FrOSCon was a blast. I had two booths of my own – MirBSD and FreeWRT – as well as shares of Debian and Grml. Well, MirBSD was run by Benny and gecko2 because I just didn’t have any time for it, despite XTaran’s help with the FreeWRT booth. All I did was the initial setup of both booths, while at the same time answering about three questions regarding FreeWRT in parallel. Wow. What a little small, open hardware can do to you. XTaran and I had fun and we’ll do FreeWRT booths again; I managed to flash my two FON2100 devices (“La Fonera” – the FON2200 can use the same image, says nbd of OpenWrt) and will fix the port’s remaining few bugs I found; XTaran will try to push the WL-500gPv2 development. The social part was nice as well, although I think the greek restaurant in the city will not be visited by me again. Anyway, if you didn’t attend FrOSCon, your own fault…
Since the BitTorrent tracker used by MirOS is down, here’s the link to the [updated 2010-08-28] [deleted 2014-05013] current (FrOSCon 2010 Edition) snapshot’s torrent, Triforce as usual. We’ll probably rewrite torrent files for all our ISOs and publish them on the MirBSD website. I’m currently considering OpenBitTorrent plus one or two DHT seed nodes with no statistics. Maybe with webseed. (Need to update the libtorrent/rtorrent MirPorts first, though…) Other options would be different trackers or running one of our own. I will announce the outcome as news entry, once done.
On the plus side, the review process of mksh(1) in Android continues, and I fixed the realpath builtin to behave even more POSIX-ish.
I’m currently putting the finishing touches on a new MirBSD snapshot for i386, targetting FrOSCon. Due to German patent 69429378 (EP0618540) I had to update the sparc kernel (GENERIC and RAMDISK) as well though. For now, mount_msdos(8) LFN support is disabled entirely, but a code rewrite to support LFNs in FAT in a non-infringing way (although for a file with LFN, no SFN will be generated any more then) is planned already (just not done before FrOSCon). This situation, in general, sucks.
The snapshot will, as usual, end up on the mirrors, i.e.
The FrOSCon 5 - 21./22. August 2010 booth plans have finalised, I am rather content:
This is especially good, as XTaran will be shared among (at least) Debian, Grml, FreeWRT; same for me plus of course MirBSD; kimnotyze is FreeWRT but may help with MirBSD; benz and gecko2 probably are MirBSD but gecko2 could help with FreeWRT, tokkee was interested in FreeWRT too… anyway.
Some days, you just love software.
Aug 6 13:55:01 blau firesomething-bin: stack overflow in function VFY_EndWithSignature Aug 6 13:55:01 blau /bsd: signal 6 received by (firesomething-bi:1146) UID(2999) EUID(2999), parent (sh:9059) UID(2999) EUID(2999)
Thus, let me reïterate it for all of you:
Well, now that the Debian Release Managers have sent their freezing bits around… *shudder*… Squeeze is frozen. Well, at least everything I have my hands in has migrated. I’m still… not persuaded. I also can’t decide which looks worse (KDE 4 or Win 7), tending towards KDE 4…
Why does all the horrid software (Solaris, Java™, OpenSSO, MySQL,
etc.) tend to end up at Oracle at the moment? Let me quote from some
Debian mailing list:
>>What happened to the Unix philosophy?
>Modern Solaris engineers
Is that similar to high-speed horse carriages?
My RPM repository has been pimped a bit – I ported some stuff from my DEB repository and updated them in both (rdate(8) and ntpd(8), specifically). Still ought to work more on them, but currently MirBSD base is most important, although I’m dying for mksh associative and multi-dimensional arrays, as well as more sh(1) conformance assorted bug fixes.
Well, there’s a life besides the computer. I’ve taken today off, wanting to hack on MirBSD’s most urgent problems (but probably end up doing that tomorrow), slept long, and will meet with cnuke@ and gecko2@ for Greek style dinner. The latter will almost certainly end up with a long-time work contract at the same place where I run a lot of things already, so congratulations. In the meanwhile, bsiegert@ has almost become a Doctor of Chemistry, and my brother’s finished his Maths and Economics diploma.
