Summer of Code 2015
HowTo run pimd on OpenBSD
HowTo: Using -lite with a GIT-based application
Years ago while looking for a fast init replacement for work, I found Finit. Originally written by Claudio Matsuoka to act as a drop-in replacement for the Asus EeePC fastinit, “gaps filled with frog DNA …”
Until I found Finit I had always been in awe of those venturing into the realm of PID 1. However, learning from the simplicity of Claudio’s code I realized that although PID 1 at times is indistinguishable from magic, it is really not that hard to master. My version of Finit is available on GitHub.
The code is open sourced under the very liberal MIT/X11 license, and much of its frog DNA has proven very useful to me over the years. This blog post is about how that frog DNA can help you fill gaps in your projects …
HowTo: Push to multiple GIT repos with one command
So, now that I have http://git.troglobit.com setup as a backup GIT repo
to https://github.com/troglobit, I needed a simple way to always push
to both repos – best way for me is to always hook into my regular work
flow, otherwise I’d just forget. The git-remote(1) man page to the
rescue, it describes the set-url --add
sub-command:
git remote set-url --add origin ssh://git.troglobit.com:1234/srv/git/watchdogd.git
Now, with a simple git push
followed by git push --tags
I had now
pushed to both the GitHub repo as well as my own server!
HowTo: Apache with Gitweb on Debian 8.1
I’m posting this in case anyone else gets stuck setting up Apache with Gitweb. Also as a reminder to myself in case I ever need to set up this all over again.
- You have all your eggs in one basket (GitHub), and
- You really like that shiny basket, but
- You know you’re clumsy and usually drop baskets yourself.
- You are wise (yes you are!) and realize you need another basket, so
- You set up a server and a domain yourself …
OK. Let’s start simple, since you are already running the latest Debian you fire up the command line and install the basics:
sudo apt-get install gitweb apache2
So it’ll complain, you’ll clarify your request and soon all required packages are on your server. Now what?
Debian has already set up http://localhost/gitweb for you, and if you have a domain already you should go ahead and edit the master file for that:
editor /etc/apache2/sites-available/000-default.conf
service apache2 reload
If you want to use that for your gitweb needs, then you’re done!
Inetd Support in Finit v1.12
A steady flow of features, and releases, is key to keeping any project alive. Recently I ticked off another item in the Finit TODO list …
Finit v1.12 now comes with a built-in inetd! You no longer need an external inetd daemon to launch services on demand.
The good news doesn’t stop there, this little inetd actually supports a poor man’s tcpwrappers!
inetd ssh/tcp nowait [2345] /sbin/dropbear -i -R -F
inetd ssh@eth0:222/tcp nowait [2345] /sbin/dropbear -i -R -F
With these two lines in your /etc/finit.conf
you tell finit to launch
the Dropbear SSH
server on demand on port 22 (default ssh/tcp port in /etc/services
) on
all interfaces except on eth0
, which in your case is the Internet
(WAN) interface, here you want SSH to run on port 222. Actually, you
don’t want port 22 open at all on eth0
… so finit takes care of this
for you! Seriously, it just works, no need for messing about with that
nasty old iptables
anymore!
The original UNIX inetd super server supported many protocols internally, some of which may seem a bit odd today, and some have been superseded by more modern protocols.
Finit currently only supports one internal/built-in standard service,
time
. It is built as a plugin to serve as an example of how you can
extend Finit yourself. The time service can be called either as UDP or
TCP. To prevent security issues, the time
protocol is disabled by
default. To enable it you need two things:
- The
time.so
plugin (built by default) - An
inetd time ...
line in/etc/finit.conf
Assuming you’ve installed the default set of plugins, the following two lines can be added:
inetd time/udp wait [2345] internal
inetd time/tcp nowait [2345] internal
This can be very useful for testing the inetd capabilities, your network
connection, or simply to get the time to a client where NTP for some
reason does not work, or is blocked. For instance, you could have a GPS
setup on your server and distribute time to clients with the time
protocol.
To use it you need an rdate
client. Users of rdate
in BusyBox may need to be reminded that it
only supports TCP.
$ rdate -pu 198.51.100.42
Sat Mar 7 08:48:58 CET 2015
For more info on Finit and its features, see the README.
Enjoy! ツ
Finit v1.11 released!
Update 2015-03-09: This release has unfortunately been yanked due to serious regressions in launching background processes. It has been replaced by v1.12
Rant: All the C Compiler Warnings ...
Enable all the warnings!
This is one of the truths you learn when you start working with C. Most
of the time adding CPPFLAGS="-W -Wall -Werror"
is all you need to find
all the nasty bugs. And if that’s not enough, there are tons of tools
for static code analysis, like scan-build
in
Clang, and
Coverity Scan, to help you find all the
bugs!
However, these pesky warnings (some of which cannot even be disabled!)
are sometimes more of a nuisance than help. Sometimes you know that
some parameters to a function will remain unused – it’s a callback, and
you don’t need all the data given to you. So you start adding all kinds
of voodoo, like __attribute__ ((unused))
… seriously?