Ruizs Place

If you need to get in and edit some files on your xen domU instance, i.e. it isn’t booting up properly, etc, here’s how to mount it on dom0. In this case, we want to mount the second partion on the virtual disk (our root partition):

Print out the partition layout:
fdisk -l /path/to/img/file.img

Disk System.img: 0 MB, 0 bytes
255 heads, 63 sectors/track, 0 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System
System.img1 1 4 32098+ 83 Linux
System.img2 * 5 619 4939987+ 83 Linux
System.img3 620 750 1052257+ 82 Linux swap / Solaris

create directory to mount image under: mkdir /mnt/tmp

mount the image using the offset from the fdisk output, the start block (in this case 5)
mount mount -o loop,offset=$((512*5) /path/to/img/file.img /mnt/tmp

Edit files as needed, and unmount when done.

Tags: howto, linux, oraclevm, virtualization, xen

On and off over the past few years, I’ve looked for a good way to synchronize 2 or more iTunes libraries, and until recently, never found a good solution. The main problem is synchronizing library metadata – syncing files isn’t that difficult, but things like ratings, play counts, etc. is.

My previous solution was simple – I considered one computer my “master”, and simply sync’ed all the files from it to my other computers. Since I do most of my itunes listening (and rating) at work, I used my iMac as the master and my macbook and home desktop were the slaves. This has its downfalls though, as anything I added or rated on my other systems never made its way back to the master system, and I had to make those changes manually.
I decided to search again a few days ago, and found two applications that do exactly what I want:

myTuneSync from SocketHead studios
Syncopation from Sonzea

I checked them both out, and they both work as advertised (both offer free time-limited trials). You install the application, point it at the other itunes library to keep in sync with, and set them up for automatic updates. Syncopation is the clear winner for me, with its cleaner interface, faster performance, and ability to synchronize file deletions as well. Syncopation works only on macs, so if you have a mix of mac and Windows (or only Windows), myTuneSync is for you.

Interestingly, I found these programs two days before the new iTunes 9 was released, and looking at the keynote, I wondered if I just wasted money on something that was now a standard feature of iTunes. (Unfortunately) It turns out that the syncing included with iTunes is limited to purchases from the iTunes store, and doesn’t include anything added by you. It also seems that the metadata does not get transferred over, only the purchased song files.

Tags: apple, itunes, mac

I develop a product at work that (among many other things) allows users to easily create and manage databases to interact with other packages on their appliance. One feature that was requested and green-lighted is the ability to create a read-only user for existing databases- a user that can connect to a given database and access all tables and views in that DB, and nothing else.

Since PostgreSQL is our database of choice, I started researching the process, thinking it would be a couple mysql-esqe GRANT statements and that would be it. Turns out that it is a huge PITA in postgres – even my solution I’m documenting here has its shortcomings, but as far as I know is the best / only way to accomplish this task. I ran across quite a few sites that helped with pieces of this, but none that actually tied the process together for production usage. I am by no means a Postgres expert, but do have a good bit of experience mucking around with back-end settings and figuring how to script common tasks.

There are two main things to watch out for when trying to create a read-only user in PostgreSQL, especially if you come from a DB like MySQL:

PostgreSQL only sets permissions on objects, not on databases, so you need to grant read access to all your tables/views/etc, and if you add a table down the line, you need to remember to manully grant read access to it after creating the table.

I’m guessing 95% of postgres users just use the default “public” schema, and as such, you need to revoke create privileges from the PUBLIC group. Otherwise, your “read-only” user will still be allowed to create tables that it owns, even if you’ve only given it read only access to all other objects in your database.

For this example, we’ll use database name “mydb”, database user/owner “mydbuser”, and we’ll create a read-only user named “mydbuser_ro”. This assumes that you did not define a schema for your database and are using the default “public” schema.

