Thursday, August 09, 2007

Best Friends (possibly): DTrace, ZFS, and the GPL

This is a verbatim copy (with minor corrections) of something I posted on opensolaris-discuss earlier today re: DTrace, ZFS, and the possibility of ports to Linux:

Subject: Re: [osol-discuss] An Open Letter to the Solaris Community.

"Derek E. Lewis" wrote:

> If the text of the GPL was actually read, those concerned would understand
> that Linux could have ZFS and DTrace now, along with any other piece of
> code licensed under the CDDL. Unfortunately, this does not seem to be
> possible, given the majority of people that work with GPL'd license code
> seem to be set upon making the imagined 'linking clause' reality when, in
> fact, the text of the GPL contains no instances of the word 'link'. It
> seems to be the case the real GPL is the FSF FAQ. Some might go as far to
> say the 'the program' and 'derivative work' referred to in the GPL
> encompass linking; however, this is an ambiguity, and any lawyer worth the
> air he or she breathes could sufficiently dispute this in court, I think.
>
> From my research, a ZFS or DTrace Linux port would only require the
> sources be distributed separately. Binaries could still be shipped with a
> Linux distribution, as the GPL is strictly a source-level license if one
> assumes the imaginary 'linking clause' is, in fact, imaginary.
>
> With this said, I fail to see how adopting a license that contains such
> ambiguities could be beneficial towards OpenSolaris.
>
> Derek E. Lewis
> delewis@acm.org
> http://delewis.blogspot.com

I await the day the mentioned 'imaginary linking' clause is disputed in court successfully... More so, it amazes me how many people actually fail to read the text of the GPL without the seasoning added by the FSF, specifically from the FSF FAQ. The open source software community would be a far much more open place than it is currently if this were done.

Tuesday, June 12, 2007

Bug in JET

I've recently started using JET to do Custom Jumpstarts on all of my systems. Its really a wonderful tool, and I can have a system deployed much more quickly than doing an Interactive Jumpstart. Today, I stumbled upon a particularly annoying bug in JET. One of my systems that I hadn't used JET to Jumpstart wasn't able to mount NFS exports from a system I had used JET to Jumpstart. On the system I was trying to mount the exports from, I would get this error message on the console after each attempt:


Jun 12 15:17:34 galileo nfs: [ID 609956 kern.warning] WARNING: NFSMAPID_DOMAIN does not match the server: alnitak domain.
Jun 12 15:17:34 galileo Please check configuration


I looked at /etc/default/nfs on the NFS client everything looked OK; however, when I looked on the server I discovered:


# Specifies to nfsmapid daemon that it is to override its default
# behavior of using the DNS domain, and that it is to use 'domain' as
# the domain to append to outbound attribute strings, and that it is to
# use 'domain' to compare against inbound attribute strings.
NFSMAPID_DOMAIN=dynamic


That's something I've definitely never noticed in /etc/default/nfs before, so next, I looked at the JET template for the NFS server and found this:


############
#
# NFSv4
#
# Set up the NFSv4 domain to prevent being prompted at first reboot.
# If not set, this will default to the entry in base_config_dns_domain,
# and if that is not set, to the value 'domain', which is the default
# in /etc/default/nfs
#
base_config_nfsv4_domain=""


This makes sense, but base_config_dns_domain isn't set in my template for the NFS server. So the sum of the bug is that JET should set base_config_nfsv4_domain to 'domain' if base_config_dns_domain is nil; however, it does not do this, and instead, sets it to 'dynamic'. Once I changed the NFS client's NFSMAPID_DOMAIN in /etc/default/nfs to 'dynamic' everything was back to normal.

Tuesday, May 29, 2007

Tadpole SPARCbook 6500 Jumpstart and Mouse

For awhile now, I've been unable to use the touchpad on my SPARCbook while installing, as the 'vuidsyn' strmod (STREAMS module) that's used to convert Synaptics signals into VUID signals, which Xsun uses wasn't available. This meant I had to attach a USB mouse. Typically, after installing Solaris Nevada, I would rip the 'vuidsyn' strmod off of the Tadpole Solaris 9 media (yes, strmods from Solaris 9 still work in Nevada a.k.a Solaris 11) and copy it to /kernel/strmod/sparcv9. This worked, but it was far from ideal, and given I've just gotten into doing Custom Jumpstarts, I wanted the install process to be completely automated. Having to manually copy that strmod from the Solaris 9 Tadpole media to the kernel strmod directory violated this. I got the bright idea to:


# cp /home/dlewis/vuidsyn /export/install/media/\
Solaris_11/Solaris_11/Tools/\
Boot/kernel/strmod/sparcv9
# cp /home/dlewis/dacf.conf /export/install/media/\
Solaris_11/Solaris_11/Tools/\
Boot/etc
(dacf.conf maps devices to the proper strmod)


After doing a 'boot net - install', Solaris began automatically installing, and my mouse now works out of the box.

