Stuart's Blog

Several years ago, I was a poor college student in need of a car. Everytime I saw an ad for a car in my price range and called about it, I would be told it had already been sold. So I hacked together a simple Perl script that scraped local newpaper listings daily and emailed me a list of cars in my price range.

Fast forward a few years and I'm in the market for a new laptop. Lenovo's T61 is almost perfect, but I've gotten used to my current laptop's 1920x1200 screen. I refuse to move backwards. Rumor has it the T61p will be available in 1920x1200, so for the last couple of months I've been eagerly awaiting its announcement, but Lenovo appears to be in no hurry.

I'm tired of manually checking for new announcements. Thankfully, IBM periodically provides a file named tabook.pdf with a list of Thinkpad models. So I wrote the following script to periodically check for new versions and email me the latest as soon as it's detected:

#!/bin/bash
URL='http://buscaluz.org/robots.txt'
EMAIL="spam.spam.eggs.and.spam@buscaluz.org"

# Detect and send new copies of $URL to $EMAIL.
# $LOG timestamp is used to detect new $FILE.

FILE=$(basename "$URL")
LOG="${FILE}.log"

function log {
  printf "%s: %s\n" $(date +%F) "$@" >> "$LOG"
}

if [ ! -f "$LOG" ]
then
  log "Created log file."
  touch -t 197001010000 "$LOG"
fi

wget -N "$URL"
if [ "$FILE" -nt "$LOG" ]
then
  printf "A new copy of '$FILE' was discovered.\n\nurl: $URL\n" | \
    mutt -s "New $FILE" -a "$FILE" "$EMAIL"
  log "Sent new copy of '$FILE'."
fi

You'll notice I designed the script to be easily adapted. If you want to use it yourself, you'll probably also want to see the crontab entry that runs it:

15 0  * * *  cd /home/sjansen/tabook && ./tabook.sh &>/dev/null

Posted by at 2:07 PM | Permalink

Slicehost, my current hosting company, is migrating clients to a new IP range. After updating DNS, I was curious to find out how long my old data would be cached.

dig +ttlid buscaluz.org @ns8.zoneedit.com

Next I wanted to monitor my local DNS server as the old entry expired.

watch -n 30 'dig +ttlid buscaluz.org | egrep ^b.*IN.*A'

Man, I love Linux!

Posted by at 7:01 PM | Permalink

Until recently, I thought dmidecode was an interesting curiosity but nothing more. That was until I needed to upgrade the BIOS on a classroom full of machines without disturbing the students. Instead of upgrading each system in a careful order, I jumped on systems as they became available. Eventually, I thought I was done but couldn't be sure. Then it hit me:

for I in {1..20}
do
  ssh root@station$I dmidecode | grep -A 3 'BIOS Info' | grep Version
done

And that is why I love Linux!

Posted by at 4:39 PM | Permalink

SELinux on Fedora has matured greatly over the last couple of years. Once in rarely, however, I run into a problem. Here's a solution to one problem you may encounter.

I recently downloaded and tested a proprietary, third party extension for Ruby called "Uncharted". When I tried to run its example scripts, I got the error: "cannot restore segment prot after reloc: Permission denied". Looking at /var/log/message, it was obvious that SELinux was causing the permission denied.

People unfamiliar with SELinux would probably just turn it off at this point. Hopefully you, my gentle reader, have been getting more comfortable with SELinux and would instead try the same thing I did:

This didn't solve my problem because most libraries in /usr/lib are labelled with type lib_t. I did some googling and came across a solution that did work:

But wait! Before you try this yourself, please read what I discovered.

Curious about the implications of type textrel_shlib_t I did some more research and came across an email with links to documentation by Ulrich Drepper:

I was impressed by how well written the information was. I've included below the conclusion of the second link because I feel it is important:

Using the eu-findtextrel it is in most situations relatively painless to determine the culprit(s) for the text relocations easily. There is usually no reason to not fix the problems. While a programs with text relocations can be made to run by relaxing the SELinux security this is a bad idea. The kind of permissions which have to be granted to the program create a gaping hole in the security policy. Attackers will be able to modify the memory as well. If this is not the case a program can enforce a strict W^X policy. I.e., no memory page is writable and executable at the same time. And more: SElinux can also enforce that no writable page can be marked as read/exec-only. With these provisions an attacker has no room where to place his/her exploit code. This is a huge win. So, always fix all text relocations. We've made it as easy as possible.

