DNS Oops

When we moved to a new apartment, I took my FreeBSD DNS server with us. We couldn’t get internet set up until today (about a month! – it was a nightmare) but I was using the DNS to ease our little network’s file and printer sharing. Even though we only have a few computers, it’s better to be able to refer to them by name. It took us about a month to get an internet connection, but I expected that once I configured the wireless router everything else should “just work” as it did before.

Well it almost worked out that way… seems I forgot to change the forwarders in my named.conf to reflect my new ISP’s DNS server. My local DNS server handles internal DNS requests for us and it also acts as a caching server to help speed things up. Without valid forwarders configured, each lookup for a URL that wasn’t already in the cache seemed to take forever! In fact, some lookups failed, and when I checked with nslookup, I would get “no servers can be found”. After looking around the net for a while, I decided to check named.conf one more time… and yeah… still had my old ISP’s DNS server listed in the forwarders section…

Zsh glob qualifiers ftw!

I have a FreeBSD 7.1 server, a couple of macs, a windows machine, and an ubuntu machine. I need to share files between them all. I could try to get NFS for windows working, but it seemed to me that using Samba was a good way for me to allow all of the machines (Even the windows one!) have access to the storage I have on my “server”. I’ve been working with BSD, Linux and Windows for a long time, and I still get emails to thank me for that old Linux From Scratch hint I wrote that describes how to set up printing with samba and cups. I thought this would be a cinch. Was it? Of course not haha. It turns out that even though my user had access to mount the share, I had mounted it in FreeBSD owned by user root, group wheel with permission set to 755. My user is in the wheel group and I would like the wheel group to have write permission, so I remounted it with the following line in /etc/fstab:

/dev/ad8s1  /mnt/sambashare msdosfs rw,large,-m=775,-g=wheel 0 0

the large is there because it’s a 500GB drive.

And now, all is well. I can mount the share and I have read write access! I can create and delete a test folder… so that’s it! Right? Wrong. There’s an old windows directory on there that I need to delete, but OS X says I haven’t got enough permission to do that. Oh no!

Well how am I supposed to go digging through some directory tree and find the files that I don’t have permission to delete? I bet there’s a unix command that can help me… (actually I know there is – it’s called find, and find is great…but… I love zsh and I love finding fun reasons to use its features!)  Since I know ls will list my files… and ls -al will tell me the permissions… why not just say “ls -al everything i dont have write permission to”?

ls -al *(^I)

The stuff that is between the parentheses is called a glob qualifier. Glob qualifiers let you ask zsh to give you back more specific information. In this case, the capital I means group writable files and the ^ is used to negate the qualifier. If you try to translate this command line into english it would say something like, “list the names and permissions of all of the files in the current directory, even the hidden ones, that are not group writable.”

You may be thinking, “Wait… did you say all files in the current directory?” and if you are thinking that – you’re right. The above command only lists the files in the current directory, so it is not very useful right now.  I need to look in my mounted drive, which is on /mnt/sambashare, so how about this command line?

ls -al /mnt/sambashare/*(^I)

That is close… but not quite there. It’s only showing files in that directory, and I need to look into all the directories that might be in there. Since all the files and directories in that directory are group writable, this gives me:

zsh: no match

So how can I tell ls to look into directories too? That’s easy! I can use the recursive globbing operator, **

Now the command line looks like this:

ls -al /mnt/sambashare/**(^I)

But that STILL doesn’t go all the way into directories I need it to. This is getting crazy now isn’t it? It turns out that to look into directories, even directories that are inside other directories, we cannot simply use the recursive globbing operator, we need to append a /* as well, which makes the command line:

ls -al /mnt/sambashare/**/*(^I)

But now… oh no! We’re still not there! This returned a list including some files that ARE group writable! Why don’t I just run chmod -R  and end this agony already? (Is that what you’re thinking? haha well the answer is… I want to know exactly what files I can’t delete before I take further action). It seems that the ls command is going into directories and showing me things I didn’t ask for. I have a hunch that it’s because ls is doing some recursion of its own… (don’t ask me why, it’s just a hunch) so I’m going to add the -d option to the ls command, making the command line….(drum roll please):

ls -ald /mnt/sambashare/**/*(^I)

….and my hunch was correct! So now I have my list of all files in my share that are not group writable. It might seem like a lot of time and effort, but for a seasoned zsh user this is nothing! I did have to consult the zsh man page to find the glob qualifier for “group writable files”, but that didn’t take long. In the next article I’ll continue with this scenario, and tell you if I ever did manage to get those files deleted 🙂 Stay tuned… if you dare!

uninstall inactive!

