Tuesday, November 29, 2011
Insert Credit
Wow. Great blog.
http://insertcredit.com/
Especially:
http://insertcredit.com/2011/09/22/who-killed-videogames-a-ghost-story/
http://insertcredit.com/
Especially:
http://insertcredit.com/2011/09/22/who-killed-videogames-a-ghost-story/
Monday, November 21, 2011
LDAP on debian
Well, here is the starting point
http://research.partners.org/wiki/index.php/Active_Directory_on_Unix
But that doesn't quite work. What is the difference between using ldap:// and ldaps://? My opensuse box uses ldaps://, which seems to work ok. But the debian instructions say use ldap://.
Debian has a very useful resource here.
http://www.debian-administration.org/articles/585
If I do "ldapsearch -x", this works using ldap://, but I get an error message "...a successful bind must be completed on the connection." Possibly this is answered here:
http://forums.techarena.in/active-directory/662084-2.htm
See also this:
http://www.openldap.org/doc/admin24/appendix-common-errors.html
Eventually I learned the reason I get the error about "...a successful bind must be completed on the connection." is that I forgot to use a user name. For example, the following works:
ldapsearch -v -D 'cn=myuser,cn=users,dc=example,dc=org' -H ldap://ldap.example.org -b dc=example,dc=org -W -x
This even works without "-x" option, which is good news. But I still get the following error:
$ id myuser
id: myuser: No such user
Aha! I got it. I had mistakenly installed "nslcd, libnss-ldap, libpam-ldapd" instead of "nslcd, libnss-ldapd, libpam-ldapd"
How to restrict access to which LDAP users can log in? See, for example:
http://linux.web.cern.ch/linux/docs/account-mgmt.shtml
The secret was to change the user names into the "filter shadow" line, like this:
filter shadow (!(cn=usr1)(cn=usr2))
Another possible problem is incorrect TLS certificate. The web page which describes this cannot be found by web search. Use inside knowledge to find the hidden URL on intranet.
http://research.partners.org/wiki/index.php/Active_Directory_on_Unix
But that doesn't quite work. What is the difference between using ldap:// and ldaps://? My opensuse box uses ldaps://, which seems to work ok. But the debian instructions say use ldap://.
Debian has a very useful resource here.
http://www.debian-administration.org/articles/585
If I do "ldapsearch -x", this works using ldap://, but I get an error message "...a successful bind must be completed on the connection." Possibly this is answered here:
http://forums.techarena.in/active-directory/662084-2.htm
See also this:
http://www.openldap.org/doc/admin24/appendix-common-errors.html
Eventually I learned the reason I get the error about "...a successful bind must be completed on the connection." is that I forgot to use a user name. For example, the following works:
ldapsearch -v -D 'cn=myuser,cn=users,dc=example,dc=org' -H ldap://ldap.example.org -b dc=example,dc=org -W -x
This even works without "-x" option, which is good news. But I still get the following error:
$ id myuser
id: myuser: No such user
Aha! I got it. I had mistakenly installed "nslcd, libnss-ldap, libpam-ldapd" instead of "nslcd, libnss-ldapd, libpam-ldapd"
How to restrict access to which LDAP users can log in? See, for example:
http://linux.web.cern.ch/linux/docs/account-mgmt.shtml
The secret was to change the user names into the "filter shadow" line, like this:
filter shadow (!(cn=usr1)(cn=usr2))
Another possible problem is incorrect TLS certificate. The web page which describes this cannot be found by web search. Use inside knowledge to find the hidden URL on intranet.
Thursday, November 10, 2011
Pulse audio glitches again
Maybe it's not pulse, but usually it is. Time to debug the problem
- Amarok skips. It seems to use phonon, pulse, and xine
- mpg321 works fine. I suppose it uses alsa.
- Mplayer works fine. It uses ffmpeg and alsa.
- I tried amarok with phonon-backend-vlc. But amarok skips with that one too
- I tried to disable time-based scheduling as recommended here:
- http://fedoraunity.org/Members/fenris02/pulseaudio-fixes-and-workarounds
- https://fedoraproject.org/wiki/How_to_debug_PulseAudio_problems
- I did the tsched=0 thing. It helped, but not enough
- Then, I edited /etc/pulse/daemon.conf, and changed realtime scheduling. But this doesn't seem to make a difference.
0 [SB ]: HDA-Intel - HDA ATI SB
HDA ATI SB at 0xfe8f4000 irq 16
1 [HDMI ]: HDA-Intel - HDA ATI HDMI
HDA ATI HDMI at 0xfe9ec000 irq 44
Not sure what it really means. Phonon can be configured to use either of them, but they both skip. My device is some kind of "on motherboard" thing.
$ lspci -v
00:14.2 Audio device: ATI Technologies Inc SBx00 Azalia (Intel HDA)
Subsystem: Dell Device 02e2
Flags: bus master, slow devsel, latency 64, IRQ 16
Memory at fe8f4000 (64-bit, non-prefetchable) [size=16K]
Capabilities:
Kernel driver in use: snd_hda_intel
01:00.1 Audio device: ATI Technologies Inc RV710/730
Subsystem: PC Partner Limited R700 Audio Device [Radeon HD 4000 Series]
Flags: bus master, fast devsel, latency 0, IRQ 44
Memory at fe9ec000 (64-bit, non-prefetchable) [size=16K]
Capabilities:
Kernel driver in use: snd_hda_intel
Then, I read a web page that suggests deleting the ~/.pulse directory, and so I did. And it fixed it! But only until the next reboot.