Home Home > Base-system
Sign up | Login

Deprecation notice: openSUSE Lizards user blog platform is deprecated, and will remain read only for the time being. Learn more...

Archive for the ‘Base System’ Category

« Older Entries
Newer Entries »

Adobe Flash 64 bits under openSUSE 64bits (11.2,11.3,11.4,factory)

December 17th, 2010 by

Non Free

Dear readers, we sometimes have to use non-free software. This post will learn you how to get the latest flash player supporting natively your favorite openSUSE Linux 64 bits distribution.

Keep in mind that it is preview software, actually pre-release code quality, and with it you will not receive any security updates. Keep an eyes on it, and refresh it manually if newer version are published

So why to try that software ? My answer is simple : it’s a native 64bits plug-in. So it’s interaction with your native 64bits browser, should give you a better stability. My experience using it in the last 4 months is pretty good, no Firefox crash due to flash. (Several pro week or day with the 32bits 10.0 version)

Get ready

Remove any installed 32bits packages

First things to do, remove all actual 32bits flash installed.

zypper rm flash-player pullin-flash-player

Get the lastest Flash square preview

Go the main project page Square
Read the informations, and the Adobe License you implicitly accept by using this software.
Then Download the tar.gz

cd /tmp
wget http://download.macromedia.com/pub/labs/flashplayer10/flashplayer10_2_p3_64bit_linux_111710.tar.gz

Uncompress & Install

tar -xvzf flashplayer10_2_p3_64bit_linux_111710.tar.gz
sudo chown root:root libflashplayer.so
sudo cp libflashplayer.so /usr/lib64/browser-plugins/libflashplayer.so

Test

Close any firefox or konqueror running, and restart them
under firefox, launch the about:plugins uri

and you should see

Shockwave Flash
File: libflashplayer.so
Version:
Shockwave Flash 10.3 d162

Have a nice surfing session, if you like flash website .

Tags: , , , ,
Posted in Base System, KDE, Mozilla | 7 Comments »

updated permissions handling in 11.4

November 24th, 2010 by

In addition to supporting file system capabilities (fate#307254) I’ve also updated the permissions handling in 11.4 slightly.

There have been complaints that every SuSEconfig run also calls SuSEconfig.permissions which leads to changed file permissions at unexpected times. Therefore I’ve modified SuSEconfig.permissions to only actually set permissions when called explicitly (ie SuSEconfig –module permissions). When called by a generic SuSEconfig run SuSEconfig.permissions now only shows files with wrong permissions but doesn’t actually fix them anymore.

Since packages that have files with special permission handling do call SuSEconfig.permissions explicitly via %run_permissions in %post the change above alone isn’t sufficient to avoid surprises. Therefore I’ve introduced the new macro %set_permissions. This macro expects file names as arguments. Only permissions of those files are adjusted then. To notify packagers of that new method an rpmlint check now issues an informal message if %run_permissions is used.

Posted in Base System, Distribution, Factory, Security | 2 Comments »

Make vmware workstation 7.1.3 running with opensuse 11.4 (kernel 2.6.37)

November 15th, 2010 by

Note about the 2.6.37xx

There’s a solution to make the kernel modules building under openSUSE factory (11.4) and the kernel 2.6.37

Preparation

download the lastest vmware workstation 7.1.3 (the patch is only for this version)
download the patch vmware-7.1.3-2.6.37-rc5.patch
download the script to patch patch-modules_v62-opensuse.sh

Install

Proceed to the normal installation of workstation, if you have older version, it will be replaced
by running under root account

