Back­ground info

The FreeBSD linux com­pat­i­bil­ity envi­ron­ment cur­rently uses RPMs from Fedora 10. Unfor­tu­nately Fedora 10 is end of life since a while. For one of the RPMs (the pango one) we where aware of a secu­rity vul­ner­a­bil­ity. As we do not know if it is fea­si­ble to update the lin­ux­u­la­tor ports to some­thing more recent, I decided to setup a VM with Fedora 10 and gen­er­ate a new RPM for the linux-f10-pango port. Thanks to Luchesar V. ILIEV for explain­ing me how to do this.

Setup of the VM

I used Vir­tu­al­Box 4.0.4 on a Solaris 10 x86 machine. I con­fig­ured a fixed size disk of 16 GB and kept the default net­work setup (after installing the guest tools / ker­nel mod­ules I switched to vir­tio, as I was not able to do any­thing use­ful besides a ping) and RAM size. The CD/DVD drive was con­fig­ured to use the image of the full Fedora 10 DVD for i386 systems.

Setup of Fedora 10

Boot­ing the VM from the DVD leads to the graph­i­cal Fedora 10 install soft­ware (after chos­ing to install a new sys­tem on the con­sole). There I accepted all the defaults, except for the soft­ware to install. I des­e­lected the Office and Pro­duc­tiv­ity group and selected the Soft­ware Devel­op­ment group. When I was asked if I want to install some addi­tional RPMs I had a look at the com­plete list and installed some I thought are nec­es­sary. I do not remem­ber any­more which ones I chose, but every­thing which looks related to RPM build­ing is a good candidate.

After a while the install will be fin­ished and you can boot into the new sys­tem (eject the DVD from the drive before reboot). After reboot chose to install the Guest Addi­tions in the menu of the VM. This should mount the ISO image in the VM. As root exe­cute the file for Linux. This will build some ker­nel mod­ules for bet­ter inte­gra­tion (e.g. seam­less inte­gra­tion of the mouse between your desk­top and the VM). At this point I rebooted and con­fig­ured vir­tio as the NIC. I also had to con­fig­ure the net­work set­tings by hand, as the GUI tool did not safe all the set­tings correctly.

Update and install of required RPMs

After the VM was up and the net­work con­fig­ured, I updated the entire sys­tem (chose Sys­tem Update in the menu). To update the pango port, I had to install the libthai-devel RPM. I had the RPM for it (and all the files I need to build a new pango RPM) already down­loaded, so I did a “yum install /path/to/rpm”. At this point I was ready to cre­ate the RPM build environment.

The RPM build environment

As a nor­mal user I exe­cuted the com­mand rpmdev-setuptree which cre­ates the direc­tory rpm­build and pop­u­lates it with some direc­to­ries. Now you just need to find a suit­able .spec file and put it into rpmbuild/SPECS, put the sources (and maybe patches ref­er­enced in the .spec file) into rpmbuild/SOURCES, and you are ready to go (I patched pango.spec for a more recent pango ver­sion, basi­cally just chang­ing the ver­sion num­bers). If you want to have a cus­tom pack­ager and ven­dor attribute in the RPM, you can add a line for each to ~/.rpmmacros, e.g. %pack­ager your­name­here and %ven­dor what­ev­eris­ap­pro­pri­ate. I used my @FreeBSD.org EMail address as the pack­ager, and FreeBSD as the vendor.

Build­ing a RPM

I used rpm­build –ba –tar­get i386-redhat-linux-gnu –clean rpmbuild/SPECS/pango.spec to build the new pango RPM. If every­thing is OK, the result­ing RPMs (a source RPM, a devel RPM, a debug­info RPM and the RPM for the bina­ries) are in rpmbuild/RPMS and rpmbuild/SRPMS. For a FreeBSD port we just need the source RPM (to com­ply to the (L)GPL) and the RPM for the binaries.

