2006 Meetting Minutes

As all the email address I have for everybody have bounced, I'm going to post a record of the SIG minutes I have in this topic.

These are a mix of HTML, plain text and Wiki syntax of varying standards compliance. This comes from my personal logs, including my weblog. So, if someone wants to clean this stuff up, be my guest.

After I posted all these I noticed that I did it in reverse chronologial order, so adding new 'minutes' at the end would be out of order. Sorry.

Setting up a serial console for Linux.

Benefits:
You get kernel panics, dmesg, etc on the conosole.
1 Server with a few ports cards means remote access is easy.

Pre-requirements: Your kernel needs to have the serial driver built-in. No initrd or post-install modules will do.

Standard cross-over cable on your com1 or com0 port.

The example system: minicom 2.1 on ttyS0, 9600 buad, CTS/RTS

HowTo:
1. In /etc/initab

S0:23:respawn:/sbin/getty -L ttyS0 9600 vt100

2. In menu.list (grub.conf for debians,) add your conosle line
/boot/vmlinux console=ttyS0,9600
the connection is 8N1 by default

3. To get grub to use the console, use one of two methods:
a) let the BOIS handle it (if HW supports it)

b) add to configure grub
# Serial console stuff
serial --unit-0 --speed=9600
terminal --timeout=1- serial console

It's a bonus if you HW supports a serial console.
x86 server class boards should suport this.
Then you can get post-codes, bios messages and
Spending the few extra $s really makes the difference.

Note that this will do both video and serial output if they are all plugged in. You should also get a boot if you don't have anything plugged into either the video or serial lines.


------
CentOS - what Whitebox was trying to be. CentOS supports apt4rpm, RedHat as of Fedora Core 3 no longer supports it because apt4rpm isn't resolving multi-arch library dependancies. You don't get some of the extras, like rdiff_backup, and things that RedHat can't redistribute due to licensing.

Future of the SIG
Back in the beginning we had a big need for the SIG and high attendance.

Less structured, more notes session and less topic presentations.

Some topics that go on more than one session.


Future topic idea:

Remastering a Knoppix CD: not that good of an idea due to the 1/2 day it takes to change stuff.

Remastering a DSL CD: better, smaller at ~50mb, and documents

Setup a WRTG Linux router with OpenWRT. Note that ASUS makes some small routers with usb ports for Samba sharing USB drives and printers with IPP.

IceCast & Xgl

IceCast streaming audio
"Double" client-server architecture
- Streaming Server
- Multiple 'listener' clients
- Multiple 'source' clients, including files on the HD.

Darkice steaming audio source

Fairly high bandwidth requirements

Xgl on Novell SuSE Linux 10.1
compviz composing window manager, gnome-window-decorator and OpenGL accelerated drivers.
eye candy, Aero-desktop like effects.
- spinning cube virtual desktop switchin
- peel-n-peek behind windows, wobbly window dragging
- Mac-like window placement effects
can't use SDL or OpenGL games at same time
mainly for 'wow' effect during presentations
Novell project just "re-OOS'ed" to be replaced by Egl and newer composing window managers

Ubuntu 6.06

<p>About 12 hours old, we are doing an install of the latest Linux distribution. The targets is an old system 194 MB Dhuron 1GHz. HD you don't want to know (~5 Gb.)</p>
<p>There are 3 "Flavors" of Ubuntu Desktop, Server, Xubuntu (super small.)</p>
<p>Showed a running install of Desktop. Installed a Server, using the RedHat-like NCurses installer.<br />
Notes</p>
<ul>
<li>there are already security updates today.</li>
<li>there is an option for a LAMP server preinstalled MySQL and Apache.</li>
<li>linux-server selection includes a server-oriented kernel.</li>
<li>the mirror selection tool is very slow.</li>
</ul>
<p>1st step on an Ubuntu system sudo passwd, then su -</p>
<p>Installed a Desktop, uses the live CD but you can used safe-graphics. Pretty much a generic install. Everything is available.</p>
<p>Discussed future topics for the OKC PC Users' Group Linux Special-Interest Group</p>
<ul>
<li>VPNs</li>
<li>Asterix</li>
<li>Virtualization</li>
<li>skype, teamspeak, etc</li>
<li>XGL (Assuming I don't break it by July.)</li>
<li>LAMP</li>
</ul>

