Monday, October 15, 2007

OE & FlexLm

Today I went to Kothamangala. I decided to wait at a browsing center when my sister was at college. The owner of the browsing center allowed me to connect my laptop to network. And then... I had access to 2Mbps broadband.

So, I decided to try a few things which my friend had mentioned to me over mail.

OpenEmbedded

This is a framework to create root images for embedded Linux boards. They use an application called bitbake & mtn.

bitbake: A utility to execute a set of tasks. The tasks are present in *.bb file
mtn: A version control system.

How it works?
OE guys save database various BB files. Download that and extract the BB required BB files using the mtn command. Then use the bitbake command to build any (group of) package we need.

Drawback:
There is a local.conf file and a conf file for each distro. We can specify the machine architecture etc in the conf file. However, it will then compile everything from scratch (including the tool chain). That is a few hundred MBs of download for the first time.

The sad part is that, when I tried to build angstrom distro, I found that they applied a QEMU patch which was not getting compiled with GCC version 4.1.2. This was the gcc version mentioned in the conf file of angstrom. I got an error message that I need to use 3.x version of GCC. Now there were two things.

1. By moving gcc version to 3.4.6 (latest in 3.x), I could have broken a few other deps
2. I had already downloaded a few hundreds of MBs of source code for 4.x version.

So, I decided to drop it for the time being. There was one more hurdle. I had access to csb6xx board based on intel pxa2xx. There was no support for this board. Compiling a rootfs for the board meant adding support for this board from scratch.

FlexLm

Should there be an open source license manager? If the source is open, then what is the use of a license manager?

Apparently, there are not many. If you want to make a change to OSS code and want to license it, you need to buy a commercial tool or you need to write one of your own.

One could try to partly encrypt the flash in a embedded Linux device. However, a) this will reduce the life of the flash, b) this will also be difficult since we need to find a way to protect meta data.

The other solution include secure dongles or TPM (these two are costly and complicated)
So, we will forget about hiding the software from the cracker. We will have to let him copy, but prevent that copy from working.

This made me think about the normal license managers available. The most famous is FlexLm. This is commercial. A search on this took me to RLM. This is also commercial. Now there is one in OSS domain. But it is not worth mentioning since the author himself claims that it is easily breakable.

So, I am at this conclusion currently. Security is an illusion and it is better to keep it that way :)

Apart from this, I tried a few more things. More about them later.

Monday, July 2, 2007

What I was doing...

I was a bit busy with my project work. I will add a few things here which I came across while doing the project.

nc (netcat):

This happened when we were developing a simulator. The simulator was developed as different modules which will communicate with each other using internet sockets. It so happened that the one module was ready and we needed to test it before the other module could be coded. We initially decided to have another application that will act as the server.

But, I was too lazy. I knew that the application will send data only at a slow rate. That was when I thought about this application that I used long back. When I checked FC5, it was still there and all I needed was
$nc -l 2000
to start a server at port 2000. We could then write to that port and see the data on the screen. If there is any reply required, it can be typed back on the screen.

PS: On Ubuntu 6.4, this does not work. You need to give -p argument for the port to get recognized

What I did later: I was reading the man page and I saw that you can implement http servers using this. I thought for a while and decided to have a telnet server running ASAP. This is the QDTS (Quick and Dirty Telnet Server :) ) that I came up with.

$ mkfifo telnet
$ cat telnet | nc -l 2000 | bash > telnet

Connect to this server from anywhere using

$ nc 2000

Inserting to a file:
It is with immense pain that I write this... There is no way to insert data to the middle of a file in Linux. I searched... and searched... and searched...

The only way to do it is to read the file, write till the point were you want the data to be inserted into another file. Then write your data you wanted to be added and then write the remaining data from the original file. You may then delete the original and rename the new to original.

However, you can modify any record if the size of the new and old records match. That is, if you want to replace 50 bytes in the middle of a file, you can fseek to that point, then use fprintf to print the new 50 bytes there.

Wget fun:

Wget is a nice utility which you can use for download. Though I have done it a thousand times in past, I am just putting it here for the benefit of those who might have never found it so far. Many sites, prevent download of the music files and only allow streaming them. But, many of them do it just by checking the user agent string (A string sent by the application [for example, a browser] to web server which contains the name of the application).

This is what I did to a site which was allowing real media files to be played only by realplayer.

$ for d in `cat music.txt`; do wget -U "RealPlayer(tm) (win32)" $d; done

What am I doing currently?

I am currently trying to create a simple network library which I can club with any of my simple C programs to net-enable them. I guess, This will be a good learning experience.

Saturday, May 5, 2007

Why vi?

"Why vi?"

Though it was probably the hundredth time I was hearing it, I was startled to hear that Q! We were trying to make a release and this question was asked by a colleague of mine who apparently got frustrated after trying to use VI for editing an ant build script.

