Bluetooth & Ubuntu 7.10

Quick-and-dirty HOWTO for people looking to get a bluetooth compatible phone to talk to Ubuntu 7.10 (Gutsy) -- any phone should work, i've used a Nokia N80 successfully.

First, make sure you've got the Bluetooth Icon in the taskbar, if you don't -- there's a possibility your bluetooth adapter doesn't work with (or wasn't detected by) Ubuntu.

Second. go to a terminal and type:

sudo apt-get -f install gnome-vfs-obexftp

Which should pull in a bunch of dependancies for libopenobex1 and company.

Thirdly, if you'd like to use GNOME's "Send To" function to push files to your Phone (like to can to Evolution currently) you can type:

sudo apt-get -f install gnome-bluetooth

note: currently, the gnome-bluetooth package doesn't authomatically start the transfer daemon, you'll need to go through System -> Preferences -> Sessions and add a new program to the startup list, my settings for this were as follows

Name: Bluetooth File Transfer
Command: gnome-obex-server
Comment (optional): Transfer files via Bluetooth from "Send To"

Now, rather than seeing something similar to:

The Browse action reports:
"obex://[nn:uu:mm:bb:ee:rr]" is not a valid location.

You should be able to transfer files between your phone and your Gutsy machine :)

Better TTF fonts for LCD devices

A small follow-up to my last post -- because after you've installed your fonts, you'd probably like them to look good.

note: In some countries, the use of hinting is covered by patents -- which is why some distributions don't ship this functionality by default (prefering instead to use an auto-hinter included within the Freetype 2.x code specifically designed to completely ignore the TrueType bytecode instructions) -- still, you should use caution when modifying a production system -- caveat emptor.

First, you need to make sure you are actually using the native renderer, rather than the auto-hinter for your fonts -- in Ubuntu you can do this by opening a Terminal and typing:

sudo dpkg-reconfigure fontconfig-config

On the first screen, you need to select 'native' rather than 'autohinter' -- you can safely leave the other screens as their default values.

Second, you'll need to change your theme to use the better hinting -- you can do this on Ubuntu in the Font preferences from: System > Preferences > Appearance and select Fonts tab.

On the first screen, select the 'Details' button in the bottom right-hand-corner -- which will take you to a more detailed menu where you can customise your font and rendering preferences -- the key options to set here are:

Smoothing to Subpixel (LCDs),
Hinting to Slight
Subpixel Order to RGB. (Should be the default already)

At this point, instead of having something like:



You'll have:



Which, I think you'll agree -- looks much better (and is much easier to read, too)

Installing TTF fonts in Linux

Recently, I was asked how to get downloaded fonts onto an Ubuntu workstation in order to make prettier documents in OpenOffice -- there's two methods to doing this, which I thought i'd document for anyone having difficulties doing it themselves.

This article works on a Fedora 8, an Ubuntu 7.10 and an Ubuntu 6.06 machine -- but mainly relies on an XFree86 4.2 (or later) install with the fontconfig package installed (most current distributions have this installed already).

Method One: Single-user Fonts

Individual Users can install fonts by opening a terminal (Accessories -> Terminal) and making a .fonts directory in their home directory, like:

mkdir -p .fonts

Then, find a TTF font you like (Google thinks here is a good place to start looking) -- download it, extract it (fonts are usually distributed in .zip archives, so you'll need to extract the .ttf font file from it first) and copy it to the .fonts directory you just made.

Then you can either logout and login again, or restart the application you want the fonts to appear in and they should appear for use.

Method Two: System-wide Fonts

Administrators can install fonts by opening a terminal (Accessories -> Terminal), becoming the root user using either:

su - (Fedora)

or:

sudo -s (Ubuntu)

Then making a specific directory in the font location on their machine for TTF fonts (usually /usr/share/fonts/truetype), like:

mkdir -p /usr/share/fonts/truetype/winfonts

Download and extract the fonts to the new winfonts directory you made above, then update the font cache information for the machine by typing:

fc-cache -f -v

note: Some older Linux distributions (Fedora Core 3 and KUbuntu 5.04 both need this) may need to run:

mkfontscale && mkfontdir as the root user before running the fc-cache command above, so that your machine correctly creates a fonts.dir file that can be found by fc-cache.

If you're interested in Free and Open Sourced fonts, you should look at Ed Trager's site on the subject.

