Subversion + SSH – Close but no banana

About a year ago, I switched my primary source code control system from the venerable old CVS to the (relatively) new kid on the block, Subversion. On the whole, I’ve been ecstatically happy with the system. It patched many of the ridiculous problems with CVS, and added on things that opensource community has been asking for for ages (like ‘rename’), but never made it into CVS.
Now I have all my projects stored in SVN, and my main client is using it as well for their code (they’ve chosen to go with SVN and are planning to End Of Life their VSS server – to the dismay of no one).
One of the best tools that made this switchover workable (aside from SVN’s similarity CVS in many respects, particularly on the command line) is the Subclipse plugin for Eclipse. Subclipse provides a great easy to use interface into SVN servers, giving all the functionaly one would have on the command line via a very simple, tightly integrated GUI.
One thing that had been bugging me, however, was the access methodology I was using to get to my (remote) SVN server. It involved setting up a tunnel in SecureCRT (though Putty can do it as well), and then telling subclipse to use my ‘svn://localhost/stonekeep’ repository.
SVN+SSH configuration under EclipseWhile doing some surfing, I found that Subclipse supports the svn+ssh syntax for specifying the repository. “Great!” says I, “I won’t need to set up the tunnel each time!”
A few more fiddles, a pleasant discovery of a configuration screen in Subclipse, and I had an SVN over SSH connection to my repository, even using my ssh key pair.
Danger, Will Robinson!
But wait! All is not well. When I tried to browse the repository from Subclipse, I quickly hit this error:

Could not open file system at /var/lib/svn/stonekeep
(13)Permission Denied: Berkley DB Error while opening environment for file
system /var/lib/svn/stonekeep/db:

This vexed me, because I had been having no problems accessing the repository locally on the server, and over my ssh tunnel. Both used the locally running ‘svnserve’ on the repository host, so why wasn’t the svn+ssh connection using it?
The answer comes in the SVN documentation, and via a little research:

What’s happening here is that the Subversion client is invoking a local ssh process, connecting to, authenticating as the user harry, then spawning a private svnserve process on the remote machine, running as the user harry. The svnserve command is being invoked in tunnel mode (-t) and all network protocol is being “tunneledâ€? over the encrypted connection by ssh, the tunnel-agent. svnserve is aware that it’s running as the user harry, and if the client performs a commit, the authenticated username will be attributed as the author of the new revision.
When running over a tunnel, authorization is primarily controlled by operating system permissions to the repository’s database files; it’s very much the same as if Harry were accessing the repository directly via a file:/// URL.

The Problem With This
I’m really unhappy with this model. The problem is that now the user must have read/write access to the entire repository tree. When using a local socket connection (or one over ssh via a normal tunnel), the Subclipse client connects directly to the svnserve process running on the repository box, and interactions with the server happen under that processes ownership.
The svn+ssh protocol does not use the svnserver on the target machine. It tunnels the command to a user-invoked svnserve process, and that process must have read-write access to the repository.
“Well gosh, that doesn’t seem too bad. What’s the issue?”
The issue is that to make this methodology work, I have to give the user read/write access to the repository tree. Meaning, they could happily type ‘rm -rf /var/lib/svn’ and destroy the entire repository. Even worse, the configuration files (including the password / access file, which has passwords in plaintext) must be made available to the general users.
Why svn+ssh doesn’t simply make a local socket connection to the svnserve process already running, I don’t know. But I can find no way to make that happen.
The fix?
As far as I can tell, there really is no direct fix for this. There are various workarounds, which the SVN documentation discusses, including setting up an ‘svn user’ for the svn+ssh logins, and the possibility of using unix groups for permissions, but I feel that if you have a listening socket server on your repository host, you should use it, not introduce a second methodology and have to jump through hoops to implement it.
For now, I have to abandon the svn+ssh possibility, and go back to my hand-configured socket tunnels. There’s no real loss here – they work remarkably well, are very secure, and quite stable. The slight annoyance of having to open up a SecureCRT session before doing work in Eclipse is just that – a slight annoyance. I’ve dealt up until now, and I’ll just continue to deal.

LDAP and Thunderbird

I have an ongoing project dream. Someday, have a fully functional suite of opensource-driven services available to our community that gives, if not the full functionality of something like Exchange, but gives enough so that the users can interract and exchange information cleanly, without having to jump through hoops or pay ridiculous amounts of money or subscribe to proprietary, predatory application suites.

I made another step toward this lofty goal this week.

