I had this problem recently: I was generating automatic VNC passwords via /dev/urandom, and needed to obfuscate them. Stupidly, vncpasswd is only interactive, and I wasn’t in any kind of mood for hacking up the sources. A co-worker kindly pointed me to the solution:

printf “%s\n%s\n” “$PASSWD” “$PASSWD” | vncpasswd /tmp/vncpasswd

In my head, the use of getpass() means this couldn’t work, but it does. It doesn’t appear to be on Google, so I thought I’d mention it. Of course, as all know, the obfuscation done by vncpasswd is entirely pointless, but Xvnc at least will only take such “encrypted” password files.

Since I can’t vote, I may as well trivialise the election by laughing at McCain say things like “Obama’s supporters are saying some pretty nasty things about Western Pennsylvania lately. And you know, I couldn’t agree with them more. I couldn’t disagree with you. I couldn’t agree with you more…”

Doddery old fool.

I've recently been figuring out to build OpenSolaris ISOs (from SVR4 packages). It's surprisingly easy, but at least the IPS part is not well documented, so I thought I'd write up how I do it.

There are three main things you're most likely to want to do: build IPS itself, populate an IPS repository, and build an install ISO based on that repository. First, you'll want a copy of the IPS gate:

hg clone ssh://[email protected]/hg/pkg/gate pkg-gate

For some of my testing, I wanted to test some changed packages. So I mounted a Nevada DVD on /mnt/, then, using mount -F lofs, replaced some of the package directories with ones I'd built previously with my fixes. This effectively gave me a full Nevada DVD with my fixes in, avoiding the horrors of making one. I then cd pkg-gate, and run something like this:

$ cat build-ips
export WS=$1
export REPO=http://localhost:$2
unset http_proxy || true
set -e
echo "START `date`"
cd $WS/src
make install packages
cd $WS/src/util/distro-import
export NONWOS_PKGS="/net/paradise/export/integrate_dock/nv/nv_osol0811/all \
/net/paradise/export/integrate_dock/nv/nv_osol0811/i386"
export WOS_PKGS="/mnt/Solaris_11/Product/"
export PYTHONPATH=$WS/proto/root_i386/usr/lib/python2.4/vendor-packages/
export PATH=$WS/proto/root_i386/usr/bin/:$WS/proto/root_i386/usr/lib:$PATH
nohup pkg.depotd -p $2 -d /var/tmp/$USER/repo &
sleep 5
make -e 99/slim_import
echo "END `date`"
$ ./build-ips `pwd` 10023

In fact, since I was running on an older version Nevada (89, precisely), I had to stop after the make install and change src/pyOpenSSL-0.7/setup.py to pick up OpenSSL from /usr/sfw:

IncludeDirs =  [ '/usr/sfw/include' ]
LibraryDirs =  [ '/usr/sfw/lib' ]

(If /usr/bin/openssl exists, you don't need this). So, after this step, which build the IPS tools (and SVR4 package for it), it moves into the "distro-import" directory. This is really a completely different thing from IPS itself, but for convenience it lives in the IPS gate. Its job is to take a set of SVR4 packages (that is, the old Solaris package format) and upload them to a given IPS network repository: in this case, http://localhost:10023.

So, making sure we use the IPS tools we just built, we point a couple of environment variables to the package locations. "WOS" stands for, charmingly, "Wad Of Stuff", and in this context means "packages delivered to Solaris Nevada". There's also some extra packages used for OpenSolaris, listed here as NONWOS_PKGS. I'm not sure where external people can get them from, though.

The core of distro-import is the solaris.py script, which does the job of transliterating from SVR4-speak into pkgsend(1)-speak. As well as a straight translation, though, a small number of customisations to the existing packages are also made to account for OpenSolaris differences. These are done by dropping the original file contents and picking them up from an ad-hoc SUNWfixes SVR4 package built in the same directory.

Of course, each build has its differences, so they're separated out into sub-directories. As you can see above, to run the import, we make a 99/slim_import target. This basically runs solaris.py for every package listed in the file 99/slim_custer. This list is more or less what makes up the contents of the live CD. Also of interest is the redist_import target, which builds every package available (see http://pkg.opensolaris.org). By the way, watch out for distro-import/README: it's not quite up to date.

