Interfacing CGit and Gitolite

As many of you know, the KDE Project is transitioning to using Git with Gitolite and CGit. As such, I thought I’d update my aging Gitweb/posix-permissions installation of git to use CGit and Gitolite, and now my public git repository is kicking away. (If you’d like commit access any place or would like to host your own repo on my server, drop me a line.)

Since Gitolite manages git repositories, it has the option of generating the necessary information for Git’s shipped gitweb. This includes making a static list of repository names that should be included in gitweb as well as optionally adding the gitweb.owner entry inside .git/config and the description file at .git/description. The static list of repository names is boring and standard and easy. The owner and description specifications are standards set by the Git project for this kind of information. Hence, Gitolite supports interfacing with them.

Meanwhile, CGit uses its own configuration format for determining the owner and description and repository path. For interfacing with Gitolite, in the past I have created a hook that writes out a CGit-formated configuration file, which is then included in the main cgitrc with the include directive. Essentially I had to do this:

gitcode@starfox ~ $ cat web/cgit/generaterepos.sh 
#!/bin/sh
 
cd $(dirname "$0")
rm -f repos.tmp
 
cat ~/projects.list | while read gitname; do
        name=${gitname%.*}
        fullpath=/home/gitcode/repositories/$gitname
        owner=$(git --git-dir=$fullpath config --get gitweb.owner)
        desc=$(cat $fullpath/description)
        (
                echo repo.url=$name
                echo repo.name=$name
                echo repo.path=$fullpath
                echo repo.desc=$desc
                echo repo.owner=$owner
                echo repo.enable-log-filecount=1
                echo repo.enable-log-linecount=1
        ) >> repos.tmp
done
 
mv repos.tmp repos
 
gitcode@starfox ~ $ tail -n 1 web/cgit/cgitrc 
include=/home/gitcode/web/cgit/repos
 
gitcode@starfox ~ $ cat repositories/gitolite-admin.git/hooks/post-update.secondary 
#!/bin/sh
exec /home/gitcode/web/cgit/generaterepos.sh

This worked decently, but it was cumbersome and ugly, and was likely not to scale as features in both Gitolite and CGit are added and changed. Luckily, CGit supports the scan-path option, which builds an internal list of repositories automatically by scanning a directory for git folders. One such solution for integrating with Gitolite would be to simply point scan-path at Gitolite’s repository directory. This works fine, but it has three main shortcomings, which I’ve addressed this in a generic non-Gitolite-specific way in three patches. Let’s walk through them one by one.

projects-list

We don’t want all Gitolite repositories showing up on CGit, and Gitolite provides a generic mechanism for controlling this: it writes a list of all the repositories selected for Gitweb to a file called projects.list. It’s just a flat file with each repository’s name written on a new line:

CheeseWhiz.git
Geoemail.git
MyCoolThangs.git

So, what about augmenting CGit’s scan-path feature with another setting called “project-list” that points to this file? That’s what this patch does. If project-list is set before scan-path is set, then scan-path only scans the git folders at project-list/${a line in the project-list file}. Problem solved, and this is a pretty generic way of doing it too.

git-suffix

Most people store git repositories on disk at MyGitRepository.git. Notice the .git ending. However, most people prefer to see it listed as just “MyGitRepository” and they especially would like to clone it at gituser@domain.com:MyGitRepository, without needing the .git ending. Usually, CGit’s scan-path infers the repository name directly from the folder name. This patch adds a setting called “remove-suffix” that, if set to 1 (default is 0) before scan-path is set, will remove the .git suffix from the repository name and url while still pointing to the correct physical path. This as well is fairly generic and not specific to Gitolite or Gitweb, but rather Git’s usual conventions.

config-owner

CGit’s scan-path infers the owner of the repository from the posix owner’s UID name. But there is an additional Git standard for overriding this for any interface: the “gitweb.owner” configuration key in .git/config, which Gitolite understands and respects, as well as Gitweb. This patch simply calls Git’s internal C functions for fetching this information from the current repository’s config, and prefers this as the owner to the posix owner’s UID name. If gitweb.owner is not set in the configuration, it falls back to the posix owner’s UID name. This is a standard Git behavior. This occurs only for scan-path — cgitrc specified owners are preferred over these former two, obviously. Again, this configuration standard has been determined by the Git project, and both Gitolite and Gitweb respect it. So, this patch adds support inside CGit for it.

it works

Now instead of the include and the ugly set of scripts and hooks, I can just place this at the bottom of my cgitrc:

remove-suffix=1
project-list=/home/gitcode/projects.list
scan-path=/home/gitcode/repositories

and this integrates perfectly with Gitolite. All is harmonious in the Git universe.

On top of all this, I’ve cooked up a wicked good .htaccess file for CGit that allows me to have anonymous http pull at the same time as it rewrites the CGit urls to be pretty. Check it out:

Options FollowSymlinks ExecCGI
 
DirectoryIndex cgit.cgi
Allow from all
Order allow,deny
 
RewriteEngine on
 
SetEnv GIT_PROJECT_ROOT=/home/gitcode/repositories
 
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d 
RewriteRule "^(.*)/(.*)/(HEAD|info/refs|objects/(info/[^/]+|[0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(pack|idx))|git-(upload|receive)-pack)$" /git-http-backend.cgi/$1.git/$2 [NS,L,QSA]
 
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.* /cgit.cgi/$0 [L,PT,NS]

A strange combination of stopping internal redirects and partial rewritings and odd stop conditions has made it so that the request gets forwarded and reformatted to git-http-backend if and only if it is first valid with cgit.cgi. Is this crackable? Can anyone figure out a backdoor to grab a repository that isn’t in projects.list?

