Let's Encrypt + Plesk

Let's encrypt issues SSL-Certificates for free - meanwhile most Systems trust their CA. Let's Encrypt features a CLI to request, update and install certificates - which work's nicely as long as your server's setup is compatible. A Plesk based setup, however, is not.

Luckily, Plesk features it's own CLI - so let's make a short script to renew and update certificates. Here's the script, I'll explain later. It requires Let's Encrypt's "certbot" to be installed in $HOME.

#!/bin/sh

IP="your.ip.v4.address"
IP6="your:ip:v6:address"

#Domains, format: domain.tld sub1.domain.tld sub2.domain.tld"
Domains=("domain.tld sub1.domain.tld sub2.domain.tld" "domain2.tld2")
#"Main" domain - the name of the certificate that will be associated to the IPs above...
MainDomain="domain.tld"

echo "Certificates will be renewed and installed in Plesk:"
for dom in "${Domains[@]}"; do
	echo " $dom"
done
if [ -n "$1" ]; then
	echo "Renew will be issued for all, however only domain $1 will be updated in Plesk!"
fi
echo;
echo " IPv4: $IP"
echo " IPv6: $IP6"

#"MonthName" should be something that is unique between subsequent calles of the script
# date +%B should give the name of the current month, for more frequent calls use e.g.
# date +%Y-%M-%d_%H-%m-%S
MonthName="$(date +%Y-%m-%d_%H-%M-%S)"
echo " Unique part for each certificate's name: $MonthName"

echo;

read -p "This might brake your setup. Type YES to continue: " Keypress

if [ "$Keypress" != "YES" ]; then
	echo "I asked for \"YES\", you gave me \"$Keypress\". Exiting..." 
	exit 1
fi

echo;

read -p "Call letsencrypt-auto ? [y/N] " Keypress

if [ "$Keypress" = "y" ]; then
	~/certbot/letsencrypt-auto renew
	echo;
	echo "Done."
fi
echo;

function installcert {
	Certname="LetsEncrypt-Auto_($MonthName)_$1"
	echo;
	echo "Installing certifikate \"$Certname\" to domain repository..."
	key_file="/etc/letsencrypt/live/$1/privkey.pem"
	cert_file="/etc/letsencrypt/live/$1/cert.pem"
	cacert_file="/etc/letsencrypt/live/$1/fullchain.pem"
	/opt/psa/bin/certificate -c $Certname -domain $1 -key-file $key_file -cert-file $cert_file -cacert-file $cacert_file
}

function installcert_admin {
        Certname="LetsEncrypt-Auto_($MonthName)_admin_$1"
        echo;
        echo "Installing certifikate \"$Certname\" to admin's repository..."
        key_file="/etc/letsencrypt/live/$1/privkey.pem"
        cert_file="/etc/letsencrypt/live/$1/cert.pem"
        cacert_file="/etc/letsencrypt/live/$1/fullchain.pem"
        /opt/psa/bin/certificate -c $Certname -admin -key-file $key_file -cert-file $cert_file -cacert-file $cacert_file
}


function assigncert {
	Certname="LetsEncrypt-Auto_($MonthName)_$1"
	/opt/psa/bin/subscription -u $2 -certificate-name $Certname
}

read -p "Install certificates in Plesk? [y/N] " Keypress

if [ "$Keypress" = "y" ]; then
	for domain in "${Domains[@]}"; do
		#Split into another array
		subs=($domain)
		main="${subs[0]}"
		echo "Working on domain $main..."
		#Domain $domain will only been updated if either no arguments are given, or the one and only argument matches $domain
		if ( [ "$1" == "$main" ] ) || ( [ -z "$1" ] ); then
			installcert "$main"
			#Then assign all certificates
			for sub in "${subs[@]}"; do
				assigncert "$main" "$sub"
			done
		else
			echo "==> Skipped."
		fi
	done

	echo;
	echo "Done."
	echo;
fi

read -p "Install & Assign SSL-Certificate of $MainDomain for IPs (Admin's repository)? [y/N] " Keypress

if [ "$Keypress" = "y" ]; then
	installcert_admin "$MainDomain"
	/opt/psa/bin/certificate -ac "LetsEncrypt-Auto_($MonthName)_admin_$MainDomain" -admin -ip $IP
	/opt/psa/bin/certificate -ac "LetsEncrypt-Auto_($MonthName)_admin_$MainDomain" -admin -ip $IP6 
fi

function mailcert {
	Uhr="$(date +%Y-%m-%d_%H-%M-%S)"
	key_file="/etc/letsencrypt/live/$1/privkey.pem"
        cert_file="/etc/letsencrypt/live/$1/cert.pem"
        cacert_file="/etc/letsencrypt/live/$1/fullchain.pem"
        tar -chjf Cert-Backup-$Uhr.tar.bz2 /etc/postfix/postfix_default.pem /usr/share/imapd.pem /usr/share/pop3d.pem
        #Concat certificate for eMail...
	cat $key_file >/tmp/newcert.pem
	cat $cert_file >>/tmp/newcert.pem
	cat $cacert_file >>/tmp/newcert.pem
	cp /tmp/newcert.pem /etc/postfix/postfix_default.pem
	cp /tmp/newcert.pem /usr/share/imapd.pem
	cp /tmp/newcert.pem /usr/share/pop3d.pem
	chmod 400 /usr/share/imapd.pem
	chmod 400 /usr/share/pop3d.pem
	chmod 600 /etc/postfix/postfix_default.pem
	rm /tmp/newcert.pem
	/usr/local/psa/admin/sbin/mailmng --restart-service
}

