mikas blog

Alright, Debian GNU/Linux 5.0 AKA as Lenny has been released. Time for a Debian unstable unfreeze party! 8-)

What does the new stable release bring for system administrators? I’ll give an overview what news you might expect when upgrading from Debian GNU/Linux 4.0, codename Etch (released on 8th April 2007) to the current version Debian GNU/Linux 5.0, codename Lenny (released on 14th February 2009). I try to avoid duplicated information so make sure to read the release announcement and the official release notes for Lenny beforehand.

Noteworthy Changes

• initrd-tools got replaced by initramfs-tools
• netkit-inetd got replaced by openbsd-inetd
• the default syslog daemon sysklogd got replaced by rsyslog
• new defaults when creating ext2/ext3 file systems: dir_index and resize_inode feature enabled by default and use blocksize = 4096, inode_size = 256 and inode_ratio = 16384 (see /etc/mke2fs.conf)
• improved IPv6 support
• init.d-scripts for dependency-based init systems
• Debian-Volatile (hosting packages providing data that needs to be regularly updated over time, such as timezones definitions, anti-virus signature files,…) is an official service
• EVMS (Enterprise Volume Management System) was removed
• compatibility with the FHS v2.3
• software developed for version 3.2 of the LSB
• official Debian Lenny live systems for the amd64 and i386 architectures
• several new d-i features

Virtualisation

• kvm: works out-of-the-box with Lenny
• OpenVZ: deploying OpenVZ systems works out-of-the-box now thanks to new OpenVZ kernel image flavors (no need for any further, external repositories)
• vserver: the according kernel images are available
• Xen: works (dom0 as well as domU support), see Xen @ Debian-Wiki

Virtualisation related new tools:

• ganeti: Cluster-based virtualization management software
• libvirt-bin: Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The library aims at providing a long term stable C API for different virtualization mechanisms.
• virtinst: Programs to create and clone virtual machines
• virt-manager: desktop application for managing virtual machines
• xen-shell: Console based Xen administration utility
• xenstore-utils: Xenstore utilities for Xen
• xenwatch: Virtualization utilities, mostly for Xen

Desktop oriented packages like virtualbox and qemu are available as well of course.

Noteworthy Updates

This is a (selective) list of some noteworthy updates:

• apache2: upgrade from 2.2.3-4+etch6 to 2.2.9-10+lenny2
• apt: upgrade from version 0.6.46.4-0.1 to 0.7.20.1, bringing ‘apt-get autoremove’
• aptitude: upgrade from version 0.4.4-4 to 0.4.11.11-1~lenny1, bringing ‘aptitude safe-upgrade’ which replaces ‘aptitude upgrade’ and ‘aptitude full-upgrade’ replacing ‘aptitude dist-upgrade’
• bash: upgrade from 3.1dfsg-8 to 3.2-4
• bind: upgrade from 1:8.4.7-1 / 1:9.3.4-2etch4 to 1:9.5.0.dfsg.P2-5.1
• cfengine: upgrade from 2.1.20-1 to 2.2.8-1
• courier: upgrade from 0.53.3-5 to 0.60.0-2
• dpkg: upgrade from 1.13.26 to 1.14.24, bringing dpkg triggers
• drbd: upgrade from 0.7.21-4 to 2:8.0.14-2
• dstat: upgrade from 0.6.3-2 to 0.6.7-1, the new version for example provides the topcpu and topmem modules so you can run ‘dstat -c -M topcpu -dng -M topmem’ to identify cpu and memory intensive jobs
• fai: upgrade from 3.1.8 to version 3.2.16, see NEWS
• gcc/g++: upgrade from 4:4.1.1-15 to 4.3.2-1.1
• git: upgrade from 1:1.4.4.4-4+etch1 to 1:1.5.6.5-2
• initramfs-tools: upgrade from 0.85i to 0.92o, see new Lenny features
• iproute: upgrade from 20061002-3 to 20080725-2
• iptables: upgrade from 1.3.6.0debian1-5 to 1.4.2-5
• gnu libc: upgrade from 2.3.6.ds1-13etch9+b1 to 2.7-18
• lighttpd: upgrade from 1.4.13-4etch11 to 1.4.19-5
• linux-kernel: upgrade from kernel 2.6.18 to 2.6.26, see wiki.debian.org/KernelFAQ#new-features-in-lenny
• lvm2: upgrade from 2.02.06-4etch1 to 2.02.39-6
• mdadm: upgrade from 2.5.6-9 to 2.6.7.1-1, see README.upgrading-2.5.3
• mercurial: upgrade from 0.9.1-1+etch1 to 1.0.1-5.1
• mount: upgrade from 2.12r-19etch1 to 2.13.1.1-1, bringing read-only binds, –make-shared, –make-slave, –make-private, –make-unbindable
• mysql: upgrade from 5.0.32-7etch8 to 5.0.51a-23
• nagios: upgrade from 2.6-2+etch1 to 3.0.6-3, see Upgrading From Nagios 2.x and What’s New in Nagios 3 for details
• openldap: upgrade from 2.3.30-5+etch2 to 2.4.11-1
• openssh: upgrade from 1:4.3p2-9etch3 to 1:5.1p1-5
• postgresql: upgrade from 7.5.22 / 8.1.15-0etch1 to 8.3.5-1
• perl: upgrade from 5.8.8-7etch6 to 5.10.0-19
• php: upgrade from 5.2.0-8+etch13 to 5.2.6.dfsg.1-1+lenny2
• postfix: upgrade from 2.3.8-2+etch1 to 2.5.5-1.1
• puppet: upgrade from 0.20.1-1 to 0.24.5-3
• python: upgrade from 2.4.4-2 to 2.5.2-3
• ruby: upgrade from 1.8.5-4etch4 to 1.8.7.72-3
• samba: upgrade from 3.0.24-6etch10 to 2:3.2.5-4
• subversion: upgrade from 1.4.2dfsg1-2 to 1.5.1dfsg1-2
• tcl/tk: upgrade from 8.4.12-1etch2 to 8.5.3-4
• utilx-linux: upgrade from 2.12r-19etch1 to 2.13.1.1-1, brings new utilities like:
  • chrt: manipulate real-time attributes of a process
  • ionice: get/set program io scheduling class and priority
  • rename.ul: rename the specified files by replacing the first occurrence of from in their name by to
  • taskset: retrieve or set a process’s CPU affinity
• zsh: upgrade from 4.3.2-25 to 4.3.6-6

