + font_size);
desc.Size = (int)(font_size * Pango.Scale.PangoScale);
layout.FontDescription = desc;

layout.SetText (lines[line]);
Pango.CairoHelper.ShowLayout (cr, layout);
cr.RelMoveTo (0, font_size);
line++;
}
}

This does not take into account styles but will give you the basic idea of what needs to be done.

Being an instructor for Guru Labs, I’m in training centers all over the nation. As such, I never know what hardware I’ll be facing, or for that matter, their network setup. This can be problematic, as setting up for class could present troubleshooting on my end before students arrive and class starts.

One of the issues that has plagued me, but I haven’t bothered to do anything about it until this morning, is networks dropping my TCP connections if there is no activity after a given interval. Currently, I’m in Mountain View, California teaching a Linux course, and the training center network is one such network with dropping inactive TCP connections after 60 seconds. Annoyed (being a heavy SSH user), I began digging in the SSH man page on my machine, and found a way to keep my connection alive.

There are two options for addressing my need: TCPKeepAlive and ServerAliveInterval. Each of those are explained here:

• TCPKeepAlive: This uses the KEEPALIVE option of the TCP/IP protocol to keep a connection alive after a specified interval of inactivity. On most systems, this means 2 hours. So, with the TCPKeepAlive option passed to SSH, the SSH client will send an encrypted packet to the SSH server, keeping your TCP connection up and running.

  ssh -o TCPKeepAlive=yes user@some.host.com

• ServerAliveInterval: This sets a timeout interval in seconds, which is specified by you, from which if no packets are sent from the SSH client to the SSH server, SSH will send an encrypted request to the server for a TCP response. To make that request every 30 seconds:

  ssh -o ServerAliveInterval=30 user@some.host.com

If ServerAliveInterval is used in the SSH command, then TCPKeepAlive is not needed, and should be turned off.

Now, in the training centers I visit, giving this option will ensure that my SSH connection stays connected, so I can stay on top of my IRC and MUC.

Please, Von, please, next time you set up a samba mount, just use cifs and not smbfs. Save yourself a lot of headache.

I don’t want to have to go through some winding, confusing process of reading HOWTOs, hand editing xorg.conf files, restarting X over and over again just to get decent support for my wacom digitizer pad. Especially when the experience on windows and mac is completely painless.

Yesterday I decided to upgrade from Gutsy Gibbon to Hardy Heron (beta 1). I usually upgrade early, but my main motivation for this was to be able to implement the new multimedia keys interface working in Exaile. Apparently, the Gnome crew decided to change this particular part of the DBus interface making it backwards incompatable. A description of the Exaile bug can be found here.

The upgrade was fairly painless, but here are a few of the gotchas I did experience.

Hardy Issues:

The only problem I had was sound not working once I finally booted into my upgraded system. I found that, by default, the -386 kernel was set as default instead of the -generic kernel. The -386 kernel does not come with snd-* modules for some reason. I edited /boot/grub/menu.lst and changed "default 0" to default 2", which made it so the -generic kernel would load by default. This fixed my sound issues.

Firefox 3 Issues:

Other than missing extensions that are not yet compatable with Firefox 3, I've really only had one really annoying problem. This problem existed in Gutsy when trying to upgrade to FF3, and remained once the upgrade to Hardy was complete (Hardy comes with FF3 by default). The problem is as follows: If you have Firefox on workspace one, and you click on a link in a terminal (or any other application) on a different workspace, the entire firefox window moves to that workspace (even if you have FF set to open links in a new tab).

Googling for answers to this problem revealed nothing, and people in irc.mozilla.org/#firefox couldn't really understand what I meant. Asking in irc.freenode.net/#ubuntu-us-ut, Christer Edwards informed me that he had the same problem and that in a fresh install of Hardy (as opposed to an upgrade) the problem did not exist. After fiddling around for a bit, I found that a simple rm -rf ~/.mozilla fixed the problem.

I will keep posting as other issues may or may not arise with the upgrade.