SSHFS (the alternative to fish://) on Ubuntu 7.10

Working on a file located elsewhere in the world, or in the workplace can sometimes become very tedious -- especially when using the SSH option in the GNOME file manager Nautilus, which relies on gnome-vfs module, which has some notable performance issues that still have to be addressed.

On the console, we have the fish:// transport in programs such as Midnight Commander and the excellent FTP/SCP program lftp, but fish:// still tends to be much slower than SSH itself.

Luckily, there's now FUSE & an equally useful drop-in module, SSHFS which allows a user to mount a remote SSH/SCP session as a virtual filesystem, having any modified data copied over the secure tunnel with little to no extra overhead than a straight SSH session instelf.

FUSE is a kernel module for mounting different filesystems by an unprivileged user, which was adopted into the mainline linux kernel a while back. SSHFS is an add-on created by the author of FUSE enabling users to mount remote folders/filesystems using SSH.

The idea is very simple - a remote SSH folder is mounted as a local folder in the filesystem. After that, almost all operations on this folder work exactly as if this was a normal local folder. The difference is that the files are silently transferred though SSH in the background.

Installing FUSE with sshfs in Ubuntu can be done via the Synaptic Package Manager (System->Administration->Synaptic Package Manager or by typing (as root):

apt-get install sshfs

Next, you need to give permission to use FUSE to the relevant users by adding the FUSE group to their account -- again, you can either use the Users and Groups GUI (System->Administration->Synaptic Package Manager) or via the command line using:

usermod -G -a fuse [username]

In Ubuntu Gutsy, the fuse module is already loaded at boot-time via the /etc/modules file -- If you are using Ubuntu Dapper, or another distribution -- you may need to load the module manually, you can do this via the command line by typing:

modprobe fuse

Now we can try to mount a remote folder using the sshfs transport. First, make a directory to use as the mount point for your remote folder (in this example, it's ssh_mount, but you could call it anything you liked):

mkdir ~/ssh_mount

Which would create the /home/username/ssh_mount folder.

Then, run the SSHFS command as you would a standard SCP command:

sshfs remote_username@remote_server:~/files ~/ssh_mount

The command above will cause the folder /home/remote_username/files on the remote server to be mounted as /home/username/ssh_mount on the local machine.

For now on, any file action (copying, editing, removing) to this folder will result in transparent copying over the network via SCP directly, which provides a massive performance improvement over the fish:// transport or the GNOME-VFS implementation.

Once you've finished working with the remote filesystem, unmount the remote folder by running:

fusermount -u ~/ssh_mount

OpenSSH and 'Matching' Rules

Most of the time on the servers I maintain, there's a strict set of options in the /etc/ssh/sshd_config file -- after all, things like X11Forwarding yes or any of the Plain-text challenge options should really be tightly controlled on operational servers.

Occassionally though, there's a reason to relax these permissions, but rather than doing this globally, OpenSSH has the ability to do this on a per user, group or connecting IP address basis.

A box that I look after has MaxAuthTries set to 1 and LoginGraceTime set to 30 in order to slow down brute-force password guessing attacks (something I highly recommend for boxes in the field, by the way) -- but the owner of the box is a little heavy on the keys sometimes and ends up having to try two or three times to get their password right.

Let's say our users name is Tom and he connects from 100.50.0.1

Simple solution -- First, open your /etc/ssh/sshd_config (or possibly /etc/sshd/sshd_config if you're using a Fedora/RHEL/SuSE box) file and add:

Match User tom Address 100.50.0.1
MaxAuthTries 5
LoginGraceTime 120

So, while normal users get 30 seconds and 1 try to enter their password -- the owner of the box gets 5 tries and 2 minutes before he's disconnected.

note: When using Match rules, the User (and/or Address) keywords are case-sensitive, at least on Ubuntu 6.06 and RHEL 4.

note ii: When specifying multiple Match rules on the line above (such as User and Address) the expression is treated as a logical AND -- so all the parts must match before the block is invoked.

.torrent files from the command line

Over the past few weeks, i've been playing with BitTorrent more for moving files around, but found no good way of being able to make .torrent files from the command line.

About a week ago, I found CreateTorrent and attempted to build packages for it, there were two major issues -- 1) there was no ability to make torrents private and 2) the program kept segfaulting whenever there was a '(' or ')' in the directory the files were stored in.

Today, when searching for createtorrent patches on Google, I found:

buildtorrent, which looked to do exactly what I wanted.

