Planet Larry

New phone

Since my old phone was sometimes shutting down without me telling it to shutdown or an empty battery forcing it to shutdown, I decided to get myself a new phone: the HTC Tattoo.

One of the things I missed on my Nokia N73 was the ability to sync pproperly with my linux enviroment, the tattoo runs android and syncs perfectly with google, wich in turn syncs nicely with other things. Of course the downside is that it syncs with google, but for now that is necessary evil.

So far I am pretty impressed, mobile e-mail, Facebook, flogging etc. All work like a charm. Even Eduroam, the WiFi used at the university works out of the box! That is not even the case on my laptop!

This message was of course written on my tattoo.

Lucky Day...

So...  This week has been just one blessing after the other.  I mean, seriously, it's been an amazing week!  I've been recording this great band in my studio, I've been rockin' the code at my day-job, and things are just great.

So, to celebrate my happiness, and general good mood, I decided to take myself out to lunch.  I went to Del Taco and got 10 49-cent hard-shell tacos.  Oh yeah... I'm living life in the fast lane, buddy...

Well...  On my way to Del Taco, I happen to notice a certain type of car, against which I've come to hold a grudge....  Okay, okay... Not just a grudge.  I flat-out want to massacre this particular type of car, no matter who's driving it.  Yes...  You guessed it, it's a Neon SRT-4.  Don't ask why...  It's too painful a story.  Well, okay... Here's the skinny of the history.

When I had first purchased my 2007 Mustang GT, I was putting 85 octane gas in it, uknowingly crippling it's potential for power.  In this state, I was on I-80, when an orange Neon SRT-4 pulled up and wanted to race.  I was positive I was gonna blow his doors off.  heh... yeah...  He beat me 2 out of 3 times, and I was left dumbfounded.  So now that I'm wiser, and have my mustang properly tuned, modified, and raging like a racehorse, I never let an SRT-4 go untouched, nor unhumiliated.

So, anyway...  Earlier today, I'm on my way to Del Taco on the freeway when, I notice this Neon driving behind me, and come to find out it's a 20's-ish-looking girl driving who looks like she's ready to take on the world - with guns-a-blazin'!

So, we play cat-and-mouse a bit on the freeway (keeping the speeds reasonable, because freeway racing is just stupidly dangerous), and turns out, we both get off the same exit....  and also turns out that we get stopped at the same red stoplight, first in line.

So, with engines roaring, as soon as the green hits, we take off like bats out of Hades, and within seconds, I'm at least 2 car lengths ahead of her, as well as about 50 MPH over the 45MPH limit...  So, I slow down, and we give each other a "thumb's up", and then, as we're casually passing over a little overpass, she speeds up slightly to get ahead of me, and since the race is done, I see no problem, so I gracefully slow down and let her pass by.

It's about this time, I notice the cop sitting in the drive-way of a residence right off the overpass...  Ouch...

I look at my speedometer, and I'm doing about 10 over.  She must have been doing 20.  We both pass the police officer, and after I pass him, he immediately turns on his lights, and exits the driveway.

I, of course, immediately pull over...

The cop then passes me, and about this time, I just can't believe my luck.  As I turn into the parking lot of a Walgreens, I happen to catch the glare of my new found friend in her nice shiny red Neon SRT-4, and I can't help but chuckle as her anger must have been boiling over.  Rightly, so!  I mean, she was being pulled over after having been totally speed-beaten by the guy who is getting away scott free.

I hope she didn't see me chuckle.  That would have been just rude.

ogre 3d

i’ve been using ogre 3d lately and here are some issues i had:

