“Elegance is not a dispensable luxury” — Edsger Wybe Dijkstra

HowTo: Using -lite With a GIT-based Application

Many years ago now I was looking for a faster init for work. I found Finit and since then I’ve been working on improving upon it. My version of Finit is available on GitHub.

Finit was initially written by Claudio Matsuoka to act as a drop-in replacement for the Asus EeePC fastinit, “gaps filled with frog DNA” … Until I found Finit I had always been in awe of people venturing into the realm of PID 1, but learning from the simplicity of Claudio’s code I slowly began understanding what it was all about.

Finit is open sourced under the very liberal MIT/X11 license. Much of the code has proven extremely useful to me in other projects over the years. It takes a while to realize, but there are actually a lot of APIs missing in the C library and Finit has helped me bridge that gap in a lot of projects.

Recently I broke out the most generic pieces from Finit into a separate library, which I call libite, (because it looks fun when linking with it: -lite), and complemented it with a few pieces of my own and some from the OpenBSD project, most notably their famous string functions: strlcpy(3) and strlcat(3). It also holds the very useful *BSD linked list API sys/queue.h, which is a much more up to date version than GLIBC carries! GLIBC does not have the _SAFE macros for traversing lists while deleting/freeing nodes.

To make use of -lite and its APIs you can add libite as a GIT submodule to your project:

git submodule add

You then need to add #include "libite/lite.h" to the source and adapt your Makefile slightly to call the libite/Makefile before linking the static .a library:

all: $(EXEC) libite/libite.a

libite/libite.a: Makefile
        @$(MAKE) STATIC=1 -C libite

$(EXEC): $(OBJS) libite/libite.a
        @gcc -o $@ $^

For an example of how this can look, see my project uftpd, which uses both -lite and -luev. The latter is my small event library, libuEv.

HowTo: Push to Multiple GIT Repos With One Command

So, now that I have setup as a backup GIT repo to, I needed a simple way of always pushing to both repos – best way for me is to always hook into my regular work flow, otherwise I’d just forget. The git-remote(1) man page describes the new set-url --add sub-command:

git remote set-url --add origin

Now, with a simple git push followed by git push --tags I had now pushed to both the GitHub repo as well as my own server!

Of course I first had to create the empty watchdogd.git on the server:

cd /srv/git
git init --bare watchdogd.git
echo "Refurbished watchdog daemon from uClinux-dist" >watchdogd.git/description

To inspect your current push/pull repos, issue git remote -v:

origin (fetch)
origin (push)
origin (push)

HowTo: Apache With Gitweb on Debian 8.1

I’m posting this in case anyone else gets stuck setting up Apache with Gitweb. Also as a reminder to myself in case I ever need to set up this all over again.

  1. You have all your eggs in one basket (GitHub), and
  2. You really like that shiny basket, but
  3. You know you’re clumsy and usually drop baskets yourself.
  4. You are wise (yes you are!) and realize you need another basket, so
  5. You set up a server and a domain yourself …

OK. Let’s start simple, since you are already running the latest Debian you fire up the command line and install the basics:

sudo apt-get install gitweb apache2

So it’ll complain, you’ll clarify your request and soon all required packages are on your server. Now what?

Debian has already set up http://localhost/gitweb for you, and if you have a domain already you should go ahead and edit the master file for that:

editor /etc/apache2/sites-available/000-default.conf
service apache2 reload

If you want to use that for your gitweb needs, then you’re done!

Inetd Support in Finit v1.12

A steady flow of features, and releases, is key to keeping any project alive. Recently I ticked off another item in the Finit TODO list …

Finit v1.12 now comes with a built-in inetd! You no longer need an external inetd daemon to launch services on demand.

The good news doesn’t stop there, this little inetd actually supports a poor man’s tcpwrappers!

inetd ssh/tcp          nowait [2345] /sbin/dropbear -i -R -F
inetd ssh@eth0:222/tcp nowait [2345] /sbin/dropbear -i -R -F

With these two lines in your /etc/finit.conf you tell finit to launch the Dropbear SSH server on demand on port 22 (default ssh/tcp port in /etc/services) on all interfaces except on eth0, which in your case is the Internet (WAN) interface, here you want SSH to run on port 222. Actually, you don’t want port 22 open at all on eth0 … so finit takes care of this for you! Seriously, it just works, no need for messing about with that nasty old iptables anymore!

