Planet Larry

Ogg-seeding bovines and ease of use

Every time I see someone seed an Ogg/Vorbis album on Jamendo's trackers I get that urge to stretch my arms all through the wires and hug whomsoever is on the other side impersonated by that IP my BitTorrent client shows and shout through my monitor: "Thank you! Thank you for caring."

With that out of my system, let's focus on code. I promissed a while ago to write a KTorrent script to help share and seed free (i.e. mostly CC) music, but my work has been stalled by KTorrent not yet supplying the API calls I need. This doesn't mean nothing I'm doing nothing though!

What I did do so far is create a project on Gitorious^[1] to host it — Dashing Freemooina Cow^[2] — and as a subproject a small script called "moo-cow".

Dashing Freemooina Cow is part of a bigger plan to make sharing free music as easy as possible and will initially only handle Jamendo albums, but will be later expanded to any and all free netlabels I can find. I hope to add more advanced features like creating and uploading yet non-existing torrents to trackers and integration with Libre.FM as well.

But until I get my wish concerning the API, you'll have to make use of the spartan shell scrip that is moo-cow. To make use of the script, just download it and edit the MUSIC_DIR to point to where you keep (and seed!) your music; write Jamendo album ID's^[3] each in a sepratate line into album_list and run moo-cow.sh. I've already tested it on about 50 albums and it works!

...so, get the code, download your albums, share and seed to others and don't forget to be dashing! ;)

hook out >> sipping recycled tea and off to bed...

Vim :ruby and :rubydo scope

Note to self. In old Vim (tested in 7.2.320), I could do this:

:ruby x='foo'
:rubydo $_=x

Now every line in the file says foo. But in Vim 7.3 I get an error:

NameError: undefined local variable or method `x' for main:Object

The scoping rules for Ruby in Vim must have changed somewhere along the line. I was abusing this feature to do some handy things, so this is sad.

A workaround is to use global variables in Ruby instead. So this still works:

:ruby $x='foo'
:rubydo $_=$x

Phew.

Beware of warnings about default Apache2 config for PHP

Planet PHP recently popped up a post by Ilia with a warning about the configuration of PHP using AddHandler instead of AddType.

Now I’m all for people publshing warnings about security issues, but they really should at least read the official documentation to check their information first.

In this case, to summarise the documentation:

• AddHandler is used for server-side content handling – it associates a handler with the specified content
• AddType is used for determining the Content-Type in relation to the client request (ie. the default Content-Type identified to the browser)
• BOTH obey multiple extensions, but a response can only have one Content-Type while a file can be handled by multiple Handlers.

This means that while, when using AddType, “test.php.gif” no longer works, “test.php.something” will (assuming .something doesn’t have an associated Type), because .php is the last extension encountered which has an associated Type. So the so called “fix” doesn’t really fix the problem at all.

Additionally, when using AddType, instead of the default Content-Type being text/html, it becomes “application/x-httpd-php”, which is technically incorrect and may result in your website not being viewable in browsers or by search engine bots.

If you really want to make it so that only files ending with .php are handled by PHP, then you should use SetHandler instead of AddHandler. In fact, this is what the current official PHP documentation recommends.

qemu monitor cd change

I’ve been playing around with kvm (which uses qemu) to try out other operating systems and Linux distributions. Up until now, little progress on that part (not because it is difficult, just little time) but there are a few things worth mentioning. For this post, let’s start with a quicky on CD changes.

qemu’s integrated monitor is very nice and powerful. To go to the monitor from inside the vnc session, press Ctrl+Alt+2 (to go back, use Ctrl+Alt+1). Then you can query for attached hardware, add new devices, remove others, cpu’s, etc. Something I found necessary was to switch CD/DVD images. With info block I found the device. I then ran eject ide1-cd0 followed by change ide1-cd0 /path/to/new/image et voila, new CD available.

Getting SmartCard reader working under Gentoo and SSH authentication via OpenPGP

About two weeks ago I ordered a SmartCard reader and got it to work. It's really nifty and I now use I use my Fellowship OpenPGP/member card to sign (and encrypt) my e-mail and log via SSH.

Flameeyes has already reported how he got his working under Gentoo and in short my installation just partially deviates from it, but I'll add more how to chose and use it as well.

First things first — getting your hardware. You can safely skip the next paragraph and just pick one from this list.

In Slovenia we're not that hot on SmartCards, so anything else then ActivIdentity is pretty hard to get and for my taste those are too clunky. So what I did was call up the local importer Crea and was completely taken aback by the treatment I got! I know this sounds like an advertisement, but it's not. It's just that rarely never have I met such a competent and friendly service. Not only do they know about GNU/Linux, they test every model they sell on it as well, e-mailed me a bunch of useful links and even suggested a solution that I didn't think of before. This was a trully nice experience :]

Now that we got the HW it's time to set up the system. In my case I had GnuPG already installed and emerged just pcsc-lite and ccid. You need GnuPG for the obvious reason of handling the GPG/PGP keys and while it is reported that many OpenPGP card readers should work with pure GnuPG, for me this didn't prove the case. What I needed to do is to get PCSC-Lite middleware and the CCID driver. Note: USE="pcsc-lite" pulls in the ebuild for sys-apps/pcsc-lite, but you still need to emerge app-crypt/ccid yourself.

