Craig Box's journeys, stories and notes...


Archive for the ‘Technical’ Category

Codenamed

Monday, July 24th, 2006

A while ago I blogged about Falcon, the Ubuntu/Debian repository builder, and how I'd quintupled the bug count. What fun to upgrade today and chance upon the changelog...

Version Codename Date Released
1.4.0   2006-07-15
1.3.2   2006-07-10
1.2 The Craig Box release 2006-06-23
1.1   2006-06-21
1.0   2006-05-29

I guess I'm flattered 🙂

Meta-Windows utilities

Monday, July 24th, 2006

Want to get all the SysInternals utilities? You can download them all yourself, or there's a really useful SysInternals installer built by Ross Smith II that downloads them all (or the ones you select) and creates shortcuts for them for you.

He also has a similar utility for the NirSoft utilities, which include excellent tools for recovering lost passwords and product keys. Watch out if you run Symantec AntiVirus, as it will suggest they are "hack tools".

Another useful meta-utility is The Ultimate Boot CD for Windows. Built on BartPE, the free and legal Windows LiveCD builder (you must have a license for Windows to use it, and you must not use it on more than one PC at once), The Ultimate Boot CD builds you a bootable image with dozens of useful recovery utilities on it. Every sysadmin should have one.

Graphing and analysing SpamAssassin

Friday, July 21st, 2006

Here's something simple that I never thought of - props to my workmate Tom for coming up with this.

SpamAssassin scores plot

This is a gnuplot graph of our SpamAssassin scores. The code used to generate it is on the bottom of the SpamAssassin notes page at the WLUG wiki.

The grouping around -100 is caused by the whitelist rule, which scores messages down 100 points (ensuring they are never marked as spam). Usefully, this rule doesn't count towards the threshold needed to be reached before a message is learnt as ham by the Bayesian categoriser.

We seem to have a reasonably normal distribution of good mail, between about -5 and +5, and a reasonably normal distribution of spam, between 10 and 60. This means our filter is working really well. What I took from this, is that it was safe to up the ham learning threshold - it defaults to -0.1, but I've set ours to 1, as we have a lot of rules that score all messages up quite equally.

Also useful is sa-stats.pl, which generates a summary table of how often rules were hit on messages that were either marked as ham or spam. As of today:

TOP SPAM RULES FIRED
———————————————————————-
RANK RULE NAME                COUNT  %OFMAIL %OFSPAM  %OFHAM
———————————————————————-
   1 RAZOR2_CHECK               153  38.65  76.50   1.00
   2 BAYES_99                   150  37.41  75.00   0.00
   3 RAZOR2_CF_RANGE_51_100     149  37.41  74.50   0.50
   4 RAZOR2_CF_RANGE_E8_51_100  128  31.92  64.00   0.00
   5 URIBL_JP_SURBL             125  31.17  62.50   0.00
   6 URIBL_BLACK                120  29.93  60.00   0.00
   7 URIBL_SC_SURBL             105  26.18  52.50   0.00
   8 URIBL_OB_SURBL             105  26.18  52.50   0.00
   9 HOST_EQ_D_D_D_D            102  28.93  51.00   6.97
  10 RCVD_IN_SORBS_DUL           92  23.19  46.00   0.50
TOP HAM RULES FIRED
———————————————————————-
RANK RULE NAME                COUNT  %OFMAIL %OFSPAM  %OFHAM
———————————————————————-
   1 AWL                        193  57.86  19.50  96.02
   2 BAYES_00                   183  45.64   0.00  91.04
   3 RELAY_IS_203                78  20.20   1.50  38.81
   4 FH_RELAY_NODNS              75  25.44  13.50  37.31
   5 HTML_MESSAGE                72  35.66  35.50  35.82
   6 UPPERCASE_25_50             60  14.96   0.00  29.85
   7 FORGED_RCVD_HELO            56  36.16  44.50  27.86
   8 USER_IN_WHITELIST           23   5.74   0.00  11.44
   9 NO_REAL_NAME                20  13.22  16.50   9.95
  10 SPF_HELO_PASS               19   5.49   1.50   9.45

I toyed with changing the scores on rules that hit lots on both ham and spam, such as FORGED_RCVD_HELO, but they contribute only very small weightings overall at the moment.

AWStats on Ubuntu

Friday, July 21st, 2006

AWStats is a "free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically". It's commonly used for generating pretty logs of your Apache web server. (See the AWStats demo if you're unfamiliar and interested.)