read -p "Install certificate of $MainDomain to Postfix/IMAP/POP ? [y/N] "

if [ "$Keypress" = "y" ]; then
	mailcert "$MainDomain"
fi

The script has a short configuration section at the top, most notably the domains you want to work on. They are give in a string array, containing the domain name given first when registering a certificate with LetsEncrypt as the first token, and all sub domains you want to secure with the same certificate separated with spaces. More precisely: Let's encrypt stores your certificates into /etc/letsencrypt/live/<domain>, the first token is used to generate this path. I recommend using your domain without any subdomain for this purpose, i.e. "domain.tld sub.domain.tld sub2.domain.tld". To achieve this, when calling lestencrypt-auto, give this domain as the first one, i.e.

./letsencrypt-auto certonly --webroot -w /var/www/httpdocs -d domain.tld -d sub.domain.tld

This, of course, requires your domains to be set up in Plesk the same way, i.e. in Plesk, domains with the names "domain.tld", "sub.domain.tld" and "sub2.domain.tld" must exist. The Plesk-CLI commands used to register and setup are:

  • /opt/psa/bin/certificate -c <certname> -domain <domaine> -key-file <key_file> -cert-file <cert_file> -cacert-file <cacert_file>
  • /opt/psa/bin/subscription -u <domain> -certificate-name <certname>

If you want your IP-Adresses given a default certificate, you should set both IP-Adress variables AND the "main domain" setting. The script will look for a certificate issued for this domain, register it in the admin's repositiry and the assign it to both addresses. The respective commands issued are:

  • /opt/psa/bin/certificate -c <certname> -admin -key-file <key_file> -cert-file <cert_file> -cacert-file <cacert_file>
  • /opt/psa/bin/certificate -ac <certname> -admin -ip <IP>

If you want your email communication to be secured with your Lets Encrypt certificates, you have to request a certificate for your "main domain" that includes your MX subdomain. For example, if "main domain" is set to "example.com" and MX for this domain is "mail.example.com", your certificate must include this subdomain. Securing a Plesk-based system's email with your own SSL-Certificates has been described by Jay Versluis on wpguru.co.uk, and I simply scripted his approach.

Posted in English, Software

Elster-Formular mit Mint x64 / Wine

Der kleine ELSTER-Inforoboter (leider keine Elster, sondern ein Roboter) verkündet großmäulig, "ELSTER läuft auch unter Linux". Für einen kleinen Teil der angebotenen Softwareprodukte dieser Firma mag das stimmen, für ElsterFormular allerdings nicht, zumindest nicht Offline. Mit Wine allerdings läuft es quasi problemlos - wirklich gut allerdings nur mit 32-Bit Wine (für x64-Windows gibt es die entsprechenden .NET 3.5 DLLs nicht in einer Form, mit der Wine umgehen kann). Dafür erstellt man zunächst einen Wine-Prefix mit 32-Bit im Hintergrund:

WINEPREFIX=$HOME/Anwendungen/Elster WINEARCH='win32' wine 'wineboot'

Vorausgesetzt man hat wine, wine:i386 und wine-mono installiert, sollte Wine nun (hier im Ordner Anwendungen/Elster im Home-Verzeichnis) eine neue Wine-Basis einrichten - dafür frägt wein auch nach dem Mono- sowie dem Gecko paket, die man beide installieren sollte.

Das Elster-Setup startet man nun mittels:

WINEPREFIX=$HOME/Anwendungen/Elster wine ~/Downloads/ElsterFormular-16.3.170.20151019p.exe

Wichtig ist, den WINEPREFIX-Teil nicht zu vergessen, sonst verwendet Wine den Standard-Prefix (meist ~/.wine) - dieser ist auf 64-Biting Linuxen dann doch meist 64 Bit. Die Installation läuft nun praktisch automatisch, wie auf Windows problemlos. Lustig ist, dass die Software zwingend eine Internetverbindung zum Anzeigen des Lizenzvertrages voraussetzt; wäre mal interessant zu prüfen, ob das so überhaupt rechtens ist...

Lizenzdialog von ElsterFormular

Das schöne ist, dass Wine für installierte Verknüpfungen den aktuell gesetzten WINEPREFIX automatisch mit in die entsprechenden .desktop-Files packt, sodass ab jetzt keine weitere Komandozeilenarbeit notwendig ist:

Elster-ENV

Ergebnis: Läuft!

Elster

Posted in Uncategorized

Updating sparklines in OriginC

Ever wondered how to tell OriginLab to update the sparklines after a custom import-filter (or whatever data-manipulating script) has been called?