So here's the list of the ebuilds I used:

• sys-apps/pcsc-lite-1.6.1
  with USE="hal usb -static" (on HAL vs. USB flags: I have tried both and they both worked flawlessly)
• app-crypt/gnupg-2.0.15
  with USE="bzip2 ldap nls pcsc-lite smartcard -adns -caps -doc -openct -selinux -static" (if you set pcsc-lite Portage automatically pulls in sys-apps/pcsc-lite as a dependancy; no idea why there isn't a flag to do the same for app-crypt/ccid though)
• app-crypt/ccid-1.3.13-r1(because 1.3.11 doesn't compile)
  with USE="usb -twinserial"

Note that I had to pull in CCID from the testing branch because the stable didn't manage to compile, the other two are from stable branch. Also the installation method on other distributions varies of course and the PC/SC middleware package has some other names as well.

The most delicate part of course is getting the key(s) on the card. Probably the best HOWTO resides on Fellowship Wiki — I've followed it with just a few alterations, namely:

• take into account that you are using GnuPG 2.x, so you don't have to kill the agent while generating subkeys;
• the HOWTO presumes you already have a few keys, so don't be confused if there's a key extra which you don't have (e.g. the already existing auth key);
• adding an auth key to the OpenPGP card is not handled by the HOWTO and is done by the addcardkey command in the gpg --edit-key interface. Then when asked which kind of key, you just select Authentication key and you're almost set to log into SSH sessions with it!

If, as me (and Flameeyes), you get problems with gpg-agent and/or scdaemon not running (basically the most common problem), it's easily solved. In my case, I edited the /etc/kde/startup/agent-startup.sh file to include this loop:

if [ -x /usr/bin/gpg-agent ]; then
  eval "$(/usr/bin/gpg-agent --daemon --enable-ssh-support)"
fi

The good bit about it is that it works flawlessly throughout KDE and the whole X session — KMail, Dolphin, Kopete, etc. etc.; the caveat though is that if I want to use OpenPGP in a pure TTY (≠ terminal emulator) at the same time I have to kill gpg-agent and run that loop by hand in that TTY. If you happen to mix X with TTY often, you should try Flameeyes' solution with a wrapper. Our methods differ because one's better for one scenario and the other for another — chose whichever suits you better.

As a final treat — authenticating SSH sessions (i.e. logging via SSH with just your OpenPGP card), which is a most cool thing indeed, I followed Greve's instructions, which basically boil down to:

1. make sure you have created the authentication key on the OpenPGP card as explained above. To check that it's working run gpg --card-status and ssh-add -l and see if the Serial number of the first output matches with cardno. of the second;
2. run ssh-add -L to see the SSH public key(s) and copy the one which states the (right) cardno. entry;
3. log onto the server you wish to authenticate to with OpenPGP and paste the SSH public key into ~/.ssh/authorized_keys and there you are!
4. now log off the server and the next time you SSH to that server you'll be using your OpenPGP key and should at most be asked for your PIN.

This trick with OpenPGP authentication works also with Git over SSH, as e.g. used by Gitorious.

Big help provided by: bremner and others on #GnuPG; ph3-der-loewe, jhelwig and jg71 on #FSFEurope; thiago on #KDE and last but not least Flameeyes on his blog and via XMPP.

Flameeyes and me have already decided to update the Fellowship Wiki Card HOWTOs on this matter, but we've still to find time for it.

hook out >> sipping Ceylon Vanilla Bourbon tea and either hacking on moo-cow or studying ...will see
<!--break-->

Application design polish.

Free software is great. Everybody loves free stuff. However there’s one common flaw experienced by a lot of free software – they look ugly.

The reason behind this isn’t because we have too many programmers (yes, we know you never have enough programmers) and have too little artists – no, the problem is a lot more subtle. The real problem is that there is no clear hierachy within the artists. There is no control. There is no clear structure, focus, and branding. The question so many artists fail to ask ourselves as a contributor to free software is – What do we want to communicate?

To illustrate my point, I would like to use Ubuntu as an example. Regardless of your prejudices for the distribution and/or Canonical, they did do something right – they have a brand. They have a clear, recognisable pallette and style – from colourschemes to typefaces. Why don’t you see it for yourself: go and visit Ubuntu.com. Notice the colours. Notice the icon styles. Notice the typography.

Another example of a project taking the steps in the right direction is KDE and their Oxygen iconset + plasma "Air" attempt. However there is still far to go.