sh VMware-Workstation-Full-7.1.3-324285.x86_64.bundle

Patch

Now we have to apply the needed patch, just run as root 

sh patch-modules_v62-opensuse.sh

Here the output result

sh patch-modules_v62-opensuse.sh 
(Stripping trailing CRs from patch.)
patching file vmci-only/include/compat_semaphore.h
(Stripping trailing CRs from patch.)
patching file vmmon-only/linux/driver.c
(Stripping trailing CRs from patch.)
patching file vmnet-only/compat_semaphore.h
(Stripping trailing CRs from patch.)
patching file vsock-only/shared/compat_semaphore.h
Stopping VMware services:
   VMware USB Arbitrator                                               done
   VM communication interface socket family                            done
   Virtual machine communication interface                             done
   Virtual machine monitor                                             done
   Blocking file system                                                done
Using 2.6.x kernel build system.
make: Entering directory `/tmp/vmware-root/modules/vmmon-only'
make -C /lib/modules/2.6.37-rc5-12-desktop/build/include/.. SUBDIRS=$PWD SRCROOT=$PWD/. \
  MODULEBUILDDIR= modules
make[1]: Entering directory `/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop'
make -C ../../../linux-2.6.37-rc5-12 O=/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop/. modules
  CC [M]  /tmp/vmware-root/modules/vmmon-only/linux/driver.o
  CC [M]  /tmp/vmware-root/modules/vmmon-only/linux/iommu.o
/tmp/vmware-root/modules/vmmon-only/linux/iommu.c: In function ‘IOMMUUnregisterDeviceInt’:
/tmp/vmware-root/modules/vmmon-only/linux/iommu.c:217:17: warning: ignoring return value of ‘device_attach’, declared with attribute warn_unused_result
  CC [M]  /tmp/vmware-root/modules/vmmon-only/linux/hostif.o
/tmp/vmware-root/modules/vmmon-only/linux/hostif.c: In function ‘HostIFReadUptimeWork’:
/tmp/vmware-root/modules/vmmon-only/linux/hostif.c:2004:37: warning: ‘newUpBase’ may be used uninitialized in this function
  CC [M]  /tmp/vmware-root/modules/vmmon-only/linux/driverLog.o
  CC [M]  /tmp/vmware-root/modules/vmmon-only/common/memtrack.o
  CC [M]  /tmp/vmware-root/modules/vmmon-only/common/vmx86.o
  CC [M]  /tmp/vmware-root/modules/vmmon-only/common/cpuid.o
  CC [M]  /tmp/vmware-root/modules/vmmon-only/common/task.o
  CC [M]  /tmp/vmware-root/modules/vmmon-only/common/hashFunc.o
  CC [M]  /tmp/vmware-root/modules/vmmon-only/common/comport.o
  CC [M]  /tmp/vmware-root/modules/vmmon-only/common/phystrack.o
  CC [M]  /tmp/vmware-root/modules/vmmon-only/vmcore/moduleloop.o
  LD [M]  /tmp/vmware-root/modules/vmmon-only/vmmon.o
  Building modules, stage 2.
  MODPOST 1 modules
  CC      /tmp/vmware-root/modules/vmmon-only/vmmon.mod.o
  LD [M]  /tmp/vmware-root/modules/vmmon-only/vmmon.ko
make[1]: Leaving directory `/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop'
make -C $PWD SRCROOT=$PWD/. \
  MODULEBUILDDIR= postbuild
make[1]: Entering directory `/tmp/vmware-root/modules/vmmon-only'
make[1]: `postbuild' is up to date.
make[1]: Leaving directory `/tmp/vmware-root/modules/vmmon-only'
cp -f vmmon.ko ./../vmmon.o
make: Leaving directory `/tmp/vmware-root/modules/vmmon-only'
Built vmmon module
Using 2.6.x kernel build system.
make: Entering directory `/tmp/vmware-root/modules/vmnet-only'
make -C /lib/modules/2.6.37-rc5-12-desktop/build/include/.. SUBDIRS=$PWD SRCROOT=$PWD/. \
  MODULEBUILDDIR= modules
make[1]: Entering directory `/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop'
make -C ../../../linux-2.6.37-rc5-12 O=/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop/. modules
  CC [M]  /tmp/vmware-root/modules/vmnet-only/driver.o
  CC [M]  /tmp/vmware-root/modules/vmnet-only/hub.o
  CC [M]  /tmp/vmware-root/modules/vmnet-only/userif.o
  CC [M]  /tmp/vmware-root/modules/vmnet-only/netif.o
  CC [M]  /tmp/vmware-root/modules/vmnet-only/bridge.o
  CC [M]  /tmp/vmware-root/modules/vmnet-only/filter.o
  CC [M]  /tmp/vmware-root/modules/vmnet-only/procfs.o
  CC [M]  /tmp/vmware-root/modules/vmnet-only/smac_compat.o
  CC [M]  /tmp/vmware-root/modules/vmnet-only/smac.o
  CC [M]  /tmp/vmware-root/modules/vmnet-only/vnetEvent.o
  CC [M]  /tmp/vmware-root/modules/vmnet-only/vnetUserListener.o
  LD [M]  /tmp/vmware-root/modules/vmnet-only/vmnet.o
  Building modules, stage 2.
  MODPOST 1 modules
  CC      /tmp/vmware-root/modules/vmnet-only/vmnet.mod.o
  LD [M]  /tmp/vmware-root/modules/vmnet-only/vmnet.ko
make[1]: Leaving directory `/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop'
make -C $PWD SRCROOT=$PWD/. \
  MODULEBUILDDIR= postbuild
make[1]: Entering directory `/tmp/vmware-root/modules/vmnet-only'
make[1]: `postbuild' is up to date.
make[1]: Leaving directory `/tmp/vmware-root/modules/vmnet-only'
cp -f vmnet.ko ./../vmnet.o
make: Leaving directory `/tmp/vmware-root/modules/vmnet-only'
Built vmnet module
Using 2.6.x kernel build system.
make: Entering directory `/tmp/vmware-root/modules/vmblock-only'
make -C /lib/modules/2.6.37-rc5-12-desktop/build/include/.. SUBDIRS=$PWD SRCROOT=$PWD/. \
  MODULEBUILDDIR= modules
make[1]: Entering directory `/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop'
make -C ../../../linux-2.6.37-rc5-12 O=/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop/. modules
  CC [M]  /tmp/vmware-root/modules/vmblock-only/linux/filesystem.o