Well, you can call the "sparklines" X-Function. The documentation is, as usual for OriginC, not the best and calling X-Functions with the wrong parameter will simply crash OriginLab, but it's worth it...

Code:

bool call_UpdateSparklines_XF(Worksheet &wks)
{
    // Create an instance of XFBase using the X-Function name.
    XFBase xf("sparklines");
    if (!xf)
        return false;
 
    // Set the 'iw' argument. A worksheet for XFBase is referenced using a Pointer (not the name...)
    if (!xf.SetArg("iw", wks))
        return false;
 
    // Set the 'sel' argument.
    if (!xf.SetArg("sel", 0))
        return false;
 
    // Set the 'c1' argument, the first row to update. Counter starts at 1.
    if (!xf.SetArg("c1", 1))
        return false;
 
    // Set the 'sel' argument.
    if (!xf.SetArg("c2", wks.GetNumCols()))
        return false;
 
    // Call XFBase's 'Evaluate' method to execute the X-Function
    if (!xf.Evaluate())
        return false;
 
    return true;
}

You might also find this Forum-Entry useful, where some different possibilities are given: OriginC-Forum / Sparklines

Posted in English, OriginLab, Software

HD TFT vs. VGA-KVM Switch - and Linux

Multiple Computers at the same Keyboard, Video and Mouse - no problem when using a KVM Switch. Unfortunately, mine (DLink DKVM-2KU) does not seem to route the IDx-Pins of the VGA connector correctly, my system was not able to get the required EDID data to know which timings and resolutions are supported by the monitor.

This resulted in a max. resolution of 1360x768 pixels - way below the native 1920x1080 (which I could easily set when connecting the display directly via DVI or VGA). Most guides to add additional resolutions suggest asking gtf or cvt to calculate the respective timings (where for TFT-Displays CVT-based timings should be used, see e.g. http://www.uruk.org/~erich/projects/cvt/) and pasting these to xrandr to set the required mode. However, this does not work if xrandr thinks the monitor cannot take the requested frequencies.

A call to cvt may produce this:

X@Y ~ $ cvt 1920 1080
# 1920x1080 59.96 Hz (CVT 2.07M9) hsync: 67.16 kHz; pclk: 173.00 MHz
Modeline "1920x1080_60.00"  173.00  1920 2048 2248 2576  1080 1083 1088 1120 -hsync +vsync

The printed "modeline" contains all the timings needed for the card to drive the monitor at the requested resolution, however - in my case - adding the requested resolution resulted in an error, basically telling me that one of the parameters was not in a range supported by some device in the chain (DAC or Monitor for example):

X@Y ~ $ xrandr --newmode "1920x1080_60.00"  172.80  1920 2040 2248 2576  1080 1081 1084 1118  -HSync +Vsync
X@Y ~ $ xrandr --addmode VGA-0 "1920x1080_60.00"
X Error of failed request:  BadMatch (invalid parameter attributes)
  Major opcode of failed request:  140 (RANDR)
  Minor opcode of failed request:  18 (RRAddOutputMode)
  Serial number of failed request:  29
  Current serial number in output stream:  30

Most forum-threads, guides and Wiki-entires break at this point and say "Well, your monitor simply cannot do this". Mine does, however the system doesn't know. The source of the problem was in the X-Org config-file /usr/share/X11/xorg.conf.d/90-monitor.conf (in this case of Linux Mint 17.1, although I don't know where this file came from - it doesn't seem to be part of the standard system packages), which contained:

Section "Monitor"
    Identifier     "Monitor0"
    VendorName     "Unknown"
    ModelName      "Unknown"
    HorizSync       30.0 - 63.0
    VertRefresh     55.0 - 75.0
    Option         "DPMS"
EndSection

When I2C and therefore EDID is working correctly, the file seems to get overruled by the information provided by the monitor - in my case, EDID didn't get past the KVM switch. The modeline calculated by cvt stated a pixel-clock of 172.80 MHz, together with a total virtual display width of 2576 points. This results in a horizontal refresh-rate of 67 kHz - which is higher than the maximum of 63 kHz given in the file.

Once I fixed this (I set it to 200, which is way to high, but doesn't matter here...), xrandr accepted the mode. If you want this to be permanent, you might configure your X-Server according to this guide - but don't forget to add the HorizSync and VertRefresh parameters!

But, for haven's sake, be careful! Setting really wrong values will at least leave you without a picture (or an "Out of Range" message) for TFT screens, CRTs might get damaged!

Update: There's annother error that I came accross when reinstalling the machine recently:

X Error of failed request:  BadName (named color or font does not exist)

This time, I simply had to change the name of the mode from "1920x1080_60.00" to "1080p" - problem solved. Possibly my Xsession-script did not fail completely and blocked the name for future use...

Posted in English, Software

Agilent U1253A with LabView

Agilent's U-Series Multimeters have the ability to be talked to via an infrared interface (and some of them even feature an OLED display), either through Agilent Keysight's slightly overpriced USB-To-IR Adapter, or by building your own. If you intent to follow the latter path, be sure to read Josip Medved's Info about the Adapter; it covers pretty much everything you need. There's also a YouTube-Video with a more sophisticated (and probably oversized) approach.

