Category Archives: linux

.net, linux, microsoft, software development, web authoring

Silverlight on Linux: Moonlight or moonshine?

2 Comments

Microsoft’s press release for Silverlight 2.0 says this:

Cross-platform and cross-browser support. This includes support for Mac, Windows and Linux in Firefox, Safari and Windows Internet Explorer.

The use of the present tense for Linux support is … misleading, to be generous. I tried visiting the official Silverlight site on Ubuntu. Here’s what I’m offered as downloads:

Hmmm. If I go to the official Moonlight site, I see this:

Note that not even Silverlight 1.0 is fully released; further, it says “no video or mp3 playback is enabled”. The installers are said to be incomplete.

I asked about this at the press conference; the answer was “we’re working on it” and “as soon as possible” and “Miguel is speaking at PDC”.

That’s fair enough and I understand that these things take time. But if you read the press release, you might suppose that a Linux user could use it now. Other than for geeky and experimental users, that is not the case.

linux, open source

Fixing wi-fi on Asus Eee PC 901 with Linux

100 Comments

I mentioned my annoyance that wi-fi with WPA encryption did not work on the Asus 901 Eee PC with Linux which I am reviewing. I later found that even a WEP connection, while it worked a bit, tended to drop out after few minutes. Worse still, the Asus repositories are messed up so getting updates is tricky.

I’ve managed to fix it. For the record, here’s what I did; though I can’t promise it will work for you; try it at your own risk. I should think there will be an easier way to install an updated driver soon.

One of the irritations about the repository problem is that attempted updates fill up your /dev/sda1. I wanted as much space as possible (without removing the recovery partition) so I reset the system with F9 on boot. Then I went into /etc/apt/sources.list and removed the default repositories, replacing them with these two:

deb http://xnv4.xandros.com/xs2.0/upkg-srv2 etch main contrib non-free

deb http://download.tuxfamily.org/eeepcrepos/ p701 main

(This is probably not a good arrangement long-term; but having the Asus repositories enabled right now makes it hard to install anything).

Then I did:

apt-get update

apt-get install build-essential

I also installed ksmserver and kicker to get access to the full desktop; but this wasn’t needed to get wi-fi working.

Next, I downloaded the latest driver source for the 901’s Ralink wi-fi card:

http://www.ralinktech.com.tw/data/drivers/2008_0708_RT2860_Linux_STA_v1.7.0.0.tar.bz2 (Update: don’t use this code – see Update 3 below).

Extracted it; then edited /os/linux/config.mk and changed:

HAS_WPA_SUPPLICANT=y

HAS_NATIVE_WPA_SUPPLICANT_SUPPORT=y – but see update 2 and update 3 below for the problems this caused.

I also removed –DDBG from WFLAGS

WFLAGS += –DCONFIG_STA_SUPPORT

In order to compile you need the kernel source. I adapted the instructions here. In essence, download the source from http://dlsvr01.asus.com/pub/ASUS/EeePC/701/Linux_Kernel_071127.rar, extract, install the deb, unpack the source in /usr/src, delete the .bz2 to save space, build the kernel with:

make oldconfig

make

(don’t actually install it), then create the following symbolic link:

ln -s /usr/src/linux-source-2.6.21.4-eeepc /lib/modules/2.6.21.4-eeepc/build

Now I was able to compile and install the ralink driver by switching to the RT2860 directory and typing:

make

make install

Wi-fi now worked with WPA; at least, it did on my second attempt after disabling native WPA supplicant support. I’ve also found it perfectly stable so far – much better.

Active wi-fi connection with WPA; a few numbers changed to reassure the paranoid

I’m happy now, but… what is Asus thinking?

I doubt the Eee brand would have ever taken off, except that the first 7xx releases made excellent use of Linux and open source applications to win people over; you did not even need to know that it was Linux.

Now we get this; the support for the 901 is dire; updates don’t work, the wi-fi doesn’t work properly, and the only fix I’ve found is a hack. Wi-fi is critical for a gadget like this, which is not much use without an Internet connection.