• in gentoo there is no way to install ogre WITH the samples in one go, if one wants the samples as well one would have to install the library based from the source (bypassing the package manager) or hack the ebuild
• to update ogre i had to uninstall ‘ogre’ with emerge -C ogre first and then install the new version with ‘emerge ogre‘ in a second go. if not done so ogre would screw up the build for some unknown reason?! if i recall correctly that was a linker issue
• autotools is so ugly, i don’t see any way to compile the samples when not using ./configure from the base library directory which means also compiling all the library as well…
• i think that writing all the ogre documentation must have taken a lot of time – and i honor that – but i prefer how the trolltech guys do  it. the trolls use a ‘incode documetation’ syntax (probably doxygen with some markup) and no external documentation. in contrast the ogre developers use a mixture of  mediawiki/html documetation/library doxygen/internal samples and external samples. if they would for instance only use templates in the wiki. currently not doing so makes it very confusing finding related things.
• most of the ogre examples don’t include any screenshot of what is actually done, this makes searching much more ‘fun’…
• they use autotools for the library and they use autotools for the samples. i used cmake for my project instead. since i don’t know much about autotools i had problems finding out what linker and compiler switches i needed and since my package manager removed all Makefiles after installation of the samples (or probably never build them at all) i had to do ugly things to find out how things work.
  FIX: so if you want to find that out i urge you to download the ogre release by hand (bypassing the package manager) and use ./configure; make, then have a look at the samples directory
• the ‘package manager’ of gentoo (portage) has the latest ogre included but kubuntu didn’t, so we had to use the custom build script there by hand…
• using the package manager of gentoo i set the useflag for double-precision which resulted in linker errors and also ‘our’ codebase which worked on a different machine using the custom build of ogre probably not using ‘double-precision’ at all using mesa for 3d rendering. but it did not work on my laptop after i removed the linker error. it just showed a black screen. took me hours to find out with lots of library recompiles…
• the kubuntu defaults for the ogre library are acceptable but they had only a very old version in contrast gentoo didn’t provide good defaults since cg and devil was disabled but had a very recent version of ogre. funny, isn’t  it?
  this is how i have it working now:
  % equery u ogre
  [ Searching for packages matching ogre... ]
  [ Colour Code : set unset ]
  [ Legend : Left column  (U) - USE flags from make.conf              ]
  [        : Right column (I) - USE flags packages was installed with ]
  [ Found these USE variables for dev-games/ogre-1.6.5 ]
  U I
  + + cg               : NVIDIA toolkit plugin
  + + devil            : image loading support with DevIL
  + + doc              : Adds extra documentation (API, Javadoc, etc)
  - – double-precision : more precise calculations at the expense of speed
  + + examples         : Install examples, usually source code
  + + gtk              : Adds support for x11-libs/gtk+ (The GIMP Toolkit)
  + + threads          : Adds threads support for various packages. Usually pthreads
  you might wonder what that there is a ‘examples‘ use flag. but all it does it to install the example source but not the compiled examples NOR any Makefile, so …. again this autotools issue i don’t know how to compile it then… not in any documentation i could find either.
• documentation how to use custom shaders is really missing in ogre, i managed to compile my own shader (cg file) with cgc (that is the nvidia shader compiler) but the library wasn’t able to use it no matter what i tried…
  it seems that most developers use windows and directX anyway which makes the situation on linux even worse.
• in ogre one has several cfg files which are essential to run a sample application. but one has to create these files individually for every sample. so mixing a ‘package manager ogre library install’ with a ‘bypassing source ogre library build’ makes the situation even worse. the files are:
  • ogre.cfg (can be deleted, since it can be generated at program start with a gui)
  • plugins.cfg (i hate this file since it is required but no sample includes it after build), basically this file contains paths to shared objects .so files which are used by the ogre core backend
  • resources.cfg (this file contains a list of used textures, shaders and other graphics related stuff), this needs to be done per application. but there is a collection of Media files for the samples but the copyright is somehow strange since parts of it may not be redistributed…. so why do they included it at all?

• ogre contains OIS for input handling but i couldn’t figure out how to get joystick support working. this probably might be broken completely. so instead of using OIS for joystick handling i had to include libSDL for that. i wrote a libSDL joystick example some time ago, can be found [1] on my wiki. i wonder what that joystick-support in OIS is all about…?
• in general there are tutorials, about how to use ogre from an ide, in the wiki. there is also tutorials how to use ogre and how to import objects from blender and stuff. finding these resources is very time consuming. they have the tendency to be for ‘pro uses’ only and tend to be incomplete as well.
• there is a ogre documentation which covers the basic concepts. i’ve been reading some stuff and it seems to be very good. however i can’t tell if it’s complete as my current use case is quite limited.

my project

you can find the code at [2]. but i’d like to warn you since:

• we didn’t have much time so guess how the code looks
• has no documentation
• might not compile
• voids many coding standards (especially c++ class/file naming schemes)

but still it might still be useful for some coders to look at, for instance the joystick integration or how i did use cmake with ogre…

so why do i write this post at all?

• i hate the fact that there are multiple distributions – all factoring the same package of ogre – one more incomplete than the other….
  
• the samples are not pre-built – if included at all
  i found a forum thread where developers did not see the samples as part of the ogre core distribution at all – how backward is that? examples and documentation is basically everything if one distributes a ‘library’!
• the buildsystem of ogre and the samples is very confusing and badly documented
• there is no qtdemo like program for ogre included, although there was a summer of code project assigned and completed recently, it’s refered as ’sample interface’ and will be included in ogre 1.7 – i love that!
• despite the fact that there is no ’sample interface’ the samples are hard to build, no documentation about ‘how they can be built’ is included in the release

summary: i don’t like the way the documentation is handled in the ogre project and i don’t like the build system as well. my main criticism however is that the distributions do a very bad job at including the library (with all the samples missing & misc quirks).

possible fix: take a look at how trolltech did it with the qt release. they have assistant for the documentation (no need to open a webbrowser with a distribution specific installation of the doxygen and html documents). they have qtdemo and they build all the examples while also having the source around. they don’t have any external documentation as in a wiki for instance.

links

[1] http://lastlog.de/wiki/index.php/SDL-joystick

[2] http://github.com/qknight/space-game

[3] http://www.ogre3d.org/2009/08/27/google-summer-of-code-2009-projects-coding-time-is-up

KDE.org relaunch with a brand new design!

I think I can safely assume that although there were signs from the latest mockup that suggested the design that was released today nobody really expected what came out to come out. Well, the final layout is out and recorded as per protocol in the WIPUP project. It can be seen in detail here. As usual the full project timeline can be seen in my WIPUP profile page.

Well, go check out the KDE.org website to see the real deal. For those interested in more details they can read the KDE Dot article about the relaunch. Pretty awesome, except that I was originally credited as "Doin Moult" (now fixed). Hopefully I should be poking my nose into more KDE www projects in the future.

Also happy to see a spike up to almost 1000 views in the past week of WIPUP updates. I know it’s unfinished and all, but I must say I quite like using the system. Perhaps in the future I should try out some other media types in my updates to see how well they fare.

