RND(tech) - Linux

disabling NetBIOS over TCP/IP in Windows via DHCPD

khanh@khanh.net (Khanh) — Thu, 27 May 2010 08:31:40 -0700

This is scarce information on the Internet, so I'm reposting!

NetBIOS can be disabled now that it's fairly ancient networking. You're using TCP/IP and DNS right?
I don't use Microsoft DHCP or DNS servers, so finding the information to set this is hard to come by. To disable NetBIOS over TCP/IP in an ISC DHCP server, add the following to your dhcpd.conf:

option vendor-encapsulated-options 01:04:00:00:00:02;

It's that easy!

using openSSH as a layer-2 ethernet bridge (VPN)

khanh@khanh.net (Khanh) — Tue, 18 Nov 2008 21:11:40 -0700

Consider the following network setup (which I live with by the way):

[main LAN] <-----------------------------------------------------> [remote datacenter LAN]
(192.168.0.0/16) <-------- leased point-to-point ------------> (192.168.0.0/16)

Both locations also have separate connections to the public Internet with different public IP subnets. However, for this discussion it's not necessary to have different public IP subnets. Under normal circumstances the local LAN and the remote LAN are the same logical LAN via the magic of the leased point to point line.

However, today that p2p connection broke (physically between the two locations, out of our control). This outage lasted several hours, but brought out an interesting use of SSH tunneling for ethernet bridging aka Layer-2 VPN or tunneling. For this to work, you'll need to have at least openSSH 4.3, a somewhat recent linux distro and the bridge-utils package for your distro. This also assumes you have a basic knowledge of IP and the linux command line. I use openSuSE 11.0, but this should work for almost any similar linux.

Let's say for example, the main location has a linux box (router1) with two NICs:
eth0: 1.1.1.1 (the public interface)
eth1: unassigned IP, but connected to your LAN (192.168.0.0/16 in my case)

On the other box, at the remote location (router2) we also have two NICs:
eth0: 2.2.2.2 (the public interface)
eth1: unassigned IP, but connected to your LAN (192.168.0.0/16 in my case)

Both routers should be set with it's public IP gateway as the default route, working DNS, etc. You'll want to enable IP forwarding (consult your specific distro) and in my case, I disabled the distro's firewall. On the remote side (consider it the "server"), you'll need to edit your sshd config to allow remote root logins and tunnels via SSH.

/etc/ssh/sshd_config:
PermitRootLogin yes
PermitTunnel yes

The root login is necessary to allow ssh to create the TAP devices for the bridge. Because of that, you'll also want to add your local side's IPs to /etc/hosts.allow for the sshd process. Now, on the local side (IP 1.1.1.1, which you might consider the client now) you'll want to "su root" and do the following:

ssh -o Tunnel=ethernet -f -w 0:0 2.2.2.2 true

The -o switch sets client options on the command line. We're specifying the tunnel type as ethernet (bridge) as opposed to point-to-point, which it'll do by default (for Layer-3 type VPN routing). The -f switch just forks ssh in the background so we're returned to our "client's" command line and not remote's. Since we've done that, ssh will expect a remote command of some kind, so we'll just run "true", effectively doing nothing. The -w 0:0 switch actually sets up our tap devices on either side as tap0. You can do -w 1:1 for tap1, -w 0:1 for tap0 on one side and tap1 on the other, etc.

On both sides now, you should be able to see via ifconfig -a your eth0, eth1 and tap0 devices. Make sure to call ifconfig with -a, or you'll only see interfaces with defined IPs. Now that the two boxes are connected via the public Internet to each other via SSH, you can finally start to establish the bridge interface. Now we'll use the bridge-utils binary to create a bridge interface called br0:

brctl addbr br0
brctl addif br0 eth1
brctl addif br0 tap0

Then you'll want to bring up all of your interfaces, if they aren't already:

ifconfig eth1 up
ifconfig tap0 up
ifconfig br0 up

Doing so will create the br0 interface, then bridge your eth1 and tap0 together and bring up the interfaces. Don't forget, YOU MUST RUN THE brctl and ifconfig COMANDS ON BOTH SIDES!!! Once you've done this, you can check the remote side to see if it knows about the MAC addresses (from Layer-2) on the local side:

brctl showmacs br0

This will report on the known MAC address from the ARP protocol. Depending on your network, you'll see a few or many. Depending on your setup, you can get a DHCP address on the "other side" of the tunnel now or configure an appropriate IP and ping across as if you were on the same physical broadcast domain!