New packages

Lenny ships over 7000 new packages. Lists of new/removed/replaced packages are available online. I’ll name 238 sysadmin related packages that might be worth a look. (Note: I don’t list addon stuff like optional server-modules, docs-only and kernel-source related packages. I plan to present some of the following packages in more detail in separate blog entries.)

• ack-grep: A grep-like program specifically for large source trees
• acpitail: Show ACPI information in a tail-like style
• adns-tools: Asynchronous-capable DNS client library and utilities
• aggregate: ipv4 cidr prefix aggregator
• aosd-cat: an on screen display tool which uses libaosd
• apt-cacher-ng: Caching proxy for distribution of software packages
• apt-cross: retrieve, build and install libraries for cross-compiling
• aptfs: FUSE filesystem for APT source repositories
• apt-p2p: apt helper for peer-to-peer downloads of Debian packages
• apt-transport-https: APT https transport, use ‘deb https://foo distro main’ lines in the sources.list
• arp-scan: arp scanning and fingerprinting tool
• array-info: command line tool reporting RAID status for several RAID types
• balance: Load balancing solution and generic tcp proxy
• bash-completion: programmable completion for the bash shell
• blktrace: utilities for block layer IO tracing
• daemonlogger: simple network packet logger and soft tap daemon
• daemontools: a collection of tools for managing UNIX services
• dbndns: Debian fork of djbdns, a collection of Domain Name System tools
• dcfldd: enhanced version of dd for forensics and security
• dctrl2xml: Debian control data to XML converter
• debomatic: automatic build machine for Debian source packages
• desproxy: tunnel TCP traffic through a HTTP proxy
• detox: utility to replace problematic characters in filenames
• di-netboot-assistant: Debian-Installer netboot assistant
• dish: the diligence/distributed shell for parallel sysadmin
• djbdns: a collection of Domain Name System tools
• dns2tcp: TCP over DNS tunnel client and server
• dnscache-run: djbdns dnscache service
• dnshistory: Translating and storing of IP addresses from log files
• dnsproxy: proxy for DNS queries
• dsyslog: advanced modular syslog daemon
• etckeeper: store /etc in git, mercurial, or bzr
• ext3grep: Tool to help recover deleted files on ext3 filesystems
• fair: high availability load balancer for TCP connections
• fatresize: FAT16/FAT32 filesystem resizer
• flog: dump STDIN to file and reopen on SIGHUP
• freeradius-utils: FreeRadius client utilities
• ganeti: Cluster-based virtualization management software
• gfs2-tools: Red Hat cluster suite – global file system 2 tools
• gitosis: git repository hosting application
• gptsync: GPT and MBR partition tables synchronisation tool
• grokevt: scripts for reading Microsoft Windows event log files
• grub2: GRand Unified Bootloader, version 2
• gt5: shell program to display visual disk usage with navigation
• haproxy: fast and reliable load balancing reverse proxy
• havp: HTTP Anti Virus Proxy
• heirloom-mailx: feature-rich BSD mail(1)
• hfsprogs: mkfs and fsck for HFS and HFS+ file systems
• hinfo: Check address ownership and DNSBL listings for spam reporting
• hlbr: IPS that runs over layer 2 (no TCP/IP stack required)
• hobbit: monitoring system for systems, networks and applications – server
• hotwire: Extensible graphical command execution shell
• hunchentoot: the Common Lisp web server formerly known as TBNL
• ifupdown-extra: Network scripts for ifupdown
• ike: Shrew Soft VPN client – Daemon and libraries
• incron: cron-like daemon which handles filesystem events
• inoticoming: trigger actions when files hit an incoming directory
• iodine: tool for tunneling IPv4 data through a DNS server
• iotop: simple top-like I/O monitor
• ipplan: web-based IP address manager and tracker
• ips: Intelligent process status
• iscsitarget: iSCSI Enterprise Target userland tools
• isns: Internet Storage Naming Service
• itop: simple top-like interrupt load monitor
• iwatch: realtime filesystem monitoring program using inotify
• jetring: gpg keyring mantainance using changesets
• john: active password cracking tool
• kanif: cluster management and administration swiss army knife
• keepassx: Cross Platform Password Manager
• keysafe: A safe to put your passwords in
• killer: Background job killer
• kpartx: create device mappings for partitions
• kvm: Full virtualization on x86 hardware
• latencytop: A tool for developers to visualize system latencies
• lbcd: Return system load via UDP for remote load balancers
• ldb-tools: LDAP-like embedded database – tools
• ldnsutils: ldns library for DNS programming
• lfhex: large file hex editor
• live-helper: Debian Live build scripts
• live-magic: GUI frontend to create Debian LiveCDs, netboot images, etc.
• logapp: supervise execution of applications producing heavy output
• lsat: Security auditor tool
• lustre-utils: Userspace utilities for the Lustre filesystem
• lwat: LDAP Web-based Administration Tool
• maatkit: Command-line utilities for MySQL
• mantis: web-based bug tracking system
• memdump: memory dumper
• memlockd: daemon to lock files into RAM
• metainit: Generates init scripts
• mirmon: monitor the state of mirrors
• mkelfimage: utility to create ELF boot images from Linux kernel images
• mongrel: A small fast HTTP library and server for Ruby
• monkey: fast, efficient, small and easy to configure web server
• monkeytail: tail variant designed for web developers monitoring logfiles
• mpy-svn-stats: Simple and easy to use svn statistics generator
• mr: a Multiple Repository management tool
• msr-tools: Utilities for modifying MSRs from userspace
• mtd-utils: Memory Technology Device Utilities
• munge: authentication service to create and validate credentials
• mxallowd: Anti-Spam-Daemon using nolisting/iptables
• mylvmbackup: quickly creating backups of MySQL server’s data files
• myrescue: rescue data from damaged harddisks
• mysql-proxy: high availability, load balancing and query modification for mysql
• mysqltuner: high-performance MySQL tuning script
• nagvis: Visualization addon for Nagios
• ncdu: ncurses disk usage viewer
• netrw: netcat like tool with nice features to transport files over network
• netsend: a speedy filetransfer and network diagnostic program
• network-config: Simple network configuration tool
• nfdump: netflow capture daemon
• ngetty: getty replacement – one single daemon for all consoles
• nilfs2-tools: Continuous Snapshotting Log-structured Filesystem
• ninja: Privilege escalation detection system for GNU\Linux
• noip2: client for dynamic DNS service
• nsd3: authoritative domain name server (3.x series)
• ntfs-3g: read-write NTFS driver for FUSE
• nulog: Graphical firewall log analysis interface
• nuttcp: network performance measurement tool
