...making Linux just a little more fun!

June 2007 (#139):


Mailbag

This month's answers created by:

[ Amit Kumar Saha, Ben Okopnik, Kapil Hari Paranjape, Karl-Heinz Herrmann, René Pfeiffer, Neil Youngman, Ramon van Alteren, Rick Moen, Samuel Kotel Bisbee-vonKaufmann, Suramya Tomar, Steve Brown, Thomas Adam ]
...and you, our readers!

Still Searching


How to assign static device node with devfs ?

JOYDEEP [j.bakshi at unlimitedmail.org]


Fri, 04 May 2007 13:25:46 +0530

Dear list,

I am using debian with devfs. I have a usb based removable microsd drive. I have no problem to access the drive through usb but the problem is with non-static device node. Like I have checked through log that the devfs has assigned node /dev/sda1 for that device.

so I have added in my /etc/fstab

/dev/sda1       /media/microsd      vfat    rw,user,auto    0       0
and I have no problem to work with it. but next time when I again plug in the device it has a device node called /dev/sdb1 and then I have to modify the corresponding entry in fstab. So is there any way to assign static device node in devfs.

thanks


Our Mailbag


Doing Everything at the Console

Cleverson [clever92000 at yahoo.com.br]


Sun, 20 May 2007 11:35:39 -0300

Hello Gang

I'd like to know if there's some kind of "reference guide" for Linux console-based applications, or perhaps a web site / community of people who enjoy doing everything via command line and ncurses-based apps, without setting up graphical desktop environments.

I've already encountered several apps, e.g., for working with e-mails (Mutt), browsing the web (Elinks), playing music (Moc), chatting over MSN (Pebrot), and so on, but I'd like to try more options on each of those activities, and do other things such as recording and playing CDs and DVDs, sharing files over p2p, resizing partitions, reading PDFs and word documents or converting them to text, chatting over VoIP, reading RRS feeds, editing audio, etc etc.

Thank you very much and congratulations for your work on Linux Gazette, my favourite magazine.

Cleverson

[ Thread continues here (15 messages/19.56kB) ]


FTP Client suppporting SSL/TLS

Amit Kumar Saha [amitsaha.in at gmail.com]


Thu, 3 May 2007 18:34:19 +0530

Hi all,

Please suggest me some Graphical FTP client which supports SSL / TLS (preferably for the GNOME desktop).

Thanks

-- 
Amit Kumar Saha
GSM :+91 9903140286

[ Thread continues here (9 messages/5.67kB) ]


Time Solaris sync to Windows time server

Icksan nurdian [inurdian at yahoo.com]


Mon, 21 May 2007 01:29:59 -0700 (PDT)

HI, I've already tried to sync.time solaris client to the Windows Time server, but it's always failed. but when I sync. with another solaris timer server it's succeed. What should I do..?

Thanks

[ Thread continues here (5 messages/6.68kB) ]


Installing user written Daemons

Cook, William [William.Cook at Vishay.com]


Wed, 02 May 2007 20:11:02 -0700

I am fairly new to linux. I've written windows services (a pain), I have just written my first Linux Daemon on Red Hat 9.0. Where can I find info on the proper lay to install my Daemon?

Thanks in advance, WHC

[ Thread continues here (4 messages/3.14kB) ]


Dumping MIDI as a series of events

Jimmy ORegan [joregan at gmail.com]


Sat, 26 May 2007 16:21:35 +0100

I was looking at some tablature programs today, and found that there's an extension to MIDI called "Rich MIDI Tablature Format" to represent some guitar specific things. A few Windows programs support it, but none of the open source programs do.

I was wondering how to even go about finding out the differences between this format and regular MIDI (without having to find out too much about MIDI), when Perl (or, more specifically, Perl's MIDI module) came to the rescue: it has an option to dump everything as a series of events.

Take this short piece of Lilypond:

\header {
  title = "Flowers"
  dedication = "Ona wie"
  subtitle = "1 January 2005"
}
 
\new TabStaff {
  \repeat volta 2 {
  d'4\4 b'8\3 d'\4 a'4.\3
  e'8\4 e'\4 fis'\4 g'\4 e'\4 fis'\4 g'\4 a'4\3
  d'4\4 b'8\3 d'\4 a'4.\3
  e'8\4 a'\3 g'\4 fis'\4 e'\4 d'2\4
  }
 
  \repeat volta 2 {
  a4\5 e'8\4 fis'\4 g'4.\4
  e'8\4 e'\4 fis'\4 g'\4 e'\4 fis'\4 g'\4 a'4\3
  a4\5 e'8\4 fis'\4 g'4.\4
  e'8\4 g'\4 fis'\4 e'\4 b'\3 a'2\3
  }
 
  \repeat volta 2 {
  a8\4 d\4 fis\4 g\4
  e\5 a,\5 cis\5 d\5
  d\5 cis\5 b,\6 a,\6
  a,\6 cis\5 e\5 g\4
  a8\4 d\4 fis\4 g\4
  e\5 a,\5 cis\5 d\5
  d\5 cis\5 b,\6 a,\6
  a,2\6
  }
}
I recreated the first 4 bars in one of the Windows tablature programs, and with this command:

$ perl -MMIDI -e 'my
$o=MIDI::Opus->new({"from_file"=>$ARGV[0]});$o->dump({"dump_tracks"=>1});'
flowers-rtmf.mid
I got this output:

[ ... ]

[ Thread continues here (1 message/6.68kB) ]


C programming - when to use pointers

David Chanters [david.chanters at googlemail.com]


Sat, 26 May 2007 14:32:34 +0100

Hey all,

I'm fairly new to C programming but am familiar with most programming principles from Java and Perl. I understand what pointers are in C, but I have lots of problems knowing when best to use them, since many, if not all tasks, can be obtained just from passing parameters into function directly.

Are there any good tips for knowing when or when not to use pointers?

David.

[ Thread continues here (4 messages/4.78kB) ]


specifying trusted devices other than eth0

qqq1one @yahoo.com [qqq1one at yahoo.com]


Tue, 1 May 2007 23:24:37 -0700 (PDT)

Hi Everyone,

Does anyone remember how Fedora Core 4 let the user specify trusted devices (e.g. eth0, sit0, nlv0) through the system-config-securitylevel tool? That feature seems to have gone away with Core 5. I always liked that feature because it let me open up just the nlv0 device for VPN. With that feature gone, I have to open up a lot more it seems.

Does anyone know of a workaround? Or did the feature just get moved somewhere else? Thanks in advance. Oh, and I did find the ASCI version of the tool, system-config-securitylevel-tui - it knows that eth0 can be set as a trusted device, but that's it. Even when nlv0 is up (as confirmed by ifconfig), system-config-securitylevel-tui only lists eth0 as a device that can be set as trusted.

-- 
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

[ Thread continues here (2 messages/2.58kB) ]


about linux

neeraj kumar [neeraj.shankar at gmail.com]


Wed, 25 Apr 2007 04:39:55 +0530

Respected sir,

i am completely new user in linux and now i am not able to install linux interprises 4 in my usb 40 gb harddisk, so pls give me some tips about it i will always oblique to you thanks

[ Thread continues here (5 messages/4.08kB) ]


Switching VT Remotely?

Dave Lindquist [dlindquist at castoracer.com]


Fri, 04 May 2007 15:34:39 -0600

Is there a way to switch the VT of a linux box remotely?

Specifically, I have X running on my desktop, and have trained my wife to click the KDE "switch user" to log in herself (and get her email), which allocates another VT for her.

This works really well -- I can leave myself logged in on VT7, and she can use VT8. Unfortunately, she doesn't know how to switch it back to VT7 when she's done (Ctrl-Alt-F7).

I have a VNC server installed as an X module, that allows me to remotely VNC to my X session (on VT7), but due to X quirks, I can only VNC to it if VT7 is "selected" -- ie, if she's left the machine sitting on VT8, I can't VNC in.

So, I would like to know if there is a way for me to switch which VT is "selected" remotely (ie, SSH in, su to root, and do something to switch VTs).

Thanks in advance! ;-)

[ Thread continues here (5 messages/4.82kB) ]


Followup: lpr works for user not root in Basiclinux 2.1

Rick Moen [rick at linuxmafia.com]


Fri, 25 May 2007 11:27:36 -0700

Forwarding at author's request.

----- Forwarded message from sindi keesan <keesan@sdf.lonestar.org> -----

Date: Fri, 25 May 2007 16:13:30 +0000 (UTC)
From: sindi keesan <keesan@sdf.lonestar.org>
To: Rick Moen <rick@linuxmafia.com>
Subject: Re: [TAG] (forw) Re: (forw) Re: lpr works for user not root in
Basiclinux 2.1

I deleted most of this thread from my mailbox. Please could you get this email to the right place in the thread?

I just noticed you have posted our long discussion of lpr and user in the April edition. There is one piece missing. Karolis found the solution to the eznet problem. Eznet (which our little linux uses as a front end for pppd) changes file permissions while it is being used, which is why the devices needed to dial kept reverting to not being user-accessible. So in order to dial as user, one would need to use pppd directly without eznet.

