weblog d’un abbe

20080115

Wanna seek pleasure in confinement

Filed under: Hacking — abbe @ 2049

SELinux is the way to go, if you wanna seek pleasure in confinement ;). SELinux is a real cool thing, which gives you the power to confine applications on your desktop. Its always one of my fantasies to have a system, where software only does what it is supposed to do. And SELinux is one such system, where you’ve to precisely define what all an application requires (i.e. its specification), e.g. if it needs to output something on user’s console, it needs write access to user’s (t|p)ty*, etc. Since December, 2007, I’m practicing confinement using SELinux on my Gentoo Hardened box running standard SELinux policy from refpolicy20071214 sources. And I’ve also started a SELinux policies project named sepolicies to host my SELinux policies. Currently the project has SELinux policies for 4 applications, namely backuppc, ctrlproxy, gw6c, and pdnsd. Anyone interested in contributing to SELinux policies can communicate with me. I’m abbe on #selinux in irc.freenode.net. Anyways, happy confinement :)

Advertisements

20080111

intel.com DNS admins suck bigtime

Filed under: Fun — abbe @ 1641
[wahjava@laptop ~]$ dig +trace www.intel.com

; <> DiG 9.5.0a6 <> +trace www.intel.com
;; global options:  printcmd
.                       514004  IN      NS      C.ROOT-SERVERS.NET.
.                       514004  IN      NS      D.ROOT-SERVERS.NET.
.                       514004  IN      NS      E.ROOT-SERVERS.NET.
.                       514004  IN      NS      F.ROOT-SERVERS.NET.
.                       514004  IN      NS      G.ROOT-SERVERS.NET.
.                       514004  IN      NS      H.ROOT-SERVERS.NET.
.                       514004  IN      NS      I.ROOT-SERVERS.NET.
.                       514004  IN      NS      J.ROOT-SERVERS.NET.
.                       514004  IN      NS      K.ROOT-SERVERS.NET.
.                       514004  IN      NS      L.ROOT-SERVERS.NET.
.                       514004  IN      NS      M.ROOT-SERVERS.NET.
.                       514004  IN      NS      A.ROOT-SERVERS.NET.
.                       514004  IN      NS      B.ROOT-SERVERS.NET.
;; Received 228 bytes from 172.18.33.125#53(172.18.33.125) in 1 ms

com.                    172800  IN      NS      A.GTLD-SERVERS.NET.
com.                    172800  IN      NS      G.GTLD-SERVERS.NET.
com.                    172800  IN      NS      L.GTLD-SERVERS.NET.
com.                    172800  IN      NS      B.GTLD-SERVERS.NET.
com.                    172800  IN      NS      I.GTLD-SERVERS.NET.
com.                    172800  IN      NS      H.GTLD-SERVERS.NET.
com.                    172800  IN      NS      E.GTLD-SERVERS.NET.
com.                    172800  IN      NS      D.GTLD-SERVERS.NET.
com.                    172800  IN      NS      M.GTLD-SERVERS.NET.
com.                    172800  IN      NS      C.GTLD-SERVERS.NET.
com.                    172800  IN      NS      J.GTLD-SERVERS.NET.
com.                    172800  IN      NS      K.GTLD-SERVERS.NET.
com.                    172800  IN      NS      F.GTLD-SERVERS.NET.
;; Received 491 bytes from 202.12.27.33#53(M.ROOT-SERVERS.NET) in 923 ms

intel.com.              172800  IN      NS      ns1.intel.com.
intel.com.              172800  IN      NS      ns2.intel.com.
intel.com.              172800  IN      NS      ns3.intel.com.
intel.com.              172800  IN      NS      ns4.intel.com.
;; Received 167 bytes from 192.35.51.30#53(F.GTLD-SERVERS.NET) in 1022 ms