My brother and I have put up a blog discussing our messings with lasers, webcams, wiimotes and python. If you saw his talk at Pycon, and want to play with the code, you can find it there. I recently made the laser stuff work in Linux (hence the tit

This post is preceded by a public service announcement to back up all important data, often. (So far it seems the best way to back up photos is to get them printed/developed). Had a scare with a half gig compact flash card acting up on me, that cont

Yesterday, my new laptop arrived. KnowledgeBlue purchased it for me as my HP Pavilion ZV5000Z was about three years old and was starting to show its age. KnowledgeBlue has standardized on Dell as its hardware supplier and, while I don't care for their desktop machines at all and I'm okay with their servers, I really had no clue what to think about their laptops.

What is nice about Dell is they have a line of Open Source laptops. These laptops have been certified as being friendly with open source operating systems like Linux and are available for purchase without a pre-installed operating system (the laptop does come with FreeDOS installation media).

HP also offers FreeDOS as an operating system option on many of its Business laptops for those people looking to run an open source operating system or simply avoid paying HP for a preinstalled Microsoft product.

So, anyway, I got a customized Dell Latitude D830. Here are some of the features:

• Intel Core2 Duo CPU T7700 @ 2.40GHz
• 2GB RAM
• 120GB hard drive (w/ free fall sensor)
• DVD burner
• 9-Cell battery
• NVidia Quadro NVS 140M (256MB)
• 1920x1200 widescreen LCD panel
• Intel 3945 802.11a/g wireless

Let me just say I am impressed. So far, this laptop has been nothing but awesome. The screen is absolutely beautiful. Most impressive is the fact all the hardware seems to just work in Linux. After all the hurdles I had to jump to get my previous laptop working with Linux, this was a paradisical experience.

I did a network install of Fedora 8 after booting from a CD burned from the distribution boot.iso. The software properly configured the video card to use the open source nv driver and accurately identified the characteristics of the display panel. Sound worked fine right out of the box. I was worried about wireless networking and was prepared to install a third-party driver from a site like Livna or FreshRPMS, but when I enabled NetworkManager, it just worked! I could scan for wireless networks (it saw more than my Atheros card ever did) and connected to my home network (encrypted with WPA2) with no problems at all.

One thing I do like about my HP laptop is the ability to disable the trackpad so that when I'm using a USB mouse, I don't have to worry about brushing against the trackpad while I'm typing. Speaking of pointing devices, the D830 has taken a cue from IBM/Lenovo and provides both a trackpad and a eraser-point stick thingie with a second set of left and right buttons.

One thing that has been a bit of a concern is the sound card. Maybe I need to dig deeper, but the mixer support seems really weak. The only controllable channels I've seen in my mixer is PCM and Front. From what I've seen so far, the headphone jack is not independently controllable (it is on my HP) and I haven't seen channels for Line In or Microphone.

Battery life seems good. I haven't timed it yet, but I think I'm getting about 2-3 hours off a single charge and I haven't really tried any power saving settings. I know the Intel chipset offers a lot of options in that department.

I haven't tried any kind of suspend or sleep stuff yet. I'll have to report my findings about that in a later post.

My friend Sam posted a blog on his top 15 commands used from the commandline, so here are mine:

sontek@inspidell:~> history | awk ‘{print $2}’ | awk ‘BEGIN {FS=”|”} {print $1}’|sort|uniq -c | sort -n | tail -n 15 | sort -nr
143 ls
135 cd
84 vim
69 exit
57 ssh
56 su
35 svn
25 man
24 rm
24 python
22 sudo
22 jhbuild
18 make
17 grep
16 xrandr

You can tell a lot about a person by their top 15 commands and as you can see with mine, the majority of mine are used for coding!

You can see a break down of the command I used to list these here: http://czarism.com/my-top-ten-linux-comments-history

What are your top 15 commands?

I was helping a friend debug a problem with gksu (gnomesu alternative) today and we chose to use strace which allows you trace system calls an application makes.

To monitor all system calls an application makes you can redirect the output to a file like so:

strace <command> 2> <file name>
or
strace <command> -o <file name>

These commands return the exact same results, the first command redirects stderr (standard error, which has the file descriptor 2) to the file, strace sends all output to stderr by default, the second command uses the built in -o argument which is much cleaner.

