Pages

Sunday, June 21, 2009

A GPG primer - Part II - Encrypting files

In part I I showed you how to configure your Solaris box to run GPG. Now, it's time to use it!

GPG lets you encrypt a file so that only the owner of the key the file was encrypted with can decrypt the message. I warn you once more: as you see, storing your key in a secure place is extremely important. If you think your key might have been compromised, revoke it and create another one.

Encrypting a file

Let's suppose you don't want anybody but you to be able to read a file. As you know, you could store your file in a safe place but safe is never good enough. There could be some use cases for which you'd better have your file encrypted. Imagine you're copying important files on a FAT32 USB drive: FAT32 filesystems has not been built with security in mind! If you encrypt the file(s) with your own key, only you will be able to decrypt them. To encrypt such files, the only command you need is (the two syntaxes are equivalent):

$ gpg --encrypt --recipient 'your-id' filename
$ gpg -er 'your-id' filename

In both cases the encrypted file would be named filename.gpg. If you prefer specifying the output file name, --output is your friend:
$ gpg --er 'your-id' --output outfile filename
The same applies if you're encrypting a file for a friend of yours: just use their key id or their recipient address.

Searching a key in a keyserver

Well, there might have times you don't have your friend's key and maybe is out there, stored in a key server. You can have GPG search the keyserver with just one command:
$ gpg --search-keys 'recipient-id' --keyserver keyserver-address
The keyserver option is optional, otherwise gpg will use its default keyserver.

Decrypting a file
Now you've stored or received a file encrypted with your key. To decrypt it is just as easy:
$ gpg --dr 'your-id' encrypted-file
You'll be asked for your password and then the file will be piped to standard output. As in the case of file encryption, you can specify an output file with the --output option.

Holidays in Crete, part II: relaxing

We woke up late in the morning. Breakfast was scheduled from 08.00 to 10.30 and we hardly showed up at 11.00. Fortunately, there were other latecomers, even if we were the only ones coming from Spain! Spain is different is always a justification. At least, people laughs.

Buffet was pretty well international: not so many greek delicacies there but it was sufficient to satisfy my needs: tea, feta, honey, olives and croissants. As soon as we finished, we went out to smoke a cigarette and there it was, calm and just in front of us: the Aegean Sea.

We stayed in Crete just one week and the idea was spending the first two or three days visiting the island and then just: relax. We never honored the initial schedule, though. The deep blue sea was calling us and touching the car key was painful. Knossos, see you soon.

We dressed our bathing costumes and we went having a sunbath. The hotel was equipped with many swimming pools and we chose one that was built on a terrace just upon the sea shore. The view was very beautiful and the private beach was just below us: twenty steps as a maximum.

At 14.30 we went to the main pool, which has a bar just in the middle, and we had a couple of orange juices. We went to our room, had a shower and a nap!

The first day we really charged our batteries.

Il paese del non-finito e delle chiacchiere

Quando ero piccolo a Padova le scuole finivano sempre prima del Santo. Per me e mia sorella, però, non era la grande (e patavina) festa di piazza il giorno che attendevamo con ansia: all'inizio dell'estate, noi, partivamo.

Mio padre, che allora esercitava ancora la professione medica, ci portava tutti al mare un mese o più, in Sicilia. Il viaggio era lungo e lo facevamo in auto: partivamo prima dell'alba e percorrevamo tutto lo stivale. Ci fermavamo qualche giorno a casa di uno zio, in Puglia, e poi partivamo un'altra volta. Anche così, il viaggio mi sembrava lunghissimo ma, agli occhi di me bambino, era affascinante. Mia sorella era piccola e dormiva sul sedile posteriore eternamente sdraiata e con la testa appoggiata sul grembo di mia nonna. Io sedevo davanti, accanto a mio padre, e non chiudevo occhio nemmeno per un momento. Guardavo fuori, osservavo i campi, ammiravo i viadotti, contavo le linee di mezzeria che intersecavano la traiettoria della nostra auto, contavo le gallerie per cui passavamo e non la smettevo di calcolare quanti chilometri mancavano. Sarà per questo che ricordi così lontani nel tempo sono ancora così vivi nella mia memoria.

Allora, e sto parlando del 1980, il mondo era veramente diverso e sono fermamente convinto che la mia generazione sia stata quella che ha vissuto il cambio più grande: ci dettero alla luce in un mondo, e crescemmo in un altro. Telefonare, allora, voleva dire far girare una ruota di plastica in un apparecchio grigio saldamente ancorato alla parete del corridorio. Fuori di casa, e solo se ce n'era veramente bisogno, telefonare significava anzitutto cercare qualche gettone telefonico per poi entrare in una (fetida) gabina ed effettuare la chiamata. Credo che allora la chiamassimo interurbana a tempo. Le automobili avevano ancora i carburatori e l'aria condizionata era un optional raro. I climatizzatori di oggi, non me li sognavo nemmeno.

Esempi così ne potrei fare a migliaia e se mi avessero raccontato che nel futuro avrei avuto un iPhone o una qualsiasi delle inutilità così chic que abbiamo al giorno d'oggi, non c'avrei creduto, probabilmente.

Ci sono cose che però non cambiano. O che cambiano molto lentamente. Alcune sono buone ed altre lo sono un meno. L'unica cosa che anche il mio io bambino sapeva che non sarebbe cambiata mai sapete qual'è? La Salerno-Reggio Calabria.

Ricordo che quando arrivavamo lì, tutto diventava più brutto. Il mio vocabolario del tempo non poteva essere più elaborato. Semplicemente, brutto. E quando torno in Italia a volte mi dispiace perché sento questa sensazione decadente di dejá vu. Tutto è uguale. Troppo uguale. In Veneto, forse, noterò il nuovo passante di Mestre però temo che è finita lì.

Ed anche quando ti svegli ottimista, bevi il tuo caffè e leggi il giornale, il Corriere della Sera ti ricorda che momento d'inerzia ha il mio bel (?) paese.

Leggete qui...

Più passa il tempo, meno mi interessa, ormai. Non vivendo lì, credo che non potrei capire come e perché i miei connazionali possono (soprav)vivere in un clima di sonnacchiosa indifferenza. Io lavoro e pago le tasse in un altro paese ed ho la soddisfazione, rara per un italiano, di vedere come si spendono i soldi delle mie tasse. A volte bene, a volte meno bene, ovviamente. Però lo vedo. So che non sarà il mio pro-pro-pro-nipote chi vedrà una nuova autostrada, qui a Madrid: lo vedrò io. Arrivai qui tre anni fa ed ho potuto vedere la realizzazione di un'opera pubblica (parte della M30 di Madrid) che a Milano non potrei nemmeno immaginarmi.

