Wednesday, December 31, 2008

Download HQ MP4 or FLV movies from youtube

Just add the following without the quotes after the youtube film URL and use something like FlashGot (or grab the full URL with Firebug) to download it:

"&fmt=18" for HQ MP4 format
or
"&fmt=6" for HQ FLV format.

The "Flash Video Resources Downloader" Firefox addon seems to get this right and is able to download FLV, HQ FLV and HQ MP4 format movies from Youtube and can also handle similar sites. The downside is reliance on a web hosted php script (it means visiting this site every time you want to download something to grab the URL).

Thursday, December 11, 2008

Export VIM syntax highlighting to HTML

You can export the colorscheme based syntax highlighting in used in your VIM instance to a HTML file.

Just set a colorscheme and enable syntax highligting in VIM"

colorscheme torte
syntax on

Then you can export the same color scheme to a HTML file:

:runtime! syntax/2html.vim

This works for any file type supported by VIM. Just make sure you save the file before using the right extention.

Script for automating hardlink creation

::
:: Linking script
:: Usage: ln "source\REGEXP" destination

@echo off
set sourcedir=%1
set destdir=%2
if "%1" == "" goto usage
echo "Linking" %sourcedir% "\*" to %destdir% "\*"

if not exist %destdir% mkdir %destdir%
:: Create the destination directory if it does not exist

:iterate
shift
if "%1" == "" goto end
for %%i in (%sourcedir%) do fsutil hardlink create %destdir%\%%~nxi %%~fi
goto iterate

:usage
color 4f
echo "Usage: ln.bat source-directory\REGEXP destination-directory
echo "If the destination directory does not exist it will be created."
echo "If a fully qualified path is not used, current directory will be used"
pause
color

:end
set sourcedir=

Tuesday, December 09, 2008

Scripting VMware Infrastructure with PowerShell

You can script VMware Server and VMware Infrastructure using Microsoft PowerShell CmdLets and the VMware VI Toolkit. It's really great for scheduling and automating tasks, since the scheduler in VMware Infrastructure Client is severely limited



You need to install the .NET Framework (2.0 at least), PowerShell 1.0 and the VMware VI Toolkit. All are freely available.

Get-VICommand to list available cmdlets and read the VI Toolkit Cmdlets Reference for documentation.

Monday, December 08, 2008

Creating hardlinks on Windows

You can use fsutil on Windows XP and Windows 2003 or mklink on Windows Vista and 2008 to create hardlinks in a Windows environment. This requires a NTFS filesystem.

Friday, November 21, 2008

Windows - Delayed Write Failed when copying to USB disks

Trouble transfering large files to USB devices? I've had quite some problems with Delayed Write Failed even after caching disabled, increasing the system page size, etc. when transfering large files to Western Digital USB 2.0 500MB and 2TB MyBook Devices (though this looks like an issue with USB storage devices in general).

Messages like these turn up in Even Viewer:

{Delayed Write Failed} Windows was unable to save all the data for the file . The data has been lost. This error may be caused by a failure of your computer hardware or network connection. Please try to save this file elsewhere.

or

Application popup: Windows - Delayed Write Failed : Windows was unable to save all the data for the file. The data has been lost. This error may be caused by a failure of your computer hardware or network connection. Please try to save this file elsewhere. 

To fix this enabled SoftRetry for USB transfers:

Start - run - cmd. Type:

  • reg add HKLM\SYSTEM\CurrentControlSet\Services\USB\EnSoftRetry /v Data /t REG_DWORD /d 1

Other hacks to get around this issue:

Look into HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management at LargeSystemCache and SystemPages.

Disable write caching on the disk (Right click the drive letter -  Properties - Hardware - Select the Disk - Properties - Policies - Optimize for quick removal).

Make sure you monitor errors under Start - Run - eventvwr.msc -> System.

Thursday, November 13, 2008

DHCP Server on AIX

# vi /etc/dhcpsd.cnf

leaseTimeDefault 30 minutes
leaseExpireInterval 3 minutes
supportBOOTP yes
supportUnlistedClients yes

network 192.168.0.1 255.255.255.0
{
 subnet 192.168.0.0 192.168.0.11-192.168.0.16
}


# startsrc -s dhcpsd
0513-059 The dhcpsd Subsystem has been started. Subsystem PID is 335890.

# lssrc -ls dhcpsd
Log file: /usr/tmp/dhcpsd.log
Log Level: 0x16
Client Expire Interval: 3600
Reserve Expire Interval: 900
Bad Addr Reclaim Interval: 4394967295
Database Save Interval: 3600

 
IP Address Status Duration Time Stamp Client ID
---------- ------ -------- ----- ------- ---------
192.168.0.11 Leased Infinite Nov 13 12:22 1-deadbeefcafe
192.168.0.12 Leased Infinite Nov 13 12:24 1-abadcafebabe
192.168.0.13 Free
192.168.0.14 Free
192.168.0.15 Free
192.168.0.16 Free

Friday, November 07, 2008

Bitlbee - Yahoo and IM console client on AIX

Bitlbee supports XMPP/Jabber (including Google Talk), MSN Messenger, Yahoo! Messenger, AIM and ICQ and creates a localhost IRC server you can connect to with say EMACS ERC irc client. Great for the whole ssh -> screen -> EMACS -> ERC deal.

It's quite nice for consolidating all your communication inside of Emacs (IRC via ERC, mail and news via GNUS, IM via bitlbee), etc.

Luckily, Bitlbee compiles out of the box on AIX, and you don't even need root permissions to use it.

Simply download it and compile it with say gcc:

% gunzip -c bitlbee-1.2.3.tar.gz| tar xf -
% cd bitlbee-1.2.3
% ./configure --ssl=openssl
% gmake
% ./bitlbee -D -n -v -i 127.0.0.1 -p 12345 -c ./bitlbee.conf
Now connect your IRC client to localhost port 12345 and create your account.
register password
account add yahoo username password
account on

Friday, September 26, 2008

Solaris Performance Monitoring

Performance monitoring tools on Solaris using split GNU screen windows :-).


Thursday, September 11, 2008

Adding more speeddial boxes to Opera.

By default, Opera uses a 3x3 grid for the speeddial. You can change this to whatever you want by editing the speeddial.ini file.