However the issue does not lie with such large FOSS projects such as the above mentioned. Instead the real problem lies with smaller software and application created by smaller developer groups. The reason is because these small applications rarely have to worry about problems such as branding – instead they have to focus on creating an elegant application. Design elegance can only rely so far on the design of widgets in the UI toolkit used. The rest is really up to the developer. Allow me to give a quick visual example of Blogilo, a blog client which I’m using to type out this post. Take a look:

The untrained eye would not see any problem with the screenshot – however the application design above screams complexity. There is no elegance. There is no simplicity – no "flow" (a clear step by step separation of functions). A blog client is not a complex application like an IDE. It exists for you to add, edit, and delete blog posts. Nothing more. When stripped down to its basics, a blog client is naught more but a rich text editor with a few extra options. Instead we have frames within frames, accordion panels, tabs, and buttons strewn about. Overkill, in my humble opinion.

Design polish is a very hard topic to separate what is ugly and what isn’t. It’s blends over into many neighbouring topics such as usability, a macro-view of marketing (in this case, Blogilo is part of KDE), and functionality. If you are interested, however, I would like to direct you to this very interesting blog by Troy Sobotka, one of the folks behind Ubuntu, who discusses this in much more clarity and detail than I am capable of.

Related posts:

1. thinkMoult blog design updated.
2. KDE.org relaunch with a brand new design!
3. Ubuntu 10.04 LTS (Lucid Lynx) – packed with goodies.

Windows Powershell Profile

At work, like most of this world, I’m forced to use Windows. Which isn’t always a bad thing just not preferable. At the same time though Microsoft has made this much easier for me by introducing Windows PowerShell. It’s actually been around for quite some time and I’ve actually been using for a while as well, but only recently have I been really getting into it and learning more about.

One of the nice things about PowerShell as opposed to cmd which you’re used to in Windows is that you can configure it just like you can Bash. Well, I have of course, spent some time setting mine up to basically work more or less exactly like I like my Bash setup to work. I keep in my dotfiles on GitHub if anyone wants to steal some code from it.

http://github.com/steveno/dotfiles

Migrating to XMPP/Jabber (and AIM woes)

Alright, so I've decided to finally drop proprietary IM protocols.

To some extend because promoting free software and open standards while at the same using proprietary protocols of companies that don't respect your privacy is a bit, well, let's be honest, hypocritic. On the other hand though because I've increasingly grown fed up with WLM/MSN/ICQ/YIM/AIM, their quirks and the inability to provide me with what I want.

I've already stopped using YIM and AIM with the rest following soon. What I've learnt from this so far is how very scary proprietary IM actually is. Since (for now) I still use Yahoo as my spambox e-mail provider, I just disabled the messenger component and it was very simple.

But when I tried to delete my AIM account, stuff got difficult. Brace yourselves, this gets pretty ugly! First of all, the general AOL's idea on how to "cancel AIM" is "just stop using it". The second odd thing is that they have more then one official help/support portal (yes, portal. it's big!). That being said the official help I found on how to cancel an AOL account was that if you're a paid customer, it's just a click away; if you're a sad sap who got the free account only to communicate to some other bloke on AIM, ...weeeeeheeheheheeeell, then it depends, maaaaaybeee you can delete it, maybe you can't. As luck has it, in my case (and in case of many people out there) my free account doesn't allow me to cancel it. A quick search on the aforementioned help portal says it could be because I have a child account. Which is kinda odd, since a child account, as I understand it, is a subaccount made by an adult person with their own full account and I can remember registring my account while already full age. Setting the problem aside that AIM just called me a bastard (= a parentless child), the problem stays that I cannot cancel my account. Of course, live (= phone, e-mail etc.) help is only available to paid customers. Well, I'm cooked there. I searched the web a bit and found out one of many self-help groups which lists a few solutions. For now I'm trying the contact-AOL-UK-and-hope-they-comply method, but if that fails — people report it fails more often then not — they go so far as to suggest to break AOL's ToS and wait for them to suspend your account and then not log in for half a year. ...bloody hell!?!?! The only half-way sure way I can get my AOL account removed is by contract breach?!? That alone should send shivvers down anyone's spine! And people are wondering why I'm against such things.

Below is the notice I'm sending to people on my contact list to explain why I am migrating and informing them of the benefits the XMPP protocol brings:

This is just a friendly notice that I'm leaving <insert_proprietary_IM> (and other proprietary IM protocols). If you want to keep in touch via instant messaging you can add my XMPP/Jabber ID to your contacts: matija [döt] suklje [ät] gabbler [døt] org or you can always send me an e-mail at matija [æt] suklje [doŧ] name.

There are many reasons why I'm switching to XMPP (Jabber) and here I'll list just a few of its advantages.