Mi dispiace, però sempre meno.

Saturday, June 20, 2009

Solaris Express Community Edition, build 116

This time it wasn't announced: Solaris Express Community Edition build 116 is available for download. Changelogs are here:
It seems there's no bug I'm hitting was fixed in build 116 (while yes, there's a bug I'm waiting build 117 for!). Nevertheless live upgrading is so easy that I'm not missing the opportunity of upgrading my system, as I already explained you in another post.

This time I've experienced a couple of glitches but nothing important: the result is perfectly functioning, as usual. I've hit some minor and inexplicable problems quickly solved:
The issues were partially solved and I'm now happily running my Solaris Express Community Edition build 116.

Haven't you downloaded Solaris or OpenSolaris yet? Don't know what you're waiting for.

NTP goes into maintenance mode: /sbin/sh: /lib/svc/method/xntp: not found

After live upgrading to Solaris Express Community Edition build 116, at the first reboot, I noticed that the NTP service had gone into maintenance mode:
# svcs -xv
svc:/network/ntp:default (Network Time Protocol (NTP) Version 4)
State: maintenance since June 20, 2009 12:44:33 AM CEST
Reason: Start method failed repeatedly, last exited with status 1.
See: http://sun.com/msg/SMF-8000-KS
See: man -M /usr/share/man -s 1M ntpq
See: man -M /usr/share/man -s 1M ntpd
See: man -M /usr/share/man -s 4 ntp.conf
See: /var/svc/log/network-ntp:default.log
Impact: This service is not running.
and the log file clearly showed me the problem:
# tail /var/svc/log/network-ntp\:default.log
[ Jun 20 00:44:32 Executing start method ("/lib/svc/method/xntp"). ]
/sbin/sh: /lib/svc/method/xntp: not found
[ Jun 20 00:44:33 Method "start" exited with status 1. ]
[ Jun 20 00:44:33 Executing start method ("/lib/svc/method/xntp"). ]
/sbin/sh: /lib/svc/method/xntp: not found
[ Jun 20 00:44:33 Method "start" exited with status 1. ]
[ Jun 20 00:44:33 Executing start method ("/lib/svc/method/xntp"). ]
/sbin/sh: /lib/svc/method/xntp: not found
[ Jun 20 00:44:33 Method "start" exited with status 1. ]
[ Jun 20 00:44:43 Rereading configuration. ]

I checked and xntp isn't there. This is related to Solaris switching to NTP version 4: if you just live upgraded to build 116 don't worry. That's indeed a glitch during the first reboot and SMF should have updated the ntp service's manifest during the boot: you won't see that message anymore.

Solaris upgrades NTP to version 4

As explained in the original announcement:
The integration of
PSARC/2009/244 Upgrade NTP to Version 4
4669914 Solaris should update to Version 4 of NTP
is a Flag Day for incremental builds.
Solaris is going to upgrade NTP to version 4. You probably would care if you're building the ON consolidation or if you're really interested in running NTP version 4.

I also warned you about a problem I experienced with Solaris Express Community Edition build 116.

ludelete fails to delete the boot environment: mount point is already in use

While I was live upgrading from Solaris Express Community Edition build 115 to build 116 I decided to free some hard disk space and delete the oldest boot environment I had: snv_114.

That's easy:
# ludelete svn_114
But there was a small problem... ludelete complained about snv_114 unable to use its automatic mount point because the mount point was being used. Do you know what? It wasn't, before launching ludelete but, for reasons I don't understand, after mounting it it was reported as busy.

The Google Finger was going to be triggered immediately and look if there was some known bug out there but fortunately a forced unmount of the boot environmente solved the problem:
# luumount -f snv_114
Pretty strange, indeed.

OpenSolaris bug 6844307: bonobo-activation-server consumes one entire core

As you know, I substituted Thunderbird with Evolution in my Solaris desktop. I'm pretty happy with it but I hit a bug: bonobo-activation-server sometimes starts to spin and consumes one entire core. The user experience isn't completely compromised because I obviously have a multi processor machine but it's a pretty annoying bug. It's summer and in Spain it's very hot, you know. One CPU throttling at 100% means one fan going nuts and rotating all time long.

Googling was useless because the bug is reported in a closed database but there it is. I must thank the guys at the OpenSolaris Communities to help me find it out. A fix is reported to be delivered in build 117 and meanwhile you can safely kill the bonobo-activation-server: I experienced no problem whatsoever.

Wednesday, June 17, 2009

A GPG primer - Part I - Setting up Solaris, creating and distributing a key

I think this is due. I'm a GPG user since a long time and today, still, there are people asking me what are those strange characters out there or why am I doing this.

An encryption key such as GPG's may be used to sign and encrypt communication from and to a sender, the key owner. The key owner, the only one who's got the secret key and its passphrase, can sign and decrypt a message encrypted with such key. Another person who wanted to send me encrypted information could use my public key to encrypt a message and I, and only I, could be able to decrypt the message. That's just the basics and, if you're interested, you could read the GPG User Guide to dig into this subject.

There also exist software which can ease you life with these keys:
  • Some desktop systems come with an integrated key manager that lets you create, sign, encrypt and decrypt files and mail with a bunch of clicks.
  • Some mail client come with similar functionality built-in or via some plugins, such as Evolution or the Enigmail plugin for Thunderbird.
They're so many I'm not even trying to enumerate them. I just focus on man's best friend: good ole command line.

Setting up Solaris

Depending on the Solaris version you're running, maybe you'll need some extra step to set up GPG:
  • Solaris up to version 10: GPG isn't bundled with the OS nor is available in the Companion Software. To install GPG, follow Blastwave's instructions to set up your system and, optionally, follow my instructions to set up a special Blastwave zone. During the recommended Blastwave configuration you'll install GPG (CSWgnupg), too.
  • Solaris Express Community Edition and OpenSolaris-based distros: GPG is (should be) bundled with the OS.

