So far this is the best way I’ve found to have persistent touchpad settings when not using gnome. It feels quite hacky though, so I’m hoping there’s a better way I haven’t thought of yet

The problem seems to be that gpointing-device-settings relies on gnome-setting-daemon for persistent settings. Running gnome-settings-daemon plants an ugly power gauge in the notification area that I can’t seem to configure. [insert standard rant about gnome3 here]

Settings can be set manually with synclient, and using this in combination with gpointing-device-settings to work out what values you need to set is an approach that seems to work reliably, even if it is somewhat annoying

Here’s what to do

1. In a terminal run ‘synclient -l’. This shows all the settings for the synaptics driver as currently applied. Save this output for later.
2. Run gpointing-device-settings, make changes as appropiate
3. Run ‘synclient -l’ again. Note the changed values from the first run, these are the ones to be set manually on startup
4. Create a script to set these values when X starts. Mine is shown below

[andrew@apollo ~]$ cat /etc/X11/xinit/xinitrc.d/zz-synaptics.sh
#!/bin/bash

synclient AccelFactor=0.0790378

This is how I setup lxde (on Fedora 14) to take screenshots.

• Install the gnome-utils package. This contains the gnome-screenshot program. It’s possible to avoid this by using imagemagick or scrot, but I couldn’t find a way to make them take shots of the active window (the usual alt+printscreen behaviour)
• Insert the lines below into the keybind section of ~/.config/openbox/lxde-rc.xml


    <keybind key="Print">
      <action name="Execute">
        <command>gnome-screenshot</command>
      </action>
    </keybind>
    <keybind key="A-Print">
      <action name="Execute">
        <command>gnome-screenshot -w </command>
      </action>
    </keybind>

Simples

New server arrived last week. Installed lucid (Ubuntu 10.04) and planned to run some VMs there with werdz‘s awesome rbvm.

Spent my first few hours at the machine tripping up over this nasty bug, but I’ll save that for a separate rant, this is a rant just about upstart.

Upstart is the kind of thing that’s great for laptops, they boot often, and you want them to boot quickly. Servers don’t boot quickly, they have network cards, remote access cards, raid controllers and other junk to initalize when they start. Because of this, trying to start everything on a system in parallel adds massive complexity without having anywhere near the same effect on the overall boot time.

Apart from this upstart, as it is, is half baked. It’s not ready to be included for a server distribution to go into production for 5 years. Most of the important services I have running here (bind, exim, apache, nginx) don’t even come with upstart configs, so half the system is still relying on old init scripts anyway.

The man page for mountall(8) sums it up pretty well:

This is a temporary tool until init(8) itself gains the necessary flexibility to perform this processing; you should not rely on its behaviour.

I noticed that after enabling bridge networking (for rbvm) on Monday that the dhcp server was no longer starting. After some investigation I concluded this was because of the delay between upstart finishing bringing up the network, and br0 actually being ready (about 15 seconds).

Writing an upstart config for dhcp didn’t help, it still ran before br0 was up, even though it was dependent on ‘started networking’. The only solution I could come up with was to add a prestart script to force upstart to wait before starting the dhcp server. This is what I came up with.

# dhcp3-server
#

description “DHCP Server”

start on (started networking and started dbus)
stop on (stopping networking)

expect fork

pre-start script

brstat() {
ifconfig |grep -c $BR_INTERFACE
return 0
}

BR_INTERFACE=”192.168.1.1″
BRSTAT=`brstat`

while [ $BRSTAT -lt 1 ]; do
sleep 2
BRSTAT=`brstat`
done

# allow dhcp server to write lease and pid file
mkdir -p /var/run/dhcp3-server
chown dhcpd:dhcpd /var/run/dhcp3-server
if [ ! -e /var/lib/dhcp3/dhcpd.leases ]; then
touch /var/lib/dhcp3/dhcpd.leases
fi
chown dhcpd:dhcpd /var/lib/dhcp3 /var/lib/dhcp3/dhcpd.leases
if [ -e /var/lib/dhcp3/dhcpd.leases~ ]; then
chown dhcpd:dhcpd /var/lib/dhcp3/dhcpd.leases~
fi

end script

exec /usr/sbin/dhcpd3 -q -cf /etc/dhcp3/dhcpd.conf

Why the need for the brstat() function? Upstart executes all it’s scripts with ‘/bin/sh -e’, so grep returning 1 caused the script to fail. The documentation didn’t indicate any way to change that behaviour.

