MS Word: changing individual bullets

Managing lists has always been a pain in MS Word.
My most recent issue: whenever you change an item in a list in MS Word 2007, the whole list tends to change along and you see the dreaded lightning icon, indication MS Word did more than you asked:

Sometimes you don't want that, e.g.  i could use different bullets within a list level to convey a special meaning:

This tip gave me a solution: If you only want to change one item in the list, select the end of paragraph mark of the item (supposing you have enabled displaying these) and then change the bullet. Your modification will be limited to this one bullet.

Search engine client virus

A recent bunch of virusses (gumblar and bahama botnet (youtube demo)) redirect your search results to advertising sites before going to the desired target.
You never get to see the intermediate sites, but they gain money through advertisement hits.

Solaris zones components

Commands

• zoneadm: manage a zone
• zonecfg: configure a zone
• zlogin: login to a zone
  
  
  • -C: console
• ps –z <zone>: list only <zone> processes from global zone

Zone state transitions and associated commands 

• Alternate commands can exist
• A Solaris OS in a zone is only initialised (sysidtool) upon first console login.
• The shutdown commands are executed from within the zone.

Daemons

• zoneadmd: zone manager
• zsched:  scheduler in the zone

Files

• /etc/zones/index: index configured zones (and their state)
• /etc/zones/<zone>.xml: per zone configuration file (from zonecfg)

Links

FAQ
BrandZ FAQ
Zones limitations\
Sun Management Center GUI

Add an external USB disk to solaris (x86)

These are the steps I took to add an external USB disk to my x86 Solaris station, partition it and put ufs filesystems on it.

• Tell the removable volume manager to leave USB disks alone
  
  
  • edit /etc/vold.conf
    
    

    # commented the following line
    # use rmdisk drive /dev/rdsk/c*s2 dev_rmdisk.so rmdisk%d
    

    
    
  • Activate the configuration change
    
    

    # svcadm refresh volfs
    

    
    
  
  
• attach the USB drive
• lookup the USB device name
  
  

  # rmformat
  Looking for devices...
       1. Volmgt Node: /vol/dev/aliases/cdrom0
          Logical Node: /dev/rdsk/c0t0d0s2
          Physical Node: /pci@0,0/pci-ide@6/ide@0/sd@0,0
          Connected Device: LITE-ON  DVD SOHD-16P9S   F3S2
          Device Type: DVD Reader
       2. Logical Node: /dev/rdsk/c2t0d0p0
          Physical Node: /pci@0,0/pci108e,5347@2,1/storage@4/disk@0,0
          Connected Device: ST316021 2A               0000
          Device Type: Removable
  

  
  
• Solaris x86: create a Solaris fdisk partition on the device
  
  

  # fdisk -B /dev/rdsk/c2t0d0p0
  

  
  
• Partition the drive. The format expert option is needed for the drive to show up:
  
  

  # format -e
  Searching for disks...done
  
  AVAILABLE DISK SELECTIONS:
         0. c1t0d0 <DEFAULT cyl 9726 alt 2 hd 255 sec 63>
            /pci@0,0/pci108e,5347@7/disk@0,0
        1 . c2t0d0 <DEFAULT cyl 19454 alt 2 hd 255 sec 63>
            /pci@0,0/pci108e,5347@2,1/storage@4/disk@0,0
  Specify disk (enter its number): 1
  ...
  

  
  
• Now partition the drive.
  
  
  • Solaris x86: keep clear of cylinder0. It is in slice 8 and reserved for the VTOC and booting (grub).
  
  
• create a file system on your partition(s) (I ignored the warning)
  
  

  # newfs /dev/rdsk/c2t0d0s0
  Warning: setting rpm to 60
  newfs: construct a new file system /dev/rdsk/c2t0d0s0: (y/n)? y
  ...
  

