今天更新 Gentoo Linux 時, 在 sudo emerge -uvDNat world 之後, 發現 php-5.2.3 升到 php-5.2.4_pre200708051230, 然後 expat-1.95.8 升到 expat-2.0.1, 當下暗暗感覺不妙, 果不其然, 升級完之後 apache 就不會動了, 比方說執行 sudo /etc/init.d/apache2 stop 時, 會出現:

sojia [~] -pigfoot- sudo /etc/init.d/apache2 stop
/usr/sbin/apache2: error while loading shared libraries: libexpat.so.0: cannot open shared object file: No such file or directory

果然, 因為 expat-1.95.8 的是編出來的 libexpat.so.0, expat-2.0.1 會編出 libexpat.so.1. 我試著 rebuild apache 結果也一樣不行.

正確答案要這樣:

sojia [~] -pigfoot- sudo revdep-rebuild

就是把系統中, 會用到 libexpat 的套件都 rebuild 之後才會動. 給大家作個參考.

Popularity: 57% [?]

When I read the portage log of Gentoo Linux, I saw a interesting software called ngrep - network grep (net-analyzer/ngrep). Here is the description from official site:

ngrep strives to provide most of GNU grep’s common features, applying them to the network layer.

ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets.

It currently recognizes IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw across Ethernet, PPP, SLIP, FDDI, Token Ring and null interfaces, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

We can visit the Usage Section and learn more about how ngrep works and can be leveraged to see all sorts of neat things.

Example: Debugging HTTP interactions:

# ngrep -W byline port 80
interface: eth0 (10.1.1.10/255.255.252.0)
filter: ip and ( port 80 )
####
T 10.1.1.10:42177 -> 64.90.164.74:80 [AP]
GET / HTTP/1.1.
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; X11; Linux i686) Opera …
Host: www.darkridge.com.
Accept: text/html, application/xml;q=0.9, application/xhtml+xml;q=0.9 …
Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1.
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0.
Cookie: SQMSESSID=5272f9ae21c07eca4dfd75f9a3cda22e.
Cookie2: $Version=1.
Cache-Control: no-cache.
Connection: Keep-Alive, TE.
TE: deflate, gzip, chunked, identity, trailers.
.
##
T 64.90.164.74:80 -> 10.1.1.10:42177 [AP]
HTTP/1.1 200 OK.
Date: Mon, 29 Mar 2004 00:47:25 GMT.
Server: Apache/2.0.49 (Unix).
Last-Modified: Tue, 04 Nov 2003 12:09:41 GMT.
ETag: “210e23-326-f8200b40″.
Accept-Ranges: bytes.
Vary: Accept-Encoding,User-Agent.
Content-Encoding: gzip.
Content-Length: 476.
Keep-Alive: timeout=15, max=100.
Connection: Keep-Alive.
Content-Type: text/html; charset=ISO-8859-1.
Content-Language: en.
.
……….}S]..0.|………..H…8……..@..\….(…..Dw.%.,..;.k.. …
.;kw*U.j.< ...\0Tn.l.:......>Fs….’….h.’…u.H4..’.6.vIDI…….N.r …
..H..#..J….u.?..]….^..2…..e8v/gP…..].48…qD!……….#y…m …
####

Popularity: 48% [?]

Since openssl-0.9.8c, dev-libs/openssl has provided USE flag of sse2 to gain more performance on all ssl-enabled applications.

If you, however, remerge openssl with this new flag, it will break ABI (#147758) and cause openssh can not work regularly.

It’s recommended to remerge openssh and all other ssl-enabled applications after upgrading from previous 0.9.8 versions. If you are having problems with ssh segfaults, you are affected and will need to remerge the affected packages.

Here is my upgrading steps from openssl 0.9.7. You can use 0.9.8 instead of 0.9.7 to remerge all ssl-enabled applications.

1. Remerge all packages that are linked against OpenSSL 0.9.7 by using revdep-rebuild from app-portage/gentoolkit:

   # revdep-rebuild –library libssl.so.0.9.7
   # revdep-rebuild –library libcrypto.so.0.9.7

2. After this, you can delete /usr/lib/libssl.so.0.9.7 and /usr/lib/libcrypto.so.0.9.7

Popularity: 31% [?]

Gentoo Linux 2006.1 released, from LWN.

這次的比較大的改變是:

• gcc 3.4.6 -> gcc 4.1.1
• glibc 2.3.6 -> glibc 2.4
• 安裝光碟現在支援 Sun T1000 和 T2000 用的 UltraSPARC T1 processor 和 PPC 的 dual-core G5 processor

如果已經裝 Gentoo 2006.0 以前的話, 那升級主要就是升 gcc 和 glibc. 要小心的是, 安裝 glibc 的過程一但出狀況, 事情會很複雜, 可能絕大部份的指令都不能用 (ls, bash, emerge and so on). 要特別注意.

glibc 2.4 預設已經 enable NPTL only, 所以 Gentoo 的 glibc 也不會採 NPTL 和 LinuxThread 雙行的模式了, 因此沒有在 /etc/make.conf 中設 nptlonly 的 USE flag, 是沒辦法裝 glibc 2.4 的. 因為我之前就有設 nptlonly, 所以無法知道沒設的話 migration 會有甚麼問題.