I’ve also written a super generic script for uploading new repositories to my gitolite/cgit installation. From a git working directory, I run ~/Projects/uploadNewGit.sh "This is a description of my new git repo.", and wham-shabam, all the permissions get set and everything is uploaded just fine. Here is uploadNewGit, the latest version of which you can always find in my GitTools repository:

#!/bin/sh
 
GITOLITE_ADMIN="$HOME/Projects/gitolite-admin"
 
gitdir=$(readlink -f "$(pwd)")
name=`basename "$gitdir" | cut -d / -f 2 | cut -d ' ' -f 1`
description="$1"
 
if [ ! -d "$gitdir/.git" ]; then
        echo Not a git repo.
        exit 1
fi
if [ -z "$description" ]; then
        echo You need to specify a description argument.
        exit 1
fi
 
pushd "$GITOLITE_ADMIN/conf" > /dev/null
echo "Writing config..."
(echo
echo "  repo    $name"
echo "          RW+CD   =   $(whoami)"
echo "          R       =   @all"
echo "          $name \"$(git config --get user.name)\" = \"$description\"") >> gitolite.conf
git commit -a -m "Adding $name to repository."
git push
popd > /dev/null
 
url=`git --git-dir=$GITOLITE_ADMIN/.git remote -v | grep push | cut -f 2 | cut -d ' ' -f 1 | sed "s/$(basename $GITOLITE_ADMIN)/$name/"`
git remote add origin $url
git push origin master
git push --all
git push --tags

(As a side note, I’m not really sure the best way to quote commands inside of commands with variables that have spaces. something=$(command $(othercommand $argument)) has issues if argument has a space or if othercommand produces something with a space or if command produces something with a space (not totally certain about the latter two — I should check). But I can’t do this: something=”$(command “$(othercommand “$argument”)”)” because of obvious quoting problems. What’s the common solution to this? I’ve been using an awkward combination of the backtick operator `…` and the $(…) syntax but the backtick has some weird rules too. What’s the deal? Can somebody point me in a good place to read about this?)

Anyway, most of what I’ve written about in this post is new to me. Or at the very least, I’m a bit uneasy. So if you have any suggestions, by all means please tell me. I’m looking forward to seeing what the KDE sysadmins do in the end. Hopefully the CGit authors accept my patches.

Update: After some back and forth with Lars, the CGit maintainer, I’ve added a few more patches, including putting the gitweb.owner functionality behind configuration setting and also caching the scan, among various other improvements. You can check out all the commits I’ve made on this at the cgit for my cgit clone.

ALIX 2D13: First impressions

I desperately needed a new toy, and found the perfect match with the ALIX 2D13 board from Swiss manufacturer PCEngines. I’ve had good experiences with the WRAP-board more than four years ago, so I knew about the quality of their products. This post should serve as a quick introduction and point out some caveats if you want to setup and use an ALIX 2D13.

Specs
PCEngines has an overview over the ALIX-line as well as the specs of the ALIX 2D13, so this is just a short rundown:

• 500 MHz AMD Geode LX800 (x86)
• 256 MB DDR DRAM
• 3 Ethernet NICs (Via VT6105M 10/100)
• Furthermore: 2x USB ports, MiniPCI-slot, CF-slot, serial port

I chose the 2D13 model since I wanted 3 ethernet NICs and the added battery (for keeping system time after a reboot) seemed like a good idea. The ALIX boards can be bought in many variations, some even providing VGA/sound to be used as a thin client. I ordered my ALIX at the Varia-Store, where they offer a complete bundle of ALIX-2D13-board, enclosure, power supply and CF-card for a mere €145 including shipping in Germany. I ordered on Tuesday at noon and the package arrived Thursday afternoon.

Operating system / prerequisites
You probably want to run Linux on these babies, otherwise you can stop reading ahead. There are some things you really need before you get started:

• CF-card reader on your computer (for installing the OS to the CF-card)
• Serial connection (think USB-to-Serial converter, pl2303) to access the ALIX

I chose to install Debian on the ALIX, since I’m familiar with it and it has little overhead. I found these guides to be helpful, even if not completely up to date or correct: Guide 1, Guide 2. But careful! Don’t mount the ALIX board in its enclosure until you’re sure that your ALIX boots, since removing the CF-card requires taking the board out again ;).
The next thing I did was to build a custom kernel, since Debian only includes 2.6.26 and has everything you’ll never need compiled as modules. I built a next-to-minimal kernel on my workstation (this site helped a lot) and it seems to work just fine so far. The config is here. An important thing if you compile somewhere else is to make sure you useARCH=i386 make menuconfig
ARCH=i386 make -j3 when configuring and compiling your kernel for the ALIX.
People already using CF-cards or small embedded devices probably know to use noatime where possible and mount /tmp, /var/tmp, /var/run, /var/log, /var/lock as tmpfs to go easy on the CF-cards limited write cycles.

Performance / Applications
I bought the ALIX to play around with it but also to evaluate its possible use as a Samba-fileserver and CUPS printserver for my flat, and maybe even a small shellserver in case I’m away from home and my workstation isn’t running. With an energy-consumption of about 5-6W you can have it running 24/7, the fact that it doesn’t have any moving parts only adds to that. Booting takes a few seconds by the way, not that it matters.