  
  
• Add the file system to /etc/vfstab
  
  

  ...
  /dev/dsk/c2t0d0s0       /dev/rdsk/c2t0d0s0      / stuff      ufs     1       yes
  

  
  
• mount the file system

# mount /stuff

Command line SunSolve registration

Before you can use smpatch you need to register your system with SunSolve.
After installing you are prompted for installation when you log in to the desktop.
If you did not do this, you can register from the Applications>Utilities>Update Manager GUI program.
Both utilities also allow you to create a sunsolve user account if you did not have one yet.
If you only want to register your system from the commandline, here's the procedure

# cp /usr/lib/breg/data/RegistrationProfile.properties /tmp
# vi /tmp/RegistrationProfile.properties
userName=jan
password=xxx
# sconadm register -a -r /tmp/RegistrationProfile.properties
# rm /tmp/RegistrationProfile.properties

Solaris Volume Manager Components

Commands

GUI

smc

Manage state database replicas

• metadb
  
  • -a: add
    
    • -f: force: overwrite existing data
    • -c n: count, number of replica on each slice

    # metadb –a –c 2 c1t1d0s7 c2t1d0s7 c3t1d0s7

  • -d: delete all replicas on a slice
    

    # metadb –d c3t1d0s7

  • -i: info

Information on logical volumes and their status

• metastat [<volume>]
  
  • -p: print in md.tab format

Manage logical volumes

• metainit: create logical volumes
  
  • Soft partition: logical volume on a part of a physical partition or disk. As long as space remains on the device, you can make additional soft partitions.

# metainit -p d<number> <device> <soft partition size>

# metainit -p d20 c0t1d0s6 10G

• RAID 0
  

  # metainit d<number> <length> <width> <device> [<width> <device>]...
  

  # metainit d1 2 2 c1t1d0s6 c2t1d0s6 3 c0t1d0s5 c1t1d0s5 c2t1d0s5
  

• <length> is the number of concatenations
• <width> is the number of stripes in each concatenation
• -f: force creation even if data is present. Data can be preserved if width=1.
• RAID 1
  

  # metainit -m d<number> <logical volume>
  

  # metainit -m d10 d1
  

  RAID 5
  

  # metainit -r d<number> <device>...
  

  # metainit -r d20 c0t1d0s5 c1t1d0s5 c2t1d0s5
  

     Hot spare pool
  

  # metainit -hsp<number>  <device>...
  

  # metainit -hsp010 c1t1d0s5 c2t1d0s5

• Soft partitions

• # metainit d<number> –p <device> <size>

  # metainit d20 -p c1t3d0s2 4g

  
  

  
  

  
  

Files

•  /etc/lvm/md.tab: default location for reading (metainit) and writing (metastat) metadevice configuration



• /etc/lvm/md.cf: system privat file with meatainit state (as in md.tab)



• /etc/lvm/mddb.cf: metastate database locations



• /kernel/drv/md.conf: kernel file with metastate database info (do not edit) and volume manager configuration info (e.g. maximum number of logical volumes)

Standard RAID levels

RAID stands for Redundant Array of Inexpensive Disks, because these techniques were originally applied to replace en expensive reliable disk with multiple cheap unreliable disks.

• RAID 0: not one of the original RAID levels as it does not increase reliability
  
  • striping: write evenly across two disks (or partitions)
  • concatenation: continue on another disk when the first is full
    
    • often not considered RAID0
• RAID 1: mirroring, write all data to multiple disks
• RAID 0+1, RAID 1+0: stripe and mirror, mirror and stripe
• RAID 2: write all data evenly to multiple disks, but use dedicated disk for parity checks. Distribute data at the bit level. Obsolete, because individual disks now use bit level parity checking..
• RAID 3: Same as RAID 2, but distribute data at the byte level. Rarely used.
• RAID 4: Same as RAID 2, but distribute data at the block (stripe) level. Rarely used.
• RAID 5: Same as RAID 4, but no dedicated parity disk. Commonly used.
• RAID 6: Same as RAID 5, but uses two parity blocks.
  • Not one of the original RAID levels. 

Plenty of vendors use other, non standard numbers and variant

Solaris Role Based Access Control (RBAC) components

 

Files, relations and informative commands

• An execution profile record belongs to the rights profile that is in its first (name) field.
• Default rights profiles and authorisations are in /etc/security/policy.conf

Configuration commands

• usermod/rolemod
• useradd/roleadd
• userdel/roledel
• -R roles (only for usermod/useradd)
• -P rights profiles
• -A authorisations

BSD 4 unix man page bugs

• ls


• ls has too many options


• tunefs


• You can tune a file system but you can't tune a fish
  

inetd and SMF

The internet daemon, , listens on ports for network service requests. When a request arrives it starts the appropriate service. Before Solaris 10 services under control of inetd were configured using the  /etc/inet/inetd.conf file.
In Solaris 10inetd still has the same function, but network services are now configured using SMF (see SMF components).


