Tag Archives: FOSS

Perfect DHCP configuration for Solaris

I've already posted on configuring DHCP + Dynamic DNS for some operating systems.

I still claim that that's the only way to go for dynamic, trusted networks.

So after RedHat, Debian/Ubuntu, Windows, it's about time to stop the IP suffering with Solaris as well:

  1. Make sure /etc/nodename contains the FQDN, e.g. "snoopy.ac.uk"
  2. touch /etc/dhcp.<interface name> . There are two peculiar parameters I'm not fully sure about their meaning (how come they're not needed in other OSes?) - but here is what I used:
    1. add "primary" (a separate line) if it's the primary interface.
    2. Add "wait <seconds>" (a separate line) - I put "wait 60" to be on the safe side.
  3. /etc/hostname.<interface name> should have the hostname inside. NOTE! It's the hostname dhcp client would send (Option 12) to the server for Dynamic DNS registration. According to /etc/defaults/dhcpagent, the format is "inet name", e.g. "inet snoopy"

That should be it, then. Please add your comments and corrections.

Solution for Xsession + bash_completion problem

Update: just noticed that on a more advanced ~/.profile, I see it sourcing ~/.bashrc only if under bash (by using if [ -n "$BASH_VERSION" ]; ).

As Debian sid was just unfrozen due to Squeeze release, I recently get lots of package updates. I had the feeling that something is gonna break, even slightly, despite the relative high stability of Debian unstable.

And indeed, after 100+ updates, I could no longer login to GNOME. I'm not sure which package update caused this (bash_completion was updated to 1.3, yet the problem isn't necessarily there) . gdm nicely referred me to ~/.xsession-errors, which had something like:
sh: /etc/bash_completion.d/git: line 123: syntax error near unexpected token <'
sh: /etc/bash_completion.d/git: line 123:
done < <(git config -z --get-regexp '^(svn-remote\..*\.url|bash\.showupstream) 2>/dev/null | tr '\0\n' '\n ')'
sh: _grub_mkpasswd-pbkdf2': not a valid identifier
sh:
_grub_script-check': not a valid identifier

I couldn't find any related Debian bug report, nor hardly anything on the internet (just some Arch Linux bugs with no clear solution).

Eventually I've found out that /etc/gdm/Xsession uses /bin/sh (a crippled shell, even though it's a symlink to /bin/bash), which indeed fails with the same error when running 'source /etc/bash_completion'. This makes sense. bash_completion[*] should be bash-compatible, and may include bash-only non-standard-shell compliant syntax.

Wondering why Xsession gets to run ~/.bash_completion indirectly, I've found that I had the following two abominations:

  • 'source ~/.bashrc' command in ~/.xsession
  • 'source ~/.bashrc' command in ~/.profile

I'm not sure why I had these lines, but they shouldn't be there. Bash itself and only bash should source ~/.bashrc (and it's done automatically when bash starts). It makes no sense for other shells to source it.

So the solution was simply removing these lines from ~/.profie and ~/.xsession (actually got rid of ~/.xsession completely). Still, I'm not sure which update triggered this problem.

----

* Actually the problem was in /etc/bash_completion/git which is a part of the 'git' package and not the 'bash-completion' package. But all the same.

Make DHCP auto-update the DNS

Update: added a new post on configuring Solaris, link below.

Motivation

In today's dynamic R&D network environments, it's not easy to keep the DNS records up-to-date: hosts are reinstalled/renamed/added frequently, virtual machines are so easy to deploy and destroy, DHCP allocates different IPs..

This even leads to pitiful situations, in which people get used to referring to computer by their IPs (or using /etc/hosts), because the DNS cannot be trusted to reflect the reality.

Solution

DHCP servers have the ability to send dynamic DNS updates, as they allocate IPs to clients. The great thing, is that it even works out-of-the-box on some operating systems. Still, if it doesn't, here are 3 things to care about, so to enable this feature: Continue reading

Booting Linux from iSCSI

What is this long post about?

iSCSI is standard for accessing block devices (e.g. disks) over network, just as if they were local SCSI devices. That's similar to AoE and FCoE, although the latter two are good for the LAN only, while iSCSI is over IP thus is good on WAN. This article would focus iSCSI but could be used as a base for doing similar things with AoE and FCoE.

