Apache module_webdav 0600 file mask problem (Ubuntu Lucid)

I’m using WebDAV as our central access point for the users web homes. The running apache is an MPM-ITK. This Version of the apche server uses a special Multi-Processing Module which allows to run each vhost under a separate uid and gid…, cool :-). So you can have quotas and all the other user related stuff in your vhosts.

I forgot the OS is a Ubuntu Lucid LTS, just for info.

A few days ago colleagues told me that the have problems to read/execute files via normal HTTP access which they have uploaded before. A quick look via SSH turned out that the newly created files had all 0600 rights. Because of that the access user/group schema is XYuser/www-data the web server couldn’t access the files anymore.

Hmm, shit, this shouldn’t happen here. So as a brave Linux user, i added umask 022 to the apache environment variable. But,.. what the hell, the files are always created with 0600. ….Oook this will not be a 5min job.

After an hour digging around with google it turns out that this is bug (link) in the recent WebSVN module used by the Lucid distro.

To fix this i downloaded from Debian testing the apache2.2-bin deflated it and copied the corresponding DAV modules to my server. … FIXED 🙂

Remember that taking packages from Debian or another Ubuntu distro is only a temporary solution! 🙂

Have fun

IPhone programming part I

Yes it happened, I have started to program the iStuff!

The initial burn came from one of my fellow workers who wants to have a mobile application based information system for our campus.

As of now iPhone/iPad programming will also become one of our course topics @Medical Information Technology 🙂

First Step, get the tools.

What do you need for developing:

First of all you need a  Mac OSX . (Snow Leopard preferably). The rumor says there is a chance to get it run under VMware, well, see for your self and read the apple OS license stuff 🙂

The next step is to get an IDE to program your applications. The IDE for programming iStuff is named XCode. XCode offers you all the needed tools to configure, manage, code, compile, debug, simulate and upload your applications to a device.

OK, but where do you get the goodies? Although XCode is free of charge you can not download it on the fly. Yes, you work with apple stuff and apple thinks different. Before you can download your development utils you have to register a developer account at apple. Go ahead -> iPhone Deveoper Center.

You can choose between 5 developer programs -> developer programs comparison link.

As you can see from the comparison chart you have to pay if you want to deploy your application to a physical device.

But we are lucky, for our first steps on iPhone developing we do not really need a hardware. XCode comes with an iPhone simulator. To write and run apps on the simulator you only have to be registered as developer! A registered developer can download the IDE but he cannot create certificates nor provisioning profiles. – But who wants that, … yet 🙂

OK, now we are a registered iPhone Dev., have installed our Xcode IDE + SDK, what next?… Next we have to learn Objective-C (ObjC). what…… C … no problem.

How to write your first application with ObjC and what are the essential parts in the iPhone SDK will be discussed in Part II. stay tuned,…

Have fun!

AVR Linux Toolchain gcc 4.4.4

Over the weekend I had time to build a new AVR toolchain with the latest 4.4.x gcc.

Linux AVR Toolchain:

  • C,C++ support added (22.08.2010)
  • gcc 4.4.4 (xmega support)
    • gmp 5.0.1
    • mpfr 3.0.0
      • latest cumulative patchset see
  • binutils 2.20.1
    • avr patchset: size, new devices, xmega and new sections
  • AVR Libc 1.7.0
  • gdb 7.1

Toolchain download size 93M.

Have fun!

Please give me some feedback if you use this chain. 🙂

umulative

Little Linux server tuning, blacklist not needed modules

For my VM Linux Severs I’m using following kernel module blacklist:

 blacklist mii
 blacklist serio_raw
 blacklist pcspkr
 blacklist psmouse
 blacklist lp
 blacklist parport
 blacklist snd
 blacklist soundcore
 blacklist snd_via82xx
 blacklist gameport
 blacklist snd_ac97_codec
 blacklist parport_pc

Don’t forget to call update-initramfs -u after altering the blacklist.conf !

Do only blacklist the mii module if you have the vmxnet module up and running !!

have fun 🙂

VMware – force the load of the vmxnet module

I noticed that on our virtual environments (VMware ESX) based on  GNU/Linux (mostly Debian or Ubuntu distros ) the vmxnet modul is not used or not correctly loaded. Because of  lsmod shows also a loaded pcnet32 module which uses mii.

