Older blog entries for gdvieira (starting at number 33)

Fedora 9

The Fedora train never stops! I've just upgraded my machines (including this server) to Fedora 9 and I'm very pleased (as usual) with this new release. The polish of the desktop is fantastic. PackageKit is really simple to use (I love its "queue for backend operations" interface philosophy). NetworkManager has matured. The PulseAudio integration, that bothered me a lot in Fedora 8, seems to be complete (the sound daemon is always started and Ekiga won't crash anymore).

As usual, there are some sore spots. And I seemed to attract a lot of bugs this time. For example, among the most common bugs in F9, I got two: "Synaptics touchpad touching to tap doesn't work" and "Samsung hard disks crash the installer". The last one was a real problem and I ended up upgrading using YUM, which I don't recommend if you have a lot of installed packages and have to suffer ridiculous Brazilian "broadband" speeds.

But it gets better. I was hit by more obscure stuff: While installing Fedora on the university cluster I discovered that Anaconda doesn't work right now with static IPs. I ended up setting a DHCP server just for installing Fedora. Also, due to a rewrite GDM XDMCP support is broken. I must be one of the two guys who still use XDMCP to power an old terminal and share the (relatively) powerful desktop. I worked around it by enabling KDM instead of GDM.

The annoying thing about these bugs is that most of them were found on the beta testing period of F9, and none were corrected for the final release. At least, I don't have to feel guilt for never trying one of the preview releases. ;)

Finally, this isn't a bug proper, but I hope I can help someone with the same problem. If your numeric keypad stops working mysteriously, go to the "Assistive technology" preferences and disable the "Mouse keys". It was enabled magically during the upgrade and took me bit of time to figure it out.

Syndicated 2008-08-25 22:45:23 from Gustavo M. D. Vieira

IPv6 on Fedora (Redux)

A little improvement on my IPv6 setup. I discovered a handy configuration parameter for RADV that makes it unnecessary to update the configuration file in the rare occasion my IP address changes. The improved /etc/radvd.conf looks like this:

interface eth0
{
        AdvSendAdvert on;
        MinRtrAdvInterval 30;
        MaxRtrAdvInterval 100;
        prefix 0:0:0:1::/64
        {
                AdvOnLink on;
                AdvAutonomous on;
                AdvRouterAddr off;
                Base6to4Interface eth1;
        };

};

Syndicated 2008-06-24 20:54:12 from Gustavo M. D. Vieira

IPv6 on Fedora

After hearing about the activation of IPv6 (AAAA) records for four of the root DNS servers I got very curious about IPv6 and its current state of adoption. Well, it turns out IPv6 may not be the solutions to all Internet woes but we will have to learn to live with it anyway.

And so I did. Like 99.999% percent of Internet users I don't have a native IPv6 connection, but enabling a IPv6 tunnel on Fedora is very, very easy. I decided for the simplest type of tunnel, called 6to4. This type of tunnel is very convenient as I don't need to register it anywhere nor do I need to ask permission to anyone. It is based on the kindness of people that run 6to4 routers in the IPv4 Internet at the 192.88.99.1 anycast address. Usually people disregard this type of tunnel as being slow, but routing from Brazil to the world is already so slow I found the performance acceptable. Besides, there isn't much yet to do in the current IPv6 Internet.

Enabling a 6to4 tunnel on Fedora is ridiculously simple. First put the following lines in /etc/sysconfig/network:

NETWORKING_IPV6=yes
IPV6_DEFAULTDEV=tun6to4
IPV6FORWARDING=yes

The last line is only required if you are going to share the IPv6 connection with a local network. The rest of this recipe assumes you are. Now find the configuration file for the interface connected to the Internet. If it is eth1 the file should be /etc/sysconfig/networking/devices/ifcfg-eth1. Put the following lines there:

  IPV6INIT=yes
  IPV6TO4INIT=yes
  IPV6_CONTROL_RADVD=yes
  IPV6TO4_ROUTING="eth0-:1::1/64 wlan0-:2::1/64"

Once again, the last two lines are only required if you have a local network you want to provide with IPv6 connectivity. If not, remove the extra lines and you are set. Restart the interface and you are connected to the IPv6 Internet! When using 6to4, probably due to the performance concerns, Fedora prefers IPv4 addresses. So, go to a IPv6 only site (like http://www.ipv6.bieringer.de/) to test it. And remember to define a IPv6 firewall. Your current iptables firewall only covers IPv4, use ip6tables to create a IPv6 one.