I am trying to keep things simple, and eznet is very simple to set up. I am totally incapable of rewriting eznet to behave properly.

Would it make a big difference in security if the user dialed as root, then logged in and did everything else online as user?

I can now print as root (and hopefully as user) with gs 8.54, which I compiled with default device deskjet, at default resolution 300 dpi, on default letter size paper:

gs -sOutputFile=/dev/lp0 filename.pdf
I put together a package with a bit of documentation. Init files are compiled into the executable, and it works without added fonts. I included only the older deskjet and laserjet printers and devices needed to view with an svgalib viewer and to convert ps < > pdf. 2.7MB standalone executable.

http://keesan.freeshell.org/bl/gs-8.54-HP-noX.tgz (glibc 2.2.5) Compiled without x11 (use svgalib 1.9.25 and svp to view, also posted at my site as packages).

Since it does not require x11, it should work with libc5 BL3.50 (whose X is not compatible with glibc X) as well as later linuxes.

There is now a basiclinux BL3.50 with a nicer wm that does not require a mouse, and a more complete menu that makes life easier for beginners. It still uses eznet.

http://distro.ibiblio.org/pub/linux/distributions/baslinux

Added to the 5MB of BL3.50, along with a few extra libraries, Opera 8, and Abiword (each about 12MB), this gs should make for a nice 50MB linux that browses, does word processing and prints, works with some cameras, and might run off a flash drive if you first boot from a 1-floppy USB-capable linux and chroot to the flash drive. (I did something similar with camera-linux, 8MB of files needed to download photos from my camera and display them on any computer with a floppy drive and USB 1.0 port, in a loop file in a DOS directory on the camera memory card).

Thanks for the education.

keesan@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org

----- End forwarded message -----


perl fork: How to keep restarting a child till timeout?

Karl-Heinz Herrmann [kh1 at khherrmann.de]


Sat, 5 May 2007 22:43:01 +0200

Hi tag,

I'm trying to write a perl progam to automatically record internet radio. The current setup uses at to start a recording process which checks the radios webpage, filters the proper straming adress and wget it for wget'able streams -- otherwise mplayer is used to dump the stream.

My increasing problem is, that the recording process exits prematurely. What I currently do in perl is a main routine which does all the webfetching and then forks out two processes:

* the recorder * the killer -- waiting and then killing the recorder after preprogrammed time

main program exits. This protects mplayer from any input on stdin as this immediately kills mplayer (a problem if perl program is started by atd as I had to find out).

Now I tried to setup a signal handler for SIGCHLD in the main part and then let the main go to sleep instead of exiting. On receiving a SIGCHLD it checks if this was because of the killer (time up, killer exited) or if the time is not yet up and the recorder exited too early. In the latter case I restart the recorder, kill and restart the killer for the new recorder-pid and then I want back in main, set the sighandler and go to sleep as before.... but I seem unable to get out of the sighandler. So this restarted recording exactly once -- but not again.

Is something like the above possible? Or do I have to switch to a loop in main checking regularly on the status and react actively without the use of sighandler to get any number of restarts?

I'm not too worried of too fast forking as wget/mplayer takes a while till they decide to fail -- but just in case a small delay and restart counter (or count/time) could be calculated and watched in case network is down and wget/mplayer are exiting to quick.

Since I would very much like to learn how the sighandlers are supposed to work and how to use them I would find the first strategy more interesting.....

As reading material I've the perl CD bookshelf including Programming perl and the cookbook (Advanced Perl Programming doesn't have much on forking and signal handlers). Both are not too deep into what's to do once the sighandler was activated and I don't just want to terminate after some cleaning up.

K.-H.

[ Thread continues here (8 messages/29.08kB) ]


Talkback: Discuss this article with The Answer Gang

Published in Issue 139 of Linux Gazette, June 2007

Talkback

Talkback:124/smith.html

[ In reference to "Build a Six-headed, Six-user Linux System" in LG#124 ]

Cubbs [cubbs_obannen at flashmail.com]


Thu, 10 May 2007 19:51:55 -0500

Hi folks, regarding the multi-head linux system build-

I'm wondering if the mouse and keyboard entries will work the same if i'm using one or more PS2 to USB adapters? The ones I found online convert both ps/2 mouse and keyboard to a single USB input. (Such as: http://www.newegg.com/Product/Product.aspx?Item=N82E16812107701)

Would these cause any problems with differentiating/using the inputs for each head?

Thanks, Cubbs

[ Thread continues here (2 messages/1.67kB) ]


Talkback:128/ramanathan.html

[ In reference to "Subversion: Installation, Configuration — Tips and Tricks" in LG#128 ]

Narinder Sharma [nshama at varshyl.com]


Mon, 21 May 2007 21:41:32 +0530

Hi Friend I am Narinder here from New Delhi. I need your assistance to install svn on linux . Can u send me the documentation or steps involved in doing so. Waiting for reply Thanks Narinder Shama

[ Thread continues here (2 messages/1.67kB) ]


Talkback:18/bash.html

[ In reference to "/bash.html" in LG#18 ]

Ben Okopnik [ben at linuxgazette.net]


Sun, 6 May 2007 20:25:00 -0400

On Sun, May 06, 2007 at 09:37:09AM -0700, Jim Dennis wrote:

> 
> 
>  Okay, LONG overdue though minor correction:
> 
> 
> ---- Forwarded message from <MAILER-DAEMON@starshine.org> -----
> 
> To: "Smith, Tyler" <tsmith@inphi-corp.com>
> Cc: utyler@gmail.com, editors@linuxgazette.net
> Subject: Re: [Spam: ***]
> From: Jim Dennis <jimd@starshine.org>
> 
> On Wed, May 02, 2007 at 03:25:00PM -0700, Smith, Tyler wrote:
> > On the page
> > http://linuxgazette.net/issue18/bash.html
> > should shortest be longest (see below)?
>  
> > ${variable%%pattern} 
> > Trim the shortest match from the end 
>  
> > ~~~~~~~~~~~~~~~~~
>  
> > Thanks for the page.
> > Tyler
> 
>  You're probably right.  That error has probably been there, 
>  and heretofore unreported for years.
> 
>  I'll see if the current editors of LG are inclined to fix their
>  copy of it (but, of course the many mirrors around the world might
>  not pick up the change any time soon.
> 
> --
> Jim Dennis
> 
> ----- End forwarded message -----

Actually, the mirrors - barring a mirracle - will not pick it up at all; typically, they just pull down the latest issue as a tarball and add it to their structure. However, I went ahead and made the change anyway.

This particular bit of parameter expansion stays at the top of my mind for an odd reason: I tend to fire up Midnight Commander in most of my xterms, and since MC uses '%' as a designator for special entities (e.g., '%s' is the current or selected filename, '%d' is the current directory, etc.), I have to remember to double any percent signs that I want to use literally. Therefore, "shortest match" for me is ${variable%%pattern} - and "longest match" is ${variable%%%%pattern}. It also makes life interesting when I'm firing off a Perl one-liner containing hashes (which, of course, use '%' for a sigil.)

-- 
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *

Talkback:126/pfeiffer.html

[ In reference to "Digging More Secure Tunnels with IPsec" in LG#126 ]

René Pfeiffer [lynx at luchs.at]


Fri, 27 Apr 2007 21:30:59 +0200

Hello!

On Apr 26, 2007 at 1329 -0700, S. Banerian appeared and said:

> [...]
> I read through the two articles on use of setkey/racoon in
> linuxgazette/2006.
> The second article describes racoon configuration, but really only in
> terms of two private nets behind gateways.  My goal is to just connect a
> cluster of boxes together, on whatever subnets.

You can only use IPsec for creating an encrypted tunnel between two points in the network. If you wish to connect multiple hosts you need to create tunnels from one hosts to the others or use gateways that route through VPN tunnels.

> >From what I get out of the article, I might be able to just modify the
> sainfo block, using the two endpoints for each connection; however that
> does not "seem' to work; tcpdump tells me nothing appears encrypted.
> I've not found online any good peer-to-peer x509 description.

Can you tell me something more about your configuration? Maybe you can send an anonymised config file, so that I can see the relations between the IP addresses. I don't need to know your real IPs, just mark them in order to indicate private and public IP ranges.

> Do you have any recommendations for an A-B-C peer connection with x509 ?

One way would be to use static routes through multiple VPN tunnels. Another way would be to use a star topology and have one machine act as a VPN server where all the others connect to. This saves you some tunnels between indidivual hosts and requires the VPN server in the middle to reroute all the traffic. Yet another way is to try a mesh. tinc (http://www.tinc-vpn.org/) is used by the German Chaos Computer Club to link multiple sites with a kind of mesh topology. It doesn't seem to support X.509 though.

Best wishes, René.