The first measurements I did were with scp from the ALIX to my WS, which maxed out at 3.5MB/s because OpenSSH used up the CPU on the ALIX. Next I tried using Samba (to and from) and got a mere 6.5MB/s throughput reading from the ALIX and an attached USB-drive. This was with the stock kernel however, and using my own 2.6.34-kernel I was able to transmit more than 9MB/s using Samba. I had a stupid line in my smb.conf which might explain the 6.5MB/s I got before. Make sure to remove this line!:socket options = IPTOS_LOWDELAY TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384I then did another test using fefes gatling web/ftp/samba-server on the ALIX and my USB-drive in HTTP-mode with wget and was able to completely saturate the 100MBit-link, which is why I suspect to be able to do the same thing with Samba as well.
For customers of Aachens Uni-DSL it should be interesting to know that I managed to max out my 8Mbit-DSL-line (about 700kB/s) using vpnc on the ALIX with enough idle CPU left. Using vpnc and doing a git pull on the ALIX resulted in only a slight slowdown since git was busy saving/packing objects it received. Performance using git daemon on the ALIX and pulling from there were acceptable as well.

All of these measurements are highly unscientific and side-effects or misconfigurations could have had negative effects, so one should read these rates as minimal assurances.

Conclusion
After the first full day of using the ALIX I’m impressed. The CPU is powerful enough for most tasks and with a little custom configuration some things can be sped up considerably. I don’t see any problems for the intended use as a file-server, by whichever way the files are served. The next step will be hooking up my printer.

If you intend to use encrypted filesystems on the ALIX you should do some research first. While the AMD Geode does have hardware support for AES, OpenSSL does not seem to use it and I’m not quite sure about any cryptofs. Another common thing the ALIX might be used for is wireless LAN. The MiniPCI-slot can take a variety of wireless NICs, but I don’t need yet another AP at the moment.

gaka 0.2.0

Per many commenters' suggestions and thanks to code from Steve Purcell, you can now use maps for CSS attributes in gaka.

user> (println (gaka/css [:a {:color :red}]))
a {
  color: red;}

This looks more like vanilla CSS thanks to the curlies, which is nice. You just have to keep in mind that your key/value pairs could end up being printed in random order, and order is significant¹ in CSS.

It just so happens that maps are implemented in Clojure right now such that if they only have a few entries (16 key/value pairs), the order will be preserved, because you get a PersistentArrayMap instead of a PersistentHashMap. But it's highly dangerous to rely on such a thing. It could change at any time in the future.

In any case, you can also mix and match maps, lists and "flat" keyvals. They'll all be flattened That can help preserve attribute order in those cases where you need to.

user> (println (gaka/css [:a :color "red" {:padding 0} (list :margin 0)]))
a {
  color: red;
  padding: 0;
  margin: 0;}

I've also enhanced "mixins" a bit further. You can now mixin entire tags as well as attributes. Or a combination of both. Say you want a mixin that means "Make my element have no padding, and make links within the element be red":

user> (println (gaka/css [:div.foo mixin :margin 0]
                         [:div.bar mixin]))
div.foo {
  padding: 0;
  margin: 0;}

  div.foo a {
    color: red;}

div.bar {
  padding: 0;}

  div.bar a {
    color: red;}

You can get gaka from github or Clojars.

Article about EUPL in Linux Magazine

Linux Magazine issue 118 has just been published and in it my article License That! The European Union can show off with its own free, open source license. [PDF].

It is a short article about EUPL. This is an OSI- and FSF-approved license which was written by and for the EU and is equally legally valid in all EU language versions. Not only does it tackle legal problems of FOSS very elegantly and in a short and understandable way^[1], but is the first ever free license to be written by an international government body.

Maybe one day we will be able to agree on a global (or at least WIPO-wide) public license, which would be valid the same in all languages and in all jurisdictions.

This is my 2^nd article for Linux Magazine and I can say that writing for them is quite a treat.

KRunner Dictionary Plugin: Finally

Four months ago I promised to make a dictionary KRunner plugin. I’ve finally started to write it.

It’s currently in kdereview and will hopefully be included with KDE SC 4.6.

It functions as simply as I wanted it to back in March: you hit alt+f2, type “define {your word}”, and presto, the results are there.

Unfortunately, it wasn’t as easy as it ought to have been. I utilize the same data source as the dictionary plasmoid, which is a Plasma::DataEngine, and as it turns out, DataEngine has a few issues with threading, which KRunner relies on. It’s also built around signal/slot async requests, while KRunner uses a blocking thread for computation. I ended up having to invoke a QMetaMethod to shuffle things to the right thread and use a QMutex for synchronization. What a hassle. Nevertheless, the dictionary plugin seems to work pretty well.

Anything I should add to it? Ability to choose alternative trigger words to “define”? Some kind of loading indicator? If you have the time, try out the code and let me know what you think.

Update: Some of you in the comments and on IRC have asked me the best way to try this out immediately. Here are the commands:

svn co svn://anonsvn.kde.org/home/kde/trunk/kdereview/plasma/runners/dictionary dictionary-krunner
cd dictionary-krunner
cmake . -DCMAKE_INSTALL_PREFIX=/usr #change prefix accordingly if your distro is funky
make
sudo make install
kbuildsycoca4
kquitapp krunner
krunner

We need a thoughout integration of the desktop and the web - not Tab Candy superfast jellyfish

This video demonstrates a new tab organising feature called 'Tab Candy' that might make it into a future version of Firefox. Lord help us all if it does.

Embedded below is the promo video:

<object height="340" width="560"><param name="movie" value="http://www.youtube-nocookie.com/v/wXWHb6J1Kgg&amp;hl=en_GB&amp;fs=1?rel=0"><param name="allowFullScreen" value="true"><param name="allowscriptaccess" value="always"><embed allowfullscreen="true" allowscriptaccess="always" height="340" src="http://www.youtube-nocookie.com/v/wXWHb6J1Kgg&amp;hl=en_GB&amp;fs=1?rel=0" type="application/x-shockwave-flash" width="560"></embed></object>

Sorry, wrong video, below is the correct one, yank alert. (Aside question about the intro spiel: how can he use his browser more than his operating system since the former requires the latter?)

