FreeBSD ports… good but a pain.

So. I wanted to install gnupg on a FreeBSD box. Somehow it depended on something that depended on the LDAP libraries. Which broke authentication on the box. And in fixing that, lots of other dependencies needed to be updated. It turned into a horrible mess and some ports wouldn’t reinstall cleanly and no amount of portupgrade/portmaster shenanigans would fix it without removing swathes of stuff first.

In trying to find out which shared libraries were now broken, I wrote a very crude script to find out which binaries broke.

find-broken-libs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
#!/bin/sh
# simple hack to find local binaries with broken library dependencies

dirs=$*
[ -z "$dirs" ] && dirs="/usr/local/bin /usr/local/sbin /usr/local/libexec /usr/local/lib"

for dir in $dirs; do

        for file in "$dir"/*; do
                if [ -x "$file" ]; then
                        l=$(ldd "$file" 2>&1 | grep "=> not found" | sed -e 's/=> not found.*//')
                        if [ "$l" != "" ]; then
                                p=$(basename "$file")
                                pkg=$(find /var/db/pkg -type f -name '+CONTENTS' -print0 | xargs -0 grep "/$p\$" | cut -d: -f1 | sort -u | sed -e 's/^.var.db.pkg.//' -e 's/.+CONTENTS$//')
                                echo $p: $pkg: $l
                        fi
                fi
        done
done

In short, it finds executable files that ldd reports as having missing runtime dependencies and attempts to find those in the package directory (so you have a clue what packages it came from).

I renamed libfam to something else and this was the output:

1
2
3
4
5
# sh /home/chrisy/bin/find-broken-libs
imapd: courier-imap-4.8.1,2 imap-uw-2007e,1: libfam.so.0
maildiracl: courier-imap-4.8.1,2: libfam.so.0
maildirkw: courier-imap-4.8.1,2: libfam.so.0
maildrop: maildrop-2.5.2: libfam.so.0

First field is the file that is broken. Second field are packages that have files with that name. Last field are the missing libraries.

If no package uses a broken binary then that field in the output stays blank, wit:

1
2
3
4
5
# sh ~chrisy/bin/find-broken-libs
libgnutls-extra.so.15: : libintl.so.8 libintl.so.8
libgnutls-openssl.so.15: : libintl.so.8 libintl.so.8
libgnutls.so.15: : libintl.so.8
libgnutlsxx.so.15: : libintl.so.8

I’m posting this in case someone else finds it useful…

Posted in: Otherwise Uncategorized Comments Off

ABC of the Sea released!

About a week ago ABC of the Sea was accepted by Apple for inclusion in the App Store! It’s a universal app that will work on all recent iOS devices but it really is visually more exciting on the iPad.

Obligatory plug: It’s only 99¢ (or other local denomination)! Go buy it!

ABC of the Sea is a children-focussed animated book featuring 26 pages of hand-drawn marine life. The illustrations were originally produced by my wife many years ago but never published. Our own child can now read and a print of the book surfaced which she thoroughly enjoyed. We then had the idea to turn it into an iPad application. Each page has been carefully, but subtly animated in a fashion largely consistent with how the creature (or plant) behaves in its natural habitat, though some artistic license has been taken if the real-life movements would be virtually undetectable. Continue reading “ABC of the Sea released!” »

Tags: ABC of the Sea, app store, Apple, book, iOS, iPad, iPhone
Posted in: Apple, iOS Comments Off

Using an RSA public key generated by OpenSSL in iOS

Apple have gone to pains to make crypto in iOS (and MacOS in general) secure, building a layer between applications and the low-level stuff, like OpenSSL. The principle is to keep these functions in separate address space thus significantly reducing the surface area available for malicious code to find a weakness. In iOS this separation is enforced and, significantly, the documentation is sparse and terse. Public/private key use without also using certificates is mentioned but only in the context of using keys generated on the device. Posts on the Apple Developer forums indicate that using certificates is suggested because using public/private key pairs is “involved”. It turns out that the reason it’s involved is because of some odd implementation details and the aforementioned lack of documentation or useful examples.

I was developing a mechanism to verify some data that was generated outside the device. Using a simple key pair generated by OpenSSL at a command line it was very simple to create scripts in Perl and PHP to produce (and sign) and then decode (and validate) some data using this key pair. The functions to add a public or a private key to the keychain are there in iOS but they don’t work as expected. Continue reading “Using an RSA public key generated by OpenSSL in iOS” »

Tags: Apple, Cryptography, iOS, Objective C, OpenSSL, PHP, Public Key, RSA
Posted in: iOS Comments Off

Graphviz Plugin Demo

I came across the EHT Graphviz plugin for WordPress and, whilst useful, it has a very clumsy shortcode parser, is not well documented and only supports a subset of the Graphviz functionality. Now Graphviz is not exactly a standard for clear documentation but it is a useful tool for flow or organisational diagramming.