As a final note, there's always a downside. TCP encapsulated TCP is bad and will put a STRAIN on your hardware. Make sure it's decent for the amount of anticipated traffic and use only as a quick and dirty solution or a temporary measure. The following is good reading for why this is not a long-term, permanent solution:
http://sites.inka.de/~W1011/devel/tcp-tcp.html

Cablevision firewire channel changer and new Intel video drivers

khanh@khanh.net (Khanh) — Sun, 05 Oct 2008 09:42:48 -0700

Sometime last Saturday (September 28) my cable provider, Cablevision, must have updated the software on my cablebox (Scientific Atlanta 4200HD). I use the firewire port for channel changes with the sa3250ch channel changer in the current MythTV SVN contrib directory. The commands being sent to the box were being received, but something happened in the new software that expected a slightly different command to properly change the channels. Anyway, here's some updated code to make it work. Change line 195 with the following diff:

195c195
< cmd[1] = CTL_CMD1 | (dig[0] << 16) | (dig[1] << 8) | dig[2];
---
> cmd[1] = cmd[1] = CTL_CMD1 | (chn << 8);

I've also been toying with getting HD working with the Intel G33 integrated chipset that came in my new Dell Vostro 200 mini tower that I bought a few months ago. The CPU (Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz) seems to be OK handling pre-recorded HD from the Silicon Dust HDHomerun as well as h.264 content, so long as the bitrate isn't up there in the Blu-Ray range. I'm currently connected to a LCD HDTV with VGA, which is sufficient for my needs.

The latest Intel driver is here:

http://xorg.freedesktop.org/archive/individual/driver/xf86-video-intel-2.4.97.0.tar.bz2

By the way, you'll need to have at least xserver 1.3.0 to compile against, so make sure your system is updated! They say in the README you only need to specify Driver "intel" in your Device section of xorg.conf, but I've got a mess of options I'm playing with to get HDTV working nicely:

Section "Device"
BoardName "G33"
BusID "0:2:0"
Driver "intel"
Identifier "Device[0]"
Option "monitor-VGA" "Monitor[0]"
Screen 0
VendorName "Intel"
Option "UseEvents" "true"
Option "XvPreferOverlay" "true"
Option "DRI" "true"
Option "UseFBDev" "true"
Option "PageFlip" "true"
Option "TripleBuffer" "true"
Option "XAANoOffscreenPixmaps" "true"
Option "FramebufferCompression" "false"
# Enable offload of Motion Compensation (XvMC)
Option "LinearAlloc" "16384"
Option "XvMCSurfaces" "7"
Option "XvMC" "true"
Option "AccelMethod" "XAA" # The default is "EXA"
Option "CacheLines" "2048" # Allows the user to change the amount of graphics
# memory used for 2D acceleration and video when
# XAA acceleration is enabled.
# Decreasing leaves more for 3D textures. Increasing
# can improve 2D performance at the expense of 3D.
# can improve 2D performance at the expense of 3D.
# xxxx=8192/16384/32768 etc.
# Note AccelMethod XAA does not appear to work with Xvmc enabled. Testing required.
EndSection

You'll notice some lines in there for XVMC. Unfortunately this driver doesn't support 720p or 1080i/p frame sizes with XVMC, so for my purposes it's a bit pointless. I don't use XVMC under MythTV, but I have it in there anyway just for reference.

Finally, if you do compile the Intel video driver from source for MythTV, you may or may not notice that the driver chooses textured video as its default choice for rendering. I didn't have good performance with this, presumably because of weak 3D processing on this chip. I don't know for sure, but I have (and had) better results with overlay video. Another key setting for MythTV is to enable "extra audio buffering".