Another super useful environment variable is JUST_THESE_PKGS: this will only build and import the packages listed. Very useful if you're tweaking a package and don't want to re-import the whole cluster!

At the end of this build, we now have a populated IPS repository living at http://localhost:10023. If we already have an installed OpenSolaris, we could easily use this to install individual new packages, or do an image update (where ipshost is the remote name of your build machine):

# pkg set-authority -P -O http://ipshost:10023 myipsrepo
# pkg install SUNWmynewpackage # or...
# pkg image-update

If we want to test installer or live CD changes, though, we'll need to build an ISO. I did this for the first time today, and it's fall-over easy. First you need an OpenSolaris build machine, and type:

# pkg install SUNWdistro-const

Modify slim_cd.xml to point to your repository, as described here. It's not immediately obvious, but you can specify your URL as http://ipshost:10023 if you're not using the standard port, like me. Then:

# distro_const build ./slim_cd.xml

And that's it: you'll have a fully-working OpenSolaris ISO in /export/dc_output/ (I understand it's a different location after build 99, though). I never knew building an install ISO could be so simple!

Tags: OpenSolaris

They’ve finally invented wireless power.

Vote obstruction may yet decide the outcome of the US election. Scary.

Why aren’t there any headache tablets in the jungle? Because of the continuing policy of price-fixing cartels within the pharmaceutical industry, making it nigh on impossible for decent standards of helathcare to operate in the developing world.

More.

After Habitat stupidly stopped selling the storage I was using for my records, I finally found
something suitable for the size of my flat:

These are i-cubes. Not the most beautiful storage in the world, but I have expansion room again!

I’ve never paid anything like this kind of attention to US politics before, and I’m most certainly not alone. Everyone here in the UK is talking about it. It’s not just the hatred engendered across the world as a result of the Bush years that’s causing this though. I think it’s mostly a combination of the huge gulf between the presidential candidates this time around, plus the pantomime nature of the Palin-McCain campaign.

Last time the UK faced a choice as stark as the US faces, I was a toddler, and not quite precocious enough to have an opinion. I’m sure I don’t need to mention that everyone in the UK are Obama supporters - we’ve decided already to vote for Obama come November, and technicalities be damned.

Watching the debates and news clips of the candidates has been completely unreal, from both sides. It’s bizarre seeing Obama talking about “crushing” and “killing” terrorists as if it’s perfectly normal liberal terminology. Over here that kind of language belongs to the far right. Compare it with Blair (who need I remind you is rather hawkish): "There is no meeting of minds, no point of understanding with such terror. Just a choice: Defeat it or be defeated by it. And defeat it we must."

It’s also been entertaining watching Palin stumble along in her attempt to pretend she has any idea what’s going on. “First Dude” is an amusing phrase, but it’s still amazing she actually uses it herself. Her “expertise” on energy appears to amount to saying “drill baby drill” a lot. Somehow her ridiculous attempt to debate via the language of winking is considered a success. Whuh?

God knows the level of debate in UK politics is woeful, but you’d never get anything like this kind of pantomime. You’d never get ridiculous smears like the Ayers thing, Brown’s wife’s speech or not.

The UK did elect a London mayor entirely on the basis of his hair, though. Maybe that’s the real problem with the US election at the moment: it really can’t be decided easily on haircut.

I finally conceded and set up mutt at work to be able to read HTML email. Perhaps it’s time to move into management.

What the hell are they thinking? These awful popups have actually genuinely achieved
a new low: even pop-unders and nefarious crap like that have an obvious way to dismiss the advert.
Apparently it’s also OK to just plaster them all over the content so you can’t even see it.

You go to the arrow at the bottom right and click “Turn Off Annotations”. These are Annotations
in the “Ministry Of Love” sense. Oh, you have to do that for every video by the way. Unlike the
volume control, which of course persists across all videos.

Obviously, YouTube want you to hate them.