After all that effort, I noticed the same problem was affecting ircd-hybrid this morning, so I’ve set a similar hack to run from /etc/rc2.d before anything else, to ensure none of the init scripts will run without the interface being up.

So, I’ve been using it for a few days, and it’s working nicely now.

Power Management

The battery applet on LXPanel seemed to eh, not work for me. I decided to try loading in gnome-power-manager for this. Not only does this put an accurate power gauge on the panel (in the tray area), but controls things like brightness when on power/battery. Best of all, the brightness control buttons on the keyboard now work. Created an autostart entry to start this on login.


[andrew@Callandra ~]$ cat .config/autostart/power.desktop
[Desktop Entry]
Name=Power Manager
Exec=/usr/bin/gnome-power-manager
Comment=Gnome Power Manager
Encoding=UTF-8
Type=Application
StartupNotify=false
X-KDE-autostart-after=panel
Icon=setroubleshoot_icon


Keyboard Indicators

For some reason this laptop comes with no indicator lights for the keyboard. I don’t understand why something would be designed like this, but there is an indicator available on LXPanel, which mostly works.

It seems to work fine when started, but, if it’s set to show only caps lock (the only one I really needed) it loads up on next login only indicating scroll lock. Only solution to this I’ve found is to keep all three indicators enabled.

So, last night I won a Dell Mini 10, and decided to try out LXDE rather than XFCE for a change (using the LXCD spin), so it’s been a little more fun to get working than it otherwise would have been

LXDE

This seems pretty light and cool. The default applications are very light, but most are functional enough to use. The panel comes with just the right amount of gadgets and configurations to do everything I need in the smallest possible amount of screen space.

Software

Browser

The default web browser Midori seems cool, but just doesn’t have enough functionality to use as a firefox/chrome replacement, so I installed chrome. This mostly worked fairly well, but, it couldn’t open downloads because of xdg-open not being at all LXDE friendly.

Hacking up the terrible default path to be sensible and putting a new xdg-open in /usr/local/bin got around this though.


[andrew@Callandra ~]$ cat /usr/local/bin/xdg-open
#!/bin/bash

pcmanfm "${1}"


Terminal

My biggest criticism of the LXDE terminal is that it was clearly designed by someone who didn’t love terminals like I do. It’s functional, but I can’t live without clickable links.

I tried installing the gnome-terminal, but, it too seemed to fail at opening links. Luckily the xfce terminal worked perfectly

For some reason though, F11 is mapped to FullScreen by OpenBox, which is a real pain cause I use that for screen. Eventually I found to disable that in ~/.config/openbox/config

Hardware

The hardware seems mostly good, the screen and keyboard size are most excellent (though, there’s enough room here that there could have been a Page Up/Page down button). The wireless (Broadcom 4312 *shudder*) works fine with kmod-wl from rpmfusion, and the network manager applet works great in LXDE.

Biggest problem with the hardware is the trackpad, which has the buttons integrated (like the ones on the new Mac). This is at best ‘tricky’ to use, it’s possible better drivers would help, I’m still looking.

Just noticed this on a clean Fedora 12 install (that I’ll talk about later).


[andrew@Callandra ~]$ echo $PATH
/usr/lib/qt-3.3/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/usr/sbin:/sbin:/home/andrew/bin

Compare that to the default Ubuntu paths:

home@racetrack:~$ echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games


Ubuntu are right here, and Fedora is very wrong (much as it hurts me to have to say that). The point of the path is that default applications can be overridden at every level. Start from the back end, /bin. I may as the network administrator put a program of the same name (packaged) into /usr/bin to make it the default for system users. Similarly, as a local administrator I may want to put custom software, wrappers etc., into /usr/local/bin so they appear before the packaged defaults. As an end user, I might want to use my homedir to do similar

Jeff writes:

What I would like to explain is why the impedance mismatch between Linux and Solaris packaging is not so much a technological divide as it is a philosophical one.

Philosophical differences are fine. Infinite diversity in infinite combinations, etc., however, regardless of the philosophy the goal of the package manager should be to make the life of the sysadmin easier, otherwise it’s not much use.

