Monday, May 31, 2010

Setting XMMS As Default Player on F13

My home workstation has a dual head Vista laptop and a Linux desktop. The desktop has better speakers, so I'm using it as my office jukebox. I've always used XMMS, but ran into a small problem getting it set as the default player on F13. What I wanted, was to be able to double click an MP3 and have it start playing. What I got, was that the song would queue, but not play. Here's what I had to do to fix it:
# grep Exec /usr/share/applications/xmms.desktop
Exec=xmms -e %F
# sudo vi /usr/share/applications/xmms.desktop
And change the -e to -p. This changes XMMS's behavior from enqueue to play. For some reason, someone decided they wanted to double click to add songs to a manually executing playlist-- Every other player (including Windows Media Player!) uses drop and drag to add songs to the playlist.

BTW: This is what was originally posted that ended up on a file by file basis rather than globally.

1. Open the Music folder (or any location that has an MP3.)
2. Right click an MP3 file and select Open with Other Application.
3. Find and highlight XMMS.
4. Expand the option to Use a custom command.
5. Add " -p " to the xmms command. (The spaces are important.)
6. Check Remember this application.
7. Click Open.

Thursday, May 27, 2010

OpenSSL: Love At Last

No... Not even close. It is so counter-intuitive, needlessly complicated, and maddeningly confusing. Thus forcing me to cheat.

Determine a website's SSL cert expiration date:
echo "" | openssl s_client -connect mail.google.com:443 \
  2> /dev/null | openssl x509 -noout -text | \
  grep After

Verify a file is a key:
openssl rsa -noout -check -in localhost.xxx

Find a key file that is mislabeled:
for J in `find . -type f`; do echo $J; \
  openssl rsa -noout -text -in $J 2> /dev/null | grep Pri; \
done

Verify a file is a certificate:
openssl x509 -noout -in localhost.xxx -enddate

Find a cert file that is mislabeled:
for J in `find . -type f`; do echo $J; \
  openssl x509 -noout -enddate -in $J 2> /dev/null; \
done

Verify the key matches the cert:
[ `openssl rsa -noout -modulus -in localhost.key` \
  == `openssl x509 -noout -modulus -in localhost.crt` \
] && echo yes || echo no
(Remember that those are back-tics.)

View a PKCS12 binary file:
openssl pkcs12 -info -nodes -in localhost.p12

Glorious Peoples Shuttle of Greatness in Space

Behold, comrades: the Soviet space shuttle Buran. After its single mission, I'd heard this pentacle of communist engineering had been retired, but look what I found (with some help) on Google maps. No street view... too sad.



View Larger Map

Wednesday, May 26, 2010

Happy Fedora 13 Day

In keeping with my standing policy, I've skipped a version, and jumped from Fedora 11 to 13. I was quite disappointed, however, that Xen Dom0 is not included.

* Disk Druid has changed, allowing for safer isolation of disks that should not be formatted. Unfortunately, I had problems getting LVM to work.
* Once again I loaded KDE, and found it beautiful, then promptly did away with it. I just can't stand Konsole-- I've got to have fast cut and paste.
* Looks like Plymouth for ATI Radeon is working, but I'm back to not being able to get the resolution beyond 1024x768.
* NIS still doesn't work out of the box, but I've got to move to Kerberos anyway.
* And NetworkManager... It just keeps getting worse and worse.
* The Grub kernel line is significantly more complicated, because it seems as if it is being ordered to NOT load modules.

I'll reload again tomorrow and we'll see if there are any new applications.

Monday, May 17, 2010

RedHat Tomcat 6 with Web Manager

The Red Hat Tomcat 6 RPM is not behaving politely. It would seem the manager should be available after install, but I'm getting a blank page. Turns out that I've had life pretty easy thus far (news to me) and someone has already done the hard work. Here's what it took for me to get Tomcat 6 working via RPM.

Starting with my "standard load" which does not include Apache:
# yum install tomcat6 tomcat6-admin-webapps
This will snag a quantity of dependencies, but will install with the web manager broken. Before starting Tomcat we will need to "fix" the web manager. While were at it, lets do some reorganizing:
# ls -l /usr/share/tomcat6/ | awk '{print $8" "$9" "$10}
bin
conf -> /etc/tomcat6
lib -> /usr/share/java/tomcat6
logs -> /var/log/tomcat6
temp -> /var/cache/tomcat6/temp
webapps -> /var/lib/tomcat6/webapps
work -> /var/cache/tomcat6/work
Okay... They tried to organize things, but I've never seen anybody put in /usr/share on a production system. Let's go with /opt:
# mkdir /opt; cd /opt; ln -s /usr/share/tomcat6 tomcat
# ln -s tomcat $(cd /usr/share/doc; ls -d tomcat6-*)
# ls -l | awk '{print $8" "$9" "$10}'
tomcat -> /usr/share/tomcat6
tomcat6-6.0.18 -> tomcat
Time to fix the manager. Web manager will ask for the user the authenticate, even though not user is allowed, by default.
# cd conf; grep manager tomcat-users.xml
One of the lines should show the user "tomcat" with the role of "manager". Notice the line is commented. Obviously we un-comment the line to allow a manager. We should now be ready:
# service tomcat6 restart
Hit the manager at something like:
http://tomcat.example.com:8080/manager/html

Sunday, May 16, 2010

Fedora 10+ Kernel Modesetting (KMS)

Boring backstory: I tend to buy computers in sets, so currently, my three primary R&D machines are HPs: a set of twins, and a more powerful third. That one is now loaded with ESX, so my main Linux desktop is one of the twins. Last week, its hard drive died and I just got the replacement. Now to the real story...