Unfortunately, this is one of the disadvantages of using proprietary software. If Uncharted were F/OSS, I could do the work myself and submit a patch to the developers. Because it is proprietary, I can only try to provide a bug report and hope the issue will be fixed. Which is a real shame because I'd like to be able to recommend their product. Until this important issue is fixed, however, I don't feel I can.

Update: Less than 12 hours after I contacted them, the creators of Uncharted contacted me with a correctly compiled version of their product. As you might be able to guess from the name, Uncharted is a charting library with bindings for Ruby, Java, Perl, Python, PHP, and C++. Although their API feels like Java with a Ruby wrapper, I'm impressed by how quickly they responded to my report. If your looking for a charting library, give Uncharted a try.

Posted by at 8:53 PM | Permalink

Thanks to Knobtweakers I discovered that I love Techno mixed with Jazz. Unfortunately, that's not exactly a standard musical genre, making it hard to find great recordings while still respecting artists's copyrights.

Thanks to Technocrat I discovered that Magnatune is a great company to buy music from. Thanks to Magnatune, I discoverd the wonderful sound ofBeat Under Control.

The best part? Magnatune provides high quality WAV, MP3, OGG & even FLAC and encourages customers to share a copy with three friends. Share! The entire album! Magnatune is not evil. Magnatune is very not evil.

Posted by at 4:15 PM | Permalink

Raise your hand if you've felt that sinking feeling that hits just after realizing you've written on a whiteboard with a permanent marker. There ought to be a law. No sane person should ever leave a permanent marker within ten feet of a whiteboard. (Okay, you can put your hands down.)

Do you know what to do if you write on a whiteboard with a permanent marker? Back in college, I decided to doodle on the whiteboard next to a friend's phone. Unfortunately I grabbed a permanet marker cleverly disguised to look just like the erasable markers next to it. I was not thrilled with the idea of my inane little drawing being forever immortalized in my friend's kitchen. While I pondered whether to fake a seizure of offer to buy a new whiteboard, my friend explained it wasn't a big deal. Did you know that if you write over the permanent marker ink with an erasable marker you can get rid of most of the ink? Now you do.

Posted by at 1:25 PM | Permalink

I don't use KDE, but noblank supports it. I wasn't about to install KDE to test a tiny script, so I did my tests on a machine at work. Somehow when I merged in KDE support, I got rid of the sleep 60 turning the loop into a busy wait. Once again, we have Hans Fugal to thank for correcting my carelessness. I've quietly fixed my previous post. Let's just keep this our little secret.

Posted by at 8:53 AM | Permalink

When I logged in this afternoon, I discovered that Hans Fugal had left me a little feedback:

(16:50:28) Hans: nice script, BUT...
(16:51:00) Hans: you cut off stdin
(12:07:44) Stuart Jansen: good point

My new version fixes that problem, as well as removing the dependency on a Linux style /proc (download file):

#!/bin/bash
kscreensaver=$(dcop kdesktop KScreensaverIface isEnabled 2>/dev/null)
if [ -n $kscreensaver ]; then
  dcop kdesktop KScreensaverIface enable false &>/dev/null
fi
(exec "$@") <&0 &
PID=$!
( while : ; do
    xscreensaver-command -deactivate &>/dev/null
    gnome-screensaver-command --poke &>/dev/null
  done
  if [ -n $kscreensaver ]; then
    dcop kdesktop KScreensaverIface enable $kscreensaver &>/dev/null
  fi
  sleep 60
) &> /dev/null &
wait $PID
kill $!

Posted by at 10:07 PM | Permalink

A while ago, I posted an extremely simplistic script for preventing screensaver activation while using gxine. Ever since then, I've felt increasingly embarrassed about leaving a more generic version as "an exercise for the reader". It's time to make amends.

