The other day I needed to setup bridged networking for a Qemu virtual machine. Although I found a rather well written generic TAP interfaces guide on Wikibooks. It only explained how to configure a network bridge on a host machine with a static IP. I wanted to do this on a host that used DHCP. Plus I wanted to keep all configuration in Fedora specific places. Having discovered a good way to do this through experimentation after a few fruitless Google searches I thought it would be useful for myself and others to have the configuration documented here.

ifcfg-eth0

First, I changed the host’s (auto-generated) /etc/sysconfig/network-scripts/ifcfg-eth0 script from this:

# Attansic Technology Corp. L1 Gigabit Ethernet Adapter
DEVICE=eth0
BOOTPROTO=dhcp
HWADDR=00:1D:60:35:A7:64
ONBOOT=yes

to this:

# Attansic Technology Corp. L1 Gigabit Ethernet Adapter
DEVICE=eth0
TYPE=Ethernet
BRIDGE=br0
ONBOOT=yes

This turns off DHCP on the physical Ethernet device and just specifies that it will be connected to or a part of a bridge.

ifcfg-br0

Second, I created /etc/sysconfig/network-scripts/ifcfg-br0, which will be called to setup a bridge device:

DEVICE=br0
TYPE=Bridge
BOOTPROTO=dhcp
HWADDR=00:1D:60:35:A7:64
ONBOOT=yes
DELAY=0
STP=off

As you can see, most of this configuration is copied from eth0 plus the bridge configuration as per the Qemu Wikibook.

qemu-ifup/down

Third, I shortened the /etc/qemu-ifup and /etc/qemu-ifdown from Wikibooks to get this:

/etc/qemu-ifup:

#!/bin/sh
USER=$(id -un)
sudo /usr/sbin/openvpn --mktun --dev $1 --user "$USER"
sudo /sbin/ifconfig $1 0.0.0.0 promisc up
sudo /usr/sbin/brctl addif br0 $1

/etc/qemu-ifdown:

#!/bin/sh
sudo /sbin/ifconfig $1 down
sudo /usr/sbin/brctl delif br0 $1
sudo /usr/sbin/openvpn --rmtun --dev $1

Here I basically removed all of the configuration that is taken care of in the sysconfig scripts. I also made explicit use of sudo simply because that is my preference.

Final steps

Now I can simply run /etc/qemu-ifup tap0 once to create a TAP device, and use something like: qemu-kvm -hda /virtual-machines/fedora9.disk -m 512 -net nic -net tap,ifname=tap0,script=no to start a virtual machine. When I’m done running the virtual machine, I can run /etc/qemu-ifdown tap0 to remove the TAP device.
It sounds simple now that it’s working, but initially it took a lot of guessing on my part so I’m documenting it here for the future.

I would appreciate it if someone can point me to the official Redhat/Fedora documentation on editing /etc/sysconfig/network-scripts/ scripts.

I just finished setting up my newly purchased monochrome duplex network printer - Lexmark E250DN. It took me a while to figure out how to configure CUPS on my GNU/Linux/Fedora machines to communicate with this printer. The problem was that I just didn’t know what URI to use for the printer. Unsurprisingly, the PDF and HTML documents that came with the printer didn’t mention such information. After all, why would Windows users need to know that if they can simply run the printer-specific utility to configure everything for them? Sheesh… Anyways. The CUPS manual was actually quite useful in listing common printer URIs. It turned out that the Lexmark URI lpd://printer-address/ps and a Generic PostScript driver worked quite well. In fact, the “/ps” part seems to be irrelevant, so simply lpd://printer.lan worked for me. However, the CUPS manual also suggested avoiding the LPD protocol if the printer supported other protocols. Using nmap I confirmed that my printer has at least something running on the IPP port (631):

$ nmap printer.lan

Starting Nmap 4.53 ( http://insecure.org ) at 2008-06-22 20:39 EDT
Interesting ports on printer.lan (10.1.1.7):
Not shown: 1705 closed ports
PORT      STATE SERVICE
21/tcp    open  ftp
79/tcp    open  finger
80/tcp    open  http
515/tcp   open  printer
631/tcp   open  ipp
5001/tcp  open  commplex-link
8000/tcp  open  http-alt
9100/tcp  open  jetdirect
10000/tcp open  snet-sensor-mgmt

Nmap done: 1 IP address (1 host up) scanned in 0.396 seconds

After a bit of trial and error, I discovered that simply using the http://printer.lan:631 or ipp://printer.lan URI and a Generic PostScript driver worked without problems with E250DN.

Apart from these initial pains I am quite happy to be able to print double-sided black-and-white documents from all of my home computers.

Side Note:

During the investigation process, I noticed that Fedora’s system-config-printer utility prints the following information to the terminal when I tell it the IPP printer hostname:

...
printer.lan: /usr/lib/cups/backend/snmp "${HOST}" 2>/dev/null
printer.lan: hp-makeuri -c "${HOST}" 2> /dev/null
No ID match for device ipp://printer.lan:
<manufacturer>Lexmark</manufacturer>
  <model>E250dn 6216N4G LE.PM.P121 -- Part Number -</model>
  <description>Lexmark E250dn 6216N4G LE.PM.P121 -- Part Number -</description>
  <commandset></commandset>
Using textonly.ppd
...