I added follwing script snippet to the /etc/init.d/open-vm-tools

 log_progress_msg "vmhgfs"; modprobe vmhgfs
 log_progress_msg "vmsync"; modprobe vmsync
 log_progress_msg "vmxnet - stoping network"; /etc/init.d/networking stop
 log_end_msg 0
 log_progress_msg "vmxnet - removing pcnet32"; rmmod pcnet32
 log_end_msg 0
 log_progress_msg "vmxnet - removing vmxnet"; rmmod vmxnet
 log_end_msg 0
 log_progress_msg "vmxnet - loading vmxnet "; modprobe vmxnet
 log_end_msg 0
 log_progress_msg "vmxnet - starting network";/etc/init.d/networking start
 log_end_msg 0

Check the dmesg out for:

[ 42.273810] vmxnet 0000:00:11.0: PCI INT A disabled
[ 51.808321] VMware vmxnet virtual NIC driver
[ 51.808422] vmxnet 0000:00:11.0: PCI INT A -> GSI 18 (level, low) -> IRQ 18
[ 51.815601] Found vmxnet/PCI at 0x1424, irq 18.
[ 51.816793] features: ipCsum zeroCopy partialHeaderCopy
[ 51.820787] numRxBuffers = 100, numRxBuffers2 = 1
[ 62.762575] eth0: no IPv6 routers present

This addon to the startup script removes the pcnet32 and vmxnet32 modules and loads explicit vmxnet. 🙂
Take care if you get an symbol not found error while loading the vmghfs module. If so you have to uncomment the loading of this module.

Have fun.

Waterstorm, Crimson Tide@home

A few years ago my friend and fellow worker Markus Prossegger and myself had the chance to contribute to an innovative computer game called waterstorm. Waterstorm was forged by a young innovative company named Rarebyte which was founded some years ago by a young team of Telematic/Network Engineering graduates.

The game belongs to the 2D multiplayer shooter genre. It is entirely written in java, They decided to use lwjgl for the game engine and FengGUI for the Graphic User Interfaces.

Our part was to implement the Bot System considering the intelligent bahavior of the bots as well as an automatic path finding, which is Markus’ hobbyhorse. To make it short – if you ever want to know how a navigation system finds the right route, ask Markus, he will explain it to you in detail 🙂

Markus will shoot me 🙂 but in the next few sentences i will try to describe what kind of algorithm we decided to use.

Little change of the master plan, Markus misplaced his gun, so he will explain it to you 🙂 ….

Markus its your turn.

First of all we had to decide, what the overall game behavior of the bots should be. We wanted them to act like a human player: (a) select a target, (b) find the best way to the target, (c) attack it or (d) flee to some power ups in case of low ammo or low health. The task of (a), (c) and (d) is simple: if the bot has enough ammo, than attack the closest enemy (could be another bot as well). If the ammo or the health is low, than select one of the power ups as the target. The task (b) is the more sophisticated part of the Bot System – the bot has to find a shortest path towards the target (the enemy or the power up). There are a lot of well-known shortest path algorithms out there, that will handle the task.

But there are some points that have to be considered: the path must not be predictable by a human player (so simple „follow-the-shortest-path“ won’t work) and the server has a limited capacity (there are a number of bots in the game, so the algorithm has to be designed very resource-conserving).

So we decided to use one of the shortest path algorithms, that uses a heuristics to search the space to efficiently reduce the time needed and to „manipulate“ the outcome of the algorithm: the path. We have picked the IDA* (IDAstar), which is a variant of the A* algorithm and allows to perform a series of independent depth-first searches, each with the cost bound increased by a minimal amount. This leads to two ways, to manipulate the resulting path between the bot and its target. First the estimation value (used in the heuristic search) can be blurred by a random value and second the number of iterations can be limited. Both together leads to an unpredictable path as well as speeding up the time needed for the path calculation.

It’s fun to play against the bots – just try it for free at www.waterstorm-game.com

There is always another one who did the job

A few months ago me and my colleagues wrote a project proposal for an internal project call/funding. Our goal was to evaluate the possibility of using small drones, in our case we want to use Quadrocopters, for catastrophe management. Our drones should be used as communication relays, disaster reconnaissance, air gas analysis…

Since a few of us are active members in certain Quadrocopter OpenSource community projects, we have also a basic knowledge about this type of drones.

But sadly we didn’t got the fundings 🙁  just a matter of politics,…….

But as I wrote in my caption There is always another one who did the job in our case the guys from the TU Ilmenau.