Related posts:

1. Countdown to KDE 4.4 and the new KDE website: 4 days left
2. Countdown to KDE 4.4 and the new KDE website: 2 days left
3. Countdown to KDE 4.4 and the new KDE website: 1 day left

KDE SC 4.4 – Steady, Incremental Improvements

I haven’t noticed any killer features in KDE SC 4.4 and I’ve been running it since Beta 1. I’ve noticed a lot of subtle improvements.  Things like app stacking and selection in the task bar seem much more responsive.  All around, plasma looks subtly better and my favorite KDE apps seem to just keep getting better.

KSysGuard is really impressive and now has the ability to connect to remote hosts for monitoring.  However, the biggest change is in the greater ecosystem.  It seems all the external apps like Amarok, K3b, and digiKam are coming along to fruition.

Other than that, this is a smooth release and shows that the platform is starting to mature.  I think the Summer release distros will be able to do a good job delivering a nice desktop experience based on KDE 4.4.  I’ll end with my obligatory “try KDE 4.4 if you had previous bad KDE4 experiences”.

Share and Enjoy:

Related posts:

1. KDE 4.2 beta 1 on Gentoo KDE 4.2 is set for release on January 27th.  Eager...
2. KDE4 on Gentoo So I bit the bullet and installed KDE 4.0 on...
3. One Small Step for QT, One Giant Leap for Free Software QT Software, under the graces of Nokia, has released the...

Countdown to KDE 4.4 and the new KDE website: 1 day left

The new KDE website redesign is due any day now (with the release of KDE SC 4.4) and when it’s released you will be able to see how ideas were amalgamated from many different mockups and some which I’ve not had the records to post. The final design is different, much more aligned with the KDE "Air" branding, and most importantly a shared effort, like what open-source is meant to be. So don’t be too shocked if what is released is completely different.

Check out the latest mockup update here.

Past mockups viewable in full on my WIPUP profile.

Related posts:

1. Countdown to KDE 4.4 and the new KDE website: 2 days left
2. Countdown to KDE 4.4 and the new KDE website: 4 days left
3. Countdown to KDE 4.4 and the new KDE website

What does all that crap actually mean?

I run open source software. A lot of it, I guess it comes close to 95% of my daily software usage. I run Firefox, Linux and a bunch of other free software things. I also support Creative Commons by making all my stuff licensed under free and simple licenses. But I am somewhat of a techy which admittedly most people ain't.

For most people the whole discussion about free software and open source and open knowledge and participatory culture is just hogwash: Why would they care about whether their software comes from some company or some guy in his/her basement? It's not like commercial software costs money (it doesn't, you just download it). What people care about is that the tools work.

This often leads to discussions about "freedom" and other fluffy, abstract words that lead absolutely nowhere due to lack of understanding, different definitions of words or general not-giving-a-shit-iness. Why is it so hard to explain the situation for the free software people and why is it so hard to understand as the average guy?

The problem is actually quite simple: For the tech person that says "but you can edit the source code!" this doesn't just mean that you can edit the source code, it means that you have regained access to the important means of production. In a world where software rules (like the virtual/online space) software is the same as a big ass factory is in the real world.

For the non-programmer, non-techy person that is sometimes hard to understand: What is the use of having source code if you cannot program anyways? That doesn't help, does it?

In fact it does. Let's try to milk this a little more till we get something clearer (and yes, I did just intentionally kill that metaphor ).

Using free software is like getting back to a somewhat pre-industrialized world. No longer do you have to buy things at a big ass store, you can make things yourself. Imaging that when you need a certain tool, you can just build it yourself.

A reply could be: "But I don't want to have to make all my tools by myself!". Another one "But I don't have the skills!". And both points of view are absolutely valid, in fact, I agree with both of them. I don't have the skills to build all I need and I don't want to have to. Industrialized production has its merits! On the other hand, that is a somewhat wrong conclusion.

Having access to the source code does not mean that you have to do everything yourself. Let's try to bring the example to the real world.

Imagine a workshop. Not just one like the one you might have at home in your basement with a few basic tools to fix your bike. A bigger room with "real" machines, machines like say laser cutters and stuff like that. Machines experts use in their workplace. Of course you do not have the skills to use those machines. Maybe some but probably not all of them. But on one wall of the room is a big shelf, a library of "recipes" that allow you to build stuff that other people (that did in fact know how to deal with the machines) designed: You need a special screw so you go to the library, take out the construction manual and just walk through it. You take a piece of metal, you put it into a lathe and program it like the recipe says, a few minutes later you have your screw.

"But", I hear some people say (this is in fact just a figure of speech, I am not hearing voices ), "if the screw I need isn't there, I'm [pun alert] I am still screwed!". Not at all my friend. You take the recipe of something similar, look who wrote it, go to that person and ask him/her: "Hello, you designed this thing which is kinda like the thing I need, could you maybe design something similar to it with the following properties?". And in order to show the other person that you respect their time, you can also add "I'd pay for your time.".

That is open source. It does not mean that you have to do everything yourself. It does also not mean that you cannot just build stuff and sell it to people: Building a bicycle is a pain in the ass and if you can do it well, you can sell those products to people that just don't want to do it themselves. The point is that people can modify it, change things, build on top of the knowledge of others, there always is money in betting an people being lazy or short of time .

So don't focus on open source software being about some kind of "freedom", nobody cares about freedom (look at how many devices Apple sells!). Show them that open source is basically just the old tradition of science and engineering applied to real life (well in the case of software the "virtual life" obviously). It's basically just what you do with your neighbors: Each has something to offer, you throw all different abilities into a pot and see what kind of soup comes out.