Addi­tional info

The i386-redhat-linux-gnu string which is used for the –tar­get option of the rpm­build com­mand is what seems to be used to build the Fedora 10 RPMs. After build­ing pango, the RPM has i686-pc-linux-gnu in some file­names instead (the default value for this setup). The bina­ries seem to be com­piled for i386, so there should be no prob­lem even for old systems.

In the last days I took (and even had) the time to install a VM with Fedora 10, updated all the pack­ages after instal­la­tion, and cre­ated a new linux–f10-pango port (v 1.28.3). I did this because the port has a secu­rity vul­ner­a­bil­ity accord­ing to our VuXML DB and there where more and more reports in the last months from users which had a prob­lem with this.

Dur­ing the update of the port I noticed that the port does not con­tain a FORBIDDEN entry, just por­tau­dit com­plains about it because there is an entry in the VuXML. That is not nice. I was told that the ports slush will be lifted soon (I need to bump some PORTRE­VI­SIONs), this means that I can com­mit the update prob­a­bly tomor­row, just in time when the new RPM should hit the FreeBSD dis­tri­b­u­tion infra­struc­ture (MASTER_SITE_LOCAL is updated once a day from a spe­cific folder in our home direc­to­ries).

Thanks to Luchesar V. ILIEV for the nice writeup of what to install in Fedora 10 to be able to build RPMs, and the descrip­tion of how to build your own RPM.

It seems I have a bit of free time now to take care about some FreeBSD related things.

As part of this I already com­mit­ted the UFS/FFS related FEATURE macros which where devel­oped by kibab@ dur­ing the Google Sum­mer of Code 2010. The net­work/ALTQ related FEATURE macros are in the hands of bz@, he already reviewed them and wants to com­mit them (with some changes) as part of his improve­ments of parts of the net­work related code.

The GEOM related FEATURE macros I just send some min­utes ago to geom@ for review. All the rest went out to hackers@ for review. The rest in this case is related to AUDIT, CAM, IPC, KTR, MAC, NFS, NTP, PMC, SYSV and a few other things.

If every­thing is com­mit­ted, it should look a bit like this if queried from user­land (not all fea­tures are shown, those are just the ones which are enabled in the ker­nel in one of my machines):

kern.features.scbus: 1
kern.features.geom_vol: 1
kern.features.geom_part_bsd: 1
kern.features.geom_part_ebr_compat: 1
kern.features.geom_part_ebr: 1
kern.features.geom_part_mbr: 1
kern.features.kposix_priority_scheduling: 1
kern.features.kdtrace_hooks: 1
kern.features.ktrace: 1
kern.features.invariant_support: 1
kern.features.compat_freebsd7: 1
kern.features.compat_freebsd6: 1
kern.features.pps_sync: 1
kern.features.stack: 1
kern.features.sysv_msg: 1
kern.features.sysv_sem: 1
kern.features.sysv_shm: 1
kern.features.posix_shm: 1
kern.features.ffs_snapshot: 1
kern.features.softupdates: 1
kern.features.ufs_acl: 1

After work­ing a long time with Solaris (I started with 2.5.1 at about the time when Solaris 7 was released in 1998), my cur­rent boss decided that it is time that I do a cer­ti­fi­ca­tion for it (clients like it). Two exams later I have it now:

Since yes­ter­day I am offi­cially an Ora­cle Cer­ti­fied Pro­fes­sional, Ora­cle Solaris 10 Sys­tem Admin­is­tra­tor.

The exam ques­tions where a bit strange. I asked myself if a real admin was proof read­ing them or not, but most prob­a­bly some­one with­out much knowl­edge about Solaris admin­is­tra­tion just took the study guides and tried to make some ques­tions out of it.

Any­way, my boss should be happy now, and I have some­thing to add to my CV.

Here is the list of the Word­Press plu­g­ins I have acti­vated since a long time. Some of them I could maybe deac­ti­vate (maybe 4 – 5) but some­how I was too lazy so far to make some time to have a look at this. All in all I regard most of them as essen­tial in some way for my blog.