One of the first things I like to do with strace is to check if it is having trouble accessing a file, which I see a lot because the file doesn’t exist or the user executing the command does not have permission to access it, you can do that with these commands:

strace <command> 2>&1 |grep open
or
strace <command> -e open

Again, these commands will return similar results. The first command redirects stderr to stdout so you can use grep to filter the output. The second command is the preferred method because it actually uses the built in -e argument which will trace only the named system call (this is a comma separated list so you can do strace -e open,read).

The only other arguments that I’ve found really helpful are -ff which when used with -o will append the pid (process id) to the file name and -F which will also trace children.

I’m lazy, so I just have this basic script I run that upgrades my wordpress:

#!/bin/bash
blog_directory=
update_url=

wget http://wordpress.org/latest.tar.gz
tar -xzvf latest.tar.gz
tar -zcvf blog-backup-$(date +’%F’).tar.gz $blog_directory
cp -rv wordpress/* $blog_directory
links $update_url
rm latest.tar.gz

How do you upgrade your wordpress?

I wrote a quick little perl script/irssi plugin that allows you to update twitter from irssi. It also has autocompletion for names from your friends and follower list. You can get it here: http://devtoo.net/svn/twitter/twitter.pl

To use this script place it in ~/.irssi/scripts and then type /load twitter.pl in irssi

Usage:
/twitter u I’m updating twitter from irssi
/twitter d sontek I’m direct messasging sontek from irssi

DISCLAIMER: First perl script I’ve ever written, i’m sure I’ve done things wrong.

Hans and I were discussing QoS the other day, specifically regarding using Wondershaper from the LARTC. I had managed to mess mine up and I subsequently noticed a horrible turn for the worse in my VoIP calls. Wondershaper has to be adapted for use by OpenWRT and in the process I misspelled sch_ingress.o as sch_insmod.o. Too much insmodding that day, I think. The net effect was that download speeds were not shaped at all.

Once I got it corrected, I decided to do a few tests just to confirm that using Wondershaper actually made a difference. I'll cut to the chase for the lazy: it did. I made 45 second calls to music on hold from my softphone, Twinkle. In the background I had Wireshark running. I used the RTP analyzer in Wireshark to look at the statistics after all was said and done. I used both versions of Wondershaper, the CBQ and HTB. I had a single download running the whole time eating up all spare bandwidth.

With no shaping: 4.4% loss (95 packets), 60ms jitter
With CBQ Wondershaper: 0.2% loss (5 packets), 35ms jitter
With HTB Wondershaper: 0.3% loss (6 packets), 28ms jitter

So my unscientific conclusion is that both versions of Wondershaper work about the same and they both make a huge difference. I could easily hear the packet loss on the first call, but not so much on the other two calls.

read more

I built a Twinkle 1.1 Ubuntu package the other day. I wanted to try out the new buddy lists feature and the currently available version is only 1.0.1. This package is built on Gutsy Gibbon. I make no warranties of its successful functioning on your machine. But it does work just fine for me.

twinkle_1.1-0_i386.deb

read more

Another great opinion on Net Neutrality which closely (if not exactly) mirrors my own. For those too lazy to go and read for themselves, here's a quick snippet.

We need policy to help cut a path for more competition, rather than protecting incumbents -- a Bandwidth Competition Act of 2008, not bogus net neutrality. All takers should be allowed access to poles or underground conduits. This is where neutrality should be enforced, instead of being a choke point.

As I've long said, a government bureaucracy isn't going to solve the problem. It's going to create less incentive for Internet companies (like mine, full disclosure) to even toss their hat in the ring. Try forming your own telephone system and you'll know what I mean. The rules are ridiculously complicated and it takes an army of lawyers to sort through them. Please please please don't turn the Internet into the phone system.

read more

So the more I work with Django the more I long for a solid development environment to work in. I use Wingware for much of my python development, with its rockin debugger and code completion, its more than I could ask for. Until the curse of the Java class. This quarter I’m taking a Java projects course, most of the class uses Eclipse but a few use Netbeans. My problem is, I got spoiled so fast by the incredible templates support, content suggestions, quick fixes and always dead on code completion. Going back to Wing feels like a halfway-there IDE. I know that pythons interpreted nature makes source completion much more difficult, now I would argue that with an interpreter, you could actually step through the code to some extent. However, I respect that dynamic objects are never gonna be easy to support. My beef is with the lack of support for super-popular frameworks (this goes for everybody!) Ruby on Rails has literally dozens of solid IDEs and a few that are just spectacular (see Aptana, or Netbeans). Why can’t I get even basic highlighting support for my Django templates? Why can’t I get any completion options on Models except my own?

