21 Aug 2012, 16:12

Perl Tutorials

Looking for Perl Tutorials? Go ahead: http://perl-tutorial.org/.

08 Apr 2012, 08:00

No CACert in Ubuntu?

It looks like that the CACert Root Certificate is not included in Ubuntu by default. Why did they choose not to support this authority?

This wiki page lists some pointers, but it’s annoying anyway.

03 Apr 2012, 19:38

Ubuntu on ThinkPad X220

Recently I’ve got my hands on a new ThinkPad X220 (not mine, though :( ) and tried Ubuntu on it.

For various reasons I didn’t want to get rid of the pre-installed windows, so I’ve decided to go for dual-boot. When I got the ThinkPad it had three partitions. One Windows Partition, one Recovery Partition and one EFI partition I think.

I was just about the boot it with a gparted book disk when I discovered that Windows is able to resize it’s own partion. So I shrunk the Windows NTFS partition to about 50% of the initial size and made space for Ubuntu. Afterwards I’ve lauched the Precise Penguin (12.04) Installer and created a small boot partition and a large, encrypted, LVM partition. I did so using a TFTP-netboot installer image, since the graphical installer doesn’t support this. I made this experience when I did install Ubuntu on an X220 the last time (also not mine, bad luck).

After the installation was finish I’ve booted into the new system and got … nothing. Only a blank screen. However the disk was busy so I suspected that there was some issue w/ the graphics. Since the X220 is equipped w/ a Intel HD3000 Chipset (i915 Kernel Module), I thought that was unlikely. It turned out that I was able to switch to another VT using CTRL+ALT+F1, log in and install “Ubuntu Desktop” using “tasksel”. It seems the netboot installer didn’t pull in this task. Afterwards I was able to login to Gnome.

The last step was to tweak the power usage a little, head over to this post for the details on how to do it using powertop. However powertop, so far, has no way of storing the tuneable permanently. So you should install the package “laptop-mode-tools” which does most of the tweak for you.

However, this has one major drawback so far (tested on X220 and X220i with 11.10 and 12.04, same results): Shutdown is broken. Everytime I shut the ThinkPad down it immedeately reboots. This is annoying and I’m still investigating this issue. Update: It seems to be an ACPI issue in the kernel. See Ubuntu Bug #972722 for more details.

If you’re going to buy a ThinkPad be very, very alert about the little differences. Lenovo sells entirely different hardware under the ThinkPad brand with only minor variations in the naming. The ThinkPad X220 and X220i are basically the same. The X220i just got a Core i3 CPU which isn’t available for the regular X220. But the X220 Tablet is totally different and so are the other so-called “ThinkPads”. Some are what you expect from a “ThinkPad” (if you’re used to IBM ThinkPads), but some are really, really poor quality. I’ve seen one which didn’t deserve the name ThinkPad at all. If you ask me Lenovo is hurting itself by weakening this really strong brand but apparently they are happy with it …

Update: I’d suggest to get the Mini Dock 3 instead of the UltraBase. The Mini Dock comes with the 90W Power-Supply and two DVI outlets.

Update: If you wonder how to insert the SIM card for the WWAN module, see this page.

19 Mar 2012, 19:18

Pepper SCM

I’ve been looking for a decent SCM statistic tool for some time. Recently I’ve stumbled across Pepper.

Having a strong aversion against non-packaged installations I’ve created a Debian package.

You can grab my packages from packages.gauner.org (see the VBoxAdm download page for information on how to set the repo up).

apt-get install pepper
It will pull in the git, mercurial-common, asciidoc and xmlto packages.

19 Feb 2012, 22:08

DJabberd for Debian

DJabberd is a nice, small Jabber daemon written in Perl. After being fed up by ejabberd I gave DJabberd a try and it was well worth it.

OOTB it was a bit difficult to setup, but after creating proper debian packages it works pretty well.

You can grab my packages from packages.gauner.org (see the VBoxAdm download page for information on how to set the repo up).

apt-get install djabberd libdjabberd-authen-htdigest-perl libdjabberd-rosterstorage-sqlite-perl
You can find my modifications at GitHub: https://github.com/dominikschulz

28 Jun 2011, 08:00

VMWare ESXi - Commandline Tools

Rebooting VMWare ESXi VMs from the Hypervisor Shell:

vim-cmd vmsvc/getallvms
vim-cmd vmsvc/power.reboot NN

19 Feb 2011, 12:47

Dell iDRAC6 - Reset Password

If you happen to forget your iDRAC Password you can change it from within the running OS. First you need to install Dell OpenManage and then you can use this command to change your password:

/opt/dell/srvadmin/bin/idracadm config -g cfgUserAdmin -i 2 -o cfgUserAdminPassword “NEWPASSWORD”

06 Feb 2011, 09:51

Debian Squeeze Highlights

My personal highlights of this great Debian release are the availability of a special non-free netinst CD including the firmware needed by all those nasty Broadcom NICs and the possibility to just cat any CD image onto an USB stick for installation. No more messing about with “hd-media”.

01 Jan 2011, 14:50

IPTables Passive FTP Connection Tracking on non-standard ports

Ever tried to run a Linux FTP Server behind a IPTables firwall on non-standard ports, i.e. not on port 21?

The problem is that the FTP connection tracking module nf_conntrack_ftp only watches port 21. If you want to use other ports the module must be loaded with the parameter

ports=21,5367

if you want to run an ftp server on port 21 and one on port 5367. The usual other iptables rules apply, too.

29 Jun 2010, 14:56

Perl Best Practices

Recently I’ve read a really interesting book. A book every perl developer should read. At least have a look at Appendix B which lists all guidelines in a brief summary.

12 May 2010, 16:38

DENIC FAIL

Denic fails to maintain the german nameservers

This is was it looks like when most of the german nameservers are down. This image shows the traffic of popular .de site. The drop isn’t remotely as sharp as I thought it would be.

29 Apr 2010, 15:16

Perl: Wide character in print

Wanna get rid of these annoying “Wide character in print” warning perl gives you sometimes when dealing with unicode/UTF-8?