Creating your key

As we said, the first thing you need is a key. You can make one with gpg:
$ gpg --gen-key
and after answering a bunch of questions you'll get your shiny little key

Distribute your key

Unless you're going to encrypt files for yourself, the next thing you've got to do to use your key at full power is distributing it (only the public part of it) to whoever may be interested in:
  • Reading something you signed.
  • Sending you encrypted information.
There are plenty of ways to distribute it but the most effective will be publishing it into a public keyserver:
$ gpg --send-keys key-id --keyserver hkp://subkeys.pgp.net/
Please note the following:
  • Instead of your key-id you could use your name, which was provided to GPG during the key creation phase. If you prefer to know and learn your key-id, you can ask gpg with the --list-keys option.
  • There are many keyserver out there, use the one you like most!
Now, you're ready to tell the world and begin to use your key.

Could I use an iPhone and iTunes with Sun xVM VirtualBox on a Solaris host?

The enterprise I'm working for has just decided to change our phones and buy a last generation iPhone, the iPhone 3G S. Yes,the one at the left.

Whoever knows me knows my legendary gadget-minimalism, too. The good news is that my old and malfunctioning Nokia E65 will be garbage collected. There's really no bad news, despite Apple iPhone size which won't easily fit any of my pockets.

I'm wondering, before even having touched an iPhone (ever), if I'll be able to use its full potential without either a (native) Windows or a (native) Mac OS/X. Will I be able to interface it with iTunes running on a virtualized OS instance on top of Sun xVM VirtualBox? I don't know and I'm pretty curious about it.

I started reading news about it on the Internet and it seems that (most of the) people is pretty much happy with it. For me, and call me a dinosaur, a phone primary function is being a phone but I recognize that having a steady Internet connection and a decent OS on your mobile could be cool, in most situation. Don't know what my girlfriend has to say about it!

The geeky little man inside me made me go and download the SDK just to discover that I need a Mac OS/X, and thus an Apple machine, to build and run some test applications. Disappointing! I'll develop this subject in a later post. The funniest thing I was reading today was the great innovations Apple introduced on the last revision of the iPhone OS such as... copy and paste. I mean, guys, be serious.

As soon as it comes, I'll tell you my impression!

Would you like a cup of tea?

Categorizing things like cuisine may be challenging, if not impossible. Art cannot be classified and categorized with algorithms. But, there surely are best practices you cannot ignore including when doing art. And you should know that the perfect cup of tea is artwork. Or, at least, good craftsmanship.

Didn't you know that? Or perhaps you don't even like tea? Well, maybe you just drank canned and over-edulcorated cold tea or, worse, some cup of hot water with an industrial low quality tea bag. No, that's not tea. The same way an American coffee is not an Italian espresso.

Let's see if I can help you discover your hidden love for tea or, at least, help you enjoy a healthy and flavored cup of tea.

The tools
Every craftsman needs its tools. To make a good cup of tea you need (in no particular order):
  • Patience.
  • Good quality tea.
  • Good quality water (oh yes).
  • A kettle.
  • A teapot.
  • An infuser.
  • Experience.

The tea

First, the obvious: the perfect tea cup only comes with high quality tea. Don't shop for mainstream tea bags (that's just finely ground leaves and who knows what). There are higher quality tea bags but that aren't so easily found as tea leaves. Determining the quality of a leaf isn't a newbie's job, even if you can follow the suggestions I'll give you in the Tea thread.

Now, tea is just a name for the leafs of a class of plants: Camellia Sinensis. You can find plenty of different types of teas out there and the first thing you should be aware of are the basics. Maybe you know that there's black, green, red (and God knows what else) tea on the market. Yes, but the plant is just the same. In another series of posts I'm writing about the kinds of tea and its classifications.

I cannot tell you which tea to choose, that's a matter of taste! If you absolutely don't know where to start, go to a local tea seller and buy small bags of different types: at least one green and one black. Be aware, moreover, that tea shops sell a great number of flavored tea blends, some of which are real classic, such as Earl Grey black tea, which is flavored with bergamot orange essential oil. Personally, I regularly consume:
  • Earl Grey (Black tea).
  • Gunpowder (Green tea).
  • Gunpowder and fresh mint (blended at home)
Discovering new flavors and blends is part of the magic and it might be your game for the years to come!

Water

Water is the other great ingredient: you must start with fresh and good water. If you don't like your tap water, then use bottled water. Bad water, bad tea. I also said fresh water because heaters might extract oxygen from water, which is fundamental during the flavor extraction process.

Heating water in the kettle

Heating water is a delicate process: depending on the type of tea you're gonig to brew, water must be heated at a recommended temperature. Basically, the less oxidized the tea is, the colder the water. Black tea requires rolling boil while green teas require an inferior temperature.

Please, don't go around with thermometers! Rolling boil is easy to recognize, and must only be used for completely oxidized teas. Also remember that boiling water oxygen level get lower, so don't let the water boil for a long time nor heat twice the same water. That would spoil your perfect cup of tea!

Gentler teas, such as white and green, are easily burnt by too hot a water: you'll learn to recognize immediately the bitter taste such tea assumes. Your taste will also play the game: I learned with time the exact temperature for each of the teas I drink. The first times you'll experiment with it, take note on the bags you bought.

A small resume may be this (temperatures are approximate):
  • Green/White teas: 160/180 F (70/80 C)
  • Oolong tea: 190 F (90 C)
  • Black tea: 212 F (100 C)
At 70 F, more or less, water begin to steam and, if you open the kettle, will notice small bubbles starting to rise to the surface. Since then, you can easily make an estimate and begin to learn your kettle.

The quantity of tea you're going to steep depends on the water you're going to use: a regular tea cup is 200 ml. You can just weigh your favorite mug and determine where's the imaginary 200ml line. Some mugs, moreover, come with some illustration on the inner side to indicate it. Look into your mugs and if you're the happy owner of one of these!

The teapot

While waiting for your water to heat, you can go preparing you tea pot. The tea pot, for the water not to cool too early, must be pre-heated. You could use some of the water of the kettle, but in the meantime that water would be cooling off. It would be more difficult to calculate how much water to pour into it, also. Not too bad: just pre-heat it with hot water from the tap, then rinse well.

Once the teapot is ready, throw inside the tea. The correct quantity, guess what? You've got to experiment! It depends on the quality of the tea, on its freshness, on its kind and, of course, on your tastes! The usual dosis is 3 gr (a level tea spoon) per mug.