LabView

With the communication working (you might test it with Keysight's own logging-tool), it's probably more interesting to be able to control the device using LabView. Unfortunately, I could not find any libraries, and the documentation is limited to a post on Philipp Klaus' blog describing the basic command set.

Screenshot of a sample program

A sample program constantly reading the meter's data

In short, the Device features 2.5 "channels", or let's call them data-streams; it is capable of e.g. measuring voltage and frequency of an AC source simultaneously and can additionally report the current ambient temperature; although that feature might not be of so much use. In principle, to continuously read out the data measured by the multimeter, you might want to query it's current setting (unit, range, precision), it's value or status (like auto-range, position of the rotary switch etc.).

Command Set

To find out how to talk to the device, and how to interpret it's response, I used a Serial Analyzer in conjunction with the original software. The result is a LabView-Library that's capable of handling a reasonable part of all passive commands (no controlling of the device so far only limited support for configuring the device so far) - the lib, however, should be considered in alpha-state and might still contain bugs. Every command sent from the computer should be terminated by a single linefeed (0x0A, "\n" etc.); the device itself terminates with carriage return and linefeed. On error, the device will return "*E\r\n". Most of the time, the meter acts as passive command-responder, except when the user turns the rotary-switch - in that case, the device sends the switch position counting from 0 (and excluding the "off" state - which means you won't be able to detect a "switch-off" event except with a communication timeout) preceded by a star, i.e. "*1\r\n" for Volt.

The commands I saw on the line include:

CommandMeaning
*CLSallways sent to the device on the beginning of a command set. Probably resets the last read-command
*RSTsaid to reset the meter, up to now I didn't see any actual change in behavior
*IDN?Request identification of the meter. Result is a string devided into 4 parts by commas, i.e.
"Agilent Technologies,U1253A,MY12345678,V1.01", reading the company's name, the model- and serial number and it's firmware version
STAT?Returns the current device status. I could only identify two parameters so far.

Sample:
"000000I00012L00204001"
(Character 17, 2 in this case, indicates the current position of the rotary switch, whereas the last digit is set to 1 when AUTO-range is enabled)
CONF? (or)
CONF? @#
Request the current configuration (for channel @#) of the meter, see the next section
FETC? (or)
FETC? @#
"Fetch" either the 1st display/stream/channel (or however you'd like to call it) or request a specific one (i.e. "FETC? @2" for the auxiliary reading, i.e. the frequency of an A/C voltage)

The meter always returns a single floating point number.
READ?Return the current meter reading, only applies to the 1st channel/stream/dataset...
SYST:BATT?Get the meter's battery status, returns a single floating point value in %/fully charged.

Read configuration options

Following a "CONF?", the device answers with it's current setting (i.e. voltage or frequency) and a few parameters. To request the configuration of a specific "channel", send "CONF? @#" replacing the # with a number from 0 to 2. The type of voltage or current, or any subtype of measurement is appended to the basic setting with a semicolon. Additional parameters are separated from this basic information with a space, again separated by commas. Example: "VOLT:ACDC +1.00000000E+00,+1.00000000E-04" denotes an AC/DC voltage-measurement with a range of 1 Volt an a maximum resolution of 0.1 mV. The following table will give some more detailed information:

OptionMeaning
VOLT(:type)The channel will return a voltage. When configured for DC voltage, it's just "VOLT". For AC, AC/DC or DB(V/M) measurements, the corresponding option follows with a semicolon, i.e. "VOLT:ACDC".

Additional parameters are the measurement rage in Volts and the value for the last (4th) digit (i.e. the precision). These parameters will not be returned for dBV or dBM measurements.
CURR(:type)Current measurement. Again, DC is the default without a semicolon, AC and ACDC are reported seperately.

For the mA/A measurement range, there's an additional measurement mode displaying the current as a percentage between 0 mA/4 mA and 20 mA, the corresponding return value is "CPER:4-20mA" or "CPER:40-20mA".

Parameters are range and precision.
RESResistance, parameters are again range and precision.
CONDConductance measurement, parameters are range and precision.
DIODDiode measurement, this setting doesn't seem to return any range or precision.
CAPCapacitance, parameters as for VOLT or CURR.
CPER:(range)"Percentage Scale". Probably made for adjustment measurements, displays a percentage of the measured current in the range of [4..20] mA or [0..20] mA. The range is given after the semicolon, i.e. "CPER:4-20mA". Additional parameters like for CURR.
FREQFrequency in Hz, parameters are again range and precision. So far only seen for the second channel.
PRESThe value of the frequency counter (channel 1). Does not return any reasonable range, only one parameter: 1 for direct counting, and 100 for a prescaler (divider) or 100.
PULS:(type)Pulse-Width measurement. Might return either a percentage of high-value to low-value ("PULS:POUT") or the pulse width directly ("PULS:PWID"). Ranges will show the values of the voltage measurement.
TEMP:(type) (unit)Temperature measurement, the only supported setting for the third channel.