Use

binmode(STDOUT, “:utf8”);
on STDOUT or the appropriate filehandle, and perl will treat it as UTF-8 capable.

You could also use the “-CSDA” option to tell perl that.

Before:

#!/usr/bin/perl -w
use charnames ‘:full’;
print “\N{GREEK CAPITAL LETTER DELTA}\n”;

Gives:

./wide_char.pl
Wide character in print at ./wide_char.pl line 9.
Δ

After:

#!/usr/bin/perl -w
use charnames ‘:full’;
binmode(STDOUT, “:utf8”);
print “\N{GREEK CAPITAL LETTER DELTA}\n”;

14 Mar 2010, 12:22

udev Notes

udevinfo was renamed to/replaced by udevadm in Debian sid. Must tutorials still refer to udevinfo.

A udev rule that works on sid w/o warnings would be something like this for a garmin gps device:

# cat /etc/udev/rules.d/51-garmin.rules
ATTR{idVendor}==“091e”, ATTR{idProduct}==“0003”, MODE=“666”, SYMLINK+=“GarminGPS”

22 Feb 2010, 23:35

Unpacking initramfs

Quick-Note: cat /boot/initrd.img | gzip -d | cpio -i -H newc

04 Feb 2010, 13:04

Opt-Out from Ad-Networks

Just two links where you can opt-out from popular advertising networks: Google and NAI.

03 Feb 2010, 16:46

mount.nfs: Operation not permitted on Debian sid

When I tried to mount an NFSv3 share from an Debian etch host I’ve got the error “mount.nfs: Operation not permitted”.

The solution was to force mount.nfs to NFSv3: mount -t nfs -o nfsvers=3 server:/share /mnt

Thanks to this post.

03 Feb 2010, 13:34

Linux Containers vs. Linux Vservers

Since Linux-Vservers seem to be having a hard time in Debian and the Vserver maintainers probably aren’t going to go the same way as the OpenVZ maintainers who promissed to get OpenVZ in shape for Debian, it’s time to look for alternatives. If you want to stay with contextualization, a lightweight form of virtualization, there is only a limited set of options. According to KernelNewbies TechComparison of virtualization techniques there are only a mere three approaches which go for contextualization (also called containers).

There three are

Since I have objections to OpenVZ, which, despite its cool features like live migration, are keeping me away from it, it’s time to look for LXC.

The one killer-argument of LXC is that it is mainline, meaning that is has been submitted to and accepted by the linux official kernel tree and doesn’t need any patches. So you can expect LXC to be fully usable starting with Kernel 2.6.29, which should be available in most stable distributions by now. To make full use of LXC you’ll need the userland tools as well. They are available from Sourceforge and as a Debian Package in squeeze (currently testing). However backporting them to lenny (currently stable) shouldn’t be hard since lenny fullfills all dependencies and it should only be a matter of installing the package from squeeze by hand.

So far LXC looks very promising but still a bit rough about the edges. I’m not going to present a more detailed howto here, yet. Please have a look at this five minute guide to LXC instead.

I’m working on the lxc-debian tools to improve them; have look at my git repository. I’m planning to write a Vserver to LXC conversion tool. Hopefully I can push my work upstream sometime. I really like to try to concentrate the work into one coordinated project.

If your curios about the development of LXC, you should subscribe to the LXC mailinglists lxc-devel and lxc-users at sf.net.

Update: Two more links regarding LXC. The LXC HOWTO and “LXC containers or extremely fast virtualization”.

02 Feb 2010, 10:52

A380 at the Matterhorm

The Swiss Luftwaffe has released some impressing fotos of the A380 in front of the Matterhorn. Here’s a teaser:

If you click on the image you’ll get a larger image. In the far right is the well known Matterhorn. In front is the A380 just above a F/A-18C Hornet from the Swiss Luftwaffe. In the background you see a part of the ski-region Zermatt-Cervinia. Just off the image on the left side would be the Klein-Matterhorn and the Gobba di Rollin. This is the starting point of the Theodulglacier. Nearby you can see some ski lifts and ski tracks leading to and from the Pleatau Rosa/Testa Grigia, which is the border to Italy.

23 Jan 2010, 20:02

Resize a LUKS Partition on LVM

Resizing LVM LVs is great, but how to do this with an encrypted partition?

umount /myfs
fsck.ext3 -C 0 -f /dev/mapper/myfs
cryptsetup luksClose myfs
lvextend -l+10 /dev/myvg/mylv
cryptsetup luksOpen /dev/myvg/mylv myfs
cryptsetup –verbose resize myfs
mount  /dev/mapper/myfs /myfs
umount /myfs
fsck.ext3 -f /dev/mapper/myfs
resize2fs /dev/mapper/myfs
fsck.ext2 -f /dev/mapper/myfs
mount /dev/mapper/myfs /myfs
via linux.kernel.device-mapper.dm-crypt.

20 Oct 2009, 17:32

OpenStreetMap on Garmin with mkgmap

Due to simplicity I’ve always used pre-compiled OSM maps for my Garmin. Since they are only available for certain pre-defined areas there is a slight lack of comfort, since I did need to change the whole gmapsupp.img every time I’ve moved out of the loaded area. Today I tried mkgmap to comile my own set of tiles into a gmapsupp.img and it did work great. I took a map of germany and added some areas I did also want to visit. At first I couldn’t believe how fast mkgmap had processed the tiles, but the output was a valid gmapsupp.img and after transfering to the Garmin it did work flaslessly.

How to create your own gmapsupp.img:

This will result in a gmapsupp.img file that you can transfer to your Garmin.

23 Sep 2009, 10:01

Upgrading Debian from i386 to AMD64

I just stumbled across a really nice tutorial on how to upgrade Debian from i386 to AMD64. Go, read it.

30 Jun 2009, 08:24

Perl DBI is not thread-safe!?

Recently I encountered the warning “Use of uninitialized value in null operation during global destruction” when working with DBI and threads, although DBI was not used inside the threaded code it did apparently have side-effects. The solution to this was to disconnect from the DB before entering the threaded code and reconnecting after all threads were launched.