XMPP is:

• open standard — XMPP is the only IM protocol that is an internet standard and it's free software as well, so anyone can use, adapt or write from scratch their own XMPP client, server or other program that uses it.
• decentralised — so it doesn't matter on which server you are, you can always keep in touch with people on other servers, as is already true with e-mail (e.g. if you have GMail, you can just add my Jabber ID to your contacts, since GTalk is just Google's XMPP server); this also means you can chose any server you like best or even build your own and you won't lose the ability to chat with your friends. So you're not locked to just one provider.
• extensible and flexible — XMPP stands for Extensible Messaging and Presence Protocol, so you can easily use it to provide additional functionailty. E.g. people already use it to (micro)blog, get news and status updates, issue commands to remote computers, collaborate, play games over it and all sorts of stuff.
• security — the protocol itself uses industry-standard TLS and SASL for security and many XMPP servers pledge to never log your what you chat. That is not something you can expect from proprietary IM like MSN/WLM which stores whom you chatted with and what eternally (sic!). This is also a reason why even though you can use GTalk, I would advise you to chose a server that expects your privacy — Jabber.org and Gabbler.org are such examples, but there's many more. And since you can always build your own, you can be in complete control of your own data.
• can communicate with other IM — if you desperately need to use other IM protocols, you can just tell the XMPP server to forward the messages to and from your other IM accounts.

Well, that's it from me. If you decide that a) this sounds good; or at least b) you'd like to keep in IM contact with me, here's a (non-complete!) list of XMPP servers where you can make your account: http://xmpp.org/services/ (Jabber.org is the oldest and most popular); and add me: matija [döt] suklje [ät] gabbler [døt] org

There is also a great number of clients (programs to connect to XMPP) you can use: http://xmpp.org/software/clients.shtml (I use Kopete, but chose whichever you like best; there's even web-based clients if you're in a cybercafe)

In case you got really excited about it, you can also run your own server: http://xmpp.org/software/servers.shtml

Cheers and hope to chat with you someday again,

Matija "hook" Šuklje

If anyone has done or plans to do a similar move, I'd be happy to hear about your experiences.

hook out >> hmmm, tea with honey's nice, but sadly honey usually overpowers the delicate taste of tea
<!--break-->

An unwinnable battle

For as long as I follow discussions and event around the internet and similar technology (networked databases, datamining &ct) the topic of privacy has been quite dominant (especially here in Germany!). Privacy itself is not a new concept, we’ve had the option to put curtains in front of our windows for a while now, we could close our doors and we could decide who to share our holiday pictures with. We had a lot of privacy and whenever a government agency or other entity was stepping in to rob us of it, there were complaints, demonstrations and public disobedience.

Now with the Internet being very dominant in many of our lives, the discussion of privacy comes up almost weekly: Facebook, 4Square, Google Street View … we could go on for ages here and list all the different “Privacy Disasters” we’ve had in the last year or so. But lately I’ve come to the conclusion that it’s a battle that cannot be won. Why? Because we’ve said it for years now, just in a different context.

Let’s step away from privacy and look at a different topic: DRM. DRM stands for Digital Rights (some say Restriction) Management, DRM is what tries to make copying a DVD or a video game not simple, DRM is what locks you out of the music you bought when you buy a second computer. What DRM does is (quoting Cory Doctorow here) “trying to make bits harder to copy” and as Cory so precisely nails:

“There is no such thing as a copy-proof bit. There aren’t even copy-resistant bits. Copying is what bits are for. They will never, ever get any harder to copy.

If you want people to be able to listen to something at home, or watch something at home, you lose control over it. There are always ways to intercept data and copy it, even if you think it is encrypted, take a video file for example: Let’s say you encrypt it with a secret key so people can only play it after having contacted your servers and authenticated to get a key to unencrypt it. That’s safe, right? Except for the fact that at some point the data has to be decrypted to be playable on some sort of screen and at that point somebody can intercept it and save the unencrypted data. Even if you move the encryption to the TV, people will just start soldering a few contacts in and get the data some other way or they’ll use cameras to save the image. And yes, the quality suffers, but when I was young and we copied CDs for each other we used tapedecks and it was good enough. Quality loss will stop some people but not most of them.

So we just established that DRM does not work, right? It inconveniences only the “honest” people because the “dishonest” people rip the content out of its DRM-cell anyways (That’s why even people who buy a game use NoCD Cracks and other piracy-related technologies: They make using the product easier!). Now comes the problem: What we want as only privacy is just another layer of DRM, just that this time we are the guys asking for it.

Of course there always is the way of the luddite: We call all this fancy internet stuff crap and do not use it, we don’t publish our data here, we do not post our pictures, we just stay out of it. The problem is: When it comes to personal data you are not the only one that can enter it. If I put up a photo of me and a few friends on the internet and put a text with each person’s name next to it, all those people now have a part of “their” private data public (Remark: I don’t believe that you can own data, not even personal data). So keeping private data private means not just making sure that you are not leaking it, but also making sure nobody else leaks it. What happens if your bank has a data leak and your whole account data is online? There nothing you could have done, it’s not your fault but your data is public. And the net does not forget. The bits will have been copied and you will never get them back. All you can do is try staying ahead in the race and switch banks to get a new “private” account. Until that bank has a leak.

