Author: seemant

Yeah, that’s my baby sister, she turns 25 today.

So, bunch of things. The whole co-habiting of kerberi is abandoned. There was a stunning lack of feedback as to motivation and method, so they’ll remain blocking. However, they will be cleaned up. I will make sure to at least make them both non-clobbering against e2fsutils & co.

Also, if you’re going to use crazy-assed compiler flags, the very least you can bother doing is reading the documentation about them. Honestly, people, gcc provides great man pages and info pages, and the website is chock-full of information about each flag. Don’t just listen to some l337 dud3 in some hokey irc channel on some hokey network — chances are that’s not freenode/#gentoo, but who knows.

And while you’re changing your cflags to put some cool looking flags in there, for the sake of all that is holy, please don’t screw with other settings that you know absolutely nothing about!!

It’s cases like these that are the cause of ridicule to Gentoo itself, to be honest. When you read /. posts or comments to linux news stories, or go on over to funroll-loops, it’s you they’re talking about. But then they generalise to the rest of us. And if you file a bug about your broken cflags set up breaking gentoo packages — if I happen to wrangle it, expect to see:

gcc -fuck-off-with-your-flags thisbug > closed

as your comment.

Donnie, I’ve been using dnsmasq for a year now, ever since Ciaran mentioned it to me in #gentoo-sparc and it has taken its place in my top 5 favourite pieces of software. I don’t know that I would ever choose to use anything else. Granted, I don’t have a need for it in any large enterprise so I don’t know how well it would scale. But for smallish networks, the thing kicks ass.

And, by the way, are the writers of 24 all addicted to crack? Seems like the last month or so has been full of fillers, rather than any real plot development. I mean how is it the biggest twist you never saw coming when you saw it coming for the 3 episodes prior? And please, stop with the torture already.

OK, so here’s an update to the whole heimdal/mit crisis. I sent an email to gentoo-dev mailing list soliciting opinions on two options, which I shall outline below. There is no link to the email because the mailq on the gentoo mail server is apparently backed up. I’ll update this entry with the link when there is one.

In the meantime, here’s the two options:

1. Continue on as I have been, with prefixing things with mit- and heimdal- and then making symlinks.
2. Install mit and heimdal into /usr/libexec/kerberos/[mit,heimdal] without renames and making symlinks.

So you see symlinks get made either way. I think the libexec route (or /usr/lib/misc, as SpanKY favours) is the easier of the two. The other concern which Uberlord finally vocalised in #gentoo-dev is: is all of this worth it? It wouldn’t be possible, even if we removed the blockers on each other, that some package foo would compile against mit, but work against heimdal. So, then, what is the point? I don’t know. But if you do, please let me know.

OK, so as promised I started working on heimdal’s new ebuilds for the whole relocation-no-stomping routine that you’ve been doubtless on the edge of your seat about. And I hit a snag. Not a snag, as much as an annoyance. The autotools provide this really nice configure flag that you can see in use in mit-krb5 (whose use karltk taught me for making sylpheed-claws co-exist with sylpheed back in the day when I actually maintained stuff). This would be the –program-prefix flag. Of course, for -claws, we used –program-suffix. So, for mit-krb5-1.4, this causes mainly the clients to be installed as mit-$clientname. So the telnet and su and all that crap is just mit-telnet and mit-su and what have you.

Heimdal, just to make my life complicated, goes a step further with –program-prefix thing. They rename _every_ binary. And every manpage. But of course, the symlinks that the makefile installs (there’s a symlink for kadmin to ktutil I think that doesn’t point to heimdal-ktutil, but to some non-existent ktutil; there’s also a whole crapload of symlinks in the man directories, but they also point to non-existent manpages). So now I have whack the configure/make scripts to correct this and also report this situation upstream. Stay tuned.

What is it with Gentoo Developers leaving lately? Two people, scandium and chriswhite, have left in the last two weeks. Ordinarily, I’m used to the turn over in Gentoo development, but honestly not being on the -core list since January (until my dev boxes arrive here, don’t get alarmed), I miss out on the news and find out in funny ways. I guess that not being on devrel lists plays into that. Maybe it’s just my ego, but I wish I’d known their intentions before I found out and before they left so that, I dunno, I might have at least had the chance to change their minds.

