install software

you, obviously, have to have dapper installed and also subversion and an ssh server. on our network, you can just network boot and then type “server” at the ubuntu prompt which should install the os. make sure that you either disable network booting or if in the dmz, configure an ip in the dhcp server for that specific mac address in order to not network boot anymore. after everything’s up:

sudo apt-get install subversion openssh-server

you now should be ready to go.

setup the basic subversion area

1. create a subversion (svn) user:
   

   sudo adduser –disabled-password –home /var/lib/svn svn

2. create a directory for the repositories and backups.
   

   sudo mkdir -m 2770 -p /var/lib/svn/repos /var/lib/svn/repos-backup

3. make sure the owners are correct:
   

   sudo chown -R svn:svn /var/lib/svn

setup a new repository

1. create a group for permissions for the new repository. i would make the group name the same as the name of the repository to reduce confusion.
   

   sudo addgroup [repo-group]

2. create a directory where the repository will be located with the correct permissions. setting these permissions will make sure that all of the directories and files that are created when the repository is created will have the proper group set.
   

   mkdir -m 2770 -p /var/lib/svn/repos/[repo-group]

3. set the owner and group for the new repository:
   

   sudo chown svn:[repo-group] /var/lib/svn/repos/[repo-name]

4. create the repository:
   

   svnadmin create –fs-type fsfs /var/lib/svn/repos/[repo-name]

5. make sure the user and group is create on the files.
6. add users to the group who need access to this repository:
   

   sudo adduser [user] [repo-group]

i think that’s basically it. it seems best to create a separate repository for each project. that way it’s easy to keep permissions separated by project group. it’s also appears to not be a requirement with subversion to keep everything in one repository to be able to include them in other projects using modules as in cvs. i haven’t tested this functionality yet though. see external definitions for more information.

repository backups

once you have your repositories setup, clearly you’re going to want to be backing up your precious data. at the current time, i’m taking the fairly simple approach of just backing up the entire repository every night using svnadmin hotcopy.

simple subversion backup script

i just run this script for each repository every night using cron as the svn user. might should be looping through all repositories in the repos directory, but currently i’m just individually adding each to the crontab. the script doesn’t do any pruning of the backups. that’s the responsibility of the backup machine. what needs to be done is to setup a cronjob on the backup server under the target backup user that uses find to remove old backup files. each new backup has a timestamp in the name.
the script just tars up the hotcopy directory and the pipes it to ssh and stores it on a machine we use for backups. to add a user to the backup machine:

sudo adduser –disabled-password –home /home/backups/$USER $USER

after creating the user, you should create a directory in the new user’s home directory that is the hostname from which you will be backing up. this way you could have backups from multiple machines going to the same user. alternatively, i guess you could create a user for each machine. then do backups as the root user on that machine (necessary for certain directories). this still needs to be worked out a bit.

then you have to generate an ssh key on the subversion machine to use for the backups and put the key on the backup machine under the user you just created. this command (all on one line) would be run as the svn user (or whatever user your doing backups for in the general case).

ssh-keygen -b 4096 -t rsa -C $USER-backup@$HOSTNAME -f $HOME/.ssh/$USER-backup

adding new users

this isn’t really specific to subversion, but is generally how servers should be configured. the only way to log into the server is using ssh with public keys. you can disabled root and password authentication in the /etc/ssh/sshd_config file. the best thing to do seems to be to add a default .ssh/authorized_keys file when the machine is first installed that includes the known ssh keys for admins. then, when a new user is added, these keys will be there by default. it’s then fairly easy for an admin to copy in the real user key and remove any admin keys if desired.

the passwords for all non-admin users are disabled. admins need there password in order to be able to run sudo. therefore, all admin users have to also be in the admin group (sudo adduser [user] admin). the same command for generating an ssh key as mentioned above can be used for generating keys.

this information should probably more flushed out in a different post. oh well. that should do for now.

reference

• subversion ubuntu community documentation

granted, years from now it might matter, but i remain unconvinced that most people even 20 years from now will have a 50″+ display. it’s basically everyone subsidizing the cost of a few people’s home theaters. the bump to 720p would have been sufficient. 576p (pal dvd) isn’t listed, but you would assume it would just move the line a reasonable amount farther out.