But most of us are no luddites: We enjoy putting stuff online. When me and Annette moved I took some pictures of our new house so I could send the link around to family and friends who don’t live in Oldenburg, I wanted to share something with others and the internet (and it’s great ability to copy bits!) made that easy for me. Now let’s make an experiment based on this.

People talking about “data ownership” would say that we need technology where we can say: “Only these 6 people can view these pictures.” This way we could use the internet to share data but keep privacy intact. Cool. So how do I make sure that one of those people does not save the image and uploads it on Facebook saying “Look what house my friend tante got!”? Do we really want to pretend that in this case where we want DRM for ourselves it would work?

“Privacy” as a concept has the same issues that “property” as a concept has when being transferred from the real into the online world: Property does not work because you can make indistinguishable copies without cost so the idea of scarcity that property is based on fails. Privacy is an idea based on control and especially on the internet where everything is virtual and easy to copy control is impossible.

Back in the days you had a photograph and would show it only to people you wanna show it to. I they tried making a photo of your photo you would see that and could intervene. A JPEG does not give you that control, if somebody except you has seen it you can assume the data to have leaked (at least you cannot guarantee that it didn’t if you didn’t turn the virtual data into a physical thing by forcing people to copy to your place and having them look at it on your screen).

DRM does not work. It does not work to make copying video games impossible, it does not work to keep movies from being copied online and it also does not work to keep your data private.

Paludis 0.54.2 Released

Paludis 0.54.2 has been released:

• Upgrading from older versions to 0.54.1 would produce strange errors. This does not happen for 0.54.2.
• Blockers and uninstalls for chroots are now handled.

Paludis 0.54.1 Released

Paludis 0.54.1 has been released:

• User-defined cave commands are now passed all command line arguments correctly.
• ‘cave show’ now has ‘–description-keys’, and ‘cave search’ uses this where appropriate.
• Paludis key=value configuration files can now use ‘$ENV{FOO}’ to refer to an environment variable.
• output.conf can now set log_path, and user defined output managers will now override builtin output managers with the same name.
• When running in ‘quiet’ mode, status messages are now shown.
• Warning and error messages are now shown at the end, along with info and log messages.
• The ‘tee’ output manager handler now has ‘stdout_children’ and ‘stderr_children’ for only forwarding stdout or stderr.
• Where supported, ‘fallocate’ is now used when merging files.
• Where supported, dirent->d_type is now used to reduce the number of stat() calls that are made.

PixieLive

A friend of mine, Christian, has released PixieLive, a slax based live linux distro build with gentoo.
It’s one of the few live distributions that support Intel GMA500, popular on netbooks like some Asus EEEPC.

PixieLive

Audio transcoding in bash

A proper transcode must have a lossless audio format as a source, a good one is flac ,stands for Free Lossless Audio Codec, because it does the job well and has a good licence ( BSD and GPL ).

If you have some flacs and want them in mp3 format (you need lame and flac) you can use this one liner:
for FILE in *.flac; do flac -cd "${FILE}" | lame - "${FILE/.flac/.mp3}"; done

the above line decodes every file that ends in .flac to the standard output (screen) and pipes it to lame that will encode it. “${FILE/.flac/.mp3}” will be the output file, in bash that means: take the variables “$FILE” (that is the original filename), remove “.flac” and substitute “.mp3″.

Nowadays I transcode quite often to 320 kbit/s constant bit rate (CBR)

• achieving the best quality for an mp3 and still being highly portable, some players don’t like variable bitrate of high quality ( like the V0 preset)
• doing something unefficient since mp3 is not a good codec for that quality but if your stereo reads just mp3 you don’t have any choices

I simply need to use lame with the proper switches , the above one liner becomes:
for FILE in *.flac; do flac -cd "${FILE}" | lame --cbr --preset insane - "${FILE/.flac/.mp3}"; done

To rip my compact discs and encode my music in flac I use a program for windows called Exact Audio Copy (EAC), my Wine build doesn’t like it for some reasons and Virtualbox has historical problems in handling cdroms correctly, the solution was VMWare. The native solution is RubyRipper

Added “iw” support to Linux Sea

The wireless driver developers are actively working on a new wireless toolset called “iw”, slowly deprecating the older wireless-tools toolset (which contains the “iwconfig” command). Kasumi_Ninja reported to me in the Gentoo Forums that it would be nice to add information on iw to Linux Sea, so I did. I must admit though that my systems don’t (or hardly) support iw, so I had to be lead by examples throughout the Internet.

Apart from the iw addition, I’ve reorganized the sections on Software Management as it was becoming too crowded. I’ve also started a ChangeLog for those who want to track the changes to the document.

