Dublin, CA
Somewhere in Dublin, CA


Somewhere in Dublin, CA
# tar -tjf portage-latest.tar.bz2 | wc -l 130502 # tar -tjf stage3-amd64-2008.0.tar.bz2 | wc -l 40362 # df -i . Filesystem Inodes IUsed IFree IUse% Mounted on /dev/hda1 125184 125184 0 100% /mnt/gentooRecreating the filesystem with mkfs.ext3 -b 1024 -i 1024 did help. Gentoo ships with /etc/mke2fs.conf where these defaults were taken from. While these may make sense for today's systems, they were just too large for my Xen test domain.
Only now I came across the following problem:
cmd1 | cmd2; echo $?...where I'd like to have the errorcode of cmd1. I did not even expect that this issue was indeed so very common and documented. The solutions are even shell-specific, in short: * For bash or zsh, use $PIPESTATUS[n], resp. $pipestatus[n] * For any other shell the solution is way more complicated, but not impossible. See the FAQ again for all the gory details.
# time pbzip2 -c wordlist.txt > wordlist.txt.bz2 real 41m53.295s user 67m17.972s sys 5m38.981s # time 7z a -m0=lzma -mx=9 -mfb=64 -md=32m -ms=on wordlist.txt.7z wordlist.txt real 525m35.861s user 446m31.866s sys 32m20.861s # ls -lhgo total 31G -rw------- 1 25G 2008-12-16 00:55 wordlist.txt -rw------- 1 776M 2008-12-17 01:09 wordlist.txt.7z -rw------- 1 5.0G 2008-12-16 08:46 wordlist.txt.bz2....'nuff said.
As other folks already found out, use this to disable the 3D dock introduced in Leopard:
defaults write com.apple.dock no-glass -boolean YES && killall DockComing up: how to disable the need to blog every friggin' shell snippet without taking any medicine!
alice$ ifconfig en0 | awk '/inet / {print $2}' | xargs whois | grep NET Comcast Cable Communications, Inc. EASTERNSHORE-1 (NET-24-0-0-0-1) Comcast Cable Communications BAYAREA-9 (NET-24-4-0-0-1)Yes, it's true - I've signed with the one ISP I wanted to avoid in the first place. And no, getting an internet connection around here is no fun: it's awkward (a 30min. chat session with some hotline monkey just to get my order through?) and expensive: 42 USD for 6Mbps? Come on. "with scorching speeds up to 4 times faster than 1.5 Mbps DSL" - what? Oh, and for $ 66,95 one can order the Blast! package, with speeds "up to 16Mbps", with a magic "Powerboost" feature: "PowerBoost provides bursts of download and upload speeds for the first 10 MB and 5 MB of a file, respectively". Dude, wtf? Unfortunately the competition is no better: you have to subscribe to an High Speed Internet Elite package to get 6Mbps, for 33 USD a month. However, DSL is not available at my place, so I have to stick to the one and only cable provider servicing this area. Welcome to the silicon valley. On the plusside: 5 days after I signed up, I was online - pretty impressive, compared the adventures one has to go through back home. Oh, and winter has finally arrived, I even had to scratch hoarfrost off the car tonight - brrr. So much for global warming. Good job, Greenpeace :-\ Oh, another thing: I was provided with a DOCSIS 2.0 certified cable modem, assigning the public IPv4 address to the connected device. Which is kinda neat: now we don't have a strange NAT blackbox in our way to do "stuff" :-) However, since configuration is done via DHCP, the hostname is modified too. With MacOS 10.4 and /etc/hostconfig still being used, we can avoid that by setting HOSTNAME="foo". So, it's basically dhclient's supersede option in Apple speak :)