[ Thread continues here (2 messages/6.02kB) ]


Talkback: Discuss this article with The Answer Gang

Published in Issue 139 of Linux Gazette, June 2007

2-Cent Tips

Recording ALSA PCM output as RAW data

Mulyadi Santosa [mulyadi.santosa at gmail.com]


Sun, 27 May 2007 15:18:48 +0700

Hi Gang...

I'd like to write a short tip here. Sometimes, you may want to record the PCM output stream, maybe for further sound analysis and such. How to do it?

You need to modify your ALSA setting e.g in /usr/share/alsa/alsa.conf and add below lines:

pcm.default {
        @args [ SLAVE FILE FORMAT ]
        @args.SLAVE {
                type string
                default "hw:0,0"
        }
        @args.FILE {
                type string
                default "/mnt/linux/midi/test.raw"
        }
        @args.FORMAT {
                type string
                default raw
        }
        type file
        slave.pcm $SLAVE
        file $FILE
        format $FORMAT
}
The declaration is quite self explanatory. Pay attention to $FILE definition (where you want to put the RAW file). It is defined as 44100 HZ, 2 channel, signed linear sample data.

Later, you can convert this file into another audio format, such as WAV:

$ sox -V -w -c  2 -s -r 44100 ./copy.raw ./copy.wav
Notice that the above ALSA PCM definition is default definition, so it affects any ALSA based application that use default definition too. If you want, you can name it something like "pcm.tee" and later to use this definition, tell your application to do so, e.g:
aplay -D tee song.wav
NB: I read about this tip during my experiments with Linux Audio. There might be mistakes here, so please CMIIW.

regards,

Mulyadi


Talkback: Discuss this article with The Answer Gang

Published in Issue 139 of Linux Gazette, June 2007

Creating an Unkillable Process

By Silas Brown

Annoying as unkillable processes can be, there are some circumstances where you might legitimately want to create one. For example, if I run an audit tool, or if I want to write a program that makes sure I go to bed on time even when I'm really stuck into something, then I might not want even the root user to be able to stop it from running.

One approach would be to simply disallow any root access to the system, or at least disallow it at critical times, but that can get very complex if you still need to be able to administrate the system and/or cannot tell with certainty which times will not be critical. So I wanted an approach that did not rely on disallowing root access altogether.

As root can do anything (including writing batches of commands which when run will likely out-pace any periodic integrity checks), and even modifying all of root's tools does not preclude the installation of new ones, the only way to really make a process unkillable is to modify the kernel. But if possible I wanted a solution that didn't involve delving into the kernel, for reasons of portability and keeping it simple.

So I had to settle for the lesser goal of "create a process that, if killed, will start again immediately". That's not too difficult: edit /etc/inittab and get init(8) to restart the process whenever it dies. But the root user can change /etc/inittab, and can also change the executable file on disk, which could forestall the process from properly starting again after it's killed.

Read-only filesystem

To prevent such changes, both the executable and /etc/inittab will have to go on a read-only filesystem. But it's not sufficient to take just any filesystem and mount it read-only, because root can simply remount it read/write. You can however make an ISO image and mount that as a loop device; this mount can't possibly be remounted read/write, and changing the underlying ISO file shouldn't affect the mounted filesystem. But you'd still have to stop root from unmounting it and mounting something else in its place (or unmounting/remounting it after changing the ISO file).

You can stop a filesystem from being unmounted by making sure that it's always busy, i.e. there are processes whose current directory is inside it. But that doesn't stop the use of "umount -l" (lazy unmount) which detaches the filesystem from the hierarchy and postpones the actual unmounting until it's no longer busy; root can do a lazy unmount and mount something else, and all new processes will see the new version.

Actually that's not quite true: If root does use "umount -l", then any currently-running processes whose current working directory is in the old mount can continue to see the files from the old mount, and so can their child processes, provided that they always refer to them from the current working directory and not via an absolute path. If they use an absolute path then they'll see the new mount.

So if we can get init(8) to run with the mounted ISO as its current working directory, and to execute our program from the current directory instead of from an absolute path, then it should not be possible to change the contents of that ISO as far as init(8) is concerned, at least not without rebooting or cracking the kernel.

This can be done by moving /sbin/init to /sbin/init.orig, and creating a new /sbin/init, a shell script:

#!/bin/bash
mount /sbin/init.iso /init-mnt -o loop
cd /init-mnt
exec /sbin/init.orig $@

You will also need to ensure that future package upgrades do not overwrite your /sbin/init script with the original binary.

Then chmod +x that script, make the /init-mnt directory, and use mkisofs to make the /sbin/init.iso file containing any binaries you want to run. You can run scripts, but make sure the interpreter binaries are in the ISO and that /etc/inittab calls them from the current directory, for example:

AA:23:respawn:./python myscript.py

(In the case of python you might also want to ensure that it's reading its standard libraries from the ISO rather than from anywhere else, otherwise there could be a back door that way.)

Patching init

Although it should now be impossible for root to change your script without rebooting, it is still possible for root to change /etc/inittab and tell init to re-read it. On most systems, init is hard-coded to load /etc/inittab by absolute path, which means you can't get around this without patching init, either to make it load inittab from the current working directory or to prevent it from ever re-reading inittab during its run.

You could hex-edit the init binary and change the string, but the resulting system probably won't boot. It's better to download your distribution's source package for "sysvinit" (or whatever your distribution calls it), change into its "src" directory, edit paths.h and change "/etc/inittab" to "inittab", then type "make" and move the resulting init binary to where you want it. Remember to put an inittab file inside the ISO image: this is the inittab file that will be used (not /etc/inittab), and the only way to change it is to change the underlying ISO file and reboot.

There is still another problem, however. If your process is killed too often, init will refuse to restart it for a while. You could make it more aggressive whenever it restarts (e.g. terminate all root shells and disable the root account for a time to stop it from being killed again too soon), but if root launches a script that repeatedly scans the current processes and kills yours, and that script's loop is small and fast, then your process is not likely to be able to get as far as stopping it.

Perhaps the easiest way around this is to treat the "respawning too fast" condition more seriously. For example, search the init source for the part that prints the "respawning too fast" message (in version 2.86 it's in init.c) and add "exit(1);" after the statement's closing semicolon. This means, if any process respawns too fast (for example because root is running an aggressive script to stop your process from running), init will exit, which will result in a kernel panic and an unusable system. Note however that this also means the system will crash if any inittab task respawns too fast due to a typo, so be careful.

Closing remarks

In this article we have put together a way of preventing even the root user from getting rid of a certain process without rebooting. However, there is still the issue of rebooting itself. You can't really stop root from changing /sbin/init or /sbin/init.iso and rebooting the system, especially if it's done quickly without a proper shutdown, so reboots had better be very noticeable. If you want to make things more difficult, though, you could get your program to frequently check the stat() of /sbin/init* for changes, taking care to do so from the main thread (remember that if your program goes multi-threaded then it may be possible to kill some of the threads while preserving others). It would still be possible to do things by booting from a rescue disk however, and perhaps even without booting from a rescue disk in some circumstances, so this is not completely flawless.

[ Pruning root privileges is a tricky business. As the article shows, this endeavor is tied to the filesystem layer. Projects such as Linux capabilities or Security-Enhanced Linux also touch upon filesystems and are worth a look. -- René ]

Talkback: Discuss this article with The Answer Gang


[BIO]

Silas Brown is a legally blind computer scientist based in Cambridge UK. He has been using heavily-customised versions of Debian Linux since 1999.


Copyright © 2007, Silas Brown. Released under the Open Publication License unless otherwise noted in the body of the article. Linux Gazette is not produced, sponsored, or endorsed by its prior host, SSC, Inc.

Published in Issue 139 of Linux Gazette, June 2007

dotProject

By Lee Jordan

What is dotProject?

dotProject enables you to create, track, and maintain your projects online. It provides enterprise-level project management tools that include contact management, an email notification system, and an online system to create and manage projects. The intuitive color codes indicate if you are headed for hot water. It is created, maintained, and developed by volunteers like you and me.

dotProject is free to use. The software license is BSD, GNU General Public License (GPL), which means it is free software provided as is with no warranty. The full license should be available in the [filename path] where your installation of dotProject resides. You can learn more about this type of license at http://www.gnu.org/licenses/gpl.html.

When a user first logs in, they will see a personalized view of dotProject. The screen will display the events and tasks they are members of, including a full list of specific projects and tasks they are assigned to. The user can navigate to different areas as specified on the navigation bar, which will be displayed on the top or the left side of the screen.

dotProject is an online project management application. You will need a browser and either intranet or Internet access. dotProject is surprisingly versatile. A few of the many things you can do in dotProject are:

dotProject has great features for communicating with your contacts and resources. Even so, it is not intended as a groupware tool. Groupware is generally used to describe desktop or web-based applications that enable users to work collaboratively. There are often forum, chat environments, wikis, or email tools which are all-purpose in nature. Choosing a groupware over a focused application could be compared to offering a guest a wide variety of pies, cakes, and cookies for dessert when you know they have a deep and abiding love for cheesecake with raspberry and chocolate sauce.

dotProject is focused specifically on project management instead of being a generic groupware application. It does contain forums, calendar, and email functionality that are often associated with groupware tools, so that users can collaborate for the purpose of project management. The phrase, "for the purpose of project management" is the key difference between dotProject and groupware. The narrow focus on the needs of those involved in managing projects makes dotProject more useful to users than a generic tool. No project is too large or too small, whether you are trying to get the band back together or developing enterprise software projects.

dotProject is useful in many ways. There are features of dotProject that make using it a much more pleasant experience like user specific to-do lists and events: when a user logs in, they immediately see what project events they are involved in and what tasks are assigned to them.

