Saturday, February 25, 2017

Lock remote deskop over ssh

I had a seemingly simple problem, connect over SSH to remote computer and lock the screen. Simple Google search for "gnome lock screen" yielded a plenty of results all of which revolving about using command gnome-screensaver-command -l.  First of, the package gnome-screensaver isn't installed by default on Fedora, meaning it isn't used there. Then, after installing it I got the following error message:
** Message: Failed to get session bus: Error spawning command line 'dbus-launch --autolaunch=062fabbac04041679f56c8db8593c352 --binary-syntax --close-stderr': Child process exited with code 1
Ok, turns out that session DBus is inaccessible and that gnome-screensaver-command just sends a message over DBus. Using d-feet it was easy to find out object, interface and method to use to lock the screen, but how to access DBus was a bit harder. The easy part was to find out that the key is in environment variable DBUS_SESSION_BUS_ADDRESS which has to point to a DBus daemon socket. But harder was to find where this socket is by looking into usual places on the file system. Finally, turned out that the easiest was to look at the environment of an existing process and get value from there, i.e.:
$ cat /proc/`pidof gnome-shell`/environ | \
              tr '\0' '\n' | grep DBUS_SESSION_BUS_ADDRESS
DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-dl1GC6PYCt,guid=33abd4a9e6bb3dee9262121d5819bdf1
tr command is necessary because entries in the environment are separated by NULL character (i.e. they are strings in C), so we are changing them into new line. Finally, grep just takes out the entry we are interested in. BTW, sorry for the useless cat use, but it is leftover as I constructed the command. :)

When you have properly set environment variable to access DBus, it is easy to invoke method Lock() that locks the screen, i.e.:
dbus-send --print-reply --session \
          --type=method_call --reply-timeout=3000 \
          --dest='org.gnome.ScreenSaver' \
          /org/gnome/ScreenSaver \
          org.gnome.ScreenSaver.Lock
and that will lock the screen. What's left to do is just to glue everything into a script:
#!/bin/bash
PID=`pidof gnome-shell`
DBUS_SESSION_BUS_ADDRESS=$(tr '\0' '\n' < /proc/${PID}/environ | grep "DBUS_SESSION_BUS_ADDRESS" | cut -d "=" -f 2-) \
dbus-send --print-reply --session --type=method_call --reply-timeout=3000 --dest='org.gnome.ScreenSaver' /org/gnome/ScreenSaver org.gnome.ScreenSaver.Lock
Just copy that into a file, make it executable and try it. It should work every time. :)

Monday, January 30, 2017

Fedora 25, kernel 4.9 and VMWare Workstation 12.5.2

Well, after upgrading Fedora 25 which included kernel 4.9.5, VMWare Workstation stopped working again! The fix is easy, even though it annoying to constantly have to patch something in VMWare. Anyway, the procedure - taken from here - is:
  1. Switch to root account.
  2. Go to /usr/lib/vmware/modules/source.
  3. Make backup of files vmmon.tar and vmnet.tar.
  4. Unpack those files using 'tar xf' command.
  5. Patch file vmnet-only/user_if.c, i.e. you have to open it in you favorite text editor and in function UserifLockPage() that's around line 113 change the following part:
    #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 6, 0)
        retval = get_user_pages(addr, 1, 1, 0, &page, NULL);
    #else
        retval = get_user_pages(current, current->mm, addr,
                    1, 1, 0, &page, NULL);
    #endif
    with the following:
    #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 9, 0)
         retval = get_user_pages(addr, 1, 0, &page, NULL);
    #else
    #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 6, 0)
         retval = get_user_pages(addr, 1, 1, 0, &page, NULL);
    #else
         retval = get_user_pages(current, current->mm, addr,
                     1, 1, 0, &page, NULL);
    #endif
    #endif
  6. Then, in file vmmon-only/linux/hostif.c in function HostIFGetUserPages() that's around line 1158, change the following
    #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 6, 0)
       retval = get_user_pages((unsigned long)uvAddr, numPages, 0, 0, ppages, NULL);
    #else
       retval = get_user_pages(current, current->mm, (unsigned long)uvAddr,
                               numPages, 0, 0, ppages, NULL);
    #endif
    with
    #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 9, 0)
       retval = get_user_pages((unsigned long)uvAddr, numPages, 0, ppages, NULL);
    #else
    #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 6, 0)
       retval = get_user_pages((unsigned long)uvAddr, numPages, 0, 0, ppages, NULL);
    #else
       retval = get_user_pages(current, current->mm, (unsigned long)uvAddr,
                               numPages, 0, 0, ppages, NULL);
    #endif
    #endif
  7. Create new vmmon.tar and vmnet.tar using the following commands:
    tar cf vmnet.tar vmnet-only
    tar cf vmmon.tar vmmon-only
  8. Start vmware as you would normally start it. This will trigger module compilation and everything should work.
Note that you are doing everything at you own risk! :)

Friday, January 6, 2017

Few thoughts about systemd and human behavior

I was just reading comments on a post on Hackernews about systemd. Systemd, as you might know, is a replacement for the venerable init system. Anyway, reading the comments was reading about all the same story over and over again. Namely, there are those strongly pro and those strongly con the systemd, in some cases based on arguments (valid or not) and in other cases based on feelings. In this post I won't go into technical details about systemd but I'll concentrate on a human behavior that is the most interesting to me. And yes, if you think I'm pro systemd, then you're right, I am!