Continue reading “LDAP and Thunderbird”

More gloom for Palm, and the X5 Bluetooth Headphones

I have been looking for writing this review for quite some time. A grand triumph in geeky innovation, platform utilization, and clever use of available technologies. A step forward in mobile communications, entertainment, and convergence in the media, communications, and personal networking space.
Unfortunately, that’s not how it turned out.

Continue reading “More gloom for Palm, and the X5 Bluetooth Headphones”

QuickReview: Synergy2

Have to point this handy tool out to folks.
My busy deskBecause of the complexity of my desk, I can’t really have a pile of keyboards and mouse lying around. I switch between machines constantly, and switching keyboards would just drive me batty. I had been using X2VNC for quite a while, which, while ‘okay’, had it’s own quirks. One of which was it couldn’t work in reverse (I could go from an X host to a Windows box, but not the other way around). It also wouldn’t let me slide from an X display to another X display. Pretty limiting.
Enter Synergy2, a simple client-server tool set that lets you configure multiple displays to a single ‘server’ that controls the mouse and keyboard. With Synergy2, I’m able to configure all my machines in whatever configuration I want. At the moment I can slide my mouse off my primary Linux display onto my WindowsXP box, across it’s display, and onto my laptop.
That’s pretty neat, but.. the kicker? Synergy2 manages clipboard cut n paste operations across machines. If I slide over to hunter (the laptop running Ubuntu linux), highlight something and click ‘Copy’, then slide back to my primary desktop on yawl, I can just click ‘paste’ and it works. This is miraculous to my eyes!
If you run more than one machine on your desk, I highly recommend Synergy2. Available in apt repositories everywhere.

The URL Game.. An Interview with Jonathan Whiting

Web games. There’s zillions of them. Find your way out of the room, play Zork,
all the fun in the world can be found on the web somewhere. Everything’s
been done to death.

Or has it?

I have to blame blk for pointing me
at a very simple webgame. I’d tell you the name of it, but… well, it doesn’t
have one.

The premise is simple. Go to
You’ll see a nice big black page with the number one on it. This is the beginning of the
game. Your task, find the next page. This one is obviously ‘1.html’. Hmm, what could the
next page be… ahh, clicking on the ‘1’ gives you the page ‘2.html’. Okay, pretty
good Now, though, what could be the next page? Probably… 3.html. But there’s no
link to it, so maybe typing it into the web browser will work. Aha! It does.

Now find the next page.

And the next.

And the next.

Each page provides a hint as to what the next pages’ url will be.

Need a hint? DON’T GOOGLE IT! Some bright folks have put the entire URL list
on the net, and it really takes all the fun out of it. You will need to use
google for some of the hints, but just be careful about where you click.

As I am wont to do, I was curious about the motivation behind this nifty game.
It seems so simple, I wonder how it came about. After a big of digging, I managed
to get ahold of Jonathan Whiting, aka ‘Piglet‘, who agreed to a quicky interview on the game…

Continue reading “The URL Game.. An Interview with Jonathan Whiting”

Google Browser Sync

I found this one while doing my daily browse through Digg. It’s a tool from Google that lets you sync multiple Firefox installations in realtime. I personally have 3 different machines… nowait, 4… that I run Firefox on, and being able to seemlessly keep my bookmarks, cookies, form elements and tab/button bar layouts synchronized is a total win, not to mention having an off-site backup of all these goodies.
I recommend starting this on the machine you have your most complex and involved bookmark mechanism on, as when you add a new machine to the mix, it appears to import your saved bookmark collection from Google Sync, and then synchronize. So the first one in should be your largest. I probably have 400 bookmarks in my setup, organized into dozens of categories.
Give it a try!
As found via

