Category: Tech

Posted on

FreeNX and SELinux

As I [mentioned earlier](http://jaredrobinson.com/blog/?p=87), upgrading from Fedora 6 to Fedora 7 broke FreeNX. A temporary solution was to disable SELinux. Here’s what allowed me to re-enable SELinux. First, I read the RHEL 5 SELinux guide to [building a local policy module](http://www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/Deployment_Guide-en-US/sec-sel-building-policy-module.html). Next, I ran the following commands, as root:

setenforce Enforcing
/etc/init.d/auditd stop
mv /var/log/audit/audit.log /var/log/audit.log.old
/etc/init.d/auditd start

At this point, I used an NX client to attempt to connect to my server, which failed. Then I did this:

cd /etc/selinux
cat /var/log/audit/audit.log | audit2allow -M freenx
semodule -i freenx.pp

At that point, my NX client allowed me to connect to the server. Here’s the freenx.te file that audit2allow created:

module freenx 1.0;

require {
type unconfined_t;
type lib_t;
class file execmod;
}

#============= unconfined_t ==============
allow unconfined_t lib_t:file execmod;

Posted on

Goodby VMWare, Hello VirtualBox

I’ve been using the freeware VMPlayer and VMware Server for a few years now, and while they function, it’s been a pain to have to recompile kernel modules every time the kernel is updated on my Fedora machines. A big disadvantage of VMWare is that the guests don’t seem to startup when run inside of an NX session, and I can’t run guests “headless” (without a monitor connected) using the free editions.

Based on the recommendation of [Craig Ozancin](http://www.linkedin.com/pub/0/826/810), I’ve tried [Virtual Box](http://www.virtualbox.org/), and I’m pleased with it — it lets me start and stop guests from the command line. I can connect to them using RDP (remote desktop). The new 1.4.0 release includes support for VMWare guest images! VirtualBox hasn’t required me to recompile kernel modules, and it seems to run faster than VMWare.

Goodbye VMware. Hello VirtualBox. What does the future hold? Probably [KVM](http://fedoraproject.org/wiki/Docs/Fedora7VirtQuickStart) (the [kernel-based virtual machine](http://www.phoronix.com/vr.php?view=9066)), which only works with newer Intel and AMD chips containing virtualization instructions.

I later discovered that when I (accidentally) ran the Xen kernel, VirtualBox wouldn’t work. It seems the Xen kernel doesn’t work well with third party virtualization solutions. It’s a good thing I don’t need Xen.

Posted on

HOWTO disable middle-mouse-paste in Linux

A coworker couldn’t stand the fact that, on his linux computer, when he accidentally clicked the mouse wheel, it would paste text. He offered to buy me lunch if I could turn it off. Here’s how we did it. Run the following command:

> xmodmap -e “pointer = 1 25 3 4 5 6 7 8 9”

To persist this behavior, edit ~/.Xmodmap and add
> pointer = 1 25 3 4 5 6 7 8 9

Next annoyance: My coworker uses Eclipse, and wants to hit the F10 key. GTK (the toolkit underneath Gnome) maps F10 to pop up the application menu. In RHEL/CentOS 4, there’s no good way to fix it. On my Fedora 6 machine, I did the following:

> gconftool-2 –get /desktop/gnome/interface/menubar_accel

I saved off the value of that, which was “F10”. Then I ran this:

> gconftool-2 –type string –set /desktop/gnome/interface/menubar_accel “Ctrl-Shift-M”

It also works to use gconf-editor to edit the key /desktop/gnome/interface/menubar_accel.

