OSS

You are currently browsing articles tagged OSS.

Strange Error with Firefly Media Server, iTunes, and Avahi

Saturday, May 23, 2009 in Linux, Macintosh, Networking by slowe | 1 comment

Over the 2008-2009 holiday season, I rebuilt my home network. I included the notes and information from my home network rebuild in an article that described the Mac OS X-Ubuntu integration resulting from the rebuild. Since that time, I’ve added a larger hard drive to the home server to make more room for Time Machine backups, movies, music, and other files. Things seemed to be working very well. Until the other day…

My wife made an offhand comment that she couldn’t access the shared music library from her laptop. I tested the connection and, sure enough, every time I clicked the shared library icon it simply disappeared. No error, no warning, no entries in any log files…it just disappeared. I searched the Windows event logs, and I searched the log files on the Ubuntu server downstairs. Neither computer had any entries whatsoever that provided any insight as to why this one computer would not connect to the shared music library.

Being the geeky troubleshooter that I am, I attempted to replicate the problem on some of the other computers on the network. My MacBook Pro worked fine. Three other Windows laptops on the network, running the same version of Windows (Windows XP Professional) and the same Service Pack revision, also worked fine. The problem seemed to be isolated to her computer. Perhaps it was only when she was on the wireless network…nope, the same problem regardless of the network connection.

I upgraded iTunes to the latest version. That didn’t work. I disabled the Windows Firewall on her computer. That didn’t work. I made sure that no traffic was being blocked by the firewall on the Ubuntu server; no traffic was being blocked. In other words, that didn’t work. I was about to give up and just write it off as one of those strange aberrations that couldn’t be resolved and chalk it up to Windows.

Then I stumbled onto this site. I’d already created a daapd.service file for Avahi to use previously, but this site described some additional entries in the daapd.service file that I didn’t have. I made some edits, based on the information on the site, and here’s the daapd.service file I had for Avahi:

<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM “avahi-service.dtd”>
<service-group>
<name replace-wildcards=”yes”>Home Media Server</name>
<service>
<type>_daap._tcp</type>
<port>3689</port>
<txt-record>txtvers=1</txt-record>
<txt-record>iTSh Version=131073</txt-record>
<txt-record>Version=196610</txt-record>
</service>
</service-group>

After changing the daapd.service file to the version listed above, I restarted Avahi. Upon the shared media server re-appearing in iTunes, I clicked on it and…drum roll please…it worked! The previous version I had been using did not have the txt-record entries, and I really have no idea why adding the txt-record entries suddenly made my wife’s iTunes connect properly. I suppose it doesn’t matter why it works, it just matters that I FIXED IT! (ePlus engineers who attended our NSM this year will get this joke.)

Still, in the event you’re running into the same issue—a Windows installation of iTunes that fails to connect to a shared music library running on Firefly Media Server—then perhaps updating your Avahi configuration will correct the problem.

Tags: , , , , , ,

OpenVPN and mt-daapd

Friday, December 26, 2008 in Linux, Macintosh by slowe | 2 comments

I have a system at home with an “older” Linux distribution for mundane tasks like DHCP and content filtering on my broadband connection (no need for the kids to see something they shouldn’t be seeing, if you know what I mean). I’ve thought frequently about rebuilding it with a newer distribution, perhaps Ubuntu, but—to be perfectly honest—I’m just too lazy. It generally just works, and overall doesn’t require a great deal of care and feeding.

One of the various things this server does is run mt-daapd (now called Firefly Media Server, I believe)—basically it’s an iTunes server. I dump copies of the MP3’s generated when I rip a CD onto a mount point on this server, and anyone in the house with iTunes can connect and listen to them. They can’t copy them or sync them to their iPod, but they can listen to them. Since the kids and I share some similar tastes in Christian contemporary music, it works out well.