As there are no existing TrueCrypt for GNU Linux/Sparc, we had to do this ourselves. However, the buildprocess is not pretty and for some reason one just *has* to build all that wxWidget stuff, although I don't intend to manage crypto devices with my mouse, sigh. Oh, and there were quite a few build errors but thanks to Kano we finally succeeded. Here it goes, the whole shebang for TrueCrypt-6.1a:
# apt-get install libfuse-dev pkg-config # mkdir /usr/local/include/pkcs11-v2-20 # cd /usr/local/include/pkcs11-v2-20 # for i in pkcs11.h pkcs11f.h pkcs11t.h; do \ wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/$i; done # for i in `pwd`/*h; do (ln -s $i /usr/include); done # cd /usr/local/src # wget http://prdownloads.sourceforge.net/wxwindows/wxWidgets-2.8.9.tar.bz2 # tar -xjf wxWidgets-2.8.9.tar.bz2 # cd ~/dev/truecrypt-6.1-source # make NOGUI=1 WX_ROOT=/usr/local/src/wxWidgets-2.8.9 wxbuild # make NOGUI=1 WXSTATIC=1 [....hours later on this box....] # file Main/truecrypt Main/truecrypt: ELF 32-bit MSB executable, SPARC, version 1 (SYSV), dynamically linked (uses shared libs), strippedNote: it's really important to get v2.20 of the PKCS11 header files, the current version did not work. Also, Debian/Etch comes with libwxgtk2.[46]-dev - the build failed and I really had to get the 2.8 version. Update: Although the build worked, truecrypt doesn't. Rebuilding with DEBUG=1 DEBUGGER=1 NOSTRIP=1 made gdb(1) spit out all the gory details:
stanley# gdb /usr/local/sbin/truecrypt GNU gdb 6.4.90-debian This GDB was configured as "sparc-linux-gnu"...Using host libthread_db library "/lib/v9/libthread_db.so.1". (gdb) run --create /dev/loop0 --encryption=AES --filesystem=fat \ --hash=ripemd-160 --keyfiles=/root/stanley.key \ --protect-hidden=no --volume-type=normal \ --random-source=/dev/urandom Starting program: /usr/local/sbin/truecrypt --create /dev/loop0 \ --encryption=AES --filesystem=fat --hash=ripemd-160 \ --keyfiles=/root/stanley.key --protect-hidden=no \ --volume-type=normal --random-source=/dev/urandom [Thread debugging using libthread_db enabled] [New Thread 16384 (LWP 32604)] Enter password: WARNING: Short passwords are easy to crack using brute force techniques! We recommend choosing a password consisting of more than 20 characters. Are you sure you want to use a short password? (y=Yes/n=No) [No]: y Re-enter password: Program received signal SIGBUS, Bus error. [Switching to Thread 16384 (LWP 32604)] 0x001598c8 in TrueCrypt::Endian::Big (x=@0x3a9df4) \ at /root/truecrypt-6.1-source/Platform/Memory.h:99 99 return x; (gdb) bt #0 0x001598c8 in TrueCrypt::Endian::Big (x=@0x3a9df4) \ at /root/truecrypt-6.1-source/Platform/Memory.h:99 #1 0x00168e08 in TrueCrypt::EncryptionTest::TestXtsAES () \ at EncryptionTest.cpp:429 #2 0x0016bd30 in TrueCrypt::EncryptionTest::TestAll () \ at EncryptionTest.cpp:24 #3 0x000c57e8 in TrueCrypt::VolumeCreator::CreateVolume \ (this=0xfff55078, options=@0xfff555e0) \ at VolumeCreator.cpp:179 #4 0x00058434 in TrueCrypt::TextUserInterface::CreateVolume \ (this=0x4c43f8, options=@0xfff55888, randomSourcePath=@0x5395ac) \ at TextUserInterface.cpp:769 #5 0x0007efa8 in TrueCrypt::UserInterface::ProcessCommandLine \ (this=0x4c43f8) \ at UserInterface.cpp:973 #6 0x00048ed4 in TrueCrypt::TextUserInterface::OnRun \ (this=0x4c43f8) \ at TextUserInterface.cpp:1141 #7 0x002bd634 in wxEntry (argc=@0x4a9510, argv=0x4b3948) \ at /usr/local/src/wxWidgets-2.8.9/src/common/init.cpp:460 #8 0x002bd774 in wxEntry (argc=@0xfff55c14, argv=0xfff55c94) \ at /usr/local/src/wxWidgets-2.8.9/src/common/init.cpp:472 #9 0x000ada54 in main (argc=10, argv=0xfff55c94) at Unix/Main.cpp:84 (gdb) bt all No symbol "all" in current context.Hm, but even running truecrypt --test was showing the same behaviour: TestXtsAES just fails to work. However, when trying to create the volume with another cipher, it still crashes at TestXtsAES, because VolumeCreator::CreateVolume always calls EncryptionTest::TestAll before actually creating the volume. Commenting out this call in VolumeCreator.cpp:179, recompiling and trying to create the volume with the Twofish cipher gives:
Program received signal SIGBUS, Bus error. [Switching to Thread 16384 (LWP 7980)] 0x001c508c in RMD160Transform (digest=0xffcfc730, data=0xffcfc6ef) \ at ../Crypto/Rmd160.c:192 192 X[i] = LE32 (data[i]); Current language: auto; currently cWow, now it fails at the hashing algorithm. When using SHA-512 instead of ripemd-160, it still crashes:
Program received signal SIGBUS, Bus error. [Switching to Thread 16384 (LWP 7991)] 0x0019ea6c in TrueCrypt::VolumeHeader::SerializeEntry...and that's it. Still SIGBUS for truecrypt, and -ENOSKILL for me, for not knowing C++ at all. Looks like truecrypt just wasn't meant to be run on big endian platforms. Damn.\ (this=0x516df0, entry=@0xffde8840, header=@0xffde8960, offset=@0xffde8850) \ at VolumeHeader.cpp:286 286 *reinterpret_cast \ (header.Get() + offset - sizeof (T)) = Endian::Big (entry);
Ah, benchmarks - what else would we spend our CPU cycles on anyway? Quite a long time ago I was surprised to see that awk was so much slower than grep. This was a long time ago and I don't remember all the details, but there was sort involved too, and it was GNU/grep vs. Solaris/awk, IIRC. Anyway, here's what I did just now:
# ls -lhgo du.all; wc -l du.all -rw-r--r-- 1 2.2M Jan 7 17:26 du.all 23773 du.all # time sort -n du.all | grep -v /home > /dev/null real 0m8.939s user 0m8.920s sys 0m0.010s # time grep -v /home du.all | sort -n > /dev/null real 0m25.694s user 0m25.670s sys 0m0.010s # time awk '!/\/home/' du.all | sort -n > /dev/null real 0m0.622s user 0m0.620s sys 0m0.010sYes, the sort(1) is not even relvant here, it's really grep(1) taking so long. There's a --mmap switch to grep, promising better performance and sometimes coredumps, neither of both happened. This was done with GNU sort-4.5.3, GNU Awk 3.1.1, GNU grep 2.5.1. Oh, yeah - these may have been "current" versions back in ~2002 :)
There's a howto disable Spotlight for OS 10.4; for OS 10.5 it's a a bit different, as /etc/hostconfig is about to go away. In short:
$ sudo launchctl unload /System/Library/LaunchDaemons/com.apple.metadata.mds.plist To disable it permanently, type this instead: $ sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.metadata.mds.plist To enable Spotlight type the following and press Return: $ sudo launchctl load /System/Library/LaunchDaemons/com.apple.metadata.mds.plist To enable it permanently, type this instead: $ sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.metadata.mds.plistSomeone else suggested to disable even more:
$ sudo launchctl unload -w /System/Library/LaunchAgents/com.apple.Spotlight.plist $ sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.metadata.mds.plistHm, doing all that makes Spotlight stop indexing, but it's still running, and it respawns upon kill(1)....