Now if anyone can recommend me a good spell- and grammar checker…

cvechecker 0.4 released

Albeit with less updates than 0.3 had, cvechecker 0.4 brings in internal project files reorganization (more to the liking of the GNU autoconf/automake standards – I think), fixes a databaseleak (instead of memoryleak ;-) bug and introduces a teenie weenie bit more intelligent pullcves command (with multiple return code behavior to improve automation efforts) as was mentioned in the feature request list. All documentation is also updated and a pullcves manual page has been added.

the "Community Contributions" section on the Arch Linux forums is a goldmine

The Community contributions subforum of the Arch Linux forums is awesome.
It is the birthplace of many applications, most of them not Arch Linux specific.
File managers, media players, browsers, window managers, text editors, todo managers, and so on. Many shell scripts, urxvt extensions and dwm patches aswell.
Most of the apps are designed after suckless/KISS principles, but there are also some GUI programs.

If you like to discover new apps and tools, check it out.

Using PlayOnLinux to run applications already installed by vanilla WINE.

RTS is an acronym for real-time strategy. It’s a game genre. There’s a classic RTS game known as StarCraft. Although only a casual gamer (say, might I recommend Machinarium?) I have played (and somewhat enjoyed) a few more "hardcore" games – like for instance, StarCraft. Although being pretty pathetic at it, I did enjoy it and appreciated the balanced strategy between the various "races" you could control in the game. With StarCraft II already out (hell, it’s about time!) I decided to revisit the original StarCraft: Brood War game to refresh my memory.

I downloaded the game from Battle.net, installed the latest version of WINE (1.3.0), ran the Blizzard downloader flawlessly, ran the installer flawlessly – and true to its Gold ranking on the WINE AppDB, ran the game flawle- no wait. It was laggy. Not particularly laggy. But it wasn’t as fast as it should’ve been, and too many critters on the screen would make it choke. I tried all the lag-fixes suggested on the AppDB submission to no effect. It was a sort of phantom, website-loadingish lag.

However one comment on the AppDB page said that using PlayOnLinux to install WINE 0.9.14 to run StarCraft fixed all lag issues. I decided to give it a shot. Turns out any version below 1.0 is no longer supported (as any sane developer would do) and no longer available in portage. PlayOnLinux was, however – and PlayOnLinux did still allow WINE 0.9.14 to be installed. Unfortunately it wasn’t particularly intuitive to tell PlayOnLinux to run my installed .exe file with WINE 0.9.14, so perhaps this blog post might help others in my situation. Using these steps I was able to install a prehistoric version WINE via PlayOnLinux, and tell it to run the already installed version of StarCraft on my computer:

1. Install PlayOnLinux, Tools -> Manage wine versions -> install v0.9.14. Should be straightforward.
2. mkdir /home/username/.PlayOnLinux/wineprefix/starcraft && env WINEPREFIX=/home/username/.PlayOnLinux/wineprefix/starcraft wineboot
3. cp -r /home/username/.wine/drive_c/Program\ Files/StarCraft /home/username/.PlayOnLinux/wineprefix/starcraft/drive_c/Program\ Files/ (or mv it, doesn’t make a difference)
4. touch /home/username/.PlayOnLinux/configurations/installed/StarCraft
5. Place the following in the StarCraft file:

#!/bin/bash
export WINEPREFIX="/home/username/.PlayOnLinux/wineprefix/starcraft"
export WINEDEBUG="-all"
cd "/home/username/.PlayOnLinux/wineprefix/starcraft/drive_c/Program Files/StarCraft"
wine "StarCraft.exe" $@

And that’s it! Run PlayOnLinux and you’ll be able to run the program from there. This guide should be able to work for other scenarios as well so feel free to adapt it.

Oh, and as for the lag? Yep – oddly enough it did get completely fixed. Regression time.

Related posts:

1. Top 10 Windows Mobile Applications
2. A scalable and adaptable standardised user file structure?

I remain impressed by the free software community

My current personal projects, Linux Sea and cvechecker, are actively being watched by the free software community. For the Linux Sea book, I get nice feedback and ideas on the Gentoo Forums and on the cvechecker application, people such as Nigel Horne are helping out in various ways – including feature requests of all sorts.

I must admit, I remain impressed.

Small changes have already been squeezed in in the Linux Sea document. A larger change (the use of the iw tools for wireless connectivity) is being investigated (sadly, my broadcom-sta device doesn’t support the new nl80211 API so the documentation change is slower to integrate than expected). I’m also planning to make some updates on the software management chapter as it is currently becoming quite crowded.

In the cvetool, most changes are bugfixes and output enhancements as expected. I’m not going to add more functionality now – I first want to get a stable 1.0 release out there. But first continue to squash bugs and add rules to the versions.dat file so that it is usable on various systems (release 0.4 is around the corner).

