Petr Sumbera's Weblog

One of the wifi networks I connect to with my OpenSolaris 2009.06 laptop provides wrong list of DNS servers. In order to get properly working Internet I need after connecting change content of /etc/resolv.conf. But you don't want to do such thing manually every time you connect.

At this situation I learned in nwadm(1) info about Profiles which perfectly solved my problem.

First I had to prepare script which will determine whether I have just connected to my problematic wifi (used BSSID is just an example):

$ cat /etc/nwam/ulp/check-conditions
#!/bin/sh
dladm show-wifi -o BSSID | grep 0:1:2:3:4:5 > /dev/null && echo bad-dns-wifi


Then I had to create "bringup" script for new "bad-dns-wifi" profile which will modify resolv.conf file. Again, IPs are just an exmple:

$ cat /etc/nwam/ulp/bad-dns-wifi/bringup
#!/bin/sh
echo "nameserver 1.2.3.4\nnameserver 1.2.3.5" > /etc/resolv.conf


Note: These interfaces can change in future as it's stated in above mentioned man page.

In OpenSolaris build 106 there were some important changes to bundled version of Tomcat:
- Tomcat was upgraded to version 6.0.18
- Tomcat was moved under SMF(5) control
- SMF executes Tomcat with "webservd" user credentials
- Tomcat started via SMF service can be configured to use privileged TCP ports (< 1024)
- Tomcat is now installed in different locations /usr/tomcat6 and /var/tomcat6
- New symbolical link /etc/tomcat6 to configuration directory /var/tomcat6/conf
- New man page tomcat(1M)

Starting Tomcat SMF service

Tomcat is shipped with default configuration file (/etc/tomcat6/server.xml) so it can be immediately started via:

# svcadm enable tomcat6

Status of Tomcat SMF service can be queried as follows:

# svcs tomcat6
STATE STIME FMRI
online 4:41:46 svc:/network/http:tomcat6

And finally Tomcat is stopped:

# svcadm disable tomcat6

Configuring Tomcat to listen on port 80

With default configuration Tomcat listens on TCP port 8080. You may need to change it to standard HTTP port 80 (and 443).

The port number is defined in /etc/tomcat6/server.xml as following:

Connector port="8080" protocol="HTTP/1.1"

This is especially nice if you want to use Tomcat alone without Apache Web Server.

Tomcat and HTTPS

Tomcat is using Java Secure Socket Extension (JSSE) for SSL HTTP implementation. Following are steps based on Tomcat ssl-howto which shows how to enable it:

Certificate key store creation:

# /usr/java/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /etc/tomcat6/keystore

Server configuration (/etc/tomcat6/server.xml) then need uncomment following section and to add in it "keystoreFile" and "keystorePass" attributes:

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="/etc/tomcat6/keystore" keystorePass="changeit"
clientAuth="false" sslProtocol="TLS" />

Running Tomcat as ordinary user

Even if OpenSolaris bundled Tomcat is primary meant to be controlled via SMF service and to be run with "webservd" user credentials, also other users can still use it.

For such a reasons there is CATALINA_BASE environment variable which specifies part of Tomcat directory structure which must be per Tomcat instance unique, contains server configuration and which is writable. Therefore user will first need to create such data. The easiest way is to copy it:

$ cp -r /var/tomcat6/ ~/tomcat

User can then start Tomcat as follows:

$ CATALINA_BASE=~/tomcat /usr/tomcat6/bin/catalina.sh start

And of course to stop it:

$ CATALINA_BASE=~/tomcat /usr/tomcat6/bin/catalina.sh stop

I did. And it wasn't on Atari as one would guess from paraphrasing one old commercial but really on OpenSolaris 2008.05.

In reality it was Windows game running via Wine 1.0rc1.

The game was Live For Speed S2 (LFS) which is reported in Wine application database as running very nice. And indeed it is...

Notes:

* The game was without sound as currently Solaris doesn't compile Wine with audio support out of box.
* You need to have accelerated graphics of course (I used nVIDIA Quadro FX 370).
* Screenshot was taken with desktop as kind of evidence but of course you can switch to full screen.
* After LFS installation I had to change current directory to LFS folder and start game like this:
cd ~/.wine/drive_c/Program\ Files/LFS; wine LFS.exe
* In order to compile Wine under OpenSolaris 2008.05 you will need Xorg development headers.
* For running it on Nevada you must be on or above build 85 (see also my previous blog entry).

Last Friday Wine community released Wine 0.9.60. As Wine 1.0 is approaching (see schedule) it would be nice to make some love to Wine on Solaris and check out how is Wine doing comparing to Linux (main Wine development platform).

For compilation you need to have i386 box and recent Solaris (I used Nevada build 83). And then do just usual stuff:

CFLAGS=-std=gnu99 ./configure --prefix=/opt/wine
gmake install

Notes:

- you need to have /usr/sfw/bin in your PATH (because of gcc)
- above CFLAGS are needed as workaround for #12008

There are only few things which prevent me to remove Windows from my laptop and use OpenSolaris exclusively on it. One of them is good application for photo managing and processing.

