Chris Luke

So. I wanted to install gnupg on a FreeBSD box. Somehow it depended on something that depended on the LDAP libraries. Which broke authentication on the box. And in fixing that, lots of other dependencies needed to be updated. It turned into a horrible mess and some ports wouldn’t reinstall cleanly and no amount of portupgrade/portmaster shenanigans would fix it without removing swathes of stuff first.

In trying to find out which shared libraries were now broken, I wrote a very crude script to find out which binaries broke.

In short, it finds executable files that ldd reports as having missing runtime dependencies and attempts to find those in the package directory (so you have a clue what packages it came from).

I renamed libfam to something else and this was the output:

First field is the file that is broken. Second field are packages that have files with that name. Last field are the missing libraries.

If no package uses a broken binary then that field in the output stays blank, wit:

I’m posting this in case someone else finds it useful…

About a week ago ABC of the Sea was accepted by Apple for inclusion in the App Store! It’s a universal app that will work on all recent iOS devices but it really is visually more exciting on the iPad.

Obligatory plug: It’s only 99¢ (or other local denomination)! Go buy it!

ABC of the Sea is a children-focussed animated book featuring 26 pages of hand-drawn marine life. The illustrations were originally produced by my wife many years ago but never published. Our own child can now read and a print of the book surfaced which she thoroughly enjoyed. We then had the idea to turn it into an iPad application. Each page has been carefully, but subtly animated in a fashion largely consistent with how the creature (or plant) behaves in its natural habitat, though some artistic license has been taken if the real-life movements would be virtually undetectable. Continue reading “ABC of the Sea released!” »

Apple have gone to pains to make crypto in iOS (and MacOS in general) secure, building a layer between applications and the low-level stuff, like OpenSSL. The principle is to keep these functions in separate address space thus significantly reducing the surface area available for malicious code to find a weakness. In iOS this separation is enforced and, significantly, the documentation is sparse and terse. Public/private key use without also using certificates is mentioned but only in the context of using keys generated on the device. Posts on the Apple Developer forums indicate that using certificates is suggested because using public/private key pairs is “involved”. It turns out that the reason it’s involved is because of some odd implementation details and the aforementioned lack of documentation or useful examples.

I was developing a mechanism to verify some data that was generated outside the device. Using a simple key pair generated by OpenSSL at a command line it was very simple to create scripts in Perl and PHP to produce (and sign) and then decode (and validate) some data using this key pair. The functions to add a public or a private key to the keychain are there in iOS but they don’t work as expected. Continue reading “Using an RSA public key generated by OpenSSL in iOS” »

I came across the EHT Graphviz plugin for WordPress and, whilst useful, it has a very clumsy shortcode parser, is not well documented and only supports a subset of the Graphviz functionality. Now Graphviz is not exactly a standard for clear documentation but it is a useful tool for flow or organisational diagramming.

So I wrote my own WordPress plugin, which is demonstrated here. Continue reading “Graphviz Plugin Demo” »

Errata for RAID gone Green

I noted in RAID gone Green that my read speed was lower than write speeds and provided some commentary on why that might be. I have a further explanation to add to this – the stripe size of the RAID array. Continue reading “More thoughts on RAID gone Green” »

I sometimes wonder if cmd.exe will ever get the -h treatment a lot of unixy tools have received… dir is definitely still living in the MS-DOS era. For example: Continue reading “Windows command prompt still in the 80′s” »

VMware ESXi is a very popular hypervisor and the underpinning of the vSphere virtualisation suite which caters for enthusiasts up to large scale datacenter operations for enterprise and service providers. VMware offers a variety of software to achieve virtualisation, Workstation, Server, ESX and ESXi being the main flavors with very different focusses: Desktop use, existing server, with a Linux console and without. ESXi is the variant with the smallest footprint and is ideal if you don’t need to implement a bunch of monitoring or other scripting on the host, are going to do all that management stuff elsewhere, or just don’t need to do any. As with the trusty old VMware Server, ESX and ESXi are available with a free license that gives you lots of room to play with but removes some of the more advanced features (like being able to move VM’s between hosts whilst running). Continue reading “How to map a raw LUN when ESXi doesn’t want you to…” »

Western Digital RE4-GP

Western Digital released their lower-power “Enterprise” RAID Edition (The RE-GP series) Serial ATA (SATA) drives some time ago, and the 1.5 and 2TB versions (RE4-GP series) last year. They were found to have an issue with certain RAID controllers and received much bad press as a result.

It’s now more than a year on and they have newer firmware, which has been generally well received. I also was toying with reducing the energy footprint of my home-business mass storage needs (not to mention to improve its reliability and performance) so I decided to give them a whirl in my newest server build Continue reading “RAID gone Green” »

A couple of weeks ago I posted about automating Ad-Hoc publishing using some simple shell scripting and a modified version of the BetaBuilder utility by Hunter Hillegas. Based on a comment on his blog I’ve taken this a step further: I’ve fully integrated the publishing mechanism into Xcode. Here’s how… Continue reading “iOS Ad-Hoc Beta publishing directly from Xcode” »

For fun, I setup a couple of Squid proxies in reverse-proxy fashion to see how it performed. Overall, I am happy with the result but a key thought behind the idea is to provide front-end resilience to the resources they publish. To that end, I made what can be best described as a poor-guys CDN. It’s not truly a CDN in the sense of global presence nor the ability to choose a front-end server closer to the end-user (not least because some of that functionality is patent-encumbered), but it does provide some degree of resilience.
Continue reading “Poor-guys CDN (ish)” »