I'd been running Fedora 6 or 8 to work with Xen. That project has been finished for several months, so when I installed the new drive, I loaded 11. I found, however, that I could not get the Gnome desktop to run at better than 1024x768. I had run 11 before without problems using the same monitor at 1600x1200-- but that was on "third", who is now running ESX.

I checked the twin out, and the card should have been able to run 1280x1024. I could get system-config-display to specify 1280, but the desktop would always drop to 1024. After investigating the problem, I found the culprit was KMS, or kernel modesetting. (Yes, its one word.)

The idea is that the kernel, who owns all the hardware anyway, will decide the best resolution, and the software will do as it is told. Unfortunately, it works with Intel, plays nice with nVidia, but there are a few issues with ATI. Turns our, third was nVidia, and the twins are ATI.

A feature that is closely tied to KMS is the new boot progress screen called "Plymouth". Without KMS, Plymouth is just a three color progress bar. With KMS, its a blue sun projecting solar flares. For these ATI Radeon machines, no Plymouth. This is because KMS isn't reverse compatible. As a result, Gnome looked to the kernel for the correct resolution, kernel said "don't know", and so the desktop could not be made to exceed 1024.

In the end, the solution ended up being to add a Grub argument:
nomodeset
Still no Plymouth, but when Gnome asks the kernel for the correct resolution, the response is "decide yourself". Worked for me. Other possibilities, any one of the following:
vga=795
radeon modeset=0
radeon modeset=1

Good reading:
Plymouth Graphical Boot
How To Enable Graphical Boot with Plymouth

Monday, May 10, 2010

Sudo Read Only All

I had a friend with an interesting problem: They had replicate a set of configuration files on one Linux machine to another, but she didn't have root on the old box. Thus, she couldn't read files like the /etc/securettty file, which was permission 600.

Here's where life gets strange... The customer didn't mind her looking at the box, they just didn't want her changing anything. The best way to make sure she doesn't change anything is to not give her sudo.

Rock --> You <-- Hard place.

Solution: /usr/bin/less is a read only command so lets just sudo it! Unacceptable, as there is a thirty year old hack that lets you bang out of less to a command line, sayeth information security. Easy enough to fix...
echo "username ALL=NOEXEC: NOPASSWD: /usr/bin/less" >> /etc/sudoers
The NOEXEC: prevents the "bang hack" and allows full system visibility.

Thursday, May 06, 2010

Splitting MPEGs On The Command Line

I was cleaning out the basement, and came across a box of old VHS tapes. Needless to say, they went in the go to the dumpster pile. Along with a VCR, an old video capture board, and a PIII. Then it occurred to me: hey, that's a video encoding system sitting in the garbage heap.

A couple hours later, everything was assembled, and I transferred my first tape. A problem, though: it was too much effort to get the file to start and end at the right place. I spent some time screwing with some of the worthless video editing software, when I found a couple posts that solved the problem.

And, yes, its a command line solution. Your GUIs are so over rated.
ffmpeg -vcodec mpeg2video -r 29.97 -b 2000k -ab 224k
  -i Cap00.mpg -ss 00:00:37 -t 2:06:30 jurassicPark.mpg
These settings will take an input file encoded at the cards native settings, and chop off everything before 37 seconds and after 2 hours (plus change). I used Mplayer to get the time values.

Sunday, May 02, 2010

Norton AV Products Still Suck

I've always hated Norton products. McAfee is way more efficent. But, Comcast decided they wanted to switch the free AV product to Norton. They probably saved a nickle doing it. So, here's what happens when you use Norton (other than your machine running slow...)

I got this pop-up:Bad news. I ran a full scan. Nothing. The message returned. Reboot, update, disconnect from the network, scan, clean. The message returned.

For lack of any other option, I clicked "Get Help". Eventually, I was thrown into a chat session with an "analyst". After some discussion, he determined I was needed to upgrade my software from 3.x to 4.x, which seemed strange. Is he telling me that v3 is known to report bogus infections?He never said "yes, v3 has a bug," but he did say there was no virus, and the upgrade would stop the messages.

Suck.

Saturday, May 01, 2010

Google Earth Browser Plugin

The Google Earth browser plugin is an interesting extension of Google Maps. You can now find a location on the map, click over to an satellite view, and then extend it into a 3-D model. For downtown Washington, DC, its similar to being in a massive multi-user domain (MMUD).
That would be a first person shooter, for the children in the audience... under 30.
The cool part is that you can see the automobiles on display inside the Verizon Center and the Wizards on the outside jumbo-tron. The detail is so good, you can make read the hours on the door of the Chipotle's restaurant.

What is strange is how much territory does not exist. Go one block north to Chinatown, and the arch is not there. There are entire blocks that are missing. So this got me thinking: What determines what shows up?

A few hints. The Verizon Center always has a giant movie poster, in the MUDD, its for a "The Heartbreak Kid" that came out in October of 2007. In Stree View, its GI Joe, which came out in August of 2009. This implies that Google Earth does not depend on Street View.

I'm afraid the system may depend on crowd sourcing. It is up to the community to model the buildings. This poses two problems. First: what if someone chooses to model the buildings wrong. Second: if they are expecting me to model my own house, it isn't going to happen.

Not only would it end up looking like an MC Escher print, but I just got too many other things to do. Nothing important mind, you. It not like I've got a life, or anything.