Tuesday Nov 13, 2007

Timezones for cron code review request

I've got the webrevs ready for cron supporting time zones. The slight delay was finding a version of webrev that was aware of mecurial which I found on http://cr.grommit.com/~stevel/webrev_fixes/raw_files/new/usr/src/tools/scripts/webrev.sh. Even this though leaves something to be desired as mercurial insists that any new file that it sees is something that is part of the putback. So if you run this twice it produces a webrev of the webrev. Somewhat confusing but I'm sure we will get sorted out as mercurial moves into the mainstream. For similar reasons I had to pull a new source tree and merge my changes so that mercurial really only saw the things I had really touched and not every file that I had built.

Anyway back on topic. The webrev for:

PSARC 2007/503: crontab entry environment variables
6518038 cron & crontab should support multiple timezone

Is here: http://cr.opensolaris.org/~cjg/cron/webrev/. The code review request has been posted to the OpenSolaris Code alias. Please respond to the review there.

Thursday Nov 08, 2007

Cron Progress

My case to have cron be timezone aware has been approved by PSARC: 2007/503. So now I have to work to bring my workspace up to date and then get the changes back into Nevada.

It is nice to have the ball back in my court.

Tuesday Nov 06, 2007

17" Wide screen Sun Ray Photo Frame

I've briefly mentioned before that we have had the builders in recently and at last we are reaching the final few steps. This includes an LCD TV for the kitchen mounted on the wall. I'm sure you all know, modern LCD TV's all have an input for a computer. So I must be the last of millions to turn my LCD TV into a 17” photo frame powered by a Sun Ray 1 and some ethernet over mains plugs.

With SRSS 4.0 I can, although so far have not, have kiosk mode running just on this one Sun Ray although since everyone in the house has a smart card there is not really any need.

The “photo frame” software is no more than a proof of concept. A script that finds all my photos (about 3000) and uses display(1) to display them. Still need to confirm I have turned off he screen saver, no point in waiting for keyboard or mouse input as the Sun Ray has none and is quite well hidden. Also ideally it needs to have better transitions for the pictures and a way of controlling it. I can see a USB infra red receiver and remote control so that I can select that bike porn channel on demand.

The upgrade of the SRSS software would have been so much simpler if I had:

  1. Read the manual first.

  2. Rebooted when the documentation told me to. I hate rebooting, it is just so Windows but it really did seem to be required.

  3. Read the manual first.

There are however one issue. Kiosk mode does not seem to work with JDS on build 76, which I think is a know bug.

Given that a Sun Ray 1 on ebay is £25, this has to be a really cheap photo frame and this is a 17” wide screen photo frame. In fact the ethernet plug was more than the Sun Ray.

Wednesday Oct 31, 2007

Good Morning Build 76

It is coming to something that I was too busy to check to see if build 76 had been installed on our Sun Ray server yesterday. Lets face it it is not hard to type “ssh estale uname”. Anyway it is here now:

: estale.eu FSS 1 $; uname -a
SunOS estale 5.11 snv_76 sun4u sparc SUNW,Sun-Fire
: estale.eu FSS 2 $;

Had I done so I could have had 24 hours less of the deskbar applet being missing, as it was in build 75. Although I'm not sure I like the new one as it seems to have become more of a stand alone window, which displays at the top left hand side of my screen when I have the applet on the bottom right.

Wednesday Oct 17, 2007

Good Morning Build 75

Build 75 is now installed on enoexec one of our SPARC servers which means I can now use the latest and greatest build and not run thunderbird remotely. The reason I had to run a remote thunderbird when using x86 is due to thunderbird keeping it's extensions in your home directory but without taking into account the architecture of the extenstion. IE they all go in ~/.thunderbird/\*.default/extensions. If you install an extension for SPARC that clearly won't work on x86 and visa versa. I filed bug 6613224 for this.

Anyway I am now back on a SPARC system.

: enoexec.eu FSS 1 $; uname -a
SunOS enoexec 5.11 snv_75 sun4u sparc SUNW,Sun-Fire
: enoexec.eu FSS 2 $;

The only problem so far is that pidgin is unable to join any rooms that have the auto-join property set. Curiously this bug was seen when pdigin was called gaim but went away when it was renamed. Again a bug has been filed: 6617918 (it is not in bugs.opensolaris.org at the time of writing but should turn up there soon)

Wednesday Oct 03, 2007

Good Morning Build 74

I've not been in a Sun Office or on my Sun Ray at home for a few days due to travel. However I am now in Menlo Park for a day and so am back with the Sun Ray only to find the server has been upgraded to build 74:

: eagain.eu FSS 1 $; uname -a
SunOS eagain 5.11 snv_74 i86pc i386 i86pc
: eagain.eu FSS 2 $; 

All seems to be well; as it was on my laptop.

