Archive for December 2005

Shootings in Bangalore

leave a comment »

This news about shooting at IISc concerns me. How could this happen in a place so serene and peaceful, with a tall compound and round the clock armed security guards at the gate? Why would one want to kill these scientists and researchers who strive to serve the people? With condolences to Dr Puri, I pray for all those injured and my teacher Vijay Chandru to recover soon.

I mostly resort to technorati or to hear more details on latest news and views, since most newspapers and TV websites lack details.

Compared to apparent apathy to street shootings in San Francisco, the police authorities in Bangalore have shown a strong sense of responsibility, with a massive manhunt going on to find the terrorists.
In contrast, some bay area TV stations, while reporting a shooting, often say that “the victim was at the wrong place at the wrong time” – as if street killings are a norm and the victim was at fault for getting shot!


Written by chandanlog

29 Dec 2005 at 1:16 am

Posted in General

OpenSolaris 2006 Calendars

with 9 comments

Here is a set of 2006 printable calendars with OpenSolaris related events. These were made with OpenOffice and exported to PDF format. The 12 page calendar (3.9 MB) features
glimpses of OpenSolaris in 2005. The 6 page (2 months per page) calendar (573 KB) contains some vintage-ish posters on OpenSolaris. Both have Sara’s Xmas tree for the last page.

My personal calendar (2.5 MB) has some of my 12 popular photos from my flickr site.

You can use the blank OpenOffice Calendar-template-Lx12.sxc, to create your own personalized calendars. The calendar template will show the pages for next 12 months by default. You can change the date in the cell containing first month’s name (also pointed by a note) to get calendars for any year you wish. You can modify the colors, fonts, page style etc from the style list (Format –> Styles and Formatting; or press F11) then modify the style you want to change. You can insert your own pictures. After you print them, fold a narrow strip of paper or card-board in the middle and clip it with a paper clip on top. Viola! your new calendar is ready to adore your wall!

Written by chandanlog

28 Dec 2005 at 1:08 pm

Posted in Solaris

Instruction Level Time Travel in Solaris

with 2 comments

Last week an associate professor from Michigan, prof Peter Chen was here demonstrating a novel tool that can record and reply execution of an Operating System at instruction level. It is a simple concept – you record the initial state of the OS, then log every interrupt and input.
(as he says record the “I” in IO and any non-deterministic events)
Once you have done that you can basically “replay” the running of the OS. You can pause, rewind and forward as you wish.

His demo was stunning. He booted up a red hat linux with gnome desktop in user mode linux, randomly opened a few windows and terminals, created ssh keys. Then he replayed it. All the windows opened exactly as they were in the previous run, and to the much exclamation of the crowd, the ssh-keys were the same! He had to assure some people that it was not a screen capture and video replay.

Professor says that this tool is coming to Xen, which means
you can record a Solaris execution and replay it. It would be a great help in debugging, since you can now go back or forward in time,
as you wish. It can watch for a variable, in back time. find when it was modified, who modified etc.,

Written by chandanlog

21 Dec 2005 at 3:26 pm

Posted in Solaris

SchilliX Nexenta and BeleniX

leave a comment »

A wallpaper for the year end, summarizes the three OpenSolaris community distributions this year.
Schilli, the “knight in shining amour” and mascot of SchilliX leads the
Nexenta Giraffe with Celtic Sun God Belenos of BeleniX shining in the backdrop.
Isn’t the OpenSolaris community a more cheerful, bright and sunny place?


Written by chandanlog

21 Dec 2005 at 2:39 pm

Posted in Art

ZFS I am impressed!

leave a comment »

When I had initially played around with zfs, I wasn’t surprised.
Just like you wouldn’t be surprised if the next Steven Spielberg movie was a block buster, Jeff Bonwick’s file system had to be revolutionary.

What really impressed me (and motivated to blog about it) is this small thing
that I thought would not work, but it worked like a charm:
I am setting up various zfs file systems for a variety of purposes,
each with different options and properties. I wanted to see a list of all that I just did. zfs list shows a list with default properties like NAME USED AVAIL REFER MOUNTPOINT. I wanted to see more and zfs -? gave a long list like:

type             NO       NO   filesystem | volume | snapshot
creation         NO       NO   <date>
used             NO       NO   <size>
available        NO       NO   <size>
referenced       NO       NO   <size>
compressratio    NO       NO   <1.00x or higher if compressed>
mounted          NO       NO   yes | no | -
origin           NO       NO   <snapshot>
quota           YES       NO   <size> | none
reservation     YES       NO   <size> | none
volsize         YES       NO   <size>

You can run

zfs list -o name,available,compressratio

to just list filesystem name, available space and compression. Instead of just copy pasting the properties from the above list, I tried

zfs list -o all

to my greatest surprise it worked!
It listed all the properties! I really didn’t expect it to be this user friendly (for example ps which doesn’t understand ps -o all)

Written by chandanlog

18 Dec 2005 at 12:58 am

Posted in Solaris

Security Ideas for Solaris University Challenge Contest

with 3 comments

Here are some security ideas that come to my mind to suggest for Solaris 10 University Challenge Contest.

