Create a rhodecode gist directly from CLI

With your rhodecode installation comes a nice gist tool that allows you to share and edit code snippets (just like the well known gist from github). Less known but very very handy is its client-side counterpart, aka the rhodecode-gist command that allows you to pipe the output of any shell script directly into a new gist, easing things like:
cat myscript.py|rhodecode-gist --private
for quick sharing, or
$buggy_command|rhodecode-gist
for sharing a trace with developers.

Installing rhodecode-gist

Sadly, rhodecode-gist is bundled with rhodecode-tools that isn’t (yet) available on pypi. Instead you’ll have to fetch it from the official website:
pip install https://code.rhodecode.com/rhodecode-tools/archive/stable.zip

Configuring rhodecode-gist

Server-side

You need to generate an API Key, just login to your rhodecode account, User → My account → API keys
Copy the new API Key.

Client-side

Simply run
rhodecode-gist --apikey={above key} --apihost=http://{url to your RC installation} --save-config

And that’s all, now you can use the above commands! As optional parameters, you can also specify the gist visibility (public/private), set a filename/description and specify the lifetime, the command should return a json string containing your brand new gist URL.

Donate Dogecoins: DJi4fgSMxcq5vRjytvCEq9A1TVsDZevd7c Whats This?

Dogecoin Tips

Hi all!
I just enabled a plugin allowing easy donations using the (many wow) dogecoin crypto currency,
if you wanna tip me for the content of this blog, feel free to give away your such awesome DOGEs at DJi4fgSMxcq5vRjytvCEq9A1TVsDZevd7c !

To the moon!

To the moon!

Very Thanks!

Donate Dogecoins: DJi4fgSMxcq5vRjytvCEq9A1TVsDZevd7c Whats This?

Fedora 20, How I got by my RPM breakage of the day

It’s not that common that RPM breaks its database, but it already happened to me twice since f20 released.

Last time, and because I was in a hurry, I finished by simply reinstalling my system, but today I think I got through enough WTF to post something about it.

It started with the usual message of a yum no longer able to install anything, and a notice about corruption and the advise of rebuilding the package database.

That’s what I did, with rpm --rebuilddb but that lead to a brand new error message… so was my first time it broke that bad. rpmdb --rebuilddb didn’t do any better so I finished with this very old (and bad) advise which consists of removing the databases files themselves. After that, the above –rebuilddb commands worked well, but:

  • Yum was by then unable to connect to any mirror, because it was unable to parse the $releasever tag for its queries,
  • yum check was reporting about 2500 packages with missing dependencies (!!!)

I found the first issue very irritating, because despite of the database problem that was finally gone, I was now hit by a bug from nowhere preventing me from fetching the packages I could require for fixing my stuff…
But hopefully this can be worked around by passing the –releasever=20 parameter to any yum command.

So now, what do when yum puts $releasever in the URLs of the mirrors it tries to connect with? Simply install the fedora-release package that provides the missing redhat-release.

But this sadly doesn’t fix the 2500+ “has missing requires” errors returned by yum check. Before moving away the rpmdb files, I did a rpm -qa > pkglist.txt just inc case… So what about a yum $(cat pkglist.txt) then? Sadly it didn’t work, with yum answering all packages are already installed… (Hu! ô.O) So I ended with the above snippet (source):

yum check dependencies \
| grep 'has missing requires' \
| sed 's/.\+has missing requires of //' \
| sed 's/ [=<>].\+//' \
| while read dep; do yum -y install "$dep"; done

This will run yum install as many times as there is a missing dep, so it will literally kill your yum history and very likely run much more commands than required. I’d rather suggest a:

yum check dependencies \
| grep 'has missing requires' \
| sed 's/.\+has missing requires of //' \
| sed 's/ [=<>].\+//' > yumrescue.list

in combination with a yum install $(cat yumrescue.list)

Hope it helps.

Donate Dogecoins: DJi4fgSMxcq5vRjytvCEq9A1TVsDZevd7c Whats This?

rom1dep

October 2, 2013

Hi, I just did some server-wide tweaks regarding cache management and php config, loading times should be way faster now.

Donate Dogecoins: DJi4fgSMxcq5vRjytvCEq9A1TVsDZevd7c Whats This?

Major update

Hi !

today wasn’t an easy sysadmin day : I switched host, moved from a virtual private server at ikoula to a dedicated one at OVH, I migrated all my services (finally !), and made a complete rewrite of all the apache config in order to handle more efficiently multiple DNs since I’m going to share this server.
That’s why this blog looks so shiny white, the new default wordpress theme isn’t that bad :) , and I might well keep it as a basis for further typo-tuning.