Creating multi-page PDF files with GIMP and `convert`

Occasionally I have to sign some document (old style, with a pen) and send it electronically. Sometimes those are multi-page documents. Since it is uncommon to send it back as multiple image files after scanning, and multi-page image formats are uncommon as well, I’d like to send them as PDF file. Before I discovered this method, I used to insert the scanned images into OpenOffice Writer, and then create the PDF with it. This works, but it is a bit cumbersome to tell OpenOffice Writer to maximise the images (eliminating page borders, etc.), especially when there are a lot of pages. It just doesn’t feel like a real solution.

So, here we go:

Prerequisites:

• GIMP (I’m currently at version 2.6.8, but this will probably work with older versions as well)
• GraphicsMagick (tested with 1.3.8) or ImageMagick (tested with 6.5.8.8)

Procedure:

1. Get the scanned pages opened as layers of one image in GIMP. If they are available as files already, you can use File / Open as Layers….
2. Make sure that the layers are ordered in the following way: Page 1 must be the bottom layer, the last page must be the top layer. You can reorder them via the “Layers” dialogue (activate it via the Windows / Dockable Dialogues menu if you don’t see it)
3. Save As… and choose “MNG animation” or just add “.mng” to the filename. (In case you are wondering, MNG is the animated counterpart to PNG).
   A dialogue window saying “MNG plug-in can only handle layers as animation frames” will come up – choose “Save as Animation” here and press the Export button. In the next dialogue you don’t need to make any changes to the defaults, just press the Save button.
4. Now, open a console window and simply enter
   convert document.mng document.pdf

That’s it – you now have your PDF file ready for sending!

Update (2010-02-08):
As chithanh pointed out in comment 1, there is another convenient way to accomplish the same. It does not involve GIMP, but instead requires pdftk to concatenate PDF files. Please see comment 2 for details.

Countdown to KDE 4.4 and the new KDE website: 2 days left

Only 2 days left until the KDE SC 4.4 is released, but apparently the website design is due out on the 8th! Yes, that’s tomorrow. Today’s update shows a stage in the mockup which is natural to designers – the rejection stage. A new idea (in this case, minimalism) is chosen and we try out something new to see if we like it.

View the full update here. Full progress can be seen on my WIPUP profile.

Related posts:

1. Countdown to KDE 4.4 and the new KDE website: 4 days left
2. Countdown to KDE 4.4 and the new KDE website: 3 days left
3. Countdown to KDE 4.4 and the new KDE website: 5 days left

Countdown to KDE 4.4 and the new KDE website: 3 days left

Yep, it’s just 3 days left until KDE SC 4.4 is released and we see even more polish on yesterday’s design for the KDE website. We’ve now shaped it into a full design and we’re debating which ideas we like from this and which should be thrown away.

Click here to check it out. As usual the full progress can be seen on the WIPUP profile.

Related posts:

1. Countdown to KDE 4.4 and the new KDE website: 2 days left
2. Countdown to KDE 4.4 and the new KDE website: 4 days left
3. Countdown to KDE 4.4 and the new KDE website: 1 day left

I missed this perfectly healthy rotating kitchen?

<object height="360" width="480"><param name="allowfullscreen" value="true"><param name="allowscriptaccess" value="always"><param name="movie" value="http://vimeo.com/moogaloop.swf?clip_id=7887463&amp;server=vimeo.com&amp;show_title=1&amp;show_byline=1&amp;show_portrait=1&amp;color=00ADEF&amp;fullscreen=1"><embed allowfullscreen="true" allowscriptaccess="always" height="360" src="http://vimeo.com/moogaloop.swf?clip_id=7887463&amp;server=vimeo.com&amp;show_title=1&amp;show_byline=1&amp;show_portrait=1&amp;color=00ADEF&amp;fullscreen=1" type="application/x-shockwave-flash" width="480"></embed></object>

Related posts:

1. TEDIndia: The thrilling potential of SixthSense technology by Pranav Mistry – how could I have missed this?

Countdown to KDE 4.4 and the new KDE website: 4 days left

Another day and we continue to see development on the KDE website redesign. We’re fleshing out the KDE webdesign mockup seen yesterday into a full page and it’s taking shape slowly but surely.

Check it out here.

As usual you can see the full series (3 in total now) on my WIPUP profile.

Related posts:

1. Countdown to KDE 4.4 and the new KDE website: 2 days left
2. Countdown to KDE 4.4 and the new KDE website
3. Countdown to KDE 4.4 and the new KDE website: 3 days left

Syslinux from Linux!

This post tells you how to launch syslinux from a Master Boot Record (MBR).

Recently I was locked out of a customer-provided laptop with their development environment, and access to their source code repository via vpn.  I suspect their domain controller propagated an update last time I was on the vpn which has locked me out.

They're overseas and about 12 hours flight time away, so with their permission I used ntpasswd to reset the Administrator password.  The boot CD (downloadable as an iso) uses syslinux, which is fine, except that instead of wasting CD-Rs I like to use USB keys.