Now, what I think is the key characteristic of people is that they become too religious about something and thus unable to critically evaluate that particular thing. It happened a lot of times, and in some cases the transition from controversy was short, in other cases it took several or more generations of human lives. Take as an example the Christian religion! It also started as something controversial, but ended as a dogma that isn't allowed to be questioned. Or something more technical, ISO/OSI 7 layer model. It started as a controversy - home many layers, 5, 6, or 7? The result of this controversy we know, and after some short period of time it turned into a dogma, i.e. that 7 layers is some magical number of layers that isn't to be questioned. Luckily, I don't think that it is the case any more, that is, it is clear that 7 layers was too much. Anyway, I could list such cases on and on, almost ad infinitum. Note that I don't claim that any controversial change succeeded in the end, some were abandoned and that's (probably) OK.

I should also mention one other interesting thing called customs (as in norm). People lives are intervened with customs. Anyway, we have a tendency to do something that our elders did just because, i.e. we don't know why. I don't think that's bad per se, after all, probably that helped us to survive. The problem with the customs is that they assume slow development and change in environment. In such cases they are very valuable tool to collect and pass experience from generation to generation. But, when development/change speed reaches some tipping point, customs become a problem, not an advantage - and they stall adjustment to new circumstances. So, my personal opinion about customs is that we should respect them, but never forget to analyze if they are applicable/useful or not in a certain situation.

Finally, there is one more characteristic of a human beings, and that is inertia. We used to do things in certain way, and that's hard to change. Actually, I do not think that it is unrelated to religion and customs, actually on the contrary, I think they are related and it might be something else that is behind. But i won't go into that, at least not in this post.

So, what all this has to do with the systemd? Well, there is principle or philosophy in Unix development that states that whatever you program/create in Unix, let it do one thing and let it do it right. For example, tool to search for file should do it well, but not do anything else. And my opinion is that this philosophy turned into a custom and a religion in the same time. Just go through the comments related to SystemD and read them a bit. A substantial number of arguments is based on the premise that there is a principle and it should be obeyed under any cost/circumstance. But all those who bring this argument forget to justify why this principle would be applicable in this particular scenario.

And the state of computing has drastically changed from the time when this philosophy was (supposedly) defined (i.e. 1970-ties) and today's world. Let me say just a few big differences. Machines in the time when Unix was created were multiuser and stationary, with limited resources and capabilities, and they were used for much narrower application domains than today. Today, machines are powerful and inexpensive, used primarily by a single user. They do a lot more than they used to do 40 years ago, and they offer to users a lot more. Finally, users expectations from them are much higher than they used to be.

One advantage of doing one thing and doing it well was that it reduces complexity. In a world when programming was done in C or assembler, this was very important. But it also has a drawback, and that it is that you lose ability to see above the simple things. This in turn, costs you performance but also functionality, i.e. what you can do. Take for example pipes in Unix. They are great for data stored in text organized in a records consisting of lines. But what about JSON, XML and other complex structures? In other word, being simple means you can do just a simple things.

This issue of simple and manageable and complex and more able is actually a theme that occurs in different areas, too. For example, in networking where you have layers, but because cross layer communication is restricted means you have a problems with modern networks. Or, take for example programming and organizing software in simple modules/objects. Again, the more primitive base system is, the more problems you have to achieve complex behavior - in terms of performance, complexity, and so on.

Few more things to add to the mix about Unix development. First, Unix is definitely success. But it doesn't mean that everything that Unix did is a success. There are things that are good, bad, and ugly. Nothing is perfect, nor will ever be. So, we have to keep in mind that Unix can be better. The next thing we have to keep in mind is that each one of us has a particular view on the world, a.k.a. Unix, and our view is not necessarily the right view, or the view of the majority. This fact should influence the way we express ourselves in comments. So, do not over generalize each single personal use case. Yet, there are people who's opinion is more relevant, and that are those that maintain init/systemd and similar systems, as well as those that write scripts/modules for them.

Anyway, I'll stop here. My general opinion is that we are in 21st century and we have to re-evaluate everything we think should be done (customs) and in due course not be religious about certain things.

P.S. Systemd is not a single process/binary but a set of them so it's not monolithic. Yet, some argue its a monolithic! What is a definition of "monolithic"? With that line of reasoning GNU's coreutils is a monolithic software and thus not according to the Unix philosophy!

About Me

scientist, consultant, security specialist, networking guy, system administrator, philosopher ;)