Open a new opera tab and type in opera:config and search for "speeddial" in the Quick Find bar.

You now have the location of speeddial.ini from User Prefs - Speed Dial File. Edit this file.

Make sure you close Opera, and edit this file.

Add the following lines to the top of the speeddial.ini file:

[Size]
Rows=4
Columns=4

This should give you a solid 16 speeddial boxes.

Sunday, September 07, 2008

Making VMware Console work with Firefox 3.0.1

If you're running VMware Server 2 and require the console plugin to work with Firefox, you can use this trick to make it work once you update to Mozilla Firefox 3.0.1:

Just edit the VMware Console plugin install.rdf and change the:

3.0.0.*

to

3.0.*
or
3.0.1.*

and restart Firefox. Now update Firefox and all should work fine.

The install.rdf should be located in the plugin folder (~/.mozilla or similar on UNIX and Document and Settings or User/username/Application Data on Windows. Example:

C:\Documents and Settings\cmihai\Application Data\Mozilla\Firefox\Profiles\eqz4a1i8.default\extensions\VMwareVMRC@vmware.com

Just search for VMwareVMRC.

Thursday, September 04, 2008

VirtualBox 2.0 Released.

The 2.0 release of VirtualBox is now available.
http://www.virtualbox.org/

Monday, August 04, 2008

IRC-ing on AIX with EMACS ERC

Emacs ERC (M-x erc) is a IRC client built into newer releases of EMACS.

To build this you need the bos.adt sets and a compiler (gcc or xlc will do just fine).



Remember to set TERM=dtterm for colors :-).

Tuesday, July 29, 2008

VMware ESXi Hypervisor Now Free

After making VMware Player and VMware Server available for free and the VMware toolkit open source under a GPL license, VMware now makes VMware ESXi Hypervisor available at no cost.

Thursday, July 24, 2008

SedTris - a Tetris game written in sed.

I've seen irc clients written in sed and I've seen a lot of sed magic in my time, but this is just ridiculous...

A Tetris game written in sed.

http://uuner.doslash.org/forfun/sedtris.sed

Sun announced intentions to release SunWebServer under BSD license

Sun will opensource part of their web stack under a BSD license.

"Sun announced
that it is open sourcing the core components of the Sun Java(TM) System Web Server 7.0 and Sun Java(TM) System Web Proxy technologies under a BSD (Berkeley Software Distribution) license in the Web Stack sub-project of the OpenSolaris community. The Web and Proxy source code will be available in CY08Q3."

http://www.opensolaris.org/os/project/webstack/

"We're pleased to announce that the Web Stack project will be taking on the Open Source releases of the Sun Web and Proxy Server.... under a BSD license. Read about this and other plans in the Sun press release"

Saturday, July 12, 2008

Microsoft Reaserch Singularity Project - Open Source on Codeplex

You can grab the source code of the Singularity OS RDK - a Microsoft Research project from codeplex (Microsoft's version of SourceForge for Open Source Projects Hosting). It's basically an OS written mostly in managed code. It also uses a microkernel.



Running the thing is pretty simple. Just build world and run the ISO in VirtualPC.

Sunday, July 06, 2008

Puttycyg, screen, zsh and irssi on Windows

Remeber PowerShell + PowerTab + PCSX + Console + Terminus?
Here's something even nicer: Puttycyg + Terminus + GNU Screen + ZSH + irssi:

Friday, July 04, 2008

AWK tricks - clearing the screen and scrollback buffer.

You can put this in your logout profile to fill up the screen buffer (clear just won't do on some systems with a multiple page console scroll-back buffer).

Filling the screen buffer with new lines:

awk -F 'BEGIN{ for (i = 1; i <= 3000; i++) printf "\n"; exit}'

See also:

http://www.openbsd.org/faq/faq7.html#ConsoleClear

Wednesday, June 25, 2008

D-Light DTrace script for Sun Studio 12 in Solaris

Here's a pretty cool tool for developers, similar to the DTrace GUI from XCode in OS X 10.5 Leopard (Instruments):

It's part of Sun Studio 12.




It's still in development, but it can be pretty useful.

Tuesday, June 24, 2008

Using AWK to convert UNIX passwords from HP-UX to Solaris

Converting password hashes from HP-UX 11.11 to Solaris is pretty simple if you are using UNIX crypt passwords (if HP-UX isn't a Trusted System. If it is, it will use bigcrypt passwords, > 8 characters, converting them to Solaris UNIX crypt could be problematic).

Here's the gest of it:

On the HP-UX System, we create a test user:

# useradd test
# passwd test
test
Now we convert the passwd file to generate passwd entries for Solaris:

  • # awk ' BEGIN { FS = ":" } { print $1":x:" $3 ":" $4 "::/export/home/" $1 ":/usr/bin/sh" }' /etc/passwd
  • test:x:107:20::/export/home/test:/usr/bin/sh

And we create the shadow file entries, including the password hash:

  • # awk ' BEGIN { FS = ":" } { print $1":"$2"::::::" }' /etc/passwd
  • test:lsDWJo7M.iAhY::::::
Just add them using /usr/ucb/vipw to the password file, edit the shadow file for consistency and test. Be sure to backup the files and to test using a few users at first.

  • $ su test
  • Password:
  • $ id
  • uid=127(test) gid=120
  • $ whoami
  • test
  • $ echo $HOME
  • /export/home/test
  • $ echo $SHELL
  • /usr/bin/sh
Mix with some shell scripting and mkdir's and you're set :-). Next time, use LDAP :P.

Monday, June 23, 2008

Tru64 UNIX AdvFS open sourced

HP Tru64 UNIX's filesystem has been open sourced under a GPLv2 license.
http://advfs.sourceforge.net/

Press release here.

Documentation here.

What is it with UNIX giants making filesystems open source?

Sunday, June 22, 2008

Making NetBSD 4.0 and OpenBSD 4.3 install in VirtualBox

Installing NetBSD 4.0 in VirtualBox fails with:
Failed to write to file. /usr/bin/dig (or whatever) (Bad address).

To make it work disable ACPI, enable VT-x and set the IDE controller type to PIIX4.

VT-x makes all the difference for NetBSD also. Without VT-x, unpacking install sets is very slow (200kb/s). With VT-x, I get 6.42 MB/s.