I use Zoner Photo Studio (ZPS) which is application for people like me. While I do like taking picture I'm not willing to do any complicated post processing in GIMP for just fixing red eyes or bad horizon. This kind of application lets me to do this and many more similar tasks within few intuitive clicks. Problem is that it's Windows application. So up till now I had to chose whether I want to work or manage/view my pictures. Changing between these tasks would eventually mean to reboot from one operating system to another.

And here cones Wine which is Open Source implementation of the Windows API for Unix systems. So, Why not to run ZPS using Wine? Wine was historically primary develped for Linux systems and few years ago when I tried to compile it for Solaris it wasn't possible. But now it compiles!

Configuration

Solaris Nevada (build 78)
Wine 0.9.52
Zoner Photo Studio 10 (build 7)

One rather minor compilation problem I had with Wine is described in following mail thread on OpenSolaris-discuss:

http://www.opensolaris.org/jive/message.jspa?messageID=191854#191854

Screen shot

Zoner Photo Studio is really running under OpenSolaris. Note that it's Czech version of ZPS.

Stability and usability

While screen shot of ZPS running on OpenSolaris looks very nice there are still some problems. The main problem I see is stability where whole application tends to crash because of X protocol errors [e.g: BadAccess (attempt to access private resource denied)]. There are also other rather minor problems like not receiving events from file system and thus not refreshing content of current directory.

Speed

Speed is very positive surprise for me. While some content redrawing after window resize is rather slow all others seems to be fast. If I say fast I mean really fast and probably faster then any comparable native application I have ever seen on Solaris.

To support this I have created kind of benchmark test. It was based on comparison of duration for JPEG file resizing using ZPS and graphical application bundled with Solaris. For test I used a directory with set of high resolution JPEG files (46 files with resolution up to 3456x2304 and total size of all about 146MB).

As native Solaris application I used convert command which comes with ImageMagick software suit. I tried to set comparable JPEG parameters as much as I was able. Finally there was still some difference because resulted files from ImageMagick were about 16% bigger then files from ZPS.

Following command was used to measure ImageMagick:

time find ZONER_SPEED/B/*.JPG -exec convert {} -sampling-factor 2x1 -quality 98 -resize 1280x853 {} \;

For ZPS I set equivalent parameters however time measurement had to be done manually (as for GUI application time command was useless).

Results were following:

ImageMagick 2m41.5s
Zoner Photo Studio 0m54s

It means that ZPS was almost three time faster!

Why is that? Probably ZPS code is more optimized (especially JPEG DLL used in ZPS against JPEG library in Solaris)?

Specific support for running under Wine

Interesting is also possibility to switch ZPS to special mode where it won't use some specific Windows resources (in this case Internet Explorer). This is done via creation of specific file in program directory (more info on this can be found on Zoner Wiki in Czech).

What can be better recommendation then?

http://mail-archives.apache.org/mod_mbox/httpd-dev/200801.mbox/%3c4786F18F.1020907@force-elite.com%3e

Living in center of Prague means constantly encountering tourists from all over the world. Not that it would mind to me at all. No, I feel proud about that and the only discomfort I have from it is when I'm hurrying somewhere and I get stuck in tourist traffic jam. But I was always wondering how is Prague with tourists against other cities. Since I didn't find any numbers elsewhere and since I'm dedicated FLICR user I decided to play with their search engine. Following list is top chart of twenty most pictured European capitals in 2006 (see bellow notes how I got these results).

Notes:

* I got these numbers by searching FLICKR for number of occurrence of all European capitals in tags of pictures (in ANY of all main languages and it's local name) which were uploaded during year 2006 (between 1st January 2006 and 31th December 2006).

* I searched for number of "posted" pictures during last year instead of number of "taken" pictures because these results remain the same. However it seems that searched numbers tend to differ between particular queries. But this difference is rather small (not bigger then about +/- 300) and it shouldn't affect results. Hey guys from FLICKR, what is wrong?

* These results don't directly express how were particular capitals popular between tourists.

* Please take all of above results as very private and that I have no responsibility for them.

Last three days I spent at Sun Tech Days in Prague. Solaris team in Prague prepared for this event four stands where we answered questions by attenders regarding OpenSolaris. We had stand for OpenSolaris installation, BrandZ, DTrace and Sun Rays. I was volunteering on BrandZ stand. Our presentation was mainly prepared by Vita Batrla and it consisted from several Centos zones using ZFS cloning feature. There were several nice discussions about it and virtualization at all. But I also attended several interesting talks at OpenSolaris track, plus hang about through congress center with its really nice views on Prague and took some photos:

You can see more pictures from this event in my flickr set.

See their announcement: Samba Team Asks Novell to Reconsider. Note that some key Samba developers are Novell employees.

