Category Archives: Tech

Fix for preupgrade-cli on Fedora 12

Background:
I had been running Fedora 12 on my home server with a 5-year old CPU and Nvidia video card. Last weekend, I decided to modernize with fancy new hardware, an Intel G6950 dual-core with integrated graphics. This is great, but Fedora 12 has graphics drivers that like to crash with Intel integrated graphics hardware, so once I changed the hardware, my desktop would freeze, about 30 seconds after logging in. So I decided to upgrade to Fedora 13.

The generally recommended way to upgrade on Fedora is to use the preupgrade tool, which would be nice, graphical, and great if my graphical desktop didn’t crash (and if it didn’t, I’d be sticking with F12 for now). So the alternative is supposed to be “preupgrade-cli”. This would work, because I could boot and do a console (non-graphical) login, so the video driver couldn’t muck things up (as easily?).

Problem: preupgrade-cli doesn’t work in Fedora 12.
(Okay, maybe it will for you, because you have executive platinum status with Fedora.) I got this error, which is pasted below:
# preupgrade-cli
Loaded plugins: blacklist, dellsysidplugin2, priorities, versionlock, whiteout
No plugin match for: rpm-warm-cache
No plugin match for: auto-update-debuginfo
No plugin match for: refresh-packagekit
No plugin match for: presto
Traceback (most recent call last):
File "/usr/share/preupgrade/preupgrade-cli.py", line 316, in
pu = PreUpgradeCli()
File "/usr/share/preupgrade/preupgrade-cli.py", line 52, in __init__
PreUpgrade.__init__(self)
File "/usr/lib/python2.6/site-packages/preupgrade/__init__.py", line 80, in __init__
self._getConfig()
File "/usr/lib/python2.6/site-packages/yum/__init__.py", line 282, in _getConfig
startupconf.pluginconfpath,disabled_plugins,enabled_plugins)
File "/usr/lib/python2.6/site-packages/yum/__init__.py", line 465, in doPluginSetup
plugin_types, confpath, disabled_plugins, enabled_plugins)
File "/usr/lib/python2.6/site-packages/yum/plugins.py", line 160, in __init__
self.run('config')
File "/usr/lib/python2.6/site-packages/yum/plugins.py", line 177, in run
func(conduitcls(self, self.base, conf, **kwargs))
File "/usr/lib/yum-plugins/versionlock.py", line 153, in config_hook
conduit.registerCommand(VersionLockCommand())
File "/usr/lib/python2.6/site-packages/yum/plugins.py", line 499, in registerCommand
self._base.registerCommand(command)
File "/usr/share/yum-cli/cli.py", line 106, in registerCommand
if name in self.yum_cli_commands:
AttributeError: 'PreUpgradeCli' object has no attribute 'yum_cli_commands'

Apparently the anonymous poster at the How to Upgrade page had the same problem. Perhaps we are the only two to bother with the “arcane” command-line preupgrade tool. I am curious as to whether anyone (at all) succeeded with preupgrade-cli for Fedora 12 to Fedora 13.

Solution: Patch preupgrade-cli.py. If you don’t have experience writing code on Linux, this is probably not for you. But it’s pretty straightforward. You need to change the definition of the PreUpgradeCli class so that it self.yum_cli_commands is valid. Do this by replacing the line:

class PreUpgradeCli(PreUpgrade, YumUtilBase):

with

class PreUpgradeCli(PreUpgrade, YumUtilBase, YumBaseCli):

so that it inherits from a class with such an attribute and insert this line:

        YumBaseCli.__init__(self)

as the first line of the initializer, below

    def __init__(self):

and before

        PreUpgrade.__init__(self)

so that the parent class's initializer gets called and self.yum_cli_commands gets populated. The file is found at /usr/share/preupgrade/preupgrade-cli.py

Remember, this is Python, so line indentation is important. There you go. preupgrade-cli should work as normal now.

Note: I don't know whether this is the Right Way To Fix It, but it seemed reasonable to me, and I got the result I wanted. I will probably point the developer of preupgrade-cli.py to this page so he/she can compose a better fix.

Update (6/13/2011): This fix has been accepted officially (see comments), thanks to the efforts of Andrew Meredith, who opened the bug on Red Hat's bugzilla, and Martin Dengler who opened a ticket in preupgrade's own Trac site.

