Things n' Stuff | Thoughts about the universe in general

The purpose of this exercise is to convert a hand written note – such as your signature – to high quality digital files that can be used to embed “hand write” into documents – such as when someone asks you to fax them a “signed” copy of the PDF they emailed you. You’d be surprised how often that happens around here.

Required Ingridients:

• A computer with The GIMP installed
• Your handy smart phone with a 5MP or better camera
• A good pen and paper.

So anyway, here’s the process from top to bottom, with pictures:

1. Sit down at a proper table, and using a good black heavy-line pen⁽¹⁾ on a white clean high-density paper, write what you need to write – slowly and deliberately but without pauses. Try not to smear the ink so you get clean continuous lines, otherwise the quality suffers a lot.
   (more…)

1. in this shot I used a 0.7 permanent marker – which is just overdoing it – probably any 0.7 pen will work [↩]

When you want to host a Subversion repository on your CentOS (or RHEL) server, its quite annoying that the only options available to serve your repository are SSH (using the svn+ssh:// schema in the Subversion URLs – it is basically set up out of the box, not tweaking necessary) and Apache’s mod_dav_svn (using the http:// or https:// schema in the Subversion URLs – this is somewhat complex to setup but good instructions are easy to find on the web).

The main advantage of either of these methods is security: both have easy transport security (SSH by default, Apache if you set it to server over SSL) and are easy to setup authentication for (SSH authenticate against the system’s accounts using PAM and Apache authenticate against basically anything with a simple setup).

The main disadvantage of these methods are that they are slow (SSH is apparently somewhat faster then HTTP) and when supporting multiple large projects of many developers I started running into all kinds of weird connection errors when you try to manipulate many files on many projects at the same time.

Subversion itself offers another alternative using their own network service called svnserve – this is a standard unix daemon that listens on a specific port⁽¹⁾ and uses a native protocol to communicate with Subversion clients (using the svn:// schema in Subversion URLs). It offers very good performance, but no transport security (encryption) by default. Another major problem with using svnserve as a network service is that while CentOS ships the binary itself (it is required as part of the way that the svn+ssh:// protocol is implemented) it doesn’t ship any support files to run it as a standalone service nor to help with its configuration. Also by default svnserve can only authenticate users using its own Apache-style password database file – which makes it unsuitable to integrate in large organizations.

(more…)

1. port 3690 by default [↩]

באחד הפודקסטים שאני שומע – Stack Exchange Podcast עם ג’ואל ספולסקי⁽¹⁾ וג’ף אטווד – ספולסקי הזכיר כבר כמה פעמים מחקר שנעשה באוניברסיטת בן גוריון על “גורמים חיצוניים בהחלטות שיפוטיות” שבו החוקר מדד את אחוז ההצלחה בבקשות חנינה בהשוואה לכמה זמן עבר מאז ארוחת הבוקר של השופט ששומע את בקשת החנינה.

ספיציפית החוקר – שי דנצינגר – מצא ששופטים הדנים בבקשות חנינה של אסירים ישראלים מחלקים את הישיבות שלהם לשלושה חלקים המופרדים ביניהם בהפסקות אוכל, ובהנתן שאנחנו מפקטרים החוצה כל שיקול אחר (בין אם הוא לגיטימי או לא – כמו אחוז מזמן המאסר המקורי שהאסיר כבר עשה, חומרת הפשע, השתייכות עדתית וכו’) אפשר לראות בצורה מובהקת ירידה דרמטית באחוז ההצלחה של בקשות חנינה בין תחילת וסוף כל חלק, כשאחרי ההפסקה אחוזי ההצלחה חוזרים לרמתם הקודמת.

(more…)

1. “ג’ואל” זה “אינגלות” של “יואל”, אז זה משעשע אותי לפעמים להגיד “יואל ספולסקי” – אני לא בטוח מה לספולסקי יהיה להגיד על זה אז לא אכתוב כך, אבל אני בטוח שהוא משועשע מזה שחיפוש “Joel” בגוגל מביא את האתר שלו במקום הראשון בעוד ש-Billy Joel אפילו לא בעמוד הראשון [↩]

This piece of script came in handy when I wrote a utility that “recycles” space on a logging partition: before log rotation archives the current log file, we move some old log files (depending on some archive freshness policy) to a remote storage that archives older files.

The problem is that the “old archive storage” also has limited disk space and I got fed up managing the archive by hand. The solution I came up is to scan the hierarchy of  log files in the storage (logs are stored hierarchically according to origin and type) and delete old files until I have enough room to move some newer files in. That way the “old archive storage” is always kept full and keeps as much back-log as possible and does this automatically.

The piece of code that determines which files we want to delete works like this:

1. Use find to list all the files in the directory structure
2. Pipe it to perl and collect all the file names in a list
3. Use perl’s sort operator to compare the modification times of each file in the list and show them in the order (i.e. oldest first)
4. Use head to get just the first file

So it looks like this:

find /mnt/httpd_back/ -type f | perl -nle 'next unless -f; push @files, $_; END { foreach $file (sort { @a=stat($a); @b=stat($b); $a[9] <=> $b[9] } @files) { print $file; }}' | head -n1


Note: normally we use head to get some initial output and terminate the process early before it does more costly work – when head has enough data it terminates the pipe sending SIGPIPE to the upstream process and that usually terminates the process that generates the data. In this case – and in all other cases involving sort – the upstream process buffers all the data in its own memory before outputting anything, so it can sort everything, and using head here is just a filter to get what I want and does not actually save me from doing all the work. I could have easily done the same thing inside the perl script itself by replacing the block of  print $file; with print $file; last; – this has the same effect as using head, because head will send SIGPIPE to perl after getting the first print and will terminate it. Deciding which way you want to go is probably more about readability of the code and I prefer my original version because its easier to read to non-perl specialists.