After being rather impressed with the Viscosity OpenVPN client and OpenVPN in general, I also setup OpenVPN on this Linux home server for those instances when I need to connect to my home network for some reason. I’ve only needed to use it a couple of times, but it’s worked great thus far.

While setting up some older laptops for the kids (one of their Christmas presents this year), I ran into an instance where iTunes for Windows wouldn’t connect to the shared music library on my Linux server. The problem seemed sporadic, and seemed to be somewhat limited to the Windows laptops I was setting up; I was still able to connect from my MacBook Pro. About the same time, one of my younger kids came up and told me that the Mac mini downstairs wouldn’t connect to the shared music library, either. Hmmm, something was going on.

Restarting the mt-daapd daemon didn’t change anything, nor did disabling the Windows Firewall on the laptops. Turning off the firewall on the Linux server didn’t change anything, either. I started to dig in a bit deeper then, and after a short while realized that Bonjour—which is used by iTunes to discover shared music libraries on other systems—was somehow picking up the wrong IP address. But where was this address coming from?

It didn’t take long after that to figure out that mDNSResponder on the Linux server was broadcasting the IP address of the server’s tun0 interface, which is used by OpenVPN. Because of various routing issues and limitations, this range of addresses isn’t reachable by the home LAN; hence, failures to connect to the mt-daapd server.

The fix, in my case at least, was to modify the /etc/init.d/mDNSResponder script to add the “-i eth0″ parameter to the command that started mDNSResponder. This forced mDNSResponder to broadcast only the IP address of eth0, the server’s primary Ethernet interface. Two changes needed to be made to the file:

  1. First, the “-i eth0″ needs to be added to the line that defines the variable $OTHER_MDNSRD_OPTS.
  2. Second, double quotes have to be added around the command that actually launces mDNSResponder using the runuser command. Otherwise, the parameter to mDNSResponder is interpreted as a parameter to runuser and causes an error.

Once I made these changes and restarted both mDNSResponder and mt-daapd, all the systems were able to connect to the shared music library without any further issues. Problem solved!

Tags: , , ,

Viscosity, a Mac OpenVPN Client

Wednesday, November 19, 2008 in Linux, Macintosh, Networking by slowe | 6 comments

So, I’ve been searching for a good way to establish connectivity to the lab at my office for a while. My first attempt was to work with one of our CCIEs at the office to establish an IPSec-based VPN against a Cisco router at the edge of the lab network, but despite our best efforts we couldn’t get the IPSec VPN client I was using, IPSecuritas, to connect and authenticate. No amount of fiddling would make it work.

We finally gave up on that and instead I went with an OpenBSD box to which I could establish an SSH session and then tunnel traffic from there. That worked reasonably well, especially after I discovered the GNU Screen utility. Talk about a handy little tool! Anyway, I continued using the SSH gateway for quite some time and I had resigned myself to living with the limitations.

Then a co-worker from the office casually mentions that he’s set up a Linux-based OpenVPN server on another subnet in the lab (we have a range of different subnets for different engineers in the lab). He, too, is a Mac user, but still running Mac OS X 10.4 on an older 13″ PowerBook G4 and using the Tunnelblick OpenVPN client. I thought to myself, “Hey, this might actually work!”

Alas, some additional research indicated that Tunnelblick had some stability problems under Leopard, which I’m running on my MacBook Pro. Bummer! I continued to research the issue but didn’t bother trying to use the OpenVPN server until just a couple of weeks ago when I uncovered Viscosity.

Viscosity is a shareware, Leopard-only OpenVPN client. It supports Growl notifications (which I very much like) and operates as a simple menu icon that easily allows you to connect or disconnect individual connections. Owing partially to how OpenVPN works, Viscosity uses (and includes) a TUN/TAP driver for OS X and creates a new TUN/TAP interface for every connection. This makes routing much easier and much more logical, in my opinion.

I’m so pleased with OpenVPN thus far, in fact, that I’m going to be setting up my own OpenVPN server here at the house.