Brewing your tea

There are multiple brewing techniques:
  • Loose leaves in a teapot
  • Mug infusers
  • French presses
  • Tea balls
One thing to remember when brewing your perfect cup of tea is that the leaves have to unfold and during the process will rise their volumes. Moreover, leaves should be left free to move during the infusion for the flavor extraction process to be effective. All previous methods, except tea balls, are fine and present no problem: I always found tea balls too small and ineffective. If you are going to brew more than one cup of tea, consider using the classic teapot or a French press. If you're brewing just a cup, consider buying a good mug infuser, or basket filter taking into account that they don't fit well into every mug.

Steep time


Now your tea leaves are unfolding inside the warm water. It's a beautiful process to look at and gives even more taste to your perfect cup of tea! If you're starting to familiarize with that particular kind of tea, you can use a spoon and try the tea every bunch of seconds to appreciate how its taste evolves and determine when it's ready for you. You'll also familiarize with the point of no return: that's where you're perfect cup isn't such any longer. Consider as a guidance the following steep times to begin with:
  • Low oxidation teas: 2 to 3 minutes.
  • High oxidation teas: 4 to 5 minutes.
Take into account, also, that leaves must be free to move but you must not stir them (let alone squeeze them!), not even gently with a spoon. It's too typical an error which only gets more tannins released, spoiling the flavor of your tea.

Conclusion and tips

You can now start and prepare your first cup of tea! I hope you enjoy it. The last tip I'll tell you is a consequence of what you read in Steeping time. If you're going to prepare more tea and drink it over time, don't let the tea in the teapot with the leaves. Remove it, instead.

Tea

I'm a real fan of tea. Since I was a child, tea's what warmed me during the winter, freshened during the summer, and delighted every noon of my life. A life without tea wouldn't be the same. Even Nobel Prize W.B. Yeats, mourning the rape of a child (in The stolen child), describes this way the melancholy of the now empty kitchen:
[...]
Away with us he's going,
The solemn-eyed:
He'll hear no more the lowing
Of the calves on the warm hillside
Or the kettle on the hob
Sing peace into his breast,
[...]
Tea is everywhere and surely everybody has had one cup. The problem is that finding, and preparing, a good tea is pretty much rarer than it may seem.

In another post, I'm telling you the basics to prepare your perfect cup of tea: maybe you'll discover and be faithful to a new taste, to new flavors you didn't know before.

In this series of post, I'll introduce you to the basic classification of teas. I say basics because tea is just like coffee or wine: if we began classifying, we wouldn't know when we'd end... Nevertheless such classification is important because it has direct implication on your perfect cup of tea: water temperature and steep time are a function of these parameters.

Geographical regions

Just like as wine, tea of different geographical regions may have peculiarities as well (such as Darjeeling). Cultivation for commercial production has meant that, with years and demand, teas is now cultivated in regions well out of the traditional tropical and subtropical zone. This has also meant that traditional indigenous species, such as Chines Tea (Camellia Sinensis Sinensis) are now cultivated in Europe as well. As far as it concerns our interests, I only remind you that tea has been traditionally classified by cultivation region in India and China. Indian most known tea, for example, is Darjeeling, which is named after the Darjeeling region whose climatological characteristics give that tea its peculiarities.

Oxidation level

As far as it concerns the average user kind of teas, the only interesting difference is the oxidation level attained by the processing of the parts of the plant used to produce tea.

Now, the basic types of tea, organized by oxidation, are:
  • White tea.
  • Black tea.
  • Green tea.
  • Oolong tea.
  • Pu-Erh tea.
A little note about red tea: there's no red tea (in Western Countries). What we call black (fully oxidized) tea is indeed what Eastern people call red tea. There's also another misnomer for red tea: rooibos. Rooibos is not a tea. Some tea shops which don't deserve their name may try to convince you but no, Rooibos plant just is not a Camellia Sinensis.

In order or oxidation (from smallest to greatest) you find:
  • White tea: completely unoxidized.
  • Green tea: low oxidation.
  • Oolong tea: the most common in China, between a 10% to a 70% level of oxidation.
Pu-Erh stands aside because it's a tea produced with different variety of the tea plant (the largest) and, moreover, is produced in a particular region of China: Pu-Erh, indeed.

Black tea, least but not last, is the most oxidized variety of tea, with a characteristic flavor, color and level of caffeine.

Tuesday, June 16, 2009

mplayer: Error opening/initializing the selected video_out (-vo) device

That was indeed the error message that mplayer was presenting me:
Error opening/initializing the selected video_out (-vo) device
Now, I had not chose one. I even deleted my ~/.mplayer folder but nothing, it got stucked there. It's strange, because mplayer should have chosen automatically a video_out device on startup and I swear I never had this problem before on my Debian/testing.

In fact, I had just reinstalled a Debian/testing distribution on Sun xVM VirtualBox on a Solaris Express Community Edition host, because I'm using it as a platform for video transcoding. I'd like to do that on Solaris but I haven't found the time to recompile at least ffmpeg, if not mplayer and all of its dependencies. Blastwave's ffmpeg, indeed, is way too old and I found some bugs that prevented it doing its job. Until then, and thanks to VirtualBox, I'll use Debian/testing instead.

Now, the solution's pretty easy but I'd like to rely on autoprobing... Anyway:
enrico@debian:~$ gmplayer -vo help
MPlayer dev-SVN-r29241Available video output drivers:
xmga Matrox G200/G4x0/G550 overlay in X11 window (using /dev/mga_vid)
mga Matrox G200/G4x0/G550 overlay (/dev/mga_vid)
tdfxfb 3Dfx Banshee/Voodoo3/Voodoo5
s3fb S3 Virge over fbdev
xv X11/Xv
x11 X11 ( XImage/Shm )
xover General X11 driver for overlay capable video output drivers
gl X11 (OpenGL)
gl2 X11 (OpenGL) - multiple textures version
dga DGA ( Direct Graphic Access V2.0 )
sdl SDL YUV/RGB/BGR renderer (SDL v1.1.7+ only!)
ggi General Graphics Interface (GGI) output
fbdev Framebuffer Device
fbdev2 Framebuffer Device
svga SVGAlib
aa AAlib
caca libcaca
dxr3 DXR3/H+ video out
v4l2 V4L2 MPEG Video Decoder Output
directfb Direct Framebuffer Device
dfbmga DirectFB / Matrox G200/G400/G450/G550
xvidix X11 (VIDIX)
cvidix console VIDIX
null Null video output
xvmc XVideo Motion Compensation
mpegpes MPEG-PES to DVB card
yuv4mpeg yuv4mpeg output for mjpegtools
png PNG file
jpeg JPEG file
gif89a animated GIF output
tga Targa output
pnm PPM/PGM/PGMYUV file
md5sum md5sum of each frame
If you're using gmplayer or another mplayer front-end you can probably access some video preferences menu, such as the following, and set your preference there. It will be remembered the next time you launch mplayer.
In my case I'm using VirtualBox 3D Acceleration so I chose gl:
mplayer -vo gl [my-movie]
By the way: KDE 4.2 just got its way into Debian/testing, but I'll tell you another day. Amazing experience! I wish I could use it on Solaris as well.