www.intel.com.          60      IN      CNAME   www.intel.com.edgesuite.net.
.                       113388  IN      NS      C.ROOT-SERVERS.net.
.                       113388  IN      NS      D.ROOT-SERVERS.net.
.                       113388  IN      NS      E.ROOT-SERVERS.net.
.                       113388  IN      NS      F.ROOT-SERVERS.net.
.                       113388  IN      NS      G.ROOT-SERVERS.net.
.                       113388  IN      NS      H.ROOT-SERVERS.net.
.                       113388  IN      NS      I.ROOT-SERVERS.net.
.                       113388  IN      NS      J.ROOT-SERVERS.net.
.                       113388  IN      NS      K.ROOT-SERVERS.net.
.                       113388  IN      NS      L.ROOT-SERVERS.net.
.                       113388  IN      NS      M.ROOT-SERVERS.net.
.                       113388  IN      NS      A.ROOT-SERVERS.net.
.                       113388  IN      NS      B.ROOT-SERVERS.net.
;; Received 280 bytes from 143.183.152.22#53(ns3.intel.com) in 1001 ms

Forget the latency of my internet connection, but WTF is this TTL of 60s for http://www.intel.com. Are they running their servers on Dynamic IP boxes, hmm… Even DNS records of more popular sites like http://www.google.com and http://www.yahoo.com has TTL of 300s.

[wahjava@laptop ~]$ dig +trace www.google.com

; <> DiG 9.5.0a6 <> +trace www.google.com
;; global options:  printcmd
.                       513848  IN      NS      L.ROOT-SERVERS.NET.
.                       513848  IN      NS      M.ROOT-SERVERS.NET.
.                       513848  IN      NS      A.ROOT-SERVERS.NET.
.                       513848  IN      NS      B.ROOT-SERVERS.NET.
.                       513848  IN      NS      C.ROOT-SERVERS.NET.
.                       513848  IN      NS      D.ROOT-SERVERS.NET.
.                       513848  IN      NS      E.ROOT-SERVERS.NET.
.                       513848  IN      NS      F.ROOT-SERVERS.NET.
.                       513848  IN      NS      G.ROOT-SERVERS.NET.
.                       513848  IN      NS      H.ROOT-SERVERS.NET.
.                       513848  IN      NS      I.ROOT-SERVERS.NET.
.                       513848  IN      NS      J.ROOT-SERVERS.NET.
.                       513848  IN      NS      K.ROOT-SERVERS.NET.
;; Received 260 bytes from 172.18.33.125#53(172.18.33.125) in 1 ms

com.                    172800  IN      NS      M.GTLD-SERVERS.NET.
com.                    172800  IN      NS      A.GTLD-SERVERS.NET.
com.                    172800  IN      NS      B.GTLD-SERVERS.NET.
com.                    172800  IN      NS      C.GTLD-SERVERS.NET.
com.                    172800  IN      NS      D.GTLD-SERVERS.NET.
com.                    172800  IN      NS      E.GTLD-SERVERS.NET.
com.                    172800  IN      NS      F.GTLD-SERVERS.NET.
com.                    172800  IN      NS      G.GTLD-SERVERS.NET.
com.                    172800  IN      NS      H.GTLD-SERVERS.NET.
com.                    172800  IN      NS      I.GTLD-SERVERS.NET.
com.                    172800  IN      NS      J.GTLD-SERVERS.NET.
com.                    172800  IN      NS      K.GTLD-SERVERS.NET.
com.                    172800  IN      NS      L.GTLD-SERVERS.NET.
;; Received 504 bytes from 198.41.0.4#53(A.ROOT-SERVERS.NET) in 701 ms

google.com.             172800  IN      NS      ns1.google.com.
google.com.             172800  IN      NS      ns2.google.com.
google.com.             172800  IN      NS      ns3.google.com.
google.com.             172800  IN      NS      ns4.google.com.
;; Received 168 bytes from 192.54.112.30#53(H.GTLD-SERVERS.NET) in 957 ms

www.google.com.         604800  IN      CNAME   www.l.google.com.
l.google.com.           86400   IN      NS      a.l.google.com.
l.google.com.           86400   IN      NS      b.l.google.com.
l.google.com.           86400   IN      NS      c.l.google.com.
l.google.com.           86400   IN      NS      d.l.google.com.
l.google.com.           86400   IN      NS      e.l.google.com.
l.google.com.           86400   IN      NS      f.l.google.com.
l.google.com.           86400   IN      NS      g.l.google.com.
;; Received 276 bytes from 216.239.36.10#53(ns3.google.com) in 1059 ms