• AddToAny: Share/Bookmark/Email But­ton
  Help peo­ple share, book­mark, and email your posts & pages using any ser­vice, such as Face­book, Twit­ter, Google Buzz, Digg and many more.
• AddToAny: Sub­scribe But­ton
  Help read­ers sub­scribe to your blog using any feed reader or feed service.
• After The Dead­line
  Adds a con­tex­tual spell, style, and gram­mar checker to Word­Press. Write bet­ter and spend less time edit­ing. Visit your pro­file to con­fig­ure. See the Proof­read­ing Sup­port page for help.
• Akismet
  Akismet checks your com­ments against the Akismet web ser­vice to see if they look like spam or not. You need an API key to use it. You can review the spam it catches under “Com­ments.” To show off your Akismet stats just put <?php akismet_counter(); ?> in your tem­plate. See also: WP Stats plugin.
• aLinks
  A Word­Press plu­gin that auto­mat­i­cally links key­words in your blog post.
• All in One SEO Pack
  Out-of-the-box SEO for your Word­Press blog.
• AskA­pache RewriteRules Viewer
  Dis­plays the Inter­nal Word­Press Rewrite Rules in Detailed Glory.
• Bet­ter Plu­gin Com­pat­i­bil­ity Con­trol
  Adds ver­sion com­pat­i­bil­ity info to the plu­g­ins page to inform the admin at a glance if a plu­gin is com­pat­i­ble with the cur­rent WP version.
• Bet­ter Search
  Replace the default Word­Press search with a con­tex­tual search. Search results are sorted by rel­e­vancy ensur­ing a bet­ter vis­i­tor search experience.
• Bro­ken Link Checker
  Checks your blog for bro­ken links and miss­ing images and noti­fies you on the dash­board if any are found.
• Change Admin User­name
  Lets you change your user­name to some­thing other than “admin”.
• Con­tex­tual Related Posts
  Show user defined num­ber of con­tex­tu­ally related posts.
• Cute Pro­files
  Cute Pro­files adds all your Social Pro­file icons ver­ti­cally on left or right side of your pages, which will remain vis­i­ble all the time though the page is scrolled and with­out con­sum­ing the side­bar space.
• Dash­board: Lat­est Spam
  Dis­plays the lat­est spam on your Word­Press 2.5+ dash­board so you can make sure there were no false pos­i­tives. Uses Defen­sio to hide obvi­ous spam if you have it installed.
• Easy Chart Builder
  Cre­ates a chart directly in your post or page via short­cut. Man­ages siz­ing of chart to sup­port wptouch and other mobile themes.
• Exploit Scan­ner
  Scans your Word­Press site for pos­si­ble exploits.
• FD Word Sta­tis­tics
  Com­putes Gunning-Fog, Flesch, and Flesch-Kincaid read­abil­ity indexes about posts as they are edited for the pur­pose of improv­ing their readability.
• GD Press Tools
  GD Press Tools is a col­lec­tion of var­i­ous admin­is­tra­tion, seo, main­te­nance and secu­rity related tools that can help with every­day blog tasks and blog optimizations.
• GD Sim­ple Wid­gets
  Col­lec­tion of pow­er­ful, easy to use wid­gets that expand default wid­gets. Plu­gin also adds few more must-have wid­gets for posts, authors and comments.
• GD Star Rat­ing
  GD Star Rat­ing plu­gin allows you to set up advanced rat­ing and review sys­tem for posts, pages and com­ments in your blog using sin­gle, multi and thumbs ratings.
• GeoSmart
  GeoSmart auto­mat­i­cally adds city-precise loca­tion infor­ma­tion for com­ment authors to com­ment meta­data. GeoSmart can also dis­play a Google map show­ing com­ment author dis­tri­b­u­tion across the globe. In addi­tion, GeoSmart ships with a mul­ti­ple instance capa­ble side­bar wid­get that dis­plays a map show­ing the loca­tions of the most recent vis­i­tors to your blog. Requires PHP 5 and Word­Press 2.8+. Map dis­play requires a Google Maps API Key.