What are the Core Features of dotProject?

The answer will actually depend on what your company uses dotProject for. A user with admin access has a great deal of control over what modules are active, displayed, or hidden, and who can use them. If a particular set of modules are not needed, they can be deactivated. There are 10 key features that make up the core of dotProject. These are central to the dotProject philosophy of creating an environment for users:

Core Features in Detail

User Management: A simple feature, for tracking user activity, adding users, and managing users. User sessions showing date last logged in as well as other information is available.

Email based Trouble Ticket System (Integrated voxel dot net's Ticketsmith): A ticket tracking system. Some use dotProject as a helpdesk or combination CRM (Customer Resource Management) tool.

Email notification for assignees: This feature is on by default whenever a new task is created. User assignees will receive information about the task they were assigned to unless you choose not to have the notification sent.

Client/Company Management: A digital rolodex of contact information that can be used to identify projects that directly affect customers or external clients. Basic default classifications and categories are already set up in the Companies module. A tabbed interface allows users to quickly see how many vendors, suppliers, and other types of companies are on the list.

Project listings: Lists of projects are broken down by what state they are in, such as all projects, proposed, planning, in progress, on hold, complete, template, archived, not defined. You can quickly move from tab to tab to view the state of the projects. The number of projects listed in each state is in parenthesis on each tab.

Layered project and task details: The minimum amount you need to know is displayed. Text links allow the user to drill down into the project or task for more information if required. Tasks can also be organized by precedence, dependencies, and time.

Hierarchical Task List: Tasks are organized in a hierarchy, not just arbitrarily listed. This is a very useful feature. Tasks can be dependent on other tasks.

Instant Color Coded Progress: Instantly see if your project is in danger with intuitive color codes. If your task is highlighted with dark pink or red, it is past due.

File Repository: The file repository is a central place to store project documents. They can be viewed from the central repository or from the project they are stored under. Files can be uploaded without being associated with a specific project. They will appear under the All Projects heading in the repository. I have found this feature invaluable for when I wanted to make sure all stakeholders would be able to view key files or code in case something happened. The file system strictly controls how files are downloaded and uploaded. All files can be assigned a version number. The check-in and check-out process can be confusing. We will spend some quality time covering it in Chapter 3, where I will help you avoid the embarrassing mistakes I have made using this feature.

Contact List: The contact list can be used intuitively within project listings themselves. This is a feature I am thankful for every time I have to edit or create a new task.

Calendar: The calendar has several display options, including a three month mini calendar view, a day view, week view, and a comprehensive month view. A full screen version of the calendar is only a click away on the navigation bar. There you can see a holistic view of all the projects and tasks. There is also a three month mini-calendar that displays on the Today screen.

Discussion Forum: The forum module can be used to share project-specific news and information. It is integrated into dotProject. Everyone can view what is said in the forum. Threaded discussion forums can be created to discuss particular projects. All forums must be associated with projects. Forums can be moderated, and follow a standard post topic, reply, add new topic format.

Resource Based Permissions: The permissions system in versions 2.0 and above is role based. It is granular, meaning there are many variations that can be used to specify access to the areas you want and prevent access. Users can have read-only access to certain modules by role. Role-based permissions are intuitive. If most of the people using dotProject will be project managers, a project manager role can be created, and then individual users can be added to the system. Roles must be in place before a user is added. Think of it as a job. A job must be created, and then a person hired to fill the job position. This is a very important feature.

User specific to-do lists and events: When a user logs in, they immediately see what project events they are involved in and what tasks are assigned to them.

Why dotProject is the Right PMA for You

So far we have examined what project management applications are, what they should do, and taken a high level look at what features dotProject has to offer. Determining what project management tool best suits an organization calls for awareness of which features are critical and which are negotiable.

dotProject is the right choice for organizations that need a project management application that has no fees, has a generous license agreement, is stable, works on all the major browsers, has a supportive community, has permissions that are granular, and is scalable. It is open source, not a commercial application. There are no license fees, maintenance fees, or purchasing fees. For organizations on a tight budget, the price is right.

It has a history of integration with other popular open-source projects such as PostNuke. It's modular. Use only the modules you need. Don't want to use the Forums module? Disable it. It shares many advantages of other open-source, developer maintained applications in that, it is relatively lightweight, can be customized by users or by contracting with its developers.

dotProject does have limitations. Its focused approach may turn off those looking for an all-in-one project development suite. There is no module for creating diagrams, for example. The ability of dotProject to integrate with other applications as part of a larger, customized group is a potential solution.

Unsure if you want to install or use dotProject? Try out the free demo on the main dotProject site:
http://www.dotproject.net/demo/

This article is excerpted from Project Management with dotProject: Implement, Configure, Customize, and Maintain your DotProject Installation by Lee Jordan, published by Packt Publishing. For further details, please visit http://www.packtpub.com/dotProject/book.

Talkback: Discuss this article with The Answer Gang


[BIO]

Lee Jordan is a web developer with a large collection of web technology acronyms on her resume that sound like the names of laundry detergents and cause glazed expressions in school children. She designs and maintains internal and external enterprise-level websites and web-based applications as part of a project team for a privately held technical services company. Her work includes proposing, writing, and editing web content and user guides people actually read. She began her career in 1997 as a web designer after graduating from Florida State University with a Bachelor of Fine Arts, where she swears that she missed at least one home football game while in the computer lab. Lee later convinced Seminole Community College to give her a Web Programming degree in 2003, even though her final project was a Java-based application that actually contained a usable help file. Web development topics or whatever she can think of at the time are posted on her blog at http://leesjordan.net.


Copyright © 2007, Lee Jordan. Released under the Open Publication License unless otherwise noted in the body of the article. Linux Gazette is not produced, sponsored, or endorsed by its prior host, SSC, Inc.

Published in Issue 139 of Linux Gazette, June 2007

Installing Perl Modules as a Non-Root User

By Ben Okopnik

Introduction

If you use Perl for anything more complex than the traditional (and boring) generation of "Hello, World", then it's also likely that you're familiar with those wonderful work-saving devices - Perl modules. Furthermore, chances are that you're also familiar with CPAN, the Comprehensive Perl Archive Network, and the easy interface to it that is provided by the CPAN module. That all works just great - assuming that you a) run a sensible modern OS like Linux, and b) have root access to the machine you're using (or have a friendly and cooperative sysadmin). But what if those assumptions don't hold true? What if, for example, you have a shell account on a machine run by some mega-corporation that doesn't feel like installing the Foo::Bar::Zotz::Blagger-0.01 module in their /usr/lib/perl? I, for one, can't blame them; a system-wide installation could open them up to unknown bugs galore. When your interests and theirs conflict, you lose every time - since they own the system.

So, what can we do if we really, really need that module but can't get it installed on a system-wide basis? The answer is to install it elsewhere - in some directory where you have write permissions.

Configuring the Environment

Clearly, if you're not root, you're not going to be able to save the files to their default locations under '/usr/' - which is where they would normally go. Therefore, we need to tell Perl where to find the modules that we'll install. Fortunately, this is the easy part: just decide on the location where you'll install the modules, create that directory if it doesn't already exist, append '/lib' to its name, and set the PERL5LIB variable to that string. E.g., if you're using Bash, then edit your ~/.bash_profile and add the following:

if [ -z "$PERL5LIB" ]
then
	# If PERL5LIB wasn't previously defined, set it...
	PERL5LIB=~/myperl/lib
else
	# ...otherwise, extend it.
	PERL5LIB=$PERL5LIB:~/myperl/lib
fi

MANPATH=$MANPATH:~/myperl/man

export PERL5LIB MANPATH

Now, create the three necessary directories:

mkdir -p ~/myperl/lib
mkdir -p ~/myperl/man/man{1,3}

After you've logged out and back in, Perl will treat that location as a part of @INC (the list of directories to search for libraries and modules.) If you want to confirm that it's actually happened, just execute the following and use your directory name as the argument to 'grep':

perl -wle'print for grep /myperl/, @INC'

Installing the Modules

perl -MCPAN -we 'shell'

First, you'll need to configure the CPAN module. If you've never done this, it's really simple; just execute the above at your command line, and you're on your way. Some people have referred to it as a "pecking chicken" install (that is, if you set a chicken over the 'Enter' key and it then keeps pecking at the key, it'll get through the installation successfully). For our purposes, however, we need to make two small modifications to the standard procedure: when the script asks you for any extra arguments for Makefile.PL, you need to supply it with the following list (assuming that you chose '~/myperl' as your private lib directory):

LIB=~/myperl/lib INSTALLSITEMAN1DIR=~/myperl/man/man1 INSTALLSITEMAN3DIR=~/myperl/man/man3

You also need to make sure that the UNINST parameter is turned off; you can do this by setting 'UNINST=0' when that question comes up during the installation. (This is the default behavior unless you set it, but you might as well make sure.)