There's a long diff patch for the Intel video driver source, so it's attached here thanks to this MythTV-Users thread.

intel-prefer-hardware-overlay.diff

monitoring latency and packet loss with mrtg and ping

khanh@khanh.net (Khanh) — Sat, 17 May 2008 09:25:58 -0700

I've been using MRTG for years to graph traffic on switch ports, but only recently started using it to graph other fun things.

Recently, I've started using it for latency.

/usr/local/bin/ping-host.sh:

#!/bin/sh
PING="/bin/ping"
ADDR="172.16.0.100"
DATA=`$PING -c10 -s500 $ADDR -q `
LOSS=`echo $DATA | awk '{print $18 }' | tr -d %`
echo $LOSS
if [ $LOSS = 100 ];
then echo 0
else
echo $DATA | awk -F/ '{print $5 }'
fi

Then in your mrtg.conf file:

Title[ping-host]: RTT to host
PageTop[ping-host]: <H1>Host Round Trip Time</H1>
Target[ping-host]: `/usr/local/bin/ping-host.sh`
MaxBytes[ping-host]: 2000
Options[ping-host]: growright,unknaszero,nopercent,gauge
LegendI[ping-host]: Pkt loss %
LegendO[ping-host]: Avg RTT
YLegend[ping-host]: RTT (ms)
ShortLegend[_]: p/s

You can also execute remote commands over SSH. I use that for load averages. You'll have to figure out how to set up authentication keys. Otherwise, the automated script will be prompted for a password on the console, which you won't be attached to. I might post later about setting up authentication keys for password-less login, but for now, here's my load average script, to be run on the remote host:

loadavg.sh:

#!/bin/bash
awk /proc/loadavg '{print (100*$1) "\n" (100*$2) }'

Then on your MRTG host do something like:

Target[Mail-LoadAvg]: `ssh -l mailnull mail.host.tld ./loadavg.sh`

iTunes and NFS... woahs and woes

khanh@khanh.net (Khanh) — Mon, 12 May 2008 11:53:29 -0700

A few months back I wrote about how I wanted to replace my iPod with my PocketPC. Alas, I've conceded to the mainstream. The iPod has won out for it's end-user experience. There's simply too much work involved in the PocketPC and the user interface is still stuck in its old roots. The stylus is still the primary form of "interface" and in the car, that just doesn't work. I'm sure it'd be fine for someone else, but I spend a lot of time in the car. I'll still use the PocketPC for phone, email, browsing, etc. Also, I actually really like iTunes. The interface is exactly how I like to manage my 40+GB of music and the podcasts just sync. The podcast client (Egress) I was using on the PocketPC was just too clumsy, never seemed to really "sync" the right way, and then of course there was that pesky ease-of-use issue. Once in Egress, there was little integration with Windows Media Player. Granted, it was functional, but it just wasn't easy to swith between podcasts and know which I've already listened to or not. Since my music library is also in iTunes already, I just didn't have the necessary investment in Windows Media Player. Back to iTunes for me for now.

On a similar note, I have iTunes running on a fairly new Mac Book. Since I have a large library, which I also like to access remotely, I put the whole thing on an NFS share from my MythTV box. The MythTV box is currently openSuSE 10.2. Everything was running great on Mac OS X 10.4, but I decided to upgrade to 10.5 this weekend and finally throw on Office 2008. Everything runs a bit slower than it used to, but I suppose that's to be expected with new OSes. OS X is probably suffering from Vista-style bloat. One thing that did improve was Quicken 2007 (PowerPC) stability, but that was a minor issue for me. At work, I've been running 10.5 and setting up a 10.5 server for ActiveDirectory integration and I've had nothing but issues with network mounts and network integration in general. So, when I found out last night that my iTunes library wouldn't open over NFS, it didn't surprise me. The issue was that the Mac had no problem mounting the NFS volume, but once you started clicking on files in Finder, they'd show up as zero length files and then they'd disappear. In the terminal, they showed as normal files, but of course, I was just doing directory listings, not actually opening the files.