14 Jun 2009, 08:00

Connection Tracking Stats

Get a list of ips with the most tracked connections:

cat /proc/net/ip_conntrack | awk ‘{ print $4; }’ | sort | uniq -c -d | sort -n -r

11 Jun 2009, 20:29

Sum the size of your logfiles

Find out how much space is occupied by your logfiles. Usefull in /var/log et al.

find . -type f -name “*.log” -size +2048 -exec du -s {} \; | awk ‘{ SUM += $1; } END { print SUM/1024/1024 }’

01 Jun 2009, 17:48

A day with GIT

After using CVS a short time and SVN for several year I’ve finally seem to have found a proper SCM/RCS. I’ve spent some hours reading the Git User’s Manual, the Gitturorial, the Git SVN Crash Course as well as several Man pages. It really looks like I’ve found an SCM that is cappable of what I expect from it. Of course time has to proove if it is less problematic than SVN - at least - sometimes is.

22 Apr 2009, 11:09

Beware the Four Horsemen

Beware the Four Horsemen of the Information Apocalypse: terrorists, drug dealers, kidnappers, and child pornographers. Seems like you can scare any public into allowing the government to do anything with those four.
[1] - Bruce Schneier

19 Apr 2009, 00:01

tcpdump and IPv6

To monitor IPv6 traffic using tcpdump you can use the option “-i ip6”:

tcpdump -i ethX ip6

16 Apr 2009, 18:02

gpsbabel on kernel 2.6.28

It seems that gpsbabel was broken with recent linux kernels until 2.6.28.2. Luckily they did fix it.

08 Apr 2009, 11:58

T-Online Hijacking

It seems like T-Online is hijacking unused domains and providing it’s users with “Navigationshilfe”.

t-online-domain-hijack

24 Mar 2009, 09:00

Linux-Vserver: Restore lost context

To restore the context of a vserver, in case it is lost, use this command:

vuname –xid <XID> -s -t context=“/etc/vservers/”
Replace <XID> with a valid context id.

16 Mar 2009, 22:52

This Blog via IPv6

This blog should be available via IPv6 again thanks to HE and lightttpd.

09 Mar 2009, 11:46

Heise.de via IPv6

I’ve just discovered that heise.de is available over IPv6 at www.six.heise.de. Really nice.

Update: Now they’ve officially announced this feature.

24 Feb 2009, 17:39

iotop on custom kernels

You need to enable these options to be able to run iotop on custom built linux kernels: CONFIG_TASKSTATS=y CONFIG_TASK_DELAY_ACCT=y CONFIG_TASK_XACCT=y CONFIG_TASK_IO_ACCOUNTING=y See the Arch Linux Forum for more details.

23 Feb 2009, 20:49

Broadband funding only for IPv6-enabled Connections? Yes, please!

Finally some good ideas. Some guys from the Hasso-Plattner-Institut in Potsdam, suggests that ISPs should only receive funding from the federal government if they offer IPv6-enabled connection to their customers. Now that is really a great idea. Since Windows Vista every major operation system supports IPv6 as well as the majority of the internet does except for the end-customer connections which are not capable of IPv6. If the government provides a financial appeal, there will be IPv6 connection very, very soon.

So, valued politicians, please do the right thing: support this propsal. It sounds great to me.

23 Feb 2009, 20:42

Google sponsors OpenStreetMaps

I was quite astonished to hear that Google, yeah those “Gooogle Maps” guys, did support OpenStreetMaps with £5000. I thought they are competitors? Perhaps Google does understand what Microsoft doesn’t: You can’t compete with OpenSource - you can only adapt to it.

23 Feb 2009, 20:42

GTA4 - Story completed

Did I mention that I’m playing GTA 4 from time to time? Yesterday I managed to complete that last mission which I had to try again and again because Nico didn’t manage to pull himself into the helicopter. After the third or forth attempt I did some googl’ing and found the hint to “mash” the space bar. I’ve never heard that word before, but in the end I really did what it means: Hit your space button as fast as possible, repeadedly for some seconds until he managed to get into this forsaken helicopter. The rest of the mission was pretty staight forward. Follow the boat, get taken down by the AA missile, land hard on liberty island and catch the villain - Mission completed. All in all a really great game.

16 Feb 2009, 22:13

On the effect of cabling

I did, for a very long time, underestimate the effect of cabling on sound. I’ve never been an audiophile person, but today I’ve spent a (very small) fortune on cabling and I’m very impressed how good these old speakers sound. Who does need subwoofers when he’s got real stereo speakers? Long live Hi-Fi!

16 Feb 2009, 20:43

Upgrading etch to lenny

Upgrading etch to lenny is as easy a typing:

apt-get update && apt-get upgrade

Modifying your sources.list and the typing:

apt-get update && apt-get install apt && apt-get upgrade; apt-get dist-upgrade

Thats it! :)

Update: Don’t forget to install a new kernel image.

27 Jan 2009, 16:31

KDE 4.2

The next release of KDE, 4.2, should be released today. I’m already awaiting the annoncement. The packages are still underway to Debian experimental (some are stuck in NEW) and should arrive shortly.

Woooo!

25 Dec 2008, 19:39

Brother laser printer on Ubuntu

The Brother laser print are well supported on Ubuntu but unfortunately the drivers are not installed by default. The fastest way to get these printers working on Ubuntu is to install all brother-cups-wrapper-* drivers.

23 Dec 2008, 16:57

Clean up your Linux system

After some time most system get polluted with unnecessary files. This is holds for Windows as well as for Linux and probably also MacOS.

To clean-up your windows system there is plenty of Shareware available. For Linux there are especially two applications which I’d like to recommend:

  • fdupes - search for duplicate files
  • FSlint - search for duplicate files (and consolidate them with hardlinks), installed packages, invalid names and a lot more

03 Oct 2008, 10:01

KDE 4.1.2

The latest release of KDE 4.1, 4.1.2, is the second monthly bugfix and perfomance update of KDE. Although not yet officiall announced, the release is already tagged in the KDE SVN and available from Debian experimental. It has brought significat performance improvements and fixed at least one very annoying bug in KWin, which used to crash a every login on my system. Update: It still crashes sometimes, but not always.