[wahjava@laptop ~]$ dig +trace www.l.google.com

; <> DiG 9.5.0a6 <> +trace www.l.google.com
;; global options:  printcmd
.                       513825  IN      NS      K.ROOT-SERVERS.NET.
.                       513825  IN      NS      L.ROOT-SERVERS.NET.
.                       513825  IN      NS      M.ROOT-SERVERS.NET.
.                       513825  IN      NS      A.ROOT-SERVERS.NET.
.                       513825  IN      NS      B.ROOT-SERVERS.NET.
.                       513825  IN      NS      C.ROOT-SERVERS.NET.
.                       513825  IN      NS      D.ROOT-SERVERS.NET.
.                       513825  IN      NS      E.ROOT-SERVERS.NET.
.                       513825  IN      NS      F.ROOT-SERVERS.NET.
.                       513825  IN      NS      G.ROOT-SERVERS.NET.
.                       513825  IN      NS      H.ROOT-SERVERS.NET.
.                       513825  IN      NS      I.ROOT-SERVERS.NET.
.                       513825  IN      NS      J.ROOT-SERVERS.NET.
;; Received 292 bytes from 172.18.33.125#53(172.18.33.125) in 1 ms

com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
com.                    172800  IN      NS      e.gtld-servers.net.
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
com.                    172800  IN      NS      h.gtld-servers.net.
com.                    172800  IN      NS      i.gtld-servers.net.
com.                    172800  IN      NS      j.gtld-servers.net.
com.                    172800  IN      NS      k.gtld-servers.net.
com.                    172800  IN      NS      l.gtld-servers.net.
com.                    172800  IN      NS      m.gtld-servers.net.
;; Received 494 bytes from 199.7.83.42#53(L.ROOT-SERVERS.NET) in 387 ms

google.com.             172800  IN      NS      ns1.google.com.
google.com.             172800  IN      NS      ns2.google.com.
google.com.             172800  IN      NS      ns3.google.com.
google.com.             172800  IN      NS      ns4.google.com.
;; Received 170 bytes from 192.31.80.30#53(d.gtld-servers.net) in 966 ms

l.google.com.           86400   IN      NS      a.l.google.com.
l.google.com.           86400   IN      NS      b.l.google.com.
l.google.com.           86400   IN      NS      c.l.google.com.
l.google.com.           86400   IN      NS      d.l.google.com.
l.google.com.           86400   IN      NS      e.l.google.com.
l.google.com.           86400   IN      NS      f.l.google.com.
l.google.com.           86400   IN      NS      g.l.google.com.
;; Received 258 bytes from 216.239.32.10#53(ns1.google.com) in 351 ms

www.l.google.com.       300     IN      A       72.14.235.99
www.l.google.com.       300     IN      A       72.14.235.104
www.l.google.com.       300     IN      A       72.14.235.147
;; Received 82 bytes from 66.249.93.9#53(d.l.google.com) in 949 ms
[wahjava@laptop ~]$ dig +trace www.yahoo.com

; <> DiG 9.5.0a6 <> +trace www.yahoo.com
;; global options:  printcmd
.                       513788  IN      NS      J.ROOT-SERVERS.NET.
.                       513788  IN      NS      K.ROOT-SERVERS.NET.
.                       513788  IN      NS      L.ROOT-SERVERS.NET.
.                       513788  IN      NS      M.ROOT-SERVERS.NET.
.                       513788  IN      NS      A.ROOT-SERVERS.NET.
.                       513788  IN      NS      B.ROOT-SERVERS.NET.
.                       513788  IN      NS      C.ROOT-SERVERS.NET.
.                       513788  IN      NS      D.ROOT-SERVERS.NET.
.                       513788  IN      NS      E.ROOT-SERVERS.NET.
.                       513788  IN      NS      F.ROOT-SERVERS.NET.
.                       513788  IN      NS      G.ROOT-SERVERS.NET.
.                       513788  IN      NS      H.ROOT-SERVERS.NET.
.                       513788  IN      NS      I.ROOT-SERVERS.NET.
;; Received 292 bytes from 172.18.33.125#53(172.18.33.125) in 1 ms