  CC [M]  /tmp/vmware-root/modules/vmblock-only/linux/dentry.o
  CC [M]  /tmp/vmware-root/modules/vmblock-only/linux/stubs.o
  CC [M]  /tmp/vmware-root/modules/vmblock-only/linux/dbllnklst.o
  CC [M]  /tmp/vmware-root/modules/vmblock-only/linux/file.o
  CC [M]  /tmp/vmware-root/modules/vmblock-only/linux/block.o
  CC [M]  /tmp/vmware-root/modules/vmblock-only/linux/module.o
  CC [M]  /tmp/vmware-root/modules/vmblock-only/linux/super.o
  CC [M]  /tmp/vmware-root/modules/vmblock-only/linux/inode.o
  CC [M]  /tmp/vmware-root/modules/vmblock-only/linux/control.o
  LD [M]  /tmp/vmware-root/modules/vmblock-only/vmblock.o
  Building modules, stage 2.
  MODPOST 1 modules
  CC      /tmp/vmware-root/modules/vmblock-only/vmblock.mod.o
  LD [M]  /tmp/vmware-root/modules/vmblock-only/vmblock.ko
make[1]: Leaving directory `/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop'
make -C $PWD SRCROOT=$PWD/. \
  MODULEBUILDDIR= postbuild
make[1]: Entering directory `/tmp/vmware-root/modules/vmblock-only'
make[1]: `postbuild' is up to date.
make[1]: Leaving directory `/tmp/vmware-root/modules/vmblock-only'
cp -f vmblock.ko ./../vmblock.o
make: Leaving directory `/tmp/vmware-root/modules/vmblock-only'
Built vmblock module
Using 2.6.x kernel build system.
make: Entering directory `/tmp/vmware-root/modules/vmci-only'
make -C /lib/modules/2.6.37-rc5-12-desktop/build/include/.. SUBDIRS=$PWD SRCROOT=$PWD/. \
  MODULEBUILDDIR= modules
make[1]: Entering directory `/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop'
make -C ../../../linux-2.6.37-rc5-12 O=/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop/. modules
  CC [M]  /tmp/vmware-root/modules/vmci-only/linux/driver.o
  CC [M]  /tmp/vmware-root/modules/vmci-only/linux/driverLog.o
  CC [M]  /tmp/vmware-root/modules/vmci-only/linux/vmciKernelIf.o
  CC [M]  /tmp/vmware-root/modules/vmci-only/common/vmciDatagram.o
  CC [M]  /tmp/vmware-root/modules/vmci-only/common/vmciDriver.o
  CC [M]  /tmp/vmware-root/modules/vmci-only/common/vmciDs.o
  CC [M]  /tmp/vmware-root/modules/vmci-only/common/vmciContext.o
  CC [M]  /tmp/vmware-root/modules/vmci-only/common/vmciHashtable.o
  CC [M]  /tmp/vmware-root/modules/vmci-only/common/vmciEvent.o
  CC [M]  /tmp/vmware-root/modules/vmci-only/common/vmciQueuePair.o
  CC [M]  /tmp/vmware-root/modules/vmci-only/common/vmciGroup.o
  CC [M]  /tmp/vmware-root/modules/vmci-only/common/vmciResource.o
  CC [M]  /tmp/vmware-root/modules/vmci-only/common/vmciProcess.o
  LD [M]  /tmp/vmware-root/modules/vmci-only/vmci.o
  Building modules, stage 2.
  MODPOST 1 modules
  CC      /tmp/vmware-root/modules/vmci-only/vmci.mod.o
  LD [M]  /tmp/vmware-root/modules/vmci-only/vmci.ko
make[1]: Leaving directory `/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop'
make -C $PWD SRCROOT=$PWD/. \
  MODULEBUILDDIR= postbuild
make[1]: Entering directory `/tmp/vmware-root/modules/vmci-only'
make[1]: `postbuild' is up to date.
make[1]: Leaving directory `/tmp/vmware-root/modules/vmci-only'
cp -f vmci.ko ./../vmci.o
make: Leaving directory `/tmp/vmware-root/modules/vmci-only'
Built vmci module
Using 2.6.x kernel build system.
make: Entering directory `/tmp/vmware-root/modules/vsock-only'
make -C /lib/modules/2.6.37-rc5-12-desktop/build/include/.. SUBDIRS=$PWD SRCROOT=$PWD/. \
  MODULEBUILDDIR= modules
make[1]: Entering directory `/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop'
make -C ../../../linux-2.6.37-rc5-12 O=/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop/. modules
  CC [M]  /tmp/vmware-root/modules/vsock-only/linux/af_vsock.o
/tmp/vmware-root/modules/vsock-only/linux/af_vsock.c: In function ‘VSockVmciStreamConnect’:
/tmp/vmware-root/modules/vsock-only/linux/af_vsock.c:3172:4: warning: case value ‘255’ not in enumerated type ‘socket_state’
  CC [M]  /tmp/vmware-root/modules/vsock-only/linux/vsockAddr.o
  CC [M]  /tmp/vmware-root/modules/vsock-only/linux/util.o
  CC [M]  /tmp/vmware-root/modules/vsock-only/linux/stats.o
  CC [M]  /tmp/vmware-root/modules/vsock-only/linux/notify.o
  CC [M]  /tmp/vmware-root/modules/vsock-only/driverLog.o
  LD [M]  /tmp/vmware-root/modules/vsock-only/vsock.o
  Building modules, stage 2.
  MODPOST 1 modules
  CC      /tmp/vmware-root/modules/vsock-only/vsock.mod.o
  LD [M]  /tmp/vmware-root/modules/vsock-only/vsock.ko
make[1]: Leaving directory `/usr/src/linux-2.6.37-rc5-12-obj/x86_64/desktop'
make -C $PWD SRCROOT=$PWD/. \
  MODULEBUILDDIR= postbuild
make[1]: Entering directory `/tmp/vmware-root/modules/vsock-only'
make[1]: `postbuild' is up to date.
make[1]: Leaving directory `/tmp/vmware-root/modules/vsock-only'
cp -f vsock.ko ./../vsock.o
make: Leaving directory `/tmp/vmware-root/modules/vsock-only'
Built vsock module
Starting VMware services:
   VMware USB Arbitrator                                               done
   Virtual machine monitor                                             done
   Virtual machine communication interface                             done
   VM communication interface socket family                            done
   Blocking file system                                                done
   Virtual ethernet                                                    done
   Shared Memory Available                                             done