Solaris Express Community Edition build 115 and a problem with Input Methods

It isn't apparent yet in the announce section of OpenSolaris website but Sun unsupported Solaris Express Community Edition build 115 has been released. You can see changelogs, as usual, at these addresses:
As far as it concerns myself, this release introduces no bug fixes nor RFE I was interested into and your interest may vary depending on the hardware you're running SXCE onto and the OS features you're using.

Nevertheless, I downloaded the DVD image and Live Upgraded my SXCE build 114. Everything went fine with no package installation errors and very little cleanup.

When I booted build 115 I noticed a renewed Volume Control User Interface and experienced a blocking problem: Input Methods weren't working anymore. They just didn't work.

A search on Google was fruitless so I posted a message on the i18n discussion mailing list at OpenSolaris.org and a Sun Engineer gave me a quick response: it's a bug introduced in build 115 and fixed in build 117 (http://defect.opensolaris.org/bz/show_bug.cgi?id=9109).

The workaround is very simple:
# touch /usr/lib/gtk-2.0/2.10.0/immodules/im-iiim.so
# svcadm restart desktop-cache/input-method-cache
and then just logout and login.

GMail with Evolution and the trash bin: how to organize mails and delete GMail messages

In part I of this series of posts (well, what meant to be just one post but it's going to explode...) I explored the basic configuration you need to setup Evolution as your GMail client. I also told you about GMail labels. labels are a mechanism to extend the concept of folders (in this case, IMAP folders): GMail servers indeed store just one copy of a message and if a message is labeled multiple times, the message will appear in all the corresponding folders. Label work just like UNIX hard links.

Folder names and GMail internal folders

GMail will provide one IMAP folder per label whose name will be the label's name. So far, so good. Now: GMail also uses some special folders to operate internally and you'll see them in the IMAP tree. These folders are:
  • [GMail]/All Mail
  • [GMail]/Drafts
  • [GMail]/Sent Mail
  • [GMail]/Spam
  • [GMail]/Starred
  • [GMail]/Trash
You really shouldn't use them but believe me, they just do what they say. Is it clearer why on part I we modified the default settings for some folders?
  • The [GMail]/Drafts folder is visible in GMail web interface, so it's very handy to have Evolution save drafts directly there: you could start a message on Evolution, save it, and then sending it from you mobile device. You should be aware of a gotcha: if you're editing a message with a large attachment beware that when the mail client saves it, it will indeed send the attachment to the server! In such cases, I just attach the file at last.
  • The [GMail]/All Mail folder contains a link to every single message in your account. That's why you should never store messages directly here unless you know what to do. We'll get into this later.
  • The [GMail]/Sent folder contains a link to every message you sent. GMail does this automatically for you: the message will be stored on the server and labeled accordingly. That's why you don't have to save sent messages on the server. You would simply waste bandwith!
  • The [GMail]/Starred folder contains a reference to starred messages. One more time you realize that everything's built around labels.
  • The [GMail]/Trash label is very special. We'll get into this later.

Copying and moving messages

The file metaphor still applies:
  • Copying a mail from a folder to another is equivalent to label a message with the destination folder's label.
  • Moving a mail from a folder to another means removing the origin folder's label and applying the destination folder's label.
In the introduction, I said that labels are similar to UNIX hard links. Yes, but there's an important difference: a mail isn't unlinked when its label counter is 0 and a mail can be unlinked even if its label counter is greater than 0.

Deleting messages

This is where things may not be so intuitive. I'll try to make it clera with an example: when you receive a message (and you don't have any auto-labeling filter triggered by such message), that email goes into the Inbox. Moreover, that message will automagically appear into the [GMail]/All Mails folder. Now: what's the IMAP gesture that corresponds to archiving such message? A valid answer would be: moving it to the [GMail]/All Mails folder. This would indeed translate to:
  1. Removing the GMail internal Inbox label.
  2. Applying the [GMail]/All Mails label (which is already applied to every message).
Thus, the only action you could perform would be removing the Inbox label and you could do it in a bunch of ways including:
  • Moving the message to a local (non-GMail) folder: this folder could also be the Evolution local Trash folder.
What has happened, then? Well: you think you deleted a message whereas you simply archived it. This is also true when multiple labels are applied. You can remove one label, but the same message could still be appearing in another n IMAP folders because of the remaining labels! How can you remove a message, then? Think about GMail web interface: when you delete a message, no matter the number of labels applied, what happens is that GMail is labeling it with the magic [GMail]/Trash label!
No matter how many labels a message has, labeling it with the [GMail]/Trash label effectively tell GMail to delete it in 30 days.
If you want to delete a message, then, just move it to the corresponding [GMail]/Trash folder of your account.

Is there a better way to do it?

I recognize that renouncing to the comfortable Delete button and having to move a message into the [GMail]/Trash folder is neither intuitive (semantically) nor easy: one click is addictive, a (right-click, move, choose folder) sequence is just a pain.

I had to cope with the same issue in Thunderbird but, fortunately, Thunderbird was easy enough to tweak in order to map the Delete action into the corresponding GMail action. It basically reduced to mapping the local Trash folder into the remote [GMail]/Trash folder and it could be easily accomplished manually editing the trash_folder_name property of each account.

I haven't (yet) found a way to do it with Evolution and I'll spend a couple of hours more to investigate it.