My experience thus far has been quite positive. If you are looking for a good OpenVPN client for your Mac, Viscosity would be an excellent choice. At only $9 for a license, it’s well worth it.

Tags: , , , , ,

Who Didn’t See This Coming?

Monday, May 14, 2007 in Microsoft by slowe | 3 comments

Network World published today that Microsoft is reportedly seeking royalties on the distribution of open source software that supposedly violates 235 patents.  Now tell me, who didn’t see this coming?  With the recent Novell-Microsoft pact, it became much clearer to me that Microsoft was preparing for outright war against the open source community, and now it appears that is very likely the case.

The Network World article is based on an interview from Fortune magazine (available here via CNN/Money) in which Microsoft officials, including Brad Smith (Microsoft General Counsel) and Horatio Gutierrez (licensing chief?), discussed their plans for getting FOSS (free/open source software) users to pay royalties on violations of no less than 235 Microsoft patents.  (By the way, I strongly recommend you read the full Fortune article.)

Now, it may be true that Microsoft won’t actually sue FOSS users or developers, as indicated here or here.  I certainly agree that it would be monumentally stupid for Microsoft to start suing its own customers, and it makes sense that Microsoft distributing SuSE Linux coupons makes it a Linux distributor and therefore subject to the GPL themselves.  However, after Microsoft skated out of the antitrust violations essentially unharmed, I’m not convinced that the FOSS community is as well-protected as they might think.  I hope that they are, but I’m not entirely convinced yet.

I’ll tell you one thing:  This most certainly reverses a great deal of the goodwill that Microsoft had been generated with the FOSS community and FOSS users, and it drives many users to stop using Microsoft products altogether.  I don’t consider myself a Microsoft basher, and have on many occasions openly welcomed many pieces of Microsoft software because, quite honestly, they were the best available.  I can’t say that I’ll be quite so open to Microsoft now, especially personally.  (Anyone care to recommend a high-quality replacement for Microsoft Office on Mac OS X?)  If nothing else, Microsoft has definitely succeeded in creating a larger amount of bad press, ill will, and mistrust.

There’s a lot of discussion going on around the Internet on this topic; here are just a few links:

I also strongly recommend that you read the Groklaw article on this turn of events as well.

Tags: , ,

SSHjail in Centralized Environments

Wednesday, April 25, 2007 in Linux, UNIX by slowe | 1 comment

The idea of chrooting (or jailing) certain security-sensitive services is a well-known and pretty well-accepted method of protecting systems against further compromise in the event of a security breach.  BIND is commonly run in a chroot jail, as can be Apache HTTPD or an FTP server.  SSH is another common target for running in a chroot jail, and SSHjail is a patch designed to simplify the process of running OpenSSH in a chroot jail.  (UNIX die-hards, please forgive me and correct me if I am mistakenly interchanging “chroot” and “jail”.)

I was alerted to SSHjail via this article on Linux.com, and it certainly appears that SSHjail greatly simplifies the process of running OpenSSH in a chroot jail.  What interested me more than the configuration or use of SSHjail (which, as I mentions, looks pretty straightforward—kudos to the developer) was the question, “Could SSHjail be used in centralized authentication environments?”

Perhaps due to my work in Linux/UNIX-Active Directory integration, but the idea of using SSHjail initially seemed to be at odds with an environment where users are being authenticated via Kerberos/LDAP against Active Directory.  After all, the home directory would normally be specified on the user object’s properties in AD, so how would that interact with the home directory configuration specified in the /etc/sshjail.conf file?  Is SSHjail so transparent that it won’t matter?#160; For example, if I specify that “/home/slowe” is the UNIX home directory in AD, and SSHjail is configured to put me into a jail at “/chroot/ssh/”, do I need to then change the UNIX home directory in AD?  The article seems to imply that it does, as it mentions editing local users to specify a new home directory location.  How, then, do we handle disparate systems where SSH may be jailed on some and not on others?

