One more day for Ubuntu 8.10 release

Ubuntu 8.10 named Intrepid Ibex will be released on 30th October 2008. I’m looking forward for the release tomorrow. I’ll be upgrading my machines to Ibex. New features in 8.10 are:


Ubuntu 8.10 is here

  • GNOME 2.24
  • X.Org 7.4
  • Linux kernel 2.6.27
  • Encrypted private directory
  • Guest session
  • Network Manager 0.7
  • Samba 3.2
  • PAM authentication framework
  • Totem BBC plugin
  • Server Virtualization

There is more, you can check out http://www.ubuntu.com/testing/810rc.

Duplicity chokes on OSError: [Errno 24] Too many open files

It was little bit too scary. Duplicity backup scripts were failing on the EC2 instances again, this time around it was not about not able to reach S3, but having too many files open. That was weird because it didn’t give such a error in the past. However the work around was to increase the maximum number of file descripters allowed for the user that was running the backup script.

How ever finding this solution was tought, actually it was a FreeBSD forum that had the solution. I though I would just write it down for Linux.

Step 1: Find out the current limit

To find out the current file descripter limit for a given use, log in as the particular user and run the following command.

 $ ulimit -n

By default on Debian it would be 1024.

Step 2: Increase the limit

You would have to edit /etc/security/limits.conf. You will find details on how to setup different limits in limits.conf itself. The record that you have to put in should look like the following.

username hard nofile 2048

Step 3: Log out and Log back in

You would have to log out and log back in as the user that we updated the file descripter limit. Then run the following command.

 $ ulimit -n

You should see the updated file descripter limit.

Hope this helps someone like me in desperation to get the backups in track. I would be doing more investigation as to why there are so many files open. If I find anything interesting I would definitely blog about it. Also for everyone’s reference there is a bug filed at the Savanah bug tracker by someone else who ran into the same issue

Turn your computer into an Internet TV – Miro

I always wanted to just have an Internet TV, no cable, no satellite, no terrestrial. Even when it comes to TV I want to watch what I want when I want, not when the broadcaster wants. Internet TV was the ideal. Main thing I missed was really good content with really good quality. Only hope was torrents, but it was not the same experience though. You have to download the movie file using a torrent client and then start watching it using a media player. YouTube videos were a big pain to save to share with my friends. Video feeds were another story; I couldn’t find a single descent client that will just work.

Finally there is a free and open source media player + Internet TV, Miro. You can download Miro from http://www.getmiro.com/. It is released under GNU GPL, you are free to use, change and redistribute.

Miro is a great piece of software that makes Internet TV a reality. It is capable of playing most video files if not all, built in guide to video feeds and podcasts with the capability to play them within Miro itself, capable of playing and saving YouTube videos, download Torrents and watch them in Miro, and best of all access to great variety of HD content. All this makes Miro the only media player you will ever want.

Miro binaries are available for all major flavors of Linux, MacOS, Windows. If you are not able to use any of the binaries you could always compile and install from source 😉

I’m impressed about what Miro can do, I think you will also be impressed. Download Miro now from http://www.getmiro.com/.

Epiphany Anti-Phishing extension

I’m happy to announce the release of safe-browsing 0.0.1 for Epiphany, the GNOME Web browser. It will try match the url you are trying to access with the Google Safe Browsing black list of urls. If it is a match the view pane will be disabled such that the user can only view the page but not interact. The user will be free to browse away from the page by typing a new url. The extension will also add a indicator to the browser status bar. In the next relase an error page will be displayed instead of even displaying the evil page.

You can also report phishing sites by clicking Help -> Report Web Forgery…

You can download the extension safe-browsing-0.0.1.tar.gz

Follow the steps bellow to install the extensionn. I’m assuming you have already installed epiphany and epiphany-extensions.

Step 1 – Download the extension archive

 $ wget http://www.mohanjith.net/downloads/gnome/epiphany/extensions/safe-browsing/safe-browsing-0.0.1.tar.gz

Step 2 – Extract the extension archive to epiphany extensions directory

 $ cd /usr/lib/epiphany/2.20/extensions/ $ tar -xzvf [Location_to_archive] .

Step 3 – Restart epiphany and enable Safe browsing extension

Goto Tools -> Extensions and then select the check box against Safe browsing.

Step 4 – Goto a phishing site

Goto a phishing page, e.g. http://202.168.224.161/c.html at the time of posting.

Hope this extension will make your browsing experience safer.

Using GNOME remotely via SSH

Have you ever wished that you had a GUI on a remote Linux server without using VNC? Actually you can use GNOME or any other GDM on a remote server via SSH, yep I’m not joking.

You need to have SSH and X11 running on both the client and the server. In addition on the server GNOME should be installed and SSH daemon should be running.

Step 1 – Turn on X11 forwarding on the server:

Add the following if it doesn’t exist or just change no to yes in /etc/ssh/ssh_config and save it.