Plus, it won't fail writing to files.

The same thing happens with OpenBSD, and can be fixed by using VT-x.

Fixing Java WebConsole ZFS Administration on Solaris Express Community Edition build 90, 91

Application Error

com.iplanet.jato.NavigationException: Exception encountered during forward
Root cause = [java.lang.IllegalArgumentException: No enum const class com.sun.zfs.common.model.AclInheritProperty$AclInherit.restricted]


Notes for application developers:
  • To prevent users from seeing this error message, override the onUncaughtException() method in the module servlet and take action specific to the application
  • To see a stack trace from this error, see the source for this page

Generated Sun Jun 22 14:22:44 EEST 2008


If this happens to you, you need to set acl inherit to passthrough:

# zfs set aclinherit=passthrough rpool

Now WebConsole ZFS Admin will work.

You also need to make sure the webconsole serivce is enabled before you can use it:

# svcs -a | grep webconsole
disabled 15:32:25 svc:/system/webconsole:console

# svcadm enable webconsole

# svcs -xv webconsole
svc:/system/webconsole:console (java web console)
State: online since Sun Jun 22 15:34:40 2008
See: man -M /usr/share/man -s 1M smcwebserver
See: /var/svc/log/system-webconsole:console.log
Impact: None.




When you're done using it, you should probably disable the service, as Java will eat up 100MB of memory :-). Besides, you don't really need a GUI for ZFS admin. It's just nice to show to your friends.

# svcadm disable webconsole

You should also make sure to disable webconsole in your Zones, as it serves no purpose what so ever (and it will bloat your zones by about 100MB memory usage).

Friday, June 20, 2008

Compiling 64 bit OpenSSL and OpenSSH on Solaris with Sun Studio 12; SSH ASCII fingerprints

For building OpenSSL.
% ./config
Replace -xarch=amd64 with -m64 in the Makefile.
% gmake
# gmake install

Now build OpenSSH:

export CFLAGS=-m64
export LDFLAGS=-m64

% ./configure --with-ssl-dir=/usr/local/ssl
% make
% su
# make package
The following packages are available:
1 OpenSSH OpenSSH Portable for Solaris
(i386) OpenSSH_5.0p1
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]: Transferring package instance

# pkgadd -d OpenSSH-OpenSSH_5.0p1-Solaris-i386.pkg



If you're using OpenSSH portable from CVS you can also enjoy the ASCII art fingerprint funtion:


ibmsolaris% ./ssh -F /etc/ssh/ssh_config 192.168.21.168
Host key fingerprint is ...
+--[ RSA]----------+
| |
| = . |
| . = F |
| + * + |
| S * . |
| o + . |
| . = o . . |
| o + . o |
| . .oo . |
+----------------------+

Just add CheckHostIP fingerprint to ssh_config.

To compile OpenSSH from CVS:

% export CVSROOT=anoncvs@anoncvs.mindrot.org:/cvs
% export CVS_RSH=/usr/bin/ssh
% cvs get openssh
# ln -s /usr/bin/aclocal-1.10 /usr/bin/aclocal
# ln -s /usr/bin/automake-1.10 /usr/bin/automake
% ./configure --with-ssl-dir=/usr/local/ssl
% make
% su
# make package

Solaris ZFS to ZFS LiveUpgrade

Regular UFS to UFS LiveUpgrade used to take a while to create the boot environment, etc. Complicated :-).
As of Solaris Express Community Edition 90, you can use LiveUpgrade with ZFS. You can also LU a UFS system to ZFS.

One of the benefits of ZFS root is the ZFS clone command (lucreate -n happens in a second):

# lucreate -n sxce91
Checking GRUB menu...
Analyzing system configuration.
No name for current boot environment.
INFORMATION: The current boot environment is not named - assigning name .
Current boot environment is named .
Creating initial configuration for primary boot environment .
The device
is not a root device for any boot environment; cannot get BE ID.
PBE configuration successful: PBE name PBE Boot Device .
Comparing source boot environment file systems with the file
system(s) you specified for the new boot environment. Determining which
file systems should be in the new boot environment.
Updating boot environment description database on all BEs.
Updating system configuration files.
Creating configuration for boot environment .
Source boot environment is .
Creating boot environment .
Cloning file systems from boot environment to create boot environment .
Creating snapshot for on .
Creating clone for on .
Setting canmount=noauto for
in zone on .
Creating snapshot for on .
Creating clone for on .
No entry for BE in GRUB menu
Population of boot environment successful.
Creation of boot environment successful.


Mount the DVD image loopback:

# mkdir /mnt/iso
# lofiadm -a /export/home/cmihai/Desktop/SunDownloads/sol-nv-b91-x86-dvd.iso
/dev/lofi/1
# mount -F hsfs /dev/lofi/1 /mnt/iso

Liveupgrade:
# luupgrade -u -n sxce91 -s /mnt/iso/
No entry for BE in GRUB menu
Copying failsafe kernel from media.
Uncompressing miniroot
Uncompressing miniroot archive (Part2)
13371 blocks
Creating miniroot device
miniroot filesystem is
Mounting miniroot at

Mounting miniroot Part 2 at

Validating the contents of the media
.
The media is a standard Solaris media.
The media contains an operating system upgrade image.
The media contains version <11>.
Constructing upgrade profile to use.
Locating the operating system upgrade program.
Checking for existence of previously scheduled Live Upgrade requests.
Creating upgrade profile for BE .
Checking for GRUB menu on ABE .
Saving GRUB menu on ABE .
Checking for x86 boot partition on ABE.
Determining packages to install or upgrade for BE .
Performing the operating system upgrade of the BE .
CAUTION: Interrupting this process may leave the boot environment unstable
or unbootable.

Upgrading Solaris: 100% completed
Installation of the packages from this media is complete.
Restoring GRUB menu on ABE .
Adding operating system patches to the BE .
The operating system patch installation is complete.
ABE boot partition backing deleted.
Configuring failsafe for system.
Failsafe configuration is complete.
INFORMATION: The file on boot
environment contains a log of the upgrade operation.
INFORMATION: The file on boot
environment contains a log of cleanup operations required.
INFORMATION: Review the files listed above. Remember that all of the files
are located on boot environment . Before you activate boot
environment , determine if any additional system maintenance is
required or if additional media of the software distribution must be
installed.
The Solaris upgrade of the boot environment is complete.
Installing failsafe
Failsafe install is complete.