And “why?” you might ask. Well, it’s very simple, the two of them were great developers. ChrisWhite took so much on in the media-video category (primarily, but he wasn’t afraid of media-* and lisp and fortran, for crying out loud) and fixed it up nicely. And that was just to start with. He handled the relationship with Real (a relationship that is NOT easy to handle, trust me). He handled various other packages. In other words, a dependable developer.

Scandium was responsible for all things cvs in portage. No, not the *-cvs packages that the ricers seem to love, but the actual dev-util/cvs stuff. You’ll find that he handled other stuff in the dev- categories like pike, a language I’ve certainly never heard of.

Anyway, as of this writing, I have no idea why either of them left, and I’m a little pissed off about it, because at this stage, it’s probably way too late to change either of their minds. Hey, I can try.

Anyway, since I’m not on -core I couldn’t give them a send off, so I suppose this qualifies, even though it’s much more public.

OK, so here’s a nice update. I finally settled the installation scheme for mit-krb5, effective from 1.4 onwards. I’m working on the kerberos-update script (not kerberos-config anymore) to install proper symlinks, but that won’t be finished till the weekend.

Does anyone here actually use krb4 themselves? If so, what stuff that needs krb4 needs a hardcoded path into /usr/athena? I looked at kth-krb (because in all fairness kerberos-update should actually be able to work with krb5 and krb4), or I could pretend krb4 doesn’t exist and call it krb5-update. What do you think?

So updated todo:

• Fix up heimdal — install two snapshots, one 0.6 and one 0.7(?)
• Finish this kerberos-update (for now, it’s kerberos-update not krb5-update) script
• Pray

PLEASE PLEASE comment here about the krb4 questions.

OK, so here’s an update. I put mit-krb5-1.4 into portage (and took out a whooooooooooooole bunch of cruft while I was in there). Now, this is important, so it’s in bold:

DO NOT EMERGE IT YET!!!

Here’s what’s happening with it so far:

Most of the utils (the telnet client/server and so on) now get installed as mit-telnet and so on rather than just ktelnet and so on. Additionally, there were nice configure arguments to use the system’s db, com_err and ss libraries/headers.

The things which remain, however:

/usr/sbin/k{rb5-config,admin{,d},tutil} all still clash with heimdal’s renditions of them. Same with /usr/include/krb5.h and /usr/include/gssapi/ (heimdal makes that a symlink, mit makes it a directory).

Finally, most things they install in /usr/lib will clobber each other badly. Over the next few days, I’ll be sorting these issues out, and updating the ebuild. I’ll also put quick updates on here so you can keep track.

The updated todo:

• finish mit-krb5 fix0ring
• fix0r up a heimdal cvs snapshot
• make sure my kerberos-config script (not released yet)
• try and find ways to make other programmes compile against either one
• unleash

Anyway, stay tuned. IF you want to get your hands dirty, find me a nice clean way to relocate the stuff in /usr/lib (ideally /usr/lib/kerberos/mit or something, but I’m open to ideas). Will this involve an env.d/ file then as well? These are unanswered questions that you can help answer, or wait for the answers.

Right, so this coming week is finally going to see the results of my frustrations with the kerberi. My apologies to those who have been tuning in with hopes of seeing some movement. I’m sorry, but there simply hasn’t been any. The next weekish will finally see some ebb in my schedule.

Because the Airport Extreme does not work in linux, I haven’t really been able to work from home (yeah, I can use the terminal on my devbox @ work, but then actually testing becomes a different story). So hopefully my devboxes arrive from LA soon (read that to say: hopefully we can budget in the money to finally have those sent).

Meanwhile, I found a link from Mike Rivero’s blog to the Digital Imprimatur, which is a very interesting read. Also, check Ciaran’s entry for good reading if you are, know of, heard of, dreamt of, had sex with, once bumped into, and/or are the best friend of the college roommate of an upstream developer.