[youtube whogQY0h8Sc]

If you would like to read the whole article refer to spiegeltv.de link. (German only)

OpenKM our new Document Management System, nice…..

For months I was searching for a system capable to track and store out internal documents. I tested several systems like alfresco, opendocman,…..

In the end I decided to give OpenKM a try.

OpenKM runs on a JBoss application server, so you are bound to Java.  They use Jackrabbit for their hierarchical content storage.  The frontend is realized with GWT (Google Web Tollkit).

For a full feature list click here.

OpenKM install hints:

I installed OpenKM on a recent Debian 6.0

Getting .pdf, .docx, .xlsx preview running:

First you need to install OpenOffice. Make sure you install …-math, …-writer, … -draw, …-calc packages.

OpenOffice hast to bee run in headless mode. I use following startup script:

#!/bin/sh
### BEGIN INIT INFO
# Provides:        OpenOffice Headless
# Required-Start:    
# Required-Stop:    
# Default-Start:    2 3 5
# Default-Stop:        
# Short-Description:    OpenOffice Headless
### END INIT INFO

PIDFILE=/var/run/openoffice-server.pid

case "$1" in
'start')
 if [ -f $PIDFILE ]; then
 echo "OpenOffice headless server has already started."
 sleep 5
 exit
 fi
 echo "Starting OpenOffice headless server"
 soffice "-accept=socket,host=localhost,port=8100;urp;StarOffice.ServiceManager" -nologo -headless -nofirststartwizard & > /dev/null 2>&1
 touch $PIDFILE
 ;;
'stop')
 if [ -f $PIDFILE ]; then
 echo "Stopping OpenOffice headless server."
 killall -9 soffice && killall -9 soffice.bin
 rm -f $PIDFILE
 exit
 fi
 echo "Openoffice headless server is not running."
 exit
 ;;
*)
 echo "Usage: $0 { start | stop }"
 ;;
esac
exit 0

To get the preview stuff working you need also pdf2swf. Check your /bin directory there should be a pdf2swf executable or if you prefer you could take the swftool package from ubuntu.

The last step to get the previewer feature running is to set the corresponding config. flags at the OpenKm.cfg file.

  • system.openoffice=on
  • system.pdf2swf=/usr/bin/pdf2swf

Mail Notification configuration:

Mail notification is straight forward. Go to /opt/OpenKM-4.1_JBoss-4.2.3.GA/server/default/deploy/mail-service.xml . Edit the section to your needs.

If you face the problem that the links in your notification mails are pointing to localhost, you can alter the application.url flag in your OpenKM.cfg.

  • application.url={yourURL}:{yourPort}/OpenKM/es.git.openkm.frontend.Main/index.jsp

Changing from port 8080 -> 80

GoTo /opt/OpenKM-4.1_JBoss-4.2.3.GA/server/default/deploy/jboss-web.deployer/server.xml and edit

Change the port field to 80.

Securing your JBoss

One last thing needs to be done :-). Security! Holy Moly… what… yep.. Jboss runs out of the box like an open barn door. So a good idea would be to secure the jmx-console and web-console stuff. Because of that the jmx-console and web-console are standard servlets you can protect them very easily via enabling the security-constraint.

Securing the jmx-console:

1. Edit \server\default\deploy\jmx-console.war\WEB-INF\web.xml and uncomment the security-constraint section:

<!-- A security constraint that restricts access to the HTML JMX console
 to users with the role JBossAdmin. Edit the roles to what you want and
 uncomment the WEB-INF/jboss-web.xml/security-domain element to enable
 secured access to the HTML JMX console.-->
 <security-constraint>
 <web-resource-collection>
 <web-resource-name>HtmlAdaptor</web-resource-name>
 <description>An example security config that only allows users with the
 role JBossAdmin to access the HTML JMX console web application
 </description>
 <url-pattern>/*</url-pattern>
 <http-method>GET</http-method>
 <http-method>POST</http-method>
 </web-resource-collection>
 <auth-constraint>
 <role-name>JBossAdmin</role-name>
 </auth-constraint>
 </security-constraint>

 <login-config>
 <auth-method>BASIC</auth-method>
 <realm-name>JBoss JMX Console</realm-name>
 </login-config>