If you had already configured the CPAN shell at some point in the past, you simply need to modify the configuration. Again, start the shell as above, and issue the following commands at the "cpan> " prompt:

`` o conf makepl_arg "LIB=~/myperl/lib INSTALLSITEMAN1DIR=~/myperl/man/man1 INSTALLSITEMAN3DIR=~/myperl/man/man3" o conf make_install_arg UNINST=0 o conf commit ''

and you're done. From this point forward, using the CPAN shell (or any of the other CPAN functions and methods) should work just like usual:

# Invoke the shell
perl -MCPAN -we shell

# Install the Net::FTP module
perl -MCPAN -we 'install "Net::FTP"'

# Update all outdated modules on this system
perl -MCPAN -we 'CPAN::Shell->install(CPAN::Shell->r)'

Conclusion

Both the CPAN module and its documentation - which are, incidentally, included as part of the standard Perl installation - have always been good, but they've become even better in the recent years. If you have not taken the time to become familiar with them, you should do so, since the end result will be a great savings in time and effort. The CPAN itself should also be your first stop before you embark on any complex project - I've wasted many an hour trying to accomplish some task only to find out later (or part-way through the project, if I was lucky) that a module to perform that task already exists. Give it a shot - and happy hacking!

Talkback: Discuss this article with The Answer Gang


picture

Ben is the Editor-in-Chief for Linux Gazette and a member of The Answer Gang.

Ben was born in Moscow, Russia in 1962. He became interested in electricity at the tender age of six, promptly demonstrated it by sticking a fork into a socket and starting a fire, and has been falling down technological mineshafts ever since. He has been working with computers since the Elder Days, when they had to be built by soldering parts onto printed circuit boards and programs had to fit into 4k of memory. He would gladly pay good money to any psychologist who can cure him of the recurrent nightmares.

His subsequent experiences include creating software in nearly a dozen languages, network and database maintenance during the approach of a hurricane, and writing articles for publications ranging from sailing magazines to technological journals. After a seven-year Atlantic/Caribbean cruise under sail and passages up and down the East coast of the US, he is currently anchored in St. Augustine, Florida. He works as a technical instructor for Sun Microsystems and a private Open Source consultant/Web developer. His current set of hobbies includes flying, yoga, martial arts, motorcycles, writing, and Roman history; his Palm Pilot is crammed full of alarms, many of which contain exclamation points.

He has been working with Linux since 1997, and credits it with his complete loss of interest in waging nuclear warfare on parts of the Pacific Northwest.


Copyright © 2007, Ben Okopnik. Released under the Open Publication License unless otherwise noted in the body of the article. Linux Gazette is not produced, sponsored, or endorsed by its prior host, SSC, Inc.

Published in Issue 139 of Linux Gazette, June 2007

Writing PostgreSQL Functions in C

By Ron Peterson

Introduction

PostgreSQL is a powerhouse in its own right, but it is also extensible. You have a lot of options when it comes to extending PostgreSQL. You can use SQL, PL/pgSQL, PL/Tcl, PL/Perl, PL/Python, and more. Each option has its advantages. C has the advantage of speed, of course. Because PostgreSQL itself is written in C, writing C code also allows you to leverage some of PostgreSQL's own internal code. Your C code can also readily leverage any number of other programming libraries. C functions are also a stepping stone toward defining your own new PostgreSQL base types. Ready to get started? Great! Because instead of trying to butter you up with a witty preamble, I'm going to take you straight to work.


Prerequisites

You'll need a fairly recent version of PostgreSQL to follow along. I'm not going to discuss PostgreSQL's older Version 0 calling convention. I'm also using the PGXS build system, which was introduced in PostgreSQL version 8.0. The packaged version of PostgreSQL included with Debian Sarge or Redhat AS4 is older than that. I have compiled and used the code below on Debian Etch's packaged version, Fedora Core 6's packaged version, and on my own compiled from source installation of PostgreSQL 8.2.4.

If you are using your distribution's packaged version of the PostgreSQL server, rather than rolling your own; you need to make sure that you install the corresponding development package, for example:

Debian Etch:
  apt-get install postgresql-server-dev-8.1 postgresql-8.1
Fedora Core 6:
  yum install postgresql-server postgresql-devel

I'm going to assume you know the basics of how to configure and run PostgreSQL. If not, there are plenty of resources to help you get going. I also included an example build script at the end of this article.

Obviously you'll also need a C compiler. Make also comes in handy. Unless, like Alan Cox, you are able to directly manipulate the bits inside of your computer with your mind, you will also appreciate the use of a keyboard and monitor. I think we're ready now.


Hello, World!

This month I'll present a simple example, and follow-up with some explanations. We're going to write a function that takes a single text argument, and appends it to the the string 'Hello, '.

prompt> select hello( 'World!' );
     hello
---------------
 Hello, World!

Using your favorite editor (**cough**emacs**cough**), create a file called example.c as follows:

#include "postgres.h"
#include "fmgr.h"
#include <string.h>

#ifdef PG_MODULE_MAGIC
PG_MODULE_MAGIC;
#endif

Datum hello( PG_FUNCTION_ARGS );

PG_FUNCTION_INFO_V1( hello );
Datum
hello( PG_FUNCTION_ARGS )
{
   // variable declarations
   char greet[] = "Hello, ";
   text *towhom;
   int greetlen;
   int towhomlen;
   text *greeting;

   // Get arguments.  If we declare our function as STRICT, then
   // this check is superfluous.
   if( PG_ARGISNULL(0) ) {
      PG_RETURN_NULL();
   }
   towhom = PG_GETARG_TEXT_P(0);

   // Calculate string sizes.
   greetlen = strlen(greet);
   towhomlen = VARSIZE(towhom) - VARHDRSZ;

   // Allocate memory and set data structure size.
   greeting = (text *)palloc( greetlen + towhomlen );
   VARATT_SIZEP( greeting ) = greetlen + towhomlen  + VARHDRSZ;

   // Construct greeting string.
   strncpy( VARDATA(greeting), greet, greetlen );
   strncpy( VARDATA(greeting) + greetlen,
            VARDATA(towhom),
            towhomlen );

   PG_RETURN_TEXT_P( greeting );
}

Now let's build this program, install it, and use it. Section 33.9.6 of the official PostgreSQL documentation explains the details. Unless you're doing something complicated, the PostgreSQL Extension Building Infrastructure, aka PGXS, will probably suffice. Create the following Makefile in the same directory as your code:

MODULES = example
PGXS := $(shell pg_config --pgxs)
include $(PGXS)

Run 'make' and then 'make install' as a user with permission to write the example.so file you just made to the PostgreSQL server's lib directory.

With the module in place, all that's left to do is to bind our 'hello' function inside of our example.so module to a SQL function that we can use inside our database. The following SQL will do the trick. Put the following text in a file called 'example.sql'.

CREATE OR REPLACE FUNCTION
  hello( TEXT )
RETURNS
  TEXT
AS
  'example.so', 'hello'
LANGUAGE
  C
STRICT
IMMUTABLE;

Open a database with the PostgreSQL interactive command line editor 'psql' as a user with permission to create new functions (i.e. superuser). Create your new 'hello' function by loading the example.sql code above. For example:

prompt> \i example.sql
CREATE FUNCTION

=> CREATE TEMP TABLE test( name ) AS
-> VALUES ('Xavier'), ('Yari'), ('Zack');

=> SELECT hello( name ) FROM test;
    hello     
--------------
 Hello, Xavier
 Hello, Yari
 Hello, Zack
(3 rows)


What We Did

What could possibly be cooler than that?! Now let's review what we did.

I'll begin by noting that there are actually two PostgreSQL C language calling conventions: an older 'Version 0' convention and the newer 'Version 1' convention. I'm focusing exclusively on the Version 1 convention.

We begin by including postgres.h and fmgr.h. There are other PostgreSQL header files that you will need if you begin developing more complicated code, but you can pretty much expect that you'll always need at least these two. The include statements are followed by a "magic block". This block is required as of PostgreSQL version 8.2. This statement ensures that the database doesn't load improperly versioned object files. The magic block is followed by our C function declaration. We can have as many functions in a single object file as we like. In this example, we only declare and define one function, called 'hello'. I like to put forward declarations of all my C functions at the beginning of my code to avoid annoying compiler warnings. A quiet compiler is a happy compiler. The PG_FUNCTION_INFO_V1 macro is required for all dynamically loaded Version 1 functions. I actually have no idea what it does, but I know what happens when you leave it out: nothing good.

