Older blog entries for mchirico (starting at number 59)

4 Mar 2006 (updated 5 Mar 2006 at 04:54 UTC) »
Xen and FC5

Xen is cooking up nice on Fedora Core 5. I didn't have any problem installing this on a Dell OptiPlex GX520, Pentium 4 (3.00 GHz), with 1G of RAM, Broadcom NetXtreme BCM5751 Gigabit Ethernet PCI Express, Linksys Gigabit Network Adapter (Model No. EG1032,rev 10).

It was actually only a matter of minutes before I had everything running, which I think is the best way to learn about Xen. That is, first have a running system with multiple guest systems. And, for each guest account have networking functional. One quick note, it certainly helps if you have 1G of RAM, so that each guest account can use the minimum default of 256MB. Take a look at the FC5 Xen Quick Start Instructions for how it's all done.

What's missing in these instructions is how to ssh into a guest xm and run kde remotely. I'll detail here what worked for me.

Xen and remote KDE

From the computer you are sitting at, with a monitor,keyboard and KDE or Gnome loaded and running, you'll connect via ssh to the Xen guest system. But before you can do this, walk through the step 1, with the computer in front of you.

    Step 1. Allow magic cookies; otherwise, you may get the following error:
               Xlib: connection to ":1.0" refused by server
               Xlib: No protocol specified

To enable magic cookies from the shell, issue the following commands.

   $ MCOOKIE=$(mcookie)
   $ xauth add $(hostname)/unix:1 MIT-MAGIC-COOKIE-1 $MCOOKIE
   $ xauth add localhost/unix:1 MIT-MAGIC-COOKIE-1 $MCOOKIE

    Step 2. Create a new xterm. This will immediate take you to vt12. To get back to your main KDE session type ctl-alt-F7. To go back, again, to vt12 type ctl-alt-F12.

    $ xinit -- :1 vt12

    Step 3. From vg12 type in the user and domain. The example below assumes the guest vm is vm0.domain.com, and the user to login in with is root.
    $ ssh -Y -l root vm0.domain.com

    Step 4. Once you're logged into the guest system, all you have to do is start KDE.
    $ startkde

I didn't have to change anything for KDE, but Gnome takes a few tweaks.


You may want to reference Linux Tips (TIP 195)

Now, in my opinion, it's instructive to look at the FC4 Xen Quick Start, and hack away the working Xen configuration. The FC4 documentation goes into the mechanics of the process.

Recommended Reading

"Higher Order Perl: transforming Programs with Programs", by Mark Jason Dominus.

Mark put a lot of time into this book, and it shows. It was 5 years in the making, with free versions passed out for review. Examples can be found here (scroll down the page) .

Mark plans to take the book public, in Wiki form.

I would agree that "writing functions that modify other functions" is a very powerful programming technique found in Lisp, Mathematica, Java, and C++ to name a few languages, but it's not generally associated with Perl. Well, Mark will open your eyes here. The book is fun to read. It has depth; however, it is not written like a text book. Compare it to hacking with friends rather than sitting in a CS class.

Leap Second Log Entries

That's it. The leap second was added. You'll see it in your logs.

Dec 31 18:59:59 squeezel kernel: Clock: inserting leap second 23:59:60 UTC
Dec 31 18:59:59 livingroom kernel: Clock: inserting leap second 23:59:60 UTC
Leap Second of 2005

The last time we had a leap second was 1998. This is exciting! We're going to have another one.

For me this will occur Dec 31, 7:00pm EST. Unlike the New Year, the whole planet experiences this transition at once, when the UTC clock ticks 23:59:60.

Below, is what the last leap second looked like in 1998

        Date        Time       TAI  NTP Leap        NTP Seconds
 1.  Dec 31 98    23:59:59     31    01           3,124,137,599
 2.  Dec 31 98    23:59:60     31    01           3,124,137,600
 3.  Jan 01 98    00:00:00     32    00           3,124,137,600
 4.  Jan 01 99    00:00:01     33    00           3,124,137,601

By the way, this is the 23rd leap second. Yes, I know what you're thinking. The number 23 is interesting because it's the first intersection of Pi and e.

   Pi = 3.141592653589793-23-84
   e  = 2.718281828459045-23-53

Also, the earth is tilted at 23.5 degrees...hmm there's that number again. Ramsey Theory? Maybe, probably.

C++ Network Programming: boost asio

Wouldn't it be nice to have all the network interfaces, in modern C++, for Linux, Windows, OS X and Solaris?

asio is under review for Boost inclusion, with SSL support and the future possibility for rawsockets.

It is a good C++ learning execise reviewing this library. There is active discussion now on the developers mailing list.

9 Dec 2005 (updated 9 Dec 2005 at 03:20 UTC) »
Highly Recommended Reading

Below are two highly recommended C++ books.

Effective C++ Third Edition: 55 Specific Ways in Improve Your Programs and Designs, by Scott Meyers

C++ Common Knowledge: Essential Intermediate Programming, by Stephen C. Dewhurst.

I've repeatedly gone through all examples. My copies are less then a year old; yet, with repeated daily readings and dog eared pages, my books are beginning to show some wear. In my opinion, you won't go wrong with these two books. One of the books requred a few minor, technical corrections; but, these corrections can be found on the author's errata page.

