Neural Advance

This article looks at how to install XFCE 4.8 on Arch Linux. I assume that you have a clean install of Arch Linux. If you do not you may already have some of the packages installed but it won’t hurt to follow the instructions exactly as shown.

The first task is to configure Arch Linux using the official installation manual which is excellent. I won’t be covering anything that is included in the installation guide as the provided documentation is already good enough.

Once you have finished with the initial configuration of Arch Linux we should move on to installing the requirements. We will be using SLiM as our login manager as that is nice and lightweight.

Run the following command to install all the requirements to get XFCE up and running:

pacman -S xfce4 ttf-liberation xorg-server dbus slim

you will also need to install the correct graphics drivers for your card. The following are the likely options:

xf86-video-ati
xf86-video-nvidia
xf86-video-intel

so install the correct one for your system like so:

pacman -S xf86-video-ati

now that is done you simply need to copy /etc/skel/.xinitrc to your home directory (and for all the other users you wish to be able to login using SLiM) like so:

cp /etc/skel/.xinitrc ~/.xinitrc

and uncomment the following line:

# exec startxfce4

so that it looks like this:

exec startxfce4

if the line does not exist in the file then simply add it to the bottom of the file and make sure that all other exec lines are commented out.

Now all you need to do is add dbus and slim to your list of daemons by editing /etc/rc.conf like so:

DAEMONS=(... dbus slim)

it is vital that dbus and slim are the last two entries in the daemons list. Simply restart your computer and you should be able to login to your new XFCE 4 desktop environment.

This tutorial deals with getting ntpd configured so that your system clock is set over the internet. So install ntpd like so:

pacman -S ntp

In order to get this working visit http://www.pool.ntp.org/ and select the correct region. Once you know which ntp servers you want to use add the servers to /etc/ntp.conf as shown below:

server 0.europe.pool.ntp.org iburst
server 1.europe.pool.ntp.org iburst
server 2.europe.pool.ntp.org iburst
server 3.europe.pool.ntp.org iburst

substitute the servers for the correct servers in your region. The iburst option is recommended. Then we need to make sure that ntpd runs automatically so we add it to our DAEMONS section of the /etc/rc.conf file like so:

DAEMONS=(... !hwclock ntpd ...)

this disables the hardware clock and makes sure that ntpd is used instead to keep the time in sync.

Now lets just finally make sure ntpd runs as a non-root user and in a chroot environment for added security:

groupadd ntp
useradd -r -d /var/lib/ntp -g ntp -s /bin/false ntp

then

chown -R ntp:ntp /var/lib/ntp

once you have created the user and group for ntpd and changed the permissions on the /var/lib/ntp directory you just need to edit /etc/conf.d/ntp-client.conf by editing the NTPD_ARGS line so it looks like this:

NTPD_ARGS="-g -i /var/lib/ntp -u ntp:ntp"

and edit /etc/ntp.conf so that the following line:

driftfile       /var/lib/ntp/ntp.drift

reads:

driftfile       /ntp.drift

then finally restart ntpd and it should work perfectly:

rc.d restart ntpd

I have just spent the best part of my evening getting to grips with Arch Linux and I have to say it was an absolute pleasure. If you are interested in getting yourself a perfect Gnome 3 setup on your computer then hopefully this article will tell you all you need to know.

I first of all installed Arch Linux using the net install media so as to get the latest packages right from the get go. If you have a reasonable internet connection I highly recommend that you follow this path.

I won’t cover the initial installation as that is covered already by the excellent installation manual. The only thing I will say is that if you get errors about your locale you may need to add the following to your ~/.bashrc file:

export LANGUAGE=en_GB.UTF-8
export LANG=en_GB.UTF-8
export LC_ALL=en_GB.UTF-8

of course you’ll need to substitute the locale for the one that you want to use (the British one is used in the above example). This didn’t happen on my second install so it could be down to me getting something wrong on my first attempt.

Once you have completed the instructions in the installation guide we can move on to getting Gnome 3 installed and configured.