2nd Life Under Linux

<p>Next month: games. BYOB - Bring Your Own Boxes.</p>
<h4>Beginner Topic: 2nd Life Under Linux</h4>
<p>http://secondlife.com</p>;
<ul>
<li>a social video game, you can chat and trade with people
<li>building tools
<li>global economy
<li>very much like a MUSH
<li>time based on Pacific Time Zone
<li>accounts
<ul>
<li>can get a free account, but only 7 days and has no features.
<li>need either a cellphone or credit card
<li>costs $10 / month for a basic account
<li>$72 / month gets you land ownership, building and 500 'Lindens' a week
<li>there is a land tax as owning an island, etc is rental on the server
<li>you can pay real $'s into game to get Linden's.
<li>infinte inventory
<li>there are teleporters
<li>your character can fly</ul>
<li>zones
<ul>
<li>there are zoned areas
<li>some are PG
<li>some are ADULT THEMED
<li>some are team-oriented parent and child areas
<li>big furry presence (the furnation server is huge before it got whacked)
<li>sandboxes are cleaned up every 24-hours
<li>no permadeath, but there are areas you can 'take damage'
<li>many, many zones (100s)</ul>
<li>etc
<ul>
<li>there are police
<li>warnings issued
<li>account suspend (7-14 days, etc) for
<ul>
<li>assualt
<li>pyramid schemes
<li>zone decency violations
<li>chain letters
<li>other ToS violations - AFAIK
<li>can't steal stuff at this point</ul>
<li>bandwidth and CPU/GPU performance greatly impact the game
<ul>
<li>with a LOT of overclocking, some people report 30 fps
<li>caching
<li>there is a limit to the number of primitives available per land you own</ul>
<li>building things is very big in 2nd life.
<ul>
<li>homes
<li>map visible art
<li>vendable avatars
<li>compleat scripting languate (physics knowledge helpful)</ul>
<li>made by Linden Labs (their avatars have a Linden surname)
<li>starts are on the main page (e.g. 5,000 people on)
<li>lots of map features</ul>
<li>Linux support
<ul>
<li>is native
<li>ALPHA release client
<li>requires some tweaks and has some rather nasty bugs.<br />
( e.g. Linux mutants: old clients forced face color = hair color)</p>
<li>dedicated forum http://....
<li>auto-updater doesn't work, have to manually update.
<li>no sound</ul>
<ul>
Advanced Topic: ClamAV + postfix</p>
<ul>
<li>Postfix
<ul>
<li>http://www.postfix.org - all the documentation
<li>and MTA like courier, sendmail, etc.
<li>less bugs than sendmail
<li>sendmail designed to deal with frequent changes to SMTP standards
<li>some baggage, but YAMTA (Yet-another-MTA)
<li>becoming default on Debian based distros</ul>
<li>default config
<ul>
<li>normal installations come with an example configuration
<li>the demo laptop didn't. Oh well, off to /etc/postfix<br />
(creativity in placing configs is bad, IMHO) and get main.cf from<br />
/usr/share/postfix</p>
<li>really small default config, but defatuls to localhost.localdomain<br />
as email</p>
<li>note that most people write this in /etc/hosts:<br />
127.0.0.1 localhost.localdomain localhost myfancyname</p>
<ul>
<li>means myfancy name is an alias for cannonical localhost.localdomain
<li>no MTA will accept / deliver for the invalid localdomain DNS name.
<li>real servers have fixed IPs or get their hostname in DNS.</ul>
</ul>
<li>main.cf
<ul>
<li>postconf returns ALL the set variavles
<li>postconf myorigin returns the myorigin variable.
<li>once the domainname is fixed, existing UNIX users can get/send mail.
<li>virtual_alias_*
<ul>
<li>no mailboxes, just forwaring
<li>needs MX records, so runs DNS and SMTP's to itself</ul>
<li>virtual_mailbox_*
<ul>
<li>real mailboxes
<li>virtual_mailbox_base = /var/mail/vhosts, for instance (local mail<br />
/var/mail)</p>
<li>mailboxes owned by somebody, be careful of who owns them
<li>can create different mailboxes with different properties</ul>
</ul>
<li>alias
<ul>
<li>put in virtual_alias_maps if no mailbox
<li>put in virtual_mailbox_domains if has mailbox
<li>aliases in virtual map will overlap
<li>you might want 1 map per domain, but if > 15 or so domains, you'll want MySQL</ul>
<li>Notes
<ul>
<li>get UNIX login, get UNIX mailbox
<li>use forwarders, send to other MTAs
<li>IMAP and POP is not the problem of the MTA
<ul>
<li>IMPA, POP = get mail from mailbox, not MTA
<li>SMTP = internet mail, get mail into mailbox, MTA</ul>
<li>simple hash tables
<ul>
<li>so 10,000 users with 2,000,000 messages/day doesn't crawl
<li>support for plain text, sql databases, LDAP, Berkley DB, etc.
<li>hashdb script makes the hash tables for you from your data<br />
2 column text file gets make into file.db (Berkley DB)</p>
<li>postmap hash:/etc/postfix/file rebuilds file's file.db</ul>
<li>probablly installed by the time Ubuntu is installed or just apt-get install<br />
postfix</p>
<li>Listens on localhosts, localnetworks by default. Check with
<ul>
<li>netstat -tln
<li>mynetworks</ul>
<li>DaVinci networks uses Courier in production, so we're not talking security
<li>yes, postfix upposers Courier Maildrop format</ul>
<li>Theory
<ul>
<li>want to not lose mail, so no processing just dumping into queue
<li>queue is a file on the filesystem
<ul>
<li>pickup
<li>qmgr</ul>
<li>mail gets put into the filesystem (queue) by the smtpd program
<li>other programs look at the queue file
<ul>
<li>local delivery
<li>virtual delivery, possibly SMTP back to smtpd
<li>LMTP processor</ul>
<li>1:1 map of sender:recepient, SMTP 1:many
<li>SMTP is Y/N on the whole message and late erroring w/bounces
<li>LMTP for queue-less programs
<li>WMTP (Weird Mail Transport Protocol) agents
<ul>
<li>diddles the queue
<li>per email filtering</ul>
</ul>
<li>ClamAV
<ul>
<li>anti-virus for Linux
<li>apt-get install clamav clamav-docs lha unrar arj unzoo
<li>lha unrar arj unzoo = enable support for examning those compressed files
<li>freshclam and the daemon
<ul>
<li>freshclam defaults to 1/hr updating your virus data files
<li>clamav-data is for non-networked hosts
<li>catching old viruses is not really a priority, want now. now. now.</ul>
<li>clamscan files
<ul>
<li>recursive
<li>use -i to only report infected files
<li>really after plugging into Postfix</ul>
<li>clamdscan
<ul>
<li>relys upon clamd daemon
<li>much faster, but must have /etc/clamd.conf
<li>faster is very important for mail throughput</ul>
</ul>
<li>amavis: the secret ingredient
<ul>
<li>AMaViS - http://www.amavix.org
<ul>
<li>died on the vine.
<li>Milter took it over, got amaviz-ng
<li>amavisd-new-milter is the interface from postfix and other tools</ul>
<li>before queue implies postfix handing mail DATA off to another program
<li>master.cf
<ul>
<li>-osmtpd_proxy_filter=127.0.0.1:10024
<li>amavis on that 10024
<li>don't want to SWAP: -osmtpd_client_connection_count_limit=10</ul>
<li>amavis connects back on another port with another smtpd instance
<li>very general process, but some ugly architecture.</ul>
<li>local mail will bypass it: mail runs 'fake' sendmail
<li>most (99.99%) people won't be local UNIX users on the box
<li>not ideal, but can be fixed with post-queue or not using mail/mailx</ul>
<li>simple configuration in /etc/amavis.conf
<ul>
<li>could also use spamassin
<li>losts of features, all commented out</ul>
</ul>
<li>clamav in postfix
<ul>
<li>postfix does not support virus scanners
<li>use the MTA model
<ul>
<li>high speed: scan the queue, but you accept for delivery infected
<li>better behaviour: scan on entry, refuse to accept</ul>
<li>before queue or after queue setup with postfix available
<ul>
<li>lots of bursty traffic, big peaks means large amounts of mail
<li>use after queue for large amounts, but bounces are BAD if sender is forged
<li>user before if you can get away with it</ul>
<p>Don't forget to run postmap on your hash files.
</p>