And now at the beginning of our actual function definition, we can see in the variable declarations that we're using a PostgreSQL defined type: 'text'. Of course there are other PostgreSQL types worth knowing about as well. Table 33-1 in the official PostgreSQL documentation enumerates the C types corresponding to built-in SQL types. You should use PG_GETARG_xxx() and PG_RETURN_xxx() functions to retrieve and return these values from your function. A few examples:

int32    PG_GETARG_INT32(0)     PG_RETURN_INT32(arg)
bytea *  PG_GETARG_BYTEA_P(0)   PG_RETURN_BYTEA_P(arg)
text *   PG_GETARG_TEXT_P(0)    PG_RETURN_TEXT_P(arg)

The argument to the GETARG functions indicates the position of the argument in the function call. The argument to the RETURN functions is a variable containing data to be returned. The _P suffix means 'pointer'. Let's get our input. Again, the GETARG arguments indicate position. So PG_ARGISNULL(0) refers to our first (and only) argument. If that argument is NULL, we return NULL, and we're done. Later, when we look at the SQL we use to import our function, we'll see that declaring our SQL function STRICT makes this NULL check superfluous, but I like to include it anyway. If our argument is not NULL, then we drop through and use the PG_GETARG_TEXT_P macro to assign the first argument (they are zero indexed) to our 'towhom' variable.

Variable length types such as bytea or text are always passed by reference. We then use macros to set and retrieve the data within our variable length data types. Let's take a quick look at the 'varlena' data structure used internally by PostgreSQL to represent variable length data structures. This will help us understand how some of the other macros we use operate. (As an aside, the name of this structure is where A. Elain Mustain got the name for her online PostgreSQL newsletter.)

struct varlena
{
  int32 vl_len;
  char  vl_dat[1];
};

The value vl_len member of this structure indicates how much data the structure is holding. The vl_dat member holds the data. Pretty simple, huh? However, there's no reason to go poking at this structure directly. In fact, we should not assume that this structure even exists. Instead, we get and set variable length data with macros. The VARSIZE macro tells us the total size of our 'towhom' text. The VARHDRSZ macro is a constant, and represents the overhead consumed by the vl_len member of our varlena structure. So VARSIZE(towhom) - VARHDRSZ gives us the number of octets in our text string. We use the VARATT_SIZEP macro to set the vl_len member of our 'greeting' text equal to the size of the text string it's going to store. Note that PostgreSQL text strings are not null terminated. The varlena data structure obviates the need for an end of string delimiter. The VARDATA macro returns a pointer to the data member of our 'greeting' string.

Again: while it's educational to understand what's happening under the hood, don't go poking around at PostgreSQL internals when you don't have to. Use the provided macros instead.

One last note about our C code. Use 'palloc', not 'malloc'. PostgreSQL's memory allocation function automatically takes care of certain cleanup operations that would otherwise be impossible. How would you free the memory pointed to by a pointer that's returned from our function, for example? PostgreSQL takes care of this for us. That's not to say we shouldn't free memory when we can. Use the palloc function's corresponding 'pfree' function to free memory when it's no longer needed.


Our SQL Function Definition

Our CREATE FUNCTION call maps our C function to a corresponding SQL function, which we will also call 'hello'. Our SQL function is defined to take a single TEXT argument, and to return a TEXT result. We can include more than one function inside a single object file, but for today, our example.so file only includes our single 'hello' function.

Our function is declared to be STRICT, meaning that it will return NULL on NULL input. This saves processing overhead (and makes our functions's NULL checking superfluous, as already mentioned). Our function is also declared IMMUTABLE, which means that our function does not modify the database, and that for any given input, the function will always return the same output.

See the PostgreSQL documentation for CREATE FUNCTION for more details about this statement.


Wrapping Up

In my next article, I'll expand on this introduction to PostgreSQL C programming. I'll show how to use PGXS when you want to link against external libraries, and I'll explain how to process tuple arguments. I'll also show how to use the 'ereport' function to provide diagnostic output while debugging C code that's running inside of a database.

Until then, you might want to take a look in the PostgreSQL distribution's 'contrib' directory for more examples. Even if you don't understand all the code there, you'll almost certainly find something you can use. There's a lot of really excellent work in there.


Hasty PostgreSQL Installation HOWTO

Here's the script I use to build PostgreSQL. You'll need to make sure you have the development versions of required libraries installed, e.g. on Debian Sarge you'll need libpam-dev, libperl-dev, etc.

NAME=postgresql
VER=8.2.4
APP=${NAME}-${VER}
SRCDIR=/usr/get/src/${NAME}/${APP}
INSTALLDIR=/local/apps/versioned/$APP
LOGFILE=/local/data/build/${APP}.log

[ -d $INSTALLDIR ] && rm -rf $INSTALLDIR
cd ${SRCDIR}
[ -f config.cache ] && rm -f config.cache
# make clean
./configure \
    --prefix=$INSTALLDIR \
    --with-pgport=5432 \
    --with-pam \
    --with-perl \
    --with-python \
    --with-openssl \
    --with-readline \
    --enable-thread-safety \
    > $LOGFILE 2>&1

RETVAL=$?
[ ! $RETVAL -eq 0 ] &&
make >> $LOGFILE 2>&1

ETVAL=$?
[ ! $RETVAL -eq 0 ] &&
make install >> $LOGFILE 2>&1

RETVAL=$?
exit $RETVAL

I like to symlink my versioned installation to /local/apps/postgresql (so I can quickly change between minor version numbers by changing a single symlink); then I symlink the binaries in /local/apps/postgresql to a bin directory on my search path, somewhere where ldconfig will find them (see /etc/ld.so.conf), and so on. Create a PostgreSQL superuser and group (Typically 'postgres' & 'postgres'). Create a directory for log files and for the database which are owned by this user, and give that user write permission. Here's a simple init script. Use the 'init' function to create an empty database.

#!/bin/sh

VER=8.2
PGACCOUNT=postgres
POSTBIN=/local/bin
PGCTL=${POSTBIN}/pg_ctl
INITDB=${POSTBIN}/initdb
DATADIR=/db/postgres/${VER}
LOGFILE=/var/log/postgres/pg_ctl.log
ENCODING="SQL_ASCII"

# Set postgresql options in postgresql.conf

[ -f ${PGCTL} ] || exit 0

init () {
    echo -n "Initializing PostgreSQL database"
    echo
    su - postgres -c "${INITDB} -D ${DATADIR} -E $ENCODING"
    echo
}

start () {
    echo -n "Starting PostgreSQL..."
    echo
    su - postgres -c "${PGCTL} start -D ${DATADIR} -l ${LOGFILE}"
    echo
}

stop () {
    echo -n "Stopping PostgreSQL..."
    echo
    su - postgres -c "${PGCTL} stop -D ${DATADIR} -m smart"
    echo
}

restart () {
    echo -n "Restarting PostgreSQL..."
    echo
    stop
    sleep 5
    start
}

reload () {
    echo -n "Reloading PostgreSQL configuration..."
    echo
    su - postgres -c "${PGCTL} reload -D ${DATADIR}"
    echo
}

status () {
    echo -n "Checking PostgreSQL status..."
    echo
    su - postgres -c "${PGCTL} status -D ${DATADIR}"
}

case "$1" in
  init)
    init
    ;;
  start)
    start
    ;;
  stop)
    stop
    ;;
  restart)
    restart
    ;;
  reload)
    reload
    ;;
  *)
    echo "Usage: $0 {init|start|stop|restart|reload|status}"
    exit 1
esac

exit 0

I also like to give myself and root, ident authorization to run as the 'postgres' superuser (i.e. I like to be able to run 'psql -U postgres' when I'm doing development work so I can get into the database quickly). Append something like the following to ${your_db_directory}/pg_ident.conf:

amap          myusername          iddb
amap          myusername          myusername
amap          myusername          postgres
amap          postgres            postgres
amap          root                postgres

This presumes you have enabled ident authentication in pg_hba.conf, like so:

local all all ident amap

That's a pretty hasty PostgreSQL installation HOWTO. It's a little off-topic, but I thought it might help jump start a potential proselyte or two.


Emacs Errata

I'm a big fan of SQL Mode for Emacs (see Resources below). I run split windows, and use keyboard shortcuts to run bits of the SQL I'm editing in my *SQL* buffer. However, I've always found that sql.el needs a little tweak. The problem is that when you run 'M-x sql-postgres', it won't prompt you for a user name. Unless you always want to connect to the database as your shell account username, or unless you exclusively use ident authentication, you'll want to fix this. Find sql.el on your system, and edit the PostgreSQL section as follows:

< (sql-get-login 'database 'server)
> (sql-get-login 'database 'user 'server)

> (if (not (string= "" sql-user))
>   (setq params (append (list "-U" sql-user) params)))

Run 'byte-compile-file' to create sql.elc. If you enter nothing at the 'User:' prompt, you will connect as the current user. If you want to use PostgreSQL's ident authentication (assuming you have this configured in PostgreSQL's pg_hba.conf and pg_ident.conf), leave the 'Server:' prompt blank. Enter a server name and a password if you are doing host based authentication.