All done, you can now run VMWare WorkStation.
Modules sources backup can be found in the '/usr/lib/vmware/modules/source-workstation7.1.3-2010-12-13-19:07:07-backup' directory

References

vmware community post
vmware community thread

Mark D Bernstein aka InitiaZero for providing the script and patch by email and having ping me about it

Enjoy, and thanks to people having done the crappy job before.

Tags: , , , ,
Posted in Base System, Kernel, Virtualization | 4 Comments »

OBS 2.1: Status of SuperH (sh4) support with QEMU

October 24th, 2010 by

With established ARM support in OBS the as well as emulated MIPS and PowerPC is getting more mature, the last big embedded architecture not working in OBS with QEMU user mode was SH4. QEMU developers community had done a lot of work in improving QEMU user mode during the last months, so I can proudly present with currently only a few patches to QEMU git master OBS builds working with the SH4 port of Debian Sid. The new QEMU 0.13 released recently is a big milestone for this.

Another news is that I had fixed the bugs in Virtual Machine builds (build script) when using them with some architectures like PowerPC 32bit and SH4. So now also the combination of using for example KVM (XEN should also work) in a worker together with ARM, MIPS, PowerPC and SH4 is working. The appropriate fixes are in one of the next build script releases (if not even released already now with OBS 2.1, I have to check that). You can select architecture “sh4” with OBS 2.1 and also start a scheduler with “sh4”.

With the use of the QEMU User Mode, you can build also accelerated native cross toolchains for your host architecture so time critical parts like the compiler can run without the emulator. This works with .deb as well as with .rpm based backages. The MeeGo Project as well as the openSUSE Port to ARM uses this technique to provide an optimum between compatibility and performance. It means you can mix natively build packages and use cross toolchains on it. The “CBinstall:” feature helps you to use native or cross builds automatically depending on if your build host is a native machine or a x86 machine with cross build. In summary, we have the current classics of linux embedded archs together now in OBS: ARM, x86, MIPS 32, PowerPC 32 and SH4.

I have uploaded the fixed QEMU package to the OBS project openSUSE:Tools:Unstable inside the package “qemu-devel” after some more testing. I have of course also a OBS meta prjconf file working with Debian Sid. The SH4 port of Debian Sid you can find at Debian Ports Site.

And last but not least I would like to thank Riku Voipio of the Debian Project, QEMU project and MeeGo project and other major contributors during the QEMU 0.13 development cycle for the restless work on QEMU user mode improvements. In case of KVM, QEMU is used even twice, with QEMU-KVM as well as QEMU User Mode. I am sure I had forgotten other important people, so thanks to them also.