I can then just remove that file, see if I have enough room to move in the newer log file and if no – repeat the process.

This would work well, I believe, but it may be inefficient if I find a bunch of small files and I want to copy in a large file. So what I did next is to take advantage of the fact that all the log files I have are named using the following simple format:

<service>-<type>_log-<year><month><day>.gz

and that allows me to easily find all the log files that record the same day and eliminate them at the same time. Subsequent moving of additional files will likely succeed because I cleared out all the log files of an entire day. If not, I can always go and clear up another day’s worth of logs.

Update: The latest update for CyanogenMod for Milestone – version 7.1.0.3 solves this problem as well.

Lately I’ve been having problems updating software on my Motorola Milestone (1, as in A853) running CyanogenMod 7.1 (thanks to Nadalbak who maintains an unofficial and unsupported port of CyanogenMod for this old device). When I start the Android Market and do an update of an existing application, I get the error “Package file is invalid” for any application. Sometimes removing an application and reinstalling it will work, but often not.

There could be several problems that cause this, apparently a problem with the file permissions on the file systems is common, and if this is your problem then it can be fixed by opening the terminal emulator, executing “su” to gain super-user permissions and then running “fix_permissions” (it will take a while to complete).

If this doesn’t solve the problem for you, then likely the problem is that you ran out of space on your “data” partition or “cache” partition. This is very common if you have a large “apps partition” on your SD card and you are in the habit of installing tons of applications – I know I am .

(more…)

As most Linux users are aware, you can access network shares with your file browser of choice (Dolphin, Nautilus and probably others) by writing URLs into the file browser’s “location bar”⁽¹⁾.

If you ever had to work with MS-Windows file server, you should know that you can also access SMB file shares using URLs – with the schema “smb”, like this: smb://file-server/share-name.

(more…)

1. and this works just as well with the desktop’s “run dialog” – try holding ALT-F2 and typing something like ftp://ftp.mirrorservice.org/ and up comes your file browser showing the FTP site’s directories. This won’t work for GNOME 3, at least at this time. [↩]

This is a short “how to” article on how to get and install the new Microsoft Consolas Monotype font – this is a very nice programmer font and as described in Dan Benjamin’s “Top 10 Programming Fonts” it is highly recommended for use in your programmer’s editor or IDE (As a side note, his top selection, Inconsolata is also very nice and I highly recommend it if you don’t feel like using Microsoft created software and/or aren’t interested in performing the steps below which may or may not be legally problematic).

The main problem with using Consolas on your Linux workstation, is that this font is provided by Microsoft, and while if you are running MS-Windows (or even Mac OS-X) it may already be installed – as it is bundled with many Microsoft products, us in the Linux world have no easy (and legal) way to get to use Consolas in our code editing. Unlike Microsoft Core Fonts for the Web Consolas is not available for download – probably for the same reason the core fonts packages were pulled. But as Consolas is bundled with many Microsoft products, some are available for free download for anyone, we can use that to get us some nifty Consolas prettiness in our day to day Linux computing.

(more…)

Sometimes the MySQL replication breaks due to some corruption in the binary log files⁽¹⁾. When your binary log files are corrupted, the only option (other then trying to rebuild a database of hundreds of gigabytes) is to try to skip over the corrupted region and get the slave to pick up from where the transactions are valid.

Locating the correct position in the binary log from which the server can carry on is difficult but can be made easier by the mysqlbinlog utility that can scan the binary log files and show you which position is valid using the --start-position to try random positions in the binary log file and see which position will let you read from the file⁽²⁾.

(more…)

1. I have yet to find a good explanation to why it happens and how to prevent that [↩]
2. because in the binary log transactions can have any size, so they can end and start at any point [↩]

After listening to the virtus/malware discussion on LUG Radio’s new (but apparently one-off) show (check it out at lugradio.org, these guys are hilarious), got me thinking about how much Linux users are exposed to malware.

Lets forget, for the sake of the discussion, the technical attacks⁽¹⁾ as these are relatively easy to handle and Linux operating systems are already pretty well protected against such. The main vector of attack for malware these days is Social Engineering anyway – this is how Mac OS-X users get attacked by malware: you browse a web site, and an image that looks like a a blinking dialog box notifies you that your computer has been infected by a virus and prompts you to download this “fix”.

Most of us, technically inclined users, sneer at this type of “threat”, but most people aren’t technically inclined and there are enough people out there that will be fooled by this practice time and time again. Click the image and a binary gets downloaded to your computer and if it is in the correct format it will get executed.

(more…)

1. Such as buffer overflows and such [↩]

As we all know, MySQL 5.5 is the best thing since sliced bread (or, not exactly, but that’s what everyone will have you think), but unfortunately Ubuntu‘s latest and greatest server operating system – Ubuntu 10.10 Server comes with MySQL 5.1.

Even the next version of Ubuntu – 11.04 Natty Narwhal – doesn’t seem to deliver MySQL 5.5, so upgrading is not really an option as of yet. There is a bug report to deliver MySQL 5.5 for Natty, which is even marked as “in progress” but there’s no guarantee that it will happen.

So how to go about (ab)using the latest software from Oracle? One way is to build it yourself on your server, or convert the Oracle provided RPM packages using the alien tool – but its not really Ubuntu native and a mess (in both cases). Here is another approach:

(more…)