Wireless Networking under Linux

# Terminology
802
The IEEE group for computer networking.
802.11
The IEEE subgroup for wireless.
802.llb, 802.11g
Compatible slow and fast (54mbps) radio-link
LAN protocols.
802.11a
Incompativle wireless LAN protocol.

AP
Access Point. Alternatively, WAP or wireless access point.
A router that uses a radio to communicate with attached devices in place of
other media.
PSK
Pre-Shared Keys. Special passcodes that must be manually
entered on both the Access Point and all Clients.
WEP
Wireless Equivalent Privacy. Old-style wireless. 64bit OR
128bit keys. Uses RC4 cyphers that you shouldn't repeat a lot. 802.11
will use them enough to make it pointless.
WPA
Wireless Privacy Advanced. Along with WPA2, uses 4-way
exhcanges, pre-shared keys and AES (CCMP) or TKIP to encrypt the starting
exchange. With session keys being changed frequently and 23-character
shared phrases, this is much more secure than WEP, but not supported well.
Linux uses wpa_supplicant to configure passphrases and perform the session
key exchanges. The sites:
# DaVinci Networking.
Brining Linux to Corporate America.
Wireless Linux Support

* Red: no linux support.
Yellow: missing features in drivers.
Grey: unknown or uncertain support.
Green: this card/chipset has good Linux drivers.