I got it going with my Ubuntu virtual web hosting setup this morning, and wrote a page about AWStats, Apache 2 and Ubuntu or Debian on the WLUG wiki. Enjoy.

Audio on Ubuntu

Thursday, July 20th, 2006

Ian recently mentioned a new Skype beta for Linux, using ALSA. Did you know that ALSA has supported software mixing "out of the box" since 1.0.9rc2? This means everything from Ubuntu Breezy up did sound mixing, and you didn't even know it. That means if Linux can play sound to your sound card, it will automatically mix multiple sound inputs at once, in hardware if possible, on the CPU if not.

GNOME uses the Enlightened Sound Daemon (ESD) to provide its audio notifications. ESD is, amongst other things, a software mixer - before ALSA, it would take control of the sound device and applications would connect to ESD, which would mix the sound together. Since Breezy, Ubuntu has used ESD with an ALSA backend, meaning that sound mixing "just works" for any application using ESD or ALSA for sounds. The only leftover was applications that wanted to write directly to /dev/dsp device, which can only ever be used by one person at a time. Skype was the last application I could name that didn't talk to ALSA natively, and unfortunately it had issues operating with ESD's dsp emulator, esddsp.

ESD hasn't been maintained for some years, and is probably going to be replaced with the new PulseAudio, formerly known as PolypAudio, a program designed to be a drop in ESD replacement.

Then, of course, there is Gstreamer, which can loosely be compared to DirectX's DirectShow. gstreamer-properties (or Preferences -> Multimedia Systems Selector) lets you set gstreamer to output to ALSA. I assume it's the default in recent Ubuntu releases, so you can play as many sounds, via as many methods, as you like.

crb@machine:~$ apt-cache search gstreamer | grep alsa
gstreamer0.10-alsa - GStreamer plugin for ALSA
gstreamer0.8-alsa - ALSA plugin for GStreamer

Which is it, though? 🙂

Left out in the .NET cold

Tuesday, July 18th, 2006

Hey, if Juha's blog is a NZ .NET blog, then dammit, I ought to be one too. Vote for me! I have a Smartphone, and wrote a program in C# once!

On that note, did you hear I wrote a program in C# once? Mostly while watching one-day cricket last summer, in fact. It progressed really well, and seemed like it would fill a need - it does profile management for Windows 2000/XP machines. I learnt a lot on the go, and got it to the point where I didn't think that I would be able to go much further without peer review.

So, I released it, and posted about it to some newsgroups. And got no feedback. Not one. Not a sausage.

Since then, I've actually gone to run it once, and found that it didn't actually work on .NET 1.1 - even though I'd deliberately eschewed nice new 2.0-only classes and done things The Hard Way for maximum compatibility, because I'd used Visual Studio Express 2005, it used 2.0 by default. I found out how to fix that, but by that time, it was quicker to fix the profiles manually.

I don't really enjoy programming the way that my programmer friends do. If I had a Windows programmer buddy to help me with the details and motivate me, then the Windows sysadmins of this world could end up with a pretty cool tool. So, 1. I think this post must make my blog the best .NET blog in NZ (cough cough) and 2. if anyone out there wants to help out with a useful C# project for Windows sysadmins, please comment below.

Shutting Debconf up

Monday, July 17th, 2006

Debian's package system, as well as its automatic dependency resolution, has reasonable management of configuration files - not as great as Gentoo, unfortunately, which has some smarts about merging changes, but at least it stops you and tells you what is changing. It does this for files that are labelled as 'conffiles'.

If you're upgrading a lot of alike machines, you can find out what answers you want to load in first, and then tell the others to accept or reject the changes appropriately.

For example, hdparm gets an init script in Dapper that it didn't have in Hoary, so we can safely force an answer of 'yes' for that package:

apt-get install -y hdparm -o Dpkg::Options::="--force-confnew"

However, the firewall rules have been customized locally, and overwriting them with defaults would be bad!

apt-get install -y linuxserver-firewall -o Dpkg::Options::="--force-confold"

ClamAV's packages are a bit smarter, using the newer ucf configuration system, which, among other things, can handle a three way merge - letting you compare new, current and original, in a way that can roll your changes in a bit better. (It's also designed more for files edited or created in postinst, and not just plain configuration files). The syntax for automatic accepting of conffile changes is different for UCF:

UCF_FORCE_CONFFOLD=yes apt-get install -y clamav-base

Look at 'man ucf' and 'man dpkg' for more force options.