Type might be either "K" or "J", depending on the configured type of the thermocouple - or "ENV" denoting the meter's environment measurement (channel 3).

The only parameter is the unit, either "CEL" for Celsius or "FAR" for Fahrenheit.
CONTContinuity measurement, similar to RES but with (if configured) audible tone on contact
*EError, i.e. an unused channel.

Send configuration

Different "layers" of functionality for specific switch-positions can also be selected via Software. The device accepts two lines of configuration options after a "CLS*" command (I didn't test it without), the possible options depend on the position of the rotary switch. An erroneous command will be acknowledged by "*E", the configuration, however, might still be partially applied and might lead to instable operation (i.e. incomplete or overlapping data on the display). Success in changing the configuration will not trigger any response. Note that, upon selecting additional (calculated) quantities, those might become the primary reading; selecting AC-Voltage and Frequency for example will change the first channel to frequency, and reports the voltage on the second channel.

Each switch position allows a different set of options, as can be seen in the following table:

Rotary SwitchCommandMeaning
0 (V/AC)
1 (Volt)
2 (mVolt)
CONF:VOLT{:AC,:DC,:ACDC} (range)Change the range of the AC voltage measured, possible parameters are 5, 50, 500 and 1000 (Volt each) or 0.1, 0.5 and 1 (also Volt, valid for position 2). Omit the range parameter to enable auto-range.

Parameters AC, DC and ACDC are only valid for switch-positions 1 and 2.
CONF:FREQMeasure the frequency additionally to the voltage, it will become the primary reading. Auto-range only.
CONF:PULS:(type)Measure pulse-width (primary). Possible types are PDUT/NDUT (positive/negative edged dutycycle in %) or PWID/NWID (positive/negative edged step-width in ms)
CALC:FUNC {DBV,DBM}Set the primary channel to read calculated dB/V or dB/M values
3 (Resistance)CONF:RES (range)Configure the resistance measurement; ranges are none (auto), 500, 5k, 50k, 500k, 5M, 50M or 500M (Ohms each of course).
CONF:CONDMeasure conductance, only one range is supported and may not be configured (500 nS)
CONF:CONT (range)Measure continuity; accepts the same ranges like CONF:RES
4 (Diode)CONF:DIODStandard, set to Diode-measurement. Range is fixed to 2.1 V
CONF:FCOU (range)Select the frequency counter function. Range is either 1 for direct counting, or 100 to select a prescaler of 1/100 to measure frequencies of up to 20 MHz
5 (Capacitance)CONF:CAP (range)Set the range of the capacitance measurement, either none (Auto) or 10n, 100n, 1000n, 10u, 100u, 1000u, 10m or 100m (Farad each).
CONF:TEMP (type),(unit)Switch to temperature measurement. Type is either K or J for {K/J}-Type thermocouples. Unit is either FAR-enheit or CEL-sius.
SYST:TCOM (0, 1)Enable / Disable 0° compensation
6 (µA)
7 (mA/A)
CONF:CURR{:AC,:DC,:ACDC} (range)Set the current measurement to DC, AC or AC/DC measurement and configure the range to autorange (none) or 500u, 5000u (µA) for position 6 (µA) or 0.05, 0.5 (A) for Position 7.
CONF:CURR:PERCDisplay the measured current as a percentage - no direct range parameter!
SYST:CPER (range)Configure the range of the Percentage Scale measurement - either "0-20" or "4-20" (mA each).
for Additional parameters see Positions 0 to 2!
(possibly) AllSYST:TENV (0, 1)Enable / Disable measurement of the environment temperature, will be readable on channel 3

A few VIs exist already to configure the device using the above commands.

Update: Configure PWM Output

The last available switch-position (#8) will allow you to operate a PWM output with 3 Volts/peak and an instrumental precicion of 1/256 of the frequency set. The device features three commands to program the PWM output. "CQU:FREQ X" sets the output frequency to X, possible options can be taken from the manual and range from 0.5 Hz to 4.8 kHz. The pulse width can be controlled from 0.39 % to 99.609 % / total, given in values from 1 to 255. The device has two commands to set the pulse width, "CQU:PWID X" will program the pulse width and display the value in ms, where as "CQU:DCYC X" will display the duty cycle in %.

Code

The code including the sample program can be found on bitbucket.

Posted in English, LabView, Software

Samba, smb.conf und Zeichensätze

Schon mal den Fehler gemacht, die smb.conf mit einer grafischen Benutzeroberläche zu bearbeiten? Nein?

Hier wäre das Resultat:

Samba-Fehler

Grund: die GUI (hier DrakSamba, z.B. in Mageia verwendet) verwendete einen anderen Zeichensatz als vorgesehen. Samba und Windows kommen mit Umlauten in UTF-8 mittlerweile ganz gut klar, DrakSamba setzte das "ü" in ISO 8859 Latin 1 (Codepoint $FC).

Lösung: Auf der Kommandozeile bearbeiten, richtiges Encoding wählen und funktioniert!