• ocsinventory-server: Hardware and software inventory tool (Communication Server)
• odt2txt: simple converter from OpenDocument Text to plain text
• olsrd: optimized link-state routing daemon (unik-olsrd)
• onesixtyone: fast and simple SNMP scanner
• openais: Standards-based cluster framework (daemon and modules)
• opencryptoki: PKCS#11 implementation for Linux (daemon)
• openvas-client: Remote network security auditor, the client
• ophcrack: Microsoft Windows password cracker using rainbow tables
• op: sudo like controlled privilege escalation
• otpw-bin: OTPW programs for generating OTPW lists
• packeth: Ethernet packet generator
• paperkey: extract just the secret information out ouf OpenPGP secret key
• paris-traceroute: New version of well known tool traceroute
• password-gorilla: a cross-platform password manager
• pathfinderd: Daemon for X.509 Path Discovery and Validation
• pathfinder-utils: Utilities to use with the Pathfinder Daemon
• pcaputils: specialized libpcap utilities
• pcp: System level performance monitoring and performance management
• perlconsole: small program that lets you evaluate Perl code interactively
• pgloader: loads flat data files into PostgreSQL
• pgpool2: connection pool server and replication proxy for PostgreSQL
• pgsnap: PostgreSQL report tool
• pmailq: postfix mail queue manager
• pnputils: Plug and Play BIOS utilities
• policykit: framework for managing administrative policies and privileges
• postfwd: Postfix policyd to combine complex restrictions in a ruleset
• postpone: schedules commands to be executed later
• powertop: Linux tool to find out what is using power on a laptop
• prayer: standalone IMAP-based webmail server
• prelude-correlator: Hybrid Intrusion Detection System [ Correlator ]
• privbind: Allow unprivileged apps to bind to a privileged port
• pssh: Parallel versions of SSH-based tools
• ptop: PostgreSQL performance monitoring tool akin to top
• pyftpd: ftp daemon with advanced features
• rancid-core: rancid — Really Awesome New Cisco confIg Differ
• rancid-util: Utilities for rancid
• rdnssd: IPv6 recursive DNS server discovery daemon
• rdup: utility to create a file list suitable for making backups
• reglookup: utility to read and query Windows NT/2000/XP registry
• rgmanager: Red Hat cluster suite – clustered resource group manager
• rinse: RPM installation environment
• rofs: Read-Only Filesystem for FUSE
• rsyslog: enhanced multi-threaded syslogd
• safe-rm: wrapper around the rm command to prevent accidental deletions
• samba-tools: tools provided by the Samba suite
• samdump2: Dump Windows 2k/NT/XP password hashes
• scalpel: A Frugal, High Performance File Carver
• scamper: advanced traceroute and network measurement utility
• scanmem: Locate and modify a variable in a running process
• schedtool: Queries/alters process’ scheduling policy and CPU affinity
• screenie: a small and lightweight GNU screen(1) wrapper
• scrounge-ntfs: Data recovery program for NTFS filesystems
• ser: Sip Express Router, very fast and configurable SIP proxy
• serverstats: a simple tool for creating graphs using rrdtool
• shutdown-at-night: System to shut down clients at night, and wake them in the morning
• sipcrack: SIP login dumper/cracker
• sks: Synchronizing OpenPGP Key Server
• slack: configuration management program for lazy admin
• sma: Sendmail log analyser
• smbind: PHP-based tool for managing DNS zones for BIND
• smbnetfs: User-space filesystem for SMB/NMB (Windows) network servers and shares
• softflowd: Flow-based network traffic analyser
• speedometer: measure and display the rate of data across a network connection
• spf-milter-python: RFC 4408 compliant Python SPF Milter for Sendmail and Postfix
• spf-tools-perl: SPF tools (spfquery, spfd) based on the Mail::SPF Perl module
• spf-tools-python: sender policy framework (SPF) tools for Python
• sqlgrey: Postfix Greylisting Policy Server
• ssdeep: Recursive piecewise hashing tool
• sshfp: DNS SSHFP records generator
• sshm: A command-line tool to manage your ssh servers
• sshproxy: ssh gateway to apply ACLs on ssh connections
• sslscan: Fast SSL scanner
• strace64: A system call tracer for 64bit binaries
• sucrack: multithreaded su bruteforcer
• supercat: program that colorizes text for terminals and HTML
• superiotool: Super I/O detection tool
• system-config-lvm: A utility for graphically configuring Logical Volumes
• system-config-printer: graphical interface to configure the printing system
• tack: terminfo action checker
• taktuk: efficient, large scale, parallel remote execution of commands
• tcpwatch-httpproxy: TCP monitoring and logging tool with support for HTTP 1.1
• terminator: Multiple GNOME terminals in one window
• timelimit: Simple utility to limit a process’s absolute execution time
• tipcutils: TIPC utilities
• tor: anonymizing overlay network for TCP
• tpm-tools: Management tools for the TPM hardware (tools)
• tracker-utils: metadata database, indexer and search tool – commandline tools
• tumgreyspf: external policy checker for the postfix mail server
• ucspi-tcp: command-line tools for building TCP client-server applications
• unbound: validating, recursive, caching DNS resolver
• unhide: Forensic tool to find hidden processes and ports
• uniutils: Tools for finding out what is in a Unicode file
• unsort: reorders lines in a file in semirandom ways
• uphpmvault: upload recovery images to HP MediaVault2 via Ethernet
• usermode: Graphical tools for certain user account management tasks
• utf8-migration-tool: Debian UTF-8 migration wizard
• uuid-runtime: universally unique id library
• vblade-persist: create/manage supervised AoE exports
• vde2: Virtual Distributed Ethernet
• vdmfec: recover lost blocks using Forward Error Correction
• virtinst: Programs to create and clone virtual machines
• virt-manager: desktop application for managing virtual machines
• virtualbox-ose: x86 virtualization solution – binaries
• virt-viewer: Displaying the graphical console of a virtual machine
• watchupstream: Look for newer upstream releases
• whirlpool: Implementation of the whirlpool hash algorithm
• win32-loader: Debian-Installer loader for win32
• xavante: Lua HTTP 1.1 Web server
• xdelta3: A diff utility which works with binary files
• xen-shell: Console based Xen administration utility
• xenstore-utils: Xenstore utilities for Xen
• xenwatch: Virtualization utilities, mostly for Xen
• xfingerd: BSD-like finger daemon with qmail support
• xl2tpd: a layer 2 tunneling protocol implementation
• xrdp: Remote Desktop Protocol (RDP) server
• yersinia: Network vulnerabilities check software
• zerofree: zero free blocks from ext2/3 file-systems
• zipcmp: compare contents of zip archives
• zipmerge: merge zip archives
• ziproxy: compressing HTTP proxy server