A nice thing about this setup is that a 6to4 tunnel gives me a whole /48 netblock based on my IPv4 address. So, no NAT in my local IPv6 network! The last two lines lines above allow the networking scripts to control the RADV daemon and to create IPv6 addresses to other interfaces (besides the one you are actually configuring). Just treat the /48 of your 6to4 address as a prefix and create a /64 netblock for each interface. Create a /etc/radvd.conf file with an entry like this for each interface:

interface eth0
{
        AdvSendAdvert on;
        MinRtrAdvInterval 30;
        MaxRtrAdvInterval 100;
        prefix 2002:XXXX:XXXX:1::/64
        {
                AdvOnLink on;
                AdvAutonomous on;
                AdvRouterAddr off;
        };

};

Where 2002:XXXX:XXXX is your automatically configured 6to4 adress. Start RADV daemon and the hosts in you internal network should receive an automatically generated address.

For me, the next step would be to do the same to this site and add a little bit more content to the IPv6 Internet. Unfortunately, the Xen kernel used by my VPS provider doesn't support stateful iptables support for IPv6. I though IPv6 support on Linux was a done deal, but this critical functionality was only added about and year ago in kernel 2.6.20. It seems IPv6 may be a bit farther in the future than I expected. But it was surely fun to set it up anyway.

Syndicated 2008-02-25 22:27:45 from Gustavo M. D. Vieira

Fedora 8

I've been running Fedora 8 for the last couple of weeks. If nothing else, using Fedora is a constant source of fun. Always new toys to play with, old bugs fixed, new bugs created. And obviously, new tricks to be learned.

PulseAudio is one of the great features introduced in Fedora 8. I really enjoyed the good work that went into integrating PulseAudio and Fedora. It really is seamless, except for the odd bug in alsa and proprietary applications. Here are two things I discovered regarding pulse audio.

First: PulseAudio shows a simplified but functional interface to control sound, and to support Alsa applications transparently, it appears as the default virtual device hiding you hardware device. Problem is, if the hardware device is muted or has the volume set too low, there is nothing you can do through the PulseAudio interface to make sound work. Obvious as it seems, you have to first enable and adjust the volume of the relevant inputs in the hardware device, and then be able to enjoy PulseAudio. You can use the alsamixer -c [0...7] command, changing the -c argument until you find your hardware device, set it up, and you are ready to go. The good news is that, once it is done, applications (such as Skype) won't be messing with your hardware device as PulseAudio hides it.

Second: to enable the PulseAudio daemon in you GNOME session, you need to go to System|Preferences|Hardware|Sound and enable ESD. That's really stupid, they should have changed the label, but this control really creates an instance of the PulseAudio daemon. If it isn't running, sound won't work. I discovered this because ESD gave me a lot of problems in the past and have been deactivated in my GNOME preferences for a long time. It never occurred to me to enable it to fix Alsa applications that suddenly stopped working. But, again, once you discover that, everything just works.

Syndicated 2008-01-22 00:59:20 from Gustavo M. D. Vieira

Munin and Postfix

One more in the ongoing series "patches that make the world go round". If you happen do use the excellent Munin to monitor your servers and use the Postfix plugins, you may have noticed that Munin 1.2.5 introduced a bug in the postfix_mailstats plugin. The bug report and fix is here.

Remember people: release early, release often!

Syndicated 2007-12-15 16:00:15 from Gustavo M. D. Vieira

OpenSER 1.2.2 PostgreSQL Driver Patch

I run a personal SIP server powered by OpenSER. Actually, calling something a SIP server is a bit of oversimplification as the protocol and actions associated with it are fairly complex (as far as I know, I run a SIP proxy and location server). All this to say that OpenSER uses a relational database to store its data, as do all classy enterprise software out there.

So far, so good, but when it comes to relational databases I like using PostgreSQL instead of the OpenSER default MySQL. Why? Because I know how to use it! Problem is, the last stable release of OpenSER (1.2.2) has a serious bug in the PostgreSQL driver, making it impossible to use. It's a pity no one bothered to do a brown bag release because of this issue. Not being the default database really turns you into a second class citizen. Anyway, the fix is already in the OpenSER SVN, but I will post the patch here, to those that want to stick to the released version.
diff -ru openser-1.2.2-tls.orig/modules/postgres/db_res.c openser-1.2.2-tls/modules/postgres/db_res.c
--- openser-1.2.2-tls.orig/modules/postgres/db_res.c    2007-08-16 11:23:05.000000000 -0300
+++ openser-1.2.2-tls/modules/postgres/db_res.c 2007-11-25 08:23:53.000000000 -0200
@@ -572,6 +572,7 @@
         * If this is not done, a memory leak will happen.
         */
        for (col = 0; col 

The silver lining in this was that it was quite easy to find a solution to this problem. Before OpenSER I used for some time the original SER, and I can tell you, it is almost impossible to find some help on the web. Both because SER is a lousy name to base a Google search :) and because the project isn't quite transparent as a proper open source project should be. So, congratulations to the OpenSER developers! And remember, release early, release often!