The code wasn't GNU Autotools ready, so I spent an hour or so fixing that (patches have gone upstream to the author) -- then I was able to build packages for it.

Ubuntu Gutsy users can grab them from here, packages for other distributions will be available as I have time to build them.

Fedora and The iPod Nano

In semi-celebration of Fedora 8 being released today, I have spent the day wrestling with mock and rpmbuild to bring you up-to-date libgpod packages (built from SVN 1759), allowing Fedora users to try out the new iPod handling code just like Ubuntu users can.

Completely unofficial, just like their Ubuntu cousins -- but they build cleanly and correctly write the Firewire ID to a brand new 3rd Gen Nano (and thus, gtkpod actually syncs music and rhythmbox reads the music).

Packages available from here.

Enjoy.

edit i: It appears the packages weren't actually mentioned in the original post, thanks to James for pointing this out.

edit ii: Yes, these include the snazzy HAL callout method that means you can plug your iPod in and everything is done automatically, no manual firewire hacking required :)

Changing the Zen-Cart 'Sales Pitch'

If you use Zen-Cart or OSCommerce, you may have found the need to change the 'Tagline Here' text on the main page at one point or another.

The usual solution is to copy includes/languages/english.php to your template directory and then change the tagline text there -- an adequate solution, if you only work with one template, but what if you run multiple stores, or you are dealing with a user who has no access to the filesystem, or an FTP program, or is simply uncomfortable editing something across a network.

The solultion I came up with, allows you to edit this field directly from the Administration Panel -- first edit the includes/languages/english/header.php file and change:

--- define('HEADER_SALES_TEXT', 'TagLine Here');
+++ define('HEADER_SALES_TEXT', STORE_TAGLINE);

Next, open your Administration Panel and navigate to Tools -> Install SQL Patches and in the cut-and-paste box, add the following:

--- cut here ---

INSERT INTO configuration (configuration_title, configuration_key,
configuration_value, configuration_description,
configuration_group_id, sort_order, date_added) VALUES ('Store
Advertising - Tagline', 'STORE_TAGLINE', 'Tagline Here', 'Set Shop Tagline /
Slogan
Default = Tagline Here', '1', '4', now());

--- cut here ---

Now you can go to Configuration -> My Store and configure the tagline
that is used for your shop, much easier than adding it by hand and much easier than editing your languages file to it.

dos2unix and recursion using bash

More a 'don't ever forget this line again' command for me, but a handy one-liner for a box that has find and dos2unix -- but not a perl interpreter.

find . -type f \( -iname '*.css' -o -iname '*.html' \) \! -path "*images*" -exec dos2unix {} \;

• Finds all files with a .css or .html extension, starting from the current working directory.
• Ignores anything in a directory including the word images.
• Then executes dos2unix on anything that matches.

Of course, you could execute anything (just change dos2unix to whatever you need to run).

Social Networking

Some of you may have noticed the icon above appearing next to posts -- this is the 'socialiser' icon, which is like a meta-index of all the social networking sites that you could submit articles to.

It seems easier than trying to add icons for each site (furl, digg, stumbleupon, slashdot, etc) -- just click the one link to submit the particular post you are interested in to whatever sites you have accounts on.

So, if you're into that sort of thing, click away :)

VMWare 6.x with Ubuntu 7.10

I've just spent a good hour wrestling with VMWare 6.0 in my new Ubuntu 7.10 installation -- there would seem to be an issue with the vmware-any-any-update113, that thinks it's building the vmmon module for VMWare 2.x, not 6.x.

After installing the update (see: http://platan.vc.cvut.cz/ftp/pub/vmware/vmware-any-any-update113.tar.gz) and running the script, everything seems to build successfully -- but attempting to run VMWare gives you:


and:



Eventually, I was able to work around this issue by:

• Extracting the vmmon.tar file from the update.

• Editing the getversion.pl script with a text editor and changing line 66:

--- print 'VME_V4';

+++ print 'VME_V6';

• Save the file and tar up the directory.
• Re-run the runme.pl file -- which should rebuild the kernel modules correctly and allow you to start VMWare correctly.

Apache2, SSL and Ubuntu 6.06

Recently, I had to configure a dedicated SSL certificate with Apache2 on a Virtual Host -- and proceeded to use a combination of information from Verisign & the Ubuntu Documentation Project.

After tweaking the install, I ran foul of the infamous "error -12263" in my browser.