Together with short supply of the Linux version, this does suggest that Asus is keen to favour the Windows XP variant.

Update: I’ve made the binary (rt2860sta.ko) available for download here. Download includes RT2860STA.dat which goes in /etc/Wireless/RT2860STA. I guess we need an install script; I’ll have a go when I get a moment.

Update 2: Unfortunately I’m not quite there yet. If I compile with HAS_NATIVE_WPA_SUPPLICANT_SUPPORT=y then WEP works but WPA does not. If I compile with HAS_NATIVE_WPA_SUPPLICANT_SUPPORT=n then WPA works but (I now discover) WEP does not. Weird. I’m going to seek advice. If anyone wants the binary that works great with WEP but not WPA, let me know.

Update 3: Thanks to Ralink tech support I now have a fully working driver. I’ve updated the download above. The new code defines EEEPC_SPECIAL_SETTING and has some edits in common/mlme.c. It now works OK with HAS_NATIVE_WPA_SUPPLICANT_SUPPORT=y. Interesting point: the code is dated 15th July; which suggests that the problem was both known and fixed 2 and half weeks ago; it’s a shame nobody shared this with the community.

Update 4: I suggest you delete the old copy of rt2860sta.ko in /lib/modules/2.6.21.4-eeepc/rt2860 (if it exists).

PS: I’ve posted instructions for the binary install, with download links, here.

Technorati tags: , ,
linux, ubuntu

Eee 901 problems – does Asus still care about Linux?

3 Comments

I am reviewing the Asus Eee PC 901, the one with the Intel Atom processor. Of course I asked to see the Linux version. In my view Linux is better suited than Windows for a device with limited storage; and it is more interesting to me since the original Eee PC 701 was something of a breakthrough for desktop Linux.

No problem with the hardware; but the OS is a bit of a mess. The first problem is that the wireless card does not work properly for me. Asus have used a less common Ralink card – maybe it saved a few pennies over the Atheros it used to have – but out of the box it is not set up right. When I try to connect with WPA encryption I get:

Error for wireless request “Set Frequency” (8B04)
SET failed on device ra0; network is down
ioctl[SIOCSCIWAUTH]: Operation not supported

Looks like an update is needed. Here’s where the big problems start. With the 701 I had no problems updating, whether using the Synaptic GUI, or apt-get in a console. The new Eee currently offers me two updates in its “Updates and New Software” applet, one for “StarOffice Mime Types” which installs fine, and the other for “Webstorage Update”, which fails. Click Details and it is blank; no error message.

Trying apt-get instead is equally frustrating. Thanks to dependencies, updating almost any package results in a huge download – taking over an hour over broadband. Then the update fails because it runs out of disk space. That, and some packages are returning a 404; I also got size mismatch errors. Note: use apt-get clean after one of these exercises as that will free disk space.

The fact is, update is broken. One solution is not to update – though security is always a concern – but that still leaves the wireless problem unsolved.

This is careless of Asus. Part of the idea with the Eee is that it is an appliance, it just works, it hides all that Linux gunk. Except it is failing to do so, because of errors in the package management. Here’s what one user says:

This is sad. The thing that really helped launch the original 701 into reality is gone, and that’s Linux…I know my way around computers, and I know where to look to fix stuff, but this would leave a horrible taste in anyone’s mouth that wasn’t accustomed to finessing Linux (that’s the nice way of saying it)…I can’t say I see much of a future for Linux on the Eee.

It’s early days for the 901; maybe it will all be fixed soon. Still, at the very least it is being pushed out before the software is ready; which is a shame because there is a lot to like as well.

The best advice for those who don’t mind tweaking may be to install Ubuntu or some other distribution.

Update: I fixed the wi-fi issue eventually – see here.

Technorati tags: , ,
linux, php, software development, virtualization, web authoring

Debugging PHP code to fix a WordPress problem

4 Comments

How do you debug a PHP application? Traditionally developers resort to outputting variable values to HTML, or peering through logs, but why not set breakpoints and step through code just as you would in C# or Java? Maybe because it can take some effort to set this up, as I was reminded today.