Oh man I just realized that I never ran “sudo port uninstall inactive” and I have reclaimed… hmm… 5 gigs? It’s as simple as that – if you’re using macports for a while and you’ve been using “sudo port upgrade outdated” to upgrade, make sure you remove the old versions because after a while that space really adds up! I don’t know why I thought that upgrading a port removed the old version? I bet it’s in the documentation somewhere (yes, it’s time for me to RTFM haha)

Wicked Cool Ruby Scripts

Having fun and solving problems can be mutually exclusive. Even for professional programmers and system administrators who chose their career because they enjoy problem solving, there can be times when finding a solution is an exercise in the mundane. Luckily, there are tools designed to ease the pain and frustration faced by programmers and admins. Ruby is a programming language that was designed from the start to not only provide a means of solving problems, but also to be inherently intuitive and fun to use. Wicked Cool Ruby Scripts, by Steve Pugh, is a book aimed to bring to light the fact that you can use Ruby to write concise yet useful scripts that solve difficult problems.

If you’re a fan of the “Wicked Cool” books from No Starch Press, you’ll find the format of this book familiar. It’s not a hefty tome complete with syntax and “hello world” introductory lessons, rather it’s almost a recipe book of sorts, divided into sections of problems and chock full of immediately useful Ruby code. This is the “Wicked Cool” book I’ve been waiting for, because although I write PHP and shell scripts (not so much Java and Perl, other topics covered in the series), I’ve always thought Ruby was the coolest of all. Right from the start, you can tell that Steve Pugh agrees with me. His tone throughout the book is that of a friend who has something fun to share, never browbeating or lecturing. He’s not simply writing to show us that he knows how to write Ruby well, he’s really trying to help us out.

Honestly, some of the examples in Wicked Cool Ruby Scripts might leave you wondering why you’d use such a powerful language like Ruby for such seemingly simple things. What Steve Pugh tries (and succeeds!) to show us is that Ruby isn’t just for writing massive web applications, but it can also handle tasks often relegated to the ubiquitous, but cryptic Awk or shell languages. Perhaps you still wonder why you’d want to? “Just because you can doesn’t mean you should”, right? So why bother? Because Ruby is “Wicked Cool”, that’s why.

So what’s cool? How about a simple file alteration monitor to help you see what’s changed on your system? Not cool enough? How about a web based photo gallery in about 50 lines of code? Still not impressed? How about writing a Metasploit module to attack one Windows machine from another? From general purpose utilities to system security and yes, even some games, Wicked Cool Ruby Scripts has enough in it to pique the interest of just about any programmer or sysadmin. I for one am finding it hard to concentrate on this review because I want to get back to writing Ruby. If you’re a programmer waiting for a good excuse to try Ruby, or a Windows sysadmin wondering what an open source programming language can do for you, you’ll find Wicked Cool Ruby Scripts enlightening, inspiring, and of course… cool.

Cups / FreeBSD / Windows Domain

So as you may know, I’m working on secret PHP project using the Zend Framework. It’s coming along well and I have been taking some notes on the server which is on the local network. I was about to download my notes and print them when I decided that printing directly from the FreeBSD server to the printer in our office should not be a difficult feat.

Of course… it wasn’t difficult, but it was a bit tricky. Here are some things I just learned, in no particular order:

* When installing the port called ghostscript8-no_x11 , you are asked to configure it and set up some options via the usual curses menu interface. One of these options says “include X11 support”. Doesn’t it seem strange that the port is named with the no_x11 suffix, yet including X support is an option? I thought so. I don’t have X on this server and never will. I don’t want X there. I unchecked the option, and then the build failed. Oddly enough you need to leave this option enabled or you will run into bizarre build errors like “ert file not found”.  Don’t worry though, leaving this option checked does not build X! (I don’t think it makes sense but with the port as it is today, this is the case)

* If you didn’t think about installing CUPS early enough to set up the special options in make.conf to tell FreeBSD’s ports system to overwrite the default LPR printing base, you’ll have to move or otherwise disable /usr/bin/lp and /usr/bin/lpr and then either link /usr/local/bin/lpr and lp to /usr/bin or just edit your PATH.  I found that tidbit here: http://home.nyc.rr.com/computertaijutsu/cups.html

* The DELL 5110 printer we use has been added to our windows domain. The drivers for PCL and PS were added to the print server so that when the printer is being added there are choices. If you have the PS driver installed, just use that, trust me. You can add the printer in cups’ web interface and tell it to send the job raw. It’s much easier, in my opinion, than messing with drivers and ppd files. Using the PS driver and the raw queue I was able to print a test page the first try, which is saying something, believe me.

* I wasn’t able to print text files properly via the lpr command. I got strange stair-stepping on my printouts and they were totally unusable. Using the a2ps command to format and send the output directly to the printer worked amazingly. I never saw a printed text file look so good. a2ps is available in the ports tree and it works great even when you’re printing from a FreeBSD server via Cups and the samba/smb backend to some printer on a windows domain.