# luactivate sxce91
System has findroot enabled GRUB
Generating boot-sign, partition and slice information for PBE
Saving existing file in top level dataset for BE as //etc/bootsign.prev.

Generating boot-sign for ABE
Saving existing file in top level dataset for BE as //etc/bootsign.prev.
Generating partition and slice information for ABE
Boot menu exists.
Generating direct boot menu entries for PBE.
Generating xVM menu entries for PBE.
Generating direct boot menu entries for ABE.
Generating xVM menu entries for ABE.
GRUB menu has no default setting
No more bootadm entries. Deletion of bootadm entries is complete.
GRUB menu default setting is unchanged
Done eliding bootadm entries.


**********************************************************************

The target boot environment has been activated. It will be used when you
reboot. NOTE: You MUST NOT USE the reboot, halt, or uadmin commands. You
MUST USE either the init or the shutdown command when you reboot. If you
do not use either init or shutdown, the system will not boot using the
target BE.

**********************************************************************

In case of a failure while booting to the target BE, the following process
needs to be followed to fallback to the currently working boot environment:

1. Boot from Solaris failsafe or boot in single user mode from the Solaris
Install CD or Network.

2. Mount the Parent boot environment root slice to some directory (like
/mnt). You can use the following command to mount:

mount -Fzfs /dev/dsk/c1t0d0s0 /mnt

3. Run utility with out any arguments from the Parent boot
environment root slice, as shown below:

/mnt/sbin/luactivate

4. luactivate, activates the previous working boot environment and
indicates the result.

5. Exit Single User mode and reboot the machine.

**********************************************************************

Modifying boot archive service
Activation of boot environment successful.


# init 6

Wednesday, June 18, 2008

Sun Solaris DTrace - counting page-ins

Need more details than:

% kstat -n vm | grep pgin
anonpgin 727
execpgin 0
fspgin 1012885
pgin 999385
pgpgin 1013612
anonpgin 1347
execpgin 0
fspgin 187550
pgin 46875
pgpgin 188897

22:41 <> hello, is there a way to see what processes could be causing a page-in excess?
22:43 <> dtrace pgin

As always, DTrace to the rescue :-).

cthulhu# dtrace -n pgin'{@[pid, execname] = count();}'
dtrace: description 'pgin' matched 1 probe

^C

27462 gnome-keyring-da 1
27495 wnck-applet 1
430 dbus-daemon 2
27446 gnome-session 2
27483 nautilus 4
27319 Xorg 11

Installing CentOS 5.1 in textmode

Need the old textmode installer? No time to kickstart?

Type
linux mem=192M noprobe

at the GRUB install prompt ;-). A system needs > 128MB RAM to install with Anaconda, but will default to the textmode installer if it has < 256MB RAM.

Making VirtualBox work in headless mode on Solaris

If you've ran VirtualBox 1.6.2 on Solaris or OpenSolaris (SXCE anyway) you'll see something interesting happen when you run VBoxHeadless (let's say in GNU screen) and kill X :-). It will die.

cthulhu% ./VBoxHeadless -s CentOS51
VirtualBox Headless Interface 1.6.2
(C) 2008 Sun Microsystems, Inc.
All rights reserved

Listening on port 3389
X connection to :0.0 broken (explicit kill or server shutdown).

Which is kind of silly for something called "headless"...

Here's the fix:

env DISPLAY=buggerthis /opt/VirtualBox/VBoxHeadless -s SomeMachine

Now you can kill X happily.

It basically dies when :0.0 dies. Make it look for another DISPLAY, and it's fine.

Sunday, June 15, 2008

Mortal Kombat 4 on Solaris - Wine

Using Wine, DosBOX, DosEMU, GSNEX, GBA, ePSX and various other Windows, DOS and game console emulators you can get a fair amount of fun old games running on Solaris (like StarCraft, Mortal Kombat Series, Final Fantasy 1-8, etc). Not to mention the whole Doom, Quake 1,2,3 series using the open sourced engines.



Add a Windows XP in VirtualBox to the mix and you're set :-). You can also use SeamlessRDP to run remote Windows app on your desktop.

Saturday, June 14, 2008

Installing TeX Live 2008 LaTeX distribution on Solaris

If you're installing TeXLive on Solaris you'll run into some issues with tar / GNUtar (gtar).

I've used the small bootstrap installer available on CTAN.

# ./install-tl
...
Installing: 12many
tar: /dev/rmt/0: No such file or directory

It basically sends UNIX tar GNU tar flags. Just copy /usr/bin/gtar to ~/bin/tar (or some other PATH) and put that in PATH first. TeX Live will install just fine.

# copy /usr/bin/gtar /root/bin/tar
# export PATH=/root/bin
# ./install-tl

Wednesday, June 11, 2008

Deploying IBM DB2 inside a Solaris 10 Container

1. Creating the ZFS filesystem:
# zfs create rpool/export/zones

2. Configuring the DB2 zone:
# zonecfg -z db2
db2: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:db2> create
zonecfg:db2> set zonepath=/export/zones/db2
zonecfg:db2> set autoboot=true
zonecfg:db2> add net
zonecfg:db2:net> set address=192.168.1.100/24
zonecfg:db2:net> set physical=iwk0
zonecfg:db2:net> end
zonecfg:db2> verify
zonecfg:db2> commit
zonecfg:db2> exit

3. Installing the DB2 zone:
# zoneadm -z db2 install
A ZFS file system has been created for this zone.
Preparing to install zone .
Creating list of files to copy from the global zone.
Copying <9648> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <1319> packages on the zone.
Initialized <1319> packages on zone.
Zone is initialized.
Installation of these packages generated errors:
Installation of these packages generated warnings:
The file
contains a log of the zone installation.

4. Listing the zones:
# zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / native shared
- db2 installed /export/zones/db2 native shared

5. Booting the DB2 zone:
# zoneadm -z db2 boot

6. Logging into the zone:
# zlogin -C db2
[Connected to zone 'db2' console]

Configure the initial system (locale, etc).