I was motivated by an annoying WordPress problem which I’ve blogged about before. For historical reasons, I have a lot of subscribers to an old RSS url which delivers the feed in the now deprecated RSS 0.92 format. I prefer to have a full text feed, and this used to work fine with WordPress, which placed the entire blog post in the element of the feed.

At some point this stopped working, and subscribers got a summary only. In fact, the feed broke completely for a while, after I switched to pretty permalinks; but even after fixing that, I still had the problem with summary items. I tried upping the length of the description, but it was delivered without any HTML formatting so that did not work.

Next I tried the WordPress support forums. There are lots of good folk there; but if you review the posts its clear that many queries go unanswered. That’s nobody’s fault; it is a community, and for whatever reason there seem to be more people seeking help than there are experts with the time to give free advice.

So how about debugging the PHP code and working out what was happening? It seemed a good opportunity to try the latest Eclipse Ganymede, released a couple of weeks ago, along with the PHP Development Tools (PDT). I also figured it would be easier to set this up on Linux, to match what I use on the web server. I used the same Ubuntu on VirtualBox setup that worked well for trying out SproutCore. It worked…

Debugging PHP with Eclipse Ganymede

…but I can’t pretend it was wholly straightforward. Here’s how it went. I installed the latest Ubuntu distro versions of Apache, MySql and PHP – easy. Ubuntu’s Eclipse is not the latest, so I downloaded it from the Eclipse site and used some tips to set it up tidily. Note: make sure Sun Java is installed; I set it as the default JVM. Adding the PHP development tools was more fiddly. I’d half expected this to be part of a standard Eclipse download by now, but it is not, and if you try to install it into Ganymede using the standard update site is does not work because of dependency issues (a big problem with Eclipse). You have to download a 2.0.0 build from here instead.

I’d decided to use the Zend debugger – that’s a separate Eclipse update too, as explained here. Note that even after updating Eclipse, you still have to install the separate Zend debugger server from here, if you want to debug real web applications. I had a few problems getting this working, mainly because of the zend_debugger.allow_hosts directive which you have to edit in php.ini, and which is not brilliantly documented.

I replicated my blog on the Ubuntu virtual box – easy. But how do you get your Eclipse PHP project pointing at this existing code? The method I settled on after a couple of experiments was to start a new PHP project, uncheck the Use default option for project contents, and select the blog directory in /var/www. You then get a scary dialog which observes that files already exist. You can either create your project as a subdirectory, in which case you cannot debug with the existing files, or else pass the scary warning:

Create project in /var/www/blog
(Deleting the project will delete the entire /var/www/blog folder)

I mis-read this at first, thinking it would delete all the files when creating the project. That’s not what it says. Everything was a backup anyway, so I took the plunge; it worked fine. In fact, if you look closely at the screenshot above (click for a full size image) you can see that it is nicely done. You can see the call stack at top left, current variable values, output as it is being generated, and the usual options to step into or over the code.

That said, I did have some problems with Step Into. Just when it was going to be most useful, it bombed out with a message that said Error. If you looked at the detail, that also just said Error. The only fix I found was to set breakpoints in the actual file I needed to debug.

Still, it worked. I found that by adding a single argument to a line in feed-rss.php I could get my full text feed back. I’ve duly reported this in the WordPress support forums.

A couple of observations.

First, I don’t much like the WordPress code. Sorry, because the product is marvelous, but the code seems like a typical PHP tangle. Using pretty permalinks, which I regret, makes it worse.

Second, are there not plenty of developers who use both Java and PHP and would like it to be a tiny bit easier to set up in Eclipse? I’m being a little unfair, since Ganymede is just out and I guess the PDT will integrate better with it soon. Even so, Eclipse is still not quite the smooth plug-in dream that I once hoped it would become.