I started answering as if I am the final word on the subject. I started like this.

During the dawn, there was no kwrite. There were only line editors such as ex and ed. When VI came, it incorporated the commands of ed. So, VI could relate to dawn and the people from the dawn.

"So what if a small set of geeks know how to use it?"

Hmm... I can't let him win this fast....

They were not just the geeks. They includes the lot of developers and sys-admins of Unix/Linux world. The simple proof for this is the fact that for many programs such as editing crontab etc the default editor is vi. In fact, the only time when I used another editor was while using pine. vi is omnipresent. You can find it on almost any Linux system.

"But, it is difficult to know when you can enter the text and when a command"

kid... doesn't know to use vi...

It is very simple. You just have to keep seeing the last line and the status will be shown there. insert, replace, visual... Or if it is blank, it is in command mode. In fact, once you get familiar with vi, the mode flags will be changed in your mind and hand and not just on the editor. You won't even have to see the last line.

"But, its still very difficult"

Lot many buts... its time to kick his butt...

Unix is as an OS for academia & Linux started the same way. In the dawn, the people who used it were a new species derived from the existing homo sapiens who possessed a special organ called brain. This organ enabled them to comprehend usage of simple tools such as vi. Later, when the above tool was made popular by those evolved humans & progress of life started to depend on that, others were forced to use the same. The only advice that can be given to the un-evolved onces are, "we were like you once... try for a while... you too will mostly evolve in another 2.6 M seconds"

I concluded by saying this.

Years back, vi used to have such properties which are the key features of many flashy IDEs of this day. Syntax highlightening, Source browsing (using ctags), multiple window, simple but highly effective crash recovery, multiple windows, key word completion... list goes on and on.

Our institute mainframe had many tutorials in it. One of them was on ex. After learning ex, next year when we got our accounts in department labs, I started using vi. Since I knew ex, it was very smooth. And, I personally feel that people should be first taught ex before giving them access to vi.

Sunday, April 29, 2007

Expect

Today I was writing an installer to install a few scripts that will aid build automation and uploading of reports generated from Clear Case to web. I was faced with this particular problem.

Problem: I wanted a remote site to generate a secret key and upload to my machine. I did not want to write a readme describing how to do that since I was sure that the guy on the other side will come back to me asking me to explain it.

This is what I did:

I wrote two expect scripts and wrote a shell script to call them with required arguments. The first script generated the key & the second uploaded it to my server.

---- Script to generate an RSA key. ----
---- Call only if the keys are not present ----
spawn ssh-keygen -t rsa
expect {
-re "Generating*" {exp_continue}
-re "Enter*" {send "\r";exp_continue}
timeout {puts TimeErr}
}
Then I wrote another script to put it where I wanted

--------------------Scp script --------------------------------
set USER [lindex $argv 0]
set RHOST [lindex $argv 1]
set RPASS [lindex $argv 2]
set DESTFILE [lindex $argv 3]
set HOME [lindex $argv 4]
spawn scp $HOME/.ssh/id_rsa.pub \ $USER@$RHOST:$DESTFILE
expect {
-re "^The" {send "yes\r"}
-re "^$USER" {send "$RPASS\r"; exp_continue;}
timeout {puts TimeErr}
}
spawn ssh $USER@$RHOST "if \[ ! -f\ ~/.ssh/authorized_keys \]; then mkdir -p ~/.ssh ; touch \ ~/.ssh/authorized_keys; fi; cat ~/$DESTFILE >>\ ~/.ssh/authorized_keys"
expect {
-re "^The" {send "yes\r"}
-re "^$USER" {send "$RPASS\r"; exp_continue;}
timeout {puts TimeErr}
}

This was my first attempt with expect. Needless to say, I really enjoyed doing this and now I want to learn expect better.

Saturday, April 28, 2007

whoami


I am Suseelan B Sarin, a software engineer from Bangalore, India. For a long time I wanted to start a Linux blog. I don't claim to be a Linux scholar. But I simply like to use Linux. I re-invented this truth very recently when I saw that I could, with more or less minimal effort, setup ClearCase 7.0 server & client on Fc-5 for my office project while our system admin team still struggles with it even after 2 weeks. (I would have helped them. But they pissed me off in the initial stages & now I have completely deserted them so that they can have fun with with their own woes)

Yesterday I wrote a script to upload build logs from CC to a local web server and I really enjoyed it. I wrote it in bash & I plan to put some time into it and convert it into a PERL script. Now, why I am I posting it here? Its simply because these incidents have brought me back to Linux. In past four years, my only acquaintance with Linux was maintaining a forum and discussion board for my office. Now I plan to take one more dip in that vast ocean. Keep watching this space to find if I will drown or will come back with some precious pearls
:)