Its just frustrating, Django is still a pleasure to develop in, even with just Gedit and a terminal, but is it really out of the question to consider providing a big pretty environment for those of us that like that?

I did dig up this and this. I guess its a step in the right direction, but its almost embarrassing next to the Rails environments.

Postfix is my MTA of choice. Recently I had a second opportunity to set up relaying from Postfix to Postfix, with TLS and authorization. Seeing how I remembered precious little from the first time, I decided it would be a good thing to blog on.

The documentation on doing this is really quite good, but you have to get acclimated to the acronym soup before it makes any sense at all. The first and most mysterious acronym is SASL.

SASL is the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. To use SASL, a protocol includes a command for identifying and authenticating a user to a server and for optionally negotiating protection of subsequent protocol interactions. If its use is negotiated, a security layer is inserted between the protocol and the connection.

If that's not a mouthful… Basically, SASL is a library and daemon that programs, like Postfix, can use to do authentication. The Postfix SASL Howto tells you all you need to know about configuring Postfix for Cyrus or Dovecot SASL. It also tells you how to configure either Dovecot or Cyrus SASL for Postfix.

I'm using Debian stable (4.0), and this is what I did. On both the client and server you need the postfix-tls package which includes SASL and TLS support for Postfix. On the server I had to install the sasl2-bin package (this is not at all obvious at first pass—I was looking for a saslauthd package). Then I had to enable saslauthd by editing /etc/default/saslauthd. The smtpd.conf file is in /etc/postfix/sasl on Debian, and it looks like this:

pwcheck_method: saslauthd
mech_list: PLAIN LOGIN

Here's the relevant snippet from /etc/postfix/main.cf:

smtpd_sasl_auth_enable = yes
smtpd_sasl_application_name = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions = 
    permit_mynetworks
    permit_sasl_authenticated
    reject_unauth_destination

Now, there's a problem. Debian runs Postfix in a chroot jail by default, which means you need to make special provision for Postfix to be able to find the saslauthd socket. This can be as easy as

mv /var/run/saslauthd/ /var/spool/postfix/var/run/
ln -s /var/spool/postfix/var/run/saslauthd/ /var/run/

You may also need to adduser postfix sasl, though I'm not sure if this is necessary.

That's it for the server. Now, on the client you need this in /etc/postfix/main.cf:

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
relayhost = [mail.example.com]
smtp_sasl_security_options = noanonymous

/etc/postfix/sasl_passwd looks like this:

[mail.example.com] username:password

You need to postmap /etc/postfix/sasl_passwd after changing it.

Now, authentication is well and good, but you don't want to be sending those passwords in the clear, especially when using the default PAM authentication source. So, you also need to configure TLS.

The Postfix TLS README tells you all you need to know for this. You need to create a certificate for the server, enable the use of TLS on both sides, and tell the server not to accept authentication without TLS. That last bit is perhaps the most vital element for security, though of course it does nothing to help you get TLS actually working. Here's the config snippet:

# client
smtp_use_tls = yes # This option deprecated in later versions of Postfix

# server
smtpd_tls_CAfile = /etc/ssl/CA/cacert.pem
smtpd_tls_cert_file = /etc/ssl/certs/mail.pem
smtpd_tls_key_file = /etc/ssl/private/mail.pem
tls_random_source = dev:/dev/urandom
smtpd_tls_loglevel = 1
smtpd_use_tls = yes # also deprecated

Creating the certificates is nothing extraordinary, but this seems like a good time to post my /etc/ssl/README file:

self-signed:
    openssl req -new -nodes -out newreq.pem
    openssl x509 -req -signkey privkey.pem -in newreq.pem -out cert.pem

create CA:
openssl req -nodes -new -x509 -days 3650
    -keyout CA/private/cakey.pem -out CA/cacert.pem

generate request:
openssl req -new -text -nodes -keyout newkey.pem -out newreq.pem

sign request:
openssl ca -in newreq.pem -out newcert.pem -days $((365*2))

Don't forget to keep private keys private.