Miscellaneous Solaris build problems

I’m sure these things are obvious to seasoned Solaris developers, but here are a few things I’ve learned today:

  • gcc 3.4.3 does not support threads on Solaris. The “-pthread” option doesn’t exist for Solaris except in later versions, so upgrade your compiler or use the Sun compiler (where you’ll use “-mt” to request threaded code).
  • scons on Solaris assumes you are using a Sun compiler and applies flags as such, even when you’re using gcc. Yes, even if it detects and uses gcc. See the note about “-KPIC” in the scons changelog.
  • boost doesn’t really compile on Solaris with Sun C++ 5.8, but you can hack stuff to make it sorta work.
    This relates to boost 1.40.0. There are two main issues:

    • int64_t and friends don’t get defined. You’ll have to patch cstdint.hpp. Here’s my hacked replacement.
    • The Sun compiler doesn’t do return object optimization, which means that code like:

      class Foo {
      private:
      Foo(Foo& f);
      public:
      explicit Foo(int i);
      };

      Foo bar(int x) {
      return Foo(x);
      }

      doesn’t work. The call to Foo(x) works fine, but the compiler thinks you need to copy the resulting Foo object in the act of returning it to the caller, which is commonly optimized out these days. Here’s a replacement for the affected boost/thread/detail/thread.hpp. Of course boost 1.41 doesn’t have the same problem since the return type for the affected function is different.

For reference, a couple of illustrative error messages:

  • int64_t problem:

    "/home/daniel/boost_1_40_0/boostdir/include/boost/date_time/time_duration.hpp", line 264: Error: int64_t is not a member of boost.
    "/home/daniel/boost_1_40_0/boostdir/include/boost/date_time/time_resolution_traits.hpp", line 48: Error: int64_t is not a member of boost.
  • Return value optimization problem:

    "/home/daniel/boost_1_40_0/boostdir/include/boost/thread/detail/thread.hpp", line 344: Error: boost::thread::thread(boost::thread&) is not accessible from boost::move(boost::detail::thread_move_t).

I’m sure that most of my audience will find this incomprehensible, but I have high hopes that Google will index this properly and find it for a poor head-scratching soul with similar frustrations.

Have a nice day!

Fixing nautilus-open-terminal to revert to “t”

I was very, very annoyed that the 0.10 release of nautilus-open-terminal changed the accelerator from “t” to “e”, meaning that I could no longer right-click on my gnome desktop and press “t”.

Rather than unlearn years of muscle memory and learn to press “e” instead, I built my own version that reverts the change.

Here’s the fixed SRPM and RPM for Fedora 11 i586:
source: nautilus-open-terminal-0.13-2ac.fc11.src.rpm
binary: nautilus-open-terminal-0.13-2ac.fc11.i586.rpm

I know, the accelerator got changed to fix some bug that was filed against Ubuntu, but I don’t use “New Tab” (nor can I find it anywhere in nautilus). So I achieved victory by getting the source, changing a few lines, and rebuilding, since this is open source. Hooray!

Have a nice day.

(footnote: The problematic change was noted as: ‘Change “Open in Terminal” accelerator to “e”, for not conflicting with “New Tab”‘)

Update:
Versions for Fedora 12 (beta right now):
RPM: nautilus-open-terminal-0.17-4ac.fc12.i686.rpm
SRPM: nautilus-open-terminal-0.17-4ac.fc12.src.rpm

Fast searching on Dovecot with Fedora

Although dovecot comes with its own full-text indexed search, it doesn’t seem to be enabled by default, at least in Fedora 10.  This is a shame.  For me, it makes a search for body text take a few seconds rather than a couple minutes.

To fix, modify your /etc/dovecot.conf and restart dovecot.

  • Add fts and fts_squat to the mail_plugins line in your protocol section (protocol imap for me).
  • Specifically, look for:

    protocol imap {
    ...
    #mail_plugins =
    ...
    }

    and change it to look more like:

    protocol imap {
    ...
    mail_plugins = fts fts_squat
    ...
    }
  • Add fts = squat to the plugins section.
  • plugins {
    ...
    fts = squat
    ...
    }

Sadly, there was no Ubuntu help forum thread that made all this blindingly obvious, so I hope this post fills that need. This all worked on Fedora 10 with dovecot 1.1.10.