Resources

Talkback: Discuss this article with The Answer Gang


Bio picture

Ron Peterson is a Network & Systems Manager at Mount Holyoke College in the happy hills of western Massachusetts. He enjoys lecturing his three small children about the maleficent influence of proprietary media codecs while they watch Homestar Runner cartoons together.


Copyright © 2007, Ron Peterson. Released under the Open Publication License unless otherwise noted in the body of the article. Linux Gazette is not produced, sponsored, or endorsed by its prior host, SSC, Inc.

Published in Issue 139 of Linux Gazette, June 2007

HelpDex

By Shane Collinge

These images are scaled down to minimize horizontal scrolling.

Flash problems?

Click here to see the full-sized image

Click here to see the full-sized image

All HelpDex cartoons are at Shane's web site, www.shanecollinge.com.

Talkback: Discuss this article with The Answer Gang


Bio picture Part computer programmer, part cartoonist, part Mars Bar. At night, he runs around in his brightly-coloured underwear fighting criminals. During the day... well, he just runs around in his brightly-coloured underwear. He eats when he's hungry and sleeps when he's sleepy.

Copyright © 2007, Shane Collinge. Released under the Open Publication License unless otherwise noted in the body of the article. Linux Gazette is not produced, sponsored, or endorsed by its prior host, SSC, Inc.

Published in Issue 139 of Linux Gazette, June 2007

Ecol

By Javier Malonda

The Ecol comic strip is written for escomposlinux.org (ECOL), the web site that supports es.comp.os.linux, the Spanish USENET newsgroup for Linux. The strips are drawn in Spanish and then translated to English by the author.

These images are scaled down to minimize horizontal scrolling.

[cartoon]

Click here to see the full-sized image

All Ecol cartoons are at tira.escomposlinux.org (Spanish), comic.escomposlinux.org (English) and http://tira.puntbarra.com/ (Catalan). The Catalan version is translated by the people who run the site; only a few episodes are currently available.

These cartoons are copyright Javier Malonda. They may be copied, linked or distributed by any means. However, you may not distribute modifications. If you link to a cartoon, please notify Javier, who would appreciate hearing from you.

Talkback: Discuss this article with The Answer Gang


Copyright © 2007, Javier Malonda. Released under the Open Publication License unless otherwise noted in the body of the article. Linux Gazette is not produced, sponsored, or endorsed by its prior host, SSC, Inc.

Published in Issue 139 of Linux Gazette, June 2007

The Geekword Puzzle

By Samuel Kotel Bisbee-vonKaufmann

1
2
3
4
5
6
*
7
8
9
10
11
12
13
14
15
*
16
17
*
18
* * *
19
20
* * *
21
22
23
* *
24
25
26
27
* *
28
*
29
30
31
32
33
34
*
35
36
* * *
37
38
*
39
* * *
40
41
42
43
*
44
45
46
47
48
*
49
50
* *
51
52
* *
53
54
55
56
* * *
57
58
* * *
59
60
61
*
62
63
64
65
66
*
67
68
*
69


[ Crossword formatting and JavaScript via Alon Altman's cwd. The ASCII-art, printable version is available here. ]

 

Across

1: Franz Lisp for MS-DOS
7: First column of four digit number
15: Scali's Message Passing Interface
16: Arial and Impact, for example
17: Parent's process is usually init
18: MIT, BSD, Apache
19: 200 in access.log
21: Sun product, s/office/league/
24: Easy version of this puzzle's theme answers
27: Smaller, faster version of 37A
28: Greek letter, often for density
29: Red Hat security _ (bugs)
32: Used as iterators when sleeping
35: Closed source, to some
37: Version of sh, is a bad pun
39: Shell with static library links
40: Ctrl+Tab repeatedly
44: Germanic creature made popular by Tolkien
48: Epoch, _ remember for programmers
49: Digital advocacy group
51: 1980s AT&T Bell Labs shell
52: Extends 37A, 51A, and tcsh
53: Supporters
57: 43 55 48 52 54 4C 4F 4E 46
59: Polynomial with two terms
62: Parallel circuit look alike
66: SYN-ACK
67: "Why did _ symlink?"
68: `/(I traveled)/` with synonym
69: Sexy programmers, loudly typing _
Down

1: Uses MIME type image/photoshop
2: NFS, AFS, SMB, for example
3: Was Janus (Solaris 10)
4: `perl -e '$_ = "IMMLER";' -e 'print "$1R\n" if /(IMML)?E/'`
5: Mailbox file
6: A box sending ICMP Echo Requests
7: Xvnc or SSH, for ex.
8: DeCSS poem type
9: "The HTML is served _h" (2 wds)
10: "Most coders _ to iterate" (2 wds)
11: _-mail, default Pine folder
12: .zip predecessor by SEA
13: 01101110 01101001 01100101
14: NFS, AFS, SMB, for example
20: `echo A G H I J N O T U V W X | awk '{print $1$1$3$9$3$9}'`
21: Common suite of statistical software
22: A safer shell, invoked by Ctrl+X Ctrl+R
23: read_ad, reads data into the page cache
24: Popular postcardware CD ripper that requires Wine
25: _lin, "an extremely aggressive Scheme compiler"
26: _ 9000, or CARL in French
30: Red Hat += Security-Enhanced Linux (abbr)
31: 82 73 72 76 (unicode to ascii)
33: Popular "going once, going twice" website
34: "You don't leave an IRC channel, you _ it"
36: Spanish, German, and Tagalog
38: Open source, _ coders one at a time
40: Crazed Looney Toons character
41: Specifies SHA-1, SHA-256, SHA-512, for example
42: "_, humbug!"
43: XML, tags _ among other tags
45: _ybd, virtual on-screen midi keyboard
46: Controversial open software advocate
47: Specifies SHA-1, SHA-256, SHA-512, for example
50: `perl -e 'print "Use ". reverse $answer ." GRUB is not available.\n"'`
54: `rm` synonym
55: i_s, extracts CPP conditionals
56: _n, deconfigure
57: `cp`
58: VU1PQQ==
59: Network _dge, links network segments at the data link layer
60: hod_, print full months and days in classic Latin
61: "War Games" gov't agency, s/A/O/
63: 8D decrypts this
64: GNOME widgets by Nautilus hackers
65: Sun _, a stateless thin-client

 


Solution to the last month's Geekword (ASCII version here):

 

1
G
2
N
3
O
4
M
5
E
*
6
B
7
A
8
F
9
U
10
B
I
S
O
N
*
11
B
P
E
N
12
T
H
I
R
D
*
13
S
A
D
M
* * *
14
S
L
15
I
*
16
C
O
A
17
S
18
C
19
R
E
E
N
*
20
H
R
S
21
T
O
A
*
22
S
Q
23
U
E
A
K
24
R
D
N
*
25
S
U
L
* * *
26
U
I
D
27
S
*
28
E
T
29
H
30
E
31
R
32
T
N
O
D
*
33
S
R
A
N
D
34
S
G
M
S
*
35
T
A
S
K
S

 

Across

1: The Free Software Desktop Project
6: Sam_, skilled (2 wds)
10: yacc replacement
11: US_, small removable media (2 wds.)
12: `sed -e 'n;n;G;'`, insert a blank line every _ line
13: Sy_in, root synonym
14: Allowed tandem identical PCI Express cards to be run
16: One of three basic cryptographic scheme attacks (abbr.)
17: Multiple shells from one shell
20: `date +%-k%-k`
21: Freedom _ster, provides distro vending machines
22: Smalltalk implementation
24: Comprises a DN in LDAP
25: Pico Con_
26: `sed -e 's/:/ /g' /etc/passwd | awk '{print $3}'`
28: _Ape, graphical network monitor
32: Oracle JDeveloper's _e class extends TreeNode
33: Seeds a specific number generator in C/C++
34: Segmentation messages (abbr.)
35: KOrganizer helps manage these
Down

1: Not so normal gigabyte abbr.
2: _ Class Library, formerly known as OOPS
3: Maintains the Open Source Definition
4: _ code, 1830s telographic data transmission system
5: `until [[ 1 == 2 ]]; do echo ""; done`
6: Early Internet forum system
7: Common web server
8: A soft felt hat that sits next to a red hat
9: 255.255.255.0 to 0.0.0.0
15: "An _", ShowUsTheCode.com is doing this
17: Servlet/JSP framework from 7D
18: A true meaning of hacking
19: 32A cannot generate truely _ numbers
23: _Linux, a SPARC family port
27: 6D admin. tool
29: High availability subsystem (abbr.)
30: `echo -e "\0105\0116\0113"`
31: _d stores analog radio data for _query and lib_

Talkback: Discuss this article with The Answer Gang


[BIO]

Samuel Kotel Bisbee-vonKaufmann was born ('87) and raised in the Boston, MA area. His interest in all things electronics was established early as his father was an electrician. Teaching himself HTML and web design at the age of 10, Sam has spiraled deeper into the confusion that is computer science and the FOSS community, running his first distro, Red Hat, when he was approximately 13 years old. Entering boarding high school in 2002, Northfield Mount Hermon, he found his way into the school's computer club, GEECS for Electronics, Engineering, Computers, and Science (a recursive acronym), which would allow him to share in and teach the Linux experience to future generations. Also during high school Sam was abducted into the Open and Free Technology Community (http://www.oftc.org), had his first article published, and became more involved in various communities and projects.