for starters, you should probably read this excellent page discussing the advanced tv problem that was most likely in context of around the mid-1990’s. i unquestionably side with the c.i.c.a.t.s. proposal. the same site also has good descriptions of interlacing and compression. i would also point out that the european pal format is superior to ntsc in every way. i am an american.

interlacing

let’s just go ahead and get this one out of the way. interlacing has got to go. unnecessary legacy analog crap. in the absence of digital compression technology it was a brilliant solution. however, those days are supposedly gone so it should no longer be present. i found a good write up about interlacing and digital compression. here’s the important snippet from the conclusion if you don’t want to read the whole thing:

Interlacing is a legacy compression technique developed in the days of vacuum tubes. With MPEG compression, not only is interlacing unnecessary, it’s actually undesirable because MPEG gives worse results with interlaced input for the same bit rate.

atsc’s supposed highest hd format is 1080/60i which is interlaced (that’s what the ‘i’ means). therefore, it should be ignored like the red-headed step-child it is. there are actually a 1080/24p and 1080/30p versions of 1080 which would be fine, but appear to be ignored by the broadcasters.

i should point out that there is a lot of non-sense going on right now about blu-ray and hd dvd and having 1080/60p output. this is totally irrelevant as the majority of content (movies) will have been shot in 24p (24 progressive frames per second) and then full frames encoded into 30 interlaced frames. therefore you will get the full resolution of someting shot on film without having 1080/60p. the xbox or playstation 3 is a different story since they couldn’t theoretically generate full 1920×1080 at 60 frames per second (fps).

the presence of interlacing for non-legacy formats in atsc is the first signs that the committee should have been fired.

high resolution

in their infinite wisdom, atsc thought it was a good idea to have multiple resolutions (clearly having never setup a tv for your average human). this is one of the key components of high definition. there’s 1280×720 and 1920×1080. these are the number of pixels (dots) that make up the screen. the 2 most well known forms are 720p and 1080i which are 60 progressive frames and 60 interlaced frames respectively. pretending for a second that interlaced and progressive scanning are equal (which they’re not), these resolutions are useless for most peoples televisions. supposedly your average home viewer is about 2 or 3 meters away from their display. i wear glasses so my vision should be effectively 20/20. at 2 meters, i question whether or not i can tell the difference between an hd picture and a dvd. for sure, you can tell a difference between hd and analog ntsc, but that is more due to the switch to digital than bumping the resolution. for most everyone with a 42″ display or smaller, they will not be able to tell the difference. the juice is not worth the squeeze.

i found this article from nhk called future prospects of hdtv: technical trends towards 1080p. it’s interesting and claims that the at 2 or 3 meters for a 33″ 1280×720 is sufficient and for 50″ 1920×1080. this is to sustain the appearance of reality. whatever that means. i used to watch dvds and hd on a 6′ wide projected image from approximately 3m using an 800×600 projector. i could make out the pixels, but only if i was looking for it. if you’re actually paying any attention to what you are watching, you don’t notice the pixels.

as a side note, most movies with special effects and all animated movies were generated at 2k resolution (that’s a computer ‘k’, so it’s a 2048 pixels wide image which is very close to 1920×1080). it’s only fairly recently that some movie production is done with 4k (4096 wide) images. that means if you saw something like “finding nemo” in the theater you were seeing an hd image projected at about 30′. don’t you think it’s enough on your 3′ screen? obviously, film has much higher color depth, but that’s a different issue that hd doesn’t even address.

framerates

films have been 24 fps for quite some time and yet we’re still stuck with 30 or 60 fps. wait, my bad, that’s actually 29.97 (30 * (1000/1001)) or 59.94 due to the addition of color to black and white back in the day. another, apparently unnecessary retardedness hoisted upon us by the ntsc. supposedly, it wasn’t even necessary to screw with the frame rate. who selects these government agencies? i digress.