I copied the contents to a blank FAT32-formatted usb key, but it has no boot sector yet.  I installed grub and tried to make a grub menu file from the syslinux.cfg with these tips for converting a syslinux .cfg file to a grub .conf file.  I failed because the syslinux.cfg has the line:
 append rw vga=1 initrd=initrd.cgz,scsi.cgz

And I don't know how to append the two cgz's into one grub initrd line.  Normally grub uses an initrd like this:
 initrd /initrd.cgz


So I decided to install syslinux from linux.  The man page makes it look easy:
 syslinux [-sfr] [-d directory] [-o offset] device
When I ran "syslinux /dev/sdd1" and booted the laptop with this usb key, it just gave me a blank cursor blink.  This is because the laptop is looking in the MBR of the usb key and finding nothing.  The syslinux man page shows some hints:

Booting from a FAT partition on a hard disk
SYSLINUX  can  boot  from  a  FAT  filesystem  partition on a hard disk
(including FAT32). The installation procedure is identical to the  pro-
cedure  for installing it on a floppy, and should work under either DOS
or Linux. To boot from a partition, SYSLINUX needs to be launched  from
a  Master  Boot  Record  or  another  boot loader, just like DOS itself
would. A sample master boot sector (mbr.bin) is included with SYSLINUX.

Well, that's nice to know, but how do I put that on my usb key?  Follow these steps:

1. Start with a FAT32 formatted usb key (it can have other data on it) and some syslinux-based boot image.  I'm using the latest ntpasswd iso cd080802.  Unpack the contents to the root of the usb key.

2. Copy a boot sector to the code image of the MBR of your to-be-booted usb key:
sudo dd if=/usr/share/syslinux/mbr.bin of=/dev/sdd bs=440 count=1

• /dev/sdd is my usb key
• Look at Wikipedia for an explanation of the MBR layout
• your mbr.bin might be in a different location.  It should come installed with syslinux

3. Run syslinux to make the partition bootable:
 sudo syslinux /dev/sdd1

4. Mark the partition as bootable (may not be necessary)
 sudo fdisk /dev/sdd
Select a, 1, w to make the first partition bootable.  CHECK THESE OPTIONS FIRST!

5. Insert USB key to your PC / laptop and boot (so long as your BIOS is setup and capable!)

Countdown to KDE 4.4 and the new KDE website: 5 days left

Right, it’s a day later and it’s time to see where we’ve gotten with the redesign of the KDE website.

As most of you noticed yesterday, the main gripes were with the header of the design. Today’s update is a small but necessary one – one that shows the start of a new design idea. Very often the start of a design determines its success at the end, and people may or may not take an instant like/dislike to it.

I’d like to stress to those that perhaps didn’t quite get it that this work has already been done, I’m simply posting it out of good humour and I thought people would be interested.

Well, here it is.

Previous entries can be viewed in the WIPUP profile page.

Related posts:

1. Countdown to KDE 4.4 and the new KDE website: 4 days left
2. Countdown to KDE 4.4 and the new KDE website: 3 days left
3. Countdown to KDE 4.4 and the new KDE website: 2 days left

How to Restrict Access to Terminal Servers

After finally completing my Group Policy re-write for Windows 7 this week I have gone back to working on the plans for our migration to Exchange 2010. Currently we do use an Exchange 2003 server but only a few users are on it and it is only there to provide compatibility for a couple of specialised programs that are on our Terminal Servers. With the move to Exchange for all users possibly the biggest change will be that now all users have a Windows user account potentially allowing them access to the Terminal Servers when they shouldn’t have any.

In order to do this you could make use of the builtin group called ‘Remote Desktop Users’ which aslong as your using Windows 2003 R2 should have been setup when you installed the Terminal Servers role and by default has permission to connect remotely to any Terminal Server.

It is also possible to customise which users and groups can connect remotely to a Terminal Server so you make your life easier and reuse existing groups to control access, or setup multiple groups if you wanted to limit certain users from connecting to particular Terminal Servers. To do this you can either edit the Local Security Policy on each Terminal Server or apply the changes via Group Policy, the option you are looking for to set this via Group Policy can be seen below (the Local Policy method is also very similar to this and should be easy enough to find):

Inside this you can add all the users and groups who should have remote access.

While this may seem like all that is needed and while all the users and groups specified can now logon to the Terminal Servers you apply this to you will likely also find that infact *any* user can still login to the Terminal Servers. To correct this we need to make one final change as by default anyone in the Users group can access the server due to the ‘Allow log on locally option’.

While you might be concerned about the warnings given in the ‘Explain this’ tab advising you to not remove users, if you read the relevant section on the link provided it explains that it is safe to do this aslong as you dont remove important users from the list and aslong as users who should have access are granted permission to do so elsewhere.

Hopefully if this has all worked you now have a Terminal Services environment where only those users explicitly allowed can gain access.

libQtGdata

I was trying to sync some google stuff (some contacts and calendars) with korganizer and kaddressbook there are nice plugins for libgcal to get an akonadi google resource. Unfortunately I was unable to fully sync both the calendars and the contacts. This are known issues but there has been no activity in the git repository for quite some time.

When taking a look at the gdata API the API seems OK and best of all well documented. So I started yet another project: libQtGdata. The aim of the project is to provide a base class to login to google and have some modular system that allows for extension to each of the google API’s, so not limited to contacts or calendars but also youtube, feedburner….. etc.

There currently isn’t much and it is quite a mess but logging in already works. Now I now the code is not very clean but after 4 weeks of intensive C coding it takes a little time to write neat code in Qt again.

Countdown to KDE 4.4 and the new KDE website

I like dabbling in web development and design and so I was quite happy to be able to participate in the redesign of the new KDE.org website due to release in conjunction with KDE SC 4.4 on February 9th. This was what I was working on during the past week and I must say I’ve learned and experienced quite a lot from trying to contribute.