Monday Sep 24, 2007

Good Morning Build 73

The Lab engineer who used to upgrade our Sun Rays moved onto pastures new and so there has been a slight glitch in the upgrades for a few weeks. Thankfully the pastures new are actually within Sun and in the same lab team but in a different country, well continent actually, however that allows him to continue doing the upgrades and now he is back on line I can say:

Good morning build 73:

: estale.eu FSS 1 $; uname -a
SunOS estale 5.11 snv_73 sun4u sparc SUNW,Sun-Fire
: estale.eu FSS 2 $; 

One thing I noticed on my home system was that I did not seem to be getting the latest developer tools installed and the same appears to be true here. Live upgrade is correctly upgrading Solaris but not upgrading the developer tools.

On my home system I ran:


Now I have all the tools installed. Need to get the same done in in my “finish” script before the Boot Environment is live.

Thursday Aug 30, 2007

More ssh-add & gnome-keyring.

I've updated my gnome-keyring SSH_ASKPASS program to improve the user experience. However to get this 100% I need some changes to ssh-add so that there is a stable interface between it and the SSH_ASKPASS program.

The new version will read the environment variable GNOME_KEY_ASKPASS and if that is an executable and gnome-keyring needs to prompt for a pass phrase it will use that program to do the prompt, reading the pass phrase from standard out of that program, in the same way that SSH_ASKPASS does for ssh-add. It will then store that pass phrase in the keyring and output that to standard output for ssh-add.

So to use this I have this in my .dtprofile file:

: enoexec.eu FSS 184 $; tail  -11 ~/.dtprofile
if whence gnome-keyring > /dev/null
        export SSH_ASKPASS=gnome-keyring
        if  whence xsshaskpass > /dev/null
                export GNOME_KEY_ASKPASS=xsshaskpass
elif whence xsshaskpass > /dev/null
        export SSH_ASKPASS=xsshaskpass
: enoexec.eu FSS 185 $; 

Then of course you need the xsshaskpass program. This just pops up a window and prompts the user to enter the key. There are lots of these around and I've always wondered why solaris does not have one (if it does let me know). Since they are trivially simple to write I guess it is just another way of making Solaris a little bit more elite. Here is my solution to this. Save it as xsshaskpass somewhere in your path and make it executable:

#!/usr/bin/ksh -p
if [[ -x /usr/bin/wish ]]  ; then
# \\
        exec /usr/bin/wish -f "$0" ${1+"$@"} 
elif [[ -x /usr/sfw/bin/wish8.3 ]]  ; then
# \\
        exec /usr/sfw/bin/wish8.3 -f "$0" ${1+"$@"} ; else
# \\
        exec wish -f "$0" ${1+"$@"} ; fi
. config -borderwidth 10
label .l -text "[lindex $argv 0]"
entry .e -width 30 -show {\*}
frame .buts
button .buts.doit -text o.k. -command { puts [.e get ] ; exit 0}
button .buts.quit -text quit -command { exit 0}
pack .buts.doit .buts.quit -side left
pack .l .e .buts
tkwait window .
exit 0

The nice thing about this is that this is all you have to do to set this up and could be set up by the administrator. When ssh-add first runs when you login it will prompt you twice (see below) for your pass phrase and that then gets stored in the gnome-keyring. Assuming you entered the correct pass phrase then that is it. You never have to enter your ssh pass phrase again.

However since there is no way for the gnome-keyring program to know if the pass phrase that is read from the user is good it can end up storing a bad pass phrase in the keyring. To minimize this risk it prompts the user twice for the pass phrase until the user enters the same phrase twice. Once a bad pass phrase is in the keyring you have to use gnome-keyring-manager to delete it. Unfortunately all the gnome-keyring program has to go on when a bad passphrase is found is that is called with the arguments “Bad passphrase, try again: " which does not tell the program which key is bad. There are various hacks that could be performed to work around this but I'm coming to the conclusion the simplest would be to modify ssh-add to have it put the name of the file for which it is prompting into the environment of the SSH_ASKPASS program and hence the gnome-keyring program so that it can be read from there. With that in place it would not matter if a bad pass phrase was stored in the keyring since when the user eventually gets the pass phrase right it would still be stored.

