Benjamin Sherman » Linux

Killing “find” Errors

benjamin — Mon, 09 Nov 2009 05:46:53 +0000

I’ve used the unix filesystem search utility find for many years. Though, like most things, until forced to learn its deeper secrets, I generally get by with only the most basic knowledge.

One of the cool things about find is that you can specify a search and then execute an action on the results, all in one command.

This example is probably my most common use of find:

find . -type d -name .svn -exec rm -fr {} \;

This means: find, in the current directory (.), a directory (-type d), named .svn (-name .svn), and for every result (-exec) remove that directory (rm -fr {}) . The “{}” represents the matched path string, and the “\;” is required to end the “-exec” command.

Here’s a sample of what this looks like, including output:

$ find . -type d -name .svn -exec rm -fr {} \;
find: ./.svn: No such file or directory
find: ./getid3-2.0.0b4/.svn: No such file or directory
find: ./getid3-2.0.0b4/extras/.svn: No such file or directory
find: ./getid3-2.0.0b4/getid3/.svn: No such file or directory

This is great, and I’ve used this exact syntax for years. But today I ran into a problem. I wanted to run this exact command as part of a custom build script in Xcode. When this command ran I had 81 errors popup in my build results! What happened is that all thos “No such file or directory” messages are actually errors, and Xcode reported them as such.

The solution is to add one extra argument: -depth . This causes find to do a depth-first traversal of the sub-directories being searched. That is, find will check the contents of directories before acting (eg, running an -exec command) on the directory in question. The default is to act on the directory (in our case, removing it) before attempting to visit it’s contents. So after we removed the directory, find was still trying to look at it; -depth fixes that.

So, the final answer is, I now use:

find . -type d -name .svn -depth -exec rm -fr {} \;

Yes, this is a slightly verbose explanation for something so simple, but maybe it will help someone else.

VPN on Ubuntu Linux with Juniper Network Connect

benjamin — Mon, 15 Jun 2009 23:13:25 +0000

There’s one standard document on HOWTO get Network Connect working on Ubuntu Linux. It’s mad scientist’s doc: http://mad-scientist.us/juniper.html . However, there are a few things not covered. I’ll assume that you’ve followed mad scientist’s excellent guide before going any further.

Issue #1: 64-bit Ubuntu

By default, when you install java on your 64-bit system, you get a 64-bit java. No surprise there, right? Well, Juniper’s tools don’t play nice with 64-bit java. If you attempt to start the junipernc script you’ll promptly see the “VPN has failed!” error message.

VPN has failed!

Also if you look closely in your Terminal you’ll see the text error:

Failed to load the ncui library.

This is the clue that we are dealing with the 64-bit issue.

The work around for this is to install a 32-bit java on your system. Type the following into your Terminal:

sudo apt-get install ia32-sun-java6-bin

After typing your password, a 32-bit copy of java will be installed at: /usr/lib/jvm/ia32-java-6-sun .

Now, you need to convince Juniper Network Connect to use the 32-bit java. If you don’t use java for much besides your new VPN, you may just want to make the 32-bit java your default. This can be done by typing the following into your Terminal:

update-alternatives --set java /usr/lib/jvm/ia32-java-6-sun/jre/bin/java

If you DO use java and just want to tell the VPN to use the 32-bit java, you should modify the junipernc by adding the following line right after the block of lines that start with “#”:

export JDK_HOME=/usr/lib/jvm/ia32-java-6-sun

Now, when you run junipernc, it will use 32-bit java and you should no longer have the failure due to ncui.

Issue #2: Determining Your Realm

The scripting for Network Connect asks a few questions that may not make sense to a typical user. Even a networking savvy programmer may not be certain what values to use for the “Realm” or “PIN + SecureID Code”.

Finding your realm is fairly straight forward if you don’t mind diving into some HTML. Point your web browser to your company’s VPN website: https://vpn.mycompany.com or https://connect.mycompany.com . View the source of that page and look for a line like:

The value of REALMNAME is what you’ll need to enter when prompted. Your IT department may or may not know what this is if you ask them.