So every day, including today, I will release an image showing stages in the process of creating the KDE webdesign mockup. They can be found in a newly setup WIPUP project, which can be seen in full at my WIPUP profile.

Today we start off with the original mockup (not done by me) from a user with the alias it-s. Have a peek.

Related posts:

1. Countdown to KDE 4.4 and the new KDE website: 4 days left
2. Countdown to KDE 4.4 and the new KDE website: 1 day left
3. Countdown to KDE 4.4 and the new KDE website: 2 days left

OpenSSH: Reuse existing connections / Reverse tunnel

You often hear the phrase “the swiss knife of …”. Well, for networking, OpenSSH clearly deserves that title in my opinion. Besides the obvious feature of providing secure logins with different options for mutual authentication, it can also be used to transfer files. It is also a core component of software like git, which depend on ssh to securely push changes instead of reinventing their own server and dealing with the whole authentication/authorization stuff once again.
I’ve blogged about using SSH to access hosts behind a firewall/router more conveniently, and I really suggest you sit down and read the manpage front-to-back, it will probably be rewarding for your current workflow.

Reusing a connection
Anyway, today I wanted to present another advanced feature, one I only stumbled upon while learning for an upcoming exam. The slides mentioned the possibility to share connections on one SSH-channel (to the same destination, obviously). Now, why do you need more than one connection in the first place? Well, sometimes you just need the space, and using screen just doesn’t cut it. Or you use git or scp to the same host you’re logged in already interactively. In that case, you just have to establish one connection and any further connection will use the first one. The benefit? Login is way faster, almost instantly, because the whole handshake and authentication doesn’t have to take place again. The caveat: You’ll have to close your master-connection last, otherwise the other connections will drop too. For me that’s no problem, since the host I use most of the time is also the host I’ve got a session open with 24/7 (IRC).

I’m just gonna show the fully automated version here, though you can use it manually as well, just when you need it. A better description can be found here. To automate it, put this in your ~/.ssh/config (you don’t have a config yet? shocking!):
ControlMaster auto
ControlPath /tmp/%r@%h:%pAs usual, you can put it at the very top to apply for all hosts or you can activate it for specific hosts by putting below a Host declaration. Now all you have to do is use ssh host as usual. You’ll see it’s working when you terminate the connection:
Shared connection to host.de closed.

Reverse tunnel
Yes, you can tunnel with OpenSSH. You can even have it act as a SOCKS proxy, which is really neat when combined with Firefox-plugins like FoxyProxy. But you can also reverse-tunnel your way out of a closed network (or NATed network for that matter) when you don’t have access to any intermediate host (like the router/firewall). It’s easy:
ssh -NR 12345:localhost:22 home.deThis assumes you’re issuing the command from the machine that you want to access (from home) later on. It will bind the port 12345 on home.de so that it is forwarded to port 22 (SSH) on the local host. Yeah, it requires some reverse thinking too to get it right ;) The -N-switch prevents a login, by the way. Obviously it is of little use if your home.de has a flaky dialup connection, so you might want to reverse-tunnel to a stable endpoint (or use something like autossh).

QGraphicsScene used as a QAbstractItemView II

Again some thoughts about this complex topic, but this time with content not as last time when i accidentally published an unfinished article – i’m very sorry for that.

updated diagram illustrating the QGraphicsScene used as a QAbstractItemModel

the primary difference to the last one i published is that there is the other view i’ve integrated into the automate project – the ‘TreeView’

extending QGraphicsItem to be used with a QAbstractItemModel

Q: what is this section about (in a few words)?

A: now as QGraphicsItem is used to represent QModelIndex‘es they need a way to query data from the Model, this is how it can be done

in qt4 there are a few different classes using QGraphicsItem as a base class. originally i wanted to extend the items with virtual inheritance [1] but then the ‘dreaded diamond‘ problem showed me that it can’t be done since i could NOT change the way a QGraphicsTextItem would inherit from QGraphicsItem (read: i couldn’t add the keyword virtual between

‘public _here_ QGraphicsItem’

and if that can’t be done the virtual inheritance can’t be used). of course one could now change the qt core library but that would be wrong ‘in concept’ since my application should be able to be used with any version (for example qt 4.4) not just one single version i’ve changed.

so after hours of figuring i came up with the class GraphicsItemModelExtension [2], it makes use of pure virtual functions and since QGraphicsItem(s) do have a data() and setData() function which is exactly the same function name used with the Model i had to rethink the function calls. now data() and setData() for the Model used from a QModelIndex via GraphicsItemModelExtension are named modelData()/setModelData() instead.

but what makes you want to use the GraphicsitemModelExtension class? in contrast to my previous attempt it stores the QPersistentModelIndex and you don’t have to rely on an existing scene() which is then casted from a QGraphicsScene into a GraphicsScene which then would provide a Model* which finally would be used to query data.

the basic concept after adding an item to the QGraphicsScene is that one needs to query data right in the constructor, for instance you need various properties as ‘label’ or ‘color’. since the normal item now has index() it can instantly (even when not added into a scene() yet) query the Model for data. NOTE: right after an item is added to a QGraphicsScene it does NOT have a scene() yet, if you try to query scene() from a constructor of a QGraphicsItem you WILL get NULL which was a big flaw in my previous implmenetaions. but now that problem is gone and because of the nature of pure virtual functions (yes QGraphicsItemModelExtenstion is actually an abstract base class) it helps to design new custom GraphicItems.