27 Sep 2008, 13:39

Can't connect to X!

Whenever I “su” to work as root and start an X application I get thoese “Can’t connect to X!” errors. This happens because the X-Server is run by the respective user. To avoid this problem you can “forward” the Xauthority from the user to root.

Use this snippet in roots .bashrc:

if [ -n “$DISPLAY” ]; then
  export XAUTHORITY=“/home/<username>/.Xauthority”;
  export DISPLAY=”:0.0”;
fi

26 Sep 2008, 18:23

nfs: No such device

I was trying to mount an NFS share but the mount command failed with “nfs: No such device”. First I was a bit confused, but I soon found the reason: The kernel was compiled without NFS (client) support. D’Oh!

Just recompile the kernel with NFS client support and it will (probably) work.

17 Sep 2008, 10:07

GnuPG: Change the keyring location

There are several ways to tell GnuPG a custom keyring location.

  • Move .gnupg and set GNUPGHOME to the new location
  • Move .gnupg and use –homedir=<dir> on every invocation of GnuPG
  • Leave .gnupg, only move the keyring and set path to gpg.conf:
no-default-keyring
primary-keyring <dir>/pubring.gpg
secret-keyring <dir>/secring.gpg
trustdb-name <dir>/trustdb.gpg
keyring <dir>/pubring.gpg

17 Sep 2008, 08:06

GnuPG: Resource requirements

From time to time I let GnuPG refresh the public keys (–refresh-keys) and to my suprise it took over one hour, using one core at 100% and about 6GB of memory. This is bit too much, isn’t it?

13 Sep 2008, 12:46

MySQL: Replication hints

When you have to handle more queries than your DB is able to handle, if you want to improve reliability or if you don’t want to shut your db down for backups, then you’ll probably look at Replication. For MySQL there is a quite good howto in the official documentation but unfortunately some questions are left open.

First of all you should read the MySQL documentation related to replication. Its well written and contains much important information. If your are setting up exclusive slave nodes, i.e. nodes which only serve as slave and don’t contain data different from the master, you make sure that your slave won’t get corrupted if you set the whole DBMS into read only mode. Just add the line “read_only = 1” to your my.cnf. Put it below the server_id setting.

The MySQL documentation will tell you that you can use your DB dump to set up further slave nodes. That is right, but remember that you need to make a new DB dump as soon as the latest binlog, which was used during the dump, is expired, i.e. deleted/compressed by logrotate. You will get “file binlog.xxx not found” errors in the syslog of the slave if you don’t remember this. How long it takes for the binlog to expire depends on the load on your DB.

When you make a copy/dump of your DB you have basicly two options: Backup raw-table files or use mysqldump. It suggest you use mysqldump with the options lock-table and master data: “mysqldump –lock-tables –master-data –all-databases”. This will add the master-information (only binlog position and offset) to the dump. Don’t forget to set the other master information (host, port, user, pass, …) before you start the slave.

12 Sep 2008, 23:23

Secure Remote Storage with FUSE and encfs+sshfs

When you often the computer you work with and you want to have your important files at hand every time you can either carry them around with you on a USB-Stick - perferable encrypted - or you can keep them on a server somewhere. But you’ll probably want to encrypt them there, too. You never know who comes in posession of the data. Beware of the Stasi2.0! One way to achieve secure remote storage is powered by FUSE. With the help of FUSE, encfs and sshfs you can acomplish this task quiete easily. Just get a kernel with FUSE support and install encfs and sshfs. With the help of encfs you can create an encrypted directory (file-level encryption, no blockdevice, no fixed devices size but visible meta-data) and sshfs lets you put this directory on any server on which you have ssh access. Of course not everybody will have an SSH login to some always-on server, but you can easily combine encfs with other remote-storage FUSE drivers. For example GmailFS and there is probably also some WebDAV FUSE driver.

I did experience some problems with FUSE first. Make sure you are a member of the group fuse or else you will run into trouble. If you don’t use udev you may have to create the node /dev/fuse.

If you are unhappy with the performance/latency of this setup you should try to combine encfs toegehter with the NFS storage features of wua.la. Wua.la has some drawbacks, e.g. I wont trust the encryption, but with encfs this should be pretty safe.

Update: I have just tested this encfs inside Wuala, and it seems to work quite good.

I have hacked a small script that uses pinetry-* to ask for the password for the encrypted volume. Remember that it is only a quick hack.

Update II: There is also a german article on dropbox, which can be used instead of dropbox.

Update: Better use kdialog, see encfs Documentation on that topic.

#!/usr/bin/perl -w
# This script invokes pinetry-qt to ask for the encfs password
# written by Dominik Schulz &lt;lkml@ds.gauner.org&gt;
use IPC::Open2;
local (*READER, *WRITER);
my $pid = open2(\*READER, \*WRITER, "/usr/bin/pinentry-qt");
my $ret;
print WRITER "SETDESC Enter decryption Passwort for encfs:\n";
chomp($ret = &lt;READER&gt;);
print WRITER "SETPROMPT Password:\n";
chomp($ret = &lt;READER&gt;);
print WRITER "GETPIN\n";
chomp($ret = &lt;READER&gt;);
my $continue = 1;
my $pw = "";
while(chomp($ret = &lt;READER&gt;) &amp;&amp; $continue &gt; 0) {
  if($ret =~ /^D.*/) {
    $continue = 0;
    $pw = substr($ret,2);
  }
}
close READER;
close WRITER;
print "$pw\n";

You can use it in combination with the “–extpass” switch of encfs. For example

encfs --extpass=encfs-pinentry.pl ~/crypt-raw ~/crypt

10 Sep 2008, 12:46

This RRD was created on other architecture

Got trouble moving RRD files (e.g. munin) from one host to the other? Take a look at this: This RRD was created on other architecture

02 Sep 2008, 11:42

CACert Assurer Challenge

I did manage to pass the CACert Assurer Challenge on the first try, Yeah! :)

So if you want CACert assurance in the area of Frankfurt (Main)/Germany contact me and I’m sure we can arrange a meeting. I provide you with 25 Points for the WoT.