basically, it’s slightly complicated to convert a 24fps movie to 30fps for tv. europe and other pal countries don’t have this problem. pal is 25fps. by speeding up the video and audio by 4%, they can show a movie. as a bonus, the movie is done 4% faster. the downside is that it’s conceivable to notice a slightly higher pitch to the audio. however, i believe i read somewhere that it’s not as big of a problem now using pitch correction software that makes all those pop stars’ cds sound so good. in my experience, it was noticable on older movies, but not on newer ones.

at any rate, the switch to digital was a great opportunity to either get back in sync with the movie industry or get in line with some other countries that have a better choice. unfortunately, atsc chose the same crap. actually, the framerates were apparently originally literal 30 and 60, but later accepted that 29.97 and 59.94 were ok too. show some fucking backbone.

compression

atsc uses mpeg-2 video compression. it’s just not sufficient for the chosen resolutions and bandwidth. especially since most broadcasters around here are sending out an hd channel and a sd channel. so from the already puny ~18Mbps, the alot ~14Mbps for the hd channel. btw, most dvds are ~9Mbps. higher resolutions never should have been attempted with out using better compression. granted, when a lot of this stuff was going on mpeg-4/h.264 or any of the other modern codecs didn’t really exist in any production capacity which is yet another reason why just switching to standard definition digital would have been a good idea.

across the pond

in england, they have digital broadcast television called freeview. the resolution is the same as a pal dvd (720×576 anamorphic widescreen which stretches to 1024×576) although with a slightly lower bandwidth of like 6.5Mbps. the quality was generally fairly good. they made the correct choice.

conclusion

it generally breaks down like this. the first phase of atsc should have been to broadcast the equal of 2 dvd quality channels. by now, everyone could be watching digital television). instead, not. the next phase could including upgrading the image quality and fixing the framerate issues. unfortunately, not. i would have been all for setting 1024×512 @ 25 and 50fps. the worry shouldn’t be with how old stuff is maintained, but looking to the future. we’ll get to that in another post.

i’m sure this is rambling and not very well organized. feel free to suggest edits.

i spent a several hours yesterday looking into how to use screen to launch an app from inittab and still maintain a console to it. the initial goal was related to how to start a common lisp server application at boot, but the testing was done using a java app. unfortunately, there’s no console control on the java application, but it does print out some messages at startup and if something goes horribly wrong, the exception is dumped to stderr. it might be worth while to write one.

at any rate, the initial lead came from a post to comp.lang.lisp from like 2004 that i didn’t have the forsight to bookmark. there wasn’t any specifics and searching on google for anything related to screen is practically useless, as one might, due to “screen” being a fairly generic word. hopefully, including “gnu screen” will make it better. probably not.

so, here’s what i found/figured out. i figure the best way is to create a specific screen config file to pass on the command line with “-c”. this makes the command in inittab shorter and possibly makes it easier to keep things separate if you’re starting multiple applications. the main thing to watch out for is that when starting gnu screen with a config file and using the “chdir” command in the file you need to specify the absolute path to the config file. if you don’t, when you try to re-attach, you’ll get an “Unable to open ” message and the detached screen process will exit. not very useful.

here’s the (sort of) contents of my screen config file:

sessionname app

chdir

screen -t ces -L 0 java -jar [full path]/app.jar [args]

the sessionname is whatever you want to use for when you re-attach with “screen -r app”. you may or may not need to use chdir, but it’s probably helpful for most apps if that’s somewhere that the user the application is running as can write to or maybe not. your call. the “screen” command is what starts the application. “-L” does logging to the default file (which is in wherever the current working dir for screen is. in this case, the dir after “chdir”). “-t” is probably unnecessary as it’s just the screen window title. we’re only using one in this case so i doubt it’s important. the rest is the command to launch the application. fairly simple.

the next step is the command to start screen. this is (sort of) what i have in /etc/inittab:

app:23:respawn:/bin/su - [user] -c “screen -D -m -c [fullpath]/app.screenrc”

the “-D -m” will cause the screen process to start detached without forking to a new process. this is important because when the screen process exits, init will respawn it. the app at the beginning of the line can be whatever you want as long as it’s unique to the file and 4 characters or less. currently, we are starting some java applications by just directly calling it from inittab and redirecting the stderr and stdout to files. to get it active, just do a “kill -HUP 1″ as root.

