Monday Aug 31, 2009

Epson NX - A cheap refurbed printer

I went out shopping at Fry's last Friday and just on a whim, saw they had a diminishing stack of refurbished Epson NX400 inkjet Multi-Function copier, scanner, printers. Price was right. Just $45. So I bought one. Heck, the stack of 4 black, cyan,magenta, yellow cartridges alone was worth about that much. So it was definitely a good deal. Like buying the cartridges and getting a free printer!

I waited until Saturday evening to unpack and install. I used to dread hooking up printers because it'd be a lot of trial and error to get it working. But if folks have noticed since SNV build 90 or so, the printing has been greatly simplified by the support of CUPS option. Solaris LP is still standard on the system, but it's very easy to change. Simply, use the print-service -s cups command to switch over from regular LP to CUPS (see the man page for more info).

The reason why I bought it was due to clogged heads on my older Epsons, and try as I might with the Windex spray into the heads and soak over night (folks may want to do some web search on ammonia-based cleaning and declogging procedures), the black printing head was clogged beyond repair. I did get the colour printing going, but after many dark stains on my fingers, I gave up.

And the reason for my clogged inkjet heads was due to lack of use. Ever since my wife discovered 14 cents/picture Costco Photo Center then found out she can pick up in at most an hour (sometimes in 30 minutes!), she'd rather just print it there. So I don't need to print colour copies often at home, and if colour inkjet printers don't get used often, ink can dry on the heads and clog them up. Some printers are designed so the cartridges contain a fresh head, like the HP inkjet printers. However, this tends to add cost to each cartridge, but has the advantage that each cartridge comes with a new print-head. Needless to say, I placed my bets on lower cost cartridges.

Still, I have to print with a colour printer every Fall, and that's because my kids go back to school. Our school has an annual request for emergency rations and updated emergency contact information, which includes a couple of colour photos of each child that can be used in case of an emergency for identification by law enforcement or school staff.

So what was great about the NX400 was that it has USB and PictBridge. It allows me to directly print from the camera. It also has a small 2 inch or so colour LCD display. And the reason I bought it was because if I couldn't get Solaris to recognize it, at lease, with direct printing from a camera or USB, I could copy my picture onto some flash memory and use my camera as the printer driver. But deep down, I was hoping for CUPS to recognize it.

Upon plugging it in the first time, Solaris CUPS responded and loaded the driver for Epson Stylus CX8400. I brought up my browser and put in the URL for http://localhost:631/ and then tried to use the browser links to have CUPS print a test page. But after shooting out 5 pages of blanks, then marking the top of the next 20 pages with a couple of characters each, the NX400 was definitely not happy. So I managed to dequeue the remainder of the print job, and shut down the printer and restart it to clear the job. I guessed this would happen and it did so nothing was new. But I decided to make a concerted effort to try each printer type under Epson listed in CUPS and see if those drivers would work. One by one, I tried for about an hour, working backwards from the bottom of the list. I finally tried the Gimp-print driver for the Epson CX3100, and to my great surprise, the test page printed beautifully. I couldn't believe it, and setup a remote system to network print using this printer. On the remote side, I configured it to issue out generic Postscript. And it too printed out over the network! Fantastic.

Fig. 1. Epson NX200 multi-function printer/scanner/copier

So I went back to Fry's Sunday and found they were out of stock. There, I notice another Epson printer, the NX200, which looks almost the same in size, design, shape, and even multi-function scanner/copier features, except for no colour LCD display. Instead, it has push buttons. But this too, offers PictBridge and USB/SD card direct printing from my camera. When I asked the sales clerk if he had any NX200 units in the back, he said, "No." However he explained the Palo Alto store had 14 in stock. But what was amazing was the $29.99 price tag. A truly excellent deal considering the print cartridges are worth more than that.

I rushed to the Palo Alto store and on a hunch, picked up another printer, the NX200. Rushing home, I unpacked it, and it was indeed identical, using the same cartridges, and had the same chassis and only varied by the display and button interface. Plugging it in, and configuring CUPS, indeed, it uses the same Stylus CX3100 Gimp-print driver and prints well under Solaris. I went back to the Palo Alto store in the evening to check if there were more, and picked up 3 NX200s, no limit, at $29.99 each. I figured my parents, in-laws, and other friends might need a printer as a gift.

In printing out colour pictures, I found the PictBridge from my DigCam to printer to work great. Colours were vivid and accurate and no PC needed. However, printing from GIMP on Solaris, simple line art prints beautifully and fast. But photo-printing is too light in 360 DPI as well as 720x360DPI, but too dark using 720x720 DPI and finer. I tried playing around with GIMP brightness and contrast and colour saturation. I managed to get the 720x360DPI mode to print acceptable albeit somewhat grainy pictures, and in doing so, I also accomplished what I originally set out to do - to print my kids ID photo collage and age/height/wt info on the picture for their start-of-school-year emergency packet.

Tuesday Jun 02, 2009

JavaOne/CommunityONne OpenSolaris 2009-06 Install

I'm blogging from the OpenSolaris install booth at CommunityOne/Javaone 2009 at Moscone Center, San Francisco. This must be the 10th show I've actively participated in. Prior years, I was a Java guy setting up talks, doing BOFs and sessions of my own or with a team, but in recently years, since moving over the C-side of Solaris drivers, that hasn't been the case. And in a way, it was a protest against policy on giving away bags to the Sun speakers, which I have a great collection of in the early years. LOL!

Of course, from an internal standpoint, my colleagues and I in the driver team always have a lot of fun doing bring up of systems on earlier versions of OpenSolaris. Some versions die horrible deaths and take hardware with it. But as part of the Instal-Booth staff at the show, I gave a final test run of the bits yesterday, and after a little bit of fiddling last night, I've now got 3 laptops installed with the June 2009 bits of OpenSolaris. BTW, we announced them yesterday.

Overall, the experience was pretty good. I've really gotten fond of USB-stick install, and so I carry around at least a few 1GB sticks. The image is about 800MB on the USB stick. The CD image is just under 700 MB. The USB stick seems to average just 18 minutes on my dual core laptop, and over 31 minutes from a USB CDROM drive. Most of the folks have some trepidation about install because currently, we're not bundling a partition utility. But colleague Mark Logan recently checked GNU parted ported to Solaris into the build tree, so it should be coming soon, at least on Nevada. It may take a bit of time to appear on formal install media, but what that means hopefully is that folks will be able to boot the runnable image, then upload via USB bits as a separate wad of stuff, and then unpack and run it. It includes NTFS support and I've gotten it to work on most disks and laptops and systems for dual-boot.

But just in case we have issues with some disks and VTOCs that don't quite follow a standard, I carry a Knoppix 6.0.1 bootable USB jumpdrive which seems to deal with partitioning a little bit better than Solaris due to a broader support for standard and non-standard VTOCs disks. Speaking of disks and VTOCs, some of the really cheap 2GB and 4GB USB sticks don't seem to follow VTOC standards either and while those sticks are flashable and bootable for OpenSolaris, for some reason, we can't install from them due to a particular read and mount issue. Most higher-end Sandisk USB sticks have worked great, and the higher quality sticks usually have been great. But the low-end 2GB+ ones have been problematic.

Armed with the right tools, OpenSolaris 2009-06, at least for me, installed fine, didn't kill my Windows slice, and most everything works. HD Audio, graphics, networking. I was even surprised when my Realtek USB wifi came up automatically with NWAM. That's impressive. Even my webcam works on both the Acer which has a built-in unit, and my el-cheapo A4Tech 720MJ $25 usb cam.

community one webcam image

Above is a picture of a developer session I sat in at Community One while playing with my webcam. I was video conferencing with another colleague via The A4Tech camera is fairly inexpensive but follows the USB Video Class standard and works fine with Solaris. It's been problematic in the past with OpenSolaris finding a cheap USB Video Class webcam because of cost. It seems like a lot of vendors either claim support but don't quite follow the standard, or use one of two other protocols. But with Microsoft demanding vendors to follow the USB VC standard for 2009 and later cams to have Vista certification, hopefully, more cheaper cameras will arrive on the market for under $25. I will testify that the on-board webcams for many netbooks and laptops, like the Toshiba M10 and R600 and for the Acer 8.9 and 10 inch netbooks, the Toshiba NB200 network, etc. all seem to have working USB webcams that run fine with OpenSolaris. One thing with the software on GNOME is that it's still a bit fresh and so the streaming images have streaks. I haven't looked at the source yet, but it may be that double buffering or lack there of is leading to streaking, or maybe some USB interrupt architecture that unnecessarily impacts streaming video is causing streaking on OpenSolaris. But the picture is still very usable.

Signing off for now. More conference to attend.

I did find out the latest Mozilla Firefox has some better security, but I used to set my forms to prefill name and email address for me, but those settings are lost. I have to figure that out

Wednesday Apr 01, 2009

Acer Aspire One AOA-150 Netbook Dual Boot with Solaris

I'm certain that with the plethora of April Fools postings, that it may be hard to write a serious how-to document on dual boot installation on the Acer Aspire One netbook. But I just picked up one last night from Fry's Electronics for just $299, new, and I've managed to get it to dual boot with Solaris withOUT blowing away the WinXP that comes pre-installed. My bro-in-law, who just picked up one of the last few from his local Costco for the same price was looking for online docs about how to do this, but there were few details, and thought he'd either come over to my place and have me do it, or read my blog for instructions.

Acer Aspire One 150 - Need the 8.9 inch Model

There were a few reasons why I went out and bought the Acer AOA-150. This is the model offered last year with 8.9 inch LCD, an Intel Atom 1.6GHz/120GB HD/1GB RAM platform. Around Christmas 2008, it was in stores for around $349, and just a few months later, it's now $299 for the same system, only with 160GB HD. There's also an Acer AOA-110 model which has an 8GB or 16GB SSD (Solid State Drive) which comes with a Linpus/Linux distro that supposedly runs well, but firstly, I'm not a big fan yet of SSD. Most of the low-end stuff is either way too slow on sustained I/O and/or way too unreliable. There's a lot of hype about SSD and auto-leveling. But that's the theory. How manufactures make SSD (at least the cheap ones for these devices) and how it deals with swapping and partitioning while auto-leveling, well, that, for me, it's not there yet, no matter how many senior article writers, analysts and Marketing pundits say so. Except for the best and most expensive flash with the best performing auto-leveling algorithms and error checking, most the flash aren't very fast or very reliable yet. And they're too darn small to dual boot and have any real working space anyway. So disk capacity was pretty important, and with these models having 160GB of hard disk, that was plenty.

Another reason for chosing the AOA-150 was Solaris compatibility. I've been hanging out at various Costcos and Fry's Electronics stores and playing with netbooks and opening up the Windows->Control Panel-> System->Hardware Devices panels. For the stores that haven't locked out that feature, it's provided me valuable info on what chips the makers are actually using inside. Of course, this is no guarantee Solaris will work until you get home and actually try it, but it gives me more confidence that Solaris will actually boot up and connect to the network if it's a device that's been reported on Sun's Big Admin HCL or by other users elsewhere online. Note that makers in this volume space often rev a system with different components without changing the model number, so you really need to check and have a store that will honour its return policy.

The 8.9 inch LCD Aspire seems to have most chips on my compatibility checklist. My main concerns are bootability, graphics, ethernet, WiFi and Audio. I would like to get the onboard camera working, but that's for later hacking. Maybe someone already got it working under Solaris and I just need to find it. For the most part, both AOA-110 and AOA-150 have a Realtek 8101E/8102E fast ethernet networking port. That's supported by the latest Solaris rge(7D) driver. The WiFi is Atheros AR5007E/AR5008E a.k.a AR242X-type of PCI-express adapter onboard, and that should be supported by the recent ath(7D) driver. Graphics is Intel onboard 945GMA Integrated graphics which works with our Xorg fairly well. And finally, the audio controller is standard Intel HD Audio spec compliant with what looks like a Realtek ALC HD Audio Codec. The latest SXCE audiohd(7D) driver has a parser that should be able to discover the codec capabilities and activate the sound properly.

Acer AOA-150 Blue

Note that Acer is now shipping a newer, 10.1 inch LCD model (AOD-150) which has the same resolution (1024x600) but bigger pixels. It's selling for $349 and I do notice more folks looking at it and not squinting as much, but the hard wired ethernet is now Atheros-based and probably an adaptation of the Attansic NIC which they acquired a year or two ago. There are opensourced BSD drivers for the Attansic NIC and I think even Murayama's Solaris Driver collection may have a sample Attansic driver, but I haven't tried it yet, and didn't want to risk it. Plus, it's $50 more. Maybe when it gets cheaper, like in a few months, I'll splurge and get another netbook and test the driver.