The first step is to create a non-root user for your own use and to also install the sudo command. The easiest way to create a new user is to use the adduser command.

adduser

Just follow through the commands choosing the default for all options other than the username, additional groups and your full name. For the additional groups section add the following exactly as shown:

audio,lp,optical,storage,video,wheel,games,power,scanner,floppy

this allows the user to use the specific software in each category. If you don’t have a floppy disk drive in your computer you can leave that group out.

I highly recommend that you follow my guide on getting ntpd installed before going further with this tutorial.

Now that we have ntpd properly configured we can move on to getting X11 and Gnome installed and working.

Installing X11 is a trivial process and simply consists of running the following command:

pacman -S xorg-server

you’ll also need to install the correct graphics drivers for your card. You have three options based on the type of graphics card that you have (there maybe more options but I doubt many people have a graphics card from a different manufacturer). These are listed below:

xf86-video-ati
xf86-video-nvidia
xf86-video-intel

pick the one that matches your card and install it using the following command:

pacman -S xf86-video-ati

obviously you’ll need to substitute the ATI drivers if you have a graphics card made by Intel or Nvidia.

Now that X11 is installed we can move straight on to getting Gnome 3 installed and configured. Install all the requirements as follows:

pacman -S gnome gdm dbus ttf-liberation

and when pacman asks you which packages to install just press return to select all of the options.

Now all you need to do is add dbus and gdm to your daemons configuration option in your rc.conf and away you go!

DAEMONS=(... dbus gdm)

Note: make sure dbus and gdm are the last two items in your DAEMONS list.

Congratulations, you should now have a fully working Gnome 3 install on your Arch Linux box. Any other customisation you wish to do is down to you.

Deploying a Django application can be quite confusing especially if you are a developer and not normally involved in system administration work. So what is the best configuration for hosting multiple Django sites on the same server with the lowest administrative overhead possible?

Having tried Gunicorn and Nginx (which admittedly was easier to get working for a single site) I have to say that hosting Django apps using Nginx, FastCGI and Daemon Tools is by far the best method. It avoids having to write init scripts entirely (a task which is still somewhat nasty especially considering the alternatives on other non-Linux platforms such as launchd on Mac OS X which is infinitely superior).

Python

The only real requirements on the Python side are that you have virtualenv and flup installed. Having said that using Pip and virtualenvwrapper is also highly recommended in all Python based deployments no matter what the framework(s) you are using.

Also due to the fact that many Python projects make use of Mercurial you should also take the time to learn it if you do not already know how to use it.

Nginx

The first task is to install nginx. I always install nginx from source as it allows me to cut out some the modules that I have no need for and thus reduce memory footprint a bit more. You can decide if you want to install from source or not.

First we need to install the dependencies for building nginx (I am using Debian 6 here so change it to whatever your platform requires):

apt-get install gcc libpcre3-dev libssl-dev make

Then run configure, make and make install:

./configure --prefix=/opt/nginx --user=nginx \
--group=nginx --with-http_ssl_module --with-http_realip_module \
--with-http_secure_link_module --with-http_gzip_static_module \
--without-http_scgi_module --without-http_uwsgi_module \
--without-http_autoindex_module --without-http_ssi_module \
--without-http_split_clients_module --without-http_userid_module \
--without-http_memcached_module --without-mail_pop3_module \
--without-mail_imap_module --without-mail_smtp_module \
--without-http_auth_basic_module --without-http_charset_module
 
make
 
make install

(you need to be root or use sudo when running make install).

Now we add the user for nginx:

adduser --system --no-create-home --disabled-login \
--disabled-password --group nginx

Once that is done nginx is ready to go. We just need to setup an init script for it. Since I host with Linode (who are pretty darn good) I use the init script that they provide. If you use a distribution other than Debian / Ubuntu you might have to make some changes or get one specifically for your distribution.

wget http://library.linode.com/webservers/nginx/installation/reference/init-deb.sh
 
mv init-deb.sh /etc/init.d/nginx
 
chmod +x /etc/init.d/nginx
 
/usr/sbin/update-rc.d -f nginx defaults

Now nginx is installed. So lets start it and move onto the next stage. We will configure the nginx page separately after we have configured daemon tools.