Syndicated 2007-11-25 20:03:29 from Gustavo M. D. Vieira

Really Obsolete RPMs

The version of K9Copy packaged by Livna is now newer than the one I maintained, so I'm officially taking it down.

Syndicated 2007-11-25 19:20:41 from Gustavo M. D. Vieira

Obsolete RPMs

Both OpenMSX and K9Copy now have official RPMs for Fedora. OpenMSX is part of the main distribution, just execute yum install openmsx. K9Copy is packaged by Livna, go there and install their repo.

As my version of K9Copy is newer than the one packaged by Livna, I will keep it a bit longer. When Livna catches up, I will remove it from the site. See, I actually like being obsoleted. :)

Syndicated 2007-10-05 20:57:53 from Gustavo M. D. Vieira

Emacs And Cedilla

This one is for the "unlikely bugs" section. If you use the magic combination of Emacs 22, a US keyboard and dead keys in a UTF-8 locale, the combination ' + c will give you ć instead of ç. Of course, this is a bug only if you want ç and not ć, so please forgive my ç-centrism. No offense intended to ć-using languages, whatever they may be. :)

GTK2 had this same bug about 5 years ago, and they solved it by creating the "cedilla" input method, and selecting it according to locale. Guess the Emacs guys will have to go the same route. Meanwhile, a simple workaround is to fire up Emacs in a ISO-8859-1 locale: "$ LC_ALL=pt_BR emacs" and as soon as the program opens up, select "Options|Mule|Set Language Environment|UTF-8". It isn't pretty, but as I use the US keyboard only rarely this works for me.

Syndicated 2007-10-03 17:04:44 from Gustavo M. D. Vieira

DSPAM Hash Driver Patches

I use the fantastic DSPAM SPAM filter in my mail server. I like it very much, specially when using the built-in hash-based storage, making it very fast and really easy to setup. That is, if the documentation and administration tools weren't so lacking. On the plus side, I got to know a little better the tool that keeps my email sanity and respect the developers that make it happen.

If you are an user of the hash driver, you can't rely on the provided tools to maintain your installation. The recommended way of cleaning old messages signatures doesn't work for this driver. Also, the hash-based database has to be cleaned from time to time or it will grow too big, but the tool to do it (cssclean) just doesn't work. To handle these problems, I first had to patch DSPAM so I could get a working cssclean. The main patch was created by Frank Cusack and you can get it in his aptly named message "cssclean is a redheaded stepchild" to the dspam-dev mailing list.

The second patch isn't strictly necessary (and I fear it might violate some design principle of DSPAM), but it keeps cssclean from resetting the statistics of the database. I really can't remember where I found it, so I post it here:

diff -ru dspam-3.8.0.orig/src/tools.hash_drv/cssclean.c dspam-3.8.0/src/tools.hash_drv/cssclean.c
--- dspam-3.8.0.orig/src/tools.hash_drv/cssclean.c      2006-05-27 18:00:36.000000000 -0300
+++ dspam-3.8.0/src/tools.hash_drv/cssclean.c   2007-06-27 19:18:51.000000000 -0300
@@ -167,7 +167,7 @@
     header = offset;
     filepos += sizeof(struct _hash_drv_header);
   }
-
+  bcopy (old.header, new.header, sizeof(struct _hash_drv_header));
   _hash_drv_close(&new);
   _hash_drv_close(&old);
   rename(newfile, filename);

Finally, I run the following script monthly using cron:

# Clean hashes and signatures.
for u in /var/lib/dspam/data/*/*.css; do
    /usr/bin/cssclean $u
done
find /var/lib/dspam/data -name *sig -type f -mtime +30 -exec rm -f {} \;

Probably you will have to adapt it to the file locations of your DSPAM installation.

Syndicated 2007-10-02 20:19:26 from Gustavo M. D. Vieira

24 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!