Steps for Dual Booting

As with most PCs, to dual boot a pre-installed WinXP/Vista box, requires the following steps:

  1. Resize the existing WinXP (either FAT32 or NTFS) disk partition to make room for Solaris.
  2. Create a Solaris2 type partition sufficient for your needs.
  3. Install the Solaris on the slice, and GRUB for the boot-loader

Assuming all goes as planned, the GRUB install finds all the other bootable slices and enumerates those too. The challenge with the Acer Netbook is doing any of those tasks without an Optical drive. Typically, it's not possible to resize the boot disk, so we try to boot from optical drive and then resize. Similarly, installing onto the boot device isn't possible either.

For the Acer, we can boot USB, and that means if you have an external USB DVD drive, then it's possible to install via CD and DVD media. There is another option and that's to install via USB flash drive. Opensolaris is about 700MB in base size and is a bootable CD-image. It can be converted to USB flash boot image by using the Mercurial tools. This can fit on just about any single 1GB USB flash drive which you can buy at Fry's or online for around $6 each. I recommend buying 2 of these as the extra one will come in handy for resizing the partition.

1. Resize the WinXP NTFS slice

Before partitioning WinXP NTFS, I highly recommend running the Windows disk defragment utility. It's in the Accessories under System Tools I think. This will compact most files into a contiguous near the front end of the cylinders on that slice and save a lot of time or anxiety over having the partitioning utility doing it on the fly. De-Fragging can take hours if you've put a lot of files onto the disk.

There are commercial packages like System/Partition Commander and Partition Magic that can do this. You'll need to source a USB external optical drive. I found the close-out XBOX360 HD-DVD USB player attachment device for $40 at Fry's Electronics. It plays both DVDs and HD-DVDs for XBOX360, but fronts as vanilla DVD/HD-DVD USB drive for any PC system. That's one option. If you neither want to buy an extra external optical drive, nor spend money on software, then you can try the Knoppix Rescue 5.1.1 or later and the QTParted utility that ships with the distro. Knoppix is a Debian Linux variant used widely for rescue disks. It's downloadable off many mirror sites on the Internet, and there is a free Windows executable that takes the ISO image and will flash a bootable USB stick with it. Since Knoppix 5.1.x is about 700MB, you'll need an extra 1 GB flash stick or larger. Since the Acer comes with WinXP already, it's easy enough to follow these Knoppix USB install instructions to create the bootable USB stick on the Acer itself. This takes about 10 minutes plus time to download the ISO image. Once the Knoppix USB stick has been created, reboot the Acer and hit 'F12' to select the USB stick as the boot device and proceed. Hit return on the first prompt for line/scan rate and when the GUI comes up, either open a terminal and run:

   $ su - root
   # qtparted

or follow the KDE menu and open the QTParted w/ root exec privileges (usually there are two QTParted entries in the KDE menu - the first on top is the one to click). This should bring up lots of slices. Scroll down until you see a number of sdaX entries. Select the first and this should show the internal disk drive. It should have a 6GB slice up front that is FAT32 and the remaining 150GB is formatted NTFS. Using the GUI and mouse, drag the tail of the second slice (NTFS) to reduce the size. To actually resize, you need to go to the main menu for the QTParted and select "commit." I have a new Acer that hasn't really been used. Its disk was negligibly fragmented and I didn't put any files onto it. So defrag'ging and resizing only took a few minutes. I ended up allocating around 40GB for XP and the remaining 110GB for Solaris.

2. Create a Solaris2 Partition

My older Knoppix 5.1.1 rescue image didn't know about Solaris type partitions. I haven't checked if the newer ones recognize it yet. But typically, Linux fdisk utilities have often confused Solaris partition types with Linux Swap types. The Solaris fdisk utility understands Solaris partition types, and supports Solaris2 types which are distinct and not confused with Linux Swap. Since I was planning to install OpenSolaris or SXCE onto the Acer, and fdisk is bundled, I decided to take a second USB flash drive and put OpenSolaris 2009-06 b110 on it. Since a lot of driver development has resulted in fixes since 2008-11, I recommend trying out a candidate 2009-06 build of OpenSolaris. Currently, that's b110 and the USB flash image is available a To actually copy the image to USB stick and make it bootable, you will need the usbcopy utility. This is downloadable via Mercurial tools repository and assumes you have hg(1) on your system, which seems to been in solaris Nevada for quite some time now. If you don't have those tools, please read Dave Miner's blog on OpenSolaris on USB sticks and get the tools to simplify making bootable USB sticks.

With OpenSolaris flashed onto a bootable USB stick, simply reboot the Acer with the USB stick inserted, and hit 'F12' to select the boot device, and boot the first entry. There may be a problem with the SD card reader driver - sdhost(7D) - which may cause the kernel to lock up later. There is a supposed fix for that and Dave Clack talks about it and has links to software on his blog. Save this for later. For now, we need simply need to edit GRUB when the USB stick boots, and hit 'e' twice and edit the kernel line to append a -B disable-sdhost=true and hit return, then 'b' to boot with that added parameter. This disables the sdhost driver.

After a minute, OpenSolaris will come up into a default "jack" session. I open a terminal window and run:

   $ pfexec bash
   # fdisk /dev/rdsk/c8d0p0

and then I follow the help (?) menus to create a new fdisk partition of SOLARIS2 type. Your device may vary if you use a USB DVD drive. The raw disk could have designation c1d0p0. Another way to find out is to run the format(1M) command. It will print out a list of available disks. When you've identified the target disk, hit Ctrl-C or type quit out of the format utility, and then run fdisk on the /dev/rdsk/[device] where [device] is the available disk selection you found for your Acer, (e.g. c8d0) with a p0 appended (e.g. c8d0p0). This can still be complicated for some, so Clay Baenziger has a Kshell script that provides an easy resize capability. I haven't tried it yet, but looking at the script, it looks like it does what I described manually. I like the manual way because I've had some issues with fdisk(1M) occasionally not setting the correct start cylinder so it clobbers the partition map with overlapping slices and that can lead to loss of data. So I just like to verify things manually before committing. I divided up my disk and preserved the 6GB Acer slice (actually a FAT32 diagnostic WinXP partition with recovery media on that slice (don't blow it away! - contains recovery media!), allowed WinXP about 40GB, and the remaining 107GB, I used for Solaris.

Install the Solaris

Both OpenSolaris 2009-06 b110 and Nevada SXCE b111 have networking and WiFi and Audio all taken care of. I've tried installing both and ended up sticking with Nevada SXCE because I had a USB DVD drive because I was at the end of a slow network connection at home and didn't want to eat bandwidth download latest and greatest packages through a remote repository. But if you don't want to download a huge wad of developer tools, and have the bootable OpenSolaris USB flash drive, I'd say that's a quick way to get Solaris up and installed.

Note on the Solaris SXCE b111 install, you should choose option 4 Console Text install if having issues with Default option 1 interactive Graphical install.

When the install is done, GRUB boot-loader gets written to the disk and it seems to find not only Solaris, but the WinXP partition as well as the diagnostic partition, which are all bootable. If things went well, hopefully, you've preserved your WinXP and diag slices and now have a dual boot Acer.

Acer with Open
Solaris Logo

One last finishing touch of course is to put the sticker on it!

Tuesday Feb 10, 2009

Hacking nevada audiohd parser for S10 update 6

I received a phone call from a partner asking about running a demo on a new workstation/desktop platform at a tradeshow soon. He needed to get audio working on a number of systems to play simple clips, maybe some online YouTube stuff. He knew the Solaris audiohd driver was working great in latest Nevada SXCE but he hasn't been able to get the same support for audiohd drive on Solaris 10 update releases.

Just last week, a colleague mentioned the same problem on a new hardware platform also going through bring up with Solaris 10 update. So I got around to finally trying to back-port the latest audiohd codec parser to S10 from the Nevada source. Luckily the work was trivial. I just needed to remove a single function symbol in a struct and comment out a couple other lines for audiohd_quiesce() and rebuild on S10. The code needs to compile using Sun studio compilers 11 or later or a full complement of GCC compiler tools with C99 support. On solaris 10, just 15 minutes and I have audiohd working with a number of new platforms. The codec capabilities parser is sure great.

I don't know if there are plans in place to back-port the parser formally to S10 update. Audio is still considered a secondary function, and likely, that's the priority where it'll remain. But I know for users like myself, audio is clearly a top priority to get working on any solaris system. Plus, I've been getting re-acquainted with all that 80's synth band music which I hadn't heard in a while, like Depeche Mode, Electronic, and New Order. I just bought the best-of collections for all 3 bands and listen to them on my test S10 lab boxes. Kinda cool and nostalgic at the same time.

I've put together a src tar-ball and uploaded it to Hopefully, some folks can get some use out of it if they plan to stick with S10 update only.

Friday Sep 19, 2008

Solaris running on Intel Atom D945GCLF mini ITX

Mini ITX low-power systems just keep getting better

Ever since Intel introduced their Little Valley and Little Valley 2 systems into the low-power, mini-ITX consumer space, they've been a hit. Both from the power savings standpoint, and from the price-performance view. During this summer, they introduced a new board, the Little Falls, or the D945GCLF, which has a new 1.6GHz hyperthreaded 64-bit processor, and Intel ICH7 chipset with GMA 950 integrated graphics. The cost of this board on popular retail web sites have ranged from $65 - $79 for this board - an awesome price. Solaris Community Edition does run on this board, and fairly well, although there were some quirks that need to be to overcome.

Little Falls Retail Box

Booting into 64-bit

The Intel Atom processor is supposed to be a recent 64-bit hyperthreaded core, and this is true of this system. But up through Solaris Community Edition build 98 and OpenSolaris, we find that Solaris will default boot into 32-bit. A bug in the way the Solaris version of grub boots, mistakens the CPU ID for one that cannot support 64-bit, so it switches and boots into 32-bit by default. With the help of several Atom enthusiasts inside Sun and in the community reporting, a fix for this hopefully should arrive in the next few weeks as we roll out build 99 of Solaris Community Edition and it should show up on the next OpenSolaris 2008 later next quarter. For those who can't wait, a little digging into the kernel shows no potential issues running the 64-bit kernel and so we can force grub to boot the 64-bit kernel simply by editing the /boot/grub/menu.lst file and adding an entry at the top of the list like the following:

#---------- ADDED BY BOOTADM - DO NOT EDIT ----------
title Solaris Express Community Edition snv_96 X86 64-bit explicit
findroot (rootfs0,0,a)
kernel /platform/i86pc/kernel/amd64/unix
module /platform/i86pc/amd64/boot_archive
#---------------------END BOOTADM--------------------

If this is the first entry on the grub menu.lst then the default grub boot priority should boot 64-bit going forward. If you added this as the last entry, you may need to also modify the default near the top of the menu.lst to look like:

# default menu entry to boot
default 3

Change the number '3' to the placement of your explicit 64-bit boot entry.

NIC Interface - Realtek RTL8101E/RTL8102EL

A lot of Linux mail-lists and discussion groups have all had issues with the new version of Realtek NIC that Intel decided to use for this board. And a lot of folks have asked, if Intel makes it's own NICs, like the Intel Pro/1000, why they don't simply put one of their only NICs? Or include a default MAC on the southbridge and just hook up a compatible PHY. The short answer is cost. It's cheaper for makers, even like Intel, to buy a whole MAC/PHY chipset than to bring out a chipset MAC and pay separately for a compatible PHY. That was the case here.

The main problem a lot of folks in BSD, Linux and the Solaris communities ran into however, was that this wasn't your run of the mill Realtek rtls NIC that was rtl-8100/8139 compatible. Starting with the 8101E line, the chips started to use a PCI-express lane off the south bridge and they had MAC interfaces and registers that looked a lot more like the RGE or RTL-8169 (gigabit) series of NICs, only with a fast 10/100 PHY. And while the hardware PCI registers (either lspci or prtconf or /usr/X11/bin/scanpci) all indicate that this version of NIC was RTL8101E, the smbios Intel provides with this board shows that the NIC is actually an 8102EL - a slightly modified version of the 8101E. For all intents and purposes, the chips are the same, except for Hardware Checksum support. The old initialization support for hwcksum isn't the same register, and was either removed (because it's a slow NIC) or changed. I've made contact with Realtek and after explaining the issues, their engineer knew exactly what the problem was and forwarded me a couple of pages torn out of their datasheet. Some minor changes are going to be required and until we get the go-ahead that this is okay to open source, which should be soon, we can't quite export them to the community. However, a quick workaround for HW Checksum is easily done and gets the NIC working just fine, and that is to disable the Hardware checksum for the NIC. The easiest way to do that permanently is to edit the /etc/system file and put:

set ip:dohwcksum=0

then save and exit, and reboot the system. For most Solaris community edition post build 82 or later, I think, we should have the PCI ID already listed in /etc/driver_aliases. If you run prtconf -pv and or /usr/X11/bin/scanpci and the device ID for the NIC doesn't match anything in /etc/driver_aliases, then in the section for rge devices, add an entry for the vendor/device ID following the same format and then either run reboot -- -r or run update_drv rge then devfsadm. A reboot is still required if you haven't done so after editing /etc/system to turn off hardware IP checksum.