KDE Chatterings: Amarok

I’m really getting into my new KDE 3.5 desktop based on the latest release of Kubuntu linux. The level of integration and polish that has gone into the system is constantly amazing me. I’ll be chatting about various applications and components shortly, but I’d like to talk about one in particular right now. Amarok.
The Application
Amarok is to KDE what iTunes is to the rest of the world. A slicky smooth application with a ton of ‘community’ and ‘wide world’ stuff in it, but at it’s core, it’s a music player. Linux is certainly not without it’s share of music tools, but a decent, intuitive, and powerful system has been scarce for quite some time.
Amarok fills a niche for a tool that is not only a capable player, but also manages your music collection, organizes playlists, titles, and tags, as well as keep track of what was played when, and what order it was done in. Amarok makes no distinction between a local playlist and a streaming audio feed – the entire interface handles both sources without skipping a beat.
Add onto that a popup ‘banner’ display that shows the current track when it changes, then disappears (without affecting keyboard focus, windows, or anything – it’s a neat trick), and an extremely compact and well designed interface, and you have all the makings of an attractive and useful tool.
The Experience
I’ve been using Amarok as my default player now for almost 3 weeks, and I find myself pulling it out of its hidey-hole in the KDE toolbar to do basic things “Ahh, skip this track, it’s boring.” “Who the hell IS this?” “Switch over to that other playlist.” “I just added a couple more albums to the store, rescan please.” without spending half an hour navigating man pages, unintuitve menus or hacked interfaces that don’t behave like any other application on the planet. It’s delightful.
Other little tidbits that surprised me include things like Amarok’s link wth Album covers can be automatically displayed based on CDDB or FreeDB signatures, and they’re invariably correct. Another one is integration with your iPod. Dock them, and you can drag and drop songs into the iPod directly. Amarok also has an interace to, a community based site oriented around music. The songs you play can be reported in as favorites / regularly played, and will update the ‘popular songs’ info on the site.
Amarok may be one of the best applications out for KDE, but it has great company with all the other improvements in KDE 3.5. Stay tuned for other reviews, but if you have a chance, take a look at Amarok now. You won’t be disappointed.

MythTV – Success!

“It’s really unstable”
“It’s painful to set up”
“Good luck with all the yak-shaving!”
Poppycock! I come to you happily reporting on the successful installation, configuration, and implementation of MythTV.
For those not in the know, MythTV is an opensource (aka Free) system that mimics much of the behaviour normally attributed to a Tivo. At it’s very root, it is a Linux-based Personal Video Recorder (or PVR) that allows cable (and DVD and other mediums) to be stored, displayed, and manipulated in realtime, effectively turning an ordinary PC into a home video component.emotes.
Alas, MythTV has a long history of being INCREDIBLY complicated to get running. Starting with a baseline Linux install, people have talked of months of twiddling network drivers, card configurations, database problems, and video drivers all to get the system into perfect ‘balance’, at which point the system would work fine, but the process would ultimately leave a bad taste in the mouth of the implementor. Hardly a glowing recommendation.
Recently though, some bright folks have built up KnoppMyth, a MythTV installation wrapped into the well-known cd-based distribution, Knoppix. Knoppmyth allows you to go from a powered off ‘blank’ machine to the MythTV main menu – system installed, configured, and drivers ready to be enabled, in less than 10 minutes.
It wasn’t without a few hiccups – mostly due to the smoothness of the installation, it was easy to try and go right into viewing online video without actually configuring the image capture boards. The system has an enormous array of configuration options which can easily baffle a newcomer, but in the end I was happily watching Comcast cable on my VGA monitor, and able to tune around the entire spectrum, complete with on screen programming guide.
For reference, here’s my configuration:

  • Athlon 1400
  • 512 meg RAM
  • 80gig ATA-100 drive
  • Hauppage PVR-150 video encoder card
  • nVidia NV3 video

I’ll be exploring this system more over the next week or two, but so far, I’m exceptionally impressed with what the KnoppMyth folks have done in bringing a previously complex and potentially painful installation into something mere mortals can attempt.

K3B. Polished, useful, clean software for Linux

In my ongoing quest for “Really Good Software”, I tend to get grumbly about the vast quantity of software around for Microsoft platforms that ‘just plain works’. It’s polished, clean, and looks great. Occasionally though, I come across gems under Linux that are just as good.
In this case, we’re not talking just as good as Windows. We’re talking “Far better than 90% of the crud out there”. I’m talking about K3B the KDE CD/DVD Kreator.
Anyone who has done CD burning under Linux knows that there’s tons of tools for command line manipulation of volumes, but woefully few that run in GUI space, let alone do it well. K3B has the benefit of an outstandingly complete, polished, and well-designed interface, on top of the fact that ‘it just plain works’.
I recently used K3B to burn a copy of KnoppMyth to a CD on my T40 Laptop. I originally grimaced at the thoughts of what this might entail, but a quick ‘apt-get install k3b’, plus another install of ‘cdrtao’ (which K3B thoughtfully told me I needed – not in a crash and text output, but in a dialog saying ‘You’re going to need this’), and I was off. Speed was high, the interface was intuitive, and in 15 minutes I had my burned CD. And it worked.
K3B embodies what CAN be done if developers take the time to complete and polish their apps. There’s nothing like this in the Windows world – all the ‘tools’ I’ve seen for Windows (that are proprietary and usually cost money) are pale shadows compared to K3B. Bravo!