Wednesday, May 16, 2007

Zone Install Path and Permissions

I've recently created a zone for Apache and MySQL on a colleague's workstation. The colleague works from the global zone, as it is his workstation, and I figured zones would be an excellent way of isolating his development environment from his workspace. He generally uses editors such as Bluefish and so fourth to edit the .php files in the zone's htdocs directory, which in the case is something like /export/zones/web-zone2/root/opt/coolstack/apache2/htdocs. He wanted the ability to save files to the htdocs directory from the global zone. Given the nature of zones, and the necessary security precaution that the zone install path should be chmod'd 700 or else the zone won't verify or boot, I had to come up with a way to boot the zone and still give him the ability to save directly to the htdocs directory in the zone without manually chmod'ing back and fourth.

I figured zoneadm or the other zone tools probably don't check for ACLs, just UNIX-style permissions, so I decided to give this a try:

# chmod A+user:dlapoint:execute:allow /export/zones/web-zone2
# chmod A+user:dlapoint:list_directory:allow /export/zones/web-zone2
Its nasty; however, it does work, and now he's able to read and write files to that htdocs directory without having zoneadm -z verify or zoneadm -z boot gripe about the permissions on the zone install dir being 'insecure'. There are some other ways I could've gone about this, such as sharing the htdocs from the global zone with web-zone1, but I felt that didn't provide the level of isolation that was desired.

Sunday, May 13, 2007

The Wonders of Thin Clients

I decided to purchase a Sun Ray 1 off of eBay several days ago for $20, which arrived yesterday. After spending about an hour or so reading the documentation, installing, and configuring the Sun Ray Server Software (SRSS) on my Ultra 2 (laplace), I finally had my Sun Ray up and running. I simply plugged it in, authenticated, and logged into JDS. To be over Fast Ethernet, the drawing of the desktop was extremely fast, and the only time it seemed to sputter was when a window refreshed quickly, such as displaying a directory, prstat(1) refreshing, and video to some extent. I decided to play a small MPEG2 file that was low-res, and performance was excellent. Audio quality seemed to be fair, as I played some music that I had on laplace, which is my file server.

The Sun Ray 1 comes with 4 USB ports and two of those are used for the keyboard and mouse. This leaves the other 2 for USB peripherals such as a removable drive and printer. I plugged in my thumb drive, and it mounted somewhere in /tmp/SUNWut without a problem. It would've been nice for Nautilus in JDS to have detected it and presented an icon on the desktop for the drive, but that didn't happen. Next, I plugged in my HP LaserJet 1300, which created a device node in /tmp/SUNWut/units/IEEE802.MACID/dev/printers/. I used /usr/sadm/admin/bin/printmgr to configure the printer, and lpstat(1) had no problems seething the printer. I printed a few test pages and all worked well.

Afterwards, I decided to play around with the Sun Ray's session mobility capabilities, which allow you to move back and fourth between multiple Sun Rays and maintain the same desktop session (Sun calls this 'hot-desking'). This is meant to be done with using smartcards and the Sun Ray's smartcard reader, but I don't have any smartcards, yet. Using utpolicy(1) one can enable mobile session support without using smartcards, and just using plain, login-based authentication. I decided to play an audio file, pause the session by using Shift-Pause, and login in again. After doing so, my session re-appeared, and the audio resumed playing on the Sun Ray's internal speaker (the Sun Ray has audio output, as well, so you can hook up a real pair of speakers).

I'm planning on acquiring at least another Sun Ray, so I can test a multihead configuration (you can combine two or more Sun Rays and share a session across them for multi-head functionality), and some smartcards. I've found some IBM GEMPLUS cards on eBay that seem to be supported, but if anyone knows of a vendor that'll sell me 5 or 10 PayFlex cards (the same cards Sun sells in bulk for the Sun Ray), leave me a comment or email me.