Posted in Build Service, Distribution, Packaging, Toolchain, Virtualization | 3 Comments »

systemd – and #osc10

October 8th, 2010 by

Systemd is a replacement for SystemV init and in heavy development since the first announcement on April 30th by Lennart Poettering. Thanks to Kay Sievers’ work, we have packages for openSUSE curent Factory stream as well. I gave them a try a couple of weeks ago but somehow did not succeed with getting a working system. At LinuxKongress I met Lennart and decided to give systemd another try. I still could not log into the system due to it using NIS and automount for NFS home directories and started debugging this together with Kay over IRC in a virtual machine first. Once we had a workaround for me, I used systemd on my workstation and Kay and Lennart fixed the problem in systemd properly. I run into a couple of more problems and thus were fixed quickly so that the last release – systemd 11 – works fine on my workstation running openSUSE Factory (Factory is the development version for the next openSUSE release, in this case for 11.4).

The role of init, whether it’s SysV init, upstart or systemd, is to initialize the system (it’s the first process that gets started by the kernel) so that users can login, starts all the essential services, e.g. the cups daemon for printing, and handles session management. So, it’s a system and session manager.

So, what’s so cool about systemd? (more…)

Posted in Base System, Distribution, Events, Factory | 8 Comments »

Wacom Bamboo Pen and openSUSE 11.3

September 23rd, 2010 by

It all started when my daughter discovered the Bamboo Pen. Naturally the tablet quickly turned into a must have accessory to her computer. After a bit of Googling I came to the conclusion that making the beast work with Linux should be possible. The prize for the effort would be a very happy young lady.

In order to avoid any potential hassle with shipping etc. we went to the local Best Buy to buy the tablet. As the store had the hardware at the same price as online retailers that decision was easy.

Once I actually had my fingers on the tablet it was time to make it work. Doing a bit more detailed research now, I found various openSUSE forum posts and various other links. Some of these were not quite consistent, others appeared to address only half the solution. Therefore, I decided to cast away most of what I had found and just concentrate on the information found on the Linux Wacom Project. The HOWTO is informative and provides all information needed to get everything working. The HOWTO does not provide the information in the linear fashion I like, when I try to get something new to work. With a bit of hoping back and forth and some pocking around I got the tablet to work.

Now to the linear summary on how to get the tablet working.

  • Install openSUSE 11.3
  • Install the necessary packages to build the code provided by the Wacom project (root access required)
    • kernel-source
    • kernel-syms
    • xorg-x11-server-sdk
    • plus make and standard build infrastructure
  • Get the sources from the Wacom download page (0.8.8 at the time of this writing). This is the kernel driver code. The included X utilities and driver code in this version will not work on openSUSE 11.3 and will not build either, that’s OK.
  • Get the X utils and driver code from the Wacom main page. The link at the time of this writing is near the top of the page and links to version 0.10.8
  • Build the kernel driver
    • Unpack the kernel driver code tar -xjvf linuxwacom-0.8.8-8.tar.bz2
    • cd linuxwacom-0.8.8-8
    • Configure the build ./configure --enable-wacom
    • Build the driver make
  • Copy the newly built driver over the driver supplied by the openSUSE kernel (root access required) cp src/2.6.30/wacom.ko /lib/modules/`uname -r`/kernel/drivers/input/tablet/
      • If you want to make a backup copy of the project provided driver make sure you store the copy outside of the modules tree, i.e. outside of /lib/modules/`uname -r`
  • Remove any updates for the driver rm /lib/modules/`uname -r`/weak-updates/updates/wacom.ko
  • Build the X11 utils and driver
    • Unpack the sources tar -xjvf xf86-input-wacom-0.10.8.tar.bz2
    • cd xf86-input-wacom-0.10.8
    • Configure the build ./configure
    • Build make
    • Install (root access required)make install
  • Create a udev rule (root access required)
    • With your favorite editor open /etc/udev/rules.d/60-wacom.rules
    • Add the following code
      # udev rules for wacom tablets.
      KERNEL!="event[0-9]*", GOTO="wacom_end"
      # Multiple interface support for stylus and touch devices.
      DRIVERS=="wacom", ATTRS{bInterfaceNumber}=="00", ENV{WACOM_TYPE}="stylus"
      DRIVERS=="wacom", ATTRS{bInterfaceNumber}=="01", ENV{WACOM_TYPE}="touch"
      # Convenience links for the common case of a single tablet. We could do just this:
      #ATTRS{idVendor}=="056a", SYMLINK+="input/wacom-$env{WACOM_TYPE}"
      # but for legacy reasons, we keep the input/wacom link as the generic stylus device.
      ATTRS{idVendor}=="056a", ENV{WACOM_TYPE}!="touch", SYMLINK+="input/wacom"
      ATTRS{idVendor}=="056a", ENV{WACOM_TYPE}=="touch", SYMLINK+="input/wacom-touch"
      # Check and repossess the device if a module other than the wacom one
      # is already bound to it.
      ATTRS{idVendor}=="056a", ACTION=="add", RUN+="check_driver wacom $devpath $env{ID_BUS}"
      LABEL="wacom_end"
  • Regenerate the module dependencies depmod -e

There you go, now you can connect the tablet, fire up GIMP and be creative.