Have a nice day.

Configuring VMWare Server 2 authentication

Recently I’ve needed to install a virtual machine on my spiffy RHEL 5.3 system, so I turned to VMWare, since its free Server software (1.0 series) worked fine on Ubuntu Dapper.  So I tried installing Server 2, because newer is better, right (you know where I’m going…)?

Server 2 does user-level authentication, so you need to specify the admin user at setup time.  That will be the only user (initially) that can touch the vmware instance.  This means that if you disable the root password, then you should not choose ‘root’ as that user.

So this is fine, except that I couldn’t login initially.  The trick is that VMWare does its own user authentication off of the normal /etc/{passwd,shadow} files, and I was authenticating with Kerberos as an AFS user.

Here’s how to fix things.  You need to modify /etc/vmware/pam.d/vmware-authd .  Upon installation, it contains:

#%PAM-1.0
auth   required   pam_unix.so   shadow nullok
account  required  pam_unix.so
You need to add a line so it looks like:

#%PAM-1.0
auth sufficient  pam_krb5.so use_first_pass  refresh_creds debug 
auth   required   pam_unix.so   shadow nullok
account   required  pam_unix.so
I used /etc/pam.d/system-auth as a reference. (I’m not sure the ‘debug’ part is needed.)

Since I couldn’t find anything online (this is one thing that google didn’t really know) that fixed things, I hope this is useful and saves a few hours or so for somebody somewhere.  The closest post I found didn’t seem to have a clear resolution and solution.

Update: If something gets borked and it says your user is unauthorized, you can set the admin user by editing the value in the <ACEDataUser> tag in /etc/vmware/hostd/authorization.xml .

Let me know if I’ve missed anything–all I can say is that this worked for me.

Regulating broadband and wireless

For the record, I am in favor of unlicensed frequency spectrum and in favor of “net neutrality”. By “unlicensed frequency spectrum,” I’m referring to the sort of free use of sections of the electromagnetic spectrum (e.g. the 2.4Ghz Industrial/Scientific/Medical band) that allow people to transmit without having to purchase the spectrum from the government.
I used to think that the availability of unlicensed spectrum was unassailable as a public good. IEEE 802.11-based networking (i.e WiFi) has completely transformed computing and has allowed people to create/share/consume content and to pervasively communicate with others at levels completely unprecedented and completely wonderful. Wireless networking first got really popular when I was in graduate school, but it now seems inseparable from university campus life. Those not belonging to university communities or (tech) companies with their own deployments may not understand how WiFi has changed the game. Outside of those environments, we have coffee shops with free/semi-free wireless (lovely) and other places with paid wireless (*sigh*), but if your experience is only with those few spots, then you won’t understand. It’s like getting internet at home through dial-up versus ‘broadband’. Broadband (esp. with static, public IP addresses) is just a far more pervasive networking experience, and it changes the way we get information. Wireless networking has that effect.

But wireless networking existed before WiFi and 802.11, so why didn’t we go wireless earlier? The main reason for the creation of 802.11 and its subsequent explosion was the availability of the unlicensed 2.4Ghz band. Now anyone could produce equipment operating on that band and sell that equipment to anyone else. There’s hardly any incentive to do this if that spectrum is licensed, since only the spectrum owner will buy such equipment, and even a humongously rich owner has less money than, uh, the rest of the world. Sometimes the lack of control in unlicensed spectrum is a pain– my wireless connection drops every time my colleague uses the 2.4Ghz cordless phone– but my connection would not exist without unlicensed spectrum that enabled the creation of my wifi hardware.

This being how I feel, I read Wired’s article on an upcoming proposed frequency auction and was struck by the linked articles that decry open-access spectrum. Corporate welfare for dot-com billionaires? Please. Open access spurs innovation. Do you have a wireless router at home? It’s conceivable that (insert traditional telco name) could’ve taken part of their licensed spectrum and sold people wireless hardware (for laptops and home routers), but did they? No. Would they have? Probably not. Look at where they are with wireless data plans and hardware. Is that market flourishing? Every laptop sold has wireless these days, but not connectivity to a 2.5/3G data carrier. I should be happy that 3G data is available at all. It just costs them a lot more to provide the service than it costs for lots of independent places to provide WiFi hotspots.