Tangent to this post, I wish the university I attend (Lambuth University) would deploy at least a small amount of Sun Rays in some of the labs. From my understanding, each lab we have (there's about 5 labs total, I think) is upgraded every 3 years. This means all 10 or 20 systems that may be in the lab are upgraded to new systems, and the last purchase was around $600-$700/system. This is outrageous considering that a Sun Ray 1 goes for $20 on eBay, and its not hard to find an auction that's for a bulk load of them. We have a fairly large Windows deployment at the university that makes no use of Active Directory, so each system is its own entity to be administered. When software needs to be installed on a lab, it must be installed on each individual system, which implies there's significant administrative overhead involved in administering the university's network. Because Sun Rays simply use a single server or multiple servers running the Sun Ray Server Software, administration overhead is minimized -- if you want to install software, you install it on the 1 or 2 servers, and its immediately usable to everyone on the Sun Ray network.

Moreso, certain faculty members at the university are still using 10-year-old systems running Windows 95 or 98. This is completely unacceptable, considering Sun Rays could be deployed with a decent resolution, and utilize the performance of the Sun Ray server. Faculty members upgrading from these old computers to a Sun Ray would gain desk space, functionality, and performance, and still be able to accomplish their work, as 95% of the workload at Lambuth is word processing, browsing the Internet, and checking email.

Once I get my second Sun Ray, I think I'll ask the IT staff, and several faculty members to observe a demo of what we, the university, could have for minimal cost and maximum functionality.

Thursday, March 22, 2007

Institute of Advanced Study/Park City Mathematics Institute Admission

Much to my surprise yesterday, I received an acceptance letter for the IAS PCMI Undergraduate Summer Program that I applied to in Feburary. The PCMI Undergraduate Summer Program seems to be a highly-selective, focused program that brings together undergraduate, graduate, and high-school students. I've gotten a full fellowship to attend the program from July 1-21, so naturally, I have been doing a bit of research regarding what's in Park City, and it certainly seems to be an interesting place. The Wikipedia entry on Park City indicates its the home of the Sundance Film Festival, several extravagant restaurants, three ski resorts, and a load of factory outlet stores.

According to the information that was sent along with the acceptance letter, I'll be staying in a "studio condo unit" along with another attendee, and the pictures of the rooms do look very nice. There's something to be said for doing math in style at the foot of a mountain range.

Wednesday, March 14, 2007

Tadpole SPARCbook 6500

I recently acquired a SPARCbook 6500 through a liquidation of a telecommunications company. Its a very interesting and powerful system -- 650MHz UltraSPARCIIe, 4GB of memory, and 2x60GB IDE disks, which makes it plenty powerful for workstation/development purposes, as well as a portable Oracle server. Its been an uphill battle, though, getting a recent Solaris on it. Tadpole seems to have made a deal with Sun to resale Solaris 10 media with their drivers on it to customers. Unfortunately, one must pay for the media or purchase a new laptop to receive a media kit, as Tadpole does not offer the necessary ISOs or packages for download. I've heard through internal hearsay, though, that packages containing drivers for Solaris 10 Update 2 or 3 should be released at some (hopefully, near) point in the future.

For those of you that might be asking why drivers would be necessary, the SPARCbook utilizes a lot of interfaces Tadpole engineered on their own, like the power management unit (PMU), PS/2 keyboard containing the extra Sun keys, and the cardbus interface. Unless you have media containing the drivers, one is forced to attach a USB keyboard and mouse to do an install until you can install the packages Tadpole provides separately that contain the drivers.

Much to my surprise it seems support for the Tadpole PS/2 keyboard has been integrated into ON, and the keyboard works out of the box with newer Solaris Express releases. A fast-track request was presented to PSARC (Sun's internal Solaris core architectural commitee) to add more support for the interfaces that the various Tadpole laptops (including the SPARCbook) sport, so things are definitely looking up for those of us that want to be on the cutting edge with our SPARC-based notebooks.

On another front, it seems Xorg is finally being shipped in Solaris Express SPARC releases, along with the generic, 'wsfb' driver which supports ATI Rage cards, like the PGX32, PGX64, m64, etc. Fortunately, the SPARCbook 6500 (as well as most other Tadpole notebooks) have PGX cards, so I could be looking forward to Xvideo support in the future, which is something that the traditional Xsun X11 server has always lacked. Alan Coopersmith stated that 24-bit colour is currently not working properly with the 'wsfb' driver, but Martin Bochnig (another owner of a Tadpole notebook) seems to be working on it.