Further Ressources

• Debian GNU/Linux 5.0 released – Release Announcement
• Debian GNU/Linux 5.0 – Release Notes
• Etch2Lenny Upgrade @ Debian-Wiki
• New in Lenny @ Debian-Wiki

I hope you know the comics of xkcd and abstrusegoose about Unix time. Unix time?

Unix time, or POSIX time, is a system for describing points in time, defined as the number of seconds elapsed since midnight Coordinated Universal Time (UTC) of January 1, 1970, not counting leap seconds. It is widely used not only on Unix-like operating systems but also in many other computing systems.

— http://en.wikipedia.org/wiki/Unix_time

This are my solutions to convert the Unix time ‘1234567890’ to human readable format:

GNU date:

% date -d @1234567890
Sat Feb 14 00:31:30 CET 2009

BSD date:

% date -ur 1234567890
Sat Feb 14 00:31:30 CET 2009

Zsh:

% zsh -c 'zmodload zsh/datetime ; strftime "%c" 1234567890'
Sat 14 Feb 2009 12:31:30 AM CET

Python:

% python -c 'import time; print time.ctime(1234567890)'
Sat Feb 14 00:31:30 2009

Ruby:

% ruby -e 'puts Time.at(1234567890)'
Sat Feb 14 00:31:30 +0100 2009

Perl:

% perl -e 'print scalar localtime(1234567890),"\n";'
Sat Feb 14 00:31:30 2009

MySQL:

% echo 'select FROM_UNIXTIME(1234567890);' | mysql -h localhost
FROM_UNIXTIME(1234567890)
2009-02-14 00:31:30