01 Sep 2008, 10:48

Debian lenny successor will be called squeeze

Luk Claes announced on the debian-devel-announce list the name of lennys successor, which will be squeeze, a three-eyed space alien.

Release name ~~~~~~~~~~~~ We will continue to use Toy Story character names for lenny’s successor, which will be called ``squeeze” (three-eyed space alien).

30 Aug 2008, 11:02

OpenStreetMap

Recently OpenStreetMap has got a lot of attention, at least in the german media, and of course everybody was comparing it to Google Maps and people started to compain that OSM is incomplete and will never reach the coverage as it has GMaps, but what I find impressive about OSM is the speed of advancements. Ever since I became aware of OSM, several months ago, I kept watching my hometown (<8000 inhabitants). In the beginning there were only two or three major streets in OSM but as of today nearly all streets, including tiny trails which you won’t find in any other map, were properly mapped.

27 Aug 2008, 14:35

KMail and PGP/MIME (GnuPG)

For some time now I was trying to setup KMail to work with GnuPG but I did always fail. I did RTFM, but apparently not close enough. After I did manage to get it working I did write down my experiences and like to share them with you. The result is a englisch Howto and an german Howto which try to explain how to setup KMail to use GnuPG. Have fun and notify me in case I made an mistake!

25 Aug 2008, 20:13

KDE4.1 - First impressions

After using KDE4.1 for some days I’m quite satisfied. Most of the applications perform very good and are stable. However, there are still several annoying bugs I have to deal with. They prevent me from recommending KDE 4.1 unrestrained to others.

The first bug when I login is that KWin crashes instantly. Sometimes it takes the whole X Server down but most times it just notifies me that it has crashed and is restarted. Then I can continue working. I did try to make a proper bug report, but as soon as I install the debug symbols KDE becomes unuseable at all. I’ll have to investigate this further as I have much interest in getting this bug fixed.

The second most annoying bug regards Dolphin and Konqueror or, the be precise, the metainformation framework (nepomuk or strigi, I’m not sure). As long as the “information” sidebar is enable Dolphin crashes instantly when I move the mouse over some file (not directory) and the backend tries to load the related information. This is super annoying but fortunately there is a simple workaround: just disable the information sidebar :)

But apart from this bugs I have to say: KDE4.1 rocks!

I especially like the new user interface, KWins compositing features, Dolphin (as long as it doesn’t crash) and Kopetes OTR plugin.

There are also some slight difficulties regarding KMail, but I hope these will be adressed until KDE4.2 when KMail is supposed to be based on Akonadi.

25 Aug 2008, 20:01

Linux: Change Groups without leaving current session

Ever wonderd how you could change your current group without ending your current session (i.e. logging out and in again)?

You can use newgrp to achieve this. Simply enter newgrp <desired group> and you’re done. Of course this only works for groups you are a member in or have the group password.

19 Aug 2008, 12:18

Eclipse/SWT - Context Menus on TreeViewers

When trying to create context menus of SWT TreeViewers I didn’t find much documentation on that issue and the snippets I found were quite confusing. Here is an approach that did work out for me. Please note that there are other ways to achieve this as well. public class TreeView extends ViewPart { … public void createPartControl(Composite parent) { … this.initContextMenu(); } private void initContextMenu() { // initalize the context menu MenuManager menuMgr = new MenuManager(“#PopupMenu”); //$NON-NLS-1$ menuMgr.setRemoveAllWhenShown(true); menuMgr.addMenuListener(new IMenuListener() { @Override public void menuAboutToShow(IMenuManager manager) { Action action = new Action() { public void run() { super.run(); // TODO do something } }; action.setText(“Title for Action”); manager.add(newEntry); } }); TreeViewer viewer = this.treeViewer; Menu menu = menuMgr.createContextMenu(viewer.getTree()); viewer.getTree().setMenu(menu); getSite().registerContextMenu(menuMgr, viewer); }

15 Aug 2008, 09:46

Eclipse - Export RCP Products for multiple platforms

When deploying you can export the product for any supported platform if you have installed the RCP delta pack. To download the delta pack go to the eclipse download page and select your desired eclipse release. Then scroll down to the section “Delta Pack” and download it, unzip the package somewhere. Open eclipse, go to “Window -> Preferences -> Plug-in Development” and select “Add …” on the “Plug-ins” Tab. Select the directory where you have unzipped the archive. Now you can close the dialog by clicking Ok and open your .product file where you should “Add Required Plug-ins” on the “Configuration” tab.

07 Aug 2008, 08:20

Arora - a lightweight, cross-plattform WebKit Browser

In case you haven’t heard of it: There is a new browser based on QtWebKit. It is fast, small (less than 10k LOC) und cross-plattform due to QT4.4. You can grab it from the project page on google code. I did compile a package for Debian lenny/AMD64, just in case you don’t want to compile it yourself. Ok, my fault, I did underestimate Debian. Arora is already in the archives. I didn’t even do an “apt-cache search arora” before compiling it … ouch.

22 Jul 2008, 22:12

Terminal-Multiplexer Screen

Screen kann sehr praktisch sein, insbesondere wenn man öfter kritische Arbeiten über instabile SSH Verbindungen abwickelt.

Infos bei der Uni Erlangen und dem LinuxWiki.

21 Jul 2008, 21:26

IPTables - Block selected IPs

Sometimes people seem to think that bruteforcing a random server would a good idea. I don’t agree with them. They just fill up my auth.log and cause several alarm bells to ring. If you use fail2ban, fine, it will handle this for you. If you don’t use it, you could still ban them manually.

If you just want to ban a single source IP - beware of faked sources adresses - until the next reboot of your machine, use this:

iptables -I INPUT -s <sourceip> -j DROP
This reads as follows: Inside the input chain look for the source adress <sourceip> and the jump to chain “DROP”.

If you want to remove this entry you’ll just need to replace the -I in front of INPUT by -D.

21 Jul 2008, 09:03

OpenPGP/GnuPG Key Backup

Thought about Backup recently? What about Key-Backup?

