techblog 

I’ve recently been struggling to check out a large subversion repository on my Mac.  Each time I tried I’d get an error like:

svn: Can't open file '..../.svn/tmp/some_path/some_file.svn-base': No such file or directory

I had no such problems checking out the same repository on a Linux system. This was somewhat puzzling.

Finally, the answer dawned on me. The default HFS file system on Mac OS X is case insensitive, and an examination of the repository with a web browser showed the problem - there were two files that had the same name, but one had mixed case, and the other was lower case. When checking out the repository, both files are dropped into a temporary directory, but one overwrites the other. When SVN tries to move the temporary files, one of them no longer exists!

To prove the theory, I created a case-sensitive .dmg file with Disk Utility, and was able to check out the whole repository into that virtual disk without any errors. I’m considering whether I should convert my whole disk to case-sensitive mode, although some Google search results suggest that some applications don’t like that either!

A lot of people I know get very excited by Apples. In the interests of spreading my bets, one of my machines is an Apple. Maybe it’s just me, but I just don’t get the usability benefits that everyone raves about.

For example, I found this great little library called libnet. It allows you to do raw socket manipulation in a platform-independent way, hiding a load of gory details. I was having some trouble testing libnet code, so I thought I’d try everything on my own network (to make sure that firewalls weren’t getting in the way). “Great!”, I thought, “I’ll try my Mac”.

Unfortunately, although libnet compiles and installs to Max OS X, you can’t actually use it to write to raw sockets :

“Write error: libnet_write_raw_ipv4(): -1 bytes written (Invalid argument)”

I can find this terse response from Apple.

The solution? Boot up the Linux VM! :0)

You could reasonably point out that there is simply no support for the latest OS X in a library which was last released several years ago - but the fact remains, it is unusable on a Mac! I have had similar issues with Java and Ruby code; it seems like I am tending to do more work in VMs, and less work on the Mac itself.

Maybe it’s just me…

I need to use Oracle’s SQL*Plus quite often from my Mac but Oracle’s support for OS X is sketchy to say the least.  You can’t install the proper client on Intel machines, so you have to use the Instant Client instead.  I also want to use gqlplus, which adds things like a command history to SQL*Plus.  (You may be amused to know that SQL*Plus was once called UFI, meaning “User Friendly Interface”, not sure how it could be made less friendly really).  After a bit of trial and error, I got it working.  This is how I have it set up:

• I installed instantclient into its own directory
• I added this directory to PATH and to both LD_LIBRARY_PATH and DYLD_LIBRARY_PATH environment variables
• I put tnsnames.ora and login.sql (for commands to be run at login time) in my home directory
• I pointed the TNS_ADMIN and SQLPATH environment variables to my home directory
• I built and installed gqlplus in /usr/local/bin

I have also set up an alias so that gqlplus runs with the -d flag.  This turns off the auto-completion which can make gqlplus slow to load.

With the impending exhaustion of IPV4 address space (currently predicted as 17 Oct 2011 http://www.potaroo.net/tools/ipv4/index.html ) it seems every networking event these days has coverage of ipv6, which can only be a good thing I guess. So yesterday while at uknof I discovered that google are now running an ipv6 only version of their website at ipv6.google.com which made me wonder how easy it is to get ipv6 up and running on a personal laptop/desktop.

Now I normally reserve the ‘It Just Works’ phrase for Mac OSX however today I felt the need to apply it to ipv6 or more specifically an ipv6 technology which I have only recently become aware of called Teredo. This enables you to tunnel ipv6 traffic through a NAT over ipv4. In simplistic terms it encapsulates all your ipv6 packets inside ipv4 UDP packets and sends them to a Teredo Server/Relay which then strips the ipv6 back out and forwards it to the ipv6 only internet (further technical detail available at references listed at the end of this article)

The real plus point of this approach though is how easy it is to configure on the client:

OSX- Download and install the client here: http://www.deepdarc.com/miredo-osx/
Linux- Download compile and install the client here: http://www.remlab.net/miredo/
Windows XP SP2 and above- Run two commands at a dos prompt
‘netsh interface ipv6 install’
‘netsh interface ipv6 set teredo client’

You’re done.

To check your ipv6 is working try accessing http://ipv6.google.com or do a traceroute6 (tracert6 for windows) to 2001:7fd::1 which is the ipv6 address for the K Root DNS server.

Ok so it’s not native ipv6 but it does give you some basic understanding and experience.

As I understand it the ease of use and installation under Windows is explained by the fact this was originally a Microsoft invention.

More technical details are available at the following links

http://www.microsoft.com/technet/network/ipv6/teredo.mspx
http://www.rfc-editor.org/rfc/rfc4380.txt

Additional Security note:

Potential users and in particular network security admins should be aware that running a teredo tunnel opens a publicly routed ipv6 address on the machine in question. It maybe wise to configure firewalls to block this behavior behind corporate networks.

I use a MacBook Pro at work, but of course there are always one or two Windows applications that I need to run too.  Consequently, I recently installed Parallels to allow me to run these both in the office and at home.  I knew that others were using this method to run these apps, so I wasn’t too worried about getting it to work.

When I fired up Parallels for the first time though, the CPU usage shot right up and the whole OS X interface became incredibly sluggish for several minutes.  The strange thing was that this was just starting Parallels itself, not booting the virtual machine.  Once the application was started, sanity was restored.  The offending process was “WindowServer”, so it seemed to have something to do with the graphics processing.  There were reports of other folks having similar problems on the Parallels forum, but none of the solutions seemed to be definitive.

