2011-11-28

Samba-VirusFilter 0.1.3 Released

Samba-VirusFilter (the heir to samba-vscan) version 0.1.3 was released a few days ago [download].  Samba-VirusFilter supports ClamAV, F-Secure, and Sophos.  A sample ClamAV configuration snippet for your smb.conf looks like:
vfs objects = svf-clamav
svf-clamav:scan on open = yes | no
svf-clamav:scan on close = yes | no
svf-clamav:max file size = (bytes, default 10^8)
svf-clamav:min file size = (bytes, default 10)
svf-clamav:infected file action = nothing | quarantine | delete
svf-clamav:quarantine directory  = directory
svf-clamav:quarantine prefix = string
svf-clamav:infected file command = command
svf-clamav:scan error command = command
If you use a quarantine directory don't forget to make sure the Samba daemon will always have sufficient access to put files in there.

2011-11-27

Overlooked Content From 2011

Yes, it is almost 2012.
Looking back for overlooked content I'm compelled to mention the 2011 annual "LDAPCon" conference focused on directory services and LDAP; the organizers/hosts have made available some excellent videos and papers [index page]. These are an unrivaled source of information on the current state and future of directory services.
The same is also true of the annual SambaXP conference in relation to all things Samba and CIFS [2011 content index].
Podcast content in general tends to be lite and aimless fare;  those sources provide some meat for the meal.

All those SQLite databases...

Many current application use the SQLite database for tracking information; this includes F-Spot, Banshee, Hamster, Evolution, and others.  Even the WebKit component uses SQLite [you might be surprised to discover ~/.local/share/webkit/databases].  It is wonderfully efficient that there is one common local data storage technique all these applications can use,  especially since it is one that is managable using a universally known dialect [SQL]. But there is a dark-side to SQLite.  Much like old Dbase databases it needs to be vacuumed.  And how reliably are all those applications providing their little databases with the required affection?  Also, do you trust those lazy developers to have dealt with the condition of a corrupted database?   If an application hangs, or is slow, or doesn't open... maybe that little database is corrupted?
Aside: As a system administrator for almost two decades I do not trust developers. They still put error messages in applications like "File not found!".  Argh!
On the other hand SQLite provides a handy means of performing an integrity check on databases - the "PRAGMA integrity_check" command.  I've watched a few of these little databases and discovered that (a) they aren't often all that little, and (b) manually performing a VACUUM may dramatically reduce their on-disk size.  Both these facts indicate that developers are lazy and should not be trusted.
Note: in at least one of these cases the application has subsequently been improved. Developers do respond rather quickly when offered a blend of compliments spiced with bug reports.  No, I'm not going to name offending applications as that is too easily used as fodder by nattering nabobs.  And even the laziest Open Source developer is working harder than their proprietary brothers.
In light of this situation my solution is a hack - a Python script [download] that crawls around looking for SQLite databases.  First the script attempts to open the database in exclusive mode, then it performs an integrity check, and if that succeeds it performs a vacuum operation.  Currently it looks for databases in "~/.local/share" [where it will find databases managed by application appropriately following the XDG specification], "~/.cache", "~/.pki", "~/.rcc", and "~/.config".
Download the script and run it. Worst thing that happens is that it accomplishes nothing.  On the other hand it might recover some disk space, improve application performance, or reveal a busted database.

2011-11-25

gnome-tweak-tool

GNOME3 simplified many things.  In the process some settings and preferences got removed from the primary user interface.  A side-effect of that is a fair number of BLOG posts like "Dude where’s my settings?".  Many of these BLOG posts are informative; they explain how to get to the preference value via dconf either by the command line gsettings tool or the GUI dconf-editor [which replaces GNOME2's gconf-editor].  Both of those are good methods. Knowing how to use gsettings in case of an epic-fail situation is a very useful skill to have. On the other hand - most of the settings discussed in these posts can be easily tweaked using the appropriately named gnome-tweak-toolgnome-tweak-tool provides a friendly GUI to a variety of maybe-you-shouldn't-mess-with-this-but-here-we-are kind of preferences.  The gnome-tweak-tool package is available in the standard repositories for openSUSE 12.1

GAJ, Zeitgeist, & openSUSE 12.1

In openSUSE 12.1 the GNOME Activity Journal and Zeitgeist data hub are only a package install away -
zypper in gnome-activity-journal
Now the GNOME Activity Journal is available;  an excellent productivity tool.  Hopefully more data providers will appear soon.

Ctrl-Alt-Shift-V ... Pasting Happiness

If you cut or copy text from an application [especially a web browser] and then paste it into LibreOffice what you often get is formatted text, or at least some approximation of the text's original formatting.  This is awful.  When using LibreOffice appropriately all formatting is managed via the excellent support for styles. All you want is the text - and nothing about the text.  I've used the brute force solution in the past of bouncing my cut-n-paste through gedit.  Until I discovered Ctrl-Alt-Shift-V.  Yes, all four keys at once.  Ctrl-Alt-Shift-V is un-formatted paste [it pastes nothing but the text].  Pasting happiness!

2011-11-23

TortoiseHg & openSUSE 12.1

TortoiseHg is an excellent GUI for working with code from a Mercurial [aka Hg] repository.  You can just download the source and run "./thg". The previous version of TortoiseHg used PyGTK and pretty much just-worked.  Recently they switched to using Qt4.  Only once you install Qt4 support for Python the GUI still doesn't run - it fails with an error:
ImportError: No module named Qsci
What is "Qsci"?  "Qsci" is short hand for Qscintilla which is a Qt port of the Scintilla editing component.  This is provided to Python as the PyQt4.Qsci module.  This module is installed separately from the main Qt4 module in a package called "python-qscintilla" [notice a pattern where this feature of Qt4 is referred to by at least three names?].  Once you've run down this quirky daisy-chain of names it is just:
zypper in python-qscintilla
and now thg runs.

2011-11-01

Converting M4B's to MP3

I ended up with some M4B audio files; these are "MPEG v4 system, iTunes AAC-LC" files.  In order to reliably manage these files along with every other audio file [all of which are MP3] the simplest solution is just to convert them to MP3.  In order to accomplish that I dumped them back out to WAV using mplayer and re-encoded them to MP3 using lame.  Both lame and mplayer are available for openSUSE from the PacMan repositories, so you can easily install them via zypper.

mplayer "filename.m4b" -nojoystick -ao pcm:file=tmp.wav
lame -b 128 -q1 tmp.wav tmp.mp3

The "-nojoystick" option for mplayer isn't required but it prevents mountains of output about mplayer being unable to read the joystick device [most likely due to the fact that I don't have a joystick].  I left the bit-rate for lame at 128 since there is no point in re-encoding a file at a higher bit-rate than the originally encoded file - these files are mono-channel human speech not high-fidelity audio.

"samba-vscan" Is Dead, Long Live "samba-virusfilter"!

Noticed an interesting message on the Samba-Technical list today.  The Samba VFS module "samba-vscan" which has long been used to build integrated malware detection into Samba is no longer supported for the 3.6.x series.  SATOH Fumiyasu has been patching samba-vfs for 3.3 and up through 3.5; but with 3.6.1 he has created a new module named samba-virusfilter.  His message is here.