Runninig inetconv will convert all inetd.conf services to SMF services and enable them. When Solaris 10 boots for the first time it will run inetconv -e.This options does not convert services to SMF, but only enables inetd.conf services that already exist in SMF.

In the SMF manifest files for network services, you can see that SMF delegates management to inetd. Here are some lines from /var/svc/manifest/network/ftp.xml (S10u7):

       <restarter>
                <service_fmri value='svc:/network/inetd:default' />
      </restarter>

inetadm will list all services under inetd control. It has options that allow you to do things similar to svcadm and svccfg.

Service Management Facility (SMF) components

In SMF, service instances are identified by a Fault Management Resource Indicator. The structure of an FMRI is <prefix>:/<class>/<service>:<instance>Example: svc:/system/cron:default
Prefixes:

• svc: SMF managed services
• lrc: legacy run command, pre Solaris 10 style services
• file: for expressing dependencies on files

Commands

• svcs: services information.
  • svcs [FMRI|pattern]: list services, pattern can be a part of an FMRI and can include wildcards (example: “*nfs*”)
    • -a: all - include disabled services
    • -d: dependencies - show services this service depends upon
    • -D: dependents - show services that depend on this service
    • -xv: which services are in maintenance mode (not running) and why (v = verbose)
    • -p: list associated processes
• svcprop <FMRI>: list service properties
  • -p <[group/]property> : list only these properties

    # svcprop –p start/exec cron
/lib/svc/method/svc-cron

• svcadm: Service administration (management)
  
  • svcadm enable <FMRI>: start (and monitor)
    
    • -t: temporary - the service will not be restarted after reboot
  • svcadm disable <FMRI>: stop
    
    • -t: temporary - the service will still be restarted on reboot
  • svcadm restart: stop, then start
  • svcadm refresh: reread configuration (after svccfg)
  • svcadm clear: clear maintenance mode, ask the service monitor to start a service after an error condition is resolved
  • svcadm milestone FMRI: go to milestone (does not change run level)
    
    • -d: set milestone as default target for system boots (initial default: all)
• svccfg: service configuration
  • svccfg import <file>: import an xml service manifest in the binary service repository
  • svccfg export <FMRI>: write an xml service manifest to standard output
  • svccfg delete <FMRI>: remove a service definition from the binary service reporitory
  • svccfg extract > site.xml: extract current services state (enabled/disabled…) to a file
  • svccfg apply <file>: apply state (enabled/disabled…) of services in file
  • svccfg –s <FMRI> setprop <some/property> = value: set property
  • svccfg: interactive mode

    # svccfg
svc:> list
system/console-login
system/device/local
…
svc:> select cron
svc:/system/cron> listprop *
usr dependency start/user astring root
…
svc:/system/cron> setprop start/user = astring: sys
svc:/system/cron> quit
    

• /usr/svc/bin/restore_repository: restore (corrupt) binary repository from automatic backup

Daemons

• /lib/svc/bin/svc.configd: performs the actions scheduled by configuration commands like svccfg
• /lib/svc/bin/svc.startd: monitors and restarts services

Files

• /var/svc/manifest/<class>/<service>.xml: manifest for <service> of <class>
  
  • example: /var/svc/manifest/system/cron.xml
  • stores service definition
  • managed using SMF commands
• /var/svc/profile/<profile>.xml: predefined service (enabled/disabled…) configurations.
  Profiles automatically applied after OS install/upgrade:
  • generic.xml: OS profile
  • site.xml: site specific profile
• /etc/svc/repository.db: binary service repository
• /lib/svc/method: directory with start, stop, restart scripts. Manifests refer to these scripts
  
  • example: /lib/svc/method/svc-cron
  • scripts are similar to legacy /etc/init.d scripts
• /var/svc/log/<class>-<service>:<instance>.log
  
