Tuesday, December 30, 2008

GpxUpdate source released

A few months ago I wrote a quick bit of hobby code which I called GpxUpdate. Today I got around to putting the source code up on SourceForge. Taken from the "about" section on the website:

GpxUpdate is a Geocache manager that allows you to update co-ordinates for puzzle caches, then export a modified GPX file. From there you may choose to convert to Google Earth format, copy to a GPS, copy to a PDA, etc.

The important thing is that it stores changes to files, rather than the file itself, meaning you can continually update the GPX file from geocaching.com, then apply the changes for the caches you've solved.

It's freely available (both in source code and as an end user program), and can theoretically run on any platform that supports Java and has a port of SWT/JFace. It has been tested on Linux and Mac OS X, and should work on Windows.

I've found this application really useful. I have a weekly scheduled pocket query on GeoCaching.com which sends me a list of the 500 nearest caches to my house that I haven't found. I then load the file into GpxUpdate, then press the Save button to export a modified GPX file, which I then use gpsbabel to export a Google Earth KML file, and also export to my Garmin GPS. I also copy the modified GPX file to my PDA for paperless caching.

During the week, as I figure out answers to the puzzle or multi caches, I update the co-ordinates in GpxUpdate. When I find a cache, I untick the box next to it in GpxUpdate (only ticked caches are exported). This means that when I sync my GPS, KML file and PDA, I get a list of only those caches I haven't found (regardless of how old my original query file is), and I get the updated co-ordinates on my GPS, meaning when I finally go to hunt the caches down, I can treat them like regular traditional caches.

Tuesday, September 23, 2008

Red Hat support

I've had Red Hat subscriptions for years. Basically, I've paid for access to their updates, ie. the ability to type "yum update" on a RHEL5 box, or the up2date equivalent in previous RHEL releases. US$350 / year seemed a bit steep for that, but the product is good so I paid it. We have some SLES infrastructure too, and the RHEL / RHN updates always works (SLES 10 updates break constantly), so we've stuck with them.

Anyway, yesterday for the first time I had the need to contact Red Hat support with a technical question to which I couldn't figure out the answer:

Our RHEL Xen host machine has filled up its root mount and I'm having trouble figuring out why:

[root@vodka ~]# df -H
Filesystem Size Used Avail Use% Mounted on
/dev/md0 5.1G 4.8G 33M 100% /
tmpfs 2.1G 0 2.1G 0% /dev/shm
[root@vodka ~]#

It hasn't run out of inodes:

[root@vodka ~]# df -i
Filesystem Inodes IUsed IFree IUse% Mounted on
/dev/md0 1280000 80028 1199972 7% /
tmpfs 497495 1 497494 1% /dev/shm
[root@vodka ~]#

And du reflects what I think the situation should be:

[root@vodka ~]# du / --max-depth=0 -h
2.1G /
[root@vodka ~]#

How is this possible? Being a Xen host, the machine has very little installed or running on it - it's just there to host 3 virtual machines. The virtual machines have their own software RAID partition each as their virtual HDD's.

The virtual machines appear to be running unaffected by the problem at the moment, but the host isn't getting updates from RHN (due to the full root mount, I'd be guessing).

Now, I'm on the "Basic" RHEL support contract, meaning 2 business day response time by web only (no telephone support), because I've never really valued the support option. Anyway, in around 24 hours I got a nice response advising me to look at the following two knowledge base articles:


After looking, they were bang on. Xen has this save directory that fills my disk, and somehow the file gets deleted, but Xen holds a file descriptor open to it, just like the first of those two knowledge base articles says. This is confirmed behaviour on the Xen-Users mailing list:


Very annoying. But if you follow the instructions in that mailing list post (except the file on RHEL5 is in /etc/sysconfig/xendomains, not /etc/default/xendomains) and tell it not to save the file, then restart your xend and xendomains, the space gets freed up again.

Anyway, I'm really happy with Red Hat support. They provided me an answer in half their SLA time which helped me solve the problem. You might think you'll never use their support - for years I wondered if it was any good and worth paying for. It is, and it's worth having the RHEL subscription for.

Wednesday, July 16, 2008

VMware Server 1.0.6 on Ubuntu Hardy

I've just installed VMware Server (free as in price, but not open source), and on running up their GUI app (VMware Server Console) I get the following:

nathanr@raptor:~$ vmware
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4' not found (required by /usr/lib/libcairo.so.2)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0' not found (required by /usr/lib/libstdc++.so.6)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4' not found (required by /usr/lib/libcairo.so.2)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0' not found (required by /usr/lib/libstdc++.so.6)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4' not found (required by /usr/lib/libcairo.so.2)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0' not found (required by /usr/lib/libstdc++.so.6)

As it turns out, VMware override the local libraries that are installed on your system. If you cancel the override for libgcc then the problem goes away and the VMware Server console works. To do so, edit /usr/lib/vmware/lib/wrapper-gtk24.sh and find the line:

vm_append_lib 'libgcc_s.so.1'

And then comment it out as such:

#vm_append_lib 'libgcc_s.so.1'

Now VMware Server Console will work.