So there it is. Authentication and Encryption at your fingertips.

So I just finalized my registration for PyCon and booked my flight! I can’t even begin to express my excitement! If anyone else plans on attending, I made a wiki page for you to add your name to!

See you there!

From the terminal (emphasis mine):

aaron@kratos:~ 1268 % aptitude show aptitude
Package: aptitude
State: installed
Automatically installed: yes
Version: 0.4.6.1-1ubuntu3
Priority: important
Section: admin
Maintainer: Ubuntu Core Developers
Uncompressed Size: 9449k
Depends: libapt-pkg-libc6.6-6-4.5, libc6 (>= 2.6-1), libgcc1 (>= 1:4.2.1),
libncursesw5 (>= 5.6), libsigc++-2.0-0c2a (>= 2.0.2), libstdc++6 (>=
4.2.1)
Recommends: aptitude-doc-en | aptitude-doc, libparse-debianchangelog-perl
Suggests: tasksel, debtags
Description: terminal-based apt frontend
aptitude is a terminal-based apt frontend with a number of useful features,
including: a mutt-like syntax for matching packages in a flexible manner,
dselect-like persistence of user actions, the ability to retrieve and display
the Debian changelog of most packages, and a command-line mode similar to that
of apt-get.

aptitude is also Y2K-compliant, non-fattening, naturally cleansing, and
housebroken.

That’s good. I certainly wouldn’t want it “leaking” all over my computer.

Theres a discussion going on at reddit about PS1 ( here ).

Mine is:

PS1='\d \t\n\[\033[01;32m\]\u@\h\[\033[01;34m\] \w \n\$\[\033[00m\] ‘


and it looks like:


Wed Feb 20 01:09:15
sontek@inspidell ~
$


Thanks to Chris Crummer for pointing out the reddit post.

Linux handheld devices at SLLUG this week (Wed. Feb 20, 2008). Hope to see everyone there!

Meeting Topic:

The Salt Lake Linux Users Group (SLLUG) meeting will be held this week.

Brad Midgley will be presenting about linux handhelds and their wireless tech. He will touch on Bluetooth and talk about linux handhelds from Nokia, Openmoko, and Gumstix and bring them in to show off. Also featuring: ultrahub (usb hub plus xscale cpu), not really a handheld but good fun.

Time and place:

Date: Wednesday Feb. 20th, 2008
Time: 7:10pm
Place: Warnock Engineering Building (WEB) room 101 (Previously known as EMCB)
Cost: $0.00. Zip. Nada.

Directions/Parking:
Directions - [http://www.map.utah.edu/index.jsp?find=62]
Parking can be found just East of the WEB building and there is a big
lot just North of the Merrill Engineering building (MEB).
Parking is free after 6:00 (Based on the signs posted. Always check in
case this changes.)

Special thanks go to:
- Prof. Lepreau and the U of U for providing the meeting room.
- Various Volunteers

Disclaimer: I don’t know enough about Upstart to hold a low-level conversation about it. What I do know of Upstart is what I have read on the Ubuntu wiki, the Upstart FAQ and a few docs scattered here and there around the web. If I have misrepresented Upstart, its goals or intentions, or SysVinit for that matter, please email me and let me know. Thanks.

I recently discovered that Fedora 9 will be replacing SysVinit with Upstart. To me, this is good news. To others, maybe not so much. So, the question you may be asking is, what is SysVinit and what is upstart?

First, a little background. SysVinit, pronounced “System 5 init” or “Sys 5 init” or just “init” is a the first daemon that runs on a Unix or Linux system. As such, it typically has the PID of 1. Also, every other process also running on the box is a child process of init. What does this mean? It means that if you stop init, you will effectively stop every process on your box, basically inappropriately shutting down.

