the one thing bing.com is useful for : backgrounds

714 wonderful backgrounds!

Yes, in my personal opinion, bing.com is only useful in supplying fresh backgrounds, which are breath taking. These breath taking set of wallpapers, when set to change randomly on your desktop, makes the look and feel more exquisite.

Download the file(see below). The script and the images are inside the tar file. Untar them in your home directory, chmod +x bing_change_wallpaper.sh and place the file in /home/user/bin/ directory. Rename the images folder to .bing_wallpapers and place it in your home. The script by default changes the wallpaper every thirty minutes, you can edit the script to your satisfaction. For GNOME only, click on System -> Preferences -> Startup Applications, with the following entries.

Name: bing backgrounds switcher
Command: /home/user/bin/bing_change_wallpaper.sh
Comment: bing backgrounds switcher


Files:

[howto] grsecurity + NOUVEAU + Compiz + Seg Fault

Assuming that you have a grsec + PaX enabled kernel, you would realise that the nvidia-drivers are a bad choice. Quite a few applications will fail(the ones that use libGLcore.so). Use the nouveau driver for your card, as it’s pretty much stable and works with good 3D acceleration.

compiz under NOUVEAU + PaX

To get compiz working NOUVEAU under hardened linux, first enable the kernel DRM module for nouveau. Follow this link: The X Server Configuration HOWTO

Build the kernel, and install it. Edit the VIDEO_CARDS variable in your make.conf to say only nouveau, nothing more, nothing less.

Unmask the following packages: media-libs/mesa, x11-libs/pixman, x11-drivers/xf86-video-nouveau, x11-base/xorg-drivers, x11-base/xorg-server, x11-libs/libdrm, x11-drivers/xf86-input-evdev, x11-drivers/xf86-input-keyboard, x11-drivers/xf86-input-mouse

Install the above packages, make sure you’ve done a emerge -C nvidia-drivers nvidia-settings prior to the merge.

Reboot the system, it should all work out of the box, compiz will fail with a segmentation fault, look into your logs. You’ll see something like the following:

2011-05-11T17:22:24.760922+05:08 halcyon-82 kernel: [ 2026.893377] grsec: denied
 resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/b
in/compiz[compiz:20146] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[
bash:11847] uid/euid:1000/1000 gid/egid:1000/1000

2011-05-11T17:26:07.848848+05:08 halcyon-82 kernel: [ 2249.981362] compiz[20378]
: segfault at ffffffffffffffff ip 00000284c5f39fa1 sp 0000039c50e0ee00 error 6 i
n nouveau_dri.so[284c5cc3000+38b000]

Simply disable pax for compiz and emerald, do the following as root:

# paxctl -zm /usr/bin/compiz
# paxctl -zm /usr/bin/emerald

Now, start compiz as usual and your all set.
On a side note, flash player will show a similar issue too, so disable PaX for that too.

WARNING: Disabling PaX for compiz, emerald and flash is a security risk.

creating unique environments – chroot snapshots – using aufs2

What if you decided that you wanted to experiment and test within a chroot(ed) environment? And then something went wrong and you had to start all over again from scratch? Big headache, too much pain, especially with RPM based distributions.

Well don’t do that then, here’s an interesting approach. Use aufs2, a stackable filesystem. An actual filesystem with “RAID-like” support.

chroot layers, using aufs2

You can inherit different environmental settings from various bases, much like the concept of object oriented programming.

Aufs is a stackable unification filesystem such as Unionfs, which unifies several directories and provides a merged single directory.(from http://aufs.sourceforge.net/)

Setup aufs2. You need to patch your kernel. For gentoo, you can just merge sys-fs/aufs2 with the following flags: “fuse inotify kernel-patch kernel_linux ramfs -debug -hardened -hfs -nfs”. The patch will be automatically applied, you just need to recompile it after merging. For other distributions, take a look at the homepage of aufs2.

Setup your chroot as you normally do. Let’s say you’ve setup centos in a chroot environment, for developing. You’ve done yum groupinsall “Development Libraries” “Development Tools”. Let’s create a snapshot here of this environment.

# mkdir env1
# mount -t aufs -o br=/home/jude/env1/:/home/jude/centos-dev=ro none wor
k-dir
# chroot work-dir

 
What does this do? As you can see, your first centos-dev has been branched as RO, read-only. Which means, any changes now made, are transparently written into env1 directory, with the very same structuring. Say, you’ve structured env1 as you want it to be, now you need a second environment, based on the first env1, you can simple do:

# mkdir env2
# mount -t aufs -o br=/home/jude/env2/:/home/jude/env1/=ro:/home/jude/ce
ntos-dev=ro none work-dir
# chroot work-dir

 
Now, env1 is RO, any changes now are further written to env2, keeping the structuring of every little change intact, just as the first. If you want to suddenly use env1, don’t add env2 to the RW branch, any branch that doesn’t have anything in front of it, is assumed to be RW, read-write.