<aside>Of course, this brings back up the question of how to handle different operating systems, such as Solaris and Linux, that (by default) place home directories in different locations on the file system or in different file systems.</aside>

Any feedback or clarification from Linux/UNIX experts out there is welcome.  It would be great to be able to include information on how to utilize SSHjail in conjunction with AD integration.

Tags: , , , ,

Cocoalicious Development Restarted

Tuesday, April 17, 2007 in Macintosh by slowe | No comments

This is really exciting news.  Development on Cocoalicious, the Mac OS X native application that front-ends del.icio.us, has started back up again.

I’ve blogged many times about Cocoalicious (starting as far back as June of 2005) and how much I enjoy using the application to manage my del.icio.us bookmarks.  I was really disappointed that development had stalled, and had even started searching for replacements to the application.  Fortunately, it looks like the new developer (who is working with the original author, not replacing him, from what I understand) is already seeking feedback and ideas for future versions.

Personally, I’m pretty thrilled with the application as it is, and have only one feature request:  please, please, PLEASE drop the brushed metal interface.  Or at least offer us an option to toggle back and forth.  I’d love to see a fresh new UI like that used by Mail.app or NetNewsWire, with the tags in a pane on the left and your bookmarks listed on the right, and a divider (like the one used now) to open, close, or resize the built-in browser.  Combine that with a new, modern unified toolbar (not Mail.app’s lozenges, please!) and perhaps incorporate some of the tag UIs that have been proposed (like this one), and you’ve got yourself one killer del.icio.us client.

Tags: , , ,

Open Source Virtualization Thoughts

Thursday, April 5, 2007 in Virtualization by slowe | 3 comments

Edward Aractingi started it all back on March 20 when he blogged about why VMware should open source ESX Server.  Tarry Singh then weighed in on the matter from his weblog.  Both men make very good points on the matter.

It’s true that there is a lot of virtualization work being done in the open source community.  We have the Xen hypervisor, now capable of hosting unmodified guest operating systems through the hardware-assisted virtualization support of the newest Intel and AMD CPUs; we have the inclusion of KVM in the Linux kernel and the addition of VMI into the next stable kernel; and projects such as OpenVZ thriving as well.  That’s a lot of activity going on around virtualization and virtualization-related technologies.  And, while it’s most definitely not open source, we also must consider the impact of “Viridian,” Microsoft’s hypervisor to be release shortly after Windows Server 2007 (aka “Longhorn”).

The real question comes to this:  will open source commoditize the hypervisor?  If you agree that the introduction of open source hypervisors such as Xen will commoditize the hypervisor, then VMware’s future needs to lie with other technologies, such as the management layer and value-added functionality such as live migration (VMotion), dynamic load balancing (VMware DRS), and high availability (VMware HA).  In that scenario, VMware would be better served to open source the ESX Server code and allow the community to drive development of the hypervisor itself.  I think that’s a viable model, one that has been embraced by other organizations with varying degrees of success.

If, on the other hand, you don’t think that the hypervisor will become a commodity, then the idea of open sourcing ESX Server doesn’t really hold a lot of value.  Why release your competitive advantage?  Instead, you continue to develop the hypervisor and add features and functionality to it to differentiate it from the competitors.

What do you think?  Will the hypervisor become a commodity?  I think it’s a bit too early to tell.  Open source aficionados point to the success of Linux and tell you that the OS is becoming a commodity, but look at the reality of the sales numbers for Windows Vista.  Perhaps the OS is becoming a commodity, but has anyone bothered to tell people buying Windows Vista?  Linux has had years to make “the proprietary OS history”, and is only now starting to really have an effect.  Will open source virtualization efforts take the same time?  If so, VMware has plenty of time to decide the course of action to take.  In the meantime, I think that VMware has done a reasonably good job of blending open source code, proprietary technologies, and published standards into their products.  If they can continue to find the right balance between these often contradictory positions, I think they’ll continue to be successful.