I call the following script noblank. (I also considered calling it noss.) It should be used similarly to nohup. For example, to avoid an annoying interruption while watching a movie:

noblank mplayer dvd://

noblank acroread Alice_in_Wonderland.pdf

And so, without further ado, I present noblank (download file):

#!/bin/bash
kscreensaver=$(dcop kdesktop KScreensaverIface isEnabled 2>/dev/null)
if [ -n $kscreensaver ]; then
  dcop kdesktop KScreensaverIface enable false &>/dev/null
fi
(exec "$@")&
PID=$(jobs -p)
( while [ -d /proc/$PID ] &>/dev/null ; do
    xscreensaver-command -deactivate &>/dev/null
    gnome-screensaver-command --poke &>/dev/null
  done
  if [ -n $kscreensaver ]; then
    dcop kdesktop KScreensaverIface enable $kscreensaver &>/dev/null
  fi
)&
wait $PID

Update: 27 Aug 2006 I've uploaded a new version of my script.

Posted by at 2:03 PM | Permalink

Today I found myself using watch to debug a hairy ConTeXt problem. ConTeXt includes a script called texexec that wraps pdfetex and the various other TeX engines. Older version of ConTeXt could find my project local font map, but newer versions could not. Both used the same version of pdfetex, but newer versions include a Ruby version of texexec instead of the original Perl script. Obviously the two files were very different, so I couldn't just diff them. A few minutes browsing both scripts didn't turn anything up, so I decided to just run them and see what options were being passed to pdfetex. Which brings us to this pretty little command:

watch 'cat -A /proc/$(pgrep pdfetex)/cmdline'

The watch command will periodically re-run a command and display its output. I was first introduced to it as a useful way to monitor a software RAID array as it is rebuilding:

watch cat /prod/mdstat

Since then, I've periodically found myself using it to monitor some other process. For example, monitoring the progress of a large file as it moves from one filesystem to another (note the use of a single ampersand):

mv /media/usbdisk1/foo.dat /media/usbdisk2 & watch df -h

watch w

Eagle eyed readers may have noticed the use of single quotes around the cat command in my original example:

watch 'cat -A /proc/$(pgrep pdfetex)/cmdline'

So what does pgrep do? As you can probably guess from the previous example, it returns the PID of every process with a certain name. In this case, I was taking advantage of the fact there would be only one pdfetex running at a time.

Posted by at 9:16 PM | Permalink

How do you view the contents of your $PATH? If you're like most people, you just say:

echo $PATH

In one of my previous jobs, our servers had a hideously long and complicated $PATH. Complicated things break, so every once in awhile I'd find myself grovelliing through it trying to figure out what was happening. That didn't happen more than a couple of times before I decided that I needed an easier solution. And thus was showpath born:

function showpath {
   local IFSBAK=$IFS
   local DIRS=""
   IFS=':'
   echo 'PATH:'
   for i in $PATH
   do
       DIRS="$DIRS
       $i"
   done
   echo $DIRS | sort
   IFS=$IFSBAK
}

The most interesting part of this script is probably $IFS. When the shell interprets a command, it actually tokenizes twice. The second tokenization happens after variable expansion. Most of the time, it splits on whitespace*. However, as the example above shows, you can change that by assigning a different value to $IFS. In the case of showpath I wanted to iterate over each directory in $PATH so I set $IFS to split on colons.

*In my experience, the second tokenization is one of the most common causes of shell script bugs. Performing tokenization a second time can be useful, but few people expect it. Hence Stuart's Rule of Shell Variables: Always put variables in double quotes (unless you have a very good reason not to).

Posted by at 7:28 PM | Permalink

If you're not already familiar with Knobtweakers, you should be. It's a great source for free, high quality electronic music. My recent favorites include Nils Petter Molvaer and The Polish Ambassador. Remember to show your thanks by buying from the artists you love.

Knobtweakers was created by Eric Hamilton (aka, dilvie), a Salt Lake resident. Be sure to check out his music too. There's some great stuff there, including a fun electronic version of Carol of the Bells.

Posted by at 9:09 AM | Permalink

Today I needed to compare two similar PDFs page by page. Doing so on the screen is possible but awkward. Instead, I wanted to be able to print and write on them. I didn't want to shuffle papers or take alot of desk space. I wanted one half of the first page to have the first page of one PDF, the other half of the page to have the first page of the other PDF, and so forth. Thanks to the wonders of the Linux command line, doing so was not only possible but free and relatively easy.

My script is pretty tailored to my specific situation, so I won't be including it inline. Instead, I've made it an attachment for the curious to download .