Getting the HD Audio Working

The ICH7 chipset supports Intel HD-Audio. However, the Solaris audiohd driver may try to attach but fail to initialize the codec, which looks like a Realtek ALC662. Fortunately, there's been a project underway lead by Garrett D'Amore and the Sun China Audio team to put a parser into an OpenSolaris audiohd driver that can discover and plumb the codec capabilities automatically. It's not perfect by any means, but for the vendors that hook in the codec correctly and publish the correct node-IDs and capabilities to the controller will mostly work, which is about 70+% of most motherboards today. Try downloading the latest August 25th version and try that. I've had good success without the need to go in and hack a hard coded codec into the controller like before. Thanks much Minskey, Garrett and China Audio team!

The rest just works as normal

What's kind of cool is that the rest just seems to work, like the Intel integrated graphics, the SATA and IDE ports, and the performance isn't bad. The old Little Valley boards were SiS Mirage graphics based and the chips had a quirk that really got "snowy" under the Xorg SiS driver. The solution was to use the VESA driver instead, but that limited usage of 4:3 monitors to a maximum, I think of 1600x1200 pixels. With lots of widescreen LCDs available today, that wasn't really preferrable. The new Intel GMA950 is sharp and bright with all the screen resolutions.

I could end this with a sharp criticism on the power consumption for the Little Falls. The 1.6 Ghz Atom has a TDP of only 4Watts. But the overall board with a cheap ICH7 desktop chipset (not mobile) makes to total system power draw at the wall closer to 26 Watts idle, 41Watts peak depending on the type and efficiency of the power supply used. My box has a DC-DC converter Pico PSU 120 with brick and I use a 2.5 inch SATA hard disk, 2GB DDR2 800 and slim DVD burner. With a 3.5 inch SATA drive and a full sized DVD optical drive (spinning) the peak power draw can hit 59Watts! Admittedly, Intel have said that this board was targeting cost more than power. Other vendors produce palm tops and embedded systems with far lower total power using more expensive mobile chipsets.

Still, the board is very economical and a decent power miser. The system is also fairly quiet, although the irony of this board is the northbridge/gma graphics has a fairly noticeable heatsink and fan, while the Atom cpu has just a half-height block heat sink. At first glance, folks may think the Atom has the h/s fan. I haven't run perf comparisons, but based on boot-up times and running some multimedia apps, this feels like a faster board and CPU. Whether that's because of the faster 1.6GHz clock compared to the previous Conroe-L 1.2 GHz Celeron 220 core or it's the hyperthreading allowing fewer hiccups while multi-tasking needs verification. At just $65 though, I couldn't help myself and bought 3 of them for tinkering around.

What will Intel come up with next? Looking forward to it.

Monday Jun 02, 2008

Notes about Solaris Nevada/OpenSolaris Sendmail Configuration

About maybe a month ago, I started seeing hard drive DMA errors reported in the logs on one of my venerable servers that's been receiving most of my family's email since 1999. It originally had a whopping 15GB drive which was posh for 1999, but that drive died suddenly with a shorted out power supply unit, which prompted a self-repair of the PSU (my first attempt a soldering new high frequency switch caps into a PSU) in 2001. I swapped that out with a new 40GB Seagate ST3004xx something drive that was the rage back then. The first, I think, with the fluid dynamic bearings or something like that and ultra quiet. Fast forward to last month and the PSU is still working great but the disk drive, now on its 7th year, had started to go bad.

At first it was just a couple error messages on the console per week. But as the weeks progressed, the errors were becoming more frequent, to the point where I was seeing 23 errors in less than 30 minutes a couple weeks ago. I decided to swap out and upgrade that venerable box to new smaller, cooler, lower-power hardware. I had been dreading this task because I remembered the pains it took to configure the sendmail daemon back then. But with my final backup of email taking over 15 minutes for an incremental 6.8 MB of data, I managed to probably avert data loss by the thinnest of margins.

The new box - an older system

I'm not one to throw away perfectly good hardware, even if it is past its prime. And with hardware rev'ving every quarter, just about any box over a year old is past its prime. I decided to base my new mail server on a first generation EPIA 800 from VIA. It's a mini-ITX board with 800MHz VIA c3 cpu that chugs along and sips power. The first generation boards were shipped in quantity starting in 2002, and I picked up a couple back in 2003, so these are 5 years old. A real slow poke, but for a headless mail server box, it's perhaps perfect. It isn't like I can afford a fat OC3 pipe to my house anyway, so for normal broadband type speeds, this is perfect. Plus, at 14Watts idle, and 17Watts when small chunks of email come in, the system works just fine. I enclosed this system with a very small Morex/Cubid 2699 style case with AC adapter power supply, and included a 60 GB IDE notebook drive and slim optical DVD drive. I originally debated whether to keep the optical drive in the case because of fear that the standby power might be quite high. But as it turns out, it's only about 1Watt in standby mode. When burning, the drive can cost an extra 10 Watts. The motherboard has onboard audio, video and LAN. I have 1 GB (2 x 512MB PC133 SDRAM) in the box.

OS Install and Systems Admin

For a mail server, I went into BIOS and pretty much disabled the audio, the serial ports, and configured the system to reboot to its original power state if there is a sudden loss of power. Solaris Nevada b90 was the latest available and it installs fine on this 32-bit system, only the old Unichrome graphics isn't well supported. But for a box that is running headless, it was easy enough to avoid the SXDE installer and use the old style express installer in text console mode. After booting for the first time, I logged in and disabled cde-login:

    # svcadm disable cde-login

I then used a USB stick to transfer Murayama's vfe2.6.2a driver source code and the GLDv3 headers required to compile the driver (mac.h, mac_ethers.h, dld.h) to compile and install the network driver.

Once booted and up on the network, I quickly enable tcp_wrappers and ipfilter. A mail server is going to sit on the public internet and get probed many thousands of times per day, so it's not for the faint of heart. It really requires hardening the the network configuration. Some folks opt for a hardware firewall, but I've seen attackes against those, too that can corrupt firmware or take over the firewall box. But it's not too difficult to quickly shut things down.

TCP services can be firewalled immediately by creating a file called /etc/hosts.deny and having:

    ALL:    ALL

inside that file. And conversely, an /etc/hosts.allow file which has specific hosts and services listed. I basically open up everything to my localhost, SSH for my internal private network, and sendmail and imapd to the world.

    ALL:   localhost
    imapd: ALL
    sendmail:  ALL

To start TCPwrappers, just issue the commands:

    # inetd -M tcp_wrappers=true; svcadm refresh inetd

I also shutdown any RPC communications with TCPwrappers by using the command:

    # svccfg -s rpc/bind setprop config/enable_tcpwrappers=true; svcadm refresh rpc/bind

There should be some great articles hosted on Sun's BigAdmin website on TCPwrappers configuration that folks can use their favourite search engine and find.

To configure IP Filters, I edit the file /etc/ipf/ipf.conf and put something like:

# IP Filter rules to be loaded during startup
# See ipf(4) manpage for more information on
# IP Filter rules syntax.
# IP Filter config file - James Liu, 2005-Jan-19
# -----------------------------------------------------
# let all loopback traffic flow freely
pass in quick on lo0 all
pass out quick on lo0 all
# -----------------------------------------------------
# default rule set - block all incoming packets but let in
# certain protocols and keep state 

# Nasty short packets which are fragmented too short to be real.
block in log quick all with short

# start by blocking and logging everything on vfe0 by default
block in log on vfe0 all
block out log on vfe0 all

# block and drop network spoof packets (these are reserved) and
# any packets that should only be on loopback only for vfe0
pass in quick on vfe0 proto tcp from to any keep state
block in quick on vfe0 from to any
block in quick on vfe0 from to any
block in quick on vfe0 from to any
block in quick on vfe0 from to any
block in quick on vfe0 from to any
block in quick on vfe0 from to any
block in quick on vfe0 from to any
block in quick on vfe0 from to any

# log any attempts to route to reserved network or broadcast addrs
block in log quick on vfe0 from any to
block in log quick on vfe0 from any to

# Any tcp, udp from this interface outbound, pass out
# Any icmp from this interface outbound, pass out
pass out quick on vfe0 proto tcp/udp from to any keep state
pass out quick on vfe0 proto icmp from to any keep state
#-------------------- web service -----------------------
pass in quick on vfe0 proto tcp from any to port = 80 flags S keep state
pass in quick on vfe0 proto tcp from any to port = 443 flags S keep state
#-------------------- ssh service -----------------------
pass in quick on vfe0 proto tcp from any to port = 22 flags S keep state
#-------------------- sendmail service -----------------------
pass in quick on vfe0 proto tcp from any to port = 25 flags S keep state
pass in quick on vfe0 proto tcp from any to port = 587 flags S keep state
#-------------------- secure imaps service -----------------------
pass in quick on vfe0 proto tcp from any to port = 993 flags S keep state

Basically, you'll need to change IP addresses for your network. But as you can see, I open up HTTP and HTTPS ports on 80 and 443 just in case I want to run some web-email-proxy software like Squirrel Mail so folks can get their email via a web browser, like Yahoo! or GMail. I run Apache and it's a standalone server process not using TCPwrappers, but the SSHd daemon and sendmail are compiled to use libwrap, so hence we have entries for them in the /etc/hosts.allow file. I need to be able to SSH to the box to manage it so I open up port 22. Sendmail and sendmail's mail submission program listen on ports 25 (smtp) and 587 (submission) respectively. The port 587 was specified because many ISPs block port 25 traffic inside their DHCP networks to reduce spam. The switchs and routers only permit SMTP traffic to their own mail servers where they have control of who's routing the email to whom. Port 587 is configurable and allows folks to workaround the port 25 blockage and route email outside to a different SMTP server the user knows is available. Lastly, since I run secure IMAP with SSL, I open up port 993 which is the default for most imaps clients.

Once the network is relatively secured, I streamline the server by removing or moving out most of the legacy services in /etc/rc3.d and /etc/rc2.d. I also disabled a lot more services like webconsole, wbem, smserver, some of the rpc/cde stuff, the font/fc-cache, basicreg, ndp, installupdates, print/ppd-xxx, autofs, uucp, and stuff that a mail server isn't going to need.

Sendmail Server Configuration

The default distribution of Nevada or OpenSolaris has a fairly vanilla configuration that's basically the same as Berkeley Sendmail. It supports almost all of the features you'd find in 8.14.2 and if you telnet localhost 25 on the box, that's what the HELO/EHLO ESTMP reponse comes back with. But what's missing still are some default configurations that allow a user to take OpenSolaris and start up a real, external facing mail server. But if you've done this before on another box, even a Linux box, you can usually take the (m4 macro file) and move it over, and if the configuration is for a relatively recent version of sendmail, it should just compile and generate a working

Nevada and OpenSolaris keep the sendmail cf/mc files in /usr/lib/mail/cf. There's a handy Makefile inside that directory that can help you create a custom easily. I have a standing .mc file from a few years back that seems to work okay. I leverage some of the Berkeley anti-spam features as well as setup a mail relay based on a limited number of known hosts. My mail server has to host a number of email domains, so I need to provide features to receive email for multiple domains, for virtual users, and to control access. My .mc file looks like the one below, and is really a mish-mash of stuff I cut/paste from looking at other sendmail configs:

VERSIONID(`@(#)    1.00 (Potsticker Guru) 2008/05/30')
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confSMTP_LOGIN_MSG',`$j Sendmail $v/$Z; $b; C=US ST=CA - NO UCE WANTED - NO UBE WANTED - NO SPAM WANTED')dnl
FEATURE(`dnsbl',`',`"550 Rejected because " $&{client_addr} " was blacklisted.  Please see"',`t')dnl
FEATURE(`dnsbl',`',`"550 Rejected because " $&{client_addr} " was blacklisted.  Please see"',`t')dnl


Note the use of DNS Blacklisting which relies on SORBS and SPAMHaus. These services are free to small/low-volume users, like my home system and they save a HUGE amount of spam. Without them, I would get about 2000+ spam emails per day, and probably just 10 legit emails. To generate the .cf file, I simply cd into /usr/lib/mail/cf/ and run:

    # make

The Makefile searches for a corresponding .mc file with the same prefix name and generates the .cf file. I then copy it over to /etc/mail and replace the regular with mine.