See you around !

Donate Dogecoins: DJi4fgSMxcq5vRjytvCEq9A1TVsDZevd7c Whats This?

Howto : (Clean) Install of a Samsung SPL laser printer under GNU/Linux (without the whole “unified linux driver”)

Printing under GNU/Linux has turned very easy I the last years, by combining an improved compatibility with the even most recent hardware and polished user interfaces to let any user get in with it’s printing server configuration. Well, most of the time there is an opensource driver for your printer, and making it work is then as easy as plugin the USB chord and waiting a tenth of seconds for a green popup to tell you that everything is clean and working… Most of the time.

Towards Samsung, at least for the laser printer I own (a SCX-3200), there is no such an easy install process, because of no tested opensource driver. Configuring your printer will likely drives you to your product’s support page (fr), and maybe will you finish installing the so called “Samsung Unified Linux printing drivers”, what is bad, very bad. This bundle comes with a brunch of middleware you’re likely not to want on your computer (because you may only want to use an USB/network printer). This script also installs it’s own Qt libraries for nothing more than a GUI that is totally redundant with your distrib’ system tools. As of system services and OS’ integration, I doubt those 2011 scripts are aware of the last changes in systemd, selinux, … anyway.

This post will describe how you can make your Samsung printer work as good as on any other platform (using Samsung’s proprietary driver), but without requiring you to install all the burden of the “Unified Linux Driver”.

Step 1: Download and unpack the needed files

http://downloadcenter.samsung.com/content/DR/201110/20111006104050600/UnifiedLinuxDriver_0.93.tar.gz

This link is working at the date of writing and will download the 0.93 drivers. You can get a link by your own by visiting your printer’s support page at samsung.com .

Step 2: Install the ppd file for your printer

Once unpacked, you can plug your printer and turn it on. Whatever your distrib, the wizard will fail finding a working driver but will allow you to specify a ppd file. The path to them is :

<extract_path>/cdroot/Linux/noarch/at_opt/share/ppd/

You just have to pick the good one (scx3200.ppd in my case).

Step 3: Install rastertosamsungspl

PPD files aren’t enough, the Samsung driver mostly consists on a tool that rasters the content you want to print to the Samsung Printing Language (SPL). This binary file is to be found under:

<extract_path>/cdroot/Linux/<your_arch>/at_root/usr/lib<arch>/cups/filter/

You need to copy this file to your cups filters folder :

/usr/lib/cups/filter/rastertosamsungspl

Step 4: Configure SELinux to allow rastertosamsungspl to be run

If you try printing something, this kind of message will appear in dmesg :

Jan 20 13:09:53 NetAce setroubleshoot: SELinux is preventing /usr/sbin/cupsd from execute access on the file rastertosamsungspl. For complete SELinux messages. run sealert -l 81360021-b4dd-4f5d-9f78-760346329e48
sealert -l 81360021-b4dd-4f5d-9f78-760346329e48
 *SELinux is preventing /usr/sbin/cupsd from execute access on the file rastertosamsungspl.
*****  Plugin catchall (100. confidence) suggests  ***************************
If vous pensez que cupsd devrait être autorisé à accéder execute sur rastertosamsungspl file par défaut.
 Then vous devriez rapporter ceci en tant qu'anomalie.
 Vous pouvez générer un module de stratégie local pour autoriser cet accès.
 Do
 autoriser cet accès pour le moment en exécutant :
 # grep cupsd /var/log/audit/audit.log | audit2allow -M mypol
 # semodule -i mypol.pp
Additional Information:
 Source Context                system_u:system_r:cupsd_t:s0-s0:c0.c1023
 Target Context                unconfined_u:object_r:user_home_t:s0
 Target Objects                rastertosamsungspl [ file ]
 Source                        cupsd
 Source Path                   /usr/sbin/cupsd
 Port                          <Unknown>
 Host                          localhost.localdomain
 Source RPM Packages           cups-1.5.4-20.fc18.x86_64
 Target RPM Packages
 Policy RPM                    selinux-policy-3.11.1-71.fc18.noarch
 Selinux Enabled               True
 Policy Type                   targeted
 Enforcing Mode                Enforcing
 Host Name                     localhost.localdomain
 Platform                      Linux localhost.localdomain 3.7.2-204.fc18.x86_64
 #1 SMP Wed Jan 16 16:22:52 UTC 2013 x86_64 x86_64
 Alert Count                   3
 First Seen                    2013-01-20 04:52:54 CET
 Last Seen                     2013-01-20 13:09:52 CET
 Local ID                      81360021-b4dd-4f5d-9f78-760346329e48
Raw Audit Messages
 type=AVC msg=audit(1358683792.720:1284): avc:  denied  { execute } for  pid=873 comm="cupsd" name="rastertosamsungspl" dev="sda5" ino=1444799 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file
type=SYSCALL msg=audit(1358683792.720:1284): arch=x86_64 syscall=execve success=no exit=EACCES a0=7fffcaff5d00 a1=7f7acb65ec90 a2=7fffcaff4930 a3=7fffcaff3b30 items=0 ppid=31168 pid=873 auid=4294967295 uid=4 gid=7 euid=4 suid=4 fsuid=4 egid=7 sgid=7 fsgid=7 ses=4294967295 tty=(none) comm=cupsd exe=/usr/sbin/cupsd subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 key=(null)
Hash: cupsd,cupsd_t,user_home_t,file,execute
audit2allow
#============= cupsd_t ==============
 allow cupsd_t user_home_t:file execute;
audit2allow -R
#============= cupsd_t ==============
 allow cupsd_t user_home_t:file execute;