If you happen to use OpenPGP to encrypt your files, you’ll probably want to do a key backup so you can decrypt them later if your OpenPGP installation should get lost. You’ll only need a few simple commands.

gpg -ao mypublic.key –export <keyid>
gpg -ao myprivate.key –export-secret-key <keyid>
This will export (-o) the public (–export) and private keys (–export-secret-key) of the keypair with the id <keyid> to two seperate files in ASCII (Base64) encoding (-a). How you find out the keyid? Use the parameter –list-keys.

30 Jun 2008, 14:10

Eclipse 3.4 Issues

After migrating to the latest Eclipse Release 3.4 aka Ganymede, I had to reinstall the essential plugins. Neither PDT nor Subclipse did work OOTB. For PDT you can follow the instructions from the PDT Wiki and for Subclipse have a look at the mailing list archives.

26 Jun 2008, 19:56

DDTSS

Did you every want to actually improve your favorite distribution? Then go to http://ddtp.debian.net/ddtss/index.cgi/xx and help translating Debian to your language!

26 Jun 2008, 13:24

Eclipse 3.4 - New Features

An interesting Screencast showing some of the new features in Eclipse 3.4 Ganymede can be found at the Screencast Blog.

25 Jun 2008, 13:05

Teamspeak 2 on Linux

Is was trying to get Teamspeak 2 (Client) running on a recent Version of Debian Lenny. The Problem was that, the Kernel was compiled w/o OSS Support. Installing “alsa-oss” solved my problem and Teamspeak ran perfect.

18 Jun 2008, 11:33

RESTlet: Selective Guards

When creating RESTful WebServices using the RESTlet API you may wan’t to create a selective Guard, i.e. a password protection for special HTTP methods only. Perhaps you want to allow all GET requests but require authentification for modifying requests like PUT or POST.

In this case you’ll need to extend the Guard class and overwrite the methods authenticate and authorize. An example implementation would look like this:

public class SelectiveGuard extends Guard {
public ModificationGuard(Context context, ChallengeScheme scheme,
String realm) {
super(context, scheme, realm);
}
@Override
public int authenticate(Request request) {
if (!request.getMethod().equals(Method.GET)) {
return super.authenticate(request);
} else {
return 1;
}
}
@Override
public boolean authorize(Request request) {
if (request.getMethod().equals(Method.GET)) {
return true;
} else {
return super.authorize(request);
}
}
}

17 Jun 2008, 13:40

Visual Representation of SQL Joins

Coding Horror provides a great visual representation of SQL Joins, just in case you need one.

17 Jun 2008, 12:54

Apache: Force all Visitors to use HTTPS

When using Apache with SSL you may want to force all Visitors to use HTTPS instead of HTTP.

After configuring Apache for SSL you can achieve this by using this VirtualHost definition:

<VirtualHost <your-ip>:80>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^<strong>(</strong>.*<strong>)</strong> https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>

You should have the SSL-enabled VirtualHost running on the same IP.

12 Jun 2008, 22:43

Buggy Java x86_64?

It looks like Eclipse for Linux x86_64 running on top of an Java for x86_64 is very unstable and crashes from time to time. At least that is what I can gather from my own experience and some reports from the Sun Java Forums. It looks like I have to stay with Java x86 (non-64bit) for a while.

And yes, I’m trying to write more posts in english.

10 Jun 2008, 21:40

ISP E-Mail Server mit Debian etch und exim 4

Nachdem ich schon einige Jahre sehr zufrieden mit exim als Mailserver bin und immer wieder über Berichte von Personen stolpere die arge Probleme mit der Einrichtung ihres Postfix Mailservers haben bin ich zu dem Schluss gekommen, dass es einfach an einem vernünftigen Tutorial zur einrichtung eines ISP-ähnlichen Mailservers mit exim 4 und Dovecot unter Debian etch mangelt. Anhand des erstklassigen Tutorials zu Postfix habe ich mir überlegt welche Kriterien ein gutes Tutorial erfüllen muss und welche Punkte angesprochen werden müssen. Unter dem Titel ISP Email Server mit Exim 4, Dovecot, MySQL und SpamAssassin auf Debian GNU/Linux etch habe ich ein Tutorial zu dem Thema erstellt, das hoffentlich alle Fragen beantwortet. Für jegliche Kritik - bevorzugt konstruktive - bin ich dankbar.

10 Jun 2008, 11:33

GoogleEarth: Fehlercode 29

Nachdem ich mein Problem mit Eclipse lösen konnte, bin ich beim starten von Google Earth auf ein neues interessantes Problem gestoßen. Die installierte Version wollte erstmal gar nicht starten. Na gut, schnell die aktuelle Version runtergeladen (4.3) und installiert. Die ist dann auch gestartet aber die Erde wurde nicht angezeigt. Stattdessen ein “Fehlercode: 29”. In den Hilfeseiten von Google findet man dazu im Moment nichts, aber im Ubunutusersforum. Dort gab es auch die Lösung: Den 32-bit DNS-Resolver installieren.

aptitude install lib32nss-mdns

05 Jun 2008, 22:03

ProFTPd offen wie ein Scheunentor

Wie ich gerade lese ist ProFTPd, zumindest mit mod_sql, offen wie ein Scheunentor. Man kann sich mit dem Benutzer “mysql” und dem Passwort “!” einloggen.

30 May 2008, 09:39

Firefox 3 Download Weltrekordversuch

Mozilla versucht zum Release von Firefox 3 einen Weltrekord aufzustellen. Jeder kann bei Spread Firefox mitmachen.

29 May 2008, 14:34

WebServices mit Java6

Eine schnelle, übersichtliche Einführung in WebServices mit Java 6. Sehr zu empfeheln für Einsteiger. Apt muss übrigens im src/ Verzeichnis des Projektes ausgeführt werden. Also etwas so “cd src/; apt -cp . path/to/your/file/in/a/package/File.java” um die Annotationen in File.java zu verarbeiten.