Monday, June 15, 2009

Configuring Evolution for GMail

Introduction

As many Evolution users may have noticed, Google does not include this mail client into the supported clients' list. If you, like me, are a UNIX user, you're probably wondering about which mail client to use between Evolution and Thunderbird. I'm not entering in such a war: I've been a Thunderbird user for a long time but I switched to Evolution mainly because:
  • It's an Exchange mail client out of the box.
  • PGP signing and encryption as well as S/MIME signing and encryption are supported out of the box.
  • It better suits my enterprise-class needs such as calendaring.
Platform independence, as far as it concerns myself, it's not an issue: I'm a Solaris user and both Thunderbird and Evolutions ship with SXCE (and Indiana as well).

Because there's no how to about how to set it up, I decided to share my configuration with you in a series of posts. Here's how I configured my Evolution mail client on Solaris.

Enabling POP/IMAP in GMail

The first thing you've got to do to be able to use a stand-alone mail client with your GMail account is enabling POP and/or IMAP in your account. This is a topic covered in GMail help documentation. Resuming it, citing the guide:
  1. Sign in to Gmail.
  2. Click Settings at the top of any Gmail page.
  3. Click Forwarding and POP/IMAP.
  4. Select Enable IMAP.


I'd personally recommend IMAP over POP. As explained in GMail FAQs, IMAP is a more flexible protocol which offer two-way communication between client and server. This means two-way syncing capabilities and it's ideal when you access your mail from more than one device.


Creating the account

Once your Google account has been set up, you can open Evolution and create your account(s). The connection parameters can be consulted here.

Receiving email

That's how Evolution calls the Incoming server configuration tab. There are a couple of things you should be aware of. Google documentation is adamant about the ports where its services are exposed: neither IMAP nor SMTP are published on the standard ports and so a customized setup is required. In the case of Evolution, this means you're going to modify the account you created in order to adjust the port number. Incoming mail server runs on port 993 and Evolution, unlike Thunderbird (if that's what you're thinking about...), doesn't allow you to introduce a port number. That's not a problem: just introduce the server address in the classic hostname:port notation. That is: imap.gmail.com:993. Please notice, also, that the Use Secure Connection configuration parameter is set to SSL encryption.

Receiving options



Well, these is really a question of taste, but a couple of settings are important. The check for new messages in all folders may be relevant to you because of the flexibility of GMail. Indeed, if you configured a filter to automatically label and move emails, you'd want to check this because, otherwise, only the Inbox folder would be checked for new mail.

Sending email

This configuration dialog is similar to the previously described Receiving email dialog.



Notice the following:
  • Outgoing server is smtp.gmail.com:587.
  • The Use Secure Connection parameter is set to TLS encryption.

Use it!

Now, the account you just configured should be operational. Evolution is going to ask you for your account's password and then folders and emails header will be fetched.

Better user experience

Evolution is a pretty, straight forward email client inspired to Microsoft Outlook. Even if you're completely new to it, you'll quickly find your way through options and menus. Nevertheless I'm going to share a couple of suggestions.

Labels

GMail is not the typical mail service you may have used in the past. It has its own idiosyncrasies you should be aware of before tweaking your profile. GMail extends the concepts of directory through the concept of labels. Labels are like directories is that they're a mean to hierarchically organize emails but with a subtle difference: an email is usually owned by just one directory while an email can be labeled with as many labels you want. This means that in a given point in time an email could be owned by many folders, each for every label you labeled the message with. Removing a message from a folder means removing that label. On the other hand, copying a message into a folder is the GMail-equivalent of labeling a message.

Dos and don'ts

As documented, here's what you should do (quoting Google):
  • DO save draft messages on the server. If you want your drafts in your mail client to sync correctly with Gmail's web interface, set your client to save drafts to the [Gmail]/Drafts folder.
and here's what you shouldn't (quoting Google):
  • Do NOT save sent messages on the server. If your client is sending mail through Gmail's SMTP server, your sent messages will be automatically copied to the [Gmail]/Sent Mail folder.
  • Do NOT save deleted messages on the server. Messages that are deleted from an IMAP folder (except for those in [Gmail]/Spam or [Gmail]/Trash) only have that label removed and still exist in All Mail. Hence, your client doesn't need to store an extra copy of a deleted message.
  • Do NOT save deleted messages to your [Gmail]/Trash folder because this will delete a message in all folders.
  • Do NOT save deleted messages to your [Gmail]/All Mail folder as some clients will try to empty this folder and ultimately fail. This can lead to delayed mail access or excessive battery consumption on a mobile device.
  • Do NOT enable your client's junk mail filters. Gmail's spam filters also work in your IMAP client, and we recommend turning off any additional anti-spam or junk mail filters within your client. Your client's filter will attempt to download and classify all of your existing messages, which may slow down your client until the process is complete.
They're quite intuitive, once you grasp the labels' functionality but if you never wondered about it, they're indeed gotchas. Here's my default configuration:



Security

Do you mind about security and confidentiality, don't you? And if you don't, you should. Evolution let's you sign and encrypt your messages by means of PGP and S/MIME technologies. You can set your security preferences for your accounts and be sure to sign the messages you send:


And if you don't have a PGP or GPG key, I'll tell you how to create one and set up GPG on your Solaris box! ;)

Follow ups


In Part II of this series I will tell you more about some GMail idiosyncrasy and how to cope with message deletion.

Sunday, June 14, 2009

Holidays in Crete, part I: the arrival

We flew from Madrid to Athens where we transferred into an Athens-Chania flight. The second flight was pretty short, about 40 minutes, and the view from the flight is impressive. The Aegean Sea and its deep blue color, the rough profile of the islands and at last, Crete. Crete is a mountainous island and throughout its coast the hills' slopes go down and sink directly into the sea. Sandy beaches are rare, maybe only Georgioupolis is worth mentioning, and are usually very small. Crete's rough beauty is striking: if you can trade beaches for timeless views, Crete's the good destination for you.

Chania's Airport it's, not by surprise, at 149 mt above sea level: when the flight approaches the island, you can see the sea and the cliffs on the East of the peninsula drawing nearer and nearer until the sea suddenly disappears from the window leaving its place to the landing strip. It really gave me the impression of landing on the top of a hill.


View Larger Map

The airport is very small: it's the smallest one I've ever flew to! Everything's... "at hand". As soon as we collected our baggages, we went out to the "arrivals" section (I later realized that there's no separation between arrivals and departures at Chania's Airport) looking for the car rental company a friend of mine suggested us. They were there, just in front of us: a very small office (just a desk, a telephone and a man), waiting for us. Warm atmosphere and a warm welcome: maybe it's marketing, maybe sincere devotion for a friend's friend. No matter what, it was just good.