  1. Come up with an exploit prevention mechanism, may be using DTrace.
    For eg. assume a new security vulnerability is discovered in Apache,
    before patches are available for Apache, your mechanism would prevent
    Apache from being exploited, if there is an attempted exploit. You may use some “Process Destructive Actions”
    in DTrace or you may do something more innovate and less harmful.
  2. Write a modern fuzz for OpenSolaris, that may parse SGML man pages,
    automatically figures out command line args, environmental variables,
    or use DTarce to dynamically find these. It could also fuzz library
    calls and system calls.
    It could do many more tests like giving large arguments, large environments,
    large and random files as input. Whether you win the university challenge or not,
    you will certainly be hero in the eyes of security community.
    You would also get a totally worthless but sincere acknowledgment
    in our Security Sun Alerts.
  3. Use the concepts of LiveSystem to visualize security roles, profiles(1)
    auths(1) user_attr(4) and privileges(5) and other security features in Solaris 10.
    This configuration is currently spread over multiple files and difficult to get the big picture.
  4. Create a “system integrity verification OpenSolaris liveCD” that, boots from a CD, detects any Solaris 10 instances on the hard disk, then verifies the Solaris ELF signatures of system binaries using elfsign(1) verify, and reports a summary if it found anything tampered. Could be useful if you suspect your system was compromised
  5. More later as I dig through my notes and home directory…

Written by chandanlog

16 Dec 2005 at 2:01 pm

Posted in Security

LiveSystem! See the System Live and more..

with 2 comments

This idea was rotting er.. dormant in the back of my mind for a long time [see a comment I made back in Sep 2004].

Here is a screenshot of a dummy prototype

Currently it only shows processes that were programmatically added after collecting data from a DTrace script that printed execname, pid, parent pid.
Assume that processes which are big are consuming more memory and processes which are reddish are consuming more CPU, and bluer are consuming less CPU resources.
You can drag things around, and it automatically adjusts itself when processes get created or deleted.

It is written in C and uses GnomeCanvas library. I could have used Cairo, but libgnomecanvas was already there on Solaris.
I initially tried using libgraph from AT&T’s graphviz which is an excellent tool for graph layout; but it did not meet some requirements outlined below.

I thought it would be a cool idea for the Solaris 10 University Challenge Contest. Any students who want to pick this up from here are welcome. Knowledge of Graph Theory, Operating System Concepts, and Computer Graphics would be helpful. It could help as a teaching aid, showing the system as its developers envisioned live! If it is usable and fast, it could be the substitute GUI for system administration and monitoring.

These are these simple concepts or assumptions for its design:

  1. Model: The system is a graph (mostly tree or a forest)
  2. Model: There are two types of nodes:
    1. box nodes: which contain everything under them (like zones, users, roles)
    2. object nodes: which are icons representing objects (devices, processes, printers, hard disk, sound)

    Edges show some relation ship (parent-child, processes listening on a network interface) or interaction(reading/writing to a device)

  3. View: The system is visualized just like the way its designers visualized or drew
    them in presentations or technical papers.
    OR the system developers should be able to draw the system using a pencil and a paper
  4. View: Assume an infinitely big paper is available, and can be zoomed in and out if the drawing is bigger.
  5. View: The tree is drawn using a “fast incremental stable tree layout algorithm”
    Which means,
    1. incremental: It is faster to compute the new layout, given an old layout and a change (either addition, deletion of edge or node)
    2. stable: Number of nodes moved due to incremental layout must be small.
    3. predictable: Positions of nodes must not change by a limit.
  6. View: Objects have properties which becomes visually shown.
    (eg. color of a process node might indicate CPU usage, size indicate memory usage)
  7. Controller: There are events that trigger additions/deletions to edges and nodes.(DTrace; also see Brendan Gregg’s excellent DTrace collection)
  8. Controller: There are simple actions that can be performed on the nodes (like killing a process, restarting a service, rebooting a zone, offlining a CPU etc..)

As a design guideline unlearn that things like drop down menus, option buttons, lists and tables exist. Think from a fresh perspective! do not try to mimic or copy administration tools on Microsoft Windows or Apple. Apply Chandan’s law i.e “Make the common case faster and easier”. It does not have to do “everything” – just the most common cases (which may be wanting to see “the status of something”, to identify processes that are taking too much CPU time or disk I/O)

Written by chandanlog

14 Dec 2005 at 5:55 pm

Posted in Solaris