Apparently, OS X 10.5 changes the NFS client behavior. However, there is a "fix" that I've implemented on the NFS server side, since I don't care enough to debug OS X in my personal life. I deal with it enough in the work environment. On the server side, I kept seeing these errors:

lockd/statd: failed to create /var/lib/nfs/sm/: err=-21

The problem there is that there's no hostname at the end of that path. For whatever reason, the OS X 10.5 is either not reporting the hostname, not the way openSuSE 10.2 expects it, or openSuSE 10.2 has an issue. Since I didn't have this problem under OS X 10.4, I'm guessing the first two options are the reason, not the third. Anyway, change the following value in /proc. I'm going to throw it in boot.local to survive reboots probably.

echo "0" >/proc/sys/fs/nfs/nsm_use_hostnames

MythTV 0.21

khanh@khanh.net (Khanh) — Sun, 06 Apr 2008 19:22:37 -0700

MythTV 0.21 was recently released. I've been compiling and running from the 0.21-fixes CVS branch, but still have audio issues in MythVideo with some videos that have AC3 audio. It's been found that the NuppelVideoPlayer expects the audio not to be more than 2 seconds out of sync with the video.

It hasn't made it's way into the -fixes branch as a patch, but someone on the mythtv-dev list was kind enough to help me out with this patch, so I'm keeping it here for my own records. Maybe it'll help out some other MythTV users:

mythtv_increaseAudioTolerance.patch

There is an open ticket in the MythTV Trac system #4764, but the posted patch doesn't exactly patch well against the current -fixes release, nor does it compile after manual changes.

installing vmware server console on the Asus Eee PC

khanh@khanh.net (Khanh) — Fri, 25 Jan 2008 22:43:45 -0700

The Asus Eee PC comes with most of the basic tools the average sysadmin needs for remote console access to his/her servers: krdc (for VNC and Remote Desktop), xterm (command line for ssh or telnet; press ctrl+alt+t), but it's missing VMware server console. Unfortunately for Xandros Eee PC users it's distributed as an RPM. However, with a quick apt-get of alien (and some dependencies), converting it to a compatible .deb is easy! Don't forget to read my previous post about adding comunity repositories (and pinning your system).

1. download the RPM from VMware's site: http://vmware.com/download/server/. You want the Linux client package only. Don't worry about registering. No serial number is required for the client package.

2. sudo apt-get install alien
This will prompt for the installation of dependencies (about 13). Answer 'Yes' to install them.

3. sudo alien --scripts VMware-server-console-1.0.4-5629.i386.rpm
This will result in a .deb file of the same name.

4. sudo dpkg --install vmware-server-console_1.0.4-56529_i386.deb
Once the pacakge is installed, I went back and uninstalled alien and its dependencies. You can leave them around if you like (at a cost of 25MB of storage).

5. sudo /usr/bin/vmware-config-server-console.pl
This will do a quick config for the server console. You can now run /usr/bin/vmware-server-console and access your VMware server intances!

The same method would probably work for the full server installation. You'll need to register for your free serial number. I didn't due to the small storage capacity and limited hardware (base Eee PC 701 only has 512MB of RAM). The Eee would need a slightly better CPU before I'd run virtualized OSes on it, but it makes for a great remote console to a more powerful system. Enjoy.

Final Fantasy VII on the Asus Eee PC running pSX for Xandros

khanh@khanh.net (Khanh) — Sun, 20 Jan 2008 11:04:27 -0700

After several hours of beating my head against the wall with pcsx, I finally switched over to pSX and got PSX emulation working under Xandros on the Eee PC. I was trying to get pcsx to work because it's in the community repositories, but alas, it has memory card file issues with anyhing BUT the included HLE BIOS, which of course, prevents you from playing anything really good like FF VII :). No overclocking or upgrades were made to the basic 701 model.

1. In order to get pSX to work, you need to have the additional repositories configured. Follow the Eee PC User Wiki article on Adding Additional Repositories. PLEASE don't forget to do the part about PINNING YOUR SYSTEM. This will prioritize the Asus "official" versions of the packages over the user contributions. If you don't you may make your system very unstable.