<object height="265" width="400"><param name="allowfullscreen" value="true"><param name="allowscriptaccess" value="always"><param name="movie" value="http://vimeo.com/moogaloop.swf?clip_id=13560319&amp;server=vimeo.com&amp;show_title=1&amp;show_byline=1&amp;show_portrait=0&amp;color=&amp;fullscreen=1"><embed allowfullscreen="true" allowscriptaccess="always" height="265" src="http://vimeo.com/moogaloop.swf?clip_id=13560319&amp;server=vimeo.com&amp;show_title=1&amp;show_byline=1&amp;show_portrait=0&amp;color=&amp;fullscreen=1" type="application/x-shockwave-flash" width="400"></embed></object>

Tab Candy allows you to drag web pages (i.e. tabs) and organise them into little piles. The piles can then be saved, named and so on.

Thinking in terms of a Linux distribution, I am not sure how helpful Tab Candy really is. This seems to be the wrong level of the stack.

Tab Candy is just recreating GUI folders, albeit with a nice zoom out and more automatic groups. Tab Candy not only replicating the desktop, but it is dealing with symptoms of a more basic problem, rather than solving the problem itself.

Browsers are crap at saving Web pages

When you view a web page in the browser, it is represented in the navigation by one tab, this is good. However, on the filesystem, a webpage is represented by its composite fragments - the HTML file, Javascript and CSS includes, images and so on, this is really stupid. This difference makes webpages a second class object on the desktop.

A better approach would be to encapsulate a saved webpage into a single file (internally it could be a zip or similar). Then saving and sharing webpages would be much cleaner and would allow operating system graphical interface designers to create a more beautiful desktop.

Ideally the cache would save webpages in the same form, so saving a page is just copying the file from the cache, rather than downloading it again. The cached version of the page can then be in piles implemented at the desktop level rather than at the browser level.

Piles should be in the desktop shell

The piles being a desktop feature would allow the user to put other things into the piles too: pictures, PDFs, songs and so on. At the desktop level, the feature would be implemented in native code rather than an in-browser cross-platform Javascript mess.

Call me old fashioned but I want my GUI to be fast, efficient with resources and to get out of my way. I don't want browser-based bling using up all my RAM. As I moaned about in the last post, Firefox uses quite enough memory as it is; implementing a desktop GUI in Firefox is hardly a recipe for reducing its memory footprint. It is a recipe for more bloat.

What do you think? Should the browser become the desktop? Or should Firefox be faster and slimmer without these desktop-style features?

Paludis 0.50.2 Relased

Paludis 0.50.2 has been released:

• ‘cave resolve –continue-on-failure’ interacted weirdly with background fetching. This is now fixed.
• Support for automatic repository configuration creation via installing a ‘repository/somerepo’ pseudo-package is now available on Gentoo.
• Queries in the form ‘*/*::foo->’ no longer force pointless generation of metadata for ebuilds.

To enable automatic configuration of repositories on Gentoo, you need to set up an unavailable format repository for Layman, and a repository format repository for installs.

Footnotes

Did you ever notice how footnotes make your writing seem more important¹ somehow?

Maybe one reason is that "real" books use footnotes. At a glance, it looks like I have references² backing up everything I say. In reality, I don't, but the connotation carries through somehow³. Now my blog seems scholarly and authoritative.

And if you're like me, you can't resist clicking footnotes to see what they refer to⁴. According to my estimates, by utilizing footnotes, in one fell swoop I have decreased my readers' average reading efficiency by 73%.

In any case, I've added experimental, rudimentary support for footnotes to cow-blog.

I'm loosely copying the syntax from Markdown Extra for this. Markdown is great, except when it isn't. The standard doesn't have support for some useful extensions. I use Showdown for Markdown support, and I'm probably going to work on adding more features of Markdown Extra to Showdown in the near future.

I just dread actually doing it. Showdown (like Markdown itself) is implemented as a series of hackish regex transformations of blobs of text. It's not a proper grammar. Implementing more of Markdown Extra means more regex blobbing. It's brittle and fragile and even getting incomplete support for footnotes was less than enjoyable. But at the same time I find myself wanting to do things that Markdown can't so, so I may have to bite the bullet.

(If there's a Showdown Extra out there already, drop me a URL. It'd be most appreciated. But I couldn't find one.)

Review: Surely You're Joking, Mr. Feynman!

I'm probably the last person on earth to read "Surely You're Joking, Mr. Feynman!", a collection of stories and anecdotes from the life of Richard Feynman. But better late than never.

I'll keep this short. Feynman was the kind of nerd every nerd wishes he was, in one way or another. He was socially awkward. He was blunt and tactless. He felt out of place much of the time. And it was surprising to see how often Feynman expressed feelings of inadequacy. He wrote about being highly intimidated when talking in front of big names in physics, and jealous of the math abilities of some other people.

But none of that stopped him from having an exciting life. In fact he turned these traits to his advantage. He had romantic success, often via very highly unconventional means (e.g. walking up to girls and asking them for sex outright; they often said yes). His bluntness was seen as an admirable trait: where others might be intimidated by a famous physicist, Feynman would give his honest opinion, and that was often appreciated.

And Feynman went far outside his comfort zone. He did a stint in biology, even though he knew nothing of biology at the time. He went to Brazil and joined a samba band. He sold drawings and paintings for a while. He played drums for a ballet.