So, iSCSI in the simplest configuration, allows us to mount and manage a data disk that is physically connected to a remote computer (the "server", aka target) from our own computer (client, aka initiator) .

On this post I'll discuss the deep details of the more advanced stage: having the root (also boot) disk on a remote computer, so client could remotely boot from it. Surprisingly it can be done even with relatively old hardware.

Continue reading

Surprising new keyboard shortcuts

(Well, surprising me, at least)

It's been a while since I wrote these two posts about keyboard shortcut, so I'll try to summarize some neat ones I've recently learned:

Unix Shell

  • Ctrl+U deletes all characters on the cursor's left. And.. keep it in the shell's clipboard.
  • Ctrl+K deletes all characters to the cursor's right (including the cursor's position), keeps in clipboard.
  • Ctrl+Y: paste clipboard.
  • Ctrl+R: search for string in history. Multiple Ctrl+R's search for the next matches in history. Btw, It's F7/F8 on windows command prompt.

Google vim keys and more

  • Google search: Google Experimental Search, enables vim keys for browsing the results! Super useful.
  • Google Calendar support vim keys (j, k, l, m) for navigating in the calendar. Type "?" for more keyboard shortcuts.

GNOME

  • Alt+F10 toggles between maximal window size and original window size.
  • Alt+F9 minimizes window
  • Alt+F8 switches to resize window mode
  • Alt+F1 opens the GNOME menu.

Thanks for Zohar and Aviv for presenting me with most of the above shortcuts.

DNS SRV records (or: why Google Talk doesn't connect through this network)

[ There is some blabla here about SRV records, See last paragraph for the direct solution ]

Recently, the bus home was replaced with a shiny new one, which also provides Wi-Fi access. That's brilliant - as long as I have a seat, I don't mind how long the ride home takes. I just hope it doesn't radiate too much =)

Anyway, I've noticed that I fail to connect to Google talk through my favorite client, Pidgin, when connected to this Bus' wireless LAN. It's really fun to do some debugging with xterm and wireshark with passengers watching with curiosity.

And to the point - I'm not sure where this standard is defined (XMPP?), but Google recommends setting the Google Talk "domain" as gmail.com. But where is the XMPP server ip/name taken from? It's not gmail.com, as the telnet gmail.com 5222 fails.

Quick sniffing tells that my pidgin (and probably other clients) use DNS SRV records. SRV records (RFC2782) are a pretty neat idea: it lets you query your domain for services. Why remember (or worse: guess) what's the name of the SMTP server? Instead, SRV records suggest a way to ask a domain what's the IP of the domain's major SMTP service.

The DNS name is of the following structure: _<service name>._<protocol>.domain.

In our case: _xmpp-client._tcp.gmail.com. Let's run this nice command line:

# host -t SRV _xmpp-client._tcp.gmail.com

_xmpp-client._tcp.gmail.com has SRV record 20 0 5222 talk2.l.google.com.
_xmpp-client._tcp.gmail.com has SRV record 20 0 5222 talk3.l.google.com.
_xmpp-client._tcp.gmail.com has SRV record 20 0 5222 talk4.l.google.com.
_xmpp-client._tcp.gmail.com has SRV record 5 0 5222 talk.l.google.com.
_xmpp-client._tcp.gmail.com has SRV record 20 0 5222 talk1.l.google.com.

So briefly, each SRV record holds host name, port number, priority and weight. A single service may have several records, thus providing some kind of high availability and load balancing.

SRV records are intensively used in Microsoft Domains since Windows 2000, and it's even possible that they invented it (they're signed in the RFC after some non-microsoft guy). In that case, kudos to Microsoft for either inventing or pushing forward a good technological standard. Haven't seen this frequently.

So, it seems that the DNS in this bus disrespects my SRV queries, and thus my Pidgin can't figure out who is the Google Talk server. Setting another DNS server solved the problem.