What happens when you delete a file/directory from a branch mounted as RO? A file called .wh.filename is created in the RW branch, indicating to the overlaying filesystem to NOT index that file anymore.

In this way, you could create several different environments, each being inheriting a base, and then depending on the needs, the other environments created.

You can comment if you get any errors, I’d be glad to help you out.

bootstrap CentOS from Gentoo (or any linux distribution)

To bootstrap CentOS in Gentoo, I did the following. It basically installs the essential CentOS components into the specified directory, and from there on, chroot into that directory and perform tests, etc. First off, you’ll need to unmask a few packages(replace ~amd64 with ~x86 if your on the x86 architecture), and enable the flag sqlite for rpm. Execute the following commands as root:

# echo sys-apps/yum ~amd64 >> /etc/portage/package.keywords
# echo dev-python/sqlitecachec ~amd64 >> /etc/portage/package.keywords
# echo app-arch/rpm sqlite >> /etc/portage/package.use

 
Now we’re ready to install the primary packages required to bootstrap CentOS. Merge the following atoms: sys-apps/yum app-arch/rpm dev-python/m2crypto as

# emerge -avuDN sys-apps/yum app-arch/rpm dev-python/m2crypto

 
In this example, we’ll bootstrap CentOS 5(x86_64). Download the stage2(sounds like gentoo now, huh?) from any CentOS mirror. The minimal stage2 does not work with this process.

# wget http://mirrors.seas.harvard.edu/centos/5.6/os/x86_64/images/stage2.img

 
You need to extract the contents of this squashfs image file, so make sure you have =sys-fs/squashfs-tools-3.1 installed. The latest one in portage is broken. Execute the following:

$ unsquashfs-3.1 -d /devel/centos5 stage2.img

 
Now we have a working CentOS 5.6 installation. Install bash and yum into it before you can finally chroot.

# yum --installroot /devel/centos5/ --nogpgcheck install bash
# yum --installroot /devel/centos5/ --nogpgcheck install yum

 
The –nogpgcheck is so that yum doesn’t check the gpg keys which are currently missing on your host gentoo system, or any other non-rpm distribution. chroot into /devel/centos5 and perform some cleaning:

# chroot /devel/centos5
# mkdir /old
# mv /var/lib/rpm /old
# yum install yum

 
What did you just do? Well the RPM DB generated by your host distribution’s RPM, will certainly not match CentOS’s yum, hence we remove the stale RPM database. Everything in the stage2 comprises only of the dependencies of yum and yum itself. Doing a yum install yum will fix everything.
 
Congratulations, you now have the base CentOS installation in /devel/centos5 These instructions are not limited to Gentoo alone, but to any distribution. Any questions may be posted as comments, and I’ll be glad to help you out.

binpkg: a Gentoo Masterpiece

If you were running a cluster of Gentoo driven machines, would you actually compile source for each of them?

Or rather use binary packages?

Gentoo’s masterpiece is binpkg, when you compile for one machine, you don’t have to recompile throughout, use quickpkg to build binary packages. Such packages can be hosted over a central server and each system downloads just the binary package.

You can use this even if your not running a cluster, but frequently reinstall certain packages. Use the -b flag with emerge to install and build the package as well.

Setting the PKGDIR in /etc/make.conf
Add the following directive in make.conf

PKGDIR=”/var/cache/portage/binpkg”

Building binary packages is easy.

quickpkg $(qlist -IC)

That goes on your main server.

You can add the parameter –include-config=y , it’s not reccommended because then you’ll bascically be cloning the host. Your IP addresses, etc. are installed as is. Deploy an instance of puppet.

Now your binary packages are built, you can symlink them and make them available on the webserver for production purposes.

Adding BINHOST to your sister machines, add the following directive in your make.conf, make the necesssary changes:

PORTAGE_BINHOST="http://your.server.repo/path/to/binary/packages"
PKGDIR="/var/cache/portage/binpkg"

 

Options
–getbinpkg Fetch binary source if available, else, fetch source
–getbinpkgonly Fetch binary source ONLY
–usepkg Use binary package for merge if available, else resort to source compile
–usepkgonly Use binary package ONLY

 

Note: If you specify to fetch/merge using ONLY binary packages, if certain dependencies are missing, emerge will simply abort. Hence, its not advisable to do so.

/usr/local/bin/waitpid

A quick script to wait for a certain pid, then once that quits, execute a command.
You may ask, why not just do command1 && command2 ? Well, if command1 exits with a non-zero exit status value, command2 will not get executed. Hence, I’ve brewed a quick script for this purpose.