I wonder how I could get that XML-ish output myself. It doesn’t seem to come from hp-makeuri.

In April I was privileged to be one of the 1125 students who got selected for the Google Summer of Code (GSoC) 2008 program. I was accepted to work on a project to implement Panorama Viewing in VLC. This summer was my last chance to participate in GSoC as a student because of my graduation date so I was very excited to have this once in a lifetime opportunity. More recently, I received an offer for a full-time “Linux Application and OS Developer” position at SOMA Networks - a company in downtown Toronto. Given the importance of a permanent job and having read the advice from previous GSoC participants, it didn’t take me long to decide to cancel the GSoC project and focus on the new job. Due to timing, however, I still managed to receive an acceptance gift from Google. The gift is a book called Beautiful Code: Leading Programmers Explain How They Think. Apart from being an interesting read, it’s a nice souvenir to keep in memory of the many hours I spent preparing for GSoC by choosing a project to apply for and writing multiple proposals.

So Fedora 9 has been released upon the masses yesterday. I won’t be able to try it for a while, but I decided to start downloading it now anyways. On the download page I noticed a curious new option of using Jigdo. After reading a bit about Jigdo it looks like it could fit me well. I have, what I consider to be, a fast (5Mbit download) Internet connection, but I don’t like the idea of straining mirror download servers of Free Software projects which usually exist on a volunteer basis (A recent check shows that the main Fedora mirror is indeed overloaded). Plus, my bittorrent download keeps going inactive so I’m currently downloading Fedora 9 with Jigdo.

In Fedora 8, Jigdo was easy to install:
# yum install jigdo

From the jgdo manpage I discovered that the command line client version of jigdo is actually called “jigdo-lite”. Using this client turned out to be as easy as telling it which “.jigdo” file to use:

$ jigdo-lite http://www.muug.mb.ca/pub/fedora/linux/releases/9/Fedora/x86_64/jigdo/Fedora-9-x86_64-DVD.jigdo

Jigdo was nice enough to ask me to enter a path to previous installation media (presumably Fedora) to check for files which can be reused. To my amusement it turned out that the Fedora 7 x86_64 DVD contained no such files while the Fedora 8 x86_64 DVD contained 116 of the 2691 files required by the template.

Resuming jigdo was an interesting process. I canceled the first attempt with Ctrl-C. Then I simply re-ran the original jigdo command and it told me:

The temporary directory `Fedora-9-x86_64-DVD.iso.tmpdir' already exists. Its contents
ARE GOING TO BE DELETED (possibly after having been copied to the
image, if they are of interest for it). If you do not want this
to happen, press Ctrl-C now. Otherwise, press Return to proceed.

This puzzled me because it didn’t say what is the meaning of the files in the *.tmpdir directory. Without knowing that I shouldn’t be expected to assess the importance of the directory and make a decision about deleting it. My initial guess was that it contained everything that jigdo has downloaded in the previous session. I checked the “jigdo” and “jigdo-lite” mangpages but they did not mention resuming. Thankfully, the documentation on the website was more helpful. The Downloading Of The ISO section made it clear that I shouldn’t fear to loose Fedora-9-x86_64-DVD.iso.tmpdir after all. Apparently it simply stores files which have just been downloaded but haven’t been merged into the temporary image (which is called Fedora-9-x86_64-DVD.iso.tmp). I checked that currently Fedora-9-x86_64-DVD.iso.tmpdir is much smaller than Fedora-9-x86_64-DVD.iso.tmp so I feel confident in letting jigdo delete that dir:

$ ls -lah
total 3.9G
drwxrwxr-x 3 plouj plouj 4.0K 2008-05-14 15:48 .
drwxr-xr-x 25 plouj plouj 4.0K 2008-05-14 11:16 ..
-rw-rw-r-- 1 plouj plouj 314K 2008-05-14 11:30 Fedora-9-x86_64-DVD.iso.list
-rw-rw-r-- 1 plouj plouj 3.9G 2008-05-14 15:47 Fedora-9-x86_64-DVD.iso.tmp
drwxrwxr-x 4 plouj plouj 4.0K 2008-05-14 15:47 Fedora-9-x86_64-DVD.iso.tmpdir
-rw-rw-r-- 1 plouj plouj 211K 2008-05-12 13:11 Fedora-9-x86_64-DVD.jigdo
-rw-rw-r-- 1 plouj plouj 12M 2008-05-12 11:38 Fedora-9-x86_64-DVD.template
-rw-rw-r-- 1 plouj plouj 3.0M 2008-05-14 11:30 jigdo-file-cache.db
$ du -sh Fedora-9-x86_64-DVD.iso.tmpdir
7.5M Fedora-9-x86_64-DVD.iso.tmpdir

Find confirms the same:

$ find Fedora-9-x86_64-DVD.iso.tmpdir -type f
Fedora-9-x86_64-DVD.iso.tmpdir/gulus.usherbrooke.ca/pub/distro/fedora/linux/releases/9/Fedora/x86_64/os/Packages/lucene-contrib-2.3.0-1jpp.0.fc9.x86_64.rpm
Fedora-9-x86_64-DVD.iso.tmpdir/gulus.usherbrooke.ca/pub/distro/fedora/linux/releases/9/Fedora/x86_64/os/Packages/libpng-1.2.24-1.fc9.x86_64.rpm
Fedora-9-x86_64-DVD.iso.tmpdir/gulus.usherbrooke.ca/pub/distro/fedora/linux/releases/9/Fedora/x86_64/os/Packages/lftp-3.6.3-2.fc9.i386.rpm
Fedora-9-x86_64-DVD.iso.tmpdir/www.muug.mb.ca/pub/fedora/linux/releases/9/Fedora/x86_64/os/Packages/glibc-2.8-3.x86_64.rpm

After I pressed “Return”, jigdo happily resumed downloading my Fedora 9 DVD. Some time later, the download finished successfully and the resulting image passed the SHA1SUM check.

In addition to the resuming confusion I noticed a few other problems with Jigdo. Firstly, it just takes a long time to download and check all the files. It has been running for over 3 hours and at 500KB/s (the average speed I get from good servers) the whole DVD image (3970.8 MB) would have been downloaded by now. Secondly, the name is hard to spell correctly. I’ve gone from “Jingo” to “Jidgo” to “Figdo”.

To be fair, I have to admit that the coolness of what jigdo does in the background outweighs its shortcomings and I am happy with it in the end.

On my home desktop machine:

$ history | awk '{a[$2]++ } END{for(i in a){print a[i] " " i}}'|sort -rn|head
2835 ls
1624 cd
1246 ssh
964 svn
801 su
521 screen
479 man
472 rm
471 less
402 yum

same, but as root:

# history | awk '{a[$2]++ } END{for(i in a){print a[i] " " i}}'|sort -rn|head
842 yum
317 ls
173 vim
107 mdadm
102 mount
80 man
73 ./secure-data2.sh
68 tail
63 dmesg|tail
62 umount

Yay for my system-wide setting of HISTSIZE=”50000″.
./secure-data2.sh is a script I use to mount an encrypted file from a USB stick.

Once I figured out how to do QoS on my openwrt router I decided that I would make use of the bandwidth provided to me by my ISP to seed some nice legal torrents as long as I can without interrupting my Internet browsing. Since I was already using rTorrent, it seemed like a good choice for a console application running inside screen that would be started by cron each time my computer boots. In theory that was true, but in practice the lack of documentation of various peculiarities cost me a few hours of digging and asking around before I had a properly working solution. In this post I will document my solution.

Right away I knew that I wanted to be able to easily attach to the bittorrent screen session at any time, so I used an easy to remember name for it:

screen -s torrent

I also knew that for screen to work with cron it had to start in a “detached” mode. Thankfully, the screen manual told me how to do that:

screen -d m

During my research I came across different people mentioning a short form for all of the above switches:

screen -dmS torrent

Since I like to simplify things I immediately adopted it and unfortunately paid dearly in the end. In fact, this was one of those attractive in theory but poorly executed features that cause other things to fail and waste my time with unhelpful error messages. It took me a few hours to figure out that it was causing screen to keep failing to start from inside cron with a “Must be connected to a terminal.” error.

Once I got over that hurdle I tried the full command without cron:

screen -d -m -S torrent /usr/bin/rtorrent

Everything was good until I noticed that I couldn’t use any rTorrent keyboard commands. I couldn’t even quit it apart from killing it from a separate terminal. According to the rTorrent user guide this was a result of a flow control conflict with screen. Thankfully screen also had a switch -fa just for that:

screen -fa -d -m -S torrent /usr/bin/rtorrent

To be on the safe side I used an absolute path to screen in the cron job:

/usr/bin/screen -fa -d -m -S torrent /usr/bin/rtorrent

Making sure cron starts this each time my computer boots was easy with the @reboot directive so this is exactly what should go in the crontab:

@reboot /usr/bin/screen -fa -d -m -S torrent /usr/bin/rtorrent

After running rTorrent like this for a few days I noticed that it was a bit unstable and would crash sometimes so I came up with a simple Bash script to keep it running:

$ cat ~/bin/myrtorrent
#!/bin/bash
PROGRAM="/usr/bin/rtorrent"
GRACE_DELAY=15
while true;
do
    "$PROGRAM"
    RETURNED=$?
    if [ $RETURNED -ne 0 ]
    then
	echo "$PROGRAM did not exit cleanly with status code $RETURNED"
	echo "pausing for $GRACE_DELAY seconds before restarting $PROGRAM"
	sleep $GRACE_DELAY;
    else
	echo "$PROGRAM exited cleanly. It will not be restarted automatically"
	exit 0
    fi
done

The final cronjob looks like this now:

@reboot /usr/bin/screen -fa -d -m -S torrent $HOME/bin/myrtorrent

Sadly, the usefullness of this setup is questionable since Bell is throttling DSL resellers’ peer-to-peer traffic.