Windows tips: Starting WinVNC automatically if not running

Monday, July 17th, 2006

A long time ago I built an installer for WinVNC so that IT Partners' clients can connect back to us and we can fix their problems remotely.

A problem I have always had with it was that you have to launch WinVNC seperately from a connection shortcut; if you tried to run it every time, it would say "Another instance of WinVNC is already running", and if you go to connect when there isn't a running WinVNC, you get "No existing instance of WinVNC could be contacted". Therefore, users need to perform two distinct steps - a "launch", which does -kill -run, and a "start session", which does a -connect.

Here is a nice batch file to get around it, using SysInternals' PSList utility. If you know your users are on Windows XP or greater, you could use the built in tasklist command instead.

Code:

@echo off
pslist winvnc > nul
if %ERRORLEVEL% EQU 0 goto connect
start winvnc -run

Code:

:connect
if [%1] NEQ [] start winvnc %1 %2 %3 %4 %5

Code:

:end

Using udev to set network card order

Friday, July 14th, 2006

Don't you hate it when you update a Linux machine, and the order that the network cards are detected, changes?

Code:

ifconfig | grep HWaddr | awk ' { printf"KERNEL==\"eth*\",SYSFS{address}==\"%s\", NAME=\"%s\"\n", $5, $1; }' > /etc/udev/rules.d/10-network-cards.rules

The cables don't change around, so neither should the order in which they come up.

lvm2 pre-installation script returned exit status 10

Friday, July 7th, 2006

Tracking down bugs in Debian and Ubuntu packages is fun for the whole family. Found this one while upgrading from Hoary to Dapper on a test box:

root@unassigned-firewall:~ # apt-get install lvm2..
Preparing to replace lvm2 2.00.32-1 (using .../lvm2_2.02.02-1ubuntu1_i386.deb) ...
dpkg: error processing /cdrom//pool/main/l/lvm2/lvm2_2.02.02-1ubuntu1_i386.deb (--unpack): subprocess pre-installation script returned error exit status 10
Errors were encountered while processing:
/cdrom//pool/main/l/lvm2/lvm2_2.02.02-1ubuntu1_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)

Straight to Google. Nothing for this package, but some other packages with a similar error are reported. Eventually, I find a similar example, and work through the steps:

root@unassigned-firewall:~ # export DEBCONF_DEBUG=developer
root@unassigned-firewall:~ # apt-get install lvm2
..
Preparing to replace lvm2 2.00.32-1 (using .../lvm2_2.02.02-1ubuntu1_i386.deb) ...
debconf (developer): frontend started
debconf (developer): frontend running, package name is lvm2
debconf (developer): starting /var/lib/dpkg/tmp.ci/preinst upgrade 2.00.32-1
debconf (developer): <-- VERSION 2.0
debconf (developer): --> 0 2.0
debconf (developer): <-- CAPB backup
debconf (developer): --> 0 multiselect escape backup
debconf (developer): <-- TITLE LVM2
debconf (developer): --> 0
debconf (developer): <-- FSET lvm2/kernel seen false
debconf (developer): --> 10 lvm2/kernel doesn't exist
dpkg: error processing /cdrom//pool/main/l/lvm2/lvm2_2.02.02-1ubuntu1_i386.deb (--unpack):
subprocess pre-installation script returned error exit status 10
debconf (developer): frontend started
debconf (developer): frontend running, package name is lvm2
debconf (developer): starting /var/lib/dpkg/info/lvm2.postinst abort-upgrade 2.02.02-1ubuntu1
Errors were encountered while processing:
/cdrom//pool/main/l/lvm2/lvm2_2.02.02-1ubuntu1_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)

Aha! Eventually, the problem presents itself, in the postinst - but of the new package, not the one that is in /var/lib/dpkg/info:

if ! dpkg --compare-versions $(uname -r) ge '2.6.12'; then
db_fset lvm2/kernel seen false
db_input critical lvm2/kernel || true
db_go
exit 1
fi

Which neatly matches this Debian bug. I built me a package without this block (you're going to be running a new kernel when the upgrade that includes this package is done - the new version wouldn't cleanly backport), and the upgrade continued.

The moral of this story is I should have gone to Launchpad first, as the bug is recorded there. Google just didn't see it.