JBother – A Java Jabber client

I’m always on the lookout for new Jabber clients to work with. I’ve been using Psi for the most part over hte last year or two, but the ETERNAL wait for an upgrade is driving me bonkers. Not that I just want more features, but there’s a bug in 0.9.3 that screws up adding new people to your roster. So I have to switch to Gnome-Jabber to add / modify my roster list. Yuck.
I came across JBother about 8 months ago, and gave it a quick try. It was good – a full Swing-based client that seemed to have a lot going for it, but it wasn’t quite stable yet.
Now JBother is up to v0.8.9b, and so far, it looks like a winner. The configuration screens are clean and easy to figure out, the client is snappy and complete, and the addition of a ‘plugins’ function, where I found a workable ‘systray’ tool pretty much nailed it for me. I now have a working systray-docked client that lets me do everything Psi and gnome-jabber did, plus MUCH more.
JBother supports freefloating or docked windows with tabs, similar to Exodus. Conferencing, transport management, debugging windows, logging, adjustable themes – they’re all in there.
If you use Jabber, give this one a try.

Adobe Acrobat Reader for Linux

Occasionally I find myself on the rougher side of situations while sticking to my guns regarding not using Microsoft products. Anyone who has had to interract with offices running only Redmondware are all too painfully reminded that Outlook users love sending PDF and Word and Excel attachments, frequently as the entire message, with the Word doc containing something like “Busy for lunch?”
Many of the issues facing “LINUX OR DIE” users like myself have been addressed by the fantastic work going on with OpenOffice, which lets a user open and view and manipulate Microsoft-based documents pretty handily. Couple that with a good GUI mail client like Evolution, and you’ve pretty much got what any Redmondware user has.
One thing has been missing, though… a decent PDF viewer. There are several opensource viewers that use various incarnations of GhostView to render the documents, but these tools are prone to twitches in the format that cause failed renderings, or just won’t run at all.
I recently received a PDF that KPDF and GPDF simply would not open. It was generated by an architect, and contained a diagram I absolutely had to view. Ready to post a scathing commentary to the blog about how Adobe was not supporting Linux, I went to their site, and tried to download Acrobat 7.0 PDF viewer for Linux.
And succeeded.
It was right there on the download page. A single RPM or .tar.gz file, that installed via an simple shell script. I was able to specify a subdir in my home dir (no root requirement), and it is now running happily on my desktop.
This is not a skimmed down ‘bone’ thrown to the Linux community. This is the full fledged Adobe Acrobat 7 reader, complete with tweaks specific to the Linux environment (like a configuration screen that asks what mailer do you want to use – and lists various well-known Linux clients, including Evolution).
The tool allowed me to navigate, browse, zoom in and out, and fiddle with the PDF I needed to view without any problems. I was somewhat amused to note that the viewer was running some sort of ad display engine in the upper right corner of the window, but it was easy to ignore.
The reader was not specific to any particular Linux version. I’m personally running Debian Sarge, which is generally not supported by the ‘big business’ folks, but as I said it installed and ran perfectly.
Glad to see some companies are getting the hint.

The beautiful side of free software.

Or, another title… “If you BitTorrent, please try Azureus”
I’ve recently been tinkering with BitTorrent to pick up some old TV show episodes, handy for when I’m on the road travelling. My first forays into the world weren’t so promising, as the clients and tools were pretty primitive.
Then I came upon Azureus.
This is as full featured, complete, and beautiful an application as I’ve seen anywhere. It’s written in Java, obviously with the SWT toolkit, and is simply striking in its detail and complexity. It even includes a live animated display showing the ‘swarm’ of machines you’re connecting with to do uploads and downloads.
I’ve been using it off and on for the last day or so, and I’m staggeringly impressed with how well it works, and how complete and detailed it is.
If you’re interested in BitTorrent, check out this system.

XM Radio – One Week In – a quick review

My current work has me heading down to New Jersey every few weeks to work with my client on our various projects. After the first 2 drives (4 1/2 hours or so), I decided that I needed some way to keep myself sane on the drive. The first trip involved cabling up my laptop to the stereo so I could listen to the MP3 collection on it while driving. This proved… less than optimal, and I began considering XM Satellite Radio. Last week I marched into Best Buy and picked up a SkyFi2 receiver.

The Service
XM Radio is a satellite-based radio service that provides about 250 channels of ‘digital radio’ to a special receiver. It is a subscription service, requiring a monthly charge and activation. There are no ‘levels’ of subscription, such as in cable television – once you’re subscribed, you have access to everything. The channels vary widely in content, from Major League Baseball through classical music. The service is activated based on your receiver ID. Receivers can be moved from vehicle to vehicle (or in the case of the ‘MyFi’ receiver, carried around with you like an iPod). You can activate multiple receivers, but there’s a (smaller) charge per additional unit. Many of the units are mobile, and can simply ‘undock’ from one car, and ‘dock’ in another (or into an at-home unit).