By default, the sendmail daemon in Solaris Nevada, since quite a few years ago, only allowed the MTA to connect to localhost. We want to open it up and so we need to configure Sendmail's SMF setting using:

    # svccfg -s sendmail setprop config/local_only=false

To activate the sendmail daemon for wide area network access, this particular configuration isn't like other SMF services. Restarting, or svcadm disable/enable, or even rebooting doesn't pick up the new configuration. You MUST run:

    # svcadm refresh sendmail; svcadm restart sendmail

I'm not sure why, but that seems to do the trick.

We're almost done, but not quite. The sendmail daemon requires that a bunch of files and binary database versions of those files exist in /etc/mail. With the above .mc configuration file, the daemon will expect to see:


The access, aliases, domaintable, mailertable and virtusertable .db files are all binary compiled from text files with name-value pairs of descriptors. The names of the files are /etc/mail/access, /etc/mail/aliases, /etc/mail/mailertable, /etc/mail/domaintable, /etc/mail/virtusertable and after hashing them into a binary format, each file is appended with the suffix ".db". You can learn more about the formats by going to and reading up on documentation. One is for access control, one is to define mail aliases, mail group aliases, one is to define domain translation rules, one is to define mail address rewriting rules, and the last is to define virtual user email addresses. Some features overlap like the virtusertable and the aliases file. To create the databases, I create text files without the .db suffix corresponding to each .db file. I have a lot of entries in access.db for anti-spam, and I manage quite a few aliases and virtual users. My local-host-names are many as well, one for each domain I host. But domaintable and mailertable are pretty much left null. But I found that I need them present because sendmail is checking for their presence to verify legitimacy of inbound emails destined for virtual users listed in the virtusertable for some reason. I don't understand why, but the email address translation directives in virtusertable are ignored when the inbound email address differs in final domainname of the recipient that is mapped in the virtusertable - but only when mailertable and domaintable .db files are NOT present. Sounds like I need to file a bug against the Berkeley sendmail daemon. Maybe later. But for now, just having them there, even empty files gets makes the virtusertable work, so I keep it there.

To generate the .db files, I created a simple Makefile, shamelessly copied from an old Linux distribution. Basically, it looks like:

    all:  virtusertable.db access.db domaintable.db mailertable.db

    %.db : %
        @makemap hash $@ < $<

        rm -f \*.db \*~

Put the Makefile into /etc/mail and run it each time you modify any of the above files. The aliases.db is created when the "newaliases" command is run, which is just a call sym-linked to the sendmail binary. Now you can svcadm restart sendmail and you should be able to have a working mail server.

Clearly, there are no guarantees that this will work for you. You need to make sure your mail server is properly configured as a DNS client on the network (i.e. it points to the right DNS and you've config'd /etc/nsswitch.conf and /etc/resolv.conf) is properly configured for your mail server and you have the right DNS MX records entries provided and hosted by your DNS registration provider.

If you've done everything right, you should be able to go to a free mail provider (e.g. Yahoo! or GMail) and send yourself some email. You should be able to watch the mail logs as the email comes in at /var/log/syslog. And if you do a ps -ef | grep sendmail, you should clearly see that the sendmail -bd -q15 has no trailing -C anymore.

If you plan to read/access your server through IMAP and or SquirrelMail, you can do an internet search for those packages and install them. may have all the packages pre-compiled for you as well. You may need to follow the directions also to generate PEM certificates for your IMAP server so it can run SSL. The command I use to create a self-signed PEM certificate is

# /usr/sfw/bin/openssl req -new -x509 -nodes -out imapd.pem -keyout imapd.pem -days 3650

This cert must be put at the destination: /usr/local/ssl/certs/imapd.pem.

One funny thing I encountered in IMAP server 2006e with SSL is that it claims that it doesn't work correctly with TCP wrappers on most UNIX/Linux distros. But I like running IMAP from the inetd because it kicks off the imapd server only when needed and is not present otherwise. So I had to attempt to see if it still worked, despite the warning. It's not so straightforward like the old days to configure the inetd daemon by editing the /etc/inetd.conf and restarting by pkill -HUP inetd. But I was able to everything working. First, I edited /etc/services and added 993 as a service port for imaps, then I added this line to the /etc/inetd.conf (legacy file - only active line):

imaps   stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/local/sbin/imapd

and then ran the inetconv(1M) command which then puts this service into SMF and under the inetd process. A restart of the inetd daemon and everything just worked.

Wednesday Apr 09, 2008

Solaris on $50 ECS 945GCT-M Combo Special

An Awesome Combo If It's On Sale

A few months back, I saw a Fry's sale on a Motherboard/CPU combo that listed the ECS 945GCT-M motherboard with Celeron 430 retail processor for $59.99, limit 1 per person. I thought it was an awesome buy and so at lunch time, 2 of my colleagues and I headed out to Fry's and I convinced them to each purchase one and so I had 3 combos sitting in my office. The next week, the same ad appeared in the San Jose Mercury News, but this time the price on the combo was $49.99, so I couldn't help myself and my 2 buddies and I headed over again, and I got another 3 boards. Not only do the motherboards provide Intel ICH7 chipsets with LGA775 sockets and support Core2-Duo processors, the ad on the 2nd week, offered version 3 of the motherboard which have 1333 MHz Front Side Buses.

The Celeron 430 is also a great price/performer. At 35 Watts average TDP, it's got a Conroe-L based core and supports 64-bit processing. Plus at 1.8GHz, it's fairly speedy. The way I guage roughly how fast the system is going to behave is to watch the first bootup after a Solaris install, when the SMF plumbs the first 191 services. And in less time than I can walk over to the frige and grab a cold beverage, the system is at the login prompt.

All Devices Almost Hunky-Dory

We've been running Solaris Nevada on this since build 79 or so. At that time, the onboard Realtek 8101E NIC didn't work properly. And the HD audio codec wasn't recognized. But the onboard Intel 945GZ integrated graphics controller works just fine with Xorg. Plus the SATA and IDE ports work as expected. And the board offers 2 PCI-express x1 lane slots and a single PCI-express x16 slot. Gen1 of course. But what would you expect for $50 - including the CPU!

Recently, I installed Nevada b86 on the system. And behold, the Realtek 8101E NIC is now supported. Surprisingly, it's not supported under the Solaris rtls driver, even though this is a Fast Ethernet (10/100 Mbps) port. Instead, it's supported under the rge driver, which has traditionally supported the Realtek 8169 Gigabit PCI device. Thanks to Miles Xu in Beijing for notifying me about this. This new Realtek 8101E is connected off the PCI-express bus, and register-wise, looking at the BSD source code, it looks much more like the 8169 NIC than the older 8139-series.

At first, I suffered some hardware difficulties with one of these ECS motherboards I had loaned out to some colleagues, and so the NIC would not work properly. But with 5 spares, I was easily able to replace it and try it again. I'm not sure what caused the failure, but secretly, we're using this as test systems for PCI-express HBAs and GigE NICs during development. The thinking is that if it will run on a dirt cheap system, it should have fewer issues running on a premium box.

Adding HD Audio Support to the Solaris audiohd Driver

The only device not yet supported was the audio codec. The Solaris audiohd driver attempts to attach() but fails when it encounters the codec. I decided to see if I could hack support into the driver by simply adding the PCI vendor/devID into the driver. The first step is to identify the codec. The easiest way on Solaris is to simply run:

  # dmesg | grep audiohd 

You should see some error message such like:

  Apr 8 18:02:14 gyoza audiosup: [ID 579887 kern.warning] WARNING: audiohd0: uns
upported HD codec vid=0x83847682, sid=0x00000000, rev=0x0010360

This tells us that the codec vendor (0x8384) is SigmaTel, and the DevID=0x7682, according to a web search, seems to indicate this is a type of STAC92XX type of codec.

Source and header files for the Solaris audiohd driver can be found at You need to download the ./usr/src/uts/common/io/audio/sada/drv/audiohd/audiohd.c as well as most of the headers in ./usr/src/uts/common/sys/audio/ and ./usr/src/uts/common/sys/audio/impl/. You will need to structure your headers into a directory relative to the audiohd.c such as ./include/sys/audio/ and use a CFLAG during compile like -I./include/sys/audio . I put an audiohd tarball together which you can click and download which should make life easier without having to download the whole kernel and build it to just get this driver.

After identifying the codec, I edited the ./include/sys/audio/impl/audiohd_impl.h header file (in the ./include/sys/ subdirectory of the tarball linked above) and added an entry for the new codec. For example, I found the entry like this for the SigmaTel STAC9200 codec:

   #define AUDIOHD_VID_STAC9200    0x83847690 

On my ECS945GCT-M system, have an 0x83847682 device which the web indicated was a type of STAC92xx codec and so I added a new define like:

  # define AUDIOHD_VID_STAC9200X   0x83847682 

and then editing the audiohd.c file and everywhere I found STAC9200, I added a similar line for STAC9200X, then ran:

  # make; make install

I ended up with an i386/audiohd and amd64/audiohd (32- and 64-bit) driver binaries which work.

To update and test the driver, I did the following:

  # update_drv audiohd
  # modload ./amd64/audiohd
  # devfsadm

After looking inside the /dev/ filesystem and seeing if ./audio and ./audioctl were created:

  # ls /dev/au\* 

I was able to play a few audio clips from /usr/demo/SOUND/sounds/.

When I get a non-working audio driver working, often the the Gnome desktop audio icon is still appear blanked out. The easiest way to cure this is to logout, and then login again without rebooting.

There are plans underway to improve audiohd and maybe integrate that with more popular audio technologies in the future. So hopefully, I won't need to do this every time. But it's not too hard or too big of a hassle since the Solaris source code is out there and easily available. And it was worth the small effort since I now have an excellent value system that plays video and music just fine.

Thursday Mar 27, 2008

OpenSolaris Community Innovation Awards Program

What? A chance to win big bucks

No, not some silly hunt big whitetail deer like you'd see on Outdoor Channel, but serious Moula - aka beaucoup deneiro - for slinging some code the runs on Solaris. It's the OpenSolaris Community Innovation Awards Contest.

I got sucked in by Jesse, Jim, Teresa, and Alta into this community advocacy project a few weeks back. Alta was the real culprit, though. She's reviewing this device driver white paper (part 1 of 3) that's going on Sun's BigAdmin someday soon, and then suddenly, with 80% of the HTML formatted she said there was this big pot of money and Sun was giving away $1Million. Now, if you're in the EU, or any other foreign country, you're probably yawning and mumbling..."WTF... no biggee, what's a $1Million USD worth these days anyway..."

But to make a long story short... Alta hinted this was a big project... aka...double speak meaning that she's probably holding my whitepaper hostage until we deploy. So I got interested and checked in on the conf call and got pulled into helping drive this contest; anything to speed this up, so eventually she'll get around to finishing the review and edits and putting it up on the web.

In short, the contest is only 1 part in 6 smaller contests. Each part, whether OpenSolaris, NetBeans, OpenOffice, or HPC, or Java, gets around $175K. Added together it's over $1M USD. Each group consults its own community and makes up the rules. Sun insists only primarily on contestants being individuals or teams of individuals (not companies) and that everyone signs the Sun's Contributor Agreement which binds all contributions to the CDDL open source licensing. Beyond that, each group makes up their own schemes for judging and payout. Sun's legal kicks in resources just to make sure the rules are legal and can be fulfilled in all the participating countries that are eligible.

For OpenSolaris, the Contest is seeking code and non-code entries that run on OpenSolaris, play on OpenSolaris, that advocate and help others use OpenSolaris... just about anything that's goodness earth-mother-apple-pie kinda stuff related to OpenSolaris. The prizes aren't bad. The team decided to break things up. $100K for the contest and $75K for undergrad university research. For the contest, top prize is around $30K I think, with 3 x $15K second level prizes, and 25 x $1K prizes. Which means if anyone is one of 29 contestants that actually submit anything, they could win some money. On the University Grant side, (which is opening soon), the prizes are anywhere from $1K - $5K and designed to fund a small research project or augment something bigger. The prizes are given out for proposals, and not actually the results, although winners who take money are obligated to give a final summary (short one) on their results.