In middle of September (18-21, 2006) Jiri Sasek and me attended this year Storage Developer Conference. Since one of our tasks in Sun is to maintain Samba server bundled with Solaris Operating System, this conference is important for us with its CIFS track and mainly CIFS/iSCSI plugfest.

The conference was organized by Storage Networking Industry Association (SNIA) and it was held in Doubletree Hotel in San Jose as last year, when we attended for the first time.

CIFS/iSCSI plugfest is meant as opportunity for various vendors to test their product within friendly and confidential environment. And that's what we did.

First day was rather affected by setting everything for later testing. This works were at least twice disrupted by Emergency evacuation when everybody had to leave the building. Some apologizing woman at doors said, it might have been caused by air conditioning system. I don't know, but at least I could take picture of some Samba core team members in day light.

Our testing environment was built on Sun Fire T2000 fully loaded with eight CPU cores (overall 32 processing threads) and 32 gigs of memory. We chose this sever, beside its popularity and its catchy sex appeal, mainly because we were planning to run several versions of Samba server at the same time using Solaris Containers (zones). I was positively surprised that while this computer belongs rather into server room it wasn't the most loud hardware at the plugfest. We had installed this system with Solaris 10 6/06 (aka update 2) and we were testing on it our latest version of Samba 3.0.23c (ADS support) and also latest developing version of Samba 4.

Side the CIFS track at the conference, it was not so rich as at last year event. This was little bit disappointment to me. There was only one afternoon dedicated for CIFS with following talks and finally "Chalk Talk":
- Exploring the SMB2 Protocol, Andrew Tridgell
- Multihead Samba Export using GPFS, Sven Oehme
- Update on CIFS Unix Extensions, Jeremy Allison and Steve French

Beside Samba team and other people from industry we could meet also some our CIFS colleagues from Sun. On CIFS plugfest it was mainly Afshin Ardakani torturing his NAS Storedge and on conference it was Pavan Mettu (aka Reddy) one member of our CIFS client team. I believe next year they will be testing our CIFS FS for the first time. However "torturing" CIFS client is in many ways more complicated then server and mainly you cannot use SMB torture tool.

Overall it was good opportunity to meet people and discuss issues and I am looking forward for next year event. Especially it might be very interesting if CIFS plugfest is held at Starbuck coffee as Andrew Tridgell joked at one point during his speech

Recent patches for Solaris 10 operating system newly enable Apache 2 Web Server ability to serve files larger then 2GB:

120543-06 Synopsis: SunOS 5.10: Apache 2 Patch
120544-06 Synopsis: SunOS 5.10_x86: Apache 2 Patch

This change can be also found in OpenSolaris since bulid 46 (Nevada SFW project).

Why am I mentioning this? Because you might bump into some problems when upgrading to this version without proper reading of patch README file.

According to information from official Apache web pages you might get feeling that larger file support for 32 bits binaries is available from version 2.2 only. But it's not true as you can find out from Apache 2.0 ChangeLog. It's is fully functional from version 2.0.53.

But to have large file support working you have to use proper compilation environment (see lfcompile(5)). This for Solaris OS means to define macro _LARGEFILE_SOURCE to be 1 and _FILE_OFFSET_BITS to be 64.

And here comes the problem. Since these definitions change size of off_t which is used by different Apache modules and since we didn't use these macros before, all third party Apache 2 modules must be recompiled with these macros to run correctly. If you don't do it, you will most likely see Apache 2 Web Server crash with segfault during its start.

So, please recompile your modules and if you cannot use apxs to build entirely your module, you can obtain proper macro definitions issuing following command:

/usr/apache2/bin/apxs -q EXTRA_CPPFLAGS
-DSOLARIS2=11 -D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64

Enjoy sharing your DVD images and other big files via our Apache 2 :-)

First you should know that Prague castle lighting is switched off every day at 1:30AM. Then you would understand I was little bit surprised when I saw on usually dark castle strange symbols (pentagrams) and slogans (It's legal to ...). I immediately took my camera and rush to take pictures. Well, maybe I was too in rush because quality of the pictures is not very good.

The other day I have learned that it was start of campaign of one political party before election in June. Who would guess it...

Ok, it's little bit late, but why not to mention this. Last week there was seventh CZOSUG meeting with two presentations. First was about Sun Grid Engine. It was done by Lubos Kosco (sorry Lubos, I didn't manage somehow to take picture with you) and Martin Man. Btw, they showed us their small "red" grid in action.

The other presentation by Frank Hofmann was about writing OpenSolaris filesystem drivers. This time everything was recorded and you can watch it or lesson to audio record.

In my last blog entry I mentioned I was in Kenya. After more then one week going through pictures I took there I have them ready on internet.

My Kenya set on Flickr

There are quite a lot of pictures. So, only few samples. Please note the last but one photo and the logo on the car. It's pity I haven't seen there any Solaris logo. I think we should consider Kenya and Africa itself. Africans are also surfing the net, sending SMS and overall doing things like everywhere else...