* Trying to list ALL cards, chipsets, brands, etc.

Debian Hardware Compatibility
List
Feed the output of lspci to it and get a list of drivers.
MADwifi
Multi-Atheros(ath*) Drivers. These drivers include a tiny binary that will
taint your kernel. This HAL binary controls the radio on Atheros chipsets.
Most people have to use the ndis-wrapper drivers with a supplied Windows
NDIS comaptible driver.
Realtek (rtl*) and RA Link (ra*) manufactures have their own drivers on
their websites and are very open with their driver code as the HAL firmware
is built into their chipsets.
# OSes
Debian has native support and includes wpa, wpa-supplicant. Unusual
configruation of /etc/interfaces vs. the /etc/network stuff.
Ubuntu is a debian derivative with Prism chipset support out of the box.
RedHat must have the drivers compiled for you kernel.
SuSE is much like Redhat, although some drivers can be had via YaST.

# Tools
iwconfig is ifconfig for wireless extensions, but requires support from
your driver.
GNOME desktops include the network-configuration utility that provides a
GUI for simple network operations.
wpa_supplicant can work with iwconfig to WPA. Must configure wpa through
the terminal with wpa_passphrase.
aircrack and airsnort can scan (like iwscan) for local networks.
cardtl -l and carctl info can provide information and
mangement for Laptops using PCMCIA wlan cards.

# The demonstrated cards

1. ZEW1501 Zonet PCMCIA card (about $20 at newegg)
2. T-plink (about $14 + s/h on E-bay)
3. Atheros Card (miscellanious card to attempt 108mbps support (this
normally Fails unless the WAP and NIC are from the same company and you
have no other clients around.))

1. Kismet
Wireless sniffer.
Must be configured ahead of time (e.g. add source=... lines to the
configuration files.)
BSSID=MAC addresses of the sniffed devices.
Note that on startup the dirvers for WinXP will broadcast for ALL SSID's
that it has seen.

SPAM and Anti-virus.

Not a lot of people showed up.

SPEWS is bad. They blacklist EVERYING including huge ranges of ISP IP blocks.

Backscatter - try to send email to an address. If the address doesn't exist,
you get a bounce back. if you don't handle the different addresses in the bounce, SpamCOP
on the destination mailhost would blacklist you.

Discussion of blacklists (see above) like Blackholes, etc. Qmail supports
blacklists, but not much else it seems (gotta d/l and patch it for ANYTHING).
Courier does backscattter and such automatically.

Sophos vs. ClamAV. With Sophos and SPAMASSIN on the mail server we can filter
the email as it is sent. Sophos will prevent archiving of bad emails by
rejecting during recipt of the email.