Paludis 0.54.0 Released

Paludis 0.54.0 has been released:

• ‘cave resolve –remove-if-dependent’ will now cause dependent packages to be removed from world, if no versions remain.
• ‘cave resolve –make’ now defaults to ‘chroot’ when the environment’s preferred root is not ‘/’.
• ‘cave display-resolution –show-option-descriptions’ now works as documented.
• ‘cave fix-linkage’ may take multiple ‘–library’ arguments.
• New ‘cave’ subcommands: ‘report’, ‘print-id-environment-variable’.
• ‘cave print-’ commands are now consistent in handling ‘–all’ / ‘-a’ and ‘–best’ / ‘-b’.
• ‘cave show’ will now always show keys specified by ‘-k’, even if those keys are internal-only or complex.
• ‘cave search’ now takes an optional SQLite index, which can be created using ‘cave manage-search-index’.
• ‘cave search’ now has a ‘–visible’ option.
• The ‘importare’, ‘inquisitio’ and ‘reconcilio’ clients are now deprecated in favour of ‘cave import, ‘cave search’ and ‘cave fix-linkage’ respectively.
• Output managers and output.conf are now documented features, and a new ‘command’ output manager handler was added.
• Hooks are now run using an output manager, where appropriate. The API for .so hooks has been changed to allow this.
• The demo hooks have been removed, since none are particularly useful with ‘cave’.
• ‘cave’ now has a global ‘–colour’ option, and coloured output is disabled by default when outputting to a non-tty.
• The output format for certain cave commands can now be tinkered with by the user. Use ‘cave dump-cave-formats-conf’ to create ~/.cave/formats.conf and then edit as desired.
• The way sub-programs are executed has changed to be somewhat less convoluted.

The Principle of Least Surprise

Review of "Python 3 Object Oriented Programming"

Dusty Phillips, Arch Linux shwag guy, Archcon co-organizer, (python) consultant and since recently buddy of mine wrote his first book: Python 3 Object Oriented Programming.

I got the opportunity to get a free pdf copy in exchange for a review on my blog, so here we go.
Mind you, my Python knowledge is very limited. I have done some python programming, and I once read (most of) Dive into python, but over the years that experience has vanished from my memory. Dusty's book has had many proofreads/reviews by python-aficionado's, now it gets a fresh perspective from an amateur, and for me this was a good opportunity to work on my python skills.

To paraphrase the "who this book is for" paragraph, which is in the beginning of the book and in online advertisements for the book:

• people new to OO programming and people with basic python skills who want to improve their python OO.
• OO programmers experienced in other languages who want to get into python.
• python 2 programmers interested in learning python 3, although this is not the target audience.

Good, that includes me (category 2)

Pro's:

• seems very accurate
• OO focused. But not in a college/university-ish way. Real experience, nuanced, real examples and exercises. Tells you when *not* to use OO. Teaches you the difference between object orientation, OO programming and OO design, and makes you understand that in the end everything are just means to end, and thanks to the versatility of Python, teaches you various tricks to implement certain designs in less then obvious ways.
• Chapters about design patterns (there sure are many of them), testing, libraries, and some other topics not directly related to OO.

Con's:

• Not an introduction to Python. Assumes some basic knowledge about Python. (like data structures and loops). There is a chapter about (some of the) datatypes later on in the book but it focuses more on their OO nature, and to get to know the basics, you're referred to the official python tutorial.
• Does not cover *everything*.

I should clarify my last point. Here and there I found some information to be lacking. Especially static class methods (they are only mentioned very briefly in a case study somewhere) and static properties/variables.
Other then that, sometimes an example or explanation was not entirely clear to me. This didn't happen often, but there were moments where I thought 95% of what you need to know is explained, but the other 5% you have to google up yourself.
It is quite convenient however, to have the author of a book available in your jabber client.
So FWIW here are the things I asked him about and which responses I got, with some comments added by me afterwards.

<Dieterbe> hmm you mention that methods *need* a self param, but why is this?
           can't python automatically make a variable self available in the scope of the function, when calling it?
<Dusty>    no, they are always explicit
<Dieterbe> but why?
<Dusty>    it's part of the python philosophy, I guess. "explicit is better than implicit" is in the zen of python poem.
           Basically, if you are accessing a variable in any namespace, that variable has to be have been made explicitly available in that 
           namespace. The one exception is the from X import * syntax, which 98% of python programmers avoid exactly because of the namespace issues.
<Dieterbe> right
 
# good to know.  Too bad this isn't really mentioned anywhere.
 
 
<Dieterbe> i don't quite get why - in your notebook example of chap 2 - you iterate over the list to find the correct note based on its id.
           can't you just get the element based on it's index in the list? (ie keep the node id in sync with the index in the list)
<Dusty>    I don't have the code in front of me, but I suspect that it's because if a note is deleted, that id should not be recycled and applied to another note.
<Dieterbe> but still, since you keep the last used id, and keep increasing it, you won't recycle id's.
<Dusty>    yeah, but the index in the list will change
<Dusty>    when you delete #4
<Dieterbe> oh
<Dusty>    the object with ID 5 becomes the object at #4
<Dieterbe> thanks buddy
<Dusty>    no problem. :)
 
# again, makes perfect sense.  But if you don't know the ins and outs of the datatypes, you're on your own.
 
<Dieterbe> i had a question about your example for the decorator pattern.
           you use a socket and then you have 2 decorators that implement a send function which do some stuff (logging and what not)
           but also the actual sending on the socket
<Dieterbe> and you mention you can have multiple decorators on the same object.  but since each decorator also does the sending on the socket,
           doesn't that mean the sending happens multiple times?
<Dusty>    no, because the first decorator is decorating the second decorator
<Dusty>    which is decorating the socket
<Dieterbe> ah yes you're right. and although you did not specify it like this in the explanation text, it should be clear from the code.
 