As explained (in french, sorry…) you can fix it by simply running:

$ grep cupsd /var/log/audit/audit.log | audit2allow -M mypol
semodule -i mypol.pp

And then :

$ /sbin/restorecon -v /usr/lib/cups/filter/rastertosamsungspl

Now your printer should work as expected, without the definitely annoying and useless “Unified Linux Driver” stuff.

Donate Dogecoins: DJi4fgSMxcq5vRjytvCEq9A1TVsDZevd7c Whats This?

Fedora 18 install cheatsheet

As a devoted fedora user, you might be either very happy, bored or sometimes scared to see that every 6 months (or so… f18 should have turned gold two months ago :D ) your favorite GNU/Linux distrib is getting a new major upgrade. Most people prefer upgrading through the package manager (using preupgrade, or since this release, fedup), but this is not my case. I personally prefer sticking with a fresh system instead of counting on the developers not forgetting any use case/upgrade scenario (what in the case of fedora, the cutting-edge distrib, is likely impossible) and not dealing with irrelevant and annoying bugs.

Well, as you might have guessed, this blogpost wont be a tutorial on how to upgrade from f17 to f18, nor it won’t explain to the new comer how to setup a working fedora, step by step through the redesigned anaconda installer. This post is all about feeling at home as a confirmed user even after such an important upgrade full of new functionalities.

> Steps I do before install

There is no much I do before a major upgrade:

Backup everything in your ~

(useless until you’re happy you did it)

Export my package list

$ rpm -qa|sort > ~/upgrade/pkglist.txt

does the trick quite well

Save my yum repo files

$ cp /etc/yum.repos.d/* ~/upgrade/yum.repos.d/

> Steps you might want to do once Fedora is installed

Install rpmfusion

go to http://rpmfusion.org/ , don’t forget to import gpg keys too

Update your system

Don’t wait to do a

$ yum update

Make your yum wiser

Yum plugins I use :

  • yum-plugin-fastestmirror
  • yum-plugin-rpm-warm-cache
  • yum-plugin-remove-with-leaves
  • yum-plugin-show-leaves

Those helps to keep your system free of useless (orphaned) packages and accelerates downloading of packages.

Yum settings

from /etc/yum.conf

  • keepcache=0 ; info here, saves some space
  •  installonly_limit=0 ; info here, allows keeping an infinite number of installed kernels (good for regression tests)
  • clean_requirements_on_remove=1 ; automatically suggest orphaned packages to remove when uninstalling something

Setting proper hostname

just edit /etc/hostname as your convenience, modifying /etc/sysconfig/network probably won’t survive a reboot anymore

Remove PackageKit

If you’re reading this, you probably don’t need that. And if you don’t need it, removing it will prevent your yum to be randomly locked.

Remove ABRT

This automatic bug reporting tool usually makes no sense if you already report your bugs by yourself.

Specific to f18

Fedora 18 also comes with new stuff to try… or fix:

DNF, yum’s successor is here

and you can try it very easily

$ yum install dnf

After that you car run dnf just as you run yum. The dependency solver is said to be faster. It works well here, and I thought about aliasing it to yum before dnf install vim failed.

