Saturday, June 26, 2010

» Finding out whether a script is piped

When writing shell scripts, sometimes you need to find out whether your script is being piped into something else (e.g. a pager like less, or just running on the terminal (unpiped). One use case could be to determine whether you want to enable ANSI style colouring of the output or not. Turns out it is really simple to do.

Shell

To do that from a bash script, use [ -t 0 ], which is true when unpiped, and false when piped:
[ -t 0 ] && COLOR=1 || COLOR=0

Perl, others

In other scripting languages (or even in C/C++), where the isatty function is available, use that -- this example being in Perl:
use POSIX 'isatty';
my $color = isatty(STDOUT);

Labels: ,

» sudo X applications on openSUSE

sudo is a very powerful tool when used wisely (i.e. not as it's done on Ubuntu). By default, sudo is configured in a much more restricted way on openSUSE than on, say, Ubuntu, to avoid any open security loopholes. If, nevertheless, you would like to use sudo to run X applications, here is how to do it.

Configure sudoers

First of all, you will need to configure sudo to let through a few environment variables that are normally not allowed to get through for security reasons. In order to do that, run visudo as root and add the following lines in that file, under the already existing Defaults env_keep line:
Defaults env_keep += "DISPLAY XAUTHORITY XAUTHLOCALHOSTNAME"

Wrapper script

Now, from there, the problem is that on openSUSE, the environment variable XAUTHORITY is not always set -- it is not needed for X applications, as they have the policy of defaulting to ~/.Xauthority when needed. But in order to run X applications through sudo, this is precisely the trick, as those applications need to explicitly use the .Xauthority file of the user that is invoking sudo Here is a little wrapper script that does the job. Save that as e.g. /usr/local/bin/xsudo or, if you only need it for your user, to $HOME/bin/xsudo:
#!/bin/bash
[ -n "$XAUTHORITY" ] || XAUTHORITY="$HOME/.Xauthority"
export XAUTHORITY
exec sudo "$@"
You also need to make that script executable:
chmod +x /usr/local/bin/xsudo
(of course, use the appropriate path to that file ;))

Using xsudo

Now you simply need to use xsudo instead of sudo to run X applications. Obviously, and what has not been explained here, you also need to open the loophole for your user if, e.g., you would like your user to be able to run any application as root without having to enter the root password. Be aware of the fact that this is a major security weakening, as any attacker just needs to be able to gain access as your regular user to be root on your host ! You basically loose the additional barrier of not only having to gain access as your regular user (who is e.g. running an application that is subject to a buffer overflow attack), but also requiring the attacker to know the root password. If you still want to do that, add the following line using visudo (as root), at the end of the file, and replace "jamesdean" with the name of your user:
jamesdean ALL=(ALL) NOPASSWD: ALL

Alternative

As an alternative, if you don't want to use the xsudo wrapper, you might as well also always set and export the XAUTHORITY environment variable. In order to do that, you first have to decide whether you want that for just your user, or for all users on your system. If it's just for your user, the file to append the following line to is $HOME/.profile; if you want to do it for all users, you must run the following command as root, and append to /etc/profile.local instead:
echo '[ -n "$XAUTHORITY" ] || XAUTHORITY="$HOME/.Xauthority"' >> $HOME/.profile
echo 'export XAUTHORITY' >> $HOME/.profile
Note that it's untested, and might as well hose your X startup :)

Labels: , ,

» Even shorter openSUSE repository URLs

Shorter URLs to repositories

As I wrote not too long ago, I hacked a very small and simple but still useful trick to simplify and shorten URLs to openSUSE Build Service repositories. e.g.:
http://s.opensu.se/r?network:utilities
instead of
http://download.opensuse.org/repositories/network:/utilities.