Also, I’ve put up the logo of the company where my new dedicated server is hosted; they reduce the monthly fee in exchange for this, so humour me and pay them a visit. They’re IPv6 pioneers, actually. (The server is now installed but not completely set up yet, and I have yet to begin moving services; it’ll be better than the VM eurynome is, but the clock could use the new timekeeping subsystem in the kernel as well as socket send (ÆrieBSD) and receive timestamps as it’s off by 0-1000 ms.)
Speaking of kernel stuff, yesterday I considered moving wscons(4) to UTF-8 again (since everything is CESU-8, we need to take raw octets into account also). I’ve seen OpenBSD begun importing Citrus… *shudder* Anyway, that’s my part, but I’d like volunteers for backporting things like the timekeeping stuff (and possibly more hardware support), and writing a pivot_root like thing (explained on some mailing list already) so we can use ramdisc root to do loopback root.
FrOSCon 5 - 21./22. August 2010 is approaching rapidly. I’m a bit envious at some of the tracks (I mean, really, geocaching (ok, I did the surrounging caches over the last years but still), learning python by means of game programming, etc. really sounds interesting – and I know people who could benefit from a non-kids version of that as well) but this year’s FrOSCon is nothing for me to curse about either: I managed to get both a booth for The MirOS Project (MirBSD, mksh and other subprojects) as well as one for Waldemar’s FreeWRT (although wbx@ – if he comes – won’t join there since he forked his own fork since its conception). Booth staff are, currently: tg@ and bsiegert@ (Developer), gecko2@ (Staff) for MirOS, tg@ and “XTaran” abe@ (Developer), kimnotyze (Hacker) for FreeWRT. (XTaran will probably be helping Debian/Grml too.) This year, it’ll be my job (after 2 years of aptituz) to keep the Altbier-Fraktion watered, I’m thinking one crate of Schlösser Alt and one crate of Hannen Alt?
Have a look at the Program and don’t tell me you won’t come! It will rock! (Except there won’t be Formorer’s Chilli, but that’s no reason, there’s enough other stuff in manageable distance.)
Besides interesting booths and talks, FrOSCon is still looking for helpers who will not only get free entrance but also catering during operation.
Well, I suppose I should be happy that mksh is actually used…
- [tg] Correct shf buffer I/O routines to avoid a memory corruption bug discovered by Waldemar Brodkorb and other bad effects
- [tg] Fix NULL pointer dereference during iteration loop when checking for alias recursion; discovered by Michal Hlavinka
That’s OpenADK (Waldemar’s fork of FreeWRT, which is Waldemar’s fork of OpenWrt), and Red Hat Enterprise Linux, respectively. Popcon in Debian and its derivates is also pleasant.
I could use some help bugfixing this though:
(sleep 3; exit 12) & bgprocpid=$! sleep 6 # background process is done by now wait $bgprocpid # POSIX mandates that, since $! was asked # for, wait is to reply its errorlevel
Somehow, JF_KNOWN is never set – and I can’t debug this with gdb(1).
(There’s also a dashism in some *buntu start scripts that does pretty much the same except it uses “wait %1” there. In fact it doesn’t even seem to use $! – no idea whether we can support that at all in a POSIX shell – which dash clearly isn’t… – without keeping track of background processes forever.)
I’ve got some interesting results using r1.1 of an example test programme (r1.2 got cleaned up and more output) on various systems, regarding ASLR. The 1.1 revision tests everything mksh R40+ will use (except there will probably no larger than page sized allocations) for its LCG PRNG. On OpenBSD (MirBSD, ÆrieBSD) malloc(3) uses in fact mmap(2), which is randomised. (Though -pie doesn’t yet work as it’s supposed to.) Some OSes are better than others… but look for yourself. (Read on to continue, not part of the RSS for size reasons. This wlog entry may be updated – with bumped date – unperiodically.)