 <security-role>
 <role-name>JBossAdmin</role-name>
 </security-role>
</web-app>

2. Edit \server\default\deploy\jmx-console.war\WEB-INF\jboss-web.xml. Uncomment the following section:

 <jboss-web>
 <!-- Uncomment the security-domain to enable security. You will
 need to edit the htmladaptor login configuration to setup the
 login modules used to authentication users.-->
 <security-domain>java:/jaas/jmx-console</security-domain>

</jboss-web>

3. Edit \server\default\conf\props\jmx-console-roles.properties file

4. Edit \server\default\conf\props\jmx-console-users.properties file

5. Edit \server\default\conf\login-config.xml edit following section

 props/web-console-users.properties
 props/web-console-roles.properties

6. under \server\default\conf\props\ copy and rename the two jmx-console-xx to web-console-xx.

Automatically start OpenKM (Jboss) via init scripts:

If you want to start your OpenKM automatically at boot time you can use this init script:

#!/bin/sh
# /etc/init.d/jbossokm: Start and stop JBoss Application Service
### BEGIN INIT INFO
# Provides:        OpenKM
# Required-Start:    
# Required-Stop:    
# Default-Start:    2 3 5
# Default-Stop:        
# Short-Description:    OpenKM
### END INIT INFO

ECHO=/bin/echo
TEST=/usr/bin/test
JBOSS_START_SCRIPT=/opt/OpenKM-4.1_JBoss-4.2.3.GA/bin/run.sh
JBOSS_STOP_SCRIPT=/opt/OpenKM-4.1_JBoss-4.2.3.GA/bin/shutdown.sh

$TEST -x $JBOSS_START_SCRIPT || exit 0
$TEST -x $JBOSS_STOP_SCRIPT || exit 0

start() (
 $ECHO "Starting JBoss OKM."
 rm -rf /path/to/server/default/tmp
 rm -rf /path/to/server/default/work
 rm -rf /path/to/server/default/log
 su -l -c "$JBOSS_START_SCRIPT -b 0.0.0.0 > /dev/null 2> /dev/null &"
 $ECHO "Done."
 )

stop () (
 $ECHO "Stopping JBoss OKM. "
 su -l -c "$JBOSS_STOP_SCRIPT -S > /dev/null &"
 sleep 10
 $ECHO "Done."
)

case "$1" in
 start )
 start
 ;;
 stop )
 stop
 ;;
 restart )
 stop
 sleep 30
 start
 ;;
 * )
 $ECHO "Usage: jbossokm {start|stop|restart}"
 exit 1
 esac
 exit 0

Shutdown problems (network unreachable exception)

If you get an exception at shutdown or your shutdown script does not kill your JBoss then you could check sysctl-setting under /etc/sysctl.d/bindv6only.conf.

Make sure that the net.ipv6.bindv6only=0. !

If you would like to show your appreciation consider to support the guys from OpenKM with a donation 🙂

See PayPal subscription link at the bottom of the page

 


Eclipse 3.6M7 update site not found fix

After installing the new Eclipse 3.6M7 Stream Stable Build I could not connect to any update site nor to another project site.

After some investigation I found out that there must be something wrong with the used IP protocol stack. Eclipse seems to use IP4

So if you start eclipse with

./eclipse -vmargs -Djava.net.preferIPv4Stack=true

eclipse should be able to reach your update sites.

A small update to my Post:

I just found out that the real problem is a new  sysctl-setting under /etc/sysctl.d/bindv6only.conf. LOL

Check the net.ipv6.bindv6only item this should be 0 (null).

After changing reset the sys kernel variabels with:

sudo invoke-rc.d procps restart

have fun

Fun with OpenEMM installation

A few days ago  a colleague asked me if I could install a Newsletter System for him on one of our servers. He decided to use OpenEMM 6.1.

OpenEMM is a feature-rich enterprise software for e-mail marketing, newsletters and service mails (transaction mails and event or time triggered mails). OpenEMM offers sophisticated bounce management, link tracking, lots of realtime statistics, a CMS module and a scripting feature to implement individual tasks…….  cool 🙂

Installation goes by hand, cause sadly there are no deps.

However – after a bit of googling I found a wiki which descriptives the installation process for the common linux distros.

As a brave installation instruction follower I went through the installation step by step.

In the end there was only one task left to start the application server resin and login in for the first time.

And the fun starts 🙂

Instead of a shiny login screen I got….