7. Install IBM DB2 Database 9:
db2# gunzip db2_v9fp1_ese_solaris_x64.tar.gz
db2# tar xvf db2_v9fp1_ese_solaris_x64.tar
db2# cd ese/disk1/
db2# ./db2_install


Default directory for installation of products - /opt/IBM/db2/V9.1

***********************************************************
Do you want to choose a different directory to install [yes/no] ?
no


Specify one or more of the following keywords,
separated by spaces, to install DB2 products.

CLIENT
RTCL
ESE

Enter "help" to redisplay product names.

Enter "quit" to exit.

***********************************************************
CLIENT RTCL ESE
DB2 installation is being initialized.

Total number of tasks to be performed: 41
Total estimated time for all tasks to be performed: 915

Task #1 start
Description: Checking license agreement acceptance
Estimated time 1 second(s)
Task #1 end

Task #2 start
Description: GSKit support
Estimated time 19 second(s)
...

8. Add a regular user account to your DB2 zone:

db2# mkdir -p /export/home/cmihai
db2# useradd -s /usr/bin/zsh -d /export/home/cmihai cmihai
db2# chown cmihai /export/home/cmihai
db2# passwd cmihai
New Password:
Re-enter new Password:
passwd: password successfully changed for cmihai
db2# su - cmihai
db2% cd /opt/IBM/db2/V9.1/bin

Check locale(1) and export LC_ALL=C if needed or db2 will complain:

db2% ./db2fs
couldn't set locale correctly

Make sure you read the install log in /tmp.

Here's a tip though: if you can, use the Graphical installer (ssh -X and run db2setup instead of db2_install).
All you need now is add various tuning, limitations and zfs quotas, etc.

If you need to start over, there's always ZFS snapshots or db2_deinstall.

Either way, if you need to create an instance:

# ./db2icrt -s wse -u db2fenc1 db2inst1
Sun Microsystems Inc. SunOS 5.11 snv_90 January 2008
Sun Microsystems Inc. SunOS 5.11 snv_90 January 2008
DBI1070I Program db2icrt completed successfully.

You can now use db2 to create a database and connect to it.

# db2
db2=> CREATE DATABASE test
db2 => CONNECT TO test
Database Connection Information

Database server = DB2/SUN64 9.1.1
SQL authorization ID = DB2INST1
Local database alias = TEST

db2 => CREATE TABLE clients (name char(25), surname char(50))
DB20000I The SQL command completed successfully.
db2 => LIST TABLES

Table/View Schema Type Creation time
------------------------------- --------------- ----- --------------------------
CLIENTS DB2INST1 T 2008-06-11-05.39.58.167896

1 record(s) selected.

db2 => INSERT INTO clients VALUES ('Some','Guy')
DB20000I The SQL command completed successfully.
db2 => SELECT * FROM clients

NAME SURNAME
------------------------- --------------------------------------------------
Some Guy

1 record(s) selected.

Building xpdf on Solaris

Building xpdf on SXCE 90:

xpdf has some issues building with Sun Studio, so I suggest you use gcc. Make sure you export CC=g++ or linking will fail.

export PATH=/usr/bin:/usr/dt/bin:/usr/openwin/bin:/usr/ucb:/usr/sbin:/opt/SUNWspro/bin:/usr/local/bin:/usr/sfw/bin:/usr/sfw/sbin
export CC=/usr/sfw/bin/g++
./configure --with-freetype2-library=/usr/lib --with-freetype2-includes=/usr/include/freetype2 && gmake
su
gmake install

Reading Microsoft Office 2007 formats with OpenOffice

You can rename the .docx or whatever to .zip and look at the .xml files, or you can use this:

OpenOffice plugin for Microsoft XML document format:

http://www.novell.com/documentation/openwg/esd/di_ooo_openxml_translator.html

Staring SQL Developer or JDeveloper fails due to hidden messagebox

Can you spot why Oracle SQL Developer and JDeveloper aren't starting in this scenario?

You can't even see it on a white background (and there is no window in the taskbar) but there is a question box right behind the slash screen :-). Pay attention to the right edge of the splash...



Still, I love the new Java look.



Tuesday, June 10, 2008

Compiling GNU Screen, irssi and Emacs on Solaris with Sun Studio 12

Screen, Emacs and irssi aren't included in Solaris, and the Sun Freeware versions tend to be out of date. Blastwave usually pulls in too many depends. You can compile screen, irssi and emacs without any additional depends on SXCE 90 and you get to use SS12.

Here's how you compile them on SXCE 90 using Sun Studio 12.

  1. Install Sun Studio 12. If you have SXCE, just use the Developer Tools installer from the DVD.
  2. Export a PATH that includes Sun Studio (you can also just export CC):
    PATH=/usr/bin:/usr/dt/bin:/usr/openwin/bin:/usr/ucb:/usr/sbin:/opt/SUNWspro/bin
    export PATH
  3. Download and untar the sources
  4. ./configure --prefix=/usr/local; gmake; su; gmake install
If you're compiling screen, it will fail. It's because it assumes you're using Solaris 9 or older / no setenv.
Look for the offending line:

# if defined(linux) || defined(__convex__) || (BSD >= 199103)
setenv(var, value, 1);
# else
setenv(var, value);
# endif /* linux || convex || BSD >= 199103 */
#endif /* USESETENV */

Just replace setenv(var, value); to use 3 parameters: setenv(var, value, 1);


Better yet (pkgsrc):

  1. Index: misc.c
  2. --- misc.c.orig 2003-12-05 14:45:41 +0100
  3. +++ misc.c 2006-07-13 18:00:46 +0200
  4. @@ -613,7 +613,7 @@
  5. */
  6. # endif /* NEEDSETENV */
  7. #else /* USESETENV */
  8. -# if defined(linux) || defined(__convex__) || (BSD >= 199103)
  9. +# if defined(linux) || defined(__convex__) || (BSD >= 199103) || defined(__sun)
  10. setenv(var, value, 1);
  11. # else
  12. setenv(var, value);

Now screen will compile. You can also make packages.

Other software such as top, smartctl (smartmontools) and so on all compiles cleanly without the need for 3rd party depends.