Wednesday, July 2, 2008

"Free" Sun Solaris

I've spent a few days investigating Sun's software stack. And I've found a few cool things:

Now, this opens a can of worms. The word "support" for mine means "technical support", as in I can ring the vendor, email the vendor, and they have a service level agreement in place such that they'll answer my question within a guaranteed period of time.

Great, I thought - I don't want to ring Sun for technical support, I just want some software. Apparently not, according to their FAQ:

Are patches available for free? And, if I download software are the patches free?

In the past, Sun charged for software releases and gave patches away for free. Now, Sun gives the software releases away and charges for most patches. This new model is similar to the model used by some Linux vendors. [...] However, Security and device driver patches are free.

Ok, so you need to pay for bug fixes, but security updates are free. Do you know how hard that was to find on their website though? It's easy to find the "download Solaris for free" links all over the website, but it took me two hours to find the "pay for the patches" clause hidden away in a FAQ. It's not even in the license agreement.

Oh well, no drama. After all, at least you're getting security updates. Well, yes - the hard way. According to that FAQ:

To find a free patch, locate the patch ID in the patch list that does not show a key icon. Those patches that cost show the key icon.
  1. On the SunSolve site, find the “Download Product Specific Patches” section at the bottom of the page.

  2. Find the “Software, Solaris” section and Select OS drop-down menu.

  3. From the drop-down menu, obtain the correct patch list by selecting the release and platform type.

In other words, it's such a pain that nobody will bother. I wonder why that would be. Don't worry - Sun answer that one too:

You can purchase a support contract to obtain patches for a fee. Or, if you upgrade to the next Solaris 10 release, such as the Solaris 10 4/08 release, this release contains all the available bug fixes.

... and then you can use their automated patch management tools.

So there you have it - Solaris and all the enterprise software stack can be downloaded and installed on your production servers for free. However, at least with the Solaris OS, you'll need to pay if you care about the security of your servers. So nothing has really changed then, I guess. I can't for the life of me find any information on free patches any of the rest of the stack, so who knows what the story is with that.

So I thought I'd download the open source web server (Glassfish), and opened the update manager. In there are tick boxes to download the commercial Java System Access Manager, not the open sourced OpenSSO. WTF?

Sun have done some great things in open sourcing some truly great products. Glassfish is genuinely good, and I really hope Sun doesn't ruin it by silly vagueness in their support arrangements. Otherwise we'll all just stick to Tomcat on Linux and bypass them all together.

Monday, May 19, 2008

Starting out rallying

Recently my brother purchased a new VW Golf GTi, and with the money from the sale of his 1997 VW Polo we're considering building a rally car and starting out competing in local rallies.

I've done a bit of research, and it looks like the Excel Rally Series is the entry to the sport in Australia. According to that site it costs $8-10k to build a car, and from what I gather the basics you need are:

  • A third generation Hyundai Excel (preferably the later ones, which were DOHC and more powerful than the earlier SOHC models).

  • Roll cage

  • Some sort of suspension changes

  • Rally tyres

  • A few spare rims for when you get a flat tyre

  • Race brake pads

  • Trailer for towing car to and from events

  • Fire extinguisher (not sure how serious the fire system needs to be)

  • Bonnet pins and tow hooks

  • Mud flaps

  • Clubman Rally license from CAMS

Anyway, as I figure more out I'll post it. If I actually get around to building this car then I'll post up a "cheat sheet" of what's needed, costs, and who I got mine from, so that the next person who is interested in getting started in rallying doesn't need to find out all this stuff from first principles.

Tuesday, April 29, 2008

Java 6 and java.awt.Desktop

In a current application we're writing, we've got a use case where you can upload a file, and later download it by pressing the "View" button, which will open the file in correct application for the user.

We're using Java, and I thought this would be a nasty task full of pain and suffering, but to my suprise Java 6 includes a class which does exactly this: java.awt.Desktop. Here's some sample code which will open a PDF file on my disk.

import java.awt.*;
import java.io.*;

public class Test {
public static void main(String[] args) throws Exception {
Desktop.getDesktop().open(new File("/home/nathanr/Desktop/file.pdf"));

Cool, huh? Now I'm sure you Windows / .NET people are saying "that's not hard - we've been able to do that for $x years". Sure, but the above will work on Linux and Mac too.

Sunday, April 6, 2008

Fix: F-Spot opening Gimp for RAW files on Ubuntu Hardy

In the previous post, I described how to fix Ubuntu (Hardy - 8.0.4) to get photo importing working with the F-Spot photo management application it ships with, so now to get F-Spot to use Gimp to edit the photos you've imported.