com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
com.                    172800  IN      NS      e.gtld-servers.net.
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
com.                    172800  IN      NS      h.gtld-servers.net.
com.                    172800  IN      NS      i.gtld-servers.net.
com.                    172800  IN      NS      j.gtld-servers.net.
com.                    172800  IN      NS      k.gtld-servers.net.
com.                    172800  IN      NS      l.gtld-servers.net.
com.                    172800  IN      NS      m.gtld-servers.net.
;; Received 491 bytes from 199.7.83.42#53(L.ROOT-SERVERS.NET) in 386 ms

yahoo.com.              172800  IN      NS      ns1.yahoo.com.
yahoo.com.              172800  IN      NS      ns2.yahoo.com.
yahoo.com.              172800  IN      NS      ns3.yahoo.com.
yahoo.com.              172800  IN      NS      ns4.yahoo.com.
yahoo.com.              172800  IN      NS      ns5.yahoo.com.
;; Received 201 bytes from 192.12.94.30#53(e.gtld-servers.net) in 328 ms

www.yahoo.com.          300     IN      CNAME   www.yahoo-ht3.akadns.net.
.                       3600000 IN      NS      A.ROOT-SERVERS.net.
.                       3600000 IN      NS      B.ROOT-SERVERS.net.
.                       3600000 IN      NS      C.ROOT-SERVERS.net.
.                       3600000 IN      NS      D.ROOT-SERVERS.net.
.                       3600000 IN      NS      E.ROOT-SERVERS.net.
.                       3600000 IN      NS      F.ROOT-SERVERS.net.
.                       3600000 IN      NS      G.ROOT-SERVERS.net.
.                       3600000 IN      NS      H.ROOT-SERVERS.net.
.                       3600000 IN      NS      I.ROOT-SERVERS.net.
.                       3600000 IN      NS      J.ROOT-SERVERS.net.
.                       3600000 IN      NS      K.ROOT-SERVERS.net.
.                       3600000 IN      NS      L.ROOT-SERVERS.net.
.                       3600000 IN      NS      M.ROOT-SERVERS.net.
;; Received 277 bytes from 68.142.255.16#53(ns2.yahoo.com) in 1289 ms

LoL on Intel customers. I’m also one of them :(

From an Emacs Lisp n00b

Filed under: Hacking — abbe @ 1219

Emacs Lisp, a dialect of LISP used by Emacs category of Operating Systems, is a cool language to learn. Yesterday, while trying to figure, what to do to test my n00b Emacs Lisp skills, I got this idea. As, I’d used Borland C/C++ IDE for around 5 years during 10+2 days, and I became addicted to its key bindings. Later, when I started using Emacs in 2003, I felt the problem of key bindings, which are totally different, like Alt+W to copy text, and Ctrl-Y to paste text. But that time, I felt lazy to learn Emacs customization stuff, so I decided to learn Emacs keybindings. But, yesterday I decided to implement some of the Borland IDE key bindings to my Emacs, so I hacked following Emacs Lisp code for my ~/.emacs.

;; Author: Ashish Shukla 
(defun enable-mode-if-disabled (modename)
  "Enables mode 'modename' if disabled"
  (if (not (eval modename))
	  (funcall modename)))

(defun compile-current-file()
  "Compiles current file (only for `emacs-lisp-mode')"
  (interactive)
  (if  
	  (not (eq buffer-file-name nil))
	  (if (eq major-mode 'emacs-lisp-mode)
		  (byte-compile-file buffer-file-name))))

(defun execute-current-file()
  "Executes current file (only for `emacs-lisp-mode')"
  (interactive)
  (if
	  (and (not (eq buffer-file-name nil)) (eq major-mode 'emacs-lisp-mode))
	  (load-file buffer-file-name)))