tg@blau:~ $ mgcc -static x.c x.c:0: note: someone does not honour COPTS correctly, passed 0 times x.c: In function `foo': x.c:27: warning: function returns address of local variable tg@blau:~ $ ./a.out 0xa9332000 0xaba65000 0xa0ae7000 0xcfbed990 0xcfbed994 tg@blau:~ $ ./a.out 0xa91b4000 0xa02b1000 0xa1602000 0xcfbf8680 0xcfbf8684 tg@blau:~ $ ./a.out 0x9f731000 0x9cb2a000 0xa94ca000 0xcfbf5840 0xcfbf5844 tg@blau:~ $ ./a.out 0x9c2af000 0xa6a0b000 0xa4ce1000 0xcfbefac0 0xcfbefac4 tg@blau:~ $ ./a.out 0xa3b61000 0xa96de000 0xa96df000 0xcfbedcc0 0xcfbedcc4
tg@frozenfish:~ $ gcc -static x.c x.c: In function ‘foo’: x.c:27: warning: function returns address of local variable x.c: In function ‘bar’: x.c:33: warning: function returns address of local variable tg@frozenfish:~ $ ./a.out 0x80b2a20 0x80b2a30 0xb7745008 0xbf985ce0 0xbf985cd4 tg@frozenfish:~ $ ./a.out 0x80b2a20 0x80b2a30 0xb7726008 0xbfb911b0 0xbfb911a4 tg@frozenfish:~ $ ./a.out 0x80b2a20 0x80b2a30 0xb7784008 0xbf83d040 0xbf83d034 tg@frozenfish:~ $ ./a.out 0x80b2a20 0x80b2a30 0xb77e8008 0xbfc0f840 0xbfc0f834 tg@frozenfish:~ $ sid I: [sid chroot] Running command: “mksh -l” tg@frozenfish:~ $ gcc -static x.c x.c: In function ‘foo’: x.c:27: warning: function returns address of local variable x.c: In function ‘bar’: x.c:33: warning: function returns address of local variable tg@frozenfish:~ $ ./a.out 0x80c86a8 0x80c86b8 0xb77c3008 0xbfaa1900 0xbfaa18f4 tg@frozenfish:~ $ ./a.out 0x80c86a8 0x80c86b8 0xb77d2008 0xbfcc0260 0xbfcc0254 tg@frozenfish:~ $ ./a.out 0x80c86a8 0x80c86b8 0xb77c1008 0xbfbe2120 0xbfbe2114
uname: Linux frozenfish 2.6.18-6-686 #1 SMP Fri Feb 19 23:40:03 UTC 2010 i686 GNU/Linux
tg@stinky:~ $ gcc -static x.c x.c: In function `foo': x.c:27: warning: function returns address of local variable tg@stinky:~ $ ./a.out 595f0 59bf0 59d00 ffbefbb4 ffbefb5c tg@stinky:~ $ ./a.out 595f0 59bf0 59d00 ffbefbb4 ffbefb5c tg@stinky:~ $ ./a.out 595f0 59bf0 59d00 ffbefbb4 ffbefb5c tg@stinky:~ $ gcc x.c x.c: In function `foo': x.c:27: warning: function returns address of local variable tg@stinky:~ $ ./a.out 20950 20f50 21060 ffbefb3c ffbefae4 tg@stinky:~ $ ./a.out 20950 20f50 21060 ffbefb3c ffbefae4
mirabilos@stargazer:~ $ gcc -static x.c x.c: In function 'foo': x.c:27: warning: function returns address of local variable x.c: In function 'bar': x.c:33: warning: function returns address of local variable mirabilos@stargazer:~ $ ./a.out 0x800603080 0x800605040 0x800700000 0x7fffffffe62c 0x7fffffffe62c mirabilos@stargazer:~ $ ./a.out 0x800603080 0x800605040 0x800700000 0x7fffffffe63c 0x7fffffffe63c mirabilos@stargazer:~ $ ./a.out 0x800603080 0x800605040 0x800700000 0x7fffffffe62c 0x7fffffffe62c
uname: MidnightBSD stargazer.midnightbsd.org 0.3-CURRENT MidnightBSD 0.3-CURRENT #1: Thu May 27 22:13:45 EDT 2010 firstname.lastname@example.org:/usr/obj/usr/src/sys/GENERIC amd64
(QEMU, thanks to Aurélien! Debian unstable from approx. Jan 2010)
root@debian-mipsel:~ # gcc-4.4 -static x.c x.c: In function 'foo': x.c:27: warning: function returns address of local variable x.c: In function 'bar': x.c:33: warning: function returns address of local variable root@debian-mipsel:~ # ./a.out 0x4aa740 0x4aa750 0x2aaa8008 0x7fa417e8 0x7fa417d8 root@debian-mipsel:~ # ./a.out 0x4aa740 0x4aa750 0x2aaa8008 0x7fc67708 0x7fc676f8 root@debian-mipsel:~ # ./a.out 0x4aa740 0x4aa750 0x2aaa8008 0x7fb68238 0x7fb68228 root@debian-mipsel:~ # ./a.out 0x4aa740 0x4aa750 0x2aaa8008 0x7fc586c8 0x7fc586b8
uname: Linux debian-mipsel 2.6.32-trunk-4kc-malta #1 Mon Jan 11 03:45:08 UTC 2010 mips GNU/Linux
Gentoo GNU/Linux on amd64
gcc-4.4.4, glibc-2.11.2-r0, 2.6.35-rc4 x86_64