Doom For Linux and iptables

<p>OKC PC User's Group <A href="http://www.linuxsig.org">Linux Special Interest Group</A> meeting 5 Janurary 2006.</p>
<p>Robert Green is back:</p>
<ul>
<li> been teaching the last 3 months at OU-OKC
<li> the class was a Thrusday night one, so it was hard to get to the 1st thrusday of the months SIG meetings.
</ul>
<h4>Intro Topic</h4>
<h5><A href="http://www.vavoom-engine.com.">Vavom</A></h5>;
<ul>
<li>Doom source port to Linux. Based on jDoom, etc. (has a long heiratige.)
<li>Need the original WAD (content) files,.
<li>3rd party mod and FreeDOOM compatible.
</ul>
<h5> <a href="//www.linuxgazette.com">Linux Answering Machine</A></h5>
<ul>
<li>Uses asterisx api, Zapta library and zaptel project.
<li>Really low requirement.
<li>Must have the zapta driver running in the kernel before makeing zaptel.
<li>Uses muLAW file format (small but crappy soundfiles.)
<li>Article at <a href="//www.linuxgazette.com">the http://www.linuxgazette.com</A>; site.
</ul>
<h4>Advanced Topic</h4>
<h5>iptables</h5>
<ul>
<li> iptables command to influence kernel packet firewall (e.g. flush the rules from the table with iptables -F )<br />
<code> iptables -A TABLE -p PROTOCOL --sport SRC --dport DEST -j ACTION<br />
</code></p>
<li> 5 tables (chains) by default
<ul>
<li>PREROUTING - rules that happen before anything
<li>POSTROUNTING - rules that happen after anything
<li>FORWARDING - for NAT, assumes that rewriting has been done so rules need to take it into account
<li>INPUT - local input to box
<li>OUTPUT - local output from box
</ul>
<li> All packets go through 1 of the 3 rules: INPUT, OUTPUT or through FORWARD
<li>A limited set of default actions (-j "jumps" to either a chain or does an action)
<ul>
<li>ACCEPT
<li>DNAT - destination port forwarding
<li>SNAT - source port forwarding
<li>REJECT - drop and return an error (e.g. --with-icmp-error --icmp-host-deny)
<li>DROP - become a blackhole
<li>LOG - fill up /var/log/messages (depending on --mlimit) but only a side effect rule not a normal action like DROP or ACCEPT.
<li>DENY - like reject
<li>MASQUERADING - Network Address Translation. NAT keeps a table of rewritten packets so that the firewall can lie about the source and destination of packets.
</ul>
<li>Can create new tables (e.g. a fake allow table) and run rules on packets in those tables at a later time.
<li>Uses a matching engine. Can use state (-m state --state STATE) to filter upon NEW, RELATED or ESTABLISTED states. Can filter upon protocols either using /etc/services aliases or ranges of portnumbers for either source of destination ( e.g. --sport 53:600.)
<li>examples:
<ul>
<li><CODE>iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT</CODE>
<li><CODE>iptables -A INPUT -p tcp --sport auth -j REJECT --reject-with tcp-reset</code><br />
</UL></p>
<li>Note that for most services, both a -p POROTOCOL of tcp and udp will be needed, so two lines should appear in a firewall setup script for such.<br />
</UL><br />
<!--more--><br />
Additionally, I owe Brian the $2 dues for this month.
</p>

Linux SIG 05 October 2006

Xandros Server presentation

* presented by James, one of the daVinici Networks guys
* commercial Linux distro
o based in Debian
o apt pacakge management
o Windows-esc, very clean GUI
* pretty GUI config tool
o similar to HP’s OVPI for OpenView
o can amange other Xandros Servers
o point’n'click system management
o plays well with text config files
* Nifty backup server (based on Brew)
* Scalix Groupware integrated with OS
o email, calendaring, shared folders, etc
o AJAX weblient (only supports the primary domain)
* No free version
o 30 day demo version
o targeted at small to mid range Linux shops
* 5 seat license for the included servers
o 5 users
o 6 backup hosts (self + 5 clients)
o 5 file media share

Eric teach’s Perl, part 2

* Review of variables in Perl
* talk about Perl 6 using symbols consistently vs. current Perl 5
o $scalar[index] version of an array
o $scalar is an completely unrelated to @scalar, %scalar or $#scalar)
* command line commando presentation
o if (cond) { perl } syntax vs. suffix perl if cond;
o A Perl motto: -w is ‘Prefered but not necessary’
o fun with a..Z, $ENV and locale.
* Perl’s strongly typed operators vs. Perl’s weekly typed variables
* What is true?
o Perl takes it to a philosophical point.
o ‘0E0′ is 0, but true for DBI work. (Famous point of the DBI module's "select *" returning 0 rows, but succeeding.)

Quote: “Java is the other way around [with respect to strong types and weak operators.] Perl’s operators run the show and can butcher variables even with -w and strict on.”

Possible future topic: opengroupware.org, free groupware.

Linux SIG 20061102

Perl Part 3

Last time was looping, with two variants: a C style loop and an iterator
Note that the first { is required.
for example:
Perl
@l=('a',b,c,d,e,f,g);
for (@l) { print }
abcdefg

This loop uses the magic variable $_, which is a bad idea as it may get changed by a lot of things. 'print' by itself will print the content of $_. This is to make Perl look like awk or sed.
a better example:
Perl
@l=('a','b','c');
for $v (@l) {
print ("$v\n");
};
Perl's '..' operator lets you iterate over series
for example:
for my $i (1..10) { print ("$i\n");}
1
2
3
4
5
6
7
8
9
10
C Style loops are also possible:

for ($i = 1; $i <= 10; ++$i) { print ("$i\n"}; }

There are many other loops: while loops, until loops, do while loops, etc.
Like unless (the opposite of if) there is until loops.
for example:

Perl
unless (1 == 2) {
print "1 == 2\n";
} else {
print "1 != 2\n";
}
^D
1 != 2

Chaining if's is possible:

if ($opt == 1) {
print "blah";
} else if ($opt = 2) {
print "blah blah";
} else {
print "no blah";
};

Subroutines

Chunks of code that take parameters and goes off to do something for you.