Instead, let me describe the most interesting parts:

mktemp

Creating temporary files in a shell script is common. Doing so correctly isn't as common. If you always use the same filename, two copies of the script can't be run at the same time. Even if you use $$ or the current date and time in the filename, there's still a race condition leading to security risks. Happily, using mktemp isn't just one of the most secure options, it's also incredibly easy.

pdftk

As the pdftk Web site explains it, "If PDF is electronic paper, then pdftk is an electronic staple-remover, hole-punch, binder, secret-decoder-ring, and X-Ray-glasses."

mpage

Some print drivers and some programs allow you to print multiple pages on a single piece of paper. With mpage you can do the same with Postscript documents. Since Postscript is the native Linux printing language, it's possible to do it with any document and any printer.

pdftops & pdf2ps

Both convert PDF to Postscript. pdftops is part of poppler-utils, formerly part of Xpdf. pdf2ps is part of Ghostscript. I've generally had better results with pdftops, although not always. (For a couple minutes of fun, try to figure out which version of Ghostscript you're using. There's a handful of forks floating around.)

Posted by at 8:31 PM | Permalink

As some people are already aware, for some time now I've been working on a new publishing framework for Guru Labs training materials. One of the major benefits of the change is that we can now use the world's most efficient text editor (Vim) to create our courseware.

While reviewing an import of our Sendmail and Postfix coverage, I noticed that the capitalization of each was inconsistent. Happily, scanning thousands of pages and fixing everything was faster than writing this blog entry.

Taking Postfix as an example, here's the problem: sometimes lower case is correct, sometimes uppercase is correct. When referring to a configuration file, service or RPM, lower case is correct. When referring to the project or collection of tools, upper case is correct. Sadly, no sed magic could get me through this one quickly.

My boss, Bryan Croft, is the local Vim guru. He showed me how to use :vimgrep to get a list of files containing a certain pattern. I wanted to find every instance of lower case "postfix" without a "." before it or a "/" after. In other words:

:vimgrep |[^.]postfix[^/]|g *

The results of a :vimgrep search are stored in the "quickfix" list. This list can be displayed in a second Vim window by

:copen

The nice thing about this list is that it shows each match in context. Instances that are obviously correct can be ignored. Pressing enter on an instance that looks incorrect will open the file in the original Vim window and move the cursor to the exact match. Because this is seperate from the highlighting done by a /sendmail I can concentrate on Postfix but have an active highlight to draw attention to Sendmail references nearby.

People insterested in learning more should also read:

:help quickfix
:help lvimgrep
:help lopen

Posted by at 11:35 AM | Permalink

Yesterday, I needed to search roughly a thousand files to see if a certain string occurred between two other strings on different lines. I could have written a Perl/Python/Ruby script to do this. Heck, I could have done it with a one-liner, but that would have required shifting mental gears. Instead I chose a solution that required little more than a knowledge of vi and some simple command line tools.

Vi and sed are both based on ed. Most of the things you can do at the : prompt in vi you can also do with sed. One cool thing you can do is addressing. For example, the following vi command will search for the word "cat" and replace it with the word "dog", but only if it occurs between a line containing "foo" and a line containing "bar":

:/foo/,/bar/s/cat/dog/g

What would that look like with sed? I'll show you in a moment, but first I want to explain why my next version is more complicated.

I find extended regular expressions easier to work with, so I'm going to use sed -e. It'd probably be best to handle both "Cat" and "cat". Because I'm performing multiple search and replace commands, I also need to use { } for grouping. I only want to replace "[Cc]at" with "[Dd]og" if the word is by itself, not if it's a substring of another word, so I'm going to need to use the word anchor \b. And so, without further ado, here's a sed command that does all that:

sed '/foo/,/bar/ { s/\bcat\b/dog/g ; s/\bCat\b/Dog/g }' file.txt

In the case of my problem yesterday, I didn't need to do any search and replace. I just needed to print every line between the two pattern. Because I didn't care about the name of the file where the pattern occurred. The solution was a simple as:

sed -n '/foo/,/bar/ p' *.dat| grep --color=auto something

If I had cared about which files contained the pattern, I could have done something like this:

for I in *.dat
do
  (sed -n '/foo/,/bar/ p' "$I" | grep something) &> /dev/null &&\
    printf "\n-----\n$I\n-----\n" && \
    sed -n '/foo/,/bar/ p' "$I"
done

I don't feel like explaining that particular command, so deciphering it is left as an excercise for the reader.