I picked up at least three lessons from this book.

1. Try new things, even if you suck at them. Life is boring if you stick to what you're good at.

2. Be intellectually honest. Brutally so. It's the only way to do good science, and arguably the only way to live a good life. I've always believed this, and Feynman hammers the point home well.

3. Even the best and brightest of us feel insecure at times. You shouldn't let it stop you.

On top of all of that, reading of Feynman's time at Los Alamos working on The Bomb was a fascinating piece of history. I highly recommend this book.

And watch as much of Feynman on Youtube as you can find. It never ceases to be fascinating.

Review: Logitech Performance MX

I have a long list of companies I won't buy from, due to horrible customer service experiences or shoddy merchandise. On the other hand, my "Must buy from this company" list is awfully short.

Logitech is one company I'm generally OK buying from. (For now...) I go through computer mouses¹ pretty fast, so I end up buying a new one every 4-5 years. Logitech hasn't failed me thus far.

In my opinion, the most important parts of your computer are the ones you interact with: Keyboard, mouse, monitor. I'd rather have a slow computer with a good mouse and keyboard than a fast computer with cheap peripherals. I already have a wonderful keyboard, and I like to have a nice mouse to match.

My latest mouse is the Logitech Performance MX.

How much can you really improve upon the concept of a mouse? It's a round thing you slide around and click. Well, if you believe the marketing on the box, it seems there are at least three areas for improvement:

1. Add more buttons.
2. Make it work on more surfaces.
3. Gimmicks.

None of the above features matter much to me. What I care about:

1. Is it comfortable to use all day?
2. Is it going to last me 4 or 5 years?

Let's hit each of these points.

More buttons

The Performance MX has a lot of buttons. If you believe xev, there are somewhere between 10 and 13 (counting the scroll wheel etc.).

I don't need all of these. I like to have a thumb button for middle-clicking, but this mouse has four of them. What am I going to use all of the extras for? Maybe I'll have one open Emacs.

The browser forward and back thumb buttons work out-of-the-box in Linux, which surprised me. I'm used to having to dork around with xmodmap or xbindkeys. Linux has come a long way.

Then there's a thumb button that's supposed to open Expose on OS X or your app-switcher of choice in your OS. It's in a place that's impossible to press consistently with your thumb, unless you're a contortionist. And it does nothing in Linux by default. Similarly there's a vanishingly small "zoom" button near your thumb. I can't even find this button without looking at the mouse, because it's too small.

There's also horizontal scroll, if you can manage to tilt the wheel to either side. My fingers lack the dexterity to do this easily, and the button is awfully stiff, so I'll never use this.

But hey, better too many buttons than too few.

Surfaces

The marketers wrote "This mouse works on glass!" all over the box, so this must be a selling point of the mouse. But my Logitech G500 also worked on glass, once I upgraded the firmware (via Logitech's own website), so I'm not sure why this feature is being pushed so hard.

Gimmicks

On the Performance MX, you can click this little switch and disengage part of the mechanism that makes the scroll wheel "click". This lets you spin the wheel hard and it'll spin freely forever until you stop it manually, or until its inertia runs out.

Do I really need, and I quote, hyper-fast scrolling? The scroll speed of my mouse wheel has never struck me as a productivity bottleneck. Now that I've played with it, sure, it's mildly interesting. If you scroll at just the right speed, you can go all the way from the top of a Reddit thread to the bottom, while still skimming the text. But I don't need this feature.

But the levels to which marketroids will stoop to hype up a product never ceases to amaze me. The name itself is ridiculous. Performance MX. Who comes up with this?

Comfort

My previous mouse was a G500, and it was really quite big. A bit too big. (And there were these removable weights you could use to adjust the weight of the mouse (the "gimmick" feature of that mouse), which were worthless.)

The MX is bigger, but it has more curves and that helps my hand sit on it better. There's a very large thumb rest, which I like. If you have small hands, you might have problems with this mouse. I like the feel so far.

Will it last?

This mouse feels very solid. It has a nice heft to it. It has metal bits (or sturdy metal-like plastic) in places other mouses have cheap plastic and rubber.

The wheel on my G500 wore down very fast. I was some kind of rubbery plastic, which became rounded off, nicked and worn-down a lot over the years. The wheel on the MX feels like some kind of metal, with nice ridges on the top to provide friction. I'm a bit concerned that the wheel disengagement switch might wear down over time though. The more moving parts, the more opportunity for something to break.

The pads on the bottom are huge: a good 1 inch x 1/8 inch. I love this. Using this on my Icemat mouse pad is very comfy. It slides effortlessly, but leaves me with plenty of control.

Battery

I normally prefer corded mouses. This one is rechargeable. Most rechargeable mouses I've used had some kind of stupid dock you had to jam the mouse into. Not only does it take up desk space, it also wears holes into your mouse over time from being inserted and removed from the dock. The battery connectors also wear down fast, and then it doesn't charge right unless you fiddle with it.

The MX can be charged while you use it, via a USB cable, which is a really good idea. It comes with a short cable, and a long extender cable if you need it. The cable looks like it has a non-standard connector though, which is a bad idea. Why not use mini-USB?

The charger cable is awfully heavy though. I wouldn't want to use this thing while it's plugged in for more than a short time.

I don't know what the battery life is like, because it hasn't run out yet, after a couple days. That's good enough for me.

Price

$120. That's a lot. But taken over 4-5 years, it's not that bad.

And the surgery I'd have to have done on my hands after crippling them via a cheap mouse over the next 40 years would be way more than $120.