# If I would have looked better at the code I would have figured it out.
# I just assumed something had to be wrong, I'm too used to the way 'behaviors' are implemented in CakePHP.
 
<Dieterbe> one last remark i have about the book: i couldn't find an explanation of static variables/properties.
           i did see a very short mention of static methods in the case study at the end of chap 3, i would have expected to have that info a bit more 
           prominent, in it's own subsection or something
<Dieterbe> especially because you use static class methods a few times throughout the book
<Dusty>    I had a long section on them and ended up removing it because the chapter was too long and one of my reviewers suggested that they aren't very good form in Python.
<Dieterbe> hmm. i see

The writing is pretty informal, and here and there you'll find a subtle reference or joke. But of course that's not what you buy this book for.

Conclusion

I would say the "who this book is for" part is a bit too optimistic. You won't learn Python (3) from scratch by only using this book. It's not a book restricted to mere OO subjects (in python), but neither does it cover all basics of the Python language.

So if you are a python newbie, I would probably recommend you 'Dive into python'. It's free, covers the basics, but doesn't contain so many real life examples.

If you want to know more about OO in python, design patterns, some real life examples and techniques, or advice from a pro, then I definitely recommend this book.

Free chapter: Chapter No. 7 – Python Object-oriented Shortcuts

Tomboy sync and Ubuntu One

I love tomboy. I drop tons of my ideas into it. And plans. Lists. Anything on my brain. The problem is as soon as I have more than one computer, like now with my netbook and laptop, all my thoughts are split in half. Ever since tomboy hit the scene years ago I've loved it but also known it needed synchronization to be the best and truly useful to me. I've only had sporadic luck with the sshfs sync. It worked last year. Now it doesn't.
Anyways, I finally couldn't stand it any longer and decided to sign up for an Ubuntu One account that goes with the Ubuntu Web Sync plugin shipped with Tomboy on Ubuntu. I'm not normally one for web services, I like to roll my own where I can (email, jabber, blog), but here since sshfs sync wasn't working and snowy (tomboy online) is pre alpha, I didn't have a choice.
(Actually, in hindsight I realize I could have tried and been using sync to local folder and placed that in my DropBox, whoops)
Anyways, it was painless and now my notes are synced to the cloud and my brain is healed. So thank you Ubuntu. I'm not a huge fan of proprietary solutions but no one else has a solution at all, so you win by virtue of just shipping. (Of course this isn't exactly a multi platform approach, I just thankfully only run Ubuntu on my laptops right now. A few years ago when I ran Gentoo on desktops/laptops this would have been a no go, and Dropbox would have probably floated to the top of my mind sooner)
Let that be a lesson to the rest of you, ideals are good, but solid options are better.

I need to get back into blogging, but like so many others, twitter has been eroding at that. We shall see.

gentoo mp3 tag editor

Fail2ban and postfix sasl

Today I found the usual chinese trying to get in my smtp to send his spam to the world and I realized that fail2ban wasn’t working because the regexp used to match the offender is wrong.

This is the log entry (/var/log/mail)
Aug 21 22:45:30 myserver postfix/smtpd[12071]: warning: unknown[xxx.xxx.xxx.xxx]: SASL LOGIN authentication failed: authentication failure

and this is the regex that work , just remove the part after “authentication failed” (/etc/fail2ban/filter.d/sasl.conf)

failregex = (?i): warning: [-._\w]+\[<host>\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed

Test it:
fail2ban-regex /var/log/mail.log /etc/fail2ban/filter.d/sasl.conf

if you are on a slow server or on a big mail server use /var/log/mail.err instead

Hacked my Drupal into acknowledging Flattr

Well, I'm not very proud of it, but I got the Flattr button working somehow. I've added the static button to the theme's template, so it shows on every node.

OK, technically it's not pretty, but to be fair, my current Drupal install isn't either (that's also the reason why Drupal's Flattr module doesn't work for me in the first place).

Can't wait for Drupal 7 to come out, get myself a PlugComputer and migrate to it.

...actually can't wait until I get that done, with the state of my DB this should be quite an ugly ordeal :\

hook out >> taking a nap to cure the headache, then working on a text to finish my application for that legal counselling job
<!--break-->