The original UNIX inetd super server supported many protocols internally, some of which may seem a bit odd today, and some have been superseded by more modern protocols.

Finit currently only supports one internal/built-in standard service, time. It is built as a plugin to serve as an example of how you can extend Finit yourself. The time service can be called either as UDP or TCP. To prevent security issues, the time protocol is disabled by default. To enable it you need two things:

  1. The plugin (built by default)
  2. An inetd time ... line in /etc/finit.conf

Assuming you’ve installed the default set of plugins, the following two lines can be added:

inetd time/udp   wait [2345] internal
inetd time/tcp nowait [2345] internal

This can be very useful for testing the inetd capabilities, your network connection, or simply to get the time to a client where NTP for some reason does not work, or is blocked. For instance, you could have a GPS setup on your server and distribute time to clients with the time protocol.

To use it you need an rdate client. Users of rdate in BusyBox may need to be reminded that it only supports TCP.

$ rdate -pu
Sat Mar  7 08:48:58 CET 2015

For more info on Finit and its features, see the README.

Enjoy! ツ

Finit v1.11 Released!

Update 2015-03-09: This release has unfortunately been yanked due to serious regressions in launching background processes. It has been replaced by v1.12

Rant: All the C Compiler Warnings …

“Enable all the warnings!”

This is one of the truths you learn when you start working with C. Most of the time adding CPPFLAGS="-W -Wall -Werror" is all you need to find all the nasty bugs. And if that’s not enough, there are tons of tools for static code analysis, like scan-build in Clang, and Coverity Scan, to help you find all the bugs!

However, these pesky warnings (some of which cannot even be disabled!) are sometimes more of a nuisance than help. Sometimes you know that some parameters to a function will remain unused – it’s a callback, and you don’t need all the data given to you. So you start adding all kinds of voodoo, like __attribite__ ((unused)) … seriously?

Recent Open Source Work

I’m a coder, not a writer. Here’s what I’ve been working on during the winter holidays:

  • A new feature release of Finit is coming shortly, which will use libuEv and feature inetd support built-in!
  • Another minor release of my own take on event loops, libuEv v1.0.3. This time with a heavy focus on documentation and Q&A, extensive validation testing have been done on this release.
  • Released another minor release of mrouted, v3.9.7, which despite its age, and all other obvious limitations of DVMRP, is still one of the best options for dynamic multicast routing available today.
  • Major new release of pimd, v2.2.0, which is likely the last release ever of the old pimd, unless someone starts paying me to work on it.

    … or more people step up to help. Both the Xorp PIM-SM and the upcoming Quagga PIM-SSM implementations are in better shape. The only thing old pimd has got going for it is the license. It’s 3-clause BSD, so very liberal.

If you’re interested in pitching in, on any of my projects, just send me an email or connect with me on GitHub!

Blog Restoration Project

I’ve had this long-standing issue with backups. It’s deadly boring to set up and maintain, so I don’t do any. Until today!

Today I moved the sources for my Octopress blag to GitHub, which also prompted me to set up a mirror on GitHub Pages. As usual, reading up on the subject and muster enough motivation took me about three months, whereas the actual work took about 4h.

Pimd v2.2.0 – the Last Release of Pimd?

On one of the last days of 2014 I release pimd v2.2.0, which is an awesome release with a lot of new features and bug fixes!

However, it could very well be the last release I do. Even though its one of my most popular projects on GitHub I have not had enough time to dedicate to it over the years. I will continue to do fixes and merge pull requests until someone else steps up to take over. There is also the distinct possibility that the Xorp PIM-SM or the new Quagga PIM-SSM implementations will (finally) make good old pimd completely redundant.

At work we will likely start using the Quagga PIM rather than pimd in WeOS.

For now though, enjoy pimd v2.2.0. It’s been tested in both my Qemu based virtual testbed and a few setups using Linux’ netns feature in CORE – awesome little proggy! :-)