again ‘why i used properties instead of another hierarchy layer’

in the automate [3] project i had a TreeView which does have several columns and one can display one property per column, this is done by the data(..) implementation and is quite easy, just see my code. however in the spring random map generator project [4] i need the properties not in one row per column but instead all properties should be top down with:

module name
propertyName propertyValue (displayed by a delegate)
propertyName propertyValue (displayed by a delegate)
propertyName propertyValue (displayed by a delegate)
…

so i can’t use the data(..) function as i did last time. now i need one QModelIndex per row but my model currently does not have properties as QModelIndex’es at all. so what should i do? i’m still not sure about this… but as soon as i found a nice solution i will write about it.

links

[1] http://www.parashift.com/c++-faq-lite/multiple-inheritance.html

[2] http://github.com/qknight/springrts.com-random-map-generator/blob/master/src/frontend/GraphicsItemModelExtension.cpp

[3] http://github.com/qknight/automate

[4] http://github.com/qknight/springrts.com-random-map-generator

Sanctuaries

the future of the internet

before thinking about ‘the future of the internet’ let’s have a look what the ‘internet’ actually is. the internet consists of two low level protocols, that is: tcp and udp and the most prominent protocol ip. and many other protocols are building on this, as http for instance. you are currently reading this blog page using http, that means you are also connected to the internet.

if you want to be a part of the internet you need a internet address – in short an ‘ip address‘. since most of use are using ipv4 that means often ppl share one ip which is bad since you can’t address some person sharing an ip with someone else directly. Sharing usually means NAT – network address translation – and it also means that the internet does not work correctly. NAT is a failure and was never meant to be in the original design of the internet.

say you call your friend and he has no phone in his room – but one at his mother’s room. usually you can’t call between  [22,8] o’clock. the same thing is true for nat – you usually can’t reach the other person directly.

the only possible solution to this problem is ipv6. however we fail to integrate it. we currently fail at a lot of things (germany 2010):

• apply ipv6 a standard before others do it (and we have to accept their policies & concepts)
• removing 24h disconnects for dsl
• creating balanced upload/download links
• instead of forcing providers to make dsl uptime 99.9%, we still heavily rely on the telephone system which has in comparison far better service guarantees (for instance dialing 112)
• have more applications using osi-layer 5 (session layer) instead of binding a session to ip:tcp states

So ‘what was the internet again’?

Actually the internet is much more than just what you can do with your browser using http. Before looking at http in detail let’s have a look at popular protocols which do NOT use http.

• the first thing which comes into my mind are all the network implementations for games which most often use UDP and in some rare cases use TCP. this is a very big class of applications
• then we have SIP and similar implementations as ’speech over ip’ in short VOIP. most internet providers tend to like SIP. gamers often use TeamSpeak or Mumble but there is skype folks as well. the most notable difference between all sip like implementations and skype is that skype’s implementation bases on a p2p structure but since it is closed source one can only speculate how chat and speech is using this framework.
• then there are the chat clients in various flavors ranging from irc & psyc and to IM protocols as xmpp(jabber), irc, msn, aim & others. these chat clients – more often than not – have also webinterfaces which let’s YOU access the service via http as well. using http is a very interesting approach since it uses http for that and http usually DOES NOT WORK WELL with such an service but we’ll have a look at that later
• p2p filesharing which is (at least bandwidth wise) the most popular internet service. i think about bittorrent (kademlia) or other similar concepts (this does not include services like rapidshare!).
• last but not least there is a concept  known as ‘middle ware‘.
  for a very long time i did not understand the importance of having a ‘middle ware’ when designing internet protocols. corba and it various implementations for what one would call a ‘middle ware’ and from the protocol designer’s point of view it gives you a very high degree of object interoperability.
  • when a game developer has to write network code usually the choice tends to UDP since the laggy nature of TCP flow control can’t be ignored when one uses a internet connection with lots of packet loss. however UDP basically does not care for lost packages at all which kind of ‘overcompensates’ the problem one wants to solve. so most developers extend UDP until all needed features are there. when the network code is done and objects as players interact with other players via the network (read ip here) the game developer basically has created his own ‘middle ware’.
  • the concept using a ‘middle ware’ is very easy to understand: you don’t want to care what the network looks like you just know it’s there but instead of writing parsers for tcp or udp streams with ‘object serialization‘ and ‘object marshaling‘ one can just use an adapter in the programming language of choice which handles all this. of course using custom types here is most often not as easy as using core types as ‘int’, ‘double’, ‘float’ and ’string’ but handled in most cases.

http problems

so after looking at the use case of ip let’s have a look at http and what problems http has and how they are solved. the biggest issue using http is not the performance hit introduced by html/xml and bandwidth loss on the other hand. instead the biggest issue when using http is the fact that http is a ‘polling’ only protocol so a client might download a webpage as: http://www.lastlog.de but then closes the connection. this works well when you only want to look at webpages and if you are only interested in client side events as mouseclicks & similar. but if you want to implement an interactive chat using http it gets more complicated since you would have to query the server every second for new messages from other users (even if there was no new message at all). the server CANNOT connect to your browser and tell you about ‘the new message’ right away as it is done in all the IM protocols.

so there are some new concepts as spdy:// from google [1] but there are other similar ideas as well. all lead to a next generation http protocol with callback capabilities. opera for instance features ‘a socket in the browser‘ which is a interesting concept. both concepts transform the ‘user’ from a pure consumer into a ‘consumer/producer’.