Even shorter

There is now an even shorter variant, using
http://r.opensu.se/...
instead of
http://s.opensu.se/r?
e.g.: http://r.opensus.se/network:utilities
(instead of the full fledged URL as above). Trivial? yes. Useful? I think so :) (e.g. to give links on IRC, or on identi.ca/twitter) For some examples, see http://r.opensu.se

Beyond the short URLs

Note that you may also expand beyond that URL to reach files/directories below those, e.g.:
http://r.opensu.se/network:utilities/11.2/network:utilities.repo

11.2 is openSUSE_11.2

As you surely have noted, 11.2 isn't the correct subdirectory there (it's actually openSUSE_11.2). Well, I also added the expansion of 11.0, 11.1, 11.2, 11.3, etc... at that position in the URL to openSUSE_11.0, etc... respectively (well, actually it's a regex ;)).

f is openSUSE_Factory

To redirect to openSUSE_Factory instead, just use f, e.g.:
http://r.opensu.se/network:utilities/f

Short URLs to .repo files

And here I'm so lazy it's getting creepy. What we usually want to link to (typically to give people a repository to add) is the .repo file.
Well,
http://r.opensu.se/network:utilities/11.2/r
redirects to
http://downloads.opensuse.org/repositories/network:/utilities/openSUSE_11.2/network:utilities.repo Same for Factory, of course, e.g.
http://r.opensu.se/server:monitoring/f/r

Add zypper to the mix

Now, given all that, if you want to tell someone to add e.g. the server:monitoring repository, just tell her to do this:
zypper ar -r http://r.opensu.se/server:monitoring/11.2/r

The impossible

What would be even nicer is to avoid having to put the openSUSE version in the URL, but unfortunately zypper doesn't the version of the openSUSE it's running on in the HTTP request headers, which means I simply cannot automagically redirect to the right subdirectory based on that, as I don't have any way to know which openSUSE version the client has.

Labels:

Friday, June 25, 2010

» ffmpeg rebuild, doxygen 1.7.1

I triggered a rebuild of the ffmpeg package in the Packman repository to properly apply the usual openSUSE compiler+linker flags (e.g. stack protector) as well as to have an ffmpeg-debuginfo package to inspect problems/crashes. Don't be surprised if you notice a lot of activity in the Packman repository, as ffmpeg is used by a lot of packages at Packman and, hence, it is currently triggering a lot of rebuilds. Another interesting update is the upgrade of the very popular API documentation tool doxygen to its latest version, namely 1.7.1. It is available in the devel:tools repository.

Labels: ,

» Update on my packages for openSUSE

I've been using my twitter to tweet about package updates recently (of course, it's all automated by a script that parses the spec file ;) -- hey, cmon, laziness is a feature :D). A few packages I've created or updated recently that I would believe to be interesting:

Labels: , ,

Thursday, June 24, 2010

» Planet openSUSE site stats

darix was so kind to run some statistics on the access logs of Planet openSUSE, and the results are.. well.. impressive.
MonthUnique visitorsVisitsPagesHitsBandwidth
Mar 201052509589270756968229261.32 GB
Apr 20109672192828209114444626533.83 GB
May 20108861172939304514848280658.34 GB
Jun 20107493145607172711126086434.41 GB
UPDATE: and more stats...: Most used browser is Firefox with 87.9%, followed by Akregator (an RSS feed aggregator for KDE) with 6.1%. IE is at 0.5%, Opera at 0.6%, Chrome at 0.3%. Most used operating system is Linux with 89.3%, Windows at 7.2% We are currently not running any per-country stats, as the apache log file is currently at 17GB ;) The number of total requests since 2010-02-10 is at over 80 million (!!!).

Labels: ,

Tuesday, June 08, 2010

» Post shortening on planet.opensuse.org

I just added a new feature on Planet openSUSE: articles with more than 100 words are shorted (see the "...") and have an additional "read more" link to read the full article on the host blog. I hope that this will enhance the readability, as we keep having massive entries that run across several screens (which, IMHO, ruin the experience of having an aggregator). Thanks to the Django developers from whom I blatantly stole some code to do the tedious word wrapping in HTML.

Labels: ,