Revoke default permissions from public group:
REVOKE CREATE ON SCHEMA public FROM PUBLIC;
REVOKE USAGE ON SCHEMA public FROM PUBLIC;

Add back permissions for your database owner:
GRANT CREATE ON SCHEMA public TO mydbuser;
GRANT USAGE ON SCHEMA public TO mydbuser;

Create the new user via the command line, or pgadmin/etc:
psql -U postgres -t -c "create role mydbuser_ro password 'abc123' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;

Grant usage permissions for your read-only user:
GRANT USAGE ON SCHEMA public TO mydbuser_ro;

Grant select permissions on all database tables from the command line:
psql -U postgres -qAt -c "select 'grant select on ' || tablename || ' to \"mydbuser_ro\";' from pg_tables where schemaname = 'public'" mydb | psql -U postgres mydb

Setup remote access for the read only user in pg_hba.conf as appropriate

Once complete, you can verify the settings with a quick sql query. You should see something like this, with the user=UC (for Usage/Create), and user_ro=U (for Usage):
mydb=> select * from pg_namespace where nspname='public';
nspname | nspowner | nspacl
---------+----------+------------------------------------------------------------------
public | 10 |
{postgres=UC/postgres,mydbuser=UC/postgres,mydbuser_ro=U/postgres}


Tags: database, db, linux, mysql, postgresql

I previously posted about a rather convoluted method to use mobileme and idisk to sync adium logs across computers, but after using that for a while, it turned into an exercise in frustration, as it was not reliable, and idisk is horribly slow.
I just came across a new solution to the same problem that is very simple, costs nothing, and performs great. Basically, let dropbox do the syncing for you. Instructions as follows:
- Sign up, download and install dropbox here
- Shutdown adium (or other chat client)
- Open a Terminal session
- Move your adium logs folder to dropbox:
mv ~/Library/Application\ Support/Adium\ 2.0/Users/Default/Logs ~/Dropbox/Private/AdiumLogs
-create a symbolic link from your adium folder to your dropbox private folder:
ln -s ~/Dropbox/Private/AdiumLogs ~/Library/Application\ Support/Adium\ 2.0/Users/Default/Logs

On any other computer you’d like to keep in sync with:
- sync over your existing logs with rsync:
rsync -avl ~/Library/Application\ Support/Adium\ 2.0/Users/Default/Logs/ ~/Dropbox/Private/AdiumLogs
- Move your old logs folder out of the way:
mv ~/Library/Application\ Support/Adium\ 2.0/Users/Default/Logs ~/Library/Application\ Support/Adium\ 2.0/Users/Default/Logs.old
-create a symbolic link from your adium folder to your dropbox private folder:
ln -s ~/Dropbox/Private/AdiumLogs ~/Library/Application\ Support/Adium\ 2.0/Users/Default/Logs

It really is that simple, and works great – thanks Dropbox for a great bit of software.

At work, we are moving from a huge datacenter space (about 12′ x 12′, 12 cabinets) to less than 1 cabinet. This will be a great change in all respects, mostly financially, for all the saved space, but also environmentally, for all the saved power. We probably use about the same amount of power to run our whole infrastructure as we used to to run two or three servers.

We are using an IBM Bladecenter, with fully loaded blades – 5 for now, expandable to 14. Each blade has 8 CPU cores, and 32GB of memory. It would be a waste to run a server OS on the blade itself, it would definitely not be properly utilized and we’d be wasting compute power, electrical power, and space. So, we’re moving ahead with deploying everything on Oracle VM Server – a Xen based virtualization platform, that does some cool stuff like load balancing, failover, live migration, etc.

In our old infrastructure, we have a few Windows servers, whose functionality we need to keep around, but we’re not too excited to move over these old, Pentium III waste-of-space servers. Last week my main task was to figure out how to get these old servers moved into Xen virtual machines.

There’s not much information out there on making this conversion – there are some commercial tools that will do everything for you, but they are quite expensive. The included P2V functionality in Oracle VM is documented only for linux, and for systems with large hard drives with lots of free space, is pretty wasteful.