29 May 2008, 14:32

Exim4: Debugging

Um die eigene Exim Konfiguration zu analysieren, insb. um herauszufinden warum bestimme Mails abgewiesen werden, gibt das das nützliche Argument “-bh <ip>” mit dem man exim eine SMTP-Sitzung von der angegebene IP simuliert. “exim4 -bh <ip>” öffnet eine Art Telnet Sitzung auf der man manuell die SMTP Befehle absetzten kann und jede Menge debug Ausgaben zur Fehlersuche bekommt.

Eine einfach Mail schickt man etwas so ab:

EHLO localhost.localdomain
MAIL FROM: user@localhost.localdomain
RCPT TO: user2@localhost.localdomain
Nachricht
.

19 May 2008, 22:47

IPv6 unter Java abschalten

Das neue, alte Internetprotokoll IPv6 bietet eine Menge Vorteile, aber es kann auch Probleme machen. Vor allem schlechte Third-Party Bibliotheken einsetzt. Unter Java lässt sich IPv6 zum Glück ganz einfach abschalten:

-Djava.net.preferIPv4Stack=true

Einfach als VM Argument übergeben und Java wird versuchen den IPv4 Stack zu verwenden.

18 May 2008, 19:11

Heise über IPv6

Heise Online hat in letzter Zeit immer wieder über die Adressknappheit von IPv4 berichtet, aber anstatt mal etwas zu machen und den eigenen Dienst über IPv6 verfügbar zu machen gibts auf ein “ping6 www.heise.de” immer nur ein “unknown host”.

Heise-Artikel zu IPv6:

14 May 2008, 19:11

Debian SSL Super-GAU

Nur für den Fall, dass es jemand noch nicht mitbekommen hat: Debian, sowie alle Derivate wie Ubuntu, hat gerade so etwas wie den Krypto-Super-GAU erlitten. So ziemlich alle privaten Schlüssel die seit dem 17.11.2006 erzeugt wurden sind absolut unbrauchbar und mit einfachsten Mitteln angreifbar.

Einschlägige Quellen empfehlen jedem, Administrator wie Nutzer, die privaten Schlüssel neu zu generieren nachdem die entsprechenden Pakete aktualisiert wurde.

Hier gibts die wichtigsten Links zum Thema grob in der Reihenfolge der Wichtigkeit sortiert:

Tja, ich hoffe, dass die betroffenen Admins schnell handeln, sonst kann sich das zu etwas ähnlichem wie die CodeRed Geschichte entwickeln und dem Ansehen von Linux ernsthaften Schaden zufügen. Meine Systeme sind jedenfalls schon abgesichert.

07 May 2008, 21:52

Gedrehte Tabellen in LaTeX

In LaTeX kann man ganz einfach um 90° gedrehte Tabellen erzeugen.

Einfach \usepackage{rotating} am Anfang einfügen und mit
\begin{sidewaystable}
\end{sidewaystable}
nutzen.

02 May 2008, 08:00

OSGi: Libraries in Bundles konvertieren

Bei der Entwicklung von OSGi Bundles kann man natürlich auch auf Java Bibliotheken in Form JAR Archiven zurückgreifen. Entweder man bindet sie über den Bundle-Classpath ein oder man konvertiert das JAR Archiv in ein eigenständiges Bundle. Dies geht in Eclipse recht einfach über

Eclipse -> New Project -> Plugin-Development -> Plugin from exisiting JAR-Archives

Quelle

01 May 2008, 22:22

Firefox 3beta5

Die neue Firefox 3 Beta gefällt mir wirklich gut. Der Browser ist wirklich schnell und “responsive”. Auf jeden Fall besser als ich es erwartet hätte. Die Formularelemente sehen zwar etwas komisch aus, aber das wird sich vielleicht noch ändern.

30 Apr 2008, 22:15

Screenshots unter KDE

Um unter KDE Screenshots anzufertigen gibt es das kleine Hilfsprogramm Ksnapshot. Ist recht hilfreich.

21 Apr 2008, 22:15

xbase03

xbase03 3D Engine

17 Apr 2008, 21:49

Python: Effiziente String Konkatenation

Wie man in Python effektiv Strings konkateniert.

10 Apr 2008, 14:52

Python Quick Reference

Python 2.3 Quick Reference

09 Apr 2008, 17:14

CSS Naked Day

What happened to the design?

To know more about why styles are disabled on this website [on April the 9th +/- 24h] visit the Annual CSS Naked Day website for more information.

08 Apr 2008, 12:02

Linux Software-RAID reparieren

Nachdem ein Rechner mit Software-RAID eingefroren ist und neu gestartet werden musste gibt der Kernel beim booten folgenden Fehlermeldung aus:

md: created md0 md: bind<sda1> md: bind<sdb1> md: running: <sdb1><sda1> md: kicking non-fresh sdb1 from array! md: unbind<sdb1> md: export_rdev(sdb1) raid1: raid set md0 active with 1 out of 2 mirrors
Das Problem ist, dass einer der Spiegel nicht sauber ausgehängt wurde. Das Problem lässt sich mit mdadm ganz leicht lösen:
/sbin/mdadm /dev/md0 –fail /dev/sdb1 –remove /dev/sdb1

/sbin/mdadm /dev/md0 –add /dev/sdb1

Damit weist man mdadm an die betroffene Partition aus dem RAID-Verbund zu entfernen und anschließend neu aufzunehmen. Daraufhin erfolgt ein Rebuild, während dessen man den PC nicht ausschalten sollte, und dann ist alles wieder in Ordnung.

Den Fortschritt des Rebuilds kann man mit watch cat /proc/mdstat verfolgen.

31 Mar 2008, 00:39

Java Codepages

Wenn man mit Java auf String Daten aus DOS zugreifen muss, hilft die Tabelle der unterstützten Encodings auf der Sun Java Seite.

Die DOS-Box benutzt übrigens Cp850.

05 Feb 2008, 06:00

Oreilly Maker

Cover-Maker für OReilly Books.

16 Jan 2008, 19:47

WebEdition: session settings error

Wenn man sich nicht in WebEdition einloggen kann und statt dessen folgenden Fehler bekommt, sollte man mal überprüfen ob Cookies zugelassen sind, sonst geht das nicht.

webEdition cannot be started! A problem occurred with the session settings in your php.ini-file!