Friday Aug 24, 2007

ssh-add meets gnome-keyring.

Now that we have the gnome keyring for storing passwords in and the excellent pidgin now uses it so I have to type my passphrase in so that pidgin can login it was irritating me that I also have to type in a passphrase for ssh.

So I wrote a small program gnome-keyring.c and a Makefile which wil allow you to store your ssh passphrase in the gnome keyring and then have ssh-add use the same program to retrieve the key. To use it save the two files in a new directory and in that directory type “make”. (This kind of assumes you have a compiler). Then install the resulting binary in your path.

Now to save away your ssh passphrase in the gnome keyring type

: principia IA 35 $; gnome-keyring -s
enter password: 
Reenter password: 
: principia IA 36 $; gnome-keyring   
easy to guess
: principia IA 37 $; 

Now if you set the environment variable SSH_ASKPASS to be gnome-keyring in your .dtprofile eg:


and then have your gnome session call “ssh-add” when the session starts you will be prompted for the gnome-keyring passphrase and you never have to type the ssh one.

I've only tested this on nevada build 71.

Irritatingly after I wrote this I did a google search for “ssh gnome-keyring” and discovered that I had reinvented the wheel, but I enjoyed it.


I've updated the program to be able to cope with having different passphrases for differnent ssh keys. This is a bit of a hack as it relies on the arguments that ssh-add passes to the program to work out which key to use but it works.

: principia IA 169 $; gnome-keyring -s /home/cg13442/.ssh/id_rsa
enter password: 
Reenter password: 
: principia IA 170 $; gnome-keyring -g /home/cg13442/.ssh/id_rsa
not so easy to guess
: principia IA 171 $; gnome-keyring -s /home/cg13442/.ssh/id_dsa
enter password: 
Reenter password: 
: principia IA 172 $; gnome-keyring -g /home/cg13442/.ssh/id_dsa
easy to guess
: principia IA 173 $; 

Tuesday Aug 21, 2007

New wish and tickle.

Two symbolic links make all the difference:

: pearson FSS 86 $; ls -l /usr/bin/tclsh /usr/bin/wish
lrwxrwxrwx   1 root     root           8 Aug 21 14:19 /usr/bin/tclsh -> tclsh8.4
lrwxrwxrwx   1 root     root           7 Aug 21 14:19 /usr/bin/wish -> wish8.4
: pearson FSS 87 $; 

This came to my notice as a script have for prompting for my ssh pass phrase via ssh-add stopped working after the upgrade to build 71 as it had wish8.3 hard coded into it.

So now you can just call “wish” or “tclsh” with the default path and things will work. What is more since the tcl version is now 8.4 this is large file aware so my zfs_version tlc script, which I have upgraded to use /usr/bin/tclsh now works even if the file in question is greater than 2Gb.

Monday Aug 20, 2007

Good Morning Build 71

Arriving back in the office, well initially in my home office, our Sun Ray server is now running build 71:

: enoexec.eu FSS 1 $; uname -a
SunOS enoexec 5.11 snv_71 sun4u sparc SUNW,Sun-Fire
: enoexec.eu FSS 2 $; 

All seems to be well. While I don't think it turned up in this release we now have the Off the Record plugin for pidgin and pidgin also works with Jabber/XMPP out of the box. Pidgin is still missing the gaim-remote/purple-remote (bug 6578100) which messes with my script for setting my status using the utaction on my Sun Ray so one step forward and one step back for pidgin.

Monday Jul 23, 2007

Good Morning build 68

Build 68 has hit our Sun Ray server last week. Which was good news and bad news. The good news is that this gets us the new “pidgin” IM client. The bad news is that the build of pidgin does not contain the XMPP (aka jabber) plugins which renders it as much use as a chocolate Tea pot. The bug id is: 6577264. Not fixed in build 69.

Luckily it took seconds for some bright spark to have a version built from source. The config options are “CC=cc -disable-perl --disable-tcl –prefix=/blah”. Disabling perl is obviously goodness, but TCL is a pity but with it it just dumps core. Alas this version is not aware of the gnome-keyring.

Apart from that the build is good.