An error occurred

javax.servlet.ServletException:  org.springframework.jdbc.UncategorizedSQLException: Hibernate  operation: Cannot open connection; uncategorized SQLException for SQL  [???]; SQL state [null]; error code [0]; Cannot create  PoolableConnectionFactory (Communications link failure  The last packet sent successfully to the server was 0 milliseconds ago.  The driver has not received any packets from the server.); nested  exception is org.apache.commons.dbcp.SQLNestedException: Cannot create  PoolableConnectionFactory (Communications link failure  The last packet sent successfully to the server was 0 milliseconds ago.  The driver has not received any packets from the server.)

hmmm, so what is jdbc trying us to say?

So I checked the stack trace:

Caused by: java.net.ConnectException: Connection refused
 at java.net.PlainSocketImpl.socketConnect(Native Method)
 at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
 at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
 at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
 at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
 at java.net.Socket.connect(Socket.java:529)
 at java.net.Socket.connect(Socket.java:478)
 at java.net.Socket.(Socket.java:375)
 at java.net.Socket.(Socket.java:218)
 at com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:256)
 at com.mysql.jdbc.MysqlIO.(MysqlIO.java:293)
 ... 57 more

“Connection refused” what the hell…. ok, database credentials are ok, openemm and openemm_cms schema are created. The MySQL error log says nothing? I’m able to connect to the schemas via mysql client ……. oh mannn, it turned out that I’m not the only one with this problem, lol, but all forum posts I could find so far offered no solution for my problem.

Then after half a day more or less searching for a solution I found a post where someone is talking about to check the MySQL “bind-address” parameter.  Checking my.cnf  turns out that the address binding was set to the external address of the server, lol what…, who changed that???

Quickly changed the address-binding back to “localh0st” restarted OpenEMM and requested the logging screen. Unsurprisingly the HTML error stays the same but,…. the stack trace changed…yeahhhh.

Now the trace shows:

Caused by: java.io.EOFException: Can not read response from server. Expected to read 4 bytes, read 0 bytes before connection was unexpectedly lost.
 at com.mysql.jdbc.MysqlIO.readFully(MysqlIO.java:2497)
 at com.mysql.jdbc.MysqlIO.readPacket(MysqlIO.java:599)
 ... 72 more

Humpf,…… firing on google. I interpreted this message that jdbc could successfully establish a connection to the database and than for some reason the connection was closed from the db side.

A few hours later checking a lot posts concerning this problem I found a small side node in a post that it make sense to check the host.allow entrys.

Added ….

mysqld : localhost : allow

and ….. it works yeahhhhhh 🙂

Brushless DC (BLCD) Motor Test-Stand focused for Drone environments

If you have ever worked in an academic environment you might know that there are students and then there are STUDENTS :-). I mean these kind of students who are really interested into the project and incorporate their own ideas, one of the rare varieties…..  A year ago one of this rare varieties volunteered for one of my projects…. yeah

The goal was to build a BLCD Motor Test-Stand to measure how electric current and buoyancy are changing on several different motor propeller combinations. The motor/props tests are mainly focused for usage with Quadrocopter like vehicles. Furthermore Amir (Godfather of Quadrocopters)
came up with the idea to measure the Tau63 for the PT1 transmission behavior.

The software part is entirely written in G (LabVIEW).  For data acquisition we used the NI PCI-6024E interfaced via DAQmx.

With DAQmx you can set up your measurement hardware very easily (see next snippet).

Measured signals are:

Sampling rate = 10kHz

  • BLC- Ctrl. Phase 1
  • BLC- Ctrl. Phase 2
  • BLC- Ctrl. Phase 3
  • motor speed with optical sensor
  • power input
  • command acknowledge from  BLDC-Controller
  • voltage supply

For the measure of the buoyancy force we use a weighing machine 🙂 (see gallery)

To measure the motor/prop. speed we used two different measuring methods.

1. Laser module  and a photodiode:

As you could see in the circuit diagram it is very high sophisticated 🙂

2. Via  Back EMF (back electromotive force)

Back EMF is the voltage that pushes against the current which induces it. This voltage can be used to measure the motor speed.

Some Results for the electric current versus buoyancy measurements:

auftrieb-zu-leistung-hacker-a20-22l

Image 1 of 6

Some Results for the Tau63 measurements:

sprungantwort-50g-hacker-a20-22l

Image 1 of 12

Last but not least, Ladies and Gentleman let me introduce you the Test-Stand itself 🙂