  • per <service> <instance> log
  • example: /var/svc/log/system-cron:default.log
• /etc/svc/volatile/class>-<service>:<instance>.log
  • logs before the single user milestone is reached '(only root mounted)
  • example: /etc/svc/volatile/system-zones:default.log

GUI

• smc
• webmin

Links

• inetd and SMF
• Bigadmin: SMF Service developer introduction.
• SMF manifest cheat sheet
• OpenSolaris SMF FAQ

Solaris patch access

While the Solaris OS is free, support comes at a cost. The exact policy is not very stable.
Currently, even to access the recommended patches you need a support contract. When a new Solaris update is released (roughly twice a year), it is freely downloadable and will include all recommended patches.
Only a limited number of patches are free (like patches to the patch tools). Since Sun was acquired by Oracle free access to security patches has stopped. Here are the links to see all Solaris patches since the last update (takes a while to load):

For SPARC-based systems:

http://sunsolve.sun.com/show.do?target=patches/zos-s10

For x86–based systems:

http://sunsolve.sun.com/show.do?target=patches/zos-x10

The non-free patches have the symbol at the left.

Solaris Live upgrade/patch resources

• docs.sun.com: Solaris 10 8/07 Installation Guide: Solaris Live Upgrade and Upgrade Planning
• Solaris Live upgrade How To guide (requires registration)
• How To Use Solaris Live Upgrade to Install Patches
• Maintaining Solaris with Live Upgrade and Update On Attach blueprint (requires registration)

Solaris version numbering

SunOS	Solaris	Flavour
SunOS 4	Solaris 1 (retroactive name)	BSD (Berkeley)
SunOS 5.0	Solaris 2.0	SVR4 (System five)
SunOS 5.1	Solaris 2.1	SVR4 (System five)
…	…	…
SunOS 5.6	Solaris 2.6
SunOS 5.7	Solaris 7
SunOS 5.8	Solaris 8
…	…

To get the SunOS release number:

$ uname –r
5.10
To get the update within a release:

$ cat /etc/release
Solaris 10 5/09 s10s_u7wos_08 SPARC
…
This is Solaris 10 update 7, released 5/2009
Solaris user commands are typically in /usr/bin.
You find other flavours  of these commands (if different) in

• /usr/ucb (Berkeley)
• /usr/xpg4/bin (X/Open Portability Guide v4 compliant)

SMS hack

Smart phone hacks by sending an SMS have been reported. How can a plain dumb short txt turn viral?
The hack works by tweaking the message headers. The SMS can execute malicious code on the smart phone (the example in this case is an iPhone, but other phones have other vulnerabillities). You do not even have to read the SMS.

Java EE bloat

Amen Adam. Blog by Adam Bien.

Microsoft GPL's Linux device drivers

To allow Linux systems to run well on top of Windows virtualisation technology Microsoft has GPL'd the necessary device drivers.
Although this is a move to sell more Windows servers, the mere fact that Microsoft GPL's code is significant. Micorsoft used to call GPL's copyleft a virus , because it states that GPL code can only be used in code that is also GPL'd.

The wheel is not a perfect circle

JavaRanch registration terms

Stop asian youth pr0n

China will join the Belgian government in the struggle against porn.
All PC's sold in China will have to be shipped with "youth escort" (!?) software that will filter out pornographic websites.
It is known that the Great Firewall of China concentrates on filtering politically sensitive content,
so the motives behind this move are questionnable.

Firefox plugin: split browser

Allows yout to have a Norton commander like multi pane browser. Handy when you're having to work on one page with data from another page.
I'm still missing tabs in the other panes, but otherwise another great firefox plugin.
Warning: does not interact well with firebug's split screens.

JSP/servlet authentication

You can define authentication in the web.xml deployment descriptor of a web application.

1. Define roles

   <security-role>   
     <role-name>admin</role-name>    
   </security-role>    
   <security-role>    
     <role-name>boss</role-name>    
   </security-role>
   User definition is web container dependent. 