ForwardAgent yes
ForwardX11 yes
ForwardX11Trusted yes

Add the following if it doesn’t exist or just change to yes in /etc/ssh/sshd_config and save it.

X11Forwarding yes

Step 2 – Connect to the remote server viw SSH with X11 forwarding

In order to enable X11 forwarding when you connect to a remote server via SSH you need to provide the commandline option -X. See the example bellow.

 $ ssh -X username@server

Step 3 – Start GNOME Session

You need to start the GNOME session for the GUI to show. By default GNOME session is not started for remote connections. It might take a while for any change to appear, you should notice GNOME startup sequence appearing in the client and couple of messages in your terminal.

However I do not recommend running X11 or GNOME on a production server, but this should be handy if you want to connect to your home computer from office for example.

WSO2 WSF/PHP with Lighttpd

I wanted to test drive WSO2 WSF/PHP on Lighttpd because I couldn’t find any documentation specific for Lighttpd, or any one complaining that it cannot be done. I set up a new VMWare image running Debian so that I can blog all the steps involved in getting WSO2 WSF/PHP working on Lighttpd running on Debian.

Step 1: Install Lighttpd, PHP5

I used apt-get to install Lighttpd and PHP5

 $ sudo apt-get install lighttpd php5 

Step 2: Download and install WSO2 WSF/PHP.

I downloaded the Debian package.

 $ axel -an 5 http://dist.wso2.org/products/wsf/php/wso2-wsf-php-1.2.0-debian.deb
$ dpkg -i wso2-wsf-php-1.2.0-debian.deb

Step 3: Enable WSO2 WSF/PHP

I created a new file /etc/php5/conf.d/wsf.ini and added the following line.

 extension=wsf.so 

Step 4: Enable FastCGI and PHP

Fastest method to run PHP on Lighttpd is FastCGI, so we will be enabling FastCGI.

 $ sudo lighty-enable-mod fastcgi

On Debian Lighttpd FastCGI configuration file contains the configuration for PHP4. We will have to edit /etc/lighttpd/conf-enable/10-fastcgi.conf to look like bellow.

server.modules   += ( "mod_fastcgi" )

## Start an FastCGI server for php5 (needs the php5-cgi package)
fastcgi.server = ( ".php" =>
((
"bin-path" => "/usr/bin/php5-cgi",
"socket" => "/tmp/php.socket",
"max-procs" => 2,
"idle-timeout" => 20,
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "4",
"PHP_FCGI_MAX_REQUESTS" => "10000"
),
"bin-copy-environment" => (
"PATH", "SHELL", "USER"
),
"broken-scriptfilename" => "enable"
))
)

Step 5: Restart Lighttpd

You have to reload the Lighttpd configuration files.

 $ sudo /etc/init.d/lighttpd restart

You have successfully installed WSO2 WSF/PHP on PHP5 and Lighttpd. It is time to test whether it is a success. Simplest approach would be to see phpinfo() page. Create a php file with the following line of code and place it in the document root. Then using a web browser goto that URL. In the page search for wsf section. This contains all the configurations about the WSF extension.

I went throught to the trouble of actually consuming a SOAP web service to see whether this setup actually works and it was a success, but that is simply out of the scope of this post. These instructions should work on other Linux distributions with minor changes and any platform with few changes.

Fly WSO2 WSF/PHP with Lighttpd. Have fun.

Flying light with lighty

I moved all my sites to my all new server. There I’m running Lighttpd as the front facing web server. I do have Apache HTTP Server running for the sake of svn serving. It was not very hard to migrate sites from Apache HTTP Server to Lighttpd. Only feature I missed was .htaccess file support or substitute. I just had to migrate all the operations taking place in the .htaccess files to the Lighty configuration file.

Overall migration was smooth. I have nothing to complain, memory foot print is small as it could get. Since I’m serving only PHP and Python I’m making use of FastCGI and it is really fast. You wouldn’t believe me if I tell you the performance gains. I can serve 700 requests per second when it comes to my Geo-IP web service (I believe the limit was the resources on the test machine), the server is not even sweating. If I was running the same application on Apache HTTP Server it would barely serve 230 requests per second, 204% performance gain.

If you visit any of my sites except for the blog itself (which is hosted at Blogger.com) you would see the performance. mohanjith.net responds within a second, that’s lighting fast. All this with a Debian running on Xen with 128MB physical memory and 256MB swap.

I would recommend Lighty to any one with simple serving requirements. It saves lot of server resources.

MakeNSIS on Linux

I was supposed to create a Windows installer recently, but I just hate using Windows. NSIS was the chosen installer creator. I was lucky to be able to compile the NSIS installer on Linux.

The installer just ran without any glitches on wine. So testing the installer as not an issue as well.