Then I tried starting Parallels while I was away from my desk.  It came straight up with no problem at all.  What was different?  It turned out to be a Good Way USB Display Adapter I am using to allow me to run 2 external monitors from my laptop.  Once this was disconnected the problem went away. So now if I’m at my desk, I unplug the USB cable, start Parallels, then reconnect.  I don’t understand what is going on here, but at least I have a workaround.

I’ve been a vim user for many years.  More recently I have been mainly working on a Mac, but the version of vim for OS X was never very good.  It felt like a Linux application that had been ported to the Mac.  It didn’t support multiple windows, the standard Mac shortcut keys didn’t all work as expected and it just didn’t feel like it fitted in very well.  I was almost tempted to move to TextMate, but I missed all the regular expression commands I had grown used to.  Recently I have moved over to use Bjorn Winckler’s MacVim.  It is a proper Cocoa application which supports multiple windows etc and just looks and feels more Mac-like.  It even automatically updates when there is a new version.  It has got to the point where it is better than the old Carbon version in under a year.  I recommend you give it a try.

Recently I had a weird problem on my laptop. Web browsing was slow and certain lookups failed altogether. The failures were exclusively associated with nominet.org.uk domain names, specifically connections to our office network. When the problems first started my mail client failed to work unless the VPN was activated, which is not the way our security policy mandates it should work. After a while the mail client failed even after activating the VPN. I was effectively locked out of my email unless I visited the office!

The error messages from the mail client suggested that the DNS lookup for the mail server was timing out. Using wireshark on the wireless interface I noticed that there were no DNS lookups for nominet.org.uk, though other search domains were being appended. Everything in System Preferences looked fine, /etc/resolv.conf had no surprises. However, I did find a suspect file: /etc/resolver/vpn-resolver-662638-0 which contained:

domain nominet.org.uk
nameserver 213.248.199.17
timeout 3

This file dated from early 2006, which seemed odd as the laptop was only installed in March 2008! I presume it was copied over from my previous laptop by the Migration Assistant. Removal of this file fixed the problem, but where did it come from?

Our present VPN solution is based on OpenVPN and I use the Tunnelblick client to connect. My first thoughts were to blame this combination. There have been some stability problems with Tunnelblick on Leopard, apparently. But, before we used this system we used an SSL VPN solution terminating on a Netscreen firewall. I used the VPN Tracker client from Equinux to connect. I now believe the rogue resolver file was left behind by VPN Tracker after it was deleted. I am still at a loss to explain why it took so long to start affecting the laptop, or why it appeared to degrade in stages, rather than just fail.

Wireshark is a free, open source network protocol analyzer. It can be used as a graphical interface when viewing tcpdump files. Alternatively, it can be used to capture live network traffic. For this, it must be able to read raw data from network interfaces. Using the standard install from DMG package under Mac OS X this is not straightforward.

By default the /dev/bpf* interfaces are owned by root with permissions set to rw-------. They can be opened for reading using sudo chmod go+r /dev/bpf*, but this is not persistent across reboots. To permanently ensure that Wireshark can be used in capture mode it is necessary to run this command on start up. The mechanism to do this is explained here. I made a slight modification to the ChmodBPF script to run the command above. The gzipped file is attached. Simply unzip this and put it in /Library/StartupItems.

I recently upgraded my OS X Java development environment to
the Java SE 6 Developer Preview 9 release. After the upgrade I encountered the following error when running code which relied upon the AWT libraries:

seventh-circle$ java AWTExample
2008-04-24 12:15:12.061 java[1035:10b] Apple AWT Startup Exception : *** -[NSCFArray insertObject:atIndex:]: attempt to insert nil
2008-04-24 12:15:12.087 java[1035:10b] Apple AWT Restarting Native Event Thread


Ugoogalizing the stack trace indicated this was a rare but not unknown problem, with no obvious solution. A known unknown, if you will.

After blaming everyone else I retraced my steps and realised that I had changed the CurrentJDK and Current symlinks in /System/Library/Frameworks/JavaVM.framework/Versions to point at 1.6, in a misguided attempt to make this the default version of Java for the shell. Specifically by repointing the Current symlink from A to 1.6 I had broken the Java Native Foundation framework. I reset the symlink and chalked the lost hours up to the arrogance of youth:

cd /System/Library/Frameworks/JavaVM.framework/Versions
sudo rm Current
sudo ln -s A Current

In summary, if you want to change the default version of Java to 1.6 for a command line process on OS X, I’d recommend using the Java Preferences Application. If you want to be sure add the following to your .bash_profile:

JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/1.6/Home
export JAVA_HOME
PATH=$JAVA_HOME/bin:$PATH
export PATH


IntelliJ, the extremely good Java IDE from Jet Brains will often fail to pick up external file changes; for example performing a subversion “svn up” on your source code.

The problem can be fixed by removing or renaming fslogger in IntelliJ’s bin directory (e.g. /Applications/IntelliJ IDEA 7.0.3.app/bin) as is well documented.

Jet Brains continue to ship this library — enabled by default — for version after version of IntelliJ. Each time I install a new version, the first thing I have to do is disable fslogger and if I forget, then I tend to end up wrongly accusing a colleague of checking-in broken code.

The fslogger library doesn’t work for anyone here as far as I am aware. Shipping a library that actually stops a product from working, when it works so well without it is something I find hard to understand. Perhaps Jet Brains would consider removing this library from the IntelliJ distribution or shipping it disabled by default.