For a change this won’t be a rant about how the package set is an ancient pile of crap, we’ll assume for the sake of this discussion that you’re so concerned about stability you’re willing to live with a 6 year old version of bash. We won’t discuss how incompatible 3rd party sites are a poor substitute for the ports tree, because maybe you’re happy with a 5 year old version of nano.

The point is the tools should be independent of the packaging philosophy. They should minimise the amount of effort required to manage the system – automation is a good thing ™. On that basis, I propose that there is a minimum set of functions these tools should provide.

• Automatic Dependency Resolution. Pretty obvious, you can’t call anything a package manager if it can’t do this.
• Simple Upgrade. All upgrades to the packages should of course be available as packages, and there should be a simple command to upgrade all packages for which there is a new version (thanks Cian for reminding me of this one)
• Remote Repo Support. HTTP is preferable for this, because, everyone has a http server. I don’t want to carry the Solaris 10 DVD in my pocket everywhere, and I don’t want to go around mounting NFS directories. The vendor doesn’t have to provide the package server, just support in the tools for a package server so I’m free to make my own (and, so are others)
• Support For Multiple Repos. Blastwave has it’s own tools (yes, multiple) to actually install it’s packages. SunFreeWare relies on you doing your own manual dependency resolution (*shudder*). This is a load of shite. The package tools supplied by the operating system should allow me to define multiple sources, and rules for which source should be used. I should be free to build custom packages with dependencies against base packages if that’s what I choose (and, there’s lots of reasons to want to do this), or to maintain a separate hierarchy of independent software (like blastwave etc.) if that’s what the situation requires.
• Simple tools to query packages, search for packages, query files. We don’t need all the bells and whistles of apt, but, we do need equivalents for ‘apt-cache search’, ‘yum info’, and ‘dpkg -S’.

Regardless of the philosophy, the point of a package manager should be to manage all the software on the system. I don’t have time to compile things, and I don’t enjoy patching things. There is no reason that you can not achieve separation of components, (eg, base and ports) while still providing binary packages for everything. The whole system should be package managed, apart from the handful of shell scripts I have sitting in /usr/local/bin ( the one place the package manager should never touch. /usr/local/ is for me to manage. This is what both FHS and the debian package policy says)

So, it’s been a while since I posted, I thought I’d share my latest heap of hacky shell up here.

Last week we were having a discussion following on from Chris Siebenmann’s post on restoring files from a package, to see what changes had been made. Anyway, we decided that such a feature could be useful, so I promised to hack one together.

It took a week to finish this, because I spent most of my time confused about how apt-get couldn’t just download package without being root. I now know that it defiantly can’t do this. I also know that aptitude can.

#!/bin/bash
#
# Check we have an argument
#
if [ -z "$1" ]; then
    echo "Usage $0 /path/to/file"
exit 1
fi
#
# Check this is actually a text file, if
# not we drop out straight away
#
if [ `file $1|grep -c text ` -lt 1 ]; then
    echo "The file $1 is not a text file"
    exit 2
fi
#
# Work out the package name
#
PACKAGE=`dpkg -S $1| awk -F: '{print $1}'`
#
# If there's no matching package then
# just exit with an error
#
if [ $? -gt 0 ]; then
    echo "No package provides this file"
    exit 3
fi
#
# Download the package
#
echo "File $1 is provided by $PACKAGE. Downloading to /tmp/$$"
mkdir /tmp/$$
cd /tmp/$$
aptitude download $PACKAGE > /dev/null
#
# Extract the package
#
PKGNAME=`find /tmp/$$ -maxdepth 1 -type f -name "*.deb"`
dpkg -x $PKGNAME /tmp/$$
#
# Diff shit
#
diff -us /tmp/$$/$1 $1
#
# If there's a difference then offer to save the diff
#
if [ `diff -qs $1 /tmp/$$/$1|grep -c identical` -ne 1 ]; then
    echo -n "Save this diff? [yes] "
    ANSWER=yes
    read answer
    if [ -n "$answer" ]; then
        ANSWER=$answer
    fi
    if [ "$ANSWER" = "yes" ]; then
        diff -us /tmp/$$/$1 $1 > /tmp/$PACKAGE.$$.diff
        File saved to /tmp/$PACKAGE.$$.diff
    fi
    echo
fi
#
# We should be nice and offer to clean up
#
echo -n "Delete the temporary package files from /tmp/$$? [yes] "
ANSWER=yes
read answer
if [ -n "$answer" ]; then
    ANSWER=$answer
fi
if [ "$ANSWER" = "yes" ]; then
    rm -fr /tmp/$$/
fi
echo


This script is also available from the RedBrick package repo

In my earlier post on dirvish I said I’d have to beat it to do the kind of expire rules I wanted… well I’ve finally found time to do that.