My configuration consisted of:

* cp'ing the original vhost configuration to 'secure' in /etc/apache2/sites-available/ and symlinking them to /etc/apache2/sites-enabled/

* adding "Listen 443" followed by a newline to /etc/apache2/ports.conf

* Changing /etc/apache2/sites-available/secure to read:

--- <virtualhost>*:80</virtualhost>
+++ <virtualhost>*:443</virtualhost>

* and beneath the 'ServerAdmin' line -- Adding:

+++ SSLCertificateFile /etc/ssl/certs/server.crt
+++ SSLCertificateKeyFile /etc/ssl/private/server.key
+++ SSLCACertificateFile /etc/ssl/certs/Verisign_Class_3_Public_Primary_Certification_Authority.pem

At this point, Apache starts normally & listens on both the HTTP and HTTPS ports, as referenced by the change in /var/log/apache2/error_log

from:

[notice] Apache/2.0.55 (Ubuntu) PHP/5.1.2 configured -- resuming normal operations

to:

[notice] Apache/2.0.55 (Ubuntu) PHP/5.1.2 mod_ssl/2.0.55 OpenSSL/0.9.8a configured -- resuming normal operations

However, when you try and https:// address, browsers error out.

Worse still, Apache doesn't actually log anything about this request by default -- but we know the site works because using a standard http:// request works fine.

Actually, that's not quite true -- it does log a cryptic error message that looks similar to:

127.0.0.1 - - [04/Aug/2007:23:38:58 +1000] "\x80\x8c\x01\x03\x01" 200 16564 "-" "-"

Some googling later, this seems to indicate that port 443 is serving non-SSL requests to clients.

Luckily, you can use OpenSSL to confirm this behaviour:

Running:

openssl s_client -connect localhost:443

Returns:

CONNECTED(00000003)
7431:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:567:

Instead of your key.

The trick, of course -- turns out to be remarkably simple, open /etc/apache2/sites-available/secure -- and add:

+++ SSLEngine on

So your configuration becomes:

---
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
SSLCACertificateFile /etc/ssl/certs/Verisign_Class_3_Public_Primary_Certification_Authority.pem
---

Save the file and restart Apache, then run the OpenSSL command line again:

openssl s_client -connect localhost:443

It should now return your key information properly -- now fire up your browser and use https:// to your hearts content.

Ubuntu and The iPod Nano

My iPod (Mini, 3rd-Generation, 4G Green) died last week -- used it every day for the four years i've owned it, so it's had a fairly good run.

So, I upgraded to a new, shiny iPod Nano.

Or so went the plan.

Long & Short -- I bought, under some sufferance (ie. in AUD -- it worked out cheaper to buy a full iPod than getting replacement parts for the old one) a 8G Nano.

After looking at Will's Backdot Page & GTKPod's subversion repository -- I set about putting packages together for anyone that's using Ubuntu's latest beta (Gutsy Gibbon) -- that should be nice drop-in replacements for your old ones.

Currently, these are hosted: here (and are based around revision 1710, for those keeping score at home) and they'll be updated for any new revisions that appear in the near future.

edit: There's also updated Rhythmbox packages from GNOME SVN now -- which fix a number of irks (cross-fading crashers, slow database read times on +1000 song libraries and they also include the patch for #411634 -- which should stop duplicated tracks appearing on your device)

edit ii: Updated to include the first pass coverart support as well as adding the ipod-read-sysinfo-extended code to automate the discovery of your iPod -- thanks teuf.

edit iii: As teuf points out in the comments, the libgpod2 package contains a small binary that allows the iPod to find and write the Extended Information file that one needs to make their iPod work -- getting this to work is a three step process:

1. You first need to enable (if you haven't already) the 'universe' repository via 'System -> Administration -> Software Sources'.
   
2. Plug in your iPod.
3. Open a terminal window.
4. sudo to root.
   
5. Run /usr/bin/ipod-read-sysinfo-extended /dev/sd[abcde] /media/IPOD (where sd[abcde] is the device name of your iPod -- use the df command if you're unsure)
   

Packages for other distributions might be considered too -- comment if you're interested.

As the technical world turns ...

First came the incident. (1996-1999)
Then came cipherfunk. (2000-2006)

Now comes blogger.

A place for random technical bits, pointers to workarounds & general notifications of stuff i'm working on, for anyone that cares.

Any questions, that's what the comment function is for.