/etc/init.d/nginx start

Daemon Tools

Now lets install Daemon Tools.

apt-get install daemontools-run

Once that has been completed create a directory to store our first sites configuration file. You will create a directory for every project you wish to run on the server. I generally tend to name each folder after the domain of the site to make it easy to tell which directory holds the configuration for each site (although honestly it is unlikely you will need to play around with these configuration files once they are setup and working properly).

mkdir /etc/service/domain.com

Now just create our configuration file for each Django project. Save it as a file called “run” (without the quotes) in the folder you created above for you domain name and then enter something like this:

#!/usr/bin/env bash
 
source /path/to/your/virtualenv/for/project
PROJ_DIR=/path/to/django/project
 
exec envuidgid username python $PROJ_DIR/manage.py \
    runfcgi method=threaded minspare=1 maxspare=2 host=127.0.0.1 \
    port=9001 pidfile=$PROJ_DIR/django_fcgi.pid daemonize=false

the configuration shown above is for a very low traffic site so if you want to use it in production increase the number the maxspare option to something like 5 – 10 and the minspare to at least 2. Be aware that this will require quite a bit of free RAM so you might have to play around with options depending on how much you have available. You will also need to change “username” in the above example to the name of the user you wish to run the Django apps process.

Now lets us return to our nginx configuration.

Nginx

In order to avoid problems with displaying URLs in our Django application we need to add a line to nginx’s default fastcgi_params file (note that this tutorial was written using version 0.8.54 of nginx, if you are using a different version it might be worth checking if it already exists before adding it).

So just add the following line to the fastcgi_params file:

fastcgi_param  PATH_INFO          $fastcgi_script_name;

then we need to add the following line to our Django projects settings.py file (personally I have a special production_settings.py file which I have imported in my settings.py file which I leave commented out during development and only uncomment when I deploy to production):

FORCE_SCRIPT_NAME = ''

then we just add the correct configuration for our domain to our nginx configuration file:

server {
    listen 80;
    server_name domain.com;
    rewrite ^/(.*) http://www.domain.com/$1 permanent;
}
 
server {
    listen 80;
    server_name www.domain.com;
 
    access_log /srv/www/domain.com/logs/access.log;
    error_log /srv/www/domain.com/logs/error.log;
 
    root /srv/www/domain.com/public_html;
    index index.html;
 
    location / {
        try_files $uri @django;
    }
 
    location /static {
        alias /path/to/project/static;
    }
 
    location /media {
        alias /path/to/project/media;
    }
 
    location @django {
        include /opt/nginx/conf/fastcgi_params;
        fastcgi_pass 127.0.0.1:9001;
        fastcgi_pass_header Authorization;
        fastcgi_intercept_errors off;
    }
}

and away we go.

This is the basic setup fully configured. All we need to do now is make sure that Daemon tools is running the correct version of our app and that nginx has all the changes we have made loaded. So simply restart out domains service:

svc -du /etc/service/domain.com/

and restart nginx:

/etc/init.d/nginx restart

for reference if you just want to stop your Django app:

svc -d /etc/service/domain.com/

or start it:

svc -u /etc/service/domain.com/

and now you should be able to view your site (assuming DNS has propogated) and see the spender of your new Django application running on possibly the easiest to maintain and update Django web stack available. Hopefully you use some form of distributed source code control such as Mercurial or Git. If so you should be able to update you project simply by pulling the latest version and then just restart the Daemon Tools service with:

svc -du /etc/service/domain.com/

I hope you have found this article useful. If so (or even if you have not) leave a comment. Also leave a comment if you have any problems and I’ll try and help you out.

I started writing this blog post as a rant against the Python Pyramid framework that requires all contributors to get agreement from Agendaless.com before submitting cryptographic software to the repository but then I had another thought.