Now, it would seem that Ubuntu ships in a working way if you've imported JPEG files off your camera. However, if you've got a decent camera (ie. DSLR) you've no doubt switched your camera to RAW mode, which for me is Canon CR2. You'll find that:
  1. You can view the RAW files in Nautilus (the Gnome file manager)
  2. You can view the RAW files in F-Spot
  3. When you right click in Nautilus, you'll notice that Gimp is there and will open the file
  4. But you'll notice that when you right click on the photo in F-Spot, the "Open With" menu is blank.
The rest of this post deals with how to get Gimp to appear in the "Open With" menu for F-Spot.

Ok, so there are two things missing.
  1. The MIME type for the raw file type is missing
  2. The Gimp application description file is missing the mime type that says "I can open raw files"
But firstly, make sure you have ufraw, gimp and f-spot installed, including the gimp-ufraw package.

Now, to fix problem #1, add a file in the directory "~/.local/share/mime/packages" called "canonraw-mimetypes.xml", with the contents:
<?xml version="1.0"?>
<mime-info xmlns='http://www.freedesktop.org/standards/shared-mime-info'>
<mime-type type="image/x-canon-cr2">
<comment>Canon RAW</comment>
<glob pattern="*.cr2"/>
Now, to fix problem #2, you need to edit the gimp.desktop file. As root, edit the file "/usr/share/applications/gimp.desktop", and on the line that begins with "MimeType=" you need to add "image/x-canon-cr2;" to the end of it.

Now, update the Gnome MIME database:
nathanr@falcon:~$ update-mime-database ~/.local/share/mime/
After logging out and logging in the "Open With" menu should include Gimp for *.cr2 files.

Note to Mac users: you can ignore this post. It's another case of "it just works on the Mac".

Fix: Importing photos on Ubuntu Hardy

A few weeks ago importing from my Canon EOS 350D to my Ubuntu machines was working, but at some point an update has broken it. I spent a bit of time this morning finding out why. (For those of you who have never tried using an Apple Mac, this stuff never happens on a Mac - things just work.) Anyway...

There are two separate stuff-ups at the moment. The first is that the pop-up that asks you whether you'd like to import your photos doesn't come up when you plug-in your camera. Don't know why this default was changed, but you can switch it back on as described in this forum post.

Ok, so now if you plug in your camera, F-Spot will pop up and say:

Received error "Could not claim the USB device" while connecting to camera
The answer is based on a forum post and a blog entry I found on the web. However, they're not 100% accurate, because the file "/etc/udev/rules.d/45-libgphoto2.rules" no longer exists. So I added the file back with the one line:
SYSFS{idVendor}=="04a9", SYSFS{idProduct}=="30ee", MODE="0660", GROUP="plugdev"

The "04a9" is the ID for Canon, and the "30ee" is the ID for the EOS 350D. You can find your IDs by the "lsusb" command:
nathanr@raptor:~$ lsusb
Bus 008 Device 004: ID 04a9:30ee Canon, Inc. EOS 350D
Look for the entry for your camera, and copy the bit before the ":" as your vendor ID, and the bit after the ":" as your product ID.

After that, and a restart of udev:
nathanr@raptor:~$ sudo /etc/init.d/udev restart
Then things started working; and once again we relearn the age old truth - Linux is only free if your time has no value. How I miss Mac OS X and Apple's iPhoto.

Monday, March 24, 2008

Dell XPS M1330

After a couple of months not being able to use my Apple laptop for work, I decided to buy another one. And as usual, I looked hard at PC laptops at the same time. Unlike the last three times, this time I did buy a PC, however. A Dell XPS M1330, as recommended on the Ubuntu website. In Australia, we aren't able to buy this laptop pre-installed with Linux, so I had to get it with Windows Vista.

I took the onboard Intel graphics (not the nVidia), as it's better supported, and the 7200RPM hard disk, with the Intel wireless chipset. All in all, this laptop running Linux has stunned me with how well it works. I haven't bothered trying the onboard camera, but I haven't had to stuff around with anything really. Even when I plug it into the 22" LCD screen at work, it does desktop extension wonderfully.

And that's the thing. They're now 90% as good as a Mac. And in 12 months time when I want a new one, I can hand it on to somebody else at work and get another, because it has a Windows license, and in the meantime I can legally have Windows Vista running in a VMware Server instance for the odd thing I want to do in Windows.

But I haven't defected from the Apple clan - I'm just in exile. I still have my old MacBook as well.

Friday, February 22, 2008

Fix: Samba PAM validation errors

Here's one I hope Google will index so that the next person who comes across this problem can solve it quickly.