2. Define protected resources

   <security-constraint>   
     <display-name>Goodies</display-name>    
     <web-resource-collection>    
       <web-resource-name>Goodies</web-resource-name>    
       <description/>    
       <url-pattern>/Cookies</url-pattern>    
       <url-pattern>/Smarties/*</url-pattern>    
     </web-resource-collection>    
     <auth-constraint>    
       <description/>    
       <role-name>admin</role-name>    
       <role-name>boss</role-name>    
     </auth-constraint>    
   </security-constraint>

   Take care:
   • Is only guaranteed for cookie based sessions
   • Does not apply to forward and include
3. Define authentication method

   <login-config>   
     <auth-method>FORM</auth-method>    
     <realm-name/>    
     <form-login-config>    
       <form-login-page>/login.jsp</form-login-page>    
       <form-error-page>/login-error.jsp</form-error-page>    
     </form-login-config>    
   </login-config>

   The authentication form is supposed to have a POST action called j_security_check and j_username and j_password input fields.
   Other HTTP authentication methods are
   • BASIC: clear text password (base64 encoded)
   • DIGEST: hashed password (works in Firefox and IE 7+)
   • CLIENT-CERT: mutual certified SSL

routing components / Solaris 10

• Commands
  • route: manage routing table
  • netstat -rn: view routing table
  • routeadm: enable/disable routing services
  • svcadm: enable/disable routing services (in addition to routeadm from Solaris 10 8/7)
    • route
    • ipv4-forwarding
  • traceroute: test and show route to system
• Daemons
  
  • /usr/sbin/in.routed
    
    • RIPv1
    • RIPv2
    • RDISC
• Files
  • /etc/defaultrouter: default route for static routing
  • /etc/gateways: in.routed configuration file
  • /etc/routing.conf: routeadm persistent state. From Solaris 10 8/7 this information moves to SMF.
  • /etc/inet/static.routes: route command persistent state (subject to change)
    

IPMP components / Solaris 10

• Commands
• ifconfig: configure interfaces
• if_mpadm: change interface state
• -d detach
• -r reattach
• Daemons (SMF network/initial)
• /usr/lib/inet/in.mpathd
  
• -a alert to syslog daemon.error (undocumented)
• Files
• /etc/default/mpathd: boot time defaults
  
• /etc/hostname.interface: per interface configuration file for ifconfig

solaris stealth sniffing

A network interface that is sniffing the network is in promiscuous mode: it accepts packets that are not destined for its ethernet address.
You can try to detect a promiscuous interface by tricking it into replying to a packet that is not sent to its ethernet address (e.g. a malformed packet).

In Solaris you can make all such attempts fail by bringing the interface down.

# ifconfig bge0 down
# snoop -d bge0

Still you can sniff on that interface!

Ethernet Media

• 10Base5: 10 mm diameter (thick)

• 10Base2: 5 mm diameter (thin), BNC (Bayonet Neill-Concelman) connector

• 10BASE-T: twisted pair, 2 mm diameter, RJ45 plug
  • UTP (unshielded twisted pair)

• STP (shielded twisted pair)

• S/UTP (shielded calbe with UTP wires)

• thin /thick /twisted pair sockets

• 1000BASE-X: Fibre optic

Network Time Protocol (NTP) components/ Solaris 10

• RFC 1305 NTPv3
  
• Commands
• xntpdc: xntpd control, has interactive mode with subcommands
• ntpq: ntp query, has interactive mode with subcommands
• ntptrace [host]: get hierarchy of ntp servers for host
  
• ntpdate: one time sync with a server
• Daemons (SMF network/ntp)
• /usr/lib/inet/xntpd
• Files
• /etc/inet/ntp.conf: default configuration file
  
• Links
• Using NTP to Control and Synchronize System Clocks - Part I: Introduction to NTP
  
• Using NTP to Control and Synchronize System Clocks - Part II: Basic NTP Administration and Architecture
• Using NTP to Control and Synchronize System Clocks - Part III: NTP Monitoring and Troubleshooting
  
• Network Time Protocol
• NTP FAQ
  
• Trivia
• NTP server accuracy levels are called strata. Strata are geological soil layers.
  