"off-left" convention is bad news for RTL

[This post presents a web designers technical problem, in which a hack for improved accessibility damages RTLability]

This weekend I tried to debug an annoying problem in Drupal's Acquia Marina theme on RTL mode, in which a horizontal scroll bar appears with no good reason (layout doesn't scale horizontally).

I turned to monkey HTML debugging, a term I just invented for removing element-by-element until getting to a super simple HTML file which reproduces the bug.

Eventually the one to blame was an element placed at "left: -999em" absolute position,  a far place horizontally, and triggered the scroll bar to appear (on FF and IE, not on Chrome). When on LTR mode, it didn't, and things work perfectly. This setting aims to simply hide the drop-down menu when mouse is not hovering above it.

Q: Why don't they use CSS display:none, which seems to make more sense than hiding things off the screen?

A: looks like it has to do with screen readers (as this article suggests), which are apparently not aware of display:none text but are aware of off-screen text. A little puzzling. I suspect that it's too old info, for it seems to be written on 2003. I wonder if new screen readers have this problems as well, and whether the reason for using off-left is not just an ancient myth.

The problem with RTL

When placing things off-left (e.g. left: -999px) on LTR mode, all browsers do NOT widen the page horizontally. It makes sense - the page goes from left to right, not from left to even-more left.

However, when on RTL mode, left: -999px does widen the page horizontally to the right (and the off-left element is actually visible when scrolling there), which is a very unwanted effects.

Here's a related drupal discussion about the problem and possible solutions.  The problem seems broader than just acquia marina .

Continue reading

KDE: a call for a change (or: why I moved to GNOME)

[Disclaimer: I'm merely a KDE user, hardly involved with the KDE development processes; my criticism is based on what I see as a user, I'll be glad to be corrected in the comments]

Back when I started my way with Linux with the brand new RedHat 6.0 (which as always, preferred GNOME). KDE always went forward: KDE1 was pretty.. basic, KDE2 was a big step, and same goes from KDE3. I've been using KDE 3.5.x for quite a long while (RHEL/CentOS5 and Debian sid until recently). 3.5.x symbolizes, in my opinion, the last "winning' era of KDE:  It had the right features, but more important: it was mature and stable.

KDE 4 introduced important improvements:

  • User interface continued the tradition of being much nicer than its predecessors. Compare for yourselves: KDE 1 2 3 4
  • Very nice OpenGL effects were added with two important advantages over GNOME+ Compiz: the OpenGL features are fully integrated inside KDE, configuration is way easier (Compiz configuration tool is scary), and the attitude is more towards productivity and less toward eye-candiness. For example, instead of the useless wobbling windows and water effects of Compiz, KDE provides the useful feature that displays all open windows and allows search-as-you-type for choosing the right application by its name, by simply putting the mouse pointer  on the top-left corner.
  • Simplified user interface: the developers had the courage to do some rewrites and strip complicated GUIs, even lose some features, and make the new KDE 4 apps more simple. This is mostly notable in konsole and amarok.

But, it also got worse than its predecessors on some areas:

Continue reading

Debian: nfs-kernel-server is broken (Or: portmap to rpcbind transition)

UPDATE: rpcbind-0.2.0-3 was just released, and it solves all the rpcbind issues.

UPDATE2: THE BUG WAS SOLVED! Alexander Wirt patched nfs-kernel-server: by removing the linkage of libtirpc, it now uses the previously method of IPv4 binding, thus not triggering the problem. When/if would rpcbind replace portmap - I don't know.

[ This article describes my analysis to a problem found in Debian Unstable(sid) ]

1. The bug (link)

Since the end of December, a change in nfs-kernel-server package caused a change of behavior in some NFSv3 crucial services: rpc.statd, rpc.mountd. NFS is RPC-based, and as thus, it uses an RPC-to-UDP/TCP address translation service, aka port mapper. These services try to connect to port mapper when they need address translation, and since the recent change they first try to do it over IPv6.

portmap, the current widely-used rpc port mapper service, does not support IPv6. This causes these crucial services to die, and NFSv3 fails to start (actually, with default configuration it even prevents starting an NFSv4 server).

2. So... rpcbind?

Continue reading