The process I came up with requires no downtime on the server to be cloned, only minimal changes beforehand (installing the VMware converter software package), and allows you to resize hard disks as needed. Once you get the hard disk cloned, you change the drivers, installed software, etc. on the VM only, so the original machine still works and is your backup/fail safe. The process isn’t all that time consuming either – it mostly depends on your network and disk speed to clone the image, and convert it.

The basic process is as follows:
- Clone the physical server using VMware converter – you need to install the VMware converter software on a management host, and the agent on the physical server to clone. You need to provide proper login credentials, and a samba/cifs share that both machines can access. Full instructions are available here:
http://www.howtoforge.com/vmware_converter_windows_linux

- Once you have the vmware image (.vmdk and .vmx files) open them in vmware server, fusion, or whatever version of VMware you have install / converted to.
- Install vmware tools to make your life easier.
- Just in case, install the Windows recovery console: http://support.microsoft.com/kb/307654
- Run MergeIDE: MergeIDE — This is the secret sauce that copies in and installs the proper basic drivers in the Windows registry.
- Shutdown the VM.
- Copy vmdk files over to Oracle VM server (or Xen flavor of choice)
- Create a new windows VM in Oracle VM manager, power off after creating
- Delete the created disk file (System.img)
- Convert the vmware images with qemu-img: qemu-img convert vmwarefile.vmx System.img
- Start vm in Oracle VM, let it detect devices and install drivers
- Use and enjoy being unbound from crappy old hardware!

Tags: convert, oraclevm, p2v, virtualization, vmware, windows, xen

If you’re like me, you just brought home guitar hero 4, and want to play the songs listed on the box. Unfortunately, it comes with only half of the (or so) available to play. I found this elsewhere, although its not too obvious that this is the code you’re looking for on other sites.

To unlock all songs:
Blue, Blue, Red, Green, Green, Blue, Blue, Yellow.

This was tested on my Wii, and should work on all other consoles as well. You get here by going to Options->Cheats->Enter new code. Once you enter it, you have to find it in the list, and turn it “on”. I.e., if you just enter the code, the cheat is by default off.

Other cheat codes can be found here:
http://gosublogger.com/2008/10/guitar-hero-world-tour-cheats-for-xbox-360-playstation2-playstation3/

Tags: tech wii

Like email, my IM chat logs have become a critical reference and database for me. With both OS X’ spotlight and Adium’s chat transcripts, searching for a conversation in these logs is quite easy. However, not so much so when I’m on my laptop at home, and the chat took place on my work computer. I am looking into services like simkl.com, which act as a proxy and store your chat logs an their servers – but, these don’t have the search interface I’m used to, and I’m not sure I’m ready for yet another company to have access to my personal communications.

So, here’s the procedure I am using to sync my logs using my iDisk included with my MobileMe subscription. It is pretty rudimentary, but works nicely for what I want it to do.

Here are the relevant references I used when putting this process together, as I didn’t feel like spending much time on this:
http://www.macosxhints.com/article.php?story=2008071710372562
http://www.macosxhints.com/article.php?story=20020207214002198&query=dd
http://forums.macosxhints.com/showthread.php?t=2185
http://www.bombich.com/mactips/rsync.html
http://lingon.sourceforge.net/

First, I built the latest rsync based on the link above – not that its really needed, but I figured it wasn’t a bad idea to have the latest, greatest, and most efficient.