Postfix 2nd Instance for Sender-based Routing: Multiple Gmail and Comcast Accounts

Sender-based routing allows delivery actions on email to be made based on the sending address. This makes it possible for each Gmail and or Comcast account to have separate authentication rules. In summary, your home Postfix system can support Gmail and Comcast accounts for all of your family and friends. This tutorial walks you through an example using Gmail and Comcast, but the setup is similar for any ISP specific emails.

14 Aug 2005 (updated 14 Aug 2005 at 16:55 UTC) »
2 Linux Boxes - One Monitor

I have 2 Linux boxes. One runs Fedora 4 [closet.squeezel.com] and the other Fedora 3 [squeezel.squeezel.com]. The monitor is physically attached to FC3.

It's convienent to run both, yes both, gnome and kde on the same monitor, in the same window. The menu bar for the FC3 is at the top, and FC4 is at the bottom of the screen. Here's how I set this up. This setup is run from [squeezel.squeezel.com] , the computer with FC3, in a gnome-terminal:

        $ ssh -Y closet.squeezel.com

By default FC3 and FC4 are configured for X11 forwarding. The ``-Y'' option is for trust forwarding. After running the command above, I'm connected to closet.squeezel.com. Next, I just load the KDE session.

        $ startkde
    Or, if you want gnome instead.
         $ gnome-session

You may get a few errors above on sound cards. On my configuration, I had to setup the monitor for the correct resolution. But, that was pretty straight forward. Also, you'll want to set the menu bar for each computer for different parts of the screen. That was it. You can do this through firewalls as well - reference ``Breaking Firewalls with OpenSSH''

Ctl-Alt-F12 (What if you wanted FC4 on vt12?)

Well, of course you can have your cake and eat it too. Even with the above configuration, it's possible to run a complete session on vt12. Above, I chose startkde for the second session, but sometimes I like the gnome-session on a complete terminal, so I put that (the gnome-session) on virtual terminal 12.

The following commands are executed from the computer with the physical monitor in an xterm, which is squeezel.squeezel.com. Do it in an xterm, so you can lock the display should you walk away from it.

     $ xinit -- :1 vt12

Note above that's ``xinit [space] -- [space] :1 [space] vt12''. If you want to add even more virtual terminals, execute the command above with :2 and the desired vt[number]. Now, the screen get's a little funky, but you want to type in the following comand: ``ssh -Y [remote server]''. This is the command I use.

     $ ssh -Y closet.squeezle.com
 After it logs in.
      $ gnome-session

The above will take a few second to load. Now you just switch to the correct virtaul terminal. In my case it was as follows:

    Switch to the new virtual terminal
    To get back

If I've missed anything, I'll update it in Linux Tips (TIP 195 - Trusted X11 Forwarding).

I do this with computers across the Internet as well. If you're doing the same you may want to reference (TIP 13 - Securing sshd), which shows you how to limit only certain accounts access to ssh. Also, block IP address with iptables for locations that you will never connect from..

Why do this?

The biggest advantage of this setup - you save money. No expensive KVM switches, no additional monitors. Save your money for faster hardware. The boxes can mount NFS over OpenVPN so that files are accessible from both computers.

Want more ideas?

If you comb through the more than 100 pages of Linux Tips, you'll see tips for setting up OpenVPN, NFS, securing ssh and a lot of other stuff...free of course.

Hope this helps...

Mike Chirico

Postfix - IMAP (sasldb)

My home computers use Postfix/Fetchmail for sending and getting email from Comcast and Gmail (Reference: Gmail on Linux Box).

I recently added IMAP to this configuration. This greatly improves things, since I can easily preserve my mail on the server, when reading/storing it from a laptop. One thing: I hate using the Linux account passwords for email. It can be a problem if ssl isn't setup correctly on the client. Passwords, Linux account passwords, would go across the Internet unencrypted. So, IMAP is configure to use sasldb for authentication. Not PAM. That way if my kids screw the client up, Linux passwords are separate and safe.

Mutt works well with IMAP(S) by storing certificates. If you have multiple servers, you can easily configure your .muttrc file to authenticate and grab mail automatically.

I've informally documented the setup in "Linux Tips" (TIP 188 and TIP 190), which includes necessary entries in "/etc/imapd.conf", creating users with saslpasswd2, changes to "/etc/postfix/main.cf" and "/etc/postfix/master.cf", and needed RPMS to install with Fedora Core.

I hope this helps.

oprofile - a system-wide profiler

This is a powerful tool with a lot of options. It comes installed with the Fedora distributions, but to take full advantage of this tool the kernel should be recompiled from source, to reference the uncompressed kernel image with the ``--vmlinux'' option.

This article ``Performance Monitoring on Linux'' walks you through the necessary steps for compiling the source kernel on Fedora installs. Also included is a quick look at iozone, and smartmontools.

The article isn't finished. cfengine has interesting system monitoring features as well (cfenvd components), but that article is taking its time.

Advanced Programming in the UNIX Environment: Second Edition

I picked up a copy of ``Advanced Programming in the UNIX Environment: Second Edition'', by W. Richard Stevens, Stephen A. Rago. Pub Date: June 17, 2005, 960 pages. Stevens passed on in 1999 - boating accident I think. Rago is carrying on the tradition.

50 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!