So I wrote my own WordPress plugin, which is demonstrated here. Continue reading “Graphviz Plugin Demo” »

Tags: Graphviz, WordPress, Wordpress Plugin
Posted in: Technology, WordPress Comments Off

More thoughts on RAID gone Green

Errata for RAID gone Green

I noted in RAID gone Green that my read speed was lower than write speeds and provided some commentary on why that might be. I have a further explanation to add to this – the stripe size of the RAID array. Continue reading “More thoughts on RAID gone Green” »

Tags: Dell, RAID, RE4-GP, Western Digital
Posted in: Technology Comments Off

Windows command prompt still in the 80′s

I sometimes wonder if cmd.exe will ever get the -h treatment a lot of unixy tools have received… dir is definitely still living in the MS-DOS era. For example: Continue reading “Windows command prompt still in the 80′s” »

Tags: MS-DOS, Windows
Posted in: Technology Comments Off

How to map a raw LUN when ESXi doesn’t want you to…

VMware ESXi is a very popular hypervisor and the underpinning of the vSphere virtualisation suite which caters for enthusiasts up to large scale datacenter operations for enterprise and service providers. VMware offers a VMware logovariety of software to achieve virtualisation, Workstation, Server, ESX and ESXi being the main flavors with very different focusses: Desktop use, existing server, with a Linux console and without. ESXi is the variant with the smallest footprint and is ideal if you don’t need to implement a bunch of monitoring or other scripting on the host, are going to do all that management stuff elsewhere, or just don’t need to do any. As with the trusty old VMware Server, ESX and ESXi are available with a free license that gives you lots of room to play with but removes some of the more advanced features (like being able to move VM’s between hosts whilst running). Continue reading “How to map a raw LUN when ESXi doesn’t want you to…” »

Tags: Dell, ESXi, hard disk, Linux, LVM, RAID, storage, Ubuntu, VMM386, VMware
Posted in: Technology Comments Off

RAID gone Green

Western Digital RE4-GP Hard Drive

Western Digital RE4-GP

Western Digital released their lower-power “Enterprise” RAID Edition (The RE-GP series) Serial ATA (SATA) drives some time ago, and the 1.5 and 2TB versions (RE4-GP series) last year. They were found to have an issue with certain RAID controllers and received much bad press as a result.

It’s now more than a year on and they have newer firmware, which has been generally well received. I also was toying with reducing the energy footprint of my home-business mass storage needs (not to mention to improve its reliability and performance) so I decided to give them a whirl in my newest server build Continue reading “RAID gone Green” »

Tags: Dell, ESXi, green, hard drive, Linux, low power, PowerEdge R515, RAID, RE4-GP, VMware, Western Digital
Posted in: Technology Comments Off

iOS Ad-Hoc Beta publishing directly from Xcode

A couple of weeks ago I posted about automating Ad-Hoc publishing using some simple shell scripting and a modified version of the BetaBuilder utility by Hunter Hillegas. Based on a comment on his blog I’ve taken this a step further: I’ve fully integrated the publishing mechanism into Xcode. Here’s how… Continue reading “iOS Ad-Hoc Beta publishing directly from Xcode” »

Tags: automation, BetaBuilder, Hunter Hillegas, iOS, iPad, iPhone, shell script, Xcode
Posted in: Apple, iOS, Technology 1 Comment

Poor-guys CDN (ish)


For fun, I setup a couple of Squid proxies in reverse-proxy fashion to see how it performed. Overall, I am happy with the result but a key thought behind the idea is to provide front-end resilience to the resources they publish. To that end, I made what can be best described as a poor-guys CDN. It’s not truly a CDN in the sense of global presence nor the ability to choose a front-end server closer to the end-user (not least because some of that functionality is patent-encumbered), but it does provide some degree of resilience.
Continue reading “Poor-guys CDN (ish)” »

Tags: BIND, CDN, DNS, dynamic DNS, HTTP, IPv6, LWP, Perl, reverse proxy, shell script, Squid
Posted in: Technology Comments Off

This website uses a Hackadelic PlugIn, Hackadelic Sliding Notes 1.6.5.
This website uses a Hackadelic PlugIn, Hackadelic SEO Table Of Contents 1.7.3.