Note that if you don’t mind paying, you can have Zend Studio which I should think makes life easier. Or perhaps Delphi for PHP.

apple, internet, linux, microsoft, open source, software, software development, ubuntu, windows

What’s new in Subversion 1.5

1 Comment

The team behind the open source SCM (Software Configuration Management) tool Subversion released version 1.50 last month. Karl Fogel, president of the Subversion Corporation, says:

Measuring by new features alone, Subversion 1.5 is our biggest release since version 1.0 became available in February 2004.

I am a contented Subversion user, so took a look at the changes. Top of the list is “merge tracking”, though it is described as “foundational” which means that although the basic support is there, there is performance and feature work which remains to be done. From the user’s perspective, the difference is that branching and merging is just easier than before, as explained by Ben Sussman:

Notice how I never had to type a single revision number in my example: Subversion 1.5 knows when the branch was created, which changes need to be synced from branch to trunk, and which changes need to be merged back into the trunk when I’m done. It’s all magic now. This is how it should have been in the first place.

Other changes include sparse checkouts (when you only want to grab a small part of a repository), and changelists, a client feature which lets you tag a set of files under a changelist name and work on them as a group. There are also improvements aimed at making Subversion better suited to large-scale deployments using multiple servers. Subversion is still a centralized rather than a distributed SCM system, but 1.5 is better suited for use in a distributed manner. No doubt the Subversion team is aware of the increasing interest in Git, a distributed system. There are also numerous bug-fixes and performance tweaks. The changes are described here.

I want to move to Subversion 1.5 but it is not that easy. Compatibility is good, in that older clients work with 1.5 servers and vice versa, the main proviso being that you cannot mix several versions of the Subversion client with the same working copy. That is not likely to be a problem for most users.

The difficulty I encountered is that mainstream Linux distributions still have older versions of Subversion in their stable repositories. Ubuntu, for example, has version 1.4.4. My most-used Subversion repositories are on a Debian server, which also has an old version. I don’t want to switch the server to sid, Debian’s development distribution, and mixing packages is often problematic. I could do a manual installation I guess; but instead I will be patient.

I did install 1.50 on Windows, for an intranet repository. I used the Collabnet download. All I needed to do was to inform the installer of the location of my existing repository, and then copy a few lines from the old Apache 2.0 configuration file to the new Apache 2.2 configuration file. Everything works fine. I also updated TortoiseSVN on the Windows clients.

One of the advantages of Subversion (or any SCM) repositories over synched folders like those in Microsoft’s Live Mesh or Apple’s MobileMe (as I understand it) is that you get version history. I regard this as a key feature. The problem with synchronization is that you might overwrite a good copy with a bad one. It is easy to do; it might be caused by user error, or a bug in your word processor, or a failing hard drive. Automatic synch (un)helpfully replicates the bad copy all over. Versioning means you can just rollback to the good one.

canon, linux, software, software development

Canon’s bad dialog, weak Linux support

While installing Canon’s MX700 all-in-one printer on Windows, I spotted this for my collection of bad dialogs:

do you want to restart the system now?

Hint: if you ask the user a question, it’s good to allow for more than one answer. Even if you close the dialog by clicking the x at top right, it still reboots the system.

I was also interested to see whether the printer works with Linux. Canon doesn’t offer Linux drivers. Nor does it seem keen to hear from customers about this:

Linux printing for other printers

The CAPTCHA test always presents 8 zeroes, which it then rejects as invalid.

I haven’t quite given up.  There are Linux drivers for the Pixma MP520 which are rumoured to work somewhat. When I have a moment I’ll give it a try.

Technorati tags: , , ,
linux, open source, software, software development, virtualization, windows

Wine is 1.0

Congratulations to the Wine community which has released Wine 1.0:

The Wine team is proud to announce that Wine 1.0 is now available. This is the first stable release of Wine after 15 years of development and beta testing.

Wine is a compatibility layer that enables Windows applications to run on Linux, Mac OS X, and other Unix-like systems.

Although in beta, Wine has been used in numerous commercial applications over the years. Two I can think of: WordPerfect 9 from Corel, and the Kylix IDE from Borland. More accurately, Kylix used Winelib, which uses the Wine API at compile-time rather than at runtime.