PostgreSQL:

% echo "SELECT TIMESTAMP WITH TIME ZONE 'epoch' + 1234567890 * INTERVAL '1 second';" | psql test
        ?column?
------------------------
 2009-02-14 00:31:30+01
(1 row)

C:

% echo '
#include <stdio.h>
#include <time.h>

int main() {
   time_t sec;
   struct tm * ts;
   sec = (1234567890);
   ts = localtime(&sec);
   printf("%s", ctime(&sec));
   return 0;
}' | gcc -x c - && ./a.out
Sat Feb 14 00:31:30 2009

Java:

% cat date.java
import java.util.Date;
import java.util.TimeZone;

class UnixTime {
        public static void main(String[] args) {
                TimeZone.setDefault(TimeZone.getTimeZone("CET"));
                System.out.println(new Date(1234567890L*1000L));
        }
}
% javac date.java && java UnixTime
Sat Feb 14 00:31:30 CET 2009

Javascript:

% echo 'new Date(1234567890*1000);' | smjs -i
js> Sat Feb 14 2009 00:31:30 GMT+0100 (CET)

PHP:

% php --run 'print date("r", "1234567890");'
Sat, 14 Feb 2009 00:31:30 +0100

  Board Info: #2
    Manufacturer: "[snip]"
    Product: "To be filled by O.E.M."
    Version: "To be filled by O.E.M."
    Serial: "To be filled by O.E.M."
    Asset Tag: "To Be Filled By O.E.M."
    Type: 0x0a (Motherboard)
    Features: 0x09
      Hosting Board
      Replaceable
    Location: "To Be Filled By O.E.M."
    Chassis: #3

Note: I snipped the manufacturer. Feel free to guess who is responsible for the “To be filled by O.E.M.” entries though.

Die Grazer LinuxTage 2009 (GLT09) rücken näher.

Die Grazer LinuxTage werden am Samstag, den 25. April 2009 wie schon bisher auf der FH Joanneum stattfinden. Wir suchen auch heuer
wieder gute Vorträge. Vor Kurzem ist Call for Lectures online gegangen. Du willst deine Software unter die Leute bringen? Es gibt ein gutes Projekt das unbedingt präsentiert gehört? Dann halte doch einen Vortrag auf den GLT09! Es muss übrigens nicht zwingend mit Linux zusammenhängen, die Grazer LinuxTage sind bekannt für ein breit gefächertes Programm: Community, Internet/Netzwerke, Projektmanagement im Open Source-Umfeld, andere freie Betriebssystem,… sind ebenfalls gern gesehene Themen.

Community-Stände sind natürlich ebenfalls wieder geplant. Wer diesbezüglich etwas machen möchte, möge sich bitte mit einer kurzen Mail bei mir melden.

Ich hoffe auf ein Wiedersehen auf den Grazer LinuxTagen 2009!

Das BarCamp in Klagenfurt (Kärnten) findet heuer am 7. und 8. Februar statt. Als Veranstaltungsort ist wieder die Universität Klagenfurt geplant.

Vortragstitel: Mehrantenne Systeme – Schaltungstheoretisch basierte Kommunikationstechnik
Vortragender: Prof. Dr. techn. Josef A. NOSSEK
Datum: 29.01.2009, 18:30-20:00 Uhr
Ort: TU Graz – HS E, 1. Stock Kopernikusgasse 24
Kosten: Die Teilnahme an dieser Veranstaltung ist kostenlos, um eine Anmeldung wird jedoch gebeten.

Über den Vortrag:

Mehrantennensysteme bieten die Möglichkeit, den stets steigenden Bedarf an Datenrate über einen drahtlosen Zugang begrenzter Bandbreite zum Festnetz zu befriedigen. Sie sind deshalb seit mehr als einem Jahrzehnt Gegenstand intensiver Forschung, die zu einer Fülle von informationstheoretisch wichtigen Ergebnissen die Analyse und Optimierung von MIMO(Multiple Input Multiple Output)-Systemen betreffend geführt hat. Das hohe Maß an Abstraktion der informationstheoretischen Modellierung erweist sich dabei als Vorteil und führt zu einheitlichen Ergebnissen für unterschiedlichste Systemvarianten. Allerdings bietet die Informationstheorie keine angemessene Beschreibung des Energieflusses, der den Informationsfluss stets begleitet. Die physikalisch konsistente Interpretation informationstheoretischer Ergebnisse ist jedoch Voraussetzung für die korrekte Berücksichtigung zentraler Begriffe wie Sendeleistung und Rauschkorrelationen. Mit Hilfe der Netzwerktheorie gelingt eine konsistente Beschreibung der Energieflüsse, die zu überraschenden neuen Ergebnissen hinsichtlich Antennengewinn und Kanalkapazität führt. Damit ergibt sich nicht nur eine Erweiterung der theoretischen Grenzen von MIMO-Systemen, sondern auch neue Gesichtspunkte für die optimale Auslegung und eine erhöhte Attraktivität für deren praktischen Einsatz.