If you don’t know your “PIN + SecureID Code”, it’s simply the password you type along with your username on the VPN website to gain access. As mad scientist says, some companies use “SecurID so [they] enter a personal PIN plus the value provided by the SecurID fob,” which explains why he coded that as the prompt for the password input.

If you need help, there’s a long running thread over at the ubuntu forums where this continues to be discussed a lot: http://ubuntuforums.org/showthread.php?t=232607 . I gathered my info from both mad scientist’s page above and the thread itself.

One further note, I’ve tested this on Ubuntu 9.04 64-bit as well as 8.10 32-bit. Hope this is helpful to all you who need Juniper VPN access on 64-bit Ubuntu Linux.

Foxmarks: Bookmark Synchronization Heaven

benjamin — Sat, 21 Feb 2009 22:19:25 +0000

Long have I searched for the magic bullet solution to my bookmark synchronization woes. I’ve wanted a simple plugin that would synchronize my bookmarks between multiple installations of Firefox and Safari, thus making it simple to access said bookmarks from any computer, or between the two commonly used browsers on my Mac. I’ve looked at many options, but always the solution only allows me to sync one browser or the other, leaving me looking for some secondary sync tool to get between Firefox and Safari on my Mac itself, not via network or a proper sync.

I’d almost given up on finding a solution, then, a few months ago I started using Delicious. It was cool because there were plugins for Safari, Firefox, and IE, and of course, it’s by default a web based bookmarking system. Its cool, I like it, but I just didn’t use it much. The plugins integrate it into the browser by giving you ANOTHER bookmarks menu, not by integrating with the browsers’ bookmark system.

Before ever using Safari or Delicious, my Firefox bookmark sync tool of choice was Foxmarks. It provided a web interface for remote access to my bookmarks, plus a nice sync interface for all my Firefox installations. I was randomly poking around today and discovered that Foxmarks now works with Safari and IE! I was excited and wasted no time installing Foxmarks for Safari. So far, it works great!

For the most part, it works just as you’d expect, bookmarks sync between all my Safari(Mac only, for now, I think) and Firefox(Mac, Linux, and Windows) installations without hassle. I’ve yet to try out the Internet Explorer functionality, but I’m guessing it works pretty well. I just don’t use IE enough to care.

One caveat to be aware of: both Firefox and Safari use some browser specific URL syntax to access internal functionality for recent bookmarks, etc. That stuff will only work on the browser where it was created, Safari on Safari, Firefox on Firefox, etc. For me, that’s a non issue, I rarely use those features. I have tested and confirmed that javascript bookmarklets (like for Tinyurl and Cornify) do seem to work after syncing. Those are about the only reason I use on the bookmark menubar.

Use vi key bindings in bash

benjamin — Thu, 04 Dec 2008 06:29:38 +0000

A long time ago I used ksh with vi key bindings, and life was good.

Then I moved on to bash, but for some reason, I never investigated using vi key bindings. I simply lived with the defaults (which, for the record, are emacs-like key bindings).

So, just the other day I said to myself, “Self, I want to use vi key bindings in bash. I want to again experience the joy of traversing and editing my command line in COMMAND MODE. I want the speed and the power of my precious vi (well, I use vim) at my finger tips. And I NO LONGER want to waste time holding arrow keys or to think about using emacs-like commands.”

So, I fired up google.com; low and behold I stumbled onto this little post about using vi key bindings in bash and zsh. So sweet!

In a nutshell, the bash command to enable vi mode is:

set -o vi

This can be set in your .bashrc file, and if it doesn’t pickup when you start a new terminal session, add something like this to your .profile or .bash_profile:

if [ -f ~/.bashrc ]; then . ~/.bashrc fi

With vi mode enabled, you’ll start your bash session in insert mode, so things should behave as normal. But, to turn on the power, just hit the ESC key to enter COMMAND MODE. Now all your vi commands are availble. Move to end of line with “$”, beginning of line with “^”, delete a word with “dw”, etc.

Enjoy!

Bonjour Avahi Addendum

benjamin — Thu, 06 Nov 2008 16:23:53 +0000

A while back I wrote about advertising Linux services via Avahi/Bonjour. Since then I’ve made a few changes to my setup.