for example:
Perl

sub printeric {
print("eric\n");
}
printeric;
printeric;
^D
eric
eric

Subroutines are properly known as &name. And like other names, they are unique in Perl 5: &name, $name, @name and %name are completely different things. In fact you can create subroutines with the names of Perl builtins:

for example:
Perl
sub do {
print ("hi from do\n");
}
&do;
^D
hi from do

The following examples are long enough that we have switched to using a file containing the following:

#!/usr/bin/per -w
sub mysub {
$i =1;
for (@_) {
print("parameter $i: '$_'\n");
++$i;
}
}
mysub 1,2,3,4,5,'eric'; # recommended that you use ()'s, but this works
mysub('hi','bye');
@l = ('a','b');
&mysub(1,@l,2);

The output from this is:
parameter 1: '1'
parameter 2: '2'
parameter 3: '3'
parameter 4: '4'
parameter 5: '5'
parameter 6: 'eric'
parameter 1: 'hi'
parameter 2: 'bye'
parameter 1: '1'
parameter 2: 'a'
parameter 3: 'b'
parameter 4: '2'

This code demonstrates the ease of variable parameters, which is somewhat of a black art in C. However, Perl has no subroutine prototypes as such. you get no syntax checking of the subroutine at 'compile' time. You have to manually check your parameters inside your function.

Scoping

Beware: the parmaters you pass in are modifiable.
for example:
Perl
sub modify {
$_[0] = 7; # more funkiness with $_, as first element of @_
}
$i = 5;
print($i\n");
modify($i);
print("$i\n");
^D
5
7

Beware that the name of the variable needs to be scoped.

#!/usr/bin/perl
sub printme {
($label, $value) = $_;
print $label;
}
$label = 5;
printme (4,6);

outputs
[code5

Lexical scoping is done with my. You don't really have to declare variables in perl (without 'use strict;'). my is an operater with operator scope that creates a lexical scope. While this can be abused, it means you don't have to reinvent $i, $k, $j or other such variables for simple counters.

So:

#!/usr/bin/perl -w
sub printme {
my ($label, $value) = $_;
...
This makes the whole list (both $label and $value) local to printme.

sub printme {
(my $label, $value) = $_;
...
This makes $label local, but $value is still global.

To get help on this, start your scripts with:

#!/usr/bin/perl -w
use strict; # the strict module will warn about possible misuse of vars.

Now, to rewrite with scoping and strict:

#!/usr/bin/perl -w
use strict;
sub mysub {
print ("mysub:\n);
for (my $i = 0; $i < @_; ++i) {
print(" paramter ", $i+1, ": '$_[$i]'\n");
}
}
mysub 1,2,3,'eric';
mysub('hi', 'bye');
my @l = ('a', 'b');
mysub(1, @l, 2);

Output is same as before.

Note that the context is very important. A scalar context for an array (such as comparing with <) returns the size of the array. (#$array returns the index of the last element, normally the size-1). Some things want list context and will return all the parts of the array. print takes a list and will need to have the scalar(@array) function used.

From the above:
sub mysub {
my (@l) = @_;
print("mysub with", scalar(@l), "parameters\n");
...
works. Without the scalar(), it does something very different.

Note that using an array as above will consume all the options passed to the array. Empty or inifinte, the first @array will suck up your variables.

Perl modules

Perl modules work poorly together, but are a big attraction as everything your system can do probably has a Perl modules wrapping it.

Database access is very well integrated. (The db was setup ahead of time.)
For example (the hardway) inputing the /etc/passwd into a (mysql) database:
#!/usr/bin/perl -w
use strict;
# use the dabase interface module
use DBI;
# take the url, get a handle if it fails, quit
my $db_handle = DBI->connect('dbi:mysql:test') or die;
# you have to prepare a statement in SQL before using it
# note that the '?' replaces paramters, cleanly (DBI does escaping for you)
#the x5 operator repeates the ',?' 5 times
#note that the 'in' statement part of SQL is not available with this
my $statement_handle = $db_handle->prepare('insert into Passwd values (?' . ',?'x6 . ')');
while (<>) { # file IO via <> means to take input from STDIN or the 1st thing on the command line
my @f = split(/:/,$_); # split takes a regex and breaks up it's inpurt into an array based on it.
$statement_handle->execute(@fileds);
}

For example, to use the db for getting info out:
#!/usr/bin/perl -w
use strict;
use DBI;
my $dbh = DBI->connect('dbi:mysql:test') or die;
my $sth = $dbh->prepare('select name, gcos from Passwd');
$sth-execute();
while (my $r = $sth->fechrow_hashref) {
# note that $sth->fetch returns an array.
# $r here is actually a scalar containing a reference to a hash
my @gcos = split(/,/, $r-{gos});
# split any empty scalar, get a zero length array, so be fancy
push(@gcos, '') unless @gcos; #shift, unshift and pop,push implement queues and stacks, respectively using lists. unless takes a scalar reference so @gcos will be true if containing sometings.
print("$r->{user}:$gcos[0]\n");
}

Named parameters

Modules use a lot of objects and named parameters. Objects are an advanced and inconsistent topic which we will skip.