19 Sep 2007, 10:23

Mittwoch

IBM stellt Lotus Symphony aka OpenOffice+Eclipse RCP vor

Ich weiss nicht ob die Welt das braucht, aber es sieht auf jeden Fall schick aus und vielleicht fördert es ja die Verbreitung von OpenOffice in Unternehmen.

Netzbetreiber fordern USB Anschluss für alle Handys

Na das ist mal eine gute Idee. Die komischen propitären Stecker an den Handys und die umständlichen Software-Lösungen der Hersteller waren mir schon lange ein Dorn im Auge.

Open-Source Konkurent für Second Life

Anscheinend gibt es eine attraktive Alternative zu SecondLife. Ich denke ja, dass ein OpenSource-“SecondLife” deutlich bessere Marktchancen hätte.

Telekom bringt das iPhone

So wie es aussieht wird es bald offiziel angekündigt: Die Telekom bringt das iPhone. Zwar scheint die anfängliche Euphorie inzwischen verfolgen, aber spätestens mit der zweiten Generation des iPhones werde ich mir sehr ernsthaft überlegen mir auch so ein Gerät zu kaufen. Enttäuschend ist halt der Net-Lock.

Debian APT-Proxy in Java

Mit Japt-Proxy gibt es einen APT-Proxy in Java. Ob das was taugt? Ich werde es mal testen, da ich sowieso schon eine Weile nach einem APT-Proxy bin. Natürlich gibt es auch noch andere Implementierungen. Da muss ich einfach mal vergleichen.

18 Sep 2007, 09:00

Terry Pratchett: Schöne Scheine

Von “Pterry” gibts bald ein neues Buch namens Schöne Scheine.

Ich bin schon gespannt …

20 Aug 2007, 14:59

Kernkraftwerkbetriebsführungssofware

 Kernkraftwerkbetriebsführungssofware <- OMFG ;D

26 Jul 2007, 17:51

Linux vs. Mac

“ich hab jetzt linux auf dem mac installiert” “viel besser ;)”

16 Jul 2007, 08:57

Book-Review: Koreanisch Wort für Wort

In diesem Beitrag möchte ich kurz das Buch AdsKauderwelsch Band 44: Koreanisch Wort für Wort”, von Dietrisch & Andreas Haubold, vorstellen.

Vor einigen Tagen überkam mich das dringende Bedürfnis etwas mehr über die koreanische Sprache und Kultur zu erfahren und ich bin, auf dem Weg zu meinem Zug, in der Bahnhofsbuchhandlung meines Vertrauens eingefallen. Eigentlich mit dem Vorsatz ein AdsLangenscheidt zu diesem Thema zu kaufen. Leider, oder eher: zum Glück, war der nicht vorrätig. Daher bin ich auf das oben genannte Büchlein gestossen.

Koreanisch Wort für Wort

Für 7,90€ erhällt man ein, knapp 180 Seiten starkes, Büchlein im DIN A6 Format. Was die koreanische Grammatik, Umgangsformen, Zahlen und Datumsangaben angeht lässt das Buch für meine Verhältnisse keine Wünsche offen. Was mir etwas zu kurz kommt, ist der Wörterbuchteil, der zu knapp bemessen ist. Die Vokabeln sind zum Teil in Tabellen in den einzelnen Kapiteln gequetescht und zum Teil am Ende des Buches aufgelistet. Leider nur in Deutsch und in der Umschrift und nicht in Hangeul.

Ein wenig irritierend wirkte auf mich, dass die Umschrift der koreanischen Wörter und Buchstaben hier teilweise anderst als in anderen Quellen ist, aber dies ist wohl einfach darauf zurück zu führen, dass einige Varianten der Umschriften exisitieren.

Alles in allem bin ich sehr zufrieden mit diesem Buch. Wer allerdings ein umfangreiches Wörterbuch sucht wird damit nicht sonderlich glücklich werden.

22 Apr 2007, 20:03

Bloggen mit Gnome

Ich habe gerade ein Applet names “Gnome Blog” entdeckt.

Es ist eigentlich eine ganz nette Idee direkt vom Desktop, ohne Webbrowser, aus bloggen zu können. Zumal so der Browser nicht nach etlichen Zeilen den Geist aufgeben kann und man nicht unbedingt alles nochmal schreiben muss, aber ein wenig spartanisch ist das Interface schon.

Naja, man kann eben nicht alles haben ;)

25 Mar 2007, 09:28

Google Office

Als eifriger Lesen des GoogleWatchBlog staune ich regelmäßig wieviele Produkte Google hat und wie viele sich noch in der Entwicklung befinden.

Da stellt sich mir allerdings schon die Frage, wann endlich das “Google Office” erscheint. Diese vielen Programme, Tools und Datenbanken verlangen quasi danach miteinander verwoben zu werden um die ultimative Browser-basierte Programm-Suite zu schaffen.

Ich bin mal gespannt, die Google Services for Your Domain ist schonmal ein Anfang.

17 Mar 2007, 15:43

In China ist ein Reissack umgefallen!

Sobeben erfuhren unsere hochqualifizierten Reporter von dem erschreckenden, skandalösen, ja welt bewegenden Ereignis:

In China ist ein Reissack umgefallen!

Aber keine Panik, eine große deutsche Boulevard-Zeitung ist schon vor Ort um die Menschheit mit exklusiven Bildern zu versorgen.

13 Oct 2006, 09:21

DAS WERKZEUG (bekannt aus der TV Serie: Mac Gyver)

Für den einen ist es das Schweizer Taschenmesser, für den anderen ist es die wahrscheinlich kleineste Waffe der Welt. >>> Click here to see a picture of “Das Werkzeug” < <<

13 Oct 2006, 08:53

IceWeasel

Was ist das? Habe ich mich auch gerade gefragt. Aber, ganz einfach, es ist der Versuch FireFox auf GNU kompatibel zu machen um es mit GNU Linux distributionen auszuliefern. Naja, wer zuviel zeit hat….

Link: http://www.gnu.org/software/gnuzilla/