• Global Trans­la­tor
  Auto­mat­i­cally trans­lates a blog in 48 dif­fer­ent lan­guages by wrap­ping four dif­fer­ent online trans­la­tion engines (Google Trans­la­tion Engine, Babelfish Trans­la­tion Engine, FreeTranslations.com, Promt). After upload­ing this plu­gin click ‘Acti­vate’ and then after­wards you must visit the options page and enter your blog lan­guage to enable the translator.
• Google XML Sitemaps
  This plu­gin will gen­er­ate a spe­cial XML sitemap which will help search engines like Google, Yahoo, Bing and Ask.com to bet­ter index your blog.
• Gra­vatar Signup Encour­age­ment
  Dis­plays mes­sage to users with­out gra­vatar that they don’t have one with link to Gravatar’s sign-up page (e-mail included).
• Health Check
  Checks the health of your Word­Press install
• http:BL Word­Press Plu­gin
  http:BL Word­Press Plu­gin allows you to ver­ify IP addresses of clients con­nect­ing to your blog against the Project Honey Pot database.
• Import HTML Pages
  Imports well-formed sta­tic HTML pages into Word­Press posts or pages. Requires PHP5. Now with Dreamweaver tem­plate sup­port and Word HTML cleanup.
• InfoLink
  Adds a but­ton to the Edi­tor, easy link­ing to Wikipedia, IMDB or add a link with google search.
• Limit Login Attempts
  Limit rate of login attempts, includ­ing by way of cook­ies, for each IP.
• One-Time Pass­word
  One-Time Pass­word Sys­tem con­form­ing to RFC 2289 to pro­tect your weblog in less trust­wor­thy envi­ron­ments, like inter­net cafés.
• Plu­gin Man­ager
  Plu­gin Man­ager lets you to view, down­load and install plu­g­ins from WordPress.org from an AJAX’ed inter­face, instead of man­u­ally down­load­ing, extract­ing and upload­ing each plugin.
• Plu­g­ins Garbage Col­lec­tor
  It scans your Word­Press data­base and shows what var­i­ous things old plu­g­ins which were deac­ti­vated, unin­stalled) left in it. The list of addi­tional data­base tables used by plu­g­ins with quant of records, size, and plu­gin name is shown.
• Quick Stats
  Logs hits with refer­rer, ip, host, client and url infor­ma­tion. RSS tracker fea­ture lets you tracker your vis­i­tors in near real­time using an RSS reader soft­ware.
• Search Meter
  Keeps track of what your vis­i­tors are search­ing for. After you have acti­vated this plu­gin, you can check the Search Meter sec­tion in the Dash­board to see what your vis­i­tors are search­ing for on your blog.
• SEO Smart Links
  SEO Smart Links pro­vides auto­matic SEO ben­e­fits for your site in addi­tion to cus­tom key­word lists, nofol­low and much more.
• Sim­ple Track­back Val­i­da­tion
  Elim­i­nates spam track­backs by (1) check­ing if the IP address of the track­back sender is equal to the IP address of the web­server the track­back URL is refer­ring to and (2) by retriev­ing the web page located at the URL used in the track­back and check­ing if the page con­tains a link to your blog.
• Smartlinker
  Smartlinker is a tool­bar on the Word­Press TinyMCE edi­tor that enables you to hyper­link words and phrases in your blog. A word/phrase can be the name of a per­son, place or thing.
• Table of Con­tents Cre­ator