Second, you need the actual script, here’s mine, with some names removed:

#!/bin/bash

# Sync all data from Chat logs to MobileMe iDisk

export LOG=/Users/myname/idisk.log
rm -f $LOG
echo `date` > $LOG
echo "Starting copy of Adium Chat History to iDisk..." >> $LOG
export IDISK=/Users/myname/idiskmount
export PWFILE=/Users/myname/bin/idiskpw.txt

cat $PWFILE | mount_webdav -a0 http://idisk.mac.com/dotmacusername/ $IDISK

rsync -a -E -4 -u --exclude=.DS_Store --stats --progress /Users/myname/Library/"Application Support"/"Adium 2.0"/Users/Default/Logs/ ${IDISK}/ChatLog/ >> $LOG
rsync -a -E -4 -u --exclude=.DS_Store --stats --progress ${IDISK}/ChatLog/ /Users/myname/Library/"Application Support"/"Adium 2.0"/Users/Default/Logs/ >> $LOG

umount $IDISK

echo "Backup of Chat Logs to iDisk complete..." >> $LOG
echo "" >> $LOG
echo `date` >> $LOG

exit 0


Now, I created a new job in Lingon to run the sync script. I named it com.myname.idisk.rsync, selected the script I had created (saved in ~/bin), and set it to run every 2 hours. After logging out and back in, everything was up and running. Status can be checked in the log file – after a long initial run, things run very quickly.

You’ll want to repeat this process on any other computer you have for it to work properly. After spotlight reads in all the new files, you should have searchable chat logs on all your macs.

Notes: You’ll need to create the appropriate directories here (idiskmount), and the funky webdav password file. This process is detailed in the macosxhints forum post, it involves typing a few non-std characters in your editor of choice.

Tags: apple, dotmac, idisk, mac, mobileme

Download/Install UseMetaKeys FireFox Extension

In celebration of the release of Firefox 3 yesterday (and since I had forgotten to install my extension previously), I am posting this quick, dirty, and oh so helpful firefox extension.
Firefox has long been my preferred browser, although for the last year or so Safari had been gaining ground. Firefox 2 was just to bloated and slow, especially on OS X, and Safari was much faster. I always had a hard time choosing between the additional functionality Firefox provides, and the simplicity and speed of Safari. With Firefox 3, that’s pretty much over, and it is back in its place as my primary browser.
However, one thing that has always bugged me about firefox on Mac OS X was that you can’t open a URL in a new tab using Command+Enter, it only works with Option(alt)+Enter. I couldn’t find a fix a year or two ago, and with some quick searching today, I still did not find a good way to reassign the key sequence. So, I looked up a couple howto’s, found a sample/donor project, and whipped up a simple extension with a single purpose – remap Command-Enter to open a url in a new tab (i.e. when typing in the address or search bars). As expected, no support is provided, no warranty intended, etc., but if you’re using Firefox on OS X, I highly suggest installing this.

For some reason, I called it “UseMetaKeys”, and now, a year later, I am too lazy to change the name.

Tags: apple, firefox, keys, mac, osx, remap, safari

At work, we have a kickstart setup we have been using for a couple years now, with probably 150 servers out in the field based on this install. Our distro of choice is CentOS, a RedHat clone, and we are at version 4.4. This is out of date now, but it still works great for our needs, as security fixes are regularly back-ported. It would also be a major pain to upgrade our existing installations, and/or support multiple OS versions.

On to the issue at hand: we recently received some new server models that we’ll be supporting, both which have hardware not supported in CentOS 4.4. One machine has a RealTek RTL-8110 ethernet chip, and the other as a 3Ware 9650SE Raid controller. As I later discovered, this presented two unique problems with the kickstart – without the proper storage controller driver, one server didn’t find any disk to install on, and without the proper network driver, the other server couldn’t even connect to our kickstart server at all.

So, as you might guess, there are two different solutions here. The more elegant is for the storage controller, we can create a driver disk with the proper drivers, and make it available on the network during the kickstart. The network driver is more difficult – we need to insert it into the initrd image we provide for PXE boot, and then somehow copy it over after installation (this is an updated driver, r8169.ko, that exists in CentOS 4.4 but doesn’t support our newer card).

Adding a RAID/Storage Card Driver to the Kickstart:
For the driver disk, things are especially easy, as 3Ware provides a driver-disk compatible download, although not yet in the correct format to share over the network.

