Tutorial

For the last few years I’ve been using Gmail exclusively and have been forwarding emails to @victortrac.com to my Gmail account. Google’s spam filters are the best I’ve ever seen, and the interface is elegant and fast, and combined with loads of storage and IMAP access, Gmail is nearly the perfect email application. The XMPP integration is just icing on the cake.

Because of these features, I voluntarily gave up having a customized email address on my personal domain to take advantage of Google’s infrastructure and technology. The decision was fairly easy - I was deluged in spam and GMail’s web client was better than any other thin or thick client available. By forwarding my domain’s email to my Gmail account, I was letting Google’s wonderful anti-spam technology work its magic. This allowed me to retain some use of my previous email address, but as I started to use XMPP (aka Jabber or as Google calls it - Google Talk) I became more and more dependent on my Gmail identity. Sure, I had other Jabber IDs, but it was just too convenient having a unified email address and Jabber ID provided by Gmail.

However, let’s say that in five years Google shuts down or, more likely, another company comes along and provides a better service or product. By this time your Gmail identity has evolved into a unified presence, communications, and identification address where anyone can reach you at any time and is also your OpenID login to the majority of sites on the internet. If you’ve spent 10 years building this identity around a Gmail address, you’re not in a great position to easily transition. By using Google Apps on a domain that you own and control, you’ve at least separated the address from the services and would be able to move around as you want. It’s like being able to live all over the world, moving to where the grass is always greener, yet still always having a constant mailing address.

Getting it all to work

So today I registered and migrated victortrac.com to Google Apps, allowing me to use all of Google's great software on my personalized address. The registration process is really quick and simple, and the actual migration part is just a handful of DNS changes depending on what services you want to switch over to Google. For me it is just email and chat, and Google's documentation made it clear which MX servers I need to point my domain to.

For XMPP, however, the documentation isn’t very complete. According to this page, you need to add the following SRV records to your DNS server (replace gmail.com with your own domain):

_xmpp-server._tcp.gmail.com. IN SRV 5 0 5269 xmpp-server.l.google.com.
_xmpp-server._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server1.l.google.com.
_xmpp-server._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server2.l.google.com.
_xmpp-server._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server3.l.google.com.
_xmpp-server._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server4.l.google.com.
_jabber._tcp.gmail.com. IN SRV 5 0 5269 xmpp-server.l.google.com.
_jabber._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server1.l.google.com.
_jabber._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server2.l.google.com.
_jabber._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server3.l.google.com.
_jabber._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server4.l.google.com.

The _xmpp-server._tcp and _jabber._tcp SRV records tell the requesting server to look at Google’s XMPP servers when there’s an XMPP request. There are two minor problems here:

Read more...

I’ve been mulling over upgrading my iPhone’s firmware to 1.1.1 for the last few weeks but have been put off by the complexity of it. All the tools and steps had been outlined so it was merely just running through the steps, but there were a ton of them, and it seemed like more of a pain in the ass than it was worth. Well, the hacker community has come through again with a easy solution, and now the 1.0.2->1.1.1 process is pretty painless. If you have an unlocked 1.0.2 iPhone and used AnySIM 1.0x to do it, you must “virginize” your iPhone before you can upgrade to 1.1.1. Apparently AnySIM 1.0x had a bug that damaged the seczone of your baseband firmware, causing the 1.1.1 upgrade to brick your iPhone. With the new release of the iphone-elite RevirginizingTool, here’s how you do it on a Windows machine:

  1. Make sure iTunes is configured to sync your contacts to something (e.g. Windows Address Book) and your photos are backed up (I lost the photos on my iPhone).
  2. Virginize your iPhone back to 1.0.2 OS and baseband using RevirginizingTool
  3. Use iTunes to upgrade to 1.1.1
  4. Jailbreak 1.1.1 using CARNAVAL
  5. Use AppTapp (installed by CARNAVAL) to install BSD Subsystem and OpenSSH
  6. SCP AnySIM 1.1 to your iPhone
  7. Run AnySIM
  8. GREAT SUCCESS!!!

Assumptions

  • You have an unlocked 1.0.2 phone that used AnySIM 1.0x
  • You have BSD Subsystem and OpenSSH packages installed (install with Installer.app aka AppTapp)
  • You have a strong WIFI signal
  • If you have a virgin phone, just use iTunes to upgrade to 1.1.1 and then skip to step 4

Detailed Procedure

Step 1

Run a full sync on iTunes to back up all of your settings. This will take care of your address book and most of your various settings. Copy off any photos you want to your computer.

