Up to Something

OpenVZ can have various heinous problems with udev. Most often, you cannot enter the VZ from the admin, and you cannot connnect via SSH.

beast / # vzenter 51
enter into VE 51 failed
Unable to open pty: No such file or directory

In Fedora you can make a simple change to /etc/udev/makedev.d/50-udev.nodes

--- 50-udev.nodes~      2008-01-10 16:00:08.000000000 +0000
+++ 50-udev.nodes       2008-07-30 15:44:07.223092644 +0000
@@ -1,4 +1,5 @@
 # These device have to be created manually
+ptmx
 tty1
 tty2
 tty3

e.g. Simply just add ‘ptmx’ to the file someplace. This is fairly simple and seems to work very well.

I love flac files, and I always rip my CDs in EAC - straight to FLAC. The problem is that a couple months ago I was transfering some of my older music to my MacBook and I discovered something awful. The horror known as iTunes doesn’t grok Flac. I failed to find a single plugin.

First, I sought to convert my FLACs to ALEs - because it’s rad. But I gave up. I finally discovered someone already having written what I wanted - in python - w00t.

flac2mp is an awesome little script. He got it from “ogg 2mp3”, and I like it.

We win again. I wanted to run Scalix for a client, inside of a VE/CT/whatever, and I tried using Fedora Core 7 to do so. I was unable to make the installer work and didn’t see much in the way of help from Scalix. Here is a link to the Bugzilla page. (Login Required) Here are the important bits. Aside from discouragement I didn’t get anything from Florian… Nothing except responses that was. No one else seems to give a damn if I even exist.

Whatever. The point is that with some minor extra-effort, Scalix does indeed work inside of an OpenVZ container on Linux. My host OS is gentoo, running 2.6.18-028stab053.

The Scalix package is pretty great, just up the Java memory once you have it running. The instances (two) on a system shared by two different companies work great. We migrated to Scalix from Kolab. Outlook users (all two) are happy. Thunderbird users didn’t see too much of a change.

Yay for us.

We were messing w/ Postfix and Cyrus IMAPD today. Our prime goal was making a sensical approach to authenticating against a PostgreSQL-based directory. LDAP (OpenLDAP and FDS) based tools sucks for most people. Using native-box-auth is actually quite messy. The mail data cannot be easily associated with the users. You end up with data spread everywhere.

Our basic tenants are:

• Simple Database Schema - there is no need for a highly relational approach for something so simple.
• Embedded procedures where possible.
• Simple front-end.

My esteemed colleague John implemented our thoughts. He ended up with a few PGSQL functions, a couple views and a very straight-forward process.

The actual setup for IMAPD and Postfix is nearly as simple. He will be documenting it at his site later. For now, we wanted to verify the actual behaviour of postfix and imapd during SASL auth in realtime. We turned to inotify. I install pyinotify, and used thier Quick Start script. This ended up leaving me a simple script which monitored the directories which I wanted.

This will not show you files which failed to open. But it does good enough.

import os
from pyinotify import WatchManager, Notifier, ThreadedNotifier, EventsCodes, ProcessEvent

wm = WatchManager()

mask = EventsCodes.IN_DELETE | EventsCodes.IN_ACCESS | EventsCodes.IN_OPEN | EventsCodes.IN_CREATE  # watched events

class PTmp(ProcessEvent):
    def process_IN_CREATE(self, event):
        print "Create: %s" %  os.path.join(event.path, event.name)

    def process_IN_DELETE(self, event):
        print "Remove: %s" %  os.path.join(event.path, event.name)

    def process_IN_ACCESS(self, event):
        print "Access: %s" % os.path.join(event.path, event.name)

    def process_IN_OPEN(self,event):
        print "Open: %s" % os.path.join(event.path, event.name)


notifier = Notifier(wm, PTmp())
wdd = wm.add_watch('/etc', mask, rec=True)
wdd = wm.add_watch('/usr/lib/sasl2', mask, rec=True)

while True:  # loop forever
    try:
        # process the queue of events as explained above
        notifier.process_events()
        if notifier.check_events():
            # read notified events and enqeue them
            notifier.read_events()
        # you can do some tasks here...
    except KeyboardInterrupt:
        # destroy the inotify's instance on this interrupt (stop monitoring)
        notifier.stop()
        break

In order to get Ahsay working behind and SSL proxy which passes traffic to port 80, you have to modify your conf/server.xml and set a few settings on ol’ Nginx.

Add to your server.xml, non-SSL connector declaration

scheme="https" secure="false" proxyPort="443" redirectPort="443"

nginx config section

    proxy_pass      http://127.0.0.1:9080;
    proxy_redirect  http://archive.myisteam.com      https://archive.myisteam.com;
    proxy_redirect  http://archive.myisteam.com:80   https://archive.myisteam.com;
    proxy_redirect  https://archive.myisteam.com:80  https://archive.myisteam.com;

.....

Apart from that, it’s perfectly normal

Special thanks to Cliff Wells. For Tireless effort in the face of java.