Posted in Desktop, Kernel, Miscellaneous | 6 Comments »

Another openSUSE kernel git repo

September 14th, 2010 by

The mirror of the openSUSE kernel-source repository has been around for several months already, now there is something new: A repository that is actually usable :-). The current kernel-source repository is a series of patches managed in git, which has some upsides, like the ability to easily cherry-pick a patch and port it to a different branch or send it upstream. But it is quite painful if you want to work with the code itself and not with patch files. A task as simple as determining if drivers/…/foo.c in openSUSE-11.3 has or does not have a certain change requires checking out the branch and running the sequence-patch script to be able to look at the file. If you need to know when was the file changed, you have to run ‘quilt patches <file>’ to find out what patches touched the file and then ask git about the history of these patches. Neither convenient nor efficient. That’s why we have a second repository, that contains the mainline tree with all the suse patches applied. It’s located at http://gitorious.org/opensuse/kernel, the clone url is git://gitorious.org/opensuse/kernel.git. If you already have a clone of the mainline tree, then you can download just the differences with

git remote add suse git://gitorious.org/opensuse/kernel.git
git remote update suse
git checkout suse/master

The above task is then solved by opening the required file in an editor or typing ‘git show branch:file’. And you don’t even need to clone the tree to quickly check something in the source, just use the web viewer. Also, bisecting is much easier, because you avoid the sequence-patch step now. There are some gotchas though:

  • Not every commit to the kernel-source repository results in a change in the kernel repository. For instance updating config files in the kernel-source repository results in a commit that has no text changes. The gitorious viewer is confused by this and tells you that you are viewing the initial commit. In a local clone, you can exclude such commits with ‘git log .’ (note the dot).
  • When the patch series does not apply, there isn’t much to show in the kernel repository. In such case, the commit only adds a ‘BROKEN’ file to the toplevel directory and uses the tree from the previous commit. When using a bisect script, you can skip such commits with e.g. ‘test -e BROKEN && exit 125’.
  • When patches such as xen are temporarily disabled while updating to newer upstream versions and later enabled, it generates huge diffs back and forth. That’s usually not a problem unless you are bisecting something xen-related.

Anyway, I’m sure this will be useful for anyone who needs to debug something in the openSUSE kernel.

Posted in Kernel | Comments Off on Another openSUSE kernel git repo

Come on ! Join the Bacula developer conference

August 30th, 2010 by

I love to see all of you, devs, packagers or just curious on the Bacula developer conference held in Yverdon-Les-Bains Switzerland on September 26, 27 & 28.

Direct information : bacula.org conf page

You don’t know what bacula is ? Well I would summarize it as an one of the essential component in enterprise IT. It not only backup your data, it give you them back when needed ! Don’t smile, many backup solution failed (even proprietary solutions) in this last crucial point.

Here’s  the program extracted from our mailing-list.

Are you interested to:

  • Meet the Bacula developers in person
  • Learn how we maintain the source code
  • Hear some presentations about Bacula from the developers
  • Want to learn about and help define the Bacula roadmap.
  • Want to give feedback or ideas directly to the developers.
  • Learn more about Bacula Systems
  • Any of a load of other reasons

If so, we wondering if there is enough interest to have a Bacula developer’s
conference in Yverdon, Switzerland (about 1.5 hour by train from Geneva
Airport) on the 27th and 28th of September.

Maps : here

If you arrive on Sunday the 26th there would even be a chance to meet most of the Bacula Systems founders in person.

This conference would be mainly interesting for developers and advanced Bacula
users, but it is open and free for everyone. If you are or have been a
contributor to the Bacula project, the project may be able to sponsor part of
your trip.

Sunday 26 Sept.  
  Bacula Systems Open House.  Visit the Bacula Systems offices and meet the
  Bacula developers and the Bacula Systems founders.  Totally informal and
  optional.


Day 1: Monday 27 September 2010
  Presentations by Bacula developers and anyone else who would like to give a
  formal presentation (30 to 45 minutes)

  Tentative program:
  - Swisscom sharing our experiences with Bacula (SAP backup, ...)
  - DassIT new Bacula conf file GUI editor
  - Bacula in Brazil
  - Linux Bare Metal Recovery
  - Bacula development process
  - Bacula Roadmap
  - Bweb
  - How Bacula Systems supports the project -- Rob Morrison

Day 2: Tuesday 28 September 2010
  Birds of a feather meetings:
  Informal direct conversations with the developers, planning, 
    organizing, ...
  - Using git
  - How patches are integrated
  - Regression testing
    - CDash regression dashboard
  - Release cycle
  - Roadmap discussion and your input
    Brain storming new backup strategies such as deduplication
  - How Bacula plugins work
  - Rpms and how to improve them
    ...