Should you buy this?

Sure. I like this mouse so far. It works, and it feels like it'll last a while. Props to Logitech for making good products.

Paludis 0.50.1 Released

Paludis 0.50.1 has been released:

• ‘cave purge’ and ‘cave resolve’ will no longer either give misleading output or produce a horrible error when a package providing an old style virtual is marked for purging.
• ‘cave resolve’ will no longer give a horrible error when encountering certain convoluted circular dependencies.

Paludis 0.50.0 Released

Paludis 0.50.0 has been released:

• We now require a compiler supporting various C++0x features, such as GCC 4.4 or later.
• format=”exheres” and format=”ebuild” are now known as format=”e”. The old format names remain valid and are not yet deprecated.
• Arguments in the form -X0 are now parsed as -X 0 rather than -X -0.
• ‘cave execute-resolution’ now allows a single fetch job and a single execute job to be executed in parallel.
• ‘cave update-world’ now displays whether or not world is changed.
• ‘cave execute-resolution’ headings and summaries now include information on the versions being replaced, where appropriate
• ‘cave resolve’ will now select weakly masked packages rather than being unable to decide. Such packages must be manually unmasked before the resolution can proceed.

Unmerge Kde in gentoo

Update

emerge --ask -C `eix -C kde-base --only-names --installed`

nano /etc/make.conf

and delete kde from the USE flags, remove qt3support and qt4 also if you don’t need them anymore

emerge -uavtqND world"

Now you should have just a few kde packages in the list you got as an output of that command, it’s your choice to leave them or unmerge them manually, with unmerge -pv –depclean <atom> you can see what packages pulls in your atom.

WIPUP 25.07.10 beta released.

What began as a project motivated by the Open Collaboration Services API has really come a long way since it began as a concept submission to KDE’s openDesktop competition. This project was a unique concept for people to share and record what they were working on. Not about showcasing your latest creation – no, rather it is about showcasing the processes behind it: the different ideas, the development, and things that didn’t quite work out in the end. This project is for people who make stuff. People who constantly have ideas bouncing around, juggle their time between various projects and start more than they finish. This project is called WIPUP. WIPUP is a way to conveniently share, critique and track progress on your projects.

WIPUP attained an important milestone today – its beta release. It’s now available for the public to use. WIPUP is a "web 2.0" technology application, to use the cliche term. However more importantly it’s the infrastructure behind and towards a unique Social Desktop tool. For those unfamiliar with what the Social Desktop embodies, allow me to quote:

[The] core idea of the Social Desktop is to connect to your peers in the community, making sharing and exchanging knowledge easier to integrate into applications and the desktop itself. The concept behind the Social Desktop is to bring the power of online communities and group collaboration to desktop applications and the desktop shell itself.

WIPUP is (in terms of this final goal) still in its infancy – there is no desktop client (yet), my plans for KDE integration are still on the drawing board, and no currently existing API implementation. But more important is what does exist, which is the tool – the platform behind all of these future possible interfaces which provides added convenience and flexibility towards any workflow. As such, I’m immensely happy to share this beta with all of you and invite you all to check it out and start using it. WIPUP is also open source and free software – so any interested developers (or anybody wanting to contribute) are welcome to join as well!

Related posts:

1. WIPUP 21.02.10 released and out in the wild.
2. WIPUP 27.06.10a released!
3. WIPUP 19.03.10a released!

Linux Sea sources online, cvechecker still in development

First of all, I’ve put the sources for Linux Sea online at GitHub. Not only does that safeguard any latest changes from not hitting my backup in time before my laptop dies (it’s terminal, but I can’t let him go yet ;-) but it also allows people who want to help with it (or translate it) to pull in the sources.

Note that it is still not finished (no spelling and grammar check done yet, still need to add some exercises, etc); once it is, I will tag the sources appropriately.

On the cvechecker state, it is also still under development, but progress is going nicely. Most of the work now is in updating the versions.dat file with information on how to obtain the current version of a package/tool. It is an easy activity – most of the work is in finding out how CVE entries would label a tool (what vendor and product name would be chosen) and because I am too lazy, I am currently only adding those that already have CVE entries assigned to them (so I can just take a look at the correct values).

It is also my first attempt at using autotools. Quite some overkill for such a small project, but why not. At least it allows me to try to do some new things here ;-)

Sun/Oracle Ultra 27 Workstation Discontinued?

I just noticed that the Sun/Oracle Ultra 27 is no longer listed on the Desktops section of Oracles products page.  This is a shame because I’m quite pleased with mine.

This sends a couple of messages:

1. Oracle doesn’t think Solaris/OpenSolaris is viable on the workstation
2. Oracle can’t deliver low margin hardware (the prices on these boxes skyrocketed after the acquisition)

It could be a purge while they bump to a new model featuring 6-core Xeons.  Yet more than likely, another victim of the merger.

Related posts:

1. Sun Ultra 27 Review – The Ultimate Linux Workstation Sun Microsystems has a powerful and favorably priced entry in...
2. Biting the Hand That Feeds Granted, I’m not a Groklaw junkie. Lawsuits are the epitome...
3. Java: The Good Parts A while back, a book entitled JavaScript: The Good Parts...

Paludis 0.48.6 Released

Paludis 0.48.6 has been released:

• If the user explicitly specified an option for the special ‘test’ flag, this would override the build_options magic. This is now fixed.
• Certain pkg_ functions are no longer skipped for 0-based EAPIs, to work around badly behaving Gentoo ebuilds.
• If ‘cave show’ displays a masked package, it will now pick a version that is easy to unmask over a higher version that cannot be unmasked.
• New ‘cave verify’ subcommand for checking whether installed packages have been modified.

qemu-user: Turning your dual-core 2.6GHz processor into a dual-core 500MHz processor

I just discovered qemu-user, thanks to lu_zero on #gentoo-embedded. It’s brilliant. They took QEMU’s ability to simulate an entire processor, tossed out the other hardware emulation, and packaged it up. qemu-user’s primary use is for running foreign binaries.