It’s a pretty simple approach, I’ve used the cron script to touch a dotfile if it’s the start of the week/month, and if that file exists then it determines the expire time, which is just passed as an argument to dirvish

This way, the first backup of the month should always be kept for a year, and the first of the week for a month, no matter when they occur.


#!/bin/bash
#
date=`date +%d`
day=`date +%a`
#
if [ "$date" -eq 1 ]; then
touch /home/backup/littlebrick/.monthly
fi
#
if [ $day == "Sun" ]; then
touch /home/backup/littlebrick/.weekly
fi
#
if [ -f /home/backup/littlebrick/.monthly ]; then
dirvish --vault littlebrick --expire 1year --image-time 00:00
elif [ -f /home/backup/littlebrick/.weekly ]; then
dirvish --vault littlebrick --expire 1month --image-time 00:00
else
dirvish --vault littlebrick --image-time 00:00
fi
#
dirvish-expire

With that done, all that’s left to do is to remove the dotfiles following a successful backup. I used the post-server options for this.

#/etc/dirvish/master.conf
...
post-server: ; /backup/dirvish/post_backup.sh $DIRVISH_DEST
...


And, this is the post_backup script


#!/bin/bash
#
# This script runs after backups, and if the backup was
# successful clears out the month/week flags
#
#$2 is the DIRVISH_DEST
cd $2
cd ..
#
#we're now in /home/backup/littlebrick/YYYYMMDD/
#
success=`grep -c "Status: success" summary`
#
if [ "$success" -gt 0 ]; then
if [ -f /home/backup/littlebrick/.monthly ]; then
rm /home/backup/littlebrick/.monthly
if [ -f /home/backup/littlebrick/.weekly ]; then
rm /home/backup/littlebrick/.monthly
fi
fi


My laptop is something I should *really* backup, since most of my files and stuff I’m working on is there. Since I’m too lazy to do this regularly though I setup an automated system to do this after I re-installed it this week.

My objective was to setup a backup system that would always run automatically, without me having to press any buttons. Incremental backups were a must. Keeping multiple days of backups was also a relatively high priority.

Dirvish is a perl wrapper for rsync. It’s main feature is to automate running incremental rsync backups on a regular basis without too much hassle. Having worked with it alot before it seemed the obvious choice for running my laptop backups.

Before I continue, some terminology:

Server: the machine running dirvish, in this case my desktop
Client: the machine with the files, in this case my laptop (littlebrick)
Bank: A directory where dirvish stores backups (eg. /backup)
Vault: A particular backup source (eg, my laptop)
Branch: A particular run of a vault (usually, daily)

DHCP

First, I needed to setup my laptop to have a static ip address on the wireless, which uses dhcp.

/etc/dhcpd.conf
...
host littlebrick {
hardware ethernet       00:1b:77:37:af:3d;
fixed-address           10.0.2.90;
}
...

DNS

and then I added this ip to the local dns server.

/var/named/master/db.internal
...
littlebrick     A       10.0.2.90
...

Now I can specify the laptop by hostname in the config files later. You could skip this step and just use the ip or /etc/hosts of course.

SSH

Next step was to generate an ssh key, so the server could connect without a password

laptop# ssh-keygen
laptop# cat id_rsa.pub > /root/.ssh/authorized_keys2
laptop# scp id_rsa root@desktop:~/.ssh/

I set the laptop to allow root ssh (I’ll tidy this up a bit later), and then tested the desktop root user could ssh to the laptop.

Actually, the default in most cases is to allow ssh access as root (either via password or key). I think this is fairly nuts as a default, and usually change it pretty quickly

Dirvish

Once that’s done I started on dirvish. On the server I installed dirvish, and the client already had rsync, so nothing to install there. With that done I started configuring dirvish. All the config for this needs to be done on the server.