2. Next, download the Linux package from the official pSX website and then do "sudo apt-get install libgtkglext1" from the command line. That was the only dependency you should be missing from the base install of Xandros on the Eee PC.

3. Once that's done, follow the prompts to point to the BIOS (sorry, no help from me here) and a memory card file for at least slot 1. There's one requirement for the Sound options to prevent that stuttering. Set the latency to 64.1 ms and the XA latency to 40.1 ms (double the defaults). Any other stuttering should be due to a slow SD card, but even my cheap 1GB card (Transcend) managed to make it through the opening FMV and first fight scene at acceptable frame rates. Also under Sound, I have Reverb, Sync sound, and Interpolate on.

4. Under Graphics, you can have Bilinear interpolation on (for smoothing out those pixels, although at the expense of some blurriness and speed). I also turned on the Status icons and set the Full screen mode to 16:10. Nice. Pcsx couldn't even do full screen for me, although it did have lots of scaling options.

For those interested in ripping their PSX CDs to bin/cue format, you can use the following command line example in your terminal:

cdrdao read-cd --read-raw --datafile my_game_rip.bin --device ATAPI:0,0,0 --driver generic-mmc-raw my_game_rip.toc

ASUS 701 eeePC

khanh@khanh.net (Khanh) — Sat, 19 Jan 2008 15:57:53 -0700

Recently, I obtained the new ASUS 701, aka the eeePC. I have the 4G model (512MB of RAM, with the camera). Everyone's first reaction is that it's small and that the keyboard suffers because of it. I don't have giant hands, but it is awkward to type on. It's the opposite extreme of the problem the Macbooks have with the keys being spaced apart. These keys are tiny and tightly packed. The screen is also a little small, but you really don't notice on anything but web surfing. Outside of that, everything is fast, due partly to the SSD (solid state drive). Boot times are as advertised (under 15 seconds). The battery life is average or as-expected. I almost expected more, but because of the small internal storage and being a portable device, the wireless network is usually on. Don't worry about the 900Mhz Celeron CPU or the small storage though. It's not really designed for replacing your primary PC. The small screen and storage defeats CPU intensive video tasks.

I read just about everything there is about replacing the included XandrOS with the "easy" user interface. I don't mind it. I actually enjoy it since it keeps me from trying to push this thing past what it's designed for. The more advanced things I would use it for are really sysadmin type remote access, which I painfully do on the command line. Now it'll be more painful with the small keyboard, but the portability and the short boot time outweigh that. The XandrOS uses IceWM and some custom UI stuff done by ASUS, making for more of a smartphone/PDA style experience when choosing your next application. However, once that's out of the way, the windows and controls look like your basic Windows XP and almost certainly intentional. Even updating the system software insists upon reboots after every install!

The first thing I noticed was that re-joining the wireless network is not automatic and it was a little confusing to have the two wireless icons in the system tray. One is really for wireless, the other is for network interfaces in general. Once that was out of the way, the "Add/Remove Programs" made sense. Nothing populates there unless you are online. Why? Well, it's more of a software update than an Add/Remove, so be sure to be online before running it. I ran it (January 18, 2008) and there were a few updates like Skype and the BIOS, which I did. You'll get a new application called EeeAP which is rumored to be for wireless mesh networking, but there's little on that. On that note however, there's checkboxes in all the right places for sharing your existing internet connection with others. This isn't always obvious on other distros.

I doubt I'll be replacing XandrOS with WinXP or some other Linux. First of all the SSD lifespan isn't the same as a spinning disk and I don't care to push it. Plus, Asus customized this OS to work with the hardware and I don't fear Linux. Strangely, they included Anti-Virus, but I think that's for more WinXP user cross-over hand-holding. I disabled it from startup, but I didn't remove it. Asus also included UnionFS for the root partition. This allows them to have a base image on a non-writeable partition. Any root partition changes are not made to the image, but to what's left of the SSD. You'll get 1.4G of useable drive. This non-traditional method means software updates use up the base image's space, plus the updated program takes up space. Software "removals" just kill a pointer to the base image, so you don't really free up any space at all. More than likely, it'll take up more space just to make that reference. Confusing? Not really. You just have to undertand that the drive available to you is really just keeping track of changes since a starting point.