Posted on

SSH File System (sshfs)

I find that using `scp` to repeatedly copy files to a remote host gets tedious. Setting up NFS or Samba is often either not a viable choice, or is more work than seems warranted. Recently, I started using SSHFS, which I highly recommend. It works well because most servers I connect to support SSH, and therefore, my Linux box can use SSHFS to connect to them. Here are instructions for setting it up on Fedora Linux: [http://fedorasolved.org/server-solutions/sshfs/](http://fedorasolved.org/server-solutions/sshfs/)

Posted on

glibc malloc hooks and TLSF

Recently, I was asked to constrain the memory usage of an application on Linux. Glibc provides hooks for [malloc, free, etc](http://www.gnu.org/software/libc/manual/html_node/Hooks-for-Malloc.html). By the way, the hook functions are responsible to guarantee thread safety — glibc doesn’t do it automatically. I used the malloc hooks in combination with a memory manager that a colleague found: TLSF. There are two implementations:

* [http://tlsf.baisoku.org/](http://tlsf.baisoku.org/) (public domain)
* [http://rtportal.upv.es/rtmalloc/](http://rtportal.upv.es/rtmalloc/) (GPL)

There are benefits and caveats when using a custom memory allocator. TLSF was meant to shine for real-time use, because the overhead of malloc and free are O(1) constant-time operations. On the other hand, TLSF isn’t thread-safe.

Posted on

mtnwestruby: Meta Notes

Mountain West Ruby Conference: Meta Notes
17 March 2007

Setup. When I arrived, the conference organizers were setting up the auditorium
with power extension cables, network cabling, etc. Having a wired network
connection was very nice, although Wi-Fi was available.

Attendance was better on Friday than on Saturday.

Laptops. I’d estimate that nearly half of attendees had Apple laptops. Nearly
half of the presenters used Apple laptops, and of the remainder, half used
Windows and half used Linux.

Editors. Of the presenters that edited code on-the-fly, one used emacs, one used Textmate and the rest used VIM. None used an IDE.

JRuby or Ruby.NET. It seems like my app would become tied to the platform if I
use the libraries from that platform. This would make it difficult to go from
JRuby to Ruby.NET, or visa-versa. Or difficult to move from JRuby or Ruby.NET to
traditional Ruby.

Posted on

mtnwestruby: JRuby

Mountain West Ruby Conference: JRuby by Charles Nutter and Ted Enebo
16 March 2007

Most of the developers in the auditorium have been Java programmers, and don’t
want to go back. Charles said that they have a hard time getting the message
out that JRuby isn’t about Java, it’s about Ruby, and they’ve aimed to make
JRuby as compatible as possible with Ruby.

Background: They’ve both been Java developers for the past ten years, and
their goal is to make Ruby a first-class language on the Java platform. They
didn’t start the JRuby project — they adopted it.

Ruby 1.8 Design Issues:

  • Green Threading doesn’t scale across multiple processors/cores. The
    one-size-fits-all scheduler doesn’t fit all platforms where it runs. Although
    Ruby 1.9 will use native threads, there’s much work left to make it work on
    various platforms. Java/JRuby already uses native threading and scales across multiple processors and cores.

  • Partial Unicode support. Ruby 1.9 will have Unicode support, but will bring with it other difficult issues (e.g. what happens when you concatenate two strings, each being in a different encoding?). In JRuby, one can use Java Unicode strings, or the Rails Unicode library.
  • Slower than most other dynamic languages. Makes it difficult to sell to management. It’s a long term perception problem for the language. JRuby will allow compiling to bytecode, which allows HotSpot to do JIT optimization.
  • Garbage collection is simplistic. JRuby uses Java’s best-in-the-world memory management and GC. Scales well to enormous applications and loads, and is battle-tested in deployments worldwide.
  • C language extensions can crash the Ruby runtime, don’t necessarily interact well with garbage collection or with threading. JRuby lets you use Java-based extensions, which aren’t going to crash the VM.

Politically, it’s easier to get JRuby into an organization than Ruby, because
organizations have already accepted and deployed Java. JRuby is just a library for Java.

Most “pure” Ruby code runs on JRuby, and Rails mostly runs on it, although
only 90% of ActiveRecord passes unit tests. It’s easier to write JRuby code
than Java code. Perhaps Java is good for implementing libraries, and JRuby is
good for using those libraries for implementing applications.

JRBuilder/Cheri project by Bil Dortch lets you build Swing apps in JRuby much
more easily than writing Java code. Demo shown. Project is still in development.