The driver provided by 3ware (http://www.3ware.com/KB/article.aspx?id=14546 ) includes the following:

-rwxr-xr-x 1 stever stever 66B Oct 10 2007 modinfo*
-rwxr-xr-x 1 stever stever 249B Oct 10 2007 modules.alias*
-rw-r--r-- 1 stever stever 377K Oct 10 2007 modules.cgz
-rwxr-xr-x 1 stever stever 28B Oct 10 2007 modules.dep*
-rwxr-xr-x 1 stever stever 463B Oct 10 2007 modules.pcimap*
-rwxr-xr-x 1 stever stever 192B Oct 10 2007 pci.ids*
-rwxr-xr-x 1 stever stever 339B Oct 10 2007 pcitable*
-rwxr-xr-x 1 stever stever 37B Oct 10 2007 rhdd*

This is all you need on a driver disk, so all you need to do is create a disk image, and copy these files over:

#Create a blank, 20MB image
dd if=/dev/zero of=/root/driverdisk.img bs=1M count=2
#Format the image with ext2
mkfs -t ext2 -q /root/driverdisk.img
#mount it and copy the files over
mount -o loop /root/driverdisk.img /mnt/tmp
cp /root/3ware/* /mnt/tmp/
umount /mnt/tmp

Now, copy the image over to somewhere accesible on kickstart, and update your ks.cfg with the following:
driverdisk --source=nfs:servername:/vol/kickstart/CentOS-4.4-x86/drivers/driverdisk.img

On network kickstart, anaconda should grab the driver, load it, and proceed normally. This should work for any non-network-card driver you need.

Adding a Network Card Driver to the Kickstart:
This is considerably more arduous, but not too difficult with the magic commands. Much of the information here comes from my friend Steve, www.kehlet.cx.

There is no nicely package/built driver provided by RealTek, just some source code with instructions for compiling.

I downloaded the driver here:
http://wiki.centos.org/HardwareList/RealTekr1000
After untar’ing unzip’ing, I ran make with the default settings, and manually changed the kernel version to build a smp driver as well (assuming you’re building on a single-cpu system):

[root@lb4 ~]# cd r8169-6.006.00/
[root@lb4 ~]# make
[root@lb4 ~]# mv src/r8169.ko r8169.ko.2.6.9-42.EL
[root@lb4 ~]# make clean
(edit src/Makefile, change the line "KVER := $(shell uname -r)" to "KVER := 2.6.9-42.ELsmp"
[root@lb4 ~]# make
[root@lb4 ~]# mv src/r8169.ko r8169.ko.2.6.9-42.ELsmp


Now you should have two .ko module files compatible with the different kernels – we need to get these inserted into the initrd image. An initrd is basically a disk image that holds various drivers and programs needed to pre-boot your system. It is usually a gzipped disk image file, so its nothing too special. Basically, you need to unzip & mount the initrd image, gunzip/cpio the modules.cgz file in the initrd, make the required changes, and package everything back up.

Here’s those steps in gory detail:

mkdir /mnt/tmp
mkdir /mnt/initrd
mkdir /var/tmp/work
mkdir /var/tmp/work/bootnet
mkdir /var/tmp/work/drvnet
gunzip < /root/tftpboot/initrd.img > /var/tmp/work/bootnet/initrd.img.ungzipped
cd /var/tmp/work/bootnet/
mount -o loop initrd.img.ungzipped /mnt/tmp2
cd /mnt/tmp2/modules
gunzip < modules.cgz | (cd /var/tmp/work/bootnet && cpio -idv)
cd /var/tmp/work/bootnet/2.6.9-42.EL/i686
cp /root/r8169-6.006.00/r8169.ko.2.6.9-42.EL r8169.ko
cd /var/tmp/work/bootnet/2.6.9-42.ELsmp/i686
cp /root/r8169-6.006.00/r8169.ko.2.6.9-42.ELsmp r8169.ko
cd /var/tmp/work/bootnet/
find 2.6.9-42.EL | cpio -ov -H crc | gzip > /mnt/tmp2/modules/modules.cgz
#edit /mnt/initrd/modules/pcitable
#add this:
0x10ec 0x8167 "r8169" "Realtek|RTL-8110 Gigabit Ethernet"
umount /mnt/initrd
gzip < initrd.img.ungzipped > initrd.r8169.img