Perhaps I should have expected an opponent of open access to decry net neutrality as well, but I wasn’t expecting him to be so bold as to say that net neutrality is “anti-consumer.” Come on. Net neutrality is equalizing in the way that it levels the costs of bandwidth for everyone. It means that a kid putting his skateboarding videos up on a webserver in his garage has his data treated the same as CNN trying to stream advertisements and breaking video of (insert rich young celebrity name)’s arrest for DUI.

Anyway, this article on broadband by the same misguided soul who decries open-access talks about how there’s no broadband problem in the US. Oh, I don’t know about that. I think we’ve just gotten used to the slow pace at which our telecom companies give us speed. Verizon is trying to roll out their FIOS fiber service with 5down/2up Mbps at $40 and 15down/2up Mbps at $50, while Japan had 100Mbps Ethernet available a few years ago (and is working on mandating Gbps Ethernet in a few years). 20Mbps became prevalent in South Korea years ago, so in 2004, Korean ISPs had to compete on service, since 20Mbps was, well, uninteresting. Besides, 90% of South Korean homes had 3Mbps or greater at home, with overall average of 8Mbps.
I think Japan and South Korea look at our level of broadband the way we look at dialup.

I’ll be the first to say that America has a harder problem in deploying telecommunications– we have a huge area of deployment and we built our cities around cars as transportation (which now seems rather foolish with oil and anthropogenic abrupt climate change)– but surely we can do better. I still think America (particularly Silicon Valley) invents much of the technology in use for all of this, so don’t we have some advantage?
I’ll take a moment here to say that with corruption and other troubles in corporate governance, smaller companies tend to be more efficient at producing value. There’s less people to spread out blame. Higher-ups can more easily see the impact of their decisions on their employees in the trenches and junior employees are less likely to assign any air of nobility or rich-and-famous-glow to their higher-ups. And in any case, the world changes quickly. Smaller companies are more agile, and younger companies have less traditions to reinvent when they adapt.

Anyway, have a nice day. And remember that it will be hard for people older than Bill Gates to understand these new technologies, so go with someone younger, or in the industry. There was something said about technology and our perspective as we age: “Things which existed in our 20s are natural and obvious, while things invented after our 30s are indistinguishable from magic.” Please correct this quote if you know the source.

Internet radio is dying. :(

With the Copyright Royalty Board’s denial of an appeal to its March 2, 2007 ruling, the new royalty rates for online broadcasters will take effect on May 15. And since the new rates apply retroactively to the start of 2006, this means the closure of most small, independent broadcasters who simply do not have the money to pay.

Have a look at details of the original ruling and the appeal denial. The $500 minimum per channel, regardless of the listener count, is pretty horrendous. It’s clear that only for-profit companies can afford to broadcast, and only then with copious commercial time. Thanks, CRB. The sort of personalized streaming channels offered by Pandora seems pretty difficult to sustain with this fee structure, so, thanks again, CRB, for curbing musical exploration and discovery of new artists. Clearly, they have the good of society in mind.
Perhaps it was only wishful thinking that gave us hope that the existing media industry would embrace the freedom and egalitarian content-generation-production-distribution that the internet is capable of. It’s time for a new music industry. It’s just that I don’t know of any music coalitions or consortiums that understand and embrace all that the internet enables. So if you are one, let all of us know so we can support you and your music.

Are there any channels of Creative Commons-licensed music? If so, I’d love to listen to them, and perhaps even serve them.
Anyway, please mark May 15, 2007 as the day that the traditional recording industry made internet radio suck. Of course, it could also mark the day that non-RIAA music began to dominate internet radio, and the day that people discovered the world of non-RIAA music.

How about a French pop music station (stream)? 🙂 It’s commercial-free and 128k.

Have you mailed (yes, postal mail) your congressperson about this yet?

ICQ Spam sucks

ICQ seems like to be the most spam friendly of all the instant-messaging services. Still, the spamminess has never been a real problem for me. Until now.