0x20cc010 0x20cc030 0x7fef0c497010 0x7fff32148fec 0x7fff32148fec 0xa35010 0xa35030 0x7f575d0e4010 0x7fff0dd7220c 0x7fff0dd7220c 0x1f90010 0x1f90030 0x7f8657107010 0x7fff6116813c 0x7fff6116813c 0x9dd010 0x9dd030 0x7f1eab0a6010 0x7fff3dcc638c 0x7fff3dcc638c
Not everyone does ASLR… but there’s enough variety (and with eglibc’s AT_RANDOM even proper entropy) inside for our purposes. On OpenBSD and MirBSD, we’ll still use KERN_ARND as it’s extremely cheap entropy (code paths checked on both) but not for every call of $RANDOM. On things like Debian/m68k mksh(1) ought to have gained a possibly noticeable speed-up.
Bordeaux was very nice (and towards the end much cooler… it’s actually hotter here at more than 50½° north – too warm to think, or do anything) but the LSM/RMLL was very french. They’ll be in Straßburg and Lüttich the next two years so we can probably be expected to attend. I don’t think I can eat duck (which, in south-west france, is a vegetable) or like all that classic french multi-course food so much, but I had enough Couscous Merguez and Thé à la menthe fraîche… and similar good stuff. Many people spoke English and actually asked me whether I do (probably they couldn’t bear me trying to spea^W^W^Wbutchering the language of the Grande Nation) and in general were a friendly bunch. I did see some people with machine guns in the city on the last day, though. No idea what/why… didn’t dare asking ☻
Just another reason to boycott flying: Mario Lang (one of the speakers) was apparently held on the airport and treated as a terrorist due to his Braille line… they thought it was a bomb or somesuch thing.
Read on for more…
Travelling with the Thalys and TGV was nice (but I loathe the Métro parisienne… they should build a ring train like the Berlin S-Bahn and just put another stop before Paris Nord and Montparnasse for people who just want to switch trains to take the ring train to the other line). And I want air conditioned trams in Germany too!
I met Uriel (invited him for some food and talked lengthy with him and some 9grid guy), XTaran (who was rather busy organising things), and a number of other people. Did some PGP keysigning as well. There’s now an experimental MirOS presence at Launchpad, not sure what exactly we’re going to do with it but, as Canonical does not care (as Jonathan said in his talk – great slides, by the way, really impressive), there’s no harm in having it. Some Perl guy from America (USA… just to make sure ☺) wanted a photograph of me with a sign “I love CVS” just so people back at home would believe him he’s met such a person *grins* of course I plugged in a little advertising but cvs(GNU) is honestly good. The forge hacking session was a little under-visited (but still a success in terms of getting more communication and maybe collaboration underways, especially thinking of common interfaces, DC, semantic web, OSLC-CM) and since the room was (in contrast to my hotel room and the trams!) not air conditioned we didn’t get much hacking done. The Debian booth was about 40% of one FOSDEM style table wide… and subsequently crowded. There were more people (of course, I was trying to get mksh into Haikuports, Mandriva, and other things; talked about KDE 3.5.11 (Trinity), Qt 3 vs Qt 4, and kwalletcli, and in general to a not-so-usual bunch of suspects – like I said, LSM/RMLL really is pretty french-only).
It is too hot, but I still committed src/etc/rc,v version 1.110 which you want to upgrade your /etc/rc to before upgrading mksh(1) in MirBSD. (All in the name of better performance on platforms such as Debian/m68k and not raiding Linux’ inferior RNG… but it does simplify things.)