We put our things on the little Panda we rented and left towards the hotel: the Iberostar Creta Marine. My friend Heinz warned me about one thing before leaving: the GPS! Well, Crete's not that difficult to tour, after all. It has just one motorway connecting Chania, Rethymno and Iraklio.


View Larger Map

Shouldn't be that hard, thought I. And indeed, it was not! Leaving the Airport, Rethymno is pretty well indicated, even if sometimes some basic Greek language skills would help you interpreting the road signs. Since we arrived at late afternoon, the road was already dark when we headed Rethymno. The Chania-Rethymno highway is a common four-lanes road (two lanes per direction), whose lanes, adorned with flowery hedgerows, are constantly winding to follow the hills' profiles. The night was windy and fresh and the ride was pleasant: we opened the car sliding roof and covered those 90 kilometers admiring the view and smoking a couple of cigarettes.

Rethymno passed at our left, silently, without almost being noticed: it seemed yet another small city whose harbor was clearly visible from the road. Since Rethymno, the small motorway kept on winding with its ups and downs, until we arrived at the hotel, just a couple of kilometers before the village of Panormos.


View Larger Map

We were tired but happy: our Crete's first bite really had a good taste and the hotel was somehow fascinating. It clearly is a typical touristic family hotel whose location is privileged. The rooms, moreover, are almost all deployed on a myriad of small buildings. They're not individual bungalows but the feeling is very similar. It's a perfect choice for families and couples to spend a relaxing stay at a convenient distance from the two main cities of the island.

We instantly fell asleep listening to the sea waves crashing into the shore.

Friday, June 5, 2009

Crete, a tentative itinerary

As you know, I decided to spend the next week in Crete. One week is not much time, and I'd like to try and breathe as much Cretan atmosphere as I can. One friend of mine who's living in Crete sent me some good suggestions. To satisfy my curiosity, I started googling around looking for photos and information and one place struck me most: Loútro (Full-screenΛουτρό).

Loútro is a small village in the southern Crete and it's pretty unique in that:
  • There's no road to and into Loútro: some sites state that there's just one car in the entire village. I'll verify this as soon as I'll be there.
  • The only mean to reach the village is by boat or on foot.
Loútro's photos I'm viewing recall of the typical Cyclades panorama: calm sea, white houses with blue windows. Here's Loútro on Google Maps:


View Larger Map

In the map it's pretty clear how isolated Loútro is. If you follow the shore to the East, you'll find another isolated village, Sfakia, and the two are connected by a footpath: you should see it if you magnify the image. It really goes parallel to the shore line. This path gives also access to some beautiful beaches such as Glyka nera (Sweet water), one of the most beautiful beaches in Crete.

Google Maps is a just cool application! Checking places like this is funny and, in the meantime, it gives me some kind of confidence about the itinerary I'm building.

I'll keep on documenting and as soon as I'll be back, I'll document my trip!

How to maintain the world leadership of the absurd - Mr. Berlusconi, I'm tired...

This is a Beppe Severgnini's article published on Italians, a column of the Corriere della Sera. It's a long time I'm not writing about politics but believe me: I'm so sick of reading Italian newspapers (and now, foreigners press too) that I try to forget what's happening in my home country. Nevertheless I'll do this exception, once more to celebrate Beppe Severgnini's acumen and sarcasm, and I will (try to) translate his last Italians column post to English.

How to maintain the world leadership of the absurd.
The President of the Council is convinced that Italian journalists are the inspirers of all the negative comments abroad. Impossible, for two reasons. Given the number of published comments, we should be inspiring the whole holy day, and we have other things to do. And then, let us say, there is no need to do that. Our political class - not only its Chief - is capable of getting in the mess alone, without any help.

I know that it is shocking, but there are countries, like Great Britain, in which the ministers will resign when surprised to bill a lawnmower (in Italy a politician could bring home the entire factory, explaining that he's got have an immense lawn, and we would believe him). I know that it appears fool but an American president - Bill Clinton - risked the impeachment for a lie about a girl (we would like to know if it is nice, and if the lie comes from the Conservatives or the left wing).

However, let's think about the unimaginable. Let's suppose that the Italian Politicians had lost all of their imagination. The last story, from Casoria and Villa Certosa, is so incredible that our minds are tired. Here are some suggestions. How to maintain world leadership of the absurd, conquered at the price of so many outrageous efforts.

THE CARTHUSIANS (it's a joke about the name of one of the estates of the President of the council) - All of the PDL parliamentarians, anxious to demonstrate solidarity to their leader, rented a house in Sardinia and organize hundreds of parties simultaneously with fake volcanoes. The NATO thinks of an attack and sends flocks of F16 on the island. An euphoric Apicella (A Berlusconi's friend, a guitarist), on top of the Gennargentu, sings "So sweet to die for Silvio".

THE STORY OF QUIRINALE - Unbeknown to the President Napolitano, a group of young parliamentarians of PD, seven women and three men, detain in the palace for ten days to escape the black plague of the election results, and in turn tells stories of cutting humor. Does it seem like Boccaccio? Well, at least you pull on morale.

BICAMERAL VICE - Massimo D'Alema called on Silvio Berlusconi for a table of reforms. The latter agrees, praising the constructive spirit of the opposition, and then continues to do what it wants and likes (2nd episode, the result within twelve years).

MICROEXPO - Giulio Tremonti, in agreement with the Northern League, decided to lower further the appropriations for the Expo 2015. The event will cost 15,000 euros, to be spent on snacks (the theme is nutrition). The new CEO protests, the Minister of Economy quotes Cesare Pavese "Working, tires".

HOT WASTE - Throughout southern Italy, the garbage is collected and disposed on time with precision and regularity. Without protests? Without patronage systems? Nothing criminal? No pre-election promises? The world holds its breath, then bursts into an applause: incredible, unbelievable! They are really incredible, these Italians.

--

The original article, in Italian language, can be read here.