in the first days most internet providers had ‘terms’ in their ‘terms and agreements‘ which forced you to offer no webservices with your private internet connection. the situation since the internet was introduced has changed and providers now sell devices as the fritz-box with DDNS clients for services as dyndns.org preinstalled. this change needs to be extended further as the classic pattern of ‘private’ and ‘commercial’ usage merge more every day. it gets hard to distinguish between the service levels needed for either of the two scenarios. we need to extend:

• service guarantees (uptime/bandwidth)
• extend upload (currently internet connections are pure consumer connections)
• extended QoS guarantees where i think of ‘big bandwidth but high latency‘ vs. ‘small bandwidth with low latency‘ since the normal ‘telephone line’ will vanish soon we need some way of backup line for emergencies of various kinds

So after some history, what makes opera with websockets revolutionary? It’s the ‘ease of use’ to put content online. You don’t need a provider to host your stuff, just host it yourself! But there are pitfals as upload bandwidth is small even with VDSL, i don’t know why… my scale of guesses range from:

• ‘reducing costs since most users are consumers’ to
• forcing users to ’shut up’ and to sell enterprise servers for much money

there are many points for both sides and i don’t have much background to make a good guess.

Some final thoughts:

• Currently I’m waiting for a revolution: the upcomming ‘ipv6′ could make skype ‘vanish’ since traversing NAT is the biggest problem in creating a ‘free clone’ of skype (this is also valid for SIP). also filesharing as p2p will work much better.
• http will be extended with something like spdy:// very soon, which will make ajax programming pattern much more powerful
• the normal browser will not host only some ajax scripts but will also host parts of the database and programs nowadays running on the webservers only and therefore turn into a local webserver. the first step was ajax, the second step needed is spdy:// and the third step to make this work will be adapted software for webservers to run in such a scenario. looking at the success of http is that it is a easy to use protocol with working standards and it can pass nearly every firewall. it basically hosts all kind of services. the next big step will be to make the browser to look like a application. again – the first step is something like google docs, the second step was making it a tv with plugins as flash. the next revolution for example is compiling c/c++ code in a way that it runs on top of the flash plugin [2]. in the end the browser and any normal host application merge…
• flash will vanish – since the biggest use case is streaming videos and commercials, so guess what users will disable once most videos are played using the in-browser player (which has also huge performance improvements)?
  

links

[1] http://www.chromium.org/spdy/spdy-whitepaper

[2] http://www.flashmagazine.com/news/detail/play_doom_online_-_thanks_to_adobe_alchemy/

Joined identi.ca

It has finally happened — I succumbed to the microblogging craze!

Until now I never felt any urge to use a microblogging platform, because I think that if something is worth telling, you should tell it right and that SMS'ing the world in general is rather stupid. The only real use I can think of would be to join a group you belong to communicate there when writing a blog post or e-mail would be too much.

So, now that I plan to actively participate in FSFE (and hopefully FSFE Slovenia soon) and therefore found a use for it, I created an identi.ca account.

This being said, I still think people are (ab)using this medium way too much for just outright garbage...

hook out >> trying to figure out how to get Gnash to work in Konqueror
<!--break-->

fake a dual monitor display!

Wouldn’t we all love to have a beefy workstation with at least two giant lcd monitors? Alas, I have a slim laptop with a small screen. And another laptop, almost 10 years old, albeit with a nice and large screen. I naturally prefer to use the newer machine for performance, but it also means making do with a small monitor.

I can tell you it’s a real pain to author latex documents this way, I can’t fit both the kile and evince on the screen at the same time. It wasn’t until recently that it hit me what I was doing wrong. There are three processes involved here:

1. Document editor.
2. Compiler (I run a loop that invokes make continuously in the background).
3. Document viewer.

Come to think of it, this applies just as well to coding if you think “running the code” on the last step.

Well, X11 is a display server, for peet’s sake! So you have the editor on the workstation, but then you log in from the other laptop (with the larger screen) and run evince to display there.

Just do:

oldlaptop$ ssh -XYC workstation

Don’t ask me why -Y, I don’t know, but that’s how I get my ubuntu to allow remote connections.

Faunus is alive!

Finally, after an epic battle with disk encryption, the kernel and initramfs — my brand spanking new shiney matt ThinkPad is up and running!

World, be prepared for Faunus — the horned god of the forest!!!

Compiling even KDE on this puppy was a dream. I find it surreal how quiet and cool it is even when put under loads as high as 5 and 8 :3

hook out >> gotta run to the faculty for a meeting

How dumb is Slashdot?

OK that title is a bit provocative.  I enjoy reading Slashdot as much as the next guy, and I'd always laughed at the comments about Slashdot readers being dumb, but this post got me rolling my eyes in frustration: "2 Displays and 2 Workspaces With Linux and X?"

The OP asks about buying a second monitor and setting up two screens - one large desktop or separate X screens.  Firstly, I would expect a question like this from an Ubuntu noob, followed by lots of answers like RTFM, Google it, see this FAQ, etc.

However on Slashdot, there are so many people who still don't realise that one large desktop doesn't mean windows have to maximise to two screens.  So few people seem to know about xinerama and yet they're still giving advice!  Someone said that "Windows 7's easy dual monitor setup lets you maximise to one window - can Linux do that?" (sheesh, only for years now...)

Slashdot users have some fantastic, intersting, and informative posts.  Unfortunately, unlike a regular email list where only the people who might actually know the answer reply, everybody on Slashdot wants to reply.

Quad Erat Rant-astrandum!