First, I nixed netatalk for direct AFP support. My primary reason for using it was to gain a more Mac-like network filesystem which would make Time Machine happier. Well, Time Machine uses a sparse bundle disk image on it’s target; after learning about that, using AFP seemed a bit unnecessary. Also, Samba CIFS/SMB seemed to perform better. I don’t have solid benchmarks for this, but simple file copies seemed to be consistenly faster with Samba. One of the biggest annoyances about netatalk was all the extra hidden files and folders it created. I run a hybrid network, I have more Mac machines, but also Windows, plus I browse file systems on the command line quite often; and those excess files pushed me over the edge.

Second, I nixed Time Machine. Just when I thought everything was working perfectly, it completely blew up and could no longer access its data store. Not good for a backup solution. I plan to write about my new home backup solution sometime, but it’s basically rsync with a few key points.

Lastly, I streamlined my Linux avahi config using some pointers here, suggested to me by George the commenter on my above linked post.

Previously i had a service config file for each service, but this resulted in my server having multiple entries in the OS X Finder, one host for Samba, one host for AFP (when I had it), and one host for RFB. So, I merged all of those files into one.

multi.service
%h _smb._tcp 139 _rfb._tcp 5901 _device-info._tcp 0 model=RackMac _http._tcp 80 _ssh._tcp 22 _sftp-ssh._tcp 22
Now everything that can show up in the OS X finder, shows up on one host entry. Plus thanks to the tip I linked to above, the “_device-info._tcp” section sets an icon for the server in OS X Finder.

Enjoy!

Advertising Linux Services via Avahi/Bonjour

benjamin — Sun, 27 Jan 2008 22:20:42 +0000

Update: most of this information is still correct but an update for combining service definitions into one file and setting an icon is available here: http://holyarmy.org/2008/11/bonjour-avahi-addendum

In my last post I outlined how I followed others’ directions to enable netatalk on Linux and Time Machine backups to a shared AFP folder. Originally, I also described how to put all your shares on netatalk. I suppose if only have Mac clients or you REALLY want to use AFP, you can do so. As I worked with files over AFP shares, I started noticing that the performance seemed to be quite bad. No, I didn’t benchmark, but copying large video files to a shared folder over my gigabit network was substantially slower over AFP (netatalk) than over CIFS/SMB (samba). I use my network shares pretty heavily, so this was a concern. Also, netatalk tries very hard to replicate an HFS filesystem complete with resource fork support. This means that your shared directories end up with lots of extra folders named “.AppleDouble”(and a few others) containing Mac specific info. (Note: even on CIFS you’ll get the “.AppleDB” folders unless you disable a setting in Finder. I can deal with .AppleDB better than .AppleDouble AND .AppleDB) So, because of these two issues I decided to try using CIFS and samba again.

My first experiment was to try sharing a “time_machine” folder via CIFS, and using the “defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1″ hack on the previous post, I was able to get Time Machine to perform a backup. It worked, but in the end I decided that if I need to restore from this backup, I want my resource forks intact. To do that, I need AFP and netatalk. So, I removed all AFP shares except the one for Time Machine backup share. Now my Time Machine would backup and restore happily, and I could again use my Samba shares.

One of the cool things about having used AFP/netatalk was that my server and folders were showing up in my finder window. Well, that’s not a feature of AFP or netatalk, its actually avahi/Bonjour doing that. So, all I had to do was advertise the services. If you followed my previous posts, you’ve already created a service for AFP/netatalk on your server; it’s simple to create more, just add more service files. I’ll paste in all of my service files here:

/etc/avahi/services/aftp.service/

afpd.service%h AFP _afpovertcp._tcp 548
apache.service%h HTTP _http._tcp 80
rfb.service%h VNC _rfb._tcp 5901
samba.service%h _smb._tcp 139
sftp.service%h SFTP _sftp-ssh._tcp 22
ssh.service%h SSH _ssh._tcp 22

So, you can see that I’m announcing Samba/CIFS file, AFP file, Apache HTTPd, VNC (RFB) Remote Desktop, SSH and SFTP services. Leopard’s Finder only displays the CIFS, AFP and RFB services, but other applications with Bonjour support will see the other services. By default Finder opens “Screen Sharing” when you use the advertised service, but Chicken of the VNC can also browse for Bonjour enabled VNC servers. Below are screen shots of my Finder showing the shared services.