The registration process

Due to shortage of web resources, I got picked to offer my time on nights and weekends to building the registration. We managed, after quite some hassle to obtain a solaris zone inside Sun's firewall, and stage the pages there. Eventually, Sun's IT team would assign the "" domain to the Zone and we'd be live. Jim Grizansio gives me some credit for putting up the site. It was simply a bunch of jsps and servlets I've had for about 5 years which I developed for my school's PTA website I created a simply flat file database which stores entries encrypted in separate files. That way, if the ISP isn't all that safe, at least the data is pretty useless to the hacker unless they have a strong Math and decompiler background and can figure out my storage system (which stripes part of the key remotely and is fetched at server startup). Anyway, I hope the interface isn't to geeky. The real designer for the UI, I found out, was Derek Cicero and possibly others. They helped with all the standard CSS stuff that would take me forever to format in stock HTML. Coding is easy. UI is hard.

Hopefully people won't balk at the UI. I apologize in advance. But give the contest a try. Registration isn't too difficult. I hope it's logical. Steps are the following:

  1. Go to and register on that system. It's separate from the main site for a number of reasons which I won't explain here. But just register as a user.
  2. Next, if you have an idea for a contest entry, you can submit it and it will be stored along with your profile.
  3. You have a few options to select if you want others to see your private information or not, or if others can join or not. But as a community effort, even if you don't publish your name and contact info, the title and brief description of your submission are posted on the list.
  4. When you're ready, you can upload your wad. We support upto 10MB as wad of stuff. Standard tarballs are accepted (e.g. .zip, .tgz, .tar, etc.). If it's bigger than that, then you can submit a URL to us.
The system will allow you to edit, clobber and refine your submission, entry, registration data up until the deadline for submitting the actual contest entry. So you can visit early and tweak often. Hopefully, if you have the initiative and are one of the favoured 29, you'll win some money.

Thursday Dec 27, 2007

Part 2 - running Solaris on those new Intel Little Valley Motherboards

So Christmas was pretty cool. I ended up ordering myself a tonne of electronics gear on sale and it all arrived in the mail. But I've been spending most of my first few days running and testing the Intel Little Valley and Little Valley 2 systems and playing around with things like a 2GB CF Flash IDE drive and making a tiny server out of it and so on. I also answered a few questions posted by some readers.


Colleagues and some net folks found my email and asked if there was any concern with heat and using the various enclosures. My results can't be conclusive because this must be the darned coldest winter we've had in California in a while, so it isn't the middle of summer when it's supposed to be hot. Where's Global Warming when you need it?

My CPUs stay toasty at 45C on average for the D201GLY (vers 1) board and 47C on average for the D201GLY2. That's after prolonged running of some stress tests such as HCTS and the like and some of my own home grown ones. And I also have been running these systems for a week now and when I get back briefly during a reboot into BIOS, the health status reports consistent temps.

What might be worrisome is the temp of the Northbridge heat sink. That is a finger-burner (i.e. it's too hot to touch) and this appears to be true for both vers 1 and 2 of the boards, but I took a meat thermometer to the north bridge and it reached about 130F which is too hot to touch for most folks. But that's only about 54C, which is the surface. I figure the junction temp for the Northbridge is probably around 65 - 70C which is within operating limits of the system. And I haven't seen any instabilities in the systems after 3 days of stress and uptime for 14 days. The NB heatsink is -smaller- on the vers 1 board so the temp reported previously is the hottest I measured. I don't have long term failure data, but so far, it seems that with just one or two small case fans, there's enough movement of air to keep things cool, at least during winter.


Yes, I had questions about noise. The Casetronic Morex 2699R is louder because of the dual 40mm exhaust fans out the back. And for some reason, due to the bare metal shape of the Casetronic case, it acts somewhat as an echo chamber and amplifies the sound of the small 40mm fan on the vers 1 Little Valley board. Hence, for the price differential currently of the $66 retail boxed fanless Lil Valley 2 and the $60 retail boxed (w/ fan) Lil Valley 1, I'd go with the fanless vers 2 of the board.

As far as cases go, the iStar Storm S3 case is so quiet, I can barely hear it next to my head while lying down. The case fan control on the motherboard is quite effective and after running for many days, the none of the systems have thermal issues. Couple that with the fanless board and it may cost about $36 more for the system, but that's worth the quietness to me. Your mileage may vary. But my guess is that my fanless vers 2 plus iStar case comes in at idle at under 22 or 23 dB which is as quiet as the disk drive inside with a fluid dynamic bearing.

Power Usage

And here I though that the new Conroe-L core Celeron 220 on the Lil Valley 2 with reported 19 Watts TDP would really lower my power consumption. But Intel must be lying or it must be eaten up elsewhere in the chipset like for the two new SATA ports on the board that the first version didn't have. But in head to head tests, I was still using 28 - 37 Watts with a peak at startup and during some stress tests upto 45 Watts. Both systems were the same, and I swapped SATA for IDE and back. The IDE only saves like 1 Watt over SATA. In addition, I swapped out SATA for an IDE CF 2GB drive. It was the cheapest and slowest CF card I think Fry's had to offer ($14 no rebate - Adata 60x - at least reported as 60x). I maybe got 2 MB/sec out of that card on a large block read/1MB block write. But that A-Data card really bogged down on large numbers of small writes to the point where it took 1hr 50 minutes (most of Aliens vs. Predator movie on FX channel) to just load the first 106 limited boot services on my hacked-down 1GB opensolaris router flash archive image. That is -really- s-l-o-w.

Does the slot support 2GB DDR2 sticks?

Well, here's the prtconf output corroborated by the BIOS:

System Configuration:  Sun Microsystems  i86pc
Memory size: 2014 Megabytes
System Peripherals (Software Nodes):

    scsi_vhci, instance #0
    ib, instance #0 (driver not attached)
    isa, instance #0
        i8042, instance #0

I also ran a number of apps and many apps going all at the same time. Well over 1 GB and it wasn't paging, so the SiS662 chipset must recognize the 2GB stick. And it was a cheap stick too. I bought it at for just $34 plus shipping and tax. They delivered it in just 1 day. Insane fulfillment. Don't these guys take a vacation? Not that I'm complaining. But you know how some folks swear by NewEgg? Well, once you eWiz... and BTW, they started carrying the Little Valley 2 retail box board too! And it's $1 cheaper than NewEgg! Anyway, memory link is here: and the motherboard link is here:

Performance Benchmarks

I ran 3 types of typical CPU tests. Not graphics but just standard stuff I use my low power system. These were an MD5 checksum of a large file, LAME encoding of a bunch of WAV audio into MP3s, and using Java to auto-rescale a bunch of dig. pics I took in 7 mpixel for posting onto the web. I made sure I ran large enough problems to exceed 8MB of hard disk cache and used the same config where possible to replicate component I/O performance. I ran the Celeron 220 (vers 2) in 2 modes - 64-bit and 32-bit, the vers 1 board in just 32-bit (since that's all it's capable of, and then compared this to old Socket A generation of an AMD Geode NX1750 with DDR memory. Results are below.

AMD = 32-bit Solaris on 32-bit AMD Geode NX 1750 1.4GHz
C220 = 64-bit Solaris on 64-bit Celeron 220 1.2GHz
C215 = 32-bit Solaris on 32-bit Celeron 215 1.3GHz
C220-32 = 32-bit Solaris on 64-bit Celeron 220 1.2GHz

md5sum of 352MB file
timex md5sum s10_u1_x86_cd1.iso
09791c116eb2189a708f9a698e5e413d  s10_u1_x86_cd1.iso

run1    AMD     C220    C215    C220-32
real    6.56    5.40    4.96    4.95
user    2.01    2.12    2.00    2.10
sys     2.01    0.88    1.49    1.04

run2    AMD     C220    C215    C220-32
real    6.45    5.47    4.51    4.96
user    2.01    2.12    2.00    2.10
sys     2.00    0.89    1.34    1.04

run2    AMD     C220    C215    C220-32
real    6.44    5.47    4.65    4.93
user    2.01    2.12    2.00    2.10
sys     2.00    0.89    1.35    1.04

lame -h encoding to MP3 of 59MB WAV file
timex lame -h test.wav test.mp3

run1    AMD     C220    C215    C220-32
real    34.23   30.79   29.90   30.78
user    30.93   29.79   29.14   29.85
sys      0.75    0.33    0.51    0.52

run2    AMD     C220    C215    C220-32
real    34.60   30.45   29.91   30.59
user    30.86   29.77   29.16   29.85
sys      0.72    0.33    0.51    0.51

run3    AMD     C220    C215    C220-32
real    33.61   30.67   29.94   30.58
user    30.77   29.79   29.19   29.84
sys      0.72    0.33    0.52    0.52

Rescaling 15 5.1MPixel Images to 1024x768
timex java ScaleImages test 1024 IMG_00\*.JPG

run1    AMD     C220    C215    C220-32
real    17.47   10.51   10.66   11.21
user    14.62    9.47    9.76    9.33
sys     1.07     0.53    0.59    0.66

run2    AMD     C220    C215    C220-32
real    17.80   10.38   10.62   10.35
user    14.54    9.47    9.73    9.46
sys      1.02    0.53    0.58    0.62

run3    AMD     C220    C215    C220-32
real    17.90   10.31   10.59   10.32
user    14.59    9.47    9.74    9.45
sys      1.02    0.52    0.59    0.62


The interesting thing is that in most cases, the total wall clock time seems dominated by I/O which seems worse on the Lil Valley 2 with SATA ports. But the new Celeron 220 w/Conroe-L core on the vers 2 board has much lower system time and comparable user time with the Celeron 215. The 64-bit mode, while I would expect a slight degradation in performance due to pushing more memory I/O, actually does okay and holds it's own against the 32-bit results and actually has lower system time where the Solaris kernel routines are involved. These results clearly show that the new Celeron 220 is a pretty kicking core, but how that impacts the disk I/O to slow down overall wall clock time (since I wasn't running anything else) is baffling. It's the same chipset isn't it? But the old AMD Geode NX1750 that had comparable power characteristics just can't keep up and gets left in the dust.

Other Thoughts

Funny thing about running in 64-bit was that the SiS Xorg graphics driver is extra sharp! Yes, no need to run Vesa module in Xorg like on the old vers 1. of the board.

And as for booting and running off CF flash memory, tried all sorts of settings on UFS - noatime, nologging, etc. It was slow. Boot time was well over 2 minutes reading from the A-Data "Speedy" CF from Fry's. I even turned off swap. For large files like a 5MB mp3, it could fly and write at a good 1 MB/sec. But writing lots of little files and updating SMF xml files by the hundreds took literally all night. Unless other CF cards have 1000X faster performance, I'll stick with a disk drive. I know there are some new Solid State Disks (SSDs) out there now. These have better durability against writes, but $3K for 64 - 128GB is a bit excessive. When they bundle 32GB of SSD with a Happy Meal at the drive thru, maybe I'll buy some. I also know there are folks like the Indiana Project at OpenSolaris.ORG that have bootable ROM images that run out of RAM. That might be something to look into for flash only boot, but I was hoping to able to at least cache my files locally without needing to run NFS all the time and just get old ATA/UDMA-33 performance.

Thursday Dec 13, 2007

A holiday motherboard Special

Just in case folks wanted to go green for the holidays in terms of our computing desktop, here's a -fanless- low-powered Intel "Little Valley 2" motherboard that started selling on Monday at NewEgg. Hopefully the link is still good - last time, they ran out in less than 3 days on the Lil' Valley 1 version of the board. I also noticed they posted a Retail Kit version for $2 more.

The form factor is actually mini-ITX which is micro-ATX compatible but the whole mobo with soldered on CPU, graphics, networking, audio, is just 6.7 inches square. Price is just $65 and it listed today at newegg. This is $10 cheaper than the next closest competitor with stock on this item (

Last time they had a sale, newegg sold out in 3 days or less on the Little Valley 1. This new board features a new Conroe-L-based Celeron 220 cpu that's even lower-power but supposedly faster than the version 1 of the board. Plus the new board has 2 SATA ports. Rest of the features include 1 IDE port, 1 DIMM slot (1GB DDR2 max), two sets USB pin headers + 2 usb onboard in the back, front panel audio header pins, PS/2 keyboard and mouse ports, 1 parallel, 1 serial port, and 1 PCI slot.