I had to boot up DSL, run lspci & lspci -n, to get the ID to put in here – third column has 10ec:8167, which is what we need
https://lists.sdsc.edu/pipermail/npaci-rocks-discussion/2007-September/027142.html

So now you can replace your initrd.img with the one you just created. The kickstart should work fine now, but upon reboot, the system will not be able to find the right driver. After the kickstart, you need to copy over the .ko files to the appropriate directories – we added a line in our post-install script to do this for us, it simply copies the .ko file to the appropriate directory (/lib/modules/`uname -r`/kernel/drivers/net/)

Hopefully this is useful to someone, I couldn’t find a good, comprehensive guide on how to do this, I had to pull data from a bunch of different sources.

I finally fought the jet-lag, and got around to posting photos from most of our trip.

All of them are available on my main picasa page,
http://picasaweb.google.com/stevendavidruiz

And now for individual galleries:
I added some underwater photos to our snorkeling gallery:
http://picasaweb.google.com/stevendavidruiz/SnorkelingInMalaysia

A great Hike we went on in Taiwan – Caoling Historic Trail
Along the Chao Phraya in Bangkok – River Cruise
Pattaya, Thailand
Misc Thailand Photos
Around Taipei

I posted some new photos from our trip to Malaysia – I’ll be writing something about the trip in a day or two, but for now, enjoy the pictures .

Picasa Photo Gallery

Tags: abdul, kinabalu, kota, malaysia, national, park, rahman, sabah, tunku

When I first brought home my Gaggia Baby espresso machine, it had been used for a number of years, and not cleaned very well. I tried a few shots from it, but no matter what I did, they always came through too fast. When I adjusted my grinder to the point that the burrs were touching, the espresso would come out slowly at first (and look good), and get gradually faster until the shot was done after about 15 seconds. If you are having these issues too, its time to take a close look at the brew pressure of your machine.

The OPV, or over-pressure valve (also known as pressure relief valve), is fitted to most mid-level home machines with vibratory pumps. Vibe pumps aren’t really precision adjustable devices, so they are basically either on or off, and inside an espresso machine, whatever pressure they’re operating at is the pressure you’re getting through your espresso. In most espresso machine marketing literature, they advertise the power of pumps, 16 bar in this one, 18 bar in that one, but this really doesn’t matter – espresso needs about 9 bar, give or take, to be brewed properly, and this is where the OPV comes in. As the pressure raises, it will gradually open up to maintain a set pressure, usually about 9 bar in an espresso machine. Excess water is routed back to the reservoir, and the group head, and thus your espresso puck) see’s the proper pressure. Gaggia Baby and Classic models are fitted with an adjustable OPV, other models don’t have one, but if you can find one its a great upgrade for a Carezza or Espresso.

As you can read in some other posts here, the Gaggia machines are very easy to take apart and repair/clean, so while going through that process, I spent extra time on cleaning / restoring the OPV valve. It turns out that mine was completely sealed shut from past years’ scale deposits, and it wasn’t opening at all. I took the valve apart completely, and soaked it in a durgol bath and in a citric acid bath about 5 or 6 times – there was a lot of crud on there, and it took a while to get it off. Afterwards, things looked pretty good, and it was very easy to put back together.