For many years, SysVinit has been the defacto in managing processes on your box. Not only processes, but also the order of booting and maintaining run levels, among other things. Because it has existed for so long, certainly there is no need to replace it. I mean, if there were issues with SysVinit, we would have discovered them by now, right? One would think.

Actually, developers the world over have noticed the shortcomings of SysVinit, and have made replacements, some of which are already deployed. Common ones include:

• initng- an init replacement designed to speed up boot by starting processes asynchronously.
• eINIT- similar to initng, but removing the need for shell scripts.
• Upstart- also similar to initng, but event driven. Developed by Scott Remnant, and used in Ubuntu.
• launchd- an init replacement designed by Apple found in Mac OS X.
• Service Management Utility- an init replacement developed my Sun and used since Solaris 10

So, why the need to replace SysVinit? Let’s look over some common scenarios, and see where SysVinit falls short. All of these scenarios can be found on the Replacementinit page of the Ubuntu wiki:

• Jean is a power user who wishes to use a USB disk for part of her filesystem. This currently frequently fails because the USB disk sometimes takes longer to initialize than the boot process takes to get to the point where it mounts the filesystem. She would rather the boot process was robust, and the disk was mounted when initialized.
• Corey is the administrator of a number of servers, and has problems with certain daemons that frequently crash. He would prefer the daemons to be automatically restarted if this happens, to avoid loss of service.
• iPod in, and remember to stop it afterwards. She would rather the system started and stopped the software automatically based on the presence of her iPod. (maybe edgy+1)
• Ethan is a software developer. He has a script that he wishes to run hourly, provided that the script is not still running from before. He would rather the task scheduler could take care of that for him, than have to reinvent a lock around the task. (edgy+1)
• Katie is a database administrator. She wishes the database to be automatically backed up whenever the server is shutdown, whether for upgrade or system reboot. There is currently no way for her to set a task to be run when a service is stopped.
• Justin is an ordinary user with a low-end system. He would rather services and hardware handlers were started only when needed, rather than on all systems.
• Carla is a system administrator. She needs to be able to tell which services failed to start on boot, examine why, and see which services are currently running.
• Thomas is a system administrator. He frequently gets frustrated that there is no consistency to how tasks are added to the system. A script to perform a task at shutdown must be written and activated completely differently to one performed when the system is started. (edgy+1)
• Marie is a security consultant. She has discovered several problems with processes that run task scripts not providing a consistent environment, including potential problems such as leaving file descriptors open. (edgy+1)
• Hugo is an ordinary user and has to frequently reboot his computer. He would prefer that shutting down and booting up took as little time as possible.
• Helen is an experienced UNIX user, with multiple years of experience. She does not wish to have to relearn that which she has learned already, and would rather continue using the tools that she is used to and only learn the newer ones when necessary.
• Matthieu is a distribution developer who maintains several packages that provide services or perform tasks. He does not want to have to update his packages until he is ready to take advantage of new features or abilities, his existing scripts should continue to work unmodified in their original locations.

If you read through that list, hopefully you can see where SysVinit falls short. Because of the dynamic nature of removable hardware, and a very robust kernel, SysVinit no longer meets the needs of our users. We need something more. Something that will speed up the boot process. Something that will launch processes based on events. Thus, the reason for Upstart.

The idea of an event driven system is nothing new. Crond, atd and inetd are all event driven tools that we’ve used on Unix and Linux for years. So, why not start jobs based on listening events, such as plugging in a USB disk, mounting /usr when needed and unmounting when not needed, etc? This is the design of Upstart.

First off, Upstart is 100% backwards compatible with SysVinit scripts. All of your /etc/init.d/ goodness is still available. We want to meet those use cases listed above, without modifying existing init scripts. Further, because Upstart is event driven, we can also replace crond, atd and inetd, while still maintaining backwards compatibility.