Thanks as well to the Apache Documentation efforts. Tomcat Connector Docs

If you have to work in networks with any Windows products, coupled with MSDE or SQL Express you will eventually run into memory consumption problems. Apparently no GUI interface deals with it. I have seen numerous complaints on the Internet for sqlservr.exe consuming loads of memory. Some psychos recommend “uninstalling and re SBS Diva has a great article which I will here condense:

osql is the command-line tool for monkeying with MS-SQL200*.

c:\> osql -E -S MYSERVER\instancename
1>

So, first add the “Process ID” column to Task Manager. Note the PID of the offending SQL process. Next, open command prompt, and run tasklist /svc. Locate the PID matching the process, and find the name you want:

sqlservr.exe                  1972 MSSQL$SBSMONITORING
sqlservr.exe                  2020 MSSQL$SHAREPOINT

The part after the ‘$’ is the instancename. (Hopefully you already know your machinename.)

Once you have the instance, run osql as shown above.

c:\> osql -E -S MYSERVER\instancename
1> sp_configure 'max server memory',128
2> reconfigure with override
3> go

max server memory: this option is in megabytes. This will change the ‘MSSQL$INSTANCENAME’ to operate at 128 Megabytes. (When set this way, most of my instances reported between 160M and 180M when in use.)

Notes

It’s simple to list all of the configured parameters for the server, simply load osql, as shown above, and run:

1> sp_configure 'show advanced options',1
2> reconfigure
3> go
1> sp_configure
2> go

That will dump all the configured options. It of course enabled advanced options.

Everyone needs a decent IP port forwarder, once in a while. Here are three great ones:

• Thread-based, this is my most frequently used.
• Async-Core - recently used when the threaded model wouldn’t forward an ssh session (???)
• Pinhole - another threaded implementation.

The Async-core version is clearly the hottest. It runs as slick as can be, and (at least for low-b/w) it was staggeringly quick.

I setup VMWare Server on Gentoo the other day. It was pretty much easy. After install, cleanup all the .vmware folders in various home directories. Assign users with priv's to the 'vmware' group.

User Setup

gpasswd -a vmadmin vmware

Run the vmware-config.pl - Note the network numbers.

Network Setup

e.g.

• Host-only: 172.16.42.0/24
• NAT: 10.51.1.0/24

Vmware will NAT on the 10.51.1.0 network. Linux will have something like:

• vmnet0 172.16.42.1
• vmnet8 10.51.1.1

Next, fixup /etc/xinetd.d/vmware-authd

--- vmware-authd~       2007-10-13 13:26:18.830128814 -0700
+++ vmware-authd        2007-10-13 13:36:42.833942428 -0700
@@ -10,5 +10,5 @@
     user            = root
     server          = /opt/vmware/server/sbin/vmware-authd
     type            = unlisted
-    only_from      =
+    only_from      = 0.0.0.0/0
 }

Firewall Setup

Once you get a guest running, you discover that DHCP on the NAT network provides a gateway of 10.51.1.2. That is great for VMWare-based NAT setup. See /etc/vmware/vmnetX/nat/nat.conf to tweak the NAT settings. I wanted to use shorewall, complete with NAT and port forwarding. I installed/configured shorewall. After that, I setup the NAT and port-forwarding rules. Finally, I connected to the Guest OSs which I wanted to expose, assigned static IPs and set thier default gateway to .1 instead of .2. This effectively removed them from the control of VMware nat. And that was is awesome.

I have a Novatel EX720 Merlin EV-DO RevA PC-Express wireless card. It is actually a USB device that attaches via the PC slot. I use it with my MacBook Pro. When I purchased it, activation was unavailable from OS X. However, I was able to activate using Parallels. I booted Windows XP, clicked to attach the USB device and then installed the Connection Manager Software.

After install, everything worked great, it activated and things were good. The firmware update failed, it kept complaining about raw-device access errors. Later, while attempting to find a Windows Laptop with PC Express Support, I discovered an important fact about Dell PC owners: They don’t know that they have a PC Express Slot, even when they do!

So, after numerous assurances from Dell-using friends and the abject SHOCK at the lack of said PC Express slot, I wrested my friends Dell Latitude away from him. In 30 seconds I learned what he didn’t: it DOES have one. And people say that Mac Users are idiots. A short while (and significant chiding) later, I had the firmware updated and the card has worked well. Well, until today.

Today I plugged the card into my port and the Connection didn’t come up. I tried again. Nothing. I used Quicksilver, loaded Console.app and watched the system.log.

Oct  9 21:08:40 Tulkas kernel[0]: USBF: 21191.524   [0x4d8fe00] The IOUSBFamily is having trouble enumerating a USB device that has been plugged in.  It will keep retrying.  (Port 1 of hub @ location: 0x5d000000)
Oct  9 21:08:47 Tulkas kernel[0]: USBF: 21198.964   [0x4d8fe00] The IOUSBFamily was not able to enumerate a device.

Oh… Discordia. After a short call w/ Sprint the operator preferred that I go borrow a Windows PC to troubleshoot. I told him that if he had a firm conviction that some firmware/driver/whatever hack would return this to functionality, I would do it. He finally just said, “Sir, it’s really your choice”. So I offered to try it, provided that he got the RMA rolling.

Congratz Sprint! Better customer service that I expected, and better service than most of my friends have ever had.

There is a far and wide search for media players under linux is difficult. Cliff found Exaile, something that people have been raving about since January. Give it a try. It’s Cliff’s flavor of the week.