Naturally, we will furnish plenty of beer and pizza and other goodies.

Best regards,
Kern Sibbald

Tags: ,
Posted in Base System, Events | Comments Off on Come on ! Join the Bacula developer conference

OBS 2.1: ACL Feature and Status

August 15th, 2010 by

One and a half year is now gone since I posted about my work for ARM support in the OBS and the work for a port of openSUSE to ARM. Lots of things had happened in the meantime that are related, from my limited view most notably Nokia and Intel joining Moblin and Maemo to MeeGo (MeeGo is currently working on a number of Atom and ARM based devices), chosing to use OBS as build system and last but not least myself joining The Linuxfoundation (you will be not surprised to hear that I work at LF on OBS). In the meantime there had also been a major new OBS release 1.8/2.0 with a bunch of new features.

Interesting is the fact that we adapted the cross build system for OBS to MeeGo, first developed for use in Maemo and openSUSE @ ARM. An improved version for the standard MeeGo releases, and for the MeeGo weekly snapshots is used in the MeeGo OBS System to build all ARM releases of MeeGo (the cross toolchain will later get part of the MeeGo SDK @ ARM), thanks to Jan-Simon Möller (In the openSUSE ML, the issue of reactivating openSUSE:Factory ARM builds were brought up. So it might be a good variant to backport Jan-Simons new solution back into openSUSE @ ARM for that purpose). All the MeeGo related OBS installations will move sooner or later to OBS 2.1.

But now to the most recent work, Access Control support. A preview was shipped with OBS 1.8. Now an own OBS version, 2.1, will be dedicated to the introduction of this single new feature into the OBS mainline: Access Control (or abbrevated ACL for Access Control Lists). ACL means that there is control by the user on a per project or per package basis to protect information, source and binaries from the read access of other users in an OBS system and to hide projects or packages.

What is the intended audience of ACL? ACL is intended for installations of OBS that require protection of projects or packages during work. This can be but is not limited to commercial installations of OBS, or semi public installations of OBS.

How does ACL work? ACL sits on top of two features introduced with OBS 2.0: Role and Permission Management as well as freely definable user groups. ACL uses 4 specifically defined permissions (‘source_access’ for read access to sources, ‘private_view’ for viewing package and project information, ‘download_binaries’ for read access to binaries and ‘access’ permission to protect and hide everything and all from read access and viewing) on a user or group in the Role and Permission management. Also, the preexisting roles “maintainer”, “reader” and “downloader” had been modified with specific predifined permissions (which can at any time changed with the role and permission editor dynamically). And last but not least 4 new flags (namely ‘sourceaccess’ to signal a project/package has read protected source code, ‘binarydownload’ to signal it has read protected packages, ‘privacy’ to signal information/logfiles or status cannot be read and ‘access’ to hide and protect a project or package completely in all possible OBS API calls) had been added to the project and package descriptions to signal that some information is only readable by specific users or groups, or that information is hidden.

How do I use ACL? There are 4 steps to use ACL (a part of them a optional and can only be performed by the Administator of an OBS instance). Step one is to assign the listed permissions to a role, user or group (this step can be done only by the admin, and is not needed for the predefined roles “maintainer”, “reader” and “downloader”). Step two is to add a group for special users to projects which are intended to be run with ACL (this operations can only be performed by the admin). Step three is to protect a project with appropriate protection flags at project creation by adding them to the project meta. Step four is to add other users or groups with one of the new predefined roles that has ACL permissions added to the project meta.

What information can be protected by ACL? The protected information is grouped into 4 categories. Category 1 (flag ‘sourceaccess’) is source code. Category 2 (flag ‘binarydownload’) is binary packages or logfiles or builds. Category 3 (flag ‘privacy’) is project or package information like build status. Category 4 (flag ‘access’) is all viewable or accessable information to any project or package (full blocking of all access and information).

Example of a project configuration using ACL:

<user userid="MartinMohring" role="maintainer" />
<!-- grant user full write and read access -->

<group groupid="MeeGo-Reviewer" role="maintainer" />
<!-- grant group full write and read access -->

<group groupid="MeeGo-Developers" role="reader" />
<!-- grant group full source read access -->

<group groupid="MeeGo-BetaTesters" role="downloader" />
<!-- grant group access to packages/images -->

  <sourceaccess>
    <disable/>
  </sourceaccess>
  <!-- disable read access - unless granted explictely.
          This flag will not accept arch or repository arguments. -->

  <binarydownload>
    <disable/>
  </binarydownload>
  <!-- disable access - unless granted explictely -
          to packages/image and logfiles -->