ISO/OSI - TCP/IP network layers

mvn site

We're using maven 2 as a build system in our project. Now that I'm writing the doc, the site generator comes in handy.
The doc shows a good list of information you can generate out of the box.
Just make sure you include the index goal, or you won't have an index.html top file.
The rest of the documentation is terse, as usual in maven, but there's a nice javaworld article on the topic.
As I'm just generating doc, not pusing to a web server I need to link to all my different modules on disk. You do this by using the staging goal:

# mvn site:stage -DstagingDirectory=C:\projectlocal

i had a heap overflow running this, so i had to set an environment variable to increase it:

#set maven_opts=-xmx1024m -xx:maxpermsize=128m

Stopkinderporno.com blocked

Because kinderporno.com published information that is a violation of privacy regulations, the Belgian department of justice ordered the site to be blocked by Belgian providers.
Internet had the promise of guaranteeing free speech.
Governments that do not allow free speech (China, Iran...) selectively block access to internet sites abroad.
A site is blocked now for a reason on which a majority agrees (74% on an objective site like destandaard.be).
But this is a dangerous precedent for blocking free speech whenever the law(yers) feel like it.
They should fight the sites themselves with legal means, instead of breaking internet communication. Even if that battle is hard.

Java on Google App Engine

Finally Google adds Java to its cloud.
Free hosting for small consumers.
Free usage for

• 6.5 hours of CPU time /day
• 1 gigabyte data transfers / day
• 1 gigabyte storage
• 2000 mail recipients

Above that the service is paying.

I signed up today. They are using a mobile phone based verification.

The application registration is a bit broken: names that are indicated as free when you enter them in the form, are not available when you register the application( Issue 1038).

Eclipse for Silverlight

Silverlight is Microsoft's lightweight silver bullet to kill Adobe Flex (who cares about JavaFX).
In a push to counter Adobe Flex's multiplatform argument, Microsoft sponsors the develoment of a Silverlight plugin in Eclipse.
Silverlight is supported on Windows and Mac by Microsoft and on Linux by the Mono Moonlight project.
Lacking code suggestion and debugging tools, The plugin is no real competition for Micorosoft's commercial tools (Visual Studio and Expression).

Subatomic storage

Stanford Univiersity searchers succeeded in storing more than one bit per attom, by encoding information in the wave functions of electrons (if I understood the article well). The team markets this as Quantum holographic encoding and claims to have stored 35 bits per electron.
Good to know that Schrodinger's equation, Hamiltonian operators, eigenvalues and eigenfunctions have their use.

EJB3 default interceptors

To apply an interceptor class (auctionsystem.infra.EJBMonitor in this example) to all beans, add to the deployment descriptor (ejb-jar.xml):

<ejb-jar>
  <interceptors>
    <interceptor>
      <interceptor-class>auctionsystem.helper.EJBMonitor</interceptor-class>
    </interceptor>
  </interceptors>
  <assembly-descriptor>
    <interceptor-binding>
      <ejb-name>*</ejb-name>
      <interceptor-class>auctionsystem.helper.EJBMonitor</interceptor-class>
    </interceptor-binding>
  </assembly-descriptor>
</ejb-jar>

The order in which interceptors are called is:

1. default interceptors
2. class level interceptors (interceptors on superclasses are called first)
3. method level interceptors

To overrule calling of interceptors with larger scope use these annotations:

1. @ExcludeDefaultInterceptors
2. @ExcludeClassInterceptors

There are similar defaults for JPA, but these don't work currently in glassfish (issue 2821)

Glassfish error loading EJB client application container application

Whenever you load an EJB standalone client to be run within a client container into Glassfish 2 you get this error (with a whole stack trace following it):

Error attempting to process extensions from the manifest of JAR file C:\projectlocal\netbeans\SL351_D2\project\Auction\dist\gfdeploy\Auction-ejb.jar; ignoring it and continuing
java.io.FileNotFoundException: C:\projectlocal\netbeans\SL351_D2\project\Auction\dist\gfdeploy\Auction-ejb.jar (The system cannot find the file specified)

The error can be safely ignored, as Tim Quinn explains.

Still it clutters other server output, so I tend to set the deployment logging level (javax.enterprise.system.tools.deployment) to severe in the glassfish console to get rid of it. I just switch it back when in doubt.