When my machine re-assembly was complete, I hooked up my newly built pressure gauge, and proceeded to dial in the correct pressure. This is a bit complicated because the valve is not easily accessible, and adjustment requires disassembly of the valve. So its turn on machine, read pressure, turn off, unscrew valve, adjust (while not burning hands on hot boiler), reassemble, and repeat. It took 4 or 5 iterations to get it the way I wanted, I was moving about 1/2 turn of the adjustment nut each time. I think these come from the factory set very high, so I’m guessing you could improve your results just by loosening the nut a turn or two from factory tight. Espresso is now much easer to make (and much better tasting), and with the pressure gauge, I know any problems are my fault, and not the machine’s.

Details of the pressure gauge: I had a friend weld a piece of stainless tubing to a blank filter basket (could probably get this done at a welding shop for $10 and a six pack as well), and attached to a tee, a needle valve, and a liquid-filled pressure gauge. I can adjust the flow to approximate espresso flow rates, and dial in the pressure from there.

Tags: diy, Espresso, gaggia, howto

Call us crazy, but this weekend we started on our third bathroom remodel (for those keeping count, that’s the third of three bathrooms in the house). It’s always fun when you can grab a three-pound hammer and go to town on the walls, but it does draw both blood and sweat (I sliced up my hands even with gloves on). Now that we’re seasoned pro’s when it comes to this stuff , things move pretty quickly, and I’d say we spent 6 or 7 hours total on the demo, and basically stripped the bathroom to walls and floor only.

In the weeks to come, we’ll be installing new plumbing (fixtures, etc), new tub, drywall/backer board, tile, new pedestal sink, wainscotting, etc. We’ll post photos and notes along the way, here are some pics of this weekend’s adventures.

Tags: bathroom, diy, home, remodel

I recently purchased an espresso machine to fuel my addiction – a Gaggia Baby circa mid 1990’s. You might wonder why I bought such an old machine, but it was a smoking deal – I got the machine and the grinder for a super-low price, and then sold the grinder on ebay to basically pay for both. So, it was worth it to put some time and a little money into making it like new again.

Gaggia home machines are pretty ubiquitous, as the internals have been the same for 20 years or so, with only cosmetic changes outside – so parts and instructions aren’t too difficult to find. My particular model is a “Baby”, which includes the 3-way valve and an adjustable OPV (over-pressure or pressure relief) valve, otherwise all models are basically the same. Being about 15 years old, it was showing some wear and tear, and was also showing that it hadn’t been cleaned in a LONG time. Before I noticed how much gunk was built up on it, I tried to pull a few shots – they all came out way too quickly, even with the grinder burrs basically touching.

So, I did what I usually do, and took the whole thing apart . Gaggia machines are very easy to tear down, all it takes is a couple screwdrivers and allen wrenches. When you do take these machines apart, just be sure to label all the wires and take some photos to reference when re-assembling – a little masking tape and a sharpie can go a long way.

Once everything was apart, I started cleaning. The group (part the holds the portafilter) needed a ton of cleaning and scraping, there was years of coffee gunk in there. All parts got a few soaks in descaling solution and citric acid baths, there was quite a bit of scale on everything. It took about 5 soaks to get everything cleaned up, and a bit of scrubbing inside the boiler as well. I purchased a complete Gaggia rebuild kit on ebay from “supercoffeeman”, which includes all seals and gaskets needed to make the machine like new. For an older machine, its safe just to replace everything, for a newer machine all you may need to replace is the group gasket. In any case, if the rubber is brittle or cracked, its time to replace- mine certainly was. In subsequent posts, I’ll go over the details of the mods and adjustments I went through to get it dialed in pefectly…

Tags: Espresso, gaggia, howto

I upgraded my home MacBook and work iMac to Leopard right when it came out. When I had Tiger, I installed an extention to Mail.app called “IMAP-IDLE”, which added support for the (logically named) IMAP Idle mode. This basically means that it will open an extra connection to your mail server, and when the mail server receives a new message, it notifies your client almost instantly. At work we have a Microsoft Exchange server, and for personal email I use gmail, and both were lightning fast – when I tested at work, I would see the new email in my inbox within a second of sending.