Another notable example is Google’s Picasa for Linux.

Despite this landmark, Wine seems less significant now than it did a few years back. For one thing, it is easier to write a cross-platform application. For another, web applications have grown in importance, reducing the number of native applications we need to run. Finally, virtualization is now a better, more compatible route to running Windows apps on Unix in many scenarios.

Technorati tags: , , , ,
linux, open source, web authoring, windows

Installing SproutCore on Ubuntu on VirtualBox

12 Comments

If you check out the installation instructions for SproutCore you will notice that Windows developers are not really catered for (though I am sure it can be done). I also noticed some Windows issues in the Sproutcore forum. More evidence of the Windows/Unix disconnect.

Having been impressed by VirtualBox recently, I figured it might be easier to use VirtualBox and Ubuntu.

Here’s how it went. I ran up a new VirtualBox image and installed Ubuntu. Very easy; just point VirtualBox to the Ubuntu install iso. This worked, except that Ubuntu did not recognize the video driver and defaulted to 800 x 600 resolution. Solution: install dkms in Synaptic (or using apt-get); then install the VirtualBox Linux Additions. That gave me 1024 x 768, which is good enough.

Next, you need to install Ruby (developer version) (use sudo or root)

apt-get install ruby

apt-get install rubygems

apt-get install ruby1.8-dev

and some build tools as one of the SproutCore dependencies (hpricot) calls make when installed:

apt-get install build-essential

I thought that would be enough, but my first go at installing SproutCore failed, apparently because gem is not on the path. Although it seemed to work, I got “command not found” when running sproutcore. So:

export PATH=$PATH:/var/lib/gems/1.8/bin

Now you can install SproutCore:

gem install sproutcore

Several components, such as hpricot, ask which version to install. I chose the variant designated (ruby).

After that, the Hello World tutorial ran exactly as expected.

By the way, although this example makes it look as if SproutCore is a dynamic server framework, it is not. The usual way to deploy a SproutCore application is as static files; the server arrangement is for debugging.

Note: the command above only amends the path for the current session. To make it permanent, I added the following to lines to the end of /etc/profile (needs root permissions to edit)*:

PATH=$PATH:/var/lib/gems/1.8/bin
export PATH

*See comment below for an even better suggestion.

internet, linux, open source, security

More on Debian’s OpenSSL bungle

2 Comments

I reported on this in the Guardian. Interesting piece to research. First, the history. You can find the exchange between Karl Roeckx and Ulf Möller here. An unfortunate mistake; I make mistakes too (it was my fault that a name was misspelt in the Guardian piece, for example), so rather than heap blame on individuals I suggest this is more about a problem with the process; the only people making significant changes to the source code of such an critical library should be the committers responsible for that library. No doubt the incident is prompting a review of the process for updating Debian, Ubuntu and other distros; perhaps we will end up with a slower but less vulnerable flow of updates.

Second, a remark from Tim Callan at Verisign which there was not room for in this piece. I asked him whether Verisign knows which of the certificates it has issued are bad. “Unfortunately we don’t have those key pairs to look at them and scan them and tell which ones are good and which ones are not,” he told me. All Verisign can do is to ask its customers to check, which Callan says it is doing “very very aggressively.” In mitigation, Verisign does have a record of what operating system was used to purchase the certificate, but this is not the same thing; it is an imperfect process. The only fix is to revoke and replace the bad ones, which the company is offering to do for free.

Third, there are two distinct risks here. First, weak SSL certificates. Versign is embarrassed because it has been issuing weak certificates; its core product has been undermined. However, according to Netcraft, of the 870,000 secure web servers on the Internet, only 20,000 report themselves as Debian and 4,000 as Ubuntu. The true figure will be somewhat more than that, but that is a relatively small proportion; and exploiting the weakness takes a bit of effort.