(defun describe-current-word()
  "Describes `current-word', if it is defined as symbol"
  (interactive)
  ;; intern-soft the current-word to see if a symbol exists
  ;; with this name.
  (if (not (eq (intern-soft (current-word)) nil))
	  ;; cool symbol exists, so retrieve the symbol
	  (let ((sym (intern (current-word))))
		;; if it is a 'function'
		(if (functionp sym)
			;; then describe function
			(describe-function sym)
		  ;; else describe variable
		  (describe-variable sym)))))

;; Borland Turbo C bindings
;; nothing special for C hackers, but Emacs LISP hackers
;; F2 - Save Buffer
(global-set-key [f2] 'save-buffer)
;; F3 - Load Buffer
(global-set-key [f3] (key-binding (kbd "C-x C-f")))
;; F5 - Execute currently loaded LISP file
(global-set-key [f5] 'execute-current-file)
;; F6 - Switch to other window
(global-set-key [f6] (key-binding (kbd "C-x o")))
;; F9 - Compile currently loaded LISP file to bytecode
(global-set-key [f9] 'compile-current-file)

;; not a Borland Turbo C keybinding
;; F7 - Describes current-word in Help window
(global-set-key [f7] 'describe-current-word)

(enable-mode-if-disabled 'font-lock-mode)
(enable-mode-if-disabled 'transient-mark-mode)
(enable-mode-if-disabled 'global-font-lock-mode)
(enable-mode-if-disabled 'show-paren-mode)
(enable-mode-if-disabled 'tooltip-mode)

(enable-mode-if-disabled 'line-number-mode)
(enable-mode-if-disabled 'column-number-mode)

(if (eq window-system nil)
	(enable-mode-if-disabled 'xterm-mouse-mode))

(mwheel-install)

(set-face-foreground 'default "white")
(set-face-background 'default "black")

(if (eq window-system 'x)
	(set-default-font 
	 "-b&h-luxi mono-medium-r-normal--*-95-100-100-m-0-iso10646-1"))

(setq default-tab-width 4)

Anyone interested in learning Emacs Lisp can try out similar stuff. Anyways, happy Emacs-ing ;)

20080103

How Split Debug Symbols work ?

Filed under: Research — abbe @ 0147

I’ve been using a custom built package for a software since a long time, But it used to crash (reproducible) sometimes, so tonight I thought, it’ll be great to debug the problem, so I checked my package directories to see if I’ve built any -dbg package (I use Gobuntu, a distro based on Debian, so no -debuginfo packages for me :-P ). And I found that I’ve not built any -dbg package, so I quickly added --dbg-package=foo-dbg to dh_strip (yup I use debhelper too) invocation in binary-arch target of debian/rules Makefile, and also added a entry for foo-dbg in debian/control. And, then I built (dpkg-buildpackage -rfakeroot) and installed (dpkg -i) the -dbg package.

Now, I fired gdb, started executing foo, it SIGSEGVed, and I did bt, oops no symbols listed. So, then I joined #gdb on irc.freenode.net, and there bauermann told me that about debug-file-directory option in gdb. I showed that option, and found that it is set to /usr/lib/debug. Then I tried manually loading symbols, using symbol-file option. And symbols are loaded without any problem.

Now, the problem is how to autoload those symbols, so I followed the path of RTFM and then I opened gdb.info, searched for debug-file-directory, and there I found this:

So, for example, if you ask GDB to debug `/usr/bin/ls', which has a
link containing the name `ls.debug', and the global debug directory
is `/usr/lib/debug', then GDB will look for debug information in
`/usr/bin/ls.debug', `/usr/bin/.debug/ls.debug', and
`/usr/lib/debug/usr/bin/ls.debug'.

and this:

A debug link is a special section of the executable file named
`.gnu_debuglink'.

And then I did objdump -x /usr/bin/foo |fgrep debuglink to see if it has .gnu_debuglink section, oops, its not present. So, I installed the newly built package, as I’ve only installed -dbg package earlier. And now again I did objdump -x /usr/bin/foo |fgrep debuglink, and this time its present.

So I fired gdb again, and started executing foo, and now this time when it SIGSEGVed, I’m able to get the symbol names, and the line no. where it segfaulted. So gdb rocks :)

Create a free website or blog at WordPress.com.