What do you do if you have a sub with tones of parameters, most of which are optional? Named parameters. The modules use this extensively. Think of a hash. To use them, your subroutines will use a hash to slurp up the parameters instead of an array.

for example:

sub namedparms {
my %p = @_;
for my $name (sort keys %p ){
print ("$name: $p{$name}\n");
}
}
namedparams(@ARGV);
# @ARGV is the paramters of the script
namedparams(user1 => 'eric', user2 = 'eli');

This script prints out:
user1: eric
user2: eli

You can make odd errors with named parameters (e.g. hashes must have an even number of parameters) which will show up later.

Linux SIG 2006-12-07

Discussion of ADs in the monitor, Oklahoman, other newspapers.

History of sig.

Eric - stand-in for the real group head, who is teaching a class.

Today: advanced Perl DB, CGI and etc.

Couple of new guys.

Big intros:
Eric - old Solaris guy with HP-UX, Digital experience. Linux was a toy until about RedHat 3. Used RedHat up to about Fedora Core 4, then switched to Ubintu starting with 5.04. Doesn't get to play that much since his dirsto's have to earn the paycheck. Didn't matter, his package tools had become apt anyway.

Ron - first experiences were with Mac systems, exposed to RedHat. Became an HP-UX admin, then moved through Fedora, RedHat, Ubuntu, etc. Very familiar with rpms, but having to climb the dpkg ladder.

JDP - works as a admin.

Guest #1 - AIX user at work. Seen slackware at home. Really new to this.

Alan (guest #2) - new to Linux. Seen RedHat, SuSE, Debian. Seen most all the installs, just needs to know how to use it. Really attacted to themes, etc.

Ely - we've been doing the Linux SIG for a while. I work for DaVinci systems since Linux came on floppies. Using Ubuntu. Lots of experience, please as a lot of questions.

Guest 3 - Used AIX. Started using RedHat on servers since 7. Not on desktop.

Roy - started on Linux. Does have to use a SCO box for mainframe access / installs. 6-7 years of light server and desktop. Small number of systems. Mostly Redhat, but primarily debian based now. LibraNet, mephis, Ubuntu and plain Debian.

Debian - pronounced like Debbie + Ian. History of rpm based distro's vs. debian based distro's. RPM: RedHat Pacakge Manager. Almost always associated with Redhat. Lots of Redhat derived distributions. Debian camp, very focused on pure open source and a looong distribution cycle (3-4 years per version.) Lots of commercial distros derived from Debian. Linspire, Xandros, Yellow Dog (hence yum - Yellowdog Update Manager) all include prettyness.

Linux community is focused around these distro's which are just software packaged with the Linux Kernel. Debian includes vasty quanities of software. The commercial versions pretty things up and release more frequently. Debian is the most plain. Debian uses stable (old) and testing and unstable. Point fixes are back-ported to testing (not stable) but unstable has the new toys and all the bug fixes (and bugs.)

Ubuntu and other commercials draw the line in the sand more freuqnetly. 6.06 Ubuntu is going to have long-term support, but Ubuntu will be releasing every 6 months.

Note on packages: in the Microsoft Windows world you don't ship a single peice of software, you also ship every single dependancy that it takes. In Microsoft's world, the 3rd parties integrate a lot of add-ons but very loosly. In Linux you integrate heavily and only ship the software you want to install. The dependancies should be found on the existing system and each integrated together.
Almost always your packages depend on other packages which in turn have their own dependanceis, ad infinitum. Thus in Linux you have to track many packages that you need. Computers are good at tracking these, so tools were written in Linux to solve this. rpm kept track of dependancies. On top of rpm was up2date. Along with up2date was yum. For Debian, debs begat dpkg which begat apt (and aptitude, etc.)

Question about Perl: installing CPAN and Perl Source packages on a system with no networking.

You can d/l and install packages individually.
You can d/l and create a CD(DVD) of most CPAN to handle the depnancies.

