techblog 

We want to run Redhat Enterprise Linux (RHEL) on a couple of Sun v20z’s. I dont like having screens in the computer room so I wanted to do the install via a serial console (just like on a real Sun box).

There is a lot of info on the web about linux serial consoles, see here and here. However all these documents refer to making a boot floppy if you want to install over the serial console. Floppy drives are a bit legacy so I wanted to build a DVD that will boot on the serial console.

RHEL comes on 5 CD’s! Life is too short to keep walking over to the server to change CD’s so I also looked into building a DVD. Instructions for converting RHEL’s 5 CD’s into a DVD can be found here and here. All I had to do was combine the serial stuff with the DVD. Here are the steps I followed (I did this on a Mac - the hdiutil does what mount would do on other systems):

mkdir DVD
cd DVD
mkdir CD-disc{1,2,3,4,5}
hdiutil attach ../RHEL4-U1-x86_64-ES-disc1.iso -mountpoint CD-disc1
hdiutil attach ../RHEL4-U1-x86_64-ES-disc2.iso -mountpoint CD-disc2
hdiutil attach ../RHEL4-U1-x86_64-ES-disc3.iso -mountpoint CD-disc3
hdiutil attach ../RHEL4-U1-x86_64-ES-disc4.iso -mountpoint CD-disc4
hdiutil attach ../RHEL4-U1-x86_64-ES-disc5.iso -mountpoint CD-disc5
cp -rp CD-disc1/isolinux CD-disc1/.discinfo .
#See below for how this file should look
vi .discinfo
cd isolinux/
#See below for how this files should look
vi isolinux.cfg
rm boot.cat
chmod +w isolinux.bin
cd ..
mkisofs -o dvd.iso
-b isolinux/isolinux.bin -c isolinux/boot.cat
-no-emul-boot -boot-load-size 4 -boot-info-table
-R -m TRANS.TBL -x CD-disc1/.discinfo
-x CD-disc1/isolinux
-x CD-disc2/RedHat/RPMS/rpmdb-redhat-4-0.20050525.x86_64.rpm
-graft-points CD-disc1 .discinfo=.discinfo isolinux/=isolinux
RedHat/=CD-disc2/RedHat RedHat/=CD-disc3/RedHat
RedHat/=CD-disc4/RedHat RedHat/=CD-disc5/RedHat

The .discinfo file

1117037693.576233
Red Hat Enterprise Linux 4
x86_64
1,2,3,4,5
RedHat/base
RedHat/RPMS
RedHat/pixmaps

The isolinux.cfg file

serial 0 9600
default serial
prompt 1
timeout 600
display boot.msg
F1 boot.msg
F2 options.msg
F3 general.msg
F4 param.msg
F5 rescue.msg
F7 snake.msg
label serial
kernel vmlinuz
append initrd=initrd.img ramdisk_size=9216 console=ttyS0
label linux
kernel vmlinuz
append initrd=initrd.img ramdisk_size=9216
label text
kernel vmlinuz
append initrd=initrd.img text ramdisk_size=9216
label expert
kernel vmlinuz
append expert initrd=initrd.img ramdisk_size=9216
label ks
kernel vmlinuz
append ks initrd=initrd.img ramdisk_size=9216
label lowres
kernel vmlinuz
append initrd=initrd.img lowres ramdisk_size=9216
label local
localboot 1

Redhat is nice and auto configures inittab so that after the server has booted you will get a login prompt on the console that allows root logon.

On the v20z you need to set up console redirection in the BIOS to allow serial console access to the BIOS and boot messages.
Dont forget to set “Continue console redirection after POST” to off or it will cause problems when using grub.

This evening I was trying to find out about the security of jabber conversations. After a unconvincing web search, I was just about to start playing with tcpdump to figure it out for myself when I discovered that PSI supports GPG in order to provide end-to-end security for your conversations. I am sure lots of you knew this already but it was news to me!

When you set up an account in PSI you can specify a GPG key to use and PSI will ask you for the passphrase when it starts. Your key ring will also need to contain the public keys of anyone you wish to send encrypted messages to.

When you create or modify an account in PSI you may find that the OpenPGP section is grayed out. There is some discussion of this problem here however I found that my problem was that GUI applications did not have the correct PATH set. In order to set the environment variables for GUI applications you need to create a plist file called ~/.MacOSX/environment.plist that looks something like this:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist
SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
<plist version="0.9">
<dict>
<key>PATH</key>
<string>/sw/bin:/sw/sbin:/bin:/sbin:/usr/bin:/usr/sbin:
/usr/X11R6/bin</string>
</dict>
</plist>

(I got this info from http://developer.apple.com/qa/qa2001/qa1067.html)

To use GPG encryption in PSI you just click on the green lock symbol in the chat window and if necessary associate that jabber user with their GPG key.

UPDATE: I have since realised that a better way to do this would have been to use the OSX port of GnuPG from here. This version of GPG installs in the correct path so that PSI can find it and provides a nice GUI to gpg.

One of the nice applications that comes with OSX is Keychain which allows you to store login and password information securely. However, if you have multiple MACs then you end up with multiple keychains as these are stored as local files. If you are good and only add passwords to one keychain then, you can copy them between computers but if you want to synchronise the keychains between them, then the only way to do this is by a .mac subscription. At the same time you can also synchronise Safari bookmarks, contacts and some other things.

This was not quite as easy as it seems. Synchronising contacts was straightforward, though the software is a pain to use, not up to Apple’s normal standards for usability. For keychains though it all looked to be working but the data would not change.

It took a while to figure this out but the reason is that Apple has changed the default name for keychains and the names on both computers need to be the same for them to synchronise. The old standard was to name the file (found in ~/Library/Keychains) to your username. The new standard is to name the file (in the same place) to login.keychain. So to get it working I had to do the following:

• Rename the old keychain to the new name.
• In Keychain Access, edit the keychain list to remove the old name and add the new name. Then set the new name as the default.
• For good measure I also deleted all the data under ~/Library/Keychains/.syncinfo and all the data on .mac.

All I’m waiting for now is a nice way to do this without using .mac, and to select different synchronisation targets for different keychains, so that we can use a shared keychain amongst teams.

After upgrading from Intellij IDEA 4.5 to 5.0, I found that my ant file suddenly had lots of properties highlighted in red. These were properties that were read in from an external properties file. Suddenly Intellij was not recognising them. At first I thought this was a line-ending issue as it only seemed to happen on Mac or Linux. But no, the solution: Go into the file types section of the settings and ensure that files with .properties extension are classified as “Properties files” not “Text files”. Sanity restored.