now, to re-attach to the screen session you just use “screen -r app” or whatever you used for sessionname in the config file. you should see any output from your application now and have full terminal access just like if you had started it from a shell. gnu screen has support for password protecting the session, but i haven’t tried it yet. it’s probably less important in this specific case since you can’t input/control anything and you have to be either the user or root to re-attach to the session.

there may be a question of screen stability, but i find it unlikely to be a problem as gnu screen has been around for a while and is only getting bug fixes. what a plus to have an application that is feature complete.

an alternative might be to not use screen at all and directly start the application on an empty console instead of a getty program. the downside is that you would have to have physical access to the console in order to access the program. wasn’t really an option for me.

there’s also a program called detachtty written by a lisper that he thinks works better than screen. supposedly, you can access it over the network using ssh, but it’s not immediately apparent how this is done from my extremely limited scanning of the webpage. it appears to be targeted at use in a real init.d script and doesn’t seem like it would work from within inittab.
hopefully, this post will help me save some time in the future when i finally get around to using this method.

i believe the only extra packages installed passed the server defaults was shorewall firewall, racoon and ipsec-tools.

here’s the notes i took for adding a connection to a new remote host.

• add pre shared key to /etc/racoon/psk.txt
• update /etc/racoon/racoon.conf by adding a remote and sainfo sections similar to an existing entry. sainfo requires encryption_algorithm, authentication_algorithm and compression_algorithm entries.
• add spdadd entry pairs for both local to remote network and remote to local in /etc/ipsec-tools.conf.
• stop racoon: /etc/init.d/racoon stop
• restart ipsec: /etc/init.d/setkey restart
• start racoon: /etc/init.d/racoon start
• if racoon doesn’t start, check /var/log/daemon.log for config errors.
• add an entry to /etc/shorewall/tunnels to define the remote gateway
• add an entry to /etc/shorewall/zones to create a zone to use for rules. the zone name can’t be more than 5 characters long.
• add entries in the /etc/shorewall/hosts to define what hosts are in the zone
• add entires to /etc/shorewall/policy for whatever firewalling rules need to be created for the vpn. at a minimum an entry to allow full access from loc to vpn and vpn to loc would be necessary. everything gets dropped by default.
• restart shorewall: /etc/init.d/shorewall restart

still many questions to sort out about the future. in some ways it’s good to be back, but a bit of a culture shock. more so than going was.

helpful tip of the day: don’t buy or attempt to move transcontinental tickets late. it’s cheaper to buy a one-way than move the return portion. seems a bit insane. also, if you’re going to the world cup, don’t plan to do anything else in europe afterwards (except go to amsterdam if you’ve never been) because you will be a bit deflated after your team loses. well, unless you’re from brazil in which case you probably just shouldn’t come until the round of 16.

whether or not the blog will continue is up in the air since i’m extremely lazy. i suppose i’m going to have to at least bring it all together in one more post after i get back.

i’m flying back to london on the 25th.  even booking the flight late it will probably cost me about the same as the train/ferry/train trip took me getting to frankfurt. i’m going to attempt to try and move my flight up to the 28th, 29th, 2nd or 3rd, non-match days, obviously. so, for good or bad, depending on who you are, i’ll be home about a week earlier than planned.

i had initially planned to go back through amsterdam for a couple of days or so, but i decided not to tease myself.  i’m still planning on going back for an extended stay. i wonder how long they’ll give me a visa for?

damn, 3 posts in one day.  it’s really far too time consuming.  more an issue with uploading the pictures though.