New path for your fonts settings

~/.fonts.conf moved to a standard xdg path under ~/.config/fontconfig . To avoid useless warnings, you can do:

$ mkdir ~/.config/fontconfig && cp ~/.fonts.conf ~/.config/fontconfig/fonts.conf

Disable /tmp on tmpfs

If you run a low memory system, you might want to keep your /tmp folder where it belongs, to your hard drive. As explained here, running this command and rebooting will do the job:

$ systemctl mask tmp.mount

Prefdm doesn’t exist anymore

and as such, depending on your driver’s stability, you might or not want to read the corresponding release notes.

What about giving SNA a try ?

SNA stands for “Sandybridge New Acceleration” and describes  a new rendering algorithm used within the Intel GPU drivers. Despite its name, it doesn’t only targets Sandybridge chips and might well accelerate your old intel chip as well. To enable it, you first need to create a xorg.conf config file.

This is easy, you need to run as root, when your X server is shut down:

$ Xorg -configure

and then in the “Device” section of the generated file, add:
Option “AccelMethod” “sna”

that’s all ! This feature isn’t activated by default, even if their developers consider it as stable. The result is likely not to be horrible, but you might encounter some random glitches.

> My advises for your everyday workspace

I recommend using:

  • Zsh, which will save your precious time
  • Yakuake under kde or gwake under gnome, two drop down terminals, saves space, helps getting organized

 

That’s all !

I’m still discovering this new fedora and will update this post as soon as I encounter new things to write about.

Donate Dogecoins: DJi4fgSMxcq5vRjytvCEq9A1TVsDZevd7c Whats This?

RIP Neil Armstrong

I won’t write a long post. This news hit me more than expected. Neil, you were a symbol, a figure of one of the most beautiful human achievement… all mankind is thankful, and me even more. RIP Neil Armstrong !

Photo: http://en.wikipedia.org/wiki/File:Neil_Armstrong.jpg

Donate Dogecoins: DJi4fgSMxcq5vRjytvCEq9A1TVsDZevd7c Whats This?

Some cool HTML5/CSS3/JS/WebGL/SVG demos to share

Quick post to share with you some cool HTML5/CSS3/JS/WebGL/SVG demos I discovered more or less recently :)

http://lab.hakim.se/ is gallery of mostly html/css/js experiments, just like http://chromeexperiments.com/ but with less apparent chrome-evangelism ;)

When speaking about transitions and animations, the most obvious choice seems to be CSS+JS, but I think that SVG can be somehow mind-blowing:
http://vlog.it/ is powered by RaphaëlJS: http://raphaeljs.com/ which is really good at animating stuff: http://raphaeljs.com/animation.html

Mozilla dev derbys are pushed here: https://developer.mozilla.org/en-US/demos/devderby and are worth a try because they mostly focus on one tech (CSS transforms, Audio API, WebGL, Camera API, …) thus giving a better state-of-the-art and overview of what can be done in each field separately.

If you have more cool demos to share, just feel free to leave a comment :) !

Donate Dogecoins: DJi4fgSMxcq5vRjytvCEq9A1TVsDZevd7c Whats This?

Prepare your centos/fedora apache server for streaming opus audio files

As you may have heard recently, the new Opus audio format is likely to be the next de facto standard for audio streaming all over the web.

Originated from the IETF Internet Wideband Audio Codec working group (including Xiph.Org, the non-profit organization behind the ogg formats, Mozilla, Microsoft, Skype, Broadcom, and others), this new codec is really interesting as it fills the gap between high quality formats (for audio restitution, like vorbis, mp3, aac,  …), and low latency codecs (mostly used in voice communications, like speex, G729, …), is fully open (free and opensource software, royalty-free), has one of the best restitution compared to other audio codecs, and is already mainstreamed by Mozilla (firefox >= 15) and Opera (>=12). The Webkit implementation should follow soon as Google decided to use opus as their default audio codec for the WebRTC communication standard. Further interesting readings can be found at Firefox Hackers blog, and project’s page.

So, what we want as webmasters or sysadmins is to make our servers compatible with opus. As of today, my up to date centos 6.3 doesn’t include the opus file format in it’s mimetype list, so the only thing you need to do is to add it to your /etc/mime.types file :
audio/ogg                                       oga ogg spx opus

Restarting apache should definitely fix it.

Donate Dogecoins: DJi4fgSMxcq5vRjytvCEq9A1TVsDZevd7c Whats This?