However, this behavior stopped when I upgraded to Leopard – it includes a built-in option to use IMAP IDLE, but it never seemed to work right – I would receive email only when I hit the “Get Mail” button, or my client checked on its specified interval.

I thought I had figured out how to make it work properly, it seems there are two settings that should impact this, but neither work well. Under Mail.app Preferences, under the Accounts Section, Advanced tab, if you select “Use IDLE command if the server supports it“, and you un-check “Include when automatically checking for new mail“, things work ok for a while.  After making the change, restart Mail.app.  However, if something happens, i.e. you close the lid on your laptop, lose the connection to the server, etc., it no longer works.

Why can’t apple get this working as well as the plugin was before?  No good solution at this point…

Tags: gmail, imap, mail.app, osx

My buddy Oscar recently started a contest, open to 14 – 19 year olds, to win a brand-new iMac. Contest details are available at the link below, but basically involve an original writing – research, news, opinion, etc. A great opportunity for those that qualify, and all you have to do is write! Check out the rules, and register, at:

http://rakxzo.com/giveaway

http://rakxzo.com/giveaway/contest-rules/

I use ssh on a daily basis for almost all my work (and at home, for managing my linux server), and occasionally have the need to run a X11 program. In that past I have been going through the pain of setting all the variables, on both the remote server and my local machine. I start up my X server, run xhost +ip.addr.ess, and on the remote server, set the DISPLAY variable. This does work fine if you’re on a routable network, but if not there’s a lot more trickery involved.

Finally I took the time to figure out the proper settings for forwarding X11 using ssh – they involve changing both your ssh client config, and the ssh server config, so you’ll need permissions for both ( or ask your friendly sysadmin).

On the server side, you need the following in sshd_config (/etc/ssh/sshd_config on Centos/RHEL/Fedora/etc):

X11Forwarding yes
X11DisplayOffset 10

The first line enables ssh forwarding, and the second sets the X11 display offset to start handing out to ssh clients (i.e. localhost:10).

On the client side, there is the option to change X11 forwarding settings in the global or local config file. I recommend changing settings locally, per server, as this will minimize your security risks – if a malicious user could get access to the display device, he could snoop on all your activity, keystrokes included.
Edit, and create if needed, ~/.ssh/config. Setup per-server entries for each server you want to enable forwarding to, like so:

Host 10.1.2.3
ForwardX11 yes
Host 10.1.2.4
ForwardX11 yes
ForwardX11Trusted yes

All you need is a Host entry, and ForwardX11 yes to get it working. With some applications (java), you will need to add the ForwardX11Trusted line as well, but don’t do so unless you are getting a blank box instead of your application. I needed this for my primary use of X11 forwarding, managing Veritas Netbackup.

linux, osx, ssh, sshd, x11

Hi all – as usual, my blog pretty much serves as a place to alert people to new photos of mine. I’ve started using google’s picasaweb because, if you haven’t noticed, my site is horribly slow. I will have to wait until my contract is up, but in the meantime, I’d recommend against webhero.com.

That said, here’s some of the latest photos – our contractor finished our major bathroom remodel a while back, and I finally got around to putting up photos. Also included are some photos from my trip to boston, and some from the US open surfing competition. On the boston ones, make sure to click on the “View Map” button on top, I mapped each photo so you can follow my walk around the city.

Google Photo Gallery

This weekend we put the finishing touches on the bathroom we’ve been remodeling the past three or four months, so I’m happy to say its finished!. We re-did pretty much everything in the bathroom – tore it down to studs and concrete, and started building back up. It was a LOT of work, but we’re really proud of the results, and have a lot of confidence going into the next remodel (but not for a long while ).

Before:

After:

I have posted a lot of new photos in the past couple months, take a look around the gallery.

Some photos I just took today of our bathroom remodel (they just finished tiling):
Remodel Photos
Photos from our trip to Seattle a couple weeks ago:
Seattle Photos