So far, I’ve been running all my stage generation for Neuvoo on the BeagleBoard, which has a 500MHz armv7a processor. Everything compiles very slowly, but at least it’s native and stable.

There’s a couple problems with that setup. First, everything is running off an SDHC card. We’re talking slow. Second, the beagle has 128M of RAM, and after that it’s using the swapfile. Which is on the SDHC card. Now we’re really talking slow.

qemu-user deftly solves these problems. Of course, running stage generation on my hefty 2.6GHz Core2 Duo processor is going to slightly speed up compiling, just because of the dual cores. But not only that: now I have a huge, fast 7200rpm hard-drive to run everything off of, and 4G of RAM (2 of which is almost always cache) to run it all within.

Think of it like this: qemu-user enables you to run a chroot (and possibly other things) for almost any processor on a system of your choice, as though it were running natively.

Setting up qemu-user is a piece of cake, so I won’t go into details here. Just follow these instructions. One thing I didn’t get at first was why they use “USE=static”. The reason is this: if you’re going to be running an armv7a chroot, you need something inside the chroot to be translating (qemu-user). The problem is, that something can’t link dynamically against any libraries, because they’ll all be armv7a libraries. Static linking means the binary is self-contained and portable.

Let me know if there are other cool uses for qemu-user. I’m all ears.

3rd and 4th meeting of FSFE Fellowship group Slovenia

The 3^rd meeting our Fellowship group was on the 4^th of March and was mainly about organizing the DFD. You can read the full minutes (in Slovenian) on the wiki.

The next — 4^th — meeting of FSFE Fellowship group Slovenia took place on the 6^th of July and although there was only five of us present, it was pretty important.

1. Money Refund — we divided the money we got refunded for the DFD from the FSFE.
2. Structure of the FSFE & Fellowship — I explained what I learnt about the structure of the Fellowship and the FSFE and how they relate to each other to others. Since only those who donate to the FSFE are formally Fellows, strictly speaking most people on our mailing list and participating in our meetings aren't Fellows. But since our Fellowship mailing list, meetings and actions are open to anyone, that doesn't bother anyone really. The main thing is that stuff gets done.
3. Plans for the Near Future — The general vibe is that we would need to be more vocal about emerging privacy and IPR problems and for that that we need more effective communication channels with the outside world. There was a debate whether and how much we should concentrate on Windows/Apple tax and/or si2010.
4. Regular Meetings — We plan to have regular (probably monthly) meetings on a fixed date in the future. We will discuss the exact date after the summer vacations.
5. Censured SourceForge — Rok Papež explained that sf.net follows the US embargo and in general disables downloading of free software in certain countries. This of course goes against the basic ideas of free software. Afterwards a short debate arose on the mailing list as well [start of thread]
6. Digital Agenda, Internet Censorship in the EU — After that I explained a bit about what's happening in the EU concerning censorship (e.g. access to all internet search terms) and the Digital Agenda.
7. ACTA — A short introduction and promise to post short and informative links to the mailing list on what problem we face with ACTA.
8. Better Communication — We all felt that to achieve anything we need better means of communication with the outside world. One of the problems is that for (mainstream) media a wiki page and planet of blogs is not good enough. Apart from the guerilla approach — blog, microblog, mailing lists, social networks etc., a solution would be to make a website with its own domain name where we could post our press releases. We are also planning to cooperate even better with other similar-minded groups on activities that are of interest to both.

   There was also a debate whether local portals where citizens can submit suggestions to the government and to the EU could be of use. Milan Lazarevič commented that in theory the idea of participation via e-government is good, but from his experience in practice it's not worth the time. We'll still keep an eye on it though.

9. Misc. — general chitchat while sipping coffee and juice.

As always the full minutes (in Slovenian) are available on our Fellowship group's wiki page.

Side note: for the past few months the number of subscribers to our mailing list has pretty much stabilised itself to a little over 60.

hook out >> eating chocolate pudding and going to bed...
<!--break-->

Clojure syntax highlighting via SyntaxHighlighter

How do you syntax-highlight Clojure code for display on a website? The best way I can find is SyntaxHighlighter.

Daniel Gómez wrote a brush to give SyntaxHighlighter Clojure support. I tweaked it a bit myself and integrated it into cow-blog. I also converted my favorite color scheme to a SyntaxHighlighter theme. So when I write this code:

(defn- ip
  "Given a request, return the IP.  Looks for an x-forwarded-for
  header, falls back to :remote-addr on the request."
  [request]
  (or (get-in request [:headers "x-forwarded-for"])
      (request :remote-addr)))

You should see something like this:

...unless you're reading this via RSS, or in a browser without Javascript enabled, in which case you'll see plain, depressing black and white. But that's one nice thing about SyntaxHighlighter. It degrades nicely.

One bad thing about SyntaxHighlighter is that it doesn't play nicely with Markdown. Or rather, Markdown isn't powerful enough to let you specify the class of any markdown-generated HTML tags. If you want the <pre class="brush: clojure"> that SyntaxHighlighter requires, you have to write out the HTML by hand. But I hacked Showdown a bit to let me specify classes more easily, so I can avoid having to do that.