Fedora didn’t provide any default master.conf for dirvish, so I copied one I’d written before, and made a few small changes.

/etc/dirvish/master.conf
bank:
/home/backup
exclude:
lost+found/
/var/log/
/var/tmp/
/var/run/
/var/lock/
/mnt/
/media/
/sys
/dev/
/proc/
/tmp/
/vmlinuz*
/initrd*
.gvfs
Runall:
littlebrick     00:00
# by default we keep backups for 7 days
expire-default: +7 days
expire-rule:
#    MIN HR    DOM MON    DOW  STRFTIME_FMT
*   *     *   *         1    +1 months
*   *     1   *         *    +1 year
#
# permissions for logs, etc.
meta-perm: 600

Most of this is fairly self explanatory – the bank is the directory where all the backups will be kept. The exclude rules specify directories that we don’t want to include in the backups.

The expire rules are setup to keep the first backup of the month for a year, and the first of the week for a month, and all other backups for 7 days. I’ve found this to work well in the past. Obviously, it’s flawed here, but I’ll get to that later.

server# mkdir -p /home/backup/littlebrick/dirvish

Then, setup the default.conf in this directory. (the format here is $bank/$vault/dirvish)

/home/backup/littlebrick/dirvish.conf
client: littlebrick
tree: /
xdev: 0
index: none
image-default: %Y%m%d
image-perm: 700

Most of the options used here are fairly obvious, I want to backup the root of the host littlebrick, without keeping any indexes, and with a permission of 700 on the backup directory, which should be named in a YYYYMMDD format (you can add times and stuff here, but i’ve never felt the need. Keeping it in this simple format makes it easier to script stuff).

The xdev option specifies whether rsync should move from the original file system. Since /home is seperate from /, and has most of my stuff xdev needs to be turned off here. A value of 0 here is false (don’t stick to one file system), all other values (including the word false) will be interpreted as true.

With that done it’s time to test it. Hopefully it’ll “just work” ™.

server# dirvish --vault littlebrick --init

Knowing this would take ages, I went to make some coffee. Before it finishes run get the exact rsync command ran on the client from ps.

With that command edit /root/.ssh/authorized_keys2 (on the client) to look like this:

command="rsync --server --sender -vlHogDtpre.iLs --numeric-ids . /",from="10.0.2.5",no-port-forwarding,no-X11-forwarding,no-agent-forwarding ssh-rsa UrCysuKiGZRQzAfypvZNUuOmcPHu
lZy/B31Mje8UfooJCurM3JKL0t7U7mbor2Fs43OVZhUp6m1xburbDpFOtzKU0UDMO0MopRZ6q8si6fUP5oqAQAE2
U3Pieq3qJGLYzUB3zzzoDromtsYXbCwWDJsVdVVo6yvKNiSDWBZAo2UeyqRtsPuavVhuHqOxwu2/Fqu
aXq+vBkguC8ausv+wnSXhR9TINA7jDlu6g4pkkl7eCvOelzxvJ6O62kimt6JNWHJTHUMwue/mwSog8HPmACwY/OSOtelAih76v0Pur6dlMZT5cw1oOnU8DBXjt1e3V2Mw5wQxMxorBtXHeYxw== root@littlebrick

Where the command is the rsync command is the one from ps earlier, and the ip address is the ip of the dirvish server. With that done, edit sshd_config and set: “PermitRootLogin forced-commands-only”

Then I just added a script to /etc/cron.daily on the server to run it daily

/etc/cron.daily/00dirvish
dirvish-runall
dirvish-expire

dirvish-runall will backup any vaults specified in the runall section of /etc/dirvish/master.conf. dirvish-expire deletes any images that have been lying around longer than the expire time.

Still to do….

I find the pattern of keeping the first monthly backup for a year, and the first weekly for a month works well on systems where I expect backups to run every day, but obviously this won’t run daily. I’d like a system whereby I can ensure that the first successful backup can be kept for the month, regardless of what date it is. Dirvish doesn’t support anything this fancy, so it’ll take some scripting.

At the moment backups are set to run about 4am, this means they should generally be finished before I want to leave in the morning, but it’s not that unusual for me to be still working on my laptop at 4am. I’d like a script to stall/cancel backups if I’m still working. I’m thinking I could do this by querying the state of gnome-screensaver…