Perl Part 4

Re: last time we put the /etc/passwd file into a MySQL database called test using perl.

junk3 (plus a little)

#!/usr/bin/perl -w
use strict;
use DBI;

my $dhb = DBI->connect('dbi:mysql:test') or die;
my $sth = $dbh->prepare('insert into Passwd value(?'. ',?'x6 . ')');
while (<>) {
my @fields = split(/:/, $_);
chomp($fields[$#fields]); # added to correct a bug
$sth->execute(@fields);
}

Remember that the ? is a placeholder used by prepare. DBI handles all the special cases for escaping when you do the execute. And if fields contains more or less than 7 'fields' the execute will fail fatally. Note the use of x6 to repeate the ',?' string 6 times. Note that Eric has a nifty demo website showing how to exploit very poor SQL using code that is subject to 'SQL injection' errors. Also note that if you are attaching to a database with a script or any application programatically you can't avoid embedding some form of password or authentication method. Use segregation and seperation of access to limit exposure. (e.g. user grants in MySQL.)

One of the huge usages of Perl and databases is to write dynamic websites.


- You could print out a table
- You could respond to a URL with a dump (ala slashdot.org)
- You could generate the html pages and leave it on a server for a while.

junk6 (if you are tracking 'junk' numbers. I'm not.)

#!/usr/bin/perl -w
use strict;
use DBI;

my $dbh = DBI->connect('dbi:mysql:test');
my $sth = $dbh->prepare('select * from Passwd');
print ('<html><head><title>Passwd</title></head><body>Passwd Table',
'</table>');
$sth->execute();
while (my $r = $sth->fetch) {
print('<tr>');
for my $col (@$r) {
print("<td>$col</td>");
}
print('</tr>');
}
print("</table></boby>\n");
}
$dbh->disconnect();

Run it and you can view the output in a web browser. However, there is a better way than re-running this script (and the other script) everytime that the database changes.

HTML and HTTP used to be all about passing fixed text documents around. People quickly figured out that you probably want to automate a lot of this. CGI was born to do this. Nobody uses CGI anymore (envrinment variables set before running a script) but everything looks like CGI due to the inheritance. You can write CGI in shell scripts, outputing HTML code to the webbrowser. Perl is very good at manipluating text, HTML code is text. Perl and environment variables are not good to mix (gets confusing fast) so we have the CGI package.

man CGI

Note that CGI uses the raw HTTP connection, so it can generate anything: images, movies, plain text and HTML code for webpages.

From the manual page for CGI, the object-oriented method:

#!/usr/local/bin/perl -w
use CGI;
$q = new CGI;
print $q->header,
$q->start_html('hello world'),
$q->h1('hello world'),
$q->end_html;

Example of putting junk6 into /var/www as junk.cgi and restarting Apache without AddHandler CGI. You get the source code of your script. Restarting apache with the AddHandler CGI statement, setting the group on the cgi file, adding execute permission and setting ExecCGI on Options for /var/www.

Connect to the apache server as
http://localhost/junk.cgi
Note that the headers were not printed, so you get an error (type 500).

Same as above, but add to junk.cgi before 1st print statement:

use CGI;

and

print $p->header;


Dynamic code:

#!/usr/bin/perl -w
use strict;
use DBI;
use CGI;

my $dbh = DBI:connect('dbi:mysql:test');
my $query = new CGI;
my $user = $query->param('user');
print($query->header);
if (defined $user) {
print('<html><head><title>stuff</title></head><body>');
my $sth = $dbh->prepare('select * from Passwd where user=?');
$sth->execute($user);
my $r = $sth->fech; # may get >1 or 0, beware
if ($r) {
for my $col ($r) {
print ("$col<br>");
}
} else {
print ("Error: not found!");
}
print("</body></html>
} else {
my $sth = $dbh->prepare('select * from Passwd');
print('<html>...');
... as before ...
$sth-execute();
}
$dbh->disconnect();

Now connect to the cgi
http://localhost/juni.cgi?user=eric
and get Eric's entry in his /etc/passwd table as dumped into the database by the other script and pulled out by this script.

Q&A

Q: Why no more CGI?

A: performance. With good old fashined CGI you are loading the Perl interpreter (possibly a module) do some preperation and then executing the code and unload. Over and over and over we are loading the interpreter and compiling the code. Very redundant, very slow. Two answers: extended CGI since a lot is done prior to running the script at all and use daemon running all the time in parallel. (Nobody uses it, similar to mod-jserv for Tomcat which crashes a lot.) The second answer: load the perl interpreter into the server and run the script from the server (mod-perl). No changes to script, just change the apache config to use mod-perl. Get high performance. (maybe 10x requests ro 50x requests with good Perl)

At the other extreme, you could write a compiled C module but the improvment over mod-perl would be small. mod-perl is even available for IIS.

PHP used to use CGI, but now uses a module too.