File: /usr/local/bin/waitpid

#!/bin/sh
# Find the pid of the required process either by using psaux | grep -i command
# or by pidof command
#set -x
if [ $# -ne 3 ]; then
	echo "Usage: waitpid [pid to wait for] [app name] [command]"
	echo "       [command] should be command to execute after pid is dead"
	exit 1
fi
pidr=$1
app=$2
while true; do
	pid=`pidof $app | grep -o $pidr`
	if [ "$pid" = "$pidr" ]; then
		# do nothing
		echo "pid does exist,"
		echo "waiting for 5 seconds before next check"
		sleep 5
		continue
	fi
	break
done
# if we've reached here it means that the PID is dead
echo "specified pid does NOT exist,"
echo "running command provided in 10 seconds"
echo ""
echo "Press Ctrl + c to stop"
sleep 10
$3

Coloured /var/log/messages at tty12

Reading logs could never become any more easier, at just a keystroke, you have your logs displayed where you want, in some fancy colour. They look great too.

CCZE colourized logs

TTY’s can be accessed by pressing Alt + Ctrl + F[1 – 12] simultaneously. In the following, you’ll get a decent, colourized log display of /var/log/messages when you press Alt + Ctrl + F12

First install ccze, most distributions have it in their repositories. CCZE is a robust and modular log colorizer with plugins for apm, exim, fetchmail, httpd, postfix, procmail, squid, syslog, ulogd, vsftpd, xferlog, and more. It brightens up the log view.

To quickly test it, try tail -f var/log/messages | ccze -A

The -A switch prevents ccze from starting itself in a curses window.

Create a file cclm in /usr/local/bin(you have to be root to be able to do so), with the following contents:

#!/bin/sh
file="/var/log/messages"
where="/dev/tty12"
tail -f $file | ccze -A >> $where

Add the following line to /etc/inittab
c12:123456:respawn:/sbin/agetty -n -l /usr/local/bin/cclm 38400 tty12 linux
That’s all that there is to be done, either reboot to get it working, or execute the following in a terminal with privileges:

/sbin/agetty -n -l /usr/local/bin/cclm 38400 tty12 linux

This can be used on any ttys’. The most obvious ones to use would be tty8 to tty12.

Lazy System Admins – Bash Completion

Let’s admit it, we’re all lazy system admins. The bash completion in any other distribution is incomplete, and not as powerful as the one in Gentoo. It just does not work the way it works so brilliantly in Gentoo Linux. Ofcourse, you can port that same source to other distributions. To enable bash completion in gentoo, first enable the global flag bash-completion:

euse --enable bash-completion

Now remerge all packages that have that flag:

emerge -avuDN world

You can now see that eselect bashcomp list lists all the completions available, but are not enabled. To enable them all at once, for the current user(in the following, “jude”), do:

mkdir ~/.bash_completion.d
ln -s /usr/share/bash-completion/* ~/.bash_completion.d/

Now disable the following two sets:

eselect bashcomp disable Makefile.am
eselect bashcomp disable Makefile.in

Re-login, and your all set, cheers!

QEMU | Quick Networking for TCP/UDP

Networking with a guest in QEMU is often a headache, TUN/TAP, seriously? Too hectic, let’s stick to the basics, TCP/UDP based. Instead of setting up a really complex set of configuration files, wouldn’t it be easy to just emulate the network card, DHCP the guest, and let it work right out of the box?

Well certainly yes. QEMU can do all this very easily.

Cut the chase, hit the code:

#!/bin/sh
qemu="qemu-system-x86_64"
cpu_args="-cpu qemu64 -smp 2"
mem_args="-m 128M"
drive="-hda /media/fowlmanordisk1/devel/virtual/red.tvway"
net_args="-net user -net nic,model=rtl8139"
redirs="-redir tcp:8022::22"
${qemu} ${cpu_args} ${mem_args} ${drive} ${net_args} ${redirs} -nographic &

is one of my virtual servers’ running on Ubuntu server. Take a look at the network arguments:
-net user -net nic,model=rtl8139
Pretty simple? The QEMU emulator runs an inbuilt DHCP server, if the guest recognises the network card, and requests the configuration from the DHCP server, it acquires the required IP address, and viola! Instant access to the outside world. The file /etc/resolv.conf still needs to be configured to your preferable DNS servers. OpenDNS is usually a good solution.

Notice the -redir argument, it specifies that an issue to port 8022 on the outside be mapped to port 22 on the inside(guest). So basically you could ssh localhost -p 8022 and get access to your guest machine.

The -redir is as follows(from the QEMU manual pages):

-redir [tcp|udp]:[hostaddr]:hostport-[guestaddr]:guestport
         Redirect incoming TCP or UDP connections to the host port
         hostport to the guest IP address guestaddr on guest port
         guestport. If guestaddr is not specified, its value is x.x.x.15
         (default first address given by the built-in DHCP server). By
         specifying hostaddr, the rule can be bound to a specific host
         interface. If no connection type is set, TCP is used. This
         option can be given multiple times.