根據 GWN 08/28/2006, 說要升級 gcc 要參考這篇 GCC Upgrading Guide. 那我的步驟大致如下:

(Do upgrade new version of gcc)
# emerge --sync
# emerge -uav gcc

(Select new version of gcc in current shell session)
# gcc-config i686-pc-linux-gnu-4.1.1
# source /etc/profile

(Very important Step!!)
# fix_libtool_files.sh 3.4.6
* Scanning libtool files for hardcoded gcc library paths...

* [1/4] Scanning /lib …
* [2/4] Scanning /usr/lib …
* FIXING: /usr/lib/libasprintf.la …[vl]
* FIXING: /usr/lib/libMagick++.la …[vl]
* FIXING: /usr/lib/libusbpp.la …[vl]
* FIXING: /usr/lib/libpcrecpp.la …[vl]
* FIXING: /usr/lib/libdb_cxx-4.2.la …[vl]
* [3/4] Scanning /usr/i686-pc-linux-gnu/lib …
* [4/4] Scanning /usr/local/lib …

(Rebuilding libtool)
# emerge --oneshot -av libtool

(Upgrade glibc to 2.4 and so on)
# emerge -eav system
# emerge -eav world

(remove the older gcc version)
# emerge -Ca `equery l gcc | grep 3.4`

這樣就可以把 gcc 從 gcc-3.4.6-r1 升到 sys-devel/gcc-4.1.1 (PS: I remove gcc-3.4.6-r1 here), sys-libs/2.3.6-r4 升到 sys-libs/glibc-2.4-r3 了.

題外話, 根據 DesktopLinux.com 的 2006 Desktop Linux Market survey 訪問一萬五千個 Linux User 票選 most popular desktop of Linux 的結果如下:

1. (29.2%) Ubuntu
2. (12.2%) Debian
3. (13.0%) openSUSE + SLED
4. ( 9.6%) Gentoo
5. ( 7.0%) Fedora
6. ( 4.8%) Mandriva

God, Gentoo 竟然打敗 Fedora?! :p

Popularity: 29% [?]

在看 Gentoo 的 portage log 時, 看到一個還蠻有趣的軟體, 叫做 cryctcat (portage/net-analyzer/cryptcat , ports/net/cryptcat).

雖然整體功能來說, 我覺得還是 socat (portage/net-misc/socat, ports/net/socat) 比較強, 不過就編密這方面, 因為 socat 是利用 OpenSSL 來達成這個效果, 就 netcat 簡而易用的角度, 不如用 cryptcat 所採用的 Twofish 這種 symmetric key block cipher 來的簡單易用了.

原先利用 netcat 來傳檔的方法如下:

MachineA:

nc -l 12345 < file.orig

MachineB:

nc MachineA.IP 12345 > file.sent.by.MachineA

要改成

MachineA:

cryptcat -l -p 12345 < file.orig

MachineB:

cryptcat MachineA.IP 12345 > file.sent.by.MachineA

這樣就會利用預設的密碼 metallica, 透過 Twofish 加密. 當然, 也可以用 -k 這個 option 來改變預設的密碼 ;-)

Popularity: 32% [?]

Gentoo Weekly Newsletter: 24 July 2006

Sun 的 David Killian 向 Gentoo 贊助了 Niagara 工作站一台, 用於 Gentoo Linux 的開發, 移植, 和測試. 根據 bootlog, 這台就是具有 UltraSPARC T1 processor (1.2GHz 8 core, 也就是會看到 32 顆虛擬 CPU) 和 Main Memory 32GB 的 T2000.

星期天和 Vivia, tjs, Airken, zmx 吃飯時, 聽到巴哈姆特也正在測試 T2000, 號稱一台抵的上 4 台 Pentium4 2.4GHz/1GB記憶體, 甚至還有一半的餘裕, 而且耗電量與機架空間都僅需現有架構的一半.

雖然說 Sun 可能會放棄 SPARC 市場 (找不到新聞了 @_@), 不過 T2000 還真的希望可以借回來玩啊 :p

• Sun Fire T1000 Server 價格 (Memory/8GB $6,445, Memory/16GB $14,445)
• Sun Fire T2000 Server 價格 (Memory/8GB $9,045, Memory/32GB $29,445)

Popularity: 33% [?]

When I try to upgrade my system, but I get the error below:

sojia src # emerge -uvDNp worldThese are the packages that I would merge, in order:

Calculating world dependencies …done!
[blocks B ] sys-apps/pam-login (is blocking sys-apps/shadow-4.0.15-r2)
[ebuild U ] sys-apps/shadow-4.0.15-r2 [4.0.14-r1] +nls -nousuid +pam (-selinux) -skey 1,264 kB

Total size of downloads: 1,264 kB

According to this page on http://forums.gentoo.org, the clue is in the shadow ChangeLog:

*shadow-4.0.14-r2 (12 Mar 2006)
12 Mar 2006; Diego Pettenò +files/login.defs,
+files/login.pamd, +shadow-4.0.14-r2.ebuild:
Merge pam-login back into shadow, as 4.x version was already being used;
this means that upgrade from 4.0.14-r1 requires to remove pam-login before.

To solve “emerge -C pam-login && emerge -1 shadow”, this is safe to do.

Update: Thanks Julian. It’s more safe to perform “emerge –buildpkgonly –nodeps shadow && emerge -C pam-login && emerge –usepkgonly shadow“

Popularity: 22% [?]