The Equipment
As mentioned, I have the SkyFi2 receiver, which is sort of middle of the road as far as receivers go. It has has a ‘dock’ arrangement that lets you remove the receiver or hide it when parking, which is a win. The receiver has a clear easy to read display (both in daylight and at night), and is easy go use to navigate stations and presets. Mine has a very stiff ‘wheel’ on it, which I may bring in to get serviced (it should turn smoothly), but other than that it works fine. The unit comes with an external ‘magnetic mount’ antenna, a ‘cassette-style’ hookup for stereos (it also can transmit on several FM bands, but I found as I was driving I’d drift in and out of range of various FM stations, which would conflict with the FM transmitter), so I opted for the slightly more cluttery arrangement with the cable, but didn’t have problems with interference. This will definately require a more permanent installation though, since the receiver now has 3 wires coming out of it (power, antenna, and audio).

The receiver does provide some excellent functions over traditional radios. The biggest is having a realtime display of the current channel, track and artist. You can add other things to the display (stock tickers, etc), though I can’t imagine that would be safe for a driver :). Another big win is the ability to ‘pause’ music or shows – for instance to go through a toll booth, or get food from a drivein, or whatever. The receiver ‘spools’ the show up (and shows how far behind realtime you are), and lets you play and catch up when you’re ready. Up to half an hour of paused music can be stored.

Last but not least is the ability to ‘tag’ certain music or artists, so that if another station starts playing an artist you want to hear (or a show, or whatever), the unit will alert you that something is starting elsewhere. I haven’t done this yet, but if there were certain shows I didn’t want to miss, that would be handy.

The Stations

What is a radio service without content? XM provides 250 or so channels of programming with a wide variety of content. After scanning through the listing several times, and listening a bit to each one, I’m slowly settling down into a dozen or so I enjoy. Many of the stations have live DJ’s that introduce and comment on the pieces being played (though the receiver includes the feature of showing the channel, artist, and track being played – and it’s updated in realtime), but it’s nice to hear a real person on occasion. My only beef with the station programming is they have commercials. This is a pay-for service, the last thing I want to do is listen to an add for Viagra in the middle of a Blues concert. I find this incredibly annoying, and would even consider paying a slightly higher premium to avoid the commercials

As far as generic programming, the stations are good. Some are excellent (in my opinion), and some are just boring. I would have liked to see less channel space used up by specialty or limited audience bits that are repeated elsewhere. (For instance, there are 40 some odd ‘local’ stations. If I’m in Boston, chances are I don’t need to hear traffic conditions in Chicago, but I have both a Chicago and a Boston channel on my receiver). Also, there are 5-6 major league baseball channels, and 4 Nascar channels. If there is a limited number of channels in the XM system, they should work on a subscription mechanism that lets you tune what channels you receive. I’m never going to be listening to MLB or Nascar programming, why is a third of my channel selection used up by them?

The good, the bad, and the ugly
So now I’ve been using the system for a week, and have some pretty detailed impressions of it. So here’s the basic rundown as I see it. I spend anywhere from an hour and a half a day to several hours (for the road trips), so I’m probably a fairly typical user:

    The Good

  • Very good selection of stations and programming.
  • A lack of DJ chatter or other annoyances
  • Very capable technical offering on the receiver
  • Activation and maintenance painless (took about 15 minutes from my car)
  • Availability of all programming over the net via their website
  • Ubiquitous access to stations, no matter what your location. The same channels are available in Boston that are available in NJ.
  • Simple installation and easy to use.

    The Bad

  • Many channels used up by narrow-focus audiences, but still occupy many channels at once.
  • Reception can be sketchy. Audio cuts out as the signal drops down reasonably often. Not enough to be a real problem, but far more often than I expected.
  • Audio quality is less than ideal. It sounds similar to a 64k MP3 streaming audio feed. It is NOT as high quality as CD or even broadcast radio, but is acceptable.

    The Ugly

  • No way to skip or avoid commercials
  • No Radio Paradise!

For $11 a month for the service, I think it’s worth it, particularly for people who do regular road trips or even longer commutes. The inclusion of not necessarily ‘mainstream’ content makes all the difference (things such as NPR, Folk radio, etc). Some more flexibility would be nice, and higher quality audio would be a huge win, but for now, I think I’ll stick with it.