  <access>
    <disable/>
  </access>
  <!-- disable access - unless granted explictely-,
          project will not visible or found via search,
          nor will any source or binary or logfile be accessable.
          This flag will not accept arch or repository arguments. -->

  <privacy>
    <enable/>
  </privacy>
  <!-- project will not visible.
          This flag will not accept arch or repository arguments. -->

What is the current status of the ACL implementation? The current status is that the complete API of the OBS git master had been instrumented with ACL code, critical portions of the API controllers had been code inspected and a big portion of these API calls now have a testcase in the OBS testsuite. Work is ongoing to make ACL as secure as possible. A code drop of current git master is under test in some bigger OBS systems, most notably the openSUSE Buildsystem. You can find snapshots of this codebase as usual in the OBS project openSUSE:Tools:Unstable. Adrian Schröter updates these “Alpha Snapshots” relatively often, on a 1-2 weekly basis, and runs the testsuite on git master daily. Thanks to Jan-Simon Möller for putting in many of the testcases into the testsuite for the ACL checks. On OBS Testing in general, read also Development and Test.

What is next? Code is tested and debugged against granting unwanted access due to some concepts inside OBS that are “working against ACL”, like project or package links, aggregates or kiwi imaging. We will inform you interested user of course about beta releases and an official 2.1 release.

Stay tuned.

Posted in Build Service, Packaging, Quality Assurance, Toolchain, Virtualization | Comments Off on OBS 2.1: ACL Feature and Status

Local caching for CIFS network file system – followup

August 5th, 2010 by

Here’s a follow-up to my previous post on Hackweek V: Local caching for CIFS network file system

Since the previous post, I worked on improving the patches that add local caching, fixed a few bugs, addressed review comments from the community and re-posted the patches. I also gave a talk about it at the SUSE Labs Conference 2010 took place at Prague. The slides can be found here: FS-Cache aware CIFS.

This patchset was merged in the upstream Linux kernel yesterday (Yay!) which means this feature would be available starting from kernel version 2.6.35-rc1.

The primary aim of caching data on the client side is to reduce the network calls to the CIFS Server whenever possible, thereby reducing the server load as well the network load. This will indirectly improve the performance and the scalability of the CIFS Server and will improve the number of clients per Server ratio. This feature could be useful in a number of scenarios:

– Render farms in Entertainment industry – used to distribute textures to individual rendering units
– Read only multimedia workloads
– Accelerate distributed web-servers
– Web server cluster nodes serve content from the cache
– /usr distributed by a network file system – to avoid spamming Servers when there is a power outage
– Caching Server with SSDs reexporting netfs data
– where a persistent cache remains across reboots is useful

However, be warned that local caching may not suitable for all workloads and a few workloads could suffer a slight performance hit (for e.g. read-once type workloads). So, you need to careful consider your workload/scenario before you start using local disk caching.

When I reposted this patchset, I got asked whether I have done any benchmarking and could share the performance numbers. Here are the results from a 100Mb/s network:

Environment
————

I’m using my T60p laptop as the CIFS server (running Samba) and one of my test machines as CIFS client, connected over an ethernet of reported speed 1000 Mb/s. ethtool was used to throttle the speed to 100 Mb/s. The TCP bandwidth as seen by a pair of netcats between the client and the server is about 89.555 Mb/s.

Client has a 2.8 GHz Pentium D CPU with 2GB RAM
Server has a 2.33GHz Core2 CPU (T7600) with 2GB RAM

Test
—–
The benchmark involves pulling a 200 MB file over CIFS to the client using cat to /dev/zero under `time’. The wall clock time reported was recorded.

First, the test was run on the server twice and the second result was recorded (noted as Server below i.e. time taken by the Server when file is loaded on the RAM).
Secondly, the client was rebooted and the test was run with caching disabled (noted as None below).
Next, the client was rebooted, the cache contents (if any) were erased with mkfs.ext3 and test was run again with cachefilesd running (noted as COLD)
Next the client was rebooted, tests were run with caching enabled this time with a populated disk cache (noted as HOT).
Finally, the test was run again without unmounting or rebooting to ensure pagecache remains valid (noted as PGCACHE).

The benchmark was repeated twice:

Cache (state) Run #1 Run#2
============= ======= =======
Server 0.104 s 0.107 s
None 26.042 s 26.576 s
COLD 26.703 s 26.787 s
HOT 5.115 s 5.147 s
PGCACHE 0.091 s 0.092 s

As it can be seen when the disk cache is hot, the performance is roughly 5X times than reading over the network. And, it has to be noted that the Scalability improvement due to reduced network traffic cannot be seen as the test involves only a single client and the Server. The read performance with more number of clients would be more interesting as the cache can positively impact the scalability.

Tags: , ,
Posted in Hackweek, Kernel, Samba, Server | Comments Off on Local caching for CIFS network file system – followup

« Older Entries
Newer Entries »