The second problem is the possibility of intercepting or cracking SSH tunnels used to administer affected servers. We saw this demonstrated at a hacking briefing run by NCC Group yesterday. Let’s assume that administrators use SSH authenticated with a private key – a common scenario – and that the key was generated by the faulty Open SSL library. I suspect this will have been true for many more than 20,000 servers, though a lot will now have been fixed. All you need to do is to run a script against that server armed with a list of the possible keys – under a thousand, according to the demo we saw*. When you get a hit, you can connect to that server, most likely with full root permissions.

The most hardened servers will not be so easy to crack. They will authenticate as a user with limited rights, and use su to elevate. They will limit access to specific IP addresses. They will use additional passphrases. And they will have changed the keys within hours of the problem being discovered.

Still, there are plenty of less secure servers out there, so what that means is that an unknown number of servers will have been compromised, and more will follow. If you are lucky, the intruders will hack your website and do obvious damage so the server will get cleaned up. If you are unlucky, the intruder will be discreet and quietly start stealing credit card numbers, or taking advantage of any information or privileges obtained to get access to additional servers or data, or make occasional use of the server in botnet attacks. Who knows?

Servers getting rooted is not a new problem; and it’s not yet clear whether this incident is more than a ripple. Colin Phipps at Netcraft doesn’t think it is. “We’ll see a lot of panicked system administrators,” he told me, “and we’ll see a lot of scepticism about open source.” That last point is probably the most significant.

*I’m told this was artificially reduced for the demo – but there are only 32,676 keys possible private keys to brute force access. However, even using the full set of 2048-bit RSA keys NCC Group successfully broke into a system which used Debian to generate SSH keys in 20 minutes, and think it could often be done in half that time.

linux, open source, ubuntu

What to say about Ubuntu Hardy Heron?

2 Comments

I installed Ubuntu Hardy Heron, a “long term support” release which went final yesterday.

It’s a tricky thing to assess. There are in general two things to say about Linux. First, you can take the line that it is a wonderful thing: free, fast, responsive and capable. You can do your work on this, even run a business on it. You can write applications in Java, C# or any number of other languages. You can have fun with it too – it’s great for multimedia, just a shame that few games support it. Finally, it is nice to know that most of the world’s malware is targetting someone else’s operating system.

Alternatively, you can argue that Linux is fiddly, perplexing, over-complicated, inconsistent, and still not ready for the general public.

It is tempting to give Ubuntu an easy ride because it is free and because we so much want it to succeed; we need an alternative to the Microsoft tax or the Apple tax. Unfortunately you never have to look far to find little problems or things that should be easy but end up consuming considerable effort.

Here’s one thing I noticed today. Close FireFox. Open  the Help Centre, and click a web link. The Help Centre opens FireFox with the link you requested, but then cannot be used until you close the FireFox instance. Trying to close it brings up a “Not responding” message. If FireFox was already running when you clicked the link, it is fine.

Here is another. Open Help Centre, click Playing Music, then Listen to online audio streams. It says I can install Real Player 10 and that it is available from the “commercial respository”. What is the “commercial” repository? This page describes four Ubuntu repositories: main, restricted, universe and multiverse. Real Player is not in any of them. Further, if you try and install it using apt get, the following message appears:

Package realplayer is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source
E: Package realplayer has no installation candidate

Hey, it’s Linux. Just Google and you’ll find a way. Who needs Real Player anyway? But that’s not the point … the point is that these little issues crop up and make running Linux less fun for non-geeks.

Here’s another one: I tried GNU Chess. I poked around in Preferences and chose the 3D view. It said:

You are unable to play in 3D mode due to the following problems:
No Python OpenGL support
No Python GTKGLExt support

Please contact your system administrator to resolve these problems, until then you will be able to play chess in 2D mode.

Fair enough; it is a clear, accurate and informative message – aside from the bit about “contacting your system administrator” which sounds like it was borrowed from Windows. You can just about forgive it in business software, but this is a game.

I still love Ubuntu. This one installed easily and updates nicely; the fancy graphics effects work smoothly; and most important, the same machine which felt slow with Vista now seems more like a high-performance workstation.

In other words, it it easy to support either line of argument. Personally I veer towards the favourable view; but I doubt fear of Ubuntu is keeping anyone in Redmond awake at nights.