I purchased a new iStar storm 3 mini ITX tiny tower case with 80W high efficiency power supply. Newegg also has highly rated Wintec AMPO memory, 1GB DDR2 5300 dimms for $19 (w/ heat spreader!!!) and you may want to get the Samsung slim DVD burner which I've verified is truly ATAPI compliant. (not like that $38 cheapy APOS DW-ISD081 Dual Layer for $38 at which didn't work properly for ATAPI compatibility, even with th pin 45/47 jumper hack).

URLs for case, dimm, and burner are:

The case comes with adapters for small notebook disk drives. I'll be using a toshiba 120GB MK1246GSX notebook SATA disk, which is also on special.

I have 2 systems running with the previous Lil' Valley 1 board w SXDE 1/08 b79 and swapped out the 40mm cpu fan with newer, quieter mini-Kaze 40mm fans. They each have 94+% efficiency DC power supply systems (like the one that comes with the iStar case). They run at 25 - 32 Watts on average. I'm hoping to shave a few more watts off the power envelope, get quieter and run faster.

Happy system building this holiday (while supplies last!)

Wednesday Oct 24, 2007

Tried version 0.6 of the ath wifi driver?

I was playing around with installing Nevada b75a last night on my Toshiba Satellite M115-S1064. Yepp, that's the $449 Fry's laptop I got sometime around last Christmas which I mentioned has funky wireless last week in my blog about the lower cost wifi cards.

Most everything works on this laptop, and at 6lbs and wide screen, it's not the lightest, but it one of the cheapest and gets the job done. A problem since the summit that had been bugging me was to check for the latest and greatest atheros wifi drivers. I was checking the MadWifi website recently and swore I saw a table that said the new PCIe Atheros 5006 wifi chip was now working fine on Linux. I was wondering if that update had trickled in during the last few months in a beta driver on the site. I was still running an older b70b Nevada on the M115 so I last night, I finally got around to kicking off a fresh install which completed, but struck out on the wifi. But I recalled something one of the Beijing engineers said in an email recently, which mentioned that the OpenSolaris site gets driver updates much more frequently than Nevada or Solaris 10. So I went and checked. And since the end of August, almost 2 months ago, the Sun China Wifi team contributed ath v0.6. And after uninstalling (pkgrm SUNWatheros) on my b75a, I pkgadd'ed the new SUNWatheros v0.6 and magically, the new chip is recognized, plumbs, and hooks up with WEP onto my home 802.11 network. Thanks guys/gals!

So those drivers in the formal distros might be bundled months after the actual beta driver has been posted and downloadable from OpenSolaris.ORG. I'm not sure how Project Indiana will merge the conflicts between beta drivers that give early access, and the formal distros that meet higher quality standards. And to make things worse, if you run "strings ath | grep -i ver" on the atheros driver binary, the formal one that ships with Nevada b75a said version 1.3. But if you run the same command on the OpenSolaris contributed and unbundled driver, you get version 0.6.

But I'm certain there's quite a lot of overlap in the QA/Testing suites for drivers that get contributed to OpenSolaris versus the ones that get bundled into Nevada and later S10. But clearly, even the contributed beta drivers seem to have been tested with many of the same suites that the official versions go through. So it's worth a try to keep checking.

But kudos again the Sun China wifi driver team. Wow! It's working beautifully. I'm hooked in now and writing this blog from that laptop using my home wifi net complete with WEP key support.

Also the Toshiba M115-S1064 had issues with strange noises coming from the HD audio codec. I'm not sure, but maybe they this was due to some host signal processing or "soft codec" being used with the ATI SB450 chipset. It does have a compliant Intel HD Audio "azalea" controller. I tried hacking around the opensolaris audiohd source, but only made the noise worse and louder when playing anything.

But Open Sound System (OSS) came to the rescue again. I'll mention it again that OSS is from 4front Technologies ( and they've been doing cross Platform audio on UNIX for years. In fact, Dev Mazumdar, the head of OSS attended the Open Solaris summit in Santa Cruz. And he was in Menlo Park yesteday at Sun. I thought he lived in SoCal. Maybe he's finding shelter from the brutal fires and smoke down there. (Hope folks are breathing okay down there - this is always a bad time of year down in SoCal when the Santa Ana winds kick up and the dry summer has turned all the spring growth into kindling).

But I digress. The OSS download for Solaris is free and just requires renewal every 6 months. And it plays nice audio as well for this laptop where the shipping audiohd driver doesn't play properly.

Saturday Oct 13, 2007

pre-OpenSolaris-Summit Santa Cruz Wharf Fishing

Got up early this Saturday morning to head south to attend the OpenSolaris Summit. It's being hosted at the UC Santa Cruz campus during this weekend which is a change over traditional schedules and venues that would eat into normal office time during the work week. Plus, it's a chance for Sun and a number of prominent OpenSolaris community members to talk about a the future of OpenSolaris.

The UCSC campus isn't very far from the Santa Cruz Wharf. One of my proposed sessions was to do some fishing. And this would be open to all participants since there is no license needed on public saltwater piers in California. My target was to get there around 6:30am and then move out along the pier towards the end to wet a line or two until about 8:30am when we'd need to head over to the campus to start the conference.

And from the picture above, it wasn't all skunk. We did catch a large variety of fish - Jack smelt, kingfish, staghorn sculpin, and shiner perch. I'm seriously thinking, as I sit in the conference about more fishing later this evening.

Topics Discussed Today

The Summit will cover today a State of the Nation for OpenSolaris and specifically, the Project called 'Indiana.' This is a proposal to produce a branded Solaris version that is based on Nevada but completely open source and has improved packaging, install, and support for more types of x86/x64 systems.

So far, there hasn't been any all out fighting one might expect in Open Source debate. On the contrary, we've covered a lot of packaging and installation concepts. Some are borrowed from ideas and concepts used in Linux already or other open source. The primary goals are to make packaging more intuitive, higher performance, and easier to use.

I can't say I disagree with any of the ideas. I'm sure they have value. But I also can't help but think that there are major issues with the missing application that clearly hinder adoption more (or lack thereof of those apps hinders adoption). But install/update and packaging are, in general, a lower priority for me. I don't believe that people are constantly updating their OS, especially in Solaris. My impression is that people update OS as security requires and as their IT shops require them to do so. Otherwise, they run oblivious to updates.

And from working with software vendors, many decide on an OS version and stick with it and support it. For us to focus too much on install/update isn't the most optimal use of resources, IMO. But I might be swayed otherwise if a valid argument is made.

I guess I'll learn more as the afternoon goes on.

Lower cost wifi solutions for Solaris x86

Airlink 101 - AWLC 4130 and AWLC3026

I picked up a few cheapy Airlink 101 AWLC 4130 cards recently at Fry's on sale. Cardbus cards for laptops with a PCMCIA slot. They were only $14 each, limit 2 per person. Unfortunately a 1 day sale only.

But these were plug and play with Solaris Nevada. The AWLC4130 is advertised as a "Super G" with Atheros chipset. And indeed, when we plug it in, the PCI DevID confirms it's a AR 5212/5213 series chipset, which has been supported by the Solaris 'ath' driver for quite a while.

I also decided to look in my spare parts bin and pull out some older AWLC3026 pc cards. These are regular 802.11G. Back about a year ago, I picked them up for $9 ea at Fry's as well. But there was no driver for the Marvell/Libertas chipset. But on a whim, I decided to check the OpenSolaris.ORG website and found the 'malo' driver.

It's currently provided as a source distribution only, but it compiled just great, and after just a couple of issues with rebooting correctly a couple of times, I was able to get the driver to load and function quite well and fairly stably.

Most laptops do come with WiFi today, but the chipset may not have any drivers yet, or use an NDIS wrapper type driver that isn't stable. I'm using the AWLC4130 now on my el cheapo Toshiba M115 laptop with still unsupported Atheros 5006 mini-pcie WiFi. Not a bad deal for just $14, or even better, $9 for the regular G version AWLC3026.

I know Airlink 101 makes quite a few regular PCI adapters that turn workstations into wifi workstations. I'm waiting for a sale now to get a few to find out their chipset as well. I've been searching for some low cost cards to refurbish cheap PCs to give away to needy families with kids attending my elementary school who don't have broadband today but would want to leverage free city wide wireless that is now available in our neighbourhood.

Friday Sep 28, 2007

Intel D201GLY mini-ITX - a Low Cost Solaris Solution

Another Low-Cost, Small-Footprint - Home/Office Computer

Last week, in the midsts of rambling on about the issues in SXDE 9/07, I briefly mentioned that I had an Intel D201GLY mini-ITX board. The board has been around probably for a while. I think their may have been some OEM marketed version available to volume system builders earlier. But probably sometime in the first half of 2007, the Intel D201GLY became available online for folks like me who buy retail.

Fig. 1 Intel D201GLY mini-ITX motherboard.

For such a small form factor board, the retail price seems to vary between $60 - $80, which is a bargain, if you consider that this is for motherboard with audio, video and LAN, plus on-board CPU. Even the older VIA Epia 800 first generation mini-ITX system boards still cost around $95 - $120 online. But this Intel board has a power efficient Celeron M 215 at 1.3GHz, a single DDR2 533 slot, single IDE pin header, 2 sets of USB headers, 1 set of internal front audio pin headers, but no SATA jacks. However, while the board looks clean and well built by Intel, the chipset is the SiS662/964L combination with Mirage 1 graphics and SiS900 10/100 Fast ethernet.

I've spent the last week twiddling at home during spare time trying different cases to put this board into as well as measuring power and getting Solaris to work well on this. Below, I go through some of the configurations and settings on how I got this to work.

Picking Out A Case

Mini-ITX motherboards will fit Flex-ATX, Micro-ATX, XPC and ATX cases in general. But the real attraction is to be able to stick the board into a small, very appealing case that makes people go, "Wow! a tiny computer!" when they see your computer. The only concern with this Intel board is that the heat sink and fan over the CPU (which is soldered on BGA packaging) is the height. It's about 1.8 - 1.9 inches tall if I lay the mobo on a flat surface. That's taller than 1U, so a rackmount case like a 1U 1/2 width, short depth box could work if I could find a 40mm replacement copper heat sink and thin 40x40x10mm fan. However, with no changes to the motherboard/heat sink/fan, the board does fit nicely into both the Casetronic 2677 and 2699R mini-ITX cases. There's just about 3 - 4mm of clearance under the case covers, and if heat is a worry, I can always drill holes in the top cover in the area just over the cpu/fan.

I like the 2699R case better because it has front panel USB and audio jacks, which are supported by the pin headers on the motherboard. The 2677 also is problematic; as an older model, its ATX extension cable isn't long enough to reach across to the rear of the board where the power pins are. An inexpensive ATX extension cable is required. The cases sells for around $65-$75 online and include a big external brick-style AC adapter (like for a laptop) and a 12VDC converter daughter-board that then provides a 20 pin ATX connector to the motherboard. The daughter-board power supply has a big advantage in that it can be about 94 - 96% efficient at converting 12VDC into usable system power. Typical power supplies inside PCs are less than 70% efficient at full power, and when the board only draws 25 watts, the P/S may actually be sucking 50Watts or double the power.

Fig. 2. Casetronic 2699R mini ITX chassis.

If the price is a bit high, then it's still possible to find some places that sell the Englight 7396AM1 for just $20 plus shipping. It's a very high quality case at a budget price and it's bigger, but still smaller than most mini Tower cases.

Drives and Cables

Both my picks for cases, the Casetronic 2699R and the Enlight 7396AM1 have support for just a slim optical drive, one floppy or USB multi-function card reader, and a 3.5 inch hard drive. The NEC/Sony Opti-arc 8X DVD burner is a low-cost slim drive which runs around $50 - $60 online. There are NEC/Sony and Samsung versions of the CDRW/DVD combo slim drive which work similarly for around $40 - $45. Whichever one you chose, you'll need to get a short adapter that connects the IDE slim optical drive modular jack to a standard 40 pin IDE plus power. The unfortunate thing that Intel didn't do was to put SATA drive support. It would have reduced cable and connector crowding, especially with the Casetronic case. In addition, the optical drive bay butts closely to the cpu heatsink/fan. There isn't much room for the slim drive, the adapter and the 40 pin cable so the adapter must be pretty low-profile. (Note: I bought a half dozen on eBay from some vendor in Hong Kong - service was good, but the adapters were poorly made and the pin headers stick out the reverse side of the PCB and it's possible that during the screw tightening, the pins can touch and short the back of the drive chassis and destroy the drive. I recommend some metal clippers or diagonal cutters to find and cut the protruding points down. I also recommend using a piece of masking on the back edge of the slim drive to protect it from shorting out.