It started earlier this month(March). I got a random message from some random person.

him/her: “hello”
me: “do i know you”
him/her: “no,are you busy now,can we just chat”
me: “I’m not really in the mood to chat with strangers right now. Sorry about that.”
him/her: “o ,I’m so sorry for that,if you are happy one day ,maybe we can chat,”

Uh… right. A quick search on ICQ for the source number revealed that the user was a 20-something female from China, but who knows. After that, I started receiving similar messages: “hello”, or “hi”, whose profiles also pointed at China. That lasted about a week, and now I get messages seemingly from Germany or Russia. The first batch had profiles with “lifelike” names, but everything’s degenerated into spam. So far, I think I’ve gotten pr0n links, Rolex watches, Nigerian spam, and random “21-year old blondes”. I imagine mortgage refinancing and viagra/cialis spam are coming soon as well.

What’s going on? I do know that I’m not alone.

References:
Technorati Search: icq spam
Irritated ICQer #1
Irritated ICQer #2
Trillian complaint thread

I use gaim for my IM needs, and it annoys me that I these ICQ “buddy list authorizations”, which are allowed to contain arbitrary messages (like spam) come up constantly.

My main reason for posting is that I don’t really understand the sudden increase in spam. Did someone release a new ICQ spamming tool? Did ICQ roll out a new “random chat” feature? It’s rather odd that these strangers always seem to come from international non-US sources.

Here is the “Nigerian” ICQ spam I got in an authorization message:
—-
Hello. I am Steve Casey, general manager of the international company Le-Trans, and I have a wonderful offer for you.

We render services to companies that have international trade. These services consist of the reception of payments from the clients of the various companies when the client and the company are in the different countries. We save money for the companies by eliminating the expensive bank commission for international transactions. Only the small commissions for transactions between two banks inside one country are paid.
—-

Anyway, to whoever keeps sending me stuff, please stop. That means you, Steve Casey.

(Comments are closed since this page seems to attract lots of spam.)

Anyone good with Ethereal?

A couple of months ago, our organization’s network was hit by… something. I couldn’t really tell if it was a DOS attack or “just” a rapidly spreading virus. All I knew was that my DHCP requests were barely getting through, and all other traffic seemed to be being dropped. The cheap ethernet switch I had its activity lights flickering faster than I had ever seen, and for all ports (broadcast packets?).

This made me pretty disgruntled with our network ops(shouldn’t this be stopped at the WAN router), but I didn’t think whining about it would do any good. So I fired up Knoppix, since it has Ethereal built-in, and I obviously didn’t have the connectivity to download a port of it otherwise.

Mind you, I’ve never used Ethereal before, but it seemed like a good chance to play with it. So I had it gather a couple of traces off the network. FYI, 30 second traces were weighing in at around 13MB, so, do the math, and you can get a feel for how much junk was coming through my 10Mbps link. Anyway, I didn’t make a whole lot of sense of it, but if anyone wants to take a peek at one of the traces and email/post-a-comment, s/he is welcome to it.

Download Ethereal trace (.zip)

Because of spam considerations, if you wish to email me, please do through the “Contact Daniel” link on the blog’s main page. Thanks.

Some guy’s quest in spyware removal

I hate spyware. I rarely get infected these days, which is probably because I enact a few paranoid security measures (run as restricted user, use firefox), but sometimes I’m called upon to fix someone else’s spyware problem. Raise your hand, I’m sure some of you have had to do this as well.

Anyway, I stumbled upon this forum thread between one man and a friendly IT guy who go step by step to fix a spyware problem.
FRUSTRATED! Please help!” href=”http://www.geekstogo.com/forum/FRUSTRATED_Please_help_-t14149.html”>Geeks to Go! -> FRUSTRATED! Please help!

It’s pretty amazing how many steps they went through, and you can see that it took them nearly a month to finish the cleanup. Honestly, it’s a shame. There’s software for bad people to make a mess of your computer, but the cleanup software, though good, seems far more limited.

I suppose it just goes to show that it’s way more difficult to fix things than it is to break them. Kind of like the second law of thermodynamics. It’s probably similar to how it’s often easier to buy new stuff than to fix old ones, and why it might be easier to start from scratch than to get huge gains from modifying a tried-and-true system.