No restarts are needed for anything at this point. The services should automatically be picked up by the Linux avahi daemon, but if you really need to, you may execute /etc/init.d/avahi-daemon restart .

Time Machine backup to Linux via Netatalk

benjamin — Thu, 24 Jan 2008 07:26:49 +0000

So, when I got the upgrade from Tiger to Leopard on my MacBook Pro, I was looking for a good backup solution. I’ve used rsync in the past, but when I saw that Apple had a new Time Machine backup tool, I was curious to give it a shot. The catch is you basically needed an external USB or Firewire drive, until they recently came out with the Time Capsule. Anyway, tonight I got the itch to really see if I could make Time Machine work without buying extra hardware. I mean, seriously, I’ve got a good hunk of mirrored disk sitting on my home server; that seems like a good place to do backups.

Some googling found me this link to a blogger who’d done it!

I’ll make my own version of this post, since I had a few differences from the original I where I found the info.

First, netatalk is the Apple File Protocol server for Linux. My home server is running Ubuntu Linux 7.10 Gutsy Gibbon release. The default Debian/Ubuntu netatalk package doesn’t cut it, though, as it isn’t compiled against ssl, and Leopard has more stringent security requirements than its predecessors, so we have to custom compile a more secure version of netatalk. (Yes, you could reduce the security requirements, but I’d rather not.)

Follow the instructions in this ubuntu forum post to compile and install netatalk. After, run “echo “netatalk hold” | sudo dpkg –set-selections” to ensure that your package is not auto-upgraded (thus breaking your install).
Edit the netatalk configuration to include your backup storage location. The file /etc/netatalk/AppleVolumes.default is where the file server paths are configured. The last line of the default config grants access to home directories and looks like: (~/ “Home Directory”). You’ll need to add a line specifying where you are storing your backups; mine looks like: (/backup/time_machine/ “Time Machine”). Note: I removed the “Home Directory” line, as in general I’m happier using CIFS(Samba) to access my network shares.
Modify avahi/zeroconf to advertise AFP so that Mac Bonjour will see the fileserver. I followed these directions exactly.
Each Mac user needing access to the server has to have a corresponding user on the server, and each user needs a .passwd file in their home directory. Follow these instructions for Ubuntu only as it explains the creation of the .passwd file. Note: This is not needed, as far as I can tell, so I wouldn’t do it. I don’t like the idea of having my password in plaintext on my server.
Create a file named “.com.apple.timemachine.supported” at the root of the intended shared backup volume. (Discussed here in more detail.)
On your Mac, open a Terminal window and type: “defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1″

I rebooted, but it might not be necessary. After a bit of time, my server showed up under the “Shared” section in Finder’s left column navigation window. I did have to type in my username and password to get it to work, which can be saved in the keychain.

I added my other common shared folders (which I’d previously been accessing via Samba/CIFS). Now I’m backing up with Time Machine AND using my shared files via AFP. My Mac is happy, and I am too.

(see next post for explanation of strikeouts, but note, I don’t recommend you do the struck out actions.)

EasyVMX: Easily Create VMware Player Machines

benjamin — Thu, 20 Sep 2007 15:39:31 +0000

I’ve used this before, but today I was struck by how useful EasyVMX really is! I’m setting up a new PXELINUX / TFTP server (which will incidentally be running the PXE Knife tools put together by my friends John and Brian.

Anyway, EasyVMX provides a form (easy, super simple and 2.0 with advanced options) to generate a VMX config file (which VMware uses) to run a virtual machine. All you have to do is choose a few basic options about what you need on your machine, how much RAM, how big your disk needs to be, etc; click ‘Create’; and download your zip file. Simpl, easy, and I’ve got a VMware virtual machine that I can run in the free, VMware player.