Since Github is an American company they are legally required to not export certain cryptographic software. Thus any open source project that makes use of Github (or indeed any source code repository based in the US) is going to fall under US export law. I know for a fact that certain projects (OpenBSD and OpenSSH spring immediately to mind) take great pains to ensure that none of their cryptographic software is developed in places where it is export restricted to ensure that they can produce the best software possible. So from their point of view I can easily see why they would wish to avoid sites such as Github.

It is hard to see whether the US government could in fact force Github to limit the type of software that they did export though without irreparably damaging their business. The fact that Github has become so popular in the open source world is testament to the great service that they provide but I doubt many open source projects would sacrifice security just to use said service.

So is this really an issue? I have yet to hear of Github or any other company offering the same kind of service removing or limiting the export of cryptographic software, yet the sword of Damocles will forever be hanging over your head should you choose to use it.

Perhaps more open source software will make use of something like Gitorious which allows you to host your own repositories in a fairly pleasant manner.

It has been awhile since Apple announced the Mac App Store but it has taken this long for me to decide what my opinions are on the subject. The fact that the announcement will have a huge impact on the Apple developer community as a whole is undeniable.

Although I am late to the party when it comes to discussing the new Mac OS X app store I think it should be noted that this post comes after some thought on the subject. The major disadvantage of the Mac app store is the fact that Mac OS X customers will start to see it as the only legitimate place to buy Mac software from. Apple have been very careful to make it clear that developers are free to distribute applications separately from the app store if they wish but I worry about it when I think of a consumer choosing between an app which is conveniently located on the app store and one which is not. Which app do you think they will be most likely to purchase?

The fact that Apple do not deny developers the chance to distribute applications on their own does not mean that the effects of the app store on the greater developer community will not be the same. If customers are trained by Apple to use the app store to look for application purchases (it seems likely that Apple will make the app store a prominent part of the next Mac OS X release) then why would a consumer even bother looking outside of the app store? Heck, they might not even think it is possible to get software anywhere else.

This kind of situation is one in which developers need to find a way in which to keep their applications in the publics minds if they are not going to be deploying their applications to the app store (for whatever reason, Apples restrictions seem unnecessarily harsh). This will take some very creative marketing and is something I do not envy those who are stuck with legacy applications that they have no hope of ever making compliant with the requirements that Apple have laid.

The other important issue at stake here is one of price. The iOS app store has basically centred around 99 cent applications, anything more than that is considered a premium price. By their very nature Mac OS X applications require much more developer work on average than iOS applications and that should be reflected in the price. Unless Apple bring iAds to Mac OS X (something that I feel is very likely) most developers may well feel they are going to be forced to lower prices to below what they would expect to charge before the app store existed.

Even though I have laid out some problems which I foresee occurring once Apple release the app store for Mac OS X I still think in general it will be a positive boost for Mac OS X developers. It will give them easy access to every single modern Mac owner and that is a lot of people. Those who design a popular application have the chance to make an awful lot of money on the Mac OS X app store, assuming of course you can comply with Apples requirements.

Update: Updated the article to use nice new syntax highlighting.

Before you start you must already have the Apple Developer Tools installed. The latest version of which can be downloaded from the Mac Developer Centre (registration required).

GNU Binutils:

cd binutils-folder
mkdir obj-avr
cd obj-avr
 
../configure --prefix=CHANGE_TO_ABSOLUTE_INSTALL_PATH --program-prefix=avr- --target=avr --disable-nls --disable-werror --enable-install-libbfd
 
make
make install

GCC:

Make sure to download MPFR, MPC and GMP first and place then in folders (with the same name and in lower case) in the root of the GCC source directory. They will automatically be compiled along with GCC itself.