Quelle: http://www.ove.at/akademie/details.php?ID=943

Vortragstitel: 1) Aktuelles aus der Blitzforschung 2) Was bedeutet Blitzschutz heute? 3) Blitzwirkungen – Blitzunfälle
Vortragende: Dipl.-Ing. Dr. Gerhard DIENDORFER, Ao. Univ.-Prof. Dipl.-Ing. Dr. Stephan PACK, Dipl.-HTL-Ing. Gottfried KINDERMANN
Datum: 20.01.2009, 18:30-20:30 Uhr
Ort: TU Graz – HS E, 1. Stock Kopernikusgasse 24
Kosten: Die Teilnahme an dieser Veranstaltung ist kostenlos, um eine Anmeldung wird jedoch gebeten.

1) “Aktuelles aus der Blitzforschung” — Dipl.-Ing. Dr. Gerhard DIENDORFER

Viele Details der physikalischen Vorgänge bei der Entstehung von Gewittern und bei der Ausbildung der Blitzentladung selbst sind bis heute nicht geklärt. Einer der Hauptgründe dafür liegt in der schwierigen Messtechnik. Blitze mit einer Länge von mehreren Kilometern können in ihrer Gesamtstruktur im Labor nur ansatzweise nachgebildet werden. Messungen am realen Blitz können nur an Sonderfällen wie bei Turmeinschlägen oder raketengetriggerten Blitzen stattfinden. Verschiedenste Messungen in den vergangenen Jahren, wie auch die Blitzmessungen am Gaisberg in Salzburg, haben etwas mehr Einsicht in die Abläufe der Blitzentladung gebracht. In dem Vortrag wird ein Überblick über den internationalen und nationalen Stand der Blitzforschung gegeben.

2) “Was bedeutet Blitzschutz heute?” — Ao. Univ.-Prof. Dipl.-Ing. Dr. Stephan PACK

Atmosphärische Entladungen sind Bestandteil des Wettergeschehens und können nicht verhindert werden. Seit der Menschheit bekannt ist, dass es sich dabei um elektrische Erscheinungen handelt, werden Einrichtungen entwickelt, die vor den Gefahr bringenden Auswirkungen der Blitzentladungen für Mensch und Tier, aber auch für Objekte und Sachen schützen sollen. Daher wird in diesem Vortrag auf die prinzipielle Wirkungsweise des Blitzschutzes eingegangen und an Beispielen gezeigt, wie sich der Blitzschutz des 21.Jahrhunderts in die Gebäudestrukturen integrieren lässt. Mit Hinweisen über das richtige Verhalten bei drohender Blitzentladungsaktivität wird dieser Vortrag abgeschlossen.

3) “Blitzwirkungen – Blitzunfälle” — Dipl.-HTL-Ing. Gottfried Günther KINDERMANN

Die Auswirkungen von Blitzeinschlägen und Personenschäden durch Blitzentladungen werden von der Landesstelle für Brandverhütung in der Steiermark schon über einen längeren Zeitraum erfasst und ausgewertet. Blitzauswirkungen, die besondere Schäden anrichten oder Blitzschläge, bei denen Personen Schaden erleiden, werden vor Ort erhoben und dokumentiert. Eine aktuelle Auswahl der Blitzunfälle der vergangen Zeit soll im Vortrag darstellen, mit welchen Gefahren bei Blitzschlägen zu rechnen ist bzw. welche Schäden durch Blitzschläge verursacht werden können.

Quelle: http://www.ove.at/akademie/details.php?ID=904

I got a mail from Linux New Media telling me that they want me as jury member for the Linux New Media Award. The process is simple and for now they just ask me to send my nominations for the following categories:

• Outstanding Contribution to Open Source / Linux / Free Software
• Most Linux / Open Source-Friendly Hardware Vendor
• Most Innovative Open Source Project
• Best Open Source Contribution for Mobile Devices
• Best Open Source Programming Language
• Most Significant Contribution for Security in Open Source

I have some good candidates in mind already. Do you have any recommendations I should consider for inclusion? Please let me know.

Ein Windows-Tool zum Flashen einer Dreambox DM600PVR zu Verwenden ist klarer Stilbruch. Via TFTP wäre es vertretbar aber umständlich. Das geht viel einfacher wenn man die Dreambox übers LAN erreicht:

telnet $IP_OF_DREAMBOX
mount -o remount,rw /boot
rm /boot/*
reboot

Im Browser dann auf $IP_OF_DREAMBOX gehen und über den Punkt Firmware-Upgrade das gewünschte nfi-Image hochladen und wenn das abgeschlossen ist neu starten. That’s it.

Tipp: zuvor ein Backup via ‘cat /dev/mtd/$ID > /var/tmp/backup.img’ zu erstellen (für $ID siehe cat /proc/mtd) und per FTP zu sichern kann nicht schaden.

Die Funktionstasten (F1, F2,…) von Apple-Tastaturen erfordern je nach Modell das Drücken der Funktionstaste (fn), um unter Linux wie gewohnt zu funktionieren – wie es der Aufdruck auf der Tastatur auch schon andeutet. Dafür gibt es einen Workaround, Powerbook-Usern wird vielleicht das Stichwort pb_fnmode (/sys/module/hid/parameters/pb_fnmode) was sagen. Das war auf dem USB-Tastatur-Modell MB110D/A und Linux-Kernel 2.6.26 bei mir nicht notwendig. Da aber aufgrund mehrerer notwendiger Workarounds für Apple-Hardware der Code aus dem generischen HID-Layer in ein eigenes Modul namens hid-apple verbannt wurde, braucht es zumindest mit Kernel 2.6.28 eine spezielle Treiberoption, damit die Tastatur wie bisher funktioniert. Falls jemand das gleiche Problem hat:

echo 2 > /sys/module/hid_apple/parameters/fnmode

Dann muss man nicht fn-F1 drücken um das gewohnte Verhalten für F1 zu bekommen. 0 deaktiviert den fn-Hack komplett, 1 ist der Default und setzt es auf fkeyslast (Multimediatasten normal, mit gedrückter fn-Taste dann die Funktionstasten) und 2 aktiviert den fkeysfirst-Modus (Funktionstasten normal, mit gedrückter fn-Taste dann die Multimediatasten). Wer die Einstellung permanent machen will:

echo "options hid_apple fnmode=2" >> /etc/modprobe.d/apple-keyboard

The advent calendar started with a Zsh tip, let’s end the advent calendar session with a Zsh tip: globbing.

Globbing is like pattern matching. When running ‘ls *.txt’ you’re using globbing. But the globbing feature inside Zsh is much more powerful. Quoting the H-Glob function (“help globbing”) of grml’s Zsh configuration:

% H-Glob

    /      directories
    .      plain files
    @      symbolic links
    =      sockets
    p      named pipes (FIFOs)
    *      executable plain files (0100)
    %      device files (character or block special)
    %b     block special files
    %c     character special files
    r      owner-readable files (0400)
    w      owner-writable files (0200)
    x      owner-executable files (0100)
    A      group-readable files (0040)
    I      group-writable files (0020)
    E      group-executable files (0010)
    R      world-readable files (0004)
    W      world-writable files (0002)
    X      world-executable files (0001)
    s      setuid files (04000)
    S      setgid files (02000)
    t      files with the sticky bit (01000)

  print *(m-1)          # Files modified up to a day ago
  print *(a1)           # Files accessed a day ago
  print *(@)            # Just symlinks
  print *(Lk+50)        # Files bigger than 50 kilobytes
  print *(Lk-50)        # Files smaller than 50 kilobytes
  print **/*.c          # All *.c files recursively starting in $PWD
  print **/*.c~file.c   # Same as above, but excluding 'file.c'
  print (foo|bar).*     # Files starting with 'foo' or 'bar'
  print *~*.*           # All Files that do not contain a dot
  chmod 644 *(.^x)      # make all plain non-executable files publically readable
  print -l *(.c|.h)     # Lists *.c and *.h
  print **/*(g:users:)  # Recursively match all files that are owned by group 'users'
  echo /proc/*/cwd(:h:t:s/self//) # Analogous to >ps ax | awk '{print }'<

So as you can see the ‘.’ matches just the plain files. Execute ‘ls -la *(.)’ and I’m sure you get the idea. The lovely about this is that you’ll get a very powerful commandline if you combine globbing with according keybindings and the completion system. Want to list the ten newest files in the current directory? Run ‘ls -rl *(D.om[1,10])’ (or just ‘lsnew’ when using grml’s zsh configuration). This works remote as well! Just give it a try: copy the five most recent files from $HOME/incoming on $SERVER to your local disk running ‘scp $server:incoming/*(D.om[1,5]) .’.

Notice: Just press <tab> behind the pattern to expand it on the command line. Or if you prefer to see what the current pattern will be expanded to without actually expanding it right now on the prompt use the list-expand widget: press ‘ctrl-x g’ (when using emacs keybindings) or ‘ctrl-g’ (using vi bindings) when the cursor is directly behind the pattern.

If you’re interested in further information check out the official docs about globbing and the examples provided in the zsh-lovers manpage.

This was the last tip of I my advent calendar. I hope you enjoyed reading it.

Nagios is a well known and established Open Source Monitoring System. It’s flexible, easy to deploy and a tool every sysadmin should know how to deal with. I guess most readers of my blog use or at least know Nagios so I’ll keep this blog entry short. But one tip for sysadmins managing Debian systems:

# /usr/lib/nagios/plugins/check_apt 
APT OK: 0 packages available for upgrade (0 critical updates).

check_apt (being shipped as part of nagios-plugins-basic on Debian) is great if you don’t want to use apticron, cron-apt & CO but instead integrate system updates/upgrades into your monitoring infrastructure.

The console mail client mutt has some nice features and I noticed that even some long time users of mutt don’t use some of the most rocking features. What’s definitely worth knowing: patterns.

Want to display only mails sent from foo@example.org? Select the limit command to show only messages matching a pattern (bound to ‘l’ by default), enter ‘~f foo@example.org’ and press enter. That’s it. Now only mails sent from foo@example.org will be displayed in the index view. To show the currently active limit use the show-limit command (bount to esc-l by default). If you want to get rid of your current active limit view just use ‘all’ as the matching pattern.

Check out the docs for a list of available patterns. For example if you want to get rid of duplicate mails (based on their message id) just use ‘~=’ as the pattern. You can either tag the selected messages (using tag-pattern, keybinding ‘T’ by default) and delete the tagged messages then or directly invoke the delete-pattern (bound to ‘D’ by default).

Limiting and tagging in mutt using patterns really rocks, if you are using mutt you definitely should use these features.

I wrote about FAI for deploying systems a few days ago – but FAI might be too much overhead if you want to install just some few Debian systems and prefer to use a configuration system like puppet instead. Then using grml-debootstrap might be an option for you.