Posted by at 10:54 AM | Permalink

I've got a growing list of tips I ought to blog about, but just haven't gotten around to it. However, Hans' post has inspired me to at least mention a gxine wrapper script I use to avoid the screensaver launching while I'm watching a movie.

#!/bin/bash
gxine -S "$@" &
while pgrep gxine &>/dev/null ; do
  xscreensaver-command -deactivate &>/dev/null
  sleep 60
done

If anybody took up Hans' challenge to write a generic wrapper script, you know that the trickiest part is being able to pass an arbitrary number of arguments to the wrapped program. That's where the magical little "$@" comes in. Making this script even more generic is left as an exercise for the reader.

Update: 26 Aug 2006 I've just posted a much improved, generic version I call noblank.

Posted by at 9:02 AM | Permalink

The following tip goes out to Kenneth Burgener.

Don't assume that your installation issues are the installer's fault. You may have bad hardware. I've seen this sort of problem triggered by bad RAM or an overheating system. Installation excercises the machine more that most normal usage, and unlike most programs rpm does regular checksums of its data. As a reesult, the installer is more likely to detect hardware problems. My money is on bad RAM. Grab a copy of memtest86 and let it run for a few hours. If I remember correctly, the first Fedora install disk includes it as a boot option.

Posted by at 8:06 AM | Permalink

This post is a cop out. The first three sentences were added just to increase the ratio of content actually written by me. Nonetheless, I'm pretty sure someone else will find it useful.

Several times now I've wondered about the difference between the Linux ohci_hcd, uhci_hcd and ehci_hcd drivers. Well, at long last I looked it up.

The hardware that contains the host controller and the root hub has an interface toward the programmer which is called Host Controller Device (HCD) and is defined by the hardware implementer. In practice, these are hardware registers (ports) in the computer.

At version 1.0 and 1.1 there were two competing HCD implementations. Compaq's Open Host Controller Interface (OHCI) was adopted as the standard by the USB-IF. However, Intel subsequently created a specification they called the Universal Host Controller Interface (UHCI) and insisted other implementers pay to license and implement UHCI. VIA Technologies licensed the UHCI standard from Intel; all other chipset implementers use OHCI. The main difference between OHCI and UHCI is the fact that UHCI is more software-driven than OHCI is, making UHCI slightly more processor-intensive but cheaper to implement (excluding the license fees). The dueling implementations forced operating system vendors and hardware vendors to develop and test on both implementations which increased cost. During the design phase of USB 2.0 the USB-IF insisted on only one implementation. The USB 2.0 HCD implementation is called the Extended Host Controller Interface (EHCI). Only EHCI can support high-speed transfers. Each EHCI controller contains four virtual HCD implementations to support Full Speed and Low Speed devices. The virtual HCD on Intel and Via EHCI controllers are UHCI. All other vendors use virtual OHCI controllers.

-- http://en.wikipedia.org/wiki/Universal_Serial_Bus#Technical_details

Posted by at 6:10 PM | Permalink

Want to lock your screen quickly before walking away from your computer? About a week ago I accidentally discovered that pressing Ctrl-Alt-L locks the screen in Gnome on Fedora Core 5.

Frankly, that's almost everything I know at the moment. I think this is a relatively new feature. It doesn't seem to work in RHEL4, and I don't have easy access to any other distributions at the moment.

Posted by at 6:18 AM | Permalink

Scott, please don't encourage people to blindly skip to rpm -Uvh. Always start by trying rpm -ivh, then if you get complaints about conflicts, then try performing selective updates using rpm -Uvh. On some distros, it is possible to have multiple versions of the same package installed at the same time. If you skip straight to the update, you might end up removing a package you'll later wish you'd kept.

Posted by at 8:43 AM | Permalink

Shortly after posting my rant about Metacity 2.14's new strict focusing, a familiar name appeared on Utah Open Source Planet: Elijah Newren, Metacity developer. The source of my pain lived in Utah! Going back a few entries in his blog, it became obvious that he probably lived in the Salt Lake area. The only question left was, should I track him down and motivate him through positive reinforcement or would a little negative reinforcement be more appropriate?