 

Posted in Uncategorized

Windows NT 4 in VMWare Player

Manchmal braucht man eben auch alte Krücken noch, in diesem Fall Windows NT4. Glücklicherweise bringt VMWare die nötigen Treiber von Haus aus mit, und Windows NT4 hat die LSI Logic SCSI Treiber auch schon. Windows NT Workstation unterstützt bis zu 2 CPUs (obwohl VMWare etwas anderes behauptet), diese werden aber meist nicht benötigt und bringen unter Umständen (durch den Multiprozessor-Kernel) mehr Probleme als Nutzen. Die Standardeinstellung von 256MB RAM ist ausreichend, Windows NT ist mit 512 MB RAM mehr als zufrieden.
Übrigens: wie man bei Windows NT zwei Kernel-Varianten (Multi- und Uniprozessor-Kernel) installiert, steht in der KB von VMWare.

Ein paar Schwierigkeiten gibt es dennoch. Windows NT4 bringt normalerweise den Internet Explorer 2.0 mit. Schönes altes Ding, so ziemlich keine einzige aktuelle Website lässt sich überhaupt noch anzeigen, sehr oft antworten noch nicht mal mehr die Webserver auf seine veralteten Anfragen. Da aber sowieso die meiste noch existierende Software das Servicepack 6a voraussetzt, sollte man das auch gleich installieren.

Wie so ziemlich alle Windows NT 4-Updates gibt es SP6a auf den Seiten des Rechenzentrums der Uni Regensburg zum download. Nach der Installation des Service Packs sollte gleich der IE6 installiert werden, den gibt's bei WinFuture. Eine ebenso fast unerschöpfliche Quelle ist der "Windows NT 4 Webplace".

VMWare bringt mit seinen VMWare-Tools Grafik, Sound und Maustreiber mit. Leider funktioniert die Installation des Maustreibers nicht - dieser kann aber leicht per Hand installiert werden. 7Zip hilft dabei, das läuft auch in der neuesten Version noch auf Windows NT 4. Auf der VMWare-Tools CD wird die Installations-MSI extrahiert, darin gibt es die Maustreiber für Windows NT:

vmmouse

Die Dateien "vmmouse.infNTen" und "vmmouse.sysNTen" müssen jeweils mit ihrer natürlich Endung versehen werden, danach kann man in der Systemsteuerung den passenden Maustreiber installieren.

Wer USB-Unterstützung in seiner VM haben möchte: leider scheint Woodhead's USB-Stack (mit USB EHCI) nicht mehr zu funktionieren (angeblich hat er das mal in VMWare). Es gibt allerdings noch eine andere Möglichkeit (Nur UHCI, muss in den Einstellungen der VM auch aus USB1.1 angegeben sein!), die funktioniert. Übrigens ist es sinnvoll, auch den FAT32-Treiber zu installieren.

Für Sound: VMWare emuliert eine Creative Ensonic PCI128. Treiber gibt's im Netz, z.B. hier.

Posted in Uncategorized

Fairphone with or without Google's Apps

Yep, a brand new Fairphone! One of the probably most notable differences of the "Fairphone OS" to any stock Android is, that it does not include, by default, all these little Google thingies like the Play Store, GMail, the Location Service etc.! On the other hand, Fairphone did provide a way to install that crap by downloading an approximately 100 MB sized file from some "secured source". Fair enough.

InstallGoogleApps

The "Install Google Apps" widget is by default on the home screen

Two things to check here. First, where does this download come from and second: how can I control what's being installed, e.g. to install the Play Store and it's bare essential dependencies, and nothing else; maybe to exchange some of the frameworks by the great replacements from the NOGAPPS project?

By the way, there's a really great thread about the Fairphone and it's Hard- & Software on the XDA-Developers Forum.

Where does this come from?

First of all, I wanted to know where the files get downloaded. A quick search didn't give satisfactory results. But, there's a Firmware recovery image available for download. Looking at the APKs residing in /system/apps of that image (which saves quite some time compared to pulling that from the actual device) it is easily discoverable that this "Install Google Apps" widget belongs to FairPhoneHome.apk. The two great tools APKTool and SMALI ease up the digging a lot,  and in the end there's the App's string-resource XML-File that reveals the download location of the first step:

<string name="gapps_installer_download_url">http://www.fairphone.com/externalcontent/fp_ga.zip</string>
<string name="gapps_installer_config_file">fairphonegapps</string>
<string name="gapps_installer_zip">.zip</string>
<string name="gapps_installer_cfg">.cfg</string>

fp_ga.zip contains two files, fairphonegapps.cfg and fairphonegapps.sig. fairphonegapps.sig seams to be the signature signed with the private key that belongs to the public key in FairPhoneHome.apk's resources. Being no crypto expert, it's not easy to tell whether this approach is secure, but a short look at the disassembly and some testing did not reveal any easy way to replace fairphonegapps.cfg.