Sam is currently pursuing a degree in Computer Science at Boston University and continues to be involved in the FOSS community. Other hobbies include martial arts, writing, buildering, working, chess, and crossword puzzles. Then there is something about Linux, algorithms, programing, etc., but who makes money doing that?

Sam prefers programming in C++ and Bash, is fluent in Java and PHP, and while he can work in Perl, he hates it. If you would like to know more then feel free to ask.


Copyright © 2007, Samuel Kotel Bisbee-vonKaufmann. Released under the Open Publication License unless otherwise noted in the body of the article. Linux Gazette is not produced, sponsored, or endorsed by its prior host, SSC, Inc.

Published in Issue 139 of Linux Gazette, June 2007

The Linux Launderette

By Jimmy O'Regan


Car auction scam

Mike Orr [sluggoster at gmail.com]


Tue, 8 May 2007 09:12:35 -0700

Anybody who knows me knows how inappropriate this is. What would I do with a car, put it in my living room? Note the terms: you pay a fee and $10,000 deposit, we "promise" to return the deposit if your car(s) don't win the auction. "We cannot put prospective business partner funds in our bank account,that's why we will be using e-gold payment only."

This does count as the first time I've heard of anybody actually using e-gold for anything.

[ Thread continues here (5 messages/16.36kB) ]


[Evals] Microsoft buys aQuantive (was: New blood)

Rick Moen [rick at linuxmafia.com]


Fri, 18 May 2007 14:14:04 -0700

----- Forwarded message from Rick Moen <rick@linuxmafia.com> -----

Date: Fri, 18 May 2007 14:08:55 -0700
From: Rick Moen <rick@linuxmafia.com>
To: evals@lists.merlins.org
Subject: [Evals] Microsoft buys aQuantive (was: New blood)
Back on April 19, I wrote:

> Quoting the most recent press release on the VA $WHATEVER Web site:
> 
>   VA Software Corporation (Nasdaq: LNUX), the online media, software, 
>   and e-commence leader in community-driven Open Source innovation, 
>   today announced that Scott E. Howe has joined the company's Board 
>   of Directors effective March 7, 2007. Howe brings more than eight
>   years of experience in the areas of internet media, technology, and
>   advertising.
>   [...]
>   Howe is President for DRIVE Performance Media, a division of
>   aQuantive, Inc. aQuantive is a global digital marketing company and the
>   parent company of interactive agencies, performance media and behavioral
>   targeting businesses, and providers of integrated digital marketing
>   technologies throughout the world. [...]
> [...] 
> In other words, one of the many firms quietly making money off
> "metrics", i.e., spying on the user, data-mining / data sales,
> consequent targeted advertising, etc., "integrated digital marketing
> technologies" being one of the standard corporate euphemisms for spying.

Apparently, Microsoft Corporation badly, badly wanted a ride on the same bus, because they just acquired qQuantive for SIX GIGABUCKS (US $6 x 10^9).

US readers can be excused if they've become blase about huge dollar figures after years of underwriting BushCo Federal budgets, but some context may help: Microsoft's _total equity_ is $34.9 x 10^9. So, they just sunk 1/6 of the full net value of their firm into this purchase.

(MSFT common stock took a $1 hit to $30.6, but is still near 7-year highs.)

Hmm, sudden, massive market diversification immediately following the firm's annual Be Very Afraid Tour?[1] Maybe a sign that those unspecified patents are mostly crap, and that they fear increasing danger to the monopoly gravy-train?

http://www.latimes.com/business/la-fi-webads19may19,1,7538913.story?coll=la-headlines-business (Note: _LA Times_ links go payment-only after about a week) http://news.google.com/?ncl=1116466959&hl=en

[1] http://www.groklaw.net/article.php?story=20070517083516872

-- 
Cheers,                   "Of course, NIMBYism is perfectly fine for other
Rick Moen                 places, but we certainly shouldn't allow it in
rick@linuxmafia.com       our town."   -- Rick M., going meta on his $SPOUSE

SPAM: New 0day Exploit.

Ben Okopnik [ben at linuxgazette.net]


Fri, 18 May 2007 11:38:42 -0500

Wow. Ya just gotta love the business model.

I've seen this kind of thing for Wind0ws in the past, but never for Linux; it seems the dirtbags are going upscale these days...

----- Forwarded message from linuxmaniakz <linux@maniakz.us.com> -----

To: xxxxx@linuxgazette.net
Subject: [SPAM] New 0day Exploit.
From: linuxxxxxxxx <linux@xxxxxxx.xx.com>
Reply-To: notreplyable@xxxxxxx.xx.com
Date: Thu, 17 May 2007 23:27:09 -0500

  XPLOITS FOR SKILLFUL LINUX USERS


 Please if you get this mail , do not forward it , because its for
 you, you we're chosen by us to be sent this mail so keep it that way.

 ====================================================================
 BLACKMARKET SITE , THIS IS JUST A PRIV8 NEW EXPLOITS MAIL SUBSCRIBER
 ====================================================================

 We are sending you this mail not for knowledge but for ownage :

 2.4.* <.30
 2.6.* <.19      kernel bug

 First 5 exploits are free but source is hidden , if you want the source
 and more private exploits you will have to pay. Thank you very much.

====================================================================
                         http://xxxxxxx.xxx.xx/x/xxxxxx.gz ; gunzip xxxxxx.gz
 ====================================================================

 If you are not interested please delete this message bye.

----- End forwarded message -----
-- 
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *

[ Thread continues here (2 messages/2.61kB) ]


Hi

Mike Orr [sluggoster at gmail.com]


Tue, 1 May 2007 10:03:15 -0700

Western kind of 419 scam. Note the empty addressee name.

---------- Forwarded message ----------

Dear,

My name is Grace Smith, I am 24 years old, from London - England, where I school and work as a fashion designer for part time job I do after my school. I am the only daughter of my parents my father died on a fatal auto accident on his way to see my sick mother at the hospital where she was admitted for Cancer treatments, she also die when she heard about the death of my father in same day and hospital.

Before the death of my father, he had Willed part of his Real Estate Business, Gas Stations and a total sum of =A350,700,000.00(Fifty Million, Seven Hundred Thousand Pounds Sterling) to me. Now at his death, and because things has become very hard for me paying my school fees, putting food on the table and taking care of my other needs which my fashion designer work I do as a part time work after my school can't help, I went to the bank where my late father deposited the funds on my behalf to with draw money to take care of my self and pay for my school fees and other bills.

I was shocked when the Bank Manager explained to me that I will not be able to draw from the deposited money, because my father had putting a clause on the Will, which he used in depositing the funds with them, saying that before I will be given access to the money, I will either have to be 30 years old or I will be given access to the money, if I get married before the age of 30 , in which case, my husband will be legible to collect the money on my behalf by standing in as my late fathers next of kin to claim the deposited funds on my behalf.

Today I am only 24 years old. And I have no access to the money till I'm 30 years. So, I'm contacting you to stand in as my husband to claim this fund on my behalf if you are married already, you can still help me by standing in as my late fathers next of kin to the deposited funds. So, please get back to me as to know how you will be remunerated as I will part with 40% of the total sum =A350,700, 000.00 (Fifty Million, Seven Hundred Thousand Pounds Sterling) ,while 10% will be mapped out for any expenses that we're to use to receive the money from the deposited Bank.

Please remember that I am writing you this email purely on the ground of trust so we can achieve this deal together. This transaction will last for two weeks after you get back to me on how serious you are to claim these funds on my behalf.

Yours Truly, Grace Smith


Talkback: Discuss this article with The Answer Gang


Bio picture Jimmy is a single father of one, who enjoys long walks... Oh, right.

Jimmy has been using computers from the tender age of seven, when his father inherited an Amstrad PCW8256. After a few brief flirtations with an Atari ST and numerous versions of DOS and Windows, Jimmy was introduced to Linux in 1998 and hasn't looked back.

In his spare time, Jimmy likes to play guitar and read: not at the same time, but the picks make handy bookmarks.

Copyright © 2007, Jimmy O'Regan. Released under the Open Publication License unless otherwise noted in the body of the article. Linux Gazette is not produced, sponsored, or endorsed by its prior host, SSC, Inc.

Published in Issue 139 of Linux Gazette, June 2007

Tux