NetBeans Ruby support is a one-man developer effort by Tor Norbye. His
progress has been impressive. Demo shown. Code completion, syntax
highlighting, built-in ruby documentations, go-to-declaration, auto-indent,
rename support, built-in interactive ruby shell (irb). By the way, Charles
uses vim, and Ted uses emacs. NetBeans Ruby uses the JRuby AST to do its work.

Speed. Interpreted JRuby is currently generally slower than Ruby 1.8.5, although some things are faster. They’re working on making it faster, and should be able to achieve comparable performance to Ruby 1.8.5. Compiled Ruby (bytecode) runs faster on the JVM than it does on Ruby 1.8.5.

Q: How can you make a JRuby app deployable so that people don’t know it’s a Ruby app or a Java app?
A: Make your ruby app into a jar file, and just double-click it.

Q: How easy or hard is it to deploy JRuby apps to servers?
A: Use Sun’s glassfish deployment framework.

Posted on

mtnwestruby: Review of a Rails App

mtnwestruby: Review of a Rails App by Marcello and Jamis of 37signals.com
17 March 2007

Almost everyone in the audience has used Rails. A little less than have write Rails apps for a living. I haven’t used Rails, and even if I had, it would be difficult to take notes on this presentation. I recommend viewing the video when it becomes available.

Marcello and Jamis recommend Kent Beck’s book on Smalltalk best practices and how to decide what code belongs where. They also recommend Domain Driven Design.

Why do you prefer the operator ‘&&’ over ‘and’? The use of ‘&&’ leads to fewer bugs. Consider the following code:

  • return foo and bar # will not return what you expect
  • return (foo and bar) # this will work
  • return foo && bar # use ‘&&’ and ‘||’ because they’re more predictable in behavior than ‘and’ and ‘or’

Convention: A bad smell in code is seeing a chain of if..elsif
statements to check for error conditions. In this case, you probably want to
handle error cases with exceptions. For example, in Rails, myobj.save! will
validate data, and raise an exception when there’s a problem, whereas
myobj.save will not raise an exception.

Posted on

mtnwestruby: Ruby USB

mtnwestruby: Ruby USB by Michael Hewner
16 March 2007

Nerds love to customize their software — their shell prompt, adding vim plugins, emacs, etc. After a while, they run out of things to customize. What do they do now? Customize USB hardware!

Ruby USB is about fun, about controlling USB devices using Ruby. No
one paid him to work on it. USB devices are self describing. You can even build
your own USB devices, which has nothing to do with Ruby. The most interesting
USB spec is the one for Human Interface Devices. For HID, the device sends a
description of the format of the data that it’s going to send and what it means
— before it actually sends the data. No reverse engineering necessary!

Ruby USB simplifies the interpretation of the meta-data coming from a USB
device.

mouse_interface.all_input_usages => [Button (9)::Button ...]
keyboard_interface.all_input_usages # will list ever key available on the keyboard

Michael did not write libUSB; his Ruby library merely uses it. It supposedly
supports all UNIX operating systems, although he’s only tested it on Linux.

Lessons learned:

  • Don’t write the USB HID parsing library in C++ and patch it into Ruby — it’s too much work. He should have written it directly in Ruby.
  • Write unit tests.

AVRUSB: Build your own custom USB device — requires that you have a soldering iron and an AVR microcontroller.

Evdev uses the linux-level USB device layer to let you talk to USB devices. It’s easier to use, more rock solid, but doesn’t let you do as many cool things.

Q: Is Ruby USB ruby-thread safe?
A: Haven’t tested it. There are probably some bugs.

Q: Do you have the ability to send output to USB devices?
A: He’s working on it. It’s almost ready.

Q: What’s the craziest thing you’ve done with Ruby USB?
A: Glued two keyboards together. Made one work for Vi insert mode, and one for Vi command mode. It didn’t work out well because he would frequently type on the wrong keyboard, and because it was too large to fit on his lap comfortably.