Monday, June 09, 2008

GStreamer plugins to decode MP3 files in SXCE 90

Solaris Express no longer provides a GStreamer MP3 decoder plugin, so you'll need to install a 3rd party plugin (or the plugin from an older SXCE release).

Basically, when you plug in your iPod or run Rythmbox and add some mp3 song, you'll get something like:

"The GStreamer plugins to decode "MP3" files cannot be found.

You can download the MP3 decoder plugin for free from Fluendo (you still need to register and use the webshop interface to "buy" it for 0$).
http://www.fluendo.com/resources/fluendo_mp3.php

Select "Fluendo MP3 Decoder".

Read the documentation, and make sure the plugin is set to executable and all dependencies are resolved.

cthulhu% gst-inspect flump3dec

(gst-inspect:7948): GStreamer-WARNING **: Failed to load plugin '/export/home/cmihai/.gstreamer-0.10/plugins/libgstflump3dec.so': ld.so.1: gst-inspect-0.10: fatal: libgcc_s.so.1: open failed: No such file or directory
No such element or plugin 'flump3dec'

cthulhu% ldd ~/.gstreamer-0.10/plugins/libgstflump3dec.so
warning: ldd: /export/home/cmihai/.gstreamer-0.10/plugins/libgstflump3dec.so: is not executable
libgstreamer-0.10.so.0 => /usr/lib/libgstreamer-0.10.so.0

cthulhu% chmod +x ~/.gstreamer-0.10/plugins/libgstflump3dec.so
cthulhu% grep libgcc /var/sadm/install/contents
/usr/sfw/lib/amd64/libgcc_s.so=libgcc_s.so.1 s none SUNWgccruntime

cthulhu% export LD_LIBRARY_PATH=/usr/sfw/lib
cthulhu% gst-inspect flump3dec
Factory Details:
Long name: Fluendo MP3 Decoder (C build)
Class: Codec/Decoder/Audio
Description: Decodes MPEG-1 Layer 1, 2 and 3 streams to raw audio frames
Author(s): Fluendo Support
Rank: primary (256)

cthulhu% rhythmbox

Now you can play MP3 files in Rhythmbox, Totem, etc.

ZFS Root in Solaris Express Community Edition - SXCE 90

Solaris Express Community Edition now supports ZFS root. Pick Solaris Express Developer in the grub menu, exit the X gui installer (Ctrl - Alt - Backspace) and use the text mode installer (install-solaris from the console). Now select "ZFS root" :-).

You should now have a default ZFS rpool.

It also supports JumpStart:

http://opensolaris.org/os/community/zfs/boot/zfsbootFAQ/

Saturday, May 24, 2008

Disable OpenSolaris Network Auto-Magic (NWAM)

NWAM is now enabled by default, but it has some limitations (only one NIC is enabled, etc). Personally, I like to configure the network interfaces myself.

To disable Network Auto-Magic on SXCE (Solaris Express Community
Edition) or Indiana (OpenSolaris):

# svcadm disable svc:/network/physical:nwam

Monday, May 19, 2008

Disk Cleanup Wizzard in Windows Server 2008

If you want to run the Disk Cleanup Wizzard (cleanmgr) on Windows 2008 Server you need to install the "Desktop Experience" Role and restart your computer.

So basically, start the Server Manager (CompMgmtLauncher.exe) - Features - Add Feature - Desktop Experience and restart your machine. IT doesn't mention this also adds the Cleanup Wizzard though, heh.



It's a bit counter-intuitive, but that's how it is. This also adds themes, Media Player, photo management and a few other useless things.

Thursday, May 15, 2008

Digg down, suggests you watch some p0rn while they restart the servers

Digg was down for a couple of minutes. Check the highlighted links :-). I'm wondering if that's a bug or a feature...




Doesn't look like anything was hacked though, google indexed it and all.



Either way, some of the links aren't exactly "Safe for Work" and it seems pretty irresponsible to put them on the front page like that, heh.

Custom df (diskfree) column output in Solaris using nawk

Let's say you want to combine some features of "df -h" with "df -n" to show filesystem type and some other custom modifications to the output. This is where awk/nakw/gawk/whatever come in handy:

% df -g | nawk '{if (NR % 5 == 1) printf "%-22s", $1 ; if (NR % 5 == 4) printf "%-10s", "fstype " $1 "\n"; if (NR % 5 == 2) printf "%-30s",$1/2/1024/1024 " GB"; if (NR % 5 == 2) printf "%-30s", $4/2/1024/1024 " GB free "}'


/ 33.6627 GB 18.4351 GB free fstype ufs
/devices 0 GB 0 GB free fstype devfs
/system/contract 0 GB 0 GB free fstype ctfs
/proc 0 GB 0 GB free fstype proc
/etc/mnttab 0 GB 0 GB free fstype mntfs
/etc/svc/volatile 7.88214 GB 7.8813 GB free fstype tmpfs
/system/object 0 GB 0 GB free fstype objfs
/lib/libc.so.1 33.6627 GB 18.4351 GB free fstype ufs
/dev/fd 0 GB 0 GB free fstype fd
/tmp 7.88142 GB 7.8813 GB free fstype tmpfs
/var/run 7.88134 GB 7.8813 GB free fstype tmpfs
/export/home 74.4858 GB 1.87458 GB free fstype ufs
/storage 108.639 GB 66.9259 GB free fstype nfs

You can also add a comma (,) to the separators and output > csv (you can open the comma separated values table in Excel or OpenOffice or any other Spreadsheet application) :-).

OpenBSD Web Portal server (Drupal)

Final goal: Drupal Web portal with TinyMCE JavaScript editor, Unicode and Locales support running on OpenBSD 4.3.