As you might know grml is a Linux Live-CD for sysadmins and texttool-users and debootstrap can be used to create a Debian base system from scratch. grml-debootstrap is a wrapper around debootstrap for installing plain Debian via grml easy and fast. Installing a small but working Debian system is as simple as invoking something like “grml-debootstrap –target /dev/sda1 –grub hd0 –groot hd0,0” and drinking a coffee in the meanwhile.

Why I mainly prefer to use grml-debootstrap instead of d-i (Debian installer) is that I can use a recent grml live system which gives me up2date kernel and userland supporting more hardware than a stable release of Debian usually does. (So I’m more flexible in installing the system. If the installed Debian/stable kernel might not work I can still update the kernel from the live system until it works.)

Check out the manpage of grml-debootstrap for further details.

I blogged about some tips for optimizing the workflow on the command line in my advent calendar already (like irssi backlog completion, Zsh keybindings and hashes in the zsh). When optimizing your workflow you should be aware of what exactly is eating up your time.

Start with evaluating your top 10 shell commands, in Zsh (what else should you be using?) by running:

print -l -- ${(o)history%% *} | uniq -c | sort -nr | head -n 10

Then consider creating aliases for the most commonly used commands. I for example use ‘s’ for ssh, ‘g’ for git, ‘S’ for GNU Screen,… (stuff provided in grml’s default Zsh config btw). Of course you should also make sure to use according mappings and abbreviations in other tools as well. Vim for example supports iab and imap. Several browsers support searching by keyword.

Disclaimer: It’s definitely OK if you aren’t interested in optimising every single step of your tools. But don’t waste your own time with stuff that annoys you.

One of the reasons why Zsh rocks so much is its completion system. Tab, tab, tab….

Using default Zsh without an useful configuration? Then start with loading the completion system:

autoload -U compinit && compinit

Now check out the completion system with tools that provide lots of options, like for example gpg and rsync. Then continue playing with tab completion using ssh/scp (make sure to use ssh-agent or ssh with option ControlMaster to avoid typing your password again and again…):

scp <tab>
scp user@<tab>
scp user@host:<tab>
scp user@host:/path .

BTW: running ‘ls /u/lo/b<tab>’ should list the content of /usr/local/bin.

Customising the completion system is possible using zstyle. For example to use colors inside completions use the following configuration snippet (assuming $LS_COLORS is set on your system, if not try running ‘eval $(dircolors -b)’):

zstyle ':completion:*:default' list-colors ${(s.:.)LS_COLORS}

If you want to write your own completion mechanism for a program start by exploring the existing completion functions (on Debian systems usually being available at /usr/share/zsh/functions/Completion/). You might consider writing a completion for a program which isn’t supported by Zsh’s completion system yet. You can get a list of those tools running:

check_comp() {
((! $+_comps[$1])) && print "$1 has no completion function yet"
}
setopt nonomatch
for f ($^path/*(:t)) check_comp "$f"

Find all the glory details about Zsh completion in the Completion System documentation, chapter 6 of the Zsh guide and the manpages zshcompctl, zshcompsys and zshcompwid. Notice that zshcompctl is the old style of zsh programmable completion, zshcompsys is the new completion system and zshcompwid are the zsh completion widgets. Several configuration examples are available in grml’s zsh configuration and the COMPLETION section of the zsh-lovers manpage.

Oh, and if you understand german I strongly recommend getting a copy of the book “Zsh – Die magische Shell”, it provide a nice introduction into the completion system.

grml-live is a buildsystem for generating a grml and Debian based Linux live system (CD/ISO). It’s based on FAI (I mentioned FAI a few days ago already) because its class concept provides a flexible infrastructure for building custom systems. grml-live uses squashfs-tools for building a compressed file (so you can get >2GB on a 700MB ISO) containing the chroot system.

As soon as you’ve a working build environment a grml-live command line might look as simple as:

# grml-live -s sid -a i386 -c GRMLBASE,GRML_MEDIUM,I386

Check out the webpage of grml-live for further usage examples and documentation.

ldapvi is an interactive LDAP client for Unix terminals. Using it, you can update LDAP entries with a text editor.

Start exploring it running:

ldapvi --discover --host $SERVER

If you have to deal with LDAP on the command line and want to use $EDITOR for editing: ldapvi is for you. :)

Configuration management tools provide the ability to abstract your requirements. For example you might be running your own (procedural) scripts – which could be even platform specific (igitt) – to add new users. Instead when using a configuration management tool you instruct the system in a (declarative) specification language to do so. This provides much better scaling and management so sysadmins have enough time left for coffee and reading news.

There are several configuration management tools out there. Check out the wikipedia article “Comparison of open source configuration management software” to get a short overview. There are so many to chose from – but the major ones (at least when looking around me) are cfengine, bcfg2 and puppet. All of them have their nifty features and drawbacks – but the one I’d like to present here is puppet. Puppet is written in Ruby, is a pretty fresh project (when compared to its competitors) and has a nice developer and user community. Prominent users of puppet are for example the SANS Institute, Redhat, Fedora and Google (managing their Mac and Linux desktops and laptops).

Quoting the project homepage:

Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, and files.

The author of puppet – Luke Kanies – states in his blog:

[…] I’ve always said if it takes you more than an hour to do something useful with Puppet, I’ve screwed up.

And getting started with puppet is really just a matter of a few minutes. So consider giving it a try.

BTW: I’m locking forward to meet Luke Kanies at the OSDC 2009 Conference. :)