Well, turns outs, Elijah must've seen me coming. I'm happy to say, he's accepted a patch that makes the new behavior configurable and reverts the default back to Gnome 2.12 style focus control. He's even trying to convince the Gnome release team that the change should make it into a Gnome 2.14.x release! As soon as I discovered this misfeature, I knew that getting it changed in 2.14 would be a tough sell. For everyone's sake, I hope he's able to convince his fellow Gnome developers that this really is the best course.

Making a change like this after a release probably wasn't easy, and certainly doesn't look good to his peers. That's why I'd like to say:
Elijah, as a public display of my gratitude, I want to offer to buy you and your wife dinner at Olive Garden (or comparable). In addition, if you get the patch into Gnome 2.14.x, I'll upgrade that offer to dinner at Rodizio Grill (or comparable).

Posted by at 2:29 PM | Permalink

Many "power users" object to the direction Gnome has been going for the last few years. Myself, I have generally enjoyed the fact that Gnome "just works" so that I don't have to spend half a day configuring crack smoking options before I have a usable environment. That said, even I admit that window management in Gnome 2.14 is broken. Seriously broken. Kick to the groin broken.

Version 2.14 of Metacity, the Gnome window manager, includes enhanced rules to prevent applications stealing focus. The classic scenario is Gaim popping up a window and stealing keyboard input or hiding another window. Unfortunately, somebody went too far while trying to address this problem. As a side effect, applications launched from the command line end up hiding behind the terminal window.

Thankfully, Ron Yorston has created a patched Metacity RPM for FC5 that fixes the problem. If you're using FC5, the fast way to fix things is to:

su -
wget ftp://ftp.tigress.co.uk/pub/gpl/5.0.0/metacity-2.14.0-1.tig3.i386.rpm
rpm -Uvh metacity-2.14.0-1.tig3.i386.rpm
pkill metacity
exit

If you've been bitten by this bug and it made you want to start throwing chairs, be sure to leave a comment in the Gnome Bugzilla ticket. If you're using FC5, I would also encourage you to leave a comment in the Red Hat Bugzilla ticket. Frankly, this bug is embarassing. It should be fixed ASAP, but I'm afraid the developers might be tempted to leave it until Gnome 2.16.

Posted by at 4:45 PM | Permalink

TeX makes it surprisingly hard to print a “straight single quote”, also know as an “ASCII apostrophe”. Instead, it insists on using a comma that has been shifted up. I haven’t found a perfect solution to the problem because none exists. I have, however, found a work around. In the fonts I’m using, \char129 maps to a straight single quote. It will not work for all fonts and encodings, however. Unfortunately, in some cases the only solution is to use a different font.

Posted by at 12:07 PM | Permalink

The title says it all. Novell is increasingly embracing the Free and Open Source Software community, and for that they deserve kudos. Too bad their registration process is overly difficult and the number of products in bugzilla tiny. Based on Novell's steady rate of progress, however, I can only assume that things will improve with time.

Posted by at 6:14 PM | Permalink

Just like relational databases, LDAP directories can benefit greatly from proper indexing. Frequently used attributes should have appropriate indexes, but indexing infrequently used attributes results in slower updates and greater disk usage.

A few months ago, I wrote a perl script that parses an OpenLDAP log and reports the type of index that would have been used for each attributed queried. I have now uploaded the script and examples of its output.

Continue reading "LDAP Indexing" »

Posted by at 8:44 AM | Permalink

I recently did a survey of network monitoring and diagnosis tools. The following is a quick description and screenshots of four of them.

Continue reading "Four Network Monitoring Tools" »

Posted by at 2:46 PM | Permalink

Last month, Guru Labs taught a custom on-site class at BYU. Happily, this gave me a chance to visit former co-workers. Doing so was not only enjoyable, but also educational. While I was there, Jack Harris shared a trick with me. He'd discovered that that the Distort screensaver could be configured to display regularily updated information while keeping the monitoring system protected.

The Distort screensaver takes a picture of your current desktop then displays it slightly modified, or "distorted". Just start one of more monitorig tasks, then start the locked screensaver, and you've got a password protected, regularily updated monitoring station. The following is my opinion of how best to configure it.

Continue reading "Distorted Monitoring" »

Posted by at 7:44 PM | Permalink