I could probably write more but at the moment just want to lie down and die until it gets cooler… even the rain didn’t help. My feet hurt (Montparnasse-Bienvenue didn’t help) too.
The current version of mksh had use of arc4random(3) removed, including “set -o arc4random”, to speed it up (on some architectures, a lot) – this will break some existing scripts (such as /etc/rc *cough* on MirBSD…). Hence I decided to publish the next version of mksh(1) as R40 based upon current development, and defer plans for associative arrays (and multidimensional arrays) for mksh R41. There’s also already the change to Build.sh arguments, so this suits me quite fine.
(Read: if running MirBSD, don’t upgrade mksh at the moment.) There will be a new MirBSD snapshot once this is fixed, maybe a few more changes to the shell for better POSuX compliance, and the recently mentioned patent on LFNs (long filename) in FAT will be taken into account with a patch to msdosfs.
I’ll travel to LSM/RMLL 2010, the Libre Software Meeting (Rencontres Mondiales du Logiciel Libre) tomorrow until the weekend, to hack some on FusionForge (this is worktime for me), visit XTaran, Uriel, and maybe a couple of other “usual people”.
Thundersday, between 10:00 UTC and 12:00 UTC, eurynome will be shut down by gecko2@ due to power supply maintenance on the host system data centre.
We have a new mirror in the Americas, thanks a lot to Mike 'Fuzzy' Partin! Benny will mention it on the webpages once it’s working.
No, it’s not just half the answer. I think we’re much farther down the way than that ☺ while there are still improvements planned, under development, and to come, we’ve gone a long ways from 4.5 based Evolvis platform releases.
There are several new extensions, almost all of them enabled by default. You can see a tech demo of these at https://evolvis.org/plugins/mediawiki/wiki/evolvis/index.php/PluginDemo (which will automatically show you an English- or German language version depending on your web browser’s preferences). The extensions are:
The MediaWiki extensions are “driven” (configured) by the forge semi-automatically, for example RSS_Reader uses a per-project (forge group) cache directory instead of disabling the cache (which needed to be done for the Debian package, since the default installation does not have the luxury of a directory writable for the Apache user). The configuration closely matches the “old-style” (JH) Wiki integration that has been done for Evolvis 4.5 previously.
Further changes include a fair number of bugfixes to the code, theme, wiki, extensions (fed upstream), and XHTML compliance. We know there are still enough bugs to keep us busy for a while, but you might notice some improvements; others are hidden but shorten the Apache error_log noticeably ☺
To further summarise from the developer/package management system changelog the (non-bugfix) changes from the last version include:
- reduced space requirements by using the xz compressor instead of gzip for nightly Subversion backups
- give forge (group/project and site) admins more permissions in the Wiki by default
- Konqueror users have clickable sftp:// links in the places where SFTP/manual file upload can be used
- displaying filenames of uploaded files, including rules for them, has been improved
- there are now two automatic mailing lists (for newly created groups/projects): unixname-commits (where every member with commit rights will be added automatically) and unixname-discuss (where every member will be added automatically); of course there’s still the option to unsubscribe or, for non-members, to subscribe (a new Mailman integration is being worked on)
- Mailman list administrator passwords can now be (re-)set from the forge (by group/project or site admins); be careful to tell your co-admins the new password though…
- new values for PM (Tasks) status fields
- the ability to copy a task to another subproject
- customisable display for the Tasks area
- the SCM URLs now always use the correct hostname
- help window pop-ups are working again
- Evolvis can now almost fully be used with PHP 5.3 on Debian unstable (although we are still formally targetting Debian Lenny (with select backports and custom packages) specifically)
- font sizes (in the forge and the wiki) are finally consistent
- slight performance improvements
The time tracking area in Tasks has been disabled, since there is a company-internal tool doing the same, with an Evolvis integration being developed.
We hope you enjoy the latest installment of the Evolvis platform!