a national geographic survey of 18-24 year olds’s geographic literacy. i’m not convinced it’s truely relevant. does it really matter if i know that there was an earthquake in pakistan in 2005? where is sudan on the globe? just to be clear, no, it doesn’t. the percentages weren’t generally that bad. the worst for me was probably the number of people in the u.s. and this poor showing probably lead to the one about what the most spoken language is. i probably only got 15 out of 20 right and i would say i’m reasonably informed. more important statistics would be on how well people can learn on their own when information or skills are needed. most of this crap doesn’t affect someone’s daily life. i also don’t think that it’s really that important for someone to learn a second language just for kicks. it’s probably a bigger deal in europe since every country (pretty much) speaks a different language. if every state in the u.s. spoke a different language that would be comparable. if i moved to a different country, i would learn the native language. i suppose you could argue that spanish is becoming more important in the u.s., but it’s the job of the new “citizen” to learn the local language. so if you moved to miami, you would need to learn spanish. this is way too much rambling for a link.

some group, non al-qaida, busted supposedly plotting to blow up the sears tower (in chicago if you didn’t do so well on that last survey). maybe there’s more info now. an important thing to look for is how much all that crap in the patriot act was used to bust them. my guess is none. from this article, it sounds like it was neighbors reporting suspicous activity.

i also updated the other article related to kangaroo meet, etc. it doesn’t appear to be a legality issue. more of being common or socially accepted. although, apparently for any meat sold in the u.s., it must be farm raised and not wild. the price is apparently a factor for the u.s. as it’s comparable in price to beef where we went here in germany. maybe beef is more expensive here. i expect in the u.s. it may be more an issue of pricing it higher to make it even more exclusive and exotic or a demand issue. here’s an article about its use in trendy restaurants. the unfortunate thing is that kangaroo and emu are low in fat (emu was listed as no cholesterol on the menu where we ate) and maybe that would help all the american fat asses. btw, i’m not sure what the stats are, but the view of what is fat in europe seems to be different (to the heavier side) from that in america. although, i would discount that more americans aren’t truly fatter as a percentage. damn, too much rambling again.

the penalty kick was bullshit. however, both of ghana’s goals were a direct result of bad play on our part. why in the hell didn’t bocanegra head the ball safely out of bounds with a couple of minutes of less left in the half? why was reyna messing around in the back with no support? it’s difficult to question starting reyna, but after 2 great matches it’s hard to see how the old man could have any gas left. i think olsen did pretty well after coming in. beasley had his best match of the 3, but that’s not saying much. my choice still would have been convey. donovan was non-existant as in the first match. someone needs to figure out how to flip his switch to the “on” position for matches. if he was playing in a league where you had to perform at your best every week he would learn or be dropped. it doesn’t seem he cares enough to stick with it long enough to learn. however, after being here for a couple of weeks (and granted, limited exposure), i wouldn’t want to stay in germany either. if he’s going to ever progress he has to go to a major league. and no, just because m.l.s. has “major league” in it’s name, it doesn’t count. after his comment post italy about building confidence after taking people on, i don’t think he even tried once against ghana. oddly, i only remember dempsey taking someone on once and not getting down the right wing much. is bruce telling the right midfielder to not do this, as beasley wasn’t doing it either in the first match. i was glad to see dempsey get the goal, but he didn’t seem the same player from the italy match. unlike donovan, he has hope since he actually seems to have the desire to be the best. i hope some premier or championship scouts saw enough to give him a chance.

i would like to see the match again on t.v. to see for sure, but generally, the ref seemed to be crap. i’m not sure the u.s. will ever get any calls going our way as long as the crowd boos every decision the ref makes against us. not that it doesn’t mostly seem warranted. i expect they don’t like it when players complain, imagine 20,000+ booing and chanting bullshit? regardless of what the ref apologist on the local train from the stadium says (he had a georgia soccer referee camp (or something) t-shirt on. not a good sign for objectivity of ref criticism), that was not a penalty and the ref was crap for both teams. according to the apologist, merk (the german ref) is supposedly rated the number one ref in the world. he didn’t say by who. if it’s fifa, it’s probably just as irrelevant as the fifa national team rankings. bad refing can definitely affect a team mentally and especially after coming of the italy match. the u.s. will have to play perfect matches if they ever hope to win the world cup.