Step 2

Download this. This is the latest release from the iphone elite team packaged with a script that will automatically virginize your iphone by backing up your seczone and flashing the baseband to its factory 1.0.2 state. Now SCP (try WinSCP) this file to your iPhone using login "root" and the default password of "alpine". SSH into your iPhone using root/alpine, and then make sure the file is in your iPhone's root directory, since the default home (really /private/var) is a partition mounted with noexec. Move the file from root user's home to the file system /: ```bashmv ~/virginiser.tar.gz /``` Then change dir to /, then run this command (all on one line, or you can run each command between the && separately): ```bashtar -xzvf Virginiser.tar.gz && ./Virginiser/virginise.sh && mv Virginiser/seczone.backup .``` This untars the archive, runs the automated script, and then copies a backup of your seczone to the filesystem /. SCP this seczone.backup file to your computer. Hold down the power button, slide to confirm, and then reboot your iphone. Now you should have a 1.0.2 iphone locked but still jailbroken.

At this point I recommend using iTunes to restore your iphone to 1.0.2 factory fresh. I had some problems with CARNAVAL installing its version of BSD Subsystem and OpenSSH over my previous installations using AppTapp. After the iTunes restore, it’ll reboot to exactly how a 1.0.2 iphone comes out of the sealed box - needing activation and SIM-locked.

Read more...

Gentoo upgrade to Apache 2.2

I upgraded my server’s apache from 2.0 to 2.2 today (see <a href=“http://httpd.apache.org/docs/2.2/new_features_2_2.html" target=_new”>Overview of new features in Apache 2.2) and it was painless except for a few minor hiccups. I like to keep my server’s packages up to date with Gentoo’s stable packages not just for new features but mainly to make package upgrades as easy as possible. I find that by staying up to date with upstream stable packages, upgrades are more incremental and rarely cause as much difficulty as having to upgrade from multiple major versions behind.

With Gentoo, the Apache 2.2 upgrade came with a routine:

emerge --sync
emerge -uDav world

I noticed the new Apache version, checked out the other packages listed, and then hit enter to proceed. At the end of the compilation, Gentoo reminded me there are new config files in /etc to merge. Luckily for me, I’ve maintained a clean separation of Apache configuration directives and VirtualHosts, so I was able to accept all of the major configuration directive changes without modification (2.2 mostly just moves around the default directives to more logical locations). Staying up to date and close to upstream shows its benefits here.

Apache restarted without complaining, but attempts to access any of my virtualhosts resulted in a 403 Forbidden:

[Sat Sep 08 13:30:55 2007] [error] [client 89.14.247.41] client denied by server configuration: /home/victor/public_html/

This was caused by Apache 2.2’s /etc/apache2/modules.d/00_default_settings.conf:

&lt;Directory /&gt;
        Options FollowSymLinks
        AllowOverride None
<b>        Order deny,allow
        Deny from all</b>
&lt;/Directory&gt;

You can either override this manually in every vhost.d/*.conf file, or you can just change the “Deny from all” line to “Allow from all” and then make Deny rules manually in each vhost.d file (if you wish). I restarted apache and refreshed my test site, but there was now a new problem - .php files were being parsed as plain text, which meant Apache wasn’t passing off .php files for processing.

I added “-D PHP5” to my /etc/conf.d/apache2’s APACHE2_OPTS line, which tells Apache to load the PHP5 module. However, since my libphp5.so was built for my old Apache, I had to re-compile for Apache 2.2:

emerge -av php

I waited a few minutes, restarted apache, and now everything works beautifully.

The Samsung ML-2010 is a great bargain laserjet printer. I bought it from NewEgg last year for $49 after a $50 mail-in rebate, which I quickly recieved. While it doesn’t see too much more than 5-10 pages per week, I’ve never had to replace the toner cartridge.