1. Installing and configuring OpenBSD – read the FAQ, partition.

a. You can install OpenBSD via cdrom (install43.iso or cd43.iso for netinstall) or netboot via TFTP / BOOTP / DHCPD. Read diskless(8) for details. On Windows, you can use TFTPD32 for DHCP/TFTP.

b. Partition the disk (read the FAQ on partitioning). Example partitioning scheme:

Partition

Mount location

Filesystem

Mount options

/dev/sd0a

/

ffs

rw,softdep

1 1

/dev/sd0b

swap

swap



/dev/sd0c

Whole disk




/dev/sd0d

/tmp

ffs

rw,softdep,nodev,nosuid

1 2

/dev/sd0e

/var

ffs

rw,softdep,nodev,nosuid

1 2

/dev/sd0f

/usr

ffs

rw,softdep,nodev

1 2

/dev/sd0g

/home

ffs

rw,softdep,nodev,nosuid

1 2

c. Disable non-critical services (like ident, time, daytime, etc.) from /etc/inetd.conf. Just comment out the lines you don’t want with a #.

d. Make sure you enable Soft Updates (softdep) mounts – they increase the Filesystem performance tenfold when it comes to writing a lot of small files. This is done by adding “softdep” to mount options in /etc/fstab.

e. Add a regular user account. You can use the useradd(8) script. Make sure you add the user to the wheel group to allow su – root.

f. For added security configure „sudo” by running visudo(8). You can permit all users in the wheel group to sudo root: %wheel ALL=(ALL) NOPASSWD: SETENV: ALL

i. It’s usually best to disable root logins and use “sudo” for root access (sudo –i or su – if you need a root sheel). Edit /etc/ssh/sshd_config. You can also change the default ssh port from 22 to some random port to mitigate against brute force attacks. Keeps them from filling out your logs with junk. Consider using ssh keys also.

ii. Port 6969

iii. PermitRootLogin no

iv. Restart the OpenSSH daemon: „pkill –HUP sshd

g. Configure your user profile to use a ftp mirror. Add the following to your ~/.profile: (or whatever shell you’re using, eg: .bashrc, .zshrc): PKG_PATH=ftp://ftp.su.se/pub/OpenBSD/4.3/packages/i386/; export PKG_PATH

h. Restart the system (to mount softdep, etc.).

i. Install some “critical” packages:

i. pkg_add -vi mc zsh screen elinks zip unzip bzip2

j. Install ports

i. cd /usr
sudo ftp ftp://ftp.su.se/pub/OpenBSD/4.3/ports.tar.gz
sudo tar zxf ports.tar.gz

k. Unpack the OpenBSD source code (src and kernel – sys) – these are required for patching OpenBSD:

i. cd /usr/src
sudo ftp ftp://ftp.su.se/pub/OpenBSD/4.3/src.tar.gz
sudo ftp ftp://ftp.su.se/pub/OpenBSD/4.3/sys.tar.gz
sudo tar zxvf src.tar.gz
sudo tar zxvf sys.tar.gz

l. Apply OpenBSD security patches. You download patches from http://www.openbsd.org/errata43.html and you apply them using the instructions in the patch headers:

i. ftp ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3.tar.gz
You can put 001_openssh.patch, 002_openssh2.patch and the following patches in /usr/src and apply them. Read the header for the patches for instructions.

% head -11 001_openssh.patch
Apply by doing:
cd /usr/src
patch -p0 < install ="="> lib
===> ssh
install -c -s -o root -g bin -m 555 ssh /usr/bin/ssh
install -c -o root -g bin -m 444 ssh.cat1 /usr/share/man/cat1/ssh.0
install -c -o root -g bin -m 444 ssh_config.cat5 /usr/share/man/cat5/ssh_config.0
/usr/share/man/cat1/slogin.0 -> /usr/share/man/cat1/ssh.0
/usr/bin/slogin -> /usr/bin/ssh
===> sshd
install -c -s -o root -g bin -m 555 sshd /usr/sbin/sshd
install -c -o root -g bin -m 444 sshd.cat8 /usr/share/man/cat8/sshd.0
install -c -o root -g bin -m 444 sshd_config.cat5 /usr/share/man/cat5/sshd_config.0
===> ssh-add
install -c -s -o root -g bin -m 555 ssh-add /usr/bin/ssh-add
install -c -o root -g bin -m 444 ssh-add.cat1 /usr/share/man/cat1/ssh-add.0
===> ssh-keygen
install -c -s -o root -g bin -m 555 ssh-keygen /usr/bin/ssh-keygen
install -c -o root -g bin -m 444 ssh-keygen.cat1 /usr/share/man/cat1/ssh-keygen.0
===> ssh-agent
install -c -s -o root -g _sshagnt -m 2555 ssh-agent /usr/bin/ssh-agent
install -c -o root -g bin -m 444 ssh-agent.cat1 /usr/share/man/cat1/ssh-agent.0
===> scp
install -c -s -o root -g bin -m 555 scp /usr/bin/scp
install -c -o root -g bin -m 444 scp.cat1 /usr/share/man/cat1/scp.0
===> sftp-server
install -c -s -o root -g bin -m 555 sftp-server /usr/libexec/sftp-server
install -c -o root -g bin -m 444 sftp-server.cat8 /usr/share/man/cat8/sftp-server.0
===> ssh-keysign
install -c -s -o root -g bin -m 4555 ssh-keysign /usr/libexec/ssh-keysign
install -c -o root -g bin -m 444 ssh-keysign.cat8 /usr/share/man/cat8/ssh-keysign.0
===> ssh-keyscan
install -c -s -o root -g bin -m 555 ssh-keyscan /usr/bin/ssh-keyscan
install -c -o root -g bin -m 444 ssh-keyscan.cat1 /usr/share/man/cat1/ssh-keyscan.0
===> sftp
install -c -s -o root -g bin -m 555 sftp /usr/bin/sftp
install -c -o root -g bin -m 444 sftp.cat1 /usr/share/man/cat1/sftp.0
===> scard
install -c -m 444 -o root -g bin Ssh.bin /usr/libdata/ssh

  • 2. Restart the system to apply patches (or just the affected services by using pkill –HUP for example if you didn’t patch the kernel).
3. Installing additional OpenBSD filesets if required by say php5-gd: (if you skipped this at install). You can read the FAQ, but this is basically it:

a. % cd / && sudo ftp ftp://ftp.su.se/pub/OpenBSD/4.3/i386/xbase43.tgz
% sudo tar xzvphf xbase43.tgz