This file however, contains the link to the "real" GApps archive, together with it's MD5-Hash.

http://www.hightail.com/e?phi_action=app/directDownload&fl=SWhZekZucHZsamVFTmVLWHo4b01Eak9yZWt5UmdteDRsUjJuWENHRzVZbz0
64c3df86f20ab9b557fd3e4fc781633f

Well, let's download that and have a look.

How to change the apps being installed?

The Archive contains the usual set of object files and bundles etc. needed to install the Google Apps. Is copied to the /system volume, the phone will "install" them on the next reboot. The installer contains some hardcoded filenames and desinations, it's automatically issue the needed remount-command to make /system writable and does all the copying for us. As it's inconvenient to try to replace the file being downloaded, let's just install everything we want our own.

The Android-SDK contains a nifty tool called "adb" that allows to connect to the underlying linux-shell of any android phone, given USB-Debugging is active and USB is set up correctly. On Windows, the right drivers will have to be installed (you might want to change "My HTC" in the driver to "Fairphone" for device id 0x0C03 if you don't mind installing unsigned drivers). On Linux, you'll need to modify the udev rules to include HTCs vendor ID, 0xBB4.

Then it's quite easy to modify the apps installed. I removed everything except the Google Play Services, it's dependencies (Text to Speech) and the initialization app. All these have to be copied to the internal storage "SDCard", for example into the folder "apps-install". After that, start the terminal by issuing "adb shell", then become root and copy the files over. This of course only works if the /system filesystem has been re-mounted writable:

mount -o remount,rw /system
cp -r /mnt/sdcard/apps-install/* /system/
chmod 755 /system/addon.d/70-gapps.sh
mount -o remount,ro /system

When installing the face recognition service, 71-gapps-faceunlock.sh also needs to be chmodded.

After copying, reboot the phone - Android will "optimize" your applications, and that's it. As far as I know, one cannot use the Play Store without Google Account Services and all it's downsides (like advertising, google only provides the setting to "ask" applications not to track users). So, if possible, use the APKDownloader extension or alternate sources like F-Droid. Unfortunately, only few developers sell their apps directly.

(first version, changes pending)

Posted in English, Fair

Dropbox on non-supported Linux

When installing Dropbox in a non-supported distro like Mageia, you'l soon encounter the problem, that starting Dropbox upon login to the UI (in this case: KDE) is not that easy.

Once you downloaded the Dropbox-Distribution and installed it as described here, you should also download the CLI-script provided by Dropbox from here. After this, you can use the following script to automatically start Dropbox after login with KDE; is should be in the same directory as the CLI-Script.

#!/bin/bash

DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
if [[ -z "$DROPBOXPY" ]]; then
  DROPBOXPY="$DIR/dropbox.py"
else
  echo "Using preconfigured dropbox.py from $DROPBOXPY."
fi

if [ -f $DROPBOXPY ]; then
  echo "Found $DROPBOXPY. Check if the daemon is running..."
  eval "$DROPBOXPY running"
  RUNNING=$?
  if [ $RUNNING -eq 0 ]; then
    echo "Nope. Start it..."
    eval "$DROPBOXPY start"
  else
    echo "Yes, nothing to do."
  fi
else
  echo "Cannot find / load dropbox.py."
fi

This script does not take any arguments by default, but simply asks the Dropbox' CLI-Script to start the daemon; hence can be run by KDE's Autostart-System:

Picture of Dropbox configured for autostart with KDE

edit: if dropbox.py results in the error

Traceback (most recent call last):
  File "/home/alex/.dropbox-dist/dropbox.py", line 25, in <module>
    import locale
  File "/usr/lib64/python2.7/locale.py", line 18, in <module>
    import operator
ImportError: /home/alex/.dropbox-dist/operator.so: undefined symbol: _PyUnicodeUCS2_AsDefaultEncodedString

you might place both dropbox.py and the starter-script into a different folder than the one created by the Dropbox-installer (which is ~/.dropbox-dist). E.g. use ~/.dropbox for both files, this should do the trick. Dropbox itself uses a custom build of Python, with some not-so-compatible libraries coming along.

Now, once we have installed Dropbox, we might want Dolphin to show the status of files and folders in our Dropbox. Well, there's a Plugin available for download in Dolphin's settings that adds some Dropbox-specific menu entries to the context menu, but it doesn't provide icon overlays. Another plugin written by Thomas Richard, however not available via the wizard, does.

You can download, compile and install the plugin with the following commands (you need CMake installed for this):

git clone git://anongit.kde.org/scratch/trichard/dolphin-box-plugin.git
cd dolphin-box-plugin/
cmake . -DCMAKE_INSTALL_PREFIX=`kde4-config --prefix`
su -c 'make install'

The kde4-config-Part was taken from a commend at the Plugin's "Homepage" and ensures that the plugin get's installed into the right directory. After installing, you have to restart dolphin; after that, you get some pretty cool icons floating above the file and folder icons in your Dolphin indicating the sync-status of your files!

Posted in English, Software

LabView 2012 in Mageia 3

So, nachdem nun LabVewi 6.1 auf SL6 gut läuft, sollte auch 2012 auf meinem aktuellen "Arbeitstier" funktionieren. Mageia basiert auf Mandriva, und ist damit ebenfalls RPM-basiert.