The 3.5 inch hard disk is just a standard IDE drive. I can shave about 3 - 5 more watts by going to a 2.5 inch laptop drive. This requires a 44-pin to 40-pin IDE adapter for the conversion. The Casetronic 2699R has pre-drilled holes to mount a small 2.5 inch hard drive, while the Enlight case does not. But the latter is much larger and includes a disk tray with rubber grommets which provide shock support for the drive.

Note: The Sony/NEC Opti-arc DVD burner appears to be set, in firmware to IDE high - meaning it wants to be the primary device on any cable. Because the board only has a single 40 pin IDE header, this means the NEC/Sony must be the primary, and the hard disk must be a slave drive on the same cable. The simplest solution is to use the cable-select jumper setting on the hard drive and make sure it's the 2nd IDE plug stuck into the drive on the ribbon cable, and the first IDE plug is in the slim DVD drive. Otherwise, it may be hard for the system to discover which drive is primary and which is secondary.

Note 2: The Enlight case is for a MicroATX motherboard. The mini-ITX is quite a bit smaller still and the USB front panel connector cables, as well as the standard IDE ribbon cables are a bit too short to reach over from the front of the case or the hard drive to the motherboard socket. I solved this problem by ordering internal USB pin header extension cable. This adds about 10 - 12 inches of reach to connect the front panel USB.

Solaris SXDE 9/07 installation

Installation wasn't too bad, except for the Xorg noise and streaks on the screen. As I found out, the installer is using the sis Xorg module. It works for the prevous SiS 661 Northbridge, but not here on the SiS662. Luckily, others have run into this problem on Linux and the recommendation there was to switch from using the sis module to the Vesa module in Xorg. The way to do this is to simply run, in Nevada, the xorgcfg graphical configuration utility, edit the properties for the graphics card and choose "vesa' for the module, then logout and log back in.

# /usr/X11/bin/xorgcfg

The LAN uses Murayama's free SiS fast ethernet (sfe) driver. Installation was quick and painless because I keep a CDROM disk with most of the free drivers for Solaris on it. But we could have put this on a USB jump drive as well.

Note: The default with SXDE 9/07 is to use Network AutoMagic. To set a static address, you can use the GUI tool in the Gnome SysAdmin menu. But that doesn't work if nwam is managing the interface. So I run:

# svcadm disable network/physical:nwam
# svcadm enable network/physical:default
Then I can use the graphical network configuration tool.

And with audio, the onboard SiS AC'97 chip (pci1039,7012) isn't supported by the default Solaris drivers. Here, I use Juergen Keil's free Solaris audio drivers. Interestingly, I tried to pkgadd the wad of packages, but the actual drivers refused to be copied over for some reason. Instead, I ended up rebuilding the packages from source and using a manual make reallyinstall inside each pkg directory and installing from the command line. I was able to confirm the install put the driver into /platform/i86pc/kernel/drv/audioi810. The post-install was a bit more problematic. It tries to run add_drv with a list of hardware pci-Device-IDs. Some collide with other existing and supported AC'97 devices. I manually edited the add_drv command inside the Makefile and was then able to add_drv for just the audioi810 module for just the SiS 7012 audio controller.

Power Consumption and Usability and Final Thoughts

With a few more of my standard software pkgs installed, then a cheap laser printer hooked up, and security, IPfilters, backup scripts and cron jobs to manage the system, the small box is making a nice home/office workstation. It's great for word processing, spread sheets, light dig cam editing, web browsing and email. My wife liked it immediately because it had the latest browser fixes to JavaScript that eliminate a funny popup 2nd Mortgage offer bubbles she was seeing when accessing several Citibank websites to pay our bills.

I like the fact that the system with the small Casetronic case, only draws from 26 - 33 Watts. It's got fairly good performance for rendering pictures and processing scaling operations and ripping MP3 audio. It's quite a bit faster than the older VIA c3 systems like my Epia 800 box. Also, Intel has implemented some nice features such as temperature sensitive voltage control on the case fan 3-pin power plug. So the case fan isn't always noisy. Only when the case gets hot, or briefly, it gets loud just for a second during a reboot.

Relative to the older Epia 800, which uses between 13 - 22 Watts, the Intel d201gly isn't quite as efficient. But it is much faster and gives the newer VIA c7/cn700 systems some competition. I've tested FlexATX form-factor PCChips v21G, and in an efficient enclosure with DC power supply, that c7 mobo averages 24 - 35 Watts and it still feels like it's a tad faster, and it should be since its c7 cpu is usually clocked faster at 1.5 GHz. But this Intel board is still fairly green and a bit quieter for those folks who want Intel build quality. For my wife and I, we feel like we're splurging, using double the power.

Note: The same Intel d201gly board stuck inside the Enlight case with conventional TFX12V power supply draws 49 - 62 Watts! The difference is completely due to the inefficiency in the power supply. I've priced a small solid-state 80Watt tiny ATX DC power supply with AC brick-style adapter. A conversion kit may cost between $40 - $80 and this would put a 94% or better efficiency DC power supply into the same box. But could save about $40/yr in electricity if left on 24 hrs/day so it'll pay for itself in a year or two and reduce power consumption further.

Total cost was: $75 mobo + $80 case p/s + $40 hdd + $55 dvdrw + $39 1GBDDR2 + $15 cables = $304.

Friday Sep 21, 2007

SXDE 9/07 Installfest and the Work Around

Release of SXDE 9/07 Edition is Immiment

Last week, I wrote about all the gory details about my recent salmon fishing trip up north in BC. I think I mentioned that I had also managed to bring along the latest Solaris Developer Express Release (SXDE 9/07) to upgrade a few machines while I was up there. In this edition of my blog, I thought it might be instructive to note some things I had to do with some platforms to get it working - not only for public consumption, but so that I'd remember what to check for in the next few revs of Nevada to see if those things changed.

Background on SXDE 9/07

For those of you who download and get Nevada regularly, this section is old stuff. But I find it instructive to give a broad picture, As I've seen it from the inside - on where SXDE came from. As far as I can recall, the existing SXDE release evolved from the original Solaris Express program. It's still basically the same thing, just re-branded Nevada (aka Solaris 11, aka Solaris Next, aka Open Solaris -sorta). The older Solaris Express was a roughly monthly or bi-monthly snapshot of stable bits for Solaris Nevada which is the next version of Solaris that is in development. Because of a typical 2-week build cycle for Nevada, the older Solaris Express was basically the most stable of each group of 3 - 4 builds that our volume developer program folks would push out for public download.

The SXDE rebranding did two things. First, it stretched out the interval to every 3 - 4 months for a developer release, which was more reasonable than every 6 - 8 weeks, since that's hardly enough time to evaluate the release itself and test compile a bunch of apps. The second thing SXDE did was to bundle developer tools installation into a new installation script that saves the end user from yet registering and downloading another wad of stuff with the compilers, NetBeans and all the other Sun Studio Tools.

Recently, some folks may have heard about Project Indiana - aka the new "Open Solaris." I'm stealing the "OpenSolaris" moniker in this blog just for the time being and I interchange it with Nevada - Solaris 11. But I should qualify for readers that the official "Open Solaris" will change and evolve as a new distribution under Project Indiana. The program is being run by in the Community and headed up by new Sun employee, and Former Debian Linux Guy, Ian Murdock. It's great to have Ian as the new project Team for "Open Solaris." His leadership in the Linux community in the early days gives him a perspective on the needs and wants of Linux users that many Enterprise Solaris Management folks don't have. I'm sure there are other blogs and message boards that Ian can personally respond about Project Indiana. But expect him to change and shape what is OpenSolaris now and take it to a more desirable place for endusers and developers alike. Also expect to have avenues of participation that can change the way Solaris gets distributed. This may be an opportunity to take a look-see at OpenSolaris.ORG.

Getting back to this next release of SXDE 9/07, we will find that it adds a few more features, fixes more bugs, and comes with a nice looking new GUI installer. It is based on Solaris Nevada build 70, but has undergone two more interations (build 70a and then finally build 70b) before getting the full product team endorsement to release.

InstallFest Imperative

Internally, before we release any version of Solaris, upper management likes to encourage all software engineers to download the pre-release bits and test it on presumably our own hardware. As part of our jobs, we already do quite a bit of sanity testing before the bits go out for every build. But being the engineers we are, most of us don't actually do the normal install that the regular users out there would use. Nope. We do the Big-Friggin' Update (aka BFU, aka Bonwick-Faulkner Update, aka Blindingly Fast Update). BFU is a process that basically flashes and clobbers the bits onto your running system (with some other cool technical details omitted) in just a few minutes.

Usually, BFUs are fast and friendly and before we know it, we've upgraded a system, making it ready for more Solaris development. And because we use BFU's, we probably don't do as much work on testing the actual installer our customers use and we avoid a lot of the idiosyncracies that exist only in the installer. So why not make this a standard? Well, BFUs aren't pretty when they don't complete safely or cleanly. Any good Solaris sysadmin worth his/her salt should be able to figure out how to recover. But for most users, this is probably an unexceptable risk/burden and so we do recommend using the actual installer, even though we don't use it ourselves. Just suffice it to say to, "Do as we say, not as we [Solaris engineering] do."

Upper Management aren't blind to this irony. Appropriately, they've tried to put their feet down and insisted that all internal engineers actually do an installation from optical media and file any bugs on the upcoming SXDE versions and fill out a feedback form. But this is high-tech corporate America. Management putting its foot down doesn't mean much in terms of threats; the stick simply doesn't work. Instead, they dangled a carrot of possible raffle for prizes to internal employees who complete an install and then fill out a survey. The carrot has been neither a sure-catch carrot (i.e. not everyone wins in a raffle), nor was it a fat carrot (i.e. the prizes weren't very expensive either). While I would have appreciated a new Sony TX-series ultra-portable notebook as a grand prize, the product team was giving away old junk, like an old Java tote-bag, or a whimpy 1XL tshirt from last year's trade show or maybe a baseball cap was all. Unbelievably, despite the dearth of good prizes, I found myself caught up in the Jackpot-Fever of the raffle even though I only fit 3XLT Tshirts!

For the first SXDE, I was announced the internal winner of the Most-Installfest-Submissions award. No gifts even got distributed (at least I never received any), except maybe I got a laser printable certificate in my emailbox, which I had to print out myself. Yeah, it's sort of hokey - but times are tough, and I'd rather keep the stock up from the days when it was just $3/share. But it shouldn't have been much of a surprise to folks that I would have the most. I have the most cheap x86 boxes of any engineer I know, except maybe for Brian Dowdy (i.e. think of us as "Hardware-Hos"). so, for this second\* SXDE Installfest, I again came out on top with Most-submissions. (\* We did have plans to do a second SXDE around the Nevada b64 timeframe, but decided to wait until b70.)

This time around, I did get some prizes. Like two XL Tshirts. I don't fit, but maybe in 10 years, my son will grow big enough, unless his younger sister out-eats and outgrows him. I also received a rich, corinthian leather notepad/portfolio thingy (say that with Ricardo Montalban's accent) which holds some paper and pens. I'm not sure what I would do with this since most everything I write these days goes through a keyboard. I didn't even use it to take notes on the installation issues I discovered. But if they gave me that tiny/mini Sony TX-series 2.7 lbs subnotebook w/ 2GB memory and 32GB of boot flash... maybe I'd double my efforts!

Installation Idiosyncratic

With any new version of Solaris, there's a debate as to whether to upgrade or do a fresh install. My testing philosophy is simply. I have spare disks around. For testing, I yank out the mission critical data, set that aside, stick a new disk inside probably with Solaris already on there, and then a) upgrade when I can, then b) after successful or unsuccessful upgrade, I reinstall from scratch.

Upgrade or Fresh Install?

For those folks that have done upgrades before, we know there are two major problems with upgrades. A) Not all things get upgraded. Some packages aren't removed and some files aren't replaced. Some new stuff doesn't get installed. There are ways to find out internally what the upgrade will clobber and add, but in essence, it gets complicated to find out what should have been upgraded but didn't. The only way to be safe is to do a fresh install. The other big problem is that B) the Upgrade is very slow. The installation console claims it may take 2 hrs or longer, but in reality, unless you have a honkingly-fast-storage and processor, the upgrade install takes as much as 6 hours or more to complete. Especially if you're trying to upgrade an older system. Typically, I can do a fresh install in just 40 minutes or less.