Let me guide you through installing NSIS on Linux and how to use it on Linux.

Requires

  1. Python
  2. SCons

Steps

  1. Download both the release and the source of x.xx.
  2. nsis-x.xx.zip nsis-x-xx-src.tar.gz

  3. Extract both into one parent parent directory
  4. <parent>
    |
    +-- nsis-x.xx
    +-- nsis-x.xx-src

  5. Change to the source directory
  6. $ cd nsis-x.xx-src

  7. Compile makensis using scon
  8. $ scons SKIPSTUBS=all SKIPPLUGINS=all SKIPUTILS=all SKIPMISC=all

  9. Copy makensis to the release
  10. $ cp build/release/makensis/makensis ../nsis-x.xx/makensis

  11. Change to the <parent>
  12. $ cd ..

  13. Install – Copy makensis to the install location
  14. $ sudo cp -r nsis-x.xx/* /usr/local/share/nsis/

  15. Create the link from the bin directory to the makensis such that
    makensis is accessible from the command line.
  16. $ sudo link /usr/local/share/nsis/makensis /usr/bin/makensis

Adding color to subversion

If you love the command line and svn but would like to add some color as well, you could try colorsvn.
colorsvn is identical to svn when it comes to commands, but the results are shown in color.

colorsvn is particularly handy if there are any conflicts created during an update.

See http://colorsvn.tigris.org/ for more.

svnserve Init script

I was annoyed to have to start the svnserve as a daemon everytime I restarted the machine. I also wanted to use service configuration(GNOME) to deal with the service.

I looked all over the web and failed to find the a good one. So I thought of writing it my self. Last weekend I sat down and wrote the script. Here is the result.

This was tested on fc6 running kernel 2.6.20-1.2962.fc6. Subversion 1.4.2 (subversion-1.4.2-2.fc6). It should work in any distro with init.

To make service configuration aware of svn serve you will have to first copy the script to /etc/init.d and then run the following.

$ /sbin/chkconfig ---add svnserve

Also remember to create the configuration(/etc/sysconfig/subversion) file with the following lines in it to enable threading.

OPTIONS="--threads"

You can put any options you could send to svnserve in the configuration file.

PS: here is the Init script it self for your viewing before downloading

#!/bin/bash
#
# /etc/rc.d/init.d/subversion
#
# Starts the Subversion Daemon
#
# chkconfig: 2345 90 10
# description: Subversion Daemon
# processname: svnserve
# pidfile: /var/lock/subsys/svnserve

source /etc/rc.d/init.d/functions

[ -x /usr/bin/svnserve ] || exit 1

### Default variables
SYSCONFIG="/etc/sysconfig/subversion"

### Read configuration
[ -r "$SYSCONFIG" ] && source "$SYSCONFIG"

RETVAL=0
prog="svnserve"
desc="Subversion Daemon"
pidfile="/var/run/$prog.pid"

start() {
echo -n $"Starting $desc ($prog): "
daemon $prog -d $OPTIONS --pid-file $pidfile
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
touch /var/lock/subsys/$prog
fi
echo
}

obtainpid() {
pidstr=`pgrep $prog`
pidcount=`awk -v name="$pidstr" 'BEGIN{split(name,a," "); print length(a)}'`
if [ ! -r "$pidfile" ] &&amp;amp; [ $pidcount -ge 2 ]; then
pid=`awk -v name="$pidstr" 'BEGIN{split(name,a," "); print a[1]}'`
echo $prog is already running and it was not started by the init script.
fi
}

stop() {
echo -n $"Shutting down $desc ($prog): "
if [ -r "$pidfile" ]; then
pid=`cat $pidfile`
kill -s 3 $pid
RETVAL=$?
else
RETVAL=1
fi
[ $RETVAL -eq 0 ] && success || failure
echo
if [ $RETVAL -eq 0 ]; then
rm -f /var/lock/subsys/$prog
rm -f $pidfile
fi
return $RETVAL
}

restart() {
stop
start
}

forcestop() {
echo -n $"Shutting down $desc ($prog): "

kill -s 3 $pid
RETVAL=$?
[ $RETVAL -eq 0 ] && success || failure
echo
if [ $RETVAL -eq 0 ]; then
rm -f /var/lock/subsys/$prog
rm -f $pidfile
fi

return $RETVAL
}

status() {
if [ -r "$pidfile" ]; then
pid=`cat $pidfile`
fi
if [ $pid ]; then
echo "$prog (pid $pid) is running..."
else
echo "$prog is stopped"
fi
}

obtainpid

case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
RETVAL=$?
;;
condrestart)
[ -e /var/lock/subsys/$prog ] && restart
RETVAL=$?
;;
status)
status
;;
forcestop)
forcestop
;;
*)
echo $"Usage: $0 {start|stop|forcestop|restart|condrestart|status}"
RETVAL=1
esac

exit $RETVAL