% sudo ldconfig -m /usr/X11R6/lib
4. Install PHP 5 (and various libraries for image manipulation, database access and Unicode support):

a. % sudo pkg_add -vi php5-core php5-mysql php5-curl php5-mbstring php5-gd
Ambiguous: choose package for php5-gd
0:
1: php5-gd-5.2.5
2: php5-gd-5.2.5-no_x11
Your choice: 1
parsing php5-gd-5.2.5

b. Activate PHP modules by creating the various symbolic links:

i. % sudo ln -s /var/www/conf/modules.sample/php5.conf /var/www/conf/modules

ii. % sudo ln -fs /var/www/conf/php5.sample/curl.ini /var/www/conf/php5/curl.ini

iii. % sudo ln -fs /var/www/conf/php5.sample/gd.ini /var/www/conf/php5/gd.ini

iv. % sudo ln -fs /var/www/conf/php5.sample/mbstring.ini /var/www/conf/php5/mbstring.ini

v. % sudo ln -fs /var/www/conf/php5.sample/mysql.ini /var/www/conf/php5/mysql.ini

5. Install, configure and secure the MySQL database:

a. % sudo pkg_add -vi mysql-server

b. Installing the default database

i. % sudo /usr/local/bin/mysql_install_db

c. Starting the MySQL service:

i. % sudo /usr/local/bin/mysqld_safe&
[1] 32390
% Starting mysqld daemon with databases from /var/mysql

d. Secure the installation (delete anonymous users, the test database and set a root password). PS: don’t use # in your password, there’s a bug in the script. Set that manually if you want.

i. % sudo /usr/local/bin/mysql_secure_installation

e. Tune some sysctl parameters for MySQL:

i. Edit /etc/sysctl.conf:
kern.shminfo.shmall=32768
kern.maxfiles=8192

ii. Apply the changes
% sudo sysctl kern.shminfo.shmall=32768
kern.shminfo.shmall: 8192 -> 32768
% sudo sysctl kern.maxfiles=8192
kern.maxfiles: 3580 -> 8192

iii. Add a mysql login in /etc/login.conf:
mysql:\
:openfiles-cur=1536:\
:openfiles-max=3096:\
:tc=daemon:

iv. % sudo cap_mkdb /etc/login.conf

6. Configure SSL (Secure Sockets Layer) for Apache mod_ssl (https). Generate a self signed certificate (or sign one) by reading ssl(8).

a. % sudo openssl genrsa -out /etc/ssl/private/server.key 1024
% sudo openssl req -new -key /etc/ssl/private/server.key -out /etc/ssl/private/server.csr
% sudo openssl x509 -req -days 365 -in /etc/ssl/private/server.csr -signkey /etc/ssl/private/server.key -out /etc/ssl/server.crt

b. Test SSL support (lynx is ssl enabled):
% sudo apachectl startssl
% lynx https://localhost

7. Configure the Apache webserver:

a. Edit the Apache configuration file and setup PHP and server details /var/www/conf/httpd.conf
AddType application/x-httpd-php .php
ServerAdmin cmihai@website
DirectoryIndex index.html index.php
ServerName hostname(fqdn)

b. Configure PHP:

i. Edit the PHP config /var/www/conf/php.ini
upload_max_filesize = 12M

c. Test PHP:
ed /var/www/htdocs/index.php
a

Test PHP:
.
w
q
% lynx http://localhost/index.php

d. Configure Sendmail for supporting the Apache chroot[1]
% sudo pkg_add -vi mini_sendmail-chroot
parsing mini_sendmail-chroot-1.3.6p0
mini_sendmail-chroot-1.3.6p0: complete

% sudo mkdir -p /var/www/usr/sbin/
% sudo ln /var/www/bin/mini_sendmail /var/www/usr/sbin/sendmail
% sudo cp /bin/sh /var/www/bin

8. Configure services to start at boot (Apache and MySQL):

a. % sudo ed /etc/rc.conf
httpd_flags="-DSSL"

b. % sudo ed /etc/rc.local
if [ -x /usr/local/bin/mysqld_safe ] ; then
su -c mysql root -c '/usr/local/bin/mysqld_safe >/dev/null 2>&1 &'
echo -n ' mysql'
fi
# Crearea unui link pentru socketul MySQL in chrootul Apache
mkdir -p /var/www/var/run/mysql
sleep 5
ln -f /var/run/mysql/mysql.sock /var/www/var/run/mysql/mysql.sock

c. Reboot to test changes.

9. Crate a database for Drupal and a user. Grand permissions:

a. % sudo mysql -u root -p
CREATE USER drupal IDENTIFIED BY 'password';
CREATE DATABASE drupal CHARACTER SET utf8;
GRANT ALL PRIVILEGES ON drupal.* to USER drupal@localhost IDENTIFIED BY 'password';

10.Install Drupal and modules:

a. % sudo pkg_add -vi drupal5-tinymce drupal5-link-to-content drupal5-imce drupal5-image drupal5-backup-migrate drupal5-autolocale drupal5-token drupal5-securelogin ImageMagick

11.Optionally configure .httauth for security:

a. % cd /var/www
% sudo htpasswd -c htpasswd username

Add .htaccess to /var/www/htdocs
AuthName "Nu este permis accesul"
AuthType Basic
AuthUserFile ../htpasswd
require valid-user

b. Add “Add AllowOverride All” în /var/www/conf/httpd.conf.

c. Restart Apache (apachectl stop && apachectl startssl).



You can now configure Drupal and the various modules. Be sure to setup a backup schedule. You can use the Drupal database backup and restore module.

You can also install Apache mod_security for additional security:
% sudo pkg_add -vi modsecurity-apache
% sudo /usr/local/sbin/mod_security-enable
% sudo apachectl stop && sudo apachectl startssl

Make sure you read /usr/local/share/doc/mod_security/modsecurity-manual.pdf

You should also keep an eye on your webserver. For monitoring, I recommend top(1), vmstat, (8), sysctl hw, pftop and mytop.

% sudo pkg_add -vi mytop pftop
% sudo /usr/local/sbin/pftop

To use mytop you'll need a ~/.mytop file (and set proper permissions on it). You can add something like:

prompt=1
pass=
user=drupal
db=drupal
delay=5
port=3306
socket=
batchmode=0
header=1
color=1
idle=1

% mytop


MyTOP in Action

You'll also want to setup Packet Filter. Read the PF User's Guide, pf.conf(5) and the example rulesets in /usr/share/pf/examples. Enable pf in /etc/rc.conf (pf=YES).

[1] Read chroot(2) ssl(8) afterboot(8), etc.