Thursday, June 4, 2009

Sun xVM VirtualBox 2.2.4 has been released



Sun xVM VirtualBox version 2.2.4 has been released and, as usually, can be downloaded here. The changelog for this version, as reported by the official website, is:

  • Windows Installer: fixed a potential hang during installation
  • Windows Installer: fixed several problems (bug Fixed in SVN (closed)">#3892)
  • Solaris hosts: make it work with Solaris build 114 or later (bug Fixed in SVN (closed)">#3981)
  • Solaris hosts: fixed a bug serial port character handling found during loopback (bug fixed in SVN (closed)">#3120)
  • Linux hosts: adapted vboxdrv.sh to the latest changes in VBoxManage list runningvms (bug #4034)
  • Windows hosts: fixed a crash caused by host-only/bridged networking
  • Mac OS X hosts: fixed access to host DVD with passthrough disabled (bug #4077)
  • Guest Additions: fixed problems with KDE 4 not recognizing mouse clicks
  • Windows Additions: fixed incorrect 8-bit guest color depth in Windows 7 guests
  • GUI: warn if VT-x/AMD-V could not be enabled for guests that require this setting (bug ... (closed)">#4055)
  • VMM: fixed occassional crash due to insuffient memory
  • VMM: fixed hanging 64 bits Solaris guests
  • VMM: restore from a saved state occassionally failed (bugs #3984 and #2742)
  • Clipboard: fixed a deadlock while shutting down the shared clipboard on X11 hosts (bug fixed in SVN (closed)">#4020)
  • OVF: fixed potential hang during import
  • OVF: fixed potential crashes during import/export on Win64 hosts
  • VBoxManage modifyhd --compact: fixed bug which could lead to crashes and image corruption (bug --compact broken in 2.2.2 (closed)">#3864)
  • VBoxManage metrics collect: now flushes the output stream.
  • VHD: made VBoxManage internalcommands sethduuid work for .vhd files (bug does not work for VHDs => ... (closed)">#3443)
  • VHD: some .vhd files could not be cloned (bug #4080)
  • VMDK: fixed creating snapshots
  • NAT: improvement of TCP connection establisment (bug Fixed in SVN (closed)">#2987)
  • NAT: fixed order of DNS servers in DHCP lease (bug fixed in svn (closed)">#4091)
  • NAT: fixed DHCP lease for multiple name servers (bug Fixed in svn (closed)">#3692)
  • NAT: fixed a potential segfault if the host lost its connectivity (bug #3964)
  • Shared Folders: deny access to parent directories on Windows hosts (bug #4090)
  • Shared Folders: make rm/rmdir work with Solaris guests on Windows hosts
  • Networking: fixed the problem with blocked receiving thread when a broadcast packet arrives too early to be handled by uninitialized e1000 adapter.
  • Networking: fixed the problem that caused host freezes/crashes when using bridged mode with host’s interface having RX checksum offloading on (bug Fixed in SVN (closed)">#3926 and related). Fixes problems with TX offloading as well (bug Fixed in SVN (closed)">#3870)
  • PXE boot: Added support for PRO/1000 MT Server adapter.
  • Python bindings: fixed keyword conflict
  • SCSI: fixed occasional crashes on Win64
  • Serial: allow to redirect the serial port to a raw file (bug Fixed in SVN (closed)">#1023)
  • VRDP: fixed a rare incorre
  • ct screen updat

You'll have noticed bug 3864 in the list of fixes above. I unfortunately hit this before upgrading and, hadn't I done a ZFS send of the file system I was working on, I would have probably lost my VDI image. I strongly suggest you to upgrade to version 2.2.4 or not to run VBoxManage --compact at all.

ZFS spared me a lot of time and saved my data (once more)

Yes. Since I was introduced to it, almost every day something remembers me that I'm running the Solaris OS and its ZFS file system.

While developing part of the architecture for the .NET application I'm working on I decided to take a (freaky) break. I stopped my virtualized Windows instance (run on Sun xVM VirtualBox, of course), I put the kettle on the hob, put a coffee spoon of Gunpowder green tea on the teapot, and... launched a:

$ VBoxManage modifyhd winxp.vdi --compact

I went to the kitchen, waited the canonical 2 minutes watching tea leafs opening and releasing their flavor in the water, returned to my desk and: nothing could go worse than that. I just hit VirtualBox bug number 3864. The operation had failed and the hard disk image, as far as I could see, was greatly damaged. Windows wouldn't start correctly and would force a chkdsk on the entire disk. A great number of errors were found and the hard disk was not fixed.

Fortunately enough, since I use ZFS, I'm missing no backup. Every night, at least, a script snapshots a set of filesystems and sends a replication stream to another server where the ZFS stream is received (if you're wondering, the answer is "No, I don't use the Time Slider (yet)). I just had to send back the last saved snapshot and my VDI image was as good as this very same morning. Data? Well, I'm prudent enough to periodically save all of my work in a Subversion server I set up.

Once day more I'm happy to run ZFS.

Wednesday, June 3, 2009

OpenSolaris 2009.06 has been released


Innovate on OpenSolaris
This is the kind of news many people was waiting for: the third release of the OpenSolaris OS, OpenSolaris 2009.06, has been released. You can read the announcement here.

A quick summary of the new features, as reported from the official site, are:
If you were already using Solaris Express Community Edition you may have already tried these features. Nevertheless, I think it's time to burn a CD and give a try to this new release. Personally, I dropped OpenSolaris after trying 2008.11 for a couple of reasons (no sparse zones, incompatibility with some Sun products) but I'm really curious to try this new release: every iteration has been a great surprise and a very positive experience, so far.

As soon as I try it, I'll post a review. Meanwhile, you can download the OpenSolaris OS here.

Loreena McKennitt forced to cancel festival appearance in Fez, Morocco

Today I received this news: Loreena canceled her appearence at the Festival of World Sacred Music, which will be held in Fez, Morocco. Loreena McKennitt official website reports the news quoting Loreena:

I’m facing a grave family emergency and being away from home at this time is not an option. It is most difficult to make this unprecedented decision to cancel a concert so close to its date.

I planned to go there with my girlfriend, it would have been the opportunity to see Loreena's concert and to visit Fez, a city I visitied twice and that I liked very much. Unfortunately (well, that's what I thought...) the agency was not able to provide us an accommodation on time and that's why we opted for Crete.

I'm really sorry to hear about Loreena's troubles, whatever they be. So many time she accompanied me through the journey of my life, comforting me through the embrace of the music I'd love most, speaking to my soul as only few friends can do. It's time to pay my dues.

I wish everything went fine for you.