The solution I've come up with is to simply put all my data on partition slices which I'll preserve. Then do a fresh install on the root (/) slices. This helps save quite a bit of configuration and reinstallation of apps. In other words, I put most stuff on the /export and /opt slices and only clobber the root (/). The only problem though is that SXDE needs to clobber the devtools in /opt, and it clobbers the package tracking for all the extra value freeware I've added, so we can't really use the packaging mechanism to remove a package any longer. To re-install and configure all that stuff takes time again. I live with this solution since I don't usually remove freeware packages, and many I compile from scratch and don't install by pkgadd(1M). But this might be a dilemma for some. In which case, the upgrade path might be better. Regardless, I recommend keeping home-directory data on a separate slice and to preserve it.

This new SXDE presents some issues with upgrade or fresh install that folks should be aware of. A) the new GUI makes it easy to install from scratch, but before you realize you've clicked all the buttons, you may have skipped the steps needed to preserve partitions on your disk. If you'd like to take more time, and not use the new Dwarf Caiman installer, you may want to simply use the older installer (i.e. option 2: Solaris Express). B) The new SXDE installation has issues with older disk slicing and number and may not be able to upgrade you. This was supposedly fixed in build 70b, but you may still encounter this issue that the disk partitioning can't be upgraded and the GUI may only allow you to do a fresh install with fresh partitioning that will wipe your disk. The unsavoury solution is to rsync your data to another disk somewhere, do a fresh install, then rsync back. I have about 25 GB of data for myself and my wife at home. It takes about 1 episode of Stargate SG-1 to move that data off the install disk. This is still faster than doing an upgrade, and I've got scripts that restore my data and some server and network configuration too. Another option is to stick 2 disks in the box and mount it later. But I don't like the extra cost of 7Watts to power another drive. A single drive, and better yet, a single notebook drive, is what I prefer on my home system for improved acoustics and thermal power dissipation. Not to mention, I pay less for electricity with my systems always on.

Graphics Not Working for VIA Unichrome/CastleRock

SXDE and Solaris in general use Xorg. We're following the distro fairly closely these days and that's added support for more and more graphics adapters. But it's also dropped support. One area of support is for the older VIA CastleRock/Unichrome (CLE266 chipset and prior generations) onboard graphics. When I tell people internally that I actually use the onboard graphics, some scoff at me. They suggest I actually blow another 20+ Watts and get a cheap ATI Radeon S7000 or nVidia card (some which suck another 50+Watts by themselves). And maybe that would work. But there is a bug filed against this problem internally for VIA embedded graphics. I used to have a workaround for the VIA unichrome issue, which was to take the buggy S10u1 SUNWgraphics-ddx package and unbundle it, and just extract out the file and copy it into /usr/X11/lib/modules/drives/ and clobber the existing module. This worked through Nevada build60-something. But since build 63 or 65, that no longer has ABI compatibility. I now get core dumps. This is true even with S10 8/07. Luckily, there are cheap VIA c7/cn700 chipset boards these days that have Unichrome Pro graphics which are supported extremely well. I can't say that about the SiS Mirage graphics. I have an older SiS 741 chipset with Mirage graphics which worked okay with Xorg, around Nevada build 55 time frame (SXDE 1), but with the latest Xorg, the pixel quality at native resolution is really blurry, and on my Intel D201GLY mini-ITX board, the graphics are unusable beyond 800x600 pixels. However, with Fedora Core Linux and Windows, they've seemed to have solved both the VIA and SiS graphics issue in their version of X distro. My solution for now, is that these are relegated for headless/server use and not for home use. But for SXDE2, the GUI installer requires the graphics. Otherwise, you're back to booting option 2 - the old Solaris Express installer, which will fail or be unacceptable, at which time, I'd recommend just installing using the text console.

Network Automagic

Many of us have been trying the new NWAM (NetWork Auto-Magic) feature. It's controlled through the SMF. You svcadm disable network/physical:default and enable the network/physical:nwam. This works well, I hear, from a number of folks. They all pretty much have a single primary ethernet wired interface and it's on a laptop that uses DHCP. This is where NWAM works now. But it seems like since build 60-something of Nevada, the folks support the standard DHCP for ethernet interfaces have fixed some long standing bugs. For years now, many of us inside guys have been complaining and filing RFEs against the ifconfig(1M) command in Solaris. Simply, it was moronic to ignore the standard DHCP fields for DNS under most conditions. Instead, we focused on getting DHCP to work inside our Sun-centric NIS environment. DHCP would work most of the time and plumb /etc/resolv.conf file and alter the /etc/nsswitch.conf files under the right NIS network conditions. But for some reason, it would rarely work when doing DHCP over a standard connection. Well, since b60-something, this appears to have been fixed. I'm not sure if the NWAM guys had a hand in this, but thanks to whomever. There are some outstanding issues still when it's a WiFi interface. For some reason, it may be a GUI interaction with the free inetmenu application folks are using and download from OpenSolaris.ORG. Not sure. But it used to work and plumb the routes on WiFi connections, but it may not with SXDE. If it isn't working, I've usually helped many folks get up and running for a session by a) check the routing using netstat -rn and seeing if there is a defaultroute. Next, I check to see if the /etc/nsswitch.conf file has hosts: and ipnodes: using the DNS nameserver. There should be a "dns" following "files" in the nsswitch.conf file. If not, you should be able to append to those lines and get it working. Please file a bug at the SXDE community site.

VIA c3 Panic on Shmem pagesize and re-init()

Okay, for those of you who love VIA c3 and enjoy running servers at 13 Watts total power with Solaris, well, better stick to S10 update 4 (8/07) or Nevada b65 and prior. We put something in around the b68 or b69 timeframe that I think, does some kind of dynamic shared memory page size and inquires with the system to set this. If I recall the bug report, the VIA c3 doesn't support this, so it panics. This was supposedly fixed and putback into build 72 of Nevada, but it seems to only work for newer Nehemiah based systems. If I run the latest SXDE on Samuel or Ezra cores, the panic is now fixed, but the init() crashes on fatal signal 9 and restarts a gazillion times for my epia 800 system. I've added comments to the internal bug about this where they claim b72 had the fix and I tried it and it was still no go. But hopefully, it won't be long before we have that available. But for your SXDE users with older Epia systems with VIA c3/non Nehemiah, please refrain from upgrading.

Older Intel 815 graphics - Newer ICH9 945 Graphics

I've tested SXDE on both an older Compaq box with 1GHz P3 and embedded 815 graphics. I used to have to stick an nVidia Riva TNT graphics board in there. (I got a half dozen of these older 16 and 32 MB AGP 2X cards, some low-pro for some AMD Geode bookpc systems I have) for just $5 from But they do add to the power profile of the box. So I try to remove the card and see if it works. Amazingly, it appears to now work with Intel 815 graphics, and I can save another 6 -10 watts steady state. I haven't tested the 815 graphics support on the older Intel OEM D815EEA and D815EEA2 boards, which I have a small stash of from other boxes, although, I did try around b69 time frame at it was still broken.

I have some older Intel Bearlake test systems for the ICH9 chipsets that have onboard 945 graphics as well, and SXDE works flawlessly. I have some older Dell 2001FP LCD monitors that can't handle true 60Hz refresh at 1600x1200 24-bit. I've either had to lower the bit depth to 16-bit or lower the resolution to non-native. The latest SXDE is pretty good and syncs up to 50Hz refresh at 24-bit native. This collaboration with Intel is going great as we're seeing more and more support for native Intel chipsets on our platforms.

Network Settings/IPfilters/IPSEC Upgrade from S10 and early Nevada

If you run SXDE1 (build 55b) or Solaris 10 update 4 (August/07) and you upgrade to SXDE 9/07, there is a pretty high change, if you were running IPSEC security, like Punchin, or you were using IPFilters, that the upgrade will hose your settings. Two things have changed. The IKE (internet Key Encryption) service as set by SMF requires a few configuration changes. If you were using IPSEC Punchin, which we use internally at Sun for tele-commuting access into Sun's internel networks, like I'm doing now, then this requires a bunch of changes. Most of the installation handles it for you, but the PunchIn packages we use must be upgraded to v 2.x and the certs need some upgrading to the latest. I had to pkgrm the old SUNWpunchin and affiliate certificate pkgs and reinstall the new ones. Before uninstalling, it's useful to run a /usr/local/bin/client_backup to back up the local certs. Luckily, the new service supports the older legacy backup, so a client_restore against the older certificate backup, will re-install and sync the keys up correctly. I usually test the punchin again, and if everything is kosher, I run client_backup again and save the new format of the cert-wad-of-stuff.

One issue folks may have with upgrading from S10 u4 or early is that for some reason, the /etc/ipf/pfil.ap file gets blown away sometimes. And without the presence of this file, the new SXDE gives all sorts of SMF start-up errors. They're basically harmless, but if you're like me and run your machines both for local access and for tunneled access, I run IPFilters and TCP Wrappers on all systems, even my laptop. The SMF warnings are disconcerting and even more worrisome if your filters aren't active. It's like streaking around in public inviting any evil spirit to give you an STD. Anyway, the simply solution is to login to some other Solaris box and copy over the /etc/ipf/pfil.ap file and reconfigure for your interface and reboot. The nasty messages go away, and hopefully, your ipfilters will report they are up and enabled, and your log file (if you log attempts at incursion) should show you that packets are being denied access.

Oh, and one more cool utility in SXDE 9/07 is the latest Network setting GUI in the administration tools for the Gnome Desktop. The only problem is that it doesn't properly set the /etc/nsswitch.conf file either. So no DNS, even though the GUI has a DNS server tab. Solution is the hand-edit the /etc/nsswitch.conf file again and put in dns for hosts: and ipnodes: then it should work.

Post Install - Post Login Setup

If rev'ving from an old version of Nevada or S10 and the home directory hasn't changed, the first time a user logs in, SXDE will actually spend a good minute perusing all the gnome files and what not and try to re-instate the old Gnome config you had, with the latest SXDE version of Gnome. Clearly, if you were using S10 Mozilla, and now you've got stuff in Firefox, that won't carry over quite correctly. Thurderbird will try to import settings over. But overall, the process can take upwards of 2 minutes while the screen sits there black and there's a small progress bar thingy that swings back and forth and doesn't actually tell you what the progress is. But I have yet to have the process fail. It can just take a hell of a long time - long enough to maybe go take a coffee or bathroom break, head into the garage to get a sledge-hammer, comeback, think about taking a sledge hammer to the machine. But don't do it. It will complete and hopefully, you'll be a more patient person for it. The next login isn't too bad. Of course, if you're on a QUAD core box with two sockets, this probably will never be a problem, since either, it'll happen very quickly, or you'll be running headless as a server anyways. But if you're like me and run older, slower, low-power boxes, then it can be a test of patience.

Brother HL-2040 Printer Installation

In SXDE 1, I had to do all sorts of tricks and installed CUPS freeware to finally getting printing to work. This was really disappointing because I saw that killer sale for the Brother HL-2040 again for $59 after rebate and couldn't help myself. I had my buddy buy one also for a grand total of 3 laser printers. 22 ppm monochrome, with a 1500 page cartidge is, well, dirt cheap.

Not with SXDE 9/07. I have finally retired the last Linux print server/internal backup server box in my house. I have one last box to retire and Linux will no longer run anything internally. That;s because I took the USB cable out of my laser printer, plugged it in, and while logged into Gnome, I got a pop-up notifying me that the printer was up and available and enabled. I opened the browser, went to a home page, and sent out a print job. Seconds later, the printer just works. This is now working with the USB subsystems for VIA, Intel, SiS and nVidia MCP chipsets on all my systems. Only issue is that I heard there's a Parallel port bug that prevents the OS from seeing any ECP/EPP ports. That's being addressed, maybe in b74 timeframe. But that's one old printer if you're still using Parallel. Even my old Epson 880 has USB. But it just ran out of ink, so I haven't tested it on Solaris. I'm just stoked that my Brother Laser printer is finally working and it does so transparently. So props to the Solaris printing folks upstairs for all their hard work. I still need to test my battery of Epson printers, but that will come in due spare time.

I sure there are lots more things open to improvement. I'll continue to re-install the next versions and keep testing. I'm still not quite over trauma of the 700+MB requirement for Solaris graphical install. But with memory and motherboards so cheap, I'm having a good retail therapy shopping for more hardware. Only what do I do with the old stuff? Everytime I look at my pile of old stuff, it's hard to say goodbye to some good friends that have served me well, and could still handle lots of tasks. I'd like to donate the stuff maybe, or perhaps try to work on a custom distro with small footprint and installer that uses less than 250MBs and uses XFCE or something like that. Or maybe in the future, that might be a goal of the new OpenSolaris distribution.




« July 2016