-- Thorsten Glaser, for the tarent Evolvis task forge, FusionForge and Mediawiki
My laptop odem has a somewhat split personality… half of it ended up in the waste bin, the other half will probably end up being sold under price to someone who may then sell the parts separately from each other (I’m not in the mood to do packaging and shipping). Salvaged parts: some PC133 SO-SDRAM (probably 512 and 256 MiB), an Athlon XP 1400+ CPU, an Acer Aspire 1300XC(?) BIOS, floppy drive, DVD-ROM/CD-RW drive, complete display (panel, inverter and chassis), CMOS battery, a lot of screws, the fan, some cables, the upper half of the chassis, the keyboard, and probably other things.
Mojito tastes good… we had a soldering social evening at $orkplace followed by an ad-hōc visit to the cocktail bar due to missing the tram (caught the next one). Summer’s gone again though… rain really is imminent now ☹
This wlog entry is presented you by gecko2@’s nagging… we’re really working though, so don’t expect many… I’m even doing the Debian stuff only at ork at the moment.
The most common tasks can now be easily solved:
- /etc/gforge/templates/httpd.ssl0.inc: uncomment two lines, and all forge vhosts redirect to https unconditionally
- /etc/gforge/templates/httpd.auth.forge.inc: uncomment a bunch of lines, and you get HTTP Basic Auth with PAM backend accessing nss_pgsql2, which means you must login with your forge username and password to display the site
- /etc/gforge/templates/httpd.auth.projects.inc: copy the same lines here, and the project homepages (*.forge vhosts) are protected in the same manner
- /etc/gforge/httpd.d/*: change 02namevhost, 06maindirhttp, 20list, 40virtualhost if you want not *:80 and *:443 vhosts but per-IPv4-address vhosts
- /etc/gforge/gforge.conf: insert lines like 「sys_sslcrt=/etc/ssl/my.cer」, 「sys_sslkey=/etc/ssl/private/my.key」, 「sys_ssl_apache_extra_cmd=SSLCertificateChainFile /etc/ssl/chain.pem」 to configure HTTPS properly and easily
Of course, there’s more to that: If you have more vhosts, just 「Include /etc/gforge/httpd.security.inc」 to disable a potential security hole / information leak, 「Include /etc/gforge/httpd.log.inc」 to log into the same files, 「Include /etc/gforge/httpd.ssl0.inc」 (SSL off) and 「Include /etc/gforge/httpd.ssl1.inc」 (SSL on) to use the same SSL configuration as the forge. The latter is especially important if you have more than one 〈VirtualHost *:443〉 container, as Apache 2 uses the configuration from the ASCIIbetically first one.
I was able to completely switch from the old, hand-edited configuration to a generated one with little, if any, changes on all our installations now. Some legacy or useful vhosts have been split out, for example a redirect for the old-style Wiki URIs, the Maven 2 repository vhosts, and Alfresco/Domisol (which was already separate but now got split port-80/443 configuration and the above-mentioned Include directives).
Furthermore, eMails from forge users to the FOO-commits@ mailing lists are always allowed by default for newly created lists, and users added to a group with SVN commit rights will be automatically subscribed to that list. We now issue the Forge Identification Header and display the version on the webpage. There was, of course, your usual round of bugfixes and infrastructure improvements, including preparations for more things to come (so stay tuned).
Roland will, as usual, take the best out of EvolvisForge and put it into FusionForge (et vice versa).
There’s also news on the not-so-forge front of Evolvis: our Hudson installations talk Jabber now, and the integration is becoming more tight. We can drive both old-style wikis and gforge-plugin-mediawiki at the same time. We’ve begun adding a bunch of mediawiki plugins (more to follow as needed); if there are people packaging those for Debian already, cooperation is desired.
Until 12th of June, the “Fairtrade Software” booth at LinuxTag 2010 in Berlin, Germany, will present Evolvis and FusionForge to the public. Visit us in Hall 7.2a, Booth 123, and check out the other exciting tarent projects!
Wenn Du denkst, MirBSD wäre langsam und sein Installer in irgendeiner Art und Weise doof, dann installiere mal Debian (etch, neuere Versionen können nur noch sun4u und sun4v, kein sun4m mehr) auf einer SPARCstation 20.
Lahm wie Sau, das Teil. Und der Installer ist schwarz auf weiß – was nicht so schlimm wäre, wenn der Cursor (und die dialog-Markierungen) nicht ebenfalls schwarz auf weiß wären…
Ich bin ja mal gespannt, ob das durchläuft.