Tags: , , ,

VirtueDesktops to Cease Development

Sunday, March 18, 2007 in Macintosh by slowe | No comments

When I first started using virtual desktops with Mac OS X, I went through a couple of different iterations before settling on an application called Virtue (later to be renamed VirtueDesktops). Although it took some time to get used to the idea of not having a desktop pager window always present, the hotkey for popping up VirtueDesktops’ translucent pager became almost as ingrained in my fingers as the hotkey for Quicksilver (note I said “almost”).

After a near death experience around the release of Tiger, VirtueDesktops progressed steadily until just last week, Tony Arnold announced that he was ceasing the development of VirtueDesktops. I can understand his position; with Spaces set to debut in Leopard, it’s difficult to justify the continued development of a virtual desktop application. Given that VirtueDesktops is an open source application, though, there’s hope that another developer will pick up the source code—much like Tony did himself after Virtue was abandoned by the previous developer—and continue the project.

I mostly stopped using VirtueDesktops after switching to my MacBook Pro. I guess the problems that the application experienced during the transition to a Universal application scared me away from it, and it’s only been recently that I started using it again on occasion. Since then, I’ve gotten used to using Exposé to manage windows instead of spreading them around multiple desktops, and I don’t know if I’ll ever switch back on a full-time basis. Nevertheless, I appreciate Tony and his hard work on the application, which served me very well for quite some time. I wish Tony the best of luck in his future projects and I hope, for the sake of other VirtueDesktops users, that one or more talented developers will take up the mantle and continue development.

Tags: ,

Trying Quicksilver

Sunday, July 16, 2006 in Macintosh by slowe

This makes the third or fourth time I’ve tried to get into using Quicksilver.  I’m OK with the whole pop-up bezel interface, since that’s the interface that VirtueDesktops, my virtual desktop application, uses.  (The author of VirtueDesktops freely admits that he was inspired to create his interface based on Quicksilver’s interface.)  Don’t get me wrong—Quicksilver (just “QS” from now on) is a great application, and it has loads of very useful functionality.

For example, here are a couple of the things that I love about QS:

  • With QS, you can access Address Book information without having to launch Address Book.  You can type a few characters of a contact’s name and there it is, and there are actions accompanying it that allow you to send an e-mail to that contact.  You can’t do that with Spotlight.
  • QS is extensible, allowing you to attach user-written AppleScripts to add functionality to the application.  In addition, QS supports an system of plug-ins to add features or to add new interfaces, such as their Flashlight interface (based on the Spotlight interface).
  • The bezel interface is pretty cool.

Somehow, though, even given the nifty and pretty handy things that you can do with QS, I just can’t get with it.  I can’t integrate it into my workflow.  I can’t get into the handy of invoking QS to do what I’m trying to do.  I suppose I need to give it much more time than I am giving it; I’ve heard it said that you need to give it a week or more of using it before you get used to it.

Any QS users out there?  If you’ve got any tips on getting “used” to QS, on how to integrate QS into your workflow and your modes of operation, I’d really appreciate it.  I believe that QS could be a powerful tool to help make me more productive, but I’m just having a really hard time getting the hang of it.

Tags: ,

Mounting ISO Images in Linux

Friday, June 30, 2006 in Linux by slowe

Here’s another incredibly simple task that one often needs to perform when using Linux:  mounting an ISO image.  The problem is, I so very rarely do this that I forget the exact switches to use.  So, to avoid that problem in the future, I’m posting the information here for future reference.  Even if no one else finds it useful, at least I’ll know where to look next time I need to do this.

To mount an ISO file, use the following command:

mount -t iso9660 -o loop /path/to/image.iso /mount/path

I know, a very simple command and one that Linux veterans around the world have probably used a million times over.  Like I said, when it’s not something that you do every day, it’s easy to forget it.  (Especially when your brain is busy trying to process other new information…)

Tags: ,

« Older entries