Ubuntu has been using Upstart since their 6.10 release. Nearly 18 months later, the reception of Upstart has been largely positive to the point that the Fedora Project is replacing init with Upstart in their Fedora 9 release. This also means it’s very likely that we’ll see it filter it’s way to RHEL 6, which means CentOS and even OEL. Other Linux and Unix variants are also encouraged to drop the aging SysVinit with Upstart.

It just makes sense.

The lastest alpha of openSUSE 11 is out.  Here is the link to the iso images.

Updated:

A link to the official announcement.

My bud Hans and I tonight tested out encrypted VoIP with ZRTP. I noticed a while back that Twinkle supports it and have wanted to test it out, but none of my desk phones support ZRTP.

It was fun. When the call terminated, Twinkle displayed a cute message about verifying the SAS (short authentication string). It was 4 character (hprj, if you're curious) that represented our encryption key. It's the way ZRTP verifies that a man-in-the-middle attack is not underway. There was a padlock icon which we both clicked to verify that the SAS was correct. I'm not sure what if anything happened because of that, except that we both verified that our SIP phones have not been tapped by the feds.

In the SDP, ZRTP is advertised with "a=zrtp". It's not a separate protocol per se. The actual codec was selected through the normal means (we used speex/16000). Looking at the RTP data, I see a whole bunch of "AES256", "SHA256" and "DH4096". Presumably that's part of the ZRTP negotiation. I didn't delve further. What I see though is that the encrypted data is simply represented as Speex RTP, but the actual data has been scrambled so it would be meaningless to a passerby.

Based on this testing, I predict good things for ZRTP. It was quite painless to use as a caller. As long as it's enabled by default in the phone, there's really nothing else that a user has to do to use it. The SAS is short and you only have to verify it if you care. Phil Zimmerman says that you don't even have to verify the SAS every time. Just once in a while is good enough. And obviously anytime you're conducting private business (which is not the same thing as illegal business). The simple fact that ZRTP is used every time means that you can't tell whether a call is valuable or not just based on it being encrypted.

The one possible failure of ZRTP is that it doesn't hide any of the signalling data, so a spy would be able to see who you were calling. That problem would be quite hard to solve. I'm not sure of the benefit either as the cost to mask that information is much higher. You pretty much have to know all the routing information ahead of time. Even then, an eavesdropper could still see the two IP addresses involved, which will give away some amount of information. So for now, ZRTP is a good solution.

read more

Go check it out.  Nothing more to say.

So I've started following and using twitter far more than I was before. Its really a quite awesome and addictive service, and while I have noticed dozens of slick ways to update twitter, there aren't many easy ways to track your personal Timeline. I decided I wanted a more notification oriented system, so I started to hack apart the gnome-blog applet, and make a little twitter daemon who checks for new updates and uses libnotify to show some lovely notifications. Now it really only monitors feeds now, but I'm planning on hacking up some basic posting abilities in the near future. Anyways, an obligatory screenshot is below:


Anyways, I'd like to vent about 3 problems I see with the state of things at Gnome.

1) Autotools! Blah! NO ONE LIKES THEM! I honestly spent about 50% of my time getting the build to work right, it was painful and a major hurdle to getting started. I know we haven''t really found something that offers the same functionality, but seriously, can't we just beef up waf or something? Not saying I have a solution, just saying we need one if we are going to continue to attract new developers.

2) Bonobo/Gnome-Panel/Applets API: Overly complicated, a pain to test/setup. What are we doing? When KDE4 just dropped the most intuitive widgeting system around on us (and Google Gadgets is popular on other platforms) why can't we take some hints from them? Don't get me wrong, some applets are best written in C and bound to a factory process. But really, for everyday hacks and widgets, we NEED a simple and powerful system, and soon. Webkit provides the perfect engine for us to work from, but we don't have to go with XHTML/CSS/JS. One of the new open Flash platforms is fine, or Moonlight could be awesome. Really, there are tons of options, the pyro desktop could be a start, I'm open to ideas.

3) Project Space: This will probably never be an official Gnome desktop project, but its kinda cool and fun, and I had to host it at Google Code (My only other real option was launchpad) we should really set something up like what fdo has with some personal Git or Hg space to store relevant, but not-yet-ready projects. The wiki is enough for pages on theme, but we need some hosting.