i have a few problems with some of the u.s. supporters’ chants. i only heard some of them at the yanks abroad meeting in nuremberg. there’s the normal “team america” cheer of “america….fuck yeah!”. however, there was now the appended, “ghana….fuck you!”. is that really necessary? i did overhear someone saying that it wasn’t really much fun to harass the ghana fans since they were so nice. they did seem to be good fans. i’m not a big fan of their team’s diving and rolling around though. i would also prefer to not have the singing of “god bless america” for the obvious (at least for me) reason. in case it’s not obvious, it’s the presence of the word “god”, “bless” and all the other religious bits. we’re not going to get into it here. i think there were some more, but they escape me now. i would also like to do a political survey on the u.s. supporters. there’s a lot of nationalistic chanting and abundance of flag waving and what not, but what are the real views? while sitting at the yanks abroad thing, i kept wondering whether or not it was just me who felt there were inconsistencies in the words in the chants/songs and my view of the current situation in the u.s.? i’ll have to remember to create a survey for the next national team match.

anyways, nobody wants to read that crap. you would probably prefer pictures.

first off, is there some reason the world cup tickets have to be so fucking big? not only are they huge and won’t fit in a reasonably sized pocket, but they have an rfid chip in the ticket so it says not to bend it. of course, they could at least tell you where the chip is or give a bend point. utterly ridiculous. they must have a friend who makes the ticket holder necklaces (it’s odd that i didn’t know how to spell this word off the top of my head. clearly, neckless was incorrect.).

maybe i should be a hand model?

this is from the yanks abroad party at o’shea’s pub in nuremberg. i’m not really sure that a speedo and flag cape is a good look for anyone.

i didn’t really think about it until i was about to post this, but i don’t think i’ve seen any of the little boy peeing statues since leaving england. maybe i just missed them. at any rate, this would seem better.

i’m sure everyone back in the day thought they were real clever with the boy peeing. that or they were all pedophiles. should george bush getting on that? surely if the naked breasts in the halls of justice are going to be cloaked we can’t have naked boys peeing all over the place. speaking of, isn’t it a little inconsistent to want to hide breasts and be against gay marriage. wouldn’t they want to encourage hetersexuality? anyway.

even with captain america watching over us, we couldn’t pull out a win.

these were our worst seats of the tournament.

before any of this fifa rules for having covered stands crap, they need to have a no fucking track around the pitch rule.

there weren’t any pictures after the match as we busted ass out of there a few minutes early to catch the earliest train back to frankfurt to be able to watch the brazil v japan match.

these last 2 pictures aren’t related to the match itself. this limo was parked outside our hotel when we were leaving. it was behind an open gate (normally closed). the odd thing was, the limo’s there, i’m have a camera pointed at it and this dumbass asks “can i help you?” in that sort of “what the fuck are you doing here?” sort of way. is that necessary? why doesn’t he use half a brain cell and figure it out. painted, unusual limo, camera, uuhhhh? anyways.

this is the hotel “beer garden”. it’s actually decent for watching matches. ignoring that the video quality wasn’t that great, analog. what can you do? it seemed fairly temporary anyway.

oh well, we lost and we’re out. 4 years to go. i’ve seen at least one article that mentioned rumors of 2010 moving to england instead of south africa over worries that the infrastructure there just won’t be up to snuff. germany has set the bar incredibly high. maybe england really only thinks they really have a shot of winning when it’s in their country. my expectations that south africa will go as smoothly is rather low. however, i don’t really know that much about south africa. i’m not sure the u.s. would even work as well due to public transport. however, they fact that it’s cheap relative to europe and huge stadiums is a plus. the europeans would just have to get over having night games so it’s not too hot.
i won’t be sad about leaving here, nor will i probably ever come back. even with great public transport, it just doesn’t do it for me for some reason. maybe it’s just frankfurt. hearing german all the time is really getting on my nerves too. whatever it is that makes it good for listening to rammstein, makes it bad for hearing daily in conversation. dutch didn’t seem to bother me. there was a conversation when i was in amsterdam in which i said i probably couldn’t tell the difference between german and dutch if i wasn’t hearing them at the same time. i definitely could now.