  Table of Con­tents Cre­ator (TOCC) auto­mat­i­cally gen­er­ates a dynamic site wide table of con­tents that is always up-to-date. All entries are nav­i­ga­ble mak­ing your site very SEO friendly. TOCC can be con­fig­ured to dis­play sta­tic pages, blog entries and forum com­ments. Another great fea­ture of TOCC is the abil­ity to include anchor tags on any page marked with a spe­cial class. This fea­ture allows links to arti­cles, down­loads or even other sites to appear within the table of con­tents as if they are part of your site’s nav­i­ga­tion. To gen­er­ate a table of con­tents, sim­ply include the <!– toc-creator –> tag on any page, or use the handy page cre­ation fea­ture located on the plu­gin admin page.
• TinyMCE Advanced
  Enables advanced fea­tures and plu­g­ins in TinyMCE, the visual edi­tor in WordPress.
• Update Noti­fier
  Sends email noti­fi­ca­tions to the admin if a new ver­sion of Word­Press avail­able. Noti­fi­ca­tions about updates for plu­g­ins and themes can also be sent.
• Weasel’s No HTTP Author
  Checks to see if the author name in your com­ments con­tains “HTTP:” to help fil­ter out spam. This only sets the “spam” flag on the com­ment; Akismet does the dirty work and actu­ally removes and reports the comment.
• Where did they go from here
  Show “Read­ers who viewed this page, also viewed” links on your page. Much like Amazon.com’s prod­uct pages. Based on the plu­gin by Mark Ghosh.
• Who is Online
  Dis­plays who is cur­rently on your blog and for how long.
• WordPress.com Stats
  Tracks views, post/page views, refer­rers, and clicks. Requires a WordPress.com API key.
• WP-Polls
  Adds an AJAX poll sys­tem to your Word­Press blog. You can eas­ily include a poll into your WordPress’s blog post/page. WP-Polls is extremely cus­tomiz­able via tem­plates and css styles and there are tons of options for you to choose to ensure that WP-Polls runs the way you wanted. It now sup­ports mul­ti­ple selec­tion of answers.
• WP-Print
  Dis­plays a print­able ver­sion of your Word­Press blog’s post/page.
• WP-Stats-Dashboard
  Dis­plays the WordPress.com stats graph, your traf­fic and social met­rics mon­i­tor­ing on your dashboard.
• wp-Typography
  Improve your web typog­ra­phy with: (1) hyphen­ation — over 40 lan­guages sup­ported, (2) Space con­trol, includes: widow pro­tec­tion, glu­ing val­ues to units, and forced inter­nal wrap­ping of long URLs & email addresses, (3) Intel­li­gent char­ac­ter replace­ment, includ­ing smart han­dling of: quote marks, dashes, ellipses, trade­marks, math sym­bols, frac­tions, and ordi­nal suf­fixes, and (4) CSS hooks for styling: amper­sands, upper­case words, num­bers, ini­tial quotes & guillemets.
• WP Ajax Edit Com­ments
  The most pow­er­ful comment-editing solu­tion for Word­Press. Users can edit their own com­ments for a lim­ited time, while admins can edit all comments.
• WP Math Pub­lisher
  Dis­play math­e­mat­i­cal equa­tions within your posts and com­ments. Put your plain text math­mat­i­cal expres­sions between [pmath size=xx]…[/pmath] tags. The optional size attribute con­trols how large the images will be dis­played. Use­ful xx inte­ger val­ues range from 8 to 24. Size defaults to 12 when attribute omit­ted. Pas­cal Brachet’s PHP Math Pub­lisher library is included.
• WP Minify
  This plu­gin uses the Minify engine to com­bine and com­press JS and CSS files to improve page load time.
• WP Secu­rity Scan
  Per­form secu­rity scan of Word­Press installation.
• WP Super Cache
  Very fast caching plu­gin for WordPress.
• WP Update Mes­sage
  Add an update mes­sage to your pages or posts to let your read­ers know what has been updated.

I do not need some con­tact man­age­ment plu­gin, if some­one wants to con­tact me he can use my EMail address. I do not have a prob­lem hav­ing my EMail address in a robot-readable for­mat, my anti-SPAM soft­ware is well tuned for my mailbox.