No, not the Paul Simon song that the Bangles sung, rather a lament on deadlines. I’ve an upcoming deadline on Friday for my real life work, so I’m guessing this kerberos stuff will not be finished this week. I hope to at least get some time to start on the stuff. As of right now, I have preliminary ebuilds for relocated heimdal and mit-krb5. Unfortunately, I have not been able to gut either of them of the com_err and ss libraries yet.

Can I have everyone give a round of applause for Sven for really really putting our documentation into shape. When he first took over the Gentoo Documentation Project, he had a pretty uphill battle, because our docs were in shabby shape. I think it was 1.4 where Ryan and I stayed up all night to fix up the install docs. Since then, Sven took over the GDP (see next link) and moved it to another level entirely — what with fixing up the content and syntax, co-ordinating the various translations, bringing in newer docs. It’s amazing what the Docs Team has done with all of the Gentoo documentation.

Just so we’re clear then, the priority of my todo list is thus:

• Gut mit-krb5 and heimdal to not install common libraries
• Double check my kerberos-config script to activate one of the kerberi
• package mask and check in ebuilds for all three (the script will be its own ebuild)
• revisit why mozilla won’t link against heimdal (or mit-krb5) in Gentoo — Ubuntu achieves this just fine.
• make the newest nfs-utils be able to compile against either of the kerberi
• look into putting shishi into portage as another optional implementation of kerberos

Now, does anyone actually use krb4 still? I’m not interested in it, because I honestly don’t see the point. Granted, I’m not nearly knowledgable enough to know why it would be useful, so I’m really curious to hear from those who do find it useful.

And doing a good job of it too, I must say. I only thought of it because I had to write a Title. Anyway, this is the best quote I’ve seen this week:

When did ANYONE with a clue listen to Microsoft? “Linux costs you more money”, “Linux has more security problems” and “IE doesn’t have any security holes which we can’t fix and do the second we know about them if you have a fucking time machine!” seems to be all they can say lately.

I’m sick of Bill and his lies, who gives a fuck if he says Longhorn will stop teenage pregnancy, cure world hunger and get every geek laid within a week of buying it. He talks so much crap now (and so do most people who have spin doctors sitting up their ass all day) that we may as well go listen to the talking clock for a bit and at least get some truth even if it’s useless 10 seconds later.

Thanks for the laugh, Turn-X Alphonse

Now, from funny to slightly sad. Peter don’t get so down about Gentoo. Remember the reason you got into developing. If you forget, come talk to me, I’ll remind you. For those not in the know, Peter and I met at LWE 1 (not the first LWE ever, but the first LWE that Gentoo was ever at) in NY. There was Peter helping us all out in the booth, talking to other users, hanging out with us, and above all, being cool. And so he and I started talking a bit about him becoming a Gentoo Developer, because he was (and still is!) interested in better Gentoo/IPv6 support and integration. And so I asked him to file some bugs about it with some fixes and voila not a month later (coz Peter was delaying, not me :P) we had latexer at gentoo, previously a paragon of #gentoo netizenry.

Now Peter, you talk of a vocal minority. Here’s the thing — their bark is a lot worse than their bite. Besides which, I think in a forum where you’re trying to communicate things to people of intelligence, they will filter out the wheat from the chaff, as it were. Through all the ups and downs of Gentoo since I joined (and what you and I have both been through), I’ve learned this: ignore the detractors. Invariably, they just seem to have nothing better to do.

Not to get off on a rant of my own either, but that is seriously the case. Remember the fork? All they did was talk about how they were going to be different from Gentoo, how they were not Gentoo, how they were not Gentoo devs, how badly Gentoo did this, that or the other, and how Gentoo sucked at this, that or the other and how they wouldn’t. With all that talk, what did they actually do? I’m not dissing on those people personally, but the zynot folks had a huge talent pool, and a huge level of community support from their moment of inception. They were capable of achieving great things. They squandered their chances by not focusing on making their achievements great, and instead focusing on being NotGentoo.

Apologies to any readers who might have taken offense at any of that, but get over it, it’s the truth.

The sad truth of human nature is that if you can’t use a tool (or be bothered about learning how to use it properly), you tend to blame the tool. I think of SpankY when I conclude : the members of the vocal minority are the tools.