Enjoy virtual machines with QEMU.

visual basic 6 revisited – linux – wine

Earlier this year, I had written an article on running Visual Basic 6 on linux under wine, this is an update for it, the prior one is deprecated

Getting Visual Basic 6 to work on linux is pretty easy, not much trouble, all the basic things work, as of what I’ve tested.

Here’s how you get that damn thing to work:

Copy over the contents of OS/SYSTEM/ from the CD root to your wine system32 directory

$ cp -r /media/cdrom/OS/SYSTEM/* ~/.wine/drive_c/windows/system32/

Since we are only concerned about Visual Basic 6, copy over the folder VB98 from the CD root to your Program Files

$ cp -r /media/cdrom/VB98/ ~/.wine/drive_c/Program\ Files/
# for the sake of convenience, let's rename this folder as Visual Basic 6
$ mv ~/.wine/drive_c/Program\ Files/VB98/ ~/.wine/drive_c/Program\ Files/Visual\ Basic\ 6/

Register the two dynamically linked libraries essential to run Visual Basic 6 smoothly

$ cd ~/.wine/drive_c/windows/system32/
$ wine regsvr32 comcat.dll
$ wine regsvr32 MSSTDFMT.DLL

Easy, eh? Your all done, now, let’s create an optional launch command with the following contents
File: vbasic

#!/bin/bash
cd ~/.wine/drive_c/Program\ Files/Visual\ Basic\ 6/
wine VB6.EXE

Make our launcher executable and place it in the right place

$ chmod +x vbasic
# following command must be issued as root
$ mv vbasic /usr/local/bin/

Now you can just issue the command vbasic, and all should work well, using this launcher, you can create entries for your panel, etc.

Deployed with a fresh install of wine version 1.2-rc2

CPU scaling governors and you

What is your CPU being governed by? Should it be governed by it? Why? How?
Here’s an outlook on the various CPU frequency governors, namely conservative, ondemand, powersave, userspace, and performance, that steps up and steps down the CPU:
conservative
Pros:

  • very much alike the ondemand governor
  • gracefully increases the stepping, unlike ondemand which sets it to maximum when there is any load
  • more suitable for battery powered environments

ondemand
Pros:

  • the best of all
  • sets the speed to what is required
  • saves power
  • doesn’t hinder CPU power, as it scales to what is required

powersave
Pros:

  • sets the CPU statically to use the lowest possible frequency supported
  • you save power

Cons:

  • if you use resource hungry software, your machine may start to lag

userspace
Pros:

  • another application can be used to specify the frequency
  • lets you manually specify the frequency your CPU should run on

Cons:

  • mostly useless!
  • external application may set it low, you save power, but less performance
  • external application may set it high, you consume more power

performance
Pros:

  • statically sticks to the highest possible CPU scaling available, regardless of the available ones
  • your system will run as fast as possible

Cons:

  • takes the most power that you CPU is able to consume
  • not very suitable for battery powered environments, or even to save more power your machine consumes

embedded gentoo [uclibc] | nothing beats this

A few uclibc embedded gentoo facts:

  • the compilation of the box takes around 15 minutes
  • at boot up, takes less than 3 megabytes of RAM
  • disk space: 17 megabytes
  • boots in under 8 seconds on a pentium3

link to stage3 tarballs archive
HTOP - Displaying System Statistics
# this is my make.conf, it should be the same in the stage3, if installing anything in the stage3, and even before updating, comment the line INSTALL_MASK=”*.h HACKING.gz TODO.gz”

CFLAGS="-Os -mtune=i386 -pipe"
CXXFLAGS="-Os -mtune=i386 -pipe"
CHOST="i386-gentoo-linux-uclibc"

FEATURES="strip"
MAKEOPTS="-j3"
GENTOO_MIRRORS="http://mirror.bytemark.co.uk/gentoo/ http://www.ibiblio.org/pub/Linux/distributions/gentoo"

USE="-ipv6 -python3 -cracklib -minimal"

LINGUAS="en"
VIDEO_CARDS=""
ACCEPT_KEYWORDS="~x86"
INSTALL_MASK="*.h HACKING.gz TODO.gz"

# download my stage3, from the previous post links, and then prepare to chroot

mount -o bind /dev stage3-*/dev
mount -o bind /proc stage3-*/proc
chroot stage3-*

# update the system, and create the necessary path, if you come across any errors, post them here, and expect a reply soon

emerge -avuDN world
mkdir /mounted

# begin the installation
# install necessary packages

ROOT=/mounted/ emerge -auvND baselayout uclibc bash dropbear pam udev iptables coreutils nano util-linux shadow kbd net-tools grep procps gzip sed findutils mawk htop
mkdir /mounted/proc
mkdir /mounted/dev

Continue reading “embedded gentoo [uclibc] | nothing beats this”