Using the Splix driver, it works great under Linux, specifically Gentoo AMD64 (x86_64) in my case. Here’s how you can get it to work, assuming you already have CUPS properly installed and working (most of this will apply to any distro):

Install Splix

```bash emerge -av splix ``` After this finishes, you can go to http://localhost:631/, click on the Administration tab, then walk through the steps. When it asks for a PPD file, click on "Browse" and go to /usr/share/cups/model/samsung. There you will find a file called "ml2010.ppd". You may notice ml2010de.ppd, ml2010fr.ppd, and ml2010it.ppd, which respectively are German, French, and Italian translations of the driver. Use one of those if you prefer.

You should now be able to print from any CUPS enabled application. If you have trouble with CUPS, try the Gentoo Printing Guide.

Make it work with GIMP

If you've had trouble printing from GIMP, make sure you have the gimpprint compiled into GIMP by adding "media-gfx/gimp gimpprint" to your /etc/portage/package.use: ```bash echo "media-gfx/gimp gimpprint" >> /etc/portage/package.use ``` Now delete your ~/.gimp-2.2/printrc file if you've messed around with trying to get GIMP to work before. Once you start GIMP, it will detect your CUPS printers and rebuild the file. Now your Samsung ML-2010 should be working, but it didn't for me. I had to do more.

Open up or create a new image, then click File->Print. You will then see your printers listed, click on your Samsung ML-2010, then “Setup Printer”. Make sure “Postscript Level 2” is selected for “Printer Model,” then where it says “Command”, I had to remove the raw output (-oraw) option. Mine says:

lp -s -dSamsung_ML-2010_USB_1

Where “Samsung_ML-2010_USB_1” is your own CUPS device name (mine is plugged into USB_1). Click OK, then “Save Settings.”

Happy Printing.

p.s. The above instructions should work for any Samsung printer that Splix supports.

Flash 9 sound on 64-bit Gentoo Linux

I recently blew away my completely setup Gentoo desktop when I decided I needed to rebuild on a new RAID5 array. This meant that I got go through the entire Gentoo install, build, and configuration process from scratch, after not having had to do it for ages. I also took the opportunity to use LVM2 this time around, which I'll probably write about in a future post.

Either the Gentoo process has gotten much easier or I've gotten much better with Gentoo. It was a fairly painless install, and it turned out my only real hiccup was getting flash9 to output sound to ALSA. I knew I had correctly installed ALSA since all my other ALSA applications output sound perfectly - Amarok, Kaffeine, and even aplay from the CLI. I also knew that Flash9 was completely ALSA based instead of OSS, so as long as other ALSA apps were playing, Flash9 should be playing. After a day of thinking about it, I gave up and visited #alsa on freenode.

Adobe only supplies flash as a 32-bit binary, so running it on my 64-bit Gentoo system meant I had to either use net-www/nspluginwrapper in 64-bit Firefox or install it on 32-bit firefox. Gentoo supplies a 32-bit FF package called www-client/firefox-bin that works well on 64-bit environments and allows for native 32-bit plugins, so this is what I use. Well, on my previous install (before I wiped the disk) this 32-bit FF combined with flash9 worked beautifully, and I was able to browse Youtube all day long in full multi-media glory. However, this time around it would play the video without sound. I couldn't get any flash based audio to work - last.fm, pandora, youtube, etc.

It turns out the problem was an oversight on my part. Since the plugin and browser are 32-bit and my ALSA was natively compiled at 64-bit, the two couldn't really talk to each other. I just had to do a simple

```bashemerge -av app-emulation/emul-linux-x86-soundlibs```

After that, a restart of ALSA and Firefox, and I was back to full flash9 sound. Flash 9 beta two works very well under Gentoo, by the way.

For those curious, here are my system specs and a quick How-To:

  • AMD Opteron 165 @ 2.3ghz
  • Asus A8N-SLI Premium
  • SB Live! Value sound card
  • 64-bit Gentoo Linux

If you choose to install ALSA as a module rather than in-kernel, in /etc/make.conf:

```bashALSA_CARDS="emu10k1"``` Replace emu10k1 with whatever the ALSA module for your card is. Check the ALSA list for what works for your hardware. Then 'emerge alsa-utils alsa-oss alsa-lib alsa-driver app-emulation/emul-linux-x86-soundlibs'.

My /etc/modules.d/alsa:

```bash alias char-major-116 snd alias char-major-14 soundcore

alias snd-card-0 snd-emu10k1 alias sound-slot-0 snd-card-0

alias sound-service-0-0 snd-mixer-oss alias sound-service-0-1 snd-seq-oss alias sound-service-0-3 snd-pcm-oss alias sound-service-0-8 snd-seq-oss alias sound-service-0-12 snd-pcm-oss

alias /dev/dsp snd-pcm-oss

options snd cards_limit=1

Add 'snd-emu10k1' to your /etc/modules.autoload.d/kernel-2.6.  Make sure you do a 'modules-update -f' followed by a restart of alsa '/etc/init.d/alsasound restart'.  You should be good to go.<br /></p>