The code for all of this is on github with the rest of my blog.

cygwin essentials

This isn’t really appropriate for a blog entry, because it’s bound to be updated over and over, but I need a place to keep these notes.

Essential packages (not including pre-selected):

• xinit. Effectively what is called Cygwin/X. (Creates a new shortcut in the start menu called XWin Server that you probably should stick in your startup list.) With this you can run gvim, xterm etc.
• file
• git, gitk
• openssh
• ping
• python
• rsync
• vim, gvim
• wget
• zip
• make/patch

Decent terminals:

• mintty
• puttycyg (ie. putty modded to use locally) You have to get this one separately, but it has a nicer feel to it imo.

Paludis 0.48.5 Released

Paludis 0.48.5 has been released:

• xattr support was previously looking for attr/xattr.h rather than sys/xattr.h, and so was not being detected on glibc systems without attr installed. This is now corrected.
• On some systems, the Python bindings were giving dlopen related warnings due to the linker trying to be too clever. This is now worked around.
• New cave subcommands for scripting: print-id-actions, print-id-masks, print-repository-metadata, print-set.

enabling VT no longer chrases X on my hp elitebook 8530w

however it was always able to use the xorg driver called ‘nv’ to use the system. only the proprietary nvidia module did not work as expected.

here is a list of driver versions i’ve experimented with (which did NOT work):

• x11-drivers/nvidia-drivers-180.27
• x11-drivers/nvidia-drivers-180.29
• x11-drivers/nvidia-drivers-180.44
• x11-drivers/nvidia-drivers-180.51
• x11-drivers/nvidia-drivers-180.60
• x11-drivers/nvidia-drivers-185.18.36
• x11-drivers/nvidia-drivers-185.18.36-r1
• x11-drivers/nvidia-drivers-190.42-r3
• x11-drivers/nvidia-drivers-190.53
• x11-drivers/nvidia-drivers-190.53-r1
• x11-drivers/nvidia-drivers-195.36.24

i hope this driver is somehow stable. currently it’s hardmasked in gentoo.

update: fr 23 jul

using x11-drivers/nvidia-drivers-256.35 did break suspend’s resume with several crashes. i’ve disabled VT in the bios and now i’m using the latest stable release.

Paludis 0.48.4 Released

Paludis 0.48.4 has been released:

• ‘cave uninstall’ now accepts wildcards.
• ‘cave purge’ and ‘cave resolve’ will no longer attempt to purge things that cannot be uninstalled.
• ‘cave show -t’ now has short options for values.
• We now tolerate ebuilds that try to output things or die in global scope.

When True Is Not True Anymore

We all know that accessing uninitialized variables in C and C++ usually leads to some kind of undefined behavior one usually wants to avoid. What I didn’t know until recently is that uninitialized bool values might be especially malicious beasts. To see what they can do to you, take a look at the following program, and try to predict its output:

#include <string>
#include <iostream>

using namespace std;

namespace {

    inline string stringify(const bool value)
    {
        return (value ? "true" : "false");
    }

    struct Struct
    {
        long l;
        bool u;
    };
}

int main()
{
    Struct s;

    if(true != s.u)
        cout << stringify(true) << " != " << stringify(s.u) << endl;
}

Now type g++ stringify.cc -o stringify and run the generated executable. Here is what you might see on some platforms:

$ ./stringify
true != true

Yes, you got that right true != true! I get this behaviour with g++-4.3 and g++-4.4 on Gentoo (x86 and x86_64) as well as with g++-4.1 and g++-4.4 on Ubuntu 9.10 (x86_64). Before attempting to explain what happened here, I want to summarize a few additional facts:

• Several attempts to make this program shorter without ending up with something boring failed.
• Turning on optimization causes g++ optimize all if statements away (especially the implicit one in stringify) under the assumption that s.u is false, which again leads to a much more sane output.
• I could not reproduce this with icc-11.1.

So, what happened? Is g++ broken? Actually the answer is no. Accessing uninitialized memory leads to undefined behavior, and undefined means undefined. In fact the C++0x Final Committee Draft contains a footnote that explicitly mentions the oddity we have just seen:

47) Using a bool value in ways described by this International Standard as “undefined,” such as by examining the value of an
uninitialized automatic object, might cause it to behave as if it is neither true nor false.

This is not that surprising if one considers that at assembler level, a bool is not represented by a single bit, but at least by a byte. An uninitialized byte might have 256 different values, and not just two. One could of course consistently map 0 to false and everything else to true, but this is not what g++ does. To see what I mean, take a look at the following assembler snippet, that g++ generated for the if statement in line 24:

movzbl  -40(%rbp), %eax  # move s.u to eax.
xorl    $1, %eax         # xor eax with 1.
testb	%al, %al         # check if the low byte of eax is 0.
je      .L8              # jump to .L8 if so.

If the jump is taken, the body of the if statement in line 24 is skipped, otherwise it is executed. Now the xorl in line 2 switches the lowest bit in eax, leaving all other bits unchanged. Therefore s.u is considered to be equal to true if and only if it has the byte value 0×01.

Now lets take a look at the assembler that represents the ternary operator in stringify:

cmpb $0, -36(%rbp)    # compare the argument with 0.
je   .L2              # jump to .L2 if the argument is 0.
movl $.LC0, %eax      # store "true" in eax.
jmp  .L3              # jump out.
.L2:
     movl $.LC1, %eax # store "false" in eax.
.L3:

Here g++ maps 0 to false and every other value to true. This means that if the actual byte value of s.u is for example 0xFF (which for some reason is what cgdb keeps telling me locally), the if in line 24 will be taken as if s.u was false, but stringify will behave as if s.u was true.