On to more useful information! I did follow the ASUS eeePC wiki article on adding additional repositories. PLEASE do yourself a favor and listen to their suggestions on configuring "pinning". I didn't hose this system, but it's I've experienced it in other Linux adventures. Let the Asus "official" repositories win in a dependency battle. The http://xnv4.xandros.com/xs2.0/upkg-srv2 repository does not have a public key, which isn't well explained on the wiki. Just ignore the errors, don't forget to do a "sudo apt-get update" afterwards, and reboot. I didn't reboot and almost through the eeePC against a wall when fceultra kept segfaulting. After the reboot, everything was fine and Spy Hunter came right up :)

By the way, that's done via the command line. Press CTRL+ALT+T to get a shell. It's nothing to write home about. Just a basic shell. I did find it nice that krdc (the KDE client for remote desktop and VNC) are readily there. I configured a PPTP VPN client easily in the network configuration, but unfortunately has no options for custom routes (so not ALL of my traffic goes through the VPN like web surfing). Also, nslookup and dig and host are missing. I'm not sure why, but ping and traceroute resolve names too, so I used those.

I haven't done much else, but poking around in the Messenger app (which is just Pidgin) and the file manager, I'm amazed at how Windows XP-like they made this thing look. Again, I'm sure it's to make newbies feel comfortable. The system tray is a little over-populated (another XP-ism) and I really need to read more on making my own shortcuts. I could do without individual big-button shortcuts to each of the Google Apps, and replace them with krdc and the terminal.

gens cvs 20070625 (2.13alpha), linux, command line, success!

khanh@khanh.net (Khanh) — Thu, 27 Dec 2007 22:35:19 -0700

I never was too impressed with dgen on Linux (for emulating a Sega Genesis, 32X, SegaCD). It was simple to setup and worked with a lot of roms, but not enough of them. I never could get Sonic the Hedgehog 2 to work, nor ANY of the 32X games, even with the appropriate BIOS files. However, because of the simple setup and flexible command line, integration with MythTV's mythgame almost required it.

I wanted to move because I wanted 32X support (and I had the BIOS files), plus better compatibility for games like Sonic 2. I started to research gens, which was supposed to work better, but the more common sources and rpms were older, without the necessary patches to make a command line setup work. For example, the escape key was linked to pause the emulator, not exit it. Boo. Everything on the web points to "gens for linux - mythgame edition" (found at http://mythtv.wbond.net/gens_for_linux_mythgame_edition/). This release also includes patches for GCC4. It compiled fine, but had a weird quirk with gens' double winows and fullscreen mode. Gens runs one window for the emulation and another for the menu. When applying --fs from the command line, it enters fullscreen, but the menu window cancels that until you click or ALT-TAB to focus the emulation window. Again, boo.

I stumbled upon this Ubuntu forum thread: http://ubuntuforums.org/showthread.php?t=290008. This is gens 2.13 alpha aka gens CVS 20070625. You can browse it on SourceForge here: http://gens.cvs.sourceforge.net/gens/Gens-MultiPlatform/

Follow the links for the RPM, or compile from source if you insist. Beware of the ads and the popups, but don't worry, the download is there. Make sure you delete your old configs in ~/.gens because this version uses a slightly different format. Also, running gens on the command line without a config in ~/.gens will result in a segfault. How do you get the gui to do the basic config? Feed gens a rom file on the command line like: gens /path/to/rom/game.bin so that it'll start a rom and bring up the gui. Best part about this release is that it's a single window now and fullscreen works. I'm using the following as my command line for MythTV:

gens --rompath / --quickexit --fs "$1"

I've got that in a shell script wrapper, because I also call qjoypad to integrate the escape key to exit the emulator.

enjoy.

mod_userdir functionality, minus the module.