Nach dem man die LabView 2012-Setup im Linux-Unterordner auf der in HFS+ formatierten Mac/Linux-DVD der Academic Site License extrahiert hat, lässt sich Labview selbst nach Auflösung einiger Abhändigkeiten problemlos installieren. Insbesondere

libXinerama kernel-desktop-devel-latest

und Abhängigkeiten müssen auch als 32-Bit Binary vorliegen, wenn LabView auf einem 64-Bit System gestartet wird.

Nach der installation von Labivew wird nach NI-VISA gefragt. Wer lediglich etwas Programmierung üben möchte, kann sich die VISA-Libs sparen. Für die Gerätesteuerung aber sind sie zwingend notwendig; die Installation schlägt auf den ersten Anlauf aber fehl:

******************************** ERROR ****************************************
* The version of gcc in the path does not match the version of gcc used to    *
* compile the currently running kernel.  This can cause unpredictable         *
* behavior in kernel drivers and should be fixed.                             *
* gcc version: gcc-Version 4.7.2 (GCC)                                        *
* kernel compiled with: 4.7.2                                                 *
******************************** ERROR ****************************************

Scheinbar unterscheiden sich die in openSUSE, RHEL und SL verwendet Art und Weise, die GCC-Version im Kernel zu hinterlegen derart von der in Mageia verwendeten, dass der Installer trotz vermeidlich gleicher Kernel-Version fehlschlägt.

Ganz unpraktisch ist das aber nicht, denn vor der Installation der NI-VISA-Treiber muss die (zumindest auf der 2012er) DVD mitgelieferte Version von NI-KAL auf Version 2.4 aktualisiert werden, um mit neueren Kernel-Versionen kompatibel zu sein (siehe Forums-Post der LabView community). Der Download auf ni.com ist ein ISO-Image, das zunächst entpackt werden will.

[user@localhost NIKAL24_new]# ls -Gahl
insgesamt 1,7M
dr-xr-xr-x  2 user 4,0K Okt 28 15:11 ./
drwxrwxr-x 10 user 4,0K Okt 30 08:51 ../
-r-xr-xr-x  1 user  54K Okt 28 15:09 INSTALL*
-r--r--r--  1 user  23K Okt 28 15:05 LICENSE.txt
-r--r--r--  1 user 1,5M Okt 28 15:06 nikal-2.4.0f5.tar.gz
-r--r--r--  1 user  20K Okt 28 15:05 PATENTS.txt
-r--r--r--  1 user 7,3K Okt 28 15:05 README.txt
-r-xr-xr-x  1 user  13K Okt 28 15:05 UNINSTALL

In nikal-2.4.0f5.tar.gz befindet sich das corpus delicti, im Unterordner bin: installerUtility.sh ab Zeile 343:

   # check the version of gcc that is in the path and ensure that it is the
   # same version of gcc that was used to compile the currently running kernel
   if [ -z "$KERNELTARGET" -o "$KERNELTARGET" == "`$UNAME -r`" ]; then
      currentGCCVersion=`$CC -v 2>&1 | tail -n 1 | $SED 's/.*gcc[a-zA-Z (]\+[0-9][^ )]\+.*/\1/'`
      kernelGCCVersion=`$CAT /proc/version | $SED 's/.*gcc[a-zA-Z (]\+[0-9][^ )]\+.*/\1/'`
      if [ "$currentGCCVersion" != "$kernelGCCVersion" ]; then
         if [ "${currentGCCVersion%\.*}" != "${kernelGCCVersion%\.*}" ]; then
            echo "******************************** ERROR ****************************************"
            echo "* The version of gcc in the path does not match the version of gcc used to    *"
            echo "* compile the currently running kernel.  This can cause unpredictable         *"
            echo "* behavior in kernel drivers and should be fixed.                             *"
            echo "* gcc version: $currentGCCVersion                                                          *"
            echo "* kernel compiled with: $kernelGCCVersion                                                 *"
            echo "******************************** ERROR ****************************************"
            return $statusFail
         else
            echo "******************************** WARNING **************************************"
            echo "* The version of gcc in the path does not match the version of gcc used to    *"
            echo "* compile the currently running kernel.  This can cause unpredictable         *"
            echo "* behavior in kernel drivers and should be fixed.                             *"
            echo "* gcc version: $currentGCCVersion                                                          *"
            echo "* kernel compiled with: $kernelGCCVersion                                                 *"
            echo "******************************** WARNING **************************************"
         fi
      fi
   fi

Man können nun die Funktion beider RegEx-Komandos analysieren, oder den relevanten Teil einfach entfernen. Das Archiv wieder packen, und die Installation starten.

Danach kommen die NI-VISA Treiber, die allerdings verwenden nicht nur die installerUtility.sh in ihrem eigenen Archiv, sondern auch eine Kopie davon in

/usr/local/natinst/nikal/bin/installerUtility.sh

Diese darf dann ebenfalls angepasst werden, danach klappt auch die Installation von NI-VISA.

Posted in LabView, Software