I have a Windows 2003 R2 Active Directory domain controller, and have several Linux Samba servers which serve files for Windows users. I had one particular user who would get this error:

[2008/02/22 15:38:54, 0] auth/pampass.c:smb_pam_accountcheck(781)
smb_pam_accountcheck: PAM: Account Validation Failed - Rejecting User DOMAIN\username!

when accessing a Samba server, but is able to access things on the Windows 2k3 server. As it turns out, I hadn't configured PAM properly. In /etc/pam.d/samba I changed it to be:

@include common-auth
#@include common-account
account required pam_winbind.so
@include common-session

I restarted Samba and things work now.

Monday, February 11, 2008

PositiveSSL and Apache Tomcat 6

I had to renew an SSL certificate for our production web server today. This proved to be more painful than I thought it'd be, mainly due to out of date instructions provided by the certificate vendor. FWIW, we use Comodo PositiveSSL, and it's cheap so I'd recommend it.
Anyway, here's how to get it to work with tomcat:
$ keytool -genkey -alias tomcat -keyalg RSA -keystore keystore.jks

The first question it will ask is "What is your first and last name?". Don't type your name. This should be the name of the server (eg. "www.yourcompany.com"). The rest of the questions you can answer as usual.

$ keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr -keystore keystore.jks

Now, you fill out the PositiveSSL webform, putting your credit card and other details in. It's ask you to paste in the Certificate Signing Request as well - just copy and paste the contents of the certreq.csr file into that field. After a few minutes, you'll receive a couple of emails, the last of which will have a zip file attached, which has four crt files in it. Now you need to import these in a particular order.

$ keytool -import -alias root -keystore keystore.jks -trustcacerts -file AddTrustExternalCARoot.crt

This step may warn you saying "
Certificate already exists in system-wide CA keystore under alias". Tell it that you do want to add the certificate despite whatever it's warning you about.

Then add the rest of the certificates that were in the zip file in order:
$ keytool -import -trustcacerts -alias addtrust -keystore keystore.jks -file UTNAddTrustServerCA.crt
$ keytool -import -trustcacerts -alias positive -keystore keystore.jks -file PositiveSSLCA.crt
$ keytool -import -alias tomcat -keystore keystore.jks -file www_yourcompany_com.crt

Sunday, January 27, 2008

Windows XP installer crashes

Very rarely, I have the need to take a machine which had a Linux distribution installed on it, and need to reinstall it with Windows. Typically, it's a work laptop for which I have temporarily borrowed, and need to return it to the state I got it in.

Recently, I've had two machines which the installer crashes whilst booting the Windows XP install CD, still on the black screen. Any Linux installer will boot fine, however. It took me a fair while to rule it down to Linux having written to the MBR of the disk, and Windows installer getting confused. I didn't guess this initially, because I thought Windows would just overwrite it. But apparently not.

So, if you've got an ex-Linux boot disk, and you want a Windows XP (Home or Professional) CD to boot with it, then boot a Linux install CD in "rescue mode" (I used the CentOS 5 DVD, and typed "linux rescue" at the first prompt). Then, once it's booted and you've got a shell type:

dd if=/dev/zero of=/dev/hda bs=512 count=1

This will make your previous Linux install fail to boot; but that's fine, I wanted the machine to boot Windows only anyway.

Wednesday, January 16, 2008

Mac OS X v10.5 and Java 6 (Part 2)

I was browsing the Apple Developer site today in the vain hope that they might have addressed the problem of the lack of a Java 6 SDK for Mac OS X. I must admit, after over three years of using a Mac for my Java development at work, I had started using a Linux PC again.

Anyway, I was shocked to see that Apple had indeed shipped a new beta of JDK 6, now at Developer Preview 8. I almost downloaded it too, but I read the fine print. Only works on Mac OS X 10.5 (Leopard), and only works on 64 bit Intel Macs.

Now, I'm running Leopard, but I've got a first generation MacBook with the Core Duo (not the Core 2 Duo, which was 64 bit). This machine is less than two years old, and Apple are going to force me to upgrade to return me to the functionality that I had before their (paid) upgrade to Leopard.

So I guess I'll be forced to keep using a Linux PC for Java development work a little while longer.

Wednesday, January 2, 2008

Updating with SuSE / Novell service packs

I've had Red Hat Enterprise Linux and Ubuntu products before, and occasionally they have "Service Packs". Essentially, some time the vendor decides "gee, we've shipped a lot of patches. Lets respin the CD". Apparently this isn't what Novell / SuSE do.

You see, when Novell / SuSE ship a "service pack", they helpfully stop all machines which don't have that service pack from taking any updates. And you have to go through a long winded "upgrade to the service pack" process (documented here, I used the "rug" method), after which you can once again resume normal service of getting patches.

So that's why my updates haven't been working for a while on my SuSE servers.