If you make use of MPFR 3.0.0 there is a patch that you need to install before you compile GCC. Download it here. Save it as allpatches.txt and then simply use the following command (assuming you are in the gcc directory) to apply it:

patch -N -Z -p1 > ../allpatches.txt

Once that patch has been applied you now need to patch GCC itself with this patch. Unfortunately you need to insert the missing commas in the middle column, it should be straight forward to see what I mean when you open the patch file up in a text editor. Apply the patch like so (again assuming you are in the gcc directory):

patch -p0 < ../changes.patch.txt

At this point you are now ready to start the compilation and installation of the AVR GCC compiler:

cd gcc-folder
mkdir obj-avr
cd obj-avr
 
../configure --prefix=CHANGE_TO_ABSOLUTE_INSTALL_PATH --program-prefix=avr- --target=avr --enable-languages=c,c++ --disable-nls --disable-libssp --with-dwarf2 --disable-werror
 
make
make install

GDB:

cd gdb-folder
mkdir obj-avr
cd obj-avr
 
../configure --prefix=CHANGE_TO_ABSOLUTE_INSTALL_PATH --target=avr --program-prefix=avr-
 
make
make install

AVaRICE:

cd avarice-folder
mkdir obj-avr
cd obj-avr
 
$CPPFLAGS=-ICHANGE_TO_ABSOLUTE_INSTALL_PATH/i386-apple-darwin10.3.0/avr/include LDFLAGS="-LPATH_TO_LIBBFD -LPATH_TO_LIBIBERTY" ../configure --prefix=CHANGE_TO_ABSOLUTE_INSTALL_PATH
 
make
make install

References:

Building and Installing the GNU Toolchain

Although my original article predates the following article I came back and updated my article using some of the information contained in the articled linked below when I upgraded my tool chain so I include a link here just to mention it.

Compiling AVR Toolchain from Scratch

The following is the command that should be used for uploading a program to an Arduino Duemilanove (with an ATmega168 chip).

avrdude -c arduino -p m168 -P usb -U flash:w:FILENAME

replace FILENAME with the hex file you wish to upload to the board. This assumes that you want to write a file to the flash memory. You can of course verify or read from different portions of memory depending on your chip but I’ll leave you to figure that out from the AVRdude manual.

This is primarily a note to myself so I don’t forget in the future or file away my notes into my filing system (aka the rubbish bin) and lose them.

You can use the checkinstall command like so:

sudo checkinstall

instead of the more traditional:

sudo make install

when installing self compiled packages. This will allow the Ubuntu packaging system to keep track of what was installed and allows easy removal in the future if you decide that you want to get rid of that particular item.

More information can be found in the Ubuntu Documentation:

Ubuntu CheckInstall

In this article I hope to introduce you to Glassfish 3 on Ubuntu Server 9.10.

The first thing you need to do is make sure that you have the Java Developer Kit installed on your server. There are two options available, the Sun JDK or OpenJDK. Not knowing if there is any advantage to using OpenJDK I personally opted to use the Sun JDK. If anyone has any information about any advantages that the OpenJDK offers then leave a comment and let me know! Simply install the JDK by running the following command:

sudo apt-get sun-java6-jdk

this will install all the needed dependencies for you as well.

Next you need to download Glassfish 3. Personally I find it best to download it as part of the Java EE 6 SDK which is available here. Make sure that you select Linux in the Platform drop down menu before you download it though. I also suggest you download the larger of the two choices (70MB at the time of writing), this means that you are getting Glassfish with all features enabled where as the web profile has some of the enterprise features left out for size reasons. Obviously if your requirements are met by the web profile then by all means use that. The installation process should be the same as described here.

Once you have downloaded the Java EE 6 SDK you will need to install it using silent mode as the standard install requires X11 which is not included in the standard Ubuntu Server installation. In order for this to work you need to create an answers file (standard text document) that specifies the installation parameters that you wish to use. You will need to add an administrator password to the file and potentially provide the location of your JDK 6 installation. The answer file will default to /usr/local, if you want it somewhere else you will also need to edit that line.

Then simply run the Glassfish installer by appending the -a ANSWER_FILE -s switches to the install command. Where ANSWER_FILE is your edited version of the answer file.

Hopefully that should get you going quickly.