khanh@khanh.net (Khanh) — Thu, 12 Jul 2007 19:20:59 -0700

Up until recently, I started having problems with winbind on a webserver I admin, connected to a NT4 domain hosted on a Samba 2 server. We were utilizing winbind to obtain valid user login accounts from the Samba server to server webpages for our users. The home directories were NFS mounted to the Samba server, Apache2 on SuSE 10 (X86-64) was the webserver. Due to lack of available storage resources, our system partition filled, and winbind was behaving erratically. Winbind would randomly have issues translating usernames to SIDs and wbinfo -u and wbinfo -g would completely fail. While winbind is technically "the right way", providing user accounts to the system and allowing Apache's mod_userdir to provide ~user URLs, it seemed like overkill. The box didn't need real users, since it never really needs to authenticate them. The fileserver is otherwise accessible for the users to make page or file updates. The webserver simply need to translate the ~user URL requests to the static path /home/user/public_html. I knew Apache has URL aliasing and with a cleverly simple regex, you can make this happen, minus the mod_userdir module.

Add the following line somewhere in your httpd.conf (or more relevant include conf file):

AliasMatch ^/~([^/]*)/?(.*) /home/$1/public_html/$2

My /home is NFS mounted to the Samba server's /home path. Obviously, you can tweak the "destination" of the alias match to your needs. Also, be sure to stop Apache from loading mod_userdir since you don't want it stepping over your alias, or vice-versa. The alias has been working for several hours now, with no interruption to service, and no support calls so far. I can't really find the downside to using it, only that you save a little bit of system resources by not loading the module (or needing to compile it in to Apache). It could perhaps even be slightly more secure, since the users don't actually exist on your webserver...

Making the switch... Again.

khanh@khanh.net (Khanh) — Sun, 13 May 2007 09:30:47 -0700

I keep making the switch. I haven't found THE operating system to solve all of my needs, but unfortunately, it pains me to switch back, to windows. I've been living a 99% windows-free life for about 8 months or so now. Administering a network, working with DVD/media, and wanting some basic gaming support has forced me back to Windows. OpenOffice is great, Wine is amazing, and the Linux OS has never been better. I continue to use SuSE Linux on all of my home MythTV boxes and at work on servers, but as a general-use workstation, I'll have to go back to Windows. I'll still host a virtual machine or two in various workstation settings, but alas, I've been defeated!

How to make Windows print to a Linux CUPS IPP printer

khanh@khanh.net (Khanh) — Sun, 03 Dec 2006 12:07:51 -0700

Network printing is a daunting task. Network printing in Linux is tricky. I have a Linux server with a shared CUPS printer (one of those HP PSC printers). Making OS X print to it was somewhat simple because it's BSD under the hood, so it has CUPS/IPP support. Adding your server's hostname to your hosts file was the trick to making it work.

I set out to make Windows print to the Linux CUPS/IPP printer. You should add your hostname and IP to C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS. This allows for name to IP resolution. Windows doesn't come with CUPS/IPP printing support out of the box. The key to making this work was found in a free Adobe PS driver found here. I chose Adobe Universal PostScript Windows Driver Installer 1.0.6 - English. Run the installer, select "Network Printer", and enter the URL of your printer queue. It will be something like http://hostname:631/printers/PrinterName. Select "yes" when prompted. You can use the Generic PostScript Printer option or you can use the PPD file created by CUPS for your printer with the Browse button. Your PPD file should be in /etc/cups/ppd on your Linux server.

I've only tested this under Windows XP, but other versions of Windows should work similarly.

LaCie brings Lightscribe to the rest of us

khanh@khanh.net (Khanh) — Tue, 17 Oct 2006 15:16:33 -0700

LaCie announced today that they now offer a complete Lightscribe solution for all platforms. That means now Mac OS X and even Linux users can write labels to Lightscribe media with Lightscribe drives. Lightscribe is a technology that allows you to etch silk screen quality images on the label side of CD/DVD media. Up until now, the technology was limited to Windows users due to lack of software. Now with the LaCie LightScribe Labeler for MAC OS, SureThing for Windows and LaCie LightScribe Labeler for Linux, we have software available to the three major OS platforms. Did I forget to mention the software is free from LaCie? Yes, it really is.

See:
http://www.lacie.com/lightscribe
http://www.lightscribe.com