: estale.eu FSS 1 $; uname -a

SunOS estale 5.11 snv_68 sun4u sparc SUNW,Sun-Fire

: estale.eu FSS 2 $; 

Update: For those who are close to GMP I have built both SPARC and x86 copies of pidgin for Nevada. They can be found here ~cg13442/pidgin/$(uname -p)/bin

If you use the c-shell you have my deepest sympathies but they don't run to me giving a c-shell friendly path.

As with the one mentioned above they don't understand how to talk to the gnome keyring

Monday Jun 25, 2007

Good Morning Build 67

Build 67 of nevada to play with this morning.

: enoexec.eu FSS 1 $; uname -a
SunOS enoexec 5.11 snv_67 sun4u sparc SUNW,Sun-Fire
: enoexec.eu FSS 2 $; 

One slight issue is the gnome terminal keeps having bits of font left on it. Turns out to be bug 65663321. Apart from that all is well.

1Internally to Sun we apparently no longer have bugs but instead they are “Change Requests” or “CRs” but I never noticed until today that that bit of doublespeak has not been applied to the community where a bug is referred to as a bug.

Tuesday Jun 12, 2007

Good Morning Build 66

Here is a change. The lab folks have added a third system to the group of Sun Ray servers we use and it is an AMD based system. So now the rolling upgrades will be every six weeks and I get to spend four weeks on SPARC and two weeks on AMD. Should flush out any problems with moving a home directory between architectures pretty quickly:

: eagain.eu FSS 1 $; uname -a
SunOS eagain 5.11 snv_66 i86pc i386 i86pc
: eagain.eu FSS 2 $; 

Friday Jun 08, 2007

Good Morning Build 65

I've been a bit remiss with the Good Morning Build updates over the last few weeks. Not because the updates are not happening but because there are only so many hours in the day.

: estale.eu FSS 1 $; uname -a
SunOS estale 5.11 snv_65 sun4u sparc SUNW,Sun-Fire
: estale.eu FSS 2 $; 

Build 65 has been on the server for a while now, so long that build 66 is upon us. However I thought I would bother to post this as I have just noticed that the volume control on the desktop now works on Sun Ray. A small step but with every build the Solaris Desktop gets better and better.

Monday Feb 26, 2007

nautilus ssh://foo.com

I know no real geek would dream of using nautlius or any file browser, after all the pinnacle of UI design was the screen on the vt220, however this is so cool as to make it worth it. If only for your “friends” so that they will stop using ftp. I know this is not new news to many but I was surprised to discover a few people who I expected to know this did not. I'll not name names.

The nautilus file browser will allow you to browse files over ssh. If you have a system “foo.com” into which you can ssh, with or without a password then enter this URI into the nautlius location bar: “ssh://foo.bar” If you can't see the location bar hit the pencil symbol it allows you to type it in.

I did this on a system running Nevada build 58 and it then proceeded to ask me if I wished to store my passwords in the gnome keyring and then popped up a window displaying the root file system of my remote system.

Now if you bookmark that you can easily copy data from one place to another using a secure and if you have set up ssh to do it, compressed channel.

Very cool on a laptop and you need to copy files onto your server or if you want to browse your home server from work.


Wednesday Feb 21, 2007

Good Morning Build 58

This was not really good morning as I was introduced to the new system last night. It is not often that all the systems I use regularly are on the latest build but I am now.

: enoexec.eu FSS 1 $; uname -a
SunOS enoexec 5.11 snv_58 sun4u sparc SUNW,Sun-Fire Solaris
: enoexec.eu FSS 2 $; 

Friday Dec 08, 2006

Build 54 keyboard problem

Build 54 has proved to be more difficult to get up than most releases. I've not yet worked out why the lumake on the server fails, I suspect something to do with the zone that is configured. However the laptop upgrade went smoothly until it came booting the new OS. I was hit by to problems:

  1. The permissions on /tmp and /var/run were incorrect. Others have reported this when live upgrading to build 53 but I never saw it until today. This stopped gdm login starting until it was fixed.

  2. The keyboard mappings were hosed on the UK keyboard that my laptop has installed. Typing 'c' got me 'z', 'g' got me 'f' etc. Thanks to Alan for diagnosing this and pointing me at a solution (copy /usr/X11/lib/X11/xkb/symbols/sun/gb from the build 53 image).

The coolest thing in build 54 is that at last staroffice 8 is bundled I just need to clean up some of